--------------- QuickDiag | g3n-h@ckm@n | V5_27.02.19.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 26/03/2019 18:51:59 Updated 27/02/2019 | 11:10 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [EFM_UEFM_Barrow_U (Administrator)] - [DESKTOP-810DT5O] (S-1-5-21-3534096643-12334864-2903717510-1001) System: Microsoft Windows 10 Famille - - (10.0.16299) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1709) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\Windows|\Device\Harddisk0\Partition3 Boot : Normal boot PC: Galaxy Book 12 - SAMSUNG ELECTRONICS CO., LTD. - IdNumber: 14SWR52K30000M - UUID: 5980687F-811A-184B-3137-323830144125 Processor : X64 - 2712 Mhz - Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz P04HAC.000.180220.WY.1219 - - American Megatrends Inc. - S/N: 14SWR52K30000M - P04HAC.000.180220.WY.1219 - SECCSD - 1072009 CoreTemp : 29.8 Celsius ----------| Extended ---------- | SoundDevice Realtek High Definition Audio(SST) - Status: OK - Manufacturer: Realtek - PNPDeviceID: INTELAUDIO\FUNC_01&VEN_10EC&DEV_0298&SUBSYS_144DC14F&REV_1001\4&831CEBE&0&0001 Son Intel(R) pour écrans - Status: OK - Manufacturer: Intel(R) Corporation - PNPDeviceID: INTELAUDIO\FUNC_01&VEN_8086&DEV_280B&SUBSYS_80860101&REV_1000\4&831CEBE&0&0201 ---------- | Video Intel(R) HD Graphics 620 - Resolution: 2160x1440 - Colors: 4294967296 - RefreshRate: 59 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igdumdim64.dll,C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igd10iumd64.dll,C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igd10iumd64.dll,C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igd12umd64.dll - PNPDeviceID: PCI\VEN_8086&DEV_5916&SUBSYS_C14F144D&REV_02\3&11583659&0&10 - AdapterCompatibility: Intel Corporation - RAM: 1073741824 Inegrated Video Chipset DeviceName: Intel(R) HD Graphics 620 - DriverVersion: 25.20.100.6518 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 33296 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 28672 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\prodad-codec.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 607256 - Manufacturer: proDAD GmbH - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 84480 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34864 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25400 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42480 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:81 % CPU #2 value:57 % CPU #3 value:81 % CPU #4 value:93 % Total Overall CPU Usage value:78 % ---------- | Network Qualcomm Atheros QCA61x4A Wireless Network Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec Teredo Tunneling Pseudo-Interface : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:78 bytes/sec, / RECEIVE Maximum:0 bytes/sec Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Bluetooth Device (RFCOMM Protocol TDI) - - Microsoft - Status: - PnPID : BTH\MS_RFCOMM\6&33BA06B4&0&0 Bluetooth Device (Personal Area Network) - Ethernet 802.3 - Microsoft - Status: - PnPID : BTH\MS_BTHPAN\6&33BA06B4&0&3 Qualcomm Atheros QCA61x4A Wireless Network Adapter - Ethernet 802.3 - Qualcomm Atheros Communications Inc. - Status: - PnPID : PCI\VEN_168C&DEV_003E&SUBSYS_C14F144D&REV_32\4&2071B281&0&00E0 Microsoft Wi-Fi Direct Virtual Adapter - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&18E1F328&0&11 Generic Mobile Broadband Adapter - - - Status: - PnPID : WAN Miniport (SSTP) - - - Status: - PnPID : WAN Miniport (IKEv2) - - - Status: - PnPID : WAN Miniport (L2TP) - - - Status: - PnPID : WAN Miniport (PPTP) - - - Status: - PnPID : WAN Miniport (PPPOE) - - - Status: - PnPID : WAN Miniport (IP) - - - Status: - PnPID : WAN Miniport (IPv6) - - - Status: - PnPID : WAN Miniport (Network Monitor) - - - Status: - PnPID : Teredo Tunneling Pseudo-Interface - Tunnel - Microsoft - Status: - PnPID : SWD\IP_TUNNEL_VBUS\TEREDO_TUNNEL_DEVICE ---------- | Memory RAM = Total (MB) : 4094 | Free (MB) : 572 Pagefile = Total (MB) : 11030 | Free (MB) : 2407 Virtual = Total (MB) : 4194 | Free (MB) : 3864 Physical Memory 0 : Capacity: 2147483648 - ChannelA-DIMM0 - Posit.: 1 - Manufacturer: Samsung - PartNumber: K3QF3F30BM-AGCF - S/N: 55000000 Physical Memory 1 : Capacity: 2147483648 - ChannelB-DIMM0 - Posit.: 2 - Manufacturer: Samsung - PartNumber: K3QF3F30BM-AGCF - S/N: 55000000 ---------- | SID Users Administrateur : [S-1-5-21-3534096643-12334864-2903717510-500] DefaultAccount : [S-1-5-21-3534096643-12334864-2903717510-503] EFM_UEFM_Barrow_U : [S-1-5-21-3534096643-12334864-2903717510-1001] Invité : [S-1-5-21-3534096643-12334864-2903717510-501] WDAGUtilityAccount : [S-1-5-21-3534096643-12334864-2903717510-504] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [] | Total : 107.22 Go | Free : 11.74 Go -> NTFS (SSD) [SATA] D:\ -> [Removable] | [] | Total : 235.65 Go | Free : 77.41 Go -> NTFS [USB] E:\ -> [Removable] | [1tb microsd] | Total : 976.53 Go | Free : 675.98 Go -> exFAT [USB] G:\ -> [Removable] | [] | Total : 0.09 Go | Free : 0.07 Go -> FAT32 [USB] H:\ -> [Removable] | [PARTED MAGI] | Total : 57.89 Go | Free : 18.75 Go -> FAT32 [USB] I:\ -> [Removable] | [COMPANION wintobootic] | Total : 30.03 Go | Free : 2.08 Go -> NTFS [USB] K:\ -> [Removable] | [SAND MEMTES] | Total : 14.26 Go | Free : 0.77 Go -> FAT32 [USB] Disk Usage Information [6 total Physical Disks] Physical Drive #0 [C:] : Read:0 bytes/sec, Written:1,027,198 bytes/sec Max Read:0 bytes/sec, Max Write:1,027,198 bytes/sec Physical Drive #1 [D:, G:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #3 [I:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #4 [K:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #5 [H:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [E:] : Read:0 bytes/sec, Written:20,870,070 bytes/sec Max Read:0 bytes/sec, Max Write:20,870,070 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:20,870,070 bytes/sec DeviceID: \\.\PHYSICALDRIVE5 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_ULTRA_FIT&REV_1.00\4C530001130911114113&0 DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 5 Part. - PnPID : SCSI\DISK&VEN_LITEON&PROD_CV3-8D128\4&1984797D&0&000100 DeviceID: \\.\PHYSICALDRIVE4 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_ULTRA&REV_1.00\4C531001630616108350&0 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - Removable Media - 2 Part. - PnPID : USBSTOR\DISK&VEN_VERBATIM&PROD_USB_EXTERNAL_SSD&REV_PMAP\070774E5413EF145&0 DeviceID: \\.\PHYSICALDRIVE3 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERAL&PROD_USB_FLASH_DISK&REV_1100\0116000000008682&0 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_STORAGE_DEVICE&REV_0903\000000000903&0 ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Test 2 : Windows Is NOT Activated Volume License ---------- | Browsers IE : 11.0.16299.371 (© Microsoft Corporation. Tous droits réservés.) Default : "C:\Program Files\Internet Explorer\iexplore.exe" ---------- | FlashPlayer FlashPlayer ActiveX : 32.0.0.156 ---------- | Security AV : Windows Defender Disabled FW : COMODO Firewall Enabled WMI : OK WU: Windows Update Service [Auto(2)] = stopped AS: Windows Defender [Auto(2)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 528 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.16299.936) = C:\Windows\System32\smss.exe [15/03/2019 05:49:39] CPU Usage:0 % 772 | [Owner : Système | Parent : 764(ctfmon.exe) | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.16299.15) = C:\Windows\System32\csrss.exe [29/09/2017 14:41:43] CPU Usage:0 % 856 | [Owner : Système | Parent : 764(ctfmon.exe) | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.16299.15) = C:\Windows\System32\wininit.exe [29/09/2017 14:41:43] CPU Usage:0 % 868 | [Owner : Système | Parent : 848() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.16299.15) = C:\Windows\System32\csrss.exe [29/09/2017 14:41:43] CPU Usage:0 % 928 | [Owner : Système | Parent : 856(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.16299.699) = C:\Windows\System32\services.exe [15/03/2019 05:50:07] CPU Usage:0 % 940 | [Owner : Système | Parent : 856(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.16299.755) = C:\Windows\System32\lsass.exe [15/03/2019 05:49:30] CPU Usage:0 % 1016 | [Owner : Système | Parent : 848() | 2.41 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.16299.696) = C:\Windows\System32\winlogon.exe [15/03/2019 05:50:05] CPU Usage:0 % 560 | [Owner : UMFD-1 | Parent : 1016(winlogon.exe) | 4.61 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.16299.1004) = C:\Windows\System32\fontdrvhost.exe [15/03/2019 05:50:24] CPU Usage:0 % 664 | [Owner : UMFD-0 | Parent : 856(wininit.exe) | 1.5 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.16299.1004) = C:\Windows\System32\fontdrvhost.exe [15/03/2019 05:50:24] CPU Usage:0 % 668 | [Owner : Système | Parent : 928(services.exe) | 0.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1052 | [Owner : Système | Parent : 928(services.exe) | 15.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1112 | [Owner : SERVICE RÉSEAU | Parent : 928(services.exe) | 12.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1168 | [Owner : Système | Parent : 928(services.exe) | 4.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1264 | [Owner : DWM-1 | Parent : 1016(winlogon.exe) | 66.96 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.16299.15) = C:\Windows\System32\dwm.exe [29/09/2017 14:41:41] CPU Usage:7 % 1348 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 3.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1376 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 2.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1420 | [Owner : Système | Parent : 928(services.exe) | 0.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1444 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 2.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1564 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 2.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1596 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 7.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1604 | [Owner : Système | Parent : 928(services.exe) | 7.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1672 | [Owner : Système | Parent : 928(services.exe) | 4.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1716 | [Owner : Système | Parent : 928(services.exe) | 1.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1752 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 1.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1992 | [Owner : Système | Parent : 928(services.exe) | 1.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2000 | [Owner : Système | Parent : 928(services.exe) | 4.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2040 | [Owner : Système | Parent : 928(services.exe) | 2.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1232 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 7.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2140 | [Owner : Système | Parent : 928(services.exe) | 0.48 Mo] - (.Intel Corporation - igfxCUIService Module.) - (6.15.100.6518) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igfxCUIService.exe [15/03/2019 04:58:37] CPU Usage:0 % 2164 | [Owner : Système | Parent : 928(services.exe) | 1.11 Mo] - (.Code Sector - TeraCopy Service.) - (3.0.0.0) = C:\Program Files\TeraCopy\TeraCopyService.exe [15/03/2019 09:28:15] CPU Usage:0 % 2248 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 3.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2312 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 0.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2400 | [Owner : Système | Parent : 928(services.exe) | 8.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2428 | [Owner : SERVICE RÉSEAU | Parent : 928(services.exe) | 3.39 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2588 | [Owner : Système | Parent : 928(services.exe) | 0.94 Mo] - (.Samsung Electronics Co.,Ltd. - Samsung Radio Control Delegation Service executable.) - (2.3.0.7) = C:\Windows\System32\RCDService.exe [13/11/2017 02:29:37] CPU Usage:0 % 2596 | [Owner : Système | Parent : 928(services.exe) | 1.28 Mo] - (.-.) - (0.0.0.0) = C:\Windows\System32\PanelManagerSvc.exe [12/05/2017 03:42:25] CPU Usage:0 % 2608 | [Owner : Système | Parent : 928(services.exe) | 1.5 Mo] - (.- SafiService.) - (1.0.0.7) = C:\Windows\System32\DriverStore\FileRepository\safidrv.inf_amd64_0e89535d35916282\SafiService.exe [11/10/2017 03:42:25] CPU Usage:0 % 2616 | [Owner : Système | Parent : 928(services.exe) | 2.88 Mo] - (.- SamsungPenService.) - (1.0.33.0) = C:\Program Files (x86)\Samsung\Air Command\SamsungPenService.exe [28/09/2017 01:42:25] CPU Usage:0 % 2764 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 4.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2872 | [Owner : Système | Parent : 928(services.exe) | 12.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2948 | [Owner : Système | Parent : 928(services.exe) | 3.37 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:5 % 2956 | [Owner : Système | Parent : 928(services.exe) | 1.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2968 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 3.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3104 | [Owner : Système | Parent : 928(services.exe) | 1.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3112 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 3.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3216 | [Owner : SERVICE RÉSEAU | Parent : 928(services.exe) | 3.63 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3408 | [Owner : EFM_UEFM_Barrow_U | Parent : 2000(svchost.exe) | 18.9 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.16299.15) = C:\Windows\System32\sihost.exe [29/09/2017 14:41:31] CPU Usage:0 % 3424 | [Owner : EFM_UEFM_Barrow_U | Parent : 928(services.exe) | 6.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3552 | [Owner : Système | Parent : 928(services.exe) | 5.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3564 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 8.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3600 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 1.57 Mo] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.8833) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [10/10/2017 17:44:45] CPU Usage:0 % 3884 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 0.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3892 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 2.65 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4016 | [Owner : EFM_UEFM_Barrow_U | Parent : 2608(SafiService.exe) | 3.87 Mo] - (.- SafiAgent.) - (1.0.0.7) = C:\Windows\System32\DriverStore\FileRepository\safidrv.inf_amd64_0e89535d35916282\SafiAgent.exe [11/10/2017 03:42:24] CPU Usage:0 % 4044 | [Owner : Système | Parent : 928(services.exe) | 7.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1876 | [Owner : Système | Parent : 928(services.exe) | 12.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4136 | [Owner : EFM_UEFM_Barrow_U | Parent : 928(services.exe) | 15.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4176 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 4.52 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4276 | [Owner : EFM_UEFM_Barrow_U | Parent : 4212() | 61.28 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.16299.637) = C:\Windows\explorer.exe [15/03/2019 05:50:30] CPU Usage:0 % 4460 | [Owner : Système | Parent : 928(services.exe) | ?????] - (.AVAST Software - Avast Service.) - (19.3.4241.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe [15/03/2019 05:28:52] CPU Usage:0 % 4468 | [Owner : Système | Parent : 928(services.exe) | 2.29 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4512 | [Owner : EFM_UEFM_Barrow_U | Parent : 1604(svchost.exe) | 9.02 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.16299.15) = C:\Windows\System32\taskhostw.exe [29/09/2017 14:42:01] CPU Usage:0 % 4632 | [Owner : Système | Parent : 928(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4980 | [Owner : Système | Parent : 928(services.exe) | 2.56 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.16299.371) = C:\Windows\System32\spoolsv.exe [15/03/2019 05:50:03] CPU Usage:0 % 5016 | [Owner : Système | Parent : 928(services.exe) | 7.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5420 | [Owner : SERVICE RÉSEAU | Parent : 928(services.exe) | 5.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5872 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 12.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4892 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 6.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6148 | [Owner : Système | Parent : 928(services.exe) | 1.79 Mo] - (.Windows (R) Win 7 DDK provider - Windows Setup API.) - (10.0.10011.16384) = C:\Windows\System32\drivers\AdminService.exe [08/11/2017 20:32:08] CPU Usage:0 % 6156 | [Owner : Système | Parent : 928(services.exe) | 5.51 Mo] - (.-.) - (0.0.0.0) = C:\Program Files\abylonsoft\SAKeySafe\SATCtrlSerX64.EXE [21/03/2019 11:01:18] CPU Usage:0 % 6164 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 13.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6192 | [Owner : Système | Parent : 928(services.exe) | 2.84 Mo] - (.Intel Corporation - Intel HD Graphics Drivers for Windows(R).) - (25.20.100.6518) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\IntelCpHDCPSvc.exe [15/03/2019 04:58:39] CPU Usage:0 % 6200 | [Owner : Système | Parent : 928(services.exe) | 0.28 Mo] - (.Hasleo Software - Hasleo BitLocker Anywhere Service Application..) - (1.0.0.1) = C:\Program Files\Hasleo\BitLocker Anywhere\bin\BitlockerAnywhereService.exe [15/03/2019 09:12:46] CPU Usage:0 % 6208 | [Owner : Système | Parent : 928(services.exe) | 16.98 Mo] - (.COMODO - COMODO Internet Security.) - (11.0.0.6802) = C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [04/03/2019 22:39:28] CPU Usage:0 % 6216 | [Owner : Système | Parent : 928(services.exe) | 2.02 Mo] - (.Digital Wave Ltd. - Digital Wave Update Service.) - (1.0.145.124) = C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [15/03/2019 11:53:39] CPU Usage:0 % 6224 | [Owner : Système | Parent : 928(services.exe) | 8.13 Mo] - (.COMODO - COMODO Secure Shopping.) - (1.3.50284.151) = C:\Program Files (x86)\Comodo\COMODO Secure Shopping\csssrv64.exe [15/02/2019 05:48:30] CPU Usage:0 % 6240 | [Owner : SERVICE RÉSEAU | Parent : 928(services.exe) | 7.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6268 | [Owner : Système | Parent : 928(services.exe) | 15.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6276 | [Owner : Système | Parent : 928(services.exe) | 1.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6328 | [Owner : Système | Parent : 928(services.exe) | 0.77 Mo] - (.NewSoftwares.net - Service Application.) - (7.7.1.0) = C:\Windows\SysWOW64\WinFLService.exe [15/03/2019 07:34:12] CPU Usage:0 % 6336 | [Owner : Système | Parent : 928(services.exe) | 3.12 Mo] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Framework.) - (8.5.10103.7263) = C:\Windows\System32\Intel\DPTF\esif_uf.exe [12/01/2017 04:00:30] CPU Usage:0 % 6408 | [Owner : Système | Parent : 928(services.exe) | 2.98 Mo] - (.Samsung Electronics - GripResetService.) - (1.0.0.6) = C:\Windows\System32\GripResetService.exe [07/12/2017 07:05:17] CPU Usage:0 % 6528 | [Owner : Système | Parent : 928(services.exe) | 6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6564 | [Owner : Système | Parent : 928(services.exe) | 2.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6572 | [Owner : Système | Parent : 928(services.exe) | 0.39 Mo] - (.Intel(R) Corporation - Intel(R) TPM Provisioning Service.) - (1.47.715.0) = C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [20/09/2017 16:18:40] CPU Usage:0 % 6620 | [Owner : Système | Parent : 928(services.exe) | 1.06 Mo] - (.Intel - IntelAudioService.) - (1.0.61.0) = C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [15/03/2019 04:50:46] CPU Usage:0 % 6736 | [Owner : Système | Parent : 928(services.exe) | 1.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6760 | [Owner : Système | Parent : 928(services.exe) | 4.95 Mo] - (.COMODO - Internet Security Essentials.) - (1.5.4695.175) = C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe [20/03/2019 13:00:42] CPU Usage:0 % 6848 | [Owner : Système | Parent : 928(services.exe) | 0.6 Mo] - (.Steganos Software GmbH - OkayFreedom.) - (1.8.6.12490) = C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [05/03/2019 10:04:58] CPU Usage:0 % 6856 | [Owner : Système | Parent : 928(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6896 | [Owner : Système | Parent : 928(services.exe) | 1.53 Mo] - (.Paragon Software - Linux File Systems for Windows by Paragon Software service.) - (5.1.0.0) = C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\paragon_service.exe [09/04/2018 18:50:56] CPU Usage:0 % 6972 | [Owner : Système | Parent : 928(services.exe) | 11.74 Mo] - (.- RemoBackUpOBM.) - (1.0.0.0) = C:\Program Files\Remo Backup\RemoBackUpOBM.exe [15/03/2019 19:43:12] CPU Usage:0 % 7040 | [Owner : Système | Parent : 928(services.exe) | 14.1 Mo] - (.- RemoBackupSync.) - (1.0.0.0) = C:\Program Files\Remo Backup\RemoBackupSync.exe [15/03/2019 19:43:12] CPU Usage:0 % 7072 | [Owner : Système | Parent : 928(services.exe) | 2.78 Mo] - (.Remo Software - rsgmpsp.exe.) - (1.0.0.3) = C:\ProgramData\RSG\rsgmpsp.exe [16/03/2019 15:34:24] CPU Usage:0 % 7088 | [Owner : Système | Parent : 928(services.exe) | 9.41 Mo] - (.Samsung Electronics Co., Ltd. - SamsungSystemService.) - (1.0.48.0) = C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemService.exe [29/08/2017 06:42:22] CPU Usage:2 % 7108 | [Owner : Système | Parent : 928(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.12.16299.309) = C:\Windows\System32\SecurityHealthService.exe [15/03/2019 05:49:52] CPU Usage:0 % 4608 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 0.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 144 | [Owner : Système | Parent : 928(services.exe) | 0.64 Mo] - (.SPAMfighter ApS - Fighter Suite Service.) - (3.1.295.0) = C:\Program Files (x86)\Fighters\FighterSuiteService.exe [05/12/2017 10:31:22] CPU Usage:0 % 7192 | [Owner : Système | Parent : 928(services.exe) | 2.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 7232 | [Owner : Système | Parent : 928(services.exe) | 4.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 7256 | [Owner : Système | Parent : 928(services.exe) | 4.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 7288 | [Owner : Système | Parent : 928(services.exe) | 1.18 Mo] - (.Copyright 2018. - Advanced Malware Protection.) - (2.74.0.664) = C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe [15/03/2019 09:28:32] CPU Usage:0 % 8292 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 0.25 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.16299.1004) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe [15/03/2019 05:50:54] CPU Usage:0 % 9204 | [Owner : SERVICE RÉSEAU | Parent : 928(services.exe) | 2.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 10156 | [Owner : Système | Parent : 928(services.exe) | 1.19 Mo] - (.Intel Corporation - IntelCpHeciSvc Executable.) - (9.1.1.1117) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\IntelCpHeciSvc.exe [15/03/2019 04:58:40] CPU Usage:0 % 9776 | [Owner : EFM_UEFM_Barrow_U | Parent : 1604(svchost.exe) | 0.24 Mo] - (.CyberLink Corp. - PDStyleAgent.) - (1.0.0.507) = C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe [23/03/2019 04:50:56] CPU Usage:0 % 764 | [Owner : EFM_UEFM_Barrow_U | Parent : 2040(svchost.exe) | 7.4 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.16299.15) = C:\Windows\System32\ctfmon.exe [29/09/2017 14:42:00] CPU Usage:0 % 8084 | [Owner : Système | Parent : 928(services.exe) | 4.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 10280 | [Owner : Système | Parent : 928(services.exe) | 11.1 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.16299.785) = C:\Windows\System32\SearchIndexer.exe [15/03/2019 05:50:10] CPU Usage:0 % 10768 | [Owner : EFM_UEFM_Barrow_U | Parent : 7088(SamsungSystemService.exe) | 2.94 Mo] - (.Samsung Electronics Co., Ltd. - SamsungSystemAgent.) - (1.0.48.0) = C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemAgent.exe [29/08/2017 06:42:18] CPU Usage:0 % 11312 | [Owner : Système | Parent : 1052(svchost.exe) | 9.42 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.16299.248) = C:\Windows\System32\wbem\WmiPrvSE.exe [15/03/2019 05:49:05] CPU Usage:0 % 12212 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 0.99 Mo] - (.-.) - (8.41.0.54) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe [15/03/2019 00:31:21] CPU Usage:0 % 1456 | [Owner : EFM_UEFM_Barrow_U | Parent : 4276(explorer.exe) | 17.68 Mo] - (.Copyright 2018. - Advanced Malware Protection.) - (2.74.0.664) = C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe [15/03/2019 09:28:32] CPU Usage:4 % 12536 | [Owner : Système | Parent : 928(services.exe) | 0.44 Mo] - (.COMODO - COMODO Internet Security.) - (11.0.0.6802) = C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [04/03/2019 22:32:46] CPU Usage:0 % 12832 | [Owner : Système | Parent : 12536(cmdvirth.exe) | 0.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 13056 | [Owner : Système | Parent : 928(services.exe) | 11.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 12516 | [Owner : SERVICE RÉSEAU | Parent : 12536(cmdvirth.exe) | 0.65 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1728 | [Owner : Système | Parent : 12536(cmdvirth.exe) | 3.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 10880 | [Owner : EFM_UEFM_Barrow_U | Parent : 1604(svchost.exe) | 0.54 Mo] - (.Samsung Electronics Co., Ltd. - S Agent.) - (1.1.5.8) = C:\Program Files\Samsung\S Agent\CommonAgent.exe [23/02/2016 16:40:18] CPU Usage:0 % 1856 | [Owner : Système | Parent : 12536(cmdvirth.exe) | 0.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 9160 | [Owner : EFM_UEFM_Barrow_U | Parent : 7096() | 28.04 Mo] - (.AVAST Software - Avast Antivirus.) - (19.3.4241.496) = C:\Program Files\AVAST Software\Avast\AvastUI.exe [21/03/2019 10:26:57] CPU Usage:0 % 13872 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 1.56 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:2 % 9940 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 7.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 14704 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 2.32 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 14764 | [Owner : EFM_UEFM_Barrow_U | Parent : 928(services.exe) | 0.51 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 15304 | [Owner : Système | Parent : 928(services.exe) | 0.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5116 | [Owner : Système | Parent : 928(services.exe) | 6.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 14616 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 1.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 12624 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 3.66 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 14400 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 2 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 15420 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 8.53 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 15964 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 5.24 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 10600 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 0.69 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 15736 | [Owner : Système | Parent : 928(services.exe) | 4 Mo] - (.Comodo - Comodo Dragon.) - (1.0.0.1) = C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [08/03/2019 08:18:58] CPU Usage:0 % 8280 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 14164 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 39.27 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.16299.637) = C:\Windows\explorer.exe [15/03/2019 05:50:30] CPU Usage:0 % 16068 | [Owner : Système | Parent : 928(services.exe) | 1.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5356 | [Owner : SERVICE RÉSEAU | Parent : 928(services.exe) | 2.77 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 15032 | [Owner : Système | Parent : 928(services.exe) | 1.5 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (11.7.0.1052) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [26/10/2017 09:12:08] CPU Usage:0 % 14152 | [Owner : Système | Parent : 928(services.exe) | 1.77 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 13916 | [Owner : Système | Parent : 928(services.exe) | 0.72 Mo] - (.Microsoft Corporation - sedsvc.) - (10.0.17134.10024) = C:\Program Files\rempl\sedsvc.exe [16/03/2019 10:06:48] CPU Usage:0 % 7852 | [Owner : Système | Parent : 928(services.exe) | 1.02 Mo] - (.Samsung Electronics Co., Ltd. - WLAN SAR Service.) - (1.0.0.7) = C:\Windows\System32\WlSarService.exe [19/05/2017 08:38:06] CPU Usage:0 % 16040 | [Owner : Système | Parent : 928(services.exe) | 7.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:2 % 12912 | [Owner : Système | Parent : 928(services.exe) | 2.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2480 | [Owner : EFM_UEFM_Barrow_U | Parent : 6792() | 1.33 Mo] - (.Microsoft Corporation - Interpréteur de commandes Windows.) - (10.0.16299.15) = C:\Windows\SysWOW64\cmd.exe [29/09/2017 14:42:09] CPU Usage:0 % 15400 | [Owner : EFM_UEFM_Barrow_U | Parent : 2480(cmd.exe) | 0.65 Mo] - (.Microsoft Corporation - Console Window Host.) - (10.0.16299.15) = C:\Windows\System32\conhost.exe [29/09/2017 14:41:45] CPU Usage:0 % 14200 | [Owner : SERVICE LOCAL | Parent : 3564(svchost.exe) | 18.9 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.16299.1004) = C:\Windows\System32\audiodg.exe [15/03/2019 05:51:22] CPU Usage:4 % 16204 | [Owner : Système | Parent : 928(services.exe) | 0.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2536 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 0.19 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.16299.1004) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [15/03/2019 05:50:13] CPU Usage:0 % 3252 | [Owner : EFM_UEFM_Barrow_U | Parent : 7088(SamsungSystemService.exe) | 3.63 Mo] - (.Samsung Electronics Co., Ltd. - SamsungSystemManager.) - (1.0.48.0) = C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemManager.exe [29/08/2017 06:42:20] CPU Usage:0 % 4128 | [Owner : EFM_UEFM_Barrow_U | Parent : 14164(explorer.exe) | 0.54 Mo] - (.FoxxApp/PortableAppZ.ru - Ashampoo Snap FoxxApp.) - (2.2.1.0) = C:\PortableApps\AshampooSnap10 Portable\AshampooSnapPortable.exe [14/12/2018 16:23:40] CPU Usage:0 % 6720 | [Owner : EFM_UEFM_Barrow_U | Parent : 4128(AshampooSnapPortable.exe) | 4.29 Mo] - (.Ashampoo GmbH & Co. KG - Ashampoo Snap 10.) - (10.0.8.0) = C:\PortableApps\AshampooSnap10 Portable\App\AshampooSnap\ashsnap.exe [04/02/2019 09:15:02] CPU Usage:0 % 8380 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 9.16 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 14156 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 3.78 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 5172 | [Owner : Système | Parent : 928(services.exe) | 7.37 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 13452 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 4.64 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.16299.15) = C:\Windows\System32\dllhost.exe [29/09/2017 14:41:43] CPU Usage:0 % 13252 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 17.9 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.16299.15) = C:\Windows\System32\ApplicationFrameHost.exe [29/09/2017 14:41:37] CPU Usage:0 % 17244 | [Owner : EFM_UEFM_Barrow_U | Parent : 7072(rsgmpsp.exe) | 1.22 Mo] - (.Remo Software - rsgpsrsdk.exe.) - (1.0.0.3) = C:\ProgramData\RSG\rsgpsrsdk.exe [16/03/2019 15:34:24] CPU Usage:0 % 5316 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 66.98 Mo] - (.Microsoft Corporation - Microsoft Edge.) - (11.0.16299.1029) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe [15/03/2019 05:50:48] CPU Usage:0 % 4208 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 20.08 Mo] - (.Microsoft Corporation - Browser_Broker.) - (11.0.16299.1029) = C:\Windows\System32\browser_broker.exe [15/03/2019 05:49:19] CPU Usage:0 % 9696 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 16.45 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 1436 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 7.07 Mo] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.16299.1029) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe [15/03/2019 05:49:23] CPU Usage:0 % 11748 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 6.29 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 13364 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 158.21 Mo] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.16299.1029) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe [15/03/2019 05:49:23] CPU Usage:0 % 2748 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 23.69 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 4928 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 4.81 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.16299.15) = C:\Windows\System32\dllhost.exe [29/09/2017 14:41:43] CPU Usage:0 % 14740 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 114.03 Mo] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.16299.1029) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe [15/03/2019 05:49:23] CPU Usage:0 % 10644 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 13.16 Mo] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.16299.1029) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe [15/03/2019 05:49:23] CPU Usage:0 % 3284 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 1.61 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.16299.15) = C:\Windows\System32\dllhost.exe [29/09/2017 14:41:43] CPU Usage:0 % 7920 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 20.25 Mo] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.16299.1029) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe [15/03/2019 05:49:23] CPU Usage:0 % 4572 | [Owner : Système | Parent : 928(services.exe) | 0.58 Mo] - (.Crystal Rich Ltd - USB Safely Remove assistant service.) - (6.1.5.1274) = C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [26/03/2019 10:11:23] CPU Usage:0 % 3940 | [Owner : EFM_UEFM_Barrow_U | Parent : 15476() | 2.11 Mo] - (.Crystal Rich Ltd - USB Safely Remove - an enhanced replacement for Windows safe removal tool.) - (6.1.5.1274) = C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe [26/03/2019 10:11:23] CPU Usage:0 % 13764 | [Owner : EFM_UEFM_Barrow_U | Parent : 9200() | 123.37 Mo] - (.TechSmith Corporation - TechSmith Camtasia 2018.) - (18.0.7.4045) = C:\Program Files\TechSmith\Camtasia 2018\CamtasiaStudio.exe [09/11/2018 13:39:02] CPU Usage:0 % 7560 | [Owner : Système | Parent : 1604(svchost.exe) | 2.54 Mo] - (.Microsoft Corporation - sedlauncher.) - (10.0.17134.10024) = C:\Program Files\rempl\sedlauncher.exe [16/03/2019 10:05:50] CPU Usage:0 % 11104 | [Owner : Système | Parent : 7560(sedlauncher.exe) | 1.21 Mo] - (.Microsoft Corporation - Console Window Host.) - (10.0.16299.15) = C:\Windows\System32\conhost.exe [29/09/2017 14:41:45] CPU Usage:0 % 6072 | [Owner : Système | Parent : 928(services.exe) | 4.48 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2256 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 0.02 Mo] - (.Microsoft Corporation - Paramètres.) - (10.0.16299.15) = C:\Windows\ImmersiveControlPanel\SystemSettings.exe [29/09/2017 14:43:11] CPU Usage:0 % 4964 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 19.98 Mo] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.16299.1029) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe [15/03/2019 05:49:23] CPU Usage:0 % 13080 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 219.42 Mo] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.16299.1029) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe [15/03/2019 05:49:23] CPU Usage:6 % 12744 | [Owner : EFM_UEFM_Barrow_U | Parent : 13764(CamtasiaStudio.exe) | 224.88 Mo] - (.TechSmith Corporation - Camtasia Recorder 2018.) - (18.0.7.4045) = C:\Program Files\TechSmith\Camtasia 2018\CamRecorder.exe [09/11/2018 13:39:02] CPU Usage:17 % 5476 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 104.29 Mo] - (.Microsoft Corporation - Windows Camera.) - (2018.825.120.0) = C:\Program Files\WindowsApps\Microsoft.WindowsCamera_2018.825.120.0_x64__8wekyb3d8bbwe\WindowsCamera.exe [14/03/2019 23:29:08] CPU Usage:4 % 1584 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 5.95 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 11356 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 9.22 Mo] - (.-.) - (2019.19011.19410.0) = C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19011.19410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe [15/03/2019 00:37:44] CPU Usage:0 % 13064 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 12.18 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 1156 | [Owner : EFM_UEFM_Barrow_U | Parent : 13248() | 11.96 Mo] - (.-.) - (12.6.1005.11662) = C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareTray.exe [13/02/2019 01:19:50] CPU Usage:0 % 13568 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 0.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 17088 | [Owner : EFM_UEFM_Barrow_U | Parent : 14164(explorer.exe) | 5.74 Mo] - (.c't Magazin für Computertechnik - Integritätstest für USB-Sticks und andere Datenträger.) - (1.0.4.0) = C:\Users\EFM_UEFM_Barrow_U\Downloads\h2testw_1.4\h2testw.exe [26/03/2019 16:41:26] CPU Usage:4 % 11420 | [Owner : EFM_UEFM_Barrow_U | Parent : 14164(explorer.exe) | 2.39 Mo] - (.Microsoft Corporation - Bloc-notes.) - (10.0.16299.15) = C:\Windows\System32\notepad.exe [29/09/2017 14:41:56] CPU Usage:0 % 9640 | [Owner : EFM_UEFM_Barrow_U | Parent : 14164(explorer.exe) | 1.88 Mo] - (.Microsoft Corporation - Bloc-notes.) - (10.0.16299.15) = C:\Windows\System32\notepad.exe [29/09/2017 14:41:56] CPU Usage:0 % 13496 | [Owner : EFM_UEFM_Barrow_U | Parent : 14164(explorer.exe) | 2.36 Mo] - (.Microsoft Corporation - Bloc-notes.) - (10.0.16299.15) = C:\Windows\System32\notepad.exe [29/09/2017 14:41:56] CPU Usage:0 % 13608 | [Owner : EFM_UEFM_Barrow_U | Parent : 14164(explorer.exe) | 2.18 Mo] - (.Microsoft Corporation - Bloc-notes.) - (10.0.16299.15) = C:\Windows\System32\notepad.exe [29/09/2017 14:41:56] CPU Usage:0 % 16688 | [Owner : EFM_UEFM_Barrow_U | Parent : 14164(explorer.exe) | 21.48 Mo] - (.Microsoft Corporation - Microsoft Word.) - (16.0.11328.20154) = C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16031.11328.20154.0_x86__8wekyb3d8bbwe\Office16\WINWORD.EXE [15/03/2019 19:40:03] CPU Usage:0 % 14252 | [Owner : EFM_UEFM_Barrow_U | Parent : 14164(explorer.exe) | 2.12 Mo] - (.Microsoft Corporation - Bloc-notes.) - (10.0.16299.15) = C:\Windows\System32\notepad.exe [29/09/2017 14:41:56] CPU Usage:0 % 12128 | [Owner : EFM_UEFM_Barrow_U | Parent : 14164(explorer.exe) | 1.86 Mo] - (.Microsoft Corporation - Bloc-notes.) - (10.0.16299.15) = C:\Windows\System32\notepad.exe [29/09/2017 14:41:56] CPU Usage:0 % 3144 | [Owner : EFM_UEFM_Barrow_U | Parent : 17400() | 2 Mo] - (.CyberLink Corp. - CyberLink Application Manager.) - (1.3.1318.0) = C:\Program Files (x86)\CyberLink\AppManager\CAMTray.exe [26/03/2019 16:50:23] CPU Usage:0 % 9000 | [Owner : EFM_UEFM_Barrow_U | Parent : 1604(svchost.exe) | 17.89 Mo] - (.CyberLink Corp. - AppManager.) - (1.3.1318.0) = C:\Program Files (x86)\CyberLink\AppManager\AppManager.exe [26/03/2019 16:50:18] CPU Usage:2 % 16904 | [Owner : EFM_UEFM_Barrow_U | Parent : 5308() | 37.15 Mo] - (.Babylon Software Ltd. - Babylon Information Tool.) - (11.0.1.0) = C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe [26/03/2019 17:09:12] CPU Usage:0 % 9092 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 2.22 Mo] - (.Babylon Software Ltd. - Babylon Support for 64-bit OS.) - (11.0.1.0) = C:\Program Files\Babylon\Babylon-Pro\BabylonHelper64.exe [26/03/2019 17:09:26] CPU Usage:0 % 1144 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 5.43 Mo] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.16299.1029) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe [15/03/2019 05:49:23] CPU Usage:0 % 6116 | [Owner : EFM_UEFM_Barrow_U | Parent : 12232() | 4.36 Mo] - (.PC Helpsoft - PC Cleaner.) - (6.9.6.1) = D:\Program Files (x86)\PC Cleaner\PCCleaner.exe [26/03/2019 17:39:33] CPU Usage:0 % 16092 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 13.17 Mo] - (.Microsoft Corporation - Microsoft PDF Reader Component.) - (11.0.16299.1029) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftPdfReader.exe [15/03/2019 05:50:17] CPU Usage:0 % 15612 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 1.09 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 14664 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 14.16 Mo] - (.Microsoft Corporation - Microsoft Edge Content Process.) - (11.0.16299.1029) = C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe [15/03/2019 05:49:23] CPU Usage:0 % 3496 | [Owner : EFM_UEFM_Barrow_U | Parent : 5792() | 14.33 Mo] - (.Microsoft Corporation - Bloc-notes.) - (10.0.16299.15) = C:\Windows\System32\notepad.exe [29/09/2017 14:41:56] CPU Usage:0 % 11540 | [Owner : Système | Parent : 1052(svchost.exe) | 7.57 Mo] - (.COMODO - COMODO Internet Security.) - (11.0.0.6802) = C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe [04/03/2019 22:31:52] CPU Usage:0 % 6996 | [Owner : EFM_UEFM_Barrow_U | Parent : 11604() | 8.87 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [04/07/2010 20:51:26] CPU Usage:0 % 380 | [Owner : EFM_UEFM_Barrow_U | Parent : 1052(svchost.exe) | 15.39 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.16299.1004) = C:\Windows\System32\smartscreen.exe [15/03/2019 05:50:11] CPU Usage:0 % 2372 | [Owner : Système | Parent : 928(services.exe) | 6.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2012 | [Owner : EFM_UEFM_Barrow_U | Parent : 4208(browser_broker.exe) | 38.86 Mo] - (.SosVirus - QuickDiag.) - (27.2.19.1) = D:\renouveau du widen - babylon free & trial, & vaincre la peur de babylon toolbar & search\quickdiag_V5_27.02.19.1.exe [26/03/2019 18:15:25] CPU Usage:0 % 2896 | [Owner : SERVICE LOCAL | Parent : 928(services.exe) | 42.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:2 % 11472 | [Owner : EFM_UEFM_Barrow_U | Parent : 4208(browser_broker.exe) | 94.44 Mo] - (.- ZHPCleaner.) - (2019.3.25.39) = D:\renouveau du widen - babylon free & trial, & vaincre la peur de babylon toolbar & search\ZHPCleaner.exe [26/03/2019 18:43:32] CPU Usage:20 % 9612 | [Owner : SERVICE RÉSEAU | Parent : 1052(svchost.exe) | 11.83 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.16299.248) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [15/03/2019 05:48:57] CPU Usage:0 % ---------- | Locked Applications ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (.Zemana Ltd..-.Zemana AntiLogger Free.) - (1.8.2.328) -- C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL (.COMODO.-.COMODO Internet Security.) - (11.0.0.6802) -- C:\Windows\system32\guard64.dll (.COMODO.-.COMODO Secure Shopping.) - (1.3.50284.151) -- C:\Windows\system32\cssguard64.dll (..-..) - (0.0.0.0) -- C:\Windows\SYSTEM32\inputhost.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (25.20.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igd10iumd64.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (25.20.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igdgmm64.dll (.Intel Corporation.-.Intel Graphics Shader Compiler for Intel(R) Graphics Accelerator.) - (25.20.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igc64.dll (.AVAST Software.-.Avast Shell Extension.) - (19.3.4241.0) -- C:\Program Files\AVAST Software\Avast\ashShell.dll (.Remo Software.-.Remo File Eraser.) - (2.0.0.46) -- C:\Program Files (x86)\Remo File Eraser 2.0\64\rsh64.dll (.AVAST Software.-.Avast AAVM Remote Procedure Call Library.) - (19.3.4241.0) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (.AVAST Software.-.Hook Library.) - (19.3.4.2057) -- C:\Program Files\AVAST Software\Avast\aswhook.dll (.IObit.-.Uninstall for explorer.) - (1.0.7.16) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (.ProtectStar(TM), Inc..-.iShredder Shell Extension.) - (7.0.1807.0) -- C:\Program Files (x86)\ProtectStar\DataShredder\DataShredderShellExt64.dll (..-..) - (12.6.1005.11662) -- C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareShellExtension.dll (.Moo0.-.Moo0 Shell Extension Bridge.) - (1.0.0.1) -- C:\Windows\System32\ShellExtBridge\ShellExtBridge119.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.70.0.0) -- C:\Program Files\WinRAR\rarext.dll (..-..) - (0.0.0.0) -- C:\PROGRA~1\TeraCopy\TERACO~2.DLL (.Xportsoft Technologies.-.nothing optimize your PC better.) - (1.0.2.4) -- D:\PC Optimizer Pro\PCOptProCtxMenu.dll (..-..) - (1.0.0.0) -- C:\PROGRA~1\LOARIS~1\shellext.dll (.IObit.-.IUMenuRightExtension.) - (1.2.0.2) -- C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll (.COMODO.-.COMODO Internet Security.) - (11.0.0.6802) -- C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll (.COMODO.-.COMODO Internet Security.) - (11.0.0.6802) -- C:\Program Files\COMODO\COMODO Internet Security\cmdres.DLL (..-.ShellHandler for Notepad++ (64 bit).) - (0.1.0.0) -- C:\Program Files\Notepad++\NppShell_06.dll (..-..) - (1.0.0.0) -- C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll (.TechSmith Corporation.-.Camtasia Shell Extension.) - (18.0.7.4045) -- C:\Program Files\TechSmith\Camtasia 2018\CamrecShellExt.dll (.Intel Corporation.-.igfxDTCM Module.) - (6.15.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igfxDTCM.dll (.Intel Corporation.-.igfxDH Module.) - (6.15.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igfxDH.dll (.Intel Corporation.-.igfxLHM Module.) - (6.15.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igfxLHM.dll (.Intel Corporation.-.igfxDI Module.) - (6.15.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igfxDI.dll (..-..) - (0.0.0.0) -- C:\Program Files\TeraCopy\TeraCopy64.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) (.Zemana Ltd..-.Zemana AntiLogger Free.) - (1.8.2.328) -- C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (.COMODO.-.COMODO Internet Security.) - (11.0.0.6802) -- C:\Windows\system32\guard64.dll (.Zemana Ltd..-.Zemana AntiLogger Free.) - (1.8.2.328) -- C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL (.COMODO.-.COMODO Secure Shopping.) - (1.3.50284.151) -- C:\Windows\system32\cssguard64.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.19.3.0) -- C:\Windows\System32\winsqlite3.dll (.AVAST Software.-.Hook Library.) - (19.3.4.2057) -- C:\Program Files\AVAST Software\Avast\aswhook.dll (.COMODO.-.COMODO Internet Security.) - (11.0.0.6802) -- C:\Windows\system32\cmdvrt64.dll (.Intel Corporation.-.Intel(R) Camera MFT.) - (1.0.0.8317) -- C:\windows\system32\IntelCameraPlugin64.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (25.20.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igd10iumd64.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (25.20.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igdgmm64.dll (.Intel Corporation.-.Intel Graphics Shader Compiler for Intel(R) Graphics Accelerator.) - (25.20.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igc64.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (25.20.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igd11dxva64.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igdinfo64.dll (.Intel Corporation.-.MDF(CM) Runtime DX11 Dynamic Link Library.) - (6.0.0.1189) -- C:\windows\System32\DriverStore\FileRepository\ki120832.inf_amd64_2ded2fe16badb11a\igfx11cmrt64.dll (.Intel Corporation.-.Intel® Media SDK library.) - (8.18.11.21) -- C:\Program Files\Intel\Media SDK\libmfxhw64.dll (..-..) - (0.0.0.0) -- C:\Windows\SYSTEM32\pvl64.dll ---------- | ZeroAccess Check Zaccess : C:\Users\EFM_UEFM_Barrow_U\AppData\Local\CyberLink [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU SecurePro - (C:\Windows\Temp\SecurePro.exe /s /a [Startup]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U OneDrive - ("C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\...\Run]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U WinFLTray - (C:\Windows\SysWow64\WinFLTray.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\...\Run]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U FLBackup - (C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\...\Run]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U vidnotifier.exe - (C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\...\Run]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U SharewareOnSale Notifier - (C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\...\Run]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U Clipdiary - (C:\Program Files (x86)\Clipdiary\clipdiary.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\...\Run]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U ApowerManager - (C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe /autoStart [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\...\Run]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U desktop - (desktop.ini [Common Startup]) - User: Public SecurityHealth - (%ProgramFiles%\Windows Defender\MSASCuiL.exe [HKLM\SOFTWARE\...\Run]) - User: Public RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public RtHDVBg_RUNEP - ("C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /RUNEP [HKLM\SOFTWARE\...\Run]) - User: Public OSD - (C:\Program Files\Samsung\SamsungOSD\OSD.exe [HKLM\SOFTWARE\...\Run]) - User: Public AdAwareTray - ("C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareTray.exe" [HKLM\SOFTWARE\...\Run]) - User: Public ZAM - ("C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe" /minimized [HKLM\SOFTWARE\...\Run]) - User: Public COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - (C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [HKLM\SOFTWARE\...\Run]) - User: Public COMODO Internet Security Installer - ("C:\Program Files\COMODO\COMODO Internet Security\cmdinstall.exe" -log -type "local" -camevent "install-end" [HKLM\SOFTWARE\...\Run]) - User: Public USB Safely Remove - ("C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "WinFLTray"=C:\Windows\SysWow64\WinFLTray.exe [15/03/2019 07:34:08] "FLBackup"=C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [15/03/2019 07:34:21] "vidnotifier.exe"=C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [15/03/2019 11:53:40] "SharewareOnSale Notifier"=C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe [17/03/2019 20:01:48] "Clipdiary"=C:\Program Files (x86)\Clipdiary\clipdiary.exe [17/08/2018 08:33:38] "ApowerManager"=C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe /autoStart [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "OneDrive"=0x020000000000000000000000 "WinFLTray"=0x020000000000000000000000 "FLBackup"=0x020000000000000000000000 "vidnotifier.exe"=0x020000000000000000000000 "Software Informer"=0x020000000000000000000000 "SharewareOnSale Notifier"=0x020000000000000000000000 "Clipdiary"=0x020000000000000000000000 "ApowerManager"=0x020000000000000000000000 "WinSweep"=0x020000000000000000000000 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "MRUList"=a "a"= [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=Microsoft Print to PDF,winspool,Ne01: "IsMRUEstablished"=1 "LegacyDefaultPrinterMode"=0 "MenuDropAlignment"=1 "Run"= [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%ProgramFiles%\Windows Defender\MSASCuiL.exe "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "RtHDVBg_RUNEP"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /RUNEP "OSD"=C:\Program Files\Samsung\SamsungOSD\OSD.exe [02/02/2017 07:06:55] "AdAwareTray"="C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareTray.exe" "ZAM"="C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe" /minimized "COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [04/03/2019 22:32:22] "COMODO Internet Security Installer"="C:\Program Files\COMODO\COMODO Internet Security\cmdinstall.exe" -log -type "local" -camevent "install-end" "USB Safely Remove"="C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x040000000000000000000000 "RTHDVCPL"=0x040000000000000000000000 "RtHDVBg_RUNEP"=0x040000000000000000000000 "OSD"=0x040000000000000000000000 "AdAwareTray"=0x020000000000000000000000 "ZAM"=0x020000000000000000000000 "COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=0x020000000000000000000000 "COMODO Internet Security Installer"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "AvastUI.exe"=0x020000000000000000000000 "vdcss"=0x020000000000000000000000 "IseUI"=0x020000000000000000000000 "Wondershare Helper Compact.exe"=0x020000000000000000000000 "CommonToolkitTray"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"=C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL [15/03/2019 09:28:34] "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "EnableMitInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=1 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D33928A8E92551 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui "vdcss"="C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe" -tray "IseUI"=C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [20/03/2019 13:00:44] "CAMTray"="C:\Program Files (x86)\CyberLink\AppManager\CAMTray.exe" /AutoRun "Babylon Client"=C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart "UnlockerAssistant"="C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" "BabylonToolbar"="C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"=C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL [15/03/2019 09:28:34] "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "EnableMitInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=1 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List Avast Emergency Update Intel PTT EK Recertification LinuxFS GUI LinuxFS Updater Moo0 Disk Cleaner 1.23 OneDrive Standalone Update Task v2 OneDrive Standalone Update Task-S-1-5-21-3534096643-12334864-2903717510-1001 OneSafe PC Cleaner automatic scan and notifications Opera scheduled Autoupdate 1552623920 PC Cleaner automatic scan and notifications PowerDirectorStyleAgent RemoBackup_Launcher RunAsStdUser Task SAgent ShowWindow Software Updater Scheduler Software Updater SkipUAC(EFM_UEFM_Barrow_U) SoftwareInformerService SU_AutoUpdate User_Feed_Synchronization-{12F40181-298F-4A8F-BA89-6EC6CD445751} ---------- | Startings up registry ¦ Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc DeviceInstall gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=2000 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(5)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(5)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=3 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [26/03/2019 18:10:34] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "LsaPid"=940 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * bddel.exe "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "PendingFileRenameOperations"=\??\C:\Users\EFM_UE~1\AppData\Local\Temp\nso3AB3.tmp\NSIS_SkinCrafter_Plugin.dll \??\C:\Users\EFM_UE~1\AppData\Local\Temp\nso3AB3.tmp\SkinCrafter.dll \??\C:\Users\EFM_UE~1\AppData\Local\Temp\nso3AB3.tmp\ \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\Windows\system32\bddel.exe \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Driver Updater\ \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\ProgramData\adaware\adaware antivirus\Options\RebootRequired \??\C:\Users\EFM_UE~1\AppData\Local\Temp\nspE014.tmp\ThreadTimer.dll \??\C:\Users\EFM_UE~1\AppData\Local\Temp\nspE014.tmp\ \??\C:\Users\EFM_UE~1\AppData\Local\Temp\_iu14D2N.tmp [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=43b054d6-f884-434e-b429-49e50e1 "GlassSessionId"=1 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallPaper"=C:\Windows\Web\Wallpaper\Samsung\Samsung_wallpaper.png [07/12/2017 07:05:45] "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "DelayLockInterval"=900 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9E1E078012000000 "CheckScreenSaverTimeChange"=1 "ScreenSaveTimeOut"=120 "MaxVirtualDesktopDimension"=2160 "MaxMonitorDimension"=2160 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC30100F6F83E0070080000A005000000A5DFF65749D20143003A005C00570069006E0064006F00770073005C005700650062005C00570061006C006C00700061007000650072005C00530061006D00730075006E0067005C00530061006D00730075006E0067005F00770061006C006C00700061007000650072002E0070006E0067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "WaitToKillAppTimeout"=2000 "HungAppTimeout"=2000 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x24000000342800000000000000000000000000000100000013000000000000006A000000 "UserSignedIn"=1 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=7 "GlobalAssocChangedCounter"=177 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "SlowContextMenuEntries"=0xF05A64A7E8D6AF488DFA023B1CF660A7ED0A00000114020000000000C000000000000046F9150000550F3DCB2CBC1A4C85ED23ED75B5106B450C000060B81DB4E464D2119906E49FADC173CAA80B00005D54A9A2C2A0B4429708A0B2BADD77C8F60B0000 "PostAppInstallTasksCompleted"=1 "link"=0x1E000000 "Browse For Folder Width"=520 "Browse For Folder Height"=460 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=0 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=1 "AutoCheckSelect"=1 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "StoreAppsOnTaskbar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=13 "TaskbarStateLastRun"=0x0E05945C00000000 "ReindexedProfile"=1 [HKLM\Software\Policies\Microsoft\Windows\System] "DontDisplayNetworkSelectionUI"=1 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=0 "NoActiveDesktopChanges"=0 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "layoutxmlpath"=c:\users\default\appdata\local\microsoft\windows\shell\taskbarlayoutmodification.xml [07/12/2017 14:49:02] "GlobalAssocChangedCounter"=27 "MultipleInvokePromptMinimum"=10000 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 "UseOLEDTaskbarTransparency"=1 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\System] "DontDisplayNetworkSelectionUI"=1 [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=0 "NoActiveDesktopChanges"=0 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=38 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s ---------- | Winlogon [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=16299 "FirstLogon"=0 "PUUActive"=0x143EAC9E02000200060059007BFC0200A9CA0300A9CA0300D200000011001600A265D83E2DBF0E004E930E009D3C0100B9D50000F8350000A0070100837D0E00242200003F02000000F39453FBE3D401DD1503000000000001000000DD150300AB3F000000000000 "DP"=0xD200E8002400020006000000143EAC9E000000000000000096190A85E3E3D40196190A85E3E3D401000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F80510100EC3600C043005101C3005B01CC5D00800020202000246826E0C80080A063CA00A26FCA400CA100800C1858090C185C0909F90080082000090821900B9933018083234F4483234F65480F0180E2410023E249006709C5008080040210821702146E02008080002508800C250815130180278F0062278F0163610001004223004C42B3214C "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "DisableCAD"=1 "LastLogOffEndTimePerfCounter"=2588771432 "ShutdownFlags"=2147483819 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-3534096643-12334864-2903717510-1001 "LastUsedUsername"=EFM_UEFM_Barrow_U [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "userinit"=userinit.exe "AutoRestartShell"=1 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Clients\StartMenuInternet\OperaStable\Shell\open\Command] ""="C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\Launcher.exe" [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Clients\StartMenuInternet\OperaStable\InstallInfo] "ReinstallCommand"="C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\Launcher.exe" --makedefaultbrowser [HKLM\Software\Clients\StartMenuInternet\Dragon\Shell\open\Command] ""="C:\Program Files (x86)\Comodo\Dragon\dragon.exe" [HKLM\Software\Clients\StartMenuInternet\Dragon\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Dragon\Shell\open\Command] ""="C:\Program Files (x86)\Comodo\Dragon\dragon.