--------------- QuickDiag | g3n-h@ckm@n | V5_27.02.19.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 26/03/2019 18:49:27 Updated 27/02/2019 | 11:10 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Jean-Marie (Administrator)] - [LFS_HYPER_UEFM] (S-1-5-21-324915258-2866797553-3726413251-1001) System: Microsoft Windows 8 - - (6.2.9200) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> () System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 8|C:\Windows|\Device\Harddisk0\Partition4 Boot : Normal boot PC: CQ2904EF - Hewlett-Packard - IdNumber: 4CH3100VPJ - UUID: 2C238515-5AA2-7984-51F0-370493363EDB Processor : X64 - 1397 Mhz - AMD E1-1200 APU with Radeon(tm) HD Graphics 8.17 - fra - AMI - S/N: 4CH3100VPJ - 8.17 - HPQOEM - 1072009 CoreTemp : ? Celsius ----------| Extended ---------- | SoundDevice HD Webcam C310 - Status: OK - Manufacturer: Logitech - PNPDeviceID: USB\VID_046D&PID_081B&MI_02\8&4D0A220&1&0002 Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_103C2AE3&REV_1001\4&2070A159&0&0001 DFX Audio Enhancer - Status: OK - Manufacturer: DFX - PNPDeviceID: ROOT\MEDIA\0000 ---------- | Video AMD Radeon HD 7310 Graphics - Resolution: 1280x1024 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,aticfx32,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll - PNPDeviceID: PCI\VEN_1002&DEV_9809&SUBSYS_2AE3103C&REV_00\3&11583659&0&08 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 402653184 Inegrated Video Chipset DeviceName: AMD Radeon HD 7310 Graphics - DriverVersion: 8.14.01.6374 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 52736 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 79872 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 15360 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\prodad-codec.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 607256 - Manufacturer: proDAD GmbH - Status: OK c:\windows\system32\bdmpega64.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 75784 - Manufacturer: - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 37888 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22528 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 26112 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codecp.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 175616 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\xvidvfw.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 251392 - Manufacturer: - Status: OK c:\windows\system32\lvcod64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 175392 - Manufacturer: Logitech Inc. - Status: OK c:\windows\system32\bdmjpeg64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 75248 - Manufacturer: - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 15360 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\bdmpegv64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 75272 - Manufacturer: - Status: OK ---------- | CPU CPU #1 value:100 % CPU #2 value:100 % Total Overall CPU Usage value:100 % ---------- | Network Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller [NDIS 6.30] : SENT:77 bytes/sec / RECVD:77 bytes/sec isatap.home : SENT:0 bytes/sec / RECVD:0 bytes/sec Connexion au réseau local* 11 : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:100 bytes/sec, / RECEIVE Maximum:77 bytes/sec WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000 WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000 WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000 WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000 WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000 WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000 WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000 WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000 Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 RAS Async Adapter - - - Status: - PnPID : Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30) - Ethernet 802.3 - Qualcomm Atheros - Status: - PnPID : PCI\VEN_1969&DEV_2062&SUBSYS_2AE3103C&REV_C1\4&186C6B44&0&00A9 Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0000 TAP-Windows Adapter V9 - Ethernet 802.3 - TAP-Windows Provider V9 - Status: - PnPID : ROOT\NET\0000 Microsoft Teredo Tunneling Adapter - Tunnel - Microsoft - Status: - PnPID : ROOT\*TEREDO\0000 Remote NDIS based Internet Sharing Device - - - Status: - PnPID : Carte Microsoft ISATAP - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0001 ---------- | Memory RAM = Total (MB) : 3748 | Free (MB) : 954 Pagefile = Total (MB) : 5664 | Free (MB) : 2525 Virtual = Total (MB) : 4194 | Free (MB) : 3906 Physical Memory 0 : Capacity: 4294967296 - A1_DIMM0 - Posit.: 0 - Manufacturer: Micron - PartNumber: 8JTF51264AZ-1G6E1 - S/N: DEA02E9 ---------- | SID Users Administrateur : [S-1-5-21-324915258-2866797553-3726413251-500] Invité : [S-1-5-21-324915258-2866797553-3726413251-501] Jean-Marie : [S-1-5-21-324915258-2866797553-3726413251-1001] postgres : [S-1-5-21-324915258-2866797553-3726413251-1004] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] WinRMRemoteWMIUsers__ : [S-1-5-21-324915258-2866797553-3726413251-1000] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [OS] | Total : 458.3 Go | Free : 151.11 Go -> NTFS [SATA] D:\ -> [Fixed] | [Recovery Image] | Total : 13.06 Go | Free : 0.99 Go -> NTFS [SATA] E:\ -> [Removable] | [future wdet] | Total : 59.5 Go | Free : 53.57 Go -> exFAT [USB] H:\ -> [Removable] | [samsung fit 128 Go] | Total : 119.5 Go | Free : 119.41 Go -> NTFS [USB] I:\ -> [Fixed] | [backup plus rouge] | Total : 4657.4 Go | Free : 761.99 Go -> NTFS [USB] J:\ -> [Removable] | [FRAMA SALIX] | Total : 14.52 Go | Free : 7.82 Go -> FAT32 [USB] K:\ -> [Fixed] | [windows2go workspace] | Total : 57.6 Go | Free : 2.73 Go -> NTFS (SSD) [USB] M:\ -> [Removable] | [] | Total : 14.91 Go | Free : 14.81 Go -> FAT32 [USB] N:\ -> [Removable] | [FRAMA SALIX] | Total : 1.86 Go | Free : 0.47 Go -> FAT32 [USB] O:\ -> [Removable] | [XFCE SFCE] | Total : 115.66 Go | Free : 115.66 Go -> FAT32 [USB] Q:\ -> [Removable] | [] | Total : 1.83 Go | Free : 0 Go -> FAT [USB] U:\ -> [Removable] | [CUBUNTU] | Total : 7.2 Go | Free : 0.07 Go -> FAT32 [USB] Z:\ -> [Fixed] | [backup plus bleu] | Total : 4657.4 Go | Free : 761.77 Go -> NTFS [USB] Disk Usage Information [12 total Physical Disks] Physical Drive #0 [C:, D:] : Read:68,266 bytes/sec, Written:0 bytes/sec Max Read:68,266 bytes/sec, Max Write:0 bytes/sec Physical Drive #3 [E:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #4 [M:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #5 [H:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #6 [N:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #7 [O:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #8 [U:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #9 [Q:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, J:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [I:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, Z:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [K:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:68,266 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE11 - Status: OK - SCSI - External hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_SEAGATE&PROD_BUP_BL\000000 DeviceID: \\.\PHYSICALDRIVE10 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_VERBATIM&PROD_STORE_N_GO&REV_1100\1313260000000030&0 DeviceID: \\.\PHYSICALDRIVE4 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERAL&PROD_USB_FLASH_DISK&REV_1.00\05077900000000F6&0 DeviceID: \\.\PHYSICALDRIVE5 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SAMSUNG&PROD_FLASH_DRIVE_FIT&REV_1100\0363316010027335&0 DeviceID: \\.\PHYSICALDRIVE9 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_STORAGE_DEVICE&REV_FT01\000000000001&GL&03 DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 7 Part. - PnPID : SCSI\DISK&VEN_WDC_WD10&PROD_EZEX-60ZF5A0\4&32E8E4A0&0&000000 DeviceID: \\.\PHYSICALDRIVE7 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_ULTRA_FIT&REV_1.00\4C530001050902110312&0 DeviceID: \\.\PHYSICALDRIVE6 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_&PROD_FIXMESTICK&REV_8.07\4869B7004BE43CLL02797&0 DeviceID: \\.\PHYSICALDRIVE3 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_REALSIL&PROD_RTSUERLUN0&REV_1.00\0000 DeviceID: \\.\PHYSICALDRIVE8 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_TOSHIBA&PROD_TRANSMEMORY&REV_1.00\0022CFF6BDF8C080958BAE56&0 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - SCSI - External hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_SEAGATE&PROD_BUP_RD\000000 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - External hard disk media - 1 Part. - PnPID : USBSTOR\DISK&VEN_KINGSTON&PROD_DT_WORKSPACE&REV_KS15\0018F30C9FDC0I50E10C0026&0 ---------- | Windows updates - Activation - License W.A.T : :) Last detection : 2019-03-11 13:26:31 Downloaded last ones : 2019-02-25 13:51:28 Installed last ones : 2019-02-25 13:53:48 Next search : 2019-03-12 07:38:26 Windows 8.1 not installed !!! Test 1 : Windows Is Activated Volume License ---------- | Browsers IE : 10.0.9200.16442 (© Microsoft Corporation. Tous droits réservés.) FF : 65.0.2.6995 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 72.0.3626.109 (Copyright 2018 Google Inc.) Default : "C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" -- "" ---------- | FlashPlayer FlashPlayer ActiveX : 20.0.0.272 FlashPlayer Plugin : 32.0.0.142 ---------- | Security AV : AVG Antivirus Disabled AS : AVG Antivirus Disabled FW : AVG Antivirus Enabled WMI : OK WU: Windows Update Service [Disabled(4)] = stopped AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 360 | [Owner : Système | Parent : 4(System) | 0.14 Mo] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (6.2.9200.16384) = C:\Windows\System32\smss.exe [26/07/2012 06:26:45] CPU Usage:0 % 504 | [Owner : Système | Parent : 496() | 2.49 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.2.9200.16384) = C:\Windows\System32\csrss.exe [26/07/2012 06:26:45] CPU Usage:0 % 612 | [Owner : Système | Parent : 496() | 0.3 Mo] - (.Microsoft Corporation - Application de démarrage de Windows.) - (6.2.9200.16384) = C:\Windows\System32\wininit.exe [26/07/2012 01:03:20] CPU Usage:0 % 624 | [Owner : Système | Parent : 604() | 8.45 Mo] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (6.2.9200.16384) = C:\Windows\System32\csrss.exe [26/07/2012 06:26:45] CPU Usage:0 % 676 | [Owner : Système | Parent : 604() | 0.76 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (6.2.9200.17581) = C:\Windows\System32\winlogon.exe [05/09/2018 22:30:08] CPU Usage:0 % 712 | [Owner : Système | Parent : 612(wininit.exe) | 6.6 Mo] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (6.2.9200.17343) = C:\Windows\System32\services.exe [05/09/2018 22:08:33] CPU Usage:0 % 720 | [Owner : Système | Parent : 612(wininit.exe) | 9.6 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.2.9200.16864) = C:\Windows\System32\lsass.exe [05/09/2018 14:54:27] CPU Usage:0 % 840 | [Owner : Système | Parent : 712(services.exe) | 4.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.2.9200.16420) = C:\Windows\System32\svchost.exe [05/03/2013 09:01:53] CPU Usage:0 % 928 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 5.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.2.9200.16420) = C:\Windows\System32\svchost.exe [05/03/2013 09:01:53] CPU Usage:0 % 992 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 16.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.2.9200.16420) = C:\Windows\System32\svchost.exe [05/03/2013 09:01:53] CPU Usage:0 % 1020 | [Owner : DWM-1 | Parent : 676(winlogon.exe) | 27.77 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (6.2.9200.16420) = C:\Windows\System32\dwm.exe [05/03/2013 09:02:00] CPU Usage:4 % 912 | [Owner : Système | Parent : 712(services.exe) | 29.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.2.9200.16420) = C:\Windows\System32\svchost.exe [05/03/2013 09:01:53] CPU Usage:0 % 644 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 11.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.2.9200.16420) = C:\Windows\System32\svchost.exe [05/03/2013 09:01:53] CPU Usage:0 % 1080 | [Owner : Système | Parent : 712(services.exe) | 55.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.2.9200.16420) = C:\Windows\System32\svchost.exe [05/03/2013 09:01:53] CPU Usage:0 % 1200 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 15.37 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.2.9200.16420) = C:\Windows\System32\svchost.exe [05/03/2013 09:01:53] CPU Usage:0 % 1308 | [Owner : Système | Parent : 712(services.exe) | 40.99 Mo] - (.AVG Technologies CZ, s.r.o. - AVG Service.) - (19.3.4241.0) = C:\Program Files\AVG\Antivirus\AVGSvc.exe [08/03/2019 21:49:52] CPU Usage:4 % 1504 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 15.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.2.9200.16420) = C:\Windows\System32\svchost.exe [05/03/2013 09:01:53] CPU Usage:0 % 2040 | [Owner : Système | Parent : 712(services.exe) | 1.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.2.9200.16420) = C:\Windows\System32\svchost.exe [05/03/2013 09:01:53] CPU Usage:0 % 2412 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 3.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.2.9200.16420) = C:\Windows\System32\svchost.exe [05/03/2013 09:01:53] CPU Usage:0 % 2956 | [Owner : SERVICE RÉSEAU | Parent : 712(services.exe) | 2.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.2.9200.16420) = C:\Windows\System32\svchost.exe [05/03/2013 09:01:53] CPU Usage:0 % 3052 | [Owner : SERVICE LOCAL | Parent : 712(services.exe) | 5.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.2.9200.16420) = C:\Windows\System32\svchost.exe [05/03/2013 09:01:53] CPU Usage:0 % 4208 | [Owner : Jean-Marie | Parent : 4988() | 37.81 Mo] - (.AVG Technologies CZ, s.r.o. - AVG Antivirus.) - (19.3.4241.0) = C:\Program Files\AVG\Antivirus\AVGUI.exe [08/03/2019 21:50:18] CPU Usage:21 % 3588 | [Owner : Jean-Marie | Parent : 4364() | 51.24 Mo] - (.Microsoft Corporation - Gestionnaire des tâches.) - (6.2.9200.16465) = C:\Windows\System32\Taskmgr.exe [06/09/2018 05:46:03] CPU Usage:0 % 408 | [Owner : SERVICE LOCAL | Parent : 1080(svchost.exe) | 3.58 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (6.2.9200.16384) = C:\Windows\System32\WUDFHost.exe [26/07/2012 02:00:55] CPU Usage:0 % 4176 | [Owner : Jean-Marie | Parent : 1516() | 359.74 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (6.2.9200.16628) = C:\Windows\explorer.exe [06/09/2018 00:20:25] CPU Usage:0 % 2204 | [Owner : Jean-Marie | Parent : 840(svchost.exe) | 8.78 Mo] - (.Microsoft Corporation - COM Surrogate.) - (6.2.9200.16384) = C:\Windows\System32\dllhost.exe [26/07/2012 00:59:13] CPU Usage:0 % 1044 | [Owner : SERVICE LOCAL | Parent : 1080(svchost.exe) | 1.58 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.2.9200.16384) = C:\Windows\System32\dasHost.exe [26/07/2012 03:06:14] CPU Usage:0 % 4880 | [Owner : Jean-Marie | Parent : 712(services.exe) | 4.35 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.2.9200.16547) = C:\Windows\System32\taskhost.exe [05/09/2018 08:20:18] CPU Usage:0 % 4600 | [Owner : Jean-Marie | Parent : 712(services.exe) | 1.42 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (6.2.9200.16547) = C:\Windows\System32\taskhostex.exe [05/09/2018 08:20:07] CPU Usage:0 % 4548 | [Owner : Système | Parent : 712(services.exe) | 3.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (6.2.9200.16420) = C:\Windows\System32\svchost.exe [05/03/2013 09:01:53] CPU Usage:0 % 5300 | [Owner : Jean-Marie | Parent : 3588(Taskmgr.exe) | 37.98 Mo] - (.SosVirus - AdsFix.) - (6.3.19.1) = C:\Users\Jean-Marie\Desktop\adsfix_V6_06.03.19.1.exe [26/03/2019 18:35:01] CPU Usage:18 % 5200 | [Owner : Système | Parent : 840(svchost.exe) | 6.4 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.2.9200.16384) = C:\Windows\System32\wbem\WmiPrvSE.exe [26/07/2012 03:36:07] CPU Usage:0 % 812 | [Owner : SERVICE RÉSEAU | Parent : 840(svchost.exe) | 7.05 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.2.9200.16518) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [05/09/2018 15:55:09] CPU Usage:0 % 5956 | [Owner : Jean-Marie | Parent : 3588(Taskmgr.exe) | 49.72 Mo] - (.SosVirus - QuickDiag.) - (27.2.19.1) = C:\Users\Jean-Marie\Desktop\quickdiag_V5_27.02.19.1.exe [26/03/2019 18:38:00] CPU Usage:0 % 3324 | [Owner : Jean-Marie | Parent : 3588(Taskmgr.exe) | 80.86 Mo] - (.- ZHPCleaner.) - (2019.3.25.39) = C:\Users\Jean-Marie\Desktop\ZHPCleaner.exe [26/03/2019 18:47:54] CPU Usage:16 % 4560 | [Owner : SERVICE RÉSEAU | Parent : 840(svchost.exe) | 9.08 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.2.9200.16384) = C:\Windows\System32\wbem\WmiPrvSE.exe [26/07/2012 03:36:07] CPU Usage:0 % ---------- | Locked Applications ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (.COMODO.-.COMODO Secure Shopping.) - (1.3.50284.151) -- C:\Windows\system32\cssguard64.dll (.www.startisback.com.-.OldNewExplorer shell enhancements.) - (1.1.7.1) -- C:\Program Files (x86)\UX Pack\OldNewExplorer\OldNewExplorer64.dll (.Advanced Micro Devices, Inc. .-.aticfx64.dll.) - (8.17.10.1280) -- C:\Windows\SYSTEM32\aticfx64.dll (.Advanced Micro Devices, Inc. .-.atiuxpag.dll.) - (8.14.1.6374) -- C:\Windows\SYSTEM32\atiuxp64.dll (.Advanced Micro Devices, Inc. .-.atidxx64.dll.) - (8.17.10.545) -- C:\Windows\SYSTEM32\atidxx64.dll (.Apple Inc..-.Bonjour Namespace Provider.) - (2.0.2.0) -- C:\Program Files\Bonjour\mdnsNSP.dll (.Moo0.-.Moo0 Shell Extension Bridge.) - (1.0.0.1) -- C:\Windows\System32\ShellExtBridge\ShellExtBridge119.dll (.Moo0.-.RightClicker Shell.) - (1.0.0.1) -- C:\Program Files (x86)\Moo0\RightClicker Pro 1.56\RightClickerShell.dll (.Advanced Micro Devices, Inc..-.AMD Desktop Control Panel.) - (6.14.10.2001) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll (.Advanced Micro Devices, Inc..-.AMD Desktop Control Panel.) - (6.14.10.2001) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamfra.dll (.Bandisoft.com.-.Bandizip shell menu dll.) - (6.20.0.1) -- C:\Program Files\Bandizip\bdzshl64.dll (.ProtectStar(TM), Inc..-.iShredder Shell Extension.) - (7.0.1807.0) -- C:\Program Files (x86)\ProtectStar\DataShredder\DataShredderShellExt64.dll (..-..) - (12.6.1005.11662) -- C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareShellExtension.dll (.Nero AG.-.Nero Burning ROM Shell Extension.) - (15.0.13.0) -- C:\Program Files (x86)\Common Files\Nero\NeroShellExt\x64\NeroShellExt.dll (.Nero AG.-.Nero Solution Explorer Dynamic Link Library.) - (15.0.2.0) -- C:\Program Files (x86)\Common Files\Nero\NeroShellExt\x64\SolutionExplorer.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.61.0.0) -- C:\Program Files\WinRAR\rarext.dll (.IObit.-.IObitUnlockerExtension.) - (1.2.0.2) -- C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll (..-..) - (0.0.0.0) -- C:\PROGRA~1\TeraCopy\TERACO~1.DLL (.Crawler Group.-.Spyware Terminator 2015 Shell Menu Extension.) - (3.0.0.101) -- C:\Program Files (x86)\Spyware Terminator\STShell64.dll (.IObit.-.IObit Smart Defrag Extension.) - (1.0.0.25) -- C:\Windows\System32\IObitSmartDefragExtension.dll (.IObit.-.Protected Folder Shell Extension.) - (4.2.0.0) -- C:\Program Files (x86)\IObit\Protected Folder\PfShellExtension.dll (..-..) - (1.0.0.0) -- C:\PROGRA~1\Loaris Trojan Remover\shellext.dll (.Killer{R}.-.KillCopy Shell Extension DLL.) - (1.0.0.1) -- C:\Program Files (x86)\KillSoft\KillCopy\killcopy_amd64.dll (.K7 Computing Pvt Ltd.-.K7TotalSecurity Console SysTray Extension.) - (15.2.2.21) -- C:\Program Files (x86)\K7 Computing\K7TSecurity\K7TSSExt64.dll (.AVG Technologies CZ, s.r.o..-.AVG Shell Extension.) - (19.3.4241.0) -- C:\Program Files\AVG\Antivirus\ashShell.dll (.AVG Technologies CZ, s.r.o..-.AVG AAVM Remote Procedure Call Library.) - (19.3.4241.0) -- C:\Program Files\AVG\Antivirus\AavmRpch.dll (..-.ShellHandler for Notepad++ (64 bit).) - (0.1.0.0) -- C:\Program Files\Notepad++\NppShell_06.dll (.AIMP DevTeam.-.Context Menu Extension.) - (4.0.0.0) -- C:\Program Files (x86)\AIMP\System\aimp_menu64.dll (.CyberLink Corp..-.CyberLink PowerDVDShell.) - (1.0.0.0) -- C:\ProgramData\CyberLink\PowerDVD18\OpenWith\PDVD_Shell64.dll (.ArcticLine Software.-.Shell extension for Folder Marker.) - (4.3.0.0) -- C:\Program Files (x86)\Folder Marker\ShellExt64.dll (..-..) - (0.0.0.0) -- C:\Program Files (x86)\NiceCopier\NCHookDll.dll (..-..) - (0.0.0.0) -- C:\Program Files\TeraCopy\TeraCopy64.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (.COMODO.-.COMODO Secure Shopping.) - (1.3.50284.151) -- C:\Windows\system32\cssguard64.dll (.Realtek Semiconductor Corp..-.Realtek(r) LFX/GFX DSP component.) - (11.0.6000.618) -- C:\Windows\system32\RltkAPO64.dll (.Apple Inc..-.Bonjour Namespace Provider.) - (2.0.2.0) -- C:\Program Files\Bonjour\mdnsNSP.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up Jing - (C:\Program Files (x86)\TechSmith\Jing\Jing.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\...\Run]) - User: LFS_HYPER_UEFM\Jean-Marie AshSnap - (C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\...\Run]) - User: LFS_HYPER_UEFM\Jean-Marie tcactive - (C:\Program Files (x86)\The Cleaner\tcap.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\...\Run]) - User: LFS_HYPER_UEFM\Jean-Marie movavi_suite_18.2.0_screenrecorder - ("C:\Users\Jean-Marie\AppData\Roaming\Movavi Video Suite 18\ScreenRecorder.exe" --hideAppToTrayOnStart=true [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\...\Run]) - User: LFS_HYPER_UEFM\Jean-Marie U - (C:\ProgramData\CyberLink\U\U.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\...\Run]) - User: LFS_HYPER_UEFM\Jean-Marie DCUpdateScanner - ("C:\Program Files (x86)\Downloadcrew UpdateScanner\UpdateScanner.exe" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\...\Run]) - User: LFS_HYPER_UEFM\Jean-Marie Internet Download Accelerator - (C:\Program Files (x86)\IDA\ida.exe -autorun [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\...\Run]) - User: LFS_HYPER_UEFM\Jean-Marie AVGBrowserAutoLaunch_433EA2E10981FB542767AB6C8484FDBF - ("C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" --restore-last-session [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\...\Run]) - User: LFS_HYPER_UEFM\Jean-Marie CloudSystemBooster - ("C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe" /hide /autorun [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\...\Run]) - User: LFS_HYPER_UEFM\Jean-Marie WallpaperHd - ("C:\Users\Jean-Marie\AppData\Local\WallpaperHd\WallpaperHd.exe" /regrun [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\...\Run]) - User: LFS_HYPER_UEFM\Jean-Marie desktop - (desktop.ini [Common Startup]) - User: Public SpywareTerminatorShield - (C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [HKLM\SOFTWARE\...\Run]) - User: Public SpywareTerminatorUpdater - (C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [HKLM\SOFTWARE\...\Run]) - User: Public AdAwareTray - ("C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareTray.exe" [HKLM\SOFTWARE\...\Run]) - User: Public RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public Malwarebytes Windows Firewall Control - ("C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe" [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Command Processor] "PathCompletionChar"=9 "EnableExtensions"=1 "CompletionChar"=9 "DefaultColor"=0 "DelayedExpansion"=0 [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Jing"=C:\Program Files (x86)\TechSmith\Jing\Jing.exe [11/09/2015 15:21:34] "AshSnap"=C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe [04/02/2019 12:48:08] "tcactive"=C:\Program Files (x86)\The Cleaner\tcap.exe [04/02/2019 12:57:10] "movavi_suite_18.2.0_screenrecorder"="C:\Users\Jean-Marie\AppData\Roaming\Movavi Video Suite 18\ScreenRecorder.exe" --hideAppToTrayOnStart=true "U"=C:\ProgramData\CyberLink\U\U.exe [21/12/2018 13:40:16] "DCUpdateScanner"="C:\Program Files (x86)\Downloadcrew UpdateScanner\UpdateScanner.exe" "Internet Download Accelerator"=C:\Program Files (x86)\IDA\ida.exe -autorun "AVGBrowserAutoLaunch_433EA2E10981FB542767AB6C8484FDBF"="C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" --restore-last-session "CloudSystemBooster"="C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe" /hide /autorun "WallpaperHd"="C:\Users\Jean-Marie\AppData\Local\WallpaperHd\WallpaperHd.exe" /regrun [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "U"=0x020000000000000000000000 "KillCopy"=0x020000000000000000000000 "Adlice CDE"=0x020000000000000000000000 ""=0x020000000000000000000000 "EPLTarget\P0000000000000000"=0x020000000000000000000000 "KeepVidMusicService"=0x020000000000000000000000 "AshSnap"=0x020000000000000000000000 "WallpaperHd"=0x020000000000000000000000 "Advanced SystemCare Ultimate"=0x020000000000000000000000 "Jing"=0x020000000000000000000000 "Xvid"=0x020000000000000000000000 "tcactive"=0x020000000000000000000000 "CloudSystemBooster"=0x020000000000000000000000 "movavi_suite_18.2.0_screenrecorder"=0x020000000000000000000000 "DLPRO-5"=0x020000000000000000000000 "DCUpdateScanner"=0x020000000000000000000000 "Internet Download Accelerator"=0x020000000000000000000000 "AVGBrowserAutoLaunch_433EA2E10981FB542767AB6C8484FDBF"=0x020000000000000000000000 [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=C:\Users\Jean-Marie\Desktop\processclose_2_08.01.17.1.exe\1 "MRUList"=gfeadcb "b"=iexplore\1 "c"="C:\Program Files\Pale Moon\palemoon.exe"\1 "d"=msconfig\1 "e"=C:\Users\Jean-Marie\Desktop\adsfix_V6_06.03.19.1.exe\1 "f"=C:\Users\Jean-Marie\Desktop\quickdiag_V5_27.02.19.1.exe\1 "g"=C:\Users\Jean-Marie\Desktop\ZHPCleaner.exe\1 [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "UserSelectedDefault"=1 "Device"=EPSON XP-710 Series,winspool,Ne04: [HKLM\Software\Microsoft\Command Processor] "PathCompletionChar"=64 "EnableExtensions"=1 "CompletionChar"=64 "DefaultColor"=0 "DelayedExpansion"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SpywareTerminatorShield"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [21/02/2019 15:49:20] "SpywareTerminatorUpdater"=C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [21/02/2019 15:49:21] "AdAwareTray"="C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareTray.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "Malwarebytes Windows Firewall Control"="C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe" [HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx] "flags"=8 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "AvastUI.exe"=0x020000000000000000000000 "AdobeGCInvoker-1.0"=0x020000000000000000000000 "WinZip UN"=0x020000000000000000000000 "WinZip PreLoader"=0x020000000000000000000000 "AVGUI.exe"=0x020000000000000000000000 "SpywareTerminatorShield"=0x020000000000000000000000 "SpywareTerminatorUpdater"=0x020000000000000000000000 "AdAwareTray"=0x020000000000000000000000 "RTHDVCPL"=0x020000000000000000000000 "Malwarebytes Windows Firewall Control"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "StartCCC"=0x040000000000000000000000 "CLMLServer_For_P2G8"=0x040000000000000000000000 "CLVirtualDrive"=0x040000000000000000000000 "Wondershare Helper Compact.exe"=0x020000000000000000000000 "Aimersoft Helper Compact.exe"=0x020000000000000000000000 "JetStart"=0x020000000000000000000000 "KeePass 2 PreLoad"=0x020000000000000000000000 "SDTray"=0x020000000000000000000000 "Adobe Creative Cloud"=0x020000000000000000000000 "Dropbox"=0x020000000000000000000000 "EEventManager"=0x020000000000000000000000 "YouCam Service8"=0x020000000000000000000000 ""=0x020000000000000000000000 "K7TSStart"=0x020000000000000000000000 "CommonToolkitTray"=0x020000000000000000000000 "vdcss"=0x020000000000000000000000 "CAMTray"=0x020000000000000000000000 "AVGUI.exe"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "Spooler"=yes "DeviceNotSelectedTimeout"=15 "TransmissionRetryTimeout"=90 "ShutdownWarningDialogTimeout"=4294967295 "USERProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "DesktopHeapLogging"=1 "DdeSendTimeout"=0 "USERPostMessageLimit"=10000 "USERNestedWindowLimit"=50 "NaturalInputHandler"=Ninput.dll "ThreadUnresponsiveLogTimeout"=500 "GDIProcessHandleQuota"=10000 "RequireSignedAppInit_DLLs"=1 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "PathCompletionChar"=64 "EnableExtensions"=1 "CompletionChar"=64 "DefaultColor"=0 "DelayedExpansion"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "K7TSStart"=C:\Program Files (x86)\K7 Computing\K7TSecurity\K7TSecurity.exe [15/12/2017 06:13:01] "vdcss"="C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe" -tray "CAMTray"="C:\Program Files (x86)\CyberLink\AppManager\CAMTray.exe" /AutoRun "AVGUI.exe"="C:\Program Files\AVG\Antivirus\AvLaunch.exe" /gui "Babylon Client"=C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart "BabylonToolbar"="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I "UnlockerAssistant"="C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "Spooler"=yes "DeviceNotSelectedTimeout"=15 "TransmissionRetryTimeout"=90 "ShutdownWarningDialogTimeout"=4294967295 "USERProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "DesktopHeapLogging"=1 "DdeSendTimeout"=0 "USERPostMessageLimit"=10000 "USERNestedWindowLimit"=50 "NaturalInputHandler"=Ninput.dll "ThreadUnresponsiveLogTimeout"=500 "GDIProcessHandleQuota"=10000 "LoadAppInit_DLLs"=1 "AppInit_DLLs"= [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List Antivirus Emergency Update Boost EPSON XP-710 Series Invitation {2C6FA55B-2D45-4F1A-A7E2-2F5337CF461B} EPSON XP-710 Series Update {2C6FA55B-2D45-4F1A-A7E2-2F5337CF461B} Optimize Start Menu Cache Files-S-1-5-21-324915258-2866797553-3726413251-1001 ---------- | Startings up registry ¦ Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "BootDriverFlags"=28 "CurrentUser"=USERNAME "WaitToKillServiceTimeout"=2000 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(4)partition(4) "FirmwareBootDevice"=multi(0)disk(0)rdisk(4)partition(2) "LastBootSucceeded"=1 "LastBootShutdown"=0 "DirtyShutdownCount"=67 "ServicesPipeTimeout"=60000 [HKLM\System\CurrentControlSet\Control\lsa] "Bounds"=0x0030000000200000 "auditbasedirectories"=0 "fullprivilegeauditing"=0x00 "crashonauditfail"=0 "auditbaseobjects"=0 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Security Packages"=kerberos msv1_0 schannel wdigest tspkg pku2u livessp "Authentication Packages"=msv1_0 "LsaPid"=720 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "enabledcom"=y [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "GlobalFlag"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapDeCommitFreeBlockThreshold"=0 "ResourceTimeoutCount"=648000 "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "CriticalSectionTimeout"=2592000 "ProcessorControl"=2 "HeapSegmentReserve"=0 "ExcludeFromKnownDlls"= "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "NumberOfInitialSessions"=2 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "AutoChkTimeout"=5 "279ee359"=WK=BW!0(1(G9YUuiaugk"Bojct"*;5+YBoanscutYBoanscuHgrhencu,cc(@HUWK(2363333(;3333330(V/2/6/12/017:2616;/1;554:4660/0415720162/2332YVi`spgucYIoeuiti`sYRohbiptYGruuchsScutoihYWrh(@HUWK/6(G9YUuiaugk"Bojct"*;5+YBoanscutYBoanscuHgrhencu,cc"@HUWK((24`(1c{{YY OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Control Panel\Desktop] "DragHeight"=4 "CoolSwitchColumns"=7 "ActiveWndTrackTimeout"=0 "MouseCornerClipLength"=6 "DragWidth"=4 "WallpaperStyle"=10 "ScreenSaveActive"=1 "TileWallpaper"=0 "WheelScrollLines"=3 "FontSmoothingType"=2 "WindowArrangementActive"=1 "BlockSendInputResets"=0 "ClickLockTime"=1200 "CaretWidth"=5 "FocusBorderWidth"=1 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "DragFullWindows"=1 "CoolSwitchRows"=3 "ForegroundFlashCount"=7 "LeftOverlapChars"=3 "FontSmoothingGamma"=0 "DragFromMaximize"=1 "FontSmoothing"=2 "FocusBorderHeight"=1 "WheelScrollChars"=3 "DockMoving"=1 "SnapSizing"=1 "CursorBlinkRate"=530 "RightOverlapChars"=3 "FontSmoothingOrientation"=1 "PaintDesktopVersion"=0 "ScreenSaverIsSecure"=1 "UserPreferencesMask"=0xDF1E078012000000 "ActiveWndTrkTimeout"=0 "AutoColorization"=1 "Wallpaper"=C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\2018-12-11.jpg [13/01/2019 14:05:09] "MaxVirtualDesktopDimension"=1280 "MaxMonitorDimension"=1280 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC301001372070080070000B0040000CBC6FB9C40ABD40143003A005C00550073006500720073005C004A00650061006E002D004D0061007200690065005C0041007000700044006100740061005C004C006F00630061006C005C004D006900630072006F0073006F00660074005C00570069006E0064006F00770073005C005400680065006D00650073005C0052006F0061006D00650064005400680065006D006500460069006C00650073005C004400650073006B0074006F0070004200610063006B00670072006F0075006E0064005C0032003000310038002D00310032002D00310031002E006A00700067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ImageColor"=2707132341 "PreferredUILanguages"=fr-FR "MenuShowDelay"=0 "AutoEndTasks"=0 "HungAppTimeout"=200 "WaitToKillAppTimeout"=200 "ForegroundLockTimeout"=150000 [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Policies\Microsoft\Windows\System] "disablecmd"=0 [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System] "disableregistrytools"=0 [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"=0 "TaskbarNoResize"=1 "ConfirmFileDelete"=1 "NoSimpleNetIDList"=1 "NolowDiskSpaceChecks"=1 "NoDriveTypeAutoRun"=255 [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003028010000000000000000000000000001000000130000000000000062000000 "SIDUpdatedOnLibraries"=1 "LastClockSize"=0x270000000F000000460000000F000000410000000F000000 "Browse For Folder Width"=624 "Browse For Folder Height"=473 "GlobalAssocChangedCounter"=330 "DesktopProcess"=1 "link"=0x00000000 [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=1 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewShadow"=1 "StartMenuInit"=5 "HideDrivesWithNoMedia"=1 "TaskbarSizeMove"=1 "DisablePreviewDesktop"=0 "TaskbarGlomLevel"=0 "ReindexedProfile"=1 "PersistBrowsers"=0 "EncryptionContextMenu"=1 "FolderContentsInfoTip"=1 "Start_TrackProgs"=1 "TaskbarSmallIcons"=0 "nonetcrawling"=1 "ListviewAlphaSelect"=0 "TaskbarAnimations"=0 "AlwaysShowMenus"=0 "ExtendedUIHoverTime"=0 "DesktopLivePreviewHoverTime"=0 "NavPaneShowAllFolders"=1 [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x00000000FFFFFFFF "0"=0x6D0075006C007400690063006F006D006D0061006E006400650072000000 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableVirtualization"=1 "EnableInstallerDetection"=1 "PromptOnSecureDesktop"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "ConsentPromptBehaviorAdmin"=5 "ValidateAdminCodeSignatures"=0 "EnableUIADesktopToggle"=0 "EnableCursorSuppression"=1 "ConsentPromptBehaviorUser"=3 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableSecureUIAPath"=1 "SoftwareSASGeneration"=1 "DisableRegistryTools"=0 "EnableLinkedConnections"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"=0 "NoRecentDocsHistory"=0 "NoDriveTypeAutoRun"=255 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "HKeyRoot"=2147483649 "DefaultValue"=2 "ValueName"=Hidden "Text"=@shell32.dll,-30500 "Type"=radio "HelpID"=shell.hlp#51105 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "SmartScreenEnabled"=RequireAdmin "GlobalAssocChangedCounter"=89 "ShowDriveLettersFirst"=4 "MultipleInvokePromptMinimum"=10000 "Max Cached Icons"=2000 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "EnableVirtualization"=1 "EnableInstallerDetection"=1 "PromptOnSecureDesktop"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "ConsentPromptBehaviorAdmin"=5 "ValidateAdminCodeSignatures"=0 "EnableUIADesktopToggle"=0 "EnableCursorSuppression"=1 "ConsentPromptBehaviorUser"=3 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 "EnableSecureUIAPath"=1 "SoftwareSASGeneration"=1 "DisableRegistryTools"=0 "EnableLinkedConnections"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDrives"=0 "NoRecentDocsHistory"=0 "NoDriveTypeAutoRun"=255 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "HKeyRoot"=2147483649 "DefaultValue"=2 "ValueName"=Hidden "Text"=@shell32.dll,-30500 "Type"=radio "HelpID"=shell.hlp#51105 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "GlobalAssocChangedCounter"=323 "Max Cached Icons"=2000 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s ---------- | Winlogon [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin "BuildNumber"=9200 "FirstLogon"=0 "ParseAutoexec"=1 "AutoRestartShell"=0 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"=C:\Windows\system32\userinit.exe, "LegalNoticeText"= "Shell"=Explorer.exe "LegalNoticeCaption"= "DebugServerCommand"=no "ForceUnlockLogon"=0 "ReportBootOk"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=0 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "Background"=0 0 0 "PasswordExpiryWarning"=5 "CachedLogonsCount"=10 "WinStationsDisabled"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "scremoveoption"=0 "DisableCAD"=1 "ShutdownFlags"=2147483687 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-324915258-2866797553-3726413251-1001 "LastUsedUsername"=Jean-Marie "AutoAdminLogon"=1 "DefaultUserName"=Jean-Marie "LegalNotice Text"= "SFCDisable"=0 "System"= "DefaultDomainName"=LFS_Hyper_UEFM [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"=userinit.exe "Shell"=explorer.exe "VMApplet"=SystemPropertiesPerformance.exe /pagefile "DefaultDomainName"= "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultUserName"= "AutoRestartShell"=0 "allocatecdroms"=0 "SFCDisable"=0 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "PerceivedType"=text "Content Type"=application/hta [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=4259840 "BrowserFlags"=4096 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "NeverShowExt"= "EditFlags"=131072 "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForBrowse"=delta ""=Folder "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "ThumbnailCutoff"=0 "NoRecentDocs"= "TileInfo"=prop:System.Title;System.ItemTypeText [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "PerceivedType"=text "Content Type"=application/hta [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=4259840 "BrowserFlags"=4096 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "NeverShowExt"= "EditFlags"=131072 "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForBrowse"=delta ""=Folder "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size "ThumbnailCutoff"=0 "NoRecentDocs"= "TileInfo"=prop:System.Title;System.ItemTypeText [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\BaiduSpark\Shell\open\Command] ""= [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\BaiduSpark\InstallInfo] "ReinstallCommand"= [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\Brave\Shell\open\Command] ""=C:\Users\Jean-Marie\AppData\Local\Brave\Brave.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\Brave\InstallInfo] "ReinstallCommand"= [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\Firefox-6F193CCC56814779\Shell\open\Command] ""="C:\Program Files\Firefox Nightly\firefox.exe" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\Firefox-6F193CCC56814779\InstallInfo] "ReinstallCommand"="C:\Program Files\Firefox Nightly\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\Firefox-E7CF176E110C211B\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\Firefox-E7CF176E110C211B\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\Google Chrome.NVRKRG42C5N6USD6I7WZDS624Y\Shell\open\Command] ""="C:\Users\Jean-Marie\AppData\Local\Google\Chrome\Application\chrome.exe" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\Google Chrome.NVRKRG42C5N6USD6I7WZDS624Y\InstallInfo] "ReinstallCommand"="C:\Users\Jean-Marie\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\K-MELEON.EXE\Shell\open\Command] ""="C:\Program Files (x86)\K-Meleon\k-meleon.exe" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\K-MELEON.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\K-Meleon\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\OperaStable\Shell\open\Command] ""="C:\Users\Jean-Marie\AppData\Local\Programs\Opera\Launcher.exe" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\OperaStable\InstallInfo] "ReinstallCommand"="C:\Users\Jean-Marie\AppData\Local\Programs\Opera\Launcher.exe" --makedefaultbrowser [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\PALEMOON.EXE\Shell\open\Command] ""="C:\Program Files\Pale Moon\palemoon.exe" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients\StartMenuInternet\PALEMOON.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Pale Moon\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\AVG Secure Browser\Shell\open\Command] ""="C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" [HKLM\Software\Clients\StartMenuInternet\AVG Secure Browser\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\BaiduSpark.EXE\Shell\open\Command] ""="C:\Program Files (x86)\baidu\Spark\Spark.exe" [HKLM\Software\Clients\StartMenuInternet\BaiduSpark.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\baidu\Spark\Spark.exe" --type=ToolUtilProcess --action=SetDefault [HKLM\Software\Clients\StartMenuInternet\Dragon\Shell\open\Command] ""="C:\Program Files (x86)\Comodo\Dragon\dragon.exe" [HKLM\Software\Clients\StartMenuInternet\Dragon\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Firefox-6F193CCC56814779\Shell\open\Command] ""="C:\Program Files\Firefox Nightly\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-6F193CCC56814779\InstallInfo] "ReinstallCommand"="C:\Program Files\Firefox Nightly\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Firefox-E7CF176E110C211B\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-E7CF176E110C211B\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\K-MELEON.EXE\Shell\open\Command] ""="C:\Program Files (x86)\K-Meleon\k-meleon.exe" [HKLM\Software\Clients\StartMenuInternet\K-MELEON.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\K-Meleon\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\NAVIGATOR.EXE\Shell\open\Command] ""=C:\Program Files (x86)\Netscape\Navigator 9\navigator.exe [14/09/2018 10:51:14] [HKLM\Software\Clients\StartMenuInternet\NAVIGATOR.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Netscape\Navigator 9\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\PALEMOON.EXE\Shell\open\Command] ""="C:\Program Files\Pale Moon\palemoon.exe" [HKLM\Software\Clients\StartMenuInternet\PALEMOON.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Pale Moon\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\AVG Secure Browser\Shell\open\Command] ""="C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\AVG Secure Browser\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\BaiduSpark.EXE\Shell\open\Command] ""="C:\Program Files (x86)\baidu\Spark\Spark.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\BaiduSpark.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\baidu\Spark\Spark.exe" --type=ToolUtilProcess --action=SetDefault [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Dragon\Shell\open\Command] ""="C:\Program Files (x86)\Comodo\Dragon\dragon.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Dragon\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-6F193CCC56814779\Shell\open\Command] ""="C:\Program Files\Firefox Nightly\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-6F193CCC56814779\InstallInfo] "ReinstallCommand"="C:\Program Files\Firefox Nightly\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-E7CF176E110C211B\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-E7CF176E110C211B\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\K-MELEON.EXE\Shell\open\Command] ""="C:\Program Files (x86)\K-Meleon\k-meleon.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\K-MELEON.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\K-Meleon\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\NAVIGATOR.EXE\Shell\open\Command] ""=C:\Program Files (x86)\Netscape\Navigator 9\navigator.exe [14/09/2018 10:51:14] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\NAVIGATOR.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Netscape\Navigator 9\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\PALEMOON.EXE\Shell\open\Command] ""="C:\Program Files\Pale Moon\palemoon.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\PALEMOON.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Pale Moon\uninstall\helper.exe" /SetAsDefaultAppGlobal ---------- | AppcompatFlags [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "K:\Users\EFM LFS Hyper UEFM\Downloads\Advanced.System.Repair.Pro.1.8.0.6\Advanced.System.Repair.Pro.1.8.0.6.KaranPC\ASRPro_Installer.exe"=1 "C:\Users\Jean-Marie\Downloads\combofix-17-5-4-1.exe"=1 "C:\ProgramData\TSR7Settings\uninstasr.exe"=33 "C:\Users\Jean-Marie\Downloads\data-recovery_setup.exe"=1 "C:\Users\JEAN-M~1\AppData\Local\Temp\usosetup\combofix-17-5-4-1.exe"=1 "C:\Users\Jean-Marie\AppData\Local\Programs\Opera\Launcher.exe"=32 [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe"=0x534143500100000000000000070000002800000000F000006C240100010000000000000000000006712200002EF6C8A3A56ACD010000000000000000 "D:\Program files\Spark Browser\spark.exe"=0x534143500100000000000000070000002800000010000F0055720F00010000000000000000000206712200002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000005AFADC00000000000100000001000000 "C:\Users\Jean-Marie\Downloads\ashampoo_snap_9_9.0.6_sm.exe"=0x5341435001000000000000000700000028000000C88F780389D27803010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000E5A0DF00000000000300000003000000 "C:\Users\Jean-Marie\Downloads\HFS4WIN.msi"=0x534143500100000000000000070000002800000000E60100BC93020001000000000000000000010500100000647CA60EA56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000FE460B00000000000200000002000000 "C:\Users\Jean-Marie\Downloads\BonjourPSSetup.exe"=0x534143500100000000000000070000002800000048F5520068CF5300010000000000000000000106710200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000E8F90100000000000200000002000000 "C:\Users\Jean-Marie\Downloads\processclose_2_08.01.17.1.exe"=0x5341435001000000000000000700000028000000A8270F003B5B0F00010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000050000000000000000000004000000000000000000000000000000000E2AEC30E000000000400000001000000000000000000000000000000000000000000000000000000A82F0200000000000200000000000000 "C:\Users\Jean-Marie\Downloads\rufus-3.3.exe"=0x534143500100000000000000070000002800000038AC0F0060DE0F00010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000800200000028000000000000000000008000000000000000000000000000000000CD8D0100000000000100000001000000 "C:\Users\Jean-Marie\Downloads\USBFormatToolSetup.exe"=0x5341435001000000000000000700000028000000DAB4080000000000010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000050000000000000000000000000000000000000000000000000000000EA5F0D00000000000100000001000000000000000000008000000000000000000000000000000000659B0300000000000100000000000000 "C:\Users\Jean-Marie\Downloads\EmsisoftEmergencyKit.exe"=0x5341435001000000000000000700000028000000301B8A142F2B8A14010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000781E0200000000000100000001000000 "C:\Users\Jean-Marie\Downloads\AfterShotPro3.exe"=0x5341435001000000000000000700000028000000600C0A00B95F0A00010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000E6232B00000000000200000002000000 "C:\Users\Jean-Marie\Downloads\AfterShotPro3 (1).exe"=0x5341435001000000000000000700000028000000600C0A00B95F0A00010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000061924700000000000100000001000000 "C:\Program Files (x86)\Digital Video Duplicator\DVDRemote.exe"=0x534143500100000000000000070000002800000000600D00E6C50D00010000000000000000000105712000002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000004000000000000000000000000000009DE50100000000000100000001000000 "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000D0450600DB820600010000000000000000000206002100002EF6C8A3A56ACD010000000100000000 "C:\Users\Jean-Marie\Downloads\NRnR.exe"=0x534143500100000000000000070000002800000050CAE100F883E200010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000EC920000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\NRnR(1).exe"=0x53414350010000000000000007000000280000001094C2006BFBC200010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000036B64C00000000000100000001000000 "C:\Users\Jean-Marie\Downloads\filmora_setup_full1084.exe"=0x534143500100000000000000070000002800000068D80F004DC31000010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000082AA3A00000000000100000001000000 "C:\Users\Jean-Marie\Downloads\BCUninstaller_4.11_portable\BCUninstaller.exe"=0x5341435001000000000000000700000028000000D85C1B0009CE1B0001000000000000000000010680010000647CA60EA56ACD01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000000A5B0500000000000100000001000000 "C:\Users\Jean-Marie\Downloads\OneSafe_VideoRepair_FR.exe"=0x534143500100000000000000070000002800000030A12801ABB12801010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000050A30000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\apower-manager.exe"=0x534143500100000000000000070000002800000018AE4504DB604604010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000F9C80700000000000100000001000000 "C:\Users\Jean-Marie\Downloads\apowershow.exe"=0x53414350010000000000000007000000280000009868F80259CAF802010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000006DC80900000000000100000001000000 "C:\Users\Jean-Marie\Downloads\Rem-VBSworm\Rem-VBSworm.exe"=0x534143500100000000000000070000002800000000BE010000000000010000000000000000000106710200002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000800000000200000028000000000000008000000000000000000000000000000000000000C4482A00000000000100000001000000 "SIGN.MEDIA=3F8FEA UsbFix_Standard\UsbFix_Standard.exe"=0x5341435001000000000000000700000028000000EA8F3F0000000000010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000079018F00000000000100000001000000 "C:\Users\Jean-Marie\Downloads\processclose_2_08.01.17.1 (1).exe"=0x5341435001000000000000000700000028000000A8270F003B5B0F00010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000CEAF0200000000000100000001000000 "C:\Users\Jean-Marie\Downloads\processclose_2_08.01.17.1 (3).exe"=0x5341435001000000000000000700000028000000A8270F003B5B0F00010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000500000000000000000000000000000000000000000000000000000006837AB00000000001100000008000000000000000000004000000000000000000000000000000000FD500100000000000100000000000000 "C:\Users\Jean-Marie\Downloads\cptsetup_3971.exe"=0x534143500100000000000000070000002800000078CCE200327FE300010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000074A8F900000000000200000002000000 "C:\Users\Jean-Marie\AppData\Local\Programs\Opera\57.0.3098.116\opera.exe"=0x5341435001000000000000000700000028000000585417008A111800010000000000000000000206002100002EF6C8A3A56ACD010000000100000000 "K:\Program Files (x86)\OldTimer\TFC\TFC.exe"=0x534143500100000000000000070000002800000000D80600B99F0700010000000000000000000206412200002EF6C8A3A56ACD01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040001000000000000000000000000000006B0F0000000000000100000001000000 "C:\Program Files (x86)\Unchecky\unchecky.exe"=0x534143500100000000000000070000002800000018651A0044DA1A00010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000006A5D0000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\SibSetup.msi"=0x534143500100000000000000070000002800000000E60100BC93020001000000000000000000010500100000647CA60EA56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000010003A00000000000400000004000000 "C:\Program Files (x86)\Silent Install Builder 5\Sib.exe"=0x5341435001000000000000000700000028000000C8100C001BCF0C00010000000000000000000206802100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000B13F9A00000000000600000006000000 "K:\CyberLink_PhotoDirector_Downloader(1).exe"=0x5341435001000000000000000700000028000000B8EA11008A2E1200010000000000000000000206712200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000B9890000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\sih.3.6.0.0.exe"=0x534143500100000000000000070000002800000000A820005CEB2000010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000009CDE3200000000000200000002000000 "SIGN.MEDIA=EC33F5CA muscade-moulu de widen - vaincre peur malware - adsfix - avanquest trials\OnlineVideoRecorder_3_4_4_AQFR.exe"=0x5341435001000000000000000700000028000000208F0101A5BA0101010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000F0740C00000000000100000001000000 "SIGN.MEDIA=EC33F5CA muscade-moulu de widen - vaincre peur malware - adsfix - avanquest trials\SmartPrivacyCleaner_FR (1).exe"=0x534143500100000000000000070000002800000000EA14008BAE1500010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000091300C00000000000100000001000000 "SIGN.MEDIA=EC33F5CA muscade-moulu de widen - vaincre peur malware - adsfix - avanquest trials\WebAnime_eval.exe"=0x53414350010000000000000007000000280000007585310000000000010000000000000000000206412200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000650B0C00000000000100000001000000 "SIGN.MEDIA=A9464640 muscade-moulu de widen - vaincre peur malware - adsfix - avanquest trials\muscade-moulu de widen - vaincre peur malware - adsfix - avanquest trials\RegistryFirstAid_AQFR.exe"=0x5341435001000000000000000700000028000000E8388B0056F18B00010000000000000000000206002100002EF6C8A3A56ACD010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000065E40000000000000100000001000000 "SIGN.MEDIA=283E478C ucheck technician (licence key + rebrand logo m ordre liber)\setup.exe"=0x5341435001000000000000000700000028000000987D3E01F58F3E01010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000B3850800000000000100000001000000 "C:\Users\Jean-Marie\Desktop\mbar-1.10.3.1001.exe"=0x5341435001000000000000000700000028000000185AD800B993D800010000000000000000000106710200002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000001D200100000000000200000002000000 "C:\Program Files\Firefox Nightly\firefox.exe"=0x5341435001000000000000000700000028000000D047080014B1080001000000000000000000020600210000647CA60EA56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000028120100000000000C0000000C000000 "C:\Program Files (x86)\MD5Look\MD5Look32.exe"=0x534143500100000000000000070000002800000048E2030073ED0300010000000000000000000206F5220000647CA60EA56ACD0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000674F0100000000000100000001000000 "C:\Users\Jean-Marie\Downloads\bdcamsetup.exe"=0x534143500100000000000000070000002800000098FA0C01CEE70D01010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000072C01000000000000200000002000000 "C:\OneSafe PC Cleaner\la théorie du complot\Adaware_Installer.exe"=0x5341435001000000000000000700000028000000B0552900D0082A00010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000F5E61700000000000100000001000000 "D:\BCUninstaller\BCUninstaller.exe"=0x5341435001000000000000000700000028000000D85E1B0064781B0001000000000000000000010680010000647CA60EA56ACD01000000000000000002000000280000000000000000000040000002000000000000000000000000003E15EB01000000000300000003000000 "C:\Users\Jean-Marie\Downloads\ashampoo_uninstaller_8_8.00.11_sm.exe"=0x5341435001000000000000000700000028000000B8F8E4007071E500010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000034300500000000000100000001000000 "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE"=0x5341435001000000000000000700000028000000B0752A00F36B2B00010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000CC1D0900000000000100000001000000 "K:\Users\EFM LFS Hyper UEFM\Downloads\Advanced.System.Repair.Pro.1.8.0.6\Advanced.System.Repair.Pro.1.8.0.6.KaranPC\ASRPro_Installer.exe"=0x53414350010000000000000007000000280000004852040143490501010000000000000000000206712200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000806B3C00000000000100000001000000 "Z:\EFM, Barrow 16,2, Widen 16 & ANAAMFUW\cadeau amorce EFM, Barrow 16,2, LFS U, Widen 16, 100% S, & ANAAMFUW finalis\4ukey-itunes-backup.exe"=0x5341435001000000000000000700000028000000E0901700C3251800010000000000000000000206712200002EF6C8A3A56ACD010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000028280000000000000100000001000000 "C:\Program Files (x86)\OldTimer\TFC\TFC.exe"=0x534143500100000000000000070000002800000000D80600B99F0700010000000000000000000206412200002EF6C8A3A56ACD010000000000000000 "Z:\EFM, Barrow 16,2, Widen 16 & ANAAMFUW\RogueKiller portable technician découverte & baptême de ANAAMFUW\RogueKiller_portable64.exe"=0x534143500100000000000000070000002800000038CEFC013355FD0101000000000000000000020673220000647CA60EA56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000005F0FBD03000000000100000001000000 "C:\Program Files (x86)\Netscape\Navigator 9\navigator.exe"=0x534143500100000000000000070000002800000000F07D0000000000010000000000000000000006712000002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000028060100000000000100000001000000 "C:\Users\Jean-Marie\Downloads\processclose_2_08.01.17.1 (2).exe"=0x5341435001000000000000000700000028000000A8270F003B5B0F00010000000000000000000206002100002EF6C8A3A56ACD010000000000000000 "C:\Users\Jean-Marie\Downloads\KCinst.exe"=0x53414350010000000000000007000000280000001122090000000000010000000000000000000105710000002EF6C8A3A56ACD01000000000000000002000000280000000000000000080040000000000000000000000000000000003C6E0000000000000200000002000000 "Z:\LFS Hyper 1à2 & UEFM\ANAAMFUW\DCUS-UpdateScanner.exe"=0x53414350010000000000000007000000280000007336070300000000010000000000000000000106000100002EF6C8A3A56ACD010000008000000000020000002800000000000000000000000000000000000000000000000000000076280100000000000100000001000000 "C:\Users\Jean-Marie\Downloads\adbusetup.exe"=0x5341435001000000000000000700000028000000A02B7E0042007F00010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000003E3D0100000000000100000001000000 "C:\Users\Jean-Marie\Downloads\advanced-systemcare-free_11-5-0-242_fr_403234(1).exe"=0x5341435001000000000000000700000028000000E8ACE10153C6E101010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000004CA70701000000000100000001000000 "C:\Users\Jean-Marie\Downloads\Android Start Button.exe"=0x534143500100000000000000070000002800000064710200E4360200010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000008000000000000000000000000000000000000000DCCF0000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\ApplicationManager_v1126_rv199819(1.2)_STD_APM181015-01.exe"=0x53414350010000000000000007000000280000001805ED005517ED00010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000008000000000000000000000000000000000000000D3EC0401000000000100000001000000 "C:\Users\Jean-Marie\Downloads\BitCopySetup.msi"=0x534143500100000000000000070000002800000000E60100BC93020001000000000000000000010500100000647CA60EA56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000004B3B0000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\BlazeDTVProSetup.exe"=0x53414350010000000000000007000000280000004FBACE0100000000010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000006E2F0201000000000100000001000000 "C:\Users\Jean-Marie\Downloads\BlazeDVDProSetup.exe"=0x53414350010000000000000007000000280000007B0AF50100000000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000BE890101000000000100000001000000 "C:\Users\Jean-Marie\Downloads\BlazePhotoSetup.exe"=0x5341435001000000000000000700000028000000A039060217C20602010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000BF9E0000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\BlazevideoVideoEditorSetup.exe"=0x53414350010000000000000007000000280000005E5AF60100000000010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000002C250100000000000100000001000000 "C:\Users\Jean-Marie\Downloads\ccsetup548.exe"=0x534143500100000000000000070000002800000028C2130136B11401010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000BB737000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\cds_trial_setup.exe"=0x5341435001000000000000000700000028000000A73B930F00000000010000000000000000000105710000002EF6C8A3A56ACD0100000000000000000200000028000000000000000008004000000000000000000000000000000000B9E80000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\cleaner-9.0-setup.exe"=0x5341435001000000000000000700000028000000F8E1C70E5C91C80E010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000028430400000000000100000001000000 "C:\Users\Jean-Marie\Downloads\ColorDirector_5.0.7617.196135_GM4_LE_LE_CDR180205-01.exe"=0x53414350010000000000000007000000280000005872050A8F9D050A010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000008000000000000000000000000000000000000000F9530E00000000000100000001000000 "C:\Users\Jean-Marie\Downloads\csbsetup.exe"=0x5341435001000000000000000700000028000000A0B70F0148D70F01010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000B5760100000000000100000001000000 "C:\Users\Jean-Marie\Downloads\data-recovery_setup.exe"=0x5341435001000000000000000700000028000000B89908002A3D0900010000000000000000000206712200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000DF993400000000000100000001000000 "C:\Users\Jean-Marie\Downloads\CyberLinkMediaSuite16.0_Trial_MES180731-04_TR180823-022.exe"=0x5341435001000000000000000700000028000000287262A4E55F63A4010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000080000000000000000000000000000000000000001A15F700000000000100000001000000 "C:\Users\Jean-Marie\Downloads\dixmlsetup.exe"=0x534143500100000000000000070000002800000010E01E006ECF1F00010000000000000000000206412000002EF6C8A3A56ACD0100000000000000000200000028000000000000000008004000000000000000000000000000000000ADE00000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\Driver_Genius.exe"=0x53414350010000000000000007000000280000005015D100CBC1D100010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000FE4EF600000000000100000001000000 "C:\Users\Jean-Marie\Downloads\dtpro821-0709.exe"=0x5341435001000000000000000700000028000000809FF6013E5CF701010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000007DC30300000000000100000001000000 "C:\Users\Jean-Marie\Downloads\ebook_reader_setup.exe"=0x53414350010000000000000007000000280000004089C20141EDC201010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000B11A0400000000000100000001000000 "C:\Users\Jean-Marie\Downloads\el-capitan-menu-bar-vifind.exe"=0x534143500100000000000000070000002800000037F10B0000000000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000100000000000000000000000000000F6510400000000000100000001000000 "C:\Users\Jean-Marie\Downloads\FreeStudio_6.6.42.703_d.exe"=0x5341435001000000000000000700000028000000F81AA703D323A703010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000CEFD0100000000000200000002000000 "C:\Users\Jean-Marie\Downloads\fxsound_13.024_setup.exe"=0x53414350010000000000000007000000280000007047350054B83500010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000E8F90300000000000100000001000000 "C:\Users\Jean-Marie\Downloads\InPixio_PhotoClip_DT.exe"=0x534143500100000000000000070000002800000048802A00E5A12A00010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000070F10000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\InstallSafeSetup.exe"=0x534143500100000000000000070000002800000030A9D1001CE5D100010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000005C4C4400000000000100000001000000 "C:\Users\Jean-Marie\Downloads\jing.exe"=0x534143500100000000000000070000002800000018386600B7306700010000000000000000000006710200002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000056104500000000000100000001000000 "C:\Users\Jean-Marie\Downloads\KeePass-2.40-Setup.exe"=0x53414350010000000000000007000000280000000011320076393200010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000B9784300000000000100000001000000 "C:\Users\Jean-Marie\Downloads\Le_Petit_Robert_2017_10j_AQ.exe"=0x5341435001000000000000000700000028000000BC7FCE1500000000010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000800000000000000000000000000000000000000077280600000000000100000001000000 "C:\Users\Jean-Marie\Downloads\mb3-setup-consumer-3.6.1.2711-1.0.519-1.0.8814.exe"=0x53414350010000000000000007000000280000003022E804D363E804010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000020DE4600000000000100000001000000 "C:\Users\Jean-Marie\Downloads\Mes_Drivers_3.0.4.exe"=0x534143500100000000000000070000002800000078C91800A0D81800010000000000000000000206712200002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000001729E400000000000100000001000000 "C:\Users\Jean-Marie\Downloads\mbae-setup-1.12.1.139.exe"=0x534143500100000000000000070000002800000050791E000FF01E00010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000000A594400000000000100000001000000 "C:\Users\Jean-Marie\Downloads\morae_manager_full.exe"=0x534143500100000000000000070000002800000020D94C1307F04C13010000000000000000000006710200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000FCCF3600000000000100000001000000 "C:\Users\Jean-Marie\Downloads\morae_recorder.msi"=0x534143500100000000000000070000002800000000E60100BC93020001000000000000000000010500100000647CA60EA56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000AFCA3F00000000000100000001000000 "C:\Users\Jean-Marie\Downloads\NDP461-KB3102438-Web.exe"=0x5341435001000000000000000700000028000000C8BB15004C531600010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000000A230400000000000100000001000000 "C:\Users\Jean-Marie\Downloads\noclone.exe"=0x5341435001000000000000000700000028000000F09262004BBF6200010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000008000004000000000000000000000000000000000F6670000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\PerfectCam_2.0.1225.0a_Subscription_PFC181009-01.exe"=0x534143500100000000000000070000002800000018A1A60502F7A605010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000008000000000000000000000000000000000000000392BE000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\PhotoDirector_10_0_2103_69885_GM2_1_Es_Essential_PTD180725-03.exe"=0x5341435001000000000000000700000028000000C845D3117DA9D311010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000008000000000000000000000000000000000000000B615D900000000000100000001000000 "C:\Users\Jean-Marie\Downloads\potplayer-1-7-3344.exe"=0x5341435001000000000000000700000028000000C00A560153195601010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000047650300000000000100000001000000 "C:\Users\Jean-Marie\Downloads\pwsafe64-3.47.2.exe"=0x53414350010000000000000007000000280000000036C30089D1C300010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000004940000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\pw103-free.exe"=0x5341435001000000000000000700000028000000B8AFFA04FC72FB04010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000FCE03B00000000000100000001000000 "C:\Users\Jean-Marie\Downloads\StartMenuReviverSetup.exe"=0x5341435001000000000000000700000028000000A8B96600E41B6700010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000AAD71900000000000100000001000000 "C:\Users\Jean-Marie\Downloads\StellarOSTtoPSTConverter_TR.exe"=0x5341435001000000000000000700000028000000C838FE006876FE00010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000A5323600000000000100000001000000 "C:\Users\Jean-Marie\Downloads\StellarPhoenixiOSDataRecovery.exe"=0x5341435001000000000000000700000028000000D0216F01E0B36F01010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000C46F3700000000000100000001000000 "C:\Users\Jean-Marie\Downloads\StellarPhoenixWordRepair.exe"=0x53414350010000000000000007000000280000005807630008176300010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000A3E91800000000000100000001000000 "C:\Users\Jean-Marie\Downloads\subsetup.exe"=0x53414350010000000000000007000000280000000051BF006CAEBF00010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000002D471500000000000100000001000000 "C:\Users\Jean-Marie\Downloads\sumo_lite.exe"=0x5341435001000000000000000700000028000000F07626007C462700010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000A9031900000000000100000001000000 "C:\Users\Jean-Marie\Downloads\TreeSizeFreeSetup.exe"=0x5341435001000000000000000700000028000000104A7B00B6EA7B00010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000075211700000000000100000001000000 "C:\Users\Jean-Marie\Downloads\undelete-360-setup.exe"=0x5341435001000000000000000700000028000000B8612B0040C82B00010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000B7931600000000000100000001000000 "C:\Users\Jean-Marie\Downloads\unlocker-setup.exe"=0x5341435001000000000000000700000028000000907E250068C72500010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000053300F00000000000100000001000000 "C:\Users\Jean-Marie\Downloads\UVKInstaller.exe"=0x53414350010000000000000007000000280000000872F000ACD7F000010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000026FA0400000000000100000001000000 "C:\Users\Jean-Marie\Downloads\VideoMagicUltimate.exe"=0x5341435001000000000000000700000028000000505B540200000000010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000005AD04000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\windows-live-mail_16-4-3528-0331_fr_37760.exe"=0x5341435001000000000000000700000028000000B09C4C0856434D08010000000000000000000206712200002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000052E72D00000000000100000001000000 "C:\Users\Jean-Marie\Downloads\windows-start-menu-vistart-8.exe"=0x53414350010000000000000007000000280000000602130000000000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000040100000000000000000000000000000E6C2D800000000000100000001000000 "C:\Users\Jean-Marie\Downloads\windows-task-bar-viglance.exe"=0x53414350010000000000000007000000280000009671050000000000010000000000000000000006710000002EF6C8A3A56ACD01000000000000000002000000280000000000000000080040000000000000000000000000000000002486D800000000000100000001000000 "C:\Users\Jean-Marie\Downloads\winrar-x64-561.exe"=0x5341435001000000000000000700000028000000F8AC30002849310001000000000000000000020600210000647CA60EA56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000002EA10300000000000100000001000000 "D:\SWDownload\USBVaccine_1.0.1.16.exe"=0x5341435001000000000000000700000028000000F8330D005FCE0D00010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000006B60D700000000000100000001000000 "D:\SWDownload\teracopy_2.3.0.0.exe"=0x534143500100000000000000070000002800000008BC2800D2762900010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000E1370400000000000100000001000000 "D:\SWDownload\Gadu-Gadu_12.exe"=0x534143500100000000000000070000002800000008170600DF1F0600010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000002000000000000000000000000007F5A0000000000000100000001000000 "D:\SWDownload\OrbitDownloader_4.1.1.19.exe"=0x5341435001000000000000000700000028000000C0E7530065AC5400010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000C6710900000000000100000001000000 "D:\SWDownload\Spark_Setup_33.9.1000.57_GB_SM-Fast_32_3357.exe"=0x5341435001000000000000000700000028000000E04879024DFA7902010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000005963D600000000000100000001000000 "D:\SWDownload\XvidVideoCodec-1.3.3-20140407.exe"=0x534143500100000000000000070000002800000088D6AB000EB9AC00010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000020200000000000000000000000000DA161800000000000100000001000000 "SIGN.MEDIA=B97BAC66 Data\Documents\Download\ExpertZIPPRO.exe"=0x5341435001000000000000000700000028000000807B420200000000010000000000000000000105710000002EF6C8A3A56ACD01000000000000000002000000280000000000000000080040000000000000000000000000000000004ABDD000000000000100000001000000 "SIGN.MEDIA=B97BAC66 Data\Documents\Download\goback_installer-1.0.exe"=0x5341435001000000000000000700000028000000A8A9C704F04FC804010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000068A0000000000000100000001000000 "Z:\Download\acdsee-video-studio.exe"=0x534143500100000000000000070000002800000080791300FFC31300010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000022500000000000000100000001000000 "Z:\Download\anti-malware-setup-anti-malware.exe"=0x5341435001000000000000000700000028000000E02908009B6E0800010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000CB8B0700000000000100000001000000 "Z:\Download\google-apps-backup.exe"=0x53414350010000000000000007000000280000002BBCC60000000000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000B3101C00000000000100000001000000 "Z:\Download\iobit-software-updater-setup-beta.exe"=0x5341435001000000000000000700000028000000A07E91003D0A9200010000000000000000000206002100002EF6C8A3A56ACD010000008000000000020000002800000000000000000000000000000000000000000000000000000056F50800000000000100000001000000 "Z:\Download\LiberKey_5.8.1129.exe"=0x5341435001000000000000000700000028000000785F4700BA2C4800010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000D2D31900000000000100000001000000 "Z:\Download\pdf-watermark-remover.exe"=0x53414350010000000000000007000000280000007077310050E93100010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000F6E11800000000000200000002000000 "Z:\Download\setup-13.0.22.0.exe"=0x53414350010000000000000007000000280000001848BD01EE6CBD01010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000012F11600000000000100000001000000 "Z:\EFM, Barrow 16,2, Widen 16 & ANAAMFUW\ANAAMFUW en anti-coussin logo systools géant & son fantasme en sécurisation faches en umt sysdar\seagate-media-sync-win-2.01.0412.exe"=0x534143500100000000000000070000002800000090E6080132010901010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000500000000000000000000000000000000033130E00000000000100000001000000 "Z:\EFM, Barrow 16,2, Widen 16 & ANAAMFUW\cadeau récompense efm, barrow 16,2, widen 16, lfs ultra, 100% s & anaamfuw finalis\icarefone (1).exe"=0x5341435001000000000000000700000028000000E0CA1500F82B1600010000000000000000000206712200002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000F1AC0100000000000100000001000000 "Z:\EFM, Barrow 16,2, Widen 16 & ANAAMFUW\epub-viewer.exe"=0x534143500100000000000000070000002800000058AB220071762300010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000466F0100000000000100000001000000 "Z:\LFS Hyper 1à2 & UEFM\1-LFS Ultra & 100% Sécurisé\hidefolder\hide_pro\LFS Ultra & 100% Sécurisé\LFS Ultra - 100% Sécurisé - Cewbé Suite\on squatte sur les voitures\WVDSetup.exe"=0x5341435001000000000000000700000028000000C89D1E0034021F00010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000006A9F0200000000000100000001000000 "Z:\LFS Hyper 1à2 & UEFM\1-LFS Ultra & 100% Sécurisé\hidefolder\hide_pro\LFS Ultra & 100% Sécurisé\LFS Ultra - 100% Sécurisé - Cewbé Suite\on squatte sur les voitures\WMOSetup.exe"=0x5341435001000000000000000700000028000000B83C130029DA1300010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000958C0200000000000100000001000000 "Z:\LFS Hyper 1à2 & UEFM\1-LFS Ultra & 100% Sécurisé\hidefolder\hide_pro\LFS Ultra & 100% Sécurisé\LFS Ultra - 100% Sécurisé - Cewbé Suite\on squatte sur les voitures\ashampoo_privacy_protector_e1.0.2_sm.exe"=0x5341435001000000000000000700000028000000F0085901ACBD5901010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000009A251C00000000000100000001000000 "Z:\LFS Hyper 1à2 & UEFM\1-LFS Ultra & 100% Sécurisé\hidefolder\hide_pro\LFS Ultra & 100% Sécurisé\LFS Ultra - 100% Sécurisé - Cewbé Suite\on squatte sur les voitures\Setup.exe"=0x53414350010000000000000007000000280000003E300B0000000000010000000000000000000206712000002EF6C8A3A56ACD01000000000000000002000000280000000000000000080040000000000000000000000000000000003CED0000000000000100000001000000 "Z:\LFS Hyper 1à2 & UEFM\2-barrow 2 & umt widen 1\data copy tools for mediasuite 17 & makeupdirector 3\NiceCopierSetup_15.02.27 (2).exe"=0x53414350010000000000000007000000280000006736AE0000000000010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000007B310B00000000000200000002000000 "Z:\LFS Hyper 1à2 & UEFM\2-barrow 2 & umt widen 1\data copy tools for mediasuite 17 & makeupdirector 3\MiniCopier-0.5-Windows-Setup.exe"=0x5341435001000000000000000700000028000000FD31320100000000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000C9A60800000000000100000001000000 "Z:\LFS Hyper 1à2 & UEFM\2-barrow 2 & umt widen 1\data copy tools for mediasuite 17 & makeupdirector 3\supercopier-windows-x86_64-1.2.3.5-setup.exe"=0x534143500100000000000000070000002800000021CF660000000000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000821A0300000000000100000001000000 "Z:\LFS Hyper 1à2 & UEFM\2-barrow 2 & umt widen 1\data copy tools for mediasuite 17 & makeupdirector 3\ultracopier-windows-x86_64-1.2.3.5-setup.exe"=0x53414350010000000000000007000000280000001207670000000000010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000000F2C0200000000000100000001000000 "Z:\LFS Hyper 1à2 & UEFM\2-barrow 2 & umt widen 1\cewbélink power2'dar, quel tri'toir nadia winifred, & macarons domi'gru\macarons domi'gru\lws280.exe"=0x5341435001000000000000000700000028000000981771044C337104010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000BE070700000000000100000001000000 "Z:\LFS Hyper 1à2 & UEFM\3-events nouveau logo blini\FreeVideoToMP3Converter_5.1.6.215_o.exe"=0x5341435001000000000000000700000028000000985CFE01838DFE01010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000364D1C00000000000100000001000000 "Z:\Sauvetage Kingston Workspace\Users\jean-\Downloads\dapsetup.exe"=0x534143500100000000000000070000002800000078F64800E3094900010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000052FD0600000000000100000001000000 "Z:\Sauvetage Kingston Workspace\Users\jean-\Downloads\dpfsetup.exe"=0x534143500100000000000000070000002800000078A53400BFE93400010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000358DAE00000000000100000001000000 "Z:\Sauvetage Kingston Workspace\Users\jean-\Downloads\vhdx-viewer.exe"=0x5341435001000000000000000700000028000000B87F9100B7B39100010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000057540100000000000100000001000000 "Z:\Sauvetage Kingston Workspace\Users\jean-\Downloads\vlc-3.0.4-win64.exe"=0x5341435001000000000000000700000028000000400879026D567902010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000002DC10D00000000000100000001000000 "Z:\Sauvetage Kingston Workspace\Users\jean-\Downloads\UCheck_setup.exe"=0x534143500100000000000000070000002800000028CDBA017044BB01010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000028A71400000000000100000001000000 "C:\Program Files (x86)\TechSmith\Jing\Jing.exe"=0x5341435001000000000000000700000028000000F86B2C00FA272D00010000000000000000000206F12200002EF6C8A3A56ACD01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000004444DF09000000001400000014000000 "Z:\LFS Hyper 1à2 & UEFM\ashampoo_snap_10_26888.exe"=0x5341435001000000000000000700000028000000281F4E03D5E74E03010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000034461200000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo Snap 10\ashsnap.exe"=0x534143500100000000000000070000002800000090F35E00CD5F5F00010000000000000000000206712200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000CCBDF404000000000300000003000000 "Z:\LFS Hyper 1à2 & UEFM\PortableApps\CamStudioPortable\CamStudioPortable.exe"=0x534143500100000000000000070000002800000090600200F0520300010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000200000000000000000000000000AAA60000000000000100000001000000 "SIGN.MEDIA=41FD7 PortableApps\AshampooBurningStudioPortable\AshampooBurningStudioPortable.exe"=0x5341435001000000000000000700000028000000CD08020000000000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000BD810100000000000100000001000000 "SIGN.MEDIA=6F3A7 PortableApps\AuslogicsDDPROPortable\AuslogicsDDPROPortable.exe"=0x5341435001000000000000000700000028000000F57E030000000000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000FAAD0000000000000100000001000000 "C:\Program Files (x86)\Slowin Killer\Slowin Killer.exe"=0x534143500100000000000000070000002800000000BA14002AE91400010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000008000000000000000000000000000000000323A0000000000000100000001000000 "C:\Program Files\MultiCommander (x64)\MultiCommander.exe"=0x534143500100000000000000070000002800000000E074000000000001000000000000000000020600210000647CA60EA56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000005918408000000000300000003000000 "Z:\EFM, Barrow 16,2, Widen 16 & ANAAMFUW\efm hors lfs hyper-applications-réparation internet\mucommander-0.9.1.exe"=0x5341435001000000000000000700000028000000F8C7960000000000010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000094E69508000000000100000001000000 "Z:\EFM, Barrow 16,2, Widen 16 & ANAAMFUW\PortableApps\AshampooBurningStudioPortable\AshampooBurningStudioPortable.exe"=0x5341435001000000000000000700000028000000CD08020000000000010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000073B61400000000000100000001000000 "C:\Program Files (x86)\AIMP\AIMP.exe"=0x534143500100000000000000070000002800000030224500626C4500010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000E8719A00000000000200000002000000 "C:\Program Files (x86)\Winamp\winamp.exe"=0x534143500100000000000000070000002800000060802300C6B42300010000000000000000000206712200002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000AB7B5704000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe"=0x5341435001000000000000000700000028000000A0837100729B7100010000000000000000000206712200002EF6C8A3A56ACD010000000000000000 "Z:\LFS Hyper 1à2 & UEFM\2-barrow 2 & umt widen 1\cewbélink power2'dar, quel tri'toir nadia winifred, & macarons domi'gru\quel tri'toir nadia winifred\Paragon-283-PEF_WinInstallSNx64_10.1.25.813_000.exe"=0x534143500100000000000000070000002800000058EF310350963203010000000000000000000006710200002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000006CBC1700000000000100000001000000 "C:\Users\Jean-Marie\Downloads\Paragon-790-PEU_WinInstallSNx64_16.23.0_000.exe"=0x5341435001000000000000000700000028000000F89CA6097BFBA609010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000050000000000000000000000000000000000000000000000000000000EB2200000000000001000000010000000000000000000040000000000000000000000000000000007E0C0000000000000100000000000000 "C:\Program Files\WinRAR\WinRAR.exe"=0x5341435001000000000000000700000028000000D8C02200ABE9220001000000000000000000020600210000647CA60EA56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000514FE401000000000700000007000000 "C:\Users\Jean-Marie\Downloads\UVKPortable (1).exe"=0x53414350010000000000000007000000280000007803E00000C2E000010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000017430200000000000100000001000000 "C:\Program Files\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000C80A0F00A5500F0001000000000000000000000600010000647CA60EA56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000C3A05300000000000400000004000000 "C:\Users\Jean-Marie\Documents\VIPRERescue.exe"=0x534143500100000000000000070000002800000000601B1500000000010000000000000000000006710200002EF6C8A3A56ACD010000000000000000020000002800000000000000800000400000000000000000000000000000000064AA5100000000000100000001000000 "C:\Users\Jean-Marie\Downloads\CyberLink_VideoMeetingPlus_Downloader.exe"=0x5341435001000000000000000700000028000000B8BD0F00C61A1000010000000000000000000206712000002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000003CB51E00000000000100000001000000 "C:\Program Files\Pale Moon\palemoon.exe"=0x5341435001000000000000000700000028000000008A04009B18050001000000000000000000020600210000647CA60EA56ACD0100000000000000000200000050000000000000000000000000000000000000000000000000000000B2E24700000000000400000003000000000000000000008000000000000000000000000000000000EE990000000000000200000000000000 "C:\Users\Jean-Marie\Downloads\U_5.0.6021.74036%20(Prod)_Free_YOU181130-01.exe"=0x53414350010000000000000007000000280000009098A50178B3A501010000000000000000000206002100002EF6C8A3A56ACD010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000022E00200000000000100000001000000 "C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe"=0x534143500100000000000000070000002800000000296B00519F6B00010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000F1AC0200000000000300000003000000 "C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe"=0x5341435001000000000000000700000028000000083B550071FF5500010000000000000000000206002100002EF6C8A3A56ACD01000000800000000002000000280000000000000000000040000000000000000000000000000000005A791D04000000000500000005000000 "C:\Users\Jean-Marie\Downloads\Install Restore Point Creator.exe"=0x53414350010000000000000007000000280000003C080D0000000000010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000001D470000000000000100000001000000 "C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe"=0x534143500100000000000000070000002800000000C811000000000001000000000000000000020680210000647CA60EA56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000892A0000000000000100000001000000 "C:\Users\Jean-Marie\Downloads\keepvid-video-converter_setup_full3685.exe"=0x5341435001000000000000000700000028000000C01A0F00E2ED0F00010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000004BED1603000000000100000001000000 "C:\Users\Jean-Marie\AppData\Local\temp\lfsh_efm_uefm_barrow162_widen16_anaamfuw_suite_essentials&post-finalis24_fev_2019setup\iobit-software-updater-setup-beta.exe"=0x5341435001000000000000000700000028000000A07E91003D0A9200010000000000000000000206002100002EF6C8A3A56ACD0100000080000000000200000028000000000000000000008000000000000000000000000000000000AD2E0200000000000100000001000000 "C:\Program Files (x86)\IObit\Software Updater\SUFeature.exe"=0x534143500100000000000000070000002800000010870200F4860300010000000000000000000206002100002EF6C8A3A56ACD0100000080000000000500000010000000000000000000000000000000000000800200000028000000000000000000008000000000000000000000000000000000C41C0000000000000200000002000000 "C:\Program Files (x86)\Fighters\Tray\FightersTray.exe"=0x534143500100000000000000070000002800000020E219007CB31A00010000000000000000000206712200002EF6C8A3A56ACD0100000080000000000200000028000000000000000000000000000000000000000000000000000000172B5E00000000000100000001000000 "C:\Program Files (x86)\Fighters\OUTDATEfighter\OUTDATEfighter.exe"=0x53414350010000000000000007000000280000008016170015251700010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000A7174900000000000100000001000000 "C:\Program Files (x86)\Moo0\RightClicker Pro 1.56\RightClicker.exe"=0x534143500100000000000000070000002800000000E230000000000001000000000000000000020673220000647CA60EA56ACD010000000000000000020000005000000000000000000000000000000000000000000000000000000005B6000000000000010000000100000000000000000000800000000000000000000000000000000088670000000000000100000000000000 "C:\Users\Jean-Marie\AppData\Local\temp\RarSFX13\Setup.exe"=0x534143500100000000000000070000002800000078F70B005E000C00010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000008000008000000000000000000000000000000000D7A94700000000000100000001000000 "C:\OneSafe PC Cleaner\la théorie du complot\ciscomplete_installer.exe"=0x5341435001000000000000000700000028000000782D550083595500010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000006CC11800000000000100000001000000 "C:\OneSafe PC Cleaner\la théorie du complot\InstallBoost_DownloadCom.exe"=0x534143500100000000000000070000002800000010707600FE117700010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000014D60E00000000000100000001000000 "C:\Users\Jean-Marie\Downloads\InstallBoost_DownloadCom.exe"=0x534143500100000000000000070000002800000010707600FE117700010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000D7C10000000000000100000001000000 "C:\Users\Jean-Marie\AppData\Local\temp\SoftwareUpdate_Temp\Data\Setup.exe"=0x5341435001000000000000000700000028000000F8C10500C74C0600010000000000000000000206002100002EF6C8A3A56ACD0100000080000000000200000028000000000000000000004000000000000000000000000000000000C8140100000000000100000001000000 "C:\Users\Jean-Marie\AppData\Local\Programs\Opera\58.0.3135.65\opera.exe"=0x534143500100000000000000070000002800000058601700A0791700010000000000000000000206002100002EF6C8A3A56ACD010000000100000000 "C:\Users\Jean-Marie\Documents\WiNToBootic_v2.2.1\WiNToBootic.exe"=0x534143500100000000000000070000002800000000D60F004AE70F00010000000000000000000206F5200000647CA60EA56ACD0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000C90A1400000000000100000001000000 "C:\Users\Jean-Marie\Documents\WoR_Release1.0.2\WoR.exe"=0x534143500100000000000000070000002800000000840E0000000000010000000000000000000206F12200002EF6C8A3A56ACD010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400080020000000000008000000000000005940000000000000100000001000000010000000400000001000000 "C:\Users\Jean-Marie\Desktop\adwcleaner_7.2.7.0.exe"=0x5341435001000000000000000700000028000000D0A46F000FD26F00010000000000000000000206002100002EF6C8A3A56ACD010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000027E41400000000000200000002000000 "C:\Users\Jean-Marie\Documents\aimp-avg-cyberlink_setup_sib.exe"=0x534143500100000000000000070000002800000080377A0500000000010000000000000000000106000100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000030D40F00000000000100000001000000 "C:\Program Files (x86)\AVG\AVG TuneUp\TuneupUI.exe"=0x534143500100000000000000070000002800000060641F00BBAD1F00010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000F69F0D00000000000100000001000000 "C:\Users\Jean-Marie\AppData\Local\temp\RarSFX14\Setup.exe"=0x5341435001000000000000000700000028000000D0FB0B00AF4E0C00010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000800000800000000000000000000000000000000075320300000000000100000001000000 "C:\Program Files\AVG\Antivirus\AVGUI.exe"=0x5341435001000000000000000700000028000000B0ABBA005B63BB0001000000000000000000020600210000647CA60EA56ACD010000000000000000 "C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe"=0x534143500100000000000000070000002800000028B01D0064631E00010000000000000000000206002100002EF6C8A3A56ACD010000000000000000 "C:\Program Files (x86)\CyberLink\AppManager\AppManager.exe"=0x5341435001000000000000000700000028000000B8060400587B0400010000000000000000000206002100002EF6C8A3A56ACD010000000000000000 "C:\Users\Jean-Marie\Documents\aimp_YouTube\aimp_YouTube\youtube-dl.exe"=0x534143500100000000000000070000002800000058397A0000000000010000000000000000000206712000002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000323A0000000000000100000001000000 "C:\Program Files\CyberLink\PowerDirector17\PDR.exe"=0x5341435001000000000000000700000028000000B84E7300D095730001000000000000000000020600210000647CA60EA56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000005589519000000000300000003000000 "C:\Users\Jean-Marie\Desktop\rkill.exe"=0x5341435001000000000000000700000028000000D0811B0066BA1B00010000000000000000000206002100002EF6C8A3A56ACD010000000000000000 "C:\Users\Jean-Marie\Desktop\processclose_2_08.01.17.1.exe"=0x5341435001000000000000000700000028000000A8270F003B5B0F00010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000007A555008000000000500000005000000 "C:\Users\Jean-Marie\Documents\anti-tfl_loaris_protectstar_setup_sib.exe"=0x534143500100000000000000070000002800000066F6370A00000000010000000000000000000106000100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000005DDE0C00000000000100000001000000 "C:\Users\Jean-Marie\Documents\Ads by loaris & protectstar (grande force loaris noa)\GOMENCODERGLOBALSETUP_NEW.EXE"=0x53414350010000000000000007000000280000002835B20127DEB201010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000E1630100000000000100000001000000 "C:\Users\Jean-Marie\AppData\Local\temp\RarSFX15\Setup.exe"=0x534143500100000000000000070000002800000030A11100F25B1200010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000800000800000000000000000000000000000000078EB2A00000000000100000001000000 "C:\Users\Jean-Marie\AppData\Local\temp\anti-tfl_loaris_protectstar setup\iobit-software-updater-setup-beta.exe"=0x5341435001000000000000000700000028000000A07E91003D0A9200010000000000000000000206002100002EF6C8A3A56ACD010000008000000000020000002800000000000000000000800000000000000000000000000000000005E20300000000000100000001000000 "C:\Users\Jean-Marie\Documents\Ads by loaris & protectstar (grande force loaris noa)\iobit-software-updater-setup.exe"=0x5341435001000000000000000700000028000000F899A800B2E6A800010000000000000000000206002100002EF6C8A3A56ACD010000008000000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000F00F1A004FD91A0001000000000000000000020600210000647CA60EA56ACD010000000100000000 "C:\Users\Jean-Marie\Downloads\DriverPack-17-Online_1170128422.1551856718.exe"=0x53414350010000000000000007000000280000005863130027B41300010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000D91D5505000000000100000001000000 "C:\Users\Jean-Marie\Downloads\SDI_R1811\SDI_x64_R1811.exe"=0x5341435001000000000000000700000028000000004C1A000000000001000000000000000000020600210000647CA60EA56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000003E450804000000000100000001000000 "C:\Users\Jean-Marie\AppData\Roaming\DRPSu\PROGRAMS\DotNet.exe"=0x534143500100000000000000070000002800000070A7AC0363C3AC03010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000D0A9EE01000000000100000001000000 "C:\Users\Jean-Marie\Desktop\pre-scan_7_16.10.17.1.exe"=0x5341435001000000000000000700000028000000A8AF2E007DB12E00010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000063065602000000000100000001000000 "C:\Users\Jean-Marie\Downloads\DriverPack-17-Online.exe"=0x534143500100000000000000070000002800000008631300FBCC1300010000000000000000000106000100002EF6C8A3A56ACD010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000010738300000000000100000001000000 "Z:\Recuva_Portable_MultiVersion_32-64-bit_Multilingual_Online.exe"=0x5341435001000000000000000700000028000000EFAD090000000000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000F3650100000000000100000001000000 "Z:\PortableApps\RecuvaProrPortable\RecuvaPortable.exe"=0x5341435001000000000000000700000028000000431D010000000000010000000000000000000106000100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000004000000000000000000000000000000000E1A03400000000000100000001000000 "C:\Users\Jean-Marie\AppData\Local\Programs\Opera\launcher.exe"=0x5341435001000000000000000700000028000000581C1300E0691300010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000080000000000000000000000000000000000000008F180000000000000200000002000000 "SIGN.MEDIA=11D65F0 grande force loaris noa 14 - moo0 clic droit pro & restoro\Restoro.exe"=0x534143500100000000000000070000002800000028400E00F4990E00010000000000000000000206002100002EF6C8A3A56ACD010000000000000000 "SIGN.MEDIA=11D65F0 grande force loaris noa 14 - moo0 clic droit pro & restoro\Moo0_RightClicker_Pro_v1.56_Installer.exe"=0x53414350010000000000000007000000280000000082780000000000010000000000000000000206712200002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000002DB0000000000000100000001000000 "SIGN.MEDIA=132B074 grande force loaris noa 13 - don pour garder lfsu_anti-tfl_100%s fin en carreaux des rairies, protectstar & loaris\dswin6.msi"=0x534143500100000000000000070000002800000000E60100BC93020001000000000000000000010500100000647CA60EA56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000061240200000000000100000001000000 "SIGN.MEDIA=132B074 grande force loaris noa 13 - don pour garder lfsu_anti-tfl_100%s fin en carreaux des rairies, protectstar & loaris\loarissetup.exe"=0x5341435001000000000000000700000028000000B0DF1100E3921200010000000000000000000206712200002EF6C8A3A56ACD010000000000000000 "C:\Program Files (x86)\ProtectStar\DataShredder\DataShredderGUI664.exe"=0x5341435001000000000000000700000028000000A8D52D00221F2E0001000000000000000000020673220000647CA60EA56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000DE610100000000000100000001000000 "SIGN.MEDIA=15A41ED4 grande force loaris noa 15 - ANAAMFUW finalis en anti-fantasme de coussin gonflable en logo systools\mtsbsetup_free.exe"=0x5341435001000000000000000700000028000000082747059B8C4705010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000000000000000000000000000000000000098400300000000000100000001000000 "SIGN.MEDIA=1116D44 Anvisoft.Cloud.System.Booster.Pro.3.6.69\Anvisoft.Cloud.System.Booster.Pro.3.6.69\setup.exe"=0x534143500100000000000000070000002800000050041101A57C1101010000000000000000000206002100002EF6C8A3A56ACD010000000000000000020000002800000000000000000000400000000000000000000000000000000017910000000000000100000001000000 "SIGN.MEDIA=3706DD4D FRST64-2.1.exe"=0x534143500100000000000000070000002800000000242500BE66250001000000000000000000020600210000647CA60EA56ACD01000000000000000002000000280000000000000000000040000000000000000000000000000000005770A001000000000100000001000000 "C:\Users\Jean-Marie\Downloads\wfc6setup.exe"=0x5341435001000000000000000700000028000000D0D423000C09240001000000000000000000020680210000647CA60EA56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000E82F8100000000000100000001000000 "C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe"=0x534143500100000000000000070000002800000010CF0800EDC80900010000000000000000000206712200002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000008A0F0000000000000100000001000000 "C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe"=0x5341435001000000000000000700000028000000D0DC090059540A0001000000000000000000020680210000647CA60EA56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000330E0000000000000100000001000000 "Z:\LFS Hyper 1à2 & UEFM\FreeFileSync_9.1_[Donation_Edition]_Windows_Setup.exe"=0x53414350010000000000000007000000280000002061B200ABB7B200010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000200000028000000000000000000000000000000000000000000000000000000A4F50000000000000100000001000000 "C:\Program Files\FreeFileSync\FreeFileSync.exe"=0x5341435001000000000000000700000028000000A81207006DE70700010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000500000000000000000000040000000000000000000000000000000002155150600000000010000000100000000000000000000000000000000000000000000000000000095C90000000000000100000000000000 "C:\Program Files\TeraCopy\TeraCopy.exe"=0x5341435001000000000000000700000028000000402333008C6D3300010000000000000000000206002100002EF6C8A3A56ACD01000000000000000002000000280000000000000000000000000000000000000000000000000000004ABA1A00000000000100000001000000 "C:\Users\Jean-Marie\Desktop\adsfix_V6_06.03.19.1.exe"=0x534143500100000000000000070000002800000098E35D003FF45D00010000000000000000000206002100002EF6C8A3A56ACD0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000DCA80100000000000100000001000000 "C:\Users\Jean-Marie\Desktop\quickdiag_V5_27.02.19.1.exe"=0x534143500100000000000000070000002800000098F74E00B9194F00010000000000000000000206002100002EF6C8A3A56ACD010000000000000000 "C:\Users\Jean-Marie\Desktop\ZHPCleaner.exe"=0x534143500100000000000000070000002800000080A52F00013F3000010000000000000000000206002100002EF6C8A3A56ACD010000000000000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "DoubleClickSpeed"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "DragFullWindows"=USR:Control Panel\Desktop ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "MouseSpeed"=#USR:Control Panel\Mouse "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "CoolSwitch"=USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DoubleClickWidth"=#USR:Control Panel\Mouse "SnapToDefaultButton"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "ScreenSaveActive"=#USR:Control Panel\Desktop "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "PowerOffTimeOut"=#USR:Control Panel\Desktop "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf] ""=@SYS:Software\Swearware\dump [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon "SCRNSAVE.EXE"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "ScreenSaverActive"=USR:Control Panel\Desktop [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "DoubleClickSpeed"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "MouseSpeed"=#USR:Control Panel\Mouse "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "CoolSwitch"=USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DoubleClickWidth"=#USR:Control Panel\Mouse "SnapToDefaultButton"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "ScreenSaveActive"=#USR:Control Panel\Desktop "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "PowerOffTimeOut"=#USR:Control Panel\Desktop "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf] ""=@SYS:DoesNotExist [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon "SCRNSAVE.EXE"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "ScreenSaverActive"=USR:Control Panel\Desktop [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify"=0 "UpdatesDisableNotify"=0 [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 "UpdatesDisableNotify"=0 "FirewallDisableNotify"=0 "AntiVirusDisableNotify"=0 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=129877610663917518 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "DisableAntiSpyware"=1 "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "ProductType"=2 "ProductStatus"=0 "TrustedImageIdentifier"=P004N3-B2V "InstallTime"=0x6E43D281DB42D401 "DisableAntiVirus"=1 "OneTimeSqmDataSent"=1 [HKLM\Software\WOW6432Node\Microsoft\Security Center] "AutoUpdateDisableNotify"=0 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\adawareantivirusservice] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amdrv.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dps] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\shellhwdetection] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UnsignedThemes] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\!SASCORE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\adawareantivirusservice] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amdrv.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dps] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\shellhwdetection] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UnsignedThemes] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [2a00:1450:4002:80a::200e] avec 32 octets de donn?es?: R?ponse de 2a00:1450:4002:80a::200e?: temps=42 ms R?ponse de 2a00:1450:4002:80a::200e?: temps=42 ms R?ponse de 2a00:1450:4002:80a::200e?: temps=41 ms R?ponse de 2a00:1450:4002:80a::200e?: temps=42 ms Statistiques Ping pour 2a00:1450:4002:80a::200e: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 41ms, Maximum = 42ms, Moyenne = 41ms ---------- | @ [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x010000004A000000D73A1DE1567E81A07AC296EDCF75D868A28D22F211D16400B308B9F4C369670696709E1AB6D2409B18530A3B14D7910743A6F08F4C03CFA7C1DC4A08660B2A8217B43A7C2D5335BEE93B02000000100000007663585725326233636639496F253364 "IconCache"=ut7u0hl "OperationalData"=1 "CompatibilityFlags"=0 "IE10TourNoShow"=1 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7000000AB000000E70300002B030000 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x88A7443C8546D401 "RunOnceHasShown"=1 "RunOnceComplete"=1 "DownloadWindowPlacement"=0x2C00000000000000000000000083FFFF0083FFFFFFFFFFFFFFFFFFFF14010000D800000094030000B8020000 "FormSuggest PW Ask"=no "Check_Associations"=no "Error Dlg Displayed On Every Error"=no "AllowWindowReuse"=0 "ApplicationTileImmersiveActivation"=0 "Use Search Asst"=no "AutoSearch"=1 "Use FormSuggest"=no "NotifyDownloadComplete"=yes "TabShutdownDelay"=0 "NoUpdateCheck"=0 "NoProtectedModeBanner"=1 "Isolation"=PMIL "Start Page"=http://search.babylon.com/?babsrc=HP_ss&mntrId=763fe89200000000000000ff842e59ab&tlver=1.4.19.19&affID=16553 "Use Custom Search URL"=0 [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "IE5_UA_Backup_Flag"=5.0 "EnableNegotiate"=1 "MigrateProxy"=1 "ZonesSecurityUpgrade"=0xE159FE70DC42D401 "EmailName"=User@ "AutoConfigProxy"=wininet.dll "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "WarnOnPost"=0x01000000 "UseSchannelDirectly"=0x01000000 "EnableHttp1_1"=1 "UrlEncoding"=0 "SecureProtocols"=2720 "PrivacyAdvanced"=0 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "GlobalUserOffline"=0 "WarnonBadCertRecving"=1 "WarnOnPostRedirect"=0 "WarnOnHTTPSToHTTPRedirect"=1 "SyncMode5"=3 "ProxyHttp1.1"=1 "WarNonBadCertReceving"=1 "CertificateRevocation"=1 "ProxyEnable"=0 "ProxyOverride"=*.local "MaxConnectionsPerServer"=10 "MaxConnectionsPer1_0Server"=8 "WarnOnIntranet"=0 [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=about:blank "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "DoNotTrack"=1 [HKLM\Software\Microsoft\Internet Explorer\Search] "CustomizeSearch"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm "SearchAssistant"=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "OfflineInformation"=res://ieframe.dll/offcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// "gopher"=gopher:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files "WarnOnPost"=0x01000000 "WarnonBadCertRecving"=1 "WarnOnPostRedirect"=0 "WarnOnZoneCrossing"=1 "WarnOnHTTPSToHTTPRedirect"=1 "AutoConfigProxy"=wininet.dll "EnableHttp1_1"=1 "ProxyHttp1.1"=1 "SecureProtocols"=2688 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=about:blank "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "DoNotTrack"=1 "SearchAssistant"=about:blank [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"=http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=763fe89200000000000000ff842e59ab&tlver=1.4.19.19&affID=16553 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "OfflineInformation"=res://ieframe.dll/offcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Tabs"=http://search.babylon.com/?babsrc=NT_ss&mntrId=763fe89200000000000000ff842e59ab&tlver=1.4.19.19&affID=16553 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "EnablePunycode"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AMV] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apk] "Progid"= [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ASF] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bdmv] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.DIVX] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dv] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.EVO] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.F4V] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.FLV] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdmov] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm] "Progid"=SparkSafeHTML [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html] "Progid"=SparkSafeHTML [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.IFO] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ifx] "ProgId"=icofx3.ifx [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M1V] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2p] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht] "Progid"=SparkSafeHTML [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml] "Progid"=SparkSafeHTML [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MKV] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2V] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MPE] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MPLS] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv4] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MXF] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NSR] "progid"=Potplayer.nsr [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.OGM] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.OGV] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.RAM] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rec] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.RM] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.RMVB] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snapdoc] "ProgID"=SNAP.DOC [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TP] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tps] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TRP] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vob] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.WEBM] "Application"=wmplayer.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv] "Application"=wmplayer.exe ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDriveCloudOverlayIconHandler] - {7CB4D2F7-77AE-4A08-9BDF-21370FF8D6BD} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDrivePinnedOverlayIconHandler] - {C9F7D7A1-D13F-4C72-9AB0-06FDC65AA931} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ GoogleDriveProgressOverlayIconHandler] - {96836CC1-31EA-4F1C-A7F4-D67863D5D4FD} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg] - {472083B0-C522-11CF-8763-00608CC02F24} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\BaiduAntivirusIconLock] - -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [26/07/2012 02:03:02] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Layout"=0x13000000000000000000000020000000100000000000000001000000800600005E010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height"=0 [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "KnownProvidersUpgradeTime"=0x878FA23F8546D401 "Version"=3 "UpgradeTime"=0xE79DB3428546D401 "DefaultScope"={1F096B29-E9DA-4D64-8D63-936BE7762CC5} [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={3CB12E97-BDDF-4488-8C61-217335DD319F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{c9a6357b-25cc-4bcf-96c1-78736985d413}"=ReasonableToolbar [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={3CB12E97-BDDF-4488-8C61-217335DD319F} ---------- | Extensions [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping] : () - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}] : (@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{9819CC0E-9669-4D01-9CD7-2C66DA43AC6C}] : (&Internet Download Accelerator) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}] : (Spybot - Search & Destroy Configuration) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}] : (Translate this web page with Babylon) - [] ---------- | SearchScopes [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - https://www.bing.com/search?q={searchTerms} : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}] - (Search the web (Babylon)) - http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=763fe89200000000000000ff842e59ab&tlver=1.4.19.19&affID=16553 : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3CB12E97-BDDF-4488-8C61-217335DD319F}] - (Google) - https://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3CB12E97-BDDF-4488-8C61-217335DD319F}] - (Google) - https://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=CPDTDFJS : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{3CB12E97-BDDF-4488-8C61-217335DD319F}] - (Google) - https://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} : ---------- | ElevationPolicy [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B851AF-A4B9-43EF-97D3-28E1B4A5DB9B}] - (C:\Program Files (x86)\Internet Download Manager) - idmBroker.exe : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A}] - (C:\Program Files (x86)\Internet Download Manager) - IEMonitor.exe : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}] - () - : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6}] - (C:\Users\Jean-Marie\AppData\Roaming\Spotify) - Spotify.exe : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B49A34AD-FCEB-4409-8B0E-CC2218474E55}] - (C:\Program Files (x86)\Reasonable NoClone 2014) - NoClone.exe : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] - (C:\Users\Jean-Marie\AppData\Local\Google\Update\1.3.33.23) - GoogleUpdateOnDemand.exe : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] - (C:\Users\Jean-Marie\AppData\Local\Google\Update\1.3.33.23) - GoogleUpdateWebPlugin.exe : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD41E1A5-99E5-41BA-8703-6BE974416118}] - (C:\Program Files (x86)\Nero\Nero 2014\Nero Burning ROM\) - nero.exe : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4}] - (C:\Program Files (x86)\Internet Download Manager) - IDMan.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0002df01-0000-0000-c000-000000000046}] - (C:\Program Files\Internet Explorer) - iexplore.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{003B91A6-61E3-4591-891D-01E94C8CB11E}] - (C:\Program Files\Microsoft Silverlight\5.1.50918.0\) - Silverlight.Configuration.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041a5213-ea64-4c45-99af-70d7d8e902ec}] - (C:\Program Files\Internet Explorer) - ielowutil.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695}] - (C:\Windows\System32) - winfxdocobj.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130c40f0-1bcb-4852-8b63-291cf90a600b}] - (C:\Windows\System32) - msdt.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ec76a37-1762-46ff-9b14-765b3e6793be}] - (C:\Program Files\Microsoft Silverlight\5.1.50918.0\) - agcp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{254363DC-CC0E-47D3-B9F2-C4531366D4D1}] - (C:\Program Files\FreeDownloadManager.ORG\Free Download Manager) - wincomserver.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29c98170-8bb5-4f76-bb88-1dc420a04f53}] - (C:\Windows\system32\spool\DRIVERS\x64\3) - E_IARNLPE.EXE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3214A3DF-F8D9-4A27-BF4D-FBBDE52E2E68}] - (C:\Program Files\FreeDownloadManager.ORG\Free Download Manager) - fdm.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}] - (C:\Program Files\Java\jre1.8.0_201\bin) - jp2launcher.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}] - (C:\Program Files\Java\jre1.8.0_201\bin) - javaws.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5b71395d-ff8a-4ebc-bca3-abbb32790bec}] - (%SystemRoot%\system32\IME\IMESC\) - IMSCPROP.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{615e8347-1708-47e8-9eb2-7da0e68cadce}] - (C:\Windows\system32\spool\DRIVERS\x64\3) - E_IPRELPE.EXE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\System32\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\system32\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\System32\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5054EC7-B9CB-4ad5-9F95-D8171A6D6BFA}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}] - (C:\Program Files\Java\jre1.8.0_201\bin) - ssvagent.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\system32\IME\SHARED\) - imedictupdateui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFCB3198-32F3-4E8B-9539-4324694ED664}] - (C:\Program Files\Adblock Plus for IE\) - AdblockPlusEngine.exe : C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\${ELV_GUID}] - (C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19) - BabylonToolbarsrv.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0002df01-0000-0000-c000-000000000046}] - (C:\Program Files (x86)\Internet Explorer) - iexplore.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{003B91A6-61E3-4591-891D-01E94C8CB11E}] - (C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\) - Silverlight.Configuration.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041a5213-ea64-4c45-99af-70d7d8e902ec}] - (C:\Program Files (x86)\Internet Explorer) - ielowutil.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695}] - (C:\Windows\SysWOW64) - winfxdocobj.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{130c40f0-1bcb-4852-8b63-291cf90a600b}] - (C:\Windows\SysWOW64) - msdt.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ec76a37-1762-46ff-9b14-765b3e6793be}] - (C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\) - agcp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{254363DC-CC0E-47D3-B9F2-C4531366D4D1}] - (C:\Program Files\FreeDownloadManager.ORG\Free Download Manager) - wincomserver.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3214A3DF-F8D9-4A27-BF4D-FBBDE52E2E68}] - (C:\Program Files\FreeDownloadManager.ORG\Free Download Manager) - fdm.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{380689D0-AFAA-47E6-B80E-A33436FE314B}] - (C:\Program Files (x86)\Windows Live\Contacts\) - wlcomm.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39A895E9-93DD-4ffa-A4A3-2C14608B5B61}] - (C:\Windows\SysWOW64\Adobe\Shockwave 12) - SwHelper_1234204.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43ABBB95-C0E9-497B-8BB9-B5FA08861705}] - (C:\Program Files (x86)\Windows Live\Mail\) - wlmail.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5b71395d-ff8a-4ebc-bca3-abbb32790bec}] - (%SystemRoot%\system32\IME\IMESC\) - IMSCPROP.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66F83E19-C07B-457D-BE9B-4070762D7197}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68934FDE-CDB1-42CC-A38B-A44B43B0785C}] - (C:\Windows\SysWOW64\Adobe\Director) - SWDNLD.EXE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\sysnative\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9019d14b-638d-4383-bb95-441b7f57eafb}] - (C:\Program Files (x86)\Windows Live\Installer\) - wlstartup.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\SysWOW64\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5054EC7-B9CB-4ad5-9F95-D8171A6D6BFA}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B49A34AD-FCEB-4409-8B0E-CC2218474E55}] - (C:\Program Files (x86)\Reasonable NoClone 2014) - NoClone.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] - (C:\Program Files (x86)\Google\Update\1.3.33.23) - GoogleUpdateBroker.exe : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] - (C:\Program Files (x86)\Google\Update\1.3.33.23) - GoogleUpdateWebPlugin.exe : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D133B285-8A43-4EC7-93BE-9B909C2370F5}] - (C:\Program Files (x86)\Windows Live\Messenger\) - msnmsgr.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d8a5d001-3352-40db-9d1c-ed46683193b5}] - (C:\Program Files (x86)\Windows Live\Writer\) - WindowsLiveWriter.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB9524B3-24F4-48fa-91C5-B8EEF1C0A14F}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD41E1A5-99E5-41BA-8703-6BE974416118}] - (C:\Program Files (x86)\Nero\Nero 2014\Nero Burning ROM\) - nero.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4}] - (C:\Program Files (x86)\Internet Download Manager) - IDMan.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\sysnative\IME\SHARED\) - imedictupdateui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFCB3198-32F3-4E8B-9539-4324694ED664}] - (C:\Program Files\Adblock Plus for IE\) - AdblockPlusEngine.exe : C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll ---------- | Ext\Settings [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{12BE9EF0-90BE-4FA8-8341-78157FB9132C}] : : C:\Program Files (x86)\TechSmith\Morae\BrowserExtensions\InternetExplorer\InternetExplorerBHO.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A646672-9C3A-4C28-9A7A-1FB0F63F28B6}] : : C:\PROGRA~2\IDA\idaiehlp.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2DD257A3-5028-41AE-A1E7-A12F76A08893}] : : C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] : : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AB66A297-490D-424D-9D74-EA7585654EB5}] : : mscoree.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D27CDB6E-AE6D-11CF-96B8-444553540000}] : : C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D8961A1E-25DB-33C9-A7C9-3D3E3266B5B8}] : : mscoree.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9}] : : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{FFCB3198-32F3-4E8B-9539-4324694ED664}] : : C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll ---------- | Ext\Stats [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{12A66224-5E8A-4679-8941-0B9B960BF5EA}] : : %SystemRoot%\system32\wuwebv.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{12BE9EF0-90BE-4FA8-8341-78157FB9132C}] : : C:\Program Files (x86)\TechSmith\Morae\BrowserExtensions\InternetExplorer\InternetExplorerBHO.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1aad99ea-ee10-5c3a-8174-84c63a67adde}] : : C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{233C1507-6A77-46A4-9443-F871F945D258}] : : C:\Windows\SysWow64\Adobe\Director\SwDir_1234204.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25336920-03F9-11CF-8FD0-00AA00686F13}] : : C:\Windows\SysWOW64\mshtml.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2933BF90-7B36-11D2-B20E-00C04F983E60}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A646672-9C3A-4C28-9A7A-1FB0F63F28B6}] : : C:\PROGRA~2\IDA\idaiehlp.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2DD257A3-5028-41AE-A1E7-A12F76A08893}] : : C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6BF52A52-394A-11D3-B153-00C04F79FAA6}] : : %SystemRoot%\system32\wmp.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] : : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82A76710-4F98-4957-92BE-99648A4E2475}] : : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}] : : C:\Windows\SysWOW64\ieframe.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{88D96A05-F192-11D4-A65F-0040963251E5}] : : %SystemRoot%\System32\msxml6.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9BE31822-FDAD-461B-AD51-BE1D1C159921}] : : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9BE66CC0-1DD1-11B2-8617-E3A3ED26E3B0}] : : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB66A297-490D-424D-9D74-EA7585654EB5}] : : mscoree.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] : : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] : : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C953ED86-86C1-46B4-8E3E-1D778E1AD3D1}] : : C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA8A9780-280D-11CF-A24D-444553540000}] : : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}] : : C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D8961A1E-25DB-33C9-A7C9-3D3E3266B5B8}] : : mscoree.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9}] : : [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DFEAF541-F3E1-4C24-ACAC-99C30715084A}] : : C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F11-9C73-11D3-B32E-00C04F990BB4}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F16-9C73-11D3-B32E-00C04F990BB4}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFCB3198-32F3-4E8B-9539-4324694ED664}] : : C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] : : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] : : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DD257A3-5028-41AE-A1E7-A12F76A08893}] -> (IeUrlFilter Class) : C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [15/02/2019 05:48:54] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}] -> (Adblock Plus for IE Browser Helper Object) : C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [03/01/2017 16:16:24] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{12BE9EF0-90BE-4FA8-8341-78157FB9132C}] -> (TSC Internet Explorer BHO) : C:\Program Files (x86)\TechSmith\Morae\BrowserExtensions\InternetExplorer\InternetExplorerBHO.dll [29/09/2015 22:31:00] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A646672-9C3A-4C28-9A7A-1FB0F63F28B6}] -> (IE 4.x-6.x BHO for Internet Download Accelerator) : C:\PROGRA~2\IDA\idaiehlp.dll [28/02/2019 14:35:42] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DD257A3-5028-41AE-A1E7-A12F76A08893}] -> (IeUrlFilter Class) : C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [15/02/2019 05:48:54] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}] -> (CescrtHlpr Object) : C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll [07/11/2010 14:45:26] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] -> (Babylon IE plugin) : C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [26/03/2019 18:21:22] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab66a297-490d-424d-9d74-ea7585654eb5}] -> (Ad-Blocker Pro) : mscoree.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d8961a1e-25db-33c9-a7c9-3d3e3266b5b8}] -> (ReasonableToolbar.ToolbarBHO) : mscoree.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}] -> (Adblock Plus for IE Browser Helper Object) : C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [03/01/2017 16:16:24] ---------- | Chrome C:\Users\Jean-Marie\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Jean-Marie\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Jean-Marie\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Jean-Marie\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Jean-Marie\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Jean-Marie\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Jean-Marie\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Jean-Marie\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\Jean-Marie\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx [HKLM\Software\Google\Chrome\Extensions\dlpfamleaodfgmfnggonbfljhjggbdbe] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\cfmjkokphadmhbenfjjecfbhbbonbjcb] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\dlpfamleaodfgmfnggonbfljhjggbdbe] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\fhjnbgadgmmffddcilnbmcieekimilcn] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\lhmiofmipcpmhgihiecmpiekcacigpgb] ---------- | Opera C:\Users\Jean-Marie\AppData\Roaming\Opera Software\Opera Stable\extensions\faehphipoljdginnjklhakadmiaehgod = : __MSG_extensionDescription__ - __MSG_extensionName__ - https://extension-updates.opera.com/api/omaha/update/ ---------- | Firefox C:\Users\Jean-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\5786dgji.default\Extensions\ffxtlbr@babylon.com : : Babylon - : http://babylon.com [HKLM\Software\mozilla\Firefox\Extensions] "{a06de0b3-b00f-472c-a34e-3a74b64d1747}"=C:\Program Files (x86)\vondos\schnelledeals\schnelledeals-1.0.1-fx.xpi [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "{4963C948-9C4E-40B8-9291-CE0234B47210}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ "{a06de0b3-b00f-472c-a34e-3a74b64d1747}"=C:\Program Files (x86)\vondos\schnelledeals\schnelledeals-1.0.1-fx.xpi "MoraeFirefoxExtension@techsmith.com"=C:\Program Files (x86)\TechSmith\Morae\BrowserExtensions\Firefox\morae_firefox_extension-1.0-fx-windows.xpi "k7srff_enUS@k7computing.com"=C:\Program Files (x86)\K7 Computing\K7TSecurity\K7SR\K7WebProtection.xpi [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\MozillaPlugins\anvisoft.com/AdblockPlugin] - () : C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 32.0.0.142 Plugin) : C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.201.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.201.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.4] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.5] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 32.0.0.142 Plugin) : C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@k7computing.com/k7webprotection] - () : C:\Program Files (x86)\\K7 Computing\K7TSecurity\npK7SRNPExt.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Nero.com/KM] - () : C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll C:\Users\Jean-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\5786dgji.default\Prefs.js user_pref("app.normandy.startupRolloutPrefs.extensions.fxmonitor.enabled", true); user_pref("browser.startup.homepage_override.buildID", "20190225143501"); user_pref("browser.startup.homepage_override.mstone", "65.0.2"); user_pref("extensions.autoDisableScopes", 0); user_pref("extensions.blocklist.enabled", false); user_pref("extensions.blocklist.lastModified", "Fri, 11 Jan 2019 11:41:17 GMT"); user_pref("extensions.blocklist.pingCountTotal", 2); user_pref("extensions.blocklist.pingCountVersion", -1); user_pref("extensions.blocklist.url", "https://blocklists.settings.services.moziIIa.com/v1/blocklist/3/%APP_ID%/%APP_VERSION%/%PRODUCT%/%BUILD_ID%/%BUILD_TARGET%/%LOCALE%/%CHANNEL%/%OS_VERSION%/%DISTRIBUTION%/%DISTRIBUTION_VERSION%/%PING_COUNT%/%TOTAL_PING_COUNT%/%DAYS_SINCE_LAST_PING%/"); user_pref("extensions.databaseSchema", 28); user_pref("extensions.getAddons.cache.lastUpdate", 1553621435); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.lastAppBuildId", "20190108160530"); user_pref("extensions.lastAppVersion", "65.0.2"); user_pref("extensions.lastPlatformVersion", "65.0.2"); user_pref("extensions.pendingOperations", false); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"directory\":\"{19042fef-0d96-44f3-9f62-ca30060b834b}\",\"addons\":{\"fxmonitor@mozilla.org\":{\"version\":\"2.8\"},\"webcompat@mozilla.org\":{\"version\":\"3.0.1\"}}}"); user_pref("extensions.webcompat.perform_injections", true); user_pref("extensions.webcompat.perform_ua_overrides", true); user_pref("extensions.webextensions.uuids", "{\"formautofill@mozilla.org\":\"7ca92185-fd6c-4ac4-a583-96a750b6a18b\",\"screenshots@mozilla.org\":\"9bdc0665-24a3-4391-9e3b-0a90fbdba4ae\",\"webcompat-reporter@mozilla.org\":\"c6662169-96de-4dd4-821e-157f2da40e48\",\"webcompat@mozilla.org\":\"565e70ec-c71d-4cbb-b23a-d6fccb4b06b7\",\"fxmonitor@mozilla.org\":\"b897aeb6-9c37-43d6-bfe9-d6d77ef83c6b\",\"{a06de0b3-b00f-472c-a34e-3a74b64d1747}\":\"0e9477d8-bd91-4261-b570-1c63ff1c3e53\",\"ida@westbyte.com\":\"7932dba7-9962-4741-b921-a2c80ca9568c\"}"); user_pref("network.http.max-persistent-connections-per-proxy", 16); user_pref("network.http.proxy.pipelining", true); [Profile0] - Name=default -> Profiles/5786dgji.default ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{07EE2488-7C14-486C-8AAF-AAC7D920CAE5}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{B389AB24-C362-4FAB-B29C-601C91B5A911}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{07EE2488-7C14-486C-8AAF-AAC7D920CAE5}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{B389AB24-C362-4FAB-B29C-601C91B5A911}] "DhcpNameServer"=192.168.1.1 ---------- | ActiveX [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - -> [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - () - -> [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - -> [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - () - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - @%SystemRoot%\system32\themeui.dll,-2682 -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - @%SystemRoot%\system32\shell32.dll,-32969 -> regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - (Google Chrome) - -> "C:\Program Files (x86)\Google\Chrome\Application\72.0.3626.109\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{BD6F5371-DAC1-30F0-9DDE-CAC6791E28C3}] - (.NET Framework) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{FEBEF00C-046D-438D-8A88-BF94A6C9E703}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{30500C7C-2206-3DC6-9792-96E95A04669D}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{48F69C39-1356-4A7B-A899-70E3539D4982}] - (AVG Secure Browser) - -> "C:\Program Files (x86)\AVG\Browser\Application\72.0.719.123\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\Bandizip.exe] : "C:\Program Files\Bandizip\Bandizip.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\Launcher.exe] : "C:\Users\Jean-Marie\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" [HKLM\SOFTWARE\Classes\Applications\MovieCreator.exe] : C:\Program Files (x86)\Avanquest\Video Explosion Ultimate\MovieCreator.exe "%1" [HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\PotPlayerMini64.exe] : "C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\WinRAR.exe] : "C:\Program Files\WinRAR\WinRAR.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Bandizip.exe] : "C:\Program Files\Bandizip\Bandizip.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\firefox.exe] : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Launcher.exe] : "C:\Users\Jean-Marie\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieCreator.exe] : C:\Program Files (x86)\Avanquest\Video Explosion Ultimate\MovieCreator.exe "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PotPlayerMini64.exe] : "C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WinRAR.exe] : "C:\Program Files\WinRAR\WinRAR.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | DCOMApplications Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af} Name: hpqwmiex - AppID: {0018752E-7735-4B30-9DA9-4A01F024F270} Name: WPD Association LUA Virtual Factory - AppID: {00393519-3A67-4507-A2B8-85146167ACA7} Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68} Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba} Name: TabTip - AppID: {01419581-4d63-4d43-ac26-6e2fc976c1f3} Name: Virtual Factory for Biometrics - AppID: {0142e4d1-fb7a-11dc-ba4a-000ffe7ab428} Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030} Name: CLWFLService7 - AppID: {03C200E3-11BC-49ea-8BAB-3B09120AC3AE} Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd} Name: WinStore OM - AppID: {03e64e17-b220-4052-9b9b-155f9cb8e016} Name: CELERITASWMSecureShell - AppID: {0545D0D4-6CF7-4088-B65A-65F1EA53A70F} Name: GSService - AppID: {0547389D-9569-41f6-B844-4829FC8001BB} Name: RecorderCaptureHelper - AppID: {062C25DA-D101-46D6-B715-82F9774CBFF4} Name: DVCRenderingAdapter - AppID: {063478AF-BDB8-41A6-8A85-E1D78CF80998} Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B} Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32} Name: PhotoAcqDropTargetEventHandler - AppID: {06A2568A-CED6-4187-BB20-400B8C02BE5A} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23} Name: MoraeManagerMouseTailPlugin - AppID: {07A26121-6F4C-469A-9F95-426618163B25} Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299} Name: RtkApoApi - AppID: {08B039CA-84AA-40EA-8E9C-1D9537DC415B} Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A} Name: Proximity Sharing - AppID: {08FC06E4-C6B5-40BE-97B0-B80F943C615B} Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3} Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3} Name: QuickTimeShellExt - AppID: {0A18A436-2A7A-49F3-A488-30538A2F6323} Name: SFSAPO - AppID: {0A21D954-674A-4C09-806E-DB4FBE8F199C} Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94} Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C} Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de} Name: IDM Elevated FS Assistant - AppID: {0F947660-8606-420A-BAC6-51B84DD22A47} Name: MenuExtVC - AppID: {109D537E-6D2E-4D11-92D4-05CE51FD12AF} Name: NeroShellExt - AppID: {10EBE05D-77B3-4C15-9080-6002AFD08B48} Name: IIS W3 Control - AppID: {119817C9-666D-4053-AEDA-627D0E25CCEF} Name: Vista Elevated Windows Update Web Control - AppID: {11c058e0-9f3e-4c90-a459-2553f2f9e011} Name: MACustomSource - AppID: {11F92289-DFDF-4DA5-83FA-DE8F66E79060} Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E} Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666} Name: IntelWiDiExtensions - AppID: {12DECAD3-A1A4-435E-BD44-9F4E171FF94E} Name: Shell Create Object Task Server - AppID: {133eac4f-5891-4d04-bada-d84870380a80} Name: Shell Create Object Handler - AppID: {135fd325-45b7-4c30-89f8-4386961669f0} Name: FmAdmObj - AppID: {14047848-1203-4AC5-9ACE-AD2FD8861004} Name: TPM Virtual Smart Card VCard Module Manager - AppID: {150F28F1-49A5-4C28-BE1A-CFA854A1D04B} Name: Remote TPM Virtual Smart Card Manager - AppID: {152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC} Name: ShellExt - AppID: {15C5BD04-9020-44A9-9E5E-EE28DDF36A3B} Name: TPM Virtual Smart Card Manager - AppID: {16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A} Name: AppleSoftwareUpdateAdmin - AppID: {16D99191-6280-4B33-A2F5-04805A0FC582} Name: AutorunsScannerPlugin - AppID: {185582CD-AAEE-499E-848D-242C032B440A} Name: WsDrvInst - AppID: {1909e113-997e-4759-baa3-bcb780797176} Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Name: GIDS Smart Card Simulator Manager - AppID: {1AC32B1A-E379-4CAD-B655-F978A30856EC} Name: NAUpdate - AppID: {1AC9CDC0-9D87-4371-9DE7-65C3F39AE5E6} Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6} Name: K7PSSrvc - AppID: {1D2CF0C2-C665-11D7-B0FE-00C026A19B93} Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c} Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0} Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2} Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7} Name: Microsoft Software Protection Platform Admin Object (Inner) - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A717} Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526} Name: Provisioning Core - AppID: {217700E0-0000-11DF-ADB9-F4CE462D9137} Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829} Name: K7EmlPxy - AppID: {25F008A2-62FF-11D8-B0FE-00C026A19B93} Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF} Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E} Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E} Name: AERTACap - AppID: {288E7ECC-EB53-45df-8EBD-72EAF9AFCB00} Name: ImageHost - AppID: {2903EDD7-545F-4156-977A-5E730E57F253} Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78} Name: Windows Live Photo Gallery Autoplay Drop Target - AppID: {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A} Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5} Name: WinZip Smart Monitor Service - AppID: {2CA75AD3-A844-4DF9-999D-CB82069C55C3} Name: VSUtil - AppID: {2DB4F9B7-144E-4319-B14A-432AC74C0CEF} Name: RegistrySettingsScannerPlugin - AppID: {2E26FE83-4468-428F-8D99-62434EEA9105} Name: DevicesFlow - AppID: {2F93C02D-77F9-46B4-95FB-8CBB81EEB62C} Name: Immersive Shell Broker - AppID: {2FD08A73-D1F1-43EB-B888-24C2496F95FD} Name: ServiceModule - AppID: {30612A81-C10F-498E-9163-C2B2A3F81A14} Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7} Name: AuthHost - AppID: {31337EC7-5767-11CF-BEAB-00AA006C3606} Name: Immersive Shell - AppID: {316CDED5-E4AE-4B15-9113-7055D84DCC97} Name: SerifAVComAdapter - AppID: {34474C58-8931-4908-A3F1-9EB017234BB5} Name: PCTShellExMenu - AppID: {35194CD4-99A2-4A38-A343-C9D64A482B07} Name: Windows Push Notification Platform - AppID: {362cc086-4d81-4824-bbb5-666d34b3197d} Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB} Name: Microsoft Portable Workspace Launcher - AppID: {37B73D7B-A976-43AE-97E4-BD4977B241F2} Name: CContactDb - AppID: {380689D0-AFAA-47E6-B80E-A33436FE314B} Name: C:\Program Files (x86)\Winamp\Elevator.exe - AppID: {3B29AB5C-52CB-4a36-9314-E3FEE0BA7468} Name: LivePhotoAcqHWEventHandler - AppID: {3BD0ACD1-71CA-4475-92CC-E0AA0AAF843F} Name: idmBroker - AppID: {3C085E26-7DF6-4A34-ADA6-877D06BAE9A8} Name: WorkspacePolicyProcessor - AppID: {3C3F40BC-60EB-4567-B90C-480C87C21AC1} Name: EEL64A - AppID: {3D5781D9-B2FF-4396-8478-395412020995} Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F} Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e} Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7} Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683} Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25} Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c} Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91} Name: Connected User Store - AppID: {40AFA0B6-3B2F-4654-8C3F-161DE85CF80E} Name: AERTARen - AppID: {41C98373-FE7F-4a42-B694-34CC4F979E61} Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775} Name: RegistryDefrag - AppID: {435AC3EC-C213-4700-9FE2-C417AC8E813B} Name: SPP External COM Object - AppID: {44831FEC-DC51-4716-A7E1-E898FDF83C85} Name: Thumbnail Extraction Host Class - AppID: {4545dea0-2dfc-4906-a728-6d986ba399a9} Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29} Name: Application Activation Manager - AppID: {45BA127D-10A8-46EA-8AB7-56EA9078943C} Name: Health Key and Certificate Management - AppID: {46298684-0fd3-47f3-94b3-65650c65b36a} Name: GoogleEarth - AppID: {46A99B9C-4AC8-4EE9-AF7D-D02816CEC314} Name: Set Network Location Elevated Virtual Factory - AppID: {46B988E8-BEC2-401F-A1C5-16C694F26D3E} Name: ShellMenu - AppID: {4762840D-A0E0-4CA0-9BBE-2CDE5C2B84C0} Name: RadioManagement Lib Class - AppID: {478B41E6-3257-4519-BDA8-E971F9843849} Name: EEG64A - AppID: {47EC1E17-F30B-430b-B9C4-DF60ED501A4B} Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077} Name: COM_SRS_HP360 - AppID: {49611624-F1A3-4AA7-8A06-0209D7D6BA92} Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d} Name: Virtual Factory for Languages Configuration - AppID: {4A3F2F56-454A-4CC5-9734-BB7D8141AC0A} Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17} Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C} Name: MAFilters - AppID: {4BC72581-DE6E-4554-99E1-71D12ACABED7} Name: CategoryFactory - AppID: {4CD538D9-D9D3-4EA1-BB24-BEA3661AFF07} Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC} Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94} Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345} Name: ServiceModule - AppID: {4EB61BAC-A3B6-4760-9581-655041EF4D69} Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B} Name: MalwareScannerPlugin - AppID: {4F18DDDC-31BF-4567-9BE6-4A36E0BB3897} Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630} Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25} Name: DiskDuplicates - AppID: {4FF73765-6547-49E9-9B24-67AEE8F943EE} Name: SecureShell - AppID: {50091E98-FF49-46d4-8B23-AACA30D11691} Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601} Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1} Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5} Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B} Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B} Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C} Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660} Name: server - AppID: {53A998CB-A5C7-467E-BC47-30BCABB50766} Name: ShareFlow - AppID: {549e57e9-b362-49d1-b679-b64d510efe4b} Name: SRS_APO_Universal - AppID: {553C48B2-BA6B-412B-9F8D-2B62B1B912AA} Name: WindowsLiveWriter.exe - AppID: {5564D5FC-DB2D-4658-8DB9-86B822815961} Name: DiskScannerPlugin - AppID: {562F845B-A532-470D-9888-3A0C62525973} Name: Bonjour - AppID: {56608F9C-223B-4CB6-813D-85EDCCADFB4B} Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF} Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B} Name: PrintNotify - AppID: {588E10FA-0618-48A1-BE2F-0AD93E899FCC} Name: Watson subscriber for SENS Network Events - AppID: {58FC39EB-9DBD-4EA7-B7B4-9404CC6ACFAB} Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2} Name: PfShellExtension - AppID: {59A55EF0-525F-4276-AB62-8F7E5F230399} Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61} Name: Keepvid.AppFrame.Client - AppID: {5a07dad5-34f6-47a9-9033-add615d70b91} Name: Video Capture Wizard - AppID: {5AB7566D-F75B-4A53-9615-115B6CB1D59B} Name: EED64A - AppID: {5C73574D-FC7B-4747-8352-143F011923A0} Name: %SystemRoot%\System32\wsclient.dll - AppID: {5C917E9C-0B2F-40D6-928B-5C43FDB16DF4} Name: WLXMP4ParserThumbnailProvider - AppID: {5D6E8BC8-01F3-41CC-BF7D-D7EEF436896E} Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1} Name: Splash screen - AppID: {5EAD00DC-0E8B-497C-BDE8-B9153058CBEF} Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1} Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D} Name: MoraeEventHandler - AppID: {62850E34-A1A1-48EA-8F5E-B301E07C9F32} Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327} Name: IIS CertObj - AppID: {62B8CCBE-5A45-4372-8C4A-6A87DD3EDD60} Name: PenIMC2 - AppID: {63CE6D27-426A-41F9-8E51-549C1132DAE2} Name: BabylonHelper - AppID: {6536801B-F50C-449B-9476-093DFD3789E3} Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E} Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E} Name: ForceDelete - AppID: {65CC603B-3DBF-4CE2-8FDC-D6B0B52BEF52} Name: AvAScr - AppID: {66A841F2-956C-4631-BFE7-C90225F417D6} Name: LMIGuardianSvc - AppID: {67E4A0D8-8675-4FBB-BC62-F10EC894327E} Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30} Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8} Name: SoftwareUpdateApp - AppID: {6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8} Name: CPluginService - AppID: {6AD2BEF6-C03C-4C6F-B6AB-EDCB617FB8CB} Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F} Name: Sensors CPL Change Device Permission LUA Helper - AppID: {6CE51F75-0448-438e-B9CA-69C352A248A7} Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b} Name: SlimWare.Session - AppID: {6D3BC646-CFCD-4098-8495-B7BD0DF13133} Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56} Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56} Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B} Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce} Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca} Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5} Name: WindowsLiveWriterFilter - AppID: {7054B371-09E3-4BC8-8A61-02D7799EA98A} Name: Windows SideShow AutoWake Configuration Helper - AppID: {71B804C5-5577-471D-8FE5-C4A45B654EB8} Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC} Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD} Name: K7RTScan - AppID: {737F2D62-A93E-11D7-B0FE-00C026A19B93} Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED} Name: PenIMC4 - AppID: {7568952A-571E-4C70-BEA9-7F9004393436} Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950} Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070} Name: CLMLSvc_P2G11 - AppID: {79454E97-52CD-4517-B6A1-43A1D3C5FDAC} Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100} Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d} Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7} Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829} Name: Shell Create Object Local Server - AppID: {7B6EA1D5-03C2-4AE4-B21C-8D0515CC91B7} Name: AppFramework.Services.ProductionManagerOutProc - AppID: {7c1b0cb3-32c3-4af9-85de-109385acb27d} Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32} Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6} Name: Dispatch - AppID: {7D7B609B-D089-4687-9606-264A9AA2FBB2} Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB} Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715} Name: Keyhole - AppID: {7E7898C9-8E34-4314-9670-771BC5343D0E} Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {7FC12E96-4CB7-4ABD-ADAA-EF7845B10629} Name: AdAwareShellExtension - AppID: {815E3070-A914-4A36-BC40-2F35AAD1C91E} Name: hputils - AppID: {8195693E-0C55-4BE2-A2DB-32376ABC24C4} Name: CnxtDSPdll - AppID: {81D6AA8D-5401-4EE7-A7A2-95133649C977} Name: ServiceModule - AppID: {82C85EAA-7C94-4702-AA75-DF39403AE358} Name: CFmIfsEngine host - AppID: {82D94FB3-7FE6-4797-BB72-9A886C66073B} Name: Wondershare.AppFrame.Client - AppID: {83045d03-658e-471c-ac48-edf4cb87f1a7} Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F} Name: APSDaemon - AppID: {85187E17-383D-4EC5-B8D6-D9466EE3DD92} Name: DataShredderShellExt - AppID: {86893589-0CF8-4E19-9D2B-0CB6D5D13071} Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850} Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE} Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} Name: EventsScannerPlugin - AppID: {89A5984F-7B05-4725-9FF8-038CD897F77D} Name: AQFileRestore - AppID: {8AA07539-D174-4a6d-BF11-BCCC3C0F6B05} Name: Desktop Wallpaper Factory - AppID: {8B30085D-A3E3-44e3-AE7F-B03A1340EBED} Name: K7SpmSrc - AppID: {8B3D0F62-A377-11D8-B0FE-00C026A19B93} Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854} Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB} Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee} Name: TiWorker - AppID: {8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D} Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C} Name: MAAudioEffects - AppID: {8ED23FB9-F922-4036-8CA3-7A9A8DC3B712} Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444} Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db} Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients - AppID: {924DC564-16A6-42EB-929A-9A61FA7DA06F} Name: RtkPgExt - AppID: {92842063-1ECC-4a1a-9343-9A8E1C972E60} Name: HtmlLocalFileResolver - AppID: {93AAD2A0-036A-4B11-A078-DA8776B38139} Name: ServiceModule - AppID: {9465B4B4-5216-4042-9A2C-754D3BCDC410} Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60} Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7} Name: ScreencastIntegrationObject - AppID: {9966714D-9622-41EF-B831-18D37CDB2573} Name: WLXAutoPlayMgr - AppID: {9B5CDBB0-6D57-4816-BD04-CA9E68DF5610} Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Name: K7FWSrvc - AppID: {9C120CE2-C516-11D7-B0FE-00C026A19B93} Name: RuntimeBroker - AppID: {9CA88EE3-ACB7-47c8-AFC4-AB702511C276} Name: AX - AppID: {9CD2C2AE-A4C8-4DFA-863E-609979849E3A} Name: MalwareHunterContextHandler - AppID: {9D8C0710-8D32-4A42-84E5-210927BC6CB0} Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8} Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030} Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D} Name: ahadmin - AppID: {9fa5c497-f46d-447f-8011-05d03d7d7ddc} Name: K7TSMngr - AppID: {A0BBD622-B251-11D9-B616-0008A17E7A0F} Name: contextmenu - AppID: {A0E45FE6-E6DD-444D-8ACC-577D8F0C14F8} Name: RtkCfg - AppID: {A11009A7-DC01-48F8-B6AA-C4613FC5CB15} Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Name: TrayNotify - AppID: {a2b77517-6d12-4c60-b0c6-725e971ec8fe} Name: Windows Parental Controls - AppID: {A2D8CFE7-7BA4-4bad-B86B-851376B59134} Name: rundll32.exe - AppID: {a2d9ca22-a492-400c-b875-78ac25c0a6f3} Name: Virtual Factory for Windows Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357} Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6} Name: DsmAdminApi - AppID: {A5065670-136D-4FD6-A45F-00C85B90359C} Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24} Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121} Name: Recorder - AppID: {A68748E6-2F9C-428A-8DFD-AB3DCD7BDCB3} Name: Virtual Factory for MaintenanceUI - AppID: {A6BFEA43-501F-456F-A845-983D3AD7B8F0} Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F} Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50} Name: KvAppFramework.Services.ProductionManagerOutProc - AppID: {a7aafee1-4b44-44f2-ab3a-ad8e9ed5cecf} Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D} Name: SwapAPODll - AppID: {A85F41D6-156B-470D-B505-110388968D5A} Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22} Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94} Name: IDMan - AppID: {AC746233-E9D3-49CD-862F-068F7B7CCCA4} Name: esrv - AppID: {AD25754E-D76C-42B3-A335-2F81478B722F} Name: Windows Live Social Object Extractor Engine - AppID: {AD3EDBCA-0901-415B-82E9-C16D3B65E38C} Name: WPN Srumon Server - AppID: {ada41b3c-c6fd-4a08-8cc1-d6efde67be7d} Name: SwHelper_1234204 - AppID: {AF551664-D2DF-4E34-85DE-46320B13A0B4} Name: WorkspaceBroker Class - AppID: {B06FF84E-0A77-4DD2-A919-0EABD8979DC1} Name: MADynamicEffects - AppID: {B0A32428-4974-44F5-87C8-D90893F4B0BF} Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA} Name: BabylonIEPI - AppID: {B16632F1-24E0-4D99-A68D-70BFB6447C48} Name: NAP Agent Service - AppID: {B292921D-AF50-400c-9B75-0C57A7F29BA1} Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492} Name: WinStore OM - AppID: {B3823009-106A-4898-8C5A-F28A7CA83ED6} Name: UACObject - AppID: {B49FBDA8-D846-43c4-ACAA-06D7794374C8} Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C} Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599} Name: Com_SRS_TruSurroundHD - AppID: {B6D5C1B8-6F68-4A82-8E20-2D0F3A52BD6A} Name: WwanAdvui - AppID: {b70cc729-28ae-11dd-9676-000000000000} Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2} Name: WLX Thumbnail Cache Out of Proc Server - AppID: {B8A2E14E-290D-4122-B092-1A7D86198CCE} Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D} Name: InstalledApplication - AppID: {B91AAE6E-3ACC-4980-95E7-BEFCE65ECBB9} Name: ShellExtBridge119 - AppID: {ba3bdfe6-1ca3-43e9-907f-7b00567be2c9} Name: CloudSer - AppID: {BABD83F8-E723-4D8F-B5D1-B03E1F1108F5} Name: DriverUpdate.UpdateLauncher - AppID: {BAF61B64-5D1A-4108-97CB-A10B7DDF730E} Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4} Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70} Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B} Name: Setting Sync Task Factory - AppID: {bcbb3f8c-2889-474f-8fb7-904d4a416145} Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B} Name: escort - AppID: {BDB69379-802F-4eaf-B541-F8DE92DD98DB} Name: VM IC Heartbeat Service - AppID: {be0fc7f0-f248-4091-a123-34ca29a6901b} Name: Shell AutoPlay Direct - AppID: {BF8841C9-378A-4CAD-B4FC-5091366CBC0D} Name: ShellBrowserWindow - AppID: {c08afd90-f2a1-11d1-8455-00a0c91f3880} Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6} Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF} Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1} Name: SecureShell - AppID: {C42CB13B-CA97-468D-9F93-AD1220004E62} Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E} Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444} Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D} Name: Nap Elevated COM class - AppID: {c5bbbd35-e321-468a-9884-6708aa083f83} Name: LockScreen Application Notification Broker - AppID: {C89FC3EF-A0DC-4feb-BFBC-F13A9C334D4F} Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9} Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81} Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D} Name: EventsByWebPage - AppID: {C9620A97-CBFC-41CB-96D1-A54DA8014344} Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C} Name: ManagerChat - AppID: {C98E1F86-2AFA-481E-A0BE-B8E81C5A8FAA} Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F} Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B} Name: PrintIsolationSessionHost - AppID: {CB363445-F453-4C1E-8EE4-BD123C5E394F} Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF} Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF} Name: WcsPlugInServiceLib - AppID: {CD11FAB6-1C0E-45e1-BA31-5C6008EF2607} Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933} Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} Name: BingDesktopUpdater - AppID: {CE41EBCF-17C0-4307-971E-03FEBCBB7D39} Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03} Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395} Name: SwapAPODll - AppID: {CF85F74A-E465-4fb6-898F-8F72C2B84D8E} Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7} Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5} Name: Color Management - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937} Name: Windows SideShow Device Configuration Helper - AppID: {D3667F1E-CCB8-4A69-99DF-59A2B2A6753F} Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652} Name: URLReqService - AppID: {D4859CE9-3B25-4235-8973-A74F5D9A04F2} Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30} Name: WinZip Compression Smart Monitor Service - AppID: {D6F79CD8-3495-4C34-BAD2-AA0C46560D6E} Name: UACObject - AppID: {D8239E84-D6EC-41dc-B7EA-98CDBF472200} Name: Microsoft Software Protection Platform Admin Object (outer) - AppID: {D8D4249F-A8FB-44A7-8AA0-564E8C385BD6} Name: NGPE.Autoplay - AppID: {D9FAC7F6-9EA2-48AA-BDDE-7F4940FFC432} Name: RegistryScannerPlugin - AppID: {DC064D87-7C2D-4FCE-A6B5-932723747396} Name: Srumon Server - AppID: {ddcfd26b-feed-44cd-b71d-79487d2e5e5a} Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44} Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5} Name: wsBusinessFiles - AppID: {DFD442D5-A299-4219-B6D1-D6C76CD64549} Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} Name: CavShell - AppID: {E11C8519-5595-4397-B515-AB036DEC467A} Name: Immersive Print Dialog Surrogate - AppID: {E15FBAC2-C276-4523-92CA-561456EBCF3E} Name: RtkAPODll - AppID: {E1D2965E-D32B-4e1c-B9F1-159ACB984258} Name: DefinitionsCategory - AppID: {E1DF0971-80AA-4473-931D-529FD4AABBF8} Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212} Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB} Name: Execute Unknown - AppID: {e44e9428-bdbc-4987-a099-40dc8fd255e7} Name: COM_SRS_WOWHD2 - AppID: {E46D2660-D86E-4B0A-BB61-F0FFE9BBDEB5} Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A} Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9} Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5} Name: Dispatch - AppID: {E87B0D83-20D6-4A88-97C4-3562309BF420} Name: iisctl - AppID: {E8FB8615-588F-11D2-9D61-00C04F79C5FE} Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90} Name: Remove Device elevation surrogate - AppID: {E95186C7-7D80-4311-843D-0702CBC8B1E4} Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45e1-8E7D-64414AFF281A} Name: Cfx60 - AppID: {e9df30ca-4b30-4235-bf0c-7150f6466080} Name: PfShellExtension - AppID: {E9F269D7-7652-41a7-9C53-008CF3B0A943} Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8} Name: Remote Desktop Services Message Server - AppID: {EB521D7D-4095-4E61-88FB-BF25700F142A} Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A} Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A} Name: EventHandler - AppID: {ECB9FB7E-A045-457A-B712-F09FA496DBE8} Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58} Name: SWDNLD - AppID: {ED372EB0-5B14-484F-A27C-05FF89B6DF25} Name: ImagXpr7 - AppID: {ED512BE6-6629-4FB4-953D-D0C353847163} Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147} Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7} Name: Windows SideShow PropertyPage Host - AppID: {F056D291-A2AB-45f7-8EE4-40454493B351} Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC} Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7} Name: K7ISNotify1 - AppID: {F2D98222-A9B3-11D7-B0FE-00C026A19B93} Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801} Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A} Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248} Name: K7BkOLI - AppID: {F527E58B-404B-4205-AE62-F532F3896867} Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717} Name: Windows Update Agent User Interface - AppID: {f62fdd2e-66d2-423b-9a04-f71ea00f892a} Name: SlimWare.Services - AppID: {F6A8CE42-CB2D-4920-85E7-24966D63D4B9} Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8} Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E} Name: WLIDFDP - AppID: {F828BB1A-2FAE-4AC4-AE6F-CAC9B529F996} Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7} Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Name: DaemonShellExtImage - AppID: {F9B84490-4C45-4737-82E5-0EA0B1CF5307} Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333} Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E} Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb} Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160} Name: WinStore OM - AppID: {fc470800-12e0-4da3-81f3-e67240d19093} Name: Hotspot Auth Module - AppID: {FC5EEAF6-0002-11DF-ADB9-F4CE462D9137} Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9} Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00} Name: Proximity UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10C} Name: MP UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10D} Name: RecorderChat - AppID: {FF385292-7348-4C73-AC12-AC98FC3E1DC0} Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{00393519-3A67-4507-A2B8-85146167ACA7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00393519-3A67-4507-A2B8-85146167ACA7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00393519-3A67-4507-A2B8-85146167ACA7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0142e4d1-fb7a-11dc-ba4a-000ffe7ab428}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0142e4d1-fb7a-11dc-ba4a-000ffe7ab428}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0142e4d1-fb7a-11dc-ba4a-000ffe7ab428}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559" Win32_DCOMApplication.AppID="{03e64e17-b220-4052-9b9b-155f9cb8e016}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{03e64e17-b220-4052-9b9b-155f9cb8e016}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03e64e17-b220-4052-9b9b-155f9cb8e016}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{03e64e17-b220-4052-9b9b-155f9cb8e016}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{03e64e17-b220-4052-9b9b-155f9cb8e016}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0EA3EECE-6ABF-467A-9040-11AA728B7B0B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0EA3EECE-6ABF-467A-9040-11AA728B7B0B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0EA3EECE-6ABF-467A-9040-11AA728B7B0B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{119817C9-666D-4053-AEDA-627D0E25CCEF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{119817C9-666D-4053-AEDA-627D0E25CCEF}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{11c058e0-9f3e-4c90-a459-2553f2f9e011}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{11c058e0-9f3e-4c90-a459-2553f2f9e011}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{11c058e0-9f3e-4c90-a459-2553f2f9e011}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{14047848-1203-4AC5-9ACE-AD2FD8861004}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{14047848-1203-4AC5-9ACE-AD2FD8861004}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{16D99191-6280-4B33-A2F5-04805A0FC582}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{16D99191-6280-4B33-A2F5-04805A0FC582}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{2349269A-9F33-4AD8-AD9E-ECB2318C4FFE}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{2AFF936D-3F29-4675-81DB-5FAE982A9DD8}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3B29AB5C-52CB-4a36-9314-E3FEE0BA7468}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3B29AB5C-52CB-4a36-9314-E3FEE0BA7468}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-80-611605672-2879557022-2206624263-4029342278-3129212340" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{5C917E9C-0B2F-40D6-928B-5C43FDB16DF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{5C917E9C-0B2F-40D6-928B-5C43FDB16DF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5C917E9C-0B2F-40D6-928B-5C43FDB16DF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{62B8CCBE-5A45-4372-8C4A-6A87DD3EDD60}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{62B8CCBE-5A45-4372-8C4A-6A87DD3EDD60}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{62B8CCBE-5A45-4372-8C4A-6A87DD3EDD60}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{67E4A0D8-8675-4FBB-BC62-F10EC894327E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{67E4A0D8-8675-4FBB-BC62-F10EC894327E}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{67E4A0D8-8675-4FBB-BC62-F10EC894327E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6CE51F75-0448-438e-B9CA-69C352A248A7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6CE51F75-0448-438e-B9CA-69C352A248A7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6CE51F75-0448-438e-B9CA-69C352A248A7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{71B804C5-5577-471D-8FE5-C4A45B654EB8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{71B804C5-5577-471D-8FE5-C4A45B654EB8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{71B804C5-5577-471D-8FE5-C4A45B654EB8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7D7B609B-D089-4687-9606-264A9AA2FBB2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7D7B609B-D089-4687-9606-264A9AA2FBB2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9CA88EE3-ACB7-47c8-AFC4-AB702511C276}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9CA88EE3-ACB7-47c8-AFC4-AB702511C276}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9CA88EE3-ACB7-47c8-AFC4-AB702511C276}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{9CA88EE3-ACB7-47c8-AFC4-AB702511C276}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{9CA88EE3-ACB7-47c8-AFC4-AB702511C276}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A2D8CFE7-7BA4-4bad-B86B-851376B59134}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A2D8CFE7-7BA4-4bad-B86B-851376B59134}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A2D8CFE7-7BA4-4bad-B86B-851376B59134}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B49FBDA8-D846-43c4-ACAA-06D7794374C8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B49FBDA8-D846-43c4-ACAA-06D7794374C8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{b70cc729-28ae-11dd-9676-000000000000}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b70cc729-28ae-11dd-9676-000000000000}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b70cc729-28ae-11dd-9676-000000000000}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{CE166E40-1E72-45B9-94C9-3B2050E8f180}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D3667F1E-CCB8-4A69-99DF-59A2B2A6753F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D3667F1E-CCB8-4A69-99DF-59A2B2A6753F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{D3667F1E-CCB8-4A69-99DF-59A2B2A6753F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{D8239E84-D6EC-41dc-B7EA-98CDBF472200}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{D8239E84-D6EC-41dc-B7EA-98CDBF472200}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E87B0D83-20D6-4A88-97C4-3562309BF420}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E87B0D83-20D6-4A88-97C4-3562309BF420}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F056D291-A2AB-45f7-8EE4-40454493B351}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F056D291-A2AB-45f7-8EE4-40454493B351}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F056D291-A2AB-45f7-8EE4-40454493B351}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f62fdd2e-66d2-423b-9a04-f71ea00f892a}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f62fdd2e-66d2-423b-9a04-f71ea00f892a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f62fdd2e-66d2-423b-9a04-f71ea00f892a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DeviceInstall DcomLaunch "regsvc"=RemoteRegistry "iissvcs"=w3svc was [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=PlugPlay DeviceInstall DcomLaunch "iissvcs"=w3svc was ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\2VG] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\AC3Filter] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\AdblockPlus] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Adlice Software] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Adobe] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Aimersoft] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Aiseesoft Studio] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Akeo Consulting] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Altaruine] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Anvisoft] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\AppDataLow] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\apple] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Apple Inc.] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ArcticLine] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Ashampoo] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ASProtect] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ATI] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Authorsoft] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Avanquest] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Avast Software] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\AvastAdSDK] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\AVG] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Avira] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Axialis] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Babylon] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\BabylonToolbar] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Baidu] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Baidu Security] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\BandiMPEG1] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\BANDISOFT] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Bandizip] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\BiniSoft.org] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\BlazeVideo] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Browser Cleanup] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\BugSplat] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\BVRP Software] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Bytescout] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Caphyon] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ChemTable] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ChemTable Software] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Chromium] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\CineForm] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Citrix] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Clients] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Code Sector] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Comodo] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ComodoGroup] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Compuclever] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Corel] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Creativemark] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\CyberLink] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\DAUM] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\DFFXR] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\DFX] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Disc Soft] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Disk] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\DivxNetWorks] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\DMFXR] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\DMGR2.0.0] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Dragon] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\DreamTrips] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Dropbox] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\DRP] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\drpsu] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\DVDVideoSoft] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ej-technologies] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Elecard] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Engelmann Software] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\EPSON] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\EXECryptorTestKeys] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Fighters] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Freecom] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\FreeDownloadManager.ORG] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Gabest] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\giveawayoftheday.com] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\GNU] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Google] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\GPL Ghostscript] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\GRETECH] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Haali] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Hewlett-Packard] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\I.R.I.S.] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Icaros] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Icecream] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\IconXP] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\iFotosoft] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Informer Technologies, Inc.] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Intelligent Converters] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\IObit] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\iSkysoft] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ISSS] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\J. River] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\JavaSoft] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\K7 Computing] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\KC Softwares] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Keepvid] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\KillSoft] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Lake] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Licenses] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Logitech] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\LogMeInRescueCallingCard] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Macromedia] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\MAGIX] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Magix Software GmbH] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Magnet] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\MainConcept] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Margin Trade] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Mine] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\MollieSoft] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Moo0] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\MoonBot] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Movavi] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Mozilla] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\MozillaPlugins] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\MPC-HC] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\MultiCommander] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Muon] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Naver] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Netscape] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\NewBlue] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Obsidium] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\OliverSoft] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Opera Software] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\PackageTracer] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Panda Security] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Password Safe] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\PDF Architect 6] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\PDFPrint] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Pegasun] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\PEiD] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Piriform] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Policies] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\proDAD] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ProtectStar] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ProtectStar Inc.] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\QtProject] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\RealNetworks] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Realtek] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Reasonable NoClone] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\RegisteredApplications] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Restoro] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Rtp] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\SafelyRemove] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Seagate] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Seiko Epson Corporation] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\SEJER - Le Robert] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ShellExtBridge110] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Soft-R Research] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Spyware Terminator] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Start Menu Reviver] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Stellar] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Stellar Data Recovery] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\SUPERAntiSpyware.com] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Sysinternals] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\TeamViewer] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\TechSmith] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Tihiy] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Topala Software] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Trolltech] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Unchecky] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\undefined] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\VB and VBA Program Settings] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ViFind] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ViStart] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Winamp] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Windows X] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\WinRAR] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\WinRAR SFX] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\WixSharp] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Wow6432Node] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Xara] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Xilisoft] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Zemana] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\ZHP] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\AppDataLow\Software\Adobe] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\Roaming] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\ShellNoRoam] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\adaware] [HKLM\Software\Adblock Plus for IE] [HKLM\Software\AdsFix] [HKLM\Software\AMD] [HKLM\Software\Apple Inc.] [HKLM\Software\ArcticLine] [HKLM\Software\Ashampoo] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\AVAST Software] [HKLM\Software\AVG] [HKLM\Software\BandiMPEG1] [HKLM\Software\BANDISOFT] [HKLM\Software\Bandizip] [HKLM\Software\Benchmarking] [HKLM\Software\Bitdefender] [HKLM\Software\Bitsum] [HKLM\Software\BorisFX] [HKLM\Software\ByteFence] [HKLM\Software\Clients] [HKLM\Software\Code Sector] [HKLM\Software\COMODO] [HKLM\Software\ComodoGroup] [HKLM\Software\CurrentConfig] [HKLM\Software\CyberLink] [HKLM\Software\DAUM] [HKLM\Software\DFX] [HKLM\Software\Disc Soft] [HKLM\Software\Disk] [HKLM\Software\Eassos] [HKLM\Software\ej-technologies] [HKLM\Software\EPSON] [HKLM\Software\ESET] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard] [HKLM\Software\Huawei technologies] [HKLM\Software\Icaros] [HKLM\Software\Ignis] [HKLM\Software\Intel] [HKLM\Software\iS3] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KeyCryptSDK] [HKLM\Software\Khronos] [HKLM\Software\license_IS] [HKLM\Software\Loaris] [HKLM\Software\Logitech] [HKLM\Software\Macrium] [HKLM\Software\Macromedia] [HKLM\Software\Magnet] [HKLM\Software\McAfee] [HKLM\Software\Microsoft] [HKLM\Software\MiniTool Software Limited] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\NewBlue] [HKLM\Software\Notepad++] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\Oracle] [HKLM\Software\PDF Architect 6] [HKLM\Software\PDF Tools AG] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\PostgreSQL] [HKLM\Software\PostgreSQL Global Development Group] [HKLM\Software\ProcessLasso] [HKLM\Software\proDAD] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Restore Point Creator] [HKLM\Software\Restoro] [HKLM\Software\SCU] [HKLM\Software\Spyware Terminator] [HKLM\Software\SRS Labs] [HKLM\Software\Stellar Data Recovery] [HKLM\Software\SUPERAntiSpyware.com] [HKLM\Software\sysinternals] [HKLM\Software\TAP-Windows] [HKLM\Software\Ultra adware killer] [HKLM\Software\UVK - Ultra virus killer] [HKLM\Software\UVK - Ultra virus killer backups] [HKLM\Software\VideoLAN] [HKLM\Software\WinRAR] [HKLM\Software\Wow6432Node] [HKLM\Software\ZmnGlobalSDK] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\Software\WOW6432Node\adaware] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\Aimersoft] [HKLM\Software\WOW6432Node\AMD] [HKLM\Software\WOW6432Node\Anvisoft] [HKLM\Software\WOW6432Node\AppDataLow] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\Applogon] [HKLM\Software\WOW6432Node\Ashampoo] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\Auslogics] [HKLM\Software\WOW6432Node\Avanquest] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\AVG] [HKLM\Software\WOW6432Node\Axialis] [HKLM\Software\WOW6432Node\Azureus] [HKLM\Software\WOW6432Node\Babylon] [HKLM\Software\WOW6432Node\BabylonToolbar] [HKLM\Software\WOW6432Node\Baidu] [HKLM\Software\WOW6432Node\Baidu Security] [HKLM\Software\WOW6432Node\BandiMPEG1] [HKLM\Software\WOW6432Node\BANDISOFT] [HKLM\Software\WOW6432Node\Bandizip] [HKLM\Software\WOW6432Node\Bitsum] [HKLM\Software\WOW6432Node\Borland] [HKLM\Software\WOW6432Node\BVRP Software] [HKLM\Software\WOW6432Node\ByteFence] [HKLM\Software\WOW6432Node\Caphyon] [HKLM\Software\WOW6432Node\Comodo] [HKLM\Software\WOW6432Node\ComodoGroup] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\DFFXR] [HKLM\Software\WOW6432Node\DFX] [HKLM\Software\WOW6432Node\DigitalWave] [HKLM\Software\WOW6432Node\DMFXR] [HKLM\Software\WOW6432Node\Dragon] [HKLM\Software\WOW6432Node\Driver-Soft] [HKLM\Software\WOW6432Node\drpsu] [HKLM\Software\WOW6432Node\DVDVideoSoft] [HKLM\Software\WOW6432Node\EaseUS] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\Eset] [HKLM\Software\WOW6432Node\Fighters] [HKLM\Software\WOW6432Node\FreeFileSync] [HKLM\Software\WOW6432Node\FTPWare] [HKLM\Software\WOW6432Node\g3n-h@ckm@n] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\GRETECH] [HKLM\Software\WOW6432Node\GuidGuid13] [HKLM\Software\WOW6432Node\HaaliMkx] [HKLM\Software\WOW6432Node\Hewlett-Packard] [HKLM\Software\WOW6432Node\I.R.I.S.] [HKLM\Software\WOW6432Node\Icaros] [HKLM\Software\WOW6432Node\icofx3] [HKLM\Software\WOW6432Node\IN Wallpaper ProjectTool] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\IObit] [HKLM\Software\WOW6432Node\IOTransfer] [HKLM\Software\WOW6432Node\iSkysoft] [HKLM\Software\WOW6432Node\ISSS] [HKLM\Software\WOW6432Node\J. River] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\K-Meleon] [HKLM\Software\WOW6432Node\K-Meleon 75.0] [HKLM\Software\WOW6432Node\K7 Computing] [HKLM\Software\WOW6432Node\KeepVid] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\KillSoft] [HKLM\Software\WOW6432Node\KLCodecPack] [HKLM\Software\WOW6432Node\Lake] [HKLM\Software\WOW6432Node\LAV] [HKLM\Software\WOW6432Node\Lavasoft] [HKLM\Software\WOW6432Node\LogMeInRescueCallingCard] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\MAGIX] [HKLM\Software\WOW6432Node\magnet] [HKLM\Software\WOW6432Node\Malwarebytes Anti-Exploit] [HKLM\Software\WOW6432Node\Malwarebytes Anti-Rootkit] [HKLM\Software\WOW6432Node\McAfee NGI] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\MimarSinan] [HKLM\Software\WOW6432Node\MiniTool ShadowMaker] [HKLM\Software\WOW6432Node\Morgan] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\muCommander] [HKLM\Software\WOW6432Node\Nero] [HKLM\Software\WOW6432Node\NewBlue] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\Nullsoft] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Panda Security] [HKLM\Software\WOW6432Node\Panda Software] [HKLM\Software\WOW6432Node\PDF Architect 6] [HKLM\Software\WOW6432Node\PDFPrint] [HKLM\Software\WOW6432Node\PowerProducer_Upgrade] [HKLM\Software\WOW6432Node\PowerTechnology] [HKLM\Software\WOW6432Node\ProtectStar] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Reasonable NoClone] [HKLM\Software\WOW6432Node\REASONABLE SOFTWARE HOUSE] [HKLM\Software\WOW6432Node\Runtime Software] [HKLM\Software\WOW6432Node\Seagate] [HKLM\Software\WOW6432Node\Serif] [HKLM\Software\WOW6432Node\simplitec] [HKLM\Software\WOW6432Node\Solveig Multimedia] [HKLM\Software\WOW6432Node\Stardock] [HKLM\Software\WOW6432Node\Steganos] [HKLM\Software\WOW6432Node\Stellar Data Recovery] [HKLM\Software\WOW6432Node\SymNRT] [HKLM\Software\WOW6432Node\TeamViewer] [HKLM\Software\WOW6432Node\Techsmith] [HKLM\Software\WOW6432Node\Ultra File Opener] [HKLM\Software\WOW6432Node\Unchecky] [HKLM\Software\WOW6432Node\ViGlance] [HKLM\Software\WOW6432Node\VobSub] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\WafCX] [HKLM\Software\WOW6432Node\WildTangent] [HKLM\Software\WOW6432Node\Windows] [HKLM\Software\WOW6432Node\Windows X] [HKLM\Software\WOW6432Node\WiseCleaner] [HKLM\Software\WOW6432Node\Wow6432Node] [HKLM\Software\WOW6432Node\Xilisoft] [HKLM\Software\WOW6432Node\Xvid Team] [HKLM\Software\WOW6432Node\Zemana] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\adbt] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\iissvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | FeatureControl [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "Spark.exe"="0" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "MirrorGo.exe"="10001" "softinfo.exe"="11000" "KeepVid Music.exe"="11000" "ashsnap.exe"="10001" "PotPlayerMini64.exe"="10000" "UI7.exe"="10001" "AcroRd32.exe"="10001" "Trial.exe"="8888" "UVKInstaller.exe"="10001" ""="10000" "hsscp.exe"="10000" "ApowerManager.exe"="11001" "ApowerManagerCoreServices.exe"="11001" "ApowerShow.exe"="11001" "UI8.exe"="10001" "bittorrentie.exe"="11000" "Azureus.exe"="10001" "2923bfa9d85ebd9e30baa214bf22f1a4.exe"="10001" "fdm.exe"="11000" "UVKPortable.exe"="10001" "PageLayoutDesigner.exe"="10000" "InPixioPhotoClip8.exe"="10000" "Autopilot.exe"="8000" "ida.exe"="11000" "AppManager.exe"="8000" "PCTrans.exe"="10000" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CrossDomain_Fix_KB867801] "ashsnap.exe"="1" "UI7.exe"="1" "UI8.exe"="1" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation] "ashsnap.exe"="1" "UI7.exe"="1" "UI8.exe"="1" "bittorrentie.exe"="0" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_CLIPCHILDREN_OPTIMIZATION] "PotPlayerMini64.exe"="1" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "MirrorGo.exe"="1" "softinfo.exe"="0" "KeepVid Music.exe"="1" "fdm.exe"="1" "PageLayoutDesigner.exe"="1" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "iexplore.exe"="1" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "ashsnap.exe"="10" "UI7.exe"="10" "UI8.exe"="10" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "ashsnap.exe"="10" "UI7.exe"="10" "UI8.exe"="10" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "Spark.exe"="1" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION] "ashsnap.exe"="1" "UI7.exe"="1" "UI8.exe"="1" "bittorrentie.exe"="1" "Spark.exe"="1" [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "Spark.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL] "WindowsAnytimeUpgradeUI.exe"="1" "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "prevhost.exe"="1" "HelpPane.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AJAX_CONNECTIONEVENTS] "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "iexplore.exe"="1" "*"="1" "infopath.exe"="0" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION] "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "prevhost.exe"="1" "HelpPane.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" "mshta.exe"="0" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" "mshta.exe"="0" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "prevhost.exe"="8000" "HelpPane.exe"="10000" "mshta.exe"="9999" "softinfo.exe"="11000" "PhotoDirector8.exe"="10000" "PhotoDirector10.exe"="10000" "AudioDirector.exe"="9000" "ColorDirector.exe"="11000" "PDR.exe"="11000" "Filmora.exe"="9999" "ApowerManager.exe"="11001" "ApowerManagerCoreServices.exe"="11001" "ApowerShow.exe"="11001" "SRVE.exe"="11000" "PhotoDirector9.exe"="10000" "Bandizip.exe"="10000" "Updater.exe"="10000" "fdm.exe"="11000" "sllauncher.exe"="8000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "iexplore.exe"="1" "SAPLOGON.exe"="0" "SAPLgPad.exe"="0" "explorer.exe"="1" "SAPGuiIT.exe"="0" "wmplayer.exe"="1" "SAPfewgsrv.exe"="0" "Scale_for_R3.exe"="0" "SAPGUI.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NAVIGATION_SOUNDS] "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "iexplore.exe"="1" "ieuser.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "helppane.exe"="1" "devenv.exe"="1" "dexplore.exe"="1" "PresentationHost.exe"="0" "sllauncher.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "mshta.exe"="1" "softinfo.exe"="0" "fdm.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "wm.exe"="1" "cs.exe"="1" "waol.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IVIEWOBJECTDRAW_DMLT9_WITH_GDI] "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "prevhost.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" "PresentationHost.exe"="1" "mshta.exe"="0" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="10" "iexplore.exe"="10" "sllauncher.exe"="6" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="10" "iexplore.exe"="10" "sllauncher.exe"="6" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "prevhost.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "sidebar.exe"="1" "outlook.exe"="1" "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_NINPUT_LEGACYMODE] "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "iexplore.exe"="0" "explorer.exe"="0" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "prevhost.exe"="1" "HelpPane.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "prevhost.exe"="1" "HelpPane.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "prevhost.exe"="1" "winmail.exe"="1" "msimn.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "prevhost.exe"="1" "HelpPane.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "HelpPane.exe"="1" "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "prevhost.exe"="0" "HelpPane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SPELLCHECKING] "mshta.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_STATUS_BAR_THROTTLING] "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "winmail.exe"="1" "msimn.exe"="1" "outlook.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "infopath.exe"="1" "winword.exe"="1" "excel.exe"="1" "powerpnt.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "prevhost.exe"="1" "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBSOCKET] "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XDOMAINREQUEST] "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XMLHTTP] "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "prevhost.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "prevhost.exe"="1" "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" "PresentationHost.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AJAX_CONNECTIONEVENTS] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "iexplore.exe"="1" "*"="1" "infopath.exe"="0" "explorer.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION] "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" "mshta.exe"="0" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" "mshta.exe"="0" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "mshta.exe"="9999" "cmw_srv.exe"="10000" "ApowerManager.exe"="11001" "ApowerManagerCoreServices.exe"="11001" "ApowerShow.exe"="11001" "Power2Go.exe"="11000" "Bandizip.exe"="10000" "Updater.exe"="10000" "GOMA.exe"="11000" "GOM.exe"="10001" "KMPlayer.exe"="10000" "sllauncher.exe"="8000" "mbamtray.exe"="11000" "mbam.exe"="11000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "iexplore.exe"="1" "SAPLOGON.exe"="0" "SAPLgPad.exe"="0" "explorer.exe"="1" "SAPGuiIT.exe"="0" "wmplayer.exe"="1" "SAPfewgsrv.exe"="0" "Scale_for_R3.exe"="0" "SAPGUI.exe"="0" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NAVIGATION_SOUNDS] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "iexplore.exe"="1" "ieuser.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "helppane.exe"="1" "PresentationHost.exe"="0" "devenv.exe"="1" "dexplore.exe"="1" "sllauncher.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "wm.exe"="1" "cs.exe"="1" "waol.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IVIEWOBJECTDRAW_DMLT9_WITH_GDI] "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "explorer.exe"="1" "PresentationHost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" "sllauncher.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" "iexplore.exe"="10" "sllauncher.exe"="6" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" "iexplore.exe"="10" "sllauncher.exe"="6" "msnmsgr.exe"="6" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "sidebar.exe"="1" "outlook.exe"="1" "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_NINPUT_LEGACYMODE] "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "iexplore.exe"="0" "explorer.exe"="0" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "prevhost.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "winmail.exe"="1" "prevhost.exe"="1" "msimn.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" "sllauncher.exe"="1" "wlmail.exe"="1" "WindowsLiveWriter.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "prevhost.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "HelpPane.exe"="1" "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SPELLCHECKING] "mshta.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_STATUS_BAR_THROTTLING] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "winmail.exe"="1" "msimn.exe"="1" "outlook.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "infopath.exe"="1" "winword.exe"="1" "excel.exe"="1" "powerpnt.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBSOCKET] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XDOMAINREQUEST] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XMLHTTP] "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "iexplore.exe"="1" "prevhost.exe"="1" "explorer.exe"="1" "PresentationHost.exe"="1" "wmplayer.exe"="1" "mshta.exe"="0" "wlmail.exe"="1" ---------- | The Created last ones ¦ Modified [MD5.00000000000000000000000000000000] - [13/03/2019 13:10:25] - |D| - [119052580] - C:\Program Files (x86)\360 [MD5.00000000000000000000000000000000] - [12/03/2019 15:16:07] - |D| - [101865987] - C:\Program Files (x86)\AOMEI Backupper [MD5.00000000000000000000000000000000] - [01/03/2019 05:47:14] - |D| - [641358083] - C:\Program Files (x86)\AVG [MD5.00000000000000000000000000000000] - [02/03/2019 12:36:47] - |D| - [25590740] - C:\Program Files (x86)\Axialis [MD5.00000000000000000000000000000000] - [26/03/2019 18:21:18] - |D| - [14544424] - C:\Program Files (x86)\Babylon [MD5.00000000000000000000000000000000] - [26/03/2019 18:33:10] - |D| - [2172270] - C:\Program Files (x86)\BabylonToolbar [MD5.00000000000000000000000000000000] - [01/03/2019 05:56:38] - |D| - [255085465] - C:\Program Files (x86)\CyberLink [MD5.00000000000000000000000000000000] - [12/03/2019 15:05:07] - |D| - [185778879] - C:\Program Files (x86)\EaseUS [MD5.00000000000000000000000000000000] - [02/03/2019 12:36:10] - |D| - [50504205] - C:\Program Files (x86)\icofx3 [MD5.00000000000000000000000000000000] - [02/03/2019 12:38:15] - |D| - [9064957] - C:\Program Files (x86)\IconXP [MD5.00000000000000000000000000000000] - [11/03/2019 17:12:30] - |D| - [112206659] - C:\Program Files (x86)\MiniTool ShadowMaker [MD5.00000000000000000000000000000000] - [11/03/2019 18:08:00] - |D| - [5878871] - C:\Program Files (x86)\Movavi Audio Suite [MD5.00000000000000000000000000000000] - [11/03/2019 17:03:22] - |D| - [4124726] - C:\Program Files (x86)\ProtectStar [MD5.00000000000000000000000000000000] - [07/03/2019 09:13:45] - |D| - [5331295] - C:\Program Files (x86)\Snappy Driver Installer [MD5.00000000000000000000000000000000] - [26/03/2019 18:33:13] - |D| - [231967] - C:\Program Files (x86)\Unlocker [MD5.00000000000000000000000000000000] - [12/03/2019 16:21:04] - |D| - [764722] - C:\Program Files (x86)\UsbFix [MD5.6A8A6A1D636EFC0CB02D3DBF94C21117] - [11/03/2019 13:05:18] - |A| - [140] - C:\Windows\errord.log [MD5.00000000000000000000000000000000] - [10/03/2019 09:44:28] - |D| - [301650786] - C:\Windows\LastGood [MD5.00000000000000000000000000000000] - [05/03/2019 10:07:06] - |D| - [1795952] - C:\Windows\LastGood.Tmp [MD5.0CA50B00EE0D02AB4462876339EE3807] - [12/03/2019 14:37:30] - |A| - [7090] - C:\Windows\PFRO.log [MD5.141AEA82BD37F6379DE22350E3425ABA] - [11/03/2019 16:55:17] - |A| - [150] - C:\Windows\restoro.ini [MD5.9CFB4475FBB8A56008BCD3010A32A052] - [11/03/2019 08:28:37] - |A| - [881] - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/03/2019 08:28:37] - |A| - [0] - C:\Windows\setuperr.log [MD5.C66601510B70482768D04216D48FEC08] - [01/03/2019 06:16:55] - |A| - [32768] - C:\Windows\Installer\43d33.msi [MD5.562EC5D5D12C8564A5ED6AC373BFA663] - [05/03/2019 12:04:16] - |A| - [4788224] - C:\Windows\Installer\f7791.msi [MD5.35F2CAE192E74009F8DD5A2FA052D9BC] - [01/03/2019 06:31:10] - |A| - [20480] - C:\Windows\Installer\SourceHash{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [MD5.0CE005F01D7964338AC3A898479E97D1] - [20/03/2019 19:01:59] - |A| - [362928] - C:\Windows\system32\avgBoot.exe [MD5.7CECF82B6A4CEF243EA95FA0D91A9E38] - [11/03/2019 13:05:53] - |A| - [670928] - C:\Windows\system32\FNTCACHE.DAT [MD5.D41D8CD98F00B204E9800998ECF8427E] - [01/03/2019 06:08:38] - |A| - [0] - C:\Windows\system32\last.dump [MD5.F6510320138BD6A236F0C3AFF5BF19CE] - [01/03/2019 05:46:01] - |A| - [1033968] - C:\Windows\system32\Drivers\asw0841c45ad73cb6a4.tmp [MD5.17925BDBFE2D0FEE462AA4E4388817D1] - [01/03/2019 05:45:52] - |A| - [196632] - C:\Windows\system32\Drivers\asw0a8314e39f16f6d5.tmp [MD5.812E960977116BF6D6C1CCF8B5DD351F] - [01/03/2019 05:46:01] - |A| - [205448] - C:\Windows\system32\Drivers\asw0ab597163340ddb2.tmp [MD5.D891E9590505850A4AE9D07640E30395] - [01/03/2019 05:46:08] - |A| - [112360] - C:\Windows\system32\Drivers\asw1614f5bbf4d9c11c.tmp [MD5.C931243FFBAC5196830EAE6B8B19DB48] - [01/03/2019 05:46:08] - |A| - [87992] - C:\Windows\system32\Drivers\asw19435280e0b205b4.tmp [MD5.EECC1BCC72A35822540E0851A6BE1EC3] - [01/03/2019 05:45:52] - |A| - [58008] - C:\Windows\system32\Drivers\asw280dc1b384049be9.tmp [MD5.F6510320138BD6A236F0C3AFF5BF19CE] - [01/03/2019 05:46:01] - |A| - [1033968] - C:\Windows\system32\Drivers\asw2a2e311a479c1332.tmp [MD5.EDA519D607226E652BA72AF26E26906C] - [01/03/2019 05:46:08] - |A| - [168944] - C:\Windows\system32\Drivers\asw31c3a1f8ad4eb9d2.tmp [MD5.C931243FFBAC5196830EAE6B8B19DB48] - [01/03/2019 05:46:08] - |A| - [87992] - C:\Windows\system32\Drivers\asw3aae51cc2a45b87a.tmp [MD5.DE968611AA7A8B034EFEF707CFB202BE] - [01/03/2019 05:45:52] - |A| - [320744] - C:\Windows\system32\Drivers\asw3d158a2b07f256d4.tmp [MD5.812E960977116BF6D6C1CCF8B5DD351F] - [01/03/2019 05:46:01] - |A| - [205448] - C:\Windows\system32\Drivers\asw40ef2477af647ed9.tmp [MD5.518241005C0EC4E4F1E39CAC2EC3AD7F] - [01/03/2019 05:46:10] - |A| - [380000] - C:\Windows\system32\Drivers\asw4a508e0a32a24797.tmp [MD5.3D79FA8FD24DE2EB1FBC2BCE8B8CA3AE] - [01/03/2019 05:45:58] - |A| - [518624] - C:\Windows\system32\Drivers\asw4c3e75b58e766375.tmp [MD5.D8D7B5E7B80E16EAB153D322B4D40DCD] - [01/03/2019 05:46:09] - |A| - [220472] - C:\Windows\system32\Drivers\asw4d6a09d4f61b99f4.tmp [MD5.17925BDBFE2D0FEE462AA4E4388817D1] - [01/03/2019 05:45:52] - |A| - [196632] - C:\Windows\system32\Drivers\asw63dfe760fce062bf.tmp [MD5.D8D7B5E7B80E16EAB153D322B4D40DCD] - [01/03/2019 05:46:09] - |A| - [220472] - C:\Windows\system32\Drivers\asw646a67db7a30e7f4.tmp [MD5.3D79FA8FD24DE2EB1FBC2BCE8B8CA3AE] - [01/03/2019 05:45:58] - |A| - [518624] - C:\Windows\system32\Drivers\asw6a03817963cbe222.tmp [MD5.9E7547F06551DD20BB6FA1D5CB4FAD4F] - [01/03/2019 05:46:08] - |A| - [42336] - C:\Windows\system32\Drivers\asw6b4837fd70c7e1ad.tmp [MD5.EDA519D607226E652BA72AF26E26906C] - [01/03/2019 05:46:08] - |A| - [168944] - C:\Windows\system32\Drivers\asw75e3abab7e58e097.tmp [MD5.6F76C6BDEA3B0FDC6B3A8BD5A48F392C] - [01/03/2019 05:46:08] - |A| - [476096] - C:\Windows\system32\Drivers\asw796660b791fe104f.tmp [MD5.2098A3C43ABA4AB202D04844D0C5C90C] - [01/03/2019 05:45:52] - |A| - [254760] - C:\Windows\system32\Drivers\aswad281e2389976636.tmp [MD5.518241005C0EC4E4F1E39CAC2EC3AD7F] - [01/03/2019 05:46:10] - |A| - [380000] - C:\Windows\system32\Drivers\aswb6590753cd0f911f.tmp [MD5.EECC1BCC72A35822540E0851A6BE1EC3] - [01/03/2019 05:45:52] - |A| - [58008] - C:\Windows\system32\Drivers\aswc4c47d49c6268543.tmp [MD5.DE968611AA7A8B034EFEF707CFB202BE] - [01/03/2019 05:45:52] - |A| - [320744] - C:\Windows\system32\Drivers\aswc96898d9ee932f24.tmp [MD5.6F76C6BDEA3B0FDC6B3A8BD5A48F392C] - [01/03/2019 05:46:08] - |A| - [476096] - C:\Windows\system32\Drivers\aswcd4b25cf0cf59530.tmp [MD5.D891E9590505850A4AE9D07640E30395] - [01/03/2019 05:46:08] - |A| - [112360] - C:\Windows\system32\Drivers\aswe6f6de8176f7ad45.tmp [MD5.9E7547F06551DD20BB6FA1D5CB4FAD4F] - [01/03/2019 05:46:08] - |A| - [42336] - C:\Windows\system32\Drivers\aswe99f46746692363a.tmp [MD5.2098A3C43ABA4AB202D04844D0C5C90C] - [01/03/2019 05:45:52] - |A| - [254760] - C:\Windows\system32\Drivers\aswf14bc5120a02618c.tmp [MD5.8ED76C5D58012F4CF3DCFEEDAC1A11BA] - [01/03/2019 05:46:01] - |A| - [205448] - C:\Windows\system32\Drivers\avgArPot.sys [MD5.E26BEB03AB290D22A4FA8D3CC7266B75] - [01/03/2019 05:45:52] - |A| - [254688] - C:\Windows\system32\Drivers\avgbidsdriver.sys [MD5.70AC245B16FF814079D049A5CDB50ECB] - [01/03/2019 05:45:52] - |A| - [196560] - C:\Windows\system32\Drivers\avgbidsh.sys [MD5.8FC041C1A91E147AE2551F6B50FA57FF] - [01/03/2019 05:45:52] - |A| - [320672] - C:\Windows\system32\Drivers\avgblog.sys [MD5.77A986AB8EE44F15794EE554724FDA8F] - [01/03/2019 05:45:52] - |A| - [57936] - C:\Windows\system32\Drivers\avgbuniv.sys [MD5.412C9D91AE208F045F0F9ABA469A2327] - [01/03/2019 05:46:08] - |A| - [42336] - C:\Windows\system32\Drivers\avgKbd.sys [MD5.9D0172C83CC90D0F1649847699F5EED9] - [01/03/2019 05:46:08] - |A| - [169520] - C:\Windows\system32\Drivers\avgMonFlt.sys [MD5.D895ECAD09732F9E2D41B0133B8D9432] - [01/03/2019 05:45:58] - |A| - [526424] - C:\Windows\system32\Drivers\avgNetSec.sys [MD5.52807DDBCAFF5D5720E4F49373AA7894] - [01/03/2019 05:46:08] - |A| - [112360] - C:\Windows\system32\Drivers\avgRdr2.sys [MD5.697B4E0B9320AF2FA2F302726C157A10] - [01/03/2019 05:46:08] - |A| - [87992] - C:\Windows\system32\Drivers\avgRvrt.sys [MD5.688E9A46802BB5C0EBF1DB0DE421C3B0] - [01/03/2019 05:46:01] - |A| - [1034480] - C:\Windows\system32\Drivers\avgSnx.sys [MD5.F69D4AE2E0AE6EEBD5AA56DF953BB144] - [01/03/2019 05:46:08] - |A| - [476608] - C:\Windows\system32\Drivers\avgSP.sys [MD5.CD608B74C30A0369DE8074502FE9C2DB] - [01/03/2019 05:46:09] - |A| - [220472] - C:\Windows\system32\Drivers\avgStm.sys [MD5.8EAF53D0870C05BA926FA5EE123D4D87] - [01/03/2019 05:46:10] - |A| - [380000] - C:\Windows\system32\Drivers\avgVmm.sys [MD5.93B390FFBFADF97F9941B3F6CD026B83] - [12/03/2019 15:08:37] - |A| - [1324] - C:\Windows\syswow64\Eaolog.log ---------- | Drives D: [02/09/2018 17:46:58] - |N| - (.-.) - [44] - (0.0.0.0) - D:\language.ini E: [25/02/2019 08:30:35] - |A| - (.-.) - [1232] - (0.0.0.0) - E:\Slowin' Killer - Donner son avis.lnk [25/02/2019 08:30:36] - |A| - (.-.) - [1261] - (0.0.0.0) - E:\Slowin' Killer - Analyse_(1).lnk [25/02/2019 08:30:37] - |A| - (.-.) - [1266] - (0.0.0.0) - E:\Slowin' Killer - Optimize_(1).lnk [25/02/2019 08:30:39] - |A| - (.-.) - [1096] - (0.0.0.0) - E:\ByteFence Anti-Malware.lnk [25/02/2019 08:30:40] - |A| - (.-.) - [2218] - (0.0.0.0) - E:\Dashlane.lnk [25/02/2019 08:30:42] - |A| - (.-.) - [2198] - (0.0.0.0) - E:\DriverUPDATER.lnk [25/02/2019 08:30:45] - |A| - (.-.) - [3145] - (0.0.0.0) - E:\iShredder 7.0.lnk [25/02/2019 08:30:47] - |A| - (.-.) - [1625] - (0.0.0.0) - E:\Navigateur Opera.lnk [25/02/2019 08:30:55] - |A| - (.-.) - [1216] - (0.0.0.0) - E:\UTILILAB NitroBROWSER.lnk [25/02/2019 08:30:41] - |A| - (.NCH Software - Debut Video Capture Software.) - [2406960] - (0.0.0.0) - E:\DebutVideoCaptureSoftware.exe [25/02/2019 08:30:43] - |A| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [1802704] - (2.9.1.0) - E:\iExplore.exe [25/02/2019 08:30:48] - |A| - (.Copyright (C) 2013-2017 SosVirus Software - Pre_Scan.) - [3059624] - (16.10.17.1) - E:\pre-scan_7_16.10.17.1.exe [25/02/2019 08:30:52] - |A| - (. - Kahica Setup .) - [2439402] - (0.0.0.0) - E:\SkinPacks_0475149786.exe [25/02/2019 08:32:59] - |A| - (.-.) - [89589712] - (0.0.0.0) - E:\VideoMeetingPlus_1.0.1711.0_Beta_VMX160226-03.exe H: [17/02/2019 13:47:57] - |A| - (.-.) - [68] - (0.0.0.0) - H:\pmp_usb.ini I: [28/01/2019 15:23:30] - |A| - (.-.) - [1358] - (0.0.0.0) - I:\Edge.lnk [29/10/2018 10:19:22] - |A| - (.-.) - [377] - (0.0.0.0) - I:\MONTRE ESPI (D) - Raccourci.lnk [07/03/2019 12:34:00] - |A| - (.-.) - [104] - (0.0.0.0) - I:\Panneau de configuration - Raccourci (2).lnk [07/03/2019 12:34:00] - |A| - (.-.) - [104] - (0.0.0.0) - I:\Panneau de configuration - Raccourci.lnk [09/03/2019 10:24:21] - |A| - (.-.) - [1283] - (0.0.0.0) - I:\Slowin' Killer - Analyse_(1).lnk [09/03/2019 10:24:21] - |A| - (.-.) - [1288] - (0.0.0.0) - I:\Slowin' Killer - Optimize_(1).lnk [23/04/2018 08:14:13] - |A| - (.-.) - [0] - (0.0.0.0) - I:\runtime_res_2.dll [28/02/2019 13:15:42] - |A| - (.(C) Maxthon. All rights reserved - MxNitro Browser.) - [33898800] - (1.2.11.1903) - I:\0204mx_nitro_1.2.11.1903.exe [09/03/2019 21:08:33] - |A| - (.� 2017 simplitec GmbH - simpliclean setup .) - [18678776] - (2.4.0.97) - I:\2.8.0.102 simpliclean.exe [07/03/2019 12:33:37] - |A| - (.-.) - [2708912] - (12.6.1005.11662) - I:\Adaware_Installer.exe [09/03/2019 10:25:21] - |A| - (.-.) - [65536] - (0.0.0.0) - I:\Additional Free Tools.exe [09/03/2019 08:53:52] - |A| - (.Copyright 2018 Malwarebytes - AdwCleaner.) - [7571152] - (7.2.3.0) - I:\adwcleaner_7.2.3.1.exe [28/02/2019 13:22:17] - |A| - (.-.) - [160100] - (0.0.0.0) - I:\Android Start Button.exe [28/02/2019 13:18:50] - |A| - (.Ashampoo GmbH & Co. KG - Ashampoo Snap 9 Setup .) - [58258152] - (9.0.6.0) - I:\ashampoo_snap_9_9.0.6_sm.exe [28/04/2015 16:30:23] - |A| - (. - Ashampoo UnInstaller 5 Setup .) - [21088224] - (5.4.0.0) - I:\ashampoo_uninstaller_5_e5.0.4_sm.exe [28/02/2019 13:18:57] - |A| - (.Ashampoo GmbH & Co. KG - Ashampoo Video Deflicker Setup .) - [95198560] - (1.0.0.0) - I:\ashampoo_video_deflicker_1.0.0_sm.exe [28/04/2015 16:30:28] - |A| - (. - Ashampoo Video Styler Setup .) - [27869488] - (1.0.1.0) - I:\ashampoo_video_styler_e1.0.1_sm.exe [28/02/2019 13:19:08] - |A| - (.(c)Advanced System Repair, Inc. - Advanced System Repair Pro.) - [19283888] - (4.2.0.0) - I:\ASR_Blue_Installer_m7_fr.exe [28/02/2019 14:01:55] - |A| - (.-.) - [0] - (0.0.0.0) - I:\Audials One 2019.1.45500.0 Multilingual_0196114789.exe [09/03/2019 09:42:36] - |A| - (.Copyright (C) 2019 AVG Technologies CZ, s.r.o. - AVG Antivirus Installer.) - [7832344] - (19.3.4213.0) - I:\avg_internet_security_setup.exe [09/03/2019 09:42:33] - |A| - (.Copyright (c) 2016 AVG Technologies - AVG TuneUp Installer .) - [51801360] - (18.3.507.0) - I:\avg_tuneup_setup.exe [09/03/2019 08:53:00] - |A| - (.Copyright © 2015 Avira Operations GmbH & Co. KG and its Licensors - Avira.) - [5427872] - (1.2.119.17994) - I:\avira_en_fass0_5b99ff1b88da7__ws.exe [28/02/2019 13:19:09] - |A| - (.Copyright 2018 Marcin Szeniak - BCUninstaller Setup .) - [5187536] - (4.12.3.0) - I:\BCUninstaller_4.12.3_setup.exe [29/10/2018 10:26:51] - |A| - (.© Microsoft Corporation. - Win32 Cabinet Self-Extractor .) - [10513112] - (6.0.2800.1168) - I:\BingDesktopSetup.exe [28/02/2019 13:19:13] - |A| - (.Copyright (c) TechSmith Corporation. - Camtasia 9.) - [285144256] - (9.0.0.1306) - I:\camtasia.exe [28/02/2019 13:22:17] - |A| - (.-.) - [503405] - (0.0.0.0) - I:\Chrome Start Menu for Windows.exe [07/03/2019 12:33:37] - |A| - (.2005-2018 COMODO. - COMODO Internet Security.) - [5582200] - (11.0.0.6744) - I:\ciscomplete_installer.exe [11/03/2019 10:53:57] - |A| - (.-.) - [0] - (0.0.0.0) - I:\clear-fi-media_VAwqVx_0121044746.exe [09/03/2019 08:52:57] - |A| - (.sUBs - ComboFix NSIS Installer.) - [5660510] - (18.8.8.1) - I:\combofix_18.8.8.1.exe [28/02/2019 13:22:17] - |A| - (.-.) - [160538] - (0.0.0.0) - I:\Daylight Start Button.exe [28/02/2019 13:21:21] - |A| - (.NCH Software - Debut Video Capture Software.) - [2406960] - (0.0.0.0) - I:\DebutVideoCaptureSoftware.exe [09/03/2019 08:52:58] - |A| - (.Adlice Software - Diag Installer .) - [28937232] - (0.10.1.0) - I:\Diag_setup.exe [09/03/2019 21:01:28] - |A| - (.- DriverPack Cloud.) - [95669896] - (4.3.1.0) - I:\DriverPack-Cloud-New.exe [09/03/2019 21:27:49] - |A| - (.- Installs and updates drivers.) - [89456] - (1.0.0.0) - I:\DriverPack.exe [09/03/2019 21:02:03] - |A| - (.Copyright (c) 1999-2018 Igor Pavlov - 7z SFX.) - [518167145] - (19.0.0.0) - I:\DriverPack_17.9.3-19030_Network.exe [28/02/2019 13:22:18] - |A| - (.- A utility to simulate the El Capitan Menu Bar from OSX.) - [782647] - (0.0.0.201) - I:\el-capitan-menu-bar-vifind.exe [09/03/2019 09:43:02] - |A| - (.-.) - [361693392] - (0.0.0.0) - I:\EmsisoftEmergencyKit.exe [28/02/2019 13:19:19] - |A| - (.Copyright (c) ESET 1992-2018. - ESET Online Scanner.) - [7657592] - (3.0.17.0) - I:\esetonlinescanner_enu.exe [09/03/2019 09:43:21] - |A| - (.Copyright (c) 1999-2018 Igor Pavlov - 7z Setup SFX.) - [282960] - (18.5.0.0) - I:\Firefox Installer.fr.exe [10/03/2019 13:33:13] - |A| - (.Copyright 2018 Adobe Incorporated. - Adobe Download Manager.) - [1207280] - (2.0.0.332) - I:\flashplayer32pp_ea_install.exe [09/03/2019 08:52:53] - |A| - (.Sel -.) - [87129077] - (1.0.0.0) - I:\format_autodecliv_&_memtest_huit_six_&_combofix_sib.exe [08/03/2019 10:31:35] - |A| - (.©1999-2018 Jonathan Bennett & AutoIt Team - Farbar Recovery Scan Tool.) - [1793536] - (6.3.2019.0) - I:\FRST.exe [08/03/2019 10:38:46] - |A| - (.©1999-2018 Jonathan Bennett & AutoIt Team - Farbar Recovery Scan Tool.) - [2434048] - (10.2.2019.1) - I:\FRST64-2.1.exe [09/03/2019 08:53:00] - |A| - (.Copyright (C) 2018 SPAMfighter ApS - Installation Package.) - [2690384] - (1.5.2.0) - I:\Full-DISKfighter_Web (1).exe [09/03/2019 08:52:57] - |A| - (.Copyright (C) 2018 SPAMfighter ApS - Installation Package.) - [2690384] - (1.5.2.0) - I:\Full-DISKfighter_Web (2).exe [09/03/2019 09:43:24] - |A| - (.Copyright (C) 2018 SPAMfighter ApS - Installation Package.) - [2690384] - (1.5.2.0) - I:\Full-DISKfighter_Web (3).exe [09/03/2019 09:43:24] - |A| - (.Copyright (C) 2018 SPAMfighter ApS - Installation Package.) - [2690384] - (1.5.2.0) - I:\Full-DISKfighter_Web (4).exe [09/03/2019 08:53:01] - |A| - (.Copyright (C) 2018 SPAMfighter ApS - Installation Package.) - [2690384] - (1.5.2.0) - I:\Full-DISKfighter_Web.exe [28/02/2019 13:22:18] - |A| - (.-.) - [220612] - (0.0.0.0) - I:\Glass Windows Start Menu.exe [09/03/2019 08:53:52] - |A| - (.© 2006-2018 SurfRight, a Sophos company - HitmanPro 3.8.) - [11576808] - (3.8.0.295) - I:\hitmanpro_x64.exe [09/03/2019 09:42:31] - |A| - (.Copyright (c) 2002-2019 WestByte - Internet Download Accelerator Setup .) - [7216968] - (6.17.2.0) - I:\idasetup.exe [07/03/2019 12:33:40] - |A| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [1802704] - (2.9.1.0) - I:\iExplore.exe [23/04/2018 06:26:47] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU (2).exe [23/04/2018 06:26:47] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU (2)_1.exe [23/04/2018 06:26:47] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU (3).exe [23/04/2018 06:26:47] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU (3)_1.exe [21/04/2018 16:49:58] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU (4).exe [20/04/2018 09:52:08] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU (4)_1.exe [20/04/2018 18:19:22] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU (5).exe [20/04/2018 19:54:39] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU (5)_1.exe [20/04/2018 09:52:08] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU (6).exe [20/04/2018 09:18:49] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU.exe [20/04/2018 09:52:09] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU_1 (2).exe [23/04/2018 06:26:48] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU_1.exe [20/04/2018 09:52:09] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU_2 (2).exe [23/04/2018 06:26:48] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU_2.exe [21/04/2018 14:28:37] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU_3 (2).exe [23/04/2018 06:26:48] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU_3.exe [21/04/2018 14:28:37] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU_4 (2).exe [23/04/2018 06:26:48] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU_4.exe [21/04/2018 14:28:37] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU_5 (2).exe [23/04/2018 06:26:48] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - I:\InstallUSU_5.exe [10/03/2019 13:33:03] - |A| - (.Copyright © 2018 - Java Platform SE binary.) - [74907488] - (8.0.2010.9) - I:\jre-8u201-windows-x64.exe [25/09/2017 12:35:41] - |A| - (.Codyssey.com - Liberty Theme for CodySafe installer.) - [904115] - (0.1.0.0) - I:\Liberty Theme for CodySafe.exe [09/03/2019 09:43:22] - |A| - (.Jean-Marie -.) - [45263845] - (1.0.0.0) - I:\likenewp'chiant_sib.exe [09/03/2019 08:52:53] - |A| - (.© PCPinpoint Technologies - LikeNEWPC Setup.) - [5690440] - (1.0.3.0) - I:\LikeNEWPCSetup.exe [09/03/2019 09:43:24] - |A| - (.Jean-Marie -.) - [45263934] - (1.0.0.0) - I:\maman_kabylle_sib.exe [09/03/2019 09:42:30] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Installation de Windows 10.) - [19229160] - (10.0.17763.1) - I:\MediaCreationTool1809.exe [09/03/2019 09:43:19] - |A| - (.-.) - [48057520] - (0.0.0.0) - I:\Miro-6.0.exe [09/03/2019 09:43:21] - |A| - (.-.) - [13533048] - (0.0.0.0) - I:\MiroVideoConverter.exe [09/03/2019 09:42:42] - |A| - (.UEFM LFS Hyper EFM -.) - [419267133] - (1.0.0.0) - I:\moo0clicdroitpro_restoro_powerdvd365_remo_x0ttoneiconpack_donation4keep_lfsu100%s_finalized_setup_sib.exe [19/09/2017 10:26:45] - |A| - (.(C) Maxthon. All rights reserved - MX5.) - [53002472] - (5.1.1.1000) - I:\mx5.1.1.1000.exe [09/03/2019 08:52:53] - |A| - (.Copyright (C) 2009 Secure By Design Inc - Ninite.) - [425304] - (0.1.1.1183) - I:\NinitePro.exe [20/04/2018 19:10:51] - |A| - (.-.) - [3360449] - (0.0.0.0) - I:\osmc-installer.exe [09/03/2019 09:43:17] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [5143912] - (16.0.0.0) - I:\PortableApps.com_Platform_Setup_16.0.paf.exe [09/03/2019 09:42:59] - |A| - (.UEFM LFS Hyper EFM -.) - [27608020] - (1.0.0.0) - I:\powerdvd365_gif23rem4remscene_winrar4malwarehunter-portable-foxxapp_setup_2019_sib.exe [07/03/2019 12:34:02] - |A| - (.Copyright (C) 2013-2017 SosVirus Software - Pre_Scan.) - [3059624] - (16.10.17.1) - I:\pre-scan_7_16.10.17.1.exe [07/03/2019 12:34:08] - |A| - (.Copyright (C) 2013-2018 SosVirus Software - QuickDiag.) - [5175192] - (27.2.19.1) - I:\quickdiag_V5_27.02.19.1.exe [11/03/2019 13:04:10] - |A| - (.Bernat - Recuva Professional Portable.) - [634351] - (0.0.0.0) - I:\Recuva_Portable_MultiVersion_32-64-bit_Multilingual_Online.exe [07/03/2019 12:34:14] - |A| - (.bartblaze - Tool to delete VBS autorun worms & unhide files.) - [114176] - (8.0.0.0) - I:\Rem-VBSworm.exe [09/03/2019 08:53:52] - |A| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [1780224] - (2.9.1.0) - I:\rkill-unsigned.exe [09/03/2019 08:52:58] - |A| - (.