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Dragon\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\Launcher.exe"=32 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Users\EFM_UEFM_Barrow_U\Desktop\Adaware_Installer.exe"=0x5341435001000000000000000700000028000000B0552900EC1D2A0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000000A9E1600000000000100000001000000 "C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\PCTrans.exe"=0x534143500100000000000000070000002800000050DA45000F4B460001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000EEF93200000000000200000002000000 "C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareTray.exe"=0x5341435001000000000000000700000028000000D85D4800EE34490001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000006CC35A01000000000100000001000000 "C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareDesktop.exe"=0x5341435001000000000000000700000028000000D80DCD00DB4ACD0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000002CE9A904000000000200000002000000 "C:\Windows\SysWOW64\explorer.exe"=0x5341435001000000000000000700000028000000880E35002AE5350001000000010000000000000A61220000DB80FDAC2839D3010000000000000000 "C:\Users\EFM_UEFM_Barrow_U\Documents\WinToHDD.Ent.2.6.Portable.KaranPC\WinToHDDPortable.exe"=0x53414350010000000000000007000000280000001BE901000000000001000000000000000000010600010000DB80FDAC2839D301000000000000000002000000280000000000000000000040000200000000000000000000000000005F120000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Documents\WinToHDD.Ent.2.6.Portable.KaranPC\App\WinToHDD64\x64\WinToHDD\bin\WinToHDD.exe"=0x534143500100000000000000070000002800000000E29A00EACB9B0001000000000000000000000A73220000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000044D20000000000000100000001000000 "C:\Program Files\Realtek\Audio\HDA\EP64.exe"=0x534143500100000000000000070000002800000050583C009DC33C0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000060B46C1D000000000500000005000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\DRPSu\PROGRAMS\DotNet.exe"=0x534143500100000000000000070000002800000070A7AC0363C3AC0301000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000001A980000000000000100000001000000 "C:\Program Files\Paragon Software\Hard Disk Manager 16 Basic\program\advlauncher.exe"=0x534143500100000000000000070000002800000008BF0C00F9900D0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000081951C00000000000200000002000000 "C:\Program Files (x86)\Silent Install Builder 5\Sib.exe"=0x5341435001000000000000000700000028000000C8100C001BCF0C0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000045270C00000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\SIB\Packages\7547\out\lfsh_uefm_efm_b162_w16_anaamfuw_suite_essentials_setup_sib.exe"=0x5341435001000000000000000700000028000000597E07070000000001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BA061D00000000000100000001000000 "C:\Program Files (x86)\Moo0\RightClicker Pro 1.56\RightClicker.exe"=0x534143500100000000000000070000002800000000E230000000000001000000000000000000000A73220000DB80FDAC2839D30100000000000000000200000028000000000000000000008000000000000000000000000000000000F52D0000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Documents\grande force loaris noa 13 - don pour garder lfsu_anti-tfl_100%s fin en carreaux des rairies, protectstar & loaris\loarissetup_FromDESKTOP-810DT5O.exe"=0x5341435001000000000000000700000028000000B0DF1100E392120001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000002378F301000000000100000001000000 "C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe"=0x5341435001000000000000000700000028000000F86D5E0071615F0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000EE020000000000000100000001000000 "C:\Program Files (x86)\NewSoftware's\Folder Lock\Folder Lock.exe"=0x534143500100000000000000070000002800000008845C002AE55C0001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000457FC201000000000100000001000000 "C:\Program Files (x86)\IObit\Software Updater\SUFeature.exe"=0x53414350010000000000000007000000280000001087020008E6020001000000000000000000000A00210000DB80FDAC2839D3010000000000000000050000001000000000000000000000000000000000000080020000002800000000000000000000800000000000000000000000000000000058010000000000000100000001000000 "C:\PortableApps\AshampooSnap10 Portable\AshampooSnapPortable.exe"=0x53414350010000000000000007000000280000003DEC03000000000001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FD9C5200000000000600000006000000 "C:\Program Files\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000C80A0F00A5500F0001000000000000000000000600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000048732F00000000001000000010000000 "SIGN.MEDIA=6B2011B8 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\cadeaux récompense st jacques de conrad & lfsu100%sf 17 mars 2019\remo-shredder.exe"=0x5341435001000000000000000700000028000000D8C3AF00AE82B00001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FB2B0800000000000100000001000000 "SIGN.MEDIA=6B2011B8 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\cadeaux récompense st jacques de conrad & lfsu100%sf 17 mars 2019\remo-repair-word.exe"=0x5341435001000000000000000700000028000000D85707019EA6070101000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000057E60700000000000100000001000000 "SIGN.MEDIA=6B2011B8 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\cadeaux récompense st jacques de conrad & lfsu100%sf 17 mars 2019\remo-repair-mov.exe"=0x534143500100000000000000070000002800000028240901ED120A0101000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000C6800700000000000100000001000000 "SIGN.MEDIA=6B2011B8 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\cadeaux récompense st jacques de conrad & lfsu100%sf 17 mars 2019\remo-recover-windows.exe"=0x5341435001000000000000000700000028000000F0536801BCA9680101000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000050290700000000000100000001000000 "SIGN.MEDIA=6B2011B8 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\cadeaux récompense st jacques de conrad & lfsu100%sf 17 mars 2019\remo-outlook-backup-migrate.exe"=0x5341435001000000000000000700000028000000F82F2E003E652E0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000044DC1100000000000100000001000000 "SIGN.MEDIA=6B2011B8 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\cadeaux récompense st jacques de conrad & lfsu100%sf 17 mars 2019\remo-duplicate-photos-remover.exe"=0x5341435001000000000000000700000028000000503D3401BE17350101000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E6AC0400000000000100000001000000 "SIGN.MEDIA=6B2011B8 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\cadeaux récompense st jacques de conrad & lfsu100%sf 17 mars 2019\remo-duplicate-file-remover.exe"=0x5341435001000000000000000700000028000000F0B99500280B960001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E13D0400000000000100000001000000 "C:\Program Files\Hasleo\WinToUSB\bin\WinToUSB.exe"=0x534143500100000000000000070000002800000000427F00FC677F0001000000000000000000000A73220000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000004D00300000000000100000001000000 "C:\Program Files (x86)\SysTools PDF Bates Numberer\PDFBatesGenerator.exe"=0x5341435001000000000000000700000028000000D8103200BBDA320001000000000000000000010671020000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000009B65C605000000000200000002000000 "C:\Program Files (x86)\SysTools AD Browser\ADBrowser.exe"=0x5341435001000000000000000700000028000000D0501A00A0AD1A0001000000000000000000010671020000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000290FA605000000000100000001000000 "C:\Program Files (x86)\oldtimer otl_oth_tfc_md5look_xor_gotd-u_SEAF_remvbs_usbfileresc setup.exe"=0x5341435001000000000000000700000028000000B16994000000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000109E0100000000000200000002000000 "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\FreeStudioManager.exe"=0x5341435001000000000000000700000028000000E8051700787B170001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000000EAF7E02000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Desktop\pre-scan_7_16.10.17.1_FromDESKTOP-810DT5O.exe"=0x5341435001000000000000000700000028000000A8AF2E007DB12E0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Program Files (x86)\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000108D0C0074DD0C0001000000010000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Program Files (x86)\GOTD Unlimited\Unlimited_GOTD_v1.02.exe"=0x5341435001000000000000000700000028000000002201000000000001000000000000000000000A61220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000CF720000000000000100000001000000 "SIGN.MEDIA=3C8D326 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\1ers giveaways après lfsu-anti_tfl-100%s finalis\AmazingFolderPasswordLock7888-ai37dh\Setup.exe"=0x534143500100000000000000070000002800000060CC2600C3AE270001000000000000000000010600010000DB80FDAC2839D3010000000000000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.107\opera.exe"=0x5341435001000000000000000700000028000000587818008B9A180001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "SIGN.MEDIA=86BDCE anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\1ers giveaways après lfsu-anti_tfl-100%s finalis\SharewareOnSale_Giveaway_Clipdiary_hub.exe"=0x534143500100000000000000070000002800000080122300E2A4230001000000000000000000000A71220000DB80FDAC2839D3010000000000000000 "C:\Program Files (x86)\SysTools Thunderbird Store Locator\ThunderbirdStoreLocator.exe"=0x5341435001000000000000000700000028000000F8B314005EB7140001000000000000000000010675220000DB80FDAC2839D3010000000000000000 "C:\Program Files\TechSmith\Camtasia 2018\CamRecorder.exe"=0x534143500100000000000000070000002800000050865E0047BD5E0001000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004004000000000000000000000000000000E16F9304000000000400000004000000 "C:\Program Files\Samsung\Recovery\Recovery.exe"=0x5341435001000000000000000700000028000000F0E62300120D240001000000000000000000000A73220000DB80FDAC2839D3010000000000000000 "C:\Program Files\TechSmith\Camtasia 2018\CamtasiaStudio.exe"=0x534143500100000000000000070000002800000050420700D059070001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000006093A617000000000600000006000000 "C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe"=0x534143500100000000000000070000002800000048B600006317010001000000000000000000000A73220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000084110000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\cispremium_installer_10555_51.exe"=0x5341435001000000000000000700000028000000609B5500A35A560001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DC4E101C000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\setup_Atelier_Photo_Fnac.exe"=0x5341435001000000000000000700000028000000503A1900877C190001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B39F0500000000000100000001000000 "C:\Program Files\Fnac\Atelier Photo Fnac\Atelier Photo Fnac.exe"=0x5341435001000000000000000700000028000000001640000000000001000000000000000000000A73220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000067B08701000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\setup_Logiciel_de_creation_CEWE_Cora.exe"=0x534143500100000000000000070000002800000048481900DEED190001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000C92F1400000000000100000001000000 "C:\Program Files\Cora\Logiciel de creation CEWE Cora\Logiciel de création CEWE Cora.exe"=0x534143500100000000000000070000002800000000D841000000000001000000000000000000000A73220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000004B237301000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\setup_Logiciel_de_creation_CEWE.exe"=0x5341435001000000000000000700000028000000A04619002B2A1A0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B9320D00000000000100000001000000 "C:\Program Files\CEWE\Logiciel de creation CEWE\Logiciel de création CEWE.exe"=0x534143500100000000000000070000002800000000D841000000000001000000000000000000000A73220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000393E6501000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\turbo-client-19.3.1934.0.exe"=0x5341435001000000000000000700000028000000704C880609E7880601000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000000F24411A000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Turbo\19.3.1934.0\Turbo-Launcher.exe"=0x534143500100000000000000070000002800000050ECF0006F96F10001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000008000000000000000000000000000000000000000E2040000000000000200000002000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Turbo\Cmd\turbosh.exe"=0x5341435001000000000000000700000028000000109F03007981040001000000000000000000000A71220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000027110000000000000100000001000000 "C:\Program Files (x86)\Turbo.net\Turbo Studio 19\Studio.exe"=0x534143500100000000000000070000002800000078856102A7C3610201000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000009BBB3403000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft\OneDrive\19.033.0218.0009\FileSyncConfig.exe"=0x534143500100000000000000070000002800000060AC04002A5C050001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\PortableApps.com_Platform_Setup_16.0.paf.exe"=0x5341435001000000000000000700000028000000687D4E0014E44E0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000033050600000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\PortableApps.com_Platform_Setup_16.0.paf (1).exe"=0x5341435001000000000000000700000028000000687D4E0014E44E0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BA860C00000000000100000001000000 "SIGN.MEDIA=114272 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\ANAAMFUW Finalis anti-mc flurry ushuaïa-widen 1 à 16 gonflables\unblocker.exe"=0x5341435001000000000000000700000028000000804F0B0064290C0001000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000F0840000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\keepvid-music-tag-editor_full4171 (1).exe"=0x534143500100000000000000070000002800000048F422019FF5220101000000000000000000030600010000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000001ACA6F00000000000100000001000000 "C:\PortableApps\PortableApps.com\PortableAppsPlatform.exe"=0x534143500100000000000000070000002800000040A53A000CCD3A0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000042D58305000000000100000001000000 "C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe"=0x534143500100000000000000070000002800000010C15000E6A5510001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000028E10000000000000100000001000000 "C:\Program Files (x86)\IObit\IObit Uninstaller\AUpdate.exe"=0x53414350010000000000000007000000280000001081020089E9020001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000AC270000000000000300000003000000 "C:\Program Files\abylonsoft\SAKeySafe\SASafeX64.EXE"=0x534143500100000000000000070000002800000068094F004E9E4F0001000000000000000000000A73220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000028510100000000000200000002000000 "C:\Program Files\internet explorer\iexplore.exe"=0x534143500100000000000000070000002800000008950C008E3B0D0001000000010000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\launcher.exe"=0x5341435001000000000000000700000028000000585C1600DC09170001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DFE7AE16000000000200000002000000 "C:\Program Files (x86)\Comodo\Dragon\dragon.exe"=0x5341435001000000000000000700000028000000F0D222005A34230001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000076F19D10000000000300000003000000 "SIGN.MEDIA=3496DF6 PortableApps\PortableApps.com\PortableAppsPlatform.exe"=0x534143500100000000000000070000002800000040A53A000CCD3A0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FD1EF111000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\tidymymusic-bing_full1701.exe"=0x5341435001000000000000000700000028000000F02C29012FDD290101000000000000000000010600010000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000007A2EBA11000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\Full-DISKfighter_Web.exe"=0x5341435001000000000000000700000028000000180D29007724290001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000CA5F0200000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\OUTDATEfighter_Web.exe"=0x5341435001000000000000000700000028000000B0EB1F00B4F21F0001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000087AC0100000000000100000001000000 "C:\Program Files (x86)\Fighters\OUTDATEfighter\OUTDATEfighter.exe"=0x5341435001000000000000000700000028000000801617001525170001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000003107810000000000300000003000000 "C:\Program Files (x86)\CyberLink\AppManager\AppManager.exe"=0x5341435001000000000000000700000028000000B8060400587B040001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000005570730E000000000100000001000000 "C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe"=0x5341435001000000000000000700000028000000305E5D0321505E0301000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000003F9E5E0D000000000300000003000000 "C:\Program Files\windows nt\accessories\wordpad.exe"=0x5341435001000000000000000700000028000000008844005901450001000000010000000000000A63220000DB80FDAC2839D3010000000000000000 "C:\Users\EFM_UEFM_Barrow_U\Desktop\rkill.exe"=0x5341435001000000000000000700000028000000D0811B0066BA1B0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000014AD0100000000000100000001000000 "C:\Program Files (x86)\QuickDiag\quickdiag_V5_27.02.19.1.exe"=0x534143500100000000000000070000002800000098F74E00B9194F0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000685C6600000000000100000001000000 "C:\Program Files (x86)\USBFix\UsbFix_2019_11.012.exe"=0x534143500100000000000000070000002800000058D545008D09460001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000005800500000000000100000001000000 "C:\Program Files (x86)\Moo0\DiskCleaner 1.23\DiskCleaner.exe"=0x53414350010000000000000007000000280000000010320097E5320001000000000000000000020671020000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000DC960100000000000300000003000000 "C:\Program Files (x86)\Fighters\Tray\FightersTray.exe"=0x534143500100000000000000070000002800000080E2190049621A0001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B4039F00000000000200000002000000 "SIGN.MEDIA=3B41D4C PowerDVD 365\ApplicationManager_v1126_rv199819(1.2)_STD_APM181015-01.exe"=0x53414350010000000000000007000000280000001805ED005517ED0001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000800000000000000000000000000000000000000038BE8F00000000000200000002000000 "C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16031.11328.20154.0_x86__8wekyb3d8bbwe\Office16\WINWORD.EXE"=0x5341435001000000000000000700000028000000C0131E0093BB1E0001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Program Files\Remo Outlook Backup & Migrate 2.0\rs-taskrobm.exe"=0x534143500100000000000000070000002800000000A20300782B040001000000000000000000000A71220000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000017F1C901000000000100000001000000 "C:\Program Files\Remo Duplicate Photos Remover 1.0\rs-DupMgr.exe"=0x534143500100000000000000070000002800000000640300ABC8030001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000C6C7C901000000000100000001000000 "C:\Program Files\Remo Duplicate File Remover 1.0\rs-fDupMgr.exe"=0x5341435001000000000000000700000028000000006603004A5A040001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B389C901000000000100000001000000 "C:\Program Files (x86)\Comodo\Dragon\modules\dragon_helper.exe"=0x534143500100000000000000070000002800000010D13000F55B310001000000000000000000000A73200000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000069370700000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\winrar-x64-570fr.exe"=0x5341435001000000000000000700000028000000E86031009859320001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000000B4F0000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe"=0x53414350010000000000000007000000280000005878180002AD180001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\EFM_UEFM_Barrow_U\Desktop\JRT.exe"=0x534143500100000000000000070000002800000048501B0027F11B0001000000000000000000010671020000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000565B0500000000000100000001000000 "C:\Program Files\WinRAR\WinRAR.exe"=0x5341435001000000000000000700000028000000C8B92200182D230001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A5AD0000000000000600000006000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\usbsafelyremovesetup_6-1-5.exe"=0x5341435001000000000000000700000028000000A06C5700599F570001000000000000000000030600010000DB80FDAC2839D3010000000000000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\h2testw_1.4\h2testw.exe"=0x5341435001000000000000000700000028000000006406003092060001000000000000000000000671220000DB80FDAC2839D3010000000000000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\BabylonNG_setup.exe"=0x5341435001000000000000000700000028000000106E0A0076E2010001000000000000000000030600010000DB80FDAC2839D3010000000000000000 "C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe"=0x5341435001000000000000000700000028000000C0621800B4BE180001000000000000000000000A73220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000002B40900000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon-toolbar-on-ie_VkqQbj_2447881514.exe"=0x5341435001000000000000000700000028000000708220000000000001000000000000000000030600010000DB80FDAC2839D301000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000007DB30100000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon-toolbar-on-ie_VicF87_1252449242.exe"=0x5341435001000000000000000700000028000000708220000000000001000000000000000000030600010000DB80FDAC2839D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000098B70000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon10_setup_ns.exe"=0x5341435001000000000000000700000028000000086A0A004FFB010001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000047090000000000000200000002000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon10_setup_ns (1).exe"=0x5341435001000000000000000700000028000000086A0A004FFB010001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000050050000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon10_setup_ns (2).exe"=0x5341435001000000000000000700000028000000086A0A004FFB010001000000000000000000030600010000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000006B030000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon10_setup_ns (3).exe"=0x5341435001000000000000000700000028000000086A0A004FFB010001000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B7060000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon-toolbar-on-ie_VEvppl_3885422848.exe"=0x5341435001000000000000000700000028000000708220000000000001000000000000000000030600010000DB80FDAC2839D30100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000B62F0100000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\PC_Cleaner.exe"=0x5341435001000000000000000700000028000000F00747009A76470001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000005E311100000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\OneSafe_PC_Cleaner.exe"=0x534143500100000000000000070000002800000030AF49008AE3490001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E4240F00000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\OneSafe_PC_Cleaner (1).exe"=0x534143500100000000000000070000002800000030AF49008AE3490001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000055550300000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\PC_Cleaner (1).exe"=0x5341435001000000000000000700000028000000F00747009A76470001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\Installer_babylon_11.0.0.13_4038416036.exe"=0x5341435001000000000000000700000028000000692320000000000001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B2890000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon_2528611466.exe"=0x5341435001000000000000000700000028000000387F20000000000001000000000000000000010600010000DB80FDAC2839D301000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000004C1E0200000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon_3765483945.exe"=0x5341435001000000000000000700000028000000387F20000000000001000000000000000000010600010000DB80FDAC2839D301000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000003B9C0100000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\Unlocker_Portable_1.9.2_32-64_Multilingual.exe"=0x5341435001000000000000000700000028000000008604000000000001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FD310000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\unlocker-1.9.0.exe"=0x53414350010000000000000007000000280000003D800F000000000001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000097E90600000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\unlocker_1-9-2.exe"=0x53414350010000000000000007000000280000003F7510000000000001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000030750000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\Unlocker\Unlocker1.9.2\Unlocker1.9.2.exe"=0x53414350010000000000000007000000280000003F7510000000000001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000DB410000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\unlocker-1-9-1-en-win.exe"=0x5341435001000000000000000700000028000000C16B19000000000001000000000000000000010600010000DB80FDAC2839D3010000000000000000 "SIGN.MEDIA=42A950B8 renouveau du widen - babylon free & trial, & vaincre la peur de babylon toolbar & search\zhpcleaner_2019.1.17.9.exe"=0x534143500100000000000000070000002800000080633200A9B1320001000000000000000000000A00210000DB80FDAC2839D30100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000FA340000000000000100000001000000 "SIGN.MEDIA=42A950B8 renouveau du widen - babylon free & trial, & vaincre la peur de babylon toolbar & search\quickdiag_V5_27.02.19.1.exe"=0x534143500100000000000000070000002800000098F74E00B9194F0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 "SIGN.MEDIA=42A950B8 renouveau du widen - babylon free & trial, & vaincre la peur de babylon toolbar & search\ZHPCleaner.exe"=0x534143500100000000000000070000002800000080A52F00013F300001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131571602490602647 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductType"=2 "InstallLocation"=C:\Program Files\Windows Defender\ "ProductStatus"=0 "InstallTime"=0x3926541D6ADAD401 "OneTimeSqmDataSent"=1 "OOBEInstallTime"=0xB4551ABDAEDAD401 "DisableAntiSpyware"=1 "DisableAntiVirus"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\adawareantivirusservice] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ZAM.exe" /service] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\adawareantivirusservice] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ZAM.exe" /service] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zam64.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zamguard64.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [2a00:1450:4007:805::200e] avec 32 octets de donn?es?: R?ponse de 2a00:1450:4007:805::200e?: temps=30 ms R?ponse de 2a00:1450:4007:805::200e?: temps=39 ms R?ponse de 2a00:1450:4007:805::200e?: temps=29 ms R?ponse de 2a00:1450:4007:805::200e?: temps=55 ms Statistiques Ping pour 2a00:1450:4007:805::200e: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 29ms, Maximum = 55ms, Moyenne = 38ms ---------- | @ [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=https://fr.yahoo.com/?fr=fp-comodo&type=81_10555005_72.0.3626.121_u_hp_sp "DisableFirstRunCustomize"=3 "ImageStoreRandomFolder"=m4kjjob "OperationalData"=13 "CompatibilityFlags"=0 "SearchBandMigrationVersion"=1 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC8000000C80000000E0600004C040000 "Start Page_TIMESTAMP"=0xE45A8F41CEDFD401 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x618C6EBEECDAD401 "NotifyDownloadComplete"=yes "News Feed First Run Experience"=0 "Use FormSuggest"=no "Use Custom Search URL"=0 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "CertificateRevocation"=1 "ZonesSecurityUpgrade"=0x618C6EBEECDAD401 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "GlobalUserOffline"=0 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=about:blank "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "TabProcGrowth"=Medium [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 "SecureProtocols"=2688 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=about:blank "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "TabProcGrowth"=Medium [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"=http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=546b3573000000000000685acf6a7e41&tlver=1.4.19.19&affID=16553 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Tabs"=http://search.babylon.com/?babsrc=NT_ss&mntrId=546b3573000000000000685acf6a7e41&tlver=1.4.19.19&affID=16553 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amv] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bdmv] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dv] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.evo] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.f4v] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdmov] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ifo] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2p] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MPE] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpls] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv4] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mxf] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NSR] "progid"=Potplayer.nsr [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogm] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogv] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ram] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rec] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rm] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmvb] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tp] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tps] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.trp] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vob] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webm] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv] "Application"=wmplayer.exe ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\AVAST Software\Avast\ashShell.dll [15/03/2019 05:28:54] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [29/09/2017 14:41:47] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Height"=0 "ITBar7Layout"=0x130000000000000000000000200000001000000000000000010000008006000099010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={7B5E17A5-1DFB-4269-9519-177F01849132} "KnownProvidersUpgradeTime"=0x618C6EBEECDAD401 "Version"=5 "UpgradeTime"=0x618C6EBEECDAD401 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={7B5E17A5-1DFB-4269-9519-177F01849132} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "Locked"=0 "{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}"=QuickStores-Toolbar "{98889811-442D-49dd-99D7-DC866BE87DBC}"=Babylon Toolbar [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={7B5E17A5-1DFB-4269-9519-177F01849132} ---------- | Extensions [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}] : (Translate this web page with Babylon) - [] ---------- | SearchScopes [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0AA24E16-07B3-4694-8357-3C21ACC5F516}] - (Yahoo!) - https://fr.search.yahoo.com/yhs/search?hspart=comodo&hsimp=yhs-com_chrome&type=81_10555005_72.0.3626.121_u_ds_sp&p={searchTerms} : [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}] - (Search the web (Babylon)) - http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=546b3573000000000000685acf6a7e41&tlver=1.4.19.19&affID=16553 : [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7B5E17A5-1DFB-4269-9519-177F01849132}] - (Bing) - https://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 : [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}] - (Yahoo! Search) - http://fr.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo&type=10555005_11.0.0.6802_i_ds : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7B5E17A5-1DFB-4269-9519-177F01849132}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRSMS1&src=IE11TR&pc=SMTE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{7B5E17A5-1DFB-4269-9519-177F01849132}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRSMS1&src=IE11TR&pc=SMTE : ---------- | ElevationPolicy [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\System32\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\system32\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\System32\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\${ELV_GUID}] - (C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19) - BabylonToolbarsrv.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\sysnative\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\SysWOW64\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : ---------- | Ext\Settings [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2DD257A3-5028-41AE-A1E7-A12F76A08893}] : : C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] : : C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll ---------- | Ext\Stats [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}] : : [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25336920-03F9-11CF-8FD0-00AA00686F13}] : : C:\Windows\SysWOW64\mshtml.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2933BF90-7B36-11D2-B20E-00C04F983E60}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2DD257A3-5028-41AE-A1E7-A12F76A08893}] : : C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{333C7BC4-460F-11D0-BC04-0080C7055A83}] : : C:\Windows\SysWOW64\tdc.ocx [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64AB4BB7-111E-11D1-8F79-00C04FC2FBE1}] : : C:\Windows\SysWOW64\ieframe.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6BF52A52-394A-11D3-B153-00C04F79FAA6}] : : %SystemRoot%\system32\wmp.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}] : : C:\Windows\SysWOW64\ieframe.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{88D96A05-F192-11D4-A65F-0040963251E5}] : : C:\Windows\SysWOW64\msxml6.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9BE31822-FDAD-461B-AD51-BE1D1C159921}] : : [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] : : C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}] : : C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE09B103-97E0-11CF-978F-00A02463E06F}] : : C:\Windows\SysWOW64\scrrun.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F11-9C73-11D3-B32E-00C04F990BB4}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F16-9C73-11D3-B32E-00C04F990BB4}] : : %SystemRoot%\System32\msxml3.dll ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DD257A3-5028-41AE-A1E7-A12F76A08893}] -> (IeUrlFilter Class) : C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [15/02/2019 05:48:54] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10EDB994-47F8-43F7-AE96-F2EA63E9F90F}] -> (QuickStores-Toolbar) : mscoree.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}] -> (CescrtHlpr Object) : C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll [07/11/2010 14:45:26] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] -> (Babylon IE plugin) : C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [26/03/2019 17:09:16] ---------- | Chrome [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb] ---------- | Opera C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Opera Software\Opera Stable\extensions\kipjbhgniklcnglfaldilecjomjaddfi = : __MSG_description__ - __MSG_name__ - https://extension-updates.opera.com/api/omaha/update/ ---------- | Firefox [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{e7a3896f-b4aa-4931-ba43-7ed6d96a98e9}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{e7a3896f-b4aa-4931-ba43-7ed6d96a98e9}] "NameServer"=156.154.70.25,156.154.71.25 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{e7a3896f-b4aa-4931-ba43-7ed6d96a98e9}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{e7a3896f-b4aa-4931-ba43-7ed6d96a98e9}] "NameServer"=156.154.70.25,156.154.71.25 ---------- | ActiveX [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - -> [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - -> [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4FC4FAB8-DD2C-3F8B-B378-F6EF65C0EC05}] - (.NET Framework) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{FEBEF00C-046D-438D-8A88-BF94A6C9E703}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{54BDBDCB-ED26-30CA-BFFC-5B5E414C3793}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5A604D2C-E968-429B-8327-62B5CE52126D}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{CE4BC71D-A88B-4943-BB3D-AF9C0E7D4387}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> ---------- | Applications [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Classes\Applications\bsplayer.exe] : C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe "%L" [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Classes\Applications\opera.exe] : "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\Launcher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\Atelier Photo Fnac.exe] : "C:\Program Files\Fnac\Atelier Photo Fnac\Atelier Photo Fnac.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\GALERIE PHOTO CEWE.exe] : "C:\Program Files\CEWE\Logiciel de creation CEWE\GALERIE PHOTO CEWE.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\Launcher.exe] : "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" [HKLM\SOFTWARE\Classes\Applications\Logiciel de création CEWE Cora.exe] : "C:\Program Files\Cora\Logiciel de creation CEWE Cora\Logiciel de création CEWE Cora.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\Logiciel de création CEWE.exe] : "C:\Program Files\CEWE\Logiciel de creation CEWE\Logiciel de création CEWE.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\Ma Galerie Photo.exe] : "C:\Program Files\Fnac\Atelier Photo Fnac\Ma Galerie Photo.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\PotPlayerMini64.exe] : "C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Atelier Photo Fnac.exe] : "C:\Program Files\Fnac\Atelier Photo Fnac\Atelier Photo Fnac.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\GALERIE PHOTO CEWE.exe] : "C:\Program Files\CEWE\Logiciel de creation CEWE\GALERIE PHOTO CEWE.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Launcher.exe] : "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Logiciel de création CEWE Cora.exe] : "C:\Program Files\Cora\Logiciel de creation CEWE Cora\Logiciel de création CEWE Cora.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Logiciel de création CEWE.exe] : "C:\Program Files\CEWE\Logiciel de creation CEWE\Logiciel de création CEWE.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Ma Galerie Photo.exe] : "C:\Program Files\Fnac\Atelier Photo Fnac\Ma Galerie Photo.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PotPlayerMini64.exe] : "C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | DCOMApplications Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af} Name: Local Service Credential UI Broker - AppID: {00944ad3-b2ad-4bcf-9202-59bf4662d521} Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68} Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba} Name: TabTip - AppID: {01419581-4d63-4d43-ac26-6e2fc976c1f3} Name: lfsvc - AppID: {020FB939-2C8B-4DB7-9E90-9527966E38E5} Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030} Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd} Name: DevicesFlowExperienceFlow - AppID: {046AEAD9-5A27-4D3C-8A67-F82552E0A91B} Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B} Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23} Name: OOBE Bio Enrollment - AppID: {0771f7af-8de6-4bce-9528-2d4a12cb8168} Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299} Name: Retail Demo User COM Agent - AppID: {0886dae5-13ba-49d6-a6ef-d0922e502d96} Name: RtkApoApi - AppID: {08B039CA-84AA-40EA-8E9C-1D9537DC415B} Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A} Name: Proximity Sharing - AppID: {08FC06E4-C6B5-40BE-97B0-B80F943C615B} Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3} Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3} Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94} Name: NotificationController App ID - AppID: {0B789C73-D8DA-416D-B665-C1603676CEB1} Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C} Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de} Name: CamrecShellExt - AppID: {0DE69E95-29A8-4A7B-B10C-78EF7E2AA5B4} Name: IntelCpHeciSvc - AppID: {11AC3232-E7D7-49CD-ABFE-501700100B3A} Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E} Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666} Name: Shell Create Object Task Server - AppID: {133eac4f-5891-4d04-bada-d84870380a80} Name: Shell Create Object Handler - AppID: {135fd325-45b7-4c30-89f8-4386961669f0} Name: TPM Virtual Smart Card VCard Module Manager - AppID: {150F28F1-49A5-4C28-BE1A-CFA854A1D04B} Name: Remote TPM Virtual Smart Card Manager - AppID: {152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC} Name: CCasperCDNPROCOMSERVER - AppID: {15647F9A-1F59-41EB-8115-E09FDBAC5174} Name: RuntimeBroker - AppID: {15c20b67-12e7-4bb6-92bb-7aff07997402} Name: TPM Virtual Smart Card Manager - AppID: {16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A} Name: Speech Runtime COM - AppID: {1725704B-A716-4E04-8EF6-87ED4F0A180A} Name: Immersive TPM Virtual Smart Card Manager - AppID: {19833350-BF9B-42A1-BDF0-BD1FCBE1FD31} Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Name: GIDS Smart Card Simulator Manager - AppID: {1AC32B1A-E379-4CAD-B655-F978A30856EC} Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6} Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c} Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0} Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2} Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7} Name: Microsoft Software Protection Platform Admin Object (Inner) - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A717} Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526} Name: Provisioning Core - AppID: {217700E0-0000-11DF-ADB9-F4CE462D9137} Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829} Name: CortanaExperienceFlow - AppID: {24AC8F2B-4D4A-4C17-9607-6A4B14068F97} Name: Experimentation Broker - AppID: {2568BFC5-CDBE-4585-B8AE-C403A2A5B84A} Name: Update Notification Component Com Handler - AppID: {25d6d937-1fa3-4a22-8875-8680943b3f29} Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF} Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E} Name: WInRTDesktopBroker - AppID: {27550CA0-E9DE-4186-A566-37A59BB6CA69} Name: Cloud Change Wnf Monitor - AppID: {276D4FD3-C41D-465F-8CA9-A82A7762DF32} Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E} Name: WalletService - AppID: {27D6B72D-094D-445A-9ACE-8298CBA0611A} Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78} Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A} Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5} Name: WalletService - AppID: {2EA38040-0B9C-4379-87FD-4D38BB892F37} Name: Windows Security Health Service - AppID: {2EB6D15C-5239-41CF-82FB-353D20B816CF} Name: DevicesFlow - AppID: {2F93C02D-77F9-46B4-95FB-8CBB81EEB62C} Name: Immersive Shell Broker - AppID: {2FD08A73-D1F1-43EB-B888-24C2496F95FD} Name: ShellServiceHostBrokerProvider - AppID: {30AD8C8E-AE85-42FA-B9E8-7E99E3DFBFC5} Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7} Name: AuthHost - AppID: {31337EC7-5767-11CF-BEAB-00AA006C3606} Name: Immersive Shell - AppID: {316CDED5-E4AE-4B15-9113-7055D84DCC97} Name: UiaManagerCrossMachineProxyAppId - AppID: {31b965c2-d4a3-4d8e-ac40-a76d466cd0b7} Name: Delivery Optimization Mgmt - AppID: {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} Name: Language Components Installer Com Handler - AppID: {33ADC7D5-BAF1-4661-9822-1FD23E63B39F} Name: wpnservice - AppID: {34E76A18-223B-4E23-BEAD-F59358CC0A90} Name: TrayAppIdentityResolver - AppID: {35BC523D-8BE9-496E-8257-026E8B4750FC} Name: CoreDpusSvr - AppID: {36234D6F-D9B8-404B-91C9-736BD2EE3040} Name: Windows Push Notification Platform - AppID: {362cc086-4d81-4824-bbb5-666d34b3197d} Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB} Name: Security Health Agent Activate As Activator Host - AppID: {37096FBE-2F09-4FF6-8507-C6E4E1179893} Name: Delivery Optimization - AppID: {379001DE-7108-4A45-8A74-6CD0A9FBEF2C} Name: Microsoft Portable Workspace Launcher - AppID: {37B73D7B-A976-43AE-97E4-BD4977B241F2} Name: CortanaMapiHelper - AppID: {3BFADDE5-09ED-42AE-8190-2E68B650CFE6} Name: WorkspacePolicyProcessor - AppID: {3C3F40BC-60EB-4567-B90C-480C87C21AC1} Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F} Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e} Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7} Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683} Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25} Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c} Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91} Name: Connected User Store - AppID: {40AFA0B6-3B2F-4654-8C3F-161DE85CF80E} Name: NaturalAuthentication - AppID: {412E0F20-6C5B-43EC-879F-DA444A416EAC} Name: Core Shell Broker Provider - AppID: {41928E27-7275-491C-A5A1-4FDC791BF609} Name: EntAppSvc - AppID: {42C21DF5-FB58-4102-90E9-96A213DC7CE8} Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775} Name: SPP External COM Object - AppID: {44831FEC-DC51-4716-A7E1-E898FDF83C85} Name: Thumbnail Extraction Host Class - AppID: {4545dea0-2dfc-4906-a728-6d986ba399a9} Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29} Name: Application Activation Manager - AppID: {45BA127D-10A8-46EA-8AB7-56EA9078943C} Name: Set Network Location Elevated Virtual Factory - AppID: {46B988E8-BEC2-401F-A1C5-16C694F26D3E} Name: Radio Management Service - AppID: {478B41E6-3257-4519-BDA8-E971F9843849} Name: ShellServiceHost - AppID: {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077} Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Name: Telephony App Launcher - AppID: {49EBD8BE-1A92-4A86-A651-70AC565E0FEB} Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d} Name: Virtual Factory for Languages Configuration - AppID: {4A3F2F56-454A-4CC5-9734-BB7D8141AC0A} Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17} Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C} Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC} Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94} Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345} Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B} Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630} Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25} Name: Security Health Agent Interactive User Host for WDSP only - AppID: {4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED} Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601} Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1} Name: wuapihost - AppID: {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5} Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B} Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B} Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C} Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660} Name: LockScreenContentServer Out of Proc Helper for LockScreenContent Clients - AppID: {536AACFB-5238-4314-B4D4-5B0A2E8B968E} Name: ShareFlow - AppID: {549e57e9-b362-49d1-b679-b64d510efe4b} Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF} Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B} Name: IntelAudioService - AppID: {56c68ad6-d778-4cda-84a8-71f5c3e2a429} Name: Elevated System Settings COM Host - AppID: {57360832-5F9B-4190-8467-000D2D510212} Name: PrintNotify - AppID: {588E10FA-0618-48A1-BE2F-0AD93E899FCC} Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2} Name: PfShellExtension - AppID: {59A55EF0-525F-4276-AB62-8F7E5F230399} Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61} Name: Docking.VirtualInput Create Object Server - AppID: {5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26} Name: WalletService - AppID: {5BC7A3A1-E905-414B-9790-E511346F5CA6} Name: Microsoft Maps Background Transfer Service - AppID: {5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309} Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1} Name: Splash screen - AppID: {5EAD00DC-0E8B-497C-BDE8-B9153058CBEF} Name: User OOBE Create User Object Server - AppID: {5f7f3f7b-1177-4d4b-b1db-bc6f671b8f25} Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1} Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D} Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327} Name: PenIMC2 - AppID: {63CE6D27-426A-41F9-8E51-549C1132DAE2} Name: CoreShellHost - AppID: {64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2} Name: BabylonHelper - AppID: {6536801B-F50C-449B-9476-093DFD3789E3} Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E} Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E} Name: tiledatamodelsvc - AppID: {65E2E13A-7110-4912-9F03-9A42E253D8F6} Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30} Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8} Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F} Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b} Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56} Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56} Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B} Name: TieringEngineService - AppID: {6DF5BCF4-22E9-446D-8763-A2C7677ECF7D} Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce} Name: SEMgrSvc - AppID: {6F4B8D94-91FE-4665-B1E7-A34AE3F299F6} Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca} Name: EditionUpgradeHelper - AppID: {6F65B602-F798-4094-8A41-A2A61961E5E8} Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5} Name: Windows Insider Service - AppID: {7006698d-2974-4091-a424-85dd0b909e23} Name: workfolderssvc - AppID: {712cedb9-16a4-4f79-801d-7de24d8c706e} Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC} Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD} Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED} Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950} Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070} Name: WebPlatStorageBrokerServer - AppID: {7966b4d8-4fdc-4126-a10b-39a3209ad251} Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100} Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d} Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7} Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829} Name: Shell Create Object Local Server - AppID: {7B6EA1D5-03C2-4AE4-B21C-8D0515CC91B7} Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32} Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6} Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB} Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715} Name: Security Health Agent Interactive User Host - AppID: {7E55A26D-EF95-4A45-9F55-21E52ADF9887} Name: Battery Notification Manager - AppID: {7EAD5C10-8B3F-11E6-AE22-56B6B6499611} Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {7FC12E96-4CB7-4ABD-ADAA-EF7845B10629} Name: AdAwareShellExtension - AppID: {815E3070-A914-4A36-BC40-2F35AAD1C91E} Name: CFmIfsEngine host - AppID: {82D94FB3-7FE6-4797-BB72-9A886C66073B} Name: IntelCpHDCPSvc - AppID: {84081F6F-8B2D-4FFE-AF7F-E72D488FABEB} Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F} Name: DataShredderShellExt - AppID: {86893589-0CF8-4E19-9D2B-0CB6D5D13071} Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850} Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE} Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} Name: AppReadiness Service - AppID: {88283d7c-46f4-47d5-8fc2-db0b5cf0cb54} Name: ordecom - AppID: {88E60EF9-F7D5-48ca-81DC-6A43FADD6530} Name: Activation Manager Shim - AppID: {8A9AE632-CB07-4A11-8872-358A2A271A24} Name: Desktop Wallpaper Factory - AppID: {8B30085D-A3E3-44e3-AE7F-B03A1340EBED} Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854} Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB} Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee} Name: TiWorker - AppID: {8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D} Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C} Name: WalletService - AppID: {8E44A57C-5638-44D3-9B83-34DF70EB57F2} Name: RdpSa - AppID: {8e7fae4d-cff0-41d3-a326-5a80470264bb} Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444} Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db} Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients - AppID: {924DC564-16A6-42EB-929A-9A61FA7DA06F} Name: RtkPgExt - AppID: {92842063-1ECC-4a1a-9343-9A8E1C972E60} Name: HtmlLocalFileResolver - AppID: {93AAD2A0-036A-4B11-A078-DA8776B38139} Name: BitLockerAnywhereShell - AppID: {93F734C3-473B-4093-BFF8-3D3092C3F42D} Name: UiaManager - AppID: {94a38670-983b-459c-87c8-bb6ad617fd74} Name: PenIMC4v2 - AppID: {953E4863-7AD1-4DAE-B2BD-108F1D57967B} Name: WebPlatformStorageServer - AppID: {973d20d7-562d-44b9-b70b-5a0f49ccdf3f} Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60} Name: Telephony Incoming Call Toast - AppID: {990F07C7-78DC-4BD2-B145-5F791410BDDE} Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7} Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Name: RuntimeBroker - AppID: {9CA88EE3-ACB7-47c8-AFC4-AB702511C276} Name: CommonToolkit2 - AppID: {9D5DF630-D2C3-40A5-830E-4BA4322A0107} Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8} Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030} Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D} Name: RtkCfg - AppID: {A11009A7-DC01-48F8-B6AA-C4613FC5CB15} Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Name: TrayNotify - AppID: {a2b77517-6d12-4c60-b0c6-725e971ec8fe} Name: rundll32.exe - AppID: {a2d9ca22-a492-400c-b875-78ac25c0a6f3} Name: Xhr2OOP - AppID: {a3a81ee7-be13-4dd8-89f7-26aba705d81d} Name: Virtual Factory for Windows Defender Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357} Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6} Name: DsmAdminApi - AppID: {A5065670-136D-4FD6-A45F-00C85B90359C} Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24} Name: Core Shell Service Provider - AppID: {A67168DB-418E-4087-B63E-852E822BB1ED} Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121} Name: Virtual Factory for MaintenanceUI - AppID: {A6BFEA43-501F-456F-A845-983D3AD7B8F0} Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F} Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50} Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D} Name: Delivery Optimization Mgmt - AppID: {AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800} Name: Core Shell COM Server Registrar - AppID: {AA8F1F23-D819-4E95-9B36-7FD68D5218F9} Name: F12AppFrameClient Class - AppID: {AABAA6AA-5398-4C08-AE60-6321A7F05E9C} Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22} Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94} Name: PaymentsSvc - AppID: {AC05815A-A8D5-434B-B9A8-2FFD162F2B7D} Name: RetailDemo Service - AppID: {ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325} Name: esrv - AppID: {AD25754E-D76C-42B3-A335-2F81478B722F} Name: WPN Srumon Server - AppID: {ada41b3c-c6fd-4a08-8cc1-d6efde67be7d} Name: TrayToastActivator - AppID: {AFC732E2-BA57-4B3E-A70A-71371F99B871} Name: WorkspaceBroker Class - AppID: {B06FF84E-0A77-4DD2-A919-0EABD8979DC1} Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA} Name: BabylonIEPI - AppID: {B16632F1-24E0-4D99-A68D-70BFB6447C48} Name: DockInterface COM server - AppID: {b21858c6-9711-4257-99c8-5c0084bebce1} Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492} Name: AppActivationFailedHandler - AppID: {B3AADFEA-8404-4CBE-A62E-B0B715412C9E} Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C} Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599} Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2} Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D} Name: ApplicationActivationImpl - AppID: {B9305506-D05B-4C36-81C5-0E50886C1755} Name: Application Frame Host - AppID: {B9B05098-3E30-483F-87F7-027CA78DA287} Name: ShellExtBridge119 - AppID: {ba3bdfe6-1ca3-43e9-907f-7b00567be2c9} Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4} Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70} Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B} Name: Setting Sync Task Factory - AppID: {bcbb3f8c-2889-474f-8fb7-904d4a416145} Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B} Name: EditionUpgradeManagerObj - AppID: {BD54C901-076B-434E-B6C7-17C531F4AB41} Name: escort - AppID: {BDB69379-802F-4eaf-B541-F8DE92DD98DB} Name: VM IC Heartbeat Service - AppID: {be0fc7f0-f248-4091-a123-34ca29a6901b} Name: Shell AutoPlay Direct - AppID: {BF8841C9-378A-4CAD-B4FC-5091366CBC0D} Name: ShellBrowserWindow - AppID: {c08afd90-f2a1-11d1-8455-00a0c91f3880} Name: LockAppHost Out of Proc Helper for Lock Apps - AppID: {C08B030B-E91C-479D-BEFD-02DDA7FF1BCF} Name: Spectrum - AppID: {C0E1CE99-C981-44A2-AC4C-41036FAC6593} Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6} Name: DataExchangeHost - AppID: {C2E9756F-8155-4EAC-9ED5-0B690169D412} Name: RetailCoreSystemAgent Service - AppID: {C2EA2356-994C-45AF-BDAE-10796F73BC47} Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF} Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1} Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E} Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444} Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D} Name: Xbox Live Game Saves - AppID: {C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3} Name: EntAppSvc - AppID: {C63261E4-6052-41FF-B919-496FECF4C4E5} Name: EmailClient Class - AppID: {C6E0A4C8-A933-411E-8068-406C2391665F} Name: FamilySafetyRefreshTask - AppID: {C844C79D-AED8-4DCE-AB25-4D359BED84F8} Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9} Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81} Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D} Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C} Name: editionupgradebroker - AppID: {C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125} Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F} Name: User OOBE Create Elevated Object Server - AppID: {ca8c87c1-929d-45ba-94db-ef8e6cb346ad} Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B} Name: PrintIsolationSessionHost - AppID: {CB363445-F453-4C1E-8EE4-BD123C5E394F} Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF} Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF} Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933} Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03} Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395} Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7} Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5} Name: Color Management - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937} Name: Windows.Internal.Security.SmartScreen.NetworkFiltering.NetworkFilter - AppID: {d339785e-44b3-4ce6-b01f-83a55a1b7da0} Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652} Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30} Name: UACObject - AppID: {D8239E84-D6EC-41dc-B7EA-98CDBF472200} Name: CloudStorageWizard - AppID: {D8775A07-C529-4EA7-B307-BA7C8CBBDA03} Name: Microsoft Software Protection Platform Admin Object (outer) - AppID: {D8D4249F-A8FB-44A7-8AA0-564E8C385BD6} Name: Microsoft Volumetric Audio Compositor - AppID: {DD7B2C49-A779-4055-BBD5-7C96F502F97F} Name: BrowserBrokerServer - AppID: {DD9C53BC-8441-4B94-BD0E-36E6E02A6D61} Name: Srumon Server - AppID: {ddcfd26b-feed-44cd-b71d-79487d2e5e5a} Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44} Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5} Name: LockScreen Call Broker - AppID: {DE7D3D65-5454-4EF5-9518-776739DAB39F} Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} Name: CavShell - AppID: {E11C8519-5595-4397-B515-AB036DEC467A} Name: Immersive Print Dialog Surrogate - AppID: {E15FBAC2-C276-4523-92CA-561456EBCF3E} Name: RtkAPODll - AppID: {E1D2965E-D32B-4e1c-B9F1-159ACB984258} Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212} Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB} Name: Execute Unknown - AppID: {e44e9428-bdbc-4987-a099-40dc8fd255e7} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients (Failed Mouse In Pointer) - AppID: {E45A56CE-399C-45F0-9E6F-BFAACD3C711F} Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A} Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9} Name: Orchestrator Service - AppID: {E7299E79-75E5-47BB-A03D-6D319FB7F886} Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5} Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90} Name: Remove Device elevation surrogate - AppID: {E95186C7-7D80-4311-843D-0702CBC8B1E4} Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45E1-8E7D-64414AFF281A} Name: Exchange Active Sync Policy Manager Broker - AppID: {E9DD849F-B3CF-4614-94BB-CB2696BD34FB} Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8} Name: Convert VHD - AppID: {eae61b75-98d8-4af9-94e6-84b1c6f77c8a} Name: Remote Desktop Services Message Server - AppID: {EB521D7D-4095-4E61-88FB-BF25700F142A} Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A} Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A} Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58} Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147} Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7} Name: CloudExperienceHost Broker AppID - AppID: {efe2d6d8-a81b-41e7-ae77-e5244ab80522} Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC} Name: AvailableNetworksExperienceFlow - AppID: {F2506CD7-82C2-43D9-A1D3-F85F5EFE7D09} Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7} Name: FodHelper - AppID: {F2F94BB3-595C-4509-B7EE-243FA2BDEA5B} Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801} Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A} Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248} Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717} Name: Pen Workspace Discover Broker - AppID: {F5A6ACF4-FFE0-4934-AE1D-5F960EA0AAD9} Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8} Name: CloudExperienceHost Create System Object Server - AppID: {f7fa3149-91e7-43b7-8040-b707688ced1a} Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E} Name: WLIDFDP - AppID: {F828BB1A-2FAE-4AC4-AE6F-CAC9B529F996} Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7} Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333} Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E} Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb} Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160} Name: Hotspot Auth Module - AppID: {FC5EEAF6-0002-11DF-ADB9-F4CE462D9137} Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9} Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00} Name: Proximity UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10C} Name: MP UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10D} Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} Name: EntAppSvc - AppID: {FFE1E5FE-F1F0-48C8-953E-72BA272F2744} Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-3-3215430884-1339816292-89257616-1145831019" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-84-0-0-0-0-0" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-15-3-1024-1314380931-3989923313-3249193833-1963115619-3940350845-1282913705-2904921893-3519892189" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1212" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-1" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-2" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-3" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-3-1024-3153509613-960666767-3724611135-2725662640-12138253-543910227-1950414635-4190290187" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-80-611605672-2879557022-2206624263-4029342278-3129212340" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-15-3-1024-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-3-1024-3625662137-2682091254-856171984-2868379045-3001028726-1009205972-4175949866-684286152" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1031" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-80-3028837079-3186095147-955107200-3701964851-1150726376" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{730BFCEC-E4BF-4D3A-9FBB-01DD132467A4}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-503" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-80-4155767994-3874329934-3800885181-2130851812-726865888" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-15-3-1024-1701033769-137094913-3738083205-577272984-1204217555-1180762924-3352773070-2589626690" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1210" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-3859068477-1314311106-1651661491-1685393560" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-2385269614-3243675-834220592-3047885450" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-2165721414-884371012-2773947476-2437641138-4209659587-972658821-4033014341-190168586" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-2152139330-3124897132-671935159-3762809077-3273429135-2233686478-1435376800-2420532691" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-3167453650-624722384-889205278-321484983-714554697-3592933102-807660695-1632717421" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-15-3-1024-2165721414-884371012-2773947476-2437641138-4209659587-972658821-4033014341-190168586" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-15-3-1024-2152139330-3124897132-671935159-3762809077-3273429135-2233686478-1435376800-2420532691" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-3-1024-2922296261-1647482768-2017091146-3858667068-4135663662-2931985894-1627820925-818366431" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708" Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-3246321066-2451215914-3422911474-2201726393-166328789" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D8239E84-D6EC-41dc-B7EA-98CDBF472200}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{D8239E84-D6EC-41dc-B7EA-98CDBF472200}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD7B2C49-A779-4055-BBD5-7C96F502F97F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD7B2C49-A779-4055-BBD5-7C96F502F97F}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{DD7B2C49-A779-4055-BBD5-7C96F502F97F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-15-3-1024-2819154332-3691255550-2499738133-2646149002-4290075130-3069449926-721213713-3168903538" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-5-7" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-3433512109-503559027-1389316256-1766580070-2256751264" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-1260278928-804197538-2066346633-4268302704-2216462912" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-345135819-4012009209-3062012967-1747265747-3674605950" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-951620777-1059631183-2804607755-3010024351-809615488" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-1" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-2" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-3" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-32-544" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch DeviceInstall SystemEventsBroker "rdxgroup"=RetailDemo "Camera"=FrameS "diagnostics"=DiagSvc "PrintWorkflow"=PrintWorkflowUserSvc "DevicesFlow"=DevicesFlowUserSvc "GraphicsPerfSvcGroup"=GraphicsPerfSvc "smbsvcs"=lanmanserver browser "osrss"=osrss [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=PlugPlay DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\abylon] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\AC3Filter] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Aimersoft] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Amazing-Share] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\AmazingReg] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Apowersoft] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\AppDataLow] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\ASCOMP] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Ashampoo] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Avast Software] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Babylon] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\BabylonToolbar] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Browser Cleanup] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\BSD] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\BST] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\CeWe Color] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Chromium] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Clients] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Code Sector] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Code Systems] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Comodo] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\ComodoGroup] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Conduit] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\CyberLink] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Daum] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Dragon] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\DRP] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\drpsu] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\DVDVideoSoft] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Engelmann Media] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Engelmann Software] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\eSellerate] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Fighters] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Freecom] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\giveawayoftheday.com] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Google] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Haali] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Informer Technologies, Inc.] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Intel] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\LAV] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Licenses] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Macromedia] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\MainConcept] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Moo0] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Mozilla] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\MozillaPlugins] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\MPC-HC] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\NewBlue] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\NewSoftware's] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Obsidium] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\OneSafe PC Cleaner] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Opera Software] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Paragon] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Paragon Software] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\PC Cleaner] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\PC Optimizer Pro] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\PCVARK] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Policies] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\PortableApps.com] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\ProtectStar Inc.] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\QtProject] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Realtek] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\RegisteredApplications] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Remo Software] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\SafelyRemove] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\SharewareOnSale] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\ShellExtBridge110] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Softvoile] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Spoon] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Steganos] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\SubSystems] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Sunisoft] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\SyncEngines] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\sysinternals] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\TechSmith] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\TiushkovNikolay] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\undefined] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\WinRAR] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\WinRAR SFX] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\WinSweeper] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\WinSweeper2] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\WixSharp] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Wondershare] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Wow6432Node] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Zemana] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\ZHP] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\abylon] [HKLM\Software\Atheros] [HKLM\Software\AVAST Software] [HKLM\Software\AVC3] [HKLM\Software\Bitdefender] [HKLM\Software\BorisFX] [HKLM\Software\Clients] [HKLM\Software\Code Sector] [HKLM\Software\COMODO] [HKLM\Software\CyberLink] [HKLM\Software\DAUM] [HKLM\Software\Engelmann Software] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\Hasleo] [HKLM\Software\Ignis] [HKLM\Software\Intel] [HKLM\Software\IPS] [HKLM\Software\KeyCryptSDK] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\MozillaPlugins] [HKLM\Software\NewBlue] [HKLM\Software\Notepad++] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Paragon Software] [HKLM\Software\Partner] [HKLM\Software\PC Optimizer Pro] [HKLM\Software\Policies] [HKLM\Software\proDAD] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Remo Software] [HKLM\Software\Samsung] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\TechSmith] [HKLM\Software\UVK - Ultra virus killer] [HKLM\Software\VideoLAN] [HKLM\Software\WinRAR] [HKLM\Software\WOW6432Node] [HKLM\Software\Zemana] [HKLM\Software\ZmnGlobalSDK] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\Software\WOW6432Node\Aimersoft] [HKLM\Software\WOW6432Node\Amazing-Share] [HKLM\Software\WOW6432Node\ASProtect] [HKLM\Software\WOW6432Node\Atelier Photo Fnac] [HKLM\Software\WOW6432Node\ATHEROS] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\Babylon] [HKLM\Software\WOW6432Node\BabylonToolbar] [HKLM\Software\WOW6432Node\BSD] [HKLM\Software\WOW6432Node\Code Systems] [HKLM\Software\WOW6432Node\Common Toolkit Suite] [HKLM\Software\WOW6432Node\Comodo] [HKLM\Software\WOW6432Node\ComodoGroup] [HKLM\Software\WOW6432Node\Conduit] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\DigitalWave] [HKLM\Software\WOW6432Node\Dragon] [HKLM\Software\WOW6432Node\DVDVideoSoft] [HKLM\Software\WOW6432Node\EaseUS] [HKLM\Software\WOW6432Node\Fighters] [HKLM\Software\WOW6432Node\g3n-h@ckm@n] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\HaaliMkx] [HKLM\Software\WOW6432Node\HPS] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\IObit] [HKLM\Software\WOW6432Node\KeepVid] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Logiciel de création CEWE] [HKLM\Software\WOW6432Node\Logiciel de création CEWE Cora] [HKLM\Software\WOW6432Node\MacroKeys] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\NewBlue] [HKLM\Software\WOW6432Node\NewSoftware's] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenVPN] [HKLM\Software\WOW6432Node\Paragon Software] [HKLM\Software\WOW6432Node\PCVARK] [HKLM\Software\WOW6432Node\ProtectStar] [HKLM\Software\WOW6432Node\Qualcomm] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Remo Software] [HKLM\Software\WOW6432Node\SafelyRemove] [HKLM\Software\WOW6432Node\Samsung] [HKLM\Software\WOW6432Node\Steganos] [HKLM\Software\WOW6432Node\Sunisoft] [HKLM\Software\WOW6432Node\TechSmith] [HKLM\Software\WOW6432Node\UsbFix] [HKLM\Software\WOW6432Node\Webteh] [HKLM\Software\WOW6432Node\WiseCleaner] [HKLM\Software\WOW6432Node\Wondershare] [HKLM\Software\WOW6432Node\Zemana] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Winkeys] [HKLM\Software\WOW6432Node\Microsoft\Windows\WinkeysVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] ---------- | FeatureControl [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "PCTrans.exe"="11000" "OkayFreedomClient.exe"="11001" "Notifier.exe"="11001" "softinfo.exe"="11000" "PotPlayerMini64.exe"="11000" "OneDrive.exe"="11000" "ApowerManager.exe"="11001" "ApowerManagerCoreServices.exe"="11001" "UVKInstaller.exe"="11001" "AppManager.exe"="8000" [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_CLIPCHILDREN_OPTIMIZATION] "PotPlayerMini64.exe"="1" [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "softinfo.exe"="0" [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "UNPUXHost.exe"="11000" "advlauncher.exe"="11000" "CamtasiaStudio.exe"="11000" "softinfo.exe"="11000" "PDR.exe"="11000" "ApowerManager.exe"="11001" "ApowerManagerCoreServices.exe"="11001" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "softinfo.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "ApowerManager.exe"="11001" "ApowerManagerCoreServices.exe"="11001" "Linux File Systems for Windows by Paragon Software.exe"="11001" "Updater.exe"="11001" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AJAX_CONNECTIONEVENTS] "Linux File Systems for Windows by Paragon Software.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING ] "Linux File Systems for Windows by Paragon Software.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION] "Linux File Systems for Windows by Paragon Software.exe"="1" ---------- | The Created last ones ¦ Modified [MD5.00000000000000000000000000000000] - [17/03/2019 19:07:22] - |D| - [26557571] - C:\Program Files (x86)\Amazing-Share [MD5.00000000000000000000000000000000] - [23/03/2019 09:18:54] - |D| - [282679633] - C:\Program Files (x86)\Apowersoft [MD5.00000000000000000000000000000000] - [23/03/2019 12:14:21] - |D| - [17699792] - C:\Program Files (x86)\ASCOMP Software [MD5.00000000000000000000000000000000] - [26/03/2019 17:09:10] - |D| - [14544424] - C:\Program Files (x86)\Babylon [MD5.00000000000000000000000000000000] - [26/03/2019 18:04:33] - |D| - [1630587] - C:\Program Files (x86)\BabylonToolbar [MD5.00000000000000000000000000000000] - [15/03/2019 19:23:22] - |D| - [6908843] - C:\Program Files (x86)\bonus info anti-corvée - vexe, noémie & a le brulog [MD5.59D29C67EA17782D843EE39824C5F98B] - [15/03/2019 19:23:15] - |A| - [513587656] - C:\Program Files (x86)\camtasia.exe [MD5.00000000000000000000000000000000] - [17/03/2019 20:02:32] - |D| - [17124228] - C:\Program Files (x86)\Clipdiary [MD5.00000000000000000000000000000000] - [15/03/2019 19:21:43] - |D| - [41426] - C:\Program Files (x86)\Command Line Xoring File [MD5.00000000000000000000000000000000] - [20/03/2019 12:59:25] - |D| - [304237270] - C:\Program Files (x86)\Comodo [MD5.00000000000000000000000000000000] - [20/03/2019 12:30:47] - |D| - [150657600] - C:\Program Files (x86)\CyberLink [MD5.00000000000000000000000000000000] - [15/03/2019 11:53:34] - |D| - [159903266] - C:\Program Files (x86)\DVDVideoSoft [MD5.00000000000000000000000000000000] - [14/03/2019 22:43:56] - |D| - [85838049] - C:\Program Files (x86)\EaseUS [MD5.00000000000000000000000000000000] - [15/03/2019 19:23:22] - |D| - [3324560352] - C:\Program Files (x86)\EFM & UEFM Beggin On Rêves (st j conrad & u bouton 6) [MD5.00000000000000000000000000000000] - [26/03/2019 09:51:00] - |DC| - [1945192] - C:\Program Files (x86)\Explorer++ [MD5.00000000000000000000000000000000] - [22/03/2019 18:16:42] - |D| - [28235653] - C:\Program Files (x86)\Fighters [MD5.00000000000000000000000000000000] - [15/03/2019 11:53:35] - |D| - [20641460] - C:\Program Files (x86)\FreeCodecPack [MD5.8603A7AC0771D73CF2D9762FE0C9E093] - [15/03/2019 19:23:21] - |A| - [35327488] - C:\Program Files (x86)\FreeYouTubeDownload_4.1.88.1229_s.exe [MD5.B947B090E483836599DD407143A584CA] - [15/03/2019 19:23:21] - |A| - [2690408] - C:\Program Files (x86)\Full-DISKfighter_Web.exe [MD5.00000000000000000000000000000000] - [15/03/2019 19:24:07] - |D| - [74240] - C:\Program Files (x86)\GOTD Unlimited [MD5.00000000000000000000000000000000] - [15/03/2019 19:24:07] - |D| - [0] - C:\Program Files (x86)\GOTD UnWrapper [MD5.00000000000000000000000000000000] - [16/03/2019 09:14:20] - |D| - [29554608] - C:\Program Files (x86)\iCare Format Recovery [MD5.00000000000000000000000000000000] - [15/03/2019 11:44:18] - |D| - [113377523] - C:\Program Files (x86)\IObit [MD5.00000000000000000000000000000000] - [22/03/2019 19:57:11] - |D| - [32652065] - C:\Program Files (x86)\KeepVid [MD5.00000000000000000000000000000000] - [15/03/2019 09:28:33] - |D| - [198080] - C:\Program Files (x86)\KeyCryptSDK [MD5.00000000000000000000000000000000] - [15/03/2019 19:24:07] - |D| - [7274288] - C:\Program Files (x86)\Macro Keys [MD5.7E51A5D27AA0DAA4F5411B021085DBF4] - [15/03/2019 19:23:21] - |A| - [1227640] - C:\Program Files (x86)\macro-keys-en.exe [MD5.00000000000000000000000000000000] - [15/03/2019 19:21:43] - |D| - [254536] - C:\Program Files (x86)\MD5Look [MD5.00000000000000000000000000000000] - [15/03/2019 10:48:17] - |D| - [83746808] - C:\Program Files (x86)\Moo0 [MD5.00000000000000000000000000000000] - [26/03/2019 18:04:36] - |D| - [2423] - C:\Program Files (x86)\Mozilla Firefox [MD5.00000000000000000000000000000000] - [23/03/2019 04:52:11] - |D| - [309765079] - C:\Program Files (x86)\NewBlue [MD5.00000000000000000000000000000000] - [15/03/2019 07:34:05] - |D| - [20204440] - C:\Program Files (x86)\NewSoftware's [MD5.00000000000000000000000000000000] - [20/03/2019 12:30:54] - |D| - [11759170] - C:\Program Files (x86)\NSIS Uninstall Information [MD5.00000000000000000000000000000000] - [15/03/2019 11:05:30] - |D| - [56974204] - C:\Program Files (x86)\OkayFreedom [MD5.00000000000000000000000000000000] - [15/03/2019 19:21:43] - |D| - [1310208] - C:\Program Files (x86)\OldTimer [MD5.06B06972BF49BF0F270509D4051B40F0] - [15/03/2019 19:29:37] - |A| - [9726385] - C:\Program Files (x86)\oldtimer otl_oth_tfc_md5look_xor_gotd-u_SEAF_remvbs_usbfileresc setup.exe [MD5.27F8C676FAA61C00B1058386AE7615CF] - [15/03/2019 19:23:22] - |A| - [2091952] - C:\Program Files (x86)\OUTDATEfighter_Web.exe [MD5.00000000000000000000000000000000] - [25/03/2019 23:04:27] - |D| - [28485562] - C:\Program Files (x86)\Paragon Software [MD5.C82844369C9F8816992D5BEDA2B2CF56] - [15/03/2019 19:23:22] - |A| - [5597568] - C:\Program Files (x86)\pdf-bates.exe [MD5.00000000000000000000000000000000] - [15/03/2019 19:24:07] - |D| - [3059624] - C:\Program Files (x86)\Pre_Scan [MD5.00000000000000000000000000000000] - [15/03/2019 10:50:57] - |D| - [4124726] - C:\Program Files (x86)\ProtectStar [MD5.00000000000000000000000000000000] - [15/03/2019 19:24:07] - |D| - [5175192] - C:\Program Files (x86)\QuickDiag [MD5.00000000000000000000000000000000] - [15/03/2019 19:21:43] - |D| - [114176] - C:\Program Files (x86)\Remediate VBS Worm [MD5.00000000000000000000000000000000] - [15/03/2019 19:45:30] - |D| - [42867789] - C:\Program Files (x86)\Remo File Eraser 2.0 [MD5.00000000000000000000000000000000] - [15/03/2019 19:45:16] - |D| - [32082984] - C:\Program Files (x86)\Remo Repair Word 2.0 [MD5.00000000000000000000000000000000] - [15/03/2019 19:21:43] - |D| - [498868] - C:\Program Files (x86)\SEAF [MD5.B527C38D6B67B7CF4378837C9F574BE0] - [26/03/2019 09:52:39] - |AC| - [8967087] - C:\Program Files (x86)\setup ultra adware killer & explorer++ 2019.exe [MD5.00000000000000000000000000000000] - [15/03/2019 08:58:37] - |D| - [29291674] - C:\Program Files (x86)\Silent Install Builder 5 [MD5.00000000000000000000000000000000] - [25/03/2019 23:43:51] - |D| - [3575016] - C:\Program Files (x86)\Stardock [MD5.00000000000000000000000000000000] - [15/03/2019 11:49:11] - |D| - [2051262] - C:\Program Files (x86)\Symlink helper [MD5.09170255B1FC24AF06CA4FE366C5E435] - [15/03/2019 19:23:22] - |A| - [593587] - C:\Program Files (x86)\SymlinkHelper_1.0.1_Setup.exe [MD5.00000000000000000000000000000000] - [15/03/2019 07:36:48] - |D| - [2911224] - C:\Program Files (x86)\SysTools AD Browser [MD5.00000000000000000000000000000000] - [18/03/2019 14:43:03] - |D| - [37024947] - C:\Program Files (x86)\SysTools E01 Viewer [MD5.00000000000000000000000000000000] - [18/03/2019 00:34:38] - |D| - [28324112] - C:\Program Files (x86)\SysTools Mail Converter [MD5.00000000000000000000000000000000] - [18/03/2019 19:18:11] - |D| - [2976703] - C:\Program Files (x86)\SysTools NTFS Log Analyzer [MD5.00000000000000000000000000000000] - [15/03/2019 09:12:33] - |D| - [14484999] - C:\Program Files (x86)\SysTools PDF Bates Numberer [MD5.00000000000000000000000000000000] - [17/03/2019 04:30:44] - |D| - [2471792] - C:\Program Files (x86)\SysTools Thunderbird Store Locator [MD5.00000000000000000000000000000000] - [20/03/2019 21:47:54] - |D| - [611447437] - C:\Program Files (x86)\Turbo.net [MD5.00000000000000000000000000000000] - [26/03/2019 09:51:38] - |DC| - [9400696] - C:\Program Files (x86)\Ultra Adware Killer [MD5.00000000000000000000000000000000] - [21/03/2019 07:30:57] - |D| - [807871] - C:\Program Files (x86)\UnBlocker [MD5.00000000000000000000000000000000] - [26/03/2019 17:57:58] - |D| - [273503] - C:\Program Files (x86)\Unlocker [MD5.00000000000000000000000000000000] - [15/03/2019 19:21:43] - |D| - [423936] - C:\Program Files (x86)\USB File Resc [MD5.00000000000000000000000000000000] - [26/03/2019 10:11:19] - |D| - [16666437] - C:\Program Files (x86)\USB Safely Remove [MD5.00000000000000000000000000000000] - [23/03/2019 22:52:09] - |D| - [12820587] - C:\Program Files (x86)\USBFix [MD5.BFF64F2E303176DD498D695DCC623437] - [15/03/2019 19:23:22] - |A| - [41846888] - C:\Program Files (x86)\vlc-3.0.6-win64.exe [MD5.50990147905B96B68AFA9F00EA950684] - [15/03/2019 19:23:22] - |A| - [2152896] - C:\Program Files (x86)\WDRSetup.exe [MD5.00000000000000000000000000000000] - [18/03/2019 15:48:41] - |D| - [16518409] - C:\Program Files (x86)\Webteh [MD5.00000000000000000000000000000000] - [15/03/2019 09:43:47] - |D| - [29944878] - C:\Program Files (x86)\Wise [MD5.E33250443413A687DC3CEA7ABFF97B01] - [15/03/2019 19:23:22] - |A| - [2603424] - C:\Program Files (x86)\WMOSetup.exe [MD5.00000000000000000000000000000000] - [22/03/2019 13:08:47] - |D| - [29018267] - C:\Program Files (x86)\Wondershare [MD5.00000000000000000000000000000000] - [15/03/2019 09:28:32] - |D| - [28173178] - C:\Program Files (x86)\Zemana AntiLogger [MD5.5CDE14540712838961E3B63930CE8C5D] - [15/03/2019 05:50:30] - |A| - [3904304] - C:\Windows\explorer.exe [MD5.67422BB31C52F0E4697C2A413677E033] - [15/03/2019 05:49:42] - |A| - [976896] - C:\Windows\HelpPane.exe [MD5.00000000000000000000000000000000] - [15/03/2019 06:57:03] - |D| - [0] - C:\Windows\Minidump [MD5.95785E7BDA182428944420424A33BD96] - [21/03/2019 11:03:10] - |A| - [241] - C:\Windows\SATReg.ini [MD5.00000000000000000000000000000000] - [14/03/2019 14:34:11] - |D| - [37259816] - C:\Windows\SoftwareDistribution [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [26/03/2019 08:30:13] - |A| - [276] - C:\Windows\WindowsUpdate.log [MD5.612AB5CDCA21874C39596ABBCDF10D00] - [15/03/2019 09:28:44] - |A| - [2521672] - C:\Windows\ZAM.krnl.trace [MD5.C5B5F9D491976DEA582871ED86A3C5BF] - [15/03/2019 09:28:44] - |A| - [447446] - C:\Windows\ZAM_Guard.krnl.trace [MD5.00000000000000000000000000000000] - [15/03/2019 08:26:15] - |SHD| - [32113832] - C:\Windows\Installer\$PatchCache$ [MD5.86B94B0DE43A5469FC92A4EC81356AF0] - [05/03/2019 08:53:29] - |A| - [131571712] - C:\Windows\Installer\160e5d3.msi [MD5.138A40D6A80D65418D8D6D0728AD79BD] - [25/03/2019 20:04:37] - |A| - [8550324] - C:\Windows\Installer\1ca6149d.msi [MD5.C021EB3774FA9A24AEE60BEF9EC76D21] - [25/03/2019 18:55:45] - |A| - [42409984] - C:\Windows\Installer\1ca614a0.msi [MD5.D2338454E1A01F1E297162289A96196E] - [20/03/2019 21:47:28] - |A| - [227283456] - C:\Windows\Installer\3441b67.msi [MD5.E1F75DF4441ED1B2218F7AD30336AAA5] - [16/03/2019 10:26:00] - |A| - [1404928] - C:\Windows\Installer\370ea.msi [MD5.1684B71AA4E948A1FE5408FDE1280EA7] - [14/03/2019 22:52:28] - |A| - [25080832] - C:\Windows\Installer\3bb17.msi [MD5.C7D9A48929B8022A23DE54CF26FEFB38] - [14/03/2019 22:53:27] - |A| - [2624512] - C:\Windows\Installer\3bb1b.msi [MD5.A88C562DA61E8013C6852D5E48F9D1DF] - [14/03/2019 22:54:42] - |A| - [4050432] - C:\Windows\Installer\3bb1f.msi [MD5.C37FCF1510F5807154A9AF3CB3CA0EF9] - [14/03/2019 22:54:51] - |A| - [2513408] - C:\Windows\Installer\3bb23.msi [MD5.D9728902785BF247617DA72F189A877E] - [14/03/2019 22:54:53] - |A| - [878080] - C:\Windows\Installer\3bb27.msi [MD5.6F5ACC65928144F468188B8DFD1BF605] - [14/03/2019 22:55:00] - |A| - [4620800] - C:\Windows\Installer\3bb2b.msi [MD5.0D366D441943041459EF8B3422EFECEC] - [14/03/2019 22:57:50] - |A| - [106874880] - C:\Windows\Installer\3bb2f.msi [MD5.9E4C8C1AEFF32EC2CD79CA3712E15573] - [15/03/2019 08:57:58] - |A| - [12488704] - C:\Windows\Installer\6819f8.msi [MD5.8BCA2D562DFFC6FFC8781302D2952703] - [11/03/2019 18:27:10] - |A| - [315392] - C:\Windows\Installer\7aadb.msi [MD5.D73299888031EA05CFD64BFD381A11AF] - [22/03/2019 18:19:52] - |A| - [7467840] - C:\Windows\Installer\ccf7d79.msi [MD5.562EC5D5D12C8564A5ED6AC373BFA663] - [05/03/2019 12:04:14] - |A| - [4788224] - C:\Windows\Installer\cefa65.msi [MD5.25E234FA5147F1A18145C28498E8E775] - [20/03/2019 13:01:20] - |A| - [1274048] - C:\Windows\Installer\MSI2DB1.tmp [MD5.25E234FA5147F1A18145C28498E8E775] - [20/03/2019 13:01:24] - |A| - [1274048] - C:\Windows\Installer\MSI3EC9.tmp [MD5.25E234FA5147F1A18145C28498E8E775] - [20/03/2019 13:01:25] - |A| - [1274048] - C:\Windows\Installer\MSI4051.tmp [MD5.25E234FA5147F1A18145C28498E8E775] - [20/03/2019 13:01:25] - |A| - [1274048] - C:\Windows\Installer\MSI40FE.tmp [MD5.25E234FA5147F1A18145C28498E8E775] - [20/03/2019 13:01:25] - |A| - [1274048] - C:\Windows\Installer\MSI4209.tmp [MD5.25E234FA5147F1A18145C28498E8E775] - [20/03/2019 13:01:29] - |A| - [1274048] - C:\Windows\Installer\MSI517B.tmp [MD5.25E234FA5147F1A18145C28498E8E775] - [20/03/2019 13:01:29] - |A| - [1274048] - C:\Windows\Installer\MSI5247.tmp [MD5.00000000000000000000000000000000] - [17/03/2019 05:02:09] - |D| - [0] - C:\Windows\Installer\MSI8D95.tmp- [MD5.00000000000000000000000000000000] - [17/03/2019 05:02:09] - |D| - [0] - C:\Windows\Installer\MSI8FD8.tmp- [MD5.25E234FA5147F1A18145C28498E8E775] - [20/03/2019 13:01:06] - |A| - [1274048] - C:\Windows\Installer\MSIF836.tmp [MD5.25E234FA5147F1A18145C28498E8E775] - [20/03/2019 13:01:06] - |A| - [1274048] - C:\Windows\Installer\MSIF902.tmp [MD5.25E234FA5147F1A18145C28498E8E775] - [20/03/2019 13:01:07] - |A| - [1274048] - C:\Windows\Installer\MSIFA1C.tmp [MD5.25E234FA5147F1A18145C28498E8E775] - [20/03/2019 13:01:07] - |A| - [1274048] - C:\Windows\Installer\MSIFBD3.tmp [MD5.719D719E16F0E170B9FF73E20F1613BB] - [23/03/2019 05:02:38] - |A| - [20480] - C:\Windows\Installer\SourceHash{029DA848-1A80-34D3-BFC1-A6447BFC8E7F} [MD5.B45A52F6EFD23CBD577F1E6E3DDDDED4] - [14/03/2019 22:53:37] - |A| - [20480] - C:\Windows\Installer\SourceHash{232046DA-BB57-4114-9A0D-1119F00C4398} [MD5.4D48848D5CFECBE15EED7BA2E91965F4] - [15/03/2019 08:58:36] - |A| - [20480] - C:\Windows\Installer\SourceHash{2452C59D-5140-4A9A-A97F-B925390619E1} [MD5.405CE11B673F38C27347ECF550B7807F] - [14/03/2019 22:54:51] - |A| - [20480] - C:\Windows\Installer\SourceHash{26F31E12-3722-45FD-903B-49012286BB4C} [MD5.6B5B10FE9738AE72601C817FD9AF4268] - [23/03/2019 04:52:59] - |A| - [20480] - C:\Windows\Installer\SourceHash{2DFD8316-9EF1-3210-908C-4CB61961C1AC} [MD5.55226765C58023CE591E6F98FA10B947] - [15/03/2019 05:45:18] - |A| - [20480] - C:\Windows\Installer\SourceHash{344F3227-F502-4219-9DC4-1967E586FAFA} [MD5.AD414753641974A3D2E564A5166E5AC1] - [23/03/2019 04:42:39] - |A| - [20480] - C:\Windows\Installer\SourceHash{37B8F9C7-03FB-3253-8781-2517C99D7C00} [MD5.2BCAE7EF292CD184444CCEFEF3D38EA8] - [15/03/2019 08:26:33] - |A| - [20480] - C:\Windows\Installer\SourceHash{38FBDB20-F62D-4CD6-A04E-87FD30F3E43A} [MD5.9BB0A5F83285B1D9B26ABAB472DABB91] - [14/03/2019 22:57:52] - |A| - [20480] - C:\Windows\Installer\SourceHash{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8} [MD5.8EFEB2CED06A977019CDBB0EC6B88454] - [23/03/2019 04:52:24] - |A| - [20480] - C:\Windows\Installer\SourceHash{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E} [MD5.18C15175A9691AD947A2479F931923A6] - [23/03/2019 05:02:48] - |A| - [20480] - C:\Windows\Installer\SourceHash{568CD07E-0824-3EEB-AEC1-8FD51F3C85CF} [MD5.D239ED9D402905BF7ED15D1F072B1886] - [14/03/2019 22:52:59] - |A| - [20480] - C:\Windows\Installer\SourceHash{5C7A5F94-02E9-4C5D-A594-B1F10865965A} [MD5.C36DC2B717371EB8A4AE35F21F818932] - [20/03/2019 13:00:54] - |A| - [20480] - C:\Windows\Installer\SourceHash{5CD8F386-6796-4500-9FD8-CF92C9276B62} [MD5.D307EF5D88F537ED30BBE61A0B1B0E43] - [20/03/2019 21:47:52] - |A| - [20480] - C:\Windows\Installer\SourceHash{61edd47c-c795-4f57-92f1-a20140231795} [MD5.50875B359363A245A52CDB424AAA8B2D] - [15/03/2019 08:26:19] - |A| - [20480] - C:\Windows\Installer\SourceHash{6AF12D35-E079-44D3-957F-CA9FBF9801A5} [MD5.25FAE87541F510B78F68970A2F7BEE5E] - [14/03/2019 22:55:00] - |A| - [20480] - C:\Windows\Installer\SourceHash{700C79E1-C8E3-454E-B760-CAFFE9F2A6AA} [MD5.DAE8E3CFA39BE37884BDB28C869FAF18] - [15/03/2019 10:50:57] - |A| - [20480] - C:\Windows\Installer\SourceHash{79087BA9-C5B5-4081-A374-310AC02E2896} [MD5.F270BE0A6EFB787FDE258312195066B2] - [14/03/2019 22:54:54] - |A| - [20480] - C:\Windows\Installer\SourceHash{7DE129E5-BB4A-4517-A6CD-C69EEB346781} [MD5.985FEE8AB1E5B3A42A29DABD4FDFCF83] - [14/03/2019 22:54:42] - |A| - [20480] - C:\Windows\Installer\SourceHash{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C} [MD5.F26BC06184AB562D98A443BE9EB8D773] - [23/03/2019 05:01:18] - |A| - [20480] - C:\Windows\Installer\SourceHash{8220EEFE-38CD-377E-8595-13398D740ACE} [MD5.EEDF4A87E118A4AAD9EE1C74678E97B4] - [15/03/2019 11:01:45] - |A| - [20480] - C:\Windows\Installer\SourceHash{8D64B0CF-B925-4AC6-A7A7-9CDDC6733122} [MD5.4213C4866B02DF7F136A40AE9EF7770E] - [23/03/2019 04:59:19] - |A| - [20480] - C:\Windows\Installer\SourceHash{929FBD26-9020-399B-9A7A-751D61F0B942} [MD5.4B67AEA614F6EE9BC5BA186FB090509C] - [23/03/2019 05:00:51] - |A| - [20480] - C:\Windows\Installer\SourceHash{9A25302D-30C0-39D9-BD6F-21E6EC160475} [MD5.CDFB40963B3B506D44BBC04EAFDAE209] - [23/03/2019 04:59:12] - |A| - [20480] - C:\Windows\Installer\SourceHash{A749D8E6-B613-3BE3-8F5F-045C84EBA29B} [MD5.CDE119F2D66E9591A6ACC788D675C88A] - [23/03/2019 05:02:03] - |A| - [20480] - C:\Windows\Installer\SourceHash{B0037450-526D-3448-A370-CACBD87769A0} [MD5.744FF6B85DE0EECEF94C0C28F3CC3183] - [23/03/2019 05:02:09] - |A| - [20480] - C:\Windows\Installer\SourceHash{B13B3E11-1555-353F-A63A-8933EE104FBD} [MD5.6F66141ED3DD489931481964E000049F] - [23/03/2019 04:42:51] - |A| - [20480] - C:\Windows\Installer\SourceHash{B175520C-86A2-35A7-8619-86DC379688B9} [MD5.B6C1A24A909098F4DE22301AB71E503A] - [17/03/2019 05:02:45] - |A| - [20480] - C:\Windows\Installer\SourceHash{B709B962-53AA-446A-A733-95D1A6C5DE50} [MD5.3527A462EE4D0E32606C18D70A120AEA] - [23/03/2019 04:42:49] - |A| - [20480] - C:\Windows\Installer\SourceHash{BD95A8CD-1D9F-35AD-981A-3E7925026EBB} [MD5.8553B855560BF2BDA7E66B27D000F306] - [23/03/2019 04:59:52] - |A| - [20480] - C:\Windows\Installer\SourceHash{BFF61907-AA2D-3A26-8666-98D956A62ABC} [MD5.45AE448C8C2E0E6C6FFC10B683183038] - [23/03/2019 04:42:33] - |A| - [20480] - C:\Windows\Installer\SourceHash{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97} [MD5.E56CE062A86489FB987D72B4A6E75826] - [20/03/2019 12:59:57] - |A| - [20480] - C:\Windows\Installer\SourceHash{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628} [MD5.AB8A08B1E469EF073FFD09FE5ADA8FAD] - [25/03/2019 23:04:20] - |A| - [20480] - C:\Windows\Installer\SourceHash{F0CF025B-D6F3-4F7C-939B-23291F52875C} [MD5.2A1F8F6AD44136574C0C4B2D064ECB3A] - [20/03/2019 06:38:38] - |A| - [20480] - C:\Windows\Installer\SourceHash{FBA3961B-D1DF-493C-BC1F-E67D3B832895} [MD5.D41D8CD98F00B204E9800998ECF8427E] - [15/03/2019 05:45:14] - |A| - [0] - C:\Windows\Installer\wix{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}.SchedServiceConfig.rmi [MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/03/2019 06:38:43] - |A| - [0] - C:\Windows\Installer\wix{FBA3961B-D1DF-493C-BC1F-E67D3B832895}.SchedServiceConfig.rmi [MD5.00000000000000000000000000000000] - [22/03/2019 18:17:36] - |D| - [1519616] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18} [MD5.00000000000000000000000000000000] - [14/03/2019 22:53:46] - |D| - [59352] - C:\Windows\Installer\{232046DA-BB57-4114-9A0D-1119F00C4398} [MD5.00000000000000000000000000000000] - [15/03/2019 08:58:40] - |D| - [11502] - C:\Windows\Installer\{2452C59D-5140-4A9A-A97F-B925390619E1} [MD5.00000000000000000000000000000000] - [14/03/2019 22:54:51] - |D| - [59352] - C:\Windows\Installer\{26F31E12-3722-45FD-903B-49012286BB4C} [MD5.00000000000000000000000000000000] - [14/03/2019 22:57:57] - |D| - [1075080] - C:\Windows\Installer\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8} [MD5.00000000000000000000000000000000] - [14/03/2019 22:53:09] - |D| - [59352] - C:\Windows\Installer\{5C7A5F94-02E9-4C5D-A594-B1F10865965A} [MD5.00000000000000000000000000000000] - [20/03/2019 13:01:25] - |D| - [764030] - C:\Windows\Installer\{5CD8F386-6796-4500-9FD8-CF92C9276B62} [MD5.00000000000000000000000000000000] - [14/03/2019 22:45:57] - |D| - [358360] - C:\Windows\Installer\{5FFF7119-74E8-442E-970E-50BAD81D5371} [MD5.00000000000000000000000000000000] - [20/03/2019 21:48:12] - |D| - [110007] - C:\Windows\Installer\{61edd47c-c795-4f57-92f1-a20140231795} [MD5.00000000000000000000000000000000] - [14/03/2019 22:55:01] - |D| - [59352] - C:\Windows\Installer\{700C79E1-C8E3-454E-B760-CAFFE9F2A6AA} [MD5.00000000000000000000000000000000] - [25/03/2019 20:10:29] - |D| - [1916928] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36} [MD5.00000000000000000000000000000000] - [14/03/2019 22:54:54] - |D| - [59352] - C:\Windows\Installer\{7DE129E5-BB4A-4517-A6CD-C69EEB346781} [MD5.00000000000000000000000000000000] - [14/03/2019 22:54:43] - |D| - [59352] - C:\Windows\Installer\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C} [MD5.00000000000000000000000000000000] - [15/03/2019 11:01:47] - |D| - [139013] - C:\Windows\Installer\{8D64B0CF-B925-4AC6-A7A7-9CDDC6733122} [MD5.00000000000000000000000000000000] - [17/03/2019 05:03:08] - |D| - [706414] - C:\Windows\Installer\{B709B962-53AA-446A-A733-95D1A6C5DE50} [MD5.00000000000000000000000000000000] - [20/03/2019 13:00:03] - |D| - [8659071] - C:\Windows\Installer\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628} [MD5.00000000000000000000000000000000] - [22/03/2019 18:20:37] - |D| - [1314816] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95} [MD5.00000000000000000000000000000000] - [25/03/2019 23:04:31] - |D| - [2246258] - C:\Windows\Installer\{F0CF025B-D6F3-4F7C-939B-23291F52875C} [MD5.2B7002E9C7EA6B436F3A0F7C305AACD8] - [15/03/2019 05:46:00] - |A| - [511] - C:\Windows\system32\@NotifierToastIcon.png [MD5.C44BD542D4D5B2E2680717F3981FFC44] - [15/03/2019 05:49:32] - |A| - [231936] - C:\Windows\system32\aadauthhelper.dll [MD5.CA1A302B7E85DF401E08B840D16ED4D0] - [15/03/2019 05:49:41] - |A| - [623616] - C:\Windows\system32\aadcloudap.dll [MD5.15F695BDE38A22C16F0A102C06A26A25] - [15/03/2019 05:49:25] - |A| - [59392] - C:\Windows\system32\aadjcsp.dll [MD5.793937CA83EC21BD4B5FB307E0BDB96D] - [15/03/2019 05:49:58] - |A| - [1238016] - C:\Windows\system32\aadtb.dll [MD5.B3DF3884831B1062762BBD3124437D70] - [15/03/2019 05:49:35] - |A| - [240640] - C:\Windows\system32\AboutSettingsHandlers.dll [MD5.8A51410FA1F05A051A005518AA5FC452] - [15/03/2019 05:49:14] - |A| - [312832] - C:\Windows\system32\AboveLockAppHost.dll [MD5.BB594A934DEEB52D61732140D293D9DB] - [15/03/2019 05:51:14] - |A| - [340992] - C:\Windows\system32\AcGenral.dll [MD5.9D51DB6E5FA80C21C39A4EDA0C17626D] - [15/03/2019 05:51:27] - |A| - [301056] - C:\Windows\system32\AcLayers.dll [MD5.B3095EC92D44D75E2C45C80E88EA7012] - [15/03/2019 05:49:42] - |A| - [5500928] - C:\Windows\system32\aclui.dll [MD5.45105175B2F61F28908FF954C6A30DBE] - [15/03/2019 05:50:24] - |A| - [322360] - C:\Windows\system32\acmigration.dll [MD5.F284010B43126B1AC9E59A7018233E10] - [15/03/2019 05:49:08] - |A| - [186368] - C:\Windows\system32\ACPBackgroundManagerPolicy.dll [MD5.BF43A32C27A158EDFDADFFA0CFC4D15F] - [15/03/2019 05:49:22] - |A| - [79360] - C:\Windows\system32\acppage.dll [MD5.8A7B35883F5CFB0FAB9452636B95E7BC] - [15/03/2019 05:51:21] - |A| - [64000] - C:\Windows\system32\AcSpecfc.dll [MD5.CE782DB38F3913CF0BCEFD495133D0B3] - [15/03/2019 05:50:04] - |A| - [513536] - C:\Windows\system32\ActivationManager.dll [MD5.5B3B363AD651CAD6AC86E4B5DA0889D6] - [15/03/2019 05:50:17] - |A| - [1777664] - C:\Windows\system32\ActiveSyncProvider.dll [MD5.E67230D139EFD721BE5068D4F0992B39] - [15/03/2019 05:49:23] - |A| - [588800] - C:\Windows\system32\actxprxy.dll [MD5.268271CA8AC073C608A4ABC31D13871A] - [15/03/2019 05:49:13] - |A| - [87040] - C:\Windows\system32\adhsvc.dll [MD5.692CB7449A9609FC774301026B8A4086] - [15/03/2019 05:49:40] - |A| - [649376] - C:\Windows\system32\advapi32.dll [MD5.A0CD18682253619A6ED487871B448E06] - [15/03/2019 05:50:24] - |A| - [735760] - C:\Windows\system32\aeinv.dll [MD5.2A700B8C11446316030858C665350BC7] - [15/03/2019 05:50:24] - |A| - [512016] - C:\Windows\system32\aepic.dll [MD5.0F56A9DCB3AF3545077718D79D275782] - [15/03/2019 05:50:32] - |A| - [2871096] - C:\Windows\system32\aitstatic.exe [MD5.54EFF5C0838ABFCBBF1F47B5B9B5031F] - [15/03/2019 05:49:43] - |A| - [369664] - C:\Windows\system32\APHostService.dll [MD5.5DDFCD5E0C012256DAEE5A219051B345] - [15/03/2019 05:49:17] - |A| - [111544] - C:\Windows\system32\apisetschema.dll [MD5.D6C6880BD673533994FC9B35E9C1290F] - [15/03/2019 05:49:06] - |A| - [101376] - C:\Windows\system32\AppCapture.dll [MD5.CAEB6AF3A134352BBFD583CA6DF89F2C] - [15/03/2019 05:49:35] - |A| - [534528] - C:\Windows\system32\apphelp.dll [MD5.1C3B2AE4AFC859E5298D5C695961F6C4] - [15/03/2019 05:49:22] - |A| - [63656] - C:\Windows\system32\appidapi.dll [MD5.BBB70415033710D6D7D58DDF2B0A06FA] - [15/03/2019 05:49:10] - |A| - [120320] - C:\Windows\system32\appidsvc.dll [MD5.80EC3D699FE5590A5911C865F8220375] - [15/03/2019 05:49:06] - |A| - [24576] - C:\Windows\system32\appidtel.exe [MD5.BCC4309051EA72384E7D76545E8DE378] - [15/03/2019 05:49:09] - |A| - [144896] - C:\Windows\system32\appinfo.dll [MD5.E59099C0CB18D30B6C0D9C52D9C3E557] - [15/03/2019 05:49:41] - |A| - [336896] - C:\Windows\system32\AppLockerCSP.dll [MD5.827AEFD1C1038400D02A82EB12AF2919] - [15/03/2019 05:50:24] - |A| - [1643832] - C:\Windows\system32\appraiser.dll [MD5.A5A600CA929194BFF81326A209D761D8] - [15/03/2019 05:50:00] - |A| - [636416] - C:\Windows\system32\AppReadiness.dll [MD5.F7B77F522276B7EACAB56ED08EEB1138] - [15/03/2019 05:49:35] - |A| - [563536] - C:\Windows\system32\AppResolver.dll [MD5.26870D20F751876D5B9B5C24EFD93BBD] - [15/03/2019 05:49:05] - |A| - [230400] - C:\Windows\system32\ApproveChildRequest.exe [MD5.3032C2E8E1EBBE4DE041C135F5FF44A9] - [15/03/2019 05:49:43] - |A| - [859648] - C:\Windows\system32\appwiz.cpl [MD5.32F593A1FA054374DDB88F60F3FBF4B3] - [15/03/2019 05:49:49] - |A| - [250368] - C:\Windows\system32\AppxAllUserStore.dll [MD5.CF0220514A83C2B76D1B366A3C9950D0] - [15/03/2019 05:49:40] - |A| - [688688] - C:\Windows\system32\AppXDeploymentClient.dll [MD5.6C3E314580159D507B9E80F38BA0105A] - [15/03/2019 05:49:45] - |A| - [1496064] - C:\Windows\system32\AppXDeploymentExtensions.desktop.dll [MD5.77219F5BE1FAB4308FF5673AE0B7D694] - [15/03/2019 05:49:54] - |A| - [2213376] - C:\Windows\system32\AppXDeploymentExtensions.onecore.dll [MD5.8CE431B3FB28FB131E6A2DB0DA600068] - [15/03/2019 05:50:29] - |A| - [3183104] - C:\Windows\system32\AppXDeploymentServer.dll [MD5.E5399452569B52242F196637E0315AF4] - [15/03/2019 05:48:59] - |A| - [125952] - C:\Windows\system32\AppxSysprep.dll [MD5.10E0EBF0C78AD28D4F63FAB8581CB377] - [15/03/2019 05:30:27] - |A| - [362888] - C:\Windows\system32\aswBoot.exe [MD5.B4234B4CA3D64CFC592E6FB814B63890] - [15/03/2019 05:49:50] - |A| - [382264] - C:\Windows\system32\atmfd.dll [MD5.FE6B10E1A858139B9FB61CDDB17CA9F9] - [15/03/2019 05:48:57] - |A| - [47104] - C:\Windows\system32\atmlib.dll [MD5.A58A7510A9EE959B5A84902BF9D2F98A] - [15/03/2019 05:51:22] - |A| - [603824] - C:\Windows\system32\audiodg.exe [MD5.131A787629FE965B99198107F1B2D80F] - [15/03/2019 05:51:22] - |A| - [688128] - C:\Windows\system32\AudioEndpointBuilder.dll [MD5.CF4A40348DA349CC3E303CECFEFF1B7D] - [15/03/2019 05:51:23] - |A| - [1426064] - C:\Windows\system32\AudioEng.dll [MD5.2DB727E40B6224D253D02E5877E36B72] - [15/03/2019 05:49:41] - |A| - [413792] - C:\Windows\system32\AUDIOKSE.dll [MD5.E51D395A60D931554994390512D44B92] - [15/03/2019 05:51:15] - |A| - [1170120] - C:\Windows\system32\AudioSes.dll [MD5.9976D44983904C3614673640F3D4B1E8] - [15/03/2019 05:51:26] - |A| - [1488384] - C:\Windows\system32\audiosrv.dll [MD5.26DF06A387B99C6505AC8AE9063C68EA] - [15/03/2019 05:49:34] - |A| - [5105664] - C:\Windows\system32\AuthFWSnapin.dll [MD5.BA9FC5B6C212625033FA4BB076B8513D] - [15/03/2019 05:49:51] - |A| - [526336] - C:\Windows\system32\authui.dll [MD5.CA193EE81EF42D3B39D69736123B5768] - [15/03/2019 05:49:14] - |A| - [288768] - C:\Windows\system32\authz.dll [MD5.F2C4F7A2AC1611A86B1EAB16E16D5420] - [15/03/2019 05:49:54] - |A| - [1925120] - C:\Windows\system32\AzureSettingSyncProvider.dll [MD5.307924EB13B316CFC0094CC1C2FD4857] - [15/03/2019 05:49:30] - |A| - [204264] - C:\Windows\system32\basecsp.dll [MD5.508B4888B5079FC5BBEBF92EDB2B5D98] - [15/03/2019 05:48:59] - |A| - [1670656] - C:\Windows\system32\batmeter.dll [MD5.A6F6C4E3DC68B8D48C4902FFDE0890EE] - [15/03/2019 05:49:13] - |A| - [1113600] - C:\Windows\system32\bcastdvr.exe [MD5.E8ECABD0EF4490D7980747DD1780D03F] - [15/03/2019 05:49:22] - |A| - [457728] - C:\Windows\system32\bcdedit.exe [MD5.08CDA21039521CAF71891D978EF7763F] - [15/03/2019 05:49:28] - |A| - [137552] - C:\Windows\system32\bcrypt.dll [MD5.4686EE46BE85BFD6C273FFA55ED3AC19] - [15/03/2019 05:50:22] - |A| - [465336] - C:\Windows\system32\bcryptprimitives.dll [MD5.EABC7486905A64C8D0CCED34D14DF3C7] - [26/03/2019 06:07:48] - |A| - [10372] - C:\Windows\system32\bddel.dat [MD5.3DC1DC6838E343782EB3285A23E94268] - [26/03/2019 06:07:48] - |A| - [35120] - C:\Windows\system32\bddel.exe [MD5.F6262869E673CC957C5D820C67F34D2F] - [15/03/2019 05:50:01] - |A| - [840192] - C:\Windows\system32\BFE.DLL [MD5.8B14F3DBC532A1AE1469EEB416F26165] - [15/03/2019 04:50:04] - |A| - [1888112] - C:\Windows\system32\bhtv5Icon.dll [MD5.AD93296BB519159B9E013FAB7C0E9235] - [15/03/2019 05:50:27] - |A| - [8728064] - C:\Windows\system32\BingMaps.dll [MD5.98DF3986A4D53340AA7AB9384134AC9C] - [15/03/2019 05:49:57] - |A| - [962560] - C:\Windows\system32\BingOnlineServices.dll [MD5.80A9370CB3E4D0FACAA9F29D81EB995B] - [15/03/2019 05:50:08] - |A| - [814080] - C:\Windows\system32\bisrv.dll [MD5.168424450BCD688D24629C39CC5EB778] - [15/03/2019 05:49:37] - |A| - [182272] - C:\Windows\system32\BitLockerCsp.dll [MD5.9B71952C6DA6ABE5B703DDD49648DAE8] - [15/03/2019 05:49:12] - |A| - [3756032] - C:\Windows\system32\bootux.dll [MD5.5412090A6BD30C90963C1A06ED585837] - [15/03/2019 05:48:57] - |A| - [262656] - C:\Windows\system32\BrokerLib.dll [MD5.7D9E4DF53070F66AF8E31C6C638CC795] - [15/03/2019 05:50:06] - |A| - [248840] - C:\Windows\system32\browserbroker.dll [MD5.C331EE39EE4B43B5AAD4D192CA07E45B] - [15/03/2019 05:49:14] - |A| - [331264] - C:\Windows\system32\browserexport.exe [MD5.6DF6C72920870AF5D39C0E3C5361B409] - [15/03/2019 05:49:09] - |A| - [153600] - C:\Windows\system32\BrowserSettingSync.dll [MD5.45DF1A208792CE07EF71433AEF8973C5] - [15/03/2019 05:49:19] - |A| - [27448] - C:\Windows\system32\browser_broker.exe [MD5.69AE5D398A856800E0CC4AA1EB6EC08B] - [15/03/2019 05:49:19] - |A| - [58880] - C:\Windows\system32\ByteCodeGenerator.exe [MD5.094380D265797103F3456721FC09FD44] - [15/03/2019 05:49:43] - |A| - [483840] - C:\Windows\system32\catsrvut.dll [MD5.4F39A245AE6DDB230A707A7908AFA634] - [15/03/2019 05:50:21] - |A| - [5195776] - C:\Windows\system32\cdp.dll [MD5.BADBA864C955F645F38F85B5B4D11AFF] - [15/03/2019 05:49:18] - |A| - [1357312] - C:\Windows\system32\cdprt.dll [MD5.1563F58E08FC62896FE05C1D2D80F692] - [15/03/2019 05:49:27] - |A| - [697344] - C:\Windows\system32\cdpsvc.dll [MD5.1846957AEEA89589E527862E6BED7DDF] - [15/03/2019 05:49:33] - |A| - [484352] - C:\Windows\system32\cdpusersvc.dll [MD5.6286CBE87B64AB7D1F59E3375A2FF3F4] - [15/03/2019 05:49:14] - |A| - [188928] - C:\Windows\system32\certprop.dll [MD5.53016432AEB78705BA5E63A5D3F295C3] - [15/03/2019 05:51:19] - |A| - [8108032] - C:\Windows\system32\Chakra.dll [MD5.3B13C91E82392F687033FFDB47B68FEA] - [15/03/2019 05:51:24] - |A| - [104960] - C:\Windows\system32\Chakradiag.dll [MD5.37EC90A03EEE428476F446CE67D881A4] - [15/03/2019 09:12:52] - |SH| - [128] - C:\Windows\system32\chsfzkmblhznywfd.dat [MD5.319D29D7DC0B2FB1480003CEF0570C29] - [15/03/2019 05:50:24] - |A| - [712528] - C:\Windows\system32\ci.dll [MD5.1C099AF0A64B257CE49F088B4667F7A4] - [15/03/2019 04:50:25] - |A| - [278904] - C:\Windows\system32\cilkrts20_64.dll [MD5.5D238EE18D6C07DD08B50DC536A8DF2A] - [15/03/2019 05:49:14] - |A| - [86528] - C:\Windows\system32\cldapi.dll [MD5.A3FA371CB9AD9F0788F284F8BD8DEB35] - [15/03/2019 05:49:59] - |A| - [824800] - C:\Windows\system32\ClipSVC.dll [MD5.C5E70132CD00D314CD0F662F8EE2E4A4] - [15/03/2019 05:49:57] - |A| - [384512] - C:\Windows\system32\cloudAP.dll [MD5.E89306A046F3EFE7B58436691378EC04] - [15/03/2019 05:49:15] - |A| - [300544] - C:\Windows\system32\CloudBackupSettings.dll [MD5.0C6D3D719D71149ED670E1E8884C2D1A] - [15/03/2019 05:49:43] - |A| - [406312] - C:\Windows\system32\CloudExperienceHost.dll [MD5.4FBFD79D8A30C5C025478C0AFC931A36] - [15/03/2019 05:51:03] - |A| - [436536] - C:\Windows\system32\CloudExperienceHostCommon.dll [MD5.FF7918BF603D5C43BACAD2312C2236D8] - [15/03/2019 05:49:24] - |A| - [92032] - C:\Windows\system32\CloudNotifications.exe [MD5.108F518C45C9DE6B686BD084BA7C9657] - [15/03/2019 05:49:24] - |A| - [198440] - C:\Windows\system32\CloudStorageWizard.exe [MD5.0DB734A9E8F3ECF1E558673A5B9A34C7] - [15/03/2019 05:49:37] - |A| - [997376] - C:\Windows\system32\clusapi.dll [MD5.B56976738C58421BEB8189A6D5A6A66E] - [04/03/2019 22:39:16] - |A| - [51808] - C:\Windows\system32\cmdcsr.dll [MD5.7BE91946A1A9E03217624B3A117775D3] - [20/03/2019 13:00:08] - |A| - [337080] - C:\Windows\system32\cmdkbdcss64.dll [MD5.7C35203E529FFA1485B941BE7BACD144] - [04/03/2019 22:36:28] - |A| - [470720] - C:\Windows\system32\cmdvrt64.dll [MD5.38821C1AD7BD69598B39FDDDE84372FD] - [15/03/2019 05:50:20] - |A| - [3174624] - C:\Windows\system32\combase.dll [MD5.4A06A1ED4BD35CA556B5F112A77F9A34] - [15/03/2019 05:49:29] - |A| - [661920] - C:\Windows\system32\comctl32.dll [MD5.7FF05EE65D07CABDF6F92C39D2064D8D] - [15/03/2019 05:50:07] - |A| - [1057792] - C:\Windows\system32\comdlg32.dll [MD5.F1FAC298EEED0C2352AF320053DC4B89] - [15/03/2019 05:49:57] - |A| - [454152] - C:\Windows\system32\coml2.dll [MD5.7774EF325F7E1AB4A3BF38C6B1D9B9E4] - [15/03/2019 05:50:24] - |A| - [147256] - C:\Windows\system32\CompatTelRunner.exe [MD5.6C53FB189E08C323F374598AA01F652D] - [15/03/2019 05:49:15] - |A| - [237568] - C:\Windows\system32\ComposableShellProxyStub.dll [MD5.08066A6791393DC56D026EF288599C1E] - [15/03/2019 05:49:23] - |A| - [89288] - C:\Windows\system32\CompPkgSup.dll [MD5.9766948B92D01B34BF81358627A00EF5] - [15/03/2019 05:49:07] - |A| - [308736] - C:\Windows\system32\compstui.dll [MD5.98705DD87ACA022723ABE3B2A73CD768] - [15/03/2019 05:49:48] - |A| - [1717248] - C:\Windows\system32\comsvcs.dll [MD5.8754B1C1BD7CA26428ACB01D3E660682] - [15/03/2019 05:49:38] - |A| - [157592] - C:\Windows\system32\consent.exe [MD5.04318D6DD76218E4484C0CFD9E700A17] - [15/03/2019 05:50:03] - |A| - [1856512] - C:\Windows\system32\ConstraintIndex.Search.dll [MD5.8BC54762701B089D9A78DA3C15873F14] - [15/03/2019 05:49:30] - |A| - [212992] - C:\Windows\system32\container.dll [MD5.BD09EFD7B81A495C3777BC58F8E382BD] - [15/03/2019 05:50:01] - |A| - [1488288] - C:\Windows\system32\ContentDeliveryManager.Utilities.dll [MD5.FBE86E6A6837A9D682D5EC5ECFB05A61] - [15/03/2019 05:49:01] - |A| - [232960] - C:\Windows\system32\convertvhd.exe [MD5.4B64B776A3966C92AD5059A3A3E517E8] - [15/03/2019 05:49:12] - |A| - [252416] - C:\Windows\system32\coredpus.dll [MD5.089C9159D71CE7F617324DDB67E34DCD] - [15/03/2019 05:49:54] - |A| - [898328] - C:\Windows\system32\CoreMessaging.dll [MD5.46094298CA2615763702C782F947A9E8] - [15/03/2019 05:49:43] - |A| - [1471488] - C:\Windows\system32\CoreShell.dll [MD5.F0E2E0C89BF26B5AE474E5C39949B7A9] - [15/03/2019 05:49:14] - |A| - [407552] - C:\Windows\system32\CoreShellAPI.dll [MD5.F493C6FB6A31BAB72D09C4B46637B27E] - [15/03/2019 05:50:14] - |A| - [3075240] - C:\Windows\system32\CoreUIComponents.dll [MD5.A4F3547123EAC3C8BC8E0E0D4B017C5C] - [15/03/2019 05:49:01] - |A| - [285184] - C:\Windows\system32\Cortana.Persona.dll [MD5.971C66154AB48E2B0BBE14D85C26AFB8] - [15/03/2019 05:49:07] - |A| - [200704] - C:\Windows\system32\CourtesyEngine.dll [MD5.7F6D4A5AA6F5CF471BE2B8B799C0258C] - [15/03/2019 05:49:51] - |A| - [870912] - C:\Windows\system32\CPFilters.dll [MD5.F71A8D267ACFB7DD05DE14785D4A4BB2] - [15/03/2019 05:49:33] - |A| - [101888] - C:\Windows\system32\CredProv2faHelper.dll [MD5.2286AD84D8FE33FF746503F995D3042A] - [15/03/2019 05:50:03] - |A| - [459776] - C:\Windows\system32\CredProvDataModel.dll [MD5.A06A55172BC0A500C71434B42AD83AE7] - [15/03/2019 05:49:41] - |A| - [262656] - C:\Windows\system32\credprovhost.dll [MD5.6A72F6A7AFC71C5F616DEF3A60E7A59A] - [15/03/2019 05:49:40] - |A| - [225792] - C:\Windows\system32\credprovs.dll [MD5.5CFAC7FF04BDF532E38A1EC5B220D746] - [15/03/2019 05:48:56] - |A| - [23552] - C:\Windows\system32\credssp.dll [MD5.2C99BD96DA2C08A4DF912A4EE468613A] - [15/03/2019 05:49:43] - |A| - [1873944] - C:\Windows\system32\crypt32.dll [MD5.57A7EC3D2B24DE7E1614EB1C9F487509] - [15/03/2019 05:49:31] - |A| - [126464] - C:\Windows\system32\cryptcatsvc.dll [MD5.2DADAE45FD2645B3BDAC96A6B7CAE1F0] - [15/03/2019 05:49:41] - |A| - [592384] - C:\Windows\system32\cryptui.dll [MD5.5F9E670B18B631E98AE6E01A3F06BF97] - [15/03/2019 05:49:32] - |A| - [164864] - C:\Windows\system32\cscript.exe [MD5.C08B76197C6FC8B8CCA63DFDE3A48503] - [20/03/2019 13:00:09] - |A| - [50264] - C:\Windows\system32\csscsr64.dll [MD5.18315E8C880660C91695B04348911794] - [20/03/2019 13:00:08] - |A| - [447704] - C:\Windows\system32\cssguard64.dll [MD5.35F394B7E58A9E98F38DA50366C9F67A] - [15/03/2019 05:50:05] - |A| - [5972480] - C:\Windows\system32\d2d1.dll [MD5.234E0CF51BCB2FC503BCA920044A5F1A] - [15/03/2019 05:51:02] - |A| - [7831664] - C:\Windows\system32\d3d10warp.dll [MD5.9027EA175C52B335236196A4075A2ABD] - [15/03/2019 05:50:26] - |A| - [3009736] - C:\Windows\system32\d3d11.dll [MD5.B0327832C64CF0C704A93E14612D0F8A] - [15/03/2019 05:50:15] - |A| - [1416392] - C:\Windows\system32\D3D12.dll [MD5.DE99750CF68F639683435AD1375B0F39] - [15/03/2019 05:50:11] - |A| - [1642520] - C:\Windows\system32\d3d9.dll [MD5.BD22DA95CD4C11BE4FA235D891D63573] - [15/03/2019 05:49:58] - |A| - [830464] - C:\Windows\system32\d3d9on12.dll [MD5.B5F196139B7CC61BB268378A88BFF600] - [15/03/2019 05:50:07] - |A| - [4297728] - C:\Windows\system32\D3DCompiler_47.dll [MD5.1B2E56D8A87A24C60FF23638670D9619] - [15/03/2019 05:49:14] - |A| - [107520] - C:\Windows\system32\dab.dll [MD5.EF3B328D12BDC6791FF62652A8FBC824] - [15/03/2019 05:49:02] - |A| - [119296] - C:\Windows\system32\DafPrintProvider.dll [MD5.FB1C407BF8B1DD0744D0EDD31BE598F7] - [15/03/2019 05:49:51] - |A| - [271872] - C:\Windows\system32\DAFWSD.dll [MD5.F44338D6E9FBBBDFAB849988897CA626] - [15/03/2019 05:49:02] - |A| - [84992] - C:\Windows\system32\DataStoreCacheDumpTool.exe [MD5.12B469EDEDAF69DBB39C12289D16405E] - [15/03/2019 05:49:21] - |A| - [93696] - C:\Windows\system32\davclnt.dll [MD5.840340A44C87276C85E150B50EF7B054] - [15/03/2019 05:49:57] - |A| - [535040] - C:\Windows\system32\daxexec.dll [MD5.C8272185947C80F6B0106BDA1BE9E57E] - [15/03/2019 05:50:16] - |A| - [5833216] - C:\Windows\system32\dbgeng.dll [MD5.5D5CAA6D653D396CAF17799ECCA7AEF7] - [15/03/2019 05:49:44] - |A| - [666624] - C:\Windows\system32\DbgModel.dll [MD5.8DBD8C6BCA1C46CF72E5F26D12CF6807] - [15/03/2019 05:50:07] - |A| - [505656] - C:\Windows\system32\dcntel.dll [MD5.2FBE8D307D281F7F165F6FD3EF3B9B5A] - [15/03/2019 05:49:13] - |A| - [311808] - C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll [MD5.217EF5B7F2E9352906C5102C92C53857] - [15/03/2019 05:49:25] - |A| - [35640] - C:\Windows\system32\DeviceCensus.exe [MD5.07380343D749A66AC5934C608BA7E456] - [15/03/2019 05:49:12] - |A| - [356352] - C:\Windows\system32\DeviceEnroller.exe [MD5.78F06621F8E8DBCDC476CC857CD41429] - [15/03/2019 05:49:50] - |A| - [2404864] - C:\Windows\system32\DeviceFlows.DataModel.dll [MD5.BB8B97CFB154F3CACB1A69A63714284C] - [15/03/2019 05:49:17] - |A| - [566272] - C:\Windows\system32\DevicePairing.dll [MD5.883348A614C2A6666E8E0F2D7A4E2D1B] - [15/03/2019 05:49:27] - |A| - [100136] - C:\Windows\system32\DeviceReactivation.dll [MD5.BB73FD1329739982C2915AB827A01362] - [15/03/2019 05:49:43] - |A| - [238080] - C:\Windows\system32\DeviceSetupManager.dll [MD5.7C61103F8ADB474EA2E56F3B9B533B8A] - [15/03/2019 05:49:28] - |A| - [84992] - C:\Windows\system32\DeviceUpdateAgent.dll [MD5.08F138FDE99081999A1769CBAFF0182D] - [15/03/2019 05:50:24] - |A| - [619832] - C:\Windows\system32\devinv.dll [MD5.FDB38FF469568190277A694D1BF599F5] - [15/03/2019 05:48:57] - |A| - [379392] - C:\Windows\system32\dhcpcore.dll [MD5.2D62FA8D0FB596F610BC818CF2265CA5] - [15/03/2019 05:48:57] - |A| - [298496] - C:\Windows\system32\dhcpcore6.dll [MD5.26DE1F77BFA5A95834427A6449F9DF62] - [15/03/2019 05:51:04] - |A| - [666112] - C:\Windows\system32\DHolographicDisplay.dll [MD5.C59C6E3665EF55382D25A3F3B62AEC1A] - [15/03/2019 05:50:57] - |A| - [2637824] - C:\Windows\system32\diagtrack.dll [MD5.23E935F494FC0407AFF24788CEC40607] - [15/03/2019 05:49:39] - |A| - [474112] - C:\Windows\system32\DictationManager.dll [MD5.BE5F07BA486D34048EC9B0B40E2565DE] - [15/03/2019 05:49:25] - |A| - [165376] - C:\Windows\system32\dinput.dll [MD5.A53C3A6225F1E29923DD452B340919DE] - [15/03/2019 05:49:34] - |A| - [216576] - C:\Windows\system32\dinput8.dll [MD5.C263FB92A9FA0666EDC3BEAEF23B472A] - [15/03/2019 05:48:57] - |A| - [28672] - C:\Windows\system32\dispex.dll [MD5.5EE46ED78742D939459BA3A7237C486B] - [15/03/2019 05:49:39] - |A| - [164864] - C:\Windows\system32\dmcertinst.exe [MD5.F77D48A838B18FCD75682DA59AEE6509] - [15/03/2019 05:49:24] - |A| - [102912] - C:\Windows\system32\dmclient.exe [MD5.BEE525570C56BB4C40FCE695672CE217] - [15/03/2019 05:49:51] - |A| - [518144] - C:\Windows\system32\dmenrollengine.dll [MD5.4FD3168268A6EDC0934B79A6C0FDA89B] - [15/03/2019 05:51:16] - |A| - [739184] - C:\Windows\system32\dnsapi.dll [MD5.1FB9A9A07395E096500EBA2417E4ECA2] - [15/03/2019 05:49:23] - |A| - [286720] - C:\Windows\system32\dnsrslvr.dll [MD5.1914F98652EE03B69B5CA3FA3E8BA4BB] - [15/03/2019 05:49:45] - |A| - [758272] - C:\Windows\system32\DolbyHrtfEnc.dll [MD5.62FF46285672FBA33833996CBA519BA7] - [15/03/2019 05:48:17] - |A| - [253440] - C:\Windows\system32\domgmt.dll [MD5.0A8B601A9E46EC8A15A9A3CEE5805D2F] - [15/03/2019 05:50:20] - |A| - [1342976] - C:\Windows\system32\dosvc.dll [MD5.E1C233826ECA1E52672052C49BD42485] - [15/03/2019 05:48:57] - |A| - [253440] - C:\Windows\system32\dot3svc.dll [MD5.00000000000000000000000000000000] - [25/03/2019 23:04:45] - |DC| - [88336] - C:\Windows\system32\DRVSTORE [MD5.DC06411C7EAF74500832231D2D6CF13B] - [15/03/2019 05:49:00] - |A| - [691200] - C:\Windows\system32\dsreg.dll [MD5.2ABF48AFA9A7011286EC3E6F69FE19C5] - [15/03/2019 05:49:37] - |A| - [155136] - C:\Windows\system32\dssvc.dll [MD5.A05724426389EBC1351E3D6F95CF3EAC] - [15/03/2019 05:49:45] - |A| - [334848] - C:\Windows\system32\dusmsvc.dll [MD5.BF713D9C580BC58934FED58E6562EAD5] - [15/03/2019 05:51:14] - |A| - [2858496] - C:\Windows\system32\dwmcore.dll [MD5.BC1E9637223F8DE90195E5766FB75FE9] - [15/03/2019 05:50:24] - |A| - [3161088] - C:\Windows\system32\DWrite.dll [MD5.46D2F0E302BD88193D3FEDF1FE9EF250] - [15/03/2019 05:49:50] - |A| - [703536] - C:\Windows\system32\dxgi.dll [MD5.82945872A8099848CAC38565DDCF09FF] - [15/03/2019 05:49:51] - |A| - [1327104] - C:\Windows\system32\dxilconv.dll [MD5.164B7EC29CEFC6E2094DE1B3BD451369] - [15/03/2019 05:49:23] - |A| - [456704] - C:\Windows\system32\dxtmsft.dll [MD5.89F21FD6D5A90845BAF1547C4F17B706] - [15/03/2019 05:49:20] - |A| - [276480] - C:\Windows\system32\dxtrans.dll [MD5.3F508EE631EEBAA744C32B9A9B2D90F8] - [15/03/2019 05:49:22] - |A| - [64512] - C:\Windows\system32\EASPolicyManagerBrokerHost.exe [MD5.28342495F3755D2C7681045BC700305C] - [15/03/2019 05:49:13] - |A| - [14336] - C:\Windows\system32\EasPolicyManagerBrokerPS.dll [MD5.71917C1899ECC9D4AEC203E9F585B1A4] - [15/03/2019 05:51:06] - |A| - [25270272] - C:\Windows\system32\edgehtml.dll [MD5.10C38E1CA0D664F58E8B9F3645885E1D] - [15/03/2019 05:48:54] - |A| - [72] - C:\Windows\system32\edgehtmlpluginpolicy.bin [MD5.DB0B81DD8BD75E6A6FE217FDB59576F5] - [15/03/2019 05:49:47] - |A| - [536064] - C:\Windows\system32\edgeIso.dll [MD5.D653FEDF8938EF8EDF88810B8647899F] - [15/03/2019 05:49:29] - |A| - [200704] - C:\Windows\system32\EdgeManager.dll [MD5.D36BCEDC8E72B82DC957F711D8696A44] - [15/03/2019 05:49:06] - |A| - [83968] - C:\Windows\system32\EditBufferTestHook.dll [MD5.76C8BA3C19BA2FDA6B02906D28BF7D2F] - [15/03/2019 05:48:57] - |A| - [177152] - C:\Windows\system32\EditionUpgradeHelper.dll [MD5.77649DBD973A901B987569DEF8FE7D8B] - [15/03/2019 05:49:33] - |A| - [714768] - C:\Windows\system32\EditionUpgradeManagerObj.dll [MD5.F444186533C53A4825A27F7A3B3E62CD] - [15/03/2019 05:49:32] - |A| - [255488] - C:\Windows\system32\edputil.dll [MD5.BD57476ED17768520DC2996A703E85C3] - [15/03/2019 05:50:04] - |A| - [1029536] - C:\Windows\system32\efscore.dll [MD5.A089F15CF85978796DE211D3075F0CE8] - [15/03/2019 05:48:57] - |A| - [81408] - C:\Windows\system32\efslsaext.dll [MD5.378A30A40DF26E089B46F66069BDD1F8] - [15/03/2019 05:48:56] - |A| - [57856] - C:\Windows\system32\efssvc.dll [MD5.88E11DC055F1596989FAF715EA75B816] - [15/03/2019 05:49:47] - |A| - [634880] - C:\Windows\system32\efswrt.dll [MD5.63780C98D82C438FFC4B82185CA30CB4] - [15/03/2019 05:49:41] - |A| - [434176] - C:\Windows\system32\EncDec.dll [MD5.9E15122839C37BF84C5AAFBE21D39749] - [15/03/2019 05:49:28] - |A| - [215552] - C:\Windows\system32\enrollmentapi.dll [MD5.358554029D6645AADCF103BA18D22DC7] - [15/03/2019 05:49:06] - |A| - [25088] - C:\Windows\system32\EnterpriseAppMgmtClient.dll [MD5.3BC17ABD52295C64A8BEE3CF4B244B12] - [15/03/2019 05:49:38] - |A| - [302592] - C:\Windows\system32\EnterpriseAppMgmtSvc.dll [MD5.4D6F2F02DC4647BB70147171F7806724] - [15/03/2019 05:50:15] - |A| - [1574912] - C:\Windows\system32\enterprisecsps.dll [MD5.DBDFEFD6ED5B807388C1943BACCCDBE4] - [15/03/2019 05:49:12] - |A| - [88576] - C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll [MD5.0A56591CDE0BBC9B7D8A064568D53B49] - [15/03/2019 05:49:24] - |A| - [450560] - C:\Windows\system32\es.dll [MD5.07E28F922D6F686348C5A28D4CF4476B] - [15/03/2019 05:49:12] - |A| - [109568] - C:\Windows\system32\eShims.dll [MD5.9D7D33BEF975A084CDC8DC9B2B1EA3DB] - [15/03/2019 05:50:04] - |A| - [755712] - C:\Windows\system32\evr.dll [MD5.FC8442D6B1C03CCEC5A16F681DAAF201] - [15/03/2019 05:49:47] - |A| - [292864] - C:\Windows\system32\ExecModelClient.dll [MD5.6C8A6E37851EA7538820B3426E5510B7] - [15/03/2019 05:50:13] - |A| - [4772352] - C:\Windows\system32\ExplorerFrame.dll [MD5.CD63F15237D81AFEDA484E10464FEF36] - [15/03/2019 05:49:04] - |A| - [257536] - C:\Windows\system32\ExSMime.dll [MD5.D0F48A8C2CD225A7FEDE98223EE62FCA] - [15/03/2019 05:49:26] - |A| - [464384] - C:\Windows\system32\facecredentialprovider.dll [MD5.BEB1E18B7F2CE225D7B8B246B896F5F1] - [15/03/2019 05:51:02] - |A| - [975360] - C:\Windows\system32\FaceProcessor.dll [MD5.C009F5D7740AAC4BDC99EF7C62803C21] - [15/03/2019 05:51:03] - |A| - [269600] - C:\Windows\system32\FaceProcessorCore.dll [MD5.365DDDE9AE10319ED840D9289716650D] - [15/03/2019 05:49:08] - |A| - [155136] - C:\Windows\system32\fdeploy.dll [MD5.C8F7F0ED919EEAE6F9430E65390A94AD] - [15/03/2019 05:48:56] - |A| - [58368] - C:\Windows\system32\fdPnp.dll [MD5.850E528D7D439D1EBFF9AF61B7DC965A] - [15/03/2019 05:49:01] - |A| - [68096] - C:\Windows\system32\fdProxy.dll [MD5.017CE932B1C642DD1639370200A9618D] - [15/03/2019 05:48:56] - |A| - [29184] - C:\Windows\system32\fdWNet.dll [MD5.E65D2A37B6D4445D0CD9234BA933475B] - [15/03/2019 05:48:17] - |A| - [74716] - C:\Windows\system32\FeatureToastHeroImg.jpg [MD5.8DB0A301B592AAD6AB548CFCF771091E] - [15/03/2019 05:51:15] - |A| - [542208] - C:\Windows\system32\FirewallAPI.dll [MD5.D60095FBC488AE1A805FEA5E22BA3F94] - [15/03/2019 05:50:16] - |A| - [1967104] - C:\Windows\system32\FntCache.dll [MD5.923D40C6C8285C3116791A3487B3CED8] - [15/03/2019 05:50:24] - |A| - [779856] - C:\Windows\system32\fontdrvhost.exe [MD5.473DE64499A4EA699A95D3F907C41E88] - [15/03/2019 05:49:13] - |A| - [965632] - C:\Windows\system32\fontext.dll [MD5.8FDF57C98BB3D82B6968D4606372599D] - [15/03/2019 05:49:14] - |A| - [141824] - C:\Windows\system32\FontProvider.dll [MD5.E7156CB4A9247261093920CB3CB10774] - [15/03/2019 05:49:21] - |A| - [121856] - C:\Windows\system32\fontsub.dll [MD5.27F4211199EB5A8E5169020B88EE201C] - [15/03/2019 05:50:01] - |A| - [667136] - C:\Windows\system32\FrameServer.dll [MD5.D13E7221130C8AB2DEAC6CADF1C65E23] - [15/03/2019 05:49:08] - |A| - [82944] - C:\Windows\system32\frprov.dll [MD5.84471E2E955A6BD7CF9BEB7421C0734D] - [15/03/2019 05:49:42] - |A| - [306688] - C:\Windows\system32\FSClient.dll [MD5.4B72A5274B42B64ADA7CE6D89122DA35] - [15/03/2019 05:49:26] - |A| - [98272] - C:\Windows\system32\FsIso.exe [MD5.F4AE2ECB766D7FF7025F9A3F8B9EA343] - [15/03/2019 05:49:41] - |A| - [216064] - C:\Windows\system32\fwpolicyiomgr.dll [MD5.0F9894730901E728FBA7031BEAF2E677] - [15/03/2019 05:49:04] - |A| - [647168] - C:\Windows\system32\FXSCOMEX.dll [MD5.86A2029691F46C53C0061BF032E8A8EC] - [15/03/2019 05:49:10] - |A| - [253952] - C:\Windows\system32\FXST30.dll [MD5.BDE183BD581BDDB43CB5A83C66190D11] - [15/03/2019 05:49:11] - |A| - [299008] - C:\Windows\system32\GameBarPresenceWriter.exe [MD5.54BA19F4D05BECCDE89DA2F84370390E] - [15/03/2019 05:49:38] - |A| - [1297920] - C:\Windows\system32\GamePanel.exe [MD5.27AB670019D08100BE61CB47D41E3023] - [15/03/2019 05:49:06] - |A| - [28160] - C:\Windows\system32\GamePanelExternalHook.dll [MD5.098E31F8AF7CBE1EB289F0E8C4672D1B] - [15/03/2019 05:49:21] - |A| - [2523136] - C:\Windows\system32\gameux.dll [MD5.124D05EE91361B77C6D615D55CC2F289] - [15/03/2019 05:49:43] - |A| - [174080] - C:\Windows\system32\gamingtcui.dll [MD5.A690DB93AE821579CA2DF940748A58F2] - [15/03/2019 05:49:32] - |A| - [155440] - C:\Windows\system32\gdi32.dll [MD5.991DD2F7FF79427D99BCCDC4A0999E95] - [15/03/2019 05:50:29] - |A| - [1638840] - C:\Windows\system32\gdi32full.dll [MD5.4E8F42283889367694A8FC690C22DA27] - [15/03/2019 05:49:48] - |A| - [1666048] - C:\Windows\system32\GdiPlus.dll [MD5.CE3EA9B5DF1B32AA3B3F917B93DA747C] - [15/03/2019 05:50:14] - |A| - [808248] - C:\Windows\system32\generaltel.dll [MD5.EDE76DE334861DA0D4BB6A2C465E9303] - [15/03/2019 05:50:01] - |A| - [496640] - C:\Windows\system32\Geolocation.dll [MD5.7BD14FA8FF575F5DF525203BFDF97E6B] - [15/03/2019 05:49:25] - |A| - [325632] - C:\Windows\system32\GlobCollationHost.dll [MD5.44A8F60A38C87271B582FE4DEEAF73E0] - [15/03/2019 05:50:41] - |A| - [4876800] - C:\Windows\system32\gnsdk_fp.dll [MD5.A6D0AE61FDBA546491A4318721F6A5CF] - [15/03/2019 05:49:16] - |A| - [127136] - C:\Windows\system32\gpapi.dll [MD5.E33DF1740D7DDFC98EF4BF4E329A19A8] - [15/03/2019 05:49:57] - |A| - [1280000] - C:\Windows\system32\gpsvc.dll [MD5.9736D0316780DC662B91C27328789B97] - [04/03/2019 22:38:58] - |A| - [925832] - C:\Windows\system32\guard64.dll [MD5.336ADF701A525A3974BB74A2E1D33C32] - [15/03/2019 05:49:45] - |A| - [471968] - C:\Windows\system32\hal.dll [MD5.4017AECCD2CCAC9DF39130FF4C93D5D3] - [15/03/2019 05:49:13] - |A| - [85504] - C:\Windows\system32\hascsp.dll [MD5.089B5DF78AF7572942D49285B9DECEC0] - [15/03/2019 05:49:24] - |A| - [325832] - C:\Windows\system32\HdcpHandler.dll [MD5.35D1DF2B6009ACE98109AA224CD74B3C] - [15/03/2019 05:49:30] - |A| - [640000] - C:\Windows\system32\HeadTrackerStorage.dll [MD5.181D4A848B7CB99E6562474BF59C44B2] - [15/03/2019 05:49:13] - |A| - [621056] - C:\Windows\system32\hgcpl.dll [MD5.677C3CDAF042D99BD402CA3C2FD03CD5] - [15/03/2019 05:49:53] - |A| - [657408] - C:\Windows\system32\hhctrl.ocx [MD5.524496D74062801DCC1749D2B306EF11] - [15/03/2019 05:49:14] - |A| - [99328] - C:\Windows\system32\hlink.dll [MD5.09D4B8D2B6E858AC52341D344826AEE4] - [15/03/2019 05:51:01] - |A| - [17085952] - C:\Windows\system32\HologramCompositor.dll [MD5.76768AF451E1B38F23265AD781A4E301] - [15/03/2019 05:50:47] - |A| - [543232] - C:\Windows\system32\HolographicExtensions.dll [MD5.9EBE69283AB8B4577B81F63E760DD25F] - [15/03/2019 05:51:04] - |A| - [336896] - C:\Windows\system32\HolographicRuntimes.dll [MD5.63F36F992AA8562D606D6BA6F4121300] - [15/03/2019 05:49:13] - |A| - [230912] - C:\Windows\system32\HoloShellRuntime.dll [MD5.0CF1459F51A30C2D695BCC16302CBE1B] - [15/03/2019 05:49:50] - |A| - [416768] - C:\Windows\system32\html.iec [MD5.1F19647CBA14376080C8C74EEA8CD93B] - [15/03/2019 05:48:56] - |A| - [125440] - C:\Windows\system32\httpprxm.dll [MD5.A34E405462EA388C6252858A9BE0963A] - [15/03/2019 05:51:18] - |A| - [1072952] - C:\Windows\system32\hvax64.exe [MD5.C4450D832472A5A973082D84DED16DCF] - [15/03/2019 05:49:21] - |A| - [60320] - C:\Windows\system32\hvhostsvc.dll [MD5.6D864D75907BBBE76C9C6C8B2151FE21] - [15/03/2019 05:51:08] - |A| - [1252872] - C:\Windows\system32\hvix64.exe [MD5.77B75A9238AF5246A2B1C6E8EFB7BDA5] - [15/03/2019 05:49:25] - |A| - [78648] - C:\Windows\system32\hvloader.dll [MD5.38FE767209BD278F38687D906D004E73] - [15/03/2019 05:51:01] - |A| - [21754368] - C:\Windows\system32\Hydrogen.dll [MD5.4ABBF315B97DBA5053FD689ED01DE87D] - [15/03/2019 05:49:16] - |A| - [113568] - C:\Windows\system32\icfupgd.dll [MD5.E1B89703CF7A52E4A18FFC39B1AAD916] - [15/03/2019 05:49:17] - |A| - [245248] - C:\Windows\system32\icm32.dll [MD5.49E87146F7EB33F1570D4F19D3431296] - [15/03/2019 05:49:06] - |A| - [72192] - C:\Windows\system32\IcsEntitlementHost.exe [MD5.16071A66A9313085B54037B5D7D1C353] - [15/03/2019 05:48:57] - |A| - [286208] - C:\Windows\system32\icsvc.dll [MD5.F03A5454EAE669167639CA3F2EDF73B1] - [15/03/2019 05:48:57] - |A| - [309760] - C:\Windows\system32\icsvcext.dll [MD5.B124CE8AA3DA07EFF85AFA443CBE1B9A] - [15/03/2019 05:49:55] - |RA| - [1900544] - C:\Windows\system32\icuin.dll [MD5.54D8C41BCDFDFDC49A3185B972A92EB2] - [15/03/2019 05:49:42] - |RA| - [1341440] - C:\Windows\system32\icuuc.dll [MD5.8E2C97F29AAC07323245584B279B843D] - [15/03/2019 05:49:18] - |A| - [112640] - C:\Windows\system32\IdCtrls.dll [MD5.FF091D5B0AB5835BFF5E0D57F8F0FD15] - [15/03/2019 05:49:13] - |A| - [229888] - C:\Windows\system32\ie4uinit.exe [MD5.49E80B31EACFA85C923C3662CD0ADEFA] - [15/03/2019 05:48:59] - |A| - [143360] - C:\Windows\system32\IEAdvpack.dll [MD5.58197E2670D62659D6AE437F37B0F74C] - [15/03/2019 05:49:28] - |A| - [1597952] - C:\Windows\system32\ieapfltr.dll [MD5.2EC79671C5F0F09EC06985D410718C59] - [15/03/2019 05:49:43] - |A| - [392704] - C:\Windows\system32\iedkcs32.dll [MD5.F737DEE776F393785B82FCDBB580E341] - [15/03/2019 05:50:27] - |A| - [12833792] - C:\Windows\system32\ieframe.dll [MD5.A2D646DFDABBD41986990289CB5D7F8E] - [15/03/2019 05:49:00] - |A| - [142848] - C:\Windows\system32\iepeers.dll [MD5.0E4326077420664DFC39880BB386C325] - [15/03/2019 05:49:56] - |A| - [816128] - C:\Windows\system32\ieproxy.dll [MD5.E22ED27C52605C52D1ADEEF867BDE5F2] - [15/03/2019 05:48:58] - |A| - [46080] - C:\Windows\system32\iernonce.dll [MD5.472B463EB9E4E436AB3EAD452B1F9214] - [15/03/2019 05:50:12] - |A| - [2736152] - C:\Windows\system32\iertutil.dll [MD5.5DD8C49F75649B48746B8411665E9B04] - [15/03/2019 05:48:58] - |A| - [78336] - C:\Windows\system32\iesetup.dll [MD5.852843AF82669C327630B307F8E7C0FB] - [15/03/2019 05:48:58] - |A| - [117760] - C:\Windows\system32\iesysprep.dll [MD5.32162FE7FA515D40E162985C42ABBF81] - [15/03/2019 05:49:50] - |A| - [561152] - C:\Windows\system32\ieui.dll [MD5.C1127463655F541956FF02A325996ECF] - [15/03/2019 05:48:53] - |A| - [3329] - C:\Windows\system32\ieuinit.inf [MD5.D73C516671C645189B3CF7AD3E20A2EF] - [15/03/2019 05:49:00] - |A| - [151040] - C:\Windows\system32\ieUnatt.exe [MD5.DC9D6FEDFC7DD7AB116A4FDBB8E1870F] - [15/03/2019 05:48:58] - |A| - [167424] - C:\Windows\system32\iexpress.exe [MD5.289363EADA7DB6E07730985D8F2B44C2] - [15/03/2019 05:49:26] - |A| - [984064] - C:\Windows\system32\IKEEXT.DLL [MD5.0E05CFA887C40A1DA00D95E8A915807E] - [15/03/2019 05:48:58] - |A| - [55808] - C:\Windows\system32\imgutil.dll [MD5.C5D273F400B8EE5BEB81097D3E4FAF04] - [15/03/2019 04:50:45] - |A| - [166520] - C:\Windows\system32\IMX241_FN50FF-562H_SKY.cpf [MD5.9F566623F3513D47213DEFA9C7B7C9FA] - [15/03/2019 04:51:17] - |A| - [41470] - C:\Windows\system32\IMX241_FRONT.aiqd [MD5.F609489142774262ABD4AB204E56C4D9] - [15/03/2019 04:50:45] - |A| - [171348] - C:\Windows\system32\IMX241_START2FRONT_SKY.cpf [MD5.B216175F6574C5D40A6BFFFEB28E8938] - [15/03/2019 04:50:45] - |A| - [171276] - C:\Windows\system32\IMX241_START2FRONT_SKY_Video.cpf [MD5.74FC5B9C7CC049384CC51A5E11465BD6] - [15/03/2019 04:51:18] - |A| - [41470] - C:\Windows\system32\IMX258_REAR.aiqd [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - [15/03/2019 04:50:45] - |A| - [276840] - C:\Windows\system32\IMX258_START2REAR_SKY.cpf [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - [15/03/2019 04:50:45] - |A| - [276840] - C:\Windows\system32\IMX258_START2REAR_SKY_Video.cpf [MD5.D5E5AA845308F4F7372C7C7C13CD34B3] - [15/03/2019 05:49:01] - |A| - [206848] - C:\Windows\system32\IndexedDbLegacy.dll [MD5.56320DB26C0BF067E705CA6CBD2B3A3A] - [15/03/2019 05:49:58] - |A| - [985600] - C:\Windows\system32\inetcomm.dll [MD5.CAC8A27E15D8FE20A3B91D3816DFC66A] - [15/03/2019 05:49:40] - |A| - [2083840] - C:\Windows\system32\inetcpl.cpl [MD5.8B1E46241831FBB615A8FCB220754ECA] - [15/03/2019 05:48:58] - |A| - [85504] - C:\Windows\system32\INETRES.dll [MD5.2B6D7ACE8C37A726F442B69DA1AC8B4A] - [15/03/2019 05:49:24] - |A| - [184336] - C:\Windows\system32\InputHost.dll [MD5.C230B93474BE5ED902D45DA248D22E76] - [15/03/2019 05:49:08] - |A| - [134656] - C:\Windows\system32\InputLocaleManager.dll [MD5.04B3DF2C36B59699A61D4B39CFF914C0] - [15/03/2019 05:50:21] - |A| - [3126272] - C:\Windows\system32\InputService.dll [MD5.8DA5D118D664BEE3ED00A90B2BA23263] - [15/03/2019 05:49:06] - |A| - [421376] - C:\Windows\system32\InputSwitch.dll [MD5.730463EFD1F7B2BD745DB01D96E86649] - [15/03/2019 05:48:58] - |A| - [115200] - C:\Windows\system32\inseng.dll [MD5.4269BF5A7C39DE7BED6F30604CCC4F52] - [15/03/2019 05:50:14] - |A| - [1314304] - C:\Windows\system32\InstallService.dll [MD5.36CB60FE6D29C91D3604DBC144CBE1EE] - [15/03/2019 04:50:29] - |A| - [5707856] - C:\Windows\system32\IntelCameraPlugin64.dll [MD5.CE37628BB55D0CE1078DF19AA8DBC91B] - [15/03/2019 05:00:46] - |A| - [209032] - C:\Windows\system32\intel_gfx_api-x64.dll [MD5.5D2998184807773AB1604CB592081D37] - [15/03/2019 05:50:09] - |A| - [460088] - C:\Windows\system32\invagent.dll [MD5.1C5867DC4091C2E23329AB984BF95604] - [15/03/2019 05:48:58] - |A| - [820224] - C:\Windows\system32\iphlpsvc.dll [MD5.F40AC719646B8E31BBDEA664CEAF28A2] - [15/03/2019 05:49:59] - |A| - [602624] - C:\Windows\system32\ipnathlp.dll [MD5.5E40DA079703587DC4E14EF221EEC597] - [15/03/2019 05:49:36] - |A| - [559616] - C:\Windows\system32\iprtrmgr.dll [MD5.F2DB1D6AD6D0ED387DFFB914CDC151A4] - [20/03/2019 13:00:45] - |A| - [255520] - C:\Windows\system32\iseguard64.dll [MD5.0684BEE414439DEE3C6509A1635AF9C1] - [15/03/2019 05:51:03] - |A| - [1167360] - C:\Windows\system32\ISM.dll [MD5.7135FA19C74FD3676A8F1024D4D0596A] - [15/03/2019 05:49:17] - |A| - [194048] - C:\Windows\system32\itircl.dll [MD5.87FE01C4E2BC79B44FEE81576ED6FC36] - [15/03/2019 05:49:32] - |A| - [172544] - C:\Windows\system32\itss.dll [MD5.AA11EC86D11E24863E839672D1B5E0EF] - [15/03/2019 05:49:16] - |A| - [22800] - C:\Windows\system32\iumbase.dll [MD5.D6F786705F206C119A1FBBB9D480CD36] - [15/03/2019 05:49:20] - |A| - [66720] - C:\Windows\system32\iumcrypt.dll [MD5.EBF8626AB63A7DF9D5FD39150CA5035F] - [15/03/2019 05:49:16] - |A| - [15632] - C:\Windows\system32\iumdll.dll [MD5.0EEB17E3B21A9D299CD189205D698FA9] - [15/03/2019 05:49:17] - |A| - [22208] - C:\Windows\system32\IumSdk.dll [MD5.AE4E3282F24D42422B0AF3EF0971D288] - [15/03/2019 05:48:58] - |A| - [94720] - C:\Windows\system32\JavaScriptCollectionAgent.dll [MD5.21E46E6A5EAF413E1F7AB1F0B5895062] - [15/03/2019 05:49:47] - |A| - [1262592] - C:\Windows\system32\JpMapControl.dll [MD5.A498D4BE2A3D619602621CB3EF918034] - [15/03/2019 05:51:19] - |A| - [809472] - C:\Windows\system32\jscript.dll [MD5.E086E9FEBA689C5F973A1D6659DAB8AB] - [15/03/2019 05:51:24] - |A| - [4724224] - C:\Windows\system32\jscript9.dll [MD5.1F928B3E1B823E6014565254116F8DA6] - [15/03/2019 05:51:19] - |A| - [672768] - C:\Windows\system32\jscript9diag.dll [MD5.19937B3AB4B31523FB9CB7461E31AB1D] - [15/03/2019 05:49:22] - |A| - [114984] - C:\Windows\system32\kdnet.dll [MD5.2568382851DCFDEDD02ACB62BDDB7B8C] - [15/03/2019 05:50:09] - |A| - [945152] - C:\Windows\system32\kerberos.dll [MD5.6BE2CC3494A8FFDF13861F8A51BD84D6] - [15/03/2019 05:49:23] - |A| - [54376] - C:\Windows\system32\kernel.appcore.dll [MD5.F753030AD630541B52D0366AC410ADBF] - [15/03/2019 05:49:48] - |A| - [702472] - C:\Windows\system32\kernel32.dll [MD5.6A712C8944062227C8F8A47DE844B3FD] - [15/03/2019 05:50:08] - |A| - [2515360] - C:\Windows\system32\KernelBase.dll [MD5.7919C327FE8E5C6DC970CB804D2EDF7B] - [15/03/2019 05:48:57] - |A| - [90112] - C:\Windows\system32\keyiso.dll [MD5.18A6CB8199D3DF64B8B93FFE241E43B3] - [15/03/2019 05:49:27] - |A| - [278528] - C:\Windows\system32\ksproxy.ax [MD5.A79FBB1A98459C9CFDB4E844017B4A54] - [15/03/2019 05:49:06] - |A| - [41984] - C:\Windows\system32\LaunchWinApp.exe [MD5.EEE38B21A9B514397EFCB66FF7AFDADC] - [15/03/2019 09:12:52] - |SH| - [128] - C:\Windows\system32\lgxzqgavzxsjwhkr.tbl [MD5.20E09FA2219BE2BF77A17AD7644176CA] - [15/03/2019 04:50:31] - |A| - [12435024] - C:\Windows\system32\libia_cp64.dll [MD5.81DA651C930AC4C1F963B5B642B8BC70] - [15/03/2019 05:50:12] - |A| - [980448] - C:\Windows\system32\LicenseManager.dll [MD5.6A361ED0DE59D58CC633F7BB40AB950D] - [15/03/2019 05:48:57] - |A| - [48640] - C:\Windows\system32\LicenseManagerSvc.dll [MD5.24FADDA3F7C2B8E2AA6BA30A673A86B7] - [15/03/2019 05:49:29] - |A| - [857616] - C:\Windows\system32\LicensingWinRT.dll [MD5.3BA01163DBF121AEE5910A77256459A7] - [15/03/2019 05:48:58] - |A| - [32256] - C:\Windows\system32\licmgr10.dll [MD5.459EC4290CF0D8269DB28FBFD6284C58] - [15/03/2019 05:49:30] - |A| - [270336] - C:\Windows\system32\ListSvc.dll [MD5.EF0C1B809402E2291CF88AE7B3982E89] - [15/03/2019 05:49:49] - |A| - [804120] - C:\Windows\system32\locale.nls [MD5.8003FDB02637E02C1BE8DDA113920893] - [15/03/2019 05:49:56] - |A| - [1156608] - C:\Windows\system32\localspl.dll [MD5.0841C829D8608A97890B13157B6859E3] - [15/03/2019 05:50:08] - |A| - [2296320] - C:\Windows\system32\LocationFramework.dll [MD5.40D621BD97B50CCDE100C589A7EBB6B1] - [15/03/2019 05:49:11] - |A| - [80896] - C:\Windows\system32\LocationFrameworkInternalPS.dll [MD5.051485DB8FD8AD2CC72627D6ED61BECD] - [15/03/2019 05:49:17] - |A| - [39736] - C:\Windows\system32\LocationFrameworkPS.dll [MD5.1B109E687B125AF3C93CC4DE8913090A] - [15/03/2019 05:50:05] - |A| - [556544] - C:\Windows\system32\LockAppBroker.dll [MD5.D4E692078892D77D612387A4428A1CB5] - [15/03/2019 05:49:18] - |A| - [674304] - C:\Windows\system32\LockController.dll [MD5.EAF4FD9B241935ED4C1CD75BCA6358DB] - [15/03/2019 05:49:47] - |A| - [448000] - C:\Windows\system32\LockHostingFramework.dll [MD5.FAA1479779AD5F7676D5837D2DCD52B8] - [15/03/2019 05:49:05] - |A| - [160768] - C:\Windows\system32\LockScreenContent.dll [MD5.DF510111E0E809D3EEE60CFBF646D1D5] - [15/03/2019 05:49:16] - |A| - [247480] - C:\Windows\system32\logoncli.dll [MD5.A69447F60670FAC84DE4A23A392AA6F9] - [15/03/2019 05:50:10] - |A| - [721920] - C:\Windows\system32\LogonController.dll [MD5.83FD5674CE41005ED5657D6E2C5B0B4C] - [15/03/2019 05:49:30] - |A| - [1346048] - C:\Windows\system32\lpasvc.dll [MD5.175B20F3504B9A0DE42879B1EA6F0DE9] - [15/03/2019 05:49:20] - |A| - [270208] - C:\Windows\system32\LsaIso.exe [MD5.20688C85B483C3512CDCFB8A913E24B0] - [15/03/2019 05:51:16] - |A| - [1561088] - C:\Windows\system32\lsasrv.dll [MD5.AF3F47A3DD5A799DD0F3D9F3BFDED0EA] - [15/03/2019 05:49:30] - |A| - [57576] - C:\Windows\system32\lsass.exe [MD5.EBA3441FAE390DB599C9B9523A262F2C] - [15/03/2019 05:50:07] - |A| - [699904] - C:\Windows\system32\lsm.dll [MD5.1C61381DA712ABACD2814CEF4514D927] - [15/03/2019 05:49:43] - |A| - [800768] - C:\Windows\system32\Magnify.exe [MD5.3713E9619CDC4526FF431FB37DCFEF15] - [15/03/2019 05:49:32] - |A| - [479744] - C:\Windows\system32\MapConfiguration.dll [MD5.4E3C95475FFE3D4150B3B3608FB1B6BF] - [15/03/2019 05:49:50] - |A| - [885760] - C:\Windows\system32\MapControlCore.dll [MD5.E6F8782C1256FEA671F5069ABBEE3A49] - [15/03/2019 05:50:03] - |A| - [2849792] - C:\Windows\system32\MapGeocoder.dll [MD5.5CF5F03AEC978EA5D4E9693EABB3FC7D] - [15/03/2019 05:50:12] - |A| - [3400192] - C:\Windows\system32\MapRouter.dll [MD5.8C5FD4B49428C7417DF5EF62FA0BCEBD] - [15/03/2019 05:49:50] - |A| - [1173504] - C:\Windows\system32\MapsStore.dll [MD5.A23448D2D5761F2CFF6F121D3C5B5ACD] - [15/03/2019 05:49:26] - |A| - [344064] - C:\Windows\system32\mcbuilder.exe [MD5.A588BF5C7532DA51890D894878874E3F] - [15/03/2019 05:49:32] - |A| - [971264] - C:\Windows\system32\MCRecvSrc.dll [MD5.565E22DDD04311C7CBD25DE977F429B1] - [15/03/2019 05:49:30] - |A| - [146432] - C:\Windows\system32\MDMAppInstaller.exe [MD5.CF565C0A44A5968CBA96AC5B2A860B75] - [15/03/2019 05:48:59] - |A| - [139264] - C:\Windows\system32\mdmmigrator.dll [MD5.B1C8D90D085EAA671E423D60F12ECBC4] - [15/03/2019 05:49:30] - |A| - [231936] - C:\Windows\system32\mdmregistration.dll [MD5.C97D9B1A233E79A3B858239D83F8CBC2] - [15/03/2019 05:49:53] - |A| - [595472] - C:\Windows\system32\mf.dll [MD5.D639625670C14805990C63871A52C4BC] - [15/03/2019 05:49:23] - |A| - [58368] - C:\Windows\system32\mf3216.dll [MD5.1090F390D244BF56406D16E2B403C03A] - [15/03/2019 05:51:26] - |A| - [1971944] - C:\Windows\system32\mfasfsrcsnk.dll [MD5.BF03FA7D74A37C5E6E9301D32B66C380] - [15/03/2019 05:49:41] - |A| - [479232] - C:\Windows\system32\MFCaptureEngine.dll [MD5.D6C9D1D9109117064B44F023029FBA1B] - [15/03/2019 05:51:07] - |A| - [4507000] - C:\Windows\system32\mfcore.dll [MD5.BCE0D2792EB8615683F306F5379F6141] - [15/03/2019 05:49:50] - |A| - [297984] - C:\Windows\system32\mfksproxy.dll [MD5.D4B63C6A96C7B0C30541D529207E99BE] - [15/03/2019 05:50:37] - |A| - [4814336] - C:\Windows\system32\MFMediaEngine.dll [MD5.6B230EC47337BC315E0C3AE00AECB855] - [15/03/2019 05:50:04] - |A| - [1363968] - C:\Windows\system32\mfmkvsrcsnk.dll [MD5.81433E5EC823B116B1243998A2092064] - [15/03/2019 05:51:26] - |A| - [2712592] - C:\Windows\system32\mfmp4srcsnk.dll [MD5.ABE6CDA32F94D8EA6FA16D18A656F61A] - [15/03/2019 05:51:17] - |A| - [1507624] - C:\Windows\system32\mfmpeg2srcsnk.dll [MD5.1B4B0381972D94D6D75351B37F4C488E] - [15/03/2019 05:50:14] - |A| - [1203552] - C:\Windows\system32\mfnetcore.dll [MD5.90FE4A3CE3804E13E86F2C400F507E46] - [15/03/2019 05:50:19] - |A| - [1633632] - C:\Windows\system32\mfnetsrc.dll [MD5.B57DC0F60473D635FBB6544866F110B1] - [15/03/2019 05:50:21] - |A| - [1781360] - C:\Windows\system32\mfplat.dll [MD5.C0BF8256EB2C1A8C8C4E435828D46F29] - [15/03/2019 05:49:25] - |A| - [261008] - C:\Windows\system32\mfps.dll [MD5.6C6EAACC156EAD38DCD2372D2635D5E0] - [15/03/2019 05:50:06] - |A| - [1084736] - C:\Windows\system32\mfreadwrite.dll [MD5.037FBC2FC80B77216B55F6068A07E8B9] - [15/03/2019 05:49:29] - |A| - [212880] - C:\Windows\system32\mfsensorgroup.dll [MD5.152CDDB18C6070007F378B3C7E004CC8] - [15/03/2019 05:51:22] - |A| - [2267616] - C:\Windows\system32\mfsrcsnk.dll [MD5.57737B9D7CC844EDA1454DEBB28FE5DC] - [15/03/2019 05:50:20] - |A| - [1255056] - C:\Windows\system32\mfsvr.dll [MD5.9B9FCE8FAA72F4AB5CDE2C7A8A2FC0C3] - [15/03/2019 05:48:58] - |A| - [408064] - C:\Windows\system32\microsoft-windows-system-events.dll [MD5.3C79D487CF729AC8D9A5C7AA486D1EE7] - [15/03/2019 05:50:29] - |A| - [3124224] - C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll [MD5.ECA2489CE3AEAB6D7E7BD3E693BD6150] - [15/03/2019 05:49:35] - |A| - [222720] - C:\Windows\system32\Microsoft.Bluetooth.Proxy.dll [MD5.A9534BA6072E7041106CA151554D42B8] - [15/03/2019 05:49:02] - |A| - [307200] - C:\Windows\system32\MicrosoftAccountExtension.dll [MD5.6C3A5715D983576DE082A411A48C2BC8] - [15/03/2019 05:49:48] - |A| - [301056] - C:\Windows\system32\MicrosoftAccountWAMExtension.dll [MD5.6760B3B054AECE4800BA539B6E1C5CFD] - [15/03/2019 05:50:38] - |A| - [3478016] - C:\Windows\system32\mispace.dll [MD5.25A01E7B77B696693957812508D7F55D] - [15/03/2019 05:50:17] - |A| - [1936384] - C:\Windows\system32\mmc.exe [MD5.F410DF08D1B887D61155A65DDD912CE0] - [15/03/2019 05:49:23] - |A| - [341504] - C:\Windows\system32\mmcbase.dll [MD5.FDBCBC9D2B1A92E06273905633737959] - [15/03/2019 05:50:26] - |A| - [2983936] - C:\Windows\system32\mmcndmgr.dll [MD5.6681F355FA230A94C8AE5E168CC05775] - [15/03/2019 05:49:43] - |A| - [2186240] - C:\Windows\system32\mmgaclient.dll [MD5.40278F866D7E5BCF082482E796A6CD78] - [15/03/2019 05:49:00] - |A| - [155136] - C:\Windows\system32\mmgaproxystub.dll [MD5.24BB6E99A885407B93C499FBBE546E59] - [15/03/2019 05:49:40] - |A| - [1685504] - C:\Windows\system32\mmgaserver.exe [MD5.40A25734AEC3DF10B675852B34A9ECDA] - [15/03/2019 05:49:08] - |A| - [841216] - C:\Windows\system32\mmsys.cpl [MD5.6B9E286EB5FE6AE0CD4EEEFCEBF62082] - [15/03/2019 05:50:15] - |A| - [1001472] - C:\Windows\system32\modernexecserver.dll [MD5.33CDDD75A86DD1CEEC7AC7F9B4805ECF] - [15/03/2019 05:50:24] - |A| - [7145472] - C:\Windows\system32\mos.dll [MD5.CD246DF8215B59C279E2E03F45959CD8] - [15/03/2019 05:49:24] - |A| - [334136] - C:\Windows\system32\moshostcore.dll [MD5.127A6387191315B5DA5F11C6B5DE3941] - [15/03/2019 05:49:31] - |A| - [856064] - C:\Windows\system32\mprddm.dll [MD5.F8F3CF089351D6D1ACBC1F69824BE9A8] - [15/03/2019 05:51:15] - |A| - [926720] - C:\Windows\system32\MPSSVC.dll [MD5.00000000000000000000000000000000] - [15/03/2019 07:10:38] - |D| - [0] - C:\Windows\system32\MRT [MD5.CC6D8A17DE725C3B3D5C516F41E0D2F5] - [15/03/2019 07:10:35] - |AC| - [127411920] - C:\Windows\system32\MRT.exe [MD5.E2166A792A76A6AFCEB2C5EBD6035F3E] - [15/03/2019 05:49:56] - |A| - [3329536] - C:\Windows\system32\MSAJApi.dll [MD5.DCD6F00342570C576CF1FC50BE3CC141] - [15/03/2019 05:49:33] - |A| - [596480] - C:\Windows\system32\mscms.dll [MD5.E0369FBA21C9EBD0237A915432CFEB81] - [15/03/2019 05:50:44] - |A| - [1463424] - C:\Windows\system32\msctf.dll [MD5.743BD214A7D3CC536105B6B84AFC13F2] - [15/03/2019 05:49:10] - |A| - [217600] - C:\Windows\system32\msctfp.dll [MD5.E0E75372BB921BB501ADEEF1872C0827] - [15/03/2019 05:49:06] - |A| - [826880] - C:\Windows\system32\msdtcprx.dll [MD5.5FE7C8C2DDDB0C52F4CA2935C9C83452] - [15/03/2019 05:49:57] - |A| - [757760] - C:\Windows\system32\msfeeds.dll [MD5.7EB4D9FBBBDABC10FCEDDF210A6EACB3] - [15/03/2019 05:48:59] - |A| - [73216] - C:\Windows\system32\msfeedsbs.dll [MD5.E7DDAE7010C1FDB4C0AB3A61AFE3A5F8] - [15/03/2019 05:48:58] - |A| - [14848] - C:\Windows\system32\msfeedssync.exe [MD5.6EE486D0EFA7AE6F913B500D82B354B0] - [15/03/2019 05:50:23] - |A| - [3198464] - C:\Windows\system32\msftedit.dll [MD5.79BF05DD5D6A2D7AFDD5E37F58EC723A] - [15/03/2019 05:48:58] - |A| - [14848] - C:\Windows\system32\mshta.exe [MD5.DCFCD0C293A24ECC37D6B1F8524F9F02] - [15/03/2019 05:51:11] - |A| - [23678976] - C:\Windows\system32\mshtml.dll [MD5.F967C83FA9D5D51ED58234E80C1284FF] - [15/03/2019 05:48:59] - |A| - [82432] - C:\Windows\system32\MshtmlDac.dll [MD5.766FB5FE9DE7BA21B2012EDC87EAD619] - [15/03/2019 05:49:02] - |A| - [93696] - C:\Windows\system32\mshtmled.dll [MD5.3D79C7815D2AB80F75345D425006E1DB] - [15/03/2019 05:49:43] - |A| - [4056576] - C:\Windows\system32\msi.dll [MD5.E1ED698D30BDEC92923A313AE0006E67] - [15/03/2019 05:49:18] - |A| - [66048] - C:\Windows\system32\msiexec.exe [MD5.D5E29A2F2F9E9AC6D834C62EF3962F63] - [15/03/2019 05:49:22] - |A| - [29696] - C:\Windows\system32\msisip.dll [MD5.A61D61C990FB1DFA2D3C1AE782E8D612] - [15/03/2019 05:49:30] - |A| - [431616] - C:\Windows\system32\msIso.dll [MD5.72074F2A0701F07849762E5C3CDBD435] - [15/03/2019 05:50:22] - |A| - [2406456] - C:\Windows\system32\msmpeg2vdec.dll [MD5.AD4B8BEB88D6AB6960FFE553B59EC3D3] - [15/03/2019 05:49:06] - |A| - [112640] - C:\Windows\system32\msoert2.dll [MD5.C46BEF8F23E222DD2AE0C16A8D1BDC07] - [15/03/2019 05:48:59] - |A| - [159232] - C:\Windows\system32\MSOpusDecoder.dll [MD5.63C7A4EA5EA3C54D92B7D10E0B394650] - [15/03/2019 05:49:39] - |A| - [6722560] - C:\Windows\system32\mspaint.exe [MD5.DBEC7A5098819255A8784901F05D9467] - [15/03/2019 05:49:50] - |A| - [1737728] - C:\Windows\system32\MSPhotography.dll [MD5.6F3D3C7F83E3B9FC7CC7C0F3295C9443] - [15/03/2019 05:49:54] - |A| - [568832] - C:\Windows\system32\msra.exe [MD5.CDDD27C966C0B66669535DEBB9B4FAA1] - [15/03/2019 05:48:56] - |A| - [12288] - C:\Windows\system32\msrating.dll [MD5.3B2EA8F6503C3227DE8194277A195272] - [15/03/2019 05:49:08] - |A| - [126976] - C:\Windows\system32\mssitlb.dll [MD5.EE2B36737C3C4687B67B70EDF8B7782B] - [15/03/2019 05:50:07] - |A| - [863744] - C:\Windows\system32\MsSpellCheckingFacility.dll [MD5.1722934E0B2B33B4A22B81FB4E0A40E4] - [15/03/2019 05:49:30] - |A| - [179712] - C:\Windows\system32\mssph.dll [MD5.2977F5ED72AD79AAF0A12CFE6D52E088] - [15/03/2019 05:49:11] - |A| - [143872] - C:\Windows\system32\mssprxy.dll [MD5.84DC8A262476F86E1103C847016D713F] - [15/03/2019 05:50:31] - |A| - [2741248] - C:\Windows\system32\mssrch.dll [MD5.0D6DAAFE37DA2CB5C2CDAC613488BF20] - [15/03/2019 05:49:52] - |A| - [792064] - C:\Windows\system32\mssvp.dll [MD5.8F50A925596FE12E22ADF123A6DD547C] - [15/03/2019 05:50:06] - |A| - [3630080] - C:\Windows\system32\mstsc.exe [MD5.22067EB06BA5C043E8051E82C8CCA0C5] - [15/03/2019 05:50:39] - |A| - [8432640] - C:\Windows\system32\mstscax.dll [MD5.E127DD22470E8F247E067CE13DCA8E76] - [15/03/2019 05:50:44] - |A| - [418832] - C:\Windows\system32\msv1_0.dll [MD5.4DD4882448C4B91C2095A0A7FC14B16F] - [15/03/2019 05:49:16] - |A| - [586800] - C:\Windows\system32\msvcp110_win.dll [MD5.AE7D6A0EC371EF8716D04749352991C9] - [15/03/2019 05:49:41] - |A| - [628752] - C:\Windows\system32\msvcp_win.dll [MD5.68195105C7D9A2B5DF5BB82ECA521092] - [15/03/2019 05:49:14] - |A| - [630752] - C:\Windows\system32\msvcrt.dll [MD5.CE95CE111E96A0CB34AEB81AB6F7D077] - [15/03/2019 05:50:26] - |A| - [3505664] - C:\Windows\system32\MSVidCtl.dll [MD5.C2C72150753814A00EC18678751C9B9A] - [15/03/2019 05:49:32] - |A| - [710888] - C:\Windows\system32\MSVideoDSP.dll [MD5.41C0900B662510B6826134041FE1E8EF] - [15/03/2019 05:50:04] - |A| - [1133880] - C:\Windows\system32\MSVP9DEC.dll [MD5.9EB931BAC4C10F09B31C7FD353557240] - [15/03/2019 05:49:35] - |A| - [1054392] - C:\Windows\system32\msvproc.dll [MD5.8BBFE8D41D6C69F03C05687792EF6345] - [15/03/2019 05:49:32] - |A| - [1282048] - C:\Windows\system32\MSVPXENC.dll [MD5.19DC173B93EDEFBE5623207FAC243AFF] - [15/03/2019 05:50:33] - |A| - [1856512] - C:\Windows\system32\msxml3.dll [MD5.A5322B11AC5A8D1AC152324CF5E0AA0D] - [15/03/2019 05:50:12] - |A| - [2415864] - C:\Windows\system32\msxml6.dll [MD5.550BEF071FBDE328D5184C87B0E176B5] - [15/03/2019 05:48:16] - |A| - [107520] - C:\Windows\system32\musdialoghandlers.dll [MD5.0435CD4C81A18385011351C5F0A0AD39] - [15/03/2019 05:49:59] - |A| - [402432] - C:\Windows\system32\MusNotification.exe [MD5.7A5752FB02F0F6049327C1951CA62A19] - [15/03/2019 05:49:49] - |A| - [249856] - C:\Windows\system32\MusNotificationUx.exe [MD5.658B8DA74124AA6C0FDF07B35A91B58C] - [15/03/2019 05:47:50] - |A| - [264040] - C:\Windows\system32\MusNotifyIcon.exe [MD5.AD4E90D785CD57CAE7E02792A25E7AA4] - [15/03/2019 05:50:07] - |A| - [858624] - C:\Windows\system32\MusUpdateHandlers.dll [MD5.ACA6E6068D5FBCD64CB599B4B7234FCF] - [15/03/2019 05:49:26] - |A| - [795136] - C:\Windows\system32\NaturalAuth.dll [MD5.2A265F3FE5F77F22CEA9D2785E0399C1] - [15/03/2019 05:49:07] - |A| - [374272] - C:\Windows\system32\ncbservice.dll [MD5.A7578A7B641F07BCC67E76488AB101FF] - [15/03/2019 05:49:50] - |A| - [331776] - C:\Windows\system32\ncryptprov.dll [MD5.2D18D79028AEAE257B4429D08C6F1CA5] - [15/03/2019 05:49:32] - |A| - [118360] - C:\Windows\system32\ncryptsslp.dll [MD5.62232B43114B273462D1CAAEC1D193F8] - [15/03/2019 05:49:54] - |A| - [401408] - C:\Windows\system32\ncsi.dll [MD5.71E830EDA092759585D3DB0B54382018] - [15/03/2019 05:49:06] - |A| - [109568] - C:\Windows\system32\NetDriverInstall.dll [MD5.8451E368813DE8EC59F9E84F88B071AD] - [15/03/2019 05:48:58] - |A| - [20480] - C:\Windows\system32\netevent.dll [MD5.7DBEADC144F91284718ADE81820398B0] - [15/03/2019 05:49:55] - |A| - [820224] - C:\Windows\system32\netlogon.dll [MD5.CB4AEE99CA02DC86DB1F676AC94D188A] - [15/03/2019 05:49:17] - |A| - [298496] - C:\Windows\system32\netplwiz.dll [MD5.50F4B563AF2CA9AC3F9FCAA158735B33] - [15/03/2019 05:49:06] - |A| - [220160] - C:\Windows\system32\netprofm.dll [MD5.8EF316A3190D8E14CA7C85FFE7FF8DB2] - [15/03/2019 05:50:02] - |A| - [541696] - C:\Windows\system32\netprofmsvc.dll [MD5.718D8A5C4F597BE421EEDFE9B4F64191] - [15/03/2019 05:49:21] - |A| - [143264] - C:\Windows\system32\NetSetupApi.dll [MD5.E63CDE5E42666C808C43BB8E330429ED] - [15/03/2019 05:49:50] - |A| - [774560] - C:\Windows\system32\NetSetupEngine.dll [MD5.2049881AB1FC5C03FA3E4E0522EF8DC1] - [15/03/2019 05:49:26] - |A| - [492032] - C:\Windows\system32\NetSetupShim.dll [MD5.B368E739AF3F577EA8D1B256F91036AD] - [15/03/2019 05:49:45] - |A| - [308224] - C:\Windows\system32\NetSetupSvc.dll [MD5.78AE15CCCD334F0A25AE6897ABD502FC] - [15/03/2019 05:49:48] - |A| - [339872] - C:\Windows\system32\NetworkBindingEngineMigPlugin.dll [MD5.0F5A4EC823C8DCF4B333DD66898D06B5] - [15/03/2019 05:49:19] - |A| - [713216] - C:\Windows\system32\NetworkCollectionAgent.dll [MD5.F032DE2CFBFCF82A8BFCF75C1072F13E] - [15/03/2019 05:49:05] - |A| - [234496] - C:\Windows\system32\NetworkDesktopSettings.dll [MD5.5E3BC794D46DD8C5D226374BF49E32B0] - [15/03/2019 05:50:09] - |A| - [3211776] - C:\Windows\system32\NetworkMobileSettings.dll [MD5.8598E34248BE85F5EAC595B2DADDE6EA] - [15/03/2019 05:49:35] - |A| - [513536] - C:\Windows\system32\newdev.dll [MD5.72970159333D72A0CF1EF04BFA5C22E5] - [15/03/2019 05:49:33] - |A| - [703488] - C:\Windows\system32\ngccredprov.dll [MD5.7AF205FDA5EE40EE55346359A610B607] - [15/03/2019 05:49:54] - |A| - [1081856] - C:\Windows\system32\ngcsvc.dll [MD5.B43A42F2C4BA71A227966BEE24712B56] - [15/03/2019 05:49:49] - |A| - [381440] - C:\Windows\system32\ninput.dll [MD5.FA274B36F951A5EF359CF07E2EE188D6] - [15/03/2019 05:49:14] - |A| - [79872] - C:\Windows\system32\nlaapi.dll [MD5.7F609310AC1EC8D66D912438AC792392] - [15/03/2019 05:49:47] - |A| - [366080] - C:\Windows\system32\nlasvc.dll [MD5.AB87EEBCDAEE572447AC9781DFCB4BFB] - [15/03/2019 05:48:59] - |A| - [29184] - C:\Windows\system32\nlmproxy.dll [MD5.DD26719F2CA900D1854CB33F8CDD28E2] - [15/03/2019 05:49:51] - |A| - [893440] - C:\Windows\system32\NMAA.dll [MD5.F86C3D8ADEDCD5B264DCD0926B11621D] - [15/03/2019 05:49:09] - |A| - [330752] - C:\Windows\system32\NmaDirect.dll [MD5.EF2D1D9B50C2D1113DF098074D91A4AB] - [15/03/2019 05:50:12] - |A| - [1043968] - C:\Windows\system32\NotificationController.dll [MD5.C1BCDEC21F6F06D39676B70AB93FFE41] - [15/03/2019 05:49:00] - |A| - [32768] - C:\Windows\system32\NotificationControllerPS.dll [MD5.998B56D83775ADE9BEB1D93A40ED7BF0] - [15/03/2019 05:49:01] - |A| - [321024] - C:\Windows\system32\NotificationObjFactory.dll [MD5.52F71FC6F1F2F999E43D5EE5FD5CC66E] - [15/03/2019 05:46:00] - |A| - [278448] - C:\Windows\system32\Notifier.exe [MD5.A9DC75994F7F4E2CBA45C7A84C2AA768] - [15/03/2019 05:49:21] - |A| - [39936] - C:\Windows\system32\npmproxy.dll [MD5.2DFEF4C2686DAAF6290D110D1599E320] - [15/03/2019 05:48:56] - |A| - [18944] - C:\Windows\system32\nrpsrv.dll [MD5.C705010038DE66EB3A31E7DEF8291758] - [15/03/2019 05:49:23] - |A| - [43008] - C:\Windows\system32\nshhttp.dll [MD5.54407F4E774AE8AD37885BBCC0FFDB3E] - [15/03/2019 05:48:56] - |A| - [30720] - C:\Windows\system32\nsisvc.dll [MD5.D8123E3A02B579CEF41E203E785877C8] - [15/03/2019 05:50:34] - |A| - [1953960] - C:\Windows\system32\ntdll.dll [MD5.31DB1D0F12E1901F4887FCD36752C6A8] - [15/03/2019 05:49:21] - |A| - [38792] - C:\Windows\system32\NtlmShared.dll [MD5.FBD9186168699C827C3E5F6A74A3E402] - [15/03/2019 05:51:20] - |A| - [8617000] - C:\Windows\system32\ntoskrnl.exe [MD5.806E8310B07C740D8DA5E4A52A8A0DE4] - [15/03/2019 05:49:30] - |A| - [863744] - C:\Windows\system32\ntshrui.dll [MD5.89B975455D901D95C43B41FC572DA102] - [15/03/2019 05:49:01] - |A| - [147968] - C:\Windows\system32\occache.dll [MD5.6261F8CD9756B7327313BD8A341990DC] - [15/03/2019 05:48:58] - |A| - [28160] - C:\Windows\system32\odbcconf.dll [MD5.1F8FFE8E8C123E82A5F3951285B843D9] - [15/03/2019 05:49:33] - |A| - [87040] - C:\Windows\system32\ofdeploy.exe [MD5.293AF9A5A6DDCB99A4D08B43B64294D7] - [15/03/2019 05:49:39] - |A| - [128512] - C:\Windows\system32\officecsp.dll [MD5.C6F6297A040E1078DD82BF5F673FDD1F] - [15/03/2019 05:49:29] - |A| - [128928] - C:\Windows\system32\offlinelsa.dll [MD5.D915AECD65AE5221886CDB0654485F5F] - [15/03/2019 05:49:21] - |A| - [250168] - C:\Windows\system32\offlinesam.dll [MD5.BC6B7ECF2743D512324B9E1703885505] - [15/03/2019 05:48:57] - |A| - [79360] - C:\Windows\system32\offreg.dll [MD5.8D566B9BE681F5494E54DFF4DAA7BF9B] - [15/03/2019 05:49:52] - |A| - [1337280] - C:\Windows\system32\ole32.dll [MD5.60F506A9A2FC42D91AAA181376D6B09B] - [15/03/2019 05:49:49] - |A| - [795400] - C:\Windows\system32\oleaut32.dll [MD5.F87B03D9EEC05C03FCFC4AF57B4B0086] - [15/03/2019 05:49:25] - |A| - [428544] - C:\Windows\system32\OneCoreCommonProxyStub.dll [MD5.9F1291F6DDD5AE735635B0BEAD3A9D02] - [15/03/2019 05:49:58] - |A| - [6282184] - C:\Windows\system32\OneCoreUAPCommonProxyStub.dll [MD5.10E758F8E55E2330AD65142C1C2FD3A7] - [15/03/2019 05:50:00] - |A| - [652288] - C:\Windows\system32\OneDriveSettingSyncProvider.dll [MD5.83782E4CC506B9FC2559444F11BBA04E] - [15/03/2019 05:49:19] - |A| - [892872] - C:\Windows\system32\ortcengine.dll [MD5.68FE833F29BE5740B1243E39145AEF7D] - [15/03/2019 05:49:33] - |A| - [620032] - C:\Windows\system32\osk.exe [MD5.E0406C2951A24073AB920705A9CC9D59] - [14/03/2019 22:54:50] - |A| - [130808] - C:\Windows\system32\osrss.dll [MD5.2AE5C6285BA54B5FBAC8B62C64B40432] - [15/03/2019 05:49:26] - |A| - [210944] - C:\Windows\system32\P2P.dll [MD5.35E6495236E917BDFD9659F62EFE2E33] - [15/03/2019 05:49:31] - |A| - [423936] - C:\Windows\system32\p2psvc.dll [MD5.D44C268680739C6F1E7BAC10F6CF9B9D] - [15/03/2019 05:49:39] - |A| - [909312] - C:\Windows\system32\PayloadRestrictions.dll [MD5.1C42CAC7FA34293E1054AE90016710DE] - [15/03/2019 05:48:56] - |A| - [67584] - C:\Windows\system32\pcadm.dll [MD5.56A89E8835F5D74B46109E531D107559] - [15/03/2019 05:48:56] - |A| - [12800] - C:\Windows\system32\pcaevts.dll [MD5.3E7FA87C5EB7584562B4CE1C302B9384] - [15/03/2019 05:49:03] - |A| - [50176] - C:\Windows\system32\pcalua.exe [MD5.E15707C33948656B376FC759A8DA3C60] - [15/03/2019 05:49:54] - |A| - [542520] - C:\Windows\system32\pcasvc.dll [MD5.8810600DB3EEA8120FC9BF3B812902D4] - [15/03/2019 05:49:58] - |A| - [18432] - C:\Windows\system32\PCShellCommonProxyStub.dll [MD5.51B153D12F8983BC02DA8C87D24D1B7C] - [15/03/2019 05:49:13] - |A| - [25088] - C:\Windows\system32\perfnet.dll [MD5.F3FF59A90E24C3DF7CC339668ACE7D0C] - [15/03/2019 05:49:24] - |A| - [203776] - C:\Windows\system32\PersonaX.dll [MD5.F4CD038AA9340B0C9A09E13421D7E389] - [15/03/2019 05:49:13] - |A| - [748032] - C:\Windows\system32\PhoneProviders.dll [MD5.C811E13F01FB77570B727337BBCF64B8] - [15/03/2019 05:49:27] - |A| - [791552] - C:\Windows\system32\PhoneService.dll [MD5.B4E3E0A84E2FC1DC4CC03D6CF100C9CA] - [15/03/2019 05:49:05] - |A| - [430592] - C:\Windows\system32\PhotoMetadataHandler.dll [MD5.D59CD92CE3784678C09B8DF518A8E1A6] - [15/03/2019 05:49:05] - |A| - [188416] - C:\Windows\system32\PimIndexMaintenance.dll [MD5.D6CDA8B7F265DDB16974D3EF2664DA9A] - [15/03/2019 05:48:57] - |A| - [62976] - C:\Windows\system32\PimIndexMaintenanceClient.dll [MD5.A272FE3D88EE84812B334977461DCB22] - [15/03/2019 05:48:58] - |A| - [61440] - C:\Windows\system32\pngfilt.dll [MD5.C15E7930EB01FDDF8A5B874D6AE05BFD] - [15/03/2019 05:49:56] - |A| - [2117632] - C:\Windows\system32\pnidui.dll [MD5.3C899D21CE920195CA987756769B1820] - [15/03/2019 05:49:28] - |A| - [341504] - C:\Windows\system32\pnrpsvc.dll [MD5.45CE809A13CD17BBFE0B4816E37B9C90] - [15/03/2019 05:49:35] - |A| - [491264] - C:\Windows\system32\policymanager.dll [MD5.89A5659721061CA9A9EF702471B41EFB] - [15/03/2019 05:49:00] - |A| - [66560] - C:\Windows\system32\POSyncServices.dll [MD5.01136999E9066C38A2103BC32A4D8E4B] - [15/03/2019 05:49:06] - |A| - [54784] - C:\Windows\system32\Print.Workflow.Source.dll [MD5.C68150067C7EE0469CF21842DD6EA7B1] - [15/03/2019 05:49:13] - |A| - [45056] - C:\Windows\system32\printfilterpipelineprxy.dll [MD5.D2E6947BAD475DAA0E1B203A85625DAA] - [15/03/2019 05:49:57] - |A| - [836608] - C:\Windows\system32\printfilterpipelinesvc.exe [MD5.A363E4424F5AF1E5CF5DB6217EDE30AE] - [15/03/2019 05:48:59] - |A| - [24576] - C:\Windows\system32\PrintWorkflowProxy.dll [MD5.806CA0CAA81AC15C0E275E43529A1EE4] - [15/03/2019 05:49:06] - |A| - [167936] - C:\Windows\system32\PrintWorkflowService.dll [MD5.0225FC6F0D91F84B44CE252487D8D725] - [23/03/2019 04:54:25] - |A| - [607256] - C:\Windows\system32\prodad-codec.dll [MD5.A14E6B78E10DE725955CC39EAADF4046] - [23/03/2019 04:54:21] - |A| - [376344] - C:\Windows\system32\proDAD-PA-Support.dll [MD5.5660B827F4D484E3329E3714CAED957D] - [15/03/2019 05:49:55] - |A| - [408064] - C:\Windows\system32\profsvc.dll [MD5.0B9AC8B320354B9A03C86D24B4C36113] - [15/03/2019 05:49:51] - |A| - [1778272] - C:\Windows\system32\propsys.dll [MD5.F06B4740D08CC0B4CD68C3FC4CCDA5A2] - [15/03/2019 05:49:11] - |A| - [82944] - C:\Windows\system32\provdatastore.dll [MD5.40FB59ED85686F28D54CCEAAAFD4FAA5] - [15/03/2019 05:49:49] - |A| - [432640] - C:\Windows\system32\provengine.dll [MD5.75FE3FDF28D14F1B6E0DFCF870035747] - [15/03/2019 05:49:56] - |A| - [427008] - C:\Windows\system32\provhandlers.dll [MD5.C53E3676A270126AAD93B6607BDF774B] - [15/03/2019 05:49:14] - |A| - [204288] - C:\Windows\system32\provisioningcsp.dll [MD5.6ADC63AAE868274BAB657CF9BB7D2E91] - [15/03/2019 05:49:01] - |A| - [141312] - C:\Windows\system32\provpackageapidll.dll [MD5.27EDE94217CFF0CCAC36BD02DA8DFE38] - [15/03/2019 05:49:31] - |A| - [73216] - C:\Windows\system32\provtool.exe [MD5.0BF27B28677B73B0C19E4DD13620A62F] - [15/03/2019 05:49:27] - |A| - [436224] - C:\Windows\system32\PsmServiceExtHost.dll [MD5.728EB09C07EAA290F4E852068D0016C6] - [15/03/2019 05:48:57] - |A| - [233984] - C:\Windows\system32\psmsrv.dll [MD5.98E0EFDA157E3B407D546C0A3F0412EF] - [15/03/2019 05:49:26] - |A| - [200704] - C:\Windows\system32\puiapi.dll [MD5.E616BFB0ECAD3AFB62EFFA562577A121] - [15/03/2019 05:49:51] - |A| - [459776] - C:\Windows\system32\puiobj.dll [MD5.15DA6327829E1E0440DB2465194CFCE2] - [15/03/2019 05:49:34] - |A| - [254976] - C:\Windows\system32\PushToInstall.dll [MD5.8F81AAE120E5A058E1D311E012965A96] - [15/03/2019 04:50:35] - |A| - [31565888] - C:\Windows\system32\pvl64.dll [MD5.72F089FAC0BD345EA11965B5E5179435] - [15/03/2019 04:50:37] - |A| - [505920] - C:\Windows\system32\pvl_perspective_control64.dll [MD5.9B8E48ACB0D2BD037A11E247F31117A8] - [15/03/2019 04:50:37] - |A| - [136792] - C:\Windows\system32\pvl_skin_smoothing_denoising64.dll [MD5.4C5431E5B7AC5F27FF825B0FFABEF7BF] - [15/03/2019 05:50:19] - |A| - [1348608] - C:\Windows\system32\qmgr.dll [MD5.0490769A6EB5D1B97AB0CD22935C73C8] - [15/03/2019 05:50:09] - |A| - [1607168] - C:\Windows\system32\quartz.dll [MD5.3875F33EB57E7F1BB2A86B1D3BDCA2B5] - [15/03/2019 05:49:06] - |A| - [128000] - C:\Windows\system32\racpldlg.dll [MD5.BF218FF08F540B0EF42F2CAB20E667FE] - [15/03/2019 05:50:11] - |A| - [939520] - C:\Windows\system32\rasapi32.dll [MD5.54D8A771A5C32C293288E64ABE07FE50] - [15/03/2019 05:49:08] - |A| - [104960] - C:\Windows\system32\rasauto.dll [MD5.8BAD7D33FDA414CE1E37C90D787664A1] - [15/03/2019 05:49:27] - |A| - [137216] - C:\Windows\system32\raschap.dll [MD5.B377348423BE76EF5A072EB24A3192BF] - [15/03/2019 05:49:26] - |A| - [401920] - C:\Windows\system32\rascustom.dll [MD5.8E16A46C36B545F821CA4D13B460BDAC] - [15/03/2019 05:49:58] - |A| - [939520] - C:\Windows\system32\rasdlg.dll [MD5.2504824FCC332D7C1F4D0BB8434D8520] - [15/03/2019 05:49:40] - |A| - [950784] - C:\Windows\system32\rasgcw.dll [MD5.B6D5DF64A92DAFDF967D9CB21B30036D] - [15/03/2019 05:49:52] - |A| - [930816] - C:\Windows\system32\rasmans.dll [MD5.0F31945FCE3188D081C6FC23BD98EF9D] - [15/03/2019 05:49:25] - |A| - [499200] - C:\Windows\system32\rastls.dll [MD5.30179149ED1745DC3F18E75792B24964] - [15/03/2019 04:57:24] - |A| - [2939408] - C:\Windows\system32\RCoInstII64.dll [MD5.AFDF4CC4C644C2015B98A33E1BC534A2] - [15/03/2019 05:49:32] - |A| - [1097728] - C:\Windows\system32\rdpbase.dll [MD5.171CEBA2650AC43BC521BFC5C63F587A] - [15/03/2019 05:50:04] - |A| - [627712] - C:\Windows\system32\rdpcore.dll [MD5.700B07A51B7D62596E48536F2451D44E] - [15/03/2019 05:50:16] - |A| - [2035712] - C:\Windows\system32\rdpcorets.dll [MD5.D221EC240104F5477C91C9D0268AD0BD] - [15/03/2019 05:49:04] - |A| - [216576] - C:\Windows\system32\RdpRelayTransport.dll [MD5.59257FC9875CA3F55F326B1BBADE9052] - [15/03/2019 05:49:59] - |A| - [1659904] - C:\Windows\system32\rdpserverbase.dll [MD5.1A30AA7762B455591A05DEBA533D978F] - [15/03/2019 05:49:18] - |A| - [93712] - C:\Windows\system32\rdpudd.dll [MD5.E23990F2AD13908725816FAF299C7278] - [15/03/2019 05:49:31] - |A| - [392192] - C:\Windows\system32\RDXTaskFactory.dll [MD5.180BFFC501C8C3B8539C063A648F7B54] - [15/03/2019 05:50:00] - |A| - [1570304] - C:\Windows\system32\RecoveryDrive.exe [MD5.5B67DDCA453FFBA07C4848E315B69C6B] - [15/03/2019 05:49:13] - |A| - [24064] - C:\Windows\system32\regsvr32.exe [MD5.5B204F7918F0FC3ECDB97784A139325D] - [15/03/2019 05:49:24] - |A| - [87296] - C:\Windows\system32\remoteaudioendpoint.dll [MD5.E91B129A61DE9F362FEA7CAA8E0311D3] - [15/03/2019 05:49:56] - |A| - [1160704] - C:\Windows\system32\reseteng.dll [MD5.1D3C3EC5405E2173EB6F5A1C222EE728] - [15/03/2019 05:50:19] - |A| - [2511360] - C:\Windows\system32\ResetEngine.dll [MD5.11A988DF0EA81F092A0BA341227AF79E] - [15/03/2019 05:49:34] - |A| - [602624] - C:\Windows\system32\resutils.dll [MD5.112F8D853ECE27672FBD7257E3CBC210] - [15/03/2019 05:49:16] - |A| - [125568] - C:\Windows\system32\rmclient.dll [MD5.7EF8C80804B85EB40B9F6EF041854286] - [15/03/2019 05:49:48] - |A| - [1172976] - C:\Windows\system32\rpcrt4.dll [MD5.3B50C211FADE00AD16939157CE2FFC25] - [15/03/2019 05:49:47] - |A| - [1117184] - C:\Windows\system32\rpcss.dll [MD5.483AA94E050F674E19DF2BB664D8F501] - [15/03/2019 05:49:43] - |A| - [203568] - C:\Windows\system32\rsaenh.dll [MD5.7D0314BA4E7BDA57D231C925DDA1F77E] - [15/03/2019 05:49:04] - |A| - [130048] - C:\Windows\system32\rshx32.dll [MD5.5652D8A0F9CB8D8376868B5021460A85] - [15/03/2019 05:49:08] - |A| - [266752] - C:\Windows\system32\rstrui.exe [MD5.0AFA68F828B06A520E8DEA30B84B66E1] - [15/03/2019 04:57:26] - |A| - [1353216] - C:\Windows\system32\RTCOM64.dll [MD5.C4DF02175D74BD8C78B27D036FE180F9] - [15/03/2019 04:57:27] - |A| - [692272] - C:\Windows\system32\RtDataProc64.dll [MD5.F2A04577990047992B9613DD13605AB7] - [15/03/2019 04:57:28] - |A| - [3340520] - C:\Windows\system32\RtkApi64.dll [MD5.7C8B7C210319CBBB97BAF418E4273BFF] - [15/03/2019 04:57:29] - |A| - [193088] - C:\Windows\system32\RtkCfg64.dll [MD5.C1693D9DCCA99B7416A67818B6A031EB] - [15/03/2019 04:57:32] - |A| - [343808] - C:\Windows\system32\RtlCPAPI64.dll [MD5.8060A5DAFA23EC92DF33C452C21FFDAA] - [15/03/2019 05:49:56] - |A| - [1002952] - C:\Windows\system32\rtmcodecs.dll [MD5.59C0B00208A4BF639BB993CAA0EF83B9] - [15/03/2019 05:49:02] - |A| - [438784] - C:\Windows\system32\RTMediaFrame.dll [MD5.4E05E95B0CF7BE0E023D81AB9AA15F12] - [15/03/2019 05:49:18] - |A| - [65992] - C:\Windows\system32\rtmmvrortc.dll [MD5.CFC6BF1458AD09748CCCE07CDE3B44C9] - [15/03/2019 05:50:04] - |A| - [1234888] - C:\Windows\system32\rtmpal.dll [MD5.7C66C26DC87BA64D6BBD57E41DF2CF7D] - [15/03/2019 05:50:32] - |A| - [4959688] - C:\Windows\system32\rtmpltfm.dll [MD5.2736EFFC2767D36DD8C4F8BE7EE1D424] - [15/03/2019 04:57:32] - |A| - [3159888] - C:\Windows\system32\RtPgEx64.dll [MD5.4AF4F67BB18BAABBB28ED84FFF278562] - [15/03/2019 04:57:44] - |A| - [3677288] - C:\Windows\system32\RTSnMg64.cpl [MD5.969A44335D6F50FB061733DEA5AC0709] - [15/03/2019 05:49:39] - |A| - [172112] - C:\Windows\system32\RTWorkQ.dll [MD5.3767825203BB89C66309BFE62E75E6D2] - [15/03/2019 05:50:47] - |A| - [97792] - C:\Windows\system32\runexehelper.exe [MD5.AB25414E0736EEFA6EE50969A5177AD2] - [15/03/2019 05:49:49] - |A| - [899584] - C:\Windows\system32\samsrv.dll [MD5.30FA05F0212168F6E01E0274CDF55364] - [15/03/2019 05:49:16] - |A| - [82432] - C:\Windows\system32\SCardDlg.dll [MD5.93B12AC7CEAF6BA742DC13AEA349217A] - [15/03/2019 05:49:33] - |A| - [259072] - C:\Windows\system32\SCardSvr.dll [MD5.3396A6A892987E8B81289583FC416360] - [15/03/2019 05:49:06] - |A| - [198144] - C:\Windows\system32\ScDeviceEnum.dll [MD5.3D506B517314C35D63A01C3A20119D60] - [15/03/2019 05:50:00] - |A| - [474624] - C:\Windows\system32\schannel.dll [MD5.07317D59B3CCABD09D0EE71A7527DCEA] - [15/03/2019 05:49:57] - |A| - [880640] - C:\Windows\system32\schedsvc.dll [MD5.EA631200C695C445B3F4824A367D4F92] - [15/03/2019 05:49:29] - |A| - [256000] - C:\Windows\system32\scksp.dll [MD5.B407369B419F517AFCEAD3DEAEE39B6E] - [15/03/2019 05:49:35] - |A| - [222208] - C:\Windows\system32\scrobj.dll [MD5.F45F8BCCDDCFF6E79136A9323A0E1CCF] - [15/03/2019 05:49:29] - |A| - [193024] - C:\Windows\system32\scrrun.dll [MD5.9F59502CE682C1C627679562A5387D2A] - [15/03/2019 05:49:16] - |A| - [35744] - C:\Windows\system32\SDFHost.dll [MD5.C006E2BDBF2EBA914C05838694C8020D] - [15/03/2019 05:49:36] - |A| - [388608] - C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll [MD5.B6FA8F0AE5DAEFFD22696E06309C0692] - [15/03/2019 05:49:30] - |A| - [225280] - C:\Windows\system32\SearchFilterHost.exe [MD5.F47F55176933808FFA05DF8AE1DE40CC] - [15/03/2019 05:50:10] - |A| - [982016] - C:\Windows\system32\SearchIndexer.exe [MD5.C5294F7B850EE1CD7BC8E87BB65ABBB7] - [15/03/2019 05:49:20] - |A| - [377856] - C:\Windows\system32\SearchProtocolHost.exe [MD5.1FE0FA8C6C73F25AD72E0109C85028DC] - [15/03/2019 05:50:04] - |A| - [1044792] - C:\Windows\system32\SecConfig.efi [MD5.10571AB73F1E9602D2AF5435974D4EC4] - [15/03/2019 05:49:40] - |A| - [371496] - C:\Windows\system32\sechost.dll [MD5.75BB18120B9478E608EC7F7547D06481] - [15/03/2019 05:49:20] - |A| - [30720] - C:\Windows\system32\seclogon.dll [MD5.EBEEFB13397547D7E7D1B88BB24404BB] - [15/03/2019 05:49:13] - |A| - [27648] - C:\Windows\system32\secur32.dll [MD5.C72938C9FA368F7E680BB3FCF23FAF98] - [15/03/2019 05:49:44] - |A| - [600872] - C:\Windows\system32\securekernel.exe [MD5.CC1D832210DDF3E3C598025F643C8336] - [15/03/2019 05:49:35] - |A| - [189344] - C:\Windows\system32\SecurityHealthAgent.dll [MD5.6660372C957E3013488EC5CE960C02C0] - [15/03/2019 05:49:20] - |A| - [75168] - C:\Windows\system32\SecurityHealthProxyStub.dll [MD5.2BBC2F0C8DF38DD72AF7EC97298101C0] - [15/03/2019 05:49:52] - |A| - [519152] - C:\Windows\system32\SecurityHealthService.exe [MD5.DE87FFC643205C99D0D906520381B7D1] - [15/03/2019 05:49:03] - |A| - [37376] - C:\Windows\system32\SEMgrPS.dll [MD5.A8A23102301BCB047B269C59167D4B8F] - [15/03/2019 05:49:59] - |A| - [1234432] - C:\Windows\system32\SEMgrSvc.dll [MD5.109A90EF5B1E771DA47C371BA9485960] - [15/03/2019 05:49:41] - |A| - [555520] - C:\Windows\system32\SensorService.dll [MD5.3C7280B0BB401D6645128A9D5B076D35] - [15/03/2019 05:49:47] - |A| - [205312] - C:\Windows\system32\sensrsvc.dll [MD5.7F7EBA3672F5FEB1F6F3A4039BF7340B] - [15/03/2019 05:50:07] - |A| - [616888] - C:\Windows\system32\services.exe [MD5.846F99625DB02B06E0581715D0C4D0C9] - [15/03/2019 05:48:57] - |A| - [387584] - C:\Windows\system32\SessEnv.dll [MD5.9253C02DF8782AA6FE66B595F555CBAC] - [15/03/2019 05:49:45] - |A| - [197632] - C:\Windows\system32\SettingMonitor.dll [MD5.7AE1FC977254F3398C7A2D4D7590CFFA] - [15/03/2019 05:49:39] - |A| - [363008] - C:\Windows\system32\SettingsEnvironment.Desktop.dll [MD5.009C5AC2EF035AD6F3BEBE7E5B6658AA] - [15/03/2019 05:49:23] - |A| - [170496] - C:\Windows\system32\SettingsHandlers_ContentDeliveryManager.dll [MD5.4A7A922FBB02862FDF0928C63A8DF15C] - [15/03/2019 05:49:35] - |A| - [620032] - C:\Windows\system32\SettingsHandlers_Devices.dll [MD5.75F731CC28BD247C1D7EA887AD1E72C4] - [15/03/2019 05:49:29] - |A| - [332800] - C:\Windows\system32\SettingsHandlers_Notifications.dll [MD5.B5A611F180E62FB9CABE64F5ECE4E10F] - [15/03/2019 05:50:15] - |A| - [4113408] - C:\Windows\system32\SettingsHandlers_nt.dll [MD5.668D7B537300437CF39FD64306420188] - [15/03/2019 05:49:07] - |A| - [188928] - C:\Windows\system32\SettingsHandlers_OneCore_BatterySaver.dll [MD5.8BBE5C37BFAC7FDD88C010C7FA131BFB] - [15/03/2019 05:49:09] - |A| - [250368] - C:\Windows\system32\SettingsHandlers_SignInOptions.dll [MD5.C402E09AA10A8BEDB85690426A131F32] - [15/03/2019 05:49:34] - |A| - [168448] - C:\Windows\system32\SettingsHandlers_SIUF.dll [MD5.3CB8B94FA26165343AAE6C37E73FB3A8] - [15/03/2019 05:49:19] - |A| - [503296] - C:\Windows\system32\SettingsHandlers_User.dll [MD5.65BF5781AFE833EBCAD1AF6F023D8DCE] - [15/03/2019 05:49:55] - |A| - [508928] - C:\Windows\system32\SettingSync.dll [MD5.05512E5D7C13AB0C9E38AB3FA56DC752] - [15/03/2019 05:50:00] - |A| - [1135104] - C:\Windows\system32\SettingSyncCore.dll [MD5.077448FDBA43596FA4372C21AFF67CBC] - [15/03/2019 05:50:10] - |A| - [967584] - C:\Windows\system32\SettingSyncHost.exe [MD5.7DC3B104CB9F145E125286B09659774B] - [15/03/2019 05:49:13] - |A| - [90624] - C:\Windows\system32\SettingSyncPolicy.dll [MD5.23E661467FA2EB68B711EA20974B4CB7] - [15/03/2019 05:49:38] - |A| - [4537040] - C:\Windows\system32\setupapi.dll [MD5.B6AE95336BCB33015D4EA0E59892960A] - [15/03/2019 05:49:35] - |A| - [201728] - C:\Windows\system32\SharedPCCSP.dll [MD5.5FD29217730A8A58CC9B200088E788B0] - [15/03/2019 05:49:01] - |A| - [421376] - C:\Windows\system32\SharedRealitySvc.dll [MD5.9EE04793D8F4EEDAB82FCAD0FF163032] - [15/03/2019 05:50:15] - |A| - [1224704] - C:\Windows\system32\ShareHost.dll [MD5.EC401EE3E2A122C9AAE1D5AE26F05FD4] - [15/03/2019 05:49:45] - |A| - [671024] - C:\Windows\system32\SHCore.dll [MD5.42B0F9A7E077773D59537E1A69B9113E] - [15/03/2019 05:50:43] - |A| - [21357232] - C:\Windows\system32\shell32.dll [MD5.00000000000000000000000000000000] - [15/03/2019 10:48:27] - |D| - [7572480] - C:\Windows\system32\ShellExtBridge [MD5.84E959936BEAED3A43696628AFFFC1F1] - [15/03/2019 05:49:16] - |A| - [327008] - C:\Windows\system32\shlwapi.dll [MD5.F627EEEFA3EFC67886949658EA4B2695] - [15/03/2019 05:49:26] - |A| - [135680] - C:\Windows\system32\shsetup.dll [MD5.503256AB8B30EA0931C071C140B908D1] - [15/03/2019 05:49:47] - |A| - [276992] - C:\Windows\system32\shutdownux.dll [MD5.D248F3C64B3CD64270FF9A507B814C53] - [15/03/2019 05:49:14] - |A| - [266752] - C:\Windows\system32\SIHClient.exe [MD5.B25335B958E12D2DB48774ADBCA00910] - [15/03/2019 05:49:33] - |A| - [192920] - C:\Windows\system32\skci.dll [MD5.D3419A191F8CABEFBCE0E280265B53DA] - [15/03/2019 05:49:06] - |A| - [21504] - C:\Windows\system32\slcext.dll [MD5.AE884EB0EB1281E2BBDF6509C8149B90] - [15/03/2019 05:50:10] - |A| - [898560] - C:\Windows\system32\SmartcardCredentialProvider.dll [MD5.6E7E085F439B587E0E00B71EB4CA9F3C] - [15/03/2019 05:50:11] - |A| - [2596352] - C:\Windows\system32\smartscreen.exe [MD5.53F1E64294B8944D1202C83A7FD13217] - [15/03/2019 05:49:26] - |A| - [239104] - C:\Windows\system32\smartscreenps.dll [MD5.F4B4E405BCDE95D748F8429FCC30E668] - [15/03/2019 05:48:59] - |A| - [588800] - C:\Windows\system32\SmsRouterSvc.dll [MD5.4C86746E7618463C45DAC6E9ADE6C44F] - [15/03/2019 05:49:39] - |A| - [144288] - C:\Windows\system32\smss.exe [MD5.EFAFE91A54F016498BA983ECA19649EF] - [15/03/2019 05:49:30] - |A| - [708096] - C:\Windows\system32\SndVolSSO.dll [MD5.CBF0FFBF3ECC91258C4E3E5C92224AE9] - [15/03/2019 05:49:29] - |A| - [161792] - C:\Windows\system32\spacebridge.dll [MD5.D4F22CDF9E777345B32CEC0501334D1E] - [15/03/2019 05:49:25] - |A| - [361984] - C:\Windows\system32\SpatializerApo.dll [MD5.DF9885196765DCBB770F48CF42463F80] - [15/03/2019 05:49:00] - |A| - [262656] - C:\Windows\system32\SpatialStore.dll [MD5.4B0E1AAF4ED7387032A4F0CC11BA6080] - [15/03/2019 05:51:03] - |A| - [956416] - C:\Windows\system32\Spectrum.exe [MD5.8D30AAF519A40D69F6BABFFD60C75E56] - [15/03/2019 05:49:09] - |A| - [37888] - C:\Windows\system32\SpectrumSyncClient.dll [MD5.153F12DE99760ACC89F53848DED45679] - [15/03/2019 05:50:03] - |A| - [765952] - C:\Windows\system32\spoolsv.exe [MD5.FA5485502AAC39E157E67EF530B9C351] - [15/03/2019 05:49:07] - |A| - [496640] - C:\Windows\system32\sppcext.dll [MD5.86DEC9B3347DE7F835EE125AB8F7FB85] - [15/03/2019 05:50:29] - |A| - [1619720] - C:\Windows\system32\sppobjs.dll [MD5.CED434DA6E043B450141932D974FF8C1] - [15/03/2019 05:50:50] - |A| - [4504464] - C:\Windows\system32\sppsvc.exe [MD5.0629BBE5DD859B00B10D65BC5B4029D9] - [15/03/2019 05:49:59] - |A| - [730984] - C:\Windows\system32\sppwinob.dll [MD5.9E874B6792C5DBC2F7B89B246A4BAC4C] - [15/03/2019 05:49:13] - |A| - [365568] - C:\Windows\system32\srchadmin.dll [MD5.B8FADC95A9126277F78618D4D162B9AE] - [15/03/2019 05:49:50] - |A| - [482816] - C:\Windows\system32\srcore.dll [MD5.B4E201F2895690EA72A79787FA1CB06F] - [15/03/2019 05:50:18] - |A| - [3578368] - C:\Windows\system32\SRH.dll [MD5.D0319B61F040E7F0025E82A46A87DF72] - [15/03/2019 05:49:26] - |A| - [145408] - C:\Windows\system32\srpapi.dll [MD5.2EC02DFC530560D0C01C7428E4CC9D27] - [15/03/2019 05:48:57] - |A| - [270848] - C:\Windows\system32\srvsvc.dll [MD5.7B5E955BB63726AB625F79AA7AF7FA11] - [15/03/2019 05:48:57] - |A| - [228352] - C:\Windows\system32\ssdpsrv.dll [MD5.A88484D9242C7866E2CCBD67594A8908] - [15/03/2019 05:50:44] - |A| - [185120] - C:\Windows\system32\sspicli.dll [MD5.37E75177909C82D55DA2AD847EDF439E] - [15/03/2019 05:50:44] - |A| - [28672] - C:\Windows\system32\sspisrv.dll [MD5.5C225B8B1C3D1FEEAEEB4FFC2CAFD9C3] - [15/03/2019 05:50:51] - |A| - [5890120] - C:\Windows\system32\StartTileData.dll [MD5.6A72BCAA25F7755F97E99D01AF2A8190] - [15/03/2019 05:50:16] - |A| - [614160] - C:\Windows\system32\StateRepository.Core.dll [MD5.4C74FCF3B3010B5D0EAE3F12E6374E89] - [15/03/2019 05:49:34] - |A| - [417792] - C:\Windows\system32\stobject.dll [MD5.15F2382335C5759B2901BE93D081DF8C] - [15/03/2019 05:48:57] - |A| - [2666496] - C:\Windows\system32\storagewmi.dll [MD5.82EEF358E4F1B0D43C044A3CF5676FC2] - [15/03/2019 05:50:05] - |A| - [964096] - C:\Windows\system32\StorSvc.dll [MD5.63CBA982B6B59722CC872E5F8CBA8BF3] - [15/03/2019 05:49:50] - |A| - [687456] - C:\Windows\system32\StructuredQuery.dll [MD5.FF9B35E7816C61A9376149C4D706FD92] - [15/03/2019 05:49:37] - |A| - [680960] - C:\Windows\system32\sud.dll [MD5.5BA645BB55CA869ADC6A25A8F430F7F7] - [15/03/2019 05:49:15] - |A| - [248320] - C:\Windows\system32\svf.dll [MD5.AE80F089FF890EF483FDB82B9F2A2EA8] - [15/03/2019 06:58:58] - |A| - [313] - C:\Windows\system32\swhealthex.log [MD5.ACED35B02458BC836186B90A20DEA246] - [15/03/2019 05:49:48] - |A| - [3367936] - C:\Windows\system32\SyncCenter.dll [MD5.A6AFB43933A96338CD50E890D4278ACB] - [15/03/2019 05:49:30] - |A| - [624128] - C:\Windows\system32\SyncController.dll [MD5.3109BEE37B1375D85548D64562240CFF] - [15/03/2019 05:49:48] - |A| - [324096] - C:\Windows\system32\SyncSettings.dll [MD5.EE6CEBDB3C9AAD1C80AE32878FCD17C4] - [15/03/2019 05:49:49] - |A| - [970240] - C:\Windows\system32\sysmain.dll [MD5.F29FF0B9CCFF1F99C39B1C90F0B80300] - [15/03/2019 05:48:56] - |A| - [24576] - C:\Windows\system32\sysntfy.dll [MD5.1B38351CB4C71E4004B9850BDCD9D907] - [15/03/2019 05:49:01] - |A| - [284672] - C:\Windows\system32\SystemEventsBrokerServer.dll [MD5.200F0F66CD090CFBD8B3FB1DD0DDDD79] - [15/03/2019 05:49:41] - |A| - [508272] - C:\Windows\system32\systemreset.exe [MD5.E25F219E0F11CCF4B463276CC78100B6] - [15/03/2019 05:49:12] - |A| - [1425408] - C:\Windows\system32\SystemSettings.Handlers.dll [MD5.43FD5C58AE2FE95BB303496E35C3C202] - [15/03/2019 05:49:24] - |A| - [490496] - C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll [MD5.F02767A3A341537680997ECAE674155B] - [15/03/2019 05:49:23] - |A| - [398728] - C:\Windows\system32\SystemSettingsAdminFlows.exe [MD5.68FC5C874F6AAA1EC6E57E2B36725C1C] - [15/03/2019 05:50:02] - |A| - [4592640] - C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll [MD5.1656DC169878FAEDAEDB94BC1A91B2E5] - [15/03/2019 05:49:59] - |A| - [175616] - C:\Windows\system32\t2embed.dll [MD5.5653A2B4FEA9469D31778371B6479232] - [15/03/2019 05:49:22] - |A| - [505344] - C:\Windows\system32\taskcomp.dll [MD5.D680547DC49CA40369817569736C944C] - [15/03/2019 05:50:02] - |A| - [1313016] - C:\Windows\system32\Taskmgr.exe [MD5.EF5DE2C2EA37E6752218D838BE0B6CF2] - [15/03/2019 05:48:58] - |A| - [36352] - C:\Windows\system32\tbauth.dll [MD5.AD1699FD799669CB79427BFD33B9BAA9] - [15/03/2019 05:49:13] - |A| - [217088] - C:\Windows\system32\tcpmon.dll [MD5.E9C39C6E8FCE5C084F2D0FF16C02EB4A] - [15/03/2019 05:48:58] - |A| - [84992] - C:\Windows\system32\tdc.ocx [MD5.FDEE0F5290465D65CC857E8C565FCBC0] - [15/03/2019 05:49:26] - |A| - [507392] - C:\Windows\system32\TDLMigration.dll [MD5.27DF79C4F8B680C70895B844CB2A0DB3] - [15/03/2019 05:49:01] - |A| - [173056] - C:\Windows\system32\tdlrecover.exe [MD5.0CF99D60588AF7F198C135BABCA287F2] - [15/03/2019 05:49:35] - |A| - [208384] - C:\Windows\system32\tetheringservice.dll [MD5.4AFC829A777CAD161200F1169B6C27B1] - [15/03/2019 05:49:22] - |A| - [617312] - C:\Windows\system32\TextInputFramework.dll [MD5.9721A6BEAB8E57262FF72A64C9D5C7A5] - [15/03/2019 05:49:07] - |A| - [2490880] - C:\Windows\system32\themecpl.dll [MD5.7C5272A6CC0D18CFD5C47B4ABA766A23] - [15/03/2019 05:49:47] - |A| - [2873856] - C:\Windows\system32\themeui.dll [MD5.C8F0C26F8780B39508A07886FEB7F037] - [15/03/2019 05:50:29] - |A| - [571392] - C:\Windows\system32\TileDataRepository.dll [MD5.FEF910A47EC2E7F9A5E6847D10E5BB50] - [15/03/2019 05:49:07] - |A| - [561152] - C:\Windows\system32\tileobjserver.dll [MD5.EA80B2C811A7F6B1C9EED312F06F26FB] - [15/03/2019 05:48:57] - |A| - [175616] - C:\Windows\system32\TimeBrokerServer.dll [MD5.5AF4B46215DD0A7CE86910E4668BAFB7] - [15/03/2019 05:49:23] - |A| - [508416] - C:\Windows\system32\timedate.cpl [MD5.B46BABA224F615C80C1CC215316F6445] - [15/03/2019 05:49:23] - |A| - [47616] - C:\Windows\system32\tokenbinding.dll [MD5.CF2A9365420A4162127F9850145A6437] - [15/03/2019 05:50:20] - |A| - [1236992] - C:\Windows\system32\TokenBroker.dll [MD5.5423A9B70C585470C5C9D855281626AB] - [15/03/2019 05:48:58] - |A| - [17408] - C:\Windows\system32\TokenBrokerCookies.exe [MD5.6F89BEA8EEEB205E10CE4CD434B470D9] - [15/03/2019 05:49:01] - |A| - [44032] - C:\Windows\system32\TokenBrokerUI.dll [MD5.8D3D8C7288448BE8E6A7024CFA9E507D] - [15/03/2019 05:50:29] - |A| - [3405824] - C:\Windows\system32\tquery.dll [MD5.554F8E8143ECAD0127775F34FBF49D5C] - [15/03/2019 05:49:39] - |A| - [118272] - C:\Windows\system32\TSpkg.dll [MD5.989DA824E995457D98873DD21CA2B8B9] - [15/03/2019 05:49:30] - |A| - [240128] - C:\Windows\system32\TtlsAuth.dll [MD5.E4BA1324CC7C7B789A066416F3B33B05] - [15/03/2019 05:49:07] - |A| - [219648] - C:\Windows\system32\TtlsCfg.dll [MD5.6E39A1F7FCC3D9034435F93C8B41FF82] - [15/03/2019 05:49:29] - |A| - [222208] - C:\Windows\system32\TtlsExt.dll [MD5.7B4A3705A6AB2E55139A9F0CD0696BB7] - [15/03/2019 05:49:35] - |A| - [181760] - C:\Windows\system32\twext.dll [MD5.BB57360E8E1C53E42F12C7893D1E6A65] - [15/03/2019 05:50:46] - |A| - [1554120] - C:\Windows\system32\twinapi.appcore.dll [MD5.729AF3B925184841627A8F64F9CA6C75] - [15/03/2019 05:49:25] - |A| - [506880] - C:\Windows\system32\twinapi.dll [MD5.08CD5055B9EB98355655203457D3C73F] - [15/03/2019 05:49:56] - |A| - [825856] - C:\Windows\system32\twinui.appcore.dll [MD5.BFB58B4C4EB68045DACE696E6289F106] - [15/03/2019 05:50:46] - |A| - [7545344] - C:\Windows\system32\twinui.dll [MD5.79D4D9388D364211FD178E7746125C85] - [15/03/2019 05:50:46] - |A| - [2976256] - C:\Windows\system32\twinui.pcshell.dll [MD5.13498F649996490D466B1B281A48BC26] - [15/03/2019 05:49:11] - |A| - [96256] - C:\Windows\system32\tzautoupdate.dll [MD5.FE42984491E09E598EE6EEEB825ABB98] - [15/03/2019 05:48:58] - |A| - [2560] - C:\Windows\system32\tzres.dll [MD5.99E5408214F6862F4AB5005B8A793B58] - [15/03/2019 05:49:54] - |A| - [268288] - C:\Windows\system32\ubpm.dll [MD5.37916C7AF318FB27C49D7E8AF706D1FB] - [15/03/2019 05:49:58] - |A| - [997312] - C:\Windows\system32\ucrtbase.dll [MD5.C63E5850148405D3C78D1D9E2E93CE82] - [15/03/2019 05:49:40] - |A| - [478792] - C:\Windows\system32\ucrtbase_enclave.dll [MD5.DAA89209D01484568CF0485ADAD643A3] - [15/03/2019 05:50:02] - |A| - [849920] - C:\Windows\system32\uDWM.dll [MD5.396D03A5151D02BDCB4C8EB72AFE0C08] - [15/03/2019 05:49:53] - |A| - [704000] - C:\Windows\system32\UiaManager.dll [MD5.02E4A06475CD8BC2C399DC5A5FE68DF1] - [15/03/2019 05:50:00] - |A| - [2088448] - C:\Windows\system32\UIAutomationCore.dll [MD5.BA6FFF876F08A02CED2D4106DA72503B] - [15/03/2019 05:49:59] - |A| - [3994624] - C:\Windows\system32\UIRibbon.dll [MD5.A34CE4887F43E75899D08C9CEA1EB229] - [15/03/2019 05:48:59] - |A| - [584192] - C:\Windows\system32\UIRibbonRes.dll [MD5.A3CCFB8A5BD48F56EF2ACB4A427A1AC7] - [15/03/2019 05:49:23] - |A| - [151040] - C:\Windows\system32\umpo.dll [MD5.E8732956707ABBD370F17BAFFBDC8908] - [15/03/2019 05:48:57] - |A| - [293376] - C:\Windows\system32\unimdm.tsp [MD5.F0A388AA51F0DE22AA38A4BA9B04AD9E] - [15/03/2019 05:48:57] - |A| - [1245184] - C:\Windows\system32\Unistore.dll [MD5.0C05615CEA9592E405B97453D9E2D732] - [15/03/2019 05:50:22] - |A| - [2472352] - C:\Windows\system32\UpdateAgent.dll [MD5.3ECF690B9FEA24D615AEAB0C1EDB01F6] - [15/03/2019 05:49:29] - |A| - [97792] - C:\Windows\system32\updatecsp.dll [MD5.01454A8D24BEC12506F47BD7AB03AB5B] - [15/03/2019 05:50:04] - |A| - [530944] - C:\Windows\system32\updatehandlers.dll [MD5.A10FFC968403DE26D5658DC4C611BA54] - [15/03/2019 05:49:26] - |A| - [115712] - C:\Windows\system32\updatepolicy.dll [MD5.0CE4FE9B087077A277955F51462EB43D] - [15/03/2019 05:48:59] - |A| - [235520] - C:\Windows\system32\url.dll [MD5.4390CD6D37391A04EB3EF241CBB7EC63] - [15/03/2019 05:50:34] - |A| - [1808384] - C:\Windows\system32\urlmon.dll [MD5.79F04C5FE59CEC9D3928DB996FDE90EC] - [15/03/2019 05:48:57] - |A| - [329216] - C:\Windows\system32\usbmon.dll [MD5.0370364D4D8846B6CF316ABBB2EDB083] - [15/03/2019 05:50:31] - |A| - [1634288] - C:\Windows\system32\user32.dll [MD5.201707DA4259ACAE6B37E474BE75D58C] - [15/03/2019 05:49:52] - |A| - [1353728] - C:\Windows\system32\usercpl.dll [MD5.DBB8DA23D912E799683A34BFBAE3EF70] - [15/03/2019 05:49:53] - |A| - [1573376] - C:\Windows\system32\UserDataService.dll [MD5.A6B5C9A47D0195688F7C037C4E85987F] - [15/03/2019 05:49:12] - |A| - [119808] - C:\Windows\system32\UserDataTimeUtil.dll [MD5.04499A41CC5210854D1DBB42A79E5389] - [15/03/2019 05:49:14] - |A| - [199168] - C:\Windows\system32\UserDeviceRegistration.dll [MD5.099D6E1F4242EE5D78D9E09D0E8BDCB9] - [15/03/2019 05:49:22] - |A| - [648704] - C:\Windows\system32\UserLanguagesCpl.dll [MD5.29D52BDF7605DBD39C2D6D089E72C6F4] - [15/03/2019 05:50:04] - |A| - [951808] - C:\Windows\system32\usermgr.dll [MD5.F9DA0FBC575D86356086D244D1698F2C] - [15/03/2019 05:49:11] - |A| - [92160] - C:\Windows\system32\usoapi.dll [MD5.A6C37370BCC7643513F173E87C98B591] - [15/03/2019 05:49:13] - |A| - [39424] - C:\Windows\system32\UsoClient.exe [MD5.81D45253B7A2EF8D99AC811B0DB3AF41] - [15/03/2019 05:50:17] - |A| - [1329664] - C:\Windows\system32\usocore.dll [MD5.2B5736C77D7B7FCB3277A66F0F6A277D] - [15/03/2019 05:49:13] - |A| - [100352] - C:\Windows\system32\utcutil.dll [MD5.081E644616F1E977BCD3E7C7D54A635C] - [15/03/2019 05:49:42] - |A| - [587776] - C:\Windows\system32\uxtheme.dll [MD5.C897E0AF7C74F525F6263647069AFAF0] - [15/03/2019 05:50:47] - |A| - [374152] - C:\Windows\system32\vac.exe [MD5.E18B8F39E55BD5D346F071B1C9A03196] - [15/03/2019 05:51:23] - |A| - [591360] - C:\Windows\system32\vbscript.dll [MD5.A30C74FAB23919754CE600A80A0B4E40] - [15/03/2019 05:49:26] - |A| - [159120] - C:\Windows\system32\vertdll.dll [MD5.A8F60A16C5DA699B20C4092417351039] - [15/03/2019 05:48:59] - |A| - [55808] - C:\Windows\system32\virtdisk.dll [MD5.AE57A6E2BABE56569867BA8A12D76DEF] - [15/03/2019 05:48:59] - |A| - [17408] - C:\Windows\system32\VmApplicationHealthMonitorProxy.dll [MD5.11FB09A2C990DCFAA2B5BF1AC29E9545] - [15/03/2019 05:49:16] - |A| - [28520] - C:\Windows\system32\vmbuspipe.dll [MD5.01DF7DCAA6BFF4EFEF8B0BCB03185269] - [15/03/2019 05:48:56] - |A| - [50176] - C:\Windows\system32\vmictimeprovider.dll [MD5.F4DAC5A713AC57273A8BFCC83B84E8BF] - [15/03/2019 05:49:14] - |A| - [425984] - C:\Windows\system32\vmrdvcore.dll [MD5.58292E77A039EE1CF59412B386865C76] - [15/03/2019 05:49:57] - |A| - [689152] - C:\Windows\system32\vpnike.dll [MD5.912B2CBB6DE1FFB193B2640C51CA554B] - [15/03/2019 05:49:38] - |A| - [1661440] - C:\Windows\system32\vssapi.dll [MD5.FB0BB0ADA2DBE4DCC2462AADBC9A44DD] - [15/03/2019 05:49:56] - |A| - [1556992] - C:\Windows\system32\VSSVC.exe [MD5.179798523995687C5A0B49B762827007] - [15/03/2019 05:01:30] - |A| - [1014784] - C:\Windows\system32\vulkan-1-999-0-0-0.dll [MD5.179798523995687C5A0B49B762827007] - [15/03/2019 05:01:30] - |A| - [1014784] - C:\Windows\system32\vulkan-1.dll [MD5.B23B857ED2A89D932DC091CADFA176E3] - [15/03/2019 04:58:41] - |A| - [254944] - C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe [MD5.B23B857ED2A89D932DC091CADFA176E3] - [15/03/2019 04:58:41] - |A| - [254944] - C:\Windows\system32\vulkaninfo.exe [MD5.04910751D877903AB7C7564EB0772E61] - [15/03/2019 05:49:01] - |A| - [563712] - C:\Windows\system32\w32time.dll [MD5.E6BDA76F764395F0A7FDEB22BD9037B6] - [15/03/2019 05:49:06] - |A| - [348160] - C:\Windows\system32\WaaSMedic.exe [MD5.A0B4836C489C2535795C4E71E378AD07] - [15/03/2019 05:49:55] - |A| - [975872] - C:\Windows\system32\wbiosrvc.dll [MD5.B739C2D6AD2B13E56F43BBC33EC42E91] - [15/03/2019 05:49:24] - |A| - [45056] - C:\Windows\system32\wcimage.dll [MD5.4CA2566F615577391AC59A6ABDBA139F] - [15/03/2019 05:49:38] - |A| - [229376] - C:\Windows\system32\wcmcsp.dll [MD5.5376D231E2500D4E103D834450FCECE0] - [15/03/2019 05:49:58] - |A| - [891392] - C:\Windows\system32\wcmsvc.dll [MD5.DCAB9E8C7C34ACE7BC9C1935A382C361] - [15/03/2019 05:49:17] - |A| - [134656] - C:\Windows\system32\WcnApi.dll [MD5.505E50A4819CF28DCE8176DB15952D49] - [15/03/2019 05:49:26] - |A| - [465920] - C:\Windows\system32\wcncsvc.dll [MD5.FF17A8B1232A2E4386C15E2D334EA03F] - [15/03/2019 05:49:06] - |A| - [34816] - C:\Windows\system32\WcnEapAuthProxy.dll [MD5.1EA5504E81D2040C4B71DE171D2DFA4B] - [15/03/2019 05:49:06] - |A| - [36352] - C:\Windows\system32\WcnEapPeerProxy.dll [MD5.F4766FF027EAC8C0DEE720E717ECD189] - [15/03/2019 05:48:57] - |A| - [306176] - C:\Windows\system32\wc_storage.dll [MD5.A7D73A6C8F787B10B304FEA88CB3849E] - [15/03/2019 05:49:16] - |A| - [258560] - C:\Windows\system32\webcheck.dll [MD5.36947722152A5C5CE9CAA33AD84ACCB5] - [15/03/2019 05:49:37] - |A| - [217088] - C:\Windows\system32\WebClnt.dll [MD5.3C2A077D031A5E5B621D81B48969EF38] - [15/03/2019 05:49:53] - |A| - [580096] - C:\Windows\system32\webio.dll [MD5.3785CE25A8B762C5695174ACD4C6C6C4] - [15/03/2019 05:49:07] - |A| - [675328] - C:\Windows\system32\webplatstorageserver.dll [MD5.6E1021D6FA0FB54CAF4D1CDB9AD35046] - [15/03/2019 05:50:12] - |A| - [1498112] - C:\Windows\system32\WebRuntimeManager.dll [MD5.3ADC90E13C117241350E83F4AF6401EC] - [15/03/2019 05:50:06] - |A| - [1358496] - C:\Windows\system32\webservices.dll [MD5.4C0A75EBAF4F9632955C7A9814D549D8] - [15/03/2019 05:49:40] - |A| - [757704] - C:\Windows\system32\wer.dll [MD5.C0A125F36E46C4A2BD26FBC3E3FB9C9B] - [15/03/2019 05:49:23] - |A| - [472576] - C:\Windows\system32\werui.dll [MD5.7BD65A0DD7FB5EFFAEA253A48AEEF73C] - [15/03/2019 05:50:05] - |A| - [1816576] - C:\Windows\system32\wevtsvc.dll [MD5.5CDE5FB8CB29653671475FF0D59027BC] - [15/03/2019 05:48:58] - |A| - [144896] - C:\Windows\system32\wextract.exe [MD5.807C0614AA0B65F10E5C32B7BA7AA19B] - [15/03/2019 05:49:06] - |A| - [46080] - C:\Windows\system32\wfdprov.dll [MD5.F1010CB647AB1F4C847254C211E2FBF7] - [15/03/2019 05:49:23] - |A| - [133632] - C:\Windows\system32\wificonnapi.dll [MD5.F055775869E157638C17C620F724D9E1] - [15/03/2019 05:50:11] - |A| - [1343488] - C:\Windows\system32\wifinetworkmanager.dll [MD5.095BCCFD7C4C595D2B7F181847635FF8] - [15/03/2019 05:49:41] - |A| - [309248] - C:\Windows\system32\wifiprofilessettinghandler.dll [MD5.273F7201C712931688F1D066D9F07609] - [15/03/2019 05:49:47] - |A| - [461728] - C:\Windows\system32\wifitask.exe [MD5.D3B74276EE38F315B3192E0B08A245BF] - [15/03/2019 05:49:51] - |A| - [705944] - C:\Windows\system32\wimgapi.dll [MD5.B796D998074BDDAB54BB0AA7B058D9F2] - [15/03/2019 05:49:43] - |A| - [525728] - C:\Windows\system32\wimserv.exe [MD5.8A1358D867935BF2FE7A8A1E616D6A98] - [15/03/2019 05:50:24] - |A| - [70968] - C:\Windows\system32\win32appinventorycsp.dll [MD5.13F095B2055B5A2CAA146196C0050AEB] - [15/03/2019 05:51:20] - |A| - [2085376] - C:\Windows\system32\win32kbase.sys [MD5.BCE027740A279FFEBEEFA9751F055E31] - [15/03/2019 05:51:20] - |A| - [3660800] - C:\Windows\system32\win32kfull.sys [MD5.26DEFFCCD0776A274A747230B41E29FC] - [15/03/2019 05:49:56] - |A| - [837120] - C:\Windows\system32\win32spl.dll [MD5.38A3673FB4619A079759D2679B18639E] - [15/03/2019 05:49:34] - |A| - [96200] - C:\Windows\system32\winbrand.dll [MD5.0E785E85231321F3FADC7FE25A7A7B63] - [15/03/2019 05:49:29] - |A| - [436224] - C:\Windows\system32\wincorlib.dll [MD5.379BDBB2F96B131278B17953F0D974ED] - [15/03/2019 05:49:00] - |A| - [210944] - C:\Windows\system32\Windows.ApplicationModel.Core.dll [MD5.40762277F9D91AE7966A36F4F83DCCB7] - [15/03/2019 05:49:29] - |A| - [668848] - C:\Windows\system32\Windows.ApplicationModel.dll [MD5.22D549483E60B5DA881AE7A26AD0967F] - [15/03/2019 05:49:38] - |A| - [432640] - C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll [MD5.FBA732173590BBE0DA70C72054793BAD] - [15/03/2019 05:50:05] - |A| - [1925760] - C:\Windows\system32\Windows.ApplicationModel.Store.dll [MD5.44A396EF44738DB3114F513E570BD092] - [15/03/2019 05:49:38] - |A| - [308736] - C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll [MD5.FBB9CBF4C5CCF17BF67DDBBD116BD871] - [15/03/2019 05:50:19] - |A| - [3187200] - C:\Windows\system32\Windows.CloudStore.dll [MD5.268F20B93BE5E6F981DA57FA0C211987] - [15/03/2019 05:50:06] - |A| - [583680] - C:\Windows\system32\Windows.CloudStore.Schema.Shell.dll [MD5.6134CBAD8C1353D60DE86C1016C16FD2] - [15/03/2019 05:50:32] - |A| - [8040448] - C:\Windows\system32\Windows.Data.Pdf.dll [MD5.C53968C5F3CEFA26630D0367B902113C] - [15/03/2019 05:49:44] - |A| - [933376] - C:\Windows\system32\Windows.Devices.Sensors.dll [MD5.6243410C71F50942A132FB8FCB423A74] - [15/03/2019 05:50:06] - |A| - [1577984] - C:\Windows\system32\Windows.Globalization.dll [MD5.FB882427EA2621CF96394D63597C9B74] - [15/03/2019 05:49:52] - |A| - [456192] - C:\Windows\system32\Windows.Graphics.Printing.Workflow.dll [MD5.FD3C3B649AF7FB4CD749D231ECC12651] - [15/03/2019 05:48:59] - |A| - [16896] - C:\Windows\system32\Windows.Graphics.Printing.Workflow.Native.dll [MD5.29F76B91214004E44E6A7741D71EC823] - [15/03/2019 05:49:53] - |A| - [524800] - C:\Windows\system32\windows.immersiveshell.serviceprovider.dll [MD5.A87425A3B81939C04FABDEBD3A159EA8] - [15/03/2019 05:49:16] - |A| - [674816] - C:\Windows\system32\Windows.Internal.AdaptiveCards.XamlCardRenderer.dll [MD5.5CD05499F7A7D1A223ADCBE692B12F6C] - [15/03/2019 05:49:40] - |A| - [616960] - C:\Windows\system32\Windows.Internal.Bluetooth.dll [MD5.92F1720AFB4305DA91924AC263E9762F] - [15/03/2019 05:49:32] - |A| - [329728] - C:\Windows\system32\Windows.Internal.Feedback.Analog.dll [MD5.5BC34122A1974DD18880C3EBE955BC20] - [15/03/2019 05:49:31] - |A| - [702464] - C:\Windows\system32\Windows.Internal.Management.dll [MD5.5C34D8E3D668CD91B66DEF6F2CF0458E] - [15/03/2019 05:49:05] - |A| - [385024] - C:\Windows\system32\Windows.Internal.PredictionUnit.dll [MD5.241EA7C5D5EE801A5172C8CE69E10F9B] - [15/03/2019 05:49:42] - |A| - [1114040] - C:\Windows\system32\Windows.Internal.Shell.Broker.dll [MD5.31FD8E351E031A4F366274C2D077560F] - [15/03/2019 05:49:12] - |A| - [253952] - C:\Windows\system32\windows.internal.shellcommon.shareexperience.dll [MD5.665689C2AAA4CF6D5239A22D1848D9E0] - [15/03/2019 05:49:28] - |A| - [730112] - C:\Windows\system32\Windows.Internal.Signals.dll [MD5.8F4573B2E4B018CA626D50EA7654F213] - [15/03/2019 05:48:59] - |A| - [31744] - C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll [MD5.ED9FC1BECA2E783FA78E3DC8955CE37B] - [15/03/2019 05:50:08] - |A| - [943104] - C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll [MD5.3314AB85DADC58E646E5200F19A9B2BB] - [15/03/2019 05:51:07] - |A| - [6793408] - C:\Windows\system32\Windows.Media.dll [MD5.C7D5EB7345BCA800782FEA56323D1AF3] - [15/03/2019 05:49:09] - |A| - [820736] - C:\Windows\system32\Windows.Media.Import.dll [MD5.A35B676B46E948D564F856B3219F08F8] - [15/03/2019 05:49:48] - |A| - [941568] - C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll [MD5.586774A2C25B6EF349A4A4B2720FC643] - [15/03/2019 05:50:08] - |A| - [918528] - C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll [MD5.088D19BB161E1E25ED34BB7696533454] - [15/03/2019 05:49:01] - |A| - [111104] - C:\Windows\system32\Windows.Media.Playback.ProxyStub.dll [MD5.87E79239FBF5676BF635FD003D8AFCCE] - [15/03/2019 05:50:59] - |A| - [7385208] - C:\Windows\system32\Windows.Media.Protection.PlayReady.dll [MD5.08C5E6C9BD022C822B1984B7FE74BA3E] - [15/03/2019 05:51:02] - |A| - [3331120] - C:\Windows\system32\Windows.Mirage.dll [MD5.258A4ADA7466EF95AAECAC8024EA981A] - [15/03/2019 05:51:03] - |A| - [882688] - C:\Windows\system32\Windows.Mirage.Internal.dll [MD5.D92E19CF04EE1AD177911B47FA265239] - [15/03/2019 05:49:08] - |A| - [504320] - C:\Windows\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll [MD5.D5570C34DBDB3802A767204D6E4F6D78] - [15/03/2019 05:50:06] - |A| - [969728] - C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll [MD5.60422C5B6ACD473260D518105C5FAD21] - [15/03/2019 05:49:55] - |A| - [887296] - C:\Windows\system32\Windows.Networking.dll [MD5.0708BA4D2C574578BD79BA05034C6010] - [15/03/2019 05:49:39] - |A| - [138240] - C:\Windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll [MD5.31AB95BA7E184C0C21B1B148C0A60E32] - [15/03/2019 05:49:53] - |A| - [568832] - C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll [MD5.5F1D47E0D1F527A31F5E44D54C49B5E2] - [15/03/2019 05:50:06] - |A| - [1217024] - C:\Windows\system32\Windows.Networking.Vpn.dll [MD5.6AF9E448E6305FAD56FC9B9417B1C48D] - [15/03/2019 05:49:53] - |A| - [579584] - C:\Windows\system32\Windows.Payments.dll [MD5.7466B53D8141267FC62A96110A87A852] - [15/03/2019 05:51:03] - |A| - [840440] - C:\Windows\system32\Windows.Perception.Stub.dll [MD5.6522E312912EBAEB8B64F76758058A73] - [15/03/2019 05:50:10] - |A| - [837632] - C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll [MD5.1E0C32C48955E92042BFB9E3F38386F0] - [15/03/2019 05:49:45] - |A| - [1012120] - C:\Windows\system32\Windows.Services.TargetedContent.dll [MD5.22D189338E12AA0866036044CB19522F] - [15/03/2019 05:49:07] - |A| - [300032] - C:\Windows\system32\Windows.Sets.dll [MD5.B1059CFCFE303F9EAC7366A49B7C749F] - [15/03/2019 05:49:22] - |A| - [340480] - C:\Windows\system32\Windows.Shell.BlueLightReduction.dll [MD5.CDD63226F2EFAF5F213E17751E7E4E02] - [15/03/2019 05:49:06] - |A| - [59904] - C:\Windows\system32\Windows.Shell.Search.UriHandler.dll [MD5.BE3C0C7D5DD0CC6D02299D3B9B812F18] - [15/03/2019 05:50:30] - |A| - [4486400] - C:\Windows\system32\Windows.StateRepository.dll [MD5.1BF8BB97424C3458DA9EF96966882F22] - [15/03/2019 05:49:23] - |A| - [100248] - C:\Windows\system32\Windows.StateRepositoryBroker.dll [MD5.196829FE464FA2DC401B274829BF4204] - [15/03/2019 05:49:24] - |A| - [154520] - C:\Windows\system32\Windows.StateRepositoryClient.dll [MD5.72EA023C9B7EF1369171F38E844A4744] - [15/03/2019 05:49:56] - |A| - [1193192] - C:\Windows\system32\Windows.StateRepositoryPS.dll [MD5.CCB5C29676DB16A176A32CD05C75C146] - [15/03/2019 05:49:23] - |A| - [173568] - C:\Windows\system32\Windows.StateRepositoryUpgrade.dll [MD5.8BAB130CFD7C787524AC8F5F5E636FA6] - [15/03/2019 05:49:18] - |A| - [367344] - C:\Windows\system32\Windows.Storage.ApplicationData.dll [MD5.6BA01636F239C1C212286BEBC6762388] - [15/03/2019 05:50:48] - |A| - [7673112] - C:\Windows\system32\windows.storage.dll [MD5.386E9DCFBBDF183D7B011E8A77DE0AA7] - [15/03/2019 05:49:27] - |A| - [406528] - C:\Windows\system32\Windows.UI.BioFeedback.dll [MD5.019E34211A60C16502E4E58DA6189D25] - [15/03/2019 05:49:13] - |A| - [458752] - C:\Windows\system32\Windows.UI.BlockedShutdown.dll [MD5.3115BB3B89EB77C5C21FF320203AC56E] - [15/03/2019 05:49:54] - |A| - [599552] - C:\Windows\system32\Windows.UI.Core.TextInput.dll [MD5.30AC3659A576BDD90EEB7F95160AADCA] - [15/03/2019 05:50:06] - |A| - [1574912] - C:\Windows\system32\Windows.UI.Cred.dll [MD5.6D05B20136FB9E5B543D9343AD8A93A5] - [15/03/2019 05:50:15] - |A| - [1717760] - C:\Windows\system32\Windows.UI.Immersive.dll [MD5.0D0EDB59740BA3D0946EF2EE428AE638] - [15/03/2019 05:50:32] - |A| - [1666048] - C:\Windows\system32\Windows.UI.Input.Inking.dll [MD5.678C0128384DAB9E9ECC9200845FAC61] - [15/03/2019 05:50:21] - |A| - [2837504] - C:\Windows\system32\Windows.UI.Logon.dll [MD5.70CE72A1932A279F662015DFEE96BA80] - [15/03/2019 05:49:51] - |A| - [885248] - C:\Windows\system32\Windows.UI.Search.dll [MD5.98F78E9DF4C2B5B9A13523686EFCFA39] - [15/03/2019 05:49:19] - |A| - [2362368] - C:\Windows\system32\Windows.UI.Xaml.Controls.dll [MD5.7D6EBEE64D3567286BFBA0C7F0938129] - [15/03/2019 05:50:39] - |A| - [17168896] - C:\Windows\system32\Windows.UI.Xaml.dll [MD5.84D0CD807894E0610EFA4EFF7FEC937E] - [15/03/2019 05:49:34] - |A| - [987136] - C:\Windows\system32\Windows.UI.Xaml.InkControls.dll [MD5.BB3E9264D9F7748B764FD0BC27DE3C93] - [15/03/2019 05:50:00] - |A| - [1543680] - C:\Windows\system32\Windows.UI.Xaml.Maps.dll [MD5.B7CD47D5D74CB1703FDCBA61AC117BBD] - [15/03/2019 05:50:17] - |A| - [1341440] - C:\Windows\system32\Windows.UI.Xaml.Phone.dll [MD5.88AEBB1FB6558CE17D773D39C8E0CF23] - [15/03/2019 05:49:28] - |A| - [2890240] - C:\Windows\system32\Windows.UI.Xaml.Resources.dll [MD5.517447B8034B3059ADCE60B34787FE35] - [15/03/2019 05:49:37] - |A| - [167936] - C:\Windows\system32\Windows.UI.XamlHost.dll [MD5.313A07AE0E8C108E837106AA1474B5D5] - [15/03/2019 05:50:05] - |A| - [735744] - C:\Windows\system32\Windows.Web.dll [MD5.89BBDACC2E47560ED14A3E79226F1A88] - [15/03/2019 05:50:11] - |A| - [1757824] - C:\Windows\system32\WindowsCodecs.dll [MD5.381BB8EE313A4978548211BD3400A8C8] - [15/03/2019 05:50:14] - |A| - [32544344] - C:\Windows\system32\WindowsCodecsRaw.dll [MD5.609DB243039F5FF2BD303FAED31002FC] - [15/03/2019 05:49:58] - |A| - [903856] - C:\Windows\system32\winhttp.dll [MD5.DB640873D9E1C956F7C54BB96C3E8408] - [15/03/2019 05:48:59] - |A| - [97792] - C:\Windows\system32\winhttpcom.dll [MD5.B29057DDBF225608F9086E14C204DCF5] - [15/03/2019 05:51:13] - |A| - [4831744] - C:\Windows\system32\wininet.dll [MD5.8C6D9927870CB8B359C1A1C17EF8A6BA] - [15/03/2019 05:50:09] - |A| - [1416776] - C:\Windows\system32\winload.efi [MD5.D70E86CF94D114D9F7811A81A10F92AD] - [15/03/2019 05:50:06] - |A| - [1210688] - C:\Windows\system32\winload.exe [MD5.107DC6159F1939DC75D448A18929BBAD] - [15/03/2019 05:50:05] - |A| - [715776] - C:\Windows\system32\winlogon.exe [MD5.57EDC5930DCAB599EF96580A00245376] - [15/03/2019 05:50:20] - |A| - [1695136] - C:\Windows\system32\winmde.dll [MD5.AD95E816156C56F30988FCBD2181310D] - [15/03/2019 05:50:07] - |A| - [1092664] - C:\Windows\system32\winresume.efi [MD5.9E7B52F9039CCA5953E6AF3E66702964] - [15/03/2019 05:50:04] - |A| - [924552] - C:\Windows\system32\winresume.exe [MD5.501685CF63B38490997F979C6160A643] - [15/03/2019 05:49:36] - |A| - [243712] - C:\Windows\system32\WinSCard.dll [MD5.E3368BAE17EE8CD64CE69D5CC585196C] - [15/03/2019 05:48:59] - |A| - [288256] - C:\Windows\system32\winsku.dll [MD5.BD89989FF60994C9596F93ED7B9242DD] - [15/03/2019 05:49:31] - |A| - [532480] - C:\Windows\system32\winspool.drv [MD5.1CB60DF3661669C2E3E0762420E2AA0A] - [15/03/2019 05:48:58] - |A| - [66048] - C:\Windows\system32\winsrv.dll [MD5.CE9B82524C860899C34145D62CEB3997] - [15/03/2019 05:49:50] - |A| - [359968] - C:\Windows\system32\wintrust.dll [MD5.DB65C7BD067F68098EB1BA5720E872E9] - [15/03/2019 05:49:47] - |A| - [1269520] - C:\Windows\system32\WinTypes.dll [MD5.5C0F59B35D9B1725BF702048778A243B] - [15/03/2019 05:49:37] - |A| - [283648] - C:\Windows\system32\wisp.dll [MD5.F1CA14E0B00B1E4165E18DEFF50B0E1A] - [15/03/2019 05:49:02] - |A| - [31232] - C:\Windows\system32\wksprtPS.dll [MD5.F8097F90811E9BB10F5B96262399F3C7] - [15/03/2019 05:48:57] - |A| - [276480] - C:\Windows\system32\wkssvc.dll [MD5.ABE84FDE95C0CE0DE35B1C6122491265] - [15/03/2019 05:49:17] - |A| - [417440] - C:\Windows\system32\wlanapi.dll [MD5.CD1ED22F1328A4644ADBFADBD5DEE4A5] - [15/03/2019 05:49:02] - |A| - [477696] - C:\Windows\system32\wlangpui.dll [MD5.4CB7FF8E01D32BBBDC48B0ADF858F11B] - [15/03/2019 05:49:44] - |A| - [409600] - C:\Windows\system32\wlanmsm.dll [MD5.2639442CD9667E1CE8D1B258FDFC59B7] - [15/03/2019 05:51:13] - |A| - [461824] - C:\Windows\system32\wlansec.dll [MD5.800C7E7761EADC53AE6FC53DBA43F029] - [15/03/2019 05:50:07] - |A| - [2528768] - C:\Windows\system32\wlansvc.dll [MD5.5118946157DA262A20AD605D26048484] - [15/03/2019 05:49:48] - |A| - [358400] - C:\Windows\system32\Wldap32.dll [MD5.DA3DE0FC7DB57ACC02222C50E9D26D91] - [15/03/2019 05:49:42] - |A| - [91088] - C:\Windows\system32\wldp.dll [MD5.5F6AB4CB0B2C64822208D999EEF69B9C] - [15/03/2019 05:49:11] - |A| - [117248] - C:\Windows\system32\wlgpclnt.dll [MD5.BC8ABFDCFF9AB1ECC868BAB16F7AD0F1] - [15/03/2019 05:49:38] - |A| - [715776] - C:\Windows\system32\wlidcli.dll [MD5.23C0F1BAAC79D2F34561F6BC270A9102] - [15/03/2019 05:49:55] - |A| - [682496] - C:\Windows\system32\wlidprov.dll [MD5.717FE96AE0988B1F443EED06E6A703D4] - [15/03/2019 05:50:24] - |A| - [2223616] - C:\Windows\system32\wlidsvc.dll [MD5.D0F4EAF68D216156A911E9D3015ACBB6] - [15/03/2019 05:48:56] - |A| - [29184] - C:\Windows\system32\wmiprop.dll [MD5.C6B106FB81A4C6755D6EBC0141D3F8E4] - [15/03/2019 05:51:08] - |A| - [13713920] - C:\Windows\system32\wmp.dll [MD5.728E78BDDB6D115A4C11CED174D4F59B] - [15/03/2019 05:49:45] - |A| - [284744] - C:\Windows\system32\wmpeffects.dll [MD5.A8B89B7D42467B23ED713EEBC3790CC6] - [15/03/2019 05:49:27] - |A| - [387536] - C:\Windows\system32\wmpps.dll [MD5.CFAF1A187A37E2B0BBEB73100A39E2DF] - [15/03/2019 05:49:32] - |A| - [128000] - C:\Windows\system32\wmpshell.dll [MD5.D87BDF0ECDFDC74E74D8D0300C76AB4D] - [15/03/2019 05:49:30] - |A| - [433152] - C:\Windows\system32\WMVSENCD.DLL [MD5.CB2CF8CC2BE0857C2AA4D5B717BEEB1B] - [15/03/2019 05:49:36] - |A| - [624640] - C:\Windows\system32\WMVXENCD.DLL [MD5.5E3CFD7740D761E028D65F2E6F286CF2] - [15/03/2019 05:49:06] - |A| - [40448] - C:\Windows\system32\WordBreakers.dll [MD5.950807F3EDFE221145C0C728166186F6] - [15/03/2019 05:49:50] - |A| - [319976] - C:\Windows\system32\wow64.dll [MD5.81A946965FEE1491B18F0CDE0293F73F] - [15/03/2019 05:49:19] - |A| - [22512] - C:\Windows\system32\wow64cpu.dll [MD5.DAAB6F7B679723ED909CDF0F7F1B4DE9] - [15/03/2019 05:49:31] - |A| - [403968] - C:\Windows\system32\WpAXHolder.dll [MD5.D7A7D4E50DE332D86A1C12C968461170] - [15/03/2019 05:50:08] - |A| - [1669120] - C:\Windows\system32\Wpc.dll [MD5.7A05F72D87E1D4F56790403635338897] - [15/03/2019 05:49:23] - |A| - [190976] - C:\Windows\system32\WpcApi.dll [MD5.9E5C0CF5F7205A8E9FB172AA1628A300] - [15/03/2019 05:49:53] - |A| - [1430672] - C:\Windows\system32\WpcMon.exe [MD5.DA7E0AA9FB34DAEC76C5ABCDB7C02DE2] - [15/03/2019 05:49:40] - |A| - [911360] - C:\Windows\system32\WpcRefreshTask.dll [MD5.70BF5B3A7AFCC9C1CF372F157E849F4C] - [15/03/2019 05:49:23] - |A| - [235008] - C:\Windows\system32\WpcTok.exe [MD5.2397D864D2235605CB106DF1DEDD99F9] - [15/03/2019 05:49:37] - |A| - [908800] - C:\Windows\system32\WpcWebFilter.dll [MD5.DFA27421D9B3CFDEA3E89D9B86332C95] - [15/03/2019 05:49:33] - |A| - [82944] - C:\Windows\system32\wpdbusenum.dll [MD5.475E167E34D22C1FA32E875FEBB9B1E1] - [15/03/2019 05:49:23] - |A| - [223232] - C:\Windows\system32\wpd_ci.dll [MD5.A78769FF8F3149A547671930EB02F77D] - [15/03/2019 05:49:49] - |A| - [1249792] - C:\Windows\system32\wpnapps.dll [MD5.907563F68600792E0D0C03D9EF5F06F8] - [15/03/2019 05:50:03] - |A| - [1760768] - C:\Windows\system32\wpncore.dll [MD5.B9E8DB8F151A0BDE50DF3F053EE3F992] - [15/03/2019 05:49:07] - |A| - [565248] - C:\Windows\system32\wpnprv.dll [MD5.DD130AE4DA21FF158A0EFB74CF475407] - [15/03/2019 05:48:57] - |A| - [172544] - C:\Windows\system32\WPTaskScheduler.dll [MD5.AAA232FF889B1B0CB053ABFE634429D3] - [15/03/2019 05:49:21] - |A| - [292384] - C:\Windows\system32\wscapi.dll [MD5.D14AACF9DA196365D77BD2809B82FE76] - [15/03/2019 05:49:05] - |A| - [18944] - C:\Windows\system32\wscproxystub.dll [MD5.C23775D8D4013B6950A70BA1D5EAF958] - [15/03/2019 05:49:32] - |A| - [164864] - C:\Windows\system32\wscript.exe [MD5.95E6DA58562C14947935B1C5D393A7F0] - [15/03/2019 05:49:06] - |A| - [246784] - C:\Windows\system32\wscsvc.dll [MD5.1D4727DC5B1C796553C2CA2FE05A556F] - [15/03/2019 05:48:57] - |A| - [568832] - C:\Windows\system32\WSDMon.dll [MD5.EC780BC2CBF403F4D86F8C8B93B71980] - [15/03/2019 05:49:13] - |A| - [1472000] - C:\Windows\system32\wsecedit.dll [MD5.B2A6401E9AD3AC4949C43575EDB8E0DB] - [15/03/2019 05:49:14] - |A| - [18680] - C:\Windows\system32\wshhyperv.dll [MD5.A0C15290E3F9A626A6A013AC65490CA2] - [15/03/2019 05:49:04] - |A| - [140800] - C:\Windows\system32\wshom.ocx [MD5.396D7399BF825F048E801B47C7CF669A] - [15/03/2019 05:49:08] - |A| - [62976] - C:\Windows\system32\wsnmp32.dll [MD5.46EED421A140F4223AAEE5D927E83216] - [15/03/2019 05:50:01] - |A| - [2053120] - C:\Windows\system32\wsp_fs.dll [MD5.126A4A82299609ABD5FEB7DAB44F9D10] - [15/03/2019 05:49:55] - |A| - [1785856] - C:\Windows\system32\wsp_health.dll [MD5.6A91D8A1F1C7351FAA452038CDC65DFA] - [15/03/2019 05:49:58] - |A| - [1055744] - C:\Windows\system32\wuapi.dll [MD5.E56EF8F5124E6FEB100C06EA3871A275] - [15/03/2019 05:47:43] - |A| - [48112] - C:\Windows\system32\wuauclt.exe [MD5.F7CED99454DE77E7271843CB9A2367BF] - [15/03/2019 05:51:16] - |A| - [2785280] - C:\Windows\system32\wuaueng.dll [MD5.BFAAA171876487DE2B75005A5F033F58] - [15/03/2019 05:47:02] - |A| - [57856] - C:\Windows\system32\wuautoappupdate.dll [MD5.3882D1DE41AD201B9C965A3A342412A8] - [15/03/2019 05:48:07] - |A| - [84480] - C:\Windows\system32\wudriver.dll [MD5.477DB6D457C68B11ECEDE9132AF5D9B0] - [15/03/2019 05:49:04] - |A| - [65024] - C:\Windows\system32\wups.dll [MD5.F1A2986BCEE443E14FB1D96FC93A2B6A] - [15/03/2019 05:49:13] - |A| - [33792] - C:\Windows\system32\wups2.dll [MD5.94731FE25985BDB4D1EFAA5F00801256] - [15/03/2019 05:51:22] - |A| - [462336] - C:\Windows\system32\wuuhext.dll [MD5.94AAF41E035013F1F3FB2321F9DAADF4] - [15/03/2019 05:49:30] - |A| - [170496] - C:\Windows\system32\wuuhosdeployment.dll [MD5.73720F99270A725E233924B4EC3B1465] - [15/03/2019 05:49:49] - |A| - [354304] - C:\Windows\system32\WwaApi.dll [MD5.22D04AA8D16D2511F25272CA056BCF4E] - [15/03/2019 05:49:46] - |A| - [893456] - C:\Windows\system32\WWAHost.exe [MD5.30C3502F292F05ADD3414CCB08635F9B] - [15/03/2019 05:49:53] - |A| - [549552] - C:\Windows\system32\WWanAPI.dll [MD5.02DCDAE63AB343418D7420D481FE839C] - [15/03/2019 05:50:11] - |A| - [1424896] - C:\Windows\system32\wwansvc.dll [MD5.22C33A1B30BCD0592ED357A4374C59A0] - [15/03/2019 05:49:20] - |A| - [94080] - C:\Windows\system32\wwapi.dll [MD5.59B2BBFC7157DE301DB2CA58C43F8B92] - [15/03/2019 05:50:27] - |A| - [4496896] - C:\Windows\system32\xpsrchvw.exe [MD5.79DF0E3B8597D8F6998BAF9A3E70DBD5] - [15/03/2019 05:49:33] - |A| - [386560] - C:\Windows\system32\zipfldr.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2019 14:34:40] - |A| - [0] - C:\Windows\system32\Drivers\144D_SAMSUNG_na_Galaxy Book 12_P04H.mrk [MD5.334BAC25FE297342B119730E699B826C] - [15/03/2019 05:50:00] - |A| - [733592] - C:\Windows\system32\Drivers\acpi.sys [MD5.66E7F43C756AB790475161C1B7E7937D] - [15/03/2019 05:49:24] - |A| - [614200] - C:\Windows\system32\Drivers\afd.sys [MD5.DCE606F0E15E0FB75ECC02EBB3DEFA9C] - [15/03/2019 05:49:06] - |A| - [240640] - C:\Windows\system32\Drivers\ahcache.sys [MD5.654824DF0CE32C9D274C1943DEB19AEA] - [15/03/2019 05:49:23] - |A| - [180736] - C:\Windows\system32\Drivers\amdk8.sys [MD5.12C4246CE1B769B720BE0848F75AB4C1] - [15/03/2019 05:49:32] - |A| - [178688] - C:\Windows\system32\Drivers\amdppm.sys [MD5.B822E27AF26BD01DAE2043A03BB40504] - [15/03/2019 05:49:34] - |A| - [192416] - C:\Windows\system32\Drivers\appid.sys [MD5.09C01FC2138C0FB761329804E518C4FC] - [15/03/2019 05:30:54] - |A| - [37320] - C:\Windows\system32\Drivers\aswArDisk.sys [MD5.A3AF4A4FA6CBA27284F8289436C2F074] - [15/03/2019 05:30:54] - |A| - [205608] - C:\Windows\system32\Drivers\aswArPot.sys [MD5.E525ABD22FA957922A531F589B99F080] - [15/03/2019 05:30:53] - |A| - [254408] - C:\Windows\system32\Drivers\aswbidsdriver.sys [MD5.AC278D0CEFDA171454DC48D30041BFFD] - [15/03/2019 05:30:53] - |A| - [196304] - C:\Windows\system32\Drivers\aswbidsh.sys [MD5.B31E571256A3E633A35262E6B7C33277] - [15/03/2019 05:30:53] - |A| - [320904] - C:\Windows\system32\Drivers\aswblog.sys [MD5.3F6D4EA88CE585FFEC4AA686BD76273F] - [15/03/2019 05:30:53] - |A| - [58168] - C:\Windows\system32\Drivers\aswbuniv.sys [MD5.51EAD3FF390326279C353D871F1EB0C1] - [15/03/2019 05:30:54] - |A| - [15488] - C:\Windows\system32\Drivers\aswElam.sys [MD5.70E130BBF054EBC419B480347CA073A8] - [15/03/2019 05:30:54] - |A| - [249152] - C:\Windows\system32\Drivers\aswHdsKe.sys [MD5.E806A0DE7F5A63B3483C03E8BDD082EB] - [15/03/2019 05:30:54] - |A| - [42496] - C:\Windows\system32\Drivers\aswKbd.sys [MD5.36ED05FEB52E576F8BF732A2A0299946] - [15/03/2019 05:30:54] - |A| - [169104] - C:\Windows\system32\Drivers\aswMonFlt.sys [MD5.9C9F2D853E37CB6AC8AAA2E370ADCDC9] - [15/03/2019 05:30:54] - |A| - [112520] - C:\Windows\system32\Drivers\aswRdr2.sys [MD5.B95D1E1D3396632216CB9EE8700BB5A5] - [15/03/2019 05:30:54] - |A| - [88152] - C:\Windows\system32\Drivers\aswRvrt.sys [MD5.3F71FFEFD3C6D5B9271C1278911864F6] - [15/03/2019 05:30:54] - |A| - [1034640] - C:\Windows\system32\Drivers\aswSnx.sys [MD5.F925AF0153444FBDA28E10B87B7B4E06] - [15/03/2019 05:30:54] - |A| - [476256] - C:\Windows\system32\Drivers\aswSP.sys [MD5.67779F2101A8157C4FFED2FE113523E3] - [15/03/2019 05:30:54] - |A| - [220632] - C:\Windows\system32\Drivers\aswStm.sys [MD5.CCF5E79EE37B6FDEF509E1C609DCE8C1] - [15/03/2019 05:30:54] - |A| - [380160] - C:\Windows\system32\Drivers\aswVmm.sys [MD5.B173197D8F7801F2225A357B166F264D] - [15/03/2019 05:49:17] - |A| - [194456] - C:\Windows\system32\Drivers\ataport.sys [MD5.B33105421D8B1405CDC1C71389AFEFFA] - [15/03/2019 04:49:47] - |A| - [57624] - C:\Windows\system32\Drivers\AthrBT_0x00000300.dfu [MD5.436FB5F9872186A1E888B1064D675B17] - [15/03/2019 04:49:47] - |A| - [64168] - C:\Windows\system32\Drivers\AthrBT_0x00000302.dfu [MD5.5016FB403AB29A3159EBA08905E2AB61] - [15/03/2019 04:49:47] - |A| - [62948] - C:\Windows\system32\Drivers\AthrBT_TF_0x00000302.dfu [MD5.3CC12A09AE7293F4CD1688117B46B9BB] - [15/03/2019 05:49:24] - |A| - [59808] - C:\Windows\system32\Drivers\bam.sys [MD5.FAFAEDFC7CAFD8B8FADA6A81BAF92E3A] - [15/03/2019 05:51:25] - |A| - [34816] - C:\Windows\system32\Drivers\BasicRender.sys [MD5.CADE9022115860DC170C19BB5D953FF3] - [15/03/2019 04:56:12] - |A| - [129184] - C:\Windows\system32\Drivers\BcmGnssBus.sys [MD5.355D162E52819C19396FB01A8E005A1F] - [15/03/2019 05:48:59] - |A| - [10240] - C:\Windows\system32\Drivers\beep.sys [MD5.66D86C5509929E26A5896EA56966DC78] - [15/03/2019 04:50:08] - |A| - [199544] - C:\Windows\system32\Drivers\bhtpcrdr.sys [MD5.CBD250252D5152064B3C0366BF42CF5E] - [15/03/2019 05:49:19] - |A| - [101888] - C:\Windows\system32\Drivers\bowser.sys [MD5.EAF76A54383F7F13E90DA081C06A35F3] - [15/03/2019 05:49:25] - |A| - [116736] - C:\Windows\system32\Drivers\bridge.sys [MD5.8E1D70E7778202D82A82E0E6710B827A] - [15/03/2019 05:49:29] - |A| - [129536] - C:\Windows\system32\Drivers\bthpan.sys [MD5.9FE6899D354BE916E1B37FA6121DDF7B] - [15/03/2019 05:51:14] - |A| - [1015296] - C:\Windows\system32\Drivers\bthport.sys [MD5.03BB051642FC5A8186FCD2BA693F2C19] - [15/03/2019 05:49:12] - |A| - [93184] - C:\Windows\system32\Drivers\cdfs.sys [MD5.7DC141311B1DF9FA162711BBA8990ACC] - [15/03/2019 05:49:25] - |A| - [159744] - C:\Windows\system32\Drivers\cdrom.sys [MD5.CE46F05E36B2C0A667FEB7CC30022E99] - [15/03/2019 05:49:50] - |A| - [385536] - C:\Windows\system32\Drivers\cldflt.sys [MD5.F2B55209327431954BA0700B87148C86] - [15/03/2019 05:51:25] - |A| - [373656] - C:\Windows\system32\Drivers\clfs.sys [MD5.ECDEF8A4EFD0C3AC76FD0D4CF7EEACA2] - [20/03/2019 13:01:07] - |A| - [17944] - C:\Windows\system32\Drivers\cmdboot.sys [MD5.419679B07459AE41BED0EA733702E960] - [20/03/2019 13:00:09] - |A| - [125000] - C:\Windows\system32\Drivers\cmdcss.sys [MD5.FFD0E46512B5BE00184B0DCC6F60AFCA] - [15/03/2019 05:50:22] - |A| - [677184] - C:\Windows\system32\Drivers\cng.sys [MD5.4AFE2DC916208912D4172B74759BC796] - [15/03/2019 04:50:22] - |A| - [1213432] - C:\Windows\system32\Drivers\css_fw.bin [MD5.6B47A9A309BC407C4114D439F4CB7839] - [15/03/2019 05:06:04] - |A| - [97200] - C:\Windows\system32\Drivers\Data61x4_2_2.msc [MD5.D7E6591F3D2B9FB5C4F0D05D5CF3A9F8] - [15/03/2019 05:49:35] - |A| - [150528] - C:\Windows\system32\Drivers\dfsc.sys [MD5.8C7FF86607E367E6319F7F637115D665] - [15/03/2019 05:49:16] - |A| - [94104] - C:\Windows\system32\Drivers\disk.sys [MD5.804480F177952A3B75B7AEDE79BDFF01] - [15/03/2019 05:49:14] - |A| - [38808] - C:\Windows\system32\Drivers\Diskdump.sys [MD5.64009621AAF4BC6626BC1A623A26FAD1] - [15/03/2019 05:49:02] - |A| - [46592] - C:\Windows\system32\Drivers\dmvsc.sys [MD5.5AA448099BECCD500382A98D01348E61] - [25/03/2019 23:04:45] - |A| - [76608] - C:\Windows\system32\Drivers\dokan.sys [MD5.FC1075485CEBFC2EE39CA12AC1FB9CA2] - [15/03/2019 04:50:22] - |A| - [243016] - C:\Windows\system32\Drivers\dsp_fw_release.bin [MD5.212FA255A8E4BE45855CB675F83E4BC1] - [15/03/2019 04:50:22] - |A| - [12288] - C:\Windows\system32\Drivers\dsp_fw_release_7CAD0808-AB10-CD23-EF45-12AB34CD56EF.bin [MD5.47E729643369871A55E6FC88E1CBC49B] - [15/03/2019 05:49:23] - |A| - [91152] - C:\Windows\system32\Drivers\dumpfve.sys [MD5.895AE5D7784FA170505971B49D8C9158] - [15/03/2019 05:51:27] - |A| - [187296] - C:\Windows\system32\Drivers\dumpsd.sys [MD5.198277EABE39BF31B0E46108D62292FF] - [15/03/2019 05:49:05] - |A| - [25600] - C:\Windows\system32\Drivers\Dumpstorport.sys [MD5.AB30AE773EF04C1A59C08F03B039B924] - [17/03/2019 05:37:48] - |A| - [2220] - C:\Windows\system32\Drivers\dump_cmd_history.log [MD5.C4E8D6CD22BB45B35B88C9F1105DAA90] - [15/03/2019 05:51:20] - |A| - [2567168] - C:\Windows\system32\Drivers\dxgkrnl.sys [MD5.40B77D73F0905CFB8380464C96C8E336] - [15/03/2019 05:49:48] - |A| - [409088] - C:\Windows\system32\Drivers\dxgmms1.sys [MD5.AC327BD7641E63FB779124C58021765C] - [15/03/2019 05:50:05] - |A| - [749368] - C:\Windows\system32\Drivers\dxgmms2.sys [MD5.4521B54D93433E772071666E52CB5B90] - [15/03/2019 05:49:15] - |A| - [354304] - C:\Windows\system32\Drivers\exfat.sys [MD5.32ABC203BAF146E09B92E78C4B950E0B] - [15/03/2019 05:49:27] - |A| - [371512] - C:\Windows\system32\Drivers\fastfat.sys [MD5.A3A815FE2A0C6CBA826535163E41D7C8] - [17/03/2019 05:37:47] - |A| - [1107] - C:\Windows\system32\Drivers\firmware_assert.log [MD5.ECD2030E78AF8D696A2E59796CA0B798] - [15/03/2019 05:49:36] - |A| - [398744] - C:\Windows\system32\Drivers\fltMgr.sys [MD5.0425D9D2A679060CC9755449779FBA54] - [15/03/2019 05:49:25] - |A| - [62880] - C:\Windows\system32\Drivers\fsdepends.sys [MD5.B962036CAADC05E466FEB165E0974587] - [15/03/2019 05:49:14] - |A| - [34208] - C:\Windows\system32\Drivers\fs_rec.sys [MD5.E69DD852F5D8B6E74A6014C01FD094B9] - [15/03/2019 05:50:01] - |A| - [727352] - C:\Windows\system32\Drivers\fvevol.sys [MD5.335DA41444F480C1BEF1B7431C520A77] - [25/03/2019 23:50:41] - |A| - [12560] - C:\Windows\system32\Drivers\fvstore.dat [MD5.96D281D570176875D1AC71A33BBC27B1] - [17/03/2019 05:37:48] - |A| - [98304] - C:\Windows\system32\Drivers\fwdump_ar6320v3_axi1.log [MD5.23BB41A7B0AAFB3C330F803C5E180DE4] - [17/03/2019 05:37:48] - |A| - [688128] - C:\Windows\system32\Drivers\fwdump_ar6320v3_dram.log [MD5.8888C0C7ECE7DA7B41B856900202F881] - [17/03/2019 05:37:48] - |A| - [524288] - C:\Windows\system32\Drivers\fwdump_ar6320v3_iram.log [MD5.2517142001EE4220608536B8B7E9B7CA] - [17/03/2019 05:37:47] - |A| - [522272] - C:\Windows\system32\Drivers\fwdump_ar6320v3_reg.log [MD5.6FEC9E68D15F08535C78F1F195BF6D33] - [17/03/2019 05:37:48] - |A| - [1956] - C:\Windows\system32\Drivers\fwdump_ce_reg.log [MD5.9B94B86C4FEF300FFD4107D6AF784562] - [17/03/2019 05:37:47] - |A| - [240] - C:\Windows\system32\Drivers\fwdump_cpu_ctx.log [MD5.676DDED9855BDE7097CE58E7506B5CAE] - [15/03/2019 05:49:19] - |A| - [441248] - C:\Windows\system32\Drivers\FWPKCLNT.SYS [MD5.582578F031109BE65C15E1D8A45BA547] - [15/03/2019 05:48:58] - |A| - [8192] - C:\Windows\system32\Drivers\gpuenergydrv.sys [MD5.13B124DF8C029832ED67A5A7057D2966] - [15/03/2019 05:49:26] - |A| - [46080] - C:\Windows\system32\Drivers\hidparse.sys [MD5.70D0246F6A4C67F71363EC65E07CCBAE] - [17/03/2019 05:37:49] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_116930093.log [MD5.16A36D3261DF0E33F469B898F1C41B7A] - [22/03/2019 08:14:31] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_178802734.log [MD5.465640655420A50E64BFF27C422CCF4E] - [22/03/2019 08:29:01] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_179672437.log [MD5.C09CD149F4EFCD38AC001B111740E93E] - [22/03/2019 08:43:29] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_180540812.log [MD5.C03ECE9A0A3A3DB23352541CFBFBCC0E] - [22/03/2019 09:12:31] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_182282015.log [MD5.7C9C2E1637E2DAF85C75E9868FAA6C76] - [22/03/2019 09:27:01] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_183152421.log [MD5.B15B1EDBB16E88D338C3C8F4A1DE5555] - [22/03/2019 09:55:58] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_184889671.log [MD5.34626155E19D4DB3DD16FBB611340800] - [21/03/2019 08:04:30] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_91801656.log [MD5.35F1FA08AF3177C5297664D664263753] - [15/03/2019 05:49:51] - |A| - [1101624] - C:\Windows\system32\Drivers\http.sys [MD5.19F47BC54BDF101B38600C06936336EF] - [15/03/2019 05:49:23] - |A| - [75784] - C:\Windows\system32\Drivers\hvservice.sys [MD5.66710EB477D6FADE86B61C9BA9765DB9] - [15/03/2019 05:49:19] - |A| - [129432] - C:\Windows\system32\Drivers\hvsocket.sys [MD5.E3BDE6C567ED5CD7B15B2E522C120D02] - [15/03/2019 05:49:01] - |A| - [16896] - C:\Windows\system32\Drivers\hyperkbd.sys [MD5.1D7BBC4C6F33A4A6189AEA1509615DF9] - [15/03/2019 05:49:00] - |A| - [28160] - C:\Windows\system32\Drivers\HyperVideo.sys [MD5.12E538BA534F70A5D60437726B44145C] - [15/03/2019 04:50:40] - |A| - [2410368] - C:\Windows\system32\Drivers\iacamera64.sys [MD5.473D483EF010EE979F6B9306A79C9222] - [15/03/2019 04:50:40] - |A| - [179792] - C:\Windows\system32\Drivers\iactrllogic64.sys [MD5.FB514FC05E409D407C9B3D0398D3ECC0] - [15/03/2019 04:55:07] - |A| - [1018032] - C:\Windows\system32\Drivers\iaStorAC.sys [MD5.96B59E21B1D54BFA79787F33230ACFB8] - [15/03/2019 04:50:41] - |A| - [145360] - C:\Windows\system32\Drivers\imx241.sys [MD5.AE29B00FB26F8A621AFC01762A35130D] - [15/03/2019 04:50:23] - |A| - [131248] - C:\Windows\system32\Drivers\IMX241_FN50FF-562H_SKY_pipeCfg.bin [MD5.178BA728DAECB35B5772BA02FCCC48AD] - [15/03/2019 04:50:41] - |A| - [138384] - C:\Windows\system32\Drivers\imx258.sys [MD5.FB61F36529199C6051126B272BA07BB6] - [15/03/2019 04:50:23] - |A| - [1108688] - C:\Windows\system32\Drivers\IMX258_START2REAR_SKY_pipeCfg.bin [MD5.688D95B6C2986603EE8A0E5351FFC98F] - [15/03/2019 04:50:41] - |A| - [770600] - C:\Windows\system32\Drivers\IntcOED.sys [MD5.E05247CDC6F9E6C5C1F92CA4BF59D649] - [15/03/2019 05:49:22] - |A| - [130600] - C:\Windows\system32\Drivers\intelpep.sys [MD5.7344528DFD4484CF86F36E24E7CB59B1] - [15/03/2019 05:49:31] - |A| - [199168] - C:\Windows\system32\Drivers\intelppm.sys [MD5.BF933330256DEDAFA939BEBC46D060C7] - [15/03/2019 05:49:02] - |A| - [119808] - C:\Windows\system32\Drivers\irda.sys [MD5.A3B7A93F32E110949CA01DDE7C6B991B] - [15/03/2019 05:49:14] - |A| - [22936] - C:\Windows\system32\Drivers\isapnp.sys [MD5.0BEB78AC69A1E8B77FE407CF5BE9DB1E] - [20/03/2019 13:00:45] - |A| - [63256] - C:\Windows\system32\Drivers\isedrv.sys [MD5.BF0E0B7DE4E9BC8E0515779F66ACA853] - [15/03/2019 09:28:33] - |A| - [161408] - C:\Windows\system32\Drivers\KeyCrypt64.sys [MD5.5CEC554765156FC7E534D8D640D98AE0] - [15/03/2019 05:49:36] - |A| - [394752] - C:\Windows\system32\Drivers\ks.sys [MD5.1D0BCBD3BFFCB16C3C033938211382E7] - [15/03/2019 05:50:44] - |A| - [138768] - C:\Windows\system32\Drivers\ksecdd.sys [MD5.4A466AEA66978648088B0019FCE9F89D] - [15/03/2019 05:49:31] - |A| - [170808] - C:\Windows\system32\Drivers\ksecpkg.sys [MD5.56B6326B15A14043C82ED9EA3B817E2C] - [15/03/2019 05:49:03] - |A| - [65024] - C:\Windows\system32\Drivers\lltdio.sys [MD5.8209AC7D3F8AF41E3A14D022CD1F2040] - [15/03/2019 05:49:17] - |A| - [103320] - C:\Windows\system32\Drivers\mountmgr.sys [MD5.919839EEEFE4DA2BFF8D236A17306F00] - [15/03/2019 05:49:21] - |A| - [75776] - C:\Windows\system32\Drivers\mpsdrv.sys [MD5.DAFBC585B0EE92CE047219778C033A17] - [15/03/2019 05:49:26] - |A| - [143872] - C:\Windows\system32\Drivers\mrxdav.sys [MD5.E1A004C870BFE8021AE0174F0FD4B259] - [15/03/2019 05:49:54] - |A| - [494592] - C:\Windows\system32\Drivers\mrxsmb.sys [MD5.53E44A855B6EB8D83B5DE147193F9AD5] - [15/03/2019 05:51:21] - |A| - [285696] - C:\Windows\system32\Drivers\mrxsmb10.sys [MD5.2161BD866271E678B97A46AA3EFC78DD] - [15/03/2019 05:50:08] - |A| - [230200] - C:\Windows\system32\Drivers\mrxsmb20.sys [MD5.70F6376E82A58774C2F89B22D049AE0B] - [15/03/2019 05:49:12] - |A| - [31232] - C:\Windows\system32\Drivers\msfs.sys [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2019 22:42:48] - |AH| - [0] - C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf [MD5.13BAA9B1970343AE7B7028B611E52133] - [15/03/2019 05:49:39] - |A| - [279968] - C:\Windows\system32\Drivers\msiscsi.sys [MD5.804A1E2A1ADCB6ED07E2FF63F18D54A8] - [15/03/2019 05:49:16] - |A| - [33280] - C:\Windows\system32\Drivers\mskssrv.sys [MD5.71742A35608B336411E1F1FFBD03616F] - [15/03/2019 05:49:26] - |A| - [377656] - C:\Windows\system32\Drivers\msrpc.sys [MD5.DD673D9422457EFCCDEE45C73C0DF241] - [15/03/2019 05:49:17] - |A| - [123800] - C:\Windows\system32\Drivers\mup.sys [MD5.C80B48A76224CA80CFAB2C341C29C96B] - [15/03/2019 05:49:36] - |A| - [1277968] - C:\Windows\system32\Drivers\ndis.sys [MD5.E9676E94DEA144259344A15D68785B17] - [15/03/2019 05:49:02] - |A| - [65024] - C:\Windows\system32\Drivers\ndisuio.sys [MD5.8ABF5B8D5839F8DAE2E0D3165AE732F6] - [15/03/2019 05:49:16] - |A| - [62976] - C:\Windows\system32\Drivers\ndproxy.sys [MD5.80475A12D4AA90937CE69265BAFA993F] - [15/03/2019 05:49:18] - |A| - [57760] - C:\Windows\system32\Drivers\netbios.sys [MD5.E258CE8B8053518AF47610BC0486E915] - [15/03/2019 05:49:25] - |A| - [316928] - C:\Windows\system32\Drivers\netbt.sys [MD5.6842DCD883B41E60C62729B66955E54F] - [15/03/2019 05:49:54] - |A| - [537600] - C:\Windows\system32\Drivers\netio.sys [MD5.8AED8AF4CBF661E82CF74CBF198B0C56] - [15/03/2019 05:49:30] - |A| - [192512] - C:\Windows\system32\Drivers\netvsc.sys [MD5.94ADC3DC91478B67723BDBAD3DDA9101] - [15/03/2019 05:49:25] - |A| - [73728] - C:\Windows\system32\Drivers\npfs.sys [MD5.201F3764A379001168DFB2B90F7C1E57] - [15/03/2019 05:49:03] - |A| - [44544] - C:\Windows\system32\Drivers\nsiproxy.sys [MD5.B38E30B22AD57B71749E261A74F167DB] - [15/03/2019 05:51:13] - |A| - [2394640] - C:\Windows\system32\Drivers\ntfs.sys [MD5.6D8A287B88F76EB47ACC6BF8E318E1FD] - [15/03/2019 05:48:58] - |A| - [7168] - C:\Windows\system32\Drivers\null.sys [MD5.C749DA8C4B8F4DCABF61651B65938E69] - [15/03/2019 05:51:12] - |A| - [529408] - C:\Windows\system32\Drivers\nwifi.sys [MD5.681E8A68C13253D23B93953FDE569120] - [15/03/2019 05:49:39] - |A| - [166304] - C:\Windows\system32\Drivers\partmgr.sys [MD5.87B874DB35D134324C21A3B2A92BD14D] - [15/03/2019 05:49:55] - |A| - [363536] - C:\Windows\system32\Drivers\pci.sys [MD5.6F55F5AD830F8EA1D37ED23A0CBD7112] - [15/03/2019 05:49:17] - |A| - [53152] - C:\Windows\system32\Drivers\pcw.sys [MD5.7D9F4EB1450CFB32D708BF943C170475] - [15/03/2019 05:49:03] - |A| - [723968] - C:\Windows\system32\Drivers\PEAuth.sys [MD5.C009BE61D95CAD5F999D0F4785AEFB7B] - [15/03/2019 05:49:32] - |A| - [177664] - C:\Windows\system32\Drivers\processr.sys [MD5.3AF12A2C0142A9CD5F136012AFA06AE1] - [15/03/2019 05:06:01] - |A| - [1089632] - C:\Windows\system32\Drivers\qca61x4_2_2.bin [MD5.07D8BF4B5744F5F8E891588E73406901] - [15/03/2019 04:49:47] - |A| - [1859] - C:\Windows\system32\Drivers\ramps_0x00000200_48.dfu [MD5.5953E08D660E69C47C562F1B9B2B32DF] - [15/03/2019 04:49:47] - |A| - [1890] - C:\Windows\system32\Drivers\ramps_0x00000300_48.dfu [MD5.DC028F49652F4D17B951F440A5576ED0] - [15/03/2019 04:49:47] - |A| - [1890] - C:\Windows\system32\Drivers\ramps_0x00000300_48_NFA435_10db.dfu [MD5.7A86618CA07A6C9CD998040DDC7C320C] - [15/03/2019 04:49:47] - |A| - [1996] - C:\Windows\system32\Drivers\ramps_0x00000302_48.dfu [MD5.1AC4B82E4032024B93C6D23AC448338D] - [15/03/2019 04:49:47] - |A| - [1996] - C:\Windows\system32\Drivers\ramps_0x00000302_48_NFA354A_10db.dfu [MD5.7CF9306F281E45A1244C48A1E61B55D3] - [15/03/2019 04:49:47] - |A| - [2020] - C:\Windows\system32\Drivers\ramps_0x00000302_48_tx8.dfu [MD5.3FC0599A2C17BBD47A12D76B97AB6AD6] - [15/03/2019 04:49:47] - |A| - [1996] - C:\Windows\system32\Drivers\ramps_TF_0x00000302_48.dfu [MD5.90CBBD24C872B35D220175D296A26896] - [15/03/2019 04:49:47] - |A| - [1996] - C:\Windows\system32\Drivers\ramps_TF_0x00000302_48_NFA435_10dbm.dfu [MD5.BD6EF1748DC3DBACEC97B87B6252AAC7] - [15/03/2019 05:49:00] - |A| - [17920] - C:\Windows\system32\Drivers\rasacd.sys [MD5.AACA74DEF7BE3DED322411787494878B] - [15/03/2019 05:49:30] - |A| - [97280] - C:\Windows\system32\Drivers\raspptp.sys [MD5.A63A038ADA3D316E0255A1529BC0044A] - [15/03/2019 05:51:24] - |A| - [428048] - C:\Windows\system32\Drivers\rdbss.sys [MD5.9D7E65A15478944836C353B556F9CB87] - [15/03/2019 05:49:02] - |A| - [27136] - C:\Windows\system32\Drivers\rdpbus.sys [MD5.3F091F69F7D595C04229DDA0C55D59A6] - [15/03/2019 05:49:26] - |A| - [182784] - C:\Windows\system32\Drivers\rdpdr.sys [MD5.A4C3DC6530752AF3C78DAAC8B2B23EA7] - [15/03/2019 05:49:18] - |A| - [282528] - C:\Windows\system32\Drivers\rdyboost.sys [MD5.E6DE6B3BE8743E5817943035C83183BA] - [15/03/2019 05:49:37] - |A| - [1849872] - C:\Windows\system32\Drivers\refs.sys [MD5.F29EE7C740DCC9CAFC5E6995C1552B2E] - [15/03/2019 05:49:32] - |A| - [937784] - C:\Windows\system32\Drivers\refsv1.sys [MD5.70EFFC47D86C7A3084247614C7E68999] - [15/03/2019 05:49:05] - |A| - [43008] - C:\Windows\system32\Drivers\RfxVmt.sys [MD5.42FE8F090C876F8013CBDA4413F6E1B1] - [15/03/2019 05:49:03] - |A| - [149504] - C:\Windows\system32\Drivers\rmcast.sys [MD5.4778EEECB75C6FB419745BEED3530B9D] - [15/03/2019 19:44:46] - |A| - [26024] - C:\Windows\system32\Drivers\rsdrvx64.sys [MD5.AD13DE72124DE7679B4434D1DDEA6105] - [15/03/2019 04:57:48] - |A| - [28641214] - C:\Windows\system32\Drivers\RTAIODAT.DAT [MD5.88A88DFB87FFAF1728F010D78D97EC5F] - [15/03/2019 05:49:29] - |A| - [118688] - C:\Windows\system32\Drivers\scmbus.sys [MD5.1F58E6D5C1F211DE8BF5131BF12077D1] - [15/03/2019 05:51:25] - |A| - [285080] - C:\Windows\system32\Drivers\sdbus.sys [MD5.80E9563F0B75E98482ECB7D5CBA56BBA] - [15/03/2019 05:49:29] - |A| - [97176] - C:\Windows\system32\Drivers\sdstor.sys [MD5.D0CE5F64FE9B99B04C4FD99B49A2D0C3] - [25/03/2019 23:47:59] - |A| - [1346337] - C:\Windows\system32\Drivers\sfi.dat [MD5.B0BD3A226096405CC1E02E0D37F9B8DA] - [15/03/2019 05:49:32] - |A| - [172560] - C:\Windows\system32\Drivers\spacedump.sys [MD5.0B365656491D21B3ED378035550CC9A6] - [15/03/2019 05:49:58] - |A| - [571704] - C:\Windows\system32\Drivers\spaceport.sys [MD5.0AC8443614164E0F52A062B21ABFE466] - [15/03/2019 05:50:20] - |A| - [725504] - C:\Windows\system32\Drivers\srv2.sys [MD5.2D4F0054F73AB875C9B9FB1AB6BA18D2] - [15/03/2019 05:49:29] - |A| - [259072] - C:\Windows\system32\Drivers\srvnet.sys [MD5.7D975D562E5F8A9CBDBC55328F3D1200] - [15/03/2019 05:49:34] - |A| - [149400] - C:\Windows\system32\Drivers\storahci.sys [MD5.B5C44E8262AA6D3B20E45F8D2FAE54A3] - [15/03/2019 05:49:28] - |A| - [103320] - C:\Windows\system32\Drivers\stornvme.sys [MD5.C9FD44EDBE1D85B75C34854E3A7333EB] - [15/03/2019 05:51:16] - |A| - [558592] - C:\Windows\system32\Drivers\storport.sys [MD5.15599E47C28DC511F0CA3B664A257728] - [15/03/2019 05:49:04] - |A| - [79872] - C:\Windows\system32\Drivers\storqosflt.sys [MD5.4D6FF8DDBF9CC61EC95A4BF4096D52FF] - [15/03/2019 05:49:46] - |A| - [45472] - C:\Windows\system32\Drivers\storufs.sys [MD5.6FD2D01E4AD9494874A3A8BA74A8FA64] - [15/03/2019 05:49:16] - |A| - [39328] - C:\Windows\system32\Drivers\storvsc.sys [MD5.3D63A58A9DD3F984A7E3C2F2CB357E06] - [15/03/2019 05:49:02] - |A| - [64512] - C:\Windows\system32\Drivers\Synth3dVsc.sys [MD5.17F5A1C48CC8E6CDE18889746AD2DD72] - [15/03/2019 05:49:44] - |A| - [2774840] - C:\Windows\system32\Drivers\tcpip.sys [MD5.09125A12CAB5F8D5EAE9C83C25792FDD] - [15/03/2019 05:49:17] - |A| - [121248] - C:\Windows\system32\Drivers\tdx.sys [MD5.D96E9BAA9B222AB6CB3A24EC76EF61F6] - [15/03/2019 05:49:26] - |A| - [128312] - C:\Windows\system32\Drivers\tm.sys [MD5.F54728E32D67537C5A13454E23449C7A] - [15/03/2019 05:49:19] - |A| - [229272] - C:\Windows\system32\Drivers\tpm.sys [MD5.248DEE24AB2EC426ACB12425AD222262] - [15/03/2019 05:51:21] - |A| - [57344] - C:\Windows\system32\Drivers\UcmUcsi.sys [MD5.1A0D1F1FFDBFFECE8DA47DC0096A7C2A] - [15/03/2019 05:49:30] - |A| - [225696] - C:\Windows\system32\Drivers\Ucx01000.sys [MD5.02AAA4B56D789818A8DDB36CF963177B] - [15/03/2019 05:49:12] - |A| - [323072] - C:\Windows\system32\Drivers\udfs.sys [MD5.A97114134A672616A807F2EC1439F566] - [15/03/2019 05:49:20] - |A| - [28576] - C:\Windows\system32\Drivers\uefi.sys [MD5.FD96B5C2479728B1ECB395440CE562A5] - [15/03/2019 05:50:17] - |A| - [555928] - C:\Windows\system32\Drivers\USBHUB3.SYS [MD5.3259EFED98AC5120CEEB5F63837D6A77] - [15/03/2019 05:49:46] - |A| - [453024] - C:\Windows\system32\Drivers\usbport.sys [MD5.446F2908C891A583BEA930226E37036E] - [15/03/2019 05:49:00] - |A| - [71680] - C:\Windows\system32\Drivers\usbser.sys [MD5.343FAE2654C428DD977BDC064FA852AA] - [15/03/2019 05:49:52] - |A| - [437664] - C:\Windows\system32\Drivers\USBXHCI.SYS [MD5.BF13071600C1A0B090BEEC159A75B133] - [15/03/2019 05:49:16] - |A| - [54688] - C:\Windows\system32\Drivers\vdrvroot.sys [MD5.6C4BFF83995B2D9A41F70C372C2C3A3E] - [15/03/2019 05:49:34] - |A| - [712504] - C:\Windows\system32\Drivers\vhdmp.sys [MD5.E6D8C5353865C21F48C8217456526B38] - [15/03/2019 05:49:17] - |A| - [81304] - C:\Windows\system32\Drivers\vmbkmcl.sys [MD5.F0E8663CCA6F4573CF6011DEFD0F4633] - [15/03/2019 05:49:04] - |A| - [80384] - C:\Windows\system32\Drivers\vmbkmclr.sys [MD5.8A5A3B9927832D514D3DAE87D7D692B1] - [15/03/2019 05:49:19] - |A| - [110008] - C:\Windows\system32\Drivers\vmbus.sys [MD5.12723C0F54432B4A98702110B344B030] - [15/03/2019 05:48:59] - |A| - [25088] - C:\Windows\system32\Drivers\VMBusHID.sys [MD5.DFAB4D8FE39C64EAD3A4DCBA25AAFEE0] - [15/03/2019 05:48:59] - |A| - [13312] - C:\Windows\system32\Drivers\vmgencounter.sys [MD5.3269D9C7600317EEAA6AAF3AD1A31D34] - [15/03/2019 05:48:59] - |A| - [10240] - C:\Windows\system32\Drivers\vmgid.sys [MD5.96C14A080CE15E4D8A9C7AE526F7B804] - [15/03/2019 05:48:58] - |A| - [9216] - C:\Windows\system32\Drivers\vms3cap.sys [MD5.03B1F66AB47618A6123EB0631B57A31B] - [15/03/2019 05:49:16] - |A| - [47512] - C:\Windows\system32\Drivers\vmstorfl.sys [MD5.E4FF0D44DE5AA492DEA3902D0349024E] - [15/03/2019 05:49:32] - |A| - [82840] - C:\Windows\system32\Drivers\volmgr.sys [MD5.5B27846CF4B1C21AFB3A35A8336BA02F] - [15/03/2019 05:49:32] - |A| - [401304] - C:\Windows\system32\Drivers\volsnap.sys [MD5.91A151ECECE676EA7D7C30FF440D5324] - [15/03/2019 05:49:22] - |A| - [76584] - C:\Windows\system32\Drivers\vpci.sys [MD5.0D34F98DBDF09D239533AC345C360F03] - [15/03/2019 05:49:23] - |A| - [41472] - C:\Windows\system32\Drivers\vwifimp.sys [MD5.84933C2D49DFF14FDCAC06DC57A03346] - [15/03/2019 05:49:18] - |A| - [80896] - C:\Windows\system32\Drivers\wanarp.sys [MD5.0610F02EC87DBF6BA319CB1D6B8771AE] - [15/03/2019 05:49:59] - |A| - [147872] - C:\Windows\system32\Drivers\wcifs.sys [MD5.87F462C7D37F380187BE12F079F73216] - [15/03/2019 05:49:26] - |A| - [75264] - C:\Windows\system32\Drivers\wcnfs.sys [MD5.76206471CAECD15BF1EC0A3E6ABC1899] - [15/03/2019 05:49:56] - |A| - [775168] - C:\Windows\system32\Drivers\WdiWiFi.sys [MD5.C82198D3B33854D9578F9B09025E4293] - [15/03/2019 05:49:32] - |A| - [163744] - C:\Windows\system32\Drivers\wfplwfs.sys [MD5.4499AB24236526E5CFCE817CD02EC034] - [15/03/2019 05:49:17] - |A| - [71208] - C:\Windows\system32\Drivers\WindowsTrustedRT.sys [MD5.D1730E3D3D231BAFB4A39757FBEC4719] - [15/03/2019 05:49:18] - |A| - [31672] - C:\Windows\system32\Drivers\winhv.sys [MD5.52608B1E0541C4BBEC904F4A1F4A6C86] - [15/03/2019 05:49:14] - |A| - [62464] - C:\Windows\system32\Drivers\winhvr.sys [MD5.F6496AA598D59BFB7B54940C874C00E4] - [15/03/2019 05:49:33] - |A| - [226816] - C:\Windows\system32\Drivers\winnat.sys [MD5.4E2AAE9374C1E22A5AD33C2E55C1685D] - [15/03/2019 05:08:32] - |A| - [2097152] - C:\Windows\system32\Drivers\wlan_memlog.log [MD5.15CB59B1D2E97169E74CF3CDABF4A6B2] - [15/03/2019 05:49:48] - |A| - [339968] - C:\Windows\system32\Drivers\wmbclass.sys [MD5.21E13F2CB269DEFEAE5E1D09887D47BB] - [15/03/2019 09:28:39] - |A| - [203680] - C:\Windows\system32\Drivers\zam64.sys [MD5.21E13F2CB269DEFEAE5E1D09887D47BB] - [15/03/2019 09:28:39] - |A| - [203680] - C:\Windows\system32\Drivers\zamguard64.sys [MD5.EDA56DAD3FD915D33268D9186AF82EE3] - [15/03/2019 05:49:23] - |A| - [155136] - C:\Windows\syswow64\aadauthhelper.dll [MD5.ED3794591127223D1C894394111F5B05] - [15/03/2019 05:49:38] - |A| - [955392] - C:\Windows\syswow64\aadtb.dll [MD5.A64158A18C23A80BCF2E064B8009F9F0] - [15/03/2019 05:49:01] - |A| - [252928] - C:\Windows\syswow64\AboveLockAppHost.dll [MD5.ECA369FB5E31F66FF895650657484D24] - [15/03/2019 05:51:21] - |A| - [2402304] - C:\Windows\syswow64\AcGenral.dll [MD5.E76559F87F7F0A1EBE091D56E8F129BB] - [15/03/2019 05:51:25] - |A| - [372736] - C:\Windows\syswow64\AcLayers.dll [MD5.CA0518ED04AC054E5F3687F5DD8A558B] - [15/03/2019 05:49:25] - |A| - [5388800] - C:\Windows\syswow64\aclui.dll [MD5.04182E0E5ACC0E8D6990AECC508B7F0D] - [15/03/2019 05:49:22] - |A| - [68096] - C:\Windows\syswow64\acppage.dll [MD5.94CA9C635FCDF0007D9B152E51D46694] - [15/03/2019 05:51:25] - |A| - [473088] - C:\Windows\syswow64\AcSpecfc.dll [MD5.50FD3B24A690228EF6376076D8A48359] - [15/03/2019 05:50:00] - |A| - [443904] - C:\Windows\syswow64\ActivationManager.dll [MD5.0B92E22CA7615C63D1FE8962AD40E34B] - [15/03/2019 05:50:13] - |A| - [1546752] - C:\Windows\syswow64\ActiveSyncProvider.dll [MD5.D6140C97A2803B4151A83732A9710038] - [15/03/2019 05:49:18] - |A| - [261632] - C:\Windows\syswow64\actxprxy.dll [MD5.3A718179031B96707D9202FFB06E64E3] - [15/03/2019 05:49:32] - |A| - [481552] - C:\Windows\syswow64\advapi32.dll [MD5.8F36A806022ECA990463615D88F8E285] - [15/03/2019 05:50:11] - |A| - [383288] - C:\Windows\syswow64\aepic.dll [MD5.D978E94C6E705B462A136B7130128042] - [15/03/2019 05:49:00] - |A| - [84480] - C:\Windows\syswow64\AppCapture.dll [MD5.27392A93FA251F6A90DF876F99CD648C] - [15/03/2019 05:49:48] - |A| - [614912] - C:\Windows\syswow64\apphelp.dll [MD5.9855E3C9AEA3DAF68A5E816A3979EAB8] - [15/03/2019 05:49:24] - |A| - [52248] - C:\Windows\syswow64\appidapi.dll [MD5.E8E8FEA931FDBF1E6D7F0B50F2945FD6] - [15/03/2019 05:49:40] - |A| - [233984] - C:\Windows\syswow64\AppLockerCSP.dll [MD5.D2F1A5DEC93E5CCED76FEED9BE7ABD2E] - [15/03/2019 05:49:25] - |A| - [444416] - C:\Windows\syswow64\AppResolver.dll [MD5.78A588C3E0250B96FD8321AC314E2767] - [15/03/2019 05:49:42] - |A| - [755712] - C:\Windows\syswow64\appwiz.cpl [MD5.C98F1C7A9A6B6F6C61F5712A5E5245BB] - [15/03/2019 05:49:43] - |A| - [201728] - C:\Windows\syswow64\AppxAllUserStore.dll [MD5.76E4BC6F0A68AA87BC6DC2F6C027553B] - [15/03/2019 05:49:39] - |A| - [544336] - C:\Windows\syswow64\AppXDeploymentClient.dll [MD5.7E04D46B430873BA2DB5DBE92B567CCB] - [15/03/2019 05:28:24] - |A| - [86016] - C:\Windows\syswow64\atl70.dll [MD5.3AA83651D14BED011EE9A3460F336CB1] - [15/03/2019 05:28:24] - |A| - [90112] - C:\Windows\syswow64\atl71.dll [MD5.1594A2F3301172E0C32316ECA8681D99] - [15/03/2019 05:49:45] - |A| - [311096] - C:\Windows\syswow64\atmfd.dll [MD5.647C1592A54A228EED5996A813DF8F8A] - [15/03/2019 05:48:57] - |A| - [38912] - C:\Windows\syswow64\atmlib.dll [MD5.4E0723A2A20628DE9CD9CE42678431F9] - [15/03/2019 05:51:26] - |A| - [1246336] - C:\Windows\syswow64\AudioEng.dll [MD5.3FFCF854457B5DFCE5DD2102F11B4E66] - [15/03/2019 05:49:19] - |A| - [386336] - C:\Windows\syswow64\AUDIOKSE.dll [MD5.D5228464E6EC1FF090670AD4101FA9E9] - [15/03/2019 05:51:22] - |A| - [982952] - C:\Windows\syswow64\AudioSes.dll [MD5.EA985A6D511726B5D219A4D4A2E79543] - [15/03/2019 05:49:34] - |A| - [5105664] - C:\Windows\syswow64\AuthFWSnapin.dll [MD5.FE32916A1D8EB46E7502D93E14C27A92] - [15/03/2019 05:49:45] - |A| - [455680] - C:\Windows\syswow64\authui.dll [MD5.9D97FFD3CF17D1CF5C2B7169E28AE585] - [15/03/2019 05:48:59] - |A| - [184832] - C:\Windows\syswow64\authz.dll [MD5.8B0C43850C0C05E9AC505D64C7615648] - [15/03/2019 05:49:27] - |A| - [1277440] - C:\Windows\syswow64\AzureSettingSyncProvider.dll [MD5.53A654A1EC589A0E2DC587D611FE18FF] - [15/03/2019 05:49:29] - |A| - [180720] - C:\Windows\syswow64\basecsp.dll [MD5.7B9AF7AB0A6B394C4C7B76C98F24CE2F] - [15/03/2019 05:48:59] - |A| - [1663488] - C:\Windows\syswow64\batmeter.dll [MD5.BC84A33F6C185FB5A58EC60F73DADAED] - [15/03/2019 05:49:06] - |A| - [886784] - C:\Windows\syswow64\bcastdvr.exe [MD5.69FE669280B3571DF31FC1B83E2ACBAB] - [15/03/2019 05:49:20] - |A| - [97160] - C:\Windows\syswow64\bcrypt.dll [MD5.F5E1C873F38828D4D12D88E4089BA68D] - [15/03/2019 05:49:33] - |A| - [353752] - C:\Windows\syswow64\bcryptprimitives.dll [MD5.8B14F3DBC532A1AE1469EEB416F26165] - [15/03/2019 04:50:04] - |A| - [1888112] - C:\Windows\syswow64\bhtv5Icon.dll [MD5.9851FD294456B72440B86B084D39F2AE] - [15/03/2019 05:49:52] - |A| - [6204416] - C:\Windows\syswow64\BingMaps.dll [MD5.D494D0B42DB2042FC64F5303765D1DC6] - [15/03/2019 05:49:38] - |A| - [756736] - C:\Windows\syswow64\BingOnlineServices.dll [MD5.D9AAD89CD5D2ACB0CEAA183C594545E9] - [15/03/2019 05:49:29] - |A| - [113664] - C:\Windows\syswow64\BitLockerCsp.dll [MD5.556F2B248BE79615271876189FEB6F2A] - [15/03/2019 05:48:59] - |A| - [124928] - C:\Windows\syswow64\BrowserSettingSync.dll [MD5.55A5C226494526C328A165E56C0425CC] - [15/03/2019 05:49:02] - |A| - [48128] - C:\Windows\syswow64\ByteCodeGenerator.exe [MD5.00EF9C60666CD4AA5C834F87A0AD1236] - [15/03/2019 05:49:38] - |A| - [408576] - C:\Windows\syswow64\catsrvut.dll [MD5.A4ACB09E6AC6A2FC3D67324ECD39C9C6] - [15/03/2019 05:49:57] - |A| - [3181568] - C:\Windows\syswow64\cdp.dll [MD5.30C8254C86A845A641991B8D28DC9010] - [15/03/2019 05:49:18] - |A| - [938496] - C:\Windows\syswow64\cdprt.dll [MD5.FE233BF2695CD2835827DD34A28CA685] - [15/03/2019 05:51:23] - |A| - [6039040] - C:\Windows\syswow64\Chakra.dll [MD5.8E7BDED6AB621FAD6E8A76E793604D63] - [15/03/2019 05:49:43] - |A| - [79360] - C:\Windows\syswow64\Chakradiag.dll [MD5.8A04B69262DAEA010A34EB152BC6D49C] - [15/03/2019 05:49:13] - |A| - [76288] - C:\Windows\syswow64\cldapi.dll [MD5.FF27694FCFBEFA89CD9DA36A65316974] - [15/03/2019 05:49:13] - |A| - [236544] - C:\Windows\syswow64\CloudBackupSettings.dll [MD5.01D3FABF806DA11241F914F1B41CFB32] - [15/03/2019 05:51:04] - |A| - [354104] - C:\Windows\syswow64\CloudExperienceHostCommon.dll [MD5.F2C0A4009D5B447345E5F1F9AB673376] - [15/03/2019 05:49:17] - |A| - [77552] - C:\Windows\syswow64\CloudNotifications.exe [MD5.483DF47D6383D7E545180F767406E455] - [15/03/2019 05:49:21] - |A| - [166408] - C:\Windows\syswow64\CloudStorageWizard.exe [MD5.2D9C4EBB63E5C3C1B18DEB9071F8321E] - [15/03/2019 05:49:20] - |A| - [763904] - C:\Windows\syswow64\clusapi.dll [MD5.BC3B6239D0F74FFA152FCE165CFB6424] - [20/03/2019 13:00:06] - |A| - [267448] - C:\Windows\syswow64\cmdkbdcss32.dll [MD5.A6DE9F867ED5C583347ACE03AEF74A98] - [04/03/2019 22:34:52] - |A| - [373440] - C:\Windows\syswow64\cmdvrt32.dll [MD5.841942F548DC62C6D406B4891D3D63E0] - [15/03/2019 05:50:14] - |A| - [2381280] - C:\Windows\syswow64\combase.dll [MD5.814CFB7B6D61211C02A15BF1D3A192BE] - [15/03/2019 05:28:24] - |A| - [170920] - C:\Windows\syswow64\comct232.ocx [MD5.50F9E631CA79D0CE9C2F4143ED90C455] - [15/03/2019 05:28:24] - |A| - [416408] - C:\Windows\syswow64\comct332.ocx [MD5.307E2A8D261CDC3512D92AD064F5D3E7] - [15/03/2019 05:49:19] - |A| - [572312] - C:\Windows\syswow64\comctl32.dll [MD5.F5564D7F69C7BDEF4E078F610431D426] - [15/03/2019 05:28:24] - |A| - [617896] - C:\Windows\syswow64\comctl32.ocx [MD5.0A215C24A2EC8CCEC65F4192E5C57A83] - [15/03/2019 05:49:54] - |A| - [842240] - C:\Windows\syswow64\comdlg32.dll [MD5.9A4D0F97F0D84F877B388D4A12D90B6B] - [15/03/2019 05:28:24] - |A| - [163480] - C:\Windows\syswow64\comdlg32.ocx [MD5.FAA72D9619CE73852FBD248966EB6F17] - [15/03/2019 05:49:55] - |A| - [377864] - C:\Windows\syswow64\coml2.dll [MD5.CCCB515642FC67B25BD8F672177A0730] - [15/03/2019 05:49:22] - |A| - [116224] - C:\Windows\syswow64\ComposableShellProxyStub.dll [MD5.E960B5AF45C9A4080BF84BD337A5458C] - [15/03/2019 05:49:17] - |A| - [73424] - C:\Windows\syswow64\CompPkgSup.dll [MD5.F524BE75046D4CB3323AFFA297BA87B7] - [15/03/2019 05:49:06] - |A| - [288768] - C:\Windows\syswow64\compstui.dll [MD5.E3AEF9691884A39429097528ABBC42D1] - [15/03/2019 05:49:34] - |A| - [1353216] - C:\Windows\syswow64\comsvcs.dll [MD5.4187945869C7A57DE965F9BC83257899] - [15/03/2019 05:49:00] - |A| - [51200] - C:\Windows\syswow64\ContactActivation.dll [MD5.4C24C90FE03AAB4B95E0CED1A6BB7560] - [15/03/2019 05:49:24] - |A| - [149504] - C:\Windows\syswow64\container.dll [MD5.BE5F30C12439CDA8EFC46E7B8E817222] - [15/03/2019 05:50:07] - |A| - [1124768] - C:\Windows\syswow64\ContentDeliveryManager.Utilities.dll [MD5.80A292E1B756825A92D63FF970651F9A] - [15/03/2019 05:49:25] - |A| - [566568] - C:\Windows\syswow64\CoreMessaging.dll [MD5.C9AB5D0A1C62AFB1BE02EBBB24A2302C] - [15/03/2019 05:49:09] - |A| - [319488] - C:\Windows\syswow64\CoreShellAPI.dll [MD5.11501AFB44A172013463045AFB8EDB1B] - [15/03/2019 