© 2011-2018 Pete Batard (GPL v3) - Rufus.) - [1027128] - (3.2.1397.0) - I:\rufus-3.2.exe [28/02/2019 13:16:20] - |A| - (.Copyright(c) 2018 Apowersoft Ltd. All rights reserved - Apowersoft Screen Recorder Pro 2 Setup .) - [18012320] - (2.3.8.0) - I:\screen-recorder-pro.exe [28/02/2019 13:16:25] - |A| - (.Copyright © K7 Computing Pvt. Ltd. 2003 - 2014. - K7UltimateSecurity.) - [200275792] - (15.1.0.335) - I:\setup-eng-us.exe [28/02/2019 13:16:24] - |A| - (.Copyright © Beepa Pty Ltd 2018 - Fraps Installer.) - [2510704] - (3.5.99.15627) - I:\setup.exe [07/03/2019 12:34:14] - |A| - (.Pierre13 - Nettoyage des fichiers temporaires.) - [1064612] - (2.0.0.60) - I:\SFTGC.exe [09/03/2019 08:52:58] - |A| - (.-.) - [2321800] - (0.0.0.0) - I:\SharewareOnSale_Giveaway_BitCopy_hub.exe [04/03/2019 11:28:08] - |A| - (. - Kahica Setup .) - [2439402] - (0.0.0.0) - I:\SkinPacks_0475149786.exe [28/02/2019 13:21:30] - |A| - (.Copyright 2011-2016 Slimware Utilities Holdings, Inc. - SlimCleaner Plus Setup Wizard.) - [944200] - (2.18.0.0) - I:\SlimCleaner-setup.exe [28/02/2019 13:16:29] - |A| - (.Security-HelpZone - Slowin' Killer.) - [1358336] - (2.1.3.0) - I:\Slowin Killer.exe [28/02/2019 13:16:32] - |A| - (.© IObit. - Start Menu 8 Setup .) - [11895456] - (4.6.0.1) - I:\sm8-setup.exe [28/02/2019 13:16:35] - |A| - (.Copyright (c) TechSmith Corporation. - Snagit 2019.) - [305741344] - (19.1.0.2653) - I:\snagitfr.exe [28/02/2019 13:23:42] - |A| - (.-.) - [157088] - (0.0.0.0) - I:\Snowflake Start Button.exe [09/03/2019 08:53:53] - |A| - (.Copyright © 1998-2012 Passmark Software, Inc. - SoundCheck Setup .) - [891632] - (0.0.0.0) - I:\soundchk.exe [09/03/2019 09:43:22] - |A| - (.(c) 2015-2018 Safer-Networking Ltd. - Spybot Anti-Beacon Setup .) - [10325952] - (2.2.0.0) - I:\SpybotAntiBeacon-2.2-setup.exe [04/03/2019 10:25:00] - |A| - (.(C) 2003-2015 Emsisoft Ltd - Emsisoft Emergency Kit Starter.) - [3723376] - (10.0.0.5973) - I:\Start Commandline Scanner.exe [04/03/2019 10:25:00] - |A| - (.(C) 2003-2015 Emsisoft Ltd - Emsisoft Emergency Kit Starter.) - [3723376] - (10.0.0.5973) - I:\Start Emergency Kit Scanner.exe [04/03/2019 10:25:01] - |A| - (.(C) 2015 Smart PC Utilities, Ltd. - PC Startup Master Setup.) - [7784934] - (3.0.238.0) - I:\startupmaster.exe [09/03/2019 08:53:53] - |A| - (. - TagScanner Setup .) - [2676440] - (0.0.0.0) - I:\tagscan-6.0.30-setup.exe [09/03/2019 21:10:43] - |A| - (.Copyright © MAGIX Software GmbH 2006 - 2018 - PC Check & Tuning 2019 Setup .) - [17979600] - (2.4.0.59) - I:\trial_pc_check_tuning_2019_int.exe [09/03/2019 09:43:27] - |A| - (.-.) - [119360] - (0.0.0.0) - I:\Tweaking.com-Auto_Assign_Drive_Letters.exe [09/03/2019 08:53:50] - |A| - (.Copyright ©2011 - 2019 - Setup Application.) - [38350280] - (4.1.0.1) - I:\tweaking.com_windows_repair_aio_setup.exe [28/02/2019 13:23:53] - |A| - (.-.) - [159154] - (0.0.0.0) - I:\Ubuntu Orange Start Button.exe [28/02/2019 13:23:53] - |A| - (.-.) - [645091] - (0.0.0.0) - I:\Ubuntu Style Start Meenu.exe [09/03/2019 08:52:59] - |A| - (.Adlice Software - UCheck Installer .) - [21034904] - (2.3.5.0) - I:\UCheck_setup.exe [04/03/2019 10:25:03] - |A| - (.CompuClever Systems Inc. -.) - [6379600] - (3.3.3.48) - I:\ultraebookreader_setup.exe [09/03/2019 08:53:53] - |A| - (.© 2008/2019 - El Desaparecido - www.SOSVirus.net - UsbFix Premium.) - [4047008] - (11.0.0.1) - I:\UsbFix_11.002.exe [28/02/2019 13:17:21] - |A| - (. - Panda USB Vaccine Setup .) - [865272] - (1.0.1.16) - I:\usbvaccine.exe [28/02/2019 13:17:26] - |A| - (.UTILILAB GmbH - UTILILAB SystemOPTIMIZER .) - [11613032] - (3.5.0.0) - I:\usosetup.exe [28/02/2019 13:17:32] - |A| - (.UTILILAB GmbH - DriverUPDATER .) - [5217864] - (2.0.0.0) - I:\utililabdusetup.exe [09/03/2019 08:53:36] - |A| - (.-.) - [354115584] - (0.0.0.0) - I:\VIPRERescue.exe [28/02/2019 13:17:39] - |A| - (.-.) - [41846888] - (0.0.0.0) - I:\vlc-3.0.6-win64.exe [28/02/2019 13:23:57] - |A| - (.c Lavasoft Limited. - Web Companion Installer.) - [355744] - (4.5.1957.3838) - I:\WcInstaller.exe [28/02/2019 13:23:57] - |A| - (.- An application launcher utility..) - [768140] - (2.0.0.17) - I:\windows-desktop-launcher-vipad.exe [28/02/2019 13:23:57] - |A| - (.Copyright © 2008-2019 Aus?logics Labs Pty Ltd - A?uslogics Win?dowsSlimmer Installation File .) - [11990080] - (1.0.23.0) - I:\windows-slimmer-setup.exe [28/02/2019 13:24:00] - |A| - (.- A start button replacement for Windows.) - [311594] - (4.0.0.61) - I:\windows-start-menu-button-viorb.exe [28/02/2019 13:24:00] - |A| - (.- A utility to simulate the Windows 7 Start Menu.) - [1245702] - (8.1.0.5208) - I:\windows-start-menu-vistart-8.exe [28/02/2019 13:24:01] - |A| - (.- A utility to simulate the Windows 7 Superbar for Windows XP.) - [356758] - (1.0.0.1306) - I:\windows-task-bar-viglance.exe [28/02/2019 13:17:45] - |A| - (.Copyright © Alexander Roshal 1993-2018 - WinRAR archiver.) - [3190008] - (5.61.0.0) - I:\winrar-x64-561.exe [28/02/2019 13:24:01] - |A| - (.-.) - [299665] - (0.0.0.0) - I:\XeBlack Start Menu.exe [08/01/2019 10:02:45] - |A| - (.-.) - [504] - (0.0.0.0) - I:\desktop (2).ini [16/11/2018 10:37:13] - |A| - (.-.) - [68] - (0.0.0.0) - I:\pmp_usb.ini [21/04/2018 14:28:51] - |A| - (.-.) - [100] - (0.0.0.0) - I:\rufus (2).ini [23/04/2018 06:25:29] - |A| - (.-.) - [100] - (0.0.0.0) - I:\rufus.ini [21/04/2018 14:24:19] - |A| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [2030536] - (2.8.4.0) - I:\rkill(2).com [21/04/2018 14:24:20] - |A| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [2030536] - (2.8.4.0) - I:\rkill(3).com [21/04/2018 14:24:20] - |A| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [2030536] - (2.8.4.0) - I:\rkill.com [09/03/2019 09:42:28] - |A| - (.-.) - [2561] - (0.0.0.0) - I:\creatingISO_17763.346_fr-fr_arm64_Core.cmd J: [15/03/2018 13:31:01] - |H| - (.-.) - [16] - (0.0.0.0) - J:\AUTORUN.INF K: [25/02/2019 09:12:15] - |A| - (.-.) - [1232] - (0.0.0.0) - K:\Slowin' Killer - Donner son avis.lnk [25/02/2019 09:12:15] - |A| - (.-.) - [1261] - (0.0.0.0) - K:\Slowin' Killer - Analyse_(1).lnk [25/02/2019 09:12:15] - |A| - (.-.) - [1266] - (0.0.0.0) - K:\Slowin' Killer - Optimize_(1).lnk [14/01/2019 13:58:57] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1174200] - (3.0.0.2816) - K:\CyberLink_PhotoDirector_Downloader(1).exe [25/02/2019 09:12:15] - |A| - (.NCH Software - Debut Video Capture Software.) - [2406960] - (0.0.0.0) - K:\DebutVideoCaptureSoftware.exe [25/02/2019 09:12:15] - |A| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [1802704] - (2.9.1.0) - K:\iExplore.exe [12/01/2019 16:19:23] - |A| - (.Copyright (C) 2013-2017 SosVirus Software - Look_my_hardware.) - [1239464] - (26.4.17.1) - K:\look-my-hardware_2_26.04.17.1.exe [04/01/2019 14:30:21] - |A| - (.(c) Moo0. - Moo0 Installer.) - [7897600] - (1.0.0.0) - K:\Moo0 RightClicker Pro v1.56 Installer (2).exe [07/09/2018 12:09:52] - |A| - (.(c) Moo0. - Moo0 Installer.) - [7897600] - (1.0.0.0) - K:\Moo0 RightClicker Pro v1.56 Installer (3).exe [02/01/2019 08:55:47] - |A| - (.(c) Moo0. - Moo0 Installer.) - [7897600] - (1.0.0.0) - K:\Moo0 RightClicker Pro v1.56 Installer (4).exe [02/01/2019 08:55:48] - |A| - (.(c) Moo0. - Moo0 Installer.) - [7897600] - (1.0.0.0) - K:\Moo0 RightClicker Pro v1.56 Installer (5).exe [23/03/2018 07:19:56] - |A| - (.(c) Moo0. - Moo0 Installer.) - [7897600] - (1.0.0.0) - K:\Moo0 RightClicker Pro v1.56 Installer (6).exe [23/03/2018 07:19:57] - |A| - (.(c) Moo0. - Moo0 Installer.) - [7897600] - (1.0.0.0) - K:\Moo0 RightClicker Pro v1.56 Installer (7).exe [04/01/2019 14:30:22] - |A| - (.(c) Moo0. - Moo0 Installer.) - [7897600] - (1.0.0.0) - K:\Moo0 RightClicker Pro v1.56 Installer.exe [01/02/2019 09:15:33] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [5144128] - (15.999.0.2) - K:\PortableApps.com_Platform_Setup_16.0_Beta_2.paf (1).exe [01/02/2019 09:15:03] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [5144128] - (15.999.0.2) - K:\PortableApps.com_Platform_Setup_16.0_Beta_2.paf.exe [25/02/2019 09:12:15] - |A| - (.Copyright (C) 2013-2017 SosVirus Software - Pre_Scan.) - [3059624] - (16.10.17.1) - K:\pre-scan_7_16.10.17.1.exe [04/01/2019 14:30:23] - |A| - (.© Restoro 2018 - Restoro Downloader.) - [933784] - (2.0.1.0) - K:\Restoro (1).exe [04/01/2019 14:30:23] - |A| - (.© Restoro 2018 - Restoro Downloader.) - [933784] - (2.0.1.0) - K:\Restoro.exe [09/02/2019 09:38:08] - |A| - (.bric -.) - [242483739] - (1.0.0.0) - K:\setup_best-of_lfs_hyper_apps,_format_1_tb_micro_sd_en_autodecliv_&_scan_combofix_sib.exe [25/02/2019 09:12:15] - |A| - (. - Kahica Setup .) - [2439402] - (0.0.0.0) - K:\SkinPacks_0475149786.exe [22/01/2019 06:35:34] - |A| - (.(C) 2015 Smart PC Utilities, Ltd. - PC Startup Master Setup.) - [7784934] - (3.0.238.0) - K:\startupmaster.exe [22/01/2019 06:35:34] - |A| - (.CompuClever Systems Inc. -.) - [6379600] - (3.3.3.48) - K:\ultraebookreader_setup.exe [25/02/2019 09:12:19] - |A| - (.-.) - [89589712] - (0.0.0.0) - K:\VideoMeetingPlus_1.0.1711.0_Beta_VMX160226-03.exe M: [17/12/2018 12:04:42] - |N| - (.Copyright (c) 1999-2018 Igor Pavlov - 7-Zip Shell Extension.) - [49664] - (18.5.0.0) - M:\7-zip.dll [13/11/2018 08:40:26] - |A| - (.-.) - [68] - (0.0.0.0) - M:\pmp_usb.ini N: [15/03/2018 13:49:09] - |H| - (.-.) - [16] - (0.0.0.0) - N:\AUTORUN.INF [10/05/2018 09:49:26] - |A| - (.-.) - [68] - (0.0.0.0) - N:\pmp_usb.ini O: [17/02/2019 13:48:00] - |A| - (.-.) - [68] - (0.0.0.0) - O:\pmp_usb.ini Q: U: [14/09/2018 13:50:50] - |H| - (.-.) - [16] - (0.0.0.0) - U:\AUTORUN.INF [10/05/2017 22:03:43] - |N| - (.-.) - [415] - (0.0.0.0) - U:\SmartClean.ini Z: [28/01/2019 15:23:30] - |A| - (.-.) - [1358] - (0.0.0.0) - Z:\Edge.lnk [29/10/2018 10:19:22] - |A| - (.-.) - [377] - (0.0.0.0) - Z:\MONTRE ESPI (D) - Raccourci.lnk [07/03/2019 12:34:00] - |A| - (.-.) - [104] - (0.0.0.0) - Z:\Panneau de configuration - Raccourci (2).lnk [07/03/2019 12:34:00] - |A| - (.-.) - [104] - (0.0.0.0) - Z:\Panneau de configuration - Raccourci.lnk [09/03/2019 10:24:21] - |A| - (.-.) - [1283] - (0.0.0.0) - Z:\Slowin' Killer - Analyse_(1).lnk [09/03/2019 10:24:21] - |A| - (.-.) - [1288] - (0.0.0.0) - Z:\Slowin' Killer - Optimize_(1).lnk [23/04/2018 08:14:13] - |A| - (.-.) - [0] - (0.0.0.0) - Z:\runtime_res_2.dll [28/02/2019 13:15:42] - |A| - (.(C) Maxthon. All rights reserved - MxNitro Browser.) - [33898800] - (1.2.11.1903) - Z:\0204mx_nitro_1.2.11.1903.exe [09/03/2019 21:08:33] - |A| - (.� 2017 simplitec GmbH - simpliclean setup .) - [18678776] - (2.4.0.97) - Z:\2.8.0.102 simpliclean.exe [07/03/2019 12:33:37] - |A| - (.-.) - [2708912] - (12.6.1005.11662) - Z:\Adaware_Installer.exe [09/03/2019 10:25:21] - |A| - (.-.) - [65536] - (0.0.0.0) - Z:\Additional Free Tools.exe [09/03/2019 08:53:52] - |A| - (.Copyright 2018 Malwarebytes - AdwCleaner.) - [7571152] - (7.2.3.0) - Z:\adwcleaner_7.2.3.1.exe [28/02/2019 13:22:17] - |A| - (.-.) - [160100] - (0.0.0.0) - Z:\Android Start Button.exe [28/02/2019 13:18:50] - |A| - (.Ashampoo GmbH & Co. KG - Ashampoo Snap 9 Setup .) - [58258152] - (9.0.6.0) - Z:\ashampoo_snap_9_9.0.6_sm.exe [28/04/2015 16:30:23] - |A| - (. - Ashampoo UnInstaller 5 Setup .) - [21088224] - (5.4.0.0) - Z:\ashampoo_uninstaller_5_e5.0.4_sm.exe [28/02/2019 13:18:57] - |A| - (.Ashampoo GmbH & Co. KG - Ashampoo Video Deflicker Setup .) - [95198560] - (1.0.0.0) - Z:\ashampoo_video_deflicker_1.0.0_sm.exe [28/04/2015 16:30:28] - |A| - (. - Ashampoo Video Styler Setup .) - [27869488] - (1.0.1.0) - Z:\ashampoo_video_styler_e1.0.1_sm.exe [28/02/2019 13:19:08] - |A| - (.(c)Advanced System Repair, Inc. - Advanced System Repair Pro.) - [19283888] - (4.2.0.0) - Z:\ASR_Blue_Installer_m7_fr.exe [28/02/2019 14:01:55] - |A| - (.-.) - [0] - (0.0.0.0) - Z:\Audials One 2019.1.45500.0 Multilingual_0196114789.exe [09/03/2019 09:42:36] - |A| - (.Copyright (C) 2019 AVG Technologies CZ, s.r.o. - AVG Antivirus Installer.) - [7832344] - (19.3.4213.0) - Z:\avg_internet_security_setup.exe [09/03/2019 09:42:33] - |A| - (.Copyright (c) 2016 AVG Technologies - AVG TuneUp Installer .) - [51801360] - (18.3.507.0) - Z:\avg_tuneup_setup.exe [09/03/2019 08:53:00] - |A| - (.Copyright © 2015 Avira Operations GmbH & Co. KG and its Licensors - Avira.) - [5427872] - (1.2.119.17994) - Z:\avira_en_fass0_5b99ff1b88da7__ws.exe [28/02/2019 13:19:09] - |A| - (.Copyright 2018 Marcin Szeniak - BCUninstaller Setup .) - [5187536] - (4.12.3.0) - Z:\BCUninstaller_4.12.3_setup.exe [29/10/2018 10:26:51] - |A| - (.© Microsoft Corporation. - Win32 Cabinet Self-Extractor .) - [10513112] - (6.0.2800.1168) - Z:\BingDesktopSetup.exe [28/02/2019 13:19:13] - |A| - (.Copyright (c) TechSmith Corporation. - Camtasia 9.) - [285144256] - (9.0.0.1306) - Z:\camtasia.exe [28/02/2019 13:22:17] - |A| - (.-.) - [503405] - (0.0.0.0) - Z:\Chrome Start Menu for Windows.exe [07/03/2019 12:33:37] - |A| - (.2005-2018 COMODO. - COMODO Internet Security.) - [5582200] - (11.0.0.6744) - Z:\ciscomplete_installer.exe [11/03/2019 10:53:57] - |A| - (.-.) - [0] - (0.0.0.0) - Z:\clear-fi-media_VAwqVx_0121044746.exe [09/03/2019 08:52:57] - |A| - (.sUBs - ComboFix NSIS Installer.) - [5660510] - (18.8.8.1) - Z:\combofix_18.8.8.1.exe [28/02/2019 13:22:17] - |A| - (.-.) - [160538] - (0.0.0.0) - Z:\Daylight Start Button.exe [28/02/2019 13:21:21] - |A| - (.NCH Software - Debut Video Capture Software.) - [2406960] - (0.0.0.0) - Z:\DebutVideoCaptureSoftware.exe [09/03/2019 08:52:58] - |A| - (.Adlice Software - Diag Installer .) - [28937232] - (0.10.1.0) - Z:\Diag_setup.exe [09/03/2019 21:01:28] - |A| - (.- DriverPack Cloud.) - [95669896] - (4.3.1.0) - Z:\DriverPack-Cloud-New.exe [09/03/2019 21:27:49] - |A| - (.- Installs and updates drivers.) - [89456] - (1.0.0.0) - Z:\DriverPack.exe [09/03/2019 21:02:03] - |A| - (.Copyright (c) 1999-2018 Igor Pavlov - 7z SFX.) - [518167145] - (19.0.0.0) - Z:\DriverPack_17.9.3-19030_Network.exe [28/02/2019 13:22:18] - |A| - (.- A utility to simulate the El Capitan Menu Bar from OSX.) - [782647] - (0.0.0.201) - Z:\el-capitan-menu-bar-vifind.exe [09/03/2019 09:43:02] - |A| - (.-.) - [361693392] - (0.0.0.0) - Z:\EmsisoftEmergencyKit.exe [28/02/2019 13:19:19] - |A| - (.Copyright (c) ESET 1992-2018. - ESET Online Scanner.) - [7657592] - (3.0.17.0) - Z:\esetonlinescanner_enu.exe [09/03/2019 09:43:21] - |A| - (.Copyright (c) 1999-2018 Igor Pavlov - 7z Setup SFX.) - [282960] - (18.5.0.0) - Z:\Firefox Installer.fr.exe [10/03/2019 13:33:13] - |A| - (.Copyright 2018 Adobe Incorporated. - Adobe Download Manager.) - [1207280] - (2.0.0.332) - Z:\flashplayer32pp_ea_install.exe [09/03/2019 08:52:53] - |A| - (.Sel -.) - [87129077] - (1.0.0.0) - Z:\format_autodecliv_&_memtest_huit_six_&_combofix_sib.exe [08/03/2019 10:31:35] - |A| - (.©1999-2018 Jonathan Bennett & AutoIt Team - Farbar Recovery Scan Tool.) - [1793536] - (6.3.2019.0) - Z:\FRST.exe [08/03/2019 10:38:46] - |A| - (.©1999-2018 Jonathan Bennett & AutoIt Team - Farbar Recovery Scan Tool.) - [2434048] - (10.2.2019.1) - Z:\FRST64-2.1.exe [09/03/2019 08:53:00] - |A| - (.Copyright (C) 2018 SPAMfighter ApS - Installation Package.) - [2690384] - (1.5.2.0) - Z:\Full-DISKfighter_Web (1).exe [09/03/2019 08:52:57] - |A| - (.Copyright (C) 2018 SPAMfighter ApS - Installation Package.) - [2690384] - (1.5.2.0) - Z:\Full-DISKfighter_Web (2).exe [09/03/2019 09:43:24] - |A| - (.Copyright (C) 2018 SPAMfighter ApS - Installation Package.) - [2690384] - (1.5.2.0) - Z:\Full-DISKfighter_Web (3).exe [09/03/2019 09:43:24] - |A| - (.Copyright (C) 2018 SPAMfighter ApS - Installation Package.) - [2690384] - (1.5.2.0) - Z:\Full-DISKfighter_Web (4).exe [09/03/2019 08:53:01] - |A| - (.Copyright (C) 2018 SPAMfighter ApS - Installation Package.) - [2690384] - (1.5.2.0) - Z:\Full-DISKfighter_Web.exe [28/02/2019 13:22:18] - |A| - (.-.) - [220612] - (0.0.0.0) - Z:\Glass Windows Start Menu.exe [09/03/2019 08:53:52] - |A| - (.© 2006-2018 SurfRight, a Sophos company - HitmanPro 3.8.) - [11576808] - (3.8.0.295) - Z:\hitmanpro_x64.exe [09/03/2019 09:42:31] - |A| - (.Copyright (c) 2002-2019 WestByte - Internet Download Accelerator Setup .) - [7216968] - (6.17.2.0) - Z:\idasetup.exe [07/03/2019 12:33:40] - |A| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [1802704] - (2.9.1.0) - Z:\iExplore.exe [23/04/2018 06:26:47] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU (2).exe [23/04/2018 06:26:47] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU (2)_1.exe [23/04/2018 06:26:47] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU (3).exe [23/04/2018 06:26:47] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU (3)_1.exe [21/04/2018 16:49:58] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU (4).exe [20/04/2018 09:52:08] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU (4)_1.exe [20/04/2018 18:19:22] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU (5).exe [20/04/2018 19:54:39] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU (5)_1.exe [20/04/2018 09:52:08] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU (6).exe [20/04/2018 09:18:49] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU.exe [20/04/2018 09:52:09] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU_1 (2).exe [23/04/2018 06:26:48] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU_1.exe [20/04/2018 09:52:09] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU_2 (2).exe [23/04/2018 06:26:48] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU_2.exe [21/04/2018 14:28:37] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU_3 (2).exe [23/04/2018 06:26:48] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU_3.exe [21/04/2018 14:28:37] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU_4 (2).exe [23/04/2018 06:26:48] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU_4.exe [21/04/2018 14:28:37] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU_5 (2).exe [23/04/2018 06:26:48] - |A| - (.© 2009-2010, AlvarSoft - USB Security Utilities Installer .) - [1894115] - (1.0.0.0) - Z:\InstallUSU_5.exe [10/03/2019 13:33:03] - |A| - (.Copyright © 2018 - Java Platform SE binary.) - [74907488] - (8.0.2010.9) - Z:\jre-8u201-windows-x64.exe [25/09/2017 12:35:41] - |A| - (.Codyssey.com - Liberty Theme for CodySafe installer.) - [904115] - (0.1.0.0) - Z:\Liberty Theme for CodySafe.exe [09/03/2019 09:43:22] - |A| - (.Jean-Marie -.) - [45263845] - (1.0.0.0) - Z:\likenewp'chiant_sib.exe [09/03/2019 08:52:53] - |A| - (.© PCPinpoint Technologies - LikeNEWPC Setup.) - [5690440] - (1.0.3.0) - Z:\LikeNEWPCSetup.exe [09/03/2019 09:43:24] - |A| - (.Jean-Marie -.) - [45263934] - (1.0.0.0) - Z:\maman_kabylle_sib.exe [09/03/2019 09:42:30] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Installation de Windows 10.) - [19229160] - (10.0.17763.1) - Z:\MediaCreationTool1809.exe [09/03/2019 09:43:19] - |A| - (.-.) - [48057520] - (0.0.0.0) - Z:\Miro-6.0.exe [09/03/2019 09:43:21] - |A| - (.-.) - [13533048] - (0.0.0.0) - Z:\MiroVideoConverter.exe [09/03/2019 09:42:42] - |A| - (.UEFM LFS Hyper EFM -.) - [419267133] - (1.0.0.0) - Z:\moo0clicdroitpro_restoro_powerdvd365_remo_x0ttoneiconpack_donation4keep_lfsu100%s_finalized_setup_sib.exe [19/09/2017 10:26:45] - |A| - (.(C) Maxthon. All rights reserved - MX5.) - [53002472] - (5.1.1.1000) - Z:\mx5.1.1.1000.exe [09/03/2019 08:52:53] - |A| - (.Copyright (C) 2009 Secure By Design Inc - Ninite.) - [425304] - (0.1.1.1183) - Z:\NinitePro.exe [20/04/2018 19:10:51] - |A| - (.-.) - [3360449] - (0.0.0.0) - Z:\osmc-installer.exe [09/03/2019 09:43:17] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [5143912] - (16.0.0.0) - Z:\PortableApps.com_Platform_Setup_16.0.paf.exe [09/03/2019 09:42:59] - |A| - (.UEFM LFS Hyper EFM -.) - [27608020] - (1.0.0.0) - Z:\powerdvd365_gif23rem4remscene_winrar4malwarehunter-portable-foxxapp_setup_2019_sib.exe [07/03/2019 12:34:02] - |A| - (.Copyright (C) 2013-2017 SosVirus Software - Pre_Scan.) - [3059624] - (16.10.17.1) - Z:\pre-scan_7_16.10.17.1.exe [07/03/2019 12:34:08] - |A| - (.Copyright (C) 2013-2018 SosVirus Software - QuickDiag.) - [5175192] - (27.2.19.1) - Z:\quickdiag_V5_27.02.19.1.exe [11/03/2019 13:04:10] - |A| - (.Bernat - Recuva Professional Portable.) - [634351] - (0.0.0.0) - Z:\Recuva_Portable_MultiVersion_32-64-bit_Multilingual_Online.exe [07/03/2019 12:34:14] - |A| - (.bartblaze - Tool to delete VBS autorun worms & unhide files.) - [114176] - (8.0.0.0) - Z:\Rem-VBSworm.exe [09/03/2019 08:53:52] - |A| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [1780224] - (2.9.1.0) - Z:\rkill-unsigned.exe [09/03/2019 08:52:58] - |A| - (.© 2011-2018 Pete Batard (GPL v3) - Rufus.) - [1027128] - (3.2.1397.0) - Z:\rufus-3.2.exe [28/02/2019 13:16:20] - |A| - (.Copyright(c) 2018 Apowersoft Ltd. All rights reserved - Apowersoft Screen Recorder Pro 2 Setup .) - [18012320] - (2.3.8.0) - Z:\screen-recorder-pro.exe [28/02/2019 13:16:25] - |A| - (.Copyright © K7 Computing Pvt. Ltd. 2003 - 2014. - K7UltimateSecurity.) - [200275792] - (15.1.0.335) - Z:\setup-eng-us.exe [28/02/2019 13:16:24] - |A| - (.Copyright © Beepa Pty Ltd 2018 - Fraps Installer.) - [2510704] - (3.5.99.15627) - Z:\setup.exe [07/03/2019 12:34:14] - |A| - (.Pierre13 - Nettoyage des fichiers temporaires.) - [1064612] - (2.0.0.60) - Z:\SFTGC.exe [09/03/2019 08:52:58] - |A| - (.-.) - [2321800] - (0.0.0.0) - Z:\SharewareOnSale_Giveaway_BitCopy_hub.exe [04/03/2019 11:28:08] - |A| - (. - Kahica Setup .) - [2439402] - (0.0.0.0) - Z:\SkinPacks_0475149786.exe [28/02/2019 13:21:30] - |A| - (.Copyright 2011-2016 Slimware Utilities Holdings, Inc. - SlimCleaner Plus Setup Wizard.) - [944200] - (2.18.0.0) - Z:\SlimCleaner-setup.exe [28/02/2019 13:16:29] - |A| - (.Security-HelpZone - Slowin' Killer.) - [1358336] - (2.1.3.0) - Z:\Slowin Killer.exe [28/02/2019 13:16:32] - |A| - (.© IObit. - Start Menu 8 Setup .) - [11895456] - (4.6.0.1) - Z:\sm8-setup.exe [28/02/2019 13:16:35] - |A| - (.Copyright (c) TechSmith Corporation. - Snagit 2019.) - [305741344] - (19.1.0.2653) - Z:\snagitfr.exe [28/02/2019 13:23:42] - |A| - (.-.) - [157088] - (0.0.0.0) - Z:\Snowflake Start Button.exe [09/03/2019 08:53:53] - |A| - (.Copyright © 1998-2012 Passmark Software, Inc. - SoundCheck Setup .) - [891632] - (0.0.0.0) - Z:\soundchk.exe [09/03/2019 09:43:22] - |A| - (.(c) 2015-2018 Safer-Networking Ltd. - Spybot Anti-Beacon Setup .) - [10325952] - (2.2.0.0) - Z:\SpybotAntiBeacon-2.2-setup.exe [04/03/2019 10:25:00] - |A| - (.(C) 2003-2015 Emsisoft Ltd - Emsisoft Emergency Kit Starter.) - [3723376] - (10.0.0.5973) - Z:\Start Commandline Scanner.exe [04/03/2019 10:25:00] - |A| - (.(C) 2003-2015 Emsisoft Ltd - Emsisoft Emergency Kit Starter.) - [3723376] - (10.0.0.5973) - Z:\Start Emergency Kit Scanner.exe [04/03/2019 10:25:01] - |A| - (.(C) 2015 Smart PC Utilities, Ltd. - PC Startup Master Setup.) - [7784934] - (3.0.238.0) - Z:\startupmaster.exe [09/03/2019 08:53:53] - |A| - (. - TagScanner Setup .) - [2676440] - (0.0.0.0) - Z:\tagscan-6.0.30-setup.exe [09/03/2019 21:10:43] - |A| - (.Copyright © MAGIX Software GmbH 2006 - 2018 - PC Check & Tuning 2019 Setup .) - [17979600] - (2.4.0.59) - Z:\trial_pc_check_tuning_2019_int.exe [09/03/2019 09:43:27] - |A| - (.-.) - [119360] - (0.0.0.0) - Z:\Tweaking.com-Auto_Assign_Drive_Letters.exe [09/03/2019 08:53:50] - |A| - (.Copyright ©2011 - 2019 - Setup Application.) - [38350280] - (4.1.0.1) - Z:\tweaking.com_windows_repair_aio_setup.exe [28/02/2019 13:23:53] - |A| - (.-.) - [159154] - (0.0.0.0) - Z:\Ubuntu Orange Start Button.exe [28/02/2019 13:23:53] - |A| - (.-.) - [645091] - (0.0.0.0) - Z:\Ubuntu Style Start Meenu.exe [09/03/2019 08:52:59] - |A| - (.Adlice Software - UCheck Installer .) - [21034904] - (2.3.5.0) - Z:\UCheck_setup.exe [04/03/2019 10:25:03] - |A| - (.CompuClever Systems Inc. -.) - [6379600] - (3.3.3.48) - Z:\ultraebookreader_setup.exe [09/03/2019 08:53:53] - |A| - (.© 2008/2019 - El Desaparecido - www.SOSVirus.net - UsbFix Premium.) - [4047008] - (11.0.0.1) - Z:\UsbFix_11.002.exe [28/02/2019 13:17:21] - |A| - (. - Panda USB Vaccine Setup .) - [865272] - (1.0.1.16) - Z:\usbvaccine.exe [28/02/2019 13:17:26] - |A| - (.UTILILAB GmbH - UTILILAB SystemOPTIMIZER .) - [11613032] - (3.5.0.0) - Z:\usosetup.exe [28/02/2019 13:17:32] - |A| - (.UTILILAB GmbH - DriverUPDATER .) - [5217864] - (2.0.0.0) - Z:\utililabdusetup.exe [09/03/2019 08:53:36] - |A| - (.-.) - [354115584] - (0.0.0.0) - Z:\VIPRERescue.exe [28/02/2019 13:17:39] - |A| - (.-.) - [41846888] - (0.0.0.0) - Z:\vlc-3.0.6-win64.exe [28/02/2019 13:23:57] - |A| - (.c Lavasoft Limited. - Web Companion Installer.) - [355744] - (4.5.1957.3838) - Z:\WcInstaller.exe [28/02/2019 13:23:57] - |A| - (.- An application launcher utility..) - [768140] - (2.0.0.17) - Z:\windows-desktop-launcher-vipad.exe [28/02/2019 13:23:57] - |A| - (.Copyright © 2008-2019 Aus?logics Labs Pty Ltd - A?uslogics Win?dowsSlimmer Installation File .) - [11990080] - (1.0.23.0) - Z:\windows-slimmer-setup.exe [28/02/2019 13:24:00] - |A| - (.- A start button replacement for Windows.) - [311594] - (4.0.0.61) - Z:\windows-start-menu-button-viorb.exe [28/02/2019 13:24:00] - |A| - (.- A utility to simulate the Windows 7 Start Menu.) - [1245702] - (8.1.0.5208) - Z:\windows-start-menu-vistart-8.exe [28/02/2019 13:24:01] - |A| - (.- A utility to simulate the Windows 7 Superbar for Windows XP.) - [356758] - (1.0.0.1306) - Z:\windows-task-bar-viglance.exe [28/02/2019 13:17:45] - |A| - (.Copyright © Alexander Roshal 1993-2018 - WinRAR archiver.) - [3190008] - (5.61.0.0) - Z:\winrar-x64-561.exe [28/02/2019 13:24:01] - |A| - (.-.) - [299665] - (0.0.0.0) - Z:\XeBlack Start Menu.exe [08/01/2019 10:02:45] - |A| - (.-.) - [504] - (0.0.0.0) - Z:\desktop (2).ini [25/12/2018 05:24:59] - |A| - (.-.) - [520] - (0.0.0.0) - Z:\desktop.ini [16/11/2018 10:37:13] - |A| - (.-.) - [68] - (0.0.0.0) - Z:\pmp_usb.ini [21/04/2018 14:28:51] - |A| - (.-.) - [100] - (0.0.0.0) - Z:\rufus (2).ini [23/04/2018 06:25:29] - |A| - (.-.) - [100] - (0.0.0.0) - Z:\rufus.ini [21/04/2018 14:24:19] - |A| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [2030536] - (2.8.4.0) - Z:\rkill(2).com [21/04/2018 14:24:20] - |A| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [2030536] - (2.8.4.0) - Z:\rkill(3).com [21/04/2018 14:24:20] - |A| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [2030536] - (2.8.4.0) - Z:\rkill.com [09/03/2019 09:42:28] - |A| - (.-.) - [2561] - (0.0.0.0) - Z:\creatingISO_17763.346_fr-fr_arm64_Core.cmd ---------- | C: [11/02/2019 14:59:28] - |SHD| - [55072] - C:\$RECYCLE.BIN [21/11/2014 22:30:21] - |D| - [5224759073] - C:\$Windows.~BT [13/11/2018 11:02:33] - |D| - [2420] - C:\.android [12/03/2019 16:24:09] - |D| - [307549087] - C:\AdsFix [MD5.A7C0E09013D9D2921A23B24A49E3B8DC] - [12/03/2019 16:25:29] - |A| - (.-.) - [10522] - (0.0.0.0) - C:\AdsFix.txt [16/12/2018 17:12:10] - |D| - [1756096634] - C:\AdwCleaner [20/02/2019 09:06:20] - |D| - [368401495] - C:\AMD [04/12/2018 10:52:58] - |D| - [2] - C:\autorun.inf [02/08/2012 03:02:18] - |D| - [18195740] - C:\Boot [MD5.21BF183C15AFE62A8D1137BB9007B2A3] - [26/07/2012 09:18:43] - |RASH| - (.-.) - [398156] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [26/07/2012 09:18:43] - |N| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [30/09/2018 17:25:35] - |D| - [108207014] - C:\BOXRoot [24/02/2019 16:57:03] - |SHD| - [0] - C:\Config.Msi [21/09/2018 13:20:05] - |D| - [13030] - C:\Dactylo [MD5.E559916AC8EF51F029BA397BE0BC0FC5] - [26/02/2019 11:27:01] - |A| - (.-.) - [2007] - (0.0.0.0) - C:\DelFix.txt [26/07/2012 08:22:08] - |SD| - [0] - C:\Documents and Settings [13/01/2019 01:34:18] - |D| - [119114919] - C:\found.000 [14/03/2019 10:09:02] - |D| - [174943586] - C:\FRST [07/01/2013 12:49:41] - |RD| - [4053441] - C:\hp [08/12/2018 09:05:10] - |D| - [18013960] - C:\IconPack [01/08/2012 18:09:20] - |D| - [61626] - C:\inetpub [08/09/2018 10:00:42] - |D| - [298946] - C:\Look_my_hardware [06/09/2018 14:35:01] - |D| - [1394] - C:\MaConfig [08/12/2018 09:27:51] - |D| - [0] - C:\MyWorks [21/02/2019 16:15:13] - |D| - [127188222] - C:\OneSafe PC Cleaner [MD5.D41D8CD98F00B204E9800998ECF8427E] - [05/03/2013 08:30:46] - |RAS| - (.-.) - [0] - (0.0.0.0) - C:\OS [MD5.D41D8CD98F00B204E9800998ECF8427E] - [31/01/2019 11:16:43] - |ASH| - (.-.) - [1962934272] - (0.0.0.0) - C:\pagefile.sys [13/09/2018 15:11:39] - |D| - [114326] - C:\PCPinBackup [09/03/2019 11:02:37] - |D| - [322008879] - C:\Pre_Scan [MD5.B39742049D1F692EB2BCF615253D2C61] - [09/03/2019 11:18:58] - |A| - (.-.) - [14142] - (0.0.0.0) - C:\Pre_Scan.txt [26/07/2012 06:37:58] - |D| - [9837555397] - C:\Program Files [26/07/2012 06:37:58] - |D| - [14886309227] - C:\Program Files (x86) [26/07/2012 06:37:58] - |D| - [11745936261] - C:\ProgramData [26/03/2019 18:45:09] - |D| - [68172] - C:\QuickDiag [MD5.98BB3BD842A089BBBC631580CD61CEDA] - [26/03/2019 18:49:27] - |A| - (.-.) - [478628] - (0.0.0.0) - C:\QuickDiag.txt [14/01/2019 16:28:39] - |D| - [0] - C:\rbpotemp [07/09/2018 06:22:47] - |D| - [0] - C:\Recovery [15/11/2018 11:46:29] - |D| - [1158] - C:\Rem-VBSqt [08/12/2018 09:03:27] - |D| - [57606584] - C:\SkinPack [MD5.F0F87AC023B25806D0088754114B4B61] - [09/11/2018 11:46:08] - |A| - (.-.) - [235] - (0.0.0.0) - C:\StartMenu.ini [MD5.D41D8CD98F00B204E9800998ECF8427E] - [02/09/2018 17:38:40] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [02/08/2012 04:15:28] - |AD| - [1059213823] - C:\SWSETUP [MD5.E5A9EBAB307E376AC9D194F4F82088D9] - [12/03/2019 15:18:22] - |AH| - (.-.) - [1024] - (0.0.0.0) - C:\SYSTAG.BIN [02/09/2018 17:38:38] - |SHD| - [7175317928] - C:\System Volume Information [01/08/2012 10:57:15] - |RAD| - [38963694] - C:\SYSTEM.SAV [14/01/2019 14:51:26] - |D| - [0] - C:\Temp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/03/2019 08:05:26] - |H| - (.-.) - [0] - (0.0.0.0) - C:\tmprwblk.bin [MD5.CFB5C293148006A5DABC4D02D50B15D7] - [12/11/2018 15:58:05] - |A| - (.-.) - [33072] - (0.0.0.0) - C:\urls.set [02/01/2019 14:23:05] - |D| - [16711713] - C:\USB File Resc [26/07/2012 06:37:58] - |RD| - [266769442264] - C:\Users [22/02/2019 14:21:10] - |D| - [32436065] - C:\VIPRERESCUE [08/12/2018 09:03:51] - |D| - [284294144] - C:\W7P_Backups [26/07/2012 06:37:59] - |AD| - [24295409939] - C:\Windows ---------- | C:\Windows [26/07/2012 09:12:59] - |D| - [802] - C:\Windows\addins [26/07/2012 09:12:59] - |D| - [30026447] - C:\Windows\AppCompat [26/07/2012 09:12:59] - |D| - [12495634] - C:\Windows\apppatch [26/07/2012 09:12:58] - |RSD| - [1155994333] - C:\Windows\assembly [MD5.A0E304A88264204CF1D88D971920BAFA] - [20/02/2013 22:22:24] - |A| - (.-.) - [42719] - (0.0.0.0) - C:\Windows\atiogl.xml [MD5.D41D8CD98F00B204E9800998ECF8427E] - [05/03/2013 00:09:53] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\ativpsrm.bin [26/07/2012 09:12:59] - |D| - [0] - C:\Windows\AUInstallAgent [24/02/2019 16:08:18] - |D| - [0] - C:\Windows\AVHealthMonitor [MD5.059AE72BB6B928804D5385AF2896D2DC] - [26/07/2012 02:59:23] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [75264] - (6.2.9200.16384) - C:\Windows\bfsvc.exe [26/07/2012 09:12:59] - |D| - [38555035] - C:\Windows\Boot [MD5.841925AD84D6C273CDFD4E1146C7AD1D] - [26/07/2012 08:21:26] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [26/07/2012 09:12:59] - |D| - [2294248] - C:\Windows\Branding [26/07/2012 08:59:48] - |D| - [31952] - C:\Windows\CbsTemp [MD5.D45FA1C1B94487D50DD06AC4628235D3] - [02/02/2019 08:07:26] - |A| - (.Copyright © 1995 - CKCONFIG MFC Application.) - [165888] - (1.0.0.1) - C:\Windows\Ckconfig.exe [MD5.7A1A627BA8AC85A3C1E863664037008F] - [02/02/2019 08:07:26] - |A| - (.-.) - [11776] - (0.0.0.0) - C:\Windows\Ckrfresh.exe [MD5.A59F3E4CFD0FFC84FEBCFB548EC0F064] - [26/07/2012 10:46:02] - |A| - (.-.) - [31497] - (0.0.0.0) - C:\Windows\Core.xml [MD5.D36A0733F25F17ED36C40DB8D3A88AE1] - [02/02/2019 08:07:32] - |A| - (.-.) - [115] - (0.0.0.0) - C:\Windows\Crypkey.ini [MD5.B749466D1A93B0BFE3590BD487A793BF] - [05/03/2013 00:14:16] - |A| - (.-.) - [10] - (0.0.0.0) - C:\Windows\csup.txt [26/07/2012 09:12:59] - |D| - [2453374] - C:\Windows\Cursors [26/07/2012 09:12:59] - |D| - [934] - C:\Windows\debug [26/07/2012 09:12:59] - |RD| - [21094] - C:\Windows\DesktopTileResources [MD5.050C668A459D689E7C033DBCA4417642] - [06/09/2018 22:29:56] - |A| - (.-.) - [22863] - (0.0.0.0) - C:\Windows\diagerr.xml [26/07/2012 09:12:59] - |D| - [3513266] - C:\Windows\diagnostics [MD5.050C668A459D689E7C033DBCA4417642] - [06/09/2018 22:29:56] - |A| - (.-.) - [22863] - (0.0.0.0) - C:\Windows\diagwrn.xml [26/07/2012 09:18:12] - |D| - [0] - C:\Windows\DigitalLocker [MD5.7C11BF372A82AC564115901F49891E55] - [05/11/2018 10:01:48] - |A| - (.-.) - [224] - (0.0.0.0) - C:\Windows\dm.dmap [26/07/2012 09:12:59] - |SD| - [0] - C:\Windows\Downloaded Program Files [26/07/2012 09:12:59] - |D| - [68352] - C:\Windows\ELAMBKUP [26/07/2012 10:43:43] - |D| - [0] - C:\Windows\en-GB [26/07/2012 09:18:12] - |D| - [0] - C:\Windows\en-US [04/09/2018 11:42:34] - |D| - [357225690] - C:\Windows\erdnt [MD5.6A8A6A1D636EFC0CB02D3DBF94C21117] - [11/03/2019 13:05:18] - |A| - (.-.) - [140] - (0.0.0.0) - C:\Windows\errord.log [06/09/2018 14:57:43] - |D| - [132877418] - C:\Windows\ERUNT [MD5.0E8E6463F81C80AFBED533E0F1F8895D] - [06/09/2018 00:20:25] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [2391280] - (6.2.9200.16628) - C:\Windows\explorer.exe [MD5.4A17C4DB57A0813AC646798A71C2AF74] - [09/12/2018 15:40:54] - |A| - (.-.) - [925184] - (0.0.0.0) - C:\Windows\expstart.exe [MD5.04810EC57CBBDD1F047C8217B9F6C092] - [09/12/2018 15:40:54] - |A| - (.Copyright © 2003 Matt Ginzton - Flurry screen saver for Windows.) - [118845] - (1.1.1.11) - C:\Windows\Flurry.scr [26/07/2012 06:37:59] - |RSD| - [428885153] - C:\Windows\Fonts [04/02/2019 14:22:08] - |D| - [117440] - C:\Windows\fr [05/03/2013 08:53:36] - |D| - [113664] - C:\Windows\fr-FR [26/07/2012 09:12:59] - |D| - [74391260] - C:\Windows\Globalization [26/07/2012 09:12:59] - |D| - [5081205] - C:\Windows\Help [MD5.10BBA7938E28716B96F79DE54BE04CFC] - [06/09/2018 05:39:20] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [883712] - (6.2.9200.16451) - C:\Windows\HelpPane.exe [MD5.AAFA7BB276B802F8D791ECACFC380FBD] - [26/07/2012 03:15:34] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [17408] - (6.2.9200.16384) - C:\Windows\hh.exe [26/07/2012 09:12:59] - |D| - [202329669] - C:\Windows\IME [26/07/2012 09:12:59] - |RD| - [1201447] - C:\Windows\ImmersiveControlPanel [26/07/2012 06:37:59] - |D| - [141435854] - C:\Windows\Inf [26/07/2012 09:12:59] - |SHD| - [1970529074] - C:\Windows\Installer [26/07/2012 09:12:59] - |D| - [57303] - C:\Windows\L2Schemas [10/03/2019 09:44:28] - |D| - [301650786] - C:\Windows\LastGood [05/03/2019 10:07:06] - |D| - [1795952] - C:\Windows\LastGood.Tmp [26/07/2012 09:12:59] - |D| - [0] - C:\Windows\LiveKernelReports [26/07/2012 06:37:59] - |D| - [15316238] - C:\Windows\Logs [26/07/2012 09:12:59] - |RSD| - [13642965] - C:\Windows\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [25/07/2012 21:37:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [26/07/2012 09:12:58] - |D| - [717644933] - C:\Windows\Microsoft.NET [05/09/2018 18:49:41] - |D| - [1536] - C:\Windows\Migration [07/09/2018 16:23:46] - |D| - [131700] - C:\Windows\Minidump [26/07/2012 09:12:59] - |D| - [0] - C:\Windows\ModemLogs [MD5.E48A573A7E96A81CB97385768F6CFA4E] - [05/09/2018 14:42:28] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [243712] - (6.2.9200.17434) - C:\Windows\notepad.exe [26/07/2012 09:12:59] - |RD| - [65] - C:\Windows\Offline Web Pages [02/08/2012 03:02:31] - |D| - [0] - C:\Windows\Panther [MD5.828E5251ABF60203B574DE1F233F049B] - [26/06/2009 11:26:36] - |A| - (.Eastman Kodak Company Copyright 1995 - PCDLIB32.) - [217864] - (3.0.0.0) - C:\Windows\PCDLIB32.DLL [26/07/2012 09:12:59] - |D| - [45293407] - C:\Windows\Performance [MD5.0CA50B00EE0D02AB4462876339EE3807] - [12/03/2019 14:37:30] - |A| - (.-.) - [7090] - (0.0.0.0) - C:\Windows\PFRO.log [26/07/2012 09:12:59] - |D| - [1136441] - C:\Windows\PLA [26/07/2012 09:12:59] - |D| - [2407576] - C:\Windows\PolicyDefinitions [01/08/2012 18:03:20] - |D| - [27370053] - C:\Windows\Prefetch [04/09/2018 13:21:18] - |D| - [40960] - C:\Windows\pss [MD5.EBEE8AC4A1A7DF2FD27CED1B0BAF9B9E] - [20/02/2019 08:52:10] - |A| - (.Copyright (C) Steganos Software GmbH 2017 - RegDefragTask.) - [192280] - (1.0.0.462) - C:\Windows\RegDefragTask.exe [MD5.FBBAD33ED97E961CC1500872DE5D96DD] - [26/07/2012 02:14:51] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [159232] - (6.2.9200.16384) - C:\Windows\regedit.exe [26/07/2012 09:12:59] - |D| - [1071164] - C:\Windows\registration [26/07/2012 09:12:59] - |D| - [7174233] - C:\Windows\Resources [MD5.141AEA82BD37F6379DE22350E3425ABA] - [11/03/2019 16:55:17] - |A| - (.-.) - [150] - (0.0.0.0) - C:\Windows\restoro.ini [MD5.2A7B78F4CFA0F1A5655891DDAACEFAD9] - [05/03/2013 00:18:17] - |A| - (.Copyright (C) 2012 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [1706640] - (1.0.3.8) - C:\Windows\RtlExUpd.dll [26/07/2012 09:12:59] - |D| - [0] - C:\Windows\SchCache [26/07/2012 09:12:59] - |D| - [99253] - C:\Windows\schemas [26/07/2012 09:12:59] - |D| - [5261522] - C:\Windows\security [26/07/2012 08:19:54] - |D| - [53370412] - C:\Windows\ServiceProfiles [26/07/2012 06:37:59] - |D| - [125843235] - C:\Windows\servicing [26/07/2012 08:20:02] - |D| - [42] - C:\Windows\Setup [MD5.9CFB4475FBB8A56008BCD3010A32A052] - [11/03/2019 08:28:37] - |A| - (.-.) - [881] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/03/2019 08:28:37] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [MD5.1DC81022E7605CE5FC7BF08ACFE5FD9C] - [02/02/2019 08:07:26] - |A| - (.-.) - [18432] - (0.0.0.0) - C:\Windows\Setup_ck.dll [MD5.178A4F6A92760DD8927B4B8C51E760DB] - [02/02/2019 08:07:26] - |A| - (.-.) - [27648] - (0.0.0.0) - C:\Windows\Setup_ck.exe [26/07/2012 10:45:49] - |D| - [4544] - C:\Windows\ShellNew [26/07/2012 10:45:49] - |D| - [16378336] - C:\Windows\SKB [13/09/2018 08:43:40] - |D| - [195872721] - C:\Windows\SoftwareDistribution [26/07/2012 09:12:59] - |D| - [100049735] - C:\Windows\Speech [MD5.974A3A675E5E0CECA74F62F6C39AF592] - [26/07/2012 02:27:54] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [126464] - (6.2.9200.16384) - C:\Windows\splwow64.exe [MD5.E8F40F7C46A1D730763AFC1D9BD96326] - [26/07/2012 08:59:47] - |A| - (.-.) - [31537] - (0.0.0.0) - C:\Windows\Starter.xml [26/07/2012 09:12:59] - |AD| - [1975301] - C:\Windows\System [MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - [26/07/2012 06:26:52] - |A| - (.-.) - [215] - (0.0.0.0) - C:\Windows\system.ini [26/07/2012 06:38:00] - |D| - [6115603780] - C:\Windows\System32 [26/07/2012 06:38:00] - |AD| - [1651147307] - C:\Windows\SysWOW64 [26/07/2012 09:12:59] - |D| - [0] - C:\Windows\TAPI [26/07/2012 09:12:59] - |D| - [7458] - C:\Windows\Tasks [11/09/2018 13:32:57] - |AD| - [0] - C:\Windows\Temp [26/07/2012 09:12:59] - |RD| - [19134] - C:\Windows\ToastData [26/07/2012 09:12:59] - |D| - [0] - C:\Windows\tracing [26/07/2012 09:12:59] - |D| - [7680] - C:\Windows\twain_32 [MD5.DA7EB5D3652FE2B1676AAA9E6E241E68] - [26/07/2012 02:19:02] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [50176] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.CA2A8AF1DBAD0F31F9B33A2827DFBC16] - [12/09/2018 13:50:09] - |A| - (.-.) - [207] - (0.0.0.0) - C:\Windows\tweaking.com-regbackup-LFS_HYPER_UEFM-Windows-8-(64-bit).dat [MD5.4AFC2C6D5245D4254A6E0CC82A7EB614] - [05/12/2018 11:34:24] - |A| - (.-.) - [97101] - (0.0.0.0) - C:\Windows\uninstaller.dat [MD5.8ABC2E146197097ECCF09C40B2AFB4FE] - [09/12/2018 15:40:54] - |A| - (.-.) - [499712] - (0.0.0.0) - C:\Windows\uxpack.icons [MD5.7255732B7ED89086BEA8DD5C4014E57B] - [09/12/2018 15:40:54] - |A| - (.-.) - [2413056] - (0.0.0.0) - C:\Windows\UxStyle_Core_Jul13_x86.msi [26/07/2012 09:12:59] - |D| - [12420] - C:\Windows\Vss [MD5.05B94E01867B05914C5BA3756B3C7E96] - [05/11/2018 10:00:51] - |A| - (.-.) - [89504] - (0.0.0.0) - C:\Windows\vssMgr.exe [26/07/2012 09:12:59] - |D| - [96367515] - C:\Windows\Web [MD5.6B7673BC06AA498E9F963678C770D0AE] - [26/07/2012 06:26:52] - |A| - (.-.) - [128] - (0.0.0.0) - C:\Windows\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [02/06/2012 15:32:56] - |RA| - (.-.) - [670] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.3EF8701D68ED19780AF9BA9CFE4584EE] - [08/01/2019 06:23:12] - |A| - (.-.) - [1169962] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.EADA08C87AD2A913563244CCF4391E5D] - [26/07/2012 03:09:58] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [10752] - (6.2.9200.16384) - C:\Windows\winhlp32.exe [26/07/2012 09:12:59] - |D| - [1312539] - C:\Windows\WinStore [26/07/2012 06:38:00] - |D| - [10225088630] - C:\Windows\WinSxS [MD5.907AE50A03DEEC4CFFDC70EA3D5AD4D8] - [31/03/2014 21:34:22] - |A| - (.© 2012 Microsoft Corporation. Tous droits réservés. - Écran de veille de la Galerie de photos.) - [322248] - (16.4.3528.331) - C:\Windows\WLXPGSS.SCR [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [02/06/2012 15:34:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.CDEE22097674B556817D09AA96467902] - [26/07/2012 03:00:48] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10752] - (6.2.9200.16384) - C:\Windows\write.exe [MD5.04BC696FDC8403D0DDA9CD9D2D569810] - [24/11/2018 19:37:06] - |A| - (.-.) - [58109] - (0.0.0.0) - C:\Windows\ZAM.krnl.trace [MD5.E1650F1DF2BB881D80594D0D9D538417] - [24/11/2018 19:37:06] - |A| - (.-.) - [18053] - (0.0.0.0) - C:\Windows\ZAM_Guard.krnl.trace ---------- | C:\Windows\System32\GroupPolicy [MD5.C57F2E759C7EBFE8C8285F5D2F2BFC6A] - [10/09/2018 22:17:21] - |A| - (.-.) - [127] - (0.0.0.0) - C:\Windows\System32\GroupPolicy\GPT.INI [10/09/2018 22:17:21] - |D| - [150] - C:\Windows\System32\GroupPolicy\Machine [10/09/2018 22:17:21] - |D| - [0] - C:\Windows\System32\GroupPolicy\User ---------- | Systemroot\System [25/10/2018 15:48:10] - |A| - [1341] - C:\Windows\System\jhqhevmx.kfu () - () [22/01/2018 12:18:44] - |A| - [1384] - C:\Windows\System\linjqbyk.kfl () - () [03/09/2018 22:59:50] - |A| - [935632] - C:\Windows\System\Vb40016.dll (Copyright © 1987-1995 Microsoft Corp.) - (Visual Basic 4.0 runtime library) [03/09/2018 22:59:51] - |A| - [271264] - C:\Windows\System\vbrun100.dll () - () [03/09/2018 22:59:51] - |A| - [356992] - C:\Windows\System\vbrun200.dll (Copyright © 1987-1992 Microsoft Corp) - (Visual Basic 2.0 runtime library) [03/09/2018 22:59:51] - |A| - [398416] - C:\Windows\System\Vbrun300.dll (Copyright © 1987-1993 Microsoft Corp) - (Visual Basic 3.0 runtime library) [10/09/1999 12:06:00] - |A| - [5600] - C:\Windows\System\WINASPI.DLL (Copyright © 1989-1999 Adaptec, Inc.) - (ASPI for Win16 (95/NT) DLL) [10/09/1999 12:06:00] - |A| - [4672] - C:\Windows\System\WOWPOST.EXE (Copyright © 1989-1999 Adaptec, Inc.) - (ASPI for Win16 (NT) Callback Helper) ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [10/01/2019 04:40:00] - C:\Windows\Installer\14c45df4.msi : (Epson Software Updater - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/08/2012 06:20:32] - C:\Windows\Installer\15b2f8.msi : (HP Postscript Converter - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2012 03:07:50] - C:\Windows\Installer\15b307.msi : ( - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/01/2019 08:55:49] - C:\Windows\Installer\20cae19.msi : (Java SE Runtime Environment 8 Update 191 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/07/2012 23:22:32] - C:\Windows\Installer\2dfc7.msi : (Blank Project Template - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:03:54] - C:\Windows\Installer\2dfcc.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:05:09] - C:\Windows\Installer\2dfd2.msi : (AMD Catalyst Install Manager Installer (64 bit) - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 08:59:01] - C:\Windows\Installer\2dfd7.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:01:33] - C:\Windows\Installer\2dfdc.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:01:42] - C:\Windows\Installer\2dfe1.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:01:46] - C:\Windows\Installer\2dfe6.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:01:52] - C:\Windows\Installer\2dfeb.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:01:58] - C:\Windows\Installer\2dff0.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:02:04] - C:\Windows\Installer\2dff5.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:02:11] - C:\Windows\Installer\2dffa.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:02:16] - C:\Windows\Installer\2dfff.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:02:20] - C:\Windows\Installer\2e004.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:02:27] - C:\Windows\Installer\2e009.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:02:33] - C:\Windows\Installer\2e00e.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:02:37] - C:\Windows\Installer\2e013.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:02:43] - C:\Windows\Installer\2e018.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:02:47] - C:\Windows\Installer\2e01d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:02:52] - C:\Windows\Installer\2e022.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:02:59] - C:\Windows\Installer\2e027.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:03:03] - C:\Windows\Installer\2e02c.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:03:10] - C:\Windows\Installer\2e031.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:03:14] - C:\Windows\Installer\2e036.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:03:20] - C:\Windows\Installer\2e03b.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:03:26] - C:\Windows\Installer\2e040.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:03:32] - C:\Windows\Installer\2e045.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:03:36] - C:\Windows\Installer\2e04a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:03:44] - C:\Windows\Installer\2e04f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:04:11] - C:\Windows\Installer\2e054.msi : (Catalyst Control Center Utility 64 - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:01:24] - C:\Windows\Installer\2e05a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/08/2012 09:05:35] - C:\Windows\Installer\2e05f.msi : (AMD Accelerated Parallel Processing SDK - Advanced Micro Devices Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/03/2013 00:20:47] - C:\Windows\Installer\2e065.msi : (HP Support Assistant - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/06/2012 08:46:42] - C:\Windows\Installer\2e06a.msi : (Blank Project Template - Hewlett-Packard Company) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/03/2013 00:24:47] - C:\Windows\Installer\2e06f.msi : (Blank Project Template - Hewlett-Packard) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/01/2019 11:19:37] - C:\Windows\Installer\35fd5.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/02/2019 09:39:47] - C:\Windows\Installer\40fad7c.msi : (OUTDATEfighter - SPAMfighter ApS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/02/2019 12:17:50] - C:\Windows\Installer\40fad83.msi : (STOPzilla AntiMalware - iS3, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/02/2019 09:43:56] - C:\Windows\Installer\40fad86.msi : (STOPzilla AntiVirus - iS3, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/02/2019 10:10:45] - C:\Windows\Installer\42f3760.msi : (Blank Project Template - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/02/2019 10:39:36] - C:\Windows\Installer\42f3767.msi : (AntimalwareEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/03/2019 06:16:55] - C:\Windows\Installer\43d33.msi : (AVG Update Helper - AVG Technologies) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/04/2016 12:20:00] - C:\Windows\Installer\442d37fd.msi : (MyEpson Portal Setup - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/01/2019 14:10:13] - C:\Windows\Installer\463f1d.msi : (Java SE Runtime Environment 8 Update 201 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/01/2019 14:11:58] - C:\Windows\Installer\463f30.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/02/2019 06:51:28] - C:\Windows\Installer\4655e26.msi : (COMODO Secure Shopping - COMODO) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/11/2016 18:32:14] - C:\Windows\Installer\4655e27.msi : (Acronis Backup Agent - Acronis) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/11/2015 10:18:11] - C:\Windows\Installer\5d12e1.msi : (Serif PagePlus X9 - Serif (Europe) Ltd) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/09/2013 16:38:28] - C:\Windows\Installer\5d12e9.msi : (PagePlusX7ContentDeclaration - Serif (Europe) Ltd) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/07/2013 09:29:22] - C:\Windows\Installer\6065f70.msi : (Nero 2014 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/06/2013 11:16:08] - C:\Windows\Installer\6065f78.msi : (NeroControlCenter - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/07/2013 12:26:28] - C:\Windows\Installer\6065f81.msi : (Nero Core Components - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/06/2011 10:31:42] - C:\Windows\Installer\6065f8a.msi : (Nero Audio Pack 1 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/06/2013 15:42:36] - C:\Windows\Installer\6065f93.msi : (Nero BDCore 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/07/2012 07:51:34] - C:\Windows\Installer\6065f9c.msi : (Nero 12 Disc Menus Basic - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/07/2012 07:34:38] - C:\Windows\Installer\6065fa5.msi : (Nero 12 Kwik Themes Basic - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/07/2013 07:32:36] - C:\Windows\Installer\6065fae.msi : (Nero Burning ROM 15 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/06/2013 17:46:02] - C:\Windows\Installer\6065fb7.msi : (Nero 12 Effects Basic - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/06/2013 17:47:36] - C:\Windows\Installer\6065fc0.msi : (Nero 12 PiP Effects Basic - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/12/2012 15:27:12] - C:\Windows\Installer\6065fc9.msi : (Nero Prerequisites 1 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/04/2013 13:44:34] - C:\Windows\Installer\6065fd2.msi : (Nero SharedVideoCodecs - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/07/2013 07:41:38] - C:\Windows\Installer\6065fdb.msi : (Nero Express 15 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/07/2013 09:03:54] - C:\Windows\Installer\6065fe4.msi : (Nero MediaHome - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/06/2013 17:10:44] - C:\Windows\Installer\6065fed.msi : (Nero RescueAgent 15 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/07/2013 15:45:44] - C:\Windows\Installer\6065ff6.msi : (Nero Recode 10 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/07/2013 16:45:22] - C:\Windows\Installer\6065fff.msi : (Nero Video 15 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/07/2013 16:07:36] - C:\Windows\Installer\6066008.msi : (Nero Burning ROM Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/07/2013 16:11:12] - C:\Windows\Installer\6066011.msi : (Nero ControlCenter Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/07/2013 16:14:48] - C:\Windows\Installer\606601a.msi : (Nero Express Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/07/2013 16:16:38] - C:\Windows\Installer\6066023.msi : (Nero MediaHome Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/07/2013 16:18:24] - C:\Windows\Installer\606602c.msi : (Nero Recode Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/07/2013 16:20:16] - C:\Windows\Installer\6066035.msi : (Nero RescueAgent Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/07/2013 16:22:06] - C:\Windows\Installer\606603e.msi : (Nero Video Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/07/2013 13:01:44] - C:\Windows\Installer\6066046.msi : (Nero Update - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/07/2013 11:25:54] - C:\Windows\Installer\606604e.msi : (Nero Launcher - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/07/2013 16:05:40] - C:\Windows\Installer\6066057.msi : (Nero Blu-ray Player Help (CHM) - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/07/2013 19:02:12] - C:\Windows\Installer\6066060.msi : (Nero Disc to Device - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/07/2013 07:25:52] - C:\Windows\Installer\6066069.msi : (Nero BurningCore 15 - Nero AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/02/2019 12:25:38] - C:\Windows\Installer\89cde2.msi : (Looks for updates for your computer's software and drivers to improve performance. - Slimware Utilities Holdings, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/11/2018 17:58:08] - C:\Windows\Installer\8c87001.msi : (BitCopy - MollieSoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/05/2010 17:39:38] - C:\Windows\Installer\8c87009.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/05/2010 17:13:54] - C:\Windows\Installer\8c87010.msi : (Apple Software Update Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/05/2010 18:23:20] - C:\Windows\Installer\8c87013.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/09/2018 10:18:04] - C:\Windows\Installer\8dec0c4.msi : (Paragon HFS+ for Windows - Paragon Software) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/11/2018 16:18:45] - C:\Windows\Installer\8dec0c7.msi : (Morae Recorder - TechSmith Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/09/2015 22:32:38] - C:\Windows\Installer\8dec0cb.msi : (Morae Manager - TechSmith Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/12/2018 08:42:32] - C:\Windows\Installer\8dec131.msi : (Silent Install Builder 5 - Aprel Tech, LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/09/2015 15:21:54] - C:\Windows\Installer\8dec134.msi : (Jing - TechSmith Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/01/2019 11:42:37] - C:\Windows\Installer\962f0c3.msi : (Adobe AIR Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/01/2019 12:31:38] - C:\Windows\Installer\98fbafd.msi : (Google Earth Pro - Google) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2018 10:44:12] - C:\Windows\Installer\98fbb19.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2018 10:44:14] - C:\Windows\Installer\98fbb20.msi : (Apple Application Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2018 10:40:06] - C:\Windows\Installer\98fbb27.msi : (Apple Mobile Device Support Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/02/2019 10:00:30] - C:\Windows\Installer\a4339.msi : (Program - Paragon Software) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/01/2017 16:23:48] - C:\Windows\Installer\a4b6f4.msi : (Adblock Plus for IE - Eyeo GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/03/2015 15:11:19] - C:\Windows\Installer\aca7405.msi : (Serif DrawPlus X8 - Serif (Europe) Ltd) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/01/2019 18:39:59] - C:\Windows\Installer\ae0f68d.msi : (AntiLogger Installation - Zemana Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/02/2019 04:41:00] - C:\Windows\Installer\f656040.msi : (Epson Software Updater - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/03/2019 12:04:16] - C:\Windows\Installer\f7791.msi : ( - ProtectStar Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/01/2019 15:07:24] - [53339648] - (.().-. - ()) - C:\Windows\Installer\163b1b.msp [28/06/2011 22:27:28] - [4028928] - (.().-. - ()) - C:\Windows\Installer\1a8e1.msp [28/06/2011 22:21:32] - [4637184] - (.().-. - ()) - C:\Windows\Installer\1cc49.msp [29/01/2019 14:05:27] - [53014528] - (.().-. - ()) - C:\Windows\Installer\463f14.msp [24/01/2019 11:38:51] - [53332992] - (.().-. - ()) - C:\Windows\Installer\505d089.msp [05/03/2013 00:24:49] - [10134] - C:\Windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe () - () [05/03/2013 00:20:08] - [88102] - C:\Windows\Installer\{09BE17DC-59D2-FD28-371D-DCE0AE76CE75}\ARPPRODUCTICON.exe () - () [05/03/2013 00:37:42] - [300318] - C:\Windows\Installer\{0FA995CC-C849-4755-B14B-5404CC75DC24}\_853F67D554F05449430E7E.exe () - () [05/03/2013 00:20:03] - [88102] - C:\Windows\Installer\{104D7F23-A414-EE6D-315E-A07CB75ADEEE}\ARPPRODUCTICON.exe () - () [05/03/2013 00:20:02] - [88102] - C:\Windows\Installer\{1A7CF3BE-0D4A-33DF-DFD9-824487726365}\ARPPRODUCTICON.exe () - () [08/02/2019 13:40:57] - [313240] - C:\Windows\Installer\{1B6F5E51-575E-4693-BCA2-7543570D076D}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 00:20:04] - [88102] - C:\Windows\Installer\{1BC4C58D-D726-172B-DA2C-BBE6AE5DEB76}\ARPPRODUCTICON.exe () - () [05/03/2013 00:20:11] - [88102] - C:\Windows\Installer\{1E6AF4B4-0910-4821-CB20-F8FD7AA09CCB}\ARPPRODUCTICON.exe () - () [01/01/2019 15:36:07] - [55444] - C:\Windows\Installer\{2272DF9E-A7F3-4FE1-8D61-74538FF1DDE1}\icon.exe () - () [08/02/2019 13:41:13] - [313680] - C:\Windows\Installer\{29F67D84-3A70-456E-806A-52301B02070B}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 00:20:16] - [88102] - C:\Windows\Installer\{2E2526C8-51A8-F6EB-8289-6787E880CE27}\ARPPRODUCTICON.exe () - () [05/03/2013 00:20:16] - [88102] - C:\Windows\Installer\{2E58F5E0-B5EF-844C-5B18-4C21F800CAD6}\ARPPRODUCTICON.exe () - () [08/02/2019 13:43:51] - [198992] - C:\Windows\Installer\{40E51513-D917-4563-84F6-4EF6ADD46E2F}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:43:51] - [198992] - C:\Windows\Installer\{40E51513-D917-4563-84F6-4EF6ADD46E2F}\ScRecodeStartMenu1_729B957FFE3C40528A62D7F32390F7C3.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:43:51] - [198992] - C:\Windows\Installer\{40E51513-D917-4563-84F6-4EF6ADD46E2F}\ScRecodeStartMenu_563A75F05683422E8C558ED3B6DA617D.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/02/2019 10:42:41] - [358360] - C:\Windows\Installer\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [26/02/2019 10:42:42] - [358360] - C:\Windows\Installer\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}\NewShortcut1_9D26517437AB43F988CAFF4AC3CA05DE.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [26/02/2019 10:42:42] - [358360] - C:\Windows\Installer\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}\NewShortcut6_46B5678CC4A24F4AA166FBA0D99B16EE.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [05/03/2013 00:20:23] - [10134] - C:\Windows\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}\ARPPRODUCTICON.exe () - () [04/02/2019 13:30:29] - [599040] - C:\Windows\Installer\{5325F0CD-8B2C-40BA-B597-89A3FB09B83C}\Icon57D6EECB.exe () - () [08/02/2019 13:43:13] - [588112] - C:\Windows\Installer\{581DCE84-1948-4891-A4A7-A1222CC137C5}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:43:13] - [588112] - C:\Windows\Installer\{581DCE84-1948-4891-A4A7-A1222CC137C5}\NeroRescueAgent.ex_2882597C6E684EBDA23F3CF2CA0CBC30.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:43:13] - [588112] - C:\Windows\Installer\{581DCE84-1948-4891-A4A7-A1222CC137C5}\ScRescueAgentStart_322CFA6F80AB4438A8748366873E3688.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:41:29] - [300952] - C:\Windows\Installer\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 00:20:06] - [88102] - C:\Windows\Installer\{5AD25D5C-C813-146B-4FB0-76561F7875B7}\ARPPRODUCTICON.exe () - () [05/03/2013 00:20:09] - [88102] - C:\Windows\Installer\{5B4886EE-5A95-C257-A68F-2DCADE47A273}\ARPPRODUCTICON.exe () - () [26/02/2019 10:40:16] - [59352] - C:\Windows\Installer\{5C7A5F94-02E9-4C5D-A594-B1F10865965A}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [05/03/2013 00:20:12] - [88102] - C:\Windows\Installer\{5DB58618-7021-C650-EE8A-58CD1FAA95F9}\ARPPRODUCTICON.exe () - () [05/03/2013 00:20:01] - [88102] - C:\Windows\Installer\{5F5ACD0C-A454-32A7-E206-EE89B1510128}\ARPPRODUCTICON.exe () - () [05/03/2013 00:19:38] - [88102] - C:\Windows\Installer\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}\ARPPRODUCTICON.exe () - () [05/03/2013 00:19:38] - [88102] - C:\Windows\Installer\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}\NewShortcut2_3B1A0823966A48909E77539C330FBF6E.exe () - () [05/03/2013 00:19:38] - [88102] - C:\Windows\Installer\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}\NewShortcut3_3B1A0823966A48909E77539C330FBF6E.exe () - () [05/03/2013 00:19:38] - [88102] - C:\Windows\Installer\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}\NewShortcut4_3B1A0823966A48909E77539C330FBF6E.exe () - () [05/03/2013 00:19:38] - [88102] - C:\Windows\Installer\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}\NewShortcut5_3B1A0823966A48909E77539C330FBF6E.exe () - () [26/02/2019 10:11:38] - [358360] - C:\Windows\Installer\{5FFF7119-74E8-442E-970E-50BAD81D5371}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [04/12/2018 16:33:02] - [10134] - C:\Windows\Installer\{61D31B76-19A3-440C-9A21-BDE64BAED8D2}\I_SetupIcon.exe () - () [04/12/2018 16:33:02] - [4846] - C:\Windows\Installer\{61D31B76-19A3-440C-9A21-BDE64BAED8D2}\I__HelpIcon.exe () - () [08/02/2019 13:46:15] - [69632] - C:\Windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [05/03/2013 00:20:11] - [88102] - C:\Windows\Installer\{67087BB4-19B4-C169-3E52-2BED796D8AB3}\ARPPRODUCTICON.exe () - () [04/02/2019 12:53:53] - [27136] - C:\Windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\AppleSoftwareUpdateIco.exe () - () [05/03/2013 00:20:08] - [88102] - C:\Windows\Installer\{6AE04BB9-A455-16ED-5806-DCFBB14505D6}\ARPPRODUCTICON.exe () - () [05/03/2013 00:24:44] - [53248] - C:\Windows\Installer\{6F340107-F9AA-47C6-B54C-C3A19F11553F}\ARPPRODUCTICON.exe (Copyright (C) 2010 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 00:19:59] - [10134] - C:\Windows\Installer\{7474548C-E456-4818-8ED0-4A1F00EF77A1}\ARPPRODUCTICON.exe () - () [05/03/2013 00:20:04] - [88102] - C:\Windows\Installer\{76DFBEB9-9E55-8CC6-B99A-9CEFAC573A1F}\ARPPRODUCTICON.exe () - () [05/03/2013 00:20:00] - [88102] - C:\Windows\Installer\{839D1577-5415-6C89-6642-515DFFE6432F}\ARPPRODUCTICON.exe () - () [20/02/2019 12:25:46] - [61440] - C:\Windows\Installer\{84A89263-AA96-41D0-8345-77A704A76B4C}\Icon.exe () - () [05/03/2013 00:20:07] - [88102] - C:\Windows\Installer\{84B13BF6-F7AF-198E-0E77-DCA4027B9D19}\ARPPRODUCTICON.exe () - () [04/02/2019 14:34:08] - [316416] - C:\Windows\Installer\{8C784F8B-89D0-4A59-A000-7EEF129E1574}\IconA17C9A58.exe () - () [26/02/2019 09:43:04] - [192512] - C:\Windows\Installer\{8F51500B-CC44-417B-B6A4-F294CB29A29B}\ARPPRODUCTICON.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [26/02/2019 09:43:04] - [192512] - C:\Windows\Installer\{8F51500B-CC44-417B-B6A4-F294CB29A29B}\NewShortcut1_03D125E691E9400CB85A784476510BC7.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [26/02/2019 09:43:04] - [192512] - C:\Windows\Installer\{8F51500B-CC44-417B-B6A4-F294CB29A29B}\NewShortcut2_5D749443D6B7492295A5147BE99EC968.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [26/02/2019 09:43:04] - [192512] - C:\Windows\Installer\{8F51500B-CC44-417B-B6A4-F294CB29A29B}\NewShortcut3_3F279B1F28E84CD5BF415C23B8BA3F36.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [08/02/2019 13:43:00] - [190800] - C:\Windows\Installer\{9612F0F6-A154-49A2-9CCB-A1C1AA57D719}\NeroKwikMedia._63C8A7B0BBE5459F9AC436392B2FF50D.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:43:00] - [190800] - C:\Windows\Installer\{9612F0F6-A154-49A2-9CCB-A1C1AA57D719}\ScKwikMediaDesk_DAE4ED9540AC4C38962344CC52ED8A73.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:43:00] - [190800] - C:\Windows\Installer\{9612F0F6-A154-49A2-9CCB-A1C1AA57D719}\ScKwikMediaStar_594597E2768645E1995B7F203ACC4488.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:43:00] - [194896] - C:\Windows\Installer\{9612F0F6-A154-49A2-9CCB-A1C1AA57D719}\ScMediaBrowser_9BF9A3F46C13407797C1395E985F61EA.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:40:35] - [219472] - C:\Windows\Installer\{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:40:35] - [219472] - C:\Windows\Installer\{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}\NewShortcut1_E08900DF540F4F19B47612A588767A4F.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:40:35] - [219472] - C:\Windows\Installer\{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}\NewShortcut2_9D1C9C50DBD745B782E69E19508131D0.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 00:20:13] - [88102] - C:\Windows\Installer\{A666A6E7-3A51-E289-559B-BF3486036ABF}\ARPPRODUCTICON.exe () - () [01/01/2019 18:52:10] - [10134] - C:\Windows\Installer\{A677B60C-9707-4D9C-AB9C-BF856A0832AC}\_054BCCD2A91F636035A171.exe () - () [01/01/2019 18:52:10] - [9662] - C:\Windows\Installer\{A677B60C-9707-4D9C-AB9C-BF856A0832AC}\_112D608FD02CD87FDC7735.exe () - () [01/01/2019 18:52:10] - [9662] - C:\Windows\Installer\{A677B60C-9707-4D9C-AB9C-BF856A0832AC}\_853F67D554F05449430E7E.exe () - () [01/01/2019 18:52:10] - [9662] - C:\Windows\Installer\{A677B60C-9707-4D9C-AB9C-BF856A0832AC}\_B40DB8C1A2252C016011C5.exe () - () [01/01/2019 18:52:10] - [9662] - C:\Windows\Installer\{A677B60C-9707-4D9C-AB9C-BF856A0832AC}\_F3A7DDA0555336B00A99EF.exe () - () [08/02/2019 13:40:03] - [300328] - C:\Windows\Installer\{A7A0BF2E-31CC-49E3-9913-52C503EB969D}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 00:19:36] - [88102] - C:\Windows\Installer\{ABA39912-380C-0EF3-C820-868115EB1DAC}\ARPPRODUCTICON.exe () - () [08/02/2019 13:39:44] - [588112] - C:\Windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:39:44] - [588112] - C:\Windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ScControlCenterSta_FC2653898C5047A6A872CAF6433C43A8.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 00:20:03] - [88102] - C:\Windows\Installer\{AC7A441A-353F-75F6-6ABA-3BF98161B530}\ARPPRODUCTICON.exe () - () [08/02/2019 13:41:22] - [313680] - C:\Windows\Installer\{ACE49D50-19CD-44A6-B192-46F985283B26}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 00:49:28] - [10134] - C:\Windows\Installer\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}\_6FB06134364694D5797749.exe () - () [05/03/2013 00:20:05] - [88102] - C:\Windows\Installer\{B6480ED1-448E-813B-4FE0-BED811D1C01F}\ARPPRODUCTICON.exe () - () [08/02/2019 13:45:12] - [588112] - C:\Windows\Installer\{BD0E78AC-54A5-429A-BAF3-29D1A945A20C}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:45:12] - [588112] - C:\Windows\Installer\{BD0E78AC-54A5-429A-BAF3-29D1A945A20C}\ScVisionDestop_7F7E5B0B4C2946E6A57D5A77942B7F3A.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:45:12] - [588112] - C:\Windows\Installer\{BD0E78AC-54A5-429A-BAF3-29D1A945A20C}\ScVisionStartMenu_88036A9DCD1D412A84701A23A35FB37B.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 00:20:00] - [88102] - C:\Windows\Installer\{BDBF9803-B57C-AB2A-8830-CBED34703840}\ARPPRODUCTICON.exe () - () [05/03/2013 00:20:09] - [88102] - C:\Windows\Installer\{BFB6DE5F-9BEA-1FBB-3584-2C78639CE59A}\ARPPRODUCTICON.exe () - () [25/12/2018 10:43:22] - [9662] - C:\Windows\Installer\{CA3B7372-F24B-4162-8C21-89C559E283FA}\_853F67D554F05449430E7E.exe () - () [20/02/2019 10:06:43] - [10134] - C:\Windows\Installer\{D4378A80-C713-11DF-9399-005056C00008}\ARPPRODUCTICON.exe () - () [20/02/2019 10:06:43] - [32038] - C:\Windows\Installer\{D4378A80-C713-11DF-9399-005056C00008}\RunProductNameDskt_985F828E0E98429F9C05EF3BDE7568F7_1.exe () - () [20/02/2019 10:06:43] - [32038] - C:\Windows\Installer\{D4378A80-C713-11DF-9399-005056C00008}\RunProductNameShor_985F828E0E98429F9C05EF3BDE7568F7.exe () - () [08/02/2019 13:46:24] - [80208] - C:\Windows\Installer\{D5115C78-2D22-4668-A5E2-6C87DED3ED1B}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:46:24] - [80208] - C:\Windows\Installer\{D5115C78-2D22-4668-A5E2-6C87DED3ED1B}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:46:24] - [80208] - C:\Windows\Installer\{D5115C78-2D22-4668-A5E2-6C87DED3ED1B}\NeroLauncher.ex_2882597C6E684EBDA23F3CF2CA0CBC30.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/02/2019 09:40:55] - [53248] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\ARPPRODUCTICON.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/02/2019 09:40:56] - [229376] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\collect_logs_0CEF7DB7296B4A039FAE8EA6AAE968C0.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/02/2019 09:40:57] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\DesktopOUTDATEfigh_C272B461619A4C97A904A0E3ABB46C5B.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/02/2019 09:40:56] - [65536] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\eula_shortcut_C37361C725D74AB7BCC5FA4022E0CC35.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/02/2019 09:40:56] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\faqShortcut_18DBFAE846FB4E8396F1DF2D2A44F8D0.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/02/2019 09:40:57] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\OTDFQuickLaunchSho_613E7DD854804C118887E5C2334BEC0A.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/02/2019 09:40:55] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\OUTDATEfighterShor_5758C9D68C974ADC98E826C66C5A6501.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/02/2019 09:40:57] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\OUTDATEfighterShor_EDB09256466C4C97A4E882232CB0D404.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/02/2019 09:40:56] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\privacyShortcut_CB5E683ED0FF4258AF788FA33BD022DE.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/02/2019 09:40:56] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\req_support_B88499ED99C741E88D5FCC5F21DB5674.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/02/2019 09:40:56] - [45056] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\UninstallShortcut_E345426E1BED4E97835AC4645E72B19C.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 00:20:06] - [88102] - C:\Windows\Installer\{DD35ECFB-5C95-398B-CAFA-B5E8881363C3}\ARPPRODUCTICON.exe () - () [08/02/2019 13:40:44] - [313240] - C:\Windows\Installer\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 00:17:28] - [53248] - C:\Windows\Installer\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}\ARPPRODUCTICON.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/02/2019 13:39:32] - [301392] - C:\Windows\Installer\{E6E1AE09-1B6D-4D80-A42F-2AE0EA448DE5}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [04/02/2019 14:01:10] - [80395] - C:\Windows\Installer\{E703613B-BDAB-433E-A66A-DE0263E3D35D}\MsblIco.Exe () - () [05/03/2013 00:20:20] - [88102] - C:\Windows\Installer\{E8406BA9-5D47-4A62-08C3-759EA677229A}\ARPPRODUCTICON.exe () - () [01/01/2019 18:51:29] - [371894] - C:\Windows\Installer\{EAB8D189-1F5A-4902-A4C4-2ACC1549288A}\ARPPRODUCTICON.exe () - () [01/01/2019 18:51:29] - [371894] - C:\Windows\Installer\{EAB8D189-1F5A-4902-A4C4-2ACC1549288A}\AutoSave1_10085090E71D4A549E3244AB37A4CCC6.exe () - () [01/01/2019 18:51:29] - [371894] - C:\Windows\Installer\{EAB8D189-1F5A-4902-A4C4-2ACC1549288A}\AutoSave_10085090E71D4A549E3244AB37A4CCC6.exe () - () [08/02/2019 13:41:48] - [588112] - C:\Windows\Installer\{ED7943A4-2FF0-4096-BBEA-DE3CC206E3D4}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 00:20:14] - [88102] - C:\Windows\Installer\{F193812F-83C0-3CED-1EDE-BE2525267303}\ARPPRODUCTICON.exe () - () [08/02/2019 13:41:04] - [588112] - C:\Windows\Installer\{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/02/2019 09:49:26] - [192512] - C:\Windows\Installer\{F63A7ADE-507E-4944-9C74-8893BAE11728}\ARPPRODUCTICON.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [26/02/2019 09:49:27] - [192512] - C:\Windows\Installer\{F63A7ADE-507E-4944-9C74-8893BAE11728}\NewShortcut1_E1495BBB3B6443E69DBFB09B3D0691D2.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [26/02/2019 09:49:27] - [45056] - C:\Windows\Installer\{F63A7ADE-507E-4944-9C74-8893BAE11728}\UninstallSTOPzilla_14DDE1424B2549418BFF0B4BDBBB0762.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [05/03/2013 00:20:13] - [88102] - C:\Windows\Installer\{F754BC24-2C04-F76E-C403-0175F0954560}\ARPPRODUCTICON.exe () - () [04/02/2019 12:59:14] - [14863480] - C:\Windows\Installer\{FC4D0316-D3D8-4c07-9E45-7A2A4D75E069}\uninstall.exe (© 2008-2012 Comodo Security Solutions, Inc.) - (COMODO PC TuneUp setup) [05/03/2013 00:20:10] - [88102] - C:\Windows\Installer\{FC62C740-2339-618C-467B-36CE6D409E5F}\ARPPRODUCTICON.exe () - () [05/03/2013 00:23:32] - [98304] - C:\Windows\Installer\{FF27F674-821E-4BA2-985B-DDF539C2CD03}\ARPPRODUCTICON.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 00:23:32] - [98304] - C:\Windows\Installer\{FF27F674-821E-4BA2-985B-DDF539C2CD03}\HPSF.exe2_2EBA634C3DB04BEC8765F065A06AB6AA.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [05/03/2013 00:23:32] - [98304] - C:\Windows\Installer\{FF27F674-821E-4BA2-985B-DDF539C2CD03}\NewShortcut2_06EDE08E9D6342F1AC2C30BC31ED1770.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) ---------- | %System%\*.in* [16/12/2018 19:02:22] - [5115] - C:\Windows\System32\AmUStor.ini [26/07/2012 09:13:14] - [75] - C:\Windows\System32\desktop.ini [25/07/2012 23:57:48] - [25185] - C:\Windows\System32\ieuinit.inf [26/10/2012 08:42:22] - [29494] - C:\Windows\System32\lvcoin64.ini [26/07/2012 08:28:09] - [1523484] - C:\Windows\System32\PerfStringBackup.INI [02/06/2012 21:26:07] - [60124] - C:\Windows\System32\tcpmon.ini [29/09/2018 12:53:34] - [36] - C:\Windows\Syswow64\Error.ini [29/01/2019 13:50:51] - [17907] - C:\Windows\Syswow64\GeneStor.INF [25/07/2012 23:54:50] - [25185] - C:\Windows\Syswow64\ieuinit.inf [27/08/2002 00:42:18] - [1199] - C:\Windows\Syswow64\panadv.inf [01/08/2012 18:09:37] - [915038] - C:\Windows\Syswow64\PerfStringBackup.INI ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.60AB39637FD7496E21DE870FDA4CC5CA] - |A| - [25/07/2012 21:35:41] - (.-.) - [6.71 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\pcamain.sdb [MD5.AF1EE098731BA9D2C1273E031B734B4E] - |A| - [05/09/2018 22:21:49] - (.-.) - [379.67 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\sysmain.sdb [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\AppPatch\Custom\Custom64 [MD5.263F33FFB41E6CCE801283A5188F5ED4] - |ASH| - [04/09/2018 13:21:20] - (.-.) - [40 Ko] - (0.0.0.0) - C:\Windows\PSS\boot.backup.LOG [MD5.D41D8CD98F00B204E9800998ECF8427E] - |ASH| - [04/09/2018 13:21:20] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\PSS\boot.backup.LOG1 [MD5.D41D8CD98F00B204E9800998ECF8427E] - |ASH| - [04/09/2018 13:21:20] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\PSS\boot.backup.LOG2 [MD5.00000000000000000000000000000000] - |D| - [01/03/2019 06:06:30] - [0 Ko] - C:\Windows\Temp\_avg_ [MD5.00000000000000000000000000000000] - |D| - [05/03/2013 08:53:31] - [0 Ko] - C:\Windows\System32\040C [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [3888 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.39638F9CB6CAA08E58D8F3A8E23DD757] - |A| - [22/02/2019 20:15:35] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [5314.5 Ko] - (9.1.10.13) - C:\Windows\System32\amdmantle64.dll [MD5.F45D2E2D0B9DB7817DE0B2A84102FAAB] - |A| - [22/02/2019 20:15:35] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [47 Ko] - (1.5.0.0) - C:\Windows\System32\amdmmcl6.dll [MD5.F85EB8FC88730DA21D0E63DB62DE9902] - |A| - [22/02/2019 20:15:56] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 1.2 Runtime.) - [28013.5 Ko] - (10.0.1445.5) - C:\Windows\System32\amdocl64.dll [MD5.ECC9D68F5BEF5CD67BE2D2F758661980] - |A| - [22/02/2019 20:15:25] - (.-.) - [1159.51 Ko] - (0.0.0.0) - C:\Windows\System32\amdocl_as64.exe [MD5.DD3E0FE46F9AB3F9A339F4DD3B2B2E4C] - |A| - [22/02/2019 20:15:25] - (.-.) - [1037.01 Ko] - (0.0.0.0) - C:\Windows\System32\amdocl_ld64.exe [MD5.6AF9604FD805D6D596F1CBDE07CC83F2] - |A| - [22/02/2019 20:17:42] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [76.59 Ko] - (8.14.10.23) - C:\Windows\System32\amdpcom64.dll [MD5.7CC98B75AF9FFEF8D1E9880726E79659] - |A| - [20/02/2013 22:22:18] - (.Copyright (C) 2010 - amdverag Dynamic Link Library.) - [52 Ko] - (1.360.467.117) - C:\Windows\System32\amdverag.dll [MD5.F3C13FA4F49D9A6D13C8BD6B6E6D0F76] - |A| - [16/12/2018 19:02:22] - (.-.) - [1058.03 Ko] - (0.0.0.0) - C:\Windows\System32\AmRdrIco.icl [MD5.679BBDBC39ACF9D361245011DD5F6BBA] - |A| - [16/12/2018 19:02:22] - (.-.) - [5 Ko] - (0.0.0.0) - C:\Windows\System32\AmUStor.ini [MD5.926C753C058B5E589CF38AAC72166702] - |A| - [04/09/2018 01:09:14] - (.-.) - [404.84 Ko] - (0.0.0.0) - C:\Windows\System32\ApnDatabase.xml [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [05/09/2018 18:49:40] - [9558.14 Ko] - C:\Windows\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [245 Ko] - C:\Windows\System32\ar-SA [MD5.80F4C3966C8689297902FFE321E472D4] - |A| - [22/02/2019 20:17:55] - (.Copyright (C) 2008-2011 Advanced Micro Devices, Inc. - ADL.) - [1150 Ko] - (6.14.10.1300) - C:\Windows\System32\atiadlxx.dll [MD5.D20684C52956C78947BD57C8D791E924] - |A| - [22/02/2019 20:21:29] - (.-.) - [567.2 Ko] - (0.0.0.0) - C:\Windows\System32\atiapfxx.blb [MD5.1A9FB911640971DA26D139704FA9A6D8] - |A| - [22/02/2019 20:15:25] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [359.5 Ko] - (6.14.10.1001) - C:\Windows\System32\atiapfxx.exe [MD5.749584902AE80A53EFDA4F8FA03E1713] - |A| - [29/08/2012 09:08:57] - (.Copyright (C) 2008 Advanced Micro Devices, Inc. - ATIBRTMON.) - [116 Ko] - (2.0.0.0) - C:\Windows\System32\atibtmon.exe [MD5.BCBB99ED58A20F84AB0E6F4CB562A00C] - |A| - [22/02/2019 20:18:00] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [54.5 Ko] - (6.14.10.1848) - C:\Windows\System32\aticalcl64.dll [MD5.BCD0F2B857F02F70DF082EFF0683C344] - |A| - [22/02/2019 20:18:04] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [15348 Ko] - (6.14.10.1848) - C:\Windows\System32\aticaldd64.dll [MD5.B9A498D95AE6788FC759AE3FB63AB854] - |A| - [22/02/2019 20:18:05] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [61 Ko] - (6.14.10.1848) - C:\Windows\System32\aticalrt64.dll [MD5.93A594325A45270BF707779442B1B84F] - |A| - [20/02/2013 22:22:16] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx64.dll.) - [1311.79 Ko] - (8.17.10.1280) - C:\Windows\System32\aticfx64.dll [MD5.8EB4772D9972D3CB7A5972A393ED4A8B] - |A| - [22/02/2019 20:18:06] - (.2002-2012 - Graphics DEM.) - [432 Ko] - (4.5.5220.36907) - C:\Windows\System32\atidemgy.dll [MD5.35F12F547655157E5F3254ECE80E5767] - |A| - [20/02/2013 22:22:22] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx64.dll.) - [10092.98 Ko] - (8.17.10.545) - C:\Windows\System32\atidxx64.dll [MD5.5504CB5B6EA51D983D22CDC802BB0E60] - |A| - [22/02/2019 20:15:25] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [572.5 Ko] - (6.14.11.1169) - C:\Windows\System32\atieclxx.exe [MD5.163C102139D8532F34DFD8E65291E199] - |A| - [20/02/2013 22:22:22] - (.Copyright (c) ATI Technologies Inc. 2003-2009 - atiedu64.) - [58 Ko] - (6.14.10.2514) - C:\Windows\System32\atiedu64.dll [MD5.E7BDC2E7D885A65031C6B93D5A80B019] - |A| - [22/02/2019 20:15:25] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [234 Ko] - (6.14.11.1169) - C:\Windows\System32\atiesrxx.exe [MD5.BD22487E62B96E5C9D15D3A56D033682] - |A| - [22/02/2019 20:18:12] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [73.5 Ko] - (8.14.1.6374) - C:\Windows\System32\atig6pxx.dll [MD5.5B7243A06C3815A9C30F0ACBAF572A59] - |A| - [22/02/2019 20:18:12] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [143.5 Ko] - (8.14.1.6374) - C:\Windows\System32\atig6txx.dll [MD5.4E6C52E4EF086C1B0E668E4E505D6E8E] - |A| - [22/02/2019 20:18:12] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [68 Ko] - (8.14.1.6374) - C:\Windows\System32\atiglpxx.dll [MD5.BC93F76B6713F25DBCC46C46F47AD7F2] - |A| - [22/02/2019 20:21:31] - (.-.) - [706.88 Ko] - (0.0.0.0) - C:\Windows\System32\atiicdxx.dat [MD5.81F1E3665F2462DC36BEB2DD8D076A12] - |A| - [22/02/2019 20:18:12] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [76.59 Ko] - (8.14.10.23) - C:\Windows\System32\atimpc64.dll [MD5.BA7A22CB5F1ABE28798F26648E8BC1E4] - |A| - [22/02/2019 20:18:12] - (.Copyright ? 2009 AMD - Multi-language DPPE DLL.) - [30.5 Ko] - (6.14.10.1002) - C:\Windows\System32\atimuixx.dll [MD5.3951CD8EC707D87364129A4A2B37B0B6] - |A| - [22/02/2019 20:18:37] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [27253.5 Ko] - (6.14.10.12874) - C:\Windows\System32\atio6axx.dll [MD5.A6BAAA6608A9B00220E9D5C023FC53D1] - |A| - [29/08/2012 09:11:07] - (.Copyright (C) 2008 - ATIODCLI Application.) - [50 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODCLI.exe [MD5.463FFBD3350E3EB57F7D5746EBD233CA] - |A| - [29/08/2012 09:11:09] - (.Copyright (C) 2008 - ATIODE Application.) - [325 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODE.exe [MD5.64A0869F18560CD529120ADE00155C3E] - |A| - [29/08/2012 09:11:43] - (.-.) - [3.83 Ko] - (0.0.0.0) - C:\Windows\System32\atipblag.dat [MD5.2CB18ED7F649FE67CE65AF8EC135C891] - |A| - [22/02/2019 20:19:54] - (.Copy Right © 2012 Advanced Micro Devices, Inc - TMM Clone Control Module.) - [186.5 Ko] - (6.14.11.25) - C:\Windows\System32\atitmm64.dll [MD5.9D97DC8A80D5B8D7FCA81A957BB2036D] - |A| - [22/02/2019 20:19:55] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [114.83 Ko] - (8.14.1.6374) - C:\Windows\System32\atiu9p64.dll [MD5.2AF8F5A8DF6B5A6590DE9E19474EE109] - |A| - [22/02/2019 20:19:56] - (.Copyright (C) 1998-2011 AMD Inc. - atiumd64.dll.) - [7823.21 Ko] - (9.14.10.1029) - C:\Windows\System32\atiumd64.dll [MD5.755E2AF6AF5D8D010D48337901CC9164] - |A| - [22/02/2019 20:21:30] - (.-.) - [3357.06 Ko] - (0.0.0.0) - C:\Windows\System32\atiumd6a.cap [MD5.A2507D90F5B1D080D8CC3F965E24AFD5] - |A| - [22/02/2019 20:19:59] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [7343.95 Ko] - (8.14.10.448) - C:\Windows\System32\atiumd6a.dll [MD5.2D26D3C2322FFFCC1649DE13AA4492F5] - |A| - [20/02/2013 22:22:20] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [139.95 Ko] - (8.14.1.6374) - C:\Windows\System32\atiuxp64.dll [MD5.3CC75E1343F3BEC4E37CC7F6E42A1DBB] - |A| - [22/02/2019 20:21:31] - (.-.) - [80.2 Ko] - (0.0.0.0) - C:\Windows\System32\ativce02.dat [MD5.0D0C694242C729584A643E3568A814EE] - |A| - [22/02/2019 20:21:31] - (.-.) - [131.05 Ko] - (0.0.0.0) - C:\Windows\System32\ativce03.dat [MD5.74B194D89C2DEF1D680E89652310B15E] - |A| - [22/02/2019 20:21:31] - (.-.) - [229.3 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cik.dat [MD5.A6307AFDD31E37953B71479CDCE34727] - |A| - [22/02/2019 20:21:31] - (.-.) - [227.55 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cik_nd.dat [MD5.C865D17B8CB1C21E27968B328F2C9FEE] - |A| - [22/02/2019 20:21:31] - (.-.) - [268.68 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_vi.dat [MD5.3697F5AD3F43AD76C32DA97A1EC3F3C5] - |A| - [22/02/2019 20:21:31] - (.-.) - [267.3 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_vi_nd.dat [MD5.A3843B5810BE3B314D5D5E3B93E82AA7] - |A| - [20/02/2013 22:22:20] - (.-.) - [26.3 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsnl.dat [MD5.CFBA17101E04BBCDA5E50CC8A92CEBB0] - |A| - [20/02/2013 22:22:12] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsny.dat [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [29/08/2012 09:12:52] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [29/08/2012 09:12:54] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsvl.dat [MD5.D8632E54B9D4BA45916B0E0D4DD73535] - |A| - [06/09/2018 05:43:16] - (.-.) - [10.84 Ko] - (0.0.0.0) - C:\Windows\System32\AutoconfigV2.cab [MD5.00000000000000000000000000000000] - |D| - [06/09/2018 09:18:08] - [30.58 Ko] - C:\Windows\System32\AutoUpdateLicense [MD5.0CE005F01D7964338AC3A898479E97D1] - |A| - [20/03/2019 19:01:59] - (.Copyright (C) 2019 AVG Technologies CZ, s.r.o. - AVG start-up scanner.) - [354.42 Ko] - (19.4.4247.0) - C:\Windows\System32\avgBoot.exe [MD5.531F17189C60ED61BDE4DCC82CC66B59] - |A| - [26/01/2017 08:26:44] - (.-.) - [73.48 Ko] - (0.0.0.0) - C:\Windows\System32\bdmjpeg64.dll [MD5.2F42956D6772A840D47C92C48004C946] - |A| - [26/01/2017 08:26:50] - (.-.) - [74.01 Ko] - (0.0.0.0) - C:\Windows\System32\bdmpega64.acm [MD5.12C2E65CA9CDFB4E77B65CC311FD97C3] - |A| - [26/01/2017 08:26:46] - (.-.) - [73.51 Ko] - (0.0.0.0) - C:\Windows\System32\bdmpegv64.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [219.5 Ko] - C:\Windows\System32\bg-BG [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [4976.84 Ko] - C:\Windows\System32\Boot [MD5.F7801B03B7E1D01B0935C588B9D0A9C4] - |A| - [26/07/2012 02:14:01] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [88.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0.93 Ko] - C:\Windows\System32\Bthprops [MD5.FCF5AF2016ADF65A97B579A67730F1B6] - |A| - [16/12/2018 19:02:22] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\Windows\System32\CardDetect6485.bin [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [84050.39 Ko] - C:\Windows\System32\catroot [MD5.00000000000000000000000000000000] - |D| - [12/09/2018 14:22:55] - [36759.67 Ko] - C:\Windows\System32\catroot2 [MD5.2263727032E9B19231A706046B8C82D3] - |A| - [02/02/2019 08:07:26] - (.-.) - [27.99 Ko] - (0.0.0.0) - C:\Windows\System32\Ckldrv.sys [MD5.7225478B1CA749E589F17A1EBF5564A3] - |A| - [22/02/2019 20:15:31] - (.-.) - [226 Ko] - (0.0.0.0) - C:\Windows\System32\clinfo.exe [MD5.7BE91946A1A9E03217624B3A117775D3] - |A| - [26/02/2019 11:19:54] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [329.18 Ko] - (1.3.50284.151) - C:\Windows\System32\cmdkbdcss64.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [5915.29 Ko] - C:\Windows\System32\CodeIntegrity [MD5.C9BF1315C53FD1611ABD3A4BB70B16A2] - |A| - [22/02/2019 20:20:05] - (.AMD. - CoInstaller DLL.) - [788 Ko] - (1.0.5.9) - C:\Windows\System32\coinst_14.100.dll [MD5.D35751AAC3033B9C731E351DE40787E9] - |A| - [20/02/2013 22:22:16] - (.AMD. - CoInstaller DLL.) - [68.5 Ko] - (1.0.4.8) - C:\Windows\System32\coinst_9.012.8.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [355.5 Ko] - C:\Windows\System32\Com [MD5.00000000000000000000000000000000] - |SD| - [05/09/2018 18:49:40] - [1443.69 Ko] - C:\Windows\System32\CompatTel [MD5.6E2604E36B2D67061BD0E3DC966DDC7E] - |A| - [22/02/2019 20:27:24] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [119.42 Ko] - (1.0.0.4) - C:\Windows\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [709266.12 Ko] - C:\Windows\System32\config [MD5.133F82B6391F3390BECFA429C23FB2BE] - |A| - [02/02/2019 08:07:26] - (.Copyright © 2000 - CrypKey License Service.) - [120 Ko] - (1.1.0.2) - C:\Windows\System32\Crypserv.exe [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [264.5 Ko] - C:\Windows\System32\cs-CZ [MD5.C08B76197C6FC8B8CCA63DFDE3A48503] - |A| - [26/02/2019 11:19:56] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [49.09 Ko] - (1.3.50284.151) - C:\Windows\System32\csscsr64.dll [MD5.18315E8C880660C91695B04348911794] - |A| - [26/02/2019 11:19:55] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [437.21 Ko] - (1.3.50284.151) - C:\Windows\System32\cssguard64.dll [MD5.707DBFA069D1A078D5FC6CB57A9BB707] - |A| - [16/12/2018 19:03:00] - (.©Conexant Systems Inc. - Conexant APO.) - [1578.79 Ko] - (1.74.0.0) - C:\Windows\System32\CX64APO.dll [MD5.42403C608F1EB6A3A003ED8949C3CE04] - |A| - [16/12/2018 19:03:00] - (.©Conexant Systems Inc. - Conexant MFX APO Proxy.) - [1493.3 Ko] - (1.2.0.0) - C:\Windows\System32\CX64Proxy.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [261.5 Ko] - C:\Windows\System32\da-DK [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [287 Ko] - C:\Windows\System32\de-DE [MD5.06DD7B88FC18BAC825546AF1CA816855] - |A| - [02/10/2018 10:29:19] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\Windows\System32\debug.log [MD5.08750A50CF027F93070C8BB78E27C3B7] - |ASH| - [26/07/2012 09:13:14] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\desktop.ini [MD5.B227DF8720C51EE0A80CB23CCCEF1EC6] - |A| - [26/10/2012 08:42:22] - (.-.) - [328.35 Ko] - (13.80.853.0) - C:\Windows\System32\DevManagerCore.dll [MD5.1749D47359EFCA9BB044104E32B9CA04] - |A| - [13/12/2012 16:38:50] - (.-.) - [25.62 Ko] - (0.0.0.0) - C:\Windows\System32\dfx11.ico [MD5.04BB836EDA0DA51B06F8BDCA925C18FD] - |A| - [13/09/2018 14:55:03] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\Windows\System32\diskpart.txt [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [6280.5 Ko] - C:\Windows\System32\Dism [MD5.FC92D8161879F7AB5626B094DDCA3801] - |ASH| - [10/09/2018 22:12:06] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\eahgsxtjuxgxpcqn.tbl [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [290 Ko] - C:\Windows\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [204 Ko] - C:\Windows\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [255 Ko] - C:\Windows\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [277.5 Ko] - C:\Windows\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [205.5 Ko] - C:\Windows\System32\et-EE [MD5.BAC5074667751F72A9CE48CDC31BAC48] - |A| - [28/10/2018 11:05:53] - (.Copyright (C) 2007 SEIKO EPSON CORP. - E_GCINST.) - [10.5 Ko] - (1.0.0.6) - C:\Windows\System32\E_GCINST.DLL [MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - |A| - [28/10/2018 11:05:51] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2010. - ECBTEGB AMD64.) - [82 Ko] - (3.3.0.0) - C:\Windows\System32\E_ID4BLPE.DLL [MD5.2E21840342850A8A7F28D28D6DD3A1CD] - |A| - [28/10/2018 11:05:51] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2013. - EPSON Bi-directional Monitor AMD64.) - [175.5 Ko] - (4.4.0.0) - C:\Windows\System32\E_ILMBLPE.DLL [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [264.5 Ko] - C:\Windows\System32\fi-FI [MD5.7CECF82B6A4CEF243EA95FA0D91A9E38] - |A| - [11/03/2019 13:05:53] - (.-.) - [655.2 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [05/03/2013 08:53:31] - [1710 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [39471 Ko] - C:\Windows\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.BC9CCCBE9800C732940C7F8ED335B7D9] - |A| - [02/06/2012 15:31:20] - (.-.) - [42.95 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.A40DAE0F96FCD7F7F8B087BCC5486400] - |A| - [29/01/2019 13:50:47] - (.Copyright c 2003 - GeneIcon.) - [5504.18 Ko] - (1.2.0.0) - C:\Windows\System32\GeneIcon.dll [MD5.00000000000000000000000000000000] - |HD| - [26/07/2012 09:12:59] - [0.27 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.6C2DAB45D8B478D2E0A84087EE06BAA8] - |A| - [29/01/2019 13:50:48] - (.Copyright (C) 2015 - GeneStor co-installer.) - [149.24 Ko] - (2.0.0.1) - C:\Windows\System32\GSCoinst.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [234 Ko] - C:\Windows\System32\he-IL [MD5.67FC2C86490CB84F4AD74B6F5AF3A89C] - |A| - [05/03/2013 00:35:48] - (.© Copyright 2012 HPDC - Port Monitor Server DLL.) - [347.5 Ko] - (0.3.1282.3591) - C:\Windows\System32\hpbprtmon.dll [MD5.D0519B40392DB0D156B61502D5F650F4] - |A| - [05/03/2013 00:35:48] - (.© Copyright 2012 HPDC - Port Monitor UI DLL.) - [166.5 Ko] - (0.3.1282.3591) - C:\Windows\System32\hpbprtmonui.dll [MD5.06F13BD51FB6A9B199B73C1605238BBF] - |A| - [05/03/2013 00:35:48] - (.© Copyright 2012 HPDC - Real Port Monitor DLL.) - [368.5 Ko] - (0.3.1282.3591) - C:\Windows\System32\hpbrprtmon.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [05/03/2013 00:53:16] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\HPCheckOA21.err [MD5.3083DEF0BC30D66A5D320B9979C178EC] - |A| - [05/03/2013 00:53:16] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\System32\HPCheckOA21.txt [MD5.1A4695BDC5017B37E6D23A88CFEC0760] - |A| - [05/03/2013 00:14:27] - (.Copyright (C) 2011 -.) - [114.5 Ko] - (1.3.0.0) - C:\Windows\System32\HPMUIDir.exe [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [213.5 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [268 Ko] - C:\Windows\System32\hu-HU [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [5.36 Ko] - C:\Windows\System32\ias [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.7CAACE1DF07B3656E458D07115A71600] - |A| - [25/07/2012 21:22:54] - (.-.) - [429.01 Ko] - (0.0.0.0) - C:\Windows\System32\igcompkrng500.bin [MD5.385B8EFE468E3A4A3E2E65FC8764E4BF] - |A| - [25/07/2012 21:22:54] - (.-.) - [90.19 Ko] - (0.0.0.0) - C:\Windows\System32\igfcg500m.bin [MD5.C4CF4FA6C9399B277E86D602BF251A11] - |A| - [25/07/2012 21:22:54] - (.-.) - [959.22 Ko] - (0.0.0.0) - C:\Windows\System32\igkrng500.bin [MD5.9A014CE65642722D72588D5196F147CE] - |A| - [25/07/2012 21:22:54] - (.-.) - [1945.25 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxa64.cpa [MD5.DB945DDE9D7825BB4A173CD108193C49] - |A| - [25/07/2012 21:22:56] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxa64.vp [MD5.A980B0ED5543E3DFD1C21058B06C5A65] - |A| - [25/07/2012 21:22:56] - (.-.) - [58.81 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxc64.vp [MD5.82001B2CC6728CE282EF036ABC2BC975] - |A| - [25/07/2012 21:22:56] - (.-.) - [58.84 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxg64.vp [MD5.3B6C78580EC3B9A0346D2AD63EC7906A] - |A| - [25/07/2012 21:22:56] - (.-.) - [58.61 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxo64.vp [MD5.0E74C595B6F7276F41425F50D414B680] - |A| - [25/07/2012 21:22:56] - (.-.) - [5.3 Ko] - (0.0.0.0) - C:\Windows\System32\iglhxs64.vp [MD5.905B872A39FEDA81895E005F12C7EF3E] - |A| - [20/02/2019 10:45:47] - (.-.) - [713.9 Ko] - (0.0.0.0) - C:\Windows\System32\im-fre.exe [MD5.32E57C3BE45FD62673C2C40D3462A197] - |A| - [16/10/2018 04:41:19] - (.Copyright © 2005-2008 Olof Lagerkvist. - ImDisk I/O Packet Forwarder Service.) - [21.51 Ko] - (1.1.3.23) - C:\Windows\System32\imdsksvc.exe [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [25948.17 Ko] - C:\Windows\System32\IME [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [3933.54 Ko] - C:\Windows\System32\inetsrv [MD5.D506921989872994B9C5615D4761882C] - |A| - [11/10/2018 08:06:18] - (.Copyright © 2005-2016 - IObit Smart Defrag Extension.) - [125.28 Ko] - (1.0.0.25) - C:\Windows\System32\IObitSmartDefragExtension.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [281.5 Ko] - C:\Windows\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [203 Ko] - C:\Windows\System32\ja-JP [MD5.D53977F08872B0DECDAE063727288B79] - |A| - [25/09/2009 02:03:36] - (.Copyright (C) JMicron 2009 - JMicron 31X Composite Driver Installation DLL.) - [599.61 Ko] - (1.0.3.0) - C:\Windows\System32\jmccgpInst.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [202 Ko] - C:\Windows\System32\ko-KR [MD5.FAFA8B2317AABF4EBDC94D74CDB73394] - |A| - [26/07/2012 09:13:07] - (.-.) - [11741.31 Ko] - (0.0.0.0) - C:\Windows\System32\korwbrkr.lex [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [01/03/2019 06:08:38] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\last.dump [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [113.79 Ko] - C:\Windows\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [93.23 Ko] - C:\Windows\System32\LogFiles [MD5.B65E8E52916A527F88486875EE291AA8] - |A| - [26/10/2012 08:42:20] - (.-.) - [10663.85 Ko] - (13.80.853.0) - C:\Windows\System32\LogiDPP.dll [MD5.24764C249F769991079F6D4B14B822AF] - |A| - [26/10/2012 08:42:20] - (.-.) - [100.85 Ko] - (13.80.853.0) - C:\Windows\System32\LogiDPPApp.exe [MD5.2B70F45B60C52C058FD49BF8825A7C76] - |A| - [14/12/2018 12:02:11] - (.-.) - [12.09 Ko] - (0.0.0.0) - C:\Windows\System32\lsdel.dat [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [211.5 Ko] - C:\Windows\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [212.5 Ko] - C:\Windows\System32\lv-LV [MD5.4D4248F6D008D86D5575EE5B154971AE] - |A| - [26/10/2012 08:42:20] - (.(c) 1996-2012 Logitech. - Logitech Co-Installer.) - [256.28 Ko] - (13.80.853.0) - C:\Windows\System32\lvco1380853.dll [MD5.FF510CF2A7FA73192E7DB06D7C311799] - |A| - [26/10/2012 08:42:22] - (.(c) 1996-2012 Logitech. - Video Codec.) - [171.28 Ko] - (13.80.853.0) - C:\Windows\System32\lvcod64.dll [MD5.1A8AE8A66B6C289046276453768EF270] - |A| - [26/10/2012 08:42:22] - (.-.) - [28.8 Ko] - (0.0.0.0) - C:\Windows\System32\lvcoin64.ini [MD5.17DF0A2769C406F73BEDA8C81CA40F51] - |A| - [07/09/2018 11:20:16] - (.-.) - [20.88 Ko] - (0.0.0.0) - C:\Windows\System32\lvcoinst.log [MD5.B4CD287DFAA6578AC763A3800F0C2DC8] - |A| - [26/10/2012 08:42:22] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [750.28 Ko] - (13.80.853.0) - C:\Windows\System32\LVUI64.dll [MD5.CCFDDF84B42198B0AAD27D11ACFD254E] - |A| - [26/10/2012 08:42:20] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [547.28 Ko] - (13.80.853.0) - C:\Windows\System32\LVUIRC64.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [87078.09 Ko] - C:\Windows\System32\Macromed [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [25/07/2012 21:17:25] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\Windows\System32\manage-bde.wsf [MD5.8E7B17222234E50AA1008B724914E482] - |A| - [22/02/2019 20:20:05] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [124.5 Ko] - (9.1.10.13) - C:\Windows\System32\mantle64.dll [MD5.32EE7BC8C1C15142C004D680B683C266] - |A| - [22/02/2019 20:20:05] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [89 Ko] - (9.1.10.13) - C:\Windows\System32\mantleaxl64.dll [MD5.CF17A39BA7D1D1E386FD0C1303642B91] - |A| - [05/11/2018 10:00:50] - (.-.) - [20.71 Ko] - (0.0.0.0) - C:\Windows\System32\MDA_NTDRV.sys [MD5.00000000000000000000000000000000] - |SD| - [26/07/2012 08:19:50] - [1112.32 Ko] - C:\Windows\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [4336.5 Ko] - C:\Windows\System32\migration [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [40302.25 Ko] - C:\Windows\System32\migwiz [MD5.3774B5C0E0BBA8C8EE54DF3606AB815C] - |A| - [25/07/2012 21:18:14] - (.-.) - [1.14 Ko] - (0.0.0.0) - C:\Windows\System32\migwiz.lnk [MD5.00000000000000000000000000000000] - |D| - [05/01/2019 03:10:06] - [0 Ko] - C:\Windows\System32\MpEngineStore [MD5.00000000000000000000000000000000] - |D| - [05/09/2018 15:10:44] - [0 Ko] - C:\Windows\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [45.5 Ko] - C:\Windows\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [4180.28 Ko] - C:\Windows\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [25.22 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [257 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [384 Ko] - C:\Windows\System32\NDF [MD5.EC3F2258DC5247436CF829AA405523A7] - |A| - [26/07/2012 08:21:16] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-119437.txt [MD5.363AB3B147EC26DE764E2FB32EA2041C] - |A| - [26/07/2012 08:21:17] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-120093.txt [MD5.0A742EBDEC323A1C158125EDDCD0ECB9] - |A| - [26/07/2012 08:21:18] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-120828.txt [MD5.0D1B9A4AA0E64E1D3C9B23D4C33E8646] - |A| - [26/07/2012 08:21:18] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-121015.txt [MD5.670571AEA7547824368AAFF1210E5219] - |A| - [26/07/2012 08:21:19] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-121796.txt [MD5.876860348EF677B24E4070B6F0D0434B] - |A| - [26/07/2012 08:21:19] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-122078.txt [MD5.D9DF4A50BBA7175DDD31647FDD2E1C1E] - |A| - [26/07/2012 08:21:19] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-122250.txt [MD5.6B60C5E72A98FFD8AA3C3E79EB9EBC37] - |A| - [26/07/2012 08:21:19] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-122625.txt [MD5.FC2AE0A6CD9E5604723A4D73E3485D1B] - |A| - [26/07/2012 08:21:20] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-122828.txt [MD5.8CC3614DB50EB8B061D80657A5E43793] - |A| - [26/07/2012 08:21:20] - (.-.) - [0.18 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-123046.txt [MD5.9F72E06493E8E034E4F3E287B2F6D5D4] - |A| - [01/08/2012 18:10:05] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-303172.txt [MD5.EC3F2258DC5247436CF829AA405523A7] - |A| - [01/08/2012 18:03:24] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-40170.txt [MD5.E39F5B5F2F8E17B44BC73BFD6F5EEFE8] - |A| - [01/08/2012 18:03:24] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-40591.txt [MD5.0A742EBDEC323A1C158125EDDCD0ECB9] - |A| - [01/08/2012 18:03:25] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-40934.txt [MD5.363AB3B147EC26DE764E2FB32EA2041C] - |A| - [01/08/2012 18:03:25] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-41340.txt [MD5.670571AEA7547824368AAFF1210E5219] - |A| - [01/08/2012 18:03:25] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-41667.txt [MD5.876860348EF677B24E4070B6F0D0434B] - |A| - [01/08/2012 18:03:26] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-41933.txt [MD5.D9DF4A50BBA7175DDD31647FDD2E1C1E] - |A| - [01/08/2012 18:03:26] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-42213.txt [MD5.6B60C5E72A98FFD8AA3C3E79EB9EBC37] - |A| - [01/08/2012 18:03:26] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-42510.txt [MD5.FC2AE0A6CD9E5604723A4D73E3485D1B] - |A| - [01/08/2012 18:03:27] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-42947.txt [MD5.8CC3614DB50EB8B061D80657A5E43793] - |A| - [01/08/2012 18:03:27] - (.-.) - [0.18 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-43290.txt [MD5.E4843FF1AB51E26581AC8DB00AF1A4C5] - |A| - [01/08/2012 18:03:29] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-44959.txt [MD5.E8B1395E16EADC6DF8A46B495B18ECEE] - |A| - [26/07/2012 08:20:47] - (.-.) - [1.04 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-89875.txt [MD5.5CC4F3864BDCE5E9213C52939312AC01] - |A| - [26/07/2012 08:20:50] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-93281.txt [MD5.5801C1FACB698C5002EEDBA6250335EF] - |A| - [26/07/2012 08:20:50] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-93328.txt [MD5.821921F348A22369B1C581EA13BBC758] - |A| - [26/07/2012 08:20:50] - (.-.) - [1.05 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-93375.txt [MD5.0D8BF6EF6C21BECB154A7436A59566A3] - |A| - [26/07/2012 08:20:50] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-93593.txt [MD5.AEAF58F9892C9A4FF1908484C39ED304] - |A| - [26/07/2012 08:20:50] - (.-.) - [0.12 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-93625.txt [MD5.7D493C49123B6DE8B0B54C2423F999A6] - |A| - [26/07/2012 08:20:50] - (.-.) - [0.12 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-93671.txt [MD5.36F91CAF533BED05AFE56F61F4C71219] - |A| - [26/07/2012 08:20:51] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-93734.txt [MD5.FACC27AD18C2F04F14E8E085176E8E96] - |A| - [26/07/2012 08:20:51] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-94359.txt [MD5.948440016A48DEB170FB67536DAE1E31] - |A| - [26/07/2012 08:20:51] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-94625.txt [MD5.44F9A26DA8A19CEB894842E2AE89F4C5] - |A| - [26/07/2012 08:20:52] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-94906.txt [MD5.9AC5678D9C90D7448A66AEB137851A6B] - |A| - [26/07/2012 08:20:52] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-95156.txt [MD5.330FC34920FBECA5CC97FF6B3EF494EE] - |A| - [26/07/2012 08:20:52] - (.-.) - [0.12 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-95218.txt [MD5.001C4FC0D09C74099E7D249DDACE46E2] - |A| - [26/07/2012 08:20:52] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-95500.txt [MD5.811E3BF0C6E28021B6F86BCC82657796] - |A| - [26/07/2012 08:20:53] - (.-.) - [1.04 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-95828.txt [MD5.A312E3421569C57EACF369953FFC7B12] - |A| - [26/07/2012 08:20:53] - (.-.) - [0.12 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-96078.txt [MD5.2F8ADAACE1FD789259BABC0F76B6168B] - |A| - [26/07/2012 08:20:53] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-96140.txt [MD5.556DC677D7AE5C9C16E753DC56266CD4] - |A| - [26/07/2012 08:20:53] - (.-.) - [1.04 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-96203.txt [MD5.FDDCED8294A694F146FD5FE85F40EF00] - |A| - [26/07/2012 08:20:53] - (.-.) - [1.04 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-96437.txt [MD5.8FF69A1CCC2A8135E57664C4D0F20EB5] - |A| - [26/07/2012 08:20:54] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-97218.txt [MD5.3299FC715DC4E50EC28C3E4139F61F72] - |A| - [26/07/2012 08:20:55] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-97875.txt [MD5.DCBE2C1A0A9B0381DC878592682ACDBB] - |A| - [26/07/2012 08:20:55] - (.-.) - [1.05 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-98187.txt [MD5.008033CDCE4B5F060BA01839A2CE184F] - |A| - [26/07/2012 08:20:55] - (.-.) - [1.05 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-98390.txt [MD5.794DCE04F1DE3EA60F3B74A4931CAC4E] - |A| - [26/07/2012 08:20:55] - (.-.) - [1.04 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-98625.txt [MD5.DF60AA1767C2940E700D8B078A477793] - |A| - [26/07/2012 08:20:56] - (.-.) - [1.04 Ko] - (0.0.0.0) - C:\Windows\System32\netcfg-99140.txt [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [25/07/2012 21:23:38] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [51 Ko] - C:\Windows\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [275.5 Ko] - C:\Windows\System32\nl-NL [MD5.976773F90E055314CCA82223606139C9] - |A| - [26/07/2012 09:13:05] - (.-.) - [4.57 Ko] - (0.0.0.0) - C:\Windows\System32\OEMDefaultAssociations.xml [MD5.2901049544FDF863362FABA2363EB647] - |A| - [25/07/2012 21:17:10] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [73838.41 Ko] - C:\Windows\System32\oobe [MD5.43352EFFD1E507868657A34CE1D30FE6] - |A| - [22/02/2019 20:20:05] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenVideo 1.1 Runtime.) - [96.5 Ko] - (10.0.1445.5) - C:\Windows\System32\OpenVideo64.dll [MD5.9A2413EA0C3B4C578BD0BBFD4111B227] - |A| - [22/02/2019 20:20:05] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OVDecode 1.1 Runtime.) - [84.5 Ko] - (10.0.1445.5) - C:\Windows\System32\OVDecode64.dll [MD5.8BCC910E8E5DDA0101BB2DB4272E6F52] - |A| - [26/07/2012 09:15:05] - (.-.) - [116.04 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.87C21345BCDEEEE31870998384428FCD] - |A| - [05/03/2013 08:54:08] - (.-.) - [116.26 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [25/07/2012 21:21:53] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\System32\PerfCenterCpl.ico [MD5.32BC2E0CC95E2DCEE25B15BFB82D07B8] - |A| - [26/07/2012 09:15:05] - (.-.) - [32.58 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.AA180E09E4990FF71FBEAC8C4455CF47] - |A| - [05/03/2013 08:54:08] - (.-.) - [39.58 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.4CC9CD59FE4DB0EA34F56B33CDF816B2] - |A| - [26/07/2012 09:15:05] - (.-.) - [619.6 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.3B5F0067851DE035FBD4931A036FAF19] - |A| - [05/03/2013 08:54:08] - (.-.) - [620.09 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.54A3A1438E5E5C35886093B20B3B5E4E] - |A| - [26/07/2012 08:28:09] - (.-.) - [1487.78 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.5A004AAD2DABFD4CD88D8B55A794045C] - |ASH| - [10/09/2018 22:12:07] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\phddpaxcplhjwxbm.dat [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [272 Ko] - C:\Windows\System32\pl-PL [MD5.52B10B6E184443323D4291FFFE96977A] - |A| - [17/10/2012 10:05:54] - (.(C) 2009-2012 COMODO Security Solutions Inc. - COMODO System Utilities.) - [31.21 Ko] - (1.1.4464.33) - C:\Windows\System32\powerremover.exe [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 10:43:41] - [420.42 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.0225FC6F0D91F84B44CE252487D8D725] - |A| - [08/11/2018 23:50:19] - (.Copyright (C) 2008-2013 - Video-Codec by proDAD.) - [593.02 Ko] - (1.0.18.0) - C:\Windows\System32\prodad-codec.dll [MD5.A14E6B78E10DE725955CC39EAADF4046] - |A| - [08/11/2018 23:50:17] - (.Copyright (C) 2008 - Part of the proDAD.) - [367.52 Ko] - (1.0.4.0) - C:\Windows\System32\proDAD-PA-Support.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\System32\ProximityToast [MD5.007893E8374C766471239EB291BA8C17] - |A| - [02/06/2012 15:34:22] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\Windows\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [268.5 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [271 Ko] - C:\Windows\System32\pt-PT [MD5.C32ECB99AD25E9A04F01C8665DF29EF8] - |A| - [05/11/2018 09:44:46] - (.-.) - [18.7 Ko] - (0.0.0.0) - C:\Windows\System32\pwdrvio.sys [MD5.D619356B955EEFA642F5FF72755E8B3C] - |A| - [05/11/2018 09:44:45] - (.-.) - [12.21 Ko] - (0.0.0.0) - C:\Windows\System32\pwdspio.sys [MD5.4F03CE245A5CCE76C03AD59F60775206] - |A| - [05/11/2018 09:45:16] - (.-.) - [3469 Ko] - (0.0.0.0) - C:\Windows\System32\pwNative.exe [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [23.75 Ko] - C:\Windows\System32\ras [MD5.0A9F9AF06369A9EE130F19313A711743] - |A| - [17/10/2012 10:05:54] - (.(C) 2009-2012 COMODO Security Solutions Inc. - COMODO System Utilities.) - [27.71 Ko] - (1.1.4464.33) - C:\Windows\System32\regdefrag.exe [MD5.2E7B9D5CE7AF8F28AC207CD75EDE713E] - |A| - [20/02/2019 08:52:11] - (.-.) - [18.67 Ko] - (0.0.0.0) - C:\Windows\System32\RegDefragNT 2019-02-20 08-36-45.cfg [MD5.89BACD3A6F804B982A32E5CA6E66EB7D] - |A| - [25/02/2019 14:41:10] - (.-.) - [2.54 Ko] - (0.0.0.0) - C:\Windows\System32\RegDefragNT 2019-02-20 08-36-45.log [MD5.7ED81181C5571649140E223F9874B020] - |A| - [20/02/2019 08:52:08] - (.Copyright (C) Steganos Software GmbH 2017 - RegDefragNt.) - [78.27 Ko] - (1.0.0.1070) - C:\Windows\System32\RegDefragNT.exe [MD5.C6CA43573C21CA6392F57F238C8391FC] - |A| - [26/10/2012 08:42:20] - (.-.) - [39.45 Ko] - (0.0.0.0) - C:\Windows\System32\Repository.reg [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0.07 Ko] - C:\Windows\System32\restore [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [16/12/2018 17:43:33] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\Restoro.rep [MD5.3BFE960E8C0DAA6ABACF0026816764AE] - |A| - [22/02/2019 20:27:43] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [319.56 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DAA64.dll [MD5.FAC5145454CEA7C36B260EEFDF99BCE2] - |A| - [22/02/2019 20:27:43] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [319.57 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DHT64.dll [MD5.66C1159AE243D4F42EB9203781683D14] - |A| - [22/02/2019 20:27:44] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [215.19 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEED64A.dll [MD5.8D5CA7B459D04C6031CC075615EBE081] - |A| - [22/02/2019 20:27:44] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [91.67 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEG64A.dll [MD5.B07A062AC8ADAD04F96393E1309D8412] - |A| - [22/02/2019 20:27:44] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [113.77 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEL64A.dll [MD5.5BF01B6CB276E439AFEE5968CABF5CE0] - |A| - [22/02/2019 20:27:44] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [383.63 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEP64A.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [06/09/2018 00:00:00] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\SBRC.dat [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [02/06/2012 15:50:36] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.C7DBD12C17A53F10E791769025953B34] - |A| - [13/09/2018 18:40:53] - (.Copyright © 2008-2018 Safer-Networking Limited. -.) - [31.41 Ko] - (2.7.64.1001) - C:\Windows\System32\sdnclean64.exe [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [02/06/2012 21:25:22] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [07/09/2018 12:20:32] - [7395 Ko] - C:\Windows\System32\ShellExtBridge [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [217.5 Ko] - C:\Windows\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [213.5 Ko] - C:\Windows\System32\sl-SI [MD5.523965212FDCEFC5503B38B76AF8B037] - |A| - [22/02/2019 20:27:48] - (.Copyright (C) 2018 DTS, Inc. - DTS Universal APO DLL.) - [971.34 Ko] - (3.5.17.0) - C:\Windows\System32\sl3apo64.dll [MD5.03A9E79CD229873353E177FF5ADF0F01] - |A| - [22/02/2019 20:27:48] - (.Copyright (C) 2018 DTS, Inc. - DTS APO Controller DLL.) - [3337.87 Ko] - (3.5.17.0) - C:\Windows\System32\slcnt64.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 10:43:43] - [49.83 Ko] - C:\Windows\System32\slmgr [MD5.5DA94C1082B9331928DFC87F5E13EAB2] - |A| - [23/01/2012 14:15:14] - (.- SlotMaximizerAg.dll.) - [120 Ko] - (1.0.2.32) - C:\Windows\System32\SlotMaximizerAg.dll [MD5.E93999885EA5519A5D4B1EEF6EA448B3] - |A| - [23/01/2012 14:15:14] - (.- SlotMaximizerBe.dll.) - [2420.5 Ko] - (1.0.2.32) - C:\Windows\System32\SlotMaximizerBe.dll [MD5.18F23364AD2D0B7F35B6FD22CD0CE790] - |A| - [22/02/2019 20:27:48] - (.TODO: (c) . - TODO: .) - [260.27 Ko] - (1.0.0.1) - C:\Windows\System32\slprp64.dll [MD5.EC70E7273FA253E2AB8A85492D5C5798] - |A| - [22/02/2019 20:27:48] - (.Copyright (C) 2018 DTS, Inc. - DTS APO Technology DLL.) - [3055.44 Ko] - (3.5.17.0) - C:\Windows\System32\sltech64.dll [MD5.A259831E0101895A9102D394F5C49A6D] - |A| - [11/10/2018 08:06:09] - (.Copyright © 2005-2013 - SmartDefrag.) - [35.44 Ko] - (2.0.0.0) - C:\Windows\System32\SmartDefragBootTime.exe [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [11849.02 Ko] - C:\Windows\System32\SMI [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [25875 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [214235.18 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [3155.44 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [23.55 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [216 Ko] - C:\Windows\System32\sr-Latn-CS [MD5.EE4545993EFE0D182C2B1C96DEE850B3] - |A| - [22/02/2019 20:27:48] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRAPO.DLL.) - [456.17 Ko] - (4.0.0.59) - C:\Windows\System32\SRAPO64.dll [MD5.DDC5CDDA7BE211B553A89D614BEC274B] - |A| - [22/02/2019 20:27:48] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.12 Ko] - (4.0.0.59) - C:\Windows\System32\SRCOM.dll [MD5.252AE3348D156F5D6F2BA50E29872480] - |A| - [22/02/2019 20:27:48] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [372.44 Ko] - (4.0.0.59) - C:\Windows\System32\SRCOM64.dll [MD5.65CF29D0A4CC17686E0622DAEFAE73D5] - |A| - [14/07/2012 03:00:47] - (.-.) - [42.85 Ko] - (0.0.0.0) - C:\Windows\System32\srms.dat [MD5.A9B3A78601B6154F8AA9F702100750FB] - |A| - [22/02/2019 20:27:48] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRRPTR.DLL.) - [1401.47 Ko] - (4.0.0.59) - C:\Windows\System32\SRRPTR64.dll [MD5.36E083FBCFA7174055277ACE77EE96CD] - |A| - [22/02/2019 20:27:48] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [213.13 Ko] - (1.1.0.0) - C:\Windows\System32\SRSHP64.dll [MD5.00000000000000000000000000000000] - |D| - [16/12/2018 19:03:47] - [2333.22 Ko] - C:\Windows\System32\SRSLabs [MD5.6D4BE3B45A2D7C021DEE18572F40CC90] - |A| - [22/02/2019 20:27:48] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [225.27 Ko] - (1.1.4.0) - C:\Windows\System32\SRSTSH64.dll [MD5.37421A0F8858435C568416646E7897F5] - |A| - [22/02/2019 20:27:48] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [528.4 Ko] - (3.2.0.0) - C:\Windows\System32\SRSTSX64.dll [MD5.E2292F88C7B419AF65A7828118FE9CEA] - |A| - [22/02/2019 20:27:48] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [170.8 Ko] - (1.1.3.0) - C:\Windows\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [4688 Ko] - C:\Windows\System32\sru [MD5.B59958CD06C9F89C39281FB12F1BB233] - |A| - [25/07/2012 21:21:57] - (.-.) - [513.74 Ko] - (0.0.0.0) - C:\Windows\System32\staticurllist.bin [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [262 Ko] - C:\Windows\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [1447.42 Ko] - C:\Windows\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [544 Ko] - C:\Windows\System32\SystemResetPlatform [MD5.6D93E318269732EE13E019D01F3554B9] - |A| - [21/07/2012 02:44:51] - (.-.) - [117.11 Ko] - (0.0.0.0) - C:\Windows\System32\systemsf.ebd [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [401.48 Ko] - C:\Windows\System32\Tasks [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [02/06/2012 21:26:07] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.D5AA255705D410C0D2D257B01350E6E4] - |A| - [07/07/2012 03:00:48] - (.-.) - [3.06 Ko] - (0.0.0.0) - C:\Windows\System32\TelemetrySampleManifest.xml [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [202 Ko] - C:\Windows\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [258.5 Ko] - C:\Windows\System32\tr-TR [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [212.5 Ko] - C:\Windows\System32\uk-UA [MD5.75917ED591F6CB5CCE74E473612D3B9F] - |A| - [16/12/2018 19:02:22] - (.-.) - [0.03 Ko] - (0.0.0.0) - C:\Windows\System32\VendorCmd6485.bin [MD5.1F69B4D3E2344B5FB6C52BCEB1204412] - |A| - [16/12/2018 19:02:22] - (.-.) - [0.12 Ko] - (0.0.0.0) - C:\Windows\System32\VendorCmd6485_SetSSC.bin [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [90323.84 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 10:43:42] - [0 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [35151.79 Ko] - C:\Windows\System32\wdi [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [25/07/2012 23:55:55] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [128 Ko] - C:\Windows\System32\wfp [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [88 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.76E589D5A4EB4D99A0E8AAEAE0FDC9A4] - |A| - [29/01/2019 14:11:25] - (.Copyright © 2018 - Java(TM) Platform SE binary.) - [108.37 Ko] - (8.0.201.9) - C:\Windows\System32\WindowsAccessBridge-64.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [6289.72 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [139680 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [1284.5 Ko] - C:\Windows\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 10:43:43] - [107.53 Ko] - C:\Windows\System32\winrm [MD5.F1DF7849450DBC5D5C3A464E8A791C8C] - |A| - [02/06/2012 15:31:26] - (.-.) - [1485.18 Ko] - (0.0.0.0) - C:\Windows\System32\WpcNBModel.bin [MD5.FB00CD74A5F35E89A7FBDD3C1D05375A] - |A| - [26/07/2012 02:14:19] - (.-.) - [253 Ko] - (0.0.0.0) - C:\Windows\System32\WSDScDrv.dll [MD5.1897358EF9BA691BB0747D4891B36478] - |A| - [20/02/2019 08:58:33] - (.-.) - [167.5 Ko] - (0.0.0.0) - C:\Windows\System32\xvid.ax [MD5.84435F1BA5148814FCF1B3CC06EBCDDD] - |A| - [20/02/2019 08:58:35] - (.-.) - [696.5 Ko] - (0.0.0.0) - C:\Windows\System32\xvidcore.dll [MD5.D44A4DA65F4204BA1AAEBAEA97A83E2A] - |A| - [20/02/2019 08:58:37] - (.-.) - [245.5 Ko] - (0.0.0.0) - C:\Windows\System32\xvidvfw.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [179.5 Ko] - C:\Windows\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [180.5 Ko] - C:\Windows\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [180.5 Ko] - C:\Windows\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [05/03/2013 08:53:33] - [0 Ko] - C:\Windows\SysWOW64\040C [MD5.AD666E2117B38BC7D2479DB29873753B] - |A| - [11/01/2019 20:45:18] - (.Copyright © 2002 by Vigovsky Alexander - ac3filter.) - [168 Ko] - (0.6.8.0) - C:\Windows\SysWOW64\ac3filter.cpl [MD5.00000000000000000000000000000000] - |D| - [13/09/2018 15:47:08] - [35545.44 Ko] - C:\Windows\SysWOW64\Adobe [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [2207 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |SHD| - [17/01/2019 17:01:15] - [0 Ko] - C:\Windows\SysWOW64\AI_RecycleBin [MD5.43F1B6EF70A60C34917FBB524418F5B3] - |A| - [22/02/2019 20:15:33] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [4256.5 Ko] - (9.1.10.13) - C:\Windows\SysWOW64\amdmantle32.dll [MD5.67B8BC701AF065376510D36B919FF9C0] - |A| - [22/02/2019 20:15:35] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [37 Ko] - (1.5.0.0) - C:\Windows\SysWOW64\amdmmcl.dll [MD5.F702DD6860D9448EAD55A90A57EB886F] - |A| - [22/02/2019 20:15:40] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 1.2 Runtime.) - [23542.5 Ko] - (10.0.1445.5) - C:\Windows\SysWOW64\amdocl.dll [MD5.56B986D13C74903FE27B71BA85C76037] - |A| - [22/02/2019 20:15:25] - (.-.) - [972.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdocl_as32.exe [MD5.28F4F5BAC73505F71B8AEC95B7FBE1DD] - |A| - [22/02/2019 20:15:25] - (.-.) - [780.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdocl_ld32.exe [MD5.229BC3D41F650415353966A942FB5A0E] - |A| - [22/02/2019 20:17:42] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [70.02 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\amdpcom32.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [230.5 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.A593815696077779EE6586A62CB08AB8] - |A| - [20/02/2013 22:22:22] - (.Copyright (c) ATI Technologies Inc. 2003-2009 - ati2edxx.) - [42.5 Ko] - (6.14.10.2514) - C:\Windows\SysWOW64\ati2edxx.dll [MD5.1DE4327A590FE60628F4E9729D5043AD] - |A| - [22/02/2019 20:18:00] - (.Copyright (C) 2008-2011 Advanced Micro Devices, Inc. - ADL.) - [829 Ko] - (6.14.10.1300) - C:\Windows\SysWOW64\atiadlxy.dll [MD5.D20684C52956C78947BD57C8D791E924] - |A| - [22/02/2019 20:21:29] - (.-.) - [567.2 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiapfxx.blb [MD5.B07A6E604C3A212B73FAEF2E8DFDABAC] - |A| - [22/02/2019 20:18:00] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [48 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticalcl.dll [MD5.D409351CB2337AED4F491769F4FDCFF2] - |A| - [22/02/2019 20:18:01] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [13967 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticaldd.dll [MD5.57D97241A2C09DA8E8560019CB560C5A] - |A| - [22/02/2019 20:18:05] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [51 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticalrt.dll [MD5.94E9690B6BFD83659A832A78C23FF706] - |A| - [20/02/2013 22:22:20] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx32.dll.) - [1091 Ko] - (8.17.10.1280) - C:\Windows\SysWOW64\aticfx32.dll [MD5.C4B4156D4FA71D4404FE117F44279D9F] - |A| - [20/02/2013 22:22:22] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx32.dll.) - [8659.11 Ko] - (8.17.10.545) - C:\Windows\SysWOW64\atidxx32.dll [MD5.9CE43A40383EAFEE2DA3DCFE1DE6AADB] - |A| - [22/02/2019 20:18:12] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [130.5 Ko] - (8.14.1.6374) - C:\Windows\SysWOW64\atigktxx.dll [MD5.4E6C52E4EF086C1B0E668E4E505D6E8E] - |A| - [22/02/2019 20:18:12] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [68 Ko] - (8.14.1.6374) - C:\Windows\SysWOW64\atiglpxx.dll [MD5.B424CEB6AB8C785AC7D66D10BAEBCD24] - |A| - [22/02/2019 20:18:12] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [70.02 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\atimpc32.dll [MD5.6E38FBD4129E2AC51E6A76FEA914648F] - |A| - [22/02/2019 20:19:38] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [22860.5 Ko] - (6.14.10.12874) - C:\Windows\SysWOW64\atioglxx.dll [MD5.64A0869F18560CD529120ADE00155C3E] - |A| - [29/08/2012 09:11:43] - (.-.) - [3.83 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atipblag.dat [MD5.D2CA40C54A2A30AEECEFBD371493A80F] - |A| - [22/02/2019 20:19:55] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [97.19 Ko] - (8.14.1.6374) - C:\Windows\SysWOW64\atiu9pag.dll [MD5.57857941FC59EE23B70B99A04E0886C6] - |A| - [22/02/2019 20:20:01] - (.Copyright (C) 1998-2011 AMD Inc. - atiumdag.dll.) - [6640.32 Ko] - (9.14.10.1029) - C:\Windows\SysWOW64\atiumdag.dll [MD5.BAE879DDB0B3EB1B00854C61C1EC6302] - |A| - [22/02/2019 20:21:30] - (.-.) - [3390.02 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiumdva.cap [MD5.9FBA0F47AB5C3375D7A735E4E997BA40] - |A| - [22/02/2019 20:20:03] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [6637.3 Ko] - (8.14.10.448) - C:\Windows\SysWOW64\atiumdva.dll [MD5.BE0DAE64CA1E653E93B2881FC9430831] - |A| - [20/02/2013 22:22:20] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [123.38 Ko] - (8.14.1.6374) - C:\Windows\SysWOW64\atiuxpag.dll [MD5.A3843B5810BE3B314D5D5E3B93E82AA7] - |A| - [20/02/2013 22:22:20] - (.-.) - [26.3 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsnl.dat [MD5.CFBA17101E04BBCDA5E50CC8A92CEBB0] - |A| - [20/02/2013 22:22:12] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsny.dat [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [29/08/2012 09:12:52] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [29/08/2012 09:12:54] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsvl.dat [MD5.69BC2386DFA5E79BCDD1079B59CCA1C4] - |A| - [26/01/2017 08:26:38] - (.-.) - [69.48 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\bdmjpeg.dll [MD5.9B3C54A9C49CA00F5A9DA7C7F84A57F9] - |A| - [26/01/2017 08:26:48] - (.-.) - [69.51 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\bdmpega.acm [MD5.90476773F98F4AE0A3CB013F4D21650B] - |A| - [26/01/2017 08:26:44] - (.-.) - [69.51 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\bdmpegv.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [202.5 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0.93 Ko] - C:\Windows\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.E62EE6F1EFC85CB36D62AB779DB6E4EC] - |A| - [06/12/2018 16:01:47] - (.-.) - [505 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\CLWCP.exe [MD5.BC3B6239D0F74FFA152FCE165CFB6424] - |A| - [26/02/2019 11:19:53] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [261.18 Ko] - (1.3.50284.151) - C:\Windows\SysWOW64\cmdkbdcss32.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [308 Ko] - C:\Windows\SysWOW64\Com [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [17572.13 Ko] - C:\Windows\SysWOW64\config [MD5.C27CB9AF7ACD6DCC164C386E4B46259D] - |A| - [24/08/2012 11:05:44] - (.© Copyright 2006 - cPC_DMIRDll Dynamic Link Library.) - [248 Ko] - (1.3.1.1) - C:\Windows\SysWOW64\cPC_DMIRD.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [248 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.5FD2AB268E79600FED51E072EB69F8B2] - |A| - [26/02/2019 11:19:54] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [341.3 Ko] - (1.3.50284.151) - C:\Windows\SysWOW64\cssguard32.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [245.5 Ko] - C:\Windows\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [269.5 Ko] - C:\Windows\SysWOW64\de-DE [MD5.EF3B22817B0C612B42D25409ACE1ECA8] - |A| - [09/10/2018 05:24:12] - (.Copyright © 2013 - Java(TM) Platform SE binary.) - [462.42 Ko] - (6.0.450.6) - C:\Windows\SysWOW64\deployJava1.dll [MD5.B227DF8720C51EE0A80CB23CCCEF1EC6] - |A| - [26/10/2012 08:42:22] - (.-.) - [328.35 Ko] - (13.80.853.0) - C:\Windows\SysWOW64\DevManagerCore.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [4828.5 Ko] - C:\Windows\SysWOW64\Dism [MD5.DD2D0AFFC2A7F45C765436D4675BD0DE] - |A| - [27/04/2007 09:43:58] - (.-.) - [117.38 Ko] - (3.7.0.12) - C:\Windows\SysWOW64\DLLDEV32i.dll [MD5.CB128A44A4A4861375F24BA6159D753B] - |A| - [30/04/2012 07:26:57] - (.Copyright © 1995 - 2003 by Inner Media, Inc. - DynaZIP-32 Multi-Threading UnZIP DLL.) - [136 Ko] - (5.0.0.3) - C:\Windows\SysWOW64\dunzip32.dll [MD5.9B8413CAD2279F7D2C92506270FD820E] - |A| - [11/12/2002 09:19:59] - (.Copyright (C) 2001-2002 Gabest - DirectVobSub.) - [244 Ko] - (2.0.23.0) - C:\Windows\SysWOW64\DVobSub.ax [MD5.00000000000000000000000000000000] - |D| - [19/11/2018 20:25:51] - [1249.05 Ko] - C:\Windows\SysWOW64\E177E04D548C4006A465EEB92D3DE021 [MD5.93B390FFBFADF97F9941B3F6CD026B83] - |A| - [12/03/2019 15:08:37] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\Eaolog.log [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [271 Ko] - C:\Windows\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [188 Ko] - C:\Windows\SysWOW64\en-GB [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [239.5 Ko] - C:\Windows\SysWOW64\en-US [MD5.D9EC109B950CA8BEAA19C9BFCB1EB318] - |A| - [29/09/2018 12:53:34] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\Error.ini [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [259.5 Ko] - C:\Windows\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [190 Ko] - C:\Windows\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [247.5 Ko] - C:\Windows\SysWOW64\fi-FI [MD5.1892A823ACF268C7177B285294B03138] - |A| - [29/09/2015 22:31:00] - (.Copyright (C) 2012 - Morae Recorder Firefox extension.) - [73.81 Ko] - (1.0.0.1) - C:\Windows\SysWOW64\FirefoxCaptureBridge.dll [MD5.00000000000000000000000000000000] - |D| - [05/03/2013 08:53:33] - [1686 Ko] - C:\Windows\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [34596.25 Ko] - C:\Windows\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp [MD5.5C1D8DB5B5570CF7398DB1CCC65587B8] - |A| - [29/01/2019 13:50:51] - (.-.) - [17.49 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\GeneStor.INF [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0.01 Ko] - C:\Windows\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.CC8206C9288EA409781DE1D7FC754A39] - |A| - [14/01/2019 17:20:20] - (.2005-2013 - Generic Service.) - [478.72 Ko] - (2.4.4.0) - C:\Windows\SysWOW64\GSService.exe [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [220 Ko] - C:\Windows\SysWOW64\he-IL [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [197.5 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [251 Ko] - C:\Windows\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml [MD5.7CAACE1DF07B3656E458D07115A71600] - |A| - [25/07/2012 21:22:54] - (.-.) - [429.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igcompkrng500.bin [MD5.385B8EFE468E3A4A3E2E65FC8764E4BF] - |A| - [25/07/2012 21:22:54] - (.-.) - [90.19 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igfcg500m.bin [MD5.C4CF4FA6C9399B277E86D602BF251A11] - |A| - [25/07/2012 21:22:54] - (.-.) - [959.22 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\igkrng500.bin [MD5.32E57C3BE45FD62673C2C40D3462A197] - |A| - [16/10/2018 04:41:23] - (.Copyright © 2005-2008 Olof Lagerkvist. - ImDisk I/O Packet Forwarder Service.) - [21.51 Ko] - (1.1.3.23) - C:\Windows\SysWOW64\imdsksvc.exe [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [20445.67 Ko] - C:\Windows\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [3130.07 Ko] - C:\Windows\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\SysWOW64\Ipmi [MD5.250472A135D73A0ABA073EEF65A7F8B2] - |A| - [17/12/2018 12:50:11] - (.2005-2017 COMODO. - Internet Security Essentials.) - [4023.02 Ko] - (1.3.59977.152) - C:\Windows\SysWOW64\ise_installer.exe [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [264 Ko] - C:\Windows\SysWOW64\it-IT [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [192 Ko] - C:\Windows\SysWOW64\ja-JP [MD5.A773219C280799111ED90665D2E0CD1A] - |A| - [18/04/2017 12:00:03] - (.Copyright (C) 2003-2015 K7 Computing Pvt Ltd - K7Computing LSP Module.) - [137.02 Ko] - (15.2.2.12) - C:\Windows\SysWOW64\K7WSLsp.dll [MD5.5ACD11DF2AA5F3E3F30F785589B70347] - |A| - [13/11/2005 19:07:12] - (.-.) - [6.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\kc.exe [MD5.6315AB54B0156C7B5B1B6E499601C171] - |A| - [29/10/2006 16:36:54] - (.Killer{R} -.) - [1158 Ko] - (2.8.4.0) - C:\Windows\SysWOW64\killcopy.exe [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [191.5 Ko] - C:\Windows\SysWOW64\ko-KR [MD5.FAFA8B2317AABF4EBDC94D74CDB73394] - |A| - [26/07/2012 09:13:10] - (.-.) - [11741.31 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\korwbrkr.lex [MD5.88C97B787E10159AED880D715BBB87B7] - |A| - [30/04/2012 07:26:57] - (.Copyright © 2002-2006 by AgenSoft - DF SDK.) - [136 Ko] - (1.0.2.2) - C:\Windows\SysWOW64\libdfp.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [113.79 Ko] - C:\Windows\SysWOW64\Licenses [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\SysWOW64\LogFiles [MD5.B65E8E52916A527F88486875EE291AA8] - |A| - [26/10/2012 08:42:20] - (.-.) - [10663.85 Ko] - (13.80.853.0) - C:\Windows\SysWOW64\LogiDPP.dll [MD5.24764C249F769991079F6D4B14B822AF] - |A| - [26/10/2012 08:42:20] - (.-.) - [100.85 Ko] - (13.80.853.0) - C:\Windows\SysWOW64\LogiDPPApp.exe [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [195.5 Ko] - C:\Windows\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [196 Ko] - C:\Windows\SysWOW64\lv-LV [MD5.BDC67729D0A4940C525654FF869C5289] - |A| - [26/10/2012 08:42:20] - (.(c) 1996-2012 Logitech. - Video Codec.) - [297.85 Ko] - (13.80.853.0) - C:\Windows\SysWOW64\lvcodec2.dll [MD5.E8C604C7E16CE90C0D4564EC06B118E8] - |A| - [26/10/2012 08:42:20] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [529.85 Ko] - (13.80.853.0) - C:\Windows\SysWOW64\LVUI2.dll [MD5.F13DA78D0873B2025556D65DB5E3210D] - |A| - [26/10/2012 08:42:22] - (.(c) 1996-2012 Logitech. - Logitech Camera Property Pages.) - [525.85 Ko] - (13.80.853.0) - C:\Windows\SysWOW64\LVUI2RC.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [67129.24 Ko] - C:\Windows\SysWOW64\Macromed [MD5.EB3C0A157D3145366D2DB25794BE3F56] - |A| - [22/02/2019 20:20:05] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [111 Ko] - (9.1.10.13) - C:\Windows\SysWOW64\mantle32.dll [MD5.2D80DB681D4E33A90FFDCF6DAE6B1F19] - |A| - [22/02/2019 20:20:05] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [83.5 Ko] - (9.1.10.13) - C:\Windows\SysWOW64\mantleaxl32.dll [MD5.00000000000000000000000000000000] - |SD| - [12/09/2018 03:20:13] - [0 Ko] - C:\Windows\SysWOW64\Microsoft [MD5.D2DE9D6B9B0BA17D0A0AC75A973848BD] - |A| - [05/09/2018 05:02:58] - (.-.) - [0.42 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\Microsoft.VC80.CRT.manifest [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [3077.5 Ko] - C:\Windows\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [35650.3 Ko] - C:\Windows\SysWOW64\migwiz [MD5.09820D5225A5CD4963A00CE2B8E82A61] - |A| - [12/12/2018 12:47:49] - (.-.) - [570 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\MJPGDec.ax [MD5.61A0E62679B865D98C941F8D58CB907B] - |A| - [11/01/2019 20:45:27] - (.Copyright (C) 1990-2001 Morgan Multimedia. - MM Switcher.) - [50.5 Ko] - (0.9.7.0) - C:\Windows\SysWOW64\MMSwitch.ax [MD5.B83967E8E83318C36A2D4EF76EBD1D3B] - |A| - [06/12/2018 16:01:30] - (.-.) - [74.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\moveex.exe [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [45.5 Ko] - C:\Windows\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [52.28 Ko] - C:\Windows\SysWOW64\MsDtc [MD5.DF252F37880142ED5574C2BE4DADF5A7] - |A| - [03/09/2018 22:59:45] - (.-.) - [206 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\msvcrt10.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [25.22 Ko] - C:\Windows\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [241.5 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [51 Ko] - C:\Windows\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [258.5 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.24FC9E3BF54DE8CE91700615D8AD4B0D] - |A| - [09/10/2018 05:24:12] - (.Copyright © 2013 - NPRuntime Script Plug-in Library for Java(TM) Deploy.) - [466.42 Ko] - (6.0.450.6) - C:\Windows\SysWOW64\npdeployJava1.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [638 Ko] - C:\Windows\SysWOW64\oobe [MD5.63BB750D61407EAF48CC121D3F2AADD7] - |A| - [22/02/2019 20:20:05] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenVideo 1.1 Runtime.) - [81.5 Ko] - (10.0.1445.5) - C:\Windows\SysWOW64\OpenVideo.dll [MD5.9758D81DAE24EA3BA6163BDD4144625E] - |A| - [22/02/2019 20:20:05] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OVDecode 1.1 Runtime.) - [71.5 Ko] - (10.0.1445.5) - C:\Windows\SysWOW64\OVDecode.dll [MD5.C412BBA31B6443874BC677B92620B161] - |A| - [27/08/2002 00:42:18] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\panadv.inf [MD5.C998E69D8884F49D0A6316DF96BA3DF2] - |A| - [19/11/1999 15:49:50] - (.Copyright (C) Matsushita Electric 1998 - DV Video for Windows Driver.) - [259.57 Ko] - (2.64.1119.1600) - C:\Windows\SysWOW64\pdvcodec.dll [MD5.0C100E0085F62A51E3202EB8F5997687] - |A| - [06/12/2018 16:01:30] - (.-.) - [7.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PEChecksum.exe [MD5.82B36D39067C90E20114AE1F87C2BEBB] - |A| - [06/12/2018 16:01:30] - (.-.) - [15.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PEChecksum.x64 [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [25/07/2012 21:24:43] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfCenterCpl.ico [MD5.189BBC2566992858D5706FA8E8AE020C] - |A| - [01/08/2012 18:09:37] - (.-.) - [893.59 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [254.5 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.13001EB0A58B4DE96126B16AB15FD8CC] - |A| - [14/01/2017 12:37:12] - (.Copyright (C) Real Networks 1999 - Real Networks C/C++ Runtime Library.) - [272 Ko] - (6.0.0.0) - C:\Windows\SysWOW64\pncrt.dll [MD5.00000000000000000000000000000000] - |D| - [14/09/2018 04:19:43] - [29.74 Ko] - C:\Windows\SysWOW64\PolicyDefinitions [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 10:43:43] - [420.42 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [251.5 Ko] - C:\Windows\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [253.5 Ko] - C:\Windows\SysWOW64\pt-PT [MD5.C1FC8351BB9A79486C5EC0D214E8679F] - |A| - [03/12/2018 14:56:08] - (.-.) - [72 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\pv.exe [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [23.75 Ko] - C:\Windows\SysWOW64\ras [MD5.96D1780365241CF98A56165FC04CFD55] - |A| - [14/01/2017 12:37:12] - (.Copyright (C) 2003-2005 - RealMedia Splitter.) - [412 Ko] - (1.0.1.1) - C:\Windows\SysWOW64\RealMediaSplitter.ax [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0.84 Ko] - C:\Windows\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\SysWOW64\restore [MD5.E4CA91DBFAC20D5080FBEA70F7C87E3F] - |A| - [14/01/2017 12:37:12] - (.Copyright © RealNetworks, Inc. 1998-2004 - Real Player(tm) ActiveX Control.) - [177.48 Ko] - (6.0.9.2533) - C:\Windows\SysWOW64\rmoc3260.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [199.5 Ko] - C:\Windows\SysWOW64\ro-RO [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [22/02/2019 14:22:18] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\SBRC.dat [MD5.00000000000000000000000000000000] - |D| - [25/12/2018 09:58:17] - [0 Ko] - C:\Windows\SysWOW64\sda [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [199.5 Ko] - C:\Windows\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [197 Ko] - C:\Windows\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 10:43:43] - [49.83 Ko] - C:\Windows\SysWOW64\slmgr [MD5.5DA94C1082B9331928DFC87F5E13EAB2] - |A| - [23/01/2012 14:29:14] - (.- SlotMaximizerAg.dll.) - [120 Ko] - (1.0.2.32) - C:\Windows\SysWOW64\SlotMaximizerAg.dll [MD5.E93999885EA5519A5D4B1EEF6EA448B3] - |A| - [23/01/2012 14:29:14] - (.- SlotMaximizerBe.dll.) - [2420.5 Ko] - (1.0.2.32) - C:\Windows\SysWOW64\SlotMaximizerBe.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [0 Ko] - C:\Windows\SysWOW64\SMI [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [4181.5 Ko] - C:\Windows\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [415.26 Ko] - C:\Windows\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [23.55 Ko] - C:\Windows\SysWOW64\sppui [MD5.FEC17D5FB09A03376D3AA204C65562A7] - |A| - [22/11/2018 17:03:47] - (.-.) - [353.54 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\sqlite3.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [200 Ko] - C:\Windows\SysWOW64\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\SysWOW64\sru [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [246.5 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.58D904A2FA970BC23B636C47CB60E649] - |A| - [04/02/2019 12:49:57] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\SysInfo_6_6_p.dll [MD5.58D904A2FA970BC23B636C47CB60E649] - |A| - [04/02/2019 12:50:51] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\SysInfo_dvd_6_1_p.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 10:43:43] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.465E1A53CD7E37B73D85D2889533A2ED] - |A| - [04/02/2019 14:44:37] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\sysvm600ul.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [186.5 Ko] - C:\Windows\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [242.5 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.3C51846FAC39F41BD2035D4DED32A077] - |A| - [29/01/2019 13:50:51] - (.Copyright (C) 2016 - Umonit MFC Application.) - [65.08 Ko] - (16.0.0.0) - C:\Windows\SysWOW64\UMonit64.exe [MD5.5DF89E27F8161E0105D129EB32AFD06F] - |A| - [15/10/2002 23:54:04] - (.-.) - [149.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\unrar.dll [MD5.7321B7749A743F14E16648B7C103B90D] - |A| - [06/12/2018 16:01:44] - (.-.) - [192.05 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\uxstartup.bmp [MD5.C4F97E10038EDC4E772480B0DA11B9D8] - |A| - [11/12/2002 09:19:32] - (.Copyright (C) 2000-2002 Gabest - vobsub.) - [360 Ko] - (2.0.23.0) - C:\Windows\SysWOW64\vobsub.dll [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 06:38:00] - [12112.14 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 10:43:43] - [0 Ko] - C:\Windows\SysWOW64\WCN [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [148.78 Ko] - C:\Windows\SysWOW64\wdi [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [5722.57 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [1284.5 Ko] - C:\Windows\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 10:43:43] - [107.53 Ko] - C:\Windows\SysWOW64\winrm [MD5.2449E01AA5EFCA4A6862B6D8B040A97C] - |A| - [08/12/2018 09:36:41] - (.-.) - [37.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WMPrfFRA.prx [MD5.128EC62FF59A59BEB5772E52ED8D3148] - |A| - [10/09/1999 12:06:00] - (.Copyright © 1989-1999 Adaptec, Inc. - ASPI for Win32 (95/NT) DLL.) - [44 Ko] - (4.6.0.1021) - C:\Windows\SysWOW64\WNASPI32.DLL [MD5.00000000000000000000000000000000] - |D| - [05/03/2013 08:53:33] - [10.16 Ko] - C:\Windows\SysWOW64\XPSViewer [MD5.1AE36A72AFEE8DC664BCDEA73F76FC50] - |A| - [20/02/2019 08:58:27] - (.-.) - [144.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xvid.ax [MD5.BD64AE063AA0DEA6C69CBDF8DBAB6551] - |A| - [20/02/2019 08:58:27] - (.-.) - [624 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xvidcore.dll [MD5.ABB1048DDD4F6B86041E582C04779B43] - |A| - [20/02/2019 08:58:27] - (.