05:49:55] - |A| - [2314920] - C:\Windows\syswow64\CoreUIComponents.dll [MD5.F9D96C5F48913825BF3997F3DAA71182] - [15/03/2019 05:49:04] - |A| - [243712] - C:\Windows\syswow64\Cortana.Persona.dll [MD5.7A26208A1DC9AC89343FE3F969837294] - [15/03/2019 05:49:48] - |A| - [699904] - C:\Windows\syswow64\CPFilters.dll [MD5.04BB4B99A09E5F2F731FBD3DE7843FA4] - [15/03/2019 05:49:32] - |A| - [78336] - C:\Windows\syswow64\CredProv2faHelper.dll [MD5.BF0DD9BE96CCA1217B612E8395F35C3D] - [15/03/2019 05:49:57] - |A| - [381440] - C:\Windows\syswow64\CredProvDataModel.dll [MD5.BEC7C17D84AE27F739DBD7D3AA02DFFE] - [15/03/2019 05:49:40] - |A| - [218112] - C:\Windows\syswow64\credprovhost.dll [MD5.6087E891E4CE0A633C41A935914EDCCB] - [15/03/2019 05:49:39] - |A| - [192512] - C:\Windows\syswow64\credprovs.dll [MD5.56B10788B1272945A4612801736545EC] - [15/03/2019 05:48:57] - |A| - [19456] - C:\Windows\syswow64\credssp.dll [MD5.BD104AE1416B5B146071D2A06DBB1C86] - [15/03/2019 05:49:49] - |A| - [1575896] - C:\Windows\syswow64\crypt32.dll [MD5.BECA45641D7C13280B4CFD8048332E18] - [15/03/2019 05:49:39] - |A| - [547840] - C:\Windows\syswow64\cryptui.dll [MD5.B142E24CAFEEC3C4489B7F53E5EE3DE6] - [15/03/2019 05:49:30] - |A| - [143360] - C:\Windows\syswow64\cscript.exe [MD5.5FD2AB268E79600FED51E072EB69F8B2] - [20/03/2019 13:00:08] - |A| - [349496] - C:\Windows\syswow64\cssguard32.dll [MD5.5906AEDAD21BDB88A8C6100F43A7E9B5] - [15/03/2019 05:50:04] - |A| - [5279744] - C:\Windows\syswow64\d2d1.dll [MD5.1A5732AF2CD5F644AEF43A168753A20C] - [15/03/2019 05:50:49] - |A| - [5616088] - C:\Windows\syswow64\d3d10warp.dll [MD5.22DC4F2C169CF7D9D320FBA7ED5A6741] - [15/03/2019 05:50:21] - |A| - [2338272] - C:\Windows\syswow64\d3d11.dll [MD5.BEBBADCE3A72432C3DC0480303F739BA] - [15/03/2019 05:50:10] - |A| - [1123464] - C:\Windows\syswow64\D3D12.dll [MD5.DA426B074E12B3A47B848D2A31E66E1C] - [15/03/2019 05:50:08] - |A| - [1474680] - C:\Windows\syswow64\d3d9.dll [MD5.32BEFC02B90C23EF2D04E945790AFA85] - [15/03/2019 05:49:54] - |A| - [557056] - C:\Windows\syswow64\d3d9on12.dll [MD5.34061DA4AA9941B1FC8B6D0F48D89B77] - [15/03/2019 05:49:47] - |A| - [3648000] - C:\Windows\syswow64\D3DCompiler_47.dll [MD5.E01FB010191C5AD6923123B6FEB4CA85] - [15/03/2019 05:48:57] - |A| - [91648] - C:\Windows\syswow64\DafPrintProvider.dll [MD5.7654386CAEA3D5F306DFCB4BA852423D] - [15/03/2019 05:49:18] - |A| - [78848] - C:\Windows\syswow64\davclnt.dll [MD5.A67188E3CFAA0013A06A1ECA660942C7] - [15/03/2019 05:49:54] - |A| - [374272] - C:\Windows\syswow64\daxexec.dll [MD5.BA451393DE44C93814530A993D67DF72] - [15/03/2019 05:49:53] - |A| - [4839424] - C:\Windows\syswow64\dbgeng.dll [MD5.B4BC9143CC3E79BF54D56FAAEDD869CC] - [15/03/2019 05:49:11] - |A| - [471040] - C:\Windows\syswow64\DbgModel.dll [MD5.9981490539D5BBBC72FFBE3AB35BFCE7] - [15/03/2019 05:28:24] - |A| - [218776] - C:\Windows\syswow64\dblist32.ocx [MD5.6FF3B140638AF46B588B69A787F55ACD] - [15/03/2019 05:49:31] - |A| - [1996800] - C:\Windows\syswow64\DeviceFlows.DataModel.dll [MD5.C8A81273DA2C3920E7033F0FF08DBFC2] - [15/03/2019 05:49:20] - |A| - [504832] - C:\Windows\syswow64\DevicePairing.dll [MD5.441987412F61E1DE5FF84F53886D79E4] - [15/03/2019 05:49:16] - |A| - [79256] - C:\Windows\syswow64\DeviceReactivation.dll [MD5.66EEE5CB93EB985144E37668D7102D72] - [15/03/2019 05:48:57] - |A| - [314880] - C:\Windows\syswow64\dhcpcore.dll [MD5.0D7BFC2A08BC5B523BF397B631DE9E3F] - [15/03/2019 05:48:57] - |A| - [257536] - C:\Windows\syswow64\dhcpcore6.dll [MD5.46FEF9525AD7BB9CC6E56774082640BA] - [15/03/2019 05:49:35] - |A| - [351232] - C:\Windows\syswow64\DictationManager.dll [MD5.FE5D6DB1A5FD75A8B2C628E6B2437BFF] - [15/03/2019 05:49:11] - |A| - [138752] - C:\Windows\syswow64\dinput.dll [MD5.40C907501CAFB63C0C5F8F430B61886F] - [15/03/2019 05:49:31] - |A| - [178176] - C:\Windows\syswow64\dinput8.dll [MD5.EE36877B858BC74D613CF34A1860D0E7] - [15/03/2019 05:48:59] - |A| - [17408] - C:\Windows\syswow64\dispex.dll [MD5.48FD4B9B94D69CD741380F7CD11CAFEE] - [15/03/2019 05:49:49] - |A| - [440832] - C:\Windows\syswow64\dmenrollengine.dll [MD5.677721DE2125B0B65EB52754591A8D56] - [15/03/2019 05:51:22] - |A| - [596648] - C:\Windows\syswow64\dnsapi.dll [MD5.082659C01AC2985A1D3A084F88CC8C94] - [15/03/2019 05:51:21] - |A| - [2465792] - C:\Windows\syswow64\dwmcore.dll [MD5.6C5F349F8960A861202A02F4B4F29A8A] - [15/03/2019 05:50:19] - |A| - [2577408] - C:\Windows\syswow64\DWrite.dll [MD5.066CB398DDE5E6A30DBAE15A1FC881C4] - [15/03/2019 05:49:58] - |A| - [590944] - C:\Windows\syswow64\dxgi.dll [MD5.A61ABAD4BCA6E78EB63AA79392C9CBFD] - [15/03/2019 05:49:21] - |A| - [910336] - C:\Windows\syswow64\dxilconv.dll [MD5.C2E45A1B7A9E64E556FB133972522297] - [15/03/2019 05:49:16] - |A| - [397824] - C:\Windows\syswow64\dxtmsft.dll [MD5.58069D702861D22CCEBF8E5BF73A47A0] - [15/03/2019 05:49:04] - |A| - [268288] - C:\Windows\syswow64\dxtrans.dll [MD5.DA2963537201D0CA86582BFD2367DD64] - [15/03/2019 05:51:05] - |A| - [18948096] - C:\Windows\syswow64\edgehtml.dll [MD5.90693C180091F9EE68D18DD75B51A4A9] - [15/03/2019 05:49:21] - |A| - [344576] - C:\Windows\syswow64\edgeIso.dll [MD5.9ACC2B31F85A19F38B125930A39B2E74] - [15/03/2019 05:49:21] - |A| - [155136] - C:\Windows\syswow64\EdgeManager.dll [MD5.20B198BCE18175872A30739A03C4AD3F] - [15/03/2019 05:48:59] - |A| - [174592] - C:\Windows\syswow64\EditionUpgradeHelper.dll [MD5.83FDC0F1671944CE208AF63A4950EF60] - [15/03/2019 05:49:43] - |A| - [662216] - C:\Windows\syswow64\EditionUpgradeManagerObj.dll [MD5.988381570DA910D027CE366374314E9D] - [15/03/2019 05:49:29] - |A| - [232960] - C:\Windows\syswow64\edputil.dll [MD5.C9764599F10D42020862F313DB492DD1] - [15/03/2019 05:49:51] - |A| - [466432] - C:\Windows\syswow64\efswrt.dll [MD5.CDE43F9933B41D6A209325929E55084F] - [15/03/2019 05:49:33] - |A| - [380928] - C:\Windows\syswow64\EncDec.dll [MD5.B1AB0C8429D62396A2E7F21C7171E35D] - [15/03/2019 05:49:01] - |A| - [181760] - C:\Windows\syswow64\enrollmentapi.dll [MD5.BEC53D453B0CA811A93207D469D75998] - [15/03/2019 05:49:00] - |A| - [16384] - C:\Windows\syswow64\EnterpriseAppMgmtClient.dll [MD5.7900AD6F9C1630DFA8F3802BFC61D435] - [15/03/2019 05:49:24] - |A| - [332288] - C:\Windows\syswow64\es.dll [MD5.8B61739D53D930459AEF0A45ACCBB50E] - [15/03/2019 05:50:03] - |A| - [662208] - C:\Windows\syswow64\evr.dll [MD5.D0DA38CCFF3CD23F74842E9350F4CC0A] - [15/03/2019 05:49:42] - |A| - [242176] - C:\Windows\syswow64\ExecModelClient.dll [MD5.78ECF80299B700E66486A2D58144A3B3] - [15/03/2019 05:50:26] - |A| - [3484848] - C:\Windows\syswow64\explorer.exe [MD5.051E1C425AFCCCA7774485EB2E016D94] - [15/03/2019 05:50:12] - |A| - [4384768] - C:\Windows\syswow64\ExplorerFrame.dll [MD5.7AEB8E015BA434B3053DE93D9EB057EB] - [15/03/2019 05:49:20] - |A| - [129536] - C:\Windows\syswow64\fdeploy.dll [MD5.1B96735472A878AD85592F0334EC25E3] - [15/03/2019 05:48:57] - |A| - [48128] - C:\Windows\syswow64\fdPnp.dll [MD5.BC8ED221EF952816388C3827FBD80D59] - [15/03/2019 05:49:02] - |A| - [28672] - C:\Windows\syswow64\fdProxy.dll [MD5.C7A76E53B32A2343F38E9CC9E828492D] - [15/03/2019 05:48:56] - |A| - [25088] - C:\Windows\syswow64\fdWNet.dll [MD5.AB37FC984562EF4B8F748AF49BB1231B] - [15/03/2019 05:51:21] - |A| - [374784] - C:\Windows\syswow64\FirewallAPI.dll [MD5.5A3BCFCCEAA2C9950532BCE313BAB55C] - [15/03/2019 07:34:34] - |A| - [2232] - C:\Windows\syswow64\FolderLockAdrv.inf [MD5.CCCE2AAEACFBEA0ABF62BF0C155CF783] - [15/03/2019 05:50:22] - |A| - [649208] - C:\Windows\syswow64\fontdrvhost.exe [MD5.047A3D70979DDDCB2C8B33F3B56F5E4B] - [15/03/2019 05:49:09] - |A| - [908800] - C:\Windows\syswow64\fontext.dll [MD5.7789D68CD7A3D608908CEB66EB38CADE] - [15/03/2019 05:49:21] - |A| - [96768] - C:\Windows\syswow64\fontsub.dll [MD5.6197BFFCE473AC63D8178BA2AE9C1EB2] - [15/03/2019 05:49:41] - |A| - [236032] - C:\Windows\syswow64\FSClient.dll [MD5.FB2F8886B7963FAE2D4E113BE6175EF0] - [15/03/2019 05:49:39] - |A| - [176128] - C:\Windows\syswow64\fwpolicyiomgr.dll [MD5.AC19F229838A89B6592CE78E8B8D88C3] - [15/03/2019 05:48:59] - |A| - [517632] - C:\Windows\syswow64\FXSCOMEX.dll [MD5.A285B7902E5629E804975398B842939D] - [15/03/2019 05:49:11] - |A| - [212992] - C:\Windows\syswow64\GameBarPresenceWriter.exe [MD5.5380B3B5DC8AE2FB386ABD060B47D00F] - [15/03/2019 05:49:26] - |A| - [963584] - C:\Windows\syswow64\GamePanel.exe [MD5.C492E666DE1589555FBC9B565CD8B6A3] - [15/03/2019 05:49:47] - |A| - [2413568] - C:\Windows\syswow64\gameux.dll [MD5.7EF681053E42D85DD92AC4191448FFF0] - [15/03/2019 05:49:40] - |A| - [136704] - C:\Windows\syswow64\gamingtcui.dll [MD5.A80CF168C3CF4650F02A27FA22873508] - [15/03/2019 05:49:27] - |A| - [133904] - C:\Windows\syswow64\gdi32.dll [MD5.ED76B21059A9394513E95602C9EE8C91] - [15/03/2019 05:50:28] - |A| - [1433264] - C:\Windows\syswow64\gdi32full.dll [MD5.47D8A84190782585108116822902B736] - [15/03/2019 05:49:46] - |A| - [1473024] - C:\Windows\syswow64\GdiPlus.dll [MD5.5CE936FD859679BCE159E0A8C4B94F69] - [15/03/2019 05:49:57] - |A| - [366592] - C:\Windows\syswow64\Geolocation.dll [MD5.1E91815C329345AD54FE08BF7A98F749] - [15/03/2019 05:50:37] - |A| - [4171264] - C:\Windows\syswow64\gnsdk_fp.dll [MD5.7F6A10AF073204F0BFEA03296A719DF8] - [04/03/2019 22:39:04] - |A| - [712224] - C:\Windows\syswow64\guard32.dll [MD5.5C93EAC5FFA5AAAEEE71E7AFB82AB13B] - [15/03/2019 05:49:20] - |A| - [225288] - C:\Windows\syswow64\HdcpHandler.dll [MD5.16308115D8C87AAF8D2FC684A8026905] - [15/03/2019 05:49:39] - |A| - [576512] - C:\Windows\syswow64\hgcpl.dll [MD5.A337279439568BDCEEFB66F0CCFEB2A3] - [15/03/2019 05:49:41] - |A| - [540672] - C:\Windows\syswow64\hhctrl.ocx [MD5.B50F5C1F65B53564DA720FACCFB88AA1] - [15/03/2019 05:49:18] - |A| - [99840] - C:\Windows\syswow64\hlink.dll [MD5.9FFDC8ED3B2261C6EC0EF2B4C893BD5B] - [15/03/2019 05:49:09] - |A| - [181760] - C:\Windows\syswow64\HoloShellRuntime.dll [MD5.0D39CE935744E80D4B17687967A6532D] - [15/03/2019 05:49:37] - |A| - [340480] - C:\Windows\syswow64\html.iec [MD5.D6DFCAAA26F7081B309CA16298523EC9] - [15/03/2019 05:49:23] - |A| - [230912] - C:\Windows\syswow64\icm32.dll [MD5.9D0FDC241ECD537B7DE219A98A726563] - [15/03/2019 05:49:35] - |RA| - [1640960] - C:\Windows\syswow64\icuin.dll [MD5.C18014A1063903CC299E4045C93F862B] - [15/03/2019 05:49:33] - |RA| - [1158656] - C:\Windows\syswow64\icuuc.dll [MD5.800427263F85FDB6DCB853AD54C41B0C] - [15/03/2019 05:49:04] - |A| - [96256] - C:\Windows\syswow64\IdCtrls.dll [MD5.5FFCF010BC7879214146ECEB661AC0F4] - [15/03/2019 05:48:59] - |A| - [120320] - C:\Windows\syswow64\IEAdvpack.dll [MD5.FF7A9609092DDB0AC946DBDEEEB497F8] - [15/03/2019 05:49:22] - |A| - [1474560] - C:\Windows\syswow64\ieapfltr.dll [MD5.AFBB00290D266FA72569731352E869BD] - [15/03/2019 05:49:15] - |A| - [344064] - C:\Windows\syswow64\iedkcs32.dll [MD5.DA269D4F2A46DB8567F1CB481B26B278] - [15/03/2019 05:50:20] - |A| - [11924992] - C:\Windows\syswow64\ieframe.dll [MD5.D9BBA1B7456562F484F2F1E79D7B1467] - [15/03/2019 05:49:00] - |A| - [133632] - C:\Windows\syswow64\iepeers.dll [MD5.427386173975A650828F079C15866EB1] - [15/03/2019 05:49:33] - |A| - [365568] - C:\Windows\syswow64\ieproxy.dll [MD5.D42F18F9E37C27A9238A2EC567B7B946] - [15/03/2019 05:48:58] - |A| - [38400] - C:\Windows\syswow64\iernonce.dll [MD5.408A86B0BCEE0EF829540FC3BD6D9013] - [15/03/2019 05:50:10] - |A| - [2217016] - C:\Windows\syswow64\iertutil.dll [MD5.C191093254976AD3589EA942D2BCF983] - [15/03/2019 05:48:58] - |A| - [70144] - C:\Windows\syswow64\iesetup.dll [MD5.088C6A5E7856CC582543485DE3E2A9C7] - [15/03/2019 05:48:59] - |A| - [98304] - C:\Windows\syswow64\iesysprep.dll [MD5.FF2EF8AF7DE0EA8FC5C2EC80950ECAF5] - [15/03/2019 05:49:40] - |A| - [475648] - C:\Windows\syswow64\ieui.dll [MD5.C1127463655F541956FF02A325996ECF] - [15/03/2019 05:48:53] - |A| - [3329] - C:\Windows\syswow64\ieuinit.inf [MD5.827E3C18E13B7FF90B7BB24FE78E3084] - [15/03/2019 05:49:00] - |A| - [123392] - C:\Windows\syswow64\ieUnatt.exe [MD5.5905887875F87E10146E301FC5F16347] - [15/03/2019 05:48:58] - |A| - [152064] - C:\Windows\syswow64\iexpress.exe [MD5.D9A3919CAE425168C8EAB63F3E820A37] - [15/03/2019 05:48:58] - |A| - [43520] - C:\Windows\syswow64\imgutil.dll [MD5.C5D273F400B8EE5BEB81097D3E4FAF04] - [15/03/2019 04:50:45] - |A| - [166520] - C:\Windows\syswow64\IMX241_FN50FF-562H_SKY.cpf [MD5.F609489142774262ABD4AB204E56C4D9] - [15/03/2019 04:50:45] - |A| - [171348] - C:\Windows\syswow64\IMX241_START2FRONT_SKY.cpf [MD5.B216175F6574C5D40A6BFFFEB28E8938] - [15/03/2019 04:50:45] - |A| - [171276] - C:\Windows\syswow64\IMX241_START2FRONT_SKY_Video.cpf [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - [15/03/2019 04:50:45] - |A| - [276840] - C:\Windows\syswow64\IMX258_START2REAR_SKY.cpf [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - [15/03/2019 04:50:45] - |A| - [276840] - C:\Windows\syswow64\IMX258_START2REAR_SKY_Video.cpf [MD5.BA829AECF1E87E08DFA61F0A3BD4AAF5] - [15/03/2019 05:49:48] - |A| - [897024] - C:\Windows\syswow64\inetcomm.dll [MD5.E1936270DC771A21C48700C309B6893B] - [15/03/2019 05:49:40] - |A| - [2014720] - C:\Windows\syswow64\inetcpl.cpl [MD5.268659BB0B0FB686FD7026251282C626] - [15/03/2019 05:48:58] - |A| - [84992] - C:\Windows\syswow64\INETRES.dll [MD5.4CED7C72B126C457F5E00A943B18B924] - [15/03/2019 05:49:21] - |A| - [149960] - C:\Windows\syswow64\InputHost.dll [MD5.50B7D9B4C9B97A008BEA00F118D6C4BB] - [15/03/2019 05:50:18] - |A| - [2349568] - C:\Windows\syswow64\InputService.dll [MD5.E8476A80897B574D8C15EFD7E3575CD8] - [15/03/2019 05:49:30] - |A| - [329728] - C:\Windows\syswow64\InputSwitch.dll [MD5.1F72A8E652C34C55029808FCD1AEA208] - [15/03/2019 05:48:58] - |A| - [97280] - C:\Windows\syswow64\inseng.dll [MD5.EFC0942C387256B31F304D3A1B24F136] - [15/03/2019 05:50:11] - |A| - [1008640] - C:\Windows\syswow64\InstallService.dll [MD5.F9744A07214F95169459D9F0630F0EEE] - [15/03/2019 05:00:46] - |A| - [180720] - C:\Windows\syswow64\intel_gfx_api-x86.dll [MD5.7EAE5AAA7F7392A361A67AA128AC53CF] - [15/03/2019 05:49:44] - |A| - [514560] - C:\Windows\syswow64\iprtrmgr.dll [MD5.F5BE56A8A18B3315935EE3AA8F920010] - [20/03/2019 13:00:45] - |A| - [205528] - C:\Windows\syswow64\iseguard32.dll [MD5.64E6A7C3561E12A93267FA497694D04C] - [15/03/2019 05:49:24] - |A| - [162304] - C:\Windows\syswow64\itircl.dll [MD5.D5384EAB3FCC04D3FE2D2C92F3995A31] - [15/03/2019 05:49:29] - |A| - [150528] - C:\Windows\syswow64\itss.dll [MD5.FDF2DF009331F6E04D03EBC8AFE1B00E] - [15/03/2019 05:48:58] - |A| - [72704] - C:\Windows\syswow64\JavaScriptCollectionAgent.dll [MD5.FEC559B53E3B0CBBB4858866659A9D37] - [15/03/2019 05:49:31] - |A| - [981504] - C:\Windows\syswow64\JpMapControl.dll [MD5.A874225CBD50744ADC1893B2DDF0123C] - [15/03/2019 05:51:27] - |A| - [664576] - C:\Windows\syswow64\jscript.dll [MD5.4319CE4F3CA748CACB6A1E80C546B46F] - [15/03/2019 05:51:26] - |A| - [3662336] - C:\Windows\syswow64\jscript9.dll [MD5.B3E8433F4EBB363174C44A29059BBC59] - [15/03/2019 05:49:37] - |A| - [539136] - C:\Windows\syswow64\jscript9diag.dll [MD5.EFDF3EEF2766F11078F720F726838B85] - [15/03/2019 05:50:05] - |A| - [773120] - C:\Windows\syswow64\kerberos.dll [MD5.F4EC8E1F0236746581356B806D7EE868] - [15/03/2019 05:49:22] - |A| - [47608] - C:\Windows\syswow64\kernel.appcore.dll [MD5.8AC413D8F541DAD9F516A1A14372B321] - [15/03/2019 05:49:33] - |A| - [595560] - C:\Windows\syswow64\kernel32.dll [MD5.64E7884B7FFCC1C924CDDADB7E95F04B] - [15/03/2019 05:50:00] - |A| - [1932216] - C:\Windows\syswow64\KernelBase.dll [MD5.52FA4FF4BC1865172AB3AD6DA6969B8F] - [15/03/2019 05:48:56] - |A| - [71680] - C:\Windows\syswow64\keyiso.dll [MD5.3AA9A2B7FB715C24C90AEB0A38E0F057] - [15/03/2019 05:49:06] - |A| - [233984] - C:\Windows\syswow64\ksproxy.ax [MD5.9CEED6E21BF4E53A3EE25D4624E3BC07] - [15/03/2019 05:50:10] - |A| - [749864] - C:\Windows\syswow64\LicenseManager.dll [MD5.09BAF8936A48665E1504D3E93D332E1E] - [15/03/2019 05:49:29] - |A| - [726544] - C:\Windows\syswow64\LicensingWinRT.dll [MD5.335EC3A0133B2C608B70496614DED4BA] - [15/03/2019 05:48:58] - |A| - [27136] - C:\Windows\syswow64\licmgr10.dll [MD5.EF0C1B809402E2291CF88AE7B3982E89] - [15/03/2019 05:49:49] - |A| - [804120] - C:\Windows\syswow64\locale.nls [MD5.F5225DFED4BFAE26CDFA8447E0F4CBF1] - [15/03/2019 05:49:07] - |A| - [44032] - C:\Windows\syswow64\LocationFrameworkInternalPS.dll [MD5.E8EB7F25B70B2DDAF4CCF7B4B4A47921] - [15/03/2019 05:49:19] - |A| - [27664] - C:\Windows\syswow64\LocationFrameworkPS.dll [MD5.9F087ACEF8B372C70455F6FFE99A8E1B] - [15/03/2019 05:49:58] - |A| - [456704] - C:\Windows\syswow64\LockAppBroker.dll [MD5.E9FFC3057B2D0C129FB623926C489C22] - [15/03/2019 05:49:16] - |A| - [186520] - C:\Windows\syswow64\logoncli.dll [MD5.2D426F46BF2AD22C46BF772F94481039] - [15/03/2019 05:49:38] - |A| - [731136] - C:\Windows\syswow64\Magnify.exe [MD5.0D70020EA9201DEF8A57DF7102490695] - [15/03/2019 05:49:17] - |A| - [356864] - C:\Windows\syswow64\MapConfiguration.dll [MD5.AE47D1F7EFC8271D464D5B8E5B2EADA6] - [15/03/2019 05:49:13] - |A| - [706048] - C:\Windows\syswow64\MapControlCore.dll [MD5.A101C673996272DFC20B07ABBC988231] - [15/03/2019 05:49:43] - |A| - [1948672] - C:\Windows\syswow64\MapGeocoder.dll [MD5.2DF6FBC6BDB50916328D0E5F7C87277C] - [15/03/2019 05:49:42] - |A| - [2409984] - C:\Windows\syswow64\MapRouter.dll [MD5.2BA5FA4EBFAA18C4915AB697D10AA9D6] - [15/03/2019 05:49:31] - |A| - [299008] - C:\Windows\syswow64\mcbuilder.exe [MD5.455941DE967B579A3D5D8066B8DE79FC] - [15/03/2019 05:28:25] - |A| - [212112] - C:\Windows\syswow64\mci32.ocx [MD5.AE1701B7048E97981DDB9D1F15EEDA91] - [15/03/2019 05:49:24] - |A| - [669184] - C:\Windows\syswow64\MCRecvSrc.dll [MD5.2A0C578A0F0D9281330CB0943F930337] - [15/03/2019 05:49:05] - |A| - [194560] - C:\Windows\syswow64\mdmregistration.dll [MD5.E5EBA18A6B253ED288A2EDDF8D8A1E81] - [15/03/2019 05:49:39] - |A| - [551696] - C:\Windows\syswow64\mf.dll [MD5.AC4C45B38D325A8567FDC77FB45F7606] - [15/03/2019 05:49:25] - |A| - [44544] - C:\Windows\syswow64\mf3216.dll [MD5.30FA7D73EBDC30392C73E2733F0116D9] - [15/03/2019 05:51:27] - |A| - [1377088] - C:\Windows\syswow64\mfasfsrcsnk.dll [MD5.5D3C0F40336B490EDE971C394CFB8F78] - [15/03/2019 05:28:25] - |A| - [1024000] - C:\Windows\syswow64\mfc70.dll [MD5.A4CCA3F3145BA93383DFB126EC61C695] - [15/03/2019 05:28:25] - |A| - [40960] - C:\Windows\syswow64\mfc70chs.dll [MD5.A0502BCED5C98A51E7E305029BD4009B] - [15/03/2019 05:28:25] - |A| - [45056] - C:\Windows\syswow64\mfc70cht.dll [MD5.054809EA25F0110122B17835E94848F2] - [15/03/2019 05:28:25] - |A| - [61440] - C:\Windows\syswow64\mfc70deu.dll [MD5.3F0E5AD6604D6585C2219D6688514817] - [15/03/2019 05:28:25] - |A| - [57344] - C:\Windows\syswow64\mfc70enu.dll [MD5.D88BE83455C13B80B1AB103E82052F33] - [15/03/2019 05:28:25] - |A| - [61440] - C:\Windows\syswow64\mfc70esp.dll [MD5.8F59C1FB4C18F08C0D4D24550E2F7375] - [15/03/2019 05:28:25] - |A| - [61440] - C:\Windows\syswow64\mfc70fra.dll [MD5.78C3F9FFBC860D2153D6470BC65556FE] - [15/03/2019 05:28:25] - |A| - [61440] - C:\Windows\syswow64\mfc70ita.dll [MD5.8448C67B7FF7A65AEAA25747D0E861B7] - [15/03/2019 05:28:25] - |A| - [49152] - C:\Windows\syswow64\mfc70jpn.dll [MD5.E83773E9ED198BB59C072B453AF4F797] - [15/03/2019 05:28:25] - |A| - [49152] - C:\Windows\syswow64\mfc70kor.dll [MD5.C440493ABF8CF179FF3351357C1EB426] - [15/03/2019 05:28:25] - |A| - [1017344] - C:\Windows\syswow64\mfc70u.dll [MD5.0EAD1C87DC75863E7CFF7B2691C1B90C] - [15/03/2019 05:28:25] - |A| - [1060864] - C:\Windows\syswow64\MFC71.dll [MD5.F0C3773C480C8E8FD8DD8BF82689D390] - [15/03/2019 05:28:25] - |A| - [40960] - C:\Windows\syswow64\MFC71CHS.DLL [MD5.B80E70737148130AC3975F84E88ED8B0] - [15/03/2019 05:28:25] - |A| - [45056] - C:\Windows\syswow64\MFC71CHT.DLL [MD5.92436C5844333188D8746079640419BF] - [15/03/2019 05:28:25] - |A| - [65536] - C:\Windows\syswow64\MFC71DEU.DLL [MD5.DF8241122459E097DD393B74D3ABF64E] - [15/03/2019 05:28:25] - |A| - [57344] - C:\Windows\syswow64\MFC71ENU.DLL [MD5.B1219D49B804F8D20D4A812E9AA773FB] - [15/03/2019 05:28:25] - |A| - [61440] - C:\Windows\syswow64\MFC71ESP.DLL [MD5.4CF93C1BD454AC576D787FC8256E3D58] - [15/03/2019 05:28:25] - |A| - [61440] - C:\Windows\syswow64\MFC71FRA.DLL [MD5.A31727B0310F97C279B4278A44D68F2E] - [15/03/2019 05:28:25] - |A| - [61440] - C:\Windows\syswow64\MFC71ITA.DLL [MD5.DCDB167567AAD5A54EF6096324F7A67B] - [15/03/2019 05:28:25] - |A| - [49152] - C:\Windows\syswow64\MFC71JPN.DLL [MD5.337E4EDA92C2858386E0072F604FE2D3] - [15/03/2019 05:28:25] - |A| - [49152] - C:\Windows\syswow64\MFC71KOR.DLL [MD5.1A53510BFE257CE75CB6EA4D596243BE] - [15/03/2019 05:28:25] - |A| - [1054208] - C:\Windows\syswow64\MFC71u.dll [MD5.10410E04AD337D4EC0DBCA9B02C5E4C9] - [15/03/2019 05:49:48] - |A| - [454080] - C:\Windows\syswow64\MFCaptureEngine.dll [MD5.7BA506818C5989032D4DB87A0F5C7638] - [15/03/2019 05:51:17] - |A| - [4668584] - C:\Windows\syswow64\mfcore.dll [MD5.EBB5B4DA61EF6C862F93BD672A2A141F] - [15/03/2019 05:49:44] - |A| - [201728] - C:\Windows\syswow64\mfksproxy.dll [MD5.3539091FB267DDB155936BD517388525] - [15/03/2019 05:50:31] - |A| - [4248064] - C:\Windows\syswow64\MFMediaEngine.dll [MD5.BACFC25E43BB8B5D6DECA0D4564004EC] - [15/03/2019 05:49:59] - |A| - [821248] - C:\Windows\syswow64\mfmkvsrcsnk.dll [MD5.DF37BC3CB604FE6D60FF200540227712] - [15/03/2019 05:51:22] - |A| - [2462704] - C:\Windows\syswow64\mfmp4srcsnk.dll [MD5.2D3C1ACA95568850D860DD9EB0FD80BC] - [15/03/2019 05:51:27] - |A| - [1017056] - C:\Windows\syswow64\mfmpeg2srcsnk.dll [MD5.5244E275BE355536AEF4BB53CFC41369] - [15/03/2019 05:50:12] - |A| - [1132088] - C:\Windows\syswow64\mfnetcore.dll [MD5.DA10E08DC258BAD3DC67EF59687C8EEB] - [15/03/2019 05:50:17] - |A| - [1652872] - C:\Windows\syswow64\mfnetsrc.dll [MD5.7D42FEA87A7B4E515CE07F538039E83D] - [15/03/2019 05:50:18] - |A| - [1524776] - C:\Windows\syswow64\mfplat.dll [MD5.1B297BD7736AAC76B6001EA0FE1195CD] - [15/03/2019 05:49:27] - |A| - [129088] - C:\Windows\syswow64\mfps.dll [MD5.9AE00438B293991B43F8BD7C59425815] - [15/03/2019 05:50:10] - |A| - [1033584] - C:\Windows\syswow64\mfreadwrite.dll [MD5.7F86306F9C91D63566556265E06D5381] - [15/03/2019 05:49:35] - |A| - [193248] - C:\Windows\syswow64\mfsensorgroup.dll [MD5.F85563A8D8A12E75AF2B1C9553343C1A] - [15/03/2019 05:51:26] - |A| - [1455704] - C:\Windows\syswow64\mfsrcsnk.dll [MD5.AE0F7535EF06AF37DD994D37E0761B67] - [15/03/2019 05:50:15] - |A| - [1149280] - C:\Windows\syswow64\mfsvr.dll [MD5.4676D80B0DF7C59350EE149737B00212] - [15/03/2019 05:49:32] - |A| - [133632] - C:\Windows\syswow64\Microsoft.Bluetooth.Proxy.dll [MD5.20F0FDEAB29EC969E542F92D56BC0A8A] - [15/03/2019 05:49:43] - |A| - [220672] - C:\Windows\syswow64\MicrosoftAccountWAMExtension.dll [MD5.2A13B01C0E7E877B7B5BF87D912FEAE7] - [15/03/2019 05:50:38] - |A| - [2864640] - C:\Windows\syswow64\mispace.dll [MD5.88E23DAF98F708E2803F1CA66DDEC081] - [15/03/2019 05:50:11] - |A| - [1488896] - C:\Windows\syswow64\mmc.exe [MD5.9C512EA78BCA946584B56C98E8D902C6] - [15/03/2019 05:49:01] - |A| - [301056] - C:\Windows\syswow64\mmcbase.dll [MD5.2C7E93985BF751751AE48EFCB171D870] - [15/03/2019 05:50:19] - |A| - [2427904] - C:\Windows\syswow64\mmcndmgr.dll [MD5.E7BF82A3DFC1BF2A12FFEA843E0181B3] - [15/03/2019 05:49:19] - |A| - [1428480] - C:\Windows\syswow64\mmgaclient.dll [MD5.3E2EA3513ED7AF84C367FE1DC7B70544] - [15/03/2019 05:49:00] - |A| - [62976] - C:\Windows\syswow64\mmgaproxystub.dll [MD5.F473FEA5123341991EA3ABCC3B6A3DFF] - [15/03/2019 05:49:09] - |A| - [1060352] - C:\Windows\syswow64\mmgaserver.exe [MD5.520F6CD243CC4981CAD66FBF33ED970E] - [15/03/2019 05:49:01] - |A| - [769536] - C:\Windows\syswow64\mmsys.cpl [MD5.334D8E404D831E4B6B311CFA58056B7D] - [15/03/2019 05:50:16] - |A| - [6118912] - C:\Windows\syswow64\mos.dll [MD5.51A96B6AAD0D10A2299EF336D7553817] - [15/03/2019 05:49:19] - |A| - [761856] - C:\Windows\syswow64\mprddm.dll [MD5.256A429526CE5148004AA2C9EFCA693E] - [15/03/2019 05:49:36] - |A| - [2680832] - C:\Windows\syswow64\MSAJApi.dll [MD5.061902202BF0DE086B9A148B2F40C352] - [15/03/2019 05:49:32] - |A| - [537088] - C:\Windows\syswow64\mscms.dll [MD5.8D8AAD175C9779503A68136E49EEA2B4] - [15/03/2019 05:28:25] - |A| - [660120] - C:\Windows\syswow64\mscomct2.ocx [MD5.766F501B61C22723536AF696A74133D4] - [15/03/2019 05:28:25] - |A| - [1070232] - C:\Windows\syswow64\mscomctl.ocx [MD5.D60FD0C924C0172B5AD2967E8473FFCD] - [15/03/2019 05:28:25] - |A| - [119960] - C:\Windows\syswow64\mscomm32.ocx [MD5.7951488EB6F201564D5C6D35B40452AB] - [15/03/2019 05:50:45] - |A| - [1323408] - C:\Windows\syswow64\msctf.dll [MD5.2B03DB1BC61E8D08C4DC721EE5FE0EC0] - [15/03/2019 05:49:07] - |A| - [91648] - C:\Windows\syswow64\msctfp.dll [MD5.552088FF7667D59E29D3231077B92D30] - [15/03/2019 05:28:25] - |A| - [279192] - C:\Windows\syswow64\msdatgrd.ocx [MD5.C0393287EC3D0098932BC6DD7753CE50] - [15/03/2019 05:28:25] - |A| - [253080] - C:\Windows\syswow64\msdatlst.ocx [MD5.2C0E473ABAA7F84F332F66C2221B3EB7] - [15/03/2019 05:48:56] - |A| - [707584] - C:\Windows\syswow64\msdtcprx.dll [MD5.959315775A3EDD649A7C6B535F6ED522] - [15/03/2019 05:50:10] - |A| - [340480] - C:\Windows\syswow64\msexcl40.dll [MD5.EE68EB9D3DD974FE30B4846F98F1CD94] - [15/03/2019 05:49:48] - |A| - [669184] - C:\Windows\syswow64\msfeeds.dll [MD5.6092BA0CC502F3F1E7C9E15AA7BC707E] - [15/03/2019 05:48:58] - |A| - [64000] - C:\Windows\syswow64\msfeedsbs.dll [MD5.2DAAB612B55CC7C09076C66492A8A4C7] - [15/03/2019 05:48:58] - |A| - [13824] - C:\Windows\syswow64\msfeedssync.exe [MD5.151229FE0011294475AF03E2FBBAF33B] - [15/03/2019 05:28:25] - |A| - [259736] - C:\Windows\syswow64\msflxgrd.ocx [MD5.ECAA3D1451DBAE5B5E8C69740BF88ECA] - [15/03/2019 05:50:19] - |A| - [2762752] - C:\Windows\syswow64\msftedit.dll [MD5.D19D5DDC8D6446B8E08161012461210D] - [15/03/2019 05:28:25] - |A| - [444328] - C:\Windows\syswow64\MShflxgd.ocx [MD5.7C94C627DB30B00F70E2911BFF2FD7EF] - [15/03/2019 05:48:58] - |A| - [13312] - C:\Windows\syswow64\mshta.exe [MD5.6025B350ACC9A6039AB24CB3F6C8DC78] - [15/03/2019 05:51:05] - |A| - [19360256] - C:\Windows\syswow64\mshtml.dll [MD5.53924134EA878417820AF4774C4B9E98] - [15/03/2019 05:48:58] - |A| - [64000] - C:\Windows\syswow64\MshtmlDac.dll [MD5.1761ECED62ADC975E957610823D2DE00] - [15/03/2019 05:49:03] - |A| - [78336] - C:\Windows\syswow64\mshtmled.dll [MD5.0DEEDA846B0B1671B79CFA587EABDBA3] - [15/03/2019 05:49:41] - |A| - [4057600] - C:\Windows\syswow64\msi.dll [MD5.B1DD9C48AA6DC1F2E236ADC96189319A] - [15/03/2019 05:49:25] - |A| - [59904] - C:\Windows\syswow64\msiexec.exe [MD5.BED46F55AF9A7B495EC0F2DE0CB5AD3F] - [15/03/2019 05:28:25] - |A| - [131728] - C:\Windows\syswow64\msinet.ocx [MD5.4605BDF100671FF0FFD1FF7940E15F51] - [15/03/2019 05:49:20] - |A| - [26112] - C:\Windows\syswow64\msisip.dll [MD5.400D7390199C64329F4336E0E9CCA83C] - [15/03/2019 05:49:21] - |A| - [369152] - C:\Windows\syswow64\msIso.dll [MD5.7B0E187A3A7AF49CA4F9936A70E5FBE2] - [15/03/2019 05:49:58] - |A| - [1311744] - C:\Windows\syswow64\msjet40.dll [MD5.9D1D5B434B7BC82A9167CA2D01000F78] - [15/03/2019 05:28:25] - |A| - [179352] - C:\Windows\syswow64\msmask32.ocx [MD5.17ED96A86D54827BE9BA2FAFC836C787] - [15/03/2019 05:50:15] - |A| - [2255112] - C:\Windows\syswow64\msmpeg2vdec.dll [MD5.541E45F0DE693BAAB7F8B40B488580A0] - [15/03/2019 05:49:01] - |A| - [97792] - C:\Windows\syswow64\msoert2.dll [MD5.3B55A4EB9AF85099BA665F370D16304B] - [15/03/2019 05:49:12] - |A| - [136704] - C:\Windows\syswow64\MSOpusDecoder.dll [MD5.29E1E6FF2BD32317ACBFFEBD2E811FC2] - [15/03/2019 05:49:00] - |A| - [6532096] - C:\Windows\syswow64\mspaint.exe [MD5.B9C0D4F2BF3BCA9A56FEF594CC5BE466] - [15/03/2019 05:49:10] - |A| - [1348608] - C:\Windows\syswow64\MSPhotography.dll [MD5.DB605CE020000C370781658FECF360D9] - [15/03/2019 05:48:56] - |A| - [10752] - C:\Windows\syswow64\msrating.dll [MD5.814C1DD90E113B094F5552B8FC1313C4] - [15/03/2019 05:49:40] - |A| - [313344] - C:\Windows\syswow64\msrd2x40.dll [MD5.C695EE1CC3B37ED20FC1A95E59340F3F] - [15/03/2019 05:49:52] - |A| - [352768] - C:\Windows\syswow64\msrd3x40.dll [MD5.A4930013B4BCCE83018A5EFD0C088999] - [15/03/2019 05:49:22] - |A| - [101376] - C:\Windows\syswow64\msscript.ocx [MD5.0D5A7783A481F02BED5A0A564B6D8439] - [15/03/2019 05:49:58] - |A| - [713216] - C:\Windows\syswow64\MsSpellCheckingFacility.dll [MD5.A36A1DF2C27D4431FFF933B69CFE3454] - [15/03/2019 05:49:18] - |A| - [145408] - C:\Windows\syswow64\mssph.dll [MD5.5C0084DBF9979BA50D52A0574D36A3E5] - [15/03/2019 05:49:09] - |A| - [59392] - C:\Windows\syswow64\mssprxy.dll [MD5.F61FE819F1BC3268202DB4D33774B302] - [15/03/2019 05:50:27] - |A| - [2184192] - C:\Windows\syswow64\mssrch.dll [MD5.1E27A0F62EBE8277C61B89C3747CC45D] - [15/03/2019 05:28:25] - |A| - [130712] - C:\Windows\syswow64\msstdfmt.dll [MD5.FC1E1896F31DAE6E8C68D95A645C9B1A] - [15/03/2019 05:28:26] - |A| - [108696] - C:\Windows\syswow64\MSSTKPRP.DLL [MD5.31FC6327F8320A4BE68E14F17A5D2CA2] - [15/03/2019 05:49:39] - |A| - [721920] - C:\Windows\syswow64\mssvp.dll [MD5.CF8964466D129910CE72AE661EAF58D9] - [15/03/2019 05:50:08] - |A| - [3430400] - C:\Windows\syswow64\mstsc.exe [MD5.E0C1AEAC44C2B80385C1CEC679DEE48F] - [15/03/2019 05:50:34] - |A| - [7813120] - C:\Windows\syswow64\mstscax.dll [MD5.AEECB1770D0BD0B513B30AD700EC0EA6] - [15/03/2019 05:50:45] - |A| - [353080] - C:\Windows\syswow64\msv1_0.dll [MD5.D577EAF2B7E74DFDA9D9DFF6DC54C37A] - [15/03/2019 05:28:29] - |A| - [1355776] - C:\Windows\syswow64\msvbvm50.dll [MD5.07B8A966FA4D08B797DE3FCC5C67EAB6] - [15/03/2019 05:28:26] - |A| - [54784] - C:\Windows\syswow64\msvci70.dll [MD5.35E8431ACDDB1F236393CF661738F5FD] - [15/03/2019 05:49:31] - |A| - [417368] - C:\Windows\syswow64\msvcp110_win.dll [MD5.D04F7AACA2319A3BCDB2C5D5DD6F6026] - [15/03/2019 05:28:26] - |A| - [487424] - C:\Windows\syswow64\MSVCP70.DLL [MD5.1874BBAD9AE4C993B74B7ABAA8B9D535] - [15/03/2019 05:28:26] - |A| - [503808] - C:\Windows\syswow64\msvcp71.dll [MD5.67097B9C1F179BF217E79500343F43CE] - [15/03/2019 05:49:30] - |A| - [505064] - C:\Windows\syswow64\msvcp_win.dll [MD5.8D8A3965D5D4CCBBE4489DA028CEF6FC] - [15/03/2019 05:28:26] - |A| - [339968] - C:\Windows\syswow64\msvcr70.dll [MD5.837B1E310F2AA8B20F07A9B1CE90AC4F] - [15/03/2019 05:28:26] - |A| - [344064] - C:\Windows\syswow64\msvcr71.dll [MD5.C52BF7DC4864653FFF45ECC634B65F9B] - [15/03/2019 05:49:14] - |A| - [769096] - C:\Windows\syswow64\msvcrt.dll [MD5.DF252F37880142ED5574C2BE4DADF5A7] - [15/03/2019 05:28:26] - |A| - [210944] - C:\Windows\syswow64\msvcrt10.dll [MD5.0664ECFC89D1B287860A71FA38033CF7] - [15/03/2019 05:50:18] - |A| - [2329088] - C:\Windows\syswow64\MSVidCtl.dll [MD5.F9DD92E21937DC1354EDF46339582F25] - [15/03/2019 05:49:22] - |A| - [574960] - C:\Windows\syswow64\MSVideoDSP.dll [MD5.C31B3A1DD41B538A860C3A668DC080D0] - [15/03/2019 05:50:08] - |A| - [1383784] - C:\Windows\syswow64\MSVP9DEC.dll [MD5.76B3FA6E953A4B74AEE658AC7B5C95C2] - [15/03/2019 05:49:36] - |A| - [1057728] - C:\Windows\syswow64\msvproc.dll [MD5.7D95EC69DC6A976E3ACC9F3D9C920C07] - [15/03/2019 05:49:28] - |A| - [1286656] - C:\Windows\syswow64\MSVPXENC.dll [MD5.57325D394119DB3D3B3CF8A3BBFDA5CA] - [15/03/2019 05:28:26] - |A| - [127640] - C:\Windows\syswow64\mswinsck.ocx [MD5.D35B65954312CDFEB0568EF262BADF49] - [15/03/2019 05:50:33] - |A| - [1588224] - C:\Windows\syswow64\msxml3.dll [MD5.6CC314919E92D9C3E76568B397E17E68] - [15/03/2019 05:50:08] - |A| - [1991600] - C:\Windows\syswow64\msxml6.dll [MD5.62C208F510D0A8F18F43DE85B809AE84] - [15/03/2019 05:49:47] - |A| - [275968] - C:\Windows\syswow64\ncryptprov.dll [MD5.7887DD78F1017ED6154C7B5E988D7F03] - [15/03/2019 05:49:32] - |A| - [105384] - C:\Windows\syswow64\ncryptsslp.dll [MD5.5F7E26B061421A442D4C28D87E62E679] - [15/03/2019 05:48:58] - |A| - [20480] - C:\Windows\syswow64\netevent.dll [MD5.453191DC1804BEA45BEB335D2675A03E] - [15/03/2019 05:49:46] - |A| - [658432] - C:\Windows\syswow64\netlogon.dll [MD5.5063C164CDB4914B96371AAF9DEB4E64] - [15/03/2019 05:49:01] - |A| - [221184] - C:\Windows\syswow64\netplwiz.dll [MD5.D8127658477648CF075A82AF48DED62E] - [15/03/2019 05:49:50] - |A| - [564640] - C:\Windows\syswow64\NetSetupEngine.dll [MD5.100BEC7126E447EA89C2EE2ADA9C2A10] - [15/03/2019 05:49:17] - |A| - [343552] - C:\Windows\syswow64\NetSetupShim.dll [MD5.E5C0E7E39674279CD6F52E00AAFB59CC] - [15/03/2019 05:49:13] - |A| - [480768] - C:\Windows\syswow64\NetworkCollectionAgent.dll [MD5.B8D9DA34E644EEE70610C6BC49F3AAFA] - [15/03/2019 05:49:37] - |A| - [483328] - C:\Windows\syswow64\newdev.dll [MD5.3B6F976D4AA6D833E77E14C1FACD58F8] - [15/03/2019 05:49:49] - |A| - [571904] - C:\Windows\syswow64\ngccredprov.dll [MD5.24A62781F7809C726BBFDA5A6A28C181] - [15/03/2019 05:49:01] - |A| - [124928] - C:\Windows\syswow64\ngckeyenum.dll [MD5.A4030310418CD237246C95A1D216C9B9] - [15/03/2019 05:49:46] - |A| - [322560] - C:\Windows\syswow64\ninput.dll [MD5.56C81BBD2C727B43ABC5FC7B135D3BA5] - [15/03/2019 05:49:14] - |A| - [63488] - C:\Windows\syswow64\nlaapi.dll [MD5.6482CB48283F621622F3933632ED2411] - [15/03/2019 05:48:59] - |A| - [18432] - C:\Windows\syswow64\nlmproxy.dll [MD5.4534BF48A1B42E0E16F0ACDCF677C65D] - [15/03/2019 05:49:28] - |A| - [743424] - C:\Windows\syswow64\NMAA.dll [MD5.7C94270D6FA438A9690F2FEC69E0544C] - [15/03/2019 05:48:59] - |A| - [256512] - C:\Windows\syswow64\NmaDirect.dll [MD5.B75EC2E0F9CEDCF922C7E7975F736B2A] - [15/03/2019 05:49:00] - |A| - [282624] - C:\Windows\syswow64\NotificationObjFactory.dll [MD5.F8D0DEEB9DB14FCD6B6E89A0BEFE1F7F] - [15/03/2019 05:49:13] - |A| - [21504] - C:\Windows\syswow64\npmproxy.dll [MD5.1E60A516C148F6A14FBEBBD6E84C2143] - [15/03/2019 05:49:17] - |A| - [35328] - C:\Windows\syswow64\nshhttp.dll [MD5.C1322631C502879B140DFAE9582E4C8A] - [15/03/2019 05:50:34] - |A| - [1614560] - C:\Windows\syswow64\ntdll.dll [MD5.B6CB4D3AD73A2E75826CE2C900EE5BE7] - [15/03/2019 05:49:20] - |A| - [33240] - C:\Windows\syswow64\NtlmShared.dll [MD5.449EC93966F08434A78DD2E260F61419] - [15/03/2019 05:49:00] - |A| - [796160] - C:\Windows\syswow64\ntshrui.dll [MD5.591E81D5E8CF862D6F12C2E2E53D87C1] - [15/03/2019 07:34:09] - |A| - [40960] - C:\Windows\syswow64\nwsftUninstall.exe [MD5.CD54AE745B0BC46EEE0F858524B796FF] - [15/03/2019 05:49:01] - |A| - [126464] - C:\Windows\syswow64\occache.dll [MD5.8BAFC41F2F6704B6752C345789222BF3] - [15/03/2019 05:48:58] - |A| - [24064] - C:\Windows\syswow64\odbcconf.dll [MD5.1279BCEF6FC0D14701B64CC2ABA5BFB3] - [15/03/2019 05:49:28] - |A| - [115104] - C:\Windows\syswow64\offlinelsa.dll [MD5.BF45A980F336B7EC2778AE317032396B] - [15/03/2019 05:49:21] - |A| - [221496] - C:\Windows\syswow64\offlinesam.dll [MD5.0987DE12F35268B4ACE122BD49275504] - [15/03/2019 05:48:57] - |A| - [58880] - C:\Windows\syswow64\offreg.dll [MD5.039D506BC23A03C3441DD96377627DB3] - [15/03/2019 05:49:45] - |A| - [1002552] - C:\Windows\syswow64\ole32.dll [MD5.B02F7E2A8233C88D4907A1F2831CB4C4] - [15/03/2019 05:49:41] - |A| - [595528] - C:\Windows\syswow64\oleaut32.dll [MD5.326DBB76161432BB0E2E97C493144D59] - [15/03/2019 05:48:59] - |A| - [89088] - C:\Windows\syswow64\olepro32.dll [MD5.850662AE177AE0F2F59FE73BA38E4AA3] - [15/03/2019 05:49:15] - |A| - [196096] - C:\Windows\syswow64\OneCoreCommonProxyStub.dll [MD5.39C1BD1C25576FAE97D0F2C108946031] - [15/03/2019 05:50:09] - |A| - [2993728] - C:\Windows\syswow64\OneCoreUAPCommonProxyStub.dll [MD5.2FEC4165D32E4586D4E7F7CE2A2C8334] - [15/03/2019 05:49:56] - |A| - [534016] - C:\Windows\syswow64\OneDriveSettingSyncProvider.dll [MD5.3480674AB5CB33E9765554C691E5A08A] - [15/03/2019 05:49:18] - |A| - [649672] - C:\Windows\syswow64\ortcengine.dll [MD5.2B87AEEC9C40E28B79BC88BEADF868C6] - [15/03/2019 05:49:25] - |A| - [174592] - C:\Windows\syswow64\P2P.dll [MD5.686DF71AEAC3A14506D549579BEC111D] - [15/03/2019 05:49:13] - |A| - [662528] - C:\Windows\syswow64\PayloadRestrictions.dll [MD5.FC0831DE773FEDF6A050CE02955C6D4F] - [15/03/2019 05:49:16] - |A| - [13312] - C:\Windows\syswow64\PCShellCommonProxyStub.dll [MD5.8C0C30BDD3CE3FC34A59B4B101162ED3] - [15/03/2019 05:48:56] - |A| - [21504] - C:\Windows\syswow64\perfhost.exe [MD5.00CB919465D369EFEEB6206B7329A7D7] - [15/03/2019 05:49:13] - |A| - [22016] - C:\Windows\syswow64\perfnet.dll [MD5.341E09E0EFC804C0F7C23AF8F3EBE6D7] - [15/03/2019 05:49:32] - |A| - [336384] - C:\Windows\syswow64\PhotoMetadataHandler.dll [MD5.7DB44D8D5AAA1890044E8B9EE2E4BF50] - [15/03/2019 05:28:26] - |A| - [104088] - C:\Windows\syswow64\picclp32.ocx [MD5.643981D9878EE7AE4407831B309A624A] - [15/03/2019 05:48:57] - |A| - [51712] - C:\Windows\syswow64\PimIndexMaintenanceClient.dll [MD5.353D58208E390A3E97960D9132549F54] - [15/03/2019 05:48:58] - |A| - [57856] - C:\Windows\syswow64\pngfilt.dll [MD5.3424A8C1C1098B7B5253A0160130F546] - [15/03/2019 05:49:46] - |A| - [422592] - C:\Windows\syswow64\policymanager.dll [MD5.0D04383FCB59738452E14D764A048A6D] - [15/03/2019 05:49:00] - |A| - [16384] - C:\Windows\syswow64\PrintWorkflowProxy.dll [MD5.E6D15A1014B17B001DC9D24A625C878C] - [15/03/2019 05:49:01] - |A| - [136192] - C:\Windows\syswow64\PrintWorkflowService.dll [MD5.02126DC60E05CABB9048A23A0F638763] - [15/03/2019 05:49:52] - |A| - [1555904] - C:\Windows\syswow64\propsys.dll [MD5.05AE52B85897B127FB41EDA66DE27F71] - [15/03/2019 05:49:03] - |A| - [175104] - C:\Windows\syswow64\puiapi.dll [MD5.2302BC814B4C3EED1803F742CF53A13D] - [15/03/2019 05:49:42] - |A| - [380416] - C:\Windows\syswow64\puiobj.dll [MD5.D135E6F9EDDBC13B4FBA15BDD34E7067] - [15/03/2019 05:49:59] - |A| - [1508864] - C:\Windows\syswow64\quartz.dll [MD5.0B0C861030404F800AD1B3AED3ECCF6F] - [15/03/2019 05:50:10] - |A| - [862208] - C:\Windows\syswow64\rasapi32.dll [MD5.4412AB1AD854AEA2236BA91F76025854] - [15/03/2019 05:49:27] - |A| - [118272] - C:\Windows\syswow64\raschap.dll [MD5.8C7F032B5C4C5F57215C194CA0C5E306] - [15/03/2019 05:49:58] - |A| - [862208] - C:\Windows\syswow64\rasdlg.dll [MD5.03D830B99C082FF00BD47B3BB87A216A] - [15/03/2019 05:49:39] - |A| - [856576] - C:\Windows\syswow64\rasgcw.dll [MD5.5A7236224908F9D1F6EFDC4B75EEDDCB] - [15/03/2019 05:49:29] - |A| - [447488] - C:\Windows\syswow64\rastls.dll [MD5.3B033A0E5B95423CA7CD246D0634E530] - [15/03/2019 05:49:49] - |A| - [956928] - C:\Windows\syswow64\rdpbase.dll [MD5.63FE21A2435A312D0F7603F528624EFC] - [15/03/2019 05:50:00] - |A| - [535552] - C:\Windows\syswow64\rdpcore.dll [MD5.90E4D8B9C5E893D78CD430A937407639] - [15/03/2019 05:50:06] - |A| - [1486336] - C:\Windows\syswow64\rdpserverbase.dll [MD5.96AA838D5326B695FE4B613A0B355232] - [15/03/2019 05:49:12] - |A| - [20992] - C:\Windows\syswow64\regsvr32.exe [MD5.925B241FD4D12B6C6D97313468AC8140] - [15/03/2019 05:49:22] - |A| - [74896] - C:\Windows\syswow64\remoteaudioendpoint.dll [MD5.EC63553E52300A5DCB387D83590C32D5] - [15/03/2019 05:49:25] - |A| - [472576] - C:\Windows\syswow64\resutils.dll [MD5.14BB5CF93C7D69D019423C73C60AA856] - [15/03/2019 05:28:27] - |A| - [219288] - C:\Windows\syswow64\richtx32.ocx [MD5.629AC8C9CBDD74B8B9D54DB513F8D79F] - [15/03/2019 05:49:17] - |A| - [99240] - C:\Windows\syswow64\rmclient.dll [MD5.94D04AE05FA75D5F094CA316E243BEB2] - [15/03/2019 05:49:39] - |A| - [777536] - C:\Windows\syswow64\rpcrt4.dll [MD5.F93F223D2BE61294ABBAE7DAC50A1275] - [15/03/2019 05:49:42] - |A| - [185896] - C:\Windows\syswow64\rsaenh.dll [MD5.B98FC4E03EFE0A4618F55B717999EC2A] - [15/03/2019 05:49:56] - |A| - [854976] - C:\Windows\syswow64\rtmcodecs.dll [MD5.54108324F0174686F66C600FEA060118] - [15/03/2019 05:49:27] - |A| - [340480] - C:\Windows\syswow64\RTMediaFrame.dll [MD5.470EE236394512EA55E79369CED249F8] - [15/03/2019 05:49:18] - |A| - [54720] - C:\Windows\syswow64\rtmmvrortc.dll [MD5.8159946E891BA8883942F43B10DF9EEF] - [15/03/2019 05:50:04] - |A| - [921032] - C:\Windows\syswow64\rtmpal.dll [MD5.193F73A6EF5E9C8504578604FDC0642D] - [15/03/2019 05:50:30] - |A| - [3903944] - C:\Windows\syswow64\rtmpltfm.dll [MD5.B37F4F7B61970640DC868578C964A5C8] - [15/03/2019 05:49:36] - |A| - [140592] - C:\Windows\syswow64\RTWorkQ.dll [MD5.C24BFF718FB7BB2CEEC1E9553502E28C] - [15/03/2019 05:49:55] - |A| - [406016] - C:\Windows\syswow64\schannel.dll [MD5.4EB3248D1CC646AED08953D6BD2A4522] - [15/03/2019 05:49:34] - |A| - [235520] - C:\Windows\syswow64\scksp.dll [MD5.36848C43D7F65EBCD6E6FC4F63EFA252] - [15/03/2019 05:49:35] - |A| - [206336] - C:\Windows\syswow64\scrobj.dll [MD5.550CCC568DC5A3067150E6080D21022C] - [15/03/2019 05:49:31] - |A| - [166912] - C:\Windows\syswow64\scrrun.dll [MD5.D1B57B22749620EC2C0D43BDC3692487] - [15/03/2019 05:49:23] - |A| - [288768] - C:\Windows\syswow64\Search.ProtocolHandler.MAPI2.dll [MD5.CD5C635A1900BC617D1F8D7476CC96B3] - [15/03/2019 05:49:04] - |A| - [199680] - C:\Windows\syswow64\SearchFilterHost.exe [MD5.CE1C89BC34B4818C185E9BB045CB4BCF] - [15/03/2019 05:50:06] - |A| - [826880] - C:\Windows\syswow64\SearchIndexer.exe [MD5.E64748AEA2096FC5D4218BD7B8A120F4] - [15/03/2019 05:49:22] - |A| - [324608] - C:\Windows\syswow64\SearchProtocolHost.exe [MD5.40FB50AE0B91EEF97AB98C9F4AB445DC] - [15/03/2019 05:49:36] - |A| - [268536] - C:\Windows\syswow64\sechost.dll [MD5.D7AB2A83F76824232D3369961B3E896A] - [15/03/2019 05:49:13] - |A| - [23040] - C:\Windows\syswow64\secur32.dll [MD5.F405B01AD58218BC0C02DDF3D28A5557] - [15/03/2019 05:49:02] - |A| - [124928] - C:\Windows\syswow64\sendmail.dll [MD5.A3941E454899041C8D860119B9918237] - [15/03/2019 05:48:57] - |A| - [339456] - C:\Windows\syswow64\SessEnv.dll [MD5.4DC52A665378788E2B6F8748D673E693] - [15/03/2019 05:49:42] - |A| - [169472] - C:\Windows\syswow64\SettingMonitor.dll [MD5.D52C744E0F22E970088268FB78D40476] - [15/03/2019 05:49:53] - |A| - [402432] - C:\Windows\syswow64\SettingSync.dll [MD5.B5EE49FF45E707B724F3D8D8A28BC018] - [15/03/2019 05:50:05] - |A| - [935424] - C:\Windows\syswow64\SettingSyncCore.dll [MD5.ADC122BCCFDEC09B043CF2E5ED5C184E] - [15/03/2019 05:50:09] - |A| - [832952] - C:\Windows\syswow64\SettingSyncHost.exe [MD5.EF021A2F0460523591D478A64FE2879B] - [15/03/2019 05:49:13] - |A| - [74240] - C:\Windows\syswow64\SettingSyncPolicy.dll [MD5.52FF3F6896651EE727063028E5452439] - [15/03/2019 05:49:11] - |A| - [26112] - C:\Windows\syswow64\setup16.exe [MD5.F254DD8493F7F749A7992D66FFD27C49] - [15/03/2019 05:49:54] - |A| - [4382032] - C:\Windows\syswow64\setupapi.dll [MD5.97E37B7DC478FB28B09D770716A7B3F0] - [15/03/2019 05:50:10] - |A| - [997376] - C:\Windows\syswow64\ShareHost.dll [MD5.5FD02663F35F9A3F1B19E807B6114EE7] - [15/03/2019 05:49:53] - |A| - [550176] - C:\Windows\syswow64\SHCore.dll [MD5.B24A534E5E9310D6B91B3E3895333A1C] - [15/03/2019 05:50:16] - |A| - [20290152] - C:\Windows\syswow64\shell32.dll [MD5.4B5FFEB58E510852D07C9FF26B668F86] - [15/03/2019 05:49:16] - |A| - [279472] - C:\Windows\syswow64\shlwapi.dll [MD5.76BBDE4C2A91DBB4CD656CC2840ADB80] - [15/03/2019 05:49:27] - |A| - [110080] - C:\Windows\syswow64\shsetup.dll [MD5.D0E732A3FC63AB837B6BC6D9D223AA68] - [15/03/2019 05:49:06] - |A| - [19456] - C:\Windows\syswow64\slcext.dll [MD5.C66166250655AFB521129231208F318D] - [15/03/2019 05:50:05] - |A| - [625152] - C:\Windows\syswow64\SmartcardCredentialProvider.dll [MD5.D8F78BF3BECBA3E4083725B95A55D14F] - [15/03/2019 05:49:14] - |A| - [160256] - C:\Windows\syswow64\smartscreenps.dll [MD5.9C9D0C423707637BFAECF4EF7B9D37D6] - [15/03/2019 05:49:34] - |A| - [676352] - C:\Windows\syswow64\SndVolSSO.dll [MD5.AEB41C580C4011E803980921D68560B4] - [15/03/2019 05:49:28] - |A| - [156672] - C:\Windows\syswow64\spacebridge.dll [MD5.9EB21EE497A716717E015B17DD38636C] - [15/03/2019 05:49:04] - |A| - [271872] - C:\Windows\syswow64\SpatializerApo.dll [MD5.34D737A0D07277088D5E50FA5B4293E9] - [15/03/2019 05:49:07] - |A| - [481792] - C:\Windows\syswow64\sppcext.dll [MD5.10204B5E7BFF059D87848F0BD0E0F0E9] - [15/03/2019 05:49:28] - |A| - [403968] - C:\Windows\syswow64\sppcomapi.dll [MD5.86FC1A7104F34A974834C58B8544EDCD] - [15/03/2019 05:48:59] - |A| - [332288] - C:\Windows\syswow64\srchadmin.dll [MD5.130EEB06981B74AAA69A25130BCA47DA] - [15/03/2019 05:50:17] - |A| - [2859520] - C:\Windows\syswow64\SRH.dll [MD5.D367F1A5FEE392A9E6075949A45ACCF3] - [15/03/2019 05:49:26] - |A| - [126976] - C:\Windows\syswow64\srpapi.dll [MD5.BC569AB0944D0FD78B84AFFE4B52BD8D] - [15/03/2019 05:50:44] - |A| - [123616] - C:\Windows\syswow64\sspicli.dll [MD5.A1F910366AE150EA2215A9C94526B703] - [15/03/2019 05:50:14] - |A| - [527864] - C:\Windows\syswow64\StateRepository.Core.dll [MD5.A608CA372905FB1D36A735343451FE58] - [15/03/2019 05:49:36] - |A| - [383488] - C:\Windows\syswow64\stobject.dll [MD5.2F8D43F082459EA107705677D99AA420] - [15/03/2019 05:48:57] - |A| - [1980928] - C:\Windows\syswow64\storagewmi.dll [MD5.75B34450304498DD42B7CAFC67D9F1A2] - [15/03/2019 05:50:02] - |A| - [559984] - C:\Windows\syswow64\StructuredQuery.dll [MD5.42EB38A0D300A8723794659F6957FE93] - [15/03/2019 05:49:34] - |A| - [653312] - C:\Windows\syswow64\sud.dll [MD5.7DF30A0CF7DE5DF85B5DB2645F161817] - [15/03/2019 05:49:41] - |A| - [3287040] - C:\Windows\syswow64\SyncCenter.dll [MD5.27FF5A1AA9858C2D4F0A0416C3501DD7] - [15/03/2019 05:49:02] - |A| - [524800] - C:\Windows\syswow64\SyncController.dll [MD5.90AD1B513F3D0FFFFAEC3B5D678FDE1C] - [15/03/2019 05:49:43] - |A| - [243200] - C:\Windows\syswow64\SyncSettings.dll [MD5.D06C58D3691A7F09A36923291E9915EF] - [15/03/2019 05:49:06] - |A| - [315904] - C:\Windows\syswow64\sysdm.cpl [MD5.25A010E52C6B8C94C1F00A849D210433] - [15/03/2019 05:28:27] - |A| - [84624] - C:\Windows\syswow64\sysinfo.ocx [MD5.8D2AF16B17FA7FF098A4F084CCF52747] - [15/03/2019 05:49:55] - |A| - [133632] - C:\Windows\syswow64\t2embed.dll [MD5.3F2B4D475AC8ED3F30E5A857EE413F7F] - [15/03/2019 05:28:27] - |A| - [222360] - C:\Windows\syswow64\tabctl32.ocx [MD5.AC42C6689277F98B4A7FA0A18B393E96] - [15/03/2019 05:48:57] - |A| - [371200] - C:\Windows\syswow64\taskcomp.dll [MD5.A4A6D271FE357663479CCEFD9C620AF1] - [15/03/2019 05:50:02] - |A| - [1250528] - C:\Windows\syswow64\Taskmgr.exe [MD5.7CED307FA413C9BA1E8D762CEA00C770] - [15/03/2019 05:48:58] - |A| - [30720] - C:\Windows\syswow64\tbauth.dll [MD5.F779D209F6FB1B8CF25F9FCABE014967] - [15/03/2019 05:48:58] - |A| - [74240] - C:\Windows\syswow64\tdc.ocx [MD5.D5C8986C1AC0F5CCFF5B36D84DAE7D5F] - [15/03/2019 05:49:10] - |A| - [2462208] - C:\Windows\syswow64\themecpl.dll [MD5.81F24AEBB800C56179E5D2EBABBC49BD] - [15/03/2019 05:49:33] - |A| - [2815488] - C:\Windows\syswow64\themeui.dll [MD5.9B547D7FC518A62EC2E1B7DD181E8CE2] - [15/03/2019 05:51:04] - |A| - [452608] - C:\Windows\syswow64\TileDataRepository.dll [MD5.ADBCF0F6F438C509AE8CFF276D3D4062] - [15/03/2019 05:49:02] - |A| - [463360] - C:\Windows\syswow64\timedate.cpl [MD5.1CAD95428D1F17F6FC03A6B1A76D7B27] - [15/03/2019 05:49:19] - |A| - [35328] - C:\Windows\syswow64\tokenbinding.dll [MD5.C20A3CAAE775FDBE2847D5701C986E8B] - [15/03/2019 05:50:13] - |A| - [920064] - C:\Windows\syswow64\TokenBroker.dll [MD5.3C35F53D16282A5B892685C4C1280D2C] - [15/03/2019 05:48:58] - |A| - [15360] - C:\Windows\syswow64\TokenBrokerCookies.exe [MD5.6D9DF4768CEAC6798002FAEA42A07DCA] - [15/03/2019 05:49:01] - |A| - [37888] - C:\Windows\syswow64\TokenBrokerUI.dll [MD5.FD779118E9115F8684361CE6B9AC1881] - [15/03/2019 05:50:24] - |A| - [2677248] - C:\Windows\syswow64\tquery.dll [MD5.6F7CCD986159E2FC544E4CE349F29CB6] - [15/03/2019 05:49:37] - |A| - [98304] - C:\Windows\syswow64\TSpkg.dll [MD5.EBB966D5D1DA9F55E2527EA46A4C2131] - [15/03/2019 05:49:12] - |A| - [178176] - C:\Windows\syswow64\TtlsAuth.dll [MD5.82ED68D7C9E7E0BA0CB90FF6069FA439] - [15/03/2019 05:49:01] - |A| - [164352] - C:\Windows\syswow64\TtlsCfg.dll [MD5.DAB67699D26B78F1BDF3F948C59DA75B] - [15/03/2019 05:49:29] - |A| - [158208] - C:\Windows\syswow64\twext.dll [MD5.065C88ACF9DCB147103BF65327DB37E3] - [15/03/2019 05:50:37] - |A| - [1261768] - C:\Windows\syswow64\twinapi.appcore.dll [MD5.F500780AEBEC7326D63FD51CA1BF2C85] - [15/03/2019 05:49:40] - |A| - [433664] - C:\Windows\syswow64\twinapi.dll [MD5.539296663A3DAF45C1BD9D519829A7BC] - [15/03/2019 05:49:15] - |A| - [697344] - C:\Windows\syswow64\twinui.appcore.dll [MD5.4D774D6A1E45E6798C27524CA070A936] - [15/03/2019 05:50:37] - |A| - [6466560] - C:\Windows\syswow64\twinui.dll [MD5.36FE23A873481E10FF09596F8839E200] - [15/03/2019 05:48:58] - |A| - [2560] - C:\Windows\syswow64\tzres.dll [MD5.F094E5CBF271BFFBDC565000FAF09B19] - [15/03/2019 05:50:00] - |A| - [1141392] - C:\Windows\syswow64\ucrtbase.dll [MD5.7C91A0284C3BE85296CECF986BC4C9A4] - [15/03/2019 05:49:50] - |A| - [466432] - C:\Windows\syswow64\UiaManager.dll [MD5.9B120E03AFB87B5466CC828D862268E7] - [15/03/2019 05:49:44] - |A| - [1668096] - C:\Windows\syswow64\UIAutomationCore.dll [MD5.692E79906AEBD813180AB4DA9A23C8E5] - [15/03/2019 05:49:51] - |A| - [3490816] - C:\Windows\syswow64\UIRibbon.dll [MD5.56DE762470DD45C5363BCADE7CD8543C] - [15/03/2019 05:48:59] - |A| - [584192] - C:\Windows\syswow64\UIRibbonRes.dll [MD5.DB40D2D74478E3BE07BB08CC24BFBA9E] - [15/03/2019 05:48:57] - |A| - [253952] - C:\Windows\syswow64\unimdm.tsp [MD5.9C3652626FBEEA98EFC1C751F54DE1E6] - [15/03/2019 05:49:00] - |A| - [966656] - C:\Windows\syswow64\Unistore.dll [MD5.4FC7DB01116C14A6C58C740698437815] - [15/03/2019 05:49:23] - |A| - [98304] - C:\Windows\syswow64\updatepolicy.dll [MD5.5033CBC73D3957D6ECDAD0DA38B7EC81] - [15/03/2019 05:48:59] - |A| - [233472] - C:\Windows\syswow64\url.dll [MD5.9144927DCA7832342F15DE0B4B6B993D] - [15/03/2019 05:50:34] - |A| - [1566720] - C:\Windows\syswow64\urlmon.dll [MD5.D0B9CBCAEAE963F74AC910ADF47F2F50] - [15/03/2019 05:48:56] - |A| - [4608] - C:\Windows\syswow64\user.exe [MD5.5D41A00F6ED104C9639D5CBF0D38A1D6] - [15/03/2019 05:50:31] - |A| - [1528904] - C:\Windows\syswow64\user32.dll [MD5.65316876798BD589A05781B6B68BBCD9] - [15/03/2019 05:49:49] - |A| - [1230848] - C:\Windows\syswow64\usercpl.dll [MD5.4F9B1BD8A47543F3575B196A69F6F1E8] - [15/03/2019 05:49:12] - |A| - [95232] - C:\Windows\syswow64\UserDataTimeUtil.dll [MD5.039BDAA1C6A50FEA69BA170D071C0506] - [15/03/2019 05:49:02] - |A| - [160256] - C:\Windows\syswow64\UserDeviceRegistration.dll [MD5.2D4F3342630DB4E1592AA5CEDE775B72] - [15/03/2019 05:49:40] - |A| - [559104] - C:\Windows\syswow64\UserLanguagesCpl.dll [MD5.3498ACDDCF5A3EA89A207122934D1046] - [15/03/2019 05:49:10] - |A| - [65536] - C:\Windows\syswow64\usoapi.dll [MD5.EC1270DAF0E157756D0F6B8D66A732B1] - [15/03/2019 05:49:27] - |A| - [472576] - C:\Windows\syswow64\uxtheme.dll [MD5.73978DD6DD93DFD1FDD83620AE604DD4] - [15/03/2019 05:28:28] - |A| - [722192] - C:\Windows\syswow64\Vb40032.dll [MD5.1358DEE033BFD95A759890703EE8DBB1] - [15/03/2019 05:51:27] - |A| - [464384] - C:\Windows\syswow64\vbscript.dll [MD5.90742CB3A232B8C28EB72D7326ABBF3F] - [15/03/2019 05:49:02] - |A| - [110080] - C:\Windows\syswow64\VEDataLayerHelpers.dll [MD5.B55FF9CC8010601EBC5ED52BF57A2C30] - [15/03/2019 05:48:59] - |A| - [48640] - C:\Windows\syswow64\virtdisk.dll [MD5.1454D47AF54831F8FF59210825EA8698] - [15/03/2019 05:50:04] - |A| - [1159680] - C:\Windows\syswow64\vssapi.dll [MD5.8F224D31DA0884C547AB6E65C2CBBE93] - [15/03/2019 05:01:30] - |A| - [878592] - C:\Windows\syswow64\vulkan-1-999-0-0-0.dll [MD5.8F224D31DA0884C547AB6E65C2CBBE93] - [15/03/2019 05:01:30] - |A| - [878592] - C:\Windows\syswow64\vulkan-1.dll [MD5.AA008CDFA795097F16F18170FF5FB815] - [15/03/2019 04:58:41] - |A| - [229344] - C:\Windows\syswow64\vulkaninfo-1-999-0-0-0.exe [MD5.AA008CDFA795097F16F18170FF5FB815] - [15/03/2019 04:58:41] - |A| - [229344] - C:\Windows\syswow64\vulkaninfo.exe [MD5.DA00A8ED9201E0293C8D1EF38315B4B8] - [15/03/2019 05:49:27] - |A| - [97280] - C:\Windows\syswow64\WcnApi.dll [MD5.74DFA3493E51A942A4C2F89254FE3EF6] - [15/03/2019 05:49:24] - |A| - [235008] - C:\Windows\syswow64\webcheck.dll [MD5.C5FABC086E613BB7B0826EA564DC922B] - [15/03/2019 05:49:40] - |A| - [190464] - C:\Windows\syswow64\WebClnt.dll [MD5.1FA7FDB5EEC6DED40C2AE75D39B3CE12] - [15/03/2019 05:49:49] - |A| - [462336] - C:\Windows\syswow64\webio.dll [MD5.DCB82B9B6BA959C99624B82CC6245506] - [15/03/2019 05:49:05] - |A| - [459776] - C:\Windows\syswow64\webplatstorageserver.dll [MD5.F308C9718D84DC576345940DF074AA97] - [15/03/2019 05:50:02] - |A| - [1075984] - C:\Windows\syswow64\webservices.dll [MD5.7F23FDE90B62C59D65BCAC54430A7F24] - [15/03/2019 05:49:33] - |A| - [639408] - C:\Windows\syswow64\wer.dll [MD5.C4E40C2D052172841A6AE7881DAFC6C8] - [15/03/2019 05:49:13] - |A| - [414720] - C:\Windows\syswow64\werui.dll [MD5.F0BCD5D25B955F1DA115EA4A64D5FD14] - [15/03/2019 05:48:58] - |A| - [136192] - C:\Windows\syswow64\wextract.exe [MD5.A011152FDCF4CA7251B0038B077047AB] - [15/03/2019 05:49:44] - |A| - [592800] - C:\Windows\syswow64\wimgapi.dll [MD5.EC4D792B9EBEE98B4BBAFD5578453147] - [15/03/2019 05:51:25] - |A| - [2902528] - C:\Windows\syswow64\win32kfull.sys [MD5.812E9241C7844424DFE2985846070CFD] - [15/03/2019 05:49:31] - |A| - [83216] - C:\Windows\syswow64\winbrand.dll [MD5.A0C135507DB0167282168F3E5BDCC396] - [15/03/2019 05:49:08] - |A| - [309248] - C:\Windows\syswow64\wincorlib.dll [MD5.84EF8242B5B2B9E3036398AED7C46E2E] - [15/03/2019 05:49:00] - |A| - [162304] - C:\Windows\syswow64\Windows.ApplicationModel.Core.dll [MD5.8647781A64C26771C70D6F5EC48224BD] - [15/03/2019 05:49:33] - |A| - [522176] - C:\Windows\syswow64\Windows.ApplicationModel.dll [MD5.3AD75BC01182888898EF9F05C68F3A6A] - [15/03/2019 05:49:18] - |A| - [315392] - C:\Windows\syswow64\Windows.ApplicationModel.LockScreen.dll [MD5.CC811E2D58465654DC2562867521648F] - [15/03/2019 05:50:11] - |A| - [1490856] - C:\Windows\syswow64\Windows.ApplicationModel.Store.dll [MD5.9EC72380FCE884CB4A0C678F8EA7AA56] - [15/03/2019 05:49:36] - |A| - [246272] - C:\Windows\syswow64\Windows.ApplicationModel.Store.TestingFramework.dll [MD5.ABAE1466E7D328F959AA18CC967C34E9] - [15/03/2019 05:50:18] - |A| - [6587392] - C:\Windows\syswow64\Windows.Data.Pdf.dll [MD5.DF77877093677CEB49DF418D6B3507C7] - [15/03/2019 05:49:21] - |A| - [696832] - C:\Windows\syswow64\Windows.Devices.Sensors.dll [MD5.149E2C31A7AD8257641D6663DE54C5E5] - [15/03/2019 05:49:49] - |A| - [1236480] - C:\Windows\syswow64\Windows.Globalization.dll [MD5.98DA92BE5E7D5A1133D25565D1CDF8DD] - [15/03/2019 05:49:53] - |A| - [335360] - C:\Windows\syswow64\Windows.Graphics.Printing.Workflow.dll [MD5.798389B0F019FC7DA876A5838128C220] - [15/03/2019 05:49:00] - |A| - [12288] - C:\Windows\syswow64\Windows.Graphics.Printing.Workflow.Native.dll [MD5.3E58599D26AFE1761F87CECD252B9EB5] - [15/03/2019 05:49:13] - |A| - [430080] - C:\Windows\syswow64\Windows.Internal.Bluetooth.dll [MD5.1C9C38A788F22AEAC21ED2B9C54ECD3F] - [15/03/2019 05:49:21] - |A| - [516608] - C:\Windows\syswow64\Windows.Internal.Management.dll [MD5.0251CAD1B6C180A67A089DFA2D716548] - [15/03/2019 05:49:57] - |A| - [621568] - C:\Windows\syswow64\Windows.Media.BackgroundMediaPlayback.dll [MD5.C179D1218AD113537E309CB9323B15DF] - [15/03/2019 05:51:16] - |A| - [6014688] - C:\Windows\syswow64\Windows.Media.dll [MD5.9E23CAE30930787245399397EBD9A029] - [15/03/2019 05:49:05] - |A| - [583680] - C:\Windows\syswow64\Windows.Media.Import.dll [MD5.D2ACB013E86EAB5C56587C44734E7399] - [15/03/2019 05:49:37] - |A| - [620544] - C:\Windows\syswow64\Windows.Media.Playback.BackgroundMediaPlayer.dll [MD5.6C41D581CB2C832619F7290F2A0BA19B] - [15/03/2019 05:49:57] - |A| - [604672] - C:\Windows\syswow64\Windows.Media.Playback.MediaPlayer.dll [MD5.73256E92AA201252E82BD8A711B6A1FD] - [15/03/2019 05:49:01] - |A| - [56832] - C:\Windows\syswow64\Windows.Media.Playback.ProxyStub.dll [MD5.023EADA98464DD6E5297356A3C43F93C] - [15/03/2019 05:50:58] - |A| - [6475880] - C:\Windows\syswow64\Windows.Media.Protection.PlayReady.dll [MD5.83381DE5516C34328C4F5E76A64BE789] - [15/03/2019 05:51:03] - |A| - [2491232] - C:\Windows\syswow64\Windows.Mirage.dll [MD5.3E12477042313D18A52812979BB32A82] - [15/03/2019 05:51:04] - |A| - [618496] - C:\Windows\syswow64\Windows.Mirage.Internal.dll [MD5.D01EFC2E14294C12094102545CC85EC3] - [15/03/2019 05:50:05] - |A| - [891904] - C:\Windows\syswow64\Windows.Networking.BackgroundTransfer.dll [MD5.343D98F99A919964216DC60A1AD34C69] - [15/03/2019 05:49:53] - |A| - [660480] - C:\Windows\syswow64\Windows.Networking.dll [MD5.3D5B2BE5CA748BBDDF97DA0FB1F9967F] - [15/03/2019 05:49:34] - |A| - [109056] - C:\Windows\syswow64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll [MD5.94E8B4EBA0DA649AC0A6D8B5FC7DAE9D] - [15/03/2019 05:49:54] - |A| - [941568] - C:\Windows\syswow64\Windows.Networking.Vpn.dll [MD5.A2B45051F3DA399BA1B83599E2E23726] - [15/03/2019 05:49:53] - |A| - [405504] - C:\Windows\syswow64\Windows.Payments.dll [MD5.4EB540B4A1A428DF59A27E7FB3F885A8] - [15/03/2019 05:51:04] - |A| - [506256] - C:\Windows\syswow64\Windows.Perception.Stub.dll [MD5.3F51E3B936974BAA26CB7C96793E55E1] - [15/03/2019 05:50:04] - |A| - [598528] - C:\Windows\syswow64\Windows.Security.Authentication.Web.Core.dll [MD5.EAE9E8A3AEA8955C854EB572DF461F4A] - [15/03/2019 05:49:52] - |A| - [746904] - C:\Windows\syswow64\Windows.Services.TargetedContent.dll [MD5.131891D46023A4624CC9DA2A068317A5] - [15/03/2019 05:50:27] - |A| - [3979696] - C:\Windows\syswow64\Windows.StateRepository.dll [MD5.1FA0115DBEDD4006FB65246768DEC991] - [15/03/2019 05:49:22] - |A| - [89504] - C:\Windows\syswow64\Windows.StateRepositoryBroker.dll [MD5.B9DBAC940038A737E63BE80FDD7CE70A] - [15/03/2019 05:49:24] - |A| - [123808] - C:\Windows\syswow64\Windows.StateRepositoryClient.dll [MD5.A06DF410D350562F0FD699E98FD0FE84] - [15/03/2019 05:49:41] - |A| - [542856] - C:\Windows\syswow64\Windows.StateRepositoryPS.dll [MD5.2251D76E2BE4AF1C40BB1D8127846DED] - [15/03/2019 05:49:16] - |A| - [147456] - C:\Windows\syswow64\Windows.StateRepositoryUpgrade.dll [MD5.48ECCD9FF5FAB136BC86538C6FB6581D] - [15/03/2019 05:49:18] - |A| - [289824] - C:\Windows\syswow64\Windows.Storage.ApplicationData.dll [MD5.0DB91C3B1F2810931F47B842FE88B84F] - [15/03/2019 05:50:40] - |A| - [6087040] - C:\Windows\syswow64\windows.storage.dll [MD5.65E56E51EB7A2A664CCBDED8CFA72AA4] - [15/03/2019 05:49:55] - |A| - [464384] - C:\Windows\syswow64\Windows.UI.Core.TextInput.dll [MD5.C2E57A51AB0628DAE35F0E6ECFA5D5BA] - [15/03/2019 05:49:33] - |A| - [981504] - C:\Windows\syswow64\Windows.UI.Cred.dll [MD5.39CB8103B31D73464452424AE495DA9E] - [15/03/2019 05:50:08] - |A| - [1510912] - C:\Windows\syswow64\Windows.UI.Immersive.dll [MD5.6BE2B2B64DC32BCD7BB145466F114B37] - [15/03/2019 05:50:32] - |A| - [1321472] - C:\Windows\syswow64\Windows.UI.Input.Inking.dll [MD5.B1E781E62D28B6BC7C3DFFCDB9C9AF07] - [15/03/2019 05:49:25] - |A| - [695296] - C:\Windows\syswow64\Windows.UI.Search.dll [MD5.3149A8E3B25987FDFB534142BD50DE1E] - [15/03/2019 05:49:12] - |A| - [1892864] - C:\Windows\syswow64\Windows.UI.Xaml.Controls.dll [MD5.8D681CC5EE863278394291C743EFCB2E] - [15/03/2019 05:50:30] - |A| - [13710848] - C:\Windows\syswow64\Windows.UI.Xaml.dll [MD5.799FB49F3FC7B5D1D7CDCEF292F8E241] - [15/03/2019 05:49:20] - |A| - [720896] - C:\Windows\syswow64\Windows.UI.Xaml.InkControls.dll [MD5.E532CC88734519C8E8F02DA065FE05FB] - [15/03/2019 05:49:39] - |A| - [1312256] - C:\Windows\syswow64\Windows.UI.Xaml.Maps.dll [MD5.934266FD56473D79BC63E6A4A0742529] - [15/03/2019 05:50:11] - |A| - [1259520] - C:\Windows\syswow64\Windows.UI.Xaml.Phone.dll [MD5.AC36BA1674C606189C95E498415A42D9] - [15/03/2019 05:49:35] - |A| - [132608] - C:\Windows\syswow64\Windows.UI.XamlHost.dll [MD5.5ABBF9E152427692658A49F8F0AF0DA0] - [15/03/2019 05:50:02] - |A| - [594944] - C:\Windows\syswow64\Windows.Web.dll [MD5.5D320952A868EB0EADDD9641B461BCA2] - [15/03/2019 05:50:08] - |A| - [1503504] - C:\Windows\syswow64\WindowsCodecs.dll [MD5.11264C3ACE0F9F15031362CF57AECF4E] - [15/03/2019 05:50:23] - |A| - [31619072] - C:\Windows\syswow64\WindowsCodecsRaw.dll [MD5.FFD2F3835BC170C7B3858F326262EBDA] - [15/03/2019 07:34:32] - |A| - [36472] - C:\Windows\syswow64\WinFLAdrv.sys [MD5.503E4A64E8FB731D415510B676F2BFFA] - [15/03/2019 07:34:11] - |A| - [14184] - C:\Windows\syswow64\WinFLMsgService.exe [MD5.A3B55D9B3F656E4F82C5D79C632B0038] - [15/03/2019 07:34:12] - |A| - [94728] - C:\Windows\syswow64\WinFLService.exe [MD5.14E6BAFD6C80C9D0E2E31A6BC40479C7] - [15/03/2019 07:34:08] - |A| - [335880] - C:\Windows\syswow64\WinFLTray.exe [MD5.14E6BAFD6C80C9D0E2E31A6BC40479C7] - [15/03/2019 07:34:07] - |A| - [335880] - C:\Windows\syswow64\WinFLTrayShred.exe [MD5.50EDEB42F3C5C7BB4932FF7353E3F7D1] - [15/03/2019 05:49:53] - |A| - [704496] - C:\Windows\syswow64\winhttp.dll [MD5.64CB9AF0ABD1D750929C6BACBC59B350] - [15/03/2019 05:49:00] - |A| - [82944] - C:\Windows\syswow64\winhttpcom.dll [MD5.8C049019A4BFD95AA455CD94A1D8B114] - [15/03/2019 05:51:21] - |A| - [4369408] - C:\Windows\syswow64\wininet.dll [MD5.02BF610B95E05855DD612D57D3183E82] - [15/03/2019 05:49:51] - |A| - [1558856] - C:\Windows\syswow64\winmde.dll [MD5.43FDCB8CC2DF2FC470D5C04C06780C9B] - [15/03/2019 05:49:27] - |A| - [181760] - C:\Windows\syswow64\WinSCard.dll [MD5.BA6A61A00365044876F945A06A4D6493] - [15/03/2019 05:49:04] - |A| - [247296] - C:\Windows\syswow64\winsku.dll [MD5.0F3456A440A1584E227A40E275223EE9] - [15/03/2019 05:49:26] - |A| - [420352] - C:\Windows\syswow64\winspool.drv [MD5.988EA42B2B90B91CE1ACBBEDAAA424C8] - [15/03/2019 05:49:48] - |A| - [287848] - C:\Windows\syswow64\wintrust.dll [MD5.BDCE5E5BFC67B7D0CA6530E69B20BB0A] - [15/03/2019 05:49:51] - |A| - [832648] - C:\Windows\syswow64\WinTypes.dll [MD5.3CC985A4E7D90F5B6D9FF1FD5CD486D7] - [15/03/2019 07:34:30] - |A| - [225680] - C:\Windows\syswow64\WinVDEdrv.sys [MD5.2D446F342467128EA389CF44EC79C2BA] - [15/03/2019 07:34:31] - |A| - [197648] - C:\Windows\syswow64\WinVDEdrv6.sys [MD5.F2ECB87B996541BF44B55D301586E2C5] - [15/03/2019 11:44:42] - |AS| - [11781] - C:\Windows\syswow64\win_flfiles_sys.dat [MD5.A1A8919960FB16CE0B4CEDF6B1864939] - [15/03/2019 11:44:42] - |AS| - [3465] - C:\Windows\syswow64\win_stlthdb_sys.dat [MD5.B8EACD109C18140D169BBB9D1D91180D] - [15/03/2019 05:49:38] - |A| - [232448] - C:\Windows\syswow64\wisp.dll [MD5.A01F94A9181A6647C6C490DF0018E916] - [15/03/2019 05:49:11] - |A| - [246272] - C:\Windows\syswow64\wlancfg.dll [MD5.0EE5A7508D19ED3A264D36EF3D2B2CF7] - [15/03/2019 05:49:05] - |A| - [407040] - C:\Windows\syswow64\wlangpui.dll [MD5.0D8C53EF58FDA3925609164DFC9EEFDE] - [15/03/2019 05:49:41] - |A| - [319488] - C:\Windows\syswow64\Wldap32.dll [MD5.715BBF22FAB87ECFDDA03ABF590F46A1] - [15/03/2019 05:49:40] - |A| - [78184] - C:\Windows\syswow64\wldp.dll [MD5.2EA24AC64D38D4ECE807041E92DF194B] - [15/03/2019 05:49:12] - |A| - [98304] - C:\Windows\syswow64\wlgpclnt.dll [MD5.5099FE087A7EF6AD1431EA8B96FB01A1] - [15/03/2019 05:49:07] - |A| - [507904] - C:\Windows\syswow64\wlidcli.dll [MD5.A6ECF31E43274FA7EC787E8C1CD2FFB2] - [15/03/2019 05:49:55] - |A| - [531968] - C:\Windows\syswow64\wlidprov.dll [MD5.CEA51371971E187F478C5933F5BF4E91] - [15/03/2019 05:48:56] - |A| - [25088] - C:\Windows\syswow64\wmiprop.dll [MD5.300D4A863AC3D75472DED1020315D664] - [15/03/2019 05:51:17] - |A| - [12730880] - C:\Windows\syswow64\wmp.dll [MD5.9B05BEEACF372ADAC85BF47849672597] - [15/03/2019 05:49:27] - |A| - [251200] - C:\Windows\syswow64\wmpeffects.dll [MD5.FE72EBC643DB7BCC7A8CD8F4E46DDD68] - [15/03/2019 05:49:25] - |A| - [154392] - C:\Windows\syswow64\wmpps.dll [MD5.93930202EC453DF50804090DB0EB0F07] - [15/03/2019 05:49:31] - |A| - [103424] - C:\Windows\syswow64\wmpshell.dll [MD5.975890347C7998063E77E2C6F249878C] - [15/03/2019 05:49:33] - |A| - [392704] - C:\Windows\syswow64\WMVSENCD.DLL [MD5.0C3AB19FF0B062AD808C9DAD2CCE3D56] - [15/03/2019 05:49:40] - |A| - [681472] - C:\Windows\syswow64\WMVXENCD.DLL [MD5.F52DC608FABA50E9A6D51C1F77936E71] - [15/03/2019 05:49:52] - |A| - [1342464] - C:\Windows\syswow64\Wpc.dll [MD5.1505A2BE0DEF18632472CD4C1AF3090D] - [15/03/2019 05:49:27] - |A| - [636416] - C:\Windows\syswow64\WpcWebFilter.dll [MD5.91CF6717E5CBA979A23EF887770B1FAB] - [15/03/2019 05:49:35] - |A| - [975360] - C:\Windows\syswow64\wpnapps.dll [MD5.D968CB0D323A9A54B5E81A2A4F239C0F] - [15/03/2019 05:49:14] - |A| - [258808] - C:\Windows\syswow64\wscapi.dll [MD5.74D90548993E4DC4CC4CBC5AF8B96417] - [15/03/2019 05:49:00] - |A| - [12800] - C:\Windows\syswow64\wscproxystub.dll [MD5.355C1249EE15E153199FE1B54C3BE873] - [15/03/2019 05:49:26] - |A| - [147456] - C:\Windows\syswow64\wscript.exe [MD5.3E8DBDE2536682E3EA33BAB970197F90] - [15/03/2019 05:49:42] - |A| - [1332736] - C:\Windows\syswow64\wsecedit.dll [MD5.BE0D487494FCFF4B4E7D29A333BAF0DF] - [15/03/2019 05:49:16] - |A| - [16600] - C:\Windows\syswow64\wshhyperv.dll [MD5.73339DF7BBD7DEB99C2D92448C1B2A60] - [15/03/2019 05:49:03] - |A| - [123392] - C:\Windows\syswow64\wshom.ocx [MD5.39E63D680474BB0DDDB3D57BFC881FD7] - [15/03/2019 05:49:12] - |A| - [52736] - C:\Windows\syswow64\wsnmp32.dll [MD5.C69885E3DAD1BEF60319010698E8DA24] - [15/03/2019 05:49:38] - |A| - [1453056] - C:\Windows\syswow64\wsp_fs.dll [MD5.8593D702416E2A6D120C813B1717A8CC] - [15/03/2019 05:49:39] - |A| - [1309696] - C:\Windows\syswow64\wsp_health.dll [MD5.28BE6DD3090240B709EB710B88E38DFC] - [15/03/2019 05:49:45] - |A| - [825856] - C:\Windows\syswow64\wuapi.dll [MD5.1EFB575D7E2A8234DCC9D4531070106E] - [15/03/2019 05:48:00] - |A| - [67072] - C:\Windows\syswow64\wudriver.dll [MD5.D7AF31C2ADA4D3580583CA76BFD3EBAE] - [15/03/2019 05:49:05] - |A| - [30208] - C:\Windows\syswow64\wups.dll [MD5.660E6FB6972DB04E74C45C040D4DDE8C] - [15/03/2019 05:49:49] - |A| - [293888] - C:\Windows\syswow64\WwaApi.dll [MD5.F6DE38B57FAA27471BD99060BE9F9496] - [15/03/2019 05:49:39] - |A| - [793400] - C:\Windows\syswow64\WWAHost.exe [MD5.A2E0419D7FBDFEFA19F5BB53556A22EB] - [15/03/2019 05:49:16] - |A| - [450936] - C:\Windows\syswow64\WWanAPI.dll [MD5.653DB51549B7CB7EC76EB8562D260D4F] - [15/03/2019 05:49:16] - |A| - [73896] - C:\Windows\syswow64\wwapi.dll [MD5.414CF6ED0142DAB4BDFC7AE95558AD4C] - [15/03/2019 05:50:22] - |A| - [3418112] - C:\Windows\syswow64\xpsrchvw.exe [MD5.D07878AB6E404AD22759759B4CFB47BC] - [15/03/2019 05:49:29] - |A| - [346112] - C:\Windows\syswow64\zipfldr.dll ---------- | Drives D: [12/03/2019 09:00:26] - |A| - (.Copyright (C) 2010 - Zinstall Loader.) - [190506576] - (2.6.0.0) - D:\zinstall-fullback.exe E: [06/03/2019 06:39:43] - |A| - (.