-.) - [230 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xvidvfw.dll [MD5.5D89B594280D439187B1C142DA4894F2] - |A| - [14/01/2019 16:50:40] - (.Zemana Ltd. - Zemana ZALSDK.) - [6874.96 Ko] - (1.9.6.500) - C:\Windows\SysWOW64\ZALSDKCore.dll [MD5.00000000000000000000000000000000] - |D| - [01/01/2019 18:39:55] - [1187.29 Ko] - C:\Windows\SysWOW64\ZALSDK_uninst [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [171 Ko] - C:\Windows\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [171.5 Ko] - C:\Windows\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [26/07/2012 09:12:59] - [171.5 Ko] - C:\Windows\SysWOW64\zh-TW ---------- | [Administrateur] [14/09/2018 10:56:28] - |D| - [7888] - C:\Users\Administrateur\AppData [09/12/2018 15:08:24] - |D| - [0] - C:\Users\Administrateur\Desktop [26/02/2019 09:43:27] - |A| - [262144] - C:\Users\Administrateur\ntuser.dat [26/02/2019 09:43:27] - |ASH| - [8192] - C:\Users\Administrateur\ntuser.dat.LOG1 [26/02/2019 09:43:27] - |ASH| - [0] - C:\Users\Administrateur\ntuser.dat.LOG2 [26/02/2019 09:43:27] - |ASH| - [65536] - C:\Users\Administrateur\ntuser.dat{fd5d0ea8-3902-11e9-bf02-4c72b9f956a2}.TM.blf [26/02/2019 09:43:27] - |ASH| - [524288] - C:\Users\Administrateur\ntuser.dat{fd5d0ea8-3902-11e9-bf02-4c72b9f956a2}.TMContainer00000000000000000001.regtrans-ms [26/02/2019 09:43:28] - |ASH| - [524288] - C:\Users\Administrateur\ntuser.dat{fd5d0ea8-3902-11e9-bf02-4c72b9f956a2}.TMContainer00000000000000000002.regtrans-ms [10/12/2018 13:28:12] - |D| - [0] - C:\Users\Administrateur\AppData\Local [14/09/2018 10:56:28] - |D| - [7888] - C:\Users\Administrateur\AppData\Roaming [02/02/2019 09:38:01] - |D| - [0] - C:\Users\Administrateur\AppData\Local\temp [08/12/2018 09:36:43] - |D| - [7818] - C:\Users\Administrateur\AppData\Roaming\Microsoft [14/09/2018 10:56:28] - |D| - [15] - C:\Users\Administrateur\AppData\Roaming\vlc [14/09/2018 10:59:22] - |D| - [55] - C:\Users\Administrateur\AppData\Roaming\Winamp [08/12/2018 09:36:43] - |D| - [7818] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [08/12/2018 09:36:43] - |D| - [7818] - C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite ---------- | [Invité] [14/09/2018 10:56:28] - |D| - [7888] - C:\Users\Invité\AppData [09/12/2018 15:08:24] - |D| - [0] - C:\Users\Invité\Desktop [26/02/2019 09:43:28] - |A| - [262144] - C:\Users\Invité\ntuser.dat [26/02/2019 09:43:28] - |ASH| - [8192] - C:\Users\Invité\ntuser.dat.LOG1 [26/02/2019 09:43:28] - |ASH| - [0] - C:\Users\Invité\ntuser.dat.LOG2 [26/02/2019 09:43:28] - |ASH| - [65536] - C:\Users\Invité\ntuser.dat{fd5d0eac-3902-11e9-bf02-4c72b9f956a2}.TM.blf [26/02/2019 09:43:28] - |ASH| - [524288] - C:\Users\Invité\ntuser.dat{fd5d0eac-3902-11e9-bf02-4c72b9f956a2}.TMContainer00000000000000000001.regtrans-ms [26/02/2019 09:43:28] - |ASH| - [524288] - C:\Users\Invité\ntuser.dat{fd5d0eac-3902-11e9-bf02-4c72b9f956a2}.TMContainer00000000000000000002.regtrans-ms [10/12/2018 13:28:12] - |D| - [0] - C:\Users\Invité\AppData\Local [14/09/2018 10:56:28] - |D| - [7888] - C:\Users\Invité\AppData\Roaming [02/02/2019 09:38:01] - |D| - [0] - C:\Users\Invité\AppData\Local\temp [08/12/2018 09:36:43] - |D| - [7818] - C:\Users\Invité\AppData\Roaming\Microsoft [14/09/2018 10:56:28] - |D| - [15] - C:\Users\Invité\AppData\Roaming\vlc [14/09/2018 10:59:22] - |D| - [55] - C:\Users\Invité\AppData\Roaming\Winamp [08/12/2018 09:36:43] - |D| - [7818] - C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [08/12/2018 09:36:43] - |D| - [7818] - C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite ---------- | [Jean-Marie] [03/09/2018 18:27:46] - |D| - [2442] - C:\Users\Jean-Marie\.android [03/09/2018 22:36:31] - |D| - [11032] - C:\Users\Jean-Marie\.cache [05/11/2018 10:08:33] - |D| - [0] - C:\Users\Jean-Marie\.Dropbox [26/11/2018 13:10:19] - |D| - [12507] - C:\Users\Jean-Marie\.ebookreader [09/12/2018 08:42:45] - |D| - [875681] - C:\Users\Jean-Marie\.frostwire5 [31/01/2019 09:44:56] - |HD| - [1248] - C:\Users\Jean-Marie\.obs32 [09/12/2018 08:38:46] - |D| - [736256] - C:\Users\Jean-Marie\.swt [02/09/2018 17:45:35] - |D| - [4996695132] - C:\Users\Jean-Marie\AppData [02/09/2018 17:45:48] - |SHD| - [0] - C:\Users\Jean-Marie\Application Data [02/09/2018 17:47:54] - |RD| - [412] - C:\Users\Jean-Marie\Contacts [02/09/2018 17:45:48] - |SHD| - [0] - C:\Users\Jean-Marie\Cookies [17/01/2019 16:31:05] - |A| - [0] - C:\Users\Jean-Marie\defogger_reenable [02/09/2018 17:45:35] - |RD| - [13337040516] - C:\Users\Jean-Marie\Desktop [02/09/2018 17:45:34] - |RD| - [81523543215] - C:\Users\Jean-Marie\Documents [02/09/2018 17:45:34] - |RD| - [32798383454] - C:\Users\Jean-Marie\Downloads [11/09/2018 11:01:16] - |RD| - [55297614521] - C:\Users\Jean-Marie\Dropbox [02/09/2018 17:45:34] - |RD| - [6295] - C:\Users\Jean-Marie\Favorites [02/09/2018 17:45:34] - |RD| - [4650] - C:\Users\Jean-Marie\Links [02/09/2018 17:45:48] - |SHD| - [0] - C:\Users\Jean-Marie\Local Settings [02/09/2018 17:45:48] - |SHD| - [0] - C:\Users\Jean-Marie\Menu Démarrer [02/09/2018 17:45:48] - |SHD| - [0] - C:\Users\Jean-Marie\Mes documents [02/09/2018 17:45:48] - |SHD| - [0] - C:\Users\Jean-Marie\Modèles [02/09/2018 17:45:34] - |RD| - [583224] - C:\Users\Jean-Marie\Music [02/09/2018 17:45:34] - |ASH| - [8126464] - C:\Users\Jean-Marie\ntuser.dat [02/09/2018 17:45:34] - |ASH| - [7602176] - C:\Users\Jean-Marie\NTUSER.DAT.bak [02/09/2018 17:45:48] - |ASH| - [299008] - C:\Users\Jean-Marie\ntuser.dat.LOG1 [02/09/2018 17:45:48] - |ASH| - [0] - C:\Users\Jean-Marie\ntuser.dat.LOG2 [20/02/2019 09:53:39] - |ASH| - [0] - C:\Users\Jean-Marie\NTUSER.DAT.new.LOG1 [20/02/2019 09:53:39] - |ASH| - [0] - C:\Users\Jean-Marie\NTUSER.DAT.new.LOG2 [25/02/2019 14:42:32] - |ASH| - [65536] - C:\Users\Jean-Marie\ntuser.dat{320b1a39-38de-11e9-bf02-4c72b9f956a2}.TM.blf [25/02/2019 14:42:32] - |ASH| - [524288] - C:\Users\Jean-Marie\ntuser.dat{320b1a39-38de-11e9-bf02-4c72b9f956a2}.TMContainer00000000000000000001.regtrans-ms [25/02/2019 14:42:32] - |ASH| - [524288] - C:\Users\Jean-Marie\ntuser.dat{320b1a39-38de-11e9-bf02-4c72b9f956a2}.TMContainer00000000000000000002.regtrans-ms [17/01/2019 14:41:40] - |ASH| - [65536] - C:\Users\Jean-Marie\NTUSER.DAT{7eed9fc9-1a5d-11e9-bede-4c72b9f956a2}.TM.blf [17/01/2019 14:41:40] - |ASH| - [524288] - C:\Users\Jean-Marie\NTUSER.DAT{7eed9fc9-1a5d-11e9-bede-4c72b9f956a2}.TMContainer00000000000000000001.regtrans-ms [17/01/2019 14:41:40] - |ASH| - [524288] - C:\Users\Jean-Marie\NTUSER.DAT{7eed9fc9-1a5d-11e9-bede-4c72b9f956a2}.TMContainer00000000000000000002.regtrans-ms [10/03/2019 11:24:46] - |ASH| - [65536] - C:\Users\Jean-Marie\ntuser.dat{a86d1229-431e-11e9-bf07-4c72b9f956a2}.TM.blf [10/03/2019 11:24:46] - |ASH| - [524288] - C:\Users\Jean-Marie\ntuser.dat{a86d1229-431e-11e9-bf07-4c72b9f956a2}.TMContainer00000000000000000001.regtrans-ms [10/03/2019 11:24:46] - |ASH| - [524288] - C:\Users\Jean-Marie\ntuser.dat{a86d1229-431e-11e9-bf07-4c72b9f956a2}.TMContainer00000000000000000002.regtrans-ms [07/09/2018 16:24:02] - |ASH| - [1048576] - C:\Users\Jean-Marie\NTUSER.DAT{c62ccdc2-d701-11e1-9f13-782bcb37b9d5}.TxR.0.regtrans-ms [07/09/2018 16:24:02] - |ASH| - [1048576] - C:\Users\Jean-Marie\NTUSER.DAT{c62ccdc2-d701-11e1-9f13-782bcb37b9d5}.TxR.1.regtrans-ms [07/09/2018 16:24:02] - |ASH| - [1048576] - C:\Users\Jean-Marie\NTUSER.DAT{c62ccdc2-d701-11e1-9f13-782bcb37b9d5}.TxR.2.regtrans-ms [07/09/2018 16:24:02] - |ASH| - [65536] - C:\Users\Jean-Marie\NTUSER.DAT{c62ccdc2-d701-11e1-9f13-782bcb37b9d5}.TxR.blf [02/09/2018 17:45:48] - |ASH| - [65536] - C:\Users\Jean-Marie\NTUSER.DAT{c62ccdc3-d701-11e1-9f13-782bcb37b9d5}.TM.blf [02/09/2018 17:45:48] - |ASH| - [524288] - C:\Users\Jean-Marie\NTUSER.DAT{c62ccdc3-d701-11e1-9f13-782bcb37b9d5}.TMContainer00000000000000000001.regtrans-ms [02/09/2018 17:45:48] - |ASH| - [524288] - C:\Users\Jean-Marie\NTUSER.DAT{c62ccdc3-d701-11e1-9f13-782bcb37b9d5}.TMContainer00000000000000000002.regtrans-ms [13/03/2019 18:18:30] - |ASH| - [65536] - C:\Users\Jean-Marie\ntuser.dat{dca76b0e-45b3-11e9-bf0a-4c72b9f956a2}.TM.blf [13/03/2019 18:18:31] - |ASH| - [524288] - C:\Users\Jean-Marie\ntuser.dat{dca76b0e-45b3-11e9-bf0a-4c72b9f956a2}.TMContainer00000000000000000001.regtrans-ms [13/03/2019 18:18:31] - |ASH| - [524288] - C:\Users\Jean-Marie\ntuser.dat{dca76b0e-45b3-11e9-bf0a-4c72b9f956a2}.TMContainer00000000000000000002.regtrans-ms [20/02/2019 09:56:46] - |ASH| - [65536] - C:\Users\Jean-Marie\NTUSER.DAT{e92288a2-34ec-11e9-befd-806e6f6e6963}.TM.blf [20/02/2019 09:56:46] - |ASH| - [524288] - C:\Users\Jean-Marie\NTUSER.DAT{e92288a2-34ec-11e9-befd-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [20/02/2019 09:56:46] - |ASH| - [524288] - C:\Users\Jean-Marie\NTUSER.DAT{e92288a2-34ec-11e9-befd-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [02/09/2018 17:45:48] - |SH| - [20] - C:\Users\Jean-Marie\ntuser.ini [04/02/2019 13:41:46] - |RD| - [101] - C:\Users\Jean-Marie\OneDrive [02/09/2018 17:45:34] - |RD| - [59309654792] - C:\Users\Jean-Marie\Pictures [02/09/2018 17:45:48] - |SHD| - [0] - C:\Users\Jean-Marie\Recent [20/02/2019 09:53:02] - |D| - [12701696] - C:\Users\Jean-Marie\RegBack 2019-02-20 08-36-45 [02/09/2018 17:45:34] - |RD| - [282] - C:\Users\Jean-Marie\Saved Games [02/09/2018 17:47:54] - |RD| - [1020] - C:\Users\Jean-Marie\Searches [02/09/2018 17:45:48] - |SHD| - [0] - C:\Users\Jean-Marie\SendTo [10/10/2018 11:28:53] - |RD| - [101] - C:\Users\Jean-Marie\SkyDrive [15/09/2018 11:17:01] - |D| - [0] - C:\Users\Jean-Marie\ultracopier [02/09/2018 17:45:34] - |RD| - [6458537087] - C:\Users\Jean-Marie\Videos [02/09/2018 17:45:48] - |SHD| - [0] - C:\Users\Jean-Marie\Voisinage d'impression [02/09/2018 17:45:48] - |SHD| - [0] - C:\Users\Jean-Marie\Voisinage réseau [02/09/2018 17:45:35] - |D| - [3142076831] - C:\Users\Jean-Marie\AppData\Local [02/09/2018 17:45:48] - |D| - [13929005] - C:\Users\Jean-Marie\AppData\LocalLow [02/09/2018 17:45:35] - |HD| - [1840689296] - C:\Users\Jean-Marie\AppData\Roaming [12/01/2019 12:40:44] - |D| - [143360] - C:\Users\Jean-Marie\AppData\Local\AdAwareDesktop [24/01/2019 10:10:45] - |D| - [138240] - C:\Users\Jean-Marie\AppData\Local\AdAwareUpdater [08/09/2018 06:14:09] - |D| - [122557846] - C:\Users\Jean-Marie\AppData\Local\Adobe [06/09/2018 13:46:11] - |D| - [82] - C:\Users\Jean-Marie\AppData\Local\Aimersoft [01/03/2019 05:42:33] - |D| - [75286] - C:\Users\Jean-Marie\AppData\Local\aimp-avg-cyberlink setup [14/09/2018 09:31:06] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\Aiseesoft Studio [26/02/2019 09:51:13] - |D| - [8884] - C:\Users\Jean-Marie\AppData\Local\AMSDK [02/03/2019 12:34:53] - |D| - [180808] - C:\Users\Jean-Marie\AppData\Local\anti-tfl_loaris_protectstar setup [06/01/2019 10:48:42] - |D| - [3269516] - C:\Users\Jean-Marie\AppData\Local\Anvisoft [13/11/2018 11:22:36] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\Apowersoft [25/02/2019 14:49:29] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\Apple [02/09/2018 17:45:48] - |SHD| - [0] - C:\Users\Jean-Marie\AppData\Local\Application Data [07/09/2018 09:35:21] - |D| - [344571] - C:\Users\Jean-Marie\AppData\Local\ashampoo [13/01/2019 14:24:56] - |D| - [2123] - C:\Users\Jean-Marie\AppData\Local\Ashampoo Backup [02/09/2018 17:49:44] - |D| - [6537756] - C:\Users\Jean-Marie\AppData\Local\assembly [02/09/2018 17:50:00] - |D| - [60166] - C:\Users\Jean-Marie\AppData\Local\ATI [04/02/2019 13:04:39] - |D| - [1525955] - C:\Users\Jean-Marie\AppData\Local\Avanquest [04/09/2018 00:32:09] - |D| - [12288] - C:\Users\Jean-Marie\AppData\Local\AVAST Software [04/11/2018 12:36:25] - |D| - [306170396] - C:\Users\Jean-Marie\AppData\Local\Avg [02/03/2019 12:36:36] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\Axialis [26/03/2019 18:22:11] - |D| - [17966] - C:\Users\Jean-Marie\AppData\Local\Babylon [21/02/2019 16:34:50] - |D| - [75466] - C:\Users\Jean-Marie\AppData\Local\barrow & ushuaïa finalis apps nov-dec 2015 install [04/09/2018 00:42:13] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\CEF [26/02/2019 10:31:01] - |D| - [9995848] - C:\Users\Jean-Marie\AppData\Local\Comodo [06/09/2018 19:36:22] - |D| - [23051240] - C:\Users\Jean-Marie\AppData\Local\CrashDumps [14/01/2019 07:04:08] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\CrashRpt [01/03/2019 09:15:24] - |D| - [52017] - C:\Users\Jean-Marie\AppData\Local\CyberLink [11/09/2018 01:49:26] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\Diagnostics [14/09/2018 07:48:06] - |D| - [53457884] - C:\Users\Jean-Marie\AppData\Local\Downloaded Installations [12/01/2019 11:19:12] - |D| - [140932] - C:\Users\Jean-Marie\AppData\Local\efm-barrow 16,2-anti TFL-widen 16 setuyp 2019 [17/01/2019 16:12:26] - |D| - [141381] - C:\Users\Jean-Marie\AppData\Local\EFM_Anti-TFL_B162W16_Blini_New_Logo_3rem4rem5rem_Setup2019 [14/02/2019 08:28:02] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\ElevatedDiagnostics [04/12/2018 18:25:45] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\Engelmann_Software [06/09/2018 15:10:26] - |D| - [371875146] - C:\Users\Jean-Marie\AppData\Local\ESET [26/02/2019 10:59:54] - |D| - [249360] - C:\Users\Jean-Marie\AppData\Local\Fighters [14/09/2018 13:01:35] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\GG [08/09/2018 08:35:28] - |D| - [544973423] - C:\Users\Jean-Marie\AppData\Local\Google [02/09/2018 22:51:48] - |D| - [482] - C:\Users\Jean-Marie\AppData\Local\Hewlett-Packard [02/09/2018 17:45:48] - |SHD| - [0] - C:\Users\Jean-Marie\AppData\Local\Historique [26/11/2018 13:10:19] - |D| - [618] - C:\Users\Jean-Marie\AppData\Local\Icecream [10/03/2019 10:05:23] - |AH| - [119170] - C:\Users\Jean-Marie\AppData\Local\IconCache.db [08/12/2018 09:03:11] - |D| - [140669] - C:\Users\Jean-Marie\AppData\Local\IconPack_X0.0 & noble skin pack [01/01/2019 12:44:26] - |SHD| - [0] - C:\Users\Jean-Marie\AppData\Local\icsxml [14/12/2018 20:28:22] - |D| - [165] - C:\Users\Jean-Marie\AppData\Local\iFotosoft [16/09/2018 14:34:53] - |D| - [35565191] - C:\Users\Jean-Marie\AppData\Local\K-Meleon [25/02/2019 15:02:17] - |D| - [16384] - C:\Users\Jean-Marie\AppData\Local\K7 Computing [26/02/2019 09:26:55] - |D| - [181345] - C:\Users\Jean-Marie\AppData\Local\lfsh_efm_uefm_barrow162_widen16_anaamfuw_suite_essentials&post-finalis24_fev_2019setup [13/09/2018 14:41:40] - |D| - [75231] - C:\Users\Jean-Marie\AppData\Local\maman kabylle [07/09/2018 17:56:08] - |D| - [813864] - C:\Users\Jean-Marie\AppData\Local\mbam [09/10/2018 01:41:25] - |D| - [235676] - C:\Users\Jean-Marie\AppData\Local\mbamtray [21/09/2018 12:03:15] - |D| - [86529] - C:\Users\Jean-Marie\AppData\Local\Micro Application [02/09/2018 17:45:35] - |D| - [661874800] - C:\Users\Jean-Marie\AppData\Local\Microsoft [21/02/2019 16:33:58] - |D| - [75598] - C:\Users\Jean-Marie\AppData\Local\moo0clicdroitpro_restoro_powerdvd365_remo_x0ttoneiconpack_donation4keep_lfsu100%s_finalized setup [11/09/2018 02:41:06] - |D| - [353643295] - C:\Users\Jean-Marie\AppData\Local\Moonchild Productions [21/02/2019 15:54:34] - |D| - [128151] - C:\Users\Jean-Marie\AppData\Local\Movavi [14/09/2018 10:15:20] - |D| - [6265528] - C:\Users\Jean-Marie\AppData\Local\Mozilla [01/01/2019 12:44:26] - |SHD| - [0] - C:\Users\Jean-Marie\AppData\Local\ms-drivers [31/01/2019 16:37:29] - |D| - [2758922] - C:\Users\Jean-Marie\AppData\Local\Netscape [09/02/2019 09:58:11] - |D| - [3039760] - C:\Users\Jean-Marie\AppData\Local\Notepad++ [03/09/2018 23:00:04] - |D| - [7187312] - C:\Users\Jean-Marie\AppData\Local\Opera Software [02/09/2018 17:46:02] - |D| - [23197218] - C:\Users\Jean-Marie\AppData\Local\Packages [25/02/2019 14:45:46] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\Power2Go11 [03/09/2018 18:27:35] - |D| - [454782506] - C:\Users\Jean-Marie\AppData\Local\Programs [25/12/2018 10:57:15] - |D| - [6157] - C:\Users\Jean-Marie\AppData\Local\Reasonable_Software_House [03/11/2018 12:36:41] - |D| - [1378] - C:\Users\Jean-Marie\AppData\Local\Remove_Empty_Directories [24/02/2019 08:22:50] - |D| - [829] - C:\Users\Jean-Marie\AppData\Local\Restore_Point_Creator [23/02/2019 11:35:08] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\ScreenRecorder [09/02/2019 09:53:19] - |D| - [141137] - C:\Users\Jean-Marie\AppData\Local\setup best-of lfs hyper apps, format 1 tb micro sd en autodecliv & scan combofix [10/09/2018 16:29:53] - |D| - [9950] - C:\Users\Jean-Marie\AppData\Local\SIB [13/09/2018 10:14:51] - |D| - [137293208] - C:\Users\Jean-Marie\AppData\Local\SquirrelTemp [25/02/2019 14:45:27] - |D| - [135110] - C:\Users\Jean-Marie\AppData\Local\TechSmith [02/02/2019 09:27:05] - |D| - [16384] - C:\Users\Jean-Marie\AppData\Local\temp [02/09/2018 17:45:48] - |SHD| - [0] - C:\Users\Jean-Marie\AppData\Local\Temporary Internet Files [13/09/2018 09:44:24] - |D| - [2722] - C:\Users\Jean-Marie\AppData\Local\TriSun_Software_Limited [02/09/2018 17:46:06] - |D| - [277725] - C:\Users\Jean-Marie\AppData\Local\VirtualStore [26/03/2019 18:30:58] - |D| - [7911262] - C:\Users\Jean-Marie\AppData\Local\WallpaperHd [04/02/2019 13:38:02] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\Windows Live [10/01/2019 08:48:32] - |D| - [82] - C:\Users\Jean-Marie\AppData\Local\Wondershare [17/01/2019 16:27:18] - |D| - [61919] - C:\Users\Jean-Marie\AppData\Local\Xara [04/10/2018 13:19:16] - |D| - [747872] - C:\Users\Jean-Marie\AppData\Local\Zemana [26/03/2019 18:48:48] - |D| - [224742] - C:\Users\Jean-Marie\AppData\Local\ZHP [14/01/2019 09:52:57] - |D| - [3424797] - C:\Users\Jean-Marie\AppData\LocalLow\Adblock Plus for IE [10/01/2019 08:48:22] - |D| - [324] - C:\Users\Jean-Marie\AppData\LocalLow\IObit [26/02/2019 09:32:08] - |D| - [49943] - C:\Users\Jean-Marie\AppData\LocalLow\Magix Software GmbH [02/09/2018 17:46:04] - |SD| - [9665721] - C:\Users\Jean-Marie\AppData\LocalLow\Microsoft [03/09/2018 18:18:35] - |D| - [0] - C:\Users\Jean-Marie\AppData\LocalLow\Mozilla [13/09/2018 10:02:44] - |D| - [788220] - C:\Users\Jean-Marie\AppData\LocalLow\Sun [05/09/2018 17:10:53] - |D| - [0] - C:\Users\Jean-Marie\AppData\LocalLow\Temp [13/03/2019 13:11:17] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\360safe [13/03/2019 13:10:53] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\360TotalSecurity [26/02/2019 10:49:15] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\adaware [02/09/2018 17:47:49] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Adobe [17/02/2019 13:22:44] - |D| - [52140] - C:\Users\Jean-Marie\AppData\Roaming\AIMP [13/11/2018 10:58:40] - |D| - [8767406] - C:\Users\Jean-Marie\AppData\Roaming\Apowersoft [03/12/2018 20:02:36] - |D| - [2313] - C:\Users\Jean-Marie\AppData\Roaming\ArcticLine [02/09/2018 17:50:00] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\ATI [14/09/2018 09:45:43] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\AudioFilters [14/01/2019 16:56:21] - |D| - [2560737] - C:\Users\Jean-Marie\AppData\Roaming\Avanquest Software [04/11/2018 12:41:30] - |D| - [36436722] - C:\Users\Jean-Marie\AppData\Roaming\AVG [02/03/2019 12:36:48] - |D| - [836442] - C:\Users\Jean-Marie\AppData\Roaming\Axialis [09/12/2018 08:37:40] - |D| - [162541] - C:\Users\Jean-Marie\AppData\Roaming\Azureus [26/03/2019 18:21:50] - |D| - [59665] - C:\Users\Jean-Marie\AppData\Roaming\Babylon [04/02/2019 13:39:29] - |D| - [660249] - C:\Users\Jean-Marie\AppData\Roaming\Baidu [25/09/2018 10:00:54] - |D| - [3018056] - C:\Users\Jean-Marie\AppData\Roaming\Baidu Security [24/01/2019 09:09:34] - |D| - [452] - C:\Users\Jean-Marie\AppData\Roaming\Bandicam Company [13/09/2018 17:58:13] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Blackmagic Design [01/03/2019 11:35:10] - |D| - [9958] - C:\Users\Jean-Marie\AppData\Roaming\BorisFX [01/03/2019 06:12:52] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Comodo [07/10/2018 07:28:28] - |D| - [1914592] - C:\Users\Jean-Marie\AppData\Roaming\Corel [01/03/2019 11:23:57] - |D| - [39895372] - C:\Users\Jean-Marie\AppData\Roaming\CyberLink [04/12/2018 08:56:48] - |D| - [550] - C:\Users\Jean-Marie\AppData\Roaming\DAPV9 [04/12/2018 10:44:33] - |D| - [568] - C:\Users\Jean-Marie\AppData\Roaming\DFFXR [31/01/2019 10:50:57] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Digiarty [04/12/2018 08:58:10] - |D| - [1346] - C:\Users\Jean-Marie\AppData\Roaming\DMFXR [17/12/2018 13:43:08] - |D| - [683] - C:\Users\Jean-Marie\AppData\Roaming\DPFXR [06/03/2019 08:20:56] - |D| - [543313089] - C:\Users\Jean-Marie\AppData\Roaming\DRPSu [10/12/2018 10:49:09] - |D| - [4242] - C:\Users\Jean-Marie\AppData\Roaming\DVDVideoSoft [14/01/2019 13:26:39] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\EMCO [21/02/2019 15:55:47] - |D| - [3873605] - C:\Users\Jean-Marie\AppData\Roaming\Fighters [14/03/2019 18:36:57] - |D| - [108452] - C:\Users\Jean-Marie\AppData\Roaming\FreeFileSync [14/09/2018 13:04:51] - |D| - [11363683] - C:\Users\Jean-Marie\AppData\Roaming\GG [01/01/2019 12:30:51] - |D| - [115] - C:\Users\Jean-Marie\AppData\Roaming\GRETECH [26/02/2019 09:29:33] - |D| - [18627783] - C:\Users\Jean-Marie\AppData\Roaming\HD Video Player [02/09/2018 17:49:38] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Hewlett-Packard [03/09/2018 18:45:14] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Hulubulu [28/02/2019 14:35:55] - |D| - [2456274] - C:\Users\Jean-Marie\AppData\Roaming\Internet Download Accelerator [14/01/2019 15:50:50] - |D| - [34768] - C:\Users\Jean-Marie\AppData\Roaming\IObit [14/09/2018 10:35:18] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\ioloGovernor [26/02/2019 09:37:14] - |D| - [17064] - C:\Users\Jean-Marie\AppData\Roaming\IRISmart File [16/09/2018 14:34:53] - |D| - [12326215] - C:\Users\Jean-Marie\AppData\Roaming\K-Meleon [25/02/2019 18:14:35] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\KeepVid [05/09/2018 11:42:28] - |D| - [960] - C:\Users\Jean-Marie\AppData\Roaming\Macromedia [17/01/2019 16:11:52] - |D| - [764] - C:\Users\Jean-Marie\AppData\Roaming\MAGIX [02/09/2018 17:45:35] - |SD| - [9210702] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft [25/12/2018 10:43:27] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft Corporation [11/09/2018 02:41:06] - |D| - [17324872] - C:\Users\Jean-Marie\AppData\Roaming\Moonchild Productions [21/02/2019 16:32:55] - |D| - [272918056] - C:\Users\Jean-Marie\AppData\Roaming\Movavi Video Suite 18 [04/09/2018 11:24:25] - |D| - [68073292] - C:\Users\Jean-Marie\AppData\Roaming\Mozilla [02/02/2019 08:00:53] - |D| - [109866513] - C:\Users\Jean-Marie\AppData\Roaming\mxnitro [31/01/2019 16:37:29] - |D| - [455232] - C:\Users\Jean-Marie\AppData\Roaming\Netscape [09/02/2019 09:58:08] - |D| - [2878399] - C:\Users\Jean-Marie\AppData\Roaming\Notepad++ [17/02/2019 13:21:58] - |D| - [60] - C:\Users\Jean-Marie\AppData\Roaming\NuGet [13/09/2018 15:06:51] - |D| - [438] - C:\Users\Jean-Marie\AppData\Roaming\nvda [31/01/2019 09:44:56] - |HD| - [1248] - C:\Users\Jean-Marie\AppData\Roaming\Obsidium [03/09/2018 22:51:20] - |D| - [44211018] - C:\Users\Jean-Marie\AppData\Roaming\Opera Software [14/09/2018 10:42:24] - |D| - [124] - C:\Users\Jean-Marie\AppData\Roaming\Orbit [14/09/2018 08:45:00] - |D| - [44624384] - C:\Users\Jean-Marie\AppData\Roaming\Participatory Culture Foundation [14/01/2019 09:58:39] - |D| - [1397] - C:\Users\Jean-Marie\AppData\Roaming\Pegasun [24/02/2019 15:00:39] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Portable [09/09/2018 14:14:36] - |D| - [49155560] - C:\Users\Jean-Marie\AppData\Roaming\ProcessLasso [27/02/2019 09:33:21] - |D| - [50091] - C:\Users\Jean-Marie\AppData\Roaming\proDAD [11/03/2019 17:03:28] - |D| - [19779] - C:\Users\Jean-Marie\AppData\Roaming\ProtectStar [11/03/2019 17:15:07] - |D| - [201] - C:\Users\Jean-Marie\AppData\Roaming\QtProject [14/09/2018 12:40:01] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Real [14/09/2018 12:39:53] - |D| - [2] - C:\Users\Jean-Marie\AppData\Roaming\RealNetworks [25/12/2018 10:43:38] - |D| - [1475184] - C:\Users\Jean-Marie\AppData\Roaming\Reasonable Software House Ltd [10/09/2018 22:16:17] - |D| - [3072] - C:\Users\Jean-Marie\AppData\Roaming\Remo [14/01/2019 09:58:22] - |D| - [60915118] - C:\Users\Jean-Marie\AppData\Roaming\soft2base [13/09/2018 10:02:44] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Sun [06/09/2018 14:27:01] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Sunbelt Software [05/02/2019 19:30:05] - |D| - [466862404] - C:\Users\Jean-Marie\AppData\Roaming\TeraCopy [14/09/2018 09:45:43] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Transitions [14/09/2018 09:45:43] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\VideoFilters [04/02/2019 13:11:44] - |D| - [1060657] - C:\Users\Jean-Marie\AppData\Roaming\ViFind [04/02/2019 13:34:53] - |D| - [2] - C:\Users\Jean-Marie\AppData\Roaming\ViGlance [04/02/2019 13:34:37] - |D| - [1604532] - C:\Users\Jean-Marie\AppData\Roaming\ViStart [10/09/2018 05:21:21] - |D| - [182965] - C:\Users\Jean-Marie\AppData\Roaming\vlc [30/10/2018 07:17:32] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\VOS [06/12/2018 09:07:03] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\wgkl4ml2ulc [01/01/2019 12:55:36] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Wide Angle Software [14/09/2018 12:37:44] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\WildTangent [14/01/2019 08:41:28] - |D| - [25632] - C:\Users\Jean-Marie\AppData\Roaming\Winamp [28/02/2019 14:42:41] - |D| - [12] - C:\Users\Jean-Marie\AppData\Roaming\WinRAR [26/03/2019 18:48:48] - |D| - [3261544] - C:\Users\Jean-Marie\AppData\Roaming\ZHP [02/09/2018 17:47:54] - |ASH| - [174] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [02/09/2018 17:45:48] - |SD| - [41911] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [02/09/2018 17:45:35] - |RD| - [41911] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [14/01/2019 10:06:05] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\7-Zip [11/01/2019 20:45:18] - |D| - [5985] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter [02/09/2018 17:45:35] - |RD| - [3888] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [02/09/2018 17:45:35] - |RD| - [1486] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [02/09/2018 17:47:54] - |RD| - [174] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/01/2019 16:56:21] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Avanquest [09/09/2018 14:24:56] - |D| - [5770] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Core FTP [08/12/2018 09:27:41] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite [02/09/2018 17:47:49] - |ASH| - [446] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [07/09/2018 12:18:05] - |D| - [2240] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Goodgame Big Farm [02/09/2018 17:47:49] - |A| - [1448] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [02/09/2018 17:45:35] - |D| - [170] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [07/09/2018 12:20:52] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0 [11/01/2019 20:45:27] - |D| - [3306] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Morgan Stream Switcher [03/09/2018 22:57:31] - |A| - [1380] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk [04/12/2018 17:04:52] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software [11/01/2019 21:03:00] - |D| - [1098] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF-to-Word [11/03/2019 17:03:22] - |D| - [3053] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProtectStar [02/09/2018 17:47:54] - |RD| - [174] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [02/09/2018 17:45:35] - |RD| - [5065] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [11/01/2019 20:45:16] - |D| - [1959] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub [14/01/2019 08:23:59] - |D| - [4269] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [02/09/2018 17:47:54] - |ASH| - [174] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [postgres] [14/09/2018 10:56:28] - |D| - [7888] - C:\Users\postgres\AppData [09/12/2018 15:08:24] - |D| - [0] - C:\Users\postgres\Desktop [10/12/2018 13:28:12] - |D| - [0] - C:\Users\postgres\AppData\Local [14/09/2018 10:56:28] - |D| - [7888] - C:\Users\postgres\AppData\Roaming [02/02/2019 09:38:01] - |D| - [0] - C:\Users\postgres\AppData\Local\temp [08/12/2018 09:36:43] - |D| - [7818] - C:\Users\postgres\AppData\Roaming\Microsoft [14/09/2018 10:56:28] - |D| - [15] - C:\Users\postgres\AppData\Roaming\vlc [14/09/2018 10:59:22] - |D| - [55] - C:\Users\postgres\AppData\Roaming\Winamp [08/12/2018 09:36:43] - |D| - [7818] - C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [08/12/2018 09:36:43] - |D| - [7818] - C:\Users\postgres\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite ---------- | [postgres.LFS_Hyper_UEFM] [25/09/2018 09:57:18] - |D| - [1803221] - C:\Users\postgres.LFS_Hyper_UEFM\AppData [25/09/2018 09:57:54] - |SHD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\Application Data [25/09/2018 09:57:54] - |SHD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\Cookies [25/09/2018 09:57:18] - |RD| - [1021] - C:\Users\postgres.LFS_Hyper_UEFM\Desktop [25/09/2018 09:57:14] - |RD| - [204484211] - C:\Users\postgres.LFS_Hyper_UEFM\Documents [25/09/2018 09:57:14] - |RD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\Downloads [25/09/2018 09:57:14] - |RD| - [1277] - C:\Users\postgres.LFS_Hyper_UEFM\Favorites [25/09/2018 09:57:14] - |RD| - [1929] - C:\Users\postgres.LFS_Hyper_UEFM\Links [25/09/2018 09:57:54] - |SHD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\Local Settings [25/09/2018 09:57:54] - |SHD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\Menu Démarrer [25/09/2018 09:57:54] - |SHD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\Mes documents [25/09/2018 09:57:54] - |SHD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\Modèles [25/09/2018 09:57:14] - |RD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\Music [25/09/2018 09:57:14] - |ASH| - [262144] - C:\Users\postgres.LFS_Hyper_UEFM\ntuser.dat [25/09/2018 09:57:53] - |ASH| - [90112] - C:\Users\postgres.LFS_Hyper_UEFM\ntuser.dat.LOG1 [25/09/2018 09:57:53] - |ASH| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\ntuser.dat.LOG2 [26/03/2019 18:53:13] - |ASH| - [65536] - C:\Users\postgres.LFS_Hyper_UEFM\ntuser.dat{aad68f38-4fec-11e9-bf0b-4c72b9f956a2}.TM.blf [26/03/2019 18:53:13] - |ASH| - [524288] - C:\Users\postgres.LFS_Hyper_UEFM\ntuser.dat{aad68f38-4fec-11e9-bf0b-4c72b9f956a2}.TMContainer00000000000000000001.regtrans-ms [26/03/2019 18:53:13] - |ASH| - [524288] - C:\Users\postgres.LFS_Hyper_UEFM\ntuser.dat{aad68f38-4fec-11e9-bf0b-4c72b9f956a2}.TMContainer00000000000000000002.regtrans-ms [25/09/2018 09:57:53] - |ASH| - [65536] - C:\Users\postgres.LFS_Hyper_UEFM\NTUSER.DAT{c62ccdc3-d701-11e1-9f13-782bcb37b9d5}.TM.blf [25/09/2018 09:57:53] - |ASH| - [524288] - C:\Users\postgres.LFS_Hyper_UEFM\NTUSER.DAT{c62ccdc3-d701-11e1-9f13-782bcb37b9d5}.TMContainer00000000000000000001.regtrans-ms [25/09/2018 09:57:54] - |ASH| - [524288] - C:\Users\postgres.LFS_Hyper_UEFM\NTUSER.DAT{c62ccdc3-d701-11e1-9f13-782bcb37b9d5}.TMContainer00000000000000000002.regtrans-ms [25/09/2018 09:57:54] - |SH| - [20] - C:\Users\postgres.LFS_Hyper_UEFM\ntuser.ini [25/09/2018 09:57:14] - |RD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\Pictures [25/09/2018 09:57:54] - |SHD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\Recent [25/09/2018 09:57:14] - |D| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\Saved Games [25/09/2018 09:57:54] - |SHD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\SendTo [25/09/2018 09:57:14] - |RD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\Videos [25/09/2018 09:57:54] - |SHD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\Voisinage d'impression [25/09/2018 09:57:54] - |SHD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\Voisinage réseau [25/09/2018 09:57:18] - |D| - [1757224] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Local [25/09/2018 09:57:54] - |D| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\LocalLow [25/09/2018 09:57:18] - |D| - [45997] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Roaming [25/09/2018 09:57:54] - |SHD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Local\Application Data [25/09/2018 09:57:18] - |D| - [14730] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Local\Google [25/09/2018 09:57:54] - |SHD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Local\Historique [25/09/2018 09:57:18] - |D| - [1742494] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Local\Microsoft [02/02/2019 09:38:01] - |D| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Local\temp [25/09/2018 09:57:54] - |SHD| - [0] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Local\Temporary Internet Files [25/09/2018 09:57:18] - |SD| - [45997] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Roaming\Microsoft [25/09/2018 09:57:54] - |SHD| - [20741] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [25/09/2018 09:57:18] - |D| - [20741] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [25/09/2018 09:57:18] - |RD| - [3888] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [25/09/2018 09:57:18] - |RD| - [1486] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [08/12/2018 09:36:43] - |D| - [7818] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite [25/09/2018 09:57:18] - |D| - [170] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [25/09/2018 09:57:51] - |A| - [2103] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk [25/09/2018 09:57:18] - |RD| - [5276] - C:\Users\postgres.LFS_Hyper_UEFM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools ---------- | [Public] [02/09/2018 17:42:41] - |RD| - [196] - C:\Users\Public\AccountPictures [04/09/2018 14:23:42] - |D| - [0] - C:\Users\Public\AppData [06/09/2018 13:11:14] - |D| - [71294541] - C:\Users\Public\CyberLink [26/07/2012 09:12:59] - |RD| - [1751582] - C:\Users\Public\Desktop [26/07/2012 09:13:00] - |ASH| - [174] - C:\Users\Public\desktop.ini [26/07/2012 09:12:59] - |D| - [770499189] - C:\Users\Public\Documents [26/07/2012 09:12:59] - |RD| - [174] - C:\Users\Public\Downloads [26/07/2012 09:12:59] - |RD| - [1174] - C:\Users\Public\Libraries [26/07/2012 09:12:59] - |RD| - [380] - C:\Users\Public\Music [26/07/2012 09:12:59] - |RD| - [380] - C:\Users\Public\Pictures [05/03/2013 00:49:07] - |D| - [0] - C:\Users\Public\Symantec [26/07/2012 09:12:59] - |RD| - [380] - C:\Users\Public\Videos [04/09/2018 14:23:42] - |D| - [0] - C:\Users\Public\AppData\Local [02/02/2019 09:38:01] - |D| - [0] - C:\Users\Public\AppData\Local\temp ---------- | C:\ProgramData [13/03/2019 13:10:53] - |D| - [2465739] - C:\ProgramData\360TotalSecurity [26/02/2019 10:09:57] - |D| - [209136426] - C:\ProgramData\adaware [25/02/2019 10:18:14] - |D| - [4152] - C:\ProgramData\Adobe [04/02/2019 13:52:30] - |D| - [1083] - C:\ProgramData\Anvisoft [12/03/2019 15:18:08] - |D| - [208] - C:\ProgramData\Aomei [12/03/2019 15:17:30] - |D| - [173] - C:\ProgramData\AomeiBR [26/07/2012 08:22:08] - |SHD| - [0] - C:\ProgramData\Application Data [04/02/2019 12:48:08] - |D| - [577820] - C:\ProgramData\Ashampoo [05/03/2013 00:21:33] - |D| - [186] - C:\ProgramData\ATI [07/02/2019 13:18:03] - |D| - [0] - C:\ProgramData\Auslogics [13/01/2019 14:11:50] - |D| - [0] - C:\ProgramData\Avanquest Software [03/09/2018 22:43:36] - |D| - [2297924] - C:\ProgramData\AVAST Software [03/11/2018 10:13:21] - |D| - [73540462] - C:\ProgramData\AVG [01/01/2019 12:46:44] - |D| - [0] - C:\ProgramData\Avira [26/03/2019 18:21:18] - |D| - [118580322] - C:\ProgramData\Babylon [04/02/2019 13:53:16] - |D| - [8672] - C:\ProgramData\Baidu [11/03/2019 18:07:37] - |A| - [5068] - C:\ProgramData\bcdwrylw.kdv [03/11/2018 13:01:34] - |D| - [0] - C:\ProgramData\BDLogging [12/11/2018 16:17:38] - |D| - [0] - C:\ProgramData\BitDefender [12/09/2018 19:56:01] - |D| - [0] - C:\ProgramData\Blackmagic Design [04/02/2019 12:50:00] - |D| - [0] - C:\ProgramData\BlazeVideo [22/02/2019 11:12:07] - |D| - [104688] - C:\ProgramData\boost_interprocess [01/03/2019 10:00:07] - |D| - [20350847] - C:\ProgramData\BorisFX [02/09/2018 17:42:39] - |SHD| - [0] - C:\ProgramData\Bureau [01/01/2019 18:04:13] - |D| - [28] - C:\ProgramData\BVRP Software [01/01/2019 15:36:09] - |D| - [15390808] - C:\ProgramData\Caphyon [17/02/2019 13:20:05] - |D| - [122951875] - C:\ProgramData\chocolatey [12/03/2019 05:18:20] - |D| - [0] - C:\ProgramData\clonehdd [03/09/2018 19:10:29] - |D| - [248] - C:\ProgramData\CLSK [04/11/2018 12:33:01] - |D| - [96] - C:\ProgramData\Common Files [21/02/2019 15:36:30] - |D| - [163326] - C:\ProgramData\comodo [09/12/2018 14:08:48] - |D| - [979133681] - C:\ProgramData\Comodo Downloader [05/10/2018 07:03:16] - |D| - [0] - C:\ProgramData\Corel [14/01/2019 14:00:42] - |HD| - [75642172] - C:\ProgramData\CyberLink [04/02/2019 13:09:20] - |D| - [1656] - C:\ProgramData\DAEMON Tools Pro [26/07/2012 08:22:08] - |SHD| - [0] - C:\ProgramData\Desktop [01/01/2019 12:44:26] - |D| - [37] - C:\ProgramData\DIBsection [17/01/2019 16:37:37] - |D| - [0] - C:\ProgramData\DigitalWave.ApplicationUpdater_files [26/07/2012 08:22:08] - |SHD| - [0] - C:\ProgramData\Documents [14/01/2019 13:25:22] - |D| - [0] - C:\ProgramData\EMCO [25/12/2018 15:38:22] - |D| - [2120] - C:\ProgramData\Emsisoft [04/12/2018 16:33:00] - |D| - [0] - C:\ProgramData\Engelmann Software [06/09/2018 13:37:54] - |D| - [10897089] - C:\ProgramData\EPSON [27/01/2019 10:30:05] - |A| - [7023920] - C:\ProgramData\EsgInstallerResumeAction_fc122c440bb36e9848eccb0d653be95b.exe [12/03/2019 05:18:02] - |D| - [0] - C:\ProgramData\explauncher [21/02/2019 15:55:02] - |D| - [166583] - C:\ProgramData\Fighters [08/11/2018 23:52:09] - |D| - [327] - C:\ProgramData\GenArts [06/12/2018 16:25:15] - |D| - [84] - C:\ProgramData\GraphicsType [01/01/2019 12:30:51] - |D| - [3040069] - C:\ProgramData\GRETECH [05/03/2013 00:17:19] - |D| - [126775216] - C:\ProgramData\Hewlett-Packard [02/03/2019 12:36:31] - |D| - [7020274] - C:\ProgramData\icofx3 [01/03/2019 05:58:58] - |D| - [229319792] - C:\ProgramData\install_backup [05/03/2013 00:28:11] - |D| - [0] - C:\ProgramData\install_clap [10/01/2019 08:48:30] - |D| - [5335] - C:\ProgramData\IObit [26/02/2019 09:37:02] - |D| - [7374422] - C:\ProgramData\IRISmart File [25/02/2019 15:02:17] - |D| - [0] - C:\ProgramData\K7 Computing [06/09/2018 13:45:43] - |D| - [3568] - C:\ProgramData\Keepvid [12/11/2018 15:54:41] - |D| - [2048] - C:\ProgramData\Key-Base [12/03/2019 05:18:01] - |D| - [0] - C:\ProgramData\launcher [14/09/2018 11:14:36] - |D| - [12496] - C:\ProgramData\Lavasoft [01/01/2019 18:29:53] - |D| - [0] - C:\ProgramData\Le Robert [30/12/2018 13:25:04] - |D| - [1215] - C:\ProgramData\LHService [04/12/2018 18:25:20] - |D| - [65] - C:\ProgramData\Licenses [26/02/2019 09:53:17] - |D| - [55291563] - C:\ProgramData\Loaris [14/09/2018 10:53:06] - |D| - [1107539] - C:\ProgramData\Log [17/01/2019 16:25:04] - |D| - [103762] - C:\ProgramData\MAGIX [04/02/2019 13:23:11] - |D| - [538736] - C:\ProgramData\Malwarebytes Anti-Exploit [01/01/2019 17:17:50] - |D| - [512] - C:\ProgramData\Malwarebytes' Anti-Malware (portable) [24/02/2019 15:00:40] - |D| - [5794910160] - C:\ProgramData\Martau [04/02/2019 14:38:02] - |D| - [230096] - C:\ProgramData\MB3Install [14/01/2019 14:48:25] - |D| - [0] - C:\ProgramData\McAfee [02/09/2018 17:42:39] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [21/09/2018 12:07:24] - |D| - [21504] - C:\ProgramData\Micro Application [26/07/2012 06:37:58] - |D| - [645579208] - C:\ProgramData\Microsoft [25/12/2018 11:44:54] - |A| - [115] - C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [24/09/2018 10:56:14] - |A| - [105] - C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc [24/02/2019 13:38:06] - |A| - [16] - C:\ProgramData\mntemp [24/02/2019 13:38:06] - |A| - [16] - C:\ProgramData\mntemp.BackupByTotalUninstallPortable [02/09/2018 17:42:39] - |SHD| - [0] - C:\ProgramData\Modèles [21/02/2019 15:54:29] - |D| - [5734] - C:\ProgramData\movavi [17/01/2019 17:29:54] - |D| - [24] - C:\ProgramData\Mozilla [08/02/2019 13:39:31] - |D| - [32236] - C:\ProgramData\Nero [05/03/2013 00:47:28] - |D| - [0] - C:\ProgramData\NortonInstaller [26/02/2019 09:40:58] - |D| - [3180736] - C:\ProgramData\Notepad++ [13/09/2018 10:01:38] - |D| - [82552133] - C:\ProgramData\Oracle [03/09/2018 19:13:54] - |D| - [604209799] - C:\ProgramData\Package Cache [04/02/2019 17:06:11] - |D| - [304] - C:\ProgramData\Panda Security [01/01/2019 12:48:49] - |D| - [62550030] - C:\ProgramData\PDF Architect 6 [09/12/2018 09:59:40] - |D| - [36] - C:\ProgramData\PDVD [01/08/2012 18:06:12] - |D| - [33744] - C:\ProgramData\PRICache [01/03/2019 09:40:49] - |D| - [66867486] - C:\ProgramData\proDAD [10/01/2019 08:50:16] - |D| - [1024] - C:\ProgramData\ProductData [05/10/2018 07:29:43] - |D| - [1890] - C:\ProgramData\Protexis [08/10/2018 07:31:02] - |D| - [1938] - C:\ProgramData\Protexis64 [14/09/2018 10:58:07] - |D| - [0] - C:\ProgramData\Real [26/07/2012 09:12:59] - |D| - [984] - C:\ProgramData\regid.1991-06.com.microsoft [24/02/2019 12:54:50] - |A| - [4528] - C:\ProgramData\Restore Point Creator.log [11/03/2019 16:55:51] - |D| - [748157904] - C:\ProgramData\Restoro [04/02/2019 13:19:13] - |D| - [1740330] - C:\ProgramData\ReviverSoft [09/02/2019 09:59:06] - |D| - [2602] - C:\ProgramData\RogueKiller [26/02/2019 09:37:47] - |D| - [35560] - C:\ProgramData\SafeNet Sentinel [31/01/2019 15:01:14] - |D| - [0] - C:\ProgramData\Seagate [09/12/2018 14:08:48] - |D| - [0] - C:\ProgramData\Shared Space [21/02/2019 15:49:25] - |D| - [43066712] - C:\ProgramData\Spyware Terminator [26/07/2012 08:22:08] - |SHD| - [0] - C:\ProgramData\Start Menu [20/02/2019 08:35:02] - |D| - [12841] - C:\ProgramData\Steganos [26/02/2019 09:42:57] - |D| - [1301464589] - C:\ProgramData\STOPzilla! [03/09/2018 19:12:20] - |D| - [76714819] - C:\ProgramData\SUPPORTDIR [12/03/2019 15:08:35] - |D| - [8352] - C:\ProgramData\SystemAcCrux [14/01/2019 08:41:25] - |D| - [156] - C:\ProgramData\Tech Tool Store [09/11/2018 09:46:21] - |D| - [0] - C:\ProgramData\Temp [27/02/2019 08:39:36] - |A| - [32] - C:\ProgramData\Temp.log [26/07/2012 08:22:08] - |SHD| - [0] - C:\ProgramData\Templates [28/10/2018 12:31:55] - |D| - [4680] - C:\ProgramData\UDL [14/01/2019 08:59:52] - |D| - [25588448] - C:\ProgramData\Ultra Adware Killer [14/01/2019 09:12:16] - |D| - [97576] - C:\ProgramData\Unchecky [02/01/2019 09:03:03] - |D| - [294] - C:\ProgramData\UniqueId [25/02/2019 14:41:27] - |D| - [5085] - C:\ProgramData\USBSRService [25/09/2018 07:55:37] - |D| - [26778198] - C:\ProgramData\UVK [05/03/2013 00:30:04] - |D| - [657419] - C:\ProgramData\WildTangent [10/01/2019 08:00:55] - |D| - [1493] - C:\ProgramData\Wondershare [06/12/2018 16:23:36] - |D| - [52] - C:\ProgramData\Wondershare Application Common Data [05/11/2018 13:10:21] - |D| - [154097412] - C:\ProgramData\Wondershare Video Editor [17/01/2019 16:29:09] - |D| - [3] - C:\ProgramData\Xara [21/02/2019 15:48:01] - |D| - [8192] - C:\ProgramData\Xilisoft [10/12/2018 16:01:09] - |D| - [1817] - C:\ProgramData\YaraEditor [21/02/2019 15:49:46] - |A| - [12661] - C:\ProgramData\zfcvtmok.dsr [31/10/2018 07:53:18] - |D| - [24576] - C:\ProgramData\ZiBackup [13/12/2018 14:18:49] - |D| - [0] - C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216} [22/11/2018 08:45:54] - |D| - [0] - C:\ProgramData\{58EE934C-5324-7D05-F65A-D71EA95A4533} [12/11/2018 15:54:42] - |D| - [0] - C:\ProgramData\{64D7EF03-720E-92E4-1362-1DD1E90B4309} [14/09/2018 13:03:25] - |D| - [38225910] - C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44} [03/11/2018 13:00:28] - |D| - [65] - C:\ProgramData\{7F40DE3E-8294-4E24-B2EA-80F6C6BB173C} [01/01/2019 12:34:07] - |D| - [138] - C:\ProgramData\{E0224FF9-7AE3-4F9E-991A-2F004F7E3952} [01/01/2019 12:53:30] - |D| - [67] - C:\ProgramData\{EAAB5A83-3809-4B0E-83A6-E4B0DBF2157E} [03/12/2018 09:05:35] - |D| - [0] - C:\ProgramData\{F86B0233-9A85-4589-8AAF-524CC4F8211B} ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [26/07/2012 09:13:01] - |SH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [02/09/2018 17:42:39] - |SHD| - [247741] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [26/07/2012 09:12:59] - |RD| - [247741] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [30/10/2018 10:11:08] - |D| - [4061] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AC3Filter [26/07/2012 09:12:59] - |D| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [26/07/2012 09:12:59] - |D| - [18212] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [26/02/2019 10:42:23] - |D| - [2492] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\adaware [26/07/2012 09:12:59] - |D| - [25611] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [01/01/2019 15:31:52] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anvisoft [13/11/2018 10:58:40] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft [04/02/2019 12:53:53] - |A| - [2519] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [01/01/2019 18:28:33] - |D| - [5410] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applications Serif [13/01/2019 14:24:32] - |D| - [1196] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo [06/03/2019 15:35:10] - |D| - [1894] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [01/01/2019 12:19:26] - |D| - [3443] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandizip [22/11/2018 17:03:32] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Bureau [04/02/2019 12:49:15] - |D| - [1917] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitCopy [26/03/2019 18:34:39] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware [26/02/2019 11:19:23] - |D| - [4091] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO [08/12/2018 09:30:08] - |D| - [2006] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite [07/09/2018 13:27:42] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum [26/07/2012 09:13:01] - |ASH| - [1358] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [25/07/2012 21:21:52] - |A| - [787] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk [14/01/2019 15:12:18] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disk Analyzer Pro [28/02/2019 14:25:59] - |D| - [1098] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software [26/02/2019 09:40:57] - |D| - [4248] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters [14/09/2018 08:28:28] - |A| - [898] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox Nightly.lnk [03/09/2018 22:57:36] - |A| - [1161] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [05/03/2013 00:30:09] - |D| - [198] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [01/01/2019 12:30:54] - |D| - [1179] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM [08/09/2018 07:36:06] - |A| - [2296] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [01/01/2019 12:31:53] - |A| - [2188] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk [05/03/2013 00:23:32] - |D| - [11179] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support [08/01/2019 06:40:55] - |D| - [1320] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IconPack [25/07/2012 21:32:35] - |A| - [2312] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [26/02/2019 09:37:38] - |D| - [13986] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IRISmart File [13/09/2018 10:02:33] - |D| - [6533] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [13/09/2018 09:30:09] - |D| - [8188] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack [10/09/2018 10:23:28] - |A| - [1119] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Meleon.lnk [26/07/2012 09:12:59] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [21/09/2018 12:01:34] - |D| - [2341] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Micro Application [24/01/2019 11:54:32] - |D| - [2295] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [04/02/2019 13:25:52] - |D| - [5598] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Morae [04/02/2019 14:19:15] - |A| - [1307] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk [05/03/2013 00:28:52] - |D| - [2320] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos [08/02/2019 13:39:44] - |D| - [28825] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero [14/09/2018 10:51:29] - |D| - [4198] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netscape Navigator [09/09/2018 14:09:22] - |A| - [899] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pale Moon.lnk [04/02/2019 13:16:24] - |D| - [994] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon HFS+ for Windows [20/02/2019 10:06:43] - |D| - [3248] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Migrate OS to SSD™ 4.0 [14/01/2019 09:57:18] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pegasun System Utilities [04/02/2019 14:13:58] - |A| - [1376] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk [14/01/2019 16:23:34] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Organizer [12/09/2018 19:34:40] - |D| - [7456] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.5 [05/03/2013 00:29:57] - |D| - [81] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools [01/01/2019 18:52:10] - |D| - [5342] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reasonable NoClone 2014 [10/09/2018 10:39:33] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RedFox [05/03/2013 00:25:55] - |D| - [81] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection [17/01/2019 16:32:59] - |D| - [5398] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications [01/01/2019 18:28:33] - |A| - [2503] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif DrawPlus X8 (32 bits).lnk [17/01/2019 16:32:59] - |A| - [2507] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif PagePlus X9 (32 bits).lnk [04/02/2019 12:54:15] - |D| - [2501] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Services d’impression Bonjour [02/09/2018 17:47:27] - |D| - [2292] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services [04/02/2019 14:32:16] - |D| - [900] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silent Install Builder 5 [26/07/2012 09:12:59] - |D| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [26/02/2019 09:49:27] - |D| - [3857] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla [26/02/2019 09:43:04] - |D| - [4044] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla AntiMalware [01/01/2019 18:12:19] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Studio V5 [26/07/2012 09:12:59] - |D| - [7540] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [14/01/2019 15:42:54] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools Gmail Backup [10/01/2019 08:47:35] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools Google Apps Backup [14/01/2019 16:13:42] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools PDF Unlocker [10/01/2019 08:47:47] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools PDF Watermark Remover [10/01/2019 08:47:41] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools VHDX Viewer [26/07/2012 10:45:49] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [04/02/2019 14:34:08] - |D| - [2631] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith [14/01/2019 09:12:16] - |D| - [2045] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky [30/10/2018 10:10:43] - |D| - [1883] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VobSub [04/02/2019 14:19:44] - |RD| - [2445] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [04/02/2019 14:02:52] - |A| - [1460] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk [04/02/2019 14:01:10] - |A| - [2488] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk [25/07/2012 21:13:01] - |A| - [2028] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [26/07/2012 09:13:01] - |A| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [13/03/2019 13:10:25] - |D| - [119052580] - C:\Program Files (x86)\360 [11/01/2019 20:45:17] - |D| - [520749] - C:\Program Files (x86)\AC3Filter [24/01/2019 11:37:33] - |D| - [100843310] - C:\Program Files (x86)\Ad-Aware Browser [08/09/2018 06:37:01] - |D| - [340940] - C:\Program Files (x86)\Adobe [17/02/2019 13:22:41] - |D| - [63280509] - C:\Program Files (x86)\AIMP [05/03/2013 00:20:22] - |D| - [2249244] - C:\Program Files (x86)\AMD APP [21/02/2019 16:19:33] - |D| - [42321830] - C:\Program Files (x86)\Anvisoft [12/03/2019 15:16:07] - |D| - [101865987] - C:\Program Files (x86)\AOMEI Backupper [13/11/2018 10:57:51] - |D| - [0] - C:\Program Files (x86)\Apowersoft [04/02/2019 12:53:51] - |D| - [2190208] - C:\Program Files (x86)\Apple Software Update [04/02/2019 12:48:03] - |D| - [100757301] - C:\Program Files (x86)\Ashampoo [05/03/2013 00:19:36] - |D| - [61769375] - C:\Program Files (x86)\ATI Technologies [13/01/2019 14:11:52] - |D| - [126461687] - C:\Program Files (x86)\Avanquest [01/03/2019 05:47:14] - |D| - [641358083] - C:\Program Files (x86)\AVG [02/03/2019 12:36:47] - |D| - [25590740] - C:\Program Files (x86)\Axialis [26/03/2019 18:21:18] - |D| - [14544424] - C:\Program Files (x86)\Babylon [26/03/2019 18:33:10] - |D| - [2172270] - C:\Program Files (x86)\BabylonToolbar [04/02/2019 13:37:27] - |D| - [130516643] - C:\Program Files (x86)\baidu [24/01/2019 09:02:20] - |D| - [49831833] - C:\Program Files (x86)\Bandicam [24/01/2019 09:01:42] - |D| - [9130326] - C:\Program Files (x86)\BandiMPEG1 [04/02/2019 12:49:15] - |D| - [1821184] - C:\Program Files (x86)\BitCopy [04/02/2019 12:49:33] - |D| - [493253205] - C:\Program Files (x86)\BlazeVideo [01/01/2019 12:50:28] - |D| - [500274] - C:\Program Files (x86)\Bonjour [26/07/2012 06:37:58] - |D| - [789093565] - C:\Program Files (x86)\Common Files [26/02/2019 10:29:39] - |D| - [255302695] - C:\Program Files (x86)\Comodo [09/09/2018 14:24:55] - |D| - [7481330] - C:\Program Files (x86)\CoreFTP [01/03/2019 05:56:38] - |D| - [255085465] - C:\Program Files (x86)\CyberLink [06/12/2018 09:03:15] - |D| - [1860] - C:\Program Files (x86)\DAL [26/07/2012 09:13:01] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [04/02/2019 13:14:34] - |D| - [5490202] - C:\Program Files (x86)\DFX [11/01/2019 20:44:26] - |D| - [57808930] - C:\Program Files (x86)\Digital Video Duplicator [04/02/2019 14:21:31] - |D| - [11790325] - C:\Program Files (x86)\Disk Analyzer Pro [26/02/2019 10:06:30] - |D| - [139700954] - C:\Program Files (x86)\Downloadcrew UpdateScanner [04/02/2019 13:03:28] - |D| - [13215671] - C:\Program Files (x86)\Driver-Soft [04/02/2019 14:23:32] - |D| - [11878624] - C:\Program Files (x86)\Duplicate Photos Fixer Pro [04/02/2019 14:37:59] - |D| - [75993379] - C:\Program Files (x86)\DVDVideoSoft [12/03/2019 15:05:07] - |D| - [185778879] - C:\Program Files (x86)\EaseUS [31/12/2018 09:22:43] - |D| - [8927492] - C:\Program Files (x86)\EPSON [28/02/2019 14:25:58] - |D| - [12421266] - C:\Program Files (x86)\EPSON Software [21/02/2019 15:55:50] - |D| - [20521416] - C:\Program Files (x86)\Fighters [04/02/2019 13:52:13] - |D| - [9722128] - C:\Program Files (x86)\File Recovery [03/12/2018 08:59:48] - |D| - [6844376] - C:\Program Files (x86)\Folder Marker [10/12/2018 10:49:52] - |D| - [20641460] - C:\Program Files (x86)\FreeCodecPack [30/10/2018 10:10:41] - |D| - [52275] - C:\Program Files (x86)\Gabest [25/12/2018 09:58:17] - |D| - [5720936] - C:\Program Files (x86)\Genesys Logic [02/02/2019 07:09:10] - |D| - [0] - C:\Program Files (x86)\Genesyslogic [08/09/2018 07:14:38] - |D| - [464756421] - C:\Program Files (x86)\Google [13/09/2018 16:32:51] - |D| - [121837024] - C:\Program Files (x86)\GRETECH [12/01/2019 11:18:30] - |D| - [8976376] - C:\Program Files (x86)\GUMC3CB.tmp [12/01/2019 11:18:30] - |A| - [7895040] - C:\Program Files (x86)\GUTC3FB.tmp [05/03/2013 00:14:24] - |D| - [11018689] - C:\Program Files (x86)\Hewlett-Packard [04/02/2019 13:12:53] - |D| - [96306605] - C:\Program Files (x86)\Icecream Ebook Reader [02/03/2019 12:36:10] - |D| - [50504205] - C:\Program Files (x86)\icofx3 [02/03/2019 12:38:15] - |D| - [9064957] - C:\Program Files (x86)\IconXP [28/02/2019 14:35:41] - |D| - [10639183] - C:\Program Files (x86)\IDA [04/02/2019 13:17:51] - |D| - [1141108] - C:\Program Files (x86)\inPixio [05/03/2013 00:18:18] - |HD| - [34099373] - C:\Program Files (x86)\InstallShield Installation Information [26/07/2012 09:12:59] - |D| - [4846686] - C:\Program Files (x86)\Internet Explorer [04/02/2019 12:43:51] - |D| - [56054788] - C:\Program Files (x86)\IObit [26/02/2019 09:37:02] - |D| - [455925498] - C:\Program Files (x86)\IRISmart File [26/02/2019 09:42:57] - |D| - [46420162] - C:\Program Files (x86)\iS3 [04/02/2019 13:57:40] - |D| - [7663168] - C:\Program Files (x86)\JAM Software [13/09/2018 09:30:02] - |D| - [80352895] - C:\Program Files (x86)\K-Lite Codec Pack [10/09/2018 10:22:39] - |D| - [68541089] - C:\Program Files (x86)\K-Meleon [20/02/2019 12:27:40] - |D| - [76533364] - C:\Program Files (x86)\K7 Computing [04/02/2019 13:58:09] - |D| - [5346356] - C:\Program Files (x86)\KC Softwares [04/02/2019 13:20:57] - |D| - [6308028] - C:\Program Files (x86)\KeePass Password Safe 2 [25/02/2019 18:14:35] - |D| - [223780898] - C:\Program Files (x86)\Keepvid [04/10/2018 13:26:00] - |D| - [198712] - C:\Program Files (x86)\KeyCryptSDK [02/02/2019 15:06:07] - |D| - [149701] - C:\Program Files (x86)\KillSoft [21/02/2019 16:10:15] - |D| - [84499800] - C:\Program Files (x86)\Kotobee Reader [01/01/2019 18:29:48] - |D| - [8600173] - C:\Program Files (x86)\Le Robert [17/01/2019 16:51:18] - |D| - [1898800] - C:\Program Files (x86)\LiveUpdate [17/01/2019 16:25:03] - |D| - [0] - C:\Program Files (x86)\MAGIX [23/01/2019 12:27:47] - |D| - [254536] - C:\Program Files (x86)\MD5Look [21/09/2018 11:50:42] - |D| - [3332914498] - C:\Program Files (x86)\Micro Application [04/02/2019 13:41:52] - |D| - [6081224] - C:\Program Files (x86)\Microsoft OneDrive [24/01/2019 11:40:57] - |D| - [42894550] - C:\Program Files (x86)\Microsoft Silverlight [04/02/2019 14:04:18] - |D| - [1694056] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition [26/07/2012 09:12:59] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [04/02/2019 14:18:29] - |D| - [16367369] - C:\Program Files (x86)\MiniCopier [11/03/2019 17:12:30] - |D| - [112206659] - C:\Program Files (x86)\MiniTool ShadowMaker [07/09/2018 12:12:26] - |D| - [6713856] - C:\Program Files (x86)\Moo0 [01/01/2019 18:05:24] - |D| - [96112] - C:\Program Files (x86)\Morgan [11/03/2019 18:08:00] - |D| - [5878871] - C:\Program Files (x86)\Movavi Audio Suite [14/09/2018 09:00:28] - |D| - [171262390] - C:\Program Files (x86)\Mozilla Firefox [03/09/2018 22:57:34] - |D| - [356590] - C:\Program Files (x86)\Mozilla Maintenance Service [01/08/2012 18:08:42] - |D| - [25757] - C:\Program Files (x86)\MSBuild [17/01/2019 16:22:33] - |D| - [154033] - C:\Program Files (x86)\MSXML 4.0 [12/02/2019 16:13:30] - |D| - [11346742] - C:\Program Files (x86)\muCommander [08/02/2019 13:39:43] - |D| - [757522031] - C:\Program Files (x86)\Nero [14/09/2018 10:51:08] - |D| - [21866775] - C:\Program Files (x86)\Netscape [08/11/2018 23:49:51] - |D| - [309765079] - C:\Program Files (x86)\NewBlue [04/02/2019 14:17:09] - |D| - [16667297] - C:\Program Files (x86)\NiceCopier [03/09/2018 19:41:40] - |D| - [20313740] - C:\Program Files (x86)\NSIS Uninstall Information [10/01/2019 08:54:28] - |D| - [1050624] - C:\Program Files (x86)\OldTimer [05/03/2013 00:30:04] - |RD| - [1549625] - C:\Program Files (x86)\Online Services [14/01/2019 14:31:00] - |D| - [1050624] - C:\Program Files (x86)\OTL-TFC-Rem VBS Worm-USB File Resc setup.exe 0.0.0.0 [04/02/2019 14:35:09] - |D| - [2092258] - C:\Program Files (x86)\Panda USB Vaccine [04/02/2019 13:16:23] - |D| - [805876] - C:\Program Files (x86)\Paragon Software [14/01/2019 09:57:12] - |D| - [9975533] - C:\Program Files (x86)\Pegasun [11/03/2019 17:03:22] - |D| - [4124726] - C:\Program Files (x86)\ProtectStar [05/03/2013 00:18:18] - |D| - [48454551] - C:\Program Files (x86)\Realtek [01/01/2019 18:52:09] - |D| - [10714049] - C:\Program Files (x86)\Reasonable NoClone 2014 [10/09/2018 10:39:33] - |D| - [0] - C:\Program Files (x86)\RedFox [01/08/2012 18:08:43] - |D| - [38319361] - C:\Program Files (x86)\Reference Assemblies [04/02/2019 14:11:08] - |D| - [592042] - C:\Program Files (x86)\RegSeeker [14/01/2019 07:11:37] - |D| - [114176] - C:\Program Files (x86)\Rem VBS Worm [24/02/2019 08:22:06] - |D| - [1896101] - C:\Program Files (x86)\Restore Point Creator [08/12/2018 09:06:55] - |D| - [3823875] - C:\Program Files (x86)\Runtime Software [01/01/2019 18:27:53] - |D| - [2378955007] - C:\Program Files (x86)\Serif [04/02/2019 14:32:16] - |D| - [29291674] - C:\Program Files (x86)\Silent Install Builder 5 [09/02/2019 09:58:24] - |D| - [3003520] - C:\Program Files (x86)\Slowin Killer [07/03/2019 09:13:45] - |D| - [5331295] - C:\Program Files (x86)\Snappy Driver Installer [20/02/2019 08:23:13] - |D| - [28878544] - C:\Program Files (x86)\Soft Organizer [21/02/2019 15:49:19] - |D| - [45157536] - C:\Program Files (x86)\Spyware Terminator [20/02/2019 08:34:59] - |D| - [35507118] - C:\Program Files (x86)\Steganos [04/02/2019 14:30:18] - |D| - [72810118] - C:\Program Files (x86)\Stellar Phoenix Data Recovery pour iOS [04/02/2019 13:31:49] - |D| - [15181505] - C:\Program Files (x86)\Stellar Phoenix Word Repair [30/10/2018 14:43:11] - |D| - [716125192] - C:\Program Files (x86)\Studio V5 [04/02/2019 14:05:55] - |D| - [3106495] - C:\Program Files (x86)\Systools EPUB Viewer [14/01/2019 15:42:31] - |D| - [33228923] - C:\Program Files (x86)\SysTools Gmail Backup [10/01/2019 08:47:30] - |D| - [36616125] - C:\Program Files (x86)\SysTools Google Apps Backup [14/01/2019 16:13:24] - |D| - [22093342] - C:\Program Files (x86)\SysTools PDF Unlocker [10/01/2019 08:47:45] - |D| - [9341039] - C:\Program Files (x86)\SysTools PDF Watermark Remover [04/02/2019 13:25:46] - |D| - [51234140] - C:\Program Files (x86)\TechSmith [04/02/2019 14:05:45] - |D| - [0] - C:\Program Files (x86)\Tenorshare [04/02/2019 12:56:54] - |D| - [31606642] - C:\Program Files (x86)\The Cleaner [21/02/2019 16:10:03] - |D| - [63602282] - C:\Program Files (x86)\TunesKit Audio Converter [09/02/2019 09:56:16] - |D| - [47300022] - C:\Program Files (x86)\Tweaking.com [14/01/2019 09:12:14] - |D| - [5239468] - C:\Program Files (x86)\Unchecky [26/03/2019 18:33:13] - |D| - [231967] - C:\Program Files (x86)\Unlocker [14/01/2019 07:11:51] - |D| - [423936] - C:\Program Files (x86)\USB File Resc [09/02/2019 09:56:03] - |D| - [11147238] - C:\Program Files (x86)\USB Safely Remove [12/03/2019 16:21:04] - |D| - [764722] - C:\Program Files (x86)\UsbFix [06/12/2018 16:01:34] - |D| - [38733262] - C:\Program Files (x86)\UX Pack [04/02/2019 13:34:53] - |D| - [575293] - C:\Program Files (x86)\ViGlance [14/01/2019 08:41:28] - |D| - [17129714] - C:\Program Files (x86)\Winamp [30/10/2018 10:10:23] - |D| - [73015] - C:\Program Files (x86)\WinASPI [26/07/2012 09:12:59] - |D| - [1188160] - C:\Program Files (x86)\Windows Defender [04/02/2019 13:54:56] - |D| - [140567934] - C:\Program Files (x86)\Windows Live [26/07/2012 09:12:59] - |D| - [5731328] - C:\Program Files (x86)\Windows Mail [26/07/2012 09:12:59] - |D| - [3663899] - C:\Program Files (x86)\Windows Media Player [26/07/2012 09:12:59] - |D| - [219648] - C:\Program Files (x86)\Windows Multimedia Platform [26/07/2012 09:12:59] - |D| - [7594554] - C:\Program Files (x86)\Windows NT [26/07/2012 09:12:59] - |D| - [5479880] - C:\Program Files (x86)\Windows Photo Viewer [26/07/2012 09:12:59] - |D| - [219648] - C:\Program Files (x86)\Windows Portable Devices [26/07/2012 09:12:59] - |SD| - [0] - C:\Program Files (x86)\Windows Sidebar [04/02/2019 14:11:36] - |D| - [12784605] - C:\Program Files (x86)\Wise [21/02/2019 15:48:01] - |D| - [108766364] - C:\Program Files (x86)\Xilisoft [02/02/2019 08:17:39] - |D| - [11156413] - C:\Program Files (x86)\XviD [24/02/2019 13:02:50] - |D| - [36635] - C:\Program Files (x86)\Zemana AntiLogger [24/02/2019 13:35:54] - |D| - [36301] - C:\Program Files (x86)\Zemana AntiMalware ---------- | C:\Program Files [02/02/2019 08:17:10] - |D| - [899998579] - C:\Program Files\adaware [14/01/2019 09:52:54] - |D| - [7343690] - C:\Program Files\Adblock Plus for IE [10/03/2019 10:00:37] - |D| - [46802] - C:\Program Files\AMD [13/01/2019 14:23:41] - |D| - [263625539] - C:\Program Files\Ashampoo [05/03/2013 00:19:37] - |D| - [27488048] - C:\Program Files\ATI [10/03/2019 09:47:51] - |D| - [51503625] - C:\Program Files\AVAST Software [01/03/2019 05:44:34] - |D| - [1232076846] - C:\Program Files\AVG [26/03/2019 18:21:19] - |D| - [416800] - C:\Program Files\Babylon [01/01/2019 12:19:23] - |D| - [19071632] - C:\Program Files\Bandizip [12/09/2018 19:36:25] - |D| - [0] - C:\Program Files\Blackmagic Design [01/01/2019 12:50:28] - |D| - [195922] - C:\Program Files\Bonjour [04/02/2019 12:54:14] - |D| - [3241208] - C:\Program Files\Bonjour Print Services [20/02/2019 15:06:24] - |D| - [54028238] - C:\Program Files\BorisFX [26/03/2019 18:31:08] - |D| - [26704401] - C:\Program Files\ByteFence [04/02/2019 12:56:33] - |D| - [41120200] - C:\Program Files\CCleaner [26/07/2012 06:37:58] - |D| - [485508057] - C:\Program Files\Common Files [04/02/2019 12:59:14] - |D| - [46411924] - C:\Program Files\COMODO [01/03/2019 09:29:10] - |D| - [1942494072] - C:\Program Files\CyberLink [07/09/2018 13:20:55] - |D| - [90740803] - C:\Program Files\DAUM [26/07/2012 09:13:11] - |ASH| - [174] - C:\Program Files\desktop.ini [31/01/2019 10:50:41] - |D| - [0] - C:\Program Files\Digiarty [20/02/2019 08:33:38] - |D| - [11098250] - C:\Program Files\Ext2Fsd [02/09/2018 17:42:40] - |SHD| - [0] - C:\Program Files\Fichiers communs [14/09/2018 08:27:25] - |D| - [187081021] - C:\Program Files\Firefox Nightly [01/01/2019 12:29:58] - |D| - [0] - C:\Program Files\FreeDownloadManager.ORG [14/03/2019 18:36:23] - |D| - [48298279] - C:\Program Files\FreeFileSync [01/01/2019 12:31:46] - |D| - [219157759] - C:\Program Files\Google [02/03/2019 12:35:55] - |D| - [104969511] - C:\Program Files\GRETECH [10/09/2018 22:11:42] - |D| - [0] - C:\Program Files\Hasleo [05/03/2013 00:14:23] - |D| - [3855844] - C:\Program Files\Hewlett-Packard [20/02/2019 10:45:20] - |D| - [18263806] - C:\Program Files\IM-Magic [26/07/2012 09:12:59] - |D| - [6686119] - C:\Program Files\Internet Explorer [26/02/2019 09:49:17] - |D| - [37959824] - C:\Program Files\iS3 [24/01/2019 15:39:43] - |D| - [45180198] - C:\Program Files\Isoo Backup [13/09/2018 10:01:29] - |D| - [411472514] - C:\Program Files\Java [24/01/2019 10:49:01] - |D| - [28543296] - C:\Program Files\Loaris Trojan Remover [26/02/2019 09:31:24] - |D| - [343124325] - C:\Program Files\MAGIX [14/03/2019 16:10:28] - |D| - [5817773] - C:\Program Files\Malwarebytes [24/01/2019 11:40:59] - |D| - [55728894] - C:\Program Files\Microsoft Silverlight [04/02/2019 14:32:41] - |D| - [42304152] - C:\Program Files\MiniTool Partition Wizard 10 [05/11/2018 09:41:01] - |D| - [3810] - C:\Program Files\MiniToolPowerDataRecovery [13/09/2018 08:45:56] - |D| - [186928108] - C:\Program Files\Mozilla Firefox [01/08/2012 18:08:13] - |D| - [25757] - C:\Program Files\MSBuild [12/02/2019 13:01:16] - |D| - [18100917] - C:\Program Files\MultiCommander (x64) [01/03/2019 09:38:26] - |D| - [374151572] - C:\Program Files\NewBlue [09/02/2019 09:58:08] - |D| - [12555115] - C:\Program Files\Notepad++ [05/03/2013 00:43:57] - |RD| - [597724] - C:\Program Files\Online Services [09/09/2018 14:08:50] - |D| - [105487776] - C:\Program Files\Pale Moon [20/02/2019 10:06:26] - |D| - [290417439] - C:\Program Files\Paragon Software [04/02/2019 13:28:40] - |D| - [7560196] - C:\Program Files\Password Safe [12/09/2018 19:33:29] - |D| - [227520985] - C:\Program Files\PostgreSQL [01/03/2019 09:40:45] - |D| - [4538171] - C:\Program Files\proDAD [05/03/2013 00:09:52] - |D| - [55117448] - C:\Program Files\Realtek [01/08/2012 18:08:13] - |D| - [36665513] - C:\Program Files\Reference Assemblies [11/03/2019 16:56:09] - |D| - [70696630] - C:\Program Files\Restoro [04/02/2019 13:19:13] - |D| - [43986392] - C:\Program Files\ReviverSoft [12/03/2019 16:20:08] - |D| - [0] - C:\Program Files\RFA 11 [04/02/2019 14:25:30] - |D| - [100229953] - C:\Program Files\RogueKiller [04/02/2019 13:58:52] - |D| - [35898137] - C:\Program Files\Stellar OST to PST Converter [04/02/2019 14:16:10] - |D| - [20721014] - C:\Program Files\Supercopier [10/01/2019 08:47:36] - |D| - [30379697] - C:\Program Files\SysTools VHDX Viewer [03/11/2018 10:16:05] - |D| - [218292] - C:\Program Files\TAP-Windows [23/11/2018 18:42:51] - |D| - [0] - C:\Program Files\TechSmith [04/02/2019 13:39:06] - |D| - [17613788] - C:\Program Files\TeraCopy [04/02/2019 14:40:30] - |D| - [86694680] - C:\Program Files\UCheck [04/02/2019 14:14:24] - |D| - [20771190] - C:\Program Files\Ultracopier [04/02/2019 13:47:29] - |D| - [1788069] - C:\Program Files\USB Disk Storage Format Tool [04/02/2019 13:37:48] - |D| - [13536973] - C:\Program Files\UVK - Ultra Virus Killer [10/09/2018 05:19:51] - |D| - [135254761] - C:\Program Files\VideoLAN [26/07/2012 09:12:59] - |D| - [8842553] - C:\Program Files\Windows Defender [26/07/2012 10:45:49] - |D| - [8971384] - C:\Program Files\Windows Journal [04/02/2019 13:57:28] - |D| - [52928] - C:\Program Files\Windows Live [26/07/2012 09:12:59] - |D| - [6188032] - C:\Program Files\Windows Mail [26/07/2012 09:12:59] - |D| - [5638207] - C:\Program Files\Windows Media Player [26/07/2012 09:12:59] - |D| - [277504] - C:\Program Files\Windows Multimedia Platform [26/07/2012 09:12:59] - |D| - [7960634] - C:\Program Files\Windows NT [26/07/2012 09:12:59] - |D| - [6429128] - C:\Program Files\Windows Photo Viewer [26/07/2012 09:12:59] - |D| - [277504] - C:\Program Files\Windows Portable Devices [26/07/2012 09:12:59] - |SHD| - [0] - C:\Program Files\Windows Sidebar [26/07/2012 09:12:59] - |D| - [1128862407] - C:\Program Files\WindowsApps [04/02/2019 13:35:09] - |D| - [5049320] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [08/09/2018 06:37:02] - |D| - [103238684] - C:\Program Files (x86)\Common Files\Adobe [13/09/2018 15:49:10] - |D| - [30861292] - C:\Program Files (x86)\Common Files\Adobe AIR [04/09/2018 08:29:43] - |D| - [83073508] - C:\Program Files (x86)\Common Files\AntiVirus [04/12/2018 10:25:37] - |D| - [2221568] - C:\Program Files (x86)\Common Files\Anvisoft [01/01/2019 12:48:46] - |D| - [146147669] - C:\Program Files (x86)\Common Files\Apple [14/01/2017 12:37:58] - |A| - [2174976] - C:\Program Files (x86)\Common Files\atimpenc.dll [02/02/2019 08:04:05] - |D| - [1336347] - C:\Program Files (x86)\Common Files\Avanquest Software [14/01/2019 15:42:45] - |D| - [8802472] - C:\Program Files (x86)\Common Files\CDTPL [05/03/2013 00:37:28] - |D| - [0] - C:\Program Files (x86)\Common Files\CyberLink [04/02/2019 13:16:01] - |D| - [182256] - C:\Program Files (x86)\Common Files\DFX [04/02/2019 14:38:01] - |D| - [96709344] - C:\Program Files (x86)\Common Files\DVDVideoSoft [01/01/2019 12:30:51] - |D| - [309184] - C:\Program Files (x86)\Common Files\GOM & Company [05/03/2013 00:18:12] - |D| - [4847976] - C:\Program Files (x86)\Common Files\InstallShield [04/02/2019 12:45:10] - |D| - [0] - C:\Program Files (x86)\Common Files\IObit [01/01/2019 12:34:09] - |D| - [634] - C:\Program Files (x86)\Common Files\IOTransfer [29/01/2019 14:12:02] - |D| - [1975784] - C:\Program Files (x86)\Common Files\Java [07/09/2018 11:46:34] - |D| - [675260] - C:\Program Files (x86)\Common Files\logishrd [17/01/2019 16:25:04] - |D| - [0] - C:\Program Files (x86)\Common Files\MAGIX Services [26/07/2012 09:12:59] - |D| - [47389189] - C:\Program Files (x86)\Common Files\Microsoft Shared [01/01/2019 18:28:29] - |D| - [651776] - C:\Program Files (x86)\Common Files\MSSoap [08/02/2019 13:39:56] - |D| - [50395633] - C:\Program Files (x86)\Common Files\Nero [08/11/2018 23:50:03] - |D| - [287232] - C:\Program Files (x86)\Common Files\NewBlue [05/02/2019 15:29:49] - |D| - [1488873] - C:\Program Files (x86)\Common Files\Nikon [13/09/2018 10:01:17] - |D| - [1541339] - C:\Program Files (x86)\Common Files\Oracle [05/01/2019 09:12:32] - |D| - [4780336] - C:\Program Files (x86)\Common Files\PX Storage Engine [26/07/2012 09:12:59] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [26/07/2012 09:12:59] - |D| - [9863051] - C:\Program Files (x86)\Common Files\System [19/11/2018 20:25:08] - |D| - [4953184] - C:\Program Files (x86)\Common Files\TechSmith Shared [05/03/2013 00:45:06] - |D| - [185183296] - C:\Program Files (x86)\Common Files\Windows Live ---------- | C:\Program Files\Common files [12/01/2019 12:32:15] - |D| - [191640315] - C:\Program Files\Common files\adaware [01/01/2019 15:15:17] - |D| - [6377934] - C:\Program Files\Common files\Aimersoft [01/01/2019 12:49:22] - |D| - [168860446] - C:\Program Files\Common files\Apple [05/03/2013 00:09:47] - |D| - [786432] - C:\Program Files\Common files\ATI Technologies [06/09/2018 00:17:21] - |D| - [4320948] - C:\Program Files\Common files\AV [03/09/2018 23:41:32] - |D| - [0] - C:\Program Files\Common files\AVAST Software [03/11/2018 10:19:35] - |D| - [1988600] - C:\Program Files\Common files\AVG [06/09/2018 13:39:08] - |D| - [152640] - C:\Program Files\Common files\EPSON [07/09/2018 11:20:13] - |D| - [1359652] - C:\Program Files\Common files\logishrd [26/07/2012 09:12:59] - |D| - [91982459] - C:\Program Files\Common files\microsoft shared [08/11/2018 23:50:12] - |D| - [352768] - C:\Program Files\Common files\NewBlue [26/07/2012 09:12:59] - |D| - [2702] - C:\Program Files\Common files\Services [05/03/2013 00:49:04] - |D| - [0] - C:\Program Files\Common files\Symantec Shared [26/07/2012 09:12:59] - |D| - [11127179] - C:\Program Files\Common files\System [14/09/2018 10:47:00] - |A| - [444283] - C:\Program Files\Common files\WinPcapNmap.exe [05/09/2018 05:23:39] - |D| - [6111699] - C:\Program Files\Common files\Wondershare ---------- | Tasks [MD5.E06211B8A8DA0A940FDA2C58CB038C73] - [13/09/2018 10:07:58] - |A| - [1052] - C:\Windows\Tasks\Adobe Flash Player NPAPI Notifier.job [MD5.BD1BF95C5DD4AF3B9E3905BC0A475310] - [13/09/2018 15:46:01] - |A| - [1064] - C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job [MD5.3A10626C502923AB796DE254FA347EBF] - [13/09/2018 10:07:58] - |A| - [1002] - C:\Windows\Tasks\Adobe Flash Player Updater.job [MD5.E58A309AE6A2ABBD4911408DA3860D78] - [21/02/2019 15:36:15] - |A| - [240] - C:\Windows\Tasks\AppManager.exe_20190221_153614_0763.job [MD5.806EFFA5AFA8AB391ACCEB8ED7BC16ED] - [21/02/2019 15:36:44] - |A| - [240] - C:\Windows\Tasks\AppManager.exe_20190221_153644_0236.job [MD5.E78E0B4EF46A4F0F5670216C10E2D4EB] - [21/02/2019 16:25:37] - |A| - [240] - C:\Windows\Tasks\AppManager.exe_20190221_162537_0543.job [MD5.4595C0F11E6DB55F1A81DF4448FBA288] - [21/02/2019 16:36:41] - |A| - [240] - C:\Windows\Tasks\AppManager.exe_20190221_163641_0181.job [MD5.5630D95EC94C0A08BBD7B9CA58533C77] - [05/02/2019 15:27:55] - |A| - [274] - C:\Windows\Tasks\Cyberlink Trigger Task.job [MD5.1E3F70D0143E92A1DF07EDEBC6AA1C87] - [28/10/2018 12:21:02] - |A| - [763] - C:\Windows\Tasks\EPSON XP-710 Series Invitation {2C6FA55B-2D45-4F1A-A7E2-2F5337CF461B}.job [MD5.4DAF4FA94F0A304CE01FAE2C8FCE74C7] - [28/10/2018 12:21:00] - |A| - [949] - C:\Windows\Tasks\EPSON XP-710 Series Update {2C6FA55B-2D45-4F1A-A7E2-2F5337CF461B}.job [MD5.00000000000000000000000000000000] - [11/10/2018 07:58:34] - |D| - [0] - C:\Windows\Tasks\ImCleanDisabled [MD5.45BD8BB36F73DE83DB5B84C28168911E] - [20/02/2019 08:52:11] - |A| - [470] - C:\Windows\Tasks\Processus de surveillance de la défragmentation du registre Windows.