-.) - [1407] - (0.0.0.0) - E:\Auslogics WindowsSlimmer.lnk [06/03/2019 06:39:43] - |A| - (.-.) - [1314] - (0.0.0.0) - E:\Axialis IconWorkshop.lnk [06/03/2019 06:39:43] - |A| - (.-.) - [1056] - (0.0.0.0) - E:\ByteFence Anti-Malware.lnk [06/03/2019 06:39:43] - |A| - (.-.) - [1644] - (0.0.0.0) - E:\Command Line Xoring File.lnk [06/03/2019 06:39:43] - |A| - (.-.) - [2421] - (0.0.0.0) - E:\Goodgame Big Farm.lnk [06/03/2019 06:39:43] - |A| - (.-.) - [2415] - (0.0.0.0) - E:\Goodgame Empire.lnk [06/03/2019 06:39:44] - |A| - (.-.) - [2047] - (0.0.0.0) - E:\HD Video Player.lnk [06/03/2019 06:39:44] - |A| - (.-.) - [1052] - (0.0.0.0) - E:\IconXP.lnk [06/03/2019 06:39:45] - |A| - (.-.) - [3159] - (0.0.0.0) - E:\iShredder 7.0.lnk [06/03/2019 06:39:46] - |A| - (.-.) - [1312] - (0.0.0.0) - E:\Moo0 Clic Droit Pro 1.56.lnk [06/03/2019 06:39:46] - |A| - (.-.) - [1258] - (0.0.0.0) - E:\Moo0 Néttoyeur de Disque 1.23.lnk [06/03/2019 06:39:46] - |A| - (.-.) - [1625] - (0.0.0.0) - E:\Navigateur Opera.lnk [06/03/2019 06:39:46] - |A| - (.-.) - [104] - (0.0.0.0) - E:\Panneau de configuration - Raccourci (2).lnk [06/03/2019 06:39:46] - |A| - (.-.) - [104] - (0.0.0.0) - E:\Panneau de configuration - Raccourci.lnk [06/03/2019 06:39:46] - |A| - (.-.) - [1227] - (0.0.0.0) - E:\Pre_Scan_Donate.lnk [06/03/2019 06:39:46] - |A| - (.-.) - [1571] - (0.0.0.0) - E:\Pre_Scan_Restore.lnk [06/03/2019 06:39:47] - |A| - (.-.) - [1216] - (0.0.0.0) - E:\UTILILAB NitroBROWSER.lnk [06/03/2019 06:39:47] - |A| - (.-.) - [971] - (0.0.0.0) - E:\ViPad.lnk [06/03/2019 06:39:48] - |A| - (.-.) - [1307] - (0.0.0.0) - E:\Auslogics BoostSpeed 10.lnk [06/03/2019 06:39:48] - |A| - (.-.) - [1396] - (0.0.0.0) - E:\Auslogics Driver Updater.lnk [01/03/2019 14:14:08] - |A| - (.Copyright (C) 2013-2018 SosVirus Software - QuickDiag.) - [5175192] - (27.2.19.1) - E:\quickdiag_V5_27.02.19.1.exe [02/03/2019 08:51:41] - |A| - (.UEFM LFS Hyper EFM, Quernon (ex-la petite marquise) & Anti-TFL -.) - [171439718] - (1.0.0.0) - E:\anti-tfl_loaris_protectstar_setup_sib.exe [05/03/2019 07:01:57] - |A| - (.-.) - [2114448] - (0.0.0.0) - E:\CloseAll_3.1-setup.exe [05/03/2019 07:02:01] - |A| - (.-.) - [2439402] - (0.0.0.0) - E:\SkinPacks_2460756710.exe [05/03/2019 07:02:02] - |A| - (.-.) - [2439402] - (0.0.0.0) - E:\SkinPacks_3547769263.exe [06/03/2019 06:39:43] - |A| - (.-.) - [5582200] - (0.0.0.0) - E:\ciscomplete_installer.exe [06/03/2019 06:39:43] - |A| - (.-.) - [1040152] - (0.0.0.0) - E:\CyberLink_PresenterLinkPlus_Downloader.exe [06/03/2019 06:39:43] - |A| - (.-.) - [2406960] - (0.0.0.0) - E:\DebutVideoCaptureSoftware.exe [06/03/2019 06:39:43] - |A| - (.-.) - [13024299] - (0.0.0.0) - E:\google-apps-backup.exe [06/03/2019 06:39:44] - |A| - (.-.) - [1802704] - (0.0.0.0) - E:\iExplore.exe [06/03/2019 06:39:44] - |A| - (.-.) - [9535136] - (0.0.0.0) - E:\iobit-software-updater-setup-beta.exe [06/03/2019 06:39:46] - |A| - (.-.) - [3059624] - (0.0.0.0) - E:\pre-scan_7_16.10.17.1.exe [06/03/2019 06:39:46] - |A| - (.-.) - [114176] - (0.0.0.0) - E:\Rem-VBSworm.exe [06/03/2019 06:39:46] - |A| - (.-.) - [944200] - (0.0.0.0) - E:\SlimCleaner-setup.exe [06/03/2019 06:39:46] - |A| - (.-.) - [466032] - (0.0.0.0) - E:\UAppInst.exe [06/03/2019 06:39:48] - |A| - (.-.) - [2708912] - (0.0.0.0) - E:\Adaware_Installer.exe [01/03/2019 14:14:07] - |A| - (.©1999-2018 Jonathan Bennett & AutoIt Team - Farbar Recovery Scan Tool.) - [2433536] - (13.3.2019.1) - E:\FRST64-2.1.exe G: H: [22/01/2019 15:50:47] - |N| - (. - Ashampoo Snap 9 Setup .) - [58719256] - (9.0.5.0) - H:\Ashampoo_Snap_v9.0.5.exe [20/02/2019 09:35:10] - |N| - (.Ashampoo GmbH & Co. KG - Ashampoo UnInstaller 8 Setup .) - [14167712] - (8.0.12.0) - H:\ashampoo_uninstaller_8_8.00.12_sm.exe [23/04/2018 10:33:37] - |H| - (.-.) - [16] - (0.0.0.0) - H:\AUTORUN.INF I: [09/03/2019 13:46:41] - |A| - (.SysTools Software - SysTools Excel to Outlook - Demo Version Setup .) - [2498448] - (3.0.0.0) - I:\excel-to-outlook.exe [09/03/2019 13:51:08] - |A| - (.©2016 SysTools Software Private Limited - SysTools G Suite to Office 365 Migrator Setup .) - [6236592] - (1.0.0.0) - I:\gsuite-to-office365-migrator.exe [09/03/2019 13:50:30] - |A| - (.©2017 SysTools Software Private Limited - SysTools Office365 Express Migrator Setup .) - [3394008] - (2.0.0.0) - I:\office365-express-migrator.exe [09/03/2019 13:41:14] - |A| - (.© 2015 SysTools Software Private Limited - SyTools Open Office Writer Recovery - DEMO Vesrion 2.0 Setup.) - [812504] - (2.0.0.0) - I:\open-office-recovery.exe [09/03/2019 13:39:02] - |A| - (.© 2018 SysTools Software Private Limited - SysTools Outlook Recovery Setup .) - [27651176] - (7.0.0.0) - I:\outlook-recovery.exe [09/03/2019 13:49:01] - |A| - (.© SysTools 2014 - SysTools PDF Unlocker Setup .) - [5784584] - (3.2.0.0) - I:\pdf-unlocker.exe [09/03/2019 13:45:39] - |A| - (.© 2018 SysTools Software Private Limited - SysTools Word Recovery Setup .) - [3753432] - (4.0.0.0) - I:\word-recovery.exe K: [22/01/2019 06:35:34] - |N| - (.(C) 2015 Smart PC Utilities, Ltd. - PC Startup Master Setup.) - [7784934] - (3.0.238.0) - K:\startupmaster.exe [26/02/2019 12:19:29] - |A| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1040152] - (2.9.1.6109) - K:\CyberLink_PresenterLinkPlus_Downloader.exe [26/02/2019 12:19:36] - |A| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [1802704] - (2.9.1.0) - K:\iExplore.exe [26/02/2019 12:19:37] - |A| - (.©IObit. - IObit Software Updater .) - [9535136] - (1.0.0.1161) - K:\iobit-software-updater-setup-beta.exe [26/02/2019 13:25:48] - |A| - (.UEFM LFS Hyper EFM -.) - [96286087] - (1.0.0.0) - K:\LiveTuner_webcompanion_thememypc_leesoft_windowsxlive_setup_sib.exe [03/03/2019 13:43:57] - |A| - (.-.) - [15533336] - (0.0.0.0) - K:\ApplicationManager_v1126_rv199819(1.2)_STD_APM181015-01.exe [03/03/2019 14:41:19] - |H| - (.-.) - [16] - (0.0.0.0) - K:\AUTORUN.INF ---------- | C: [13/03/2019 07:17:24] - |SHD| - [258] - C:\$RECYCLE.BIN [15/03/2019 07:23:44] - |D| - [387596] - C:\$Windows.~WS [23/03/2019 09:26:05] - |D| - [2420] - C:\.android [MD5.18919B8F4DD98CC049DF6C5EFA670648] - [12/03/2019 19:54:31] - |A| - (.-.) - [98059] - (0.0.0.0) - C:\AdsFix_13_03_2019_00_39_27.txt [23/03/2019 22:57:16] - |RASHD| - [2] - C:\autorun.inf [15/03/2019 19:56:33] - |D| - [450581645] - C:\boot [MD5.74EE78204D088B642B5E2D95ABE8B7BB] - [25/02/2019 06:40:18] - |A| - (.-.) - [1520] - (0.0.0.0) - C:\DelFix.txt [21/03/2019 07:09:24] - |RD| - [674] - C:\Documents [15/03/2019 06:19:27] - |D| - [0] - C:\ESD [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2019 14:33:40] - |ASH| - (.-.) - [1676853248] - (0.0.0.0) - C:\hiberfil.sys [20/02/2019 14:36:04] - |D| - [17889325] - C:\IconPack [07/12/2017 07:02:19] - |DC| - [177072] - C:\Intel [26/03/2019 00:09:21] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2019 14:29:28] - |ASH| - (.-.) - [7102967808] - (0.0.0.0) - C:\pagefile.sys [29/09/2017 14:46:33] - |D| - [0] - C:\PerfLogs [12/03/2019 17:00:51] - |RD| - [149206104] - C:\PortableApps [17/03/2019 07:13:23] - |D| - [237019313] - C:\Pre_Scan [MD5.B47E0E8F219977C740BDFBA6B7E48C2B] - [17/03/2019 08:46:47] - |RA| - (.-.) - [28477] - (0.0.0.0) - C:\Pre_Scan_17_03_2019_08_46_46.txt [29/09/2017 14:46:33] - |RD| - [14215010442] - C:\Program Files [29/09/2017 14:46:33] - |RD| - [7274414030] - C:\Program Files (x86) [29/09/2017 14:46:33] - |HD| - [4228205538] - C:\ProgramData [19/02/2019 13:13:41] - |D| - [722280] - C:\PSMenu [12/03/2019 05:40:35] - |D| - [179907469] - C:\QuickDiag [MD5.9EF15113E96B7EBEB645B5825D5A1B96] - [26/03/2019 18:51:59] - |A| - (.-.) - [599006] - (0.0.0.0) - C:\QuickDiag.txt [07/12/2017 14:48:59] - |HDC| - [1158477351] - C:\recovery [MD5.7C94C938CDF4C99A6E46A9367F34D94C] - [02/03/2019 08:20:09] - |A| - (.-.) - [2775] - (0.0.0.0) - C:\Rem-VBS.log [26/02/2019 14:52:45] - |D| - [1162] - C:\Rem-VBSqt [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2019 14:29:28] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [14/03/2019 14:29:26] - |SHD| - [0] - C:\System Volume Information [29/09/2017 09:45:11] - |RD| - [41196649257] - C:\Users [25/03/2019 23:51:22] - |HD| - [77443725] - C:\VTRoot [29/09/2017 09:45:11] - |D| - [28781875420] - C:\Windows ---------- | C:\Windows [MD5.A486C15BA34B4C23677AA34F47CE2C0D] - [07/12/2017 07:01:45] - |A| - (.-.) - [1078] - (0.0.0.0) - C:\Windows\ACU.ico [29/09/2017 14:46:33] - |D| - [802] - C:\Windows\addins [29/09/2017 14:46:33] - |D| - [12142213] - C:\Windows\appcompat [29/09/2017 14:46:33] - |D| - [9242112] - C:\Windows\apppatch [29/09/2017 14:46:33] - |D| - [0] - C:\Windows\AppReadiness [29/09/2017 14:46:33] - |RSD| - [815556651] - C:\Windows\assembly [29/09/2017 14:46:33] - |D| - [692493] - C:\Windows\bcastdvr [MD5.55F49769891E4DC7CAB3E293E1238888] - [29/09/2017 14:41:23] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [65536] - (10.0.16299.15) - C:\Windows\bfsvc.exe [29/09/2017 14:46:33] - |D| - [38305426] - C:\Windows\Boot [MD5.719956984CC9E4A7C1615210CB4230C3] - [07/12/2017 23:39:33] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [29/09/2017 14:46:33] - |D| - [2471504] - C:\Windows\Branding [29/09/2017 14:37:01] - |D| - [0] - C:\Windows\CbsTemp [MD5.A155FFABF2F04265A97274CCAB44D773] - [07/12/2017 14:08:15] - |A| - (.-.) - [35138] - (0.0.0.0) - C:\Windows\core.xml [MD5.A155FFABF2F04265A97274CCAB44D773] - [29/09/2017 15:43:11] - |A| - (.-.) - [35138] - (0.0.0.0) - C:\Windows\CoreSingleLanguage.xml [MD5.BD1868AC684B5AD6C0A2A7A1C764FA1F] - [07/12/2017 07:05:29] - |A| - (.-.) - [10] - (0.0.0.0) - C:\Windows\Csup.txt [29/09/2017 14:46:33] - |D| - [11482410] - C:\Windows\Cursors [29/09/2017 14:46:33] - |D| - [2540] - C:\Windows\debug [29/09/2017 14:46:33] - |D| - [209226678] - C:\Windows\DeliveryOptimization [MD5.050C668A459D689E7C033DBCA4417642] - [07/12/2017 07:12:58] - |A| - (.-.) - [22863] - (0.0.0.0) - C:\Windows\diagerr.xml [29/09/2017 14:46:33] - |D| - [5799735] - C:\Windows\diagnostics [29/09/2017 15:41:15] - |D| - [0] - C:\Windows\DigitalLocker [29/09/2017 14:46:33] - |SD| - [65] - C:\Windows\Downloaded Program Files [29/09/2017 14:46:33] - |D| - [78040] - C:\Windows\ELAMBKUP [07/12/2017 14:35:07] - |D| - [47104] - C:\Windows\en-GB [29/09/2017 15:41:15] - |D| - [49664] - C:\Windows\en-US [07/12/2017 14:11:38] - |D| - [107520] - C:\Windows\es-ES [MD5.5CDE14540712838961E3B63930CE8C5D] - [15/03/2019 05:50:30] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3904304] - (10.0.16299.637) - C:\Windows\explorer.exe [29/09/2017 14:46:33] - |RSD| - [360324780] - C:\Windows\Fonts [07/12/2017 14:15:54] - |D| - [109568] - C:\Windows\fr-FR [29/09/2017 14:46:33] - |D| - [0] - C:\Windows\GameBarPresenceWriter [29/09/2017 14:46:33] - |D| - [46654231] - C:\Windows\Globalization [29/09/2017 14:46:33] - |D| - [3747842] - C:\Windows\Help [MD5.67422BB31C52F0E4697C2A413677E033] - [15/03/2019 05:49:42] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [976896] - (10.0.16299.402) - C:\Windows\HelpPane.exe [MD5.620517DFE23E0DEB918F70538DF8AD67] - [29/09/2017 14:41:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [17920] - (10.0.16299.15) - C:\Windows\hh.exe [29/09/2017 14:46:33] - |D| - [173064560] - C:\Windows\IME [29/09/2017 14:46:33] - |RD| - [7839228] - C:\Windows\ImmersiveControlPanel [29/09/2017 14:44:34] - |D| - [76897414] - C:\Windows\INF [29/09/2017 14:46:33] - |D| - [5932356143] - C:\Windows\InfusedApps [29/09/2017 14:46:33] - |D| - [38118841] - C:\Windows\InputMethod [29/09/2017 14:46:33] - |SHD| - [1657513785] - C:\Windows\Installer [07/12/2017 14:30:10] - |D| - [107008] - C:\Windows\it-IT [29/09/2017 14:46:33] - |D| - [94163] - C:\Windows\L2Schemas [29/09/2017 14:46:33] - |D| - [1835008] - C:\Windows\LiveKernelReports [29/09/2017 09:45:14] - |D| - [48633339] - C:\Windows\Logs [29/09/2017 14:46:33] - |RSD| - [20331141] - C:\Windows\media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [29/09/2017 14:42:00] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [29/09/2017 14:46:33] - |RD| - [946013043] - C:\Windows\Microsoft.NET [29/09/2017 14:46:33] - |D| - [3298] - C:\Windows\Migration [15/03/2019 06:57:03] - |D| - [0] - C:\Windows\Minidump [29/09/2017 14:46:33] - |D| - [0] - C:\Windows\ModemLogs [MD5.D4EE18887818F0782C0D72F1D67AAB5E] - [07/12/2017 07:10:42] - |A| - (.(c) Samsung Electronics. - Conditional Caller.) - [1731072] - (1.0.0.1) - C:\Windows\MSetCaller.exe [07/12/2017 14:12:44] - |D| - [968482] - C:\Windows\MSetup [MD5.15750221BBFFA36C055D656C46899460] - [29/09/2017 14:41:38] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [246784] - (10.0.16299.15) - C:\Windows\notepad.exe [29/09/2017 15:42:03] - |D| - [199472] - C:\Windows\OCR [29/09/2017 14:46:33] - |RD| - [65] - C:\Windows\Offline Web Pages [10/10/2017 17:41:56] - |D| - [2058522] - C:\Windows\Panther [29/09/2017 14:46:33] - |D| - [378575] - C:\Windows\Performance [29/09/2017 14:46:33] - |D| - [1596669] - C:\Windows\PLA [29/09/2017 14:46:33] - |D| - [5036896] - C:\Windows\PolicyDefinitions [07/12/2017 23:39:31] - |D| - [13710931] - C:\Windows\Prefetch [29/09/2017 14:46:33] - |RD| - [2165945] - C:\Windows\PrintDialog [29/09/2017 14:46:33] - |D| - [4057203] - C:\Windows\Provisioning [MD5.14A3681D6247758B1F4880022ABEE0D7] - [29/09/2017 14:41:58] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [335872] - (10.0.16299.15) - C:\Windows\regedit.exe [29/09/2017 14:46:33] - |D| - [1071164] - C:\Windows\Registration [29/09/2017 14:46:33] - |D| - [7433456] - C:\Windows\rescache [29/09/2017 14:46:33] - |D| - [3899983] - C:\Windows\Resources [07/12/2017 07:00:50] - |D| - [0] - C:\Windows\RSTLog [MD5.49F66188C137CEEEBDAF751041B60B79] - [07/12/2017 06:47:14] - |A| - (.Copyright (C) 2017 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2839488] - (1.0.7.1) - C:\Windows\RtlExUpd.dll [MD5.294DF39F9DCF1DC2EB384F835661B06E] - [07/12/2017 07:05:49] - |A| - (.-.) - [6284] - (0.0.0.0) - C:\Windows\Samsung.png [MD5.95785E7BDA182428944420424A33BD96] - [21/03/2019 11:03:10] - |A| - (.-.) - [241] - (0.0.0.0) - C:\Windows\SATReg.ini [29/09/2017 14:46:33] - |D| - [0] - C:\Windows\SchCache [29/09/2017 14:46:33] - |D| - [122082] - C:\Windows\schemas [10/10/2017 17:46:07] - |D| - [149836] - C:\Windows\sec [MD5.69D0E0C0848937803A2B0D73F2F0F533] - [07/12/2017 07:03:20] - |A| - (.(c) . All right reserved. - Time Sync Utility.) - [1630256] - (1.0.2.0) - C:\Windows\SecTimeSync.exe [29/09/2017 14:46:33] - |D| - [4241804] - C:\Windows\security [07/12/2017 23:39:23] - |D| - [176900878] - C:\Windows\ServiceProfiles [29/09/2017 09:45:11] - |D| - [137231056] - C:\Windows\servicing [29/09/2017 14:49:45] - |D| - [42] - C:\Windows\Setup [29/09/2017 14:46:33] - |D| - [53789696] - C:\Windows\ShellExperiences [29/09/2017 15:41:49] - |D| - [3070736] - C:\Windows\SKB [14/03/2019 14:34:11] - |D| - [37259816] - C:\Windows\SoftwareDistribution [29/09/2017 14:46:33] - |D| - [86044865] - C:\Windows\Speech [29/09/2017 14:46:33] - |D| - [61728519] - C:\Windows\Speech_OneCore [MD5.B3FBABDA876CFA2B4695471D5348F59F] - [29/09/2017 14:42:06] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [130560] - (10.0.16299.15) - C:\Windows\splwow64.exe [29/09/2017 14:46:33] - |AD| - [1993343] - C:\Windows\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [29/09/2017 14:46:38] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [29/09/2017 09:45:11] - |D| - [6530879411] - C:\Windows\System32 [29/09/2017 14:46:34] - |D| - [201933048] - C:\Windows\SystemApps [29/09/2017 14:46:34] - |D| - [28404506] - C:\Windows\SystemResources [29/09/2017 09:45:15] - |AD| - [1532944600] - C:\Windows\SysWOW64 [29/09/2017 14:46:34] - |D| - [0] - C:\Windows\TAPI [29/09/2017 14:46:34] - |D| - [6] - C:\Windows\Tasks [29/09/2017 14:46:34] - |D| - [6667260] - C:\Windows\Temp [29/09/2017 14:46:34] - |D| - [13428736] - C:\Windows\TextInput [29/09/2017 14:46:34] - |D| - [0] - C:\Windows\tracing [29/09/2017 14:46:34] - |D| - [7680] - C:\Windows\twain_32 [MD5.F6C33A8A65C6AF007812EED398D783B2] - [29/09/2017 14:42:16] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65536] - (1.7.1.3) - C:\Windows\twain_32.dll [29/09/2017 14:46:34] - |D| - [12420] - C:\Windows\Vss [29/09/2017 14:46:34] - |D| - [32195506] - C:\Windows\Web [MD5.3EFEB20E042AF2EBC710F857FBF62FA9] - [29/09/2017 14:46:38] - |A| - (.-.) - [155] - (0.0.0.0) - C:\Windows\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [29/09/2017 14:41:58] - |RA| - (.-.) - [670] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [26/03/2019 08:30:13] - |A| - (.-.) - [276] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.02BD03E57C66CB40AEDB7039E93E7CB0] - [29/09/2017 14:42:16] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.16299.15) - C:\Windows\winhlp32.exe [29/09/2017 09:45:11] - |D| - [9395978623] - C:\Windows\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [29/09/2017 14:41:16] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.0D5D4E344F5581C954355D7164DD4BE1] - [29/09/2017 14:41:38] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.16299.15) - C:\Windows\write.exe [MD5.3667A9C7A92616FAFF859FFFA4F6A38D] - [15/03/2019 09:28:44] - |A| - (.-.) - [2521789] - (0.0.0.0) - C:\Windows\ZAM.krnl.trace [MD5.638EA1D2A7C022F653789291175F841D] - [15/03/2019 09:28:44] - |A| - (.-.) - [447569] - (0.0.0.0) - C:\Windows\ZAM_Guard.krnl.trace ---------- | C:\Windows\System32\GroupPolicy ---------- | Systemroot\System [15/03/2019 05:28:29] - |A| - [935632] - C:\Windows\System\Vb40016.dll (Copyright © 1987-1995 Microsoft Corp.) - (Visual Basic 4.0 runtime library) [15/03/2019 05:28:29] - |A| - [271264] - C:\Windows\System\vbrun100.dll () - () [15/03/2019 05:28:29] - |A| - [356992] - C:\Windows\System\vbrun200.dll (Copyright © 1987-1992 Microsoft Corp) - (Visual Basic 2.0 runtime library) [15/03/2019 05:28:29] - |A| - [398416] - C:\Windows\System\Vbrun300.dll (Copyright © 1987-1993 Microsoft Corp) - (Visual Basic 3.0 runtime library) ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [15/02/2019 06:51:28] - C:\Windows\Installer\160e5cf.msi : (COMODO Secure Shopping - COMODO) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/03/2019 20:04:37] - C:\Windows\Installer\1ca6149d.msi : (FULL-DISKfighter - SPAMfighter ApS.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/03/2019 18:55:45] - C:\Windows\Installer\1ca614a0.msi : (Linux File Systems for Windows by Paragon Software - Paragon Software GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/02/2019 16:00:15] - C:\Windows\Installer\24b3d4.msi : (Blank Project Template - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/10/2017 02:16:36] - C:\Windows\Installer\39e2.msi : (Intel(R) ME UninstallLegacy - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:21:34] - C:\Windows\Installer\39e9.msi : (Intel(R) Management Engine Driver - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:20:18] - C:\Windows\Installer\39f0.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:20:42] - C:\Windows\Installer\39f7.msi : (Microsoft VC++ redistributables repacked. - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:20:50] - C:\Windows\Installer\39fe.msi : (Microsoft VC++ redistributables repacked. - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:21:22] - C:\Windows\Installer\3a05.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/09/2017 16:25:02] - C:\Windows\Installer\3a0c.msi : (Intel(R) Trusted Connect Service Client x64 - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/09/2017 16:21:30] - C:\Windows\Installer\3a13.msi : (Intel(R) Trusted Connect Service Client x86 - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/11/2016 11:34:12] - C:\Windows\Installer\3a1a.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2019 22:52:28] - C:\Windows\Installer\3bb17.msi : (AntimalwareEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2019 22:53:27] - C:\Windows\Installer\3bb1b.msi : (FirewallEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2019 22:54:42] - C:\Windows\Installer\3bb1f.msi : (ProxyEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2019 22:54:51] - C:\Windows\Installer\3bb23.msi : (OnlineThreatsEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2019 22:54:53] - C:\Windows\Installer\3bb27.msi : (AntispamEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2019 22:55:00] - C:\Windows\Installer\3bb2b.msi : (AvcEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/12/2017 07:01:24] - C:\Windows\Installer\3ea5.msi : (Blank Project Template - InstallShield) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/05/2017 08:38:06] - C:\Windows\Installer\3eac.msi : (WlSarService - Samsung Electronics Co., Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/12/2017 07:02:01] - C:\Windows\Installer\3eb4.msi : (Blank Project Template - InstallShield) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/08/2018 14:09:28] - C:\Windows\Installer\4a837f.msi : (24.17.0 - Paragon Software) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/10/2016 11:16:02] - C:\Windows\Installer\4abb.msi : (Intel(R) Chipset Device Software - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/03/2019 08:57:58] - C:\Windows\Installer\6819f8.msi : (Silent Install Builder 5 - Aprel Tech, LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/08/2017 03:30:28] - C:\Windows\Installer\7eda.msi : ( - Samsung) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/11/2017 08:04:38] - C:\Windows\Installer\7eef.msi : ( - Samsung) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/11/2017 06:48:12] - C:\Windows\Installer\7ef6.msi : (Show Window - Samsung Electronics Co., Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/02/2016 16:40:24] - C:\Windows\Installer\7efb.msi : ( - Samsung Electronics Co., Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/02/2017 09:58:16] - C:\Windows\Installer\7f00.msi : ( - Samsung Electronics) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/03/2019 18:19:52] - C:\Windows\Installer\ccf7d79.msi : (OUTDATEfighter - SPAMfighter ApS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/03/2019 12:04:14] - C:\Windows\Installer\cefa65.msi : ( - ProtectStar Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/08/2018 14:09:36] - C:\Windows\Installer\d8da5a.msi : (Simply Good Pictures 5 Free - Engelmann Software) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/03/2019 18:17:37] - [229376] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\collect_logs_46415E4E6A244A68BCD90E2A7BBBE92D.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:17:37] - [65536] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\eulaSc_8384FC6846E7455F813279C4A4BD7848.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:17:37] - [217088] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\faqSc_6850097D521D412C9D557BF6AAF77966.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:17:37] - [217088] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\OpenProductShortcu_7B40FA946E0C4B2BB676ACAD0C712C08.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:17:37] - [217088] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\OpenProductShortcu_E4EB4CA62A0B4356AC2B2A2F509B24DB.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:17:37] - [217088] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\privacySc_15450EAD0C55421290B773659CA982E3.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:17:37] - [217088] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\supportSc_00298BA3FA76493999ED2765008C425A.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:17:37] - [45056] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\UninstallShortcut_29E3AA1700F24071BDD9C28FB44BF35D.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [07/12/2017 07:01:24] - [53248] - C:\Windows\Installer\{18373B57-4FC3-4B1A-95B3-A7E5DCA577F7}\ARPPRODUCTICON.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [14/03/2019 22:53:46] - [59352] - C:\Windows\Installer\{232046DA-BB57-4114-9A0D-1119F00C4398}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [14/03/2019 22:54:51] - [59352] - C:\Windows\Installer\{26F31E12-3722-45FD-903B-49012286BB4C}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [14/03/2019 22:57:57] - [358360] - C:\Windows\Installer\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [14/03/2019 22:57:57] - [358360] - C:\Windows\Installer\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}\NewShortcut1_9D26517437AB43F988CAFF4AC3CA05DE.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [14/03/2019 22:57:57] - [358360] - C:\Windows\Installer\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}\NewShortcut6_46B5678CC4A24F4AA166FBA0D99B16EE.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [07/12/2017 07:06:00] - [109207] - C:\Windows\Installer\{5493FC89-21E8-4D88-BCA1-4D33F1410968}\_853F67D554F05449430E7E.exe () - () [14/03/2019 22:53:09] - [59352] - C:\Windows\Installer\{5C7A5F94-02E9-4C5D-A594-B1F10865965A}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [25/02/2019 16:00:31] - [358360] - C:\Windows\Installer\{5FFF7119-74E8-442E-970E-50BAD81D5371}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [20/03/2019 21:48:12] - [110007] - C:\Windows\Installer\{61edd47c-c795-4f57-92f1-a20140231795}\controlPanelIcon.exe () - () [07/12/2017 07:02:02] - [59664] - C:\Windows\Installer\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}\ARPPRODUCTICON.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [14/03/2019 22:55:01] - [59352] - C:\Windows\Installer\{700C79E1-C8E3-454E-B760-CAFFE9F2A6AA}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [25/03/2019 20:10:30] - [53248] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\ARPPRODUCTICON.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:31] - [229376] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\collect_logs_46415E4E6A244A68BCD90E2A7BBBE92D.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:31] - [65536] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\eulaSc_8384FC6846E7455F813279C4A4BD7848.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:38] - [217088] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\faqSc_6850097D521D412C9D557BF6AAF77966.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:31] - [217088] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\OpenProductShortcu_7B40FA946E0C4B2BB676ACAD0C712C08.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:49] - [217088] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\OpenProductShortcu_9374267BBB8D415AB667F29A074CE29E.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:49] - [217088] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\OpenProductShortcu_E4EB4CA62A0B4356AC2B2A2F509B24DB.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:47] - [217088] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\privacySc_15450EAD0C55421290B773659CA982E3.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:47] - [217088] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\supportSc_00298BA3FA76493999ED2765008C425A.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:48] - [45056] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\UninstallShortcut_29E3AA1700F24071BDD9C28FB44BF35D.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [14/03/2019 22:54:54] - [59352] - C:\Windows\Installer\{7DE129E5-BB4A-4517-A6CD-C69EEB346781}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [14/03/2019 22:54:43] - [59352] - C:\Windows\Installer\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [07/12/2017 07:06:13] - [372526] - C:\Windows\Installer\{87A08690-781E-4A8E-8300-775A2EA02932}\icon.exe () - () [15/03/2019 11:01:47] - [10134] - C:\Windows\Installer\{8D64B0CF-B925-4AC6-A7A7-9CDDC6733122}\I_SetupIcon.exe () - () [15/03/2019 11:01:47] - [4846] - C:\Windows\Installer\{8D64B0CF-B925-4AC6-A7A7-9CDDC6733122}\I__HelpIcon.exe () - () [15/03/2019 11:01:47] - [124033] - C:\Windows\Installer\{8D64B0CF-B925-4AC6-A7A7-9CDDC6733122}\I__ProgramIcon.exe () - () [17/03/2019 05:03:08] - [669696] - C:\Windows\Installer\{B709B962-53AA-446A-A733-95D1A6C5DE50}\CamtasiaIcons.exe () - () [07/12/2017 07:06:59] - [138667] - C:\Windows\Installer\{D21EED26-59C0-4315-BDCC-D682496465E9}\_853F67D554F05449430E7E.exe () - () [07/12/2017 07:06:59] - [138667] - C:\Windows\Installer\{D21EED26-59C0-4315-BDCC-D682496465E9}\_C99CA1BB496FD6B48BD347.exe () - () [22/03/2019 18:20:37] - [53248] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\ARPPRODUCTICON.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [229376] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\collect_logs_0CEF7DB7296B4A039FAE8EA6AAE968C0.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:39] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\DesktopOUTDATEfigh_C272B461619A4C97A904A0E3ABB46C5B.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [65536] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\eula_shortcut_C37361C725D74AB7BCC5FA4022E0CC35.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\faqShortcut_18DBFAE846FB4E8396F1DF2D2A44F8D0.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\OTDFQuickLaunchSho_613E7DD854804C118887E5C2334BEC0A.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:37] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\OUTDATEfighterShor_5758C9D68C974ADC98E826C66C5A6501.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\OUTDATEfighterShor_EDB09256466C4C97A4E882232CB0D404.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\privacyShortcut_CB5E683ED0FF4258AF788FA33BD022DE.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\req_support_B88499ED99C741E88D5FCC5F21DB5674.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [45056] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\UninstallShortcut_E345426E1BED4E97835AC4645E72B19C.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 23:04:31] - [2108608] - C:\Windows\Installer\{F0CF025B-D6F3-4F7C-939B-23291F52875C}\ParagonLinuxFSforWindows.exe (Copyright (C) 2018) - (Graphic user interface for Linux File Systems for Windows by Paragon Software mounter) ---------- | %System%\*.in* [15/03/2019 05:48:53] - [3329] - C:\Windows\System32\ieuinit.inf [07/12/2017 23:46:15] - [4579950] - C:\Windows\System32\PerfStringBackup.INI [29/09/2017 14:41:57] - [60124] - C:\Windows\System32\tcpmon.ini [29/09/2017 14:41:41] - [2307] - C:\Windows\System32\WimBootCompress.ini [15/03/2019 07:34:34] - [2232] - C:\Windows\Syswow64\FolderLockAdrv.inf [15/03/2019 05:48:53] - [3329] - C:\Windows\Syswow64\ieuinit.inf [29/09/2017 14:42:13] - [2307] - C:\Windows\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\AppPatch\Custom\Custom64 [MD5.00000000000000000000000000000000] - |D| - [26/03/2019 09:08:50] - [0 Ko] - C:\Windows\Temp\4ff541f0-847c-48a2-aae7-a4e309ed0d1f [MD5.00000000000000000000000000000000] - |D| - [26/03/2019 08:08:36] - [0 Ko] - C:\Windows\Temp\53111383-d471-465b-bd0b-ff69d0d7f828 [MD5.00000000000000000000000000000000] - |D| - [26/03/2019 14:08:29] - [0 Ko] - C:\Windows\Temp\68e32487-965b-45c7-ad13-5249f3191610 [MD5.00000000000000000000000000000000] - |D| - [26/03/2019 13:08:28] - [0 Ko] - C:\Windows\Temp\965a6065-f451-4d38-806c-2b715c64ae82 [MD5.00000000000000000000000000000000] - |D| - [26/03/2019 16:08:51] - [0 Ko] - C:\Windows\Temp\a0c9f2dc-ccdd-4939-a629-c9fb49fa9b07 [MD5.00000000000000000000000000000000] - |D| - [26/03/2019 10:08:54] - [0 Ko] - C:\Windows\Temp\a4e498e9-67ba-4c44-ba7e-46b08f78991a [MD5.00000000000000000000000000000000] - |D| - [26/03/2019 00:19:12] - [0 Ko] - C:\Windows\Temp\avast_ash2 [MD5.00000000000000000000000000000000] - |D| - [26/03/2019 06:08:29] - [5040 Ko] - C:\Windows\Temp\c93a1335-813b-42b4-be24-a6335f8c3846 [MD5.00000000000000000000000000000000] - |D| - [26/03/2019 12:08:30] - [0 Ko] - C:\Windows\Temp\f39a233f-31b0-45fd-8e13-5e821a389363 [MD5.00000000000000000000000000000000] - |D| - [26/03/2019 05:10:03] - [1440 Ko] - C:\Windows\Temp\f880c624-932b-4d30-9a9c-72deb128aa80 [MD5.0CF223E44D7C4BC6BDCD1C6713E183F5] - |A| - [26/03/2019 11:00:55] - (.-.) - [18.34 Ko] - (0.0.0.0) - C:\Windows\Temp\HighPerformancePlan.log [MD5.00000000000000000000000000000000] - |D| - [15/03/2019 08:26:40] - [1.44 Ko] - C:\Windows\Temp\Logs [MD5.38ECDEDFF4CEB5EB378BE3B51584C4CC] - |A| - [26/03/2019 11:00:54] - (.-.) - [0.1 Ko] - (0.0.0.0) - C:\Windows\Temp\PowerPlan.log [MD5.E5AD093076E0FC7AA6A62CEDFF437112] - |A| - [26/03/2019 11:00:53] - (.-.) - [11.12 Ko] - (0.0.0.0) - C:\Windows\Temp\UsoStoreFile.xml [MD5.00000000000000000000000000000000] - |D| - [15/03/2019 05:31:55] - [0 Ko] - C:\Windows\Temp\_avast_ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:15] - [0 Ko] - C:\Windows\System32\0409 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [29/09/2017 14:41:41] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\Windows\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [29/09/2017 14:41:27] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\Windows\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [29/09/2017 14:41:47] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\Windows\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [29/09/2017 14:41:33] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\Windows\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [29/09/2017 14:41:50] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\Windows\System32\@language_notification_icon.png [MD5.2B7002E9C7EA6B436F3A0F7C305AACD8] - |A| - [15/03/2019 05:46:00] - (.-.) - [0.5 Ko] - (0.0.0.0) - C:\Windows\System32\@NotifierToastIcon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [29/09/2017 14:41:56] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\Windows\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [29/09/2017 14:41:58] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\System32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [29/09/2017 14:42:07] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\Windows\System32\@WiFiNotificationIcon.png [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [29/09/2017 14:41:33] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [29/09/2017 14:41:41] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\System32\@WirelessDisplayToast.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [29/09/2017 14:41:31] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\Windows\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |A| - [29/09/2017 14:41:31] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\Windows\System32\@WwanSimLockIcon.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:14] - [2985.4 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\af-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [22 Ko] - C:\Windows\System32\am-ET [MD5.6DBFE2F49ADAA2E3683B93B437133734] - |A| - [07/12/2017 14:42:40] - (.-.) - [431.94 Ko] - (0.0.0.0) - C:\Windows\System32\ApnDatabase.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [2686.05 Ko] - C:\Windows\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [299 Ko] - C:\Windows\System32\ar-SA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\as-IN [MD5.10E0EBF0C78AD28D4F63FAB8581CB377] - |A| - [15/03/2019 05:30:27] - (.Copyright (c) 2019 AVAST Software - Avast start-up scanner.) - [354.38 Ko] - (19.3.4241.0) - C:\Windows\System32\aswBoot.exe [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [29/09/2017 14:41:25] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\Windows\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\az-Latn-AZ [MD5.EABC7486905A64C8D0CCED34D14DF3C7] - |A| - [26/03/2019 06:07:48] - (.-.) - [10.13 Ko] - (0.0.0.0) - C:\Windows\System32\bddel.dat [MD5.3DC1DC6838E343782EB3285A23E94268] - |A| - [26/03/2019 06:07:48] - (.-.) - [34.3 Ko] - (0.0.0.0) - C:\Windows\System32\bddel.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\be-BY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [287 Ko] - C:\Windows\System32\bg-BG [MD5.8B14F3DBC532A1AE1469EEB416F26165] - |A| - [15/03/2019 04:50:04] - (.Copyright (C) 2015-2020, BayHubTech/O2Micro. - Icon.) - [1843.86 Ko] - (1.0.0.6) - C:\Windows\System32\bhtv5Icon.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\bn-BD [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\bn-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [4949.7 Ko] - C:\Windows\System32\Boot [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\bs-Latn-BA [MD5.5712256A8FAB555CC50AEAC2A899A17A] - |A| - [29/09/2017 14:41:41] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [180.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0.1 Ko] - C:\Windows\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\ca-ES [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\System32\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:11] - [105500.66 Ko] - C:\Windows\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [64549.63 Ko] - C:\Windows\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 06:47:21] - [12483.09 Ko] - C:\Windows\System32\cAVS [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [23 Ko] - C:\Windows\System32\chr-CHER-US [MD5.37EC90A03EEE428476F446CE67D881A4] - |SH| - [15/03/2019 09:12:52] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\chsfzkmblhznywfd.dat [MD5.B56976738C58421BEB8189A6D5A6A66E] - |A| - [04/03/2019 22:39:16] - (.2005-2018 COMODO. - COMODO Internet Security.) - [50.59 Ko] - (11.0.0.6802) - C:\Windows\System32\cmdcsr.dll [MD5.7BE91946A1A9E03217624B3A117775D3] - |A| - [20/03/2019 13:00:08] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [329.18 Ko] - (1.3.50284.151) - C:\Windows\System32\cmdkbdcss64.dll [MD5.7C35203E529FFA1485B941BE7BACD144] - |A| - [04/03/2019 22:36:28] - (.2005-2018 COMODO. - COMODO Internet Security.) - [459.69 Ko] - (11.0.0.6802) - C:\Windows\System32\cmdvrt64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [2882.03 Ko] - C:\Windows\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [373 Ko] - C:\Windows\System32\com [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:11] - [411976.66 Ko] - C:\Windows\System32\config [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:33] - [160.31 Ko] - C:\Windows\System32\Configuration [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [346 Ko] - C:\Windows\System32\cs-CZ [MD5.C08B76197C6FC8B8CCA63DFDE3A48503] - |A| - [20/03/2019 13:00:09] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [49.09 Ko] - (1.3.50284.151) - C:\Windows\System32\csscsr64.dll [MD5.18315E8C880660C91695B04348911794] - |A| - [20/03/2019 13:00:08] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [437.21 Ko] - (1.3.50284.151) - C:\Windows\System32\cssguard64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\System32\cy-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [342 Ko] - C:\Windows\System32\da-DK [MD5.F44338D6E9FBBBDFAB849988897CA626] - |A| - [15/03/2019 05:49:02] - (.-.) - [83 Ko] - (0.0.0.0) - C:\Windows\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [203.41 Ko] - C:\Windows\System32\DDFs [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [386 Ko] - C:\Windows\System32\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [29/09/2017 14:41:26] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultAccountTile.png [MD5.26206C944AD7CDD1F50DD58868B32F7F] - |A| - [19/03/2017 11:30:58] - (.-.) - [64.38 Ko] - (0.0.0.0) - C:\Windows\System32\defaultCpff.aiqb [MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [29/09/2017 14:41:25] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [29/09/2017 14:46:41] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultQuestions.json [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:33] - [876 Ko] - C:\Windows\System32\DiagSvcs [MD5.5FF3FA1BFBB0CD05534F650EA27A6651] - |A| - [29/09/2017 14:41:45] - (.-.) - [90.75 Ko] - (0.0.0.0) - C:\Windows\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:13] - [9595.32 Ko] - C:\Windows\System32\Dism [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:13] - [1127.34 Ko] - C:\Windows\System32\downlevel [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:04] - [185413.85 Ko] - C:\Windows\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:11] - [2495846.27 Ko] - C:\Windows\System32\DriverStore [MD5.00000000000000000000000000000000] - |DC| - [25/03/2019 23:04:45] - [86.27 Ko] - C:\Windows\System32\DRVSTORE [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:33] - [336 Ko] - C:\Windows\System32\dsc [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [29/09/2017 14:41:25] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [29/09/2017 14:41:25] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [29/09/2017 14:41:25] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicShort.bin [MD5.10C38E1CA0D664F58E8B9F3645885E1D] - |A| - [15/03/2019 05:48:54] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\edgehtmlpluginpolicy.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [381.5 Ko] - C:\Windows\System32\el-GR [MD5.481FDBEEE807EEAADFD7143CA74467AF] - |A| - [30/04/2018 10:47:24] - (.Copyright (C) 2018 Engelmann Software. -.) - [1576.84 Ko] - (4.4.18.430) - C:\Windows\System32\EMRegSys44.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:16] - [3118 Ko] - C:\Windows\System32\en [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [17005.3 Ko] - C:\Windows\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [25300.6 Ko] - C:\Windows\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:11:38] - [3381 Ko] - C:\Windows\System32\es [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [44139.46 Ko] - C:\Windows\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [298.5 Ko] - C:\Windows\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [266.5 Ko] - C:\Windows\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:33] - [28899.66 Ko] - C:\Windows\System32\F12 [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\fa-IR [MD5.BEB1E18B7F2CE225D7B8B246B896F5F1] - |A| - [15/03/2019 05:51:02] - (.-.) - [952.5 Ko] - (0.0.0.0) - C:\Windows\System32\FaceProcessor.dll [MD5.C009F5D7740AAC4BDC99EF7C62803C21] - |A| - [15/03/2019 05:51:03] - (.-.) - [263.28 Ko] - (0.0.0.0) - C:\Windows\System32\FaceProcessorCore.dll [MD5.812CDFD967D2E82A3D24FCAA5784749D] - |A| - [29/09/2017 14:41:33] - (.-.) - [1325.65 Ko] - (0.0.0.0) - C:\Windows\System32\FaceTrackerInternal.dll [MD5.E65D2A37B6D4445D0CD9234BA933475B] - |A| - [15/03/2019 05:48:17] - (.-.) - [72.96 Ko] - (0.0.0.0) - C:\Windows\System32\FeatureToastHeroImg.jpg [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [346 Ko] - C:\Windows\System32\fi-FI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\fil-PH [MD5.A14F918555E5F875AB7720A51BEE3B27] - |A| - [07/12/2017 23:39:23] - (.-.) - [241.32 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:15:55] - [3403 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [306.5 Ko] - C:\Windows\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [45084.6 Ko] - C:\Windows\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\ga-IE [MD5.D07F2281427BD098356EE74B6CB26B86] - |A| - [29/09/2017 14:42:03] - (.-.) - [89 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [34 Ko] - C:\Windows\System32\gd-GB [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [07/12/2017 07:03:13] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\GfxValDisplayLog.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\System32\gl-ES [MD5.44A8F60A38C87271B582FE4DEEAF73E0] - |A| - [15/03/2019 05:50:41] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4762.5 Ko] - (3.10.5.5585) - C:\Windows\System32\gnsdk_fp.dll [MD5.D3294ACCC2B60A8754801D392C3E1820] - |A| - [07/12/2017 07:05:17] - (.- GripResetService.) - [21 Ko] - (1.0.0.6) - C:\Windows\System32\GripResetService.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\gu-IN [MD5.9736D0316780DC662B91C27328789B97] - |A| - [04/03/2019 22:38:58] - (.2005-2018 COMODO. - COMODO Internet Security.) - [904.13 Ko] - (11.0.0.6802) - C:\Windows\System32\guard64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [284 Ko] - C:\Windows\System32\he-IL [MD5.4CD16A9C15397E1FAD5F19E35A13BE58] - |A| - [29/09/2017 14:41:27] - (.-.) - [215.5 Ko] - (0.0.0.0) - C:\Windows\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\hi-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [278 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [352.5 Ko] - C:\Windows\System32\hu-HU [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\System32\hy-AM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:41] - [124.21 Ko] - C:\Windows\System32\hydrogen [MD5.A565537F1580872AE5B95D0CA457D780] - |A| - [29/09/2017 14:41:23] - (.-.) - [44.4 Ko] - (0.0.0.0) - C:\Windows\System32\hypervisor.mof [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [5.36 Ko] - C:\Windows\System32\ias [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.B124CE8AA3DA07EFF85AFA443CBE1B9A] - |RA| - [15/03/2019 05:49:55] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1856 Ko] - (59.1.0.0) - C:\Windows\System32\icuin.dll [MD5.54D8C41BCDFDFDC49A3185B972A92EB2] - |RA| - [15/03/2019 05:49:42] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1310 Ko] - (59.1.0.0) - C:\Windows\System32\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\id-ID [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27 Ko] - C:\Windows\System32\ig-NG [MD5.65F0FE85D2A3892A1D0030ACC197CB91] - |A| - [24/02/2017 10:20:54] - (.-.) - [279.8 Ko] - (0.0.0.0) - C:\Windows\System32\igfxCPL.cpl [MD5.19C3C8394B1A8EBE7CF61A8C0221C024] - |A| - [29/09/2017 14:41:25] - (.-.) - [168.5 Ko] - (0.0.0.0) - C:\Windows\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 07:01:24] - [2848.42 Ko] - C:\Windows\System32\ihvmanager [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [24877.17 Ko] - C:\Windows\System32\IME [MD5.922D5BABA5B7BA8253C6257B26FEDA6C] - |A| - [19/03/2017 11:30:58] - (.-.) - [188.18 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_CM500RF05SW700_SKY.cpf [MD5.1DE08BB9D54D2B2931D3A39695892511] - |A| - [19/03/2017 11:30:58] - (.-.) - [186.9 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_CM500RF05SW700_SKY_Video.cpf [MD5.C5D273F400B8EE5BEB81097D3E4FAF04] - |A| - [15/03/2019 04:50:45] - (.-.) - [162.62 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_FN50FF-562H_SKY.cpf [MD5.CFC5B24CA92142B55EF237208466205E] - |A| - [19/03/2017 11:30:58] - (.-.) - [162.38 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_FN50FF469H_SKY.cpf [MD5.9F566623F3513D47213DEFA9C7B7C9FA] - |A| - [15/03/2019 04:51:17] - (.-.) - [40.5 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_FRONT.aiqd [MD5.29A8CA39130FCC8647014CFF162C608C] - |A| - [19/03/2017 11:30:58] - (.-.) - [221.56 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_NSMM4D5_SKY.cpf [MD5.AA6EFEDA4D5C5E22FF8EEB15CEF88098] - |A| - [19/03/2017 11:30:58] - (.-.) - [216.24 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_NSMM4D5_SKY_Video.cpf [MD5.F609489142774262ABD4AB204E56C4D9] - |A| - [15/03/2019 04:50:45] - (.-.) - [167.33 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_START2FRONT_SKY.cpf [MD5.B216175F6574C5D40A6BFFFEB28E8938] - |A| - [15/03/2019 04:50:45] - (.-.) - [167.26 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_START2FRONT_SKY_Video.cpf [MD5.74FC5B9C7CC049384CC51A5E11465BD6] - |A| - [15/03/2019 04:51:18] - (.-.) - [40.5 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_REAR.aiqd [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - |A| - [15/03/2019 04:50:45] - (.-.) - [270.35 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_START2REAR_SKY.cpf [MD5.E172D9B2DF8542B9BA124338476D65A8] - |A| - [19/03/2017 11:30:58] - (.-.) - [309.15 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_START2REAR_SKY_4KVideo.cpf [MD5.D5082A13FF3DA91F6DE930951F6DA404] - |A| - [19/03/2017 11:30:58] - (.-.) - [312.56 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_START2REAR_SKY_HD120fpsVideo.cpf [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - |A| - [15/03/2019 04:50:45] - (.-.) - [270.35 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_START2REAR_SKY_Video.cpf [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.2B6D7ACE8C37A726F442B69DA1AC8B4A] - |A| - [15/03/2019 05:49:24] - (.-.) - [180.02 Ko] - (0.0.0.0) - C:\Windows\System32\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [6389.5 Ko] - C:\Windows\System32\InputMethod [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 06:47:21] - [91413.77 Ko] - C:\Windows\System32\Intel [MD5.FC0CFC2A883FFD6B255F9C0A14F747A3] - |A| - [24/02/2017 10:20:55] - (.Copyright © The Khronos Group Inc 2016 - OpenCL Client DLL.) - [141.71 Ko] - (2.1.1.0) - C:\Windows\System32\Intel_OpenCL_ICD64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\is-IS [MD5.F2DB1D6AD6D0ED387DFFB914CDC151A4] - |A| - [20/03/2019 13:00:45] - (.2005-2018 COMODO. - Internet Security Essentials.) - [249.53 Ko] - (1.5.4695.175) - C:\Windows\System32\iseguard64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:30:11] - [3368.5 Ko] - C:\Windows\System32\it [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [42870.8 Ko] - C:\Windows\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [270.91 Ko] - C:\Windows\System32\ja-jp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\ka-GE [MD5.C781EC82ED4F82C42ABE87774B56009C] - |A| - [19/03/2017 14:35:14] - (.-.) - [457.41 Ko] - (0.0.0.0) - C:\Windows\System32\KBL_AIC64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28 Ko] - C:\Windows\System32\km-KH [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\System32\kn-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [262 Ko] - C:\Windows\System32\ko-KR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\kok-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\ky-KG [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [29/09/2017 14:41:25] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\Windows\System32\LargeRoom.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [33 Ko] - C:\Windows\System32\lb-LU [MD5.EEE38B21A9B514397EFCB66FF7AFDADC] - |SH| - [15/03/2019 09:12:52] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\lgxzqgavzxsjwhkr.tbl [MD5.20E09FA2219BE2BF77A17AD7644176CA] - |A| - [15/03/2019 04:50:31] - (.-.) - [12143.58 Ko] - (0.0.0.0) - C:\Windows\System32\libia_cp64.dll [MD5.B209D959831AEF092817ECF8756F71B3] - |A| - [29/09/2017 14:41:58] - (.-.) - [776 Ko] - (0.0.0.0) - C:\Windows\System32\MBR2GPT.EXE [MD5.F2E9643DC05CD824F0E5525E5C940714] - |A| - [13/11/2017 02:29:30] - (.Copyright (C) 2016 - Samsung Modem Loader Service executable.) - [438.1 Ko] - (2.3.0.7) - C:\Windows\System32\MdmLdrSvc.exe [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [29/09/2017 14:41:25] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\Windows\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\mi-NZ [MD5.00000000000000000000000000000000] - |SD| - [07/12/2017 23:39:23] - [3.7 Ko] - C:\Windows\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [5631.06 Ko] - C:\Windows\System32\migration [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [47110.6 Ko] - C:\Windows\System32\migwiz [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\mk-MK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\ml-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\mn-MN [MD5.2CF0B546AA8A9863D54367948BF8AAB9] - |A| - [07/12/2017 07:11:19] - (.-.) - [1.08 Ko] - (0.0.0.0) - C:\Windows\System32\Modellist.txt [MD5.6E1EF1F6FBB2002AE726199EA2EDFACE] - |RA| - [10/11/2017 08:13:14] - (.-.) - [30433.5 Ko] - (0.0.0.0) - C:\Windows\System32\modem.bin [MD5.00000000000000000000000000000000] - |HD| - [07/12/2017 07:03:18] - [31068.88 Ko] - C:\Windows\System32\modem_core [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\mr-IN [MD5.00000000000000000000000000000000] - |D| - [15/03/2019 07:10:38] - [0 Ko] - C:\Windows\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\ms-MY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [45.5 Ko] - C:\Windows\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [4148.28 Ko] - C:\Windows\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\System32\mt-MT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [44.95 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [334 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\System32\NDF [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\System32\ne-NP [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [29/09/2017 14:42:03] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [51 Ko] - C:\Windows\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [359.5 Ko] - C:\Windows\System32\nl-NL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\nn-NO [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [3781.5 Ko] - C:\Windows\System32\Nui [MD5.34FFABE8384D7FD3A39D0A0073058FE7] - |A| - [07/12/2017 07:03:23] - (.-.) - [47.94 Ko] - (0.0.0.0) - C:\Windows\System32\nv_data.bin [MD5.19C3C27105083637FCF230BF0C04E0E0] - |A| - [07/12/2017 07:03:23] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\Windows\System32\nv_data.bin.md5 [MD5.B910E47C485808E59BC56E9FECE71E2A] - |A| - [07/12/2017 07:03:23] - (.-.) - [3.51 Ko] - (0.0.0.0) - C:\Windows\System32\nv_log.txt [MD5.5D4A5E27D573738E0C8C8FF4C0715DAF] - |A| - [29/09/2017 14:46:43] - (.-.) - [17.16 Ko] - (0.0.0.0) - C:\Windows\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [15946.68 Ko] - C:\Windows\System32\oobe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\or-IN [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [29/09/2017 14:41:25] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\Windows\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\pa-IN [MD5.AD93D5412F3A30D74D6FD5D7053CCB48] - |A| - [12/05/2017 03:42:25] - (.-.) - [375.45 Ko] - (0.0.0.0) - C:\Windows\System32\PanelManagerSvc.exe [MD5.02595092AE58000B170D1A64A54804FE] - |A| - [29/09/2017 14:48:30] - (.-.) - [222.24 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.F239DB5A6C2782B6792C59656902F5EE] - |A| - [07/12/2017 14:11:42] - (.-.) - [243.66 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00A.dat [MD5.A03DC70657DB688644C29D60A70841F7] - |A| - [07/12/2017 14:15:59] - (.-.) - [244.71 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.907213891E13ACE32C9E5B18E59517E2] - |A| - [07/12/2017 14:30:15] - (.-.) - [234.45 Ko] - (0.0.0.0) - C:\Windows\System32\perfc010.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [29/09/2017 14:48:30] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.08728AEF33BBAC5884423C1597E74A29] - |A| - [07/12/2017 14:11:42] - (.-.) - [42.92 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00A.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [07/12/2017 14:15:59] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.4F32511BD6124C1B65C8F7FCD244A82B] - |A| - [07/12/2017 14:30:15] - (.-.) - [38.93 Ko] - (0.0.0.0) - C:\Windows\System32\perfd010.dat [MD5.9A000864C077BFED5B0C81AEE659DC00] - |A| - [29/09/2017 14:48:30] - (.-.) - [866.44 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.E66606A6F7836078EA2B403DBA34A86F] - |A| - [07/12/2017 14:11:42] - (.-.) - [940.32 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00A.dat [MD5.709E18FF7FB09A2779375FD73DD19945] - |A| - [07/12/2017 14:15:59] - (.-.) - [1085.7 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.903BEB4C34FB703BBC5455466C511F80] - |A| - [07/12/2017 14:30:15] - (.-.) - [932.88 Ko] - (0.0.0.0) - C:\Windows\System32\perfh010.dat [MD5.A2F09364F95114DF54A9BD3682A2F686] - |A| - [07/12/2017 23:46:15] - (.-.) - [4472.61 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 07:11:19] - [353.13 Ko] - C:\Windows\System32\Phonexml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [358.5 Ko] - C:\Windows\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [708.5 Ko] - C:\Windows\System32\PointOfService [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [1806.4 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.0225FC6F0D91F84B44CE252487D8D725] - |A| - [23/03/2019 04:54:25] - (.Copyright (C) 2008-2013 - Video-Codec by proDAD.) - [593.02 Ko] - (1.0.18.0) - C:\Windows\System32\prodad-codec.dll [MD5.A14E6B78E10DE725955CC39EAADF4046] - |A| - [23/03/2019 04:54:21] - (.Copyright (C) 2008 - Part of the proDAD.) - [367.52 Ko] - (1.0.4.0) - C:\Windows\System32\proDAD-PA-Support.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\System32\ProximityToast [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\prs-AF [MD5.007893E8374C766471239EB291BA8C17] - |A| - [29/09/2017 14:42:04] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\Windows\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [359.5 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [355 Ko] - C:\Windows\System32\pt-PT [MD5.8F81AAE120E5A058E1D311E012965A96] - |A| - [15/03/2019 04:50:35] - (.-.) - [30826.06 Ko] - (0.0.0.0) - C:\Windows\System32\pvl64.dll [MD5.72F089FAC0BD345EA11965B5E5179435] - |A| - [15/03/2019 04:50:37] - (.-.) - [494.06 Ko] - (0.0.0.0) - C:\Windows\System32\pvl_perspective_control64.dll [MD5.9B8E48ACB0D2BD037A11E247F31117A8] - |A| - [15/03/2019 04:50:37] - (.-.) - [133.59 Ko] - (0.0.0.0) - C:\Windows\System32\pvl_skin_smoothing_denoising64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\quz-PE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [23.75 Ko] - C:\Windows\System32\ras [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\System32\RasToast [MD5.49A390CA472675F87262798CBD46BBEA] - |A| - [13/11/2017 02:29:37] - (.Copyright (C) 2016 - Samsung Radio Control Delegation Service executable.) - [460.1 Ko] - (2.3.0.7) - C:\Windows\System32\RCDService.exe [MD5.692DC6EF573FFCDD9DFB55D1C783DB93] - |A| - [29/09/2017 14:41:23] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\removehypervisor.mof [MD5.E17EAD4E09FB96BD6DB717CB605B17F1] - |A| - [29/09/2017 14:42:06] - (.-.) - [8.86 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriHMImageList [MD5.8286304CD9A20E2A4621D931F1CEF5CB] - |A| - [29/09/2017 14:42:06] - (.-.) - [8.28 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriImageList [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0.07 Ko] - C:\Windows\System32\restore [MD5.D07E424408708A52CC5680F2C552EE5A] - |A| - [07/12/2017 07:04:05] - (.