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [26/07/2012 08:22:10] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.DD2C2FD82D6B66B9D97E5A47F59F84A8] - [20/02/2019 08:36:20] - |A| - [504] - C:\Windows\Tasks\Steganos Tuning Pro (Autopilot.exe).job [MD5.1716F616B16D44F3813B5828575D26A3] - [20/02/2019 08:35:21] - |A| - [414] - C:\Windows\Tasks\Steganos Tuning Pro.job [MD5.93EE75607F76451B8B51EA0AFD1D2A93] - [06/03/2019 15:32:06] - |A| - [3904] - C:\Windows\System32\Tasks\Antivirus Emergency Update : C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [MD5.00000000000000000000000000000000] - [04/02/2019 12:54:00] - |D| - [3388] - C:\Windows\System32\Tasks\Apple [MD5.00000000000000000000000000000000] - [07/09/2018 15:04:30] - |D| - [0] - C:\Windows\System32\Tasks\AVAST Software [MD5.00000000000000000000000000000000] - [03/11/2018 10:29:15] - |D| - [3952] - C:\Windows\System32\Tasks\AVG [MD5.91FDEA529417608045BD1F399D7560B6] - [19/11/2018 16:39:42] - |A| - [3970] - C:\Windows\System32\Tasks\Boost : C:\Users\Jean-Marie\AppData\Roaming\Reason\Boost\boost.exe [MD5.00000000000000000000000000000000] - [17/12/2018 12:45:33] - |D| - [0] - C:\Windows\System32\Tasks\COMODO [MD5.FE811FD1791AE94D5C14DB7B1275B9BA] - [28/10/2018 12:21:02] - |A| - [3794] - C:\Windows\System32\Tasks\EPSON XP-710 Series Invitation {2C6FA55B-2D45-4F1A-A7E2-2F5337CF461B} : C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.871F0E932B67DE5B2FDE710153FF1803] - [28/10/2018 12:21:00] - |A| - [3980] - C:\Windows\System32\Tasks\EPSON XP-710 Series Update {2C6FA55B-2D45-4F1A-A7E2-2F5337CF461B} : C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.00000000000000000000000000000000] - [05/03/2013 00:24:20] - |D| - [0] - C:\Windows\System32\Tasks\Hewlett-Packard [MD5.00000000000000000000000000000000] - [26/07/2012 09:12:59] - |D| - [373886] - C:\Windows\System32\Tasks\Microsoft [MD5.00000000000000000000000000000000] - [05/09/2018 18:45:38] - |D| - [6714] - C:\Windows\System32\Tasks\Norton Internet Security [MD5.04E54FDF566CF729091525057010764C] - [02/09/2018 17:55:27] - |A| - [3598] - C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-324915258-2866797553-3726413251-1001 : C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLPE.EXE [MD5.00000000000000000000000000000000] - [06/09/2018 00:17:29] - |D| - [3930] - C:\Windows\System32\Tasks\Remediation [MD5.00000000000000000000000000000000] - [02/09/2018 17:48:36] - |D| - [0] - C:\Windows\System32\Tasks\WPD [MD5.00000000000000000000000000000000] - [26/07/2012 09:12:59] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "VIRTCL-WMI-ASYNC-In-TCP-NoScope"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\wbem\unsecapp.exe|Name=@%ProgramFiles%\Hyper-V\SnapInAbout.dll,-218|Desc=@%ProgramFiles%\Hyper-V\SnapInAbout.dll,-219|EmbedCtxt=@%ProgramFiles%\Hyper-V\SnapInAbout.dll,-211| "VIRTCL-WMI-RPCSS-In-TCP-NoScope"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=rpcss|Name=@%ProgramFiles%\Hyper-V\SnapInAbout.dll,-212|Desc=@%ProgramFiles%\Hyper-V\SnapInAbout.dll,-213|EmbedCtxt=@%ProgramFiles%\Hyper-V\SnapInAbout.dll,-211| "Netlogon-TCP-RPC-In"=v2.20|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-NamedPipe-In"=v2.20|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "TCP Query User{6737F3C2-A8CC-4D09-8001-05D95BD939AF}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe|Name=Spyware Terminator 2015 Update Support|Desc=Spyware Terminator 2015 Update Support|Edge=TRUE|Defer=App| "UDP Query User{068AB044-1D2E-47D1-8843-59D1CBB7F5B0}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe|Name=Spyware Terminator 2015 Update Support|Desc=Spyware Terminator 2015 Update Support|Edge=TRUE|Defer=App| "TCP Query User{F8FA92EE-3140-4220-B884-13E8AB781260}C:\users\jean-marie\downloads\sdi_r1811\sdi_x64_r1811.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\jean-marie\downloads\sdi_r1811\sdi_x64_r1811.exe|Name=sdi_x64_r1811.exe|Desc=sdi_x64_r1811.exe|Defer=User| "UDP Query User{7946CF0A-F45D-4922-894A-5E994D319BF1}C:\users\jean-marie\downloads\sdi_r1811\sdi_x64_r1811.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\jean-marie\downloads\sdi_r1811\sdi_x64_r1811.exe|Name=sdi_x64_r1811.exe|Desc=sdi_x64_r1811.exe|Defer=User| "{74BF3BE0-173F-40D2-A305-B82EB2390755}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\AVG\Browser\Application\AVGBrowser.exe|Name=AVG Secure Browser (mDNS-In)|Desc=Règle de trafic entrant pour AVG Secure Browser autorisant le trafic mDNS|EmbedCtxt=AVG Secure Browser| "{DA9B4CDD-5394-4953-9219-9015368A3B80}"=v2.20|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Jean-Marie\AppData\Local\Temp\7ZipSfx.001\bin\tools\aria2c.exe|Name=DriverPack aria2c.exe| "{335EE322-2BAA-41BB-9E72-207347EBF3ED}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|LPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Windows\system32\svchost.exe|Svc=SSDPSRV|Name=WFC - Network Discovery (SSDP-In)|Desc=Inbound rule for Network Discovery to allow use of the Simple Service Discovery Protocol. [UDP 1900]|EmbedCtxt=Windows Firewall Control| "{037EB0A1-77AE-4AC3-9476-1576A01C18E1}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|LPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=WFC - Network Discovery (NB-Name-In)|Desc=Inbound rule for Network Discovery to allow NetBIOS Name Resolution. [UDP 137]|EmbedCtxt=Windows Firewall Control| "{38838F27-06B5-4261-AE64-16754055EE25}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=58|App=System|Name=WFC - Internet Control Message Protocol (ICMPv6-In)|Desc=Allow your computer to respond to PING command that your computer with an IPv6 address exists and can accept requests.|EmbedCtxt=Windows Firewall Control| "{8F02E936-A08A-4B93-98CC-89B9C88F3C3E}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=1|App=System|Name=WFC - Internet Control Message Protocol (ICMPv4-In)|Desc=Allow your computer to respond to PING command that your computer with an IPv4 address exists and can accept requests.|EmbedCtxt=Windows Firewall Control| "{AABB9C4E-2CF9-44EC-BE3D-7D58B0642D27}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|LPort=445|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=WFC - File and Printer Sharing (SMB-In)|Desc=Inbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]|EmbedCtxt=Windows Firewall Control| "{07AC4ECD-FE64-4B8E-ACA7-B5CDDAE16D6D}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|RPort=443|App=C:\Program Files\Malwarebytes\Windows Firewall Control\wfc.exe|Name=WFC - Windows Firewall Control Updater|Desc=Allow Windows Firewall Control to check if a new version is available.|EmbedCtxt=Windows Firewall Control| "{5CD6495B-EEB1-4CA5-AC53-91EECAA052FC}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|RPort=443|App=C:\Windows\system32\svchost.exe|Name=WFC - Windows Update|Desc=Allow Windows Update to check and install new updates.|EmbedCtxt=Windows Firewall Control| "{56B7736F-BBB8-469E-AF77-F2B248F1EEB1}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|RPort=123|App=C:\Windows\system32\svchost.exe|Svc=W32Time|Name=WFC - Windows Time Service|Desc=Allow Windows to synchronize the system clock with an Internet time server.|EmbedCtxt=Windows Firewall Control| "{5B556F0A-7E92-4F89-BA8B-CF17AB94CA79}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Domain|Profile=Private|RPort=1900|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Windows\system32\svchost.exe|Svc=SSDPSRV|Name=WFC - Network Discovery (SSDP-Out)|Desc=Outbound rule for Network Discovery to allow use of the Simple Service Discovery Protocol. [UDP 1900]|EmbedCtxt=Windows Firewall Control| "{5C738DD4-7B21-45F0-AAB5-340984A1DFDB}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Domain|Profile=Private|RPort=137|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=WFC - Network Discovery (NB-Name-Out)|Desc=Outbound rule for Network Discovery to allow NetBIOS Name Resolution. [UDP 137]|EmbedCtxt=Windows Firewall Control| "{6FEF2CF2-E836-418B-9466-8A2326FEEAAE}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Protocol=58|App=System|Name=WFC - Internet Control Message Protocol (ICMPv6-Out)|Desc=Allow your computer to send PING command to verify that a particular IPv6 address exists and can accept requests.|EmbedCtxt=Windows Firewall Control| "{30032F8E-E191-4E4A-B3AE-E5C0F130E08B}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Protocol=1|App=System|Name=WFC - Internet Control Message Protocol (ICMPv4-Out)|Desc=Allow your computer to send PING command to verify that a particular IPv4 address exists and can accept requests.|EmbedCtxt=Windows Firewall Control| "{5D0135A6-48C9-4B2E-9293-DA4F190ED0CE}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Windows\system32\spoolsv.exe|Name=WFC - File and Printer Sharing (Spooler-Out)|Desc=Outbound rule for File and Printer Sharing to allow the Print Spooler Service to print on network printers.|EmbedCtxt=Windows Firewall Control| "{6BC6CE4B-EAC8-474C-AB95-9F8F9448E841}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|Profile=Private|RPort=445|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=WFC - File and Printer Sharing (SMB-Out)|Desc=Outbound rule for File and Printer Sharing to allow Server Message Block transmission and reception via Named Pipes. [TCP 445]|EmbedCtxt=Windows Firewall Control| "{82B63B41-4EA2-49B8-9245-4E861AA53267}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|Profile=Private|RPort=139|RA4=LocalSubnet|RA6=LocalSubnet|App=System|Name=WFC - File and Printer Sharing (NB-Session-Out)|Desc=Outbound rule for File and Printer Sharing to allow NetBIOS Session Service connections. [TCP 139]|EmbedCtxt=Windows Firewall Control| "{FF6E1AC9-4B50-4CE9-AC8E-ED59B1CCC355}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=68|RPort=67|App=C:\Windows\system32\svchost.exe|Svc=Dhcp|Name=WFC - Core Networking - Dynamic Host Configuration Protocol (DHCP-Out)|Desc=Allows DHCP (Dynamic Host Configuration Protocol) messages for stateful auto-configuration.|EmbedCtxt=Windows Firewall Control| "{F1B097C0-2208-4723-ADC9-12015FB87597}"=v2.20|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|RPort=53|App=C:\Windows\system32\svchost.exe|Svc=Dnscache|Name=WFC - Core Networking - DNS (UDP-Out)|Desc=Outbound rule to allow DNS requests. DNS responses based on requests that matched this rule will be permitted regardless of source address. This behavior is classified as loose source mapping. [LSM] [UDP 53]|EmbedCtxt=Windows Firewall Control| "{273815E1-482E-4B72-993C-23890F73E861}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe|Name=AgentService.exe| "{F7820B45-438E-4096-BFF4-2A76F743CF47}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\MiniTool ShadowMaker\AgentService.exe|Name=AgentService.exe| "{7435868B-C731-4BE6-8BE4-0A3EE6E1BC75}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\PCTrans.exe|Name=PCTrans.exe| "{C32B85EE-0E79-40EA-9FE2-C5014333582A}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\PCTrans.exe|Name=PCTrans.exe| "{0D2E74D9-EF29-4983-98A5-F56994E44BCA}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\uexperice.exe|Name=uexperice.exe| "{C561327F-3DA1-48DF-A6C5-EFFD4138E92A}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\uexperice.exe|Name=uexperice.exe| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @PrintQueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3D1B53F5-C26E-427D-9562-34B2290F159E}] : (KeyScrambler) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem15.inf,%ClassName%;Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @%SystemRoot%\System32\Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4E469A36-A7AA-4A8C-A075-B3AB6A21F9E6}] : (MxEFUF) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{54505F9E-EE66-4F1D-A63B-B853A1759385}] : (SymNetS) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{56EBD688-B772-4181-9610-8633FCEE988D}] : (SymIRON) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{78A1C341-4539-11D3-B88D-00C04FAD5171}] : (mfesapsn) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7E0006EA-81A8-4780-B0C8-474E2DBF4D63}] : (IDSVia64) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8496e87e-c0a1-4102-9d8d-bd9a9b8b07a9}] : (WDC_SAM) [] -> @oem7.inf,%WDC_SAM_ClassName%;WD Drive Management devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{997b5d8d-c442-4f2e-baf3-9c8e671e9e21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9D3039DD-CCA5-4B4D-B33D-E2DDC8A8C52E}] : (dtsoftbus01) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{B95B836B-234E-4857-A1F8-D0D9A9BEC1C5}] : (vmbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bc103702-dd72-406f-9b28-95c868337b59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @AudioEndpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C1DBBF82-32F1-443D-B3B9-105E70A8E207}] : (KMWDFILTER) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @WSDPrint.Inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{CA3E7AB9-B4C3-4AE6-8251-579EF933890F}] : () [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [01/07/2016 10:54:24] - (3.0.23.0) - (iS3 Inc. - szkg Device Driver) - C:\Windows\SySWOW64\drivers\szkg64.sys [01/03/2019 05:46:10] - (19.4.4207.0) - (AVG Technologies CZ, s.r.o. - AVG VM Monitor) - C:\Windows\system32\drivers\avgVmm.sys [01/03/2019 05:46:08] - (19.4.4207.0) - (AVG Technologies CZ, s.r.o. - AVG Revert) - C:\Windows\system32\drivers\avgRvrt.sys [04/02/2019 13:16:37] - (11.0.0.0) - (Paragon Software Group - Apple Partition Map Driver) - C:\Windows\system32\DRIVERS\apmwin.sys [04/02/2019 13:17:08] - (11.0.0.0) - (Paragon Software Group - HFS+ Mounter Helper Driver) - C:\Windows\system32\DRIVERS\mounthlp.sys [04/02/2019 13:17:35] - (0.0.0.0) - ( -) - C:\Windows\system32\DRIVERS\gpt_loader.sys [05/11/2018 09:44:46] - (0.0.0.0) - ( -) - C:\Windows\system32\pwdrvio.sys [29/01/2019 13:46:22] - (8.15.1.693) - (Matrox Graphics Inc. - MxEFUF64.sys) - C:\Windows\system32\DRIVERS\MxEFUF64.sys [01/03/2019 05:45:52] - (19.4.4207.0) - (AVG Technologies CZ, s.r.o. - Universal Driver) - C:\Windows\system32\drivers\avgbuniv.sys [01/03/2019 05:45:52] - (19.4.4207.0) - (AVG Technologies CZ, s.r.o. - Logging Driver) - C:\Windows\system32\drivers\avgblog.sys [01/03/2019 05:45:52] - (19.4.4207.0) - (AVG Technologies CZ, s.r.o. - Application Activity Monitor Helper Driver) - C:\Windows\system32\drivers\avgbidsh.sys [01/03/2019 05:46:08] - (19.4.4207.0) - (AVG Technologies CZ, s.r.o. - AVG self protection module) - C:\Windows\system32\drivers\avgSP.sys [01/03/2019 05:46:01] - (19.4.4207.0) - (AVG Technologies CZ, s.r.o. - AVG Virtualization Driver) - C:\Windows\system32\drivers\avgSnx.sys [13/08/2009 10:36:22] - (2.1.0.0) - (Avanquest - AutoSave Mini-Filter) - C:\Windows\system32\DRIVERS\AutoSave.sys [01/03/2019 05:46:08] - (19.4.4207.0) - (AVG Technologies CZ, s.r.o. - AVG Keyboard Filter Driver) - C:\Windows\system32\drivers\avgKbd.sys [13/09/2018 17:09:52] - (2.454.2037.0) - (Google, Inc. - Google Drive File System Driver) - C:\Windows\system32\DRIVERS\googledrivefs2454.sys [09/11/2018 13:17:52] - (7.0.0.16) - (BitDefender LLC - BitDefender Firewall WFP Filter Driver) - C:\Program Files\iS3\STOPzilla AntiVirus\drivers\bdfwfpf\bdfwfpf.sys [01/03/2019 05:46:08] - (19.4.4207.0) - (AVG Technologies CZ, s.r.o. - AVG WFP Redirect Driver) - C:\Windows\system32\drivers\avgRdr2.sys [01/03/2019 05:45:58] - (19.4.4207.0) - (AVG Technologies CZ, s.r.o. - AVG Firewall Driver) - C:\Windows\system32\drivers\avgNetSec.sys [02/02/2019 08:07:26] - (0.0.0.0) - ( -) - C:\Windows\system32\ckldrv.sys [08/09/2018 08:51:43] - (1.2.0.264) - (Glarysoft Ltd - The driver for the Startup Manager tool) - C:\Windows\System32\drivers\GUSBootStartup.sys [14/05/2017 23:34:10] - (6.1.3.0) - (Elaborate Bytes AG - ElbyCD Windows x64 I/O driver) - C:\Windows\System32\Drivers\ElbyCDIO.sys [26/02/2019 11:20:17] - (1.3.48618.136) - (COMODO - COMODO Secure Shopping Driver) - C:\Windows\system32\drivers\cmdcss.sys [01/03/2019 05:45:52] - (19.4.4207.0) - (AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Driver.) - C:\Windows\system32\drivers\avgbidsdriver.sys [01/03/2019 05:46:01] - (19.4.4207.0) - (AVG Technologies CZ, s.r.o. - AVG anti rootkit) - C:\Windows\system32\drivers\avgArPot.sys [01/01/2019 18:40:05] - (1.9.5.600) - (Zemana Ltd. - Zemana AntiLogger Driver) - C:\Windows\system32\drivers\AntiLog64.sys [21/04/2016 10:10:04] - (9.0.0.21) - (The OpenVPN Project - TAP-Windows Virtual Network Driver (NDIS 6.0)) - C:\Windows\system32\DRIVERS\tap0901.sys [29/01/2019 13:44:00] - (2.1.0.25) - (Qualcomm Atheros, Inc. - Killer e2200 PCI-E Gigabit Ethernet Controller) - C:\Windows\system32\DRIVERS\L1C63x64.sys [04/02/2019 14:48:36] - (2.0.0.3505) - (CyberLink - CyberLink Virtual CDROM Bus Enumerator) - C:\Windows\System32\drivers\CLVirtualBus01.sys [08/03/2018 19:37:46] - (6.1.7600.16385) - (Windows (R) Win 7 DDK provider - Explore Systems Virtual Audio Device) - C:\Windows\system32\drivers\dfx12x64.sys [29/01/2019 13:41:53] - (6.0.6000.16386) - (Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM) - C:\Windows\System32\drivers\KMWDFILTER.sys [16/12/2018 19:04:19] - (10.0.16299.31241) - (Realsil Semiconductor Corporation - RTS USB READER Driver) - C:\Windows\system32\Drivers\RtsUer.sys [29/01/2019 13:43:47] - (1.0.0.0) - ( - USB Mouse Lower filter driver) - C:\Windows\System32\drivers\whfltr2k.sys [25/09/2009 02:03:36] - (1.0.4.2) - (JMicron Technology Corp. - JMicron 31X Composite Device Lower Filter Driver) - C:\Windows\system32\DRIVERS\jmccgp.sys [11/01/2019 20:42:39] - (1.8.6.199) - (Zemana Ltd. - Zemana AntiLogger SDK) - C:\Windows\system32\DRIVERS\KeyCrypt64.sys [26/07/2012 03:30:41] - (5.1.2.234) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL [01/03/2019 05:46:08] - (19.4.4207.0) - (AVG Technologies CZ, s.r.o. - AVG File System Minifilter for Windows 2003/Vista) - C:\Windows\system32\drivers\avgMonFlt.sys [21/02/2019 15:49:36] - (4.2.0.1) - (IObit Information Technology - Protected Folder filter driver) - C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys [04/02/2019 13:16:32] - (11.0.0.0) - (Paragon Software Group - HFS+ File System Recognizer) - C:\Windows\system32\DRIVERS\hfsplusrec.sys [01/03/2019 05:46:09] - (19.4.4207.0) - (AVG Technologies CZ, s.r.o. - Stream Filter) - C:\Windows\system32\drivers\avgStm.sys [29/01/2019 13:50:48] - (4.5.1.7) - (GenesysLogic - GeneStor) - C:\Windows\System32\drivers\GeneStor.sys ---------- | LoadOrderGroup Name: szldgp - DriverEnabled: True - GroupOrder: 1 - Status: OK Name: System Reserved - DriverEnabled: True - GroupOrder: 2 - Status: OK Name: EMS - DriverEnabled: True - GroupOrder: 3 - Status: OK Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 4 - Status: OK Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK Name: System Bus Extender - DriverEnabled: True - GroupOrder: 6 - Status: OK Name: SCSI miniport - DriverEnabled: True - GroupOrder: 7 - Status: OK Name: Port - DriverEnabled: True - GroupOrder: 8 - Status: OK Name: Primary Disk - DriverEnabled: True - GroupOrder: 9 - Status: OK Name: SCSI Class - DriverEnabled: True - GroupOrder: 10 - Status: OK Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 11 - Status: OK Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 12 - Status: OK Name: FSFilter System - DriverEnabled: True - GroupOrder: 13 - Status: OK Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 14 - Status: OK Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 15 - Status: OK Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 16 - Status: OK Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 17 - Status: OK Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 18 - Status: OK Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 19 - Status: OK Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 20 - Status: OK Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 21 - Status: OK Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 22 - Status: OK Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 23 - Status: OK Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 24 - Status: OK Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 25 - Status: OK Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 26 - Status: OK Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 27 - Status: OK Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 28 - Status: OK Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 29 - Status: OK Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 30 - Status: OK Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 31 - Status: OK Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 32 - Status: OK Name: FSFilter Top - DriverEnabled: True - GroupOrder: 33 - Status: OK Name: Filter - DriverEnabled: True - GroupOrder: 34 - Status: OK Name: Boot File System - DriverEnabled: True - GroupOrder: 35 - Status: OK Name: Base - DriverEnabled: True - GroupOrder: 36 - Status: OK Name: Pointer Port - DriverEnabled: True - GroupOrder: 37 - Status: OK Name: Keyboard Port - DriverEnabled: True - GroupOrder: 38 - Status: OK Name: Pointer Class - DriverEnabled: True - GroupOrder: 39 - Status: OK Name: Keyboard Class - DriverEnabled: True - GroupOrder: 40 - Status: OK Name: Video Init - DriverEnabled: True - GroupOrder: 41 - Status: OK Name: Video - DriverEnabled: True - GroupOrder: 42 - Status: OK Name: Video Save - DriverEnabled: True - GroupOrder: 43 - Status: OK Name: File System - DriverEnabled: True - GroupOrder: 44 - Status: OK Name: Streams Drivers - DriverEnabled: True - GroupOrder: 45 - Status: OK Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 46 - Status: OK Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 47 - Status: OK Name: Event Log - DriverEnabled: True - GroupOrder: 48 - Status: OK Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 49 - Status: OK Name: AudioGroup - DriverEnabled: True - GroupOrder: 50 - Status: OK Name: UIGroup - DriverEnabled: True - GroupOrder: 51 - Status: OK Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 52 - Status: OK Name: PlugPlay - DriverEnabled: True - GroupOrder: 53 - Status: OK Name: Cryptography - DriverEnabled: True - GroupOrder: 54 - Status: OK Name: PNP_TDI - DriverEnabled: True - GroupOrder: 55 - Status: OK Name: NDIS - DriverEnabled: True - GroupOrder: 56 - Status: OK Name: TDI - DriverEnabled: True - GroupOrder: 57 - Status: OK Name: iSCSI - DriverEnabled: True - GroupOrder: 58 - Status: OK Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 63 - Status: OK Name: NetworkProvider - DriverEnabled: True - GroupOrder: 64 - Status: OK Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 65 - Status: OK Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 66 - Status: OK Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 67 - Status: OK Name: Extended Base - DriverEnabled: True - GroupOrder: 68 - Status: OK Name: PCI Configuration - DriverEnabled: True - GroupOrder: 69 - Status: OK Name: MS Transactions - DriverEnabled: True - GroupOrder: 70 - Status: OK Name: Core - DriverEnabled: False - GroupOrder: 71 - Status: OK Name: PnP Filter - DriverEnabled: False - GroupOrder: 72 - Status: OK Name: Network - DriverEnabled: False - GroupOrder: 73 - Status: OK Name: Early-Launch - DriverEnabled: False - GroupOrder: 74 - Status: OK Name: _Early-Launch - DriverEnabled: False - GroupOrder: 75 - Status: OK ---------- | LoadOrderGroupServiceDependencies LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs" ---------- | LoadOrderGroupServiceMembers LoadOrderGroup.Name="Event log" - Service.Name="AMD External Events Utility" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc" LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder" LoadOrderGroup.Name="AudioGroup" - Service.Name="Audiosrv" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="AVG Antivirus" LoadOrderGroup.Name="NetworkProvider" - Service.Name="AVG Firewall" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="avgAvDumper64" LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="BrokerInfrastructure" LoadOrderGroup.Name="NetworkProvider" - Service.Name="Browser" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch" LoadOrderGroup.Name="PlugPlay" - Service.Name="DeviceInstall" LoadOrderGroup.Name="TDI" - Service.Name="Dhcp" LoadOrderGroup.Name="TDI" - Service.Name="Dnscache" LoadOrderGroup.Name="TDI" - Service.Name="dot3svc" LoadOrderGroup.Name="Event Log" - Service.Name="EventLog" LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation" LoadOrderGroup.Name="TDI" - Service.Name="lmhosts" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="LSM" LoadOrderGroup.Name="NetworkProvider" - Service.Name="MpsSvc" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="3ware" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="72819536" LoadOrderGroup.Name="Core" - SystemDriver.Name="ACPI" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="acpiex" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="acpitime" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="adp94xx" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="adpahci" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="adpu320" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="agp440" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="amdkmafd" LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdag" LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdap" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="amdkmpfd" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsbs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amd_sata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amd_xata" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="apmwin" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="AQFileRestore" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="arc" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="AutoSave" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="avgKbd" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="avgMonFlt" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="avgNetSec" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="avgRdr" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="avgRvrt" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="avgSnx" LoadOrderGroup.Name="FSFilter Security Enhancer" - SystemDriver.Name="avgSP" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="avgStm" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="avgVmm" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="b06bdrv" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicDisplay" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicRender" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="bdfwfpf" LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep" LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser" LoadOrderGroup.Name="Base" - SystemDriver.Name="BprotectEx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthAvrcpTg" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthHFEnum" LoadOrderGroup.Name="Base" - SystemDriver.Name="catchme" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass" LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CLVirtualBus01" LoadOrderGroup.Name="Core" - SystemDriver.Name="CNG" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus" LoadOrderGroup.Name="Base" - SystemDriver.Name="condrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="Dfsc" LoadOrderGroup.Name="Base" - SystemDriver.Name="dg_ssudbus" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="dtproscsibus" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="e1iexpress" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="ebdrv" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorClass" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorTcgDrv" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="epp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ew_usbccgpfilter" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat" LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI" LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon" LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay" LoadOrderGroup.Name="Plugplay" - Service.Name="Power" LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs" LoadOrderGroup.Name="PlugPlay" - Service.Name="RtkAudioService" LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr" LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection" LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler" LoadOrderGroup.Name="Event Log" - Service.Name="szserver" LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService" LoadOrderGroup.Name="System Reserved" - Service.Name="TeraCopyService" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller" LoadOrderGroup.Name="Base" - Service.Name="USBSafelyRemoveService" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc" LoadOrderGroup.Name="TDI" - Service.Name="Wcmsvc" LoadOrderGroup.Name="File System" - SystemDriver.Name="Ext2Fsd" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat" LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="FsDepends" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="FxPPM" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="gagp30kx" LoadOrderGroup.Name="File System" - SystemDriver.Name="googledrivefs2454" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="GPIOClx0101" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="gpt_loader" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="gzflt" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Hamachi" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus" LoadOrderGroup.Name="File System" - SystemDriver.Name="hfsplus" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="hfsplusrec" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidi2c" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hyperkbd" LoadOrderGroup.Name="Video" - SystemDriver.Name="HyperVideo" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV" LoadOrderGroup.Name="Video" - SystemDriver.Name="igfx" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iirsp" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="IMFMBRProtect" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="INIDVD" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp" LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient" LoadOrderGroup.Name="TDI" - Service.Name="WlanSvc" LoadOrderGroup.Name="PlugPlay" - Service.Name="wudfsvc" LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc" LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="K7Elam" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="K7Sentry" LoadOrderGroup.Name="Keyboard Class" - SystemDriver.Name="kbdclass" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="kbdhid" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="kdnic" LoadOrderGroup.Name="Keyboard Class" - SystemDriver.Name="keycrypt" LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD" LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="L1C" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SCSI" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SSS" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="MegaSR" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="MmY4YjN" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem" LoadOrderGroup.Name="Pointer Class" - SystemDriver.Name="mouclass" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="mouhid" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="mounthlp" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr" LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb10" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsBridge" LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="msgpiowin32" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidkmdf" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidumdf" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsLldp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig" LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="mvumis" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP" LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NDProxy" LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nfrd960" LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="Ntfs" LoadOrderGroup.Name="Base" - SystemDriver.Name="Null" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="nv_agp" LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia" LoadOrderGroup.Name="Base" - SystemDriver.Name="pcw" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pdc" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="PfFilter" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched" LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd" LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr" LoadOrderGroup.Name="Video" - SystemDriver.Name="s3cap" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="sdbus" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="spaceport" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2" LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="storahci" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="storflt" LoadOrderGroup.Name="Base" - SystemDriver.Name="storvsc" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="swenum" LoadOrderGroup.Name="szldgp" - SystemDriver.Name="szkg5" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tap0901" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="terminpt" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="TPM" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Trufos" LoadOrderGroup.Name="base" - SystemDriver.Name="TsUsbFlt" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="TsUsbGD" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="uagp35" LoadOrderGroup.Name="Base" - SystemDriver.Name="UCX01000" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="uliagpkx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass" LoadOrderGroup.Name="Base" - SystemDriver.Name="USBAAPL64" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="usbfilter" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub" LoadOrderGroup.Name="Base" - SystemDriver.Name="USBHUB3" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci" LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbscan" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="usb_rndisx" LoadOrderGroup.Name="File System" - SystemDriver.Name="uxstyle" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="VerifierExt" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="viaide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vmbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="VMBusHID" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vpci" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="VSTXRAID" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen" LoadOrderGroup.Name="_Early-Launch" - SystemDriver.Name="WdBoot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="WdFilter" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="WFPLWFS" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="whfltr2k" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="WIMMount" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wpcfltr" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="WpdUpFltr" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl" LoadOrderGroup.Name="Base" - SystemDriver.Name="WSDScan" LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf" ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - adp94xx () -> System32\drivers\adp94xx.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - adpahci () -> System32\drivers\adpahci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - adpu320 () -> System32\drivers\adpu320.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdkmafd (@oem57.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter) -> System32\drivers\amdkmafd.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - amdkmpfd (@oem55.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter) -> System32\drivers\amdkmpfd.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - amd_sata () -> System32\drivers\amd_sata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amd_xata () -> System32\drivers\amd_xata.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - apmwin (Apple Partition Map Driver) -> system32\DRIVERS\apmwin.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - arc () -> System32\drivers\arc.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Windows Inbox Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - avgbidsh (avgbidsh) -> system32\drivers\avgbidsh.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - avgblog (avgblog) -> system32\drivers\avgblog.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - avgbuniv (avgbuniv) -> system32\drivers\avgbuniv.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - avgRvrt (avgRvrt) -> system32\drivers\avgRvrt.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - avgVmm (avgVmm) -> system32\drivers\avgVmm.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - gagp30kx (@agp.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) -> System32\drivers\gagp30kx.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - gpt_loader (GUID Partition table support driver) -> system32\DRIVERS\gpt_loader.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iirsp () -> System32\drivers\iirsp.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - K7Elam (K7Elam) -> System32\Drivers\K7Elam.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2 () -> System32\drivers\lsi_sas2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SCSI () -> System32\drivers\lsi_scsi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - MegaSR () -> System32\drivers\MegaSR.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mounthlp (Mounter helper driver for HFS+ volumes) -> system32\DRIVERS\mounthlp.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - MxEFUF (@oem56.inf,%MxEFUF.RegistryServiceDescription%;Matrox Extio Upper Function Filter) -> system32\DRIVERS\MxEFUF64.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nfrd960 () -> System32\drivers\nfrd960.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nv_agp (@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter) -> System32\drivers\nv_agp.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@machine.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pwdrvio (pwdrvio) -> system32\pwdrvio.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storflt (@%SystemRoot%\system32\vmstorfltres.dll,-1000) -> system32\DRIVERS\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - uagp35 (@agp.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter) -> System32\drivers\uagp35.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - uliagpkx (@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter) -> System32\drivers\uliagpkx.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - viaide () -> System32\drivers\viaide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - vmbus (@%SystemRoot%\system32\vmbusres.dll,-1000) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@volume.inf,%VolumeClassName%;Storage volumes) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Wd (@wd.inf,%WdServiceDisplayName%;Microsoft Watchdog Timer Driver) -> System32\drivers\wd.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> system32\DRIVERS\wfplwfs.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AntiLog32 (AntiLog32) -> \??\C:\Windows\system32\drivers\AntiLog64.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - AutoSave (AutoSave) -> system32\DRIVERS\AutoSave.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - avgArPot (avgArPot) -> system32\drivers\avgArPot.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - avgbidsdriver (avgbidsdriver) -> system32\drivers\avgbidsdriver.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - avgKbd (avgKbd) -> system32\drivers\avgKbd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - avgNetSec (avgNetSec) -> system32\drivers\avgNetSec.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - avgRdr (avgRdr) -> system32\drivers\avgRdr2.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - avgSnx (avgSnx) -> system32\drivers\avgSnx.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - avgSP (avgSP) -> system32\drivers\avgSP.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bdfwfpf (bdfwfpf) -> \??\C:\Program Files\iS3\STOPzilla AntiVirus\drivers\bdfwfpf\bdfwfpf.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@oem34.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cmdcss (COMODO Secure Shopping) -> \SystemRoot\system32\drivers\cmdcss.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ElbyCDIO (ElbyCDIO Driver) -> System32\Drivers\ElbyCDIO.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - googledrivefs2454 (googledrivefs2454) -> system32\DRIVERS\googledrivefs2454.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GUSBootStartup (GUSBootStartup) -> \??\C:\Windows\System32\drivers\GUSBootStartup.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetworkX (NetworkX) -> \SystemRoot\system32\ckldrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> \SystemRoot\system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - SASDIFSV (SASDIFSV) -> \??\Z:\LFS Hyper 1à2 & UEFM\musique clément latjour guidebook framo cewbé\superantispyware portable\SASDIFSV64.SYS - AcceptPause: False - AcceptStop: False S1 - [Kernel Driver] - SASKUTIL (SASKUTIL) -> \??\Z:\LFS Hyper 1à2 & UEFM\musique clément latjour guidebook framo cewbé\superantispyware portable\SASKUTIL64.SYS - AcceptPause: False - AcceptStop: False R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> \SystemRoot\system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: True S2 - [Kernel Driver] - agp440 (@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter) -> System32\drivers\agp440.sys - AcceptPause: False - AcceptStop: False R2 - [File System Driver] - avgMonFlt (avgMonFlt) -> system32\drivers\avgMonFlt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - avgStm (avgStm) -> system32\drivers\avgStm.sys - AcceptPause: False - AcceptStop: True S2 - [Kernel Driver] - csvol (Core Storage Volumes Driver) -> \SystemRoot\system32\DRIVERS\csvol.sys - AcceptPause: False - AcceptStop: False R2 - [File System Driver] - hfsplusrec (HFS+ File System Recognizer) -> system32\DRIVERS\hfsplusrec.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> \SystemRoot\system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - PfFilter (PfFilter) -> \??\C:\Program Files (x86)\IObit\Protected Folder\pffilter.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> \SystemRoot\system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - 1394ohci (@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\1394ohci.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - 72819536 (72819536) -> \??\C:\Windows\system32\drivers\72819536.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - acpipagr (@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver) -> \SystemRoot\System32\drivers\acpipagr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AcpiPmi (@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver) -> \SystemRoot\System32\drivers\acpipmi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - acpitime (@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver) -> \SystemRoot\System32\drivers\acpitime.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdK8 (@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver) -> \SystemRoot\System32\drivers\amdk8.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - amdkmdag () -> \SystemRoot\system32\DRIVERS\atikmdag.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - amdkmdap () -> \SystemRoot\system32\DRIVERS\atikmpag.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - AmdPPM (@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver) -> \SystemRoot\System32\drivers\amdppm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - AmUStor (@oem52.inf,%AmUStor.SvcDesc%;Al USB Stroage Driver) -> \SystemRoot\system32\drivers\AmUStor.SYS - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AppID (@%systemroot%\system32\appidsvc.dll,-102) -> \SystemRoot\system32\drivers\appid.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - AQFileRestore (AQFileRestore) -> system32\DRIVERS\AQFileRestore.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AsyncMac (@%systemroot%\system32\rascfg.dll,-32000) -> system32\DRIVERS\asyncmac.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - awealloc (awealloc) -> \??\C:\Windows\system32\drivers\awealloc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - bbwfp (bbwfp) -> \??\C:\Program Files (x86)\Anvisoft\Cloud System Booster\wfp\x64\BBWFP.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - bowser (@%systemroot%\system32\browser.dll,-102) -> system32\DRIVERS\bowser.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BthAvrcpTg (@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID) -> \SystemRoot\System32\drivers\BthAvrcpTg.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BthHFEnum (@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator) -> \SystemRoot\System32\drivers\bthhfenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - bthhfhid (@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID) -> \SystemRoot\System32\drivers\BthHFHid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BTHMODEM (@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver) -> \SystemRoot\System32\drivers\bthmodem.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - circlass (@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices) -> \SystemRoot\System32\drivers\circlass.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - clvad () -> \SystemRoot\system32\drivers\clvad.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CLVirtualBus01 (@oem63.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator) -> \SystemRoot\System32\drivers\CLVirtualBus01.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - CmBatt (@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver) -> \SystemRoot\System32\drivers\CmBatt.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CompositeBus (@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver) -> \SystemRoot\System32\drivers\CompositeBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - condrv (Console Driver) -> System32\drivers\condrv.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - DFX11_1 (@oem28.inf,%DFX_Device.SvcDesc%;DFX Audio Enhancer 11.1) -> \SystemRoot\system32\drivers\dfx11_1x64.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - DFX12 (@oem29.inf,%DFX_Device.SvcDesc%;DFX Audio Enhancer) -> \SystemRoot\system32\drivers\dfx12x64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - dg_ssudbus (@oem30.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)) -> \SystemRoot\system32\DRIVERS\ssudbus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - dmvsc () -> \SystemRoot\System32\drivers\dmvsc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - drmkaud (@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers) -> \SystemRoot\system32\drivers\drmkaud.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - dtproscsibus (@oem31.inf,%DTPROSCSIBUS.DeviceDesc%;DAEMON Tools Pro Virtual SCSI Bus) -> \SystemRoot\System32\drivers\dtproscsibus.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - e1iexpress (@net1ic64.inf,%E1IExpress.Service.DispName%;Intel(R) PRO/1000 PCI Express Network Connection Driver I) -> \SystemRoot\system32\DRIVERS\e1i63x64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ErrDev (@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver) -> \SystemRoot\System32\drivers\errdev.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ew_usbccgpfilter (@oem19.inf,%busupper.SVCDESC%;HwHandSet_CompositeFilter) -> \SystemRoot\System32\drivers\ew_usbccgpfilter.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - exfat (exFAT File System Driver) -> (?) - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - fastfat (FAT12/16/32 File System Driver) -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - fdc (@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver) -> \SystemRoot\System32\drivers\fdc.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - flpydisk (@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver) -> \SystemRoot\System32\drivers\flpydisk.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - FxPPM (@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver) -> \SystemRoot\System32\drivers\fxppm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - gencounter (@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter) -> \SystemRoot\System32\drivers\vmgencounter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - GeneStor (@oem60.inf,%GeneStor.SvcDesc%;Genesys Logic Storage Driver) -> \SystemRoot\System32\drivers\GeneStor.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - GPIOClx0101 (Microsoft GPIO Class Extension Driver) -> System32\Drivers\msgpioclx.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - gzflt (gzflt) -> system32\DRIVERS\gzflt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Hamachi (LogMeIn Hamachi Virtual Miniport)) -> \SystemRoot\system32\DRIVERS\Hamdrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HdAudAddService (@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Function Driver for High Definition Audio Service) -> \SystemRoot\system32\drivers\HdAudio.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HDAudBus (@hdaudbus.inf,%HDAudBus.SVCDESC%;Pilote de bus UAA Microsoft pour High Definition Audio) -> \SystemRoot\System32\drivers\HDAudBus.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - hfsplus (HFS+ File System Driver) -> system32\DRIVERS\hfsplus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidBatt (@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver) -> \SystemRoot\System32\drivers\HidBatt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidBth (@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport) -> \SystemRoot\System32\drivers\hidbth.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hidi2c (@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver) -> \SystemRoot\System32\drivers\hidi2c.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidIr (@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver) -> \SystemRoot\System32\drivers\hidir.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HidUsb (@input.inf,%HID.SvcDesc%;Pilote de classe HID Microsoft) -> \SystemRoot\System32\drivers\hidusb.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - hyperkbd () -> \SystemRoot\System32\drivers\hyperkbd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HyperVideo () -> \SystemRoot\system32\DRIVERS\HyperVideo.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - i8042prt (@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver) -> \SystemRoot\System32\drivers\i8042prt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - igfx () -> \SystemRoot\system32\DRIVERS\igdkmd64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - imdisk (imdisk) -> \??\C:\Windows\system32\drivers\imdisk.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - INIDVD (@oem61.inf,%INIDVD.SvcDesc%;Initio USB DVD Filter Driver) -> \SystemRoot\System32\drivers\inidvd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - IntcAzAudAddService (Service for Realtek HD Audio (WDM)) -> \SystemRoot\system32\drivers\RTKVHD64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - intelppm (@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver) -> \SystemRoot\System32\drivers\intelppm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IpFilterDriver (@%systemroot%\system32\rascfg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPMIDRV () -> \SystemRoot\System32\drivers\IPMIDrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IRENUM (@%SystemRoot%\system32\drivers\irenum.sys,-100) -> system32\drivers\irenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iScsiPrt (@iscsi.inf,%iScsiPortName%;iScsiPort Driver) -> \SystemRoot\System32\drivers\msiscsi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - JmUsbCcgp (@oem59.inf,%ServiceDisplayName%;JMicron USB Composite Device Lower Filter Driver) -> \SystemRoot\system32\DRIVERS\jmccgp.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kbdclass (@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver) -> \SystemRoot\System32\drivers\kbdclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kbdhid (@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver) -> \SystemRoot\System32\drivers\kbdhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kdnic (@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20)) -> \SystemRoot\system32\DRIVERS\kdnic.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - keycrypt () -> system32\DRIVERS\KeyCrypt64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - KMWDFILTER (HIDUASDesc) -> \SystemRoot\System32\drivers\KMWDFILTER.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - L1C (@oem44.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller) -> \SystemRoot\system32\DRIVERS\L1C63x64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - LVRS64 (@oem23.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver) -> \SystemRoot\system32\DRIVERS\lvrs64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - LVUVC64 (@oem24.inf,%PID_081B_DD%(UVC);Logitech HD Webcam C310(UVC)) -> \SystemRoot\system32\DRIVERS\lvuvc64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - MDA_NTDRV (MDA_NTDRV) -> \??\C:\Windows\system32\MDA_NTDRV.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Modem () -> system32\drivers\modem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - monitor (@monitor.inf,%Monitor.SVCDESC%;Service Pilote de fonction de classe Moniteur Microsoft) -> \SystemRoot\System32\drivers\monitor.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouclass (@msmouse.inf,%mouclass.SvcDesc%;Pilote de la classe Souris) -> \SystemRoot\System32\drivers\mouclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouhid (@msmouse.inf,%MOUHID.SvcDesc%;Pilote HID de souris) -> \SystemRoot\System32\drivers\mouhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mpsdrv (@%SystemRoot%\system32\FirewallAPI.dll,-23092) -> System32\drivers\mpsdrv.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - MsBridge (@%SystemRoot%\system32\bridgeres.dll,-1) -> \SystemRoot\system32\DRIVERS\bridge.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - msgpiowin32 (@msgpiowin32.inf,%GPIO.SvcDesc%;GPIO Buttons Driver) -> \SystemRoot\System32\drivers\msgpiowin32.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mshidkmdf (@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100) -> \SystemRoot\System32\drivers\mshidkmdf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mshidumdf (@%SystemRoot%\system32\drivers\mshidumdf.sys,-100) -> \SystemRoot\System32\drivers\mshidumdf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSKSSRV (@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy) -> \SystemRoot\system32\drivers\MSKSSRV.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MsLldp (@C:\Windows\system32\DRIVERS\mslldp.sys,-200) -> \SystemRoot\system32\DRIVERS\mslldp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPCLOCK (@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy) -> \SystemRoot\system32\drivers\MSPCLOCK.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPQM (@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy) -> \SystemRoot\system32\drivers\MSPQM.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MsRPC () -> (?) - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSTEE (@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter) -> \SystemRoot\system32\drivers\MSTEE.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MTConfig (@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver) -> \SystemRoot\System32\drivers\MTConfig.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - NativeWifiP (@%SystemRoot%\System32\drivers\nwifi.sys,-101) -> \SystemRoot\system32\DRIVERS\nwifi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - NdisCap (@%SystemRoot%\System32\drivers\ndiscap.sys,-5000) -> \SystemRoot\system32\DRIVERS\ndiscap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisImPlatform (@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501) -> \SystemRoot\system32\DRIVERS\NdisImPlatform.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - NdisTapi (@%systemroot%\system32\rascfg.dll,-32001) -> \SystemRoot\system32\DRIVERS\ndistapi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - Ndisuio (@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol) -> \SystemRoot\system32\DRIVERS\ndisuio.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NdisWan (@%systemroot%\system32\rascfg.dll,-32002) -> \SystemRoot\system32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - NDISWANLEGACY (@%systemroot%\system32\rascfg.dll,-32014) -> \SystemRoot\system32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - NDProxy (NDIS Proxy) -> (?) - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - Ntfs () -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Parport (@msports.inf,%Parport.SVCDESC%;Parallel port driver) -> \SystemRoot\System32\drivers\parport.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - PptpMiniport (@%systemroot%\system32\rascfg.dll,-32006) -> \SystemRoot\system32\DRIVERS\raspptp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Processor (@cpu.inf,%Processor.SvcDesc%;Processor Driver) -> \SystemRoot\System32\drivers\processr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - pwdspio (pwdspio) -> \??\C:\Windows\system32\pwdspio.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RasAgileVpn (@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2)) -> \SystemRoot\system32\DRIVERS\AgileVpn.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - Rasl2tp (@%systemroot%\system32\rascfg.dll,-32005) -> \SystemRoot\system32\DRIVERS\rasl2tp.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RasPppoe (@%systemroot%\system32\rascfg.dll,-32007) -> \SystemRoot\system32\DRIVERS\raspppoe.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> \SystemRoot\system32\DRIVERS\rassstp.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - rdpbus (@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver) -> \SystemRoot\System32\drivers\rdpbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - RDPDR (@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100) -> System32\drivers\rdpdr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RDPWD (RDP Winstation Driver) -> (?) - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RTSUER (@oem54.inf,%RtsUER%;Realtek USB Card Reader - UER) -> \SystemRoot\system32\Drivers\RtsUer.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - rzc7359za (rzc7359za) -> \??\C:\Windows\system32\drivers\zinstall_z77\rzc7359za.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - s3cap () -> \SystemRoot\System32\drivers\vms3cap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdbus () -> \SystemRoot\System32\drivers\sdbus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdstor (@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver) -> \SystemRoot\System32\drivers\sdstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SerCx (Serial UART Support Library) -> system32\drivers\SerCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serenum (@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver) -> \SystemRoot\System32\drivers\serenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serial (@msports.inf,%Serial.SVCDESC%;Serial port driver) -> \SystemRoot\System32\drivers\serial.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sermouse (@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver) -> \SystemRoot\System32\drivers\sermouse.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sfloppy (@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive) -> \SystemRoot\System32\drivers\sfloppy.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SpbCx (Simple Peripheral Bus Support Library) -> system32\drivers\SpbCx.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srvnet () -> System32\DRIVERS\srvnet.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ssudmdm (@oem33.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)) -> \SystemRoot\system32\DRIVERS\ssudmdm.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - swenum (@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver) -> \SystemRoot\System32\drivers\swenum.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - tap0901 (@oem36.inf,%DeviceDescription%;TAP-Windows Adapter V9) -> \SystemRoot\system32\DRIVERS\tap0901.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - TCPIP6 (@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver) -> \SystemRoot\system32\DRIVERS\tcpip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - terminpt (@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver) -> \SystemRoot\System32\drivers\terminpt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TPM (@tpm.inf,%TPM%;TPM) -> \SystemRoot\system32\drivers\tpm.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - Trufos (Trufos) -> system32\DRIVERS\Trufos.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TsUsbFlt () -> system32\drivers\tsusbflt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TsUsbGD (@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device) -> \SystemRoot\System32\drivers\TsUsbGD.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - tunnel (@nettun.inf,%TUNNEL.Service.DisplayName%;Pilote de carte miniport Microsoft Tunnel) -> \SystemRoot\system32\DRIVERS\tunnel.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - UASPStor (@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver) -> \SystemRoot\System32\drivers\uaspstor.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UCX01000 (USB Controller Extension) -> \SystemRoot\System32\drivers\ucx01000.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - umbus (@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver) -> \SystemRoot\System32\drivers\umbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UmPass (@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver) -> \SystemRoot\System32\drivers\umpass.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - USBAAPL64 (@oem26.inf,%USBAAPL64.SvcDesc%;Apple Mobile USB Driver) -> \SystemRoot\System32\Drivers\usbaapl64.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbaudio (@wdma_usb.inf,%USBAudio.SvcDesc%;Pilote USB audio (WDM)) -> \SystemRoot\system32\drivers\usbaudio.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - usbccgp (@oem59.inf,%GenericParent.ServiceDesc%;Microsoft USB Generic Parent Driver) -> \SystemRoot\System32\drivers\usbccgp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbcir (@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR)) -> \SystemRoot\System32\drivers\usbcir.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbehci (@usbport.inf,%EHCIMP.SvcDesc%;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0) -> \SystemRoot\System32\drivers\usbehci.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - usbfilter (@oem2.inf,%UsbFilter.SVCDESC%;AMD USB Filter Driver) -> \SystemRoot\System32\drivers\usbfilter.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - usbhub (@usbport.inf,%ROOTHUB.SvcDesc%;Pilote de concentrateur standard USB Microsoft) -> \SystemRoot\System32\drivers\usbhub.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - USBHUB3 (@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub) -> \SystemRoot\System32\drivers\UsbHub3.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbohci (@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbohci.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbprint (@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class) -> \SystemRoot\System32\drivers\usbprint.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbscan (@sti.inf,%usbscan.SvcDesc%;Pilote de scanneur USB) -> \SystemRoot\system32\DRIVERS\usbscan.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBSTOR (@usbstor.inf,%USBSTOR.SvcDesc%;Pilote de stockage de masse USB) -> \SystemRoot\System32\drivers\USBSTOR.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbuhci (@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbuhci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbvideo (@usbvideo.inf,%USBVideo.SvcDesc%;Périphérique vidéo USB (WDM)) -> \SystemRoot\System32\Drivers\usbvideo.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - USBXHCI (@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\USBXHCI.SYS - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usb_rndisx (@netrndis.inf,%usb_rndis.Service.DispName%;Carte RNDIS USB) -> \SystemRoot\system32\DRIVERS\usb8023x.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - VerifierExt (@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000) -> system32\drivers\VerifierExt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhdmp () -> \SystemRoot\System32\drivers\vhdmp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - VMBusHID () -> \SystemRoot\System32\drivers\VMBusHID.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vpci (@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus) -> \SystemRoot\System32\drivers\vpci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WacomPen (@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver) -> \SystemRoot\System32\drivers\wacompen.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Wanarp (@%systemroot%\system32\rascfg.dll,-32011) -> \SystemRoot\system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> \SystemRoot\system32\drivers\WdBoot.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WDC_SAM (@oem7.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver) -> \SystemRoot\System32\drivers\wdcsam64.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> \SystemRoot\system32\drivers\WdFilter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - whfltr2k (@oem41.inf,%filter.SvcDesc%;WheelMouse USB Lower Filter Driver) -> \SystemRoot\System32\drivers\whfltr2k.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - WIMMount (WIMMount) -> system32\drivers\wimmount.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinUsb (@winusb.inf,%WinUSB_SvcDesc%;Pilote WinUsb) -> \SystemRoot\System32\drivers\WinUsb.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WmiAcpi (@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI) -> \SystemRoot\System32\drivers\wmiacpi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wpcfltr (Family Safety Filter Driver) -> system32\DRIVERS\wpcfltr.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WpdUpFltr (@%systemroot%\System32\drivers\WpdUpFltr.sys,-100) -> System32\drivers\WpdUpFltr.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WsAudioDevice_383 (@oem38.inf,%MSFT%;WsAudioDevice_383) -> \SystemRoot\system32\drivers\VirtualAudio.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WsAudio_Device (@oem12.inf,%MSFT%;WsAudio_Device) -> \SystemRoot\system32\drivers\VirtualAudio.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WSDScan (@sti.inf,%WSDScan.SvcDesc%;Prise en charge de la numérisation WSD) -> \SystemRoot\system32\DRIVERS\WSDScan.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WUDFWpdFs () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WUDFWpdMtp () -> \SystemRoot\System32\drivers\WUDFRd.sys - AcceptPause: False - AcceptStop: True S4 - [File System Driver] - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - secdrv (Security Driver) -> (?) - AcceptPause: False - AcceptStop: False S4 - [File System Driver] - udfs (udfs) -> system32\DRIVERS\udfs.sys - AcceptPause: False - AcceptStop: False ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ViFind] : (ViFind.-.Lee-Soft.com) -> C:\Users\Jean-Marie\AppData\Roaming\ViFind\KillMe.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ViStart] : (ViStart.-.Lee-Soft.com) -> C:\Users\Jean-Marie\AppData\Roaming\ViStart\KillMe.exe [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{20573C69-4A68-4BEF-A23D-365CB66924CE}] : (Avanquest Message.-.Avanquest Software) -> "C:\Users\Jean-Marie\AppData\Roaming\Avanquest Software\SetupAQ\{20573C69-4A68-4BEF-A23D-365CB66924CE}\Setup.exe" /UNINST [HKU\S-1-5-21-324915258-2866797553-3726413251-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{EF084A47-B742-44AA-A119-B2BAA23B6D4A} NGMediaPlayer_is1] : (HD Video Player.-.AmazingSofts) -> "C:\Users\Jean-Marie\AppData\Roaming\HD Video Player\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Ext2Ifs_for_NT602] : (Ext2 IFS 1.12 for Windows 8/8.1/Server 2012/2012 R2.-.) -> RunDll32 setupapi.dll,InstallHinfSection DefaultUninstall 130 Ext2Ifs_for_NT602.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Folder Marker Free_is1] : (Folder Marker Free.-.ArcticLine Software) -> "C:\Program Files (x86)\Folder Marker\unins001.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\InstallSafe] : (InstallSafe.-.Corel Corporation) -> C:\Program Files\ReviverSoft\InstallSafe\Uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\maman kabylle] : (maman kabylle.-.Jean-Marie) -> "C:\Users\Jean-Marie\AppData\Local\maman kabylle\uninst.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\proDAD-Adorage-3.0] : (proDAD Adorage 3.0 (64bit).-.proDAD GmbH) -> "C:\Program Files\proDAD\Adorage-3.0\uninstall.exe" uninstall spcp PATHVERSION "3.0" MAINNAME "Adorage" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Restoro] : (Restoro.-.Restoro) -> C:\Program Files\Restoro\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Stellar OST to PST Converter_is1] : (Stellar OST to PST Converter.-.Stellar Information Technology Pvt Ltd.) -> "C:\Program Files\Stellar OST to PST Converter\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0CB84A7D-9697-4526-A819-60FB050E8F05}] : (Apple Application Support (64 bits).-.Apple Inc.) -> MsiExec.exe /I{0CB84A7D-9697-4526-A819-60FB050E8F05} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0DA20600-6130-443B-9D4B-F30520315FA6}] : (Services d’impression Bonjour.-.Apple Inc.) -> MsiExec.exe /I{0DA20600-6130-443B-9D4B-F30520315FA6} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0FA995CC-C849-4755-B14B-5404CC75DC24}] : (Energy Star.-.Hewlett-Packard) -> MsiExec.exe /I{0FA995CC-C849-4755-B14B-5404CC75DC24} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180191F0}] : (Java 8 Update 191 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180191F0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180201F0}] : (Java 8 Update 201 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180201F0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{29988DC6-9C4A-49B2-AC86-5C380B29ADB9}_is1] : (Loaris Trojan Remover 3.0.80.-.Loaris, LLC.) -> "C:\Program Files\Loaris Trojan Remover\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2E58F5E0-B5EF-844C-5B18-4C21F800CAD6}] : (ccc-utility64.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{37E567C7-EB03-4349-B068-1FD0A2CD55FE}_is1] : (Isoo Backup 2.2.0.-.Isoo Technology Co., Ltd.) -> "C:\Program Files\Isoo Backup\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{40F6FB81-1B50-443B-A8E0-BC70E62CFB21}] : (Adblock Plus pour IE (32-bits et 64-bits).-.Eyeo GmbH) -> MsiExec.exe /X{40F6FB81-1B50-443B-A8E0-BC70E62CFB21} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}] : (AdAwareInstaller.-.adaware) -> MsiExec.exe /I{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{503F672D-6C84-448A-8F8F-4BC35AC83441}] : (AMD APP SDK Runtime.-.Advanced Micro Devices Inc.) -> MsiExec.exe /I{503F672D-6C84-448A-8F8F-4BC35AC83441} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5C7A5F94-02E9-4C5D-A594-B1F10865965A}] : (AntimalwareEngine.-.adaware) -> MsiExec.exe /I{5C7A5F94-02E9-4C5D-A594-B1F10865965A} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}] : (AMD Catalyst Install Manager.-.Advanced Micro Devices, Inc.) -> msiexec /q/x{5F769CF4-5263-4C7B-AEB2-C06A73AE4428} REBOOT=ReallySuppress ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5FFF7119-74E8-442E-970E-50BAD81D5371}] : (AdAwareUpdater.-.adaware) -> MsiExec.exe /I{5FFF7119-74E8-442E-970E-50BAD81D5371} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}] : (HP Postscript Converter.-.Hewlett-Packard) -> MsiExec.exe /I{6E14E6D6-3175-4E1A-B934-CAB5A86367CD} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{77F8C879-88CD-4145-945A-541C35285285}] : (Apple Mobile Device Support.-.Apple Inc.) -> MsiExec.exe /I{77F8C879-88CD-4145-945A-541C35285285} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{84A89263-AA96-41D0-8345-77A704A76B4C}] : (DriverUpdate.-.Slimware Utilities Holdings, Inc.) -> MsiExec.exe /X{84A89263-AA96-41D0-8345-77A704A76B4C} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D4378A80-C713-11DF-9399-005056C00008}] : (Paragon Migrate OS to SSD™ 4.0.-.Paragon Software) -> MsiExec.exe /I{D4378A80-C713-11DF-9399-005056C00008} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}] : (Google Earth Pro.-.Google) -> MsiExec.exe /I{E466DA1C-39B7-4FA7-98F5-3B7910976C3D} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}] : (HP Registration Service.-.Hewlett-Packard) -> MsiExec.exe /X{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F63A7ADE-507E-4944-9C74-8893BAE11728}] : (STOPzilla AntiVirus.-.iS3, Inc.) -> MsiExec.exe /X{F63A7ADE-507E-4944-9C74-8893BAE11728} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FC4D0316-D3D8-4c07-9E45-7A2A4D75E069}] : (CPCTuneUp.-.COMODO) -> C:\Windows\Installer\{FC4D0316-D3D8-4c07-9E45-7A2A4D75E069}\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\anti-tfl_loaris_protectstar setup] : (anti-tfl_loaris_protectstar setup.-.UEFM LFS Hyper EFM, Quernon (ex-la petite marquise) & Anti-TFL) -> "C:\Users\Jean-Marie\AppData\Local\anti-tfl_loaris_protectstar setup\uninst.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Anvi AD Blocker Ultimate] : (Anvi AD Blocker Ultimate 3.2.-.Anvisoft) -> C:\OneSafe PC Cleaner\la théorie du complot\Anvi AD Blocker Ultimate\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AVG Secure Browser] : (AVG Secure Browser.-.Auteurs de AVG Secure Browser) -> "C:\Program Files (x86)\AVG\Browser\AVGBrowserUninstall.exe" /run_source=cp [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Babylon] : (Babylon.-.Babylon) -> C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BabylonToolbar] : (Babylon toolbar.-.) -> "C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\barrow & ushuaïa finalis apps nov-dec 2015 install] : (barrow & ushuaïa finalis apps nov-dec 2015 install.-.UEFM LFS Hyper EFM) -> "C:\Users\Jean-Marie\AppData\Local\barrow & ushuaïa finalis apps nov-dec 2015 install\uninst.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BlazeDVD 7.0.2.0 Professional_is1] : (BlazeDVD 7.0.2.0 Professional.-.) -> "C:\Program Files (x86)\BlazeVideo\BlazeDVD7 Professional\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BlazePhoto Professional2.6.0.0_is1] : (BlazePhoto Professional2.6.0.0.-.) -> "C:\Program Files (x86)\BlazeVideo\BlazePhoto Professional\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BlazeVideo HDTV Player Professional 6.6.0.4_is1] : (BlazeVideo HDTV Player Professional 6.6.0.4.-.) -> "C:\Program Files (x86)\BlazeVideo\BlazeVideo HDTV Player Professional\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BlazeVideo Video Editor_is1] : (BlazeVideo Video Editor.-.BlazeVideo) -> "C:\Program Files (x86)\BlazeVideo\Video Editor\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ByteFence] : (ByteFence Anti-Malware.-.Byte Technologies LLC) -> "C:\Program Files\ByteFence\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Cloud System Booster] : (Cloud System Booster.-.Anvisoft) -> C:\Program Files (x86)\Anvisoft\Cloud System Booster\UnInstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Compel install Adaptec WinASPI-4.6.0(1021)_is1] : (Compel Adaptec WinASPI.-.) -> "C:\Program Files (x86)\WinASPI\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CoreFTP] : (Core FTP LE.-.) -> "C:\Program Files (x86)\CoreFTP\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DFX] : (FxSound Enhancer.-.FxSound) -> C:\Program Files (x86)\DFX\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Driver Genius_is1] : (Driver Genius.-.Driver-Soft Inc.) -> "C:\Program Files (x86)\Driver-Soft\DriverGenius\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\efm-barrow 16,2-anti TFL-widen 16 setuyp 2019] : (efm-barrow 16,2-anti TFL-widen 16 setuyp 2019.-.Jean-Marie) -> "C:\Users\Jean-Marie\AppData\Local\efm-barrow 16,2-anti TFL-widen 16 setuyp 2019\uninst.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EFM_Anti-TFL_B162W16_Blini_New_Logo_3rem4rem5rem_Setup2019] : (EFM_Anti-TFL_B162W16_Blini_New_Logo_3rem4rem5rem_Setup2019.-.EFM - LFS Hyper - UEFM) -> "C:\Users\Jean-Marie\AppData\Local\EFM_Anti-TFL_B162W16_Blini_New_Logo_3rem4rem5rem_Setup2019\uninst.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FreeFileSync_is1] : (FreeFileSync 9.1 [Donation Edition].-.www.FreeFileSync.org) -> "C:\Program Files\FreeFileSync\Uninstall\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IconPack] : (IconPack X0 ttone.-.SkinPack) -> C:\IconPack\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IconWorkshop] : (Axialis IconWorkshop 6.91.-.Axialis Software) -> C:\Program Files (x86)\Axialis\IconWorkshop\UnInstall.exe "IconWorkshop" "IconWorkshop.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IM_Magic_PR] : (IM-Magic Partition Resizer Free 2018.-.IM-Magic Inc.) -> C:\Program Files\IM-Magic\Partition Resizer\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Internet Download Accelerator_is1] : (Internet Download Accelerator version 6.17.2.-.WestByte) -> "C:\Program Files (x86)\IDA\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IObit Software Updater_is1] : (IObit Software Updater.-.IObit) -> "C:\Program Files (x86)\IObit\Software Updater\unins001.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IObit Unlocker_is1] : (IObit Unlocker.-.IObit) -> "C:\Program Files (x86)\IObit\IObit Unlocker\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\lfsh_efm_uefm_barrow162_widen16_anaamfuw_suite_essentials&post-finalis24_fev_2019setup] : (lfsh_efm_uefm_barrow162_widen16_anaamfuw_suite_essentials&post-finalis24_fev_2019setup.-.Quernon (la petite marquise), EFM, UEFM & LFS Hyper) -> "C:\Users\Jean-Marie\AppData\Local\lfsh_efm_uefm_barrow162_widen16_anaamfuw_suite_essentials&post-finalis24_fev_2019setup\uninst.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\LogoMaker_is1] : (LogoMaker 4.0.-.Avanquest) -> "C:\Program Files (x86)\Studio V5\LogoMaker\unins001.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\mmswitch] : (Morgan Stream Switcher.-.) -> "C:\Program Files (x86)\Morgan\mmswitch\uninst.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Moo0 RightClicker] : (Moo0 Clic Droit Pro 1.56.-.) -> C:\Program Files (x86)\Moo0\RightClicker Pro 1.56\uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MT-75D7C412-925B-4AD0-90DC-5E4FEE22EAE1_is1] : (MiniTool ShadowMaker Free Edition.-.MiniTool) -> "C:\Program Files (x86)\MiniTool ShadowMaker\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\muCommander] : (muCommander (remove only).-.) -> "C:\Program Files (x86)\muCommander\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MyEpson Portal] : (MyEpson Portal.-.SEIKO EPSON Corporation) -> MsiExec.exe /I{3361D415-BA35-4143-B301-661991BA6219} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NiceCopier_is1] : (NiceCopier.-.) -> "C:\Program Files (x86)\NiceCopier\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\OUTDATEfighter] : (OUTDATEfighter.-.SPAMfighter ApS) -> "C:\Program Files (x86)\Fighters\OUTDATEfighter\Uninstall.exe" Remove [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Protected Folder_is1] : (Protected Folder.-.IObit) -> "C:\Program Files (x86)\IObit\Protected Folder\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\RegSeeker] : (RegSeeker.-.HoverDesk) -> C:\Program Files (x86)\RegSeeker\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\setup best-of lfs hyper apps, format 1 tb micro sd en autodecliv & scan combofix] : (setup best-of lfs hyper apps, format 1 tb micro sd en autodecliv & scan combofix.-.bric) -> "C:\Users\Jean-Marie\AppData\Local\setup best-of lfs hyper apps, format 1 tb micro sd en autodecliv & scan combofix\uninst.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Shopaholic Folder Icons Full_is1] : (Shopaholic Folder Icons Full.-.ArcticLine Software) -> "C:\Program Files (x86)\Folder Marker\icl\unins001.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Soft Organizer_is1] : (Soft Organizer version 7.42.-.ChemTable Software) -> "C:\Program Files (x86)\Soft Organizer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Start Menu Reviver] : (Start Menu Reviver.-.Corel Corporation) -> C:\Program Files\ReviverSoft\Start Menu Reviver\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\StartupBooster] : (StartupBooster 1.0.-.anvisoft) -> K:\OneSafe PC Cleaner\Anvisoft\StartupBooster\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\The Cleaner_is1] : (The Cleaner version 9.-.MooSoft Development LLC) -> "C:\Program Files (x86)\The Cleaner\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\TreeSize Free_is1] : (TreeSize Free V4.2.2.-.JAM Software) -> "C:\Program Files (x86)\JAM Software\TreeSize Free\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\TunesKit Audio Converter_is1] : (TunesKit Audio Converter 3.0.0.39.-.TunesKit, Inc.) -> "C:\Program Files (x86)\TunesKit Audio Converter\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Undelete 360_is1] : (Undelete 360.-.File Recovery Ltd.) -> "C:\Program Files (x86)\File Recovery\undelete360\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Unlocker] : (Unlocker 1.9.1.-.Cedrick Collomb) -> C:\Program Files (x86)\Unlocker\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\UX Pack] : (macOS UX Pack.-.Windows X's Live) -> C:\Program Files (x86)\UX Pack\uxuninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Video Magic Ultimate_is1] : (Video Magic Ultimate 7.0.4.0.-.BlazeVideo) -> "C:\Program Files (x86)\BlazeVideo\VideoMagic6 Ultimate\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ViGlance] : (ViGlance.-.Lee-Soft.com) -> C:\Program Files (x86)\ViGlance\KillMe.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VobSub] : (VobSub v2.23 (Remove Only).-.) -> "C:\Program Files (x86)\Gabest\VobSub\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise JetSearch_is1] : (Wise JetSearch 2.31.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise JetSearch\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Memory Optimizer_is1] : (Wise Memory Optimizer 3.32.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Memory Optimizer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Video Downloader_is1] : (Wise Video Downloader 1.61.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Video Downloader\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Xilisoft Convertisseur Vidéo Ultimate] : (Xilisoft Convertisseur Vidéo Ultimate.-.Xilisoft) -> C:\Program Files (x86)\Xilisoft\Video Converter Ultimate\Uninstall.exe ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07FA4960-B038-49EB-891B-9F95930AA544}] : (HP Customer Experience Enhancements.-.Hewlett-Packard) -> MsiExec.exe /X{07FA4960-B038-49EB-891B-9F95930AA544} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{09BE17DC-59D2-FD28-371D-DCE0AE76CE75}] : (CCC Help Korean.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0B11329E-1DDE-448A-95E6-AA003C63A6A7}_is1] : (MiniCopier.-.Adrian Courreges) -> "C:\Program Files (x86)\MiniCopier\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0CF7D22B-977C-43B2-9219-E03017FBAC6D}] : (Nero Recode Help (CHM).-.Nero AG) -> MsiExec.exe /X{0CF7D22B-977C-43B2-9219-E03017FBAC6D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1028AD34-EB8A-4136-9A93-27FC60FD0A40}] : (Epson Software Updater.-.Seiko Epson Corporation) -> MsiExec.exe /X{1028AD34-EB8A-4136-9A93-27FC60FD0A40} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{104D7F23-A414-EE6D-315E-A07CB75ADEEE}] : (CCC Help English.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{10E33ABF-D7FB-4F47-900A-7973854AB45A}] : (Adobe AIR.-.Adobe Systems Incorporated) -> MsiExec.exe /I{10E33ABF-D7FB-4F47-900A-7973854AB45A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{11FC9C17-17FF-4F2B-9D5A-4DE097629F00}}_is1] : (Kotobee Reader version 1.5.0.-.Vijua, Inc.) -> "C:\Program Files (x86)\Kotobee Reader\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1A7CF3BE-0D4A-33DF-DFD9-824487726365}] : (CCC Help German.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1B6F5E51-575E-4693-BCA2-7543570D076D}] : (Nero Kwik Themes Basic.-.Nero AG) -> MsiExec.exe /X{1B6F5E51-575E-4693-BCA2-7543570D076D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1BC4C58D-D726-172B-DA2C-BBE6AE5DEB76}] : (CCC Help Finnish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1E6AF4B4-0910-4821-CB20-F8FD7AA09CCB}] : (CCC Help Russian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1F112313-BC47-43CF-8898-7BAD6217A074}] : (BitCopy.-.MollieSoft) -> MsiExec.exe /X{1F112313-BC47-43CF-8898-7BAD6217A074} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1FD090C1-5C0F-4764-AE25-176AECA5DEAB}_is1] : (Systools EPUB Viewer version 1.0.-.SysTools Software) -> "C:\Program Files (x86)\Systools EPUB Viewer\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2432E589-6256-4513-B0BF-EFA8E325D5F0}] : (Nero SharedVideoCodecs.-.Nero AG) -> MsiExec.exe /X{2432E589-6256-4513-B0BF-EFA8E325D5F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2452C59D-5140-4A9A-A97F-B925390619E1}] : (Silent Install Builder 5.-.Aprel Tech, LLC) -> MsiExec.exe /X{2452C59D-5140-4A9A-A97F-B925390619E1} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{29F67D84-3A70-456E-806A-52301B02070B}] : (Nero Effects Basic.-.Nero AG) -> MsiExec.exe /X{29F67D84-3A70-456E-806A-52301B02070B} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2E2526C8-51A8-F6EB-8289-6787E880CE27}] : (Catalyst Control Center Localization All.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2EE6622F-A2AC-4EA6-8E90-7288F1348C82}] : (Serif DrawPlus X8 (32 bits).-.Serif (Europe) Ltd) -> MsiExec.exe /X{2EE6622F-A2AC-4EA6-8E90-7288F1348C82} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3064B250-EDCA-4E69-A62A-4DA32225E4BE}] : (Morae Recorder.-.TechSmith Corporation) -> MsiExec.exe /I{3064B250-EDCA-4E69-A62A-4DA32225E4BE} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}] : (Apple Application Support (32 bits).-.Apple Inc.) -> MsiExec.exe /I{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3361D415-BA35-4143-B301-661991BA6219}] : (MyEpson Portal.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /I{3361D415-BA35-4143-B301-661991BA6219} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{34CCB0FE-A68A-4C97-8F33-45B8BBDAC4B8}}_is1] : (SysTools VHDX Viewer v5.0.-.SysTools Software Pvt. Ltd.) -> "C:\Program Files\SysTools VHDX Viewer\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{36DA8969-4DCD-48FF-894A-6BD3936050C3}] : (Nero Blu-ray Player Help (CHM).-.Nero AG) -> MsiExec.exe /X{36DA8969-4DCD-48FF-894A-6BD3936050C3} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{40E51513-D917-4563-84F6-4EF6ADD46E2F}] : (Nero Recode.-.Nero AG) -> MsiExec.exe /X{40E51513-D917-4563-84F6-4EF6ADD46E2F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{429D6E81-8E1E-42E6-8AB9-025DD9157F9B}] : (Paragon HFS+ for Windows.-.Paragon Software) -> MsiExec.exe /X{429D6E81-8E1E-42E6-8AB9-025DD9157F9B} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4C7CC666-B810-4EA9-895C-7E88AA6A32BE}_is1] : (Downloadcrew UpdateScanner.-.Creativemark) -> "C:\Program Files (x86)\Downloadcrew UpdateScanner\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4CA46F9F-174C-4766-9EA2-2325DF414B9E}] : (Nero Express Help (CHM).-.Nero AG) -> MsiExec.exe /X{4CA46F9F-174C-4766-9EA2-2325DF414B9E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5325F0CD-8B2C-40BA-B597-89A3FB09B83C}] : (Morae Manager.-.TechSmith Corporation) -> MsiExec.exe /I{5325F0CD-8B2C-40BA-B597-89A3FB09B83C} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5446D3AF-B060-49B6-9535-F300E1532022}] : (Nero Video Help (CHM).-.Nero AG) -> MsiExec.exe /X{5446D3AF-B060-49B6-9535-F300E1532022} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5575EADE-4685-4E15-A9CD-6036BC2A3F75}_is1] : (KeyCrypt SDK version 1.8.1.199.-.Zemana Ltd.) -> "C:\Windows\SysWOW64\ZALSDK_uninst\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{56736259-613E-4A3B-B428-6235F2E76F44}_is1] : (Spyware Terminator 2015.-.Crawler Group) -> "C:\Program Files (x86)\Spyware Terminator\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{581DCE84-1948-4891-A4A7-A1222CC137C5}] : (Nero RescueAgent.-.Nero AG) -> MsiExec.exe /X{581DCE84-1948-4891-A4A7-A1222CC137C5} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}] : (Prerequisite installer.-.Nero AG) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5AD25D5C-C813-146B-4FB0-76561F7875B7}] : (CCC Help Hungarian.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5B4886EE-5A95-C257-A68F-2DCADE47A273}] : (CCC Help Norwegian.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5DB58618-7021-C650-EE8A-58CD1FAA95F9}] : (CCC Help Thai.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5F5ACD0C-A454-32A7-E206-EE89B1510128}] : (CCC Help Danish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{628406E1-62CD-4AF5-8D64-DA74DD47BCA9}_is1] : (SysTools Gmail Backup v5.0.-.SysTools Software) -> "C:\Program Files (x86)\SysTools Gmail Backup\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}] : (Nero Update.-.Nero AG) -> MsiExec.exe /X{65BB0407-4CC8-4DC7-952E-3EEFDF05602A} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{67087BB4-19B4-C169-3E52-2BED796D8AB3}] : (CCC Help Swedish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}] : (Apple Software Update.-.Apple Inc.) -> MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6AE04BB9-A455-16ED-5806-DCFBB14505D6}] : (CCC Help Dutch.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F340107-F9AA-47C6-B54C-C3A19F11553F}] : (Hewlett-Packard ACLM.NET v1.2.0.0.-.Hewlett-Packard Company) -> MsiExec.exe /I{6F340107-F9AA-47C6-B54C-C3A19F11553F} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7474548C-E456-4818-8ED0-4A1F00EF77A1}] : (Catalyst Control Center - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{7474548C-E456-4818-8ED0-4A1F00EF77A1} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{75CA8AAE-5346-4312-A9A8-5CF89955930F}] : (Nero MediaHome Help (CHM).-.Nero AG) -> MsiExec.exe /X{75CA8AAE-5346-4312-A9A8-5CF89955930F} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{76DFBEB9-9E55-8CC6-B99A-9CEFAC573A1F}] : (CCC Help Spanish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{79087BA9-C5B5-4081-A374-310AC02E2896}] : (ProtectStar(TM) iShredder 7.-.ProtectStar Inc.) -> MsiExec.exe /I{79087BA9-C5B5-4081-A374-310AC02E2896} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{839D1577-5415-6C89-6642-515DFFE6432F}] : (CCC Help Czech.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{84B13BF6-F7AF-198E-0E77-DCA4027B9D19}] : (CCC Help Japanese.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8C784F8B-89D0-4A59-A000-7EEF129E1574}] : (Jing.-.TechSmith Corporation) -> MsiExec.exe /I{8C784F8B-89D0-4A59-A000-7EEF129E1574} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F51500B-CC44-417B-B6A4-F294CB29A29B}] : (STOPzilla AntiMalware.-.iS3, Inc.) -> MsiExec.exe /X{8F51500B-CC44-417B-B6A4-F294CB29A29B} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{949BE04F-D7E8-4C19-9F89-8B304AB4308A}_is1] : (AVG TuneUp.-.AVG Technologies) -> "C:\Program Files (x86)\AVG\AVG TuneUp\TuneupUninst.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9612F0F6-A154-49A2-9CCB-A1C1AA57D719}] : (Nero MediaHome.-.Nero AG) -> MsiExec.exe /X{9612F0F6-A154-49A2-9CCB-A1C1AA57D719} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9C563B28-212C-4293-9DBC-41439D7D35D8}] : (Nero Burning Core.-.Nero AG) -> MsiExec.exe /X{9C563B28-212C-4293-9DBC-41439D7D35D8} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}] : (Nero Blu-ray Player.-.Nero AG) -> MsiExec.exe /X{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A666A6E7-3A51-E289-559B-BF3486036ABF}] : (CCC Help Turkish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A677B60C-9707-4D9C-AB9C-BF856A0832AC}] : (Reasonable NoClone 2014.-.REASONABLE SOFTWARE HOUSE) -> MsiExec.exe /I{A677B60C-9707-4D9C-AB9C-BF856A0832AC} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A7A0BF2E-31CC-49E3-9913-52C503EB969D}] : (Nero Audio Pack 1.-.Nero AG) -> MsiExec.exe /X{A7A0BF2E-31CC-49E3-9913-52C503EB969D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A84E754A-EA45-4A31-A4D5-57D1EA1760D5}] : (Nero Disc to Device.-.Nero AG) -> MsiExec.exe /X{A84E754A-EA45-4A31-A4D5-57D1EA1760D5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{a87f7f92-7bf2-4986-aff2-defc98641112}] : (Ad-Aware Browser.-.Lavasoft) -> C:\Program Files (x86)\Ad-Aware Browser\AdAwareBrowserInstaller.exe --uninstall ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (AVG Update Helper.-.AVG Technologies) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AB4C8F7A-B076-4F09-BE19-0F40D8790990}] : (Serif PagePlus X9 (32 bits).-.Serif (Europe) Ltd) -> MsiExec.exe /X{AB4C8F7A-B076-4F09-BE19-0F40D8790990} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ABA39912-380C-0EF3-C820-868115EB1DAC}] : (Catalyst Control Center InstallProxy.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ABC88553-8770-4B97-B43E-5A90647A5B63}] : (Nero ControlCenter.-.Nero AG) -> MsiExec.exe /X{ABC88553-8770-4B97-B43E-5A90647A5B63} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC7A441A-353F-75F6-6ABA-3BF98161B530}] : (CCC Help Greek.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ACE49D50-19CD-44A6-B192-46F985283B26}] : (Nero PiP Effects Basic.-.Nero AG) -> MsiExec.exe /X{ACE49D50-19CD-44A6-B192-46F985283B26} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B6480ED1-448E-813B-4FE0-BED811D1C01F}] : (CCC Help French.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BD0E78AC-54A5-429A-BAF3-29D1A945A20C}] : (Nero Video.-.Nero AG) -> MsiExec.exe /X{BD0E78AC-54A5-429A-BAF3-29D1A945A20C} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BDBF9803-B57C-AB2A-8830-CBED34703840}] : (Catalyst Control Center Graphics Previews Common.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}] : (Nero Core Components.-.Nero AG) -> MsiExec.exe /X{BEBEE34D-84A2-4EDD-8BEA-96CC54371263} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BFB6DE5F-9BEA-1FBB-3584-2C78639CE59A}] : (CCC Help Polish.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BFDC3B26-7DB0-43D3-BC84-7E9649C157EA}_is1] : (Pegasun System Utilities.-.Pegasun) -> "C:\Program Files (x86)\Pegasun\SystemUtilities\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CDFE8F95-F80F-4115-9C3F-0E1FD8F9F58C}] : (Nero ControlCenter Help (CHM).-.Nero AG) -> MsiExec.exe /X{CDFE8F95-F80F-4115-9C3F-0E1FD8F9F58C} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628}] : (COMODO Secure Shopping.-.COMODO) -> MsiExec.exe /X{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D5115C78-2D22-4668-A5E2-6C87DED3ED1B}] : (Nero Launcher.-.Nero AG) -> MsiExec.exe /X{D5115C78-2D22-4668-A5E2-6C87DED3ED1B} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}] : (OUTDATEfighter.-.SPAMfighter ApS) -> MsiExec.exe /X{DD016DFA-EDD4-46F4-B847-6B09724ECA95} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DD35ECFB-5C95-398B-CAFA-B5E8881363C3}] : (CCC Help Italian.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DDD8D35B-EDEA-45FC-8930-C494B02E42FF}] : (PagePlusX7ContentDeclaration.-.Serif (Europe) Ltd) -> MsiExec.exe /I{DDD8D35B-EDEA-45FC-8930-C494B02E42FF} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DE24241A-7C94-4FCD-BAB6-23A18BAF331B}] : (IRISmart File.-.I.R.I.S.) -> MsiExec.exe /X{DE24241A-7C94-4FCD-BAB6-23A18BAF331B} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}] : (Nero Disc Menus Basic.-.Nero AG) -> MsiExec.exe /X{E17BCB76-9924-4BD5-B6D6-50D3407B4E74} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E6E1AE09-1B6D-4D80-A42F-2AE0EA448DE5}] : (Nero 2014.-.Nero AG) -> MsiExec.exe /I{E6E1AE09-1B6D-4D80-A42F-2AE0EA448DE5} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E8406BA9-5D47-4A62-08C3-759EA677229A}] : (AMD VISION Engine Control Center.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ED7943A4-2FF0-4096-BBEA-DE3CC206E3D4}] : (Nero Express.-.Nero AG) -> MsiExec.exe /X{ED7943A4-2FF0-4096-BBEA-DE3CC206E3D4} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F193812F-83C0-3CED-1EDE-BE2525267303}] : (CCC Help Chinese Traditional.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}] : (Nero Burning ROM.-.Nero AG) -> MsiExec.exe /X{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F69D4104-5394-4F7C-801C-D96DC92E7F69}] : (Nero RescueAgent Help (CHM).-.Nero AG) -> MsiExec.exe /X{F69D4104-5394-4F7C-801C-D96DC92E7F69} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F754BC24-2C04-F76E-C403-0175F0954560}] : (CCC Help Chinese Standard.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F7E1CA14-B39D-452A-960B-39423DDDD933}] : (DriveImage XML (Private Edition).-.Runtime Software) -> "C:\Program Files (x86)\Runtime Software\DriveImage XML\Uninstall.exe" "C:\Program Files (x86)\Runtime Software\DriveImage XML\install.log" -u ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FA78CC15-9F90-443B-BA61-A66595F06432}] : (Nero Burning ROM Help (CHM).-.Nero AG) -> MsiExec.exe /X{FA78CC15-9F90-443B-BA61-A66595F06432} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FBD68E88-2999-43B7-B249-E1B08FA2B065}_is1] : (SysTools PDF Unlocker - v3.2.-.SysTools Software Pvt. Ltd.) -> "C:\Program Files (x86)\SysTools PDF Unlocker\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC62C740-2339-618C-467B-36CE6D409E5F}] : (CCC Help Portuguese.-.Advanced Micro Devices, Inc.) -> ---------- | Ports ---------- | Microsoft Specifications CheckID: MSXMLSXS0{1D95BA90-F4F8-47EC-A882-441C99D30C1E} - VersionNT < 501 -> MSXMLSXS CheckID: MSXMLSXS0{196467F1-C11F-4F76-858B-5812ADC83B94} - VersionNT < 501 -> MSXMLSXS CheckID: AutoPlay999{40E51513-D917-4563-84F6-4EF6ADD46E2F} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{40E51513-D917-4563-84F6-4EF6ADD46E2F} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: FileAssociations999{ABC88553-8770-4B97-B43E-5A90647A5B63} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{581DCE84-1948-4891-A4A7-A1222CC137C5} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{581DCE84-1948-4891-A4A7-A1222CC137C5} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{ED7943A4-2FF0-4096-BBEA-DE3CC206E3D4} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{ED7943A4-2FF0-4096-BBEA-DE3CC206E3D4} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: VSTA_Runtime_CLR350{9495AEB4-AB97-39DE-8C42-806EEF75ECA7} - (NOT NETFX35_INSTALLED) AND (NOT NETCLIENT35_INSTALLED) -> VSTA_Runtime_CLR35 CheckID: VSTA_Runtime_CLR400{9495AEB4-AB97-39DE-8C42-806EEF75ECA7} - (NOT NETFX40_INSTALLED) AND (NOT NETCLIENT40_INSTALLED) -> VSTA_Runtime_CLR40 CheckID: VSTO_Runtime_CLR350{9495AEB4-AB97-39DE-8C42-806EEF75ECA7} - (NOT NETFX35_INSTALLED) AND (NOT NETCLIENT35_INSTALLED) -> VSTO_Runtime_CLR35 CheckID: VSTO_Runtime_CLR400{9495AEB4-AB97-39DE-8C42-806EEF75ECA7} - (NOT NETFX40_INSTALLED) AND (NOT NETCLIENT40_INSTALLED) -> VSTO_Runtime_CLR40 CheckID: VSTAR_res_CLR350{8D0A0EC6-9A3C-354F-9BFC-A61E96BE1846} - (NOT NETFX35_INSTALLED) AND (NOT NETCLIENT35_INSTALLED) -> VSTAR_res_CLR35 CheckID: VSTOR_res_CLR350{8D0A0EC6-9A3C-354F-9BFC-A61E96BE1846} - (NOT NETFX35_INSTALLED) AND (NOT NETCLIENT35_INSTALLED) -> VSTOR_res_CLR35 CheckID: VSTOR_res_CLR400{8D0A0EC6-9A3C-354F-9BFC-A61E96BE1846} - (NOT NETFX40_INSTALLED) AND (NOT NETCLIENT40_INSTALLED) -> VSTOR_res_CLR40 CheckID: AutoPlay999{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{9612F0F6-A154-49A2-9CCB-A1C1AA57D719} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{9612F0F6-A154-49A2-9CCB-A1C1AA57D719} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{9C563B28-212C-4293-9DBC-41439D7D35D8} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{9C563B28-212C-4293-9DBC-41439D7D35D8} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{D5115C78-2D22-4668-A5E2-6C87DED3ED1B} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{D5115C78-2D22-4668-A5E2-6C87DED3ED1B} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{A84E754A-EA45-4A31-A4D5-57D1EA1760D5} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{A84E754A-EA45-4A31-A4D5-57D1EA1760D5} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{BD0E78AC-54A5-429A-BAF3-29D1A945A20C} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{BD0E78AC-54A5-429A-BAF3-29D1A945A20C} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: AutoPlay999{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87} - NERO.INSTALL_AUTOPLAY=0 -> AutoPlay CheckID: FileAssociations999{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87} - NERO.INSTALL_EXTENSIONS=0 -> FileAssociations CheckID: bdfwfpf0{F63A7ADE-507E-4944-9C74-8893BAE11728} - VersionNT < 500 -> bdfwfpf CheckID: gzflt0{F63A7ADE-507E-4944-9C74-8893BAE11728} - VersionNT < 500 -> gzflt CheckID: trufos0{F63A7ADE-507E-4944-9C74-8893BAE11728} - VersionNT < 500 -> trufos CheckID: gzflt10{F63A7ADE-507E-4944-9C74-8893BAE11728} - VersionNT < 500 -> gzflt1 CheckID: gzflt20{F63A7ADE-507E-4944-9C74-8893BAE11728} - VersionNT < 500 -> gzflt2 CheckID: gzflt30{F63A7ADE-507E-4944-9C74-8893BAE11728} - VersionNT < 500 -> gzflt3 CheckID: gzflt40{F63A7ADE-507E-4944-9C74-8893BAE11728} - VersionNT < 500 -> gzflt4 CheckID: gzflt50{F63A7ADE-507E-4944-9C74-8893BAE11728} - VersionNT < 500 -> gzflt5 CheckID: trufos10{F63A7ADE-507E-4944-9C74-8893BAE11728} - VersionNT < 500 -> trufos1 CheckID: trufos20{F63A7ADE-507E-4944-9C74-8893BAE11728} - VersionNT < 500 -> trufos2 CheckID: trufos30{F63A7ADE-507E-4944-9C74-8893BAE11728} - VersionNT < 500 -> trufos3 CheckID: trufos40{F63A7ADE-507E-4944-9C74-8893BAE11728} - VersionNT < 500 -> trufos4 ---------- | CLSID (Whitelist) [HKCR\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}] - (.-.) - C:\Windows\SysWow64\xvid.ax [20/02/2019 08:58:27] [HKCR\CLSID\{01CA3A27-41E7-47E6-AC56-1B5E6563B555}] - (.-.) - C:\PROGRA~2\icofx3\PREVIE~1.DLL [02/03/2019 12:36:23] [HKCR\CLSID\{04815318-9C96-4C52-8C7F-FF01CE0D45A7}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{0929891C-854C-4BFF-AE54-7EE10636719D}] - (.(c) 2018 AVG Technologies - AVG Browser Update.) - C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\psmachine.dll [01/03/2019 06:17:08] [HKCR\CLSID\{0932B8A4-BBB4-4bc0-A8AB-91C626950C75}] - (.-.) - C:\Windows\system32\LVUI2.dll [HKCR\CLSID\{09AC4892-81B7-4d39-B235-8F0DB0DAF4F8}] - (.-.) - C:\Windows\system32\LVUI2.dll [HKCR\CLSID\{0A9BD4EB-DED5-4DF0-BAF6-2CEA23F57261}] - (.-.) - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Previews-Common\MMACEFilters.dll [08/08/2012 11:12:30] [HKCR\CLSID\{0B8D7758-6C0B-4130-B3EC-6A60BDD586C7}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{0D68D6D0-D93D-4D08-A30D-F00DD1F45B24}] - (.License: MPL 1.1/GPL 2.0/LGPL 2.1 -.) - C:\Program Files (x86)\Netscape\Navigator 9\AccessibleMarshal.dll [14/09/2018 10:51:14] [HKCR\CLSID\{0EBF5715-EF47-4449-8A50-1C346B35A3CE}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{10AD8B9D-222E-44D1-881B-0EA79E1B2D6E}] - (.-.) - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Previews-Common\Ticker.ax [08/08/2012 11:12:18] [HKCR\CLSID\{1159F2AF-F989-4d11-8B34-9550029269BB}] - (.-.) - C:\Windows\system32\LVUI2.dll [HKCR\CLSID\{15FD01A3-6E5D-4ECD-9EBD-1813CB3887A1}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{1814CEEB-49E2-407F-AF99-FA755A7D2607}] - (.License: MPL 2 -.) - C:\Program Files (x86)\Mozilla Firefox\AccessibleMarshal.dll [24/01/2019 11:07:05] [HKCR\CLSID\{1A87BC61-0B4E-4578-AF88-3EFADDC4E11B}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{1aad99ea-ee10-5c3a-8174-84c63a67adde}] - (.-.) - C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll [HKCR\CLSID\{1CEBDE3E-6B91-484A-AF48-5E4F4ED6B1E1}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{1F77B17B-F531-44DB-ACA4-76ABB5010A28}] - (.Artem Izmaylov - Context Menu Extension.) - C:\Program Files (x86)\AIMP\System\aimp_menu32.dll [01/03/2019 05:43:11] [HKCR\CLSID\{265089F3-D73B-4332-B5BE-EC1AAFEE93D4}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{28E08968-59C8-4A77-BEBA-12C9394AE077}] - (.(c) 2018 AVG Technologies - AVG Browser Update.) - C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\npAvgBrowserUpdate3.dll [01/03/2019 06:17:09] [HKCR\CLSID\{2A646672-9C3A-4C28-9A7A-1FB0F63F28B6}] - (.2002-2008 WestByte - IE 4.x-6.x BHO for Internet Download Accelerator.) - C:\PROGRA~2\IDA\idaiehlp.dll [28/02/2019 14:35:42] [HKCR\CLSID\{2C5F9B72-7148-4D97-BFC9-68A0E076BEBD}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{2DD257A3-5028-41AE-A1E7-A12F76A08893}] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [15/02/2019 05:48:54] [HKCR\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}] - (.(c) Babylon Ltd. -.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll [07/11/2010 14:45:26] [HKCR\CLSID\{2FE8F810-B2A5-11d0-A787-0000F803ABFC}] - (.-.) - C:\Windows\system32\dplayx.dll [HKCR\CLSID\{34c219bd-85c1-4338-95e8-788a36901dc2}] - (.-.) - %windir%\System32\wpdwcn.dll [HKCR\CLSID\{4046F727-B73D-4218-8307-D7ED3C1FB4D2}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{4062C116-0270-11D3-8BCB-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{4108FA85-3586-11D3-8BD7-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{417BAB8B-9D22-4A88-9DA0-98C4AB6745D5}] - (.-.) - %windir%\System32\wpdwcn.dll [HKCR\CLSID\{4516EC43-8F20-11D0-9B6D-0000C0781BC3}] - (.-.) - C:\Windows\system32\d3dxof.dll [HKCR\CLSID\{4A6E162C-6F51-4956-86D0-A72729178B9B}] - (.-.) - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Previews-Common\MMACEFilters.dll [08/08/2012 11:12:30] [HKCR\CLSID\{4C8DD17E-7079-4c7e-96E5-A7AFDB12F132}] - (.-.) - C:\Windows\system32\LVUI2.dll [HKCR\CLSID\{4EE17959-931E-49E4-A2C6-977ECF3628F3}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}] - (.(c) 2018 AVG Technologies - AVG Browser Update.) - C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\npAvgBrowserUpdate3.dll [01/03/2019 06:17:09] [HKCR\CLSID\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{517539A3-905F-4755-9F94-D91B095A07CC}] - (.-.) - C:\Windows\system32\LVUI2.dll [HKCR\CLSID\{51A00247-40A8-4845-9F17-7DBFCC9A8783}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\avi.dll [10/12/2018 10:49:52] [HKCR\CLSID\{52C550C6-067F-4BC8-98B2-0F0E91C10261}] - (.-.) - %windir%\system32\inetsrv\w3ctrlps.dll [HKCR\CLSID\{53D9DE0B-FC61-4650-9773-74D13CC7E582}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\mkx.dll [10/12/2018 10:49:52] [HKCR\CLSID\{57176671-2DCA-4D06-A004-8DE638713186}] - (.(c) 2018 AVG Technologies - AVG Browser Update.) - C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\psmachine.dll [01/03/2019 06:17:08] [HKCR\CLSID\{5872C980-0AAF-4cdb-A62D-4F453DA2EFAD}] - (.-.) - C:\Windows\system32\LVUI2.dll [HKCR\CLSID\{5AB6A306-FB84-4F66-891A-AE5635703B50}] - (.2002-2003 WestByte -.) - C:\PROGRA~2\IDA\idaie.dll [28/02/2019 14:35:42] [HKCR\CLSID\{5D01367D-A46F-404B-A1E5-0227A6F37208}] - (.-.) - C:\Windows\SysWow64\MJPGDec.ax [12/12/2018 12:47:49] [HKCR\CLSID\{5DE7918B-BFD7-4C1E-B4E0-B16D0A3EA76B}] - (.-.) - C:\Windows\SysWOW64\AuthHostProxy.dll [HKCR\CLSID\{640167b4-59b0-47a6-b335-a6b3c0695aea}] - (.-.) - C:\Windows\system32\audiodev.dll [HKCR\CLSID\{64697678-0000-0010-8000-00AA00389B71}] - (.-.) - C:\Windows\SysWow64\xvid.ax [20/02/2019 08:58:27] [HKCR\CLSID\{64F2005C-6CF5-4652-B94F-600360B15B27}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\mkx.dll [10/12/2018 10:49:52] [HKCR\CLSID\{65A3CD37-3208-45B1-8F10-5F5BAD78DDD8}] - (.-.) - C:\Windows\system32\LVUI2.dll [HKCR\CLSID\{663D3C61-4D78-4CEC-B014-B8591F5A2A6E}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{6691680C-8B1C-49ec-9254-8FFBE471C256}] - (.-.) - C:\Windows\system32\LVUI2.dll [HKCR\CLSID\{67213461-9306-4978-AC8D-608589F90F03}] - (.WiseVideoSuite.com - IE Add-on for download YouTube video..) - C:\PROGRA~2\Wise\WISEVI~1\WVDAdd.dll [04/02/2019 14:11:38] [HKCR\CLSID\{677E8933-67A0-4F25-B065-4F8FFC8A229D}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{6DFF0FDD-1AD5-4A32-89D2-4AEF65DF3F3D}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{760A8F35-97E7-479D-AAF5-DA9EFF95D751}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\dxr.dll [10/12/2018 10:49:52] [HKCR\CLSID\{79BA9E00-B6EE-11D1-86BE-00C04FBF8FEF}] - (.-.) - C:\Windows\System32\dmband.dll [HKCR\CLSID\{810B5013-E88D-11D2-8BC1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{854F4628-CE51-42C4-80E9-80DAE27FAAAE}] - (.-.) - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Previews-Common\MMACEFilters.dll [08/08/2012 11:12:30] [HKCR\CLSID\{89A8FBF1-0FE4-4A3C-B553-7ED42D2130EA}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{8B2B6B4F-57C1-4118-B11D-9E67E27D009F}] - (.Bytescout -.) - C:\PROGRA~2\Serif\DrawPlus\X8\Program\SWFScout.dll [09/08/2007 20:32:32] [HKCR\CLSID\{8E8B4A31-408B-4929-86A4-A9FA9F01BA43}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\dxr.dll [10/12/2018 10:49:52] [HKCR\CLSID\{8ECF17DB-8A08-433B-938A-EA582C8AA708}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{930CDD8B-C09C-4684-9F34-9494A4317855}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}] - (.(c) Babylon Ltd. -.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll [07/11/2010 14:45:26] [HKCR\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}] - (.(c) Babylon Ltd. -.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll [07/11/2010 14:45:28] [HKCR\CLSID\{9A4FAD56-C770-4340-AF82-8D7B0CEB015F}] - (.Bytescout -.) - C:\PROGRA~2\Serif\DrawPlus\X8\Program\SWFScout.dll [09/08/2007 20:32:32] [HKCR\CLSID\{9E665ED7-958C-410C-9C56-05DA783E7933}] - (.-.) - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Graphics-Previews-Common\MMACEFilters.dll [08/08/2012 11:12:30] [HKCR\CLSID\{A36C253D-CEE4-4BCA-9CC2-E03CF6BBB054}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\dxr.dll [10/12/2018 10:49:52] [HKCR\CLSID\{A42E89B8-C77D-446F-8D34-F493DF697933}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{A6098E79-9C50-4F87-8973-5FB4532C93D8}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{A7005AF0-D6E8-48AF-8DFA-023B1CF660A7}] - (.-.) - C:\Program Files\TeraCopy\TeraCopy.dll [04/02/2019 13:39:16] [HKCR\CLSID\{A8004167-E235-4148-A4E5-7C3108100200}] - (.©Conexant Systems Inc. - Conexant APO.) - C:\Windows\SysWow64\RTCOM\CX32APO.dll [16/12/2018 19:03:00] [HKCR\CLSID\{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}] - (.-.) - C:\PROGRA~1\TeraCopy\TERACO~4.DLL [26/02/2019 09:48:10] [HKCR\CLSID\{A861C6E2-FCFC-11D2-8BC9-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{AA4CE0BA-E016-4FE4-B44C-3E4208100200}] - (.©Conexant Systems Inc. - Conexant APO.) - C:\Windows\SysWow64\RTCOM\CX32APO.dll [16/12/2018 19:03:00] [HKCR\CLSID\{AB31A0D4-4437-4389-8054-A9338DF771AA}] - (.-.) - C:\Program Files (x86)\UTILILAB\SystemOPTIMIZER\USOSecureShell.dll [HKCR\CLSID\{B3DE7EDC-0CD4-4d07-B1C5-92219CD475CC}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\mp4.dll [10/12/2018 10:49:52] [HKCR\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}] - (.(c) Babylon Ltd. -.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll [07/11/2010 10:21:48] [HKCR\CLSID\{B841F346-4835-4de8-AA5E-2E7CD2D4C435}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\ts.dll [10/12/2018 10:49:52] [HKCR\CLSID\{BD4FB4BE-809D-487b-ADD6-F7D164247E52}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\mkx.dll [10/12/2018 10:49:52] [HKCR\CLSID\{C17C735C-ED7F-40A2-9494-A80CC611ADC9}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{C64501F6-E6E6-451f-A150-25D0839BC510}] - (.-.) - C:\Windows\SysWOW64\speech\engines\tts\MSTTSEngine.dll [26/07/2012 00:30:44] [HKCR\CLSID\{C70EB77F-EFD4-4678-A27B-BF1648F30D04}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{C953ED86-86C1-46B4-8E3E-1D778E1AD3D1}] - (.© Crawler Group, LLC - Spyware Terminator Internet Guard.) - C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL [21/02/2019 15:49:23] [HKCR\CLSID\{C95F3816-578E-4CCB-A51C-382C522C6F38}] - (.Bytescout -.) - C:\PROGRA~2\Serif\DrawPlus\X8\Program\SWFScout.dll [09/08/2007 20:32:32] [HKCR\CLSID\{C9E88BC9-86BC-4089-8539-6EF7BD5B9BFC}] - (.2002-2003 WestByte -.) - C:\PROGRA~2\IDA\idaie.dll [28/02/2019 14:35:42] [HKCR\CLSID\{C9F0475F-DD1B-4204-A784-4121F71631E3}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{CC7A69F4-C034-48FE-A19A-C6CE055804F9}] - (.Bytescout -.) - C:\PROGRA~2\Serif\DrawPlus\X8\Program\SWFScout.dll [09/08/2007 20:32:32] [HKCR\CLSID\{CDE9EF5A-F552-450B-8B07-5CC6645A84E4}] - (.TechSmith Corportation. - Supports integration with Screencast.com.) - C:\Program Files (x86)\Common Files\TechSmith Shared\ScreencastIntegration\ScreencastCOM.dll [29/09/2015 22:31:02] [HKCR\CLSID\{CE9A1DEA-CA98-43C5-919A-AC27AE0C370B}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{D1EB6D20-8923-11d0-9D97-00A0C90A43CB}] - (.-.) - C:\Windows\system32\dplayx.dll [HKCR\CLSID\{D2AC2894-B39B-11D1-8704-00600893B1BD}] - (.-.) - C:\Windows\System32\dmband.dll [HKCR\CLSID\{D3075F87-A7BD-4231-9F6A-60C5E07374A7}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{D3C43F76-1A79-45B7-81ED-912B19E74F0A}] - (.Bytescout -.) - C:\PROGRA~2\Serif\DrawPlus\X8\Program\SWFScout.dll [09/08/2007 20:32:32] [HKCR\CLSID\{DAA92564-78C8-40A3-96D2-9115A76B8F29}] - (.-.) - %windir%\System32\wpdwcn.dll [HKCR\CLSID\{DB43B405-43AA-4f01-82D8-D84D47E6019C}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\ogm.dll [10/12/2018 10:49:52] [HKCR\CLSID\{DCA8D857-1A63-4045-8F36-8809EB093D04}] - (.License: MPL 2 -.) - C:\Program Files (x86)\Mozilla Firefox\AccessibleHandler.dll [24/01/2019 11:07:06] [HKCR\CLSID\{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}] - (.-.) - C:\Program Files (x86)\Unlocker\UnlockerCOM.dll [04/07/2010 22:32:38] [HKCR\CLSID\{DE7371F4-4CCD-47cd-B12B-8887C9125895}] - (.-.) - C:\Windows\system32\LVUI2.dll [HKCR\CLSID\{E02A03C6-AACF-4F93-BCB3-98CF673EA41B}] - (.© Crawler Group, LLC - Spyware Terminator Internet Guard.) - C:\PROGRA~2\SPYWAR~1\STINTE~1.DLL [21/02/2019 15:49:23] [HKCR\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}] - (.(c) Babylon Ltd. -.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll [07/11/2010 14:45:26] [HKCR\CLSID\{E58F310E-CE59-4698-AF46-57E27F13B9A3}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{e8cc4cbe-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll [HKCR\CLSID\{e8cc4cbf-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll [HKCR\CLSID\{EBF2320A-2502-11D3-8BD1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{EF1A057F-BFF9-4940-9484-C077E4518A2D}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{F085BD9F-C25D-4011-9280-ABCDDBC2219C}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{F32C83B9-DF1D-42AD-9741-C52909703957}] - (.© SpywareTerminator.com - Spyware Terminator 2015 Shell Menu Extension.) - C:\Program Files (x86)\Spyware Terminator\STShell.dll [21/02/2019 15:49:21] [HKCR\CLSID\{F4F7B301-7C59-4851-BA97-C51F110B590F}] - (.-.) - C:\Program Files\Google\Google Earth Pro\client\earthps32.dll [31/10/2018 08:29:22] [HKCR\CLSID\{F593ED78-D0EF-4A21-82D4-D4D541DBB876}] - (.© pdfforge GmbH. -.) - C:\ProgramData\PDF Architect 6\Installation\Statistics.dll [01/01/2019 12:48:51] [HKCR\CLSID\{F71503F0-D7DC-4125-8573-88BB070F4823}] - (.Bytescout -.) - C:\PROGRA~2\Serif\DrawPlus\X8\Program\SWFScout.dll [09/08/2007 20:32:32] [HKCR\CLSID\{FABD6EA5-AE10-4E7A-B83B-5F07ACC84214}] - (.-.) - %windir%\System32\wpdwcn.dll [HKCR\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}] - (.(c) Babylon Ltd. -.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll [07/11/2010 10:21:52] ---------- | Installer [HKCR\Installer\Products\00602AD00316B344D9B43F500213F56A] : Services d’impression Bonjour -> C:\Windows\Installer\{0DA20600-6130-443B-9D4B-F30520315FA6}\Bonjour.ico [HKCR\Installer\Products\047C26CF9332C81664B763ECD604E9F5] : CCC Help Portuguese -> c:\windows\Installer\{FC62C740-2339-618C-467B-36CE6D409E5F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\052B4603ACDE96E46AA2D43A22524EEB] : Morae Recorder [HKCR\Installer\Products\05D94ECADC916A441B29649F5882B362] : Nero PiP Effects Basic -> C:\Windows\Installer\{ACE49D50-19CD-44A6-B192-46F985283B26}\ARPPRODUCTICON.exe [HKCR\Installer\Products\0694AF70830BBE9498B1F95939A05A44] : HP Customer Experience Enhancements -> C:\windows\Installer\{07FA4960-B038-49EB-891B-9F95930AA544}\ARPPRODUCTICON.exe [HKCR\Installer\Products\08A8734D317CFD1139990005650C0080] : Paragon Migrate OS to SSD™ 4.0 -> C:\Windows\Installer\{D4378A80-C713-11DF-9399-005056C00008}\ARPPRODUCTICON.exe [HKCR\Installer\Products\09AB59D18F4FCE748A2844C1993DC0E1] : MSXML 4.0 SP3 Parser (KB2758694) [HKCR\Installer\Products\0B9FD51D89A3FEB47B5DCFA3AE746382] : COMODO Secure Shopping -> C:\Windows\Installer\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628}\icon.ico [HKCR\Installer\Products\0DA3CAEF620136F4AAFA5EFC4F22CBDC] : [HKCR\Installer\Products\0E5F85E2FE5BC448B581C4128F00AC6D] : ccc-utility64 -> c:\windows\Installer\{2E58F5E0-B5EF-844C-5B18-4C21F800CAD6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\15E5F6B1E5753964CB2A573475D070D6] : Nero Kwik Themes Basic -> C:\Windows\Installer\{1B6F5E51-575E-4693-BCA2-7543570D076D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\18BF6F0405B1B3448A0ECB076EC2BF12] : Adblock Plus pour IE (32-bits et 64-bits) -> C:\Windows\Installer\{40F6FB81-1B50-443B-A8E0-BC70E62CFB21}\program_icon [HKCR\Installer\Products\18E6D924E1E86E24A89B20D59D51F7B9] : Paragon HFS+ for Windows -> C:\Windows\Installer\{429D6E81-8E1E-42E6-8AB9-025DD9157F9B}\HFS4Win.ico [HKCR\Installer\Products\1DE0846BE844B318F40EEB8D111D0CF1] : CCC Help French -> c:\windows\Installer\{B6480ED1-448E-813B-4FE0-BED811D1C01F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1F764691F11C67F458B88521DA8CB349] : MSXML 4.0 SP3 Parser [HKCR\Installer\Products\21993ABAC0833FE08C02681851BED1CA] : Catalyst Control Center InstallProxy -> c:\windows\Installer\{ABA39912-380C-0EF3-C820-868115EB1DAC}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2FCC6D4EFAA0C9B4D95E98E3CDB9B4AA] : HP Registration Service -> c:\windows\Installer\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3089FBDBC75BA2BA8803BCDE43078304] : Catalyst Control Center Graphics Previews Common -> c:\windows\Installer\{BDBF9803-B57C-AB2A-8830-CBED34703840}\ARPPRODUCTICON.exe [HKCR\Installer\Products\313211F174CBFC348889B7DA26710A47] : BitCopy -> C:\Windows\Installer\{1F112313-BC47-43CF-8898-7BAD6217A074}\appicon.ico [HKCR\Installer\Products\31515E04719D3654486FE46FDA4DE6F2] : Nero Recode -> C:\Windows\Installer\{40E51513-D917-4563-84F6-4EF6ADD46E2F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\32F7D401414AD6EE13E50AC77BA5EDEE] : CCC Help English -> c:\windows\Installer\{104D7F23-A414-EE6D-315E-A07CB75ADEEE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\35588CBA077879B44BE3A50946A7B536] : Nero ControlCenter -> C:\Windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ARPPRODUCTICON.exe [HKCR\Installer\Products\36298A4869AA0D143854777A407AB6C4] : DriverUpdate -> C:\Windows\Installer\{84A89263-AA96-41D0-8345-77A704A76B4C}\Icon.exe [HKCR\Installer\Products\4014D96F4935C7F408C19DD69CE2F796] : Nero RescueAgent Help (CHM) [HKCR\Installer\Products\42CB457F40C2E67F4C3010570F595406] : CCC Help Chinese Standard -> c:\windows\Installer\{F754BC24-2C04-F76E-C403-0175F0954560}\ARPPRODUCTICON.exe [HKCR\Installer\Products\43DA8201A8BE6314A93972CF06DFA004] : Epson Software Updater -> C:\Windows\Installer\{1028AD34-EB8A-4136-9A93-27FC60FD0A40}\icon.ico [HKCR\Installer\Products\476F72FFE1282AB489B5DD5F932CDC30] : HP Support Assistant -> C:\windows\Installer\{FF27F674-821E-4BA2-985B-DDF539C2CD03}\ARPPRODUCTICON.exe [HKCR\Installer\Products\48D76F9207A3E65408A62503B12070B0] : Nero Effects Basic -> C:\Windows\Installer\{29F67D84-3A70-456E-806A-52301B02070B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\48ECD185849119844A7A1A22C21C735C] : Nero RescueAgent -> C:\Windows\Installer\{581DCE84-1948-4891-A4A7-A1222CC137C5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\49F5A7C59E20D5C45A491B1F805669A5] : AntimalwareEngine -> C:\Windows\Installer\{5C7A5F94-02E9-4C5D-A594-B1F10865965A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4A3497DE0FF26904BBAEEDC32C603E4D] : Nero Express -> C:\Windows\Installer\{ED7943A4-2FF0-4096-BBEA-DE3CC206E3D4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4B4FA6E101901284BC028FDFA70AC9BC] : CCC Help Russian -> c:\windows\Installer\{1E6AF4B4-0910-4821-CB20-F8FD7AA09CCB}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4BB780764B91961CE325B2DE97D6A83B] : CCC Help Swedish -> c:\windows\Installer\{67087BB4-19B4-C169-3E52-2BED796D8AB3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468110190F] : Java 8 Update 191 (64-bit) -> C:\Program Files\Java\jre1.8.0_191\\bin\javaws.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468120100F] : Java 8 Update 201 (64-bit) -> C:\Program Files\Java\jre1.8.0_201\\bin\javaws.exe [HKCR\Installer\Products\4FC967F53625B7C4EA2B0CA637EA4482] : AMD Catalyst Install Manager -> c:\windows\Installer\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}\ARPPRODUCTICON.exe [HKCR\Installer\Products\514D163353AB34143B10669119AB2691] : MyEpson Portal [HKCR\Installer\Products\5173F3A735977424B8C5D53050B0E99A] : [HKCR\Installer\Products\51CC87AF09F9B344AB166A56590F4623] : Nero Burning ROM Help (CHM) [HKCR\Installer\Products\51E3D52DDBACc0246BC2071C5CEE36DF] : [HKCR\Installer\Products\52744B0D6663D294EB6F85A741DBB99D] : MSVCRT_amd64 [HKCR\Installer\Products\554590D7179DC4D4E9DFA96F6A85F4A3] : Bing Bureau -> C:\Windows\Installer\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}\icon.ico [HKCR\Installer\Products\59F8EFDCF08F5114C9F3E0F18D9F5FC8] : Nero ControlCenter Help (CHM) [HKCR\Installer\Products\67BCB71E42995DB46B6D053D04B7E447] : Nero Disc Menus Basic -> C:\Windows\Installer\{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}\ARPPRODUCTICON.exe [HKCR\Installer\Products\69A46712847638B4987EA70536FB51C6] : Movie Maker [HKCR\Installer\Products\6D6E41E65713A1E49B43AC5B8A3676DC] : HP Postscript Converter [HKCR\Installer\Products\6D8C9B2FC96C7AB4592D661F6CD851AD] : Nero Burning ROM -> C:\Windows\Installer\{F2B9C8D6-C69C-4BA7-95D2-66F1C68D15DA}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6F0F2169451A2A94C9BC1A1CAA757D91] : Nero MediaHome -> C:\Windows\Installer\{9612F0F6-A154-49A2-9CCB-A1C1AA57D719}\NeroKwikMedia._63C8A7B0BBE5459F9AC436392B2FF50D.exe [HKCR\Installer\Products\6FB31B48FA7FE891E077CD4A20B7D991] : CCC Help Japanese -> c:\windows\Installer\{84B13BF6-F7AF-198E-0E77-DCA4027B9D19}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7040BB568CC47CD459E2E3FEFD5006A2] : Nero Update -> C:\Windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\70916FFBD2AA62A36866899D656AA2CB] : Visual C++ 10.0 CRT (x64) [HKCR\Installer\Products\7751D938514598C6662415D5FF6E34F2] : CCC Help Czech -> c:\windows\Installer\{839D1577-5415-6C89-6642-515DFFE6432F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10 [HKCR\Installer\Products\7E6A666A15A3982E55B9FB436830A6FB] : CCC Help Turkish -> c:\windows\Installer\{A666A6E7-3A51-E289-559B-BF3486036ABF}\ARPPRODUCTICON.exe [HKCR\Installer\Products\807E9EB00CD53694C9DFA05A9190E097] : Junk Mail filter update [HKCR\Installer\Products\81685BD51207056CEEA885DCF1AA599F] : CCC Help Thai -> c:\windows\Installer\{5DB58618-7021-C650-EE8A-58CD1FAA95F9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\82B365C9C2123924D9CB1434D9D7538D] : Nero Burning Core [HKCR\Installer\Products\87C5115D22D286645A2EC678ED3DDEB1] : Nero Launcher -> C:\Windows\Installer\{D5115C78-2D22-4668-A5E2-6C87DED3ED1B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8A0AC2C8BA1EBE14CB8A60085B2D2C29] : [HKCR\Installer\Products\8C1B7B2BB8C7C674EBC24079135C9529] : HP Support Information [HKCR\Installer\Products\8C6252E28A15BE6F289876788E08EC72] : Catalyst Control Center Localization All -> c:\windows\Installer\{2E2526C8-51A8-F6EB-8289-6787E880CE27}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8CDD41E806AE81E43B3E917301D4B5AD] : MSVCRT110 [HKCR\Installer\Products\90EA1E6ED6B108D44AF2A20EAE44D85E] : Nero 2014 -> C:\Windows\Installer\{E6E1AE09-1B6D-4D80-A42F-2AE0EA448DE5}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9117FFF58E47E24479E005AB8DD13517] : AdAwareUpdater -> C:\Windows\Installer\{5FFF7119-74E8-442E-970E-50BAD81D5371}\ARPPRODUCTICON.exe [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : AVG Update Helper [HKCR\Installer\Products\9698AD63DCD4FF8498A4B63D3906053C] : Nero Blu-ray Player Help (CHM) [HKCR\Installer\Products\978C8F77DC88541449A545C153822558] : Apple Mobile Device Support -> C:\Windows\Installer\{77F8C879-88CD-4145-945A-541C35285285}\Installer.ico [HKCR\Installer\Products\985E2342652631540BFBFE8A3E525D0F] : Nero SharedVideoCodecs [HKCR\Installer\Products\9AB6048E74D526A4803C57E96A7722A9] : AMD VISION Engine Control Center -> c:\windows\Installer\{E8406BA9-5D47-4A62-08C3-759EA677229A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9BB40EA6554ADE618560CDBF1B54506D] : CCC Help Dutch -> c:\windows\Installer\{6AE04BB9-A455-16ED-5806-DCFBB14505D6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9BEBFD6755E96CC89BA9C9FECA75A3F1] : CCC Help Spanish -> c:\windows\Installer\{76DFBEB9-9E55-8CC6-B99A-9CEFAC573A1F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\A14242ED49C7DCF4AB6B321AB8FA33B1] : IRISmart File -> C:\Windows\Installer\{DE24241A-7C94-4FCD-BAB6-23A18BAF331B}\icon.ico [HKCR\Installer\Products\A144A7CAF3536F57A6ABB39F18165B03] : CCC Help Greek -> c:\windows\Installer\{AC7A441A-353F-75F6-6ABA-3BF98161B530}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A457E48A54AE13A44A5D751DAE71065D] : Nero Disc to Device [HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT [HKCR\Installer\Products\A7F8C4BA670B90F4EB91F0048D979009] : Serif PagePlus X9 (32 bits) -> C:\Windows\Installer\{AB4C8F7A-B076-4F09-BE19-0F40D8790990}\PagePlus.ico [HKCR\Installer\Products\AFD610DD4DDE4F648B74B69027E4AC59] : OUTDATEfighter -> C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B00515F844CCB7146B4A2F49BC922AB9] : STOPzilla AntiMalware -> C:\Windows\Installer\{8F51500B-CC44-417B-B6A4-F294CB29A29B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B22D7FC0C7792B3429910E0371BFCAD6] : Nero Recode Help (CHM) [HKCR\Installer\Products\B4EB76DD26E75124FA3A1F328A003A98] : Movie Maker [HKCR\Installer\Products\B53D8DDDAEDECF5498034C490BE224FF] : PagePlusX7ContentDeclaration [HKCR\Installer\Products\B8F487C80D9895A40A00E7FE21E95147] : Jing [HKCR\Installer\Products\B9FB157332F56794AA26B14F7D19CDEF] : Photo Common [HKCR\Installer\Products\BF01119B4B33B864092CD4E5A83EAF1E] : Bonjour -> C:\Windows\Installer\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}\Bonjour.ico [HKCR\Installer\Products\BFCE53DD59C5B893ACAF5B8E8831363C] : CCC Help Italian -> c:\windows\Installer\{DD35ECFB-5C95-398B-CAFA-B5E8881363C3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C06B776A7079C9D4BAC9FB58A68023CA] : Reasonable NoClone 2014 -> C:\Windows\Installer\{A677B60C-9707-4D9C-AB9C-BF856A0832AC}\_112D608FD02CD87FDC7735.exe [HKCR\Installer\Products\C0DCA5F5454A7A232E60EE981B151082] : CCC Help Danish -> c:\windows\Installer\{5F5ACD0C-A454-32A7-E206-EE89B1510128}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C1AD664E7B937AF4895FB3970179C6D3] : Google Earth Pro -> C:\Windows\Installer\{E466DA1C-39B7-4FA7-98F5-3B7910976C3D}\MainIcon.ico [HKCR\Installer\Products\C5D52DA5318CB641F40B6765F187577B] : CCC Help Hungarian -> c:\windows\Installer\{5AD25D5C-C813-146B-4FB0-76561F7875B7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C8454747654E8184E80DA4F100FE771A] : Catalyst Control Center - Branding -> c:\windows\Installer\{7474548C-E456-4818-8ED0-4A1F00EF77A1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C8F2F80333D922B4A8C69D1CD3EB8F6C] : Apple Application Support (32 bits) -> C:\Windows\Installer\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}\WinInstall.ico [HKCR\Installer\Products\CA87E0DB5A45A924AB3F921D9A542AC0] : Nero Video -> C:\Windows\Installer\{BD0E78AC-54A5-429A-BAF3-29D1A945A20C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CC599AF0948C55741BB44540CC57CD42] : Energy Star -> c:\windows\Installer\{0FA995CC-C849-4755-B14B-5404CC75DC24}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\CD71EB902D9582DF73D1CD0EEA67EC57] : CCC Help Korean -> c:\windows\Installer\{09BE17DC-59D2-FD28-371D-DCE0AE76CE75}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D276F30548C6A844F8F8B43CA58C4314] : AMD APP SDK Runtime -> c:\windows\Installer\{503F672D-6C84-448A-8F8F-4BC35AC83441}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D43EEBEB2A48DDE4B8AE69CC45732136] : Nero Core Components [HKCR\Installer\Products\D7A48BC0796962548A9106BF50E0F850] : Apple Application Support (64 bits) -> C:\Windows\Installer\{0CB84A7D-9697-4526-A819-60FB050E8F05}\WinInstall.ico [HKCR\Installer\Products\D85C4CB1627DB271ADC2BB6EEAD5BE67] : CCC Help Finnish -> c:\windows\Installer\{1BC4C58D-D726-172B-DA2C-BBE6AE5DEB76}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D95C25420415A9A49AF79B529360911E] : Silent Install Builder 5 -> C:\Windows\Installer\{2452C59D-5140-4A9A-A97F-B925390619E1}\app_icon.ico [HKCR\Installer\Products\DC0F5235C2B8AB045B79983ABF908BC3] : Morae Manager [HKCR\Installer\Products\E196EF2AE8F303E4AAD7FF71CA77AE78] : Nero Blu-ray Player -> C:\Windows\Installer\{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E2FB0A7ACC133E949931255C30BE69D9] : Nero Audio Pack 1 -> C:\Windows\Installer\{A7A0BF2E-31CC-49E3-9913-52C503EB969D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E66BAA708174D2242981A4BFC329A217] : Photo Gallery [HKCR\Installer\Products\E98A9095F79CC704EAB274DBDE68FBD5] : Prerequisite installer -> C:\Windows\Installer\{5909A89E-C97F-407C-AE2B-47BDED86BF5D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EAA8AC57643521349A8AC58F995539F0] : Nero MediaHome Help (CHM) [HKCR\Installer\Products\EB3FC7A1A4D0FD33FD9D284478273656] : CCC Help German -> c:\windows\Installer\{1A7CF3BE-0D4A-33DF-DFD9-824487726365}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EDA7A36FE7054494C9478839AB1E7182] : STOPzilla AntiVirus -> C:\Windows\Installer\{F63A7ADE-507E-4944-9C74-8893BAE11728}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EE6884B559A5752C6AF8D2ACED742A37] : CCC Help Norwegian -> c:\windows\Installer\{5B4886EE-5A95-C257-A68F-2DCADE47A273}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EFE689CFCCA0DC443BF4245CCDAF8700] : [HKCR\Installer\Products\F187AF9E08E3993428A5DAE3112CC877] : MSVCRT110_amd64 [HKCR\Installer\Products\F218391F0C38DEC3E1EDEB5252623730] : CCC Help Chinese Traditional -> c:\windows\Installer\{F193812F-83C0-3CED-1EDE-BE2525267303}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F2266EE2CA2A6AE4E80927881F43C828] : Serif DrawPlus X8 (32 bits) -> C:\Windows\Installer\{2EE6622F-A2AC-4EA6-8E90-7288F1348C82}\DrawPlus.ico [HKCR\Installer\Products\F5ED6BFBAEB9BBF15348C28736C95EA9] : CCC Help Polish -> c:\windows\Installer\{BFB6DE5F-9BEA-1FBB-3584-2C78639CE59A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F65865963B6B0EB4ABB0F894B53E0233] : Apple Software Update -> C:\Windows\Installer\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}\Installer.ico [HKCR\Installer\Products\F9F64AC4C4716674E92A3252FD14B4E9] : Nero Express Help (CHM) [HKCR\Installer\Products\FA3D6445060B6B9459533F001E350222] : Nero Video Help (CHM) [HKCR\Installer\Products\FBA33E01BF7D74F409A0973758A44BA5] : Adobe AIR [HKCR\Installer\Products\FD91ED4468AAA794C9ACF4250DFB9F8A] : AdAwareInstaller -> C:\Windows\Installer\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FF43541064D177A4B98492FE1D5499B5] : AntiLogger [HKCR\Installer\Products\FF43B934E47F70845B2EB4575815ADB6] : Galerie de photos ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : Impossible to extract !!!!! ---------- | 20 LastEventLog taskhostex (4600) Une tentative d'ouverture du fichier "C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" pour accès en lecture seule a échoué en indiquant l'erreur système 32 (0x00000020) : "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur -1032 (0xfffffbf8). ------------ Le programme FreeFileSync_x64.exe version 9.1.0.0 a cessé d’interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l’historique du problème dans le Centre de maintenance. ID de processus : 3d8 Heure de début : 01d4e16bf5574b31 Heure de fin : 31 Chemin d’accès de l’application : C:\Program Files\FreeFileSync\Bin\FreeFileSync_x64.exe ID de rapport : 8722936b-4d6a-11e9-bf0b-4c72b9f956a2 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante SoftwareUpdate.exe, version : 2.1.1.116, horodatage : 0x488a4f1f Nom du module défaillant : ScriptingObjectModel.dll, version : 2.1.1.116, horodatage : 0x488a4efe Code d’exception : 0xc0000005 Décalage d’erreur : 0x00002f91 ID du processus défaillant : 0xe54 Heure de début de l’application défaillante : 0x01d4dede1bd69f08 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Apple Software Update\ScriptingObjectModel.dll ID de rapport : 637d5551-4ad1-11e9-bf0b-4c72b9f956a2 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ taskhostex (2236) Une tentative d'ouverture du fichier "C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" pour accès en lecture seule a échoué en indiquant l'erreur système 32 (0x00000020) : "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur -1032 (0xfffffbf8). ------------ Nom de l’application défaillante explorer.exe, version : 6.2.9200.16628, horodatage : 0x51a94434 Nom du module défaillant : ntdll.dll, version : 6.2.9200.17581, horodatage : 0x5644f0f7 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000005491 ID du processus défaillant : 0x864 Heure de début de l’application défaillante : 0x01d4daabe1310b08 Chemin d’accès de l’application défaillante : C:\Windows\explorer.exe Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : bdd992e0-47e3-11e9-bf0b-4c72b9f956a2 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ taskhostex (2668) Une tentative d'ouverture du fichier "C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" pour accès en lecture seule a échoué en indiquant l'erreur système 32 (0x00000020) : "Le processus ne peut pas accéder au fichier car ce fichier est utilisé par un autre processus. ". L'opération d'ouverture de fichier échouera en indiquant l'erreur -1032 (0xfffffbf8). ------------ Nom de l’application défaillante TeraCopy.exe, version : 3.2.6.0, horodatage : 0x59e4905e Nom du module défaillant : KERNELBASE.dll, version : 6.2.9200.16864, horodatage : 0x531d2be6 Code d’exception : 0xc000041d Décalage d’erreur : 0x00010f22 ID du processus défaillant : 0x4b8 Heure de début de l’application défaillante : 0x01d4da8bf0cc53b0 Chemin d’accès de l’application défaillante : C:\Program Files\TeraCopy\TeraCopy.exe Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\KERNELBASE.dll ID de rapport : 33e39085-467f-11e9-bf0a-4c72b9f956a2 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante TeraCopy.exe, version : 3.2.6.0, horodatage : 0x59e4905e Nom du module défaillant : KERNELBASE.dll, version : 6.2.9200.16864, horodatage : 0x531d2be6 Code d’exception : 0x0eedfade Décalage d’erreur : 0x00010f22 ID du processus défaillant : 0x4b8 Heure de début de l’application défaillante : 0x01d4da8bf0cc53b0 Chemin d’accès de l’application défaillante : C:\Program Files\TeraCopy\TeraCopy.exe Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\KERNELBASE.dll ID de rapport : 30867caa-467f-11e9-bf0a-4c72b9f956a2 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante TeraCopy.exe, version : 3.2.6.0, horodatage : 0x59e4905e Nom du module défaillant : KERNELBASE.dll, version : 6.2.9200.16864, horodatage : 0x531d2be6 Code d’exception : 0xc000041d Décalage d’erreur : 0x00010f22 ID du processus défaillant : 0x1f88 Heure de début de l’application défaillante : 0x01d4da8b349cbdf8 Chemin d’accès de l’application défaillante : C:\Program Files\TeraCopy\TeraCopy.exe Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\KERNELBASE.dll ID de rapport : 7a1bb426-467e-11e9-bf0a-4c72b9f956a2 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante TeraCopy.exe, version : 3.2.6.0, horodatage : 0x59e4905e Nom du module défaillant : KERNELBASE.dll, version : 6.2.9200.16864, horodatage : 0x531d2be6 Code d’exception : 0x0eedfade Décalage d’erreur : 0x00010f22 ID du processus défaillant : 0x1f88 Heure de début de l’application défaillante : 0x01d4da8b349cbdf8 Chemin d’accès de l’application défaillante : C:\Program Files\TeraCopy\TeraCopy.exe Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\KERNELBASE.dll ID de rapport : 75630e39-467e-11e9-bf0a-4c72b9f956a2 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Impossible de fermer l’application ou le service « Explorateur Windows ». ------------ Nom de l’application défaillante RestoroUI.exe, version : 3.0.1.1, horodatage : 0x5bfa931e Nom du module défaillant : RestoroUI.exe, version : 3.0.1.1, horodatage : 0x5bfa931e Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000001164d3 ID du processus défaillant : 0xbc4 Heure de début de l’application défaillante : 0x01d4da860f444406 Chemin d’accès de l’application défaillante : C:\Program Files\Restoro\bin\RestoroUI.exe Chemin d’accès du module défaillant: C:\Program Files\Restoro\bin\RestoroUI.exe ID de rapport : 6a1ec64a-4679-11e9-bf0a-4c72b9f956a2 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante RestoroUI.exe, version : 3.0.1.1, horodatage : 0x5bfa931e Nom du module défaillant : RestoroUI.exe, version : 3.0.1.1, horodatage : 0x5bfa931e Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000001164d3 ID du processus défaillant : 0x11d4 Heure de début de l’application défaillante : 0x01d4da41dd1aff3f Chemin d’accès de l’application défaillante : C:\Program Files\Restoro\bin\RestoroUI.exe Chemin d’accès du module défaillant: C:\Program Files\Restoro\bin\RestoroUI.exe ID de rapport : 1f29345d-4635-11e9-bf0a-4c72b9f956a2 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ svchost (1584) SRUJet: L'Erreur -1811 (0xfffff8ed) s'est produite lors de l'ouverture du fichier journal C:\Windows\system32\SRU\SRU0001D.log. ------------ Nom de l’application défaillante SoftwareUpdate.exe, version : 2.1.1.116, horodatage : 0x488a4f1f Nom du module défaillant : ScriptingObjectModel.dll, version : 2.1.1.116, horodatage : 0x488a4efe Code d’exception : 0xc0000005 Décalage d’erreur : 0x00002f91 ID du processus défaillant : 0x16fc Heure de début de l’application défaillante : 0x01d4d9c153e1be13 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe Chemin d’accès du module défaillant: C:\Program Files (x86)\Apple Software Update\ScriptingObjectModel.dll ID de rapport : 0313cabf-45b5-11e9-bf0a-4c72b9f956a2 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Product: Boost -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one. ------------ Product: Boost -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one. ------------ Product: Boost -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one. ------------ Product: Boost -- Error 1500. Another installation is in progress. You must complete that installation before continuing this one. ------------ ----------( EOF)---------- - 9398 | 19:54:41