-.) - [17.07 Ko] - (0.0.0.0) - C:\Windows\System32\results.xml [MD5.3767825203BB89C66309BFE62E75E6D2] - |A| - [15/03/2019 05:50:47] - (.-.) - [95.5 Ko] - (0.0.0.0) - C:\Windows\System32\runexehelper.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\rw-RW [MD5.0EF31C4363277197B9528FDC80128B7E] - |A| - [19/01/2017 21:30:00] - (.Copyright (C) 2017 -.) - [26.61 Ko] - (1.0.48.0) - C:\Windows\System32\SamsungSystemAgentInstaller.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [29/09/2017 14:43:11] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\sd-Arab-PK [MD5.99F86B98160742F3395A688D70B45FF5] - |A| - [13/11/2017 02:29:37] - (.-.) - [162.6 Ko] - (0.0.0.0) - C:\Windows\System32\SecRilProxy.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [6.92 Ko] - C:\Windows\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [29/09/2017 14:42:04] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [15/03/2019 10:48:27] - [7395 Ko] - C:\Windows\System32\ShellExtBridge [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\si-LK [MD5.55AA2F021E09B07B7F36E1C1F439C1E8] - |A| - [07/12/2017 14:12:45] - (.-.) - [241.46 Ko] - (0.0.0.0) - C:\Windows\System32\SingleBom.xml [MD5.9600A53FFCD61F92ED1933AF66EF2E42] - |A| - [07/12/2017 14:12:45] - (.-.) - [951.41 Ko] - (0.0.0.0) - C:\Windows\System32\SingleBom2.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [283 Ko] - C:\Windows\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [279.5 Ko] - C:\Windows\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 23:39:23] - [27960.01 Ko] - C:\Windows\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [202.87 Ko] - C:\Windows\System32\slmgr [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [29/09/2017 14:41:25] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\Windows\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:11] - [13385.02 Ko] - C:\Windows\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.png [MD5.8D30AAF519A40D69F6BABFFD60C75E56] - |A| - [15/03/2019 05:49:09] - (.-.) - [37 Ko] - (0.0.0.0) - C:\Windows\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [7882.4 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [12629.58 Ko] - C:\Windows\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [39251.6 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [8001.51 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [23.61 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\sq-AL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [282 Ko] - C:\Windows\System32\sr-Latn-RS [MD5.B461D2CE1D93ADAB10E0E5495A06E403] - |A| - [29/09/2017 14:42:07] - (.-.) - [16.74 Ko] - (0.0.0.0) - C:\Windows\System32\srms-apr.dat [MD5.047BCF71FB0E5EC754437879E8DAA7F6] - |A| - [29/09/2017 14:42:00] - (.-.) - [56.38 Ko] - (0.0.0.0) - C:\Windows\System32\srms.dat [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [30360 Ko] - C:\Windows\System32\sru [MD5.1BA92CDCF58B0D7D298CC09799B4D431] - |A| - [29/09/2017 14:41:25] - (.-.) - [410 Ko] - (0.0.0.0) - C:\Windows\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [341 Ko] - C:\Windows\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\sw-KE [MD5.AE80F089FF890EF483FDB82B9F2A2EA8] - |A| - [15/03/2019 06:58:58] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\Windows\System32\swhealthex.log [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:13] - [1341.9 Ko] - C:\Windows\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [930.28 Ko] - C:\Windows\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [34 Ko] - C:\Windows\System32\ta-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [590.39 Ko] - C:\Windows\System32\Tasks [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [29/09/2017 14:41:57] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\te-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32 Ko] - C:\Windows\System32\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [260 Ko] - C:\Windows\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [22.5 Ko] - C:\Windows\System32\ti-ET [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\System32\tk-TM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 07:03:18] - [330.69 Ko] - C:\Windows\System32\ToastGenerator [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [336 Ko] - C:\Windows\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [29/09/2017 14:42:07] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [29/09/2017 14:42:07] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\tt-RU [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28 Ko] - C:\Windows\System32\ug-CN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [277.5 Ko] - C:\Windows\System32\uk-UA [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [2739.92 Ko] - C:\Windows\System32\UNP [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\ur-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32 Ko] - C:\Windows\System32\uz-Latn-UZ [MD5.DD4447DFCB5018987FDA850C6BCDE2A7] - |A| - [07/12/2017 07:11:19] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\System32\VersionID.txt [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\System32\vi-VN [MD5.F6580F5D0408FCD200F535F08BEA1C18] - |A| - [23/11/2016 01:22:56] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [259.28 Ko] - (1.0.33.0) - C:\Windows\System32\vulkan-1-1-0-33-0.dll [MD5.179798523995687C5A0B49B762827007] - |A| - [15/03/2019 05:01:30] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [991 Ko] - (1.1.92.1) - C:\Windows\System32\vulkan-1-999-0-0-0.dll [MD5.179798523995687C5A0B49B762827007] - |A| - [15/03/2019 05:01:30] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [991 Ko] - (1.1.92.1) - C:\Windows\System32\vulkan-1.dll [MD5.324D0656179A6237150B851A03F2FB17] - |A| - [23/11/2016 01:22:24] - (.-.) - [122.28 Ko] - (0.0.0.0) - C:\Windows\System32\vulkaninfo-1-1-0-33-0.exe [MD5.B23B857ED2A89D932DC091CADFA176E3] - |A| - [15/03/2019 04:58:41] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [248.97 Ko] - (1.1.92.1) - C:\Windows\System32\vulkaninfo-1-999-0-0-0.exe [MD5.B23B857ED2A89D932DC091CADFA176E3] - |A| - [15/03/2019 04:58:41] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [248.97 Ko] - (1.1.92.1) - C:\Windows\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [125802.85 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [0 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [138464.28 Ko] - C:\Windows\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [29/09/2017 14:41:40] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [1.12 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [80360.22 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.1E38A547C9380DAB0F0692E1EE9CC5B3] - |A| - [29/09/2017 14:41:27] - (.-.) - [102.5 Ko] - (0.0.0.0) - C:\Windows\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [10453.51 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [133728 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [5286.48 Ko] - C:\Windows\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [419.85 Ko] - C:\Windows\System32\winrm [MD5.63CFE4B848F85D1883FE8D9F1820B667] - |A| - [19/05/2017 08:38:06] - (.Copyright (C) 2015 Samsung Electronics Co., Ltd. - WLAN SAR Service.) - [54.5 Ko] - (1.0.0.7) - C:\Windows\System32\WlSarService.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\System32\wo-SN [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [29/09/2017 14:42:07] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\Windows\System32\wpcmon.png [MD5.D224E07A6F89FD14C3FD8A83127811CC] - |A| - [29/09/2017 14:41:43] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\Windows\System32\wpr.config.xml [MD5.200BCDE9B44C32B1633B68A9AADA8AAA] - |A| - [29/09/2017 14:41:25] - (.-.) - [78 Ko] - (0.0.0.0) - C:\Windows\System32\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\yo-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [260.04 Ko] - C:\Windows\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [225.5 Ko] - C:\Windows\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\zu-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [0 Ko] - C:\Windows\SysWOW64\0409 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [29/09/2017 14:42:13] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [29/09/2017 14:42:11] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [29/09/2017 14:42:24] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [29/09/2017 14:42:13] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@WirelessDisplayToast.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:15] - [2001.4 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\af-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [22 Ko] - C:\Windows\SysWOW64\am-ET [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [280.5 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\as-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\be-BY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [265.5 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.8B14F3DBC532A1AE1469EEB416F26165] - |A| - [15/03/2019 04:50:04] - (.Copyright (C) 2015-2020, BayHubTech/O2Micro. - Icon.) - [1843.86 Ko] - (1.0.0.6) - C:\Windows\SysWOW64\bhtv5Icon.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\bn-BD [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\bn-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\bs-Latn-BA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0.1 Ko] - C:\Windows\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\ca-ES [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\SysWOW64\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [23 Ko] - C:\Windows\SysWOW64\chr-CHER-US [MD5.BC3B6239D0F74FFA152FCE165CFB6424] - |A| - [20/03/2019 13:00:06] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [261.18 Ko] - (1.3.50284.151) - C:\Windows\SysWOW64\cmdkbdcss32.dll [MD5.A6DE9F867ED5C583347ACE03AEF74A98] - |A| - [04/03/2019 22:34:52] - (.2005-2018 COMODO. - COMODO Internet Security.) - [364.69 Ko] - (11.0.0.6802) - C:\Windows\SysWOW64\cmdvrt32.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [330 Ko] - C:\Windows\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [34019.22 Ko] - C:\Windows\SysWOW64\config [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [160.31 Ko] - C:\Windows\SysWOW64\Configuration [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [325 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.5FD2AB268E79600FED51E072EB69F8B2] - |A| - [20/03/2019 13:00:08] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [341.3 Ko] - (1.3.50284.151) - C:\Windows\SysWOW64\cssguard32.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\SysWOW64\cy-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [322 Ko] - C:\Windows\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [364 Ko] - C:\Windows\SysWOW64\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [29/09/2017 14:42:09] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\DefaultAccountTile.png [MD5.26206C944AD7CDD1F50DD58868B32F7F] - |A| - [19/03/2017 11:30:58] - (.-.) - [64.38 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\defaultCpff.aiqb [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [200.5 Ko] - C:\Windows\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [7730.7 Ko] - C:\Windows\SysWOW64\Dism [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [1079.58 Ko] - C:\Windows\SysWOW64\downlevel [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [3478.29 Ko] - C:\Windows\SysWOW64\drivers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0.75 Ko] - C:\Windows\SysWOW64\DriverStore [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [358.5 Ko] - C:\Windows\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [3118 Ko] - C:\Windows\SysWOW64\en [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [13663.06 Ko] - C:\Windows\SysWOW64\en-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [21167.31 Ko] - C:\Windows\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:11:40] - [3128 Ko] - C:\Windows\SysWOW64\es [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [36790.04 Ko] - C:\Windows\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [277 Ko] - C:\Windows\SysWOW64\es-MX [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [247.5 Ko] - C:\Windows\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [24785.16 Ko] - C:\Windows\SysWOW64\F12 [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\fa-IR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [325 Ko] - C:\Windows\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\fil-PH [MD5.5A3BCFCCEAA2C9950532BCE313BAB55C] - |A| - [15/03/2019 07:34:34] - (.-.) - [2.18 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\FolderLockAdrv.inf [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:15:56] - [3149.5 Ko] - C:\Windows\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [284 Ko] - C:\Windows\SysWOW64\fr-CA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [37532.15 Ko] - C:\Windows\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\ga-IE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [34 Ko] - C:\Windows\SysWOW64\gd-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\SysWOW64\gl-ES [MD5.1E91815C329345AD54FE08BF7A98F749] - |A| - [15/03/2019 05:50:37] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4073.5 Ko] - (3.10.5.5585) - C:\Windows\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\gu-IN [MD5.7F6A10AF073204F0BFEA03296A719DF8] - |A| - [04/03/2019 22:39:04] - (.2005-2018 COMODO. - COMODO Internet Security.) - [695.53 Ko] - (11.0.0.6802) - C:\Windows\SysWOW64\guard32.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [266.5 Ko] - C:\Windows\SysWOW64\he-IL [MD5.3A7F920893FD6F49BC4CC07B72914013] - |A| - [29/09/2017 14:42:09] - (.-.) - [188.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\hi-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [258 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [331 Ko] - C:\Windows\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\SysWOW64\hy-AM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml [MD5.9D0FDC241ECD537B7DE219A98A726563] - |RA| - [15/03/2019 05:49:35] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1602.5 Ko] - (59.1.0.0) - C:\Windows\SysWOW64\icuin.dll [MD5.C18014A1063903CC299E4045C93F862B] - |RA| - [15/03/2019 05:49:33] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1131.5 Ko] - (59.1.0.0) - C:\Windows\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\id-ID [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27 Ko] - C:\Windows\SysWOW64\ig-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [20706.67 Ko] - C:\Windows\SysWOW64\IME [MD5.922D5BABA5B7BA8253C6257B26FEDA6C] - |A| - [19/03/2017 11:30:58] - (.-.) - [188.18 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_CM500RF05SW700_SKY.cpf [MD5.1DE08BB9D54D2B2931D3A39695892511] - |A| - [19/03/2017 11:30:58] - (.-.) - [186.9 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_CM500RF05SW700_SKY_Video.cpf [MD5.C5D273F400B8EE5BEB81097D3E4FAF04] - |A| - [15/03/2019 04:50:45] - (.-.) - [162.62 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_FN50FF-562H_SKY.cpf [MD5.CFC5B24CA92142B55EF237208466205E] - |A| - [19/03/2017 11:30:58] - (.-.) - [162.38 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_FN50FF469H_SKY.cpf [MD5.29A8CA39130FCC8647014CFF162C608C] - |A| - [19/03/2017 11:30:58] - (.-.) - [221.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_NSMM4D5_SKY.cpf [MD5.AA6EFEDA4D5C5E22FF8EEB15CEF88098] - |A| - [19/03/2017 11:30:58] - (.-.) - [216.24 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_NSMM4D5_SKY_Video.cpf [MD5.F609489142774262ABD4AB204E56C4D9] - |A| - [15/03/2019 04:50:45] - (.-.) - [167.33 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_START2FRONT_SKY.cpf [MD5.B216175F6574C5D40A6BFFFEB28E8938] - |A| - [15/03/2019 04:50:45] - (.-.) - [167.26 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_START2FRONT_SKY_Video.cpf [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - |A| - [15/03/2019 04:50:45] - (.-.) - [270.35 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX258_START2REAR_SKY.cpf [MD5.E172D9B2DF8542B9BA124338476D65A8] - |A| - [19/03/2017 11:30:58] - (.-.) - [309.15 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX258_START2REAR_SKY_4KVideo.cpf [MD5.D5082A13FF3DA91F6DE930951F6DA404] - |A| - [19/03/2017 11:30:58] - (.-.) - [312.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX258_START2REAR_SKY_HD120fpsVideo.cpf [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - |A| - [15/03/2019 04:50:45] - (.-.) - [270.35 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX258_START2REAR_SKY_Video.cpf [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\inetsrv [MD5.4CED7C72B126C457F5E00A943B18B924] - |A| - [15/03/2019 05:49:21] - (.-.) - [146.45 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [218.5 Ko] - C:\Windows\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield [MD5.E444C15CD99DE0407A7E9125F609C493] - |A| - [24/02/2017 10:20:55] - (.Copyright © The Khronos Group Inc 2016 - OpenCL Client DLL.) - [117.23 Ko] - (2.1.1.0) - C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\is-IS [MD5.F5BE56A8A18B3315935EE3AA8F920010] - |A| - [20/03/2019 13:00:45] - (.2005-2018 COMODO. - Internet Security Essentials.) - [200.71 Ko] - (1.5.4695.175) - C:\Windows\SysWOW64\iseguard32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:30:12] - [3116 Ko] - C:\Windows\SysWOW64\it [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [35606.25 Ko] - C:\Windows\SysWOW64\it-IT [MD5.214F51F66802C851F1C50BC662EDA828] - |A| - [19/03/2017 14:35:10] - (.-.) - [398.41 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\KBL_AIC.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28 Ko] - C:\Windows\SysWOW64\km-KH [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\SysWOW64\kn-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [249 Ko] - C:\Windows\SysWOW64\ko-KR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\kok-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\ky-KG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [33 Ko] - C:\Windows\SysWOW64\lb-LU [MD5.B3F9F1DAF735F5FAF167542C5C79E494] - |A| - [24/02/2017 10:20:56] - (.-.) - [144.21 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libEGL.dll [MD5.0379A7F33DB3097E87D51AC91278F07F] - |A| - [24/02/2017 10:20:56] - (.-.) - [123.23 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libGLESv1_CM.dll [MD5.56335027A2B5C73AFB97F85B5E0CD4CA] - |A| - [24/02/2017 10:20:56] - (.-.) - [157.73 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libGLESv2.dll [MD5.D6834D1BA5633B96C628EC62AFE9241C] - |A| - [19/03/2017 14:35:16] - (.-.) - [10144.91 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libia_cp.dll [MD5.DF252F37880142ED5574C2BE4DADF5A7] - |A| - [15/03/2019 05:28:26] - (.-.) - [206 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\msvcrt10.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\SysWOW64\mt-MT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [44.95 Ko] - C:\Windows\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [315 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\SysWOW64\ne-NP [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [51 Ko] - C:\Windows\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [338 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\nn-NO [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [3781.5 Ko] - C:\Windows\SysWOW64\Nui [MD5.591E81D5E8CF862D6F12C2E2E53D87C1] - |A| - [15/03/2019 07:34:09] - (.-.) - [40 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\nwsftUninstall.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [650.72 Ko] - C:\Windows\SysWOW64\oobe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\or-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\pa-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [336.5 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [1806.38 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\prs-AF [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [338.5 Ko] - C:\Windows\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [333.5 Ko] - C:\Windows\SysWOW64\pt-PT [MD5.D5315B9A346EA9AEAD836DBCE8FED34A] - |A| - [19/03/2017 14:35:32] - (.-.) - [15023.41 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\pvl.dll [MD5.6BE006E30928C81322196A1949B042E2] - |A| - [19/03/2017 14:35:38] - (.-.) - [749.91 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\pvl_perspective_control.dll [MD5.70A36915F333E318C67E463375F192BF] - |A| - [19/03/2017 14:35:44] - (.-.) - [108.41 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\pvl_skin_smoothing_denoising.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\quz-PE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [23.75 Ko] - C:\Windows\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0.82 Ko] - C:\Windows\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [261.5 Ko] - C:\Windows\SysWOW64\ro-RO [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 06:47:24] - [2214.8 Ko] - C:\Windows\SysWOW64\RTCOM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [329.5 Ko] - C:\Windows\SysWOW64\ru-RU [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\rw-RW [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\sd-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\si-LK [MD5.55AA2F021E09B07B7F36E1C1F439C1E8] - |A| - [07/12/2017 14:12:45] - (.-.) - [241.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\SingleBom.xml [MD5.9600A53FFCD61F92ED1933AF66EF2E42] - |A| - [07/12/2017 14:12:45] - (.-.) - [951.41 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\SingleBom2.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [261 Ko] - C:\Windows\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [259 Ko] - C:\Windows\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [202.87 Ko] - C:\Windows\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\SMI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [4241.4 Ko] - C:\Windows\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [9043.49 Ko] - C:\Windows\SysWOW64\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [1319.31 Ko] - C:\Windows\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [23.61 Ko] - C:\Windows\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\sq-AL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [262 Ko] - C:\Windows\SysWOW64\sr-Latn-RS [MD5.B461D2CE1D93ADAB10E0E5495A06E403] - |A| - [29/09/2017 14:42:27] - (.-.) - [16.74 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\sru [MD5.30FE146E2F0712AFEEA1ECF3E0EA270C] - |A| - [29/09/2017 14:42:09] - (.-.) - [302 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [321.5 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\sw-KE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [34 Ko] - C:\Windows\SysWOW64\ta-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\te-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32 Ko] - C:\Windows\SysWOW64\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [241 Ko] - C:\Windows\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [22.5 Ko] - C:\Windows\SysWOW64\ti-ET [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\SysWOW64\tk-TM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [316.5 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.1083642C30E7A3F79D565698BC1B70E4] - |A| - [23/11/2016 01:23:44] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [265.28 Ko] - (1.0.33.0) - C:\Windows\SysWOW64\vulkan-1-1-0-33-0.dll [MD5.8F224D31DA0884C547AB6E65C2CBBE93] - |A| - [15/03/2019 05:01:30] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [858 Ko] - (1.1.92.1) - C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll [MD5.8F224D31DA0884C547AB6E65C2CBBE93] - |A| - [15/03/2019 05:01:30] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [858 Ko] - (1.1.92.1) - C:\Windows\SysWOW64\vulkan-1.dll [MD5.900B60ECDDF695C0A55CA7C82AD75668] - |A| - [23/11/2016 01:23:14] - (.-.) - [108.28 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vulkaninfo-1-1-0-33-0.exe [MD5.AA008CDFA795097F16F18170FF5FB815] - |A| - [15/03/2019 04:58:41] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [223.97 Ko] - (1.1.92.0) - C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe [MD5.AA008CDFA795097F16F18170FF5FB815] - |A| - [15/03/2019 04:58:41] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [223.97 Ko] - (1.1.92.0) - C:\Windows\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [25071.71 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:18] - [0 Ko] - C:\Windows\SysWOW64\WCN [MD5.ACC1181C0AA4D01B537F53A1CC33E766] - |A| - [29/09/2017 14:42:09] - (.-.) - [90 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [9617.54 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.FFD2F3835BC170C7B3858F326262EBDA] - |A| - [15/03/2019 07:34:32] - (.-.) - [35.62 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WinFLAdrv.sys [MD5.503E4A64E8FB731D415510B676F2BFFA] - |A| - [15/03/2019 07:34:11] - (.-.) - [13.85 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WinFLMsgService.exe [MD5.A3B55D9B3F656E4F82C5D79C632B0038] - |A| - [15/03/2019 07:34:12] - (.2002-2018 © NewSoftwares.net - Service Application.) - [92.51 Ko] - (7.7.1.0) - C:\Windows\SysWOW64\WinFLService.exe [MD5.14E6BAFD6C80C9D0E2E31A6BC40479C7] - |A| - [15/03/2019 07:34:08] - (.2002-2018 © NewSoftwares.net - Folder Lock.) - [328.01 Ko] - (7.7.1.0) - C:\Windows\SysWOW64\WinFLTray.exe [MD5.14E6BAFD6C80C9D0E2E31A6BC40479C7] - |A| - [15/03/2019 07:34:07] - (.2002-2018 © NewSoftwares.net - Folder Lock.) - [328.01 Ko] - (7.7.1.0) - C:\Windows\SysWOW64\WinFLTrayShred.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [5286.49 Ko] - C:\Windows\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:18] - [419.85 Ko] - C:\Windows\SysWOW64\winrm [MD5.3CC985A4E7D90F5B6D9FF1FD5CD486D7] - |A| - [15/03/2019 07:34:30] - (.Copyright © 1998-2011 NewSoftwares.net, Inc. - Virtual Encryption Driver.) - [220.39 Ko] - (7.0.0.0) - C:\Windows\SysWOW64\WinVDEdrv.sys [MD5.2D446F342467128EA389CF44EC79C2BA] - |A| - [15/03/2019 07:34:31] - (.-.) - [193.02 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WinVDEdrv6.sys [MD5.F2ECB87B996541BF44B55D301586E2C5] - |AS| - [15/03/2019 11:44:42] - (.-.) - [11.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\win_flfiles_sys.dat [MD5.A1A8919960FB16CE0B4CEDF6B1864939] - |AS| - [15/03/2019 11:44:42] - (.-.) - [3.38 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\win_stlthdb_sys.dat [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\SysWOW64\wo-SN [MD5.E1FEDF746C5EE63886B06756867F728C] - |A| - [11/10/2017 03:42:25] - (.Copyright (C) 2012 - WSABI.) - [42.28 Ko] - (1.0.0.3) - C:\Windows\SysWOW64\wsabi.dll [MD5.12D91C9A9837995A137ACE4B2E674918] - |A| - [29/09/2017 14:42:09] - (.-.) - [54.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:11:41] - [30.47 Ko] - C:\Windows\SysWOW64\XPSViewer [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\yo-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [220.5 Ko] - C:\Windows\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [214.5 Ko] - C:\Windows\SysWOW64\zh-TW [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\zu-ZA ---------- | [EFM_UEFM_Barrow_U] [15/03/2019 05:09:53] - |DC| - [10136] - C:\Users\EFM_UEFM_Barrow_U\.cache [22/03/2019 10:10:42] - |HDC| - [1248] - C:\Users\EFM_UEFM_Barrow_U\.obs32 [14/03/2019 22:40:32] - |RDC| - [298] - C:\Users\EFM_UEFM_Barrow_U\3D Objects [14/03/2019 22:40:02] - |HDC| - [6154015631] - C:\Users\EFM_UEFM_Barrow_U\AppData [14/03/2019 22:40:32] - |RDC| - [412] - C:\Users\EFM_UEFM_Barrow_U\Contacts [14/03/2019 22:40:02] - |RDC| - [337049084] - C:\Users\EFM_UEFM_Barrow_U\Desktop [14/03/2019 22:40:02] - |RDC| - [21618332608] - C:\Users\EFM_UEFM_Barrow_U\Documents [14/03/2019 22:40:02] - |RDC| - [2451461149] - C:\Users\EFM_UEFM_Barrow_U\Downloads [14/03/2019 22:40:02] - |RDC| - [746] - C:\Users\EFM_UEFM_Barrow_U\Favorites [14/03/2019 22:40:30] - |SHDC| - [25308] - C:\Users\EFM_UEFM_Barrow_U\IntelGraphicsProfiles [14/03/2019 22:40:02] - |RDC| - [2045] - C:\Users\EFM_UEFM_Barrow_U\Links [14/03/2019 22:40:50] - |HDC| - [457] - C:\Users\EFM_UEFM_Barrow_U\MicrosoftEdgeBackups [14/03/2019 22:40:02] - |RDC| - [9469664] - C:\Users\EFM_UEFM_Barrow_U\Music [14/03/2019 22:40:02] - |AH| - [3670016] - C:\Users\EFM_UEFM_Barrow_U\NTUSER.DAT [14/03/2019 22:40:02] - |ASH| - [967680] - C:\Users\EFM_UEFM_Barrow_U\ntuser.dat.LOG1 [14/03/2019 22:40:02] - |ASH| - [1126400] - C:\Users\EFM_UEFM_Barrow_U\ntuser.dat.LOG2 [14/03/2019 22:40:02] - |ASH| - [65536] - C:\Users\EFM_UEFM_Barrow_U\NTUSER.DAT{47a6a17a-a514-11e7-a94e-ec0d9a05c860}.TM.blf [14/03/2019 22:40:02] - |ASH| - [524288] - C:\Users\EFM_UEFM_Barrow_U\NTUSER.DAT{47a6a17a-a514-11e7-a94e-ec0d9a05c860}.TMContainer00000000000000000001.regtrans-ms [14/03/2019 22:40:02] - |ASH| - [524288] - C:\Users\EFM_UEFM_Barrow_U\NTUSER.DAT{47a6a17a-a514-11e7-a94e-ec0d9a05c860}.TMContainer00000000000000000002.regtrans-ms [14/03/2019 22:40:02] - |SHC| - [20] - C:\Users\EFM_UEFM_Barrow_U\ntuser.ini [14/03/2019 22:42:30] - |RADC| - [3933799579] - C:\Users\EFM_UEFM_Barrow_U\OneDrive [14/03/2019 22:40:02] - |RDC| - [7993623] - C:\Users\EFM_UEFM_Barrow_U\Pictures [14/03/2019 22:40:02] - |RDC| - [282] - C:\Users\EFM_UEFM_Barrow_U\Saved Games [14/03/2019 22:40:32] - |RDC| - [1872] - C:\Users\EFM_UEFM_Barrow_U\Searches [14/03/2019 22:40:02] - |RDC| - [2432164405] - C:\Users\EFM_UEFM_Barrow_U\Videos [14/03/2019 22:40:02] - |DC| - [5467408291] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local [14/03/2019 22:40:02] - |DC| - [16667064] - C:\Users\EFM_UEFM_Barrow_U\AppData\LocalLow [14/03/2019 22:40:02] - |HDC| - [669940276] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming [14/03/2019 23:15:44] - |DC| - [143360] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\AdAwareDesktop [14/03/2019 22:51:03] - |DC| - [138240] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\AdAwareUpdater [21/03/2019 08:10:15] - |DC| - [82] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Aimersoft [15/03/2019 18:26:30] - |DC| - [38490] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Ashampoo [20/03/2019 13:36:14] - |DC| - [262512] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Atelier Photo Fnac [15/03/2019 05:34:24] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\AVAST Software [26/03/2019 17:10:18] - |DC| - [13722] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Babylon [15/03/2019 08:28:26] - |DC| - [21320] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\cache [15/03/2019 06:16:45] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\CEF [14/03/2019 22:50:40] - |DC| - [18898948] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Comms [20/03/2019 12:59:40] - |DC| - [485321258] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Comodo [14/03/2019 22:40:30] - |DC| - [1855] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\ConnectedDevicesPlatform [15/03/2019 09:07:52] - |DC| - [17119586] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\CrashDumps [26/03/2019 08:29:41] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\CrashRpt [22/03/2019 11:17:15] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\CrashRpt.BackupByAshampooSnapPortable [14/03/2019 22:46:10] - |DC| - [21367002] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\CyberLink [14/03/2019 22:43:31] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\DBG [15/03/2019 11:01:54] - |DC| - [1369] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Engelmann_Software [22/03/2019 18:21:53] - |DC| - [118911] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Fighters [14/03/2019 22:48:23] - |AHC| - [163600] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\IconCache.db [15/03/2019 05:04:45] - |DC| - [86] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Intel [15/03/2019 09:12:18] - |DC| - [88716] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\lfsh_uefm_efm_b162_w16_anaamfuw suite essentials setup [20/03/2019 14:14:11] - |DC| - [278896] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Logiciel de création CEWE [20/03/2019 13:58:38] - |DC| - [549232] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Logiciel de création CEWE Cora [14/03/2019 22:40:31] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\LoopBackService [14/03/2019 22:40:02] - |DC| - [343611409] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft [14/03/2019 22:40:42] - |DC| - [72267] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\MicrosoftEdge [14/03/2019 22:46:16] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\OneDrive [15/03/2019 05:25:26] - |DC| - [251106945] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Opera Software [14/03/2019 22:40:31] - |DC| - [370003902] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Packages [14/03/2019 22:49:19] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\PanelManager [15/03/2019 08:26:58] - |DC| - [6890108] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Paragon [14/03/2019 22:59:04] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\PlaceholderTileLogoFolder [14/03/2019 22:43:47] - |DC| - [380194906] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs [14/03/2019 22:40:37] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Publishers [14/03/2019 22:49:20] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\SafiAgent [15/03/2019 08:59:05] - |DC| - [118017265] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\SIB [20/03/2019 21:23:18] - |DC| - [775588718] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Spoon [17/03/2019 05:03:26] - |DC| - [1507548195] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\TechSmith [14/03/2019 22:40:02] - |DC| - [96267383] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Temp [20/03/2019 21:22:35] - |DC| - [775588718] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Turbo [20/03/2019 21:48:43] - |DC| - [612] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Turbo Studio 19 [20/03/2019 21:48:24] - |DC| - [171613127] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Turbo.net [14/03/2019 22:40:31] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\VirtualStore [23/03/2019 22:45:58] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\WinSweeper [22/03/2019 13:10:22] - |DC| - [82] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Wondershare [15/03/2019 09:28:29] - |DC| - [126152727] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Zemana [26/03/2019 18:42:30] - |DC| - [224742] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\ZHP [15/03/2019 11:44:18] - |DC| - [305] - C:\Users\EFM_UEFM_Barrow_U\AppData\LocalLow\IObit [14/03/2019 22:41:01] - |SDC| - [16666759] - C:\Users\EFM_UEFM_Barrow_U\AppData\LocalLow\Microsoft [18/03/2019 19:09:27] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\LocalLow\Temp [14/03/2019 22:45:57] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\adaware [14/03/2019 22:40:31] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Adobe [17/03/2019 19:07:27] - |DC| - [10] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\AmazingFolderPasswordLock [23/03/2019 09:20:59] - |DC| - [1233651] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Apowersoft [23/03/2019 12:14:33] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\ASCOMP Software [15/03/2019 05:34:39] - |DC| - [2058444] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\AVAST Software [26/03/2019 17:10:10] - |DC| - [662011] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Babylon [23/03/2019 05:54:38] - |DC| - [262] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\BorisFX [18/03/2019 15:48:41] - |DC| - [26924275] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\BSplayer [18/03/2019 15:48:41] - |DC| - [6292] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\BSplayer Pro [18/03/2019 00:34:39] - |DC| - [11603941] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\CDTPL [17/03/2019 20:03:08] - |DC| - [62795] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Clipdiary [22/03/2019 20:57:23] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Comodo [23/03/2019 05:49:35] - |DC| - [8896036] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\CyberLink [18/03/2019 15:56:28] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Daum [15/03/2019 00:25:12] - |DC| - [519141077] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\DRPSu [15/03/2019 11:53:24] - |DC| - [20677693] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\DVDVideoSoft [22/03/2019 18:16:42] - |DC| - [3763975] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Fighters [15/03/2019 09:28:10] - |DC| - [3872604] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\IObit [14/03/2019 22:44:26] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Macromedia [14/03/2019 22:40:02] - |SDC| - [14331447] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft [25/03/2019 18:49:11] - |DC| - [2047782] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Notepad++ [22/03/2019 10:10:41] - |HDC| - [1248] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Obsidium [26/03/2019 17:34:38] - |DC| - [183] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\OneSafe PC Cleaner [15/03/2019 05:24:29] - |DC| - [47959856] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Opera Software [26/03/2019 17:32:44] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\PC Cleaner [18/03/2019 15:55:03] - |DC| - [213] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\PotPlayerMini64 [23/03/2019 04:54:26] - |DC| - [49054] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\proDAD [15/03/2019 10:50:58] - |DC| - [596] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\ProtectStar [26/03/2019 17:57:48] - |DC| - [992177] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\QuickStoresToolbar [15/03/2019 19:41:49] - |DC| - [14375] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Remo [16/03/2019 05:03:55] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Remo Backup [16/03/2019 05:03:55] - |DC| - [12566] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Remo Backup OBM [15/03/2019 11:05:36] - |DC| - [1808066] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Steganos [17/03/2019 05:04:00] - |DC| - [787] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\TechSmith [22/03/2019 10:10:39] - |DC| - [455456] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\TeraCopy [26/03/2019 10:11:40] - |DC| - [1976] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\USBSafelyRemove [15/03/2019 18:35:01] - |DC| - [98553] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\vlc [15/03/2019 00:58:43] - |DC| - [12] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\WinRAR [26/03/2019 18:42:30] - |DC| - [3262863] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\ZHP [14/03/2019 22:40:32] - |SHC| - [174] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [26/03/2019 17:57:59] - |AC| - [1140] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk [14/03/2019 22:40:02] - |RDC| - [54912] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [26/03/2019 17:57:48] - |AC| - [198] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url [14/03/2019 22:40:02] - |RDC| - [3888] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [14/03/2019 22:40:02] - |RDC| - [2925] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [14/03/2019 22:40:32] - |RDC| - [174] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/03/2019 22:40:32] - |SHC| - [174] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [15/03/2019 11:46:47] - |DC| - [4407] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macro Keys [14/03/2019 22:40:02] - |DC| - [170] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [15/03/2019 10:48:39] - |DC| - [11011] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0 [15/03/2019 05:25:21] - |AC| - [1511] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk [14/03/2019 22:42:30] - |AC| - [2437] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [15/03/2019 10:50:57] - |DC| - [3113] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProtectStar [14/03/2019 22:40:32] - |RDC| - [1113] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [14/03/2019 22:40:02] - |RDC| - [3496] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [20/03/2019 21:23:11] - |DC| - [2501] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turbo.net [26/03/2019 17:57:58] - |DC| - [5581] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [14/03/2019 22:40:02] - |RDC| - [7754] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [15/03/2019 00:57:44] - |DC| - [4657] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [14/03/2019 22:40:32] - |SHC| - [174] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [14/03/2019 22:44:26] - |AC| - [939] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SecurePro.lnk ---------- | [Public] [07/12/2017 23:42:11] - |RHD| - [196] - C:\Users\Public\AccountPictures [23/03/2019 05:54:11] - |D| - [0] - C:\Users\Public\CyberLink [29/09/2017 14:46:33] - |RHD| - [60293] - C:\Users\Public\Desktop [29/09/2017 14:46:38] - |ASH| - [174] - C:\Users\Public\desktop.ini [29/09/2017 14:46:33] - |RD| - [278] - C:\Users\Public\Documents [29/09/2017 14:46:33] - |RD| - [174] - C:\Users\Public\Downloads [29/09/2017 14:46:33] - |RHD| - [1174] - C:\Users\Public\Libraries [29/09/2017 14:46:33] - |RD| - [380] - C:\Users\Public\Music [29/09/2017 14:46:33] - |RD| - [380] - C:\Users\Public\Pictures [29/09/2017 14:46:33] - |RD| - [380] - C:\Users\Public\Videos ---------- | [UEFM LFS Hyper EFM] [14/03/2019 22:55:30] - |D| - [0] - C:\Users\UEFM LFS Hyper EFM\Downloads [14/03/2019 22:55:27] - |D| - [0] - C:\Users\UEFM LFS Hyper EFM\Pictures ---------- | C:\ProgramData [14/03/2019 22:45:57] - |D| - [452590511] - C:\ProgramData\adaware [21/03/2019 08:10:58] - |D| - [0] - C:\ProgramData\Aimersoft [21/03/2019 11:08:32] - |D| - [0] - C:\ProgramData\APM [15/03/2019 05:26:49] - |D| - [42062103] - C:\ProgramData\AVAST Software [26/03/2019 17:09:09] - |D| - [118580365] - C:\ProgramData\Babylon [15/03/2019 03:07:59] - |D| - [0] - C:\ProgramData\BitDefender [23/03/2019 04:59:25] - |D| - [20350847] - C:\ProgramData\BorisFX [07/12/2017 07:05:27] - |D| - [92998] - C:\ProgramData\Broadcom [20/03/2019 23:16:35] - |D| - [165879] - C:\ProgramData\BSD [07/12/2017 06:47:34] - |AD| - [0] - C:\ProgramData\CacheWrite [23/03/2019 04:42:01] - |D| - [207] - C:\ProgramData\CLSK [22/03/2019 18:16:41] - |D| - [3584] - C:\ProgramData\Common Toolkit Suite [20/03/2019 12:56:37] - |D| - [787464458] - C:\ProgramData\Comodo [20/03/2019 12:56:37] - |D| - [239559851] - C:\ProgramData\Comodo Downloader [14/03/2019 22:46:10] - |D| - [111137042] - C:\ProgramData\CyberLink [15/03/2019 11:53:54] - |D| - [0] - C:\ProgramData\DigitalWave.ApplicationUpdater_files [15/03/2019 11:01:54] - |D| - [0] - C:\ProgramData\Engelmann Software [22/03/2019 18:16:24] - |D| - [301712] - C:\ProgramData\Fighters [23/03/2019 04:59:26] - |D| - [327] - C:\ProgramData\GenArts [20/03/2019 13:35:59] - |D| - [15998127] - C:\ProgramData\hps [17/03/2019 19:56:26] - |D| - [3817] - C:\ProgramData\Informer Technologies, Inc [20/03/2019 12:30:59] - |D| - [228684263] - C:\ProgramData\install_backup [20/03/2019 12:30:26] - |D| - [518177] - C:\ProgramData\install_clap [07/12/2017 07:00:43] - |D| - [149092468] - C:\ProgramData\Intel [15/03/2019 11:44:20] - |D| - [55111475] - C:\ProgramData\IObit [21/03/2019 08:09:40] - |D| - [2099] - C:\ProgramData\KeepVid [15/03/2019 11:01:54] - |D| - [1108] - C:\ProgramData\Licenses [15/03/2019 10:51:58] - |D| - [53798331] - C:\ProgramData\Loaris [07/12/2017 07:10:18] - |A| - [2064264] - C:\ProgramData\MakeMarkerFile.exe [07/12/2017 07:10:18] - |A| - [3004] - C:\ProgramData\MakeMarkerFile.xml [29/09/2017 14:46:33] - |SD| - [669617850] - C:\ProgramData\Microsoft [07/12/2017 23:42:23] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [23/03/2019 22:38:29] - |D| - [447] - C:\ProgramData\OneSafe PC Cleaner [07/12/2017 07:00:12] - |D| - [761873274] - C:\ProgramData\Package Cache [15/03/2019 19:47:36] - |D| - [10072064] - C:\ProgramData\Packages [15/03/2019 08:26:27] - |D| - [184030] - C:\ProgramData\Paragon [15/03/2019 08:28:14] - |D| - [0] - C:\ProgramData\Paragon Software [23/03/2019 22:45:31] - |D| - [447] - C:\ProgramData\PC Cleaner [20/03/2019 23:16:18] - |D| - [1141539] - C:\ProgramData\PCVARK [23/03/2019 04:54:22] - |D| - [66867486] - C:\ProgramData\proDAD [29/09/2017 14:46:33] - |D| - [0] - C:\ProgramData\regid.1991-06.com.microsoft [16/03/2019 15:34:24] - |D| - [22509792] - C:\ProgramData\RSG [07/12/2017 07:05:31] - |D| - [4330955] - C:\ProgramData\Samsung [20/03/2019 12:56:37] - |D| - [0] - C:\ProgramData\Shared Space [17/03/2019 20:01:48] - |D| - [1008816] - C:\ProgramData\SharewareOnSale Notifier [29/09/2017 14:46:33] - |D| - [0] - C:\ProgramData\SoftwareDistribution [25/03/2019 21:07:50] - |D| - [3618909] - C:\ProgramData\SUPPORTDIR [14/03/2019 22:44:12] - |D| - [4176] - C:\ProgramData\SystemAcCrux [17/03/2019 05:02:53] - |D| - [382823931] - C:\ProgramData\TechSmith [20/03/2019 13:35:56] - |D| - [145374] - C:\ProgramData\tmp [17/03/2019 07:13:36] - |D| - [9081] - C:\ProgramData\ToastGenerator [26/03/2019 10:11:25] - |D| - [3622] - C:\ProgramData\USBSRService [29/09/2017 14:46:33] - |D| - [12877] - C:\ProgramData\USOPrivate [07/12/2017 06:57:09] - |D| - [1294336] - C:\ProgramData\USOShared [25/03/2019 18:52:31] - |D| - [25251849] - C:\ProgramData\UVK [29/09/2017 15:42:41] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices [22/03/2019 13:08:47] - |D| - [1674] - C:\ProgramData\Wondershare ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [18/03/2019 15:49:36] - |A| - [1201] - C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk [29/09/2017 14:46:38] - |AS| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [29/09/2017 14:46:33] - |RD| - [277962] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [15/03/2019 09:28:15] - |A| - [1725] - C:\ProgramData\Microsoft\Windows\Start Menu\TeraCopy.lnk [15/03/2019 00:57:44] - |A| - [1136] - C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [21/03/2019 11:01:34] - |D| - [4189] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\abylonsoft [29/09/2017 14:46:33] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [29/09/2017 14:46:33] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [14/03/2019 22:57:54] - |D| - [2603] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\adaware [29/09/2017 14:46:33] - |RD| - [21770] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [17/03/2019 19:07:24] - |D| - [2920] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazing-Share [23/03/2019 09:20:59] - |D| - [2689] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft [23/03/2019 12:14:24] - |D| - [3662] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCOMP Software [20/03/2019 13:35:50] - |D| - [4470] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atelier Photo Fnac [15/03/2019 05:33:55] - |A| - [2088] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Antivirus Gratuit.lnk [26/03/2019 17:09:27] - |D| - [1236] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon [23/03/2019 04:59:45] - |D| - [58] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boris FX Continuum CYBERLINK [18/03/2019 15:49:36] - |D| - [3325] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player [17/03/2019 20:03:03] - |D| - [2264] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clipdiary [20/03/2019 12:59:40] - |D| - [9030] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo [26/03/2019 16:50:32] - |A| - [2300] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Application Manager.lnk [23/03/2019 04:51:54] - |A| - [2065] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 17 (64-bit).lnk [23/03/2019 05:04:09] - |A| - [2154] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Screen Recorder 2.lnk [18/03/2019 15:55:05] - |D| - [2054] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum [29/09/2017 14:46:38] - |SH| - [962] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [15/03/2019 11:53:46] - |D| - [8722] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [14/03/2019 22:44:07] - |D| - [2868] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans [22/03/2019 18:17:37] - |D| - [6330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fighters [15/03/2019 07:34:37] - |D| - [3406] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Lock [15/03/2019 08:26:29] - |D| - [1440] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Manager 16 Basic [15/03/2019 09:12:51] - |D| - [2462] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo BitLocker Anywhere [15/03/2019 11:44:14] - |D| - [3399] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo BitLocker Data Recovery [15/03/2019 09:28:05] - |D| - [2277] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo EasyUEFI [15/03/2019 09:28:24] - |D| - [2277] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo WinToHDD [15/03/2019 01:02:57] - |D| - [2277] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo WinToUSB [16/03/2019 09:14:21] - |D| - [1161] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCare Format Recovery [29/09/2017 14:43:11] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [15/03/2019 11:44:20] - |D| - [2681] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater [21/03/2019 10:32:14] - |D| - [2742] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller [21/03/2019 10:32:16] - |A| - [1424] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk [22/03/2019 19:57:27] - |D| - [1312] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeepVid [25/03/2019 23:04:32] - |D| - [2675] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Linux File Systems for Windows by Paragon Software [15/03/2019 10:52:03] - |D| - [976] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loaris Trojan Remover [20/03/2019 14:13:41] - |D| - [4741] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logiciel de création CEWE [20/03/2019 13:58:23] - |D| - [4906] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logiciel de création CEWE Cora [29/09/2017 14:46:33] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [23/03/2019 04:52:49] - |D| - [7028] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue [25/03/2019 18:49:18] - |A| - [877] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk [15/03/2019 11:05:42] - |D| - [1160] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom [26/03/2019 17:34:34] - |D| - [2559] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneSafe PC Cleaner [26/03/2019 17:32:39] - |D| - [4052] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner [23/03/2019 22:40:31] - |D| - [872] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro [15/03/2019 19:43:12] - |D| - [2840] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Backup [15/03/2019 19:41:47] - |D| - [4340] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Duplicate File Remover [15/03/2019 19:42:08] - |D| - [4396] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Duplicate Photos Remover [15/03/2019 19:45:32] - |D| - [4815] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo File Eraser 2.0 [15/03/2019 19:43:04] - |D| - [5218] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Outlook Backup & Migrate 2.0 [15/03/2019 19:44:45] - |D| - [3736] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover [15/03/2019 19:45:03] - |D| - [3994] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair MOV [15/03/2019 19:45:17] - |D| - [4805] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Word [07/12/2017 07:06:02] - |D| - [4307] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [15/03/2019 08:58:37] - |D| - [1007] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silent Install Builder 5 [15/03/2019 11:01:47] - |D| - [2393] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simply Good Pictures 5 Free [17/03/2019 19:56:24] - |D| - [1868] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer [29/09/2017 14:46:33] - |D| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [15/03/2019 11:49:11] - |D| - [2342] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symlink helper [29/09/2017 14:46:33] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [15/03/2019 07:36:49] - |D| - [2392] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools AD Browser [18/03/2019 14:43:05] - |D| - [2347] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools E01 Viewer [18/03/2019 00:34:40] - |D| - [2463] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools Mail Converter [18/03/2019 19:18:12] - |D| - [2475] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools NTFS Log Analyzer [15/03/2019 09:12:35] - |D| - [2499] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools PDF Bates Numberer [17/03/2019 04:30:44] - |D| - [2672] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools Thunderbird Store Locator [18/03/2019 10:01:20] - |D| - [2257] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools VHDX Viewer [17/03/2019 05:03:08] - |D| - [5142] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith [20/03/2019 21:47:54] - |D| - [2153] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbo Studio 19 [21/03/2019 07:30:57] - |D| - [2317] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnBlocker [20/03/2019 23:16:11] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Driver Updater [26/03/2019 10:11:24] - |D| - [7939] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Safely Remove [25/03/2019 18:52:33] - |D| - [4905] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVK - Ultra Virus Killer [15/03/2019 18:32:48] - |D| - [5850] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [15/03/2019 00:57:44] - |D| - [4585] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [23/03/2019 22:44:19] - |D| - [1722] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSweeper [15/03/2019 11:39:03] - |D| - [1307] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Data Recovery [15/03/2019 09:43:48] - |D| - [1295] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Folder Hider [15/03/2019 11:39:32] - |D| - [1338] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer [15/03/2019 17:27:24] - |D| - [1332] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise YouTube Downloader [22/03/2019 13:09:37] - |D| - [9144] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare [15/03/2019 09:28:33] - |D| - [1240] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [29/09/2017 14:46:38] - |AS| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [17/03/2019 19:07:22] - |D| - [26557571] - C:\Program Files (x86)\Amazing-Share [23/03/2019 09:18:54] - |D| - [282679633] - C:\Program Files (x86)\Apowersoft [23/03/2019 12:14:21] - |D| - [17699792] - C:\Program Files (x86)\ASCOMP Software [26/03/2019 17:09:10] - |D| - [14544424] - C:\Program Files (x86)\Babylon [26/03/2019 18:04:33] - |D| - [1630587] - C:\Program Files (x86)\BabylonToolbar [07/12/2017 07:02:02] - |D| - [1793479] - C:\Program Files (x86)\Bluetooth Suite [15/03/2019 19:23:22] - |D| - [6908843] - C:\Program Files (x86)\bonus info anti-corvée - vexe, noémie & a le brulog [15/03/2019 19:23:15] - |A| - [513587656] - C:\Program Files (x86)\camtasia.exe [17/03/2019 20:02:32] - |D| - [17124228] - C:\Program Files (x86)\Clipdiary [15/03/2019 19:21:43] - |D| - [41426] - C:\Program Files (x86)\Command Line Xoring File [29/09/2017 14:46:33] - |D| - [366778324] - C:\Program Files (x86)\Common Files [20/03/2019 12:59:25] - |D| - [304237270] - C:\Program Files (x86)\Comodo [20/03/2019 12:30:47] - |D| - [150657600] - C:\Program Files (x86)\CyberLink [29/09/2017 14:46:37] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [15/03/2019 11:53:34] - |D| - [159903266] - C:\Program Files (x86)\DVDVideoSoft [14/03/2019 22:43:56] - |D| - [85838049] - C:\Program Files (x86)\EaseUS [15/03/2019 19:23:22] - |D| - [3324560352] - C:\Program Files (x86)\EFM & UEFM Beggin On Rêves (st j conrad & u bouton 6) [26/03/2019 09:51:00] - |DC| - [1945192] - C:\Program Files (x86)\Explorer++ [22/03/2019 18:16:42] - |D| - [28235653] - C:\Program Files (x86)\Fighters [15/03/2019 11:53:35] - |D| - [20641460] - C:\Program Files (x86)\FreeCodecPack [15/03/2019 19:23:21] - |A| - [35327488] - C:\Program Files (x86)\FreeYouTubeDownload_4.1.88.1229_s.exe [15/03/2019 19:23:21] - |A| - [2690408] - C:\Program Files (x86)\Full-DISKfighter_Web.exe [15/03/2019 19:24:07] - |D| - [74240] - C:\Program Files (x86)\GOTD Unlimited [15/03/2019 19:24:07] - |D| - [0] - C:\Program Files (x86)\GOTD UnWrapper [16/03/2019 09:14:20] - |D| - [29554608] - C:\Program Files (x86)\iCare Format Recovery [07/12/2017 06:47:14] - |HD| - [55082773] - C:\Program Files (x86)\InstallShield Installation Information [07/12/2017 07:00:44] - |D| - [17962376] - C:\Program Files (x86)\Intel [29/09/2017 14:46:33] - |D| - [2032011] - C:\Program Files (x86)\Internet Explorer [15/03/2019 11:44:18] - |D| - [113377523] - C:\Program Files (x86)\IObit [22/03/2019 19:57:11] - |D| - [32652065] - C:\Program Files (x86)\KeepVid [15/03/2019 09:28:33] - |D| - [198080] - C:\Program Files (x86)\KeyCryptSDK [15/03/2019 19:24:07] - |D| - [7274288] - C:\Program Files (x86)\Macro Keys [15/03/2019 19:23:21] - |A| - [1227640] - C:\Program Files (x86)\macro-keys-en.exe [15/03/2019 19:21:43] - |D| - [254536] - C:\Program Files (x86)\MD5Look [29/09/2017 14:46:33] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [15/03/2019 10:48:17] - |D| - [83746808] - C:\Program Files (x86)\Moo0 [26/03/2019 18:04:36] - |D| - [2423] - C:\Program Files (x86)\Mozilla Firefox [10/10/2017 17:45:23] - |D| - [25757] - C:\Program Files (x86)\MSBuild [23/03/2019 04:52:11] - |D| - [309765079] - C:\Program Files (x86)\NewBlue [15/03/2019 07:34:05] - |D| - [20204440] - C:\Program Files (x86)\NewSoftware's [20/03/2019 12:30:54] - |D| - [11759170] - C:\Program Files (x86)\NSIS Uninstall Information [15/03/2019 11:05:30] - |D| - [56974204] - C:\Program Files (x86)\OkayFreedom [15/03/2019 19:21:43] - |D| - [1310208] - C:\Program Files (x86)\OldTimer [15/03/2019 19:29:37] - |A| - [9726385] - C:\Program Files (x86)\oldtimer otl_oth_tfc_md5look_xor_gotd-u_SEAF_remvbs_usbfileresc setup.exe [15/03/2019 19:23:22] - |A| - [2091952] - C:\Program Files (x86)\OUTDATEfighter_Web.exe [25/03/2019 23:04:27] - |D| - [28485562] - C:\Program Files (x86)\Paragon Software [15/03/2019 19:23:22] - |A| - [5597568] - C:\Program Files (x86)\pdf-bates.exe [15/03/2019 19:24:07] - |D| - [3059624] - C:\Program Files (x86)\Pre_Scan [15/03/2019 10:50:57] - |D| - [4124726] - C:\Program Files (x86)\ProtectStar [07/12/2017 07:01:24] - |D| - [6830294] - C:\Program Files (x86)\Qualcomm [15/03/2019 19:24:07] - |D| - [5175192] - C:\Program Files (x86)\QuickDiag [07/12/2017 06:47:14] - |D| - [3616297] - C:\Program Files (x86)\Realtek [10/10/2017 17:45:23] - |D| - [41363713] - C:\Program Files (x86)\Reference Assemblies [15/03/2019 19:21:43] - |D| - [114176] - C:\Program Files (x86)\Remediate VBS Worm [15/03/2019 19:45:30] - |D| - [42867789] - C:\Program Files (x86)\Remo File Eraser 2.0 [15/03/2019 19:45:16] - |D| - [32082984] - C:\Program Files (x86)\Remo Repair Word 2.0 [07/12/2017 07:05:14] - |D| - [21559691] - C:\Program Files (x86)\Samsung [15/03/2019 19:21:43] - |D| - [498868] - C:\Program Files (x86)\SEAF [26/03/2019 09:52:39] - |AC| - [8967087] - C:\Program Files (x86)\setup ultra adware killer & explorer++ 2019.exe [07/12/2017 07:06:13] - |D| - [2399176] - C:\Program Files (x86)\Show Window [15/03/2019 08:58:37] - |D| - [29291674] - C:\Program Files (x86)\Silent Install Builder 5 [25/03/2019 23:43:51] - |D| - [3575016] - C:\Program Files (x86)\Stardock [15/03/2019 11:49:11] - |D| - [2051262] - C:\Program Files (x86)\Symlink helper [15/03/2019 19:23:22] - |A| - [593587] - C:\Program Files (x86)\SymlinkHelper_1.0.1_Setup.exe [15/03/2019 07:36:48] - |D| - [2911224] - C:\Program Files (x86)\SysTools AD Browser [18/03/2019 14:43:03] - |D| - [37024947] - C:\Program Files (x86)\SysTools E01 Viewer [18/03/2019 00:34:38] - |D| - [28324112] - C:\Program Files (x86)\SysTools Mail Converter [18/03/2019 19:18:11] - |D| - [2976703] - C:\Program Files (x86)\SysTools NTFS Log Analyzer [15/03/2019 09:12:33] - |D| - [14484999] - C:\Program Files (x86)\SysTools PDF Bates Numberer [17/03/2019 04:30:44] - |D| - [2471792] - C:\Program Files (x86)\SysTools Thunderbird Store Locator [07/12/2017 06:47:14] - |D| - [0] - C:\Program Files (x86)\Temp [20/03/2019 21:47:54] - |D| - [611447437] - C:\Program Files (x86)\Turbo.net [26/03/2019 09:51:38] - |DC| - [9400696] - C:\Program Files (x86)\Ultra Adware Killer [21/03/2019 07:30:57] - |D| - [807871] - C:\Program Files (x86)\UnBlocker [26/03/2019 17:57:58] - |D| - [273503] - C:\Program Files (x86)\Unlocker [15/03/2019 19:21:43] - |D| - [423936] - C:\Program Files (x86)\USB File Resc [26/03/2019 10:11:19] - |D| - [16666437] - C:\Program Files (x86)\USB Safely Remove [23/03/2019 22:52:09] - |D| - [12820587] - C:\Program Files (x86)\USBFix [15/03/2019 19:23:22] - |A| - [41846888] - C:\Program Files (x86)\vlc-3.0.6-win64.exe [07/12/2017 07:03:13] - |D| - [846730] - C:\Program Files (x86)\VulkanRT [15/03/2019 19:23:22] - |A| - [2152896] - C:\Program Files (x86)\WDRSetup.exe [18/03/2019 15:48:41] - |D| - [16518409] - C:\Program Files (x86)\Webteh [29/09/2017 14:46:33] - |D| - [1963776] - C:\Program Files (x86)\Windows Defender [29/09/2017 14:46:33] - |D| - [627712] - C:\Program Files (x86)\Windows Mail [29/09/2017 15:41:40] - |D| - [3545031] - C:\Program Files (x86)\Windows Media Player [29/09/2017 14:46:33] - |D| - [42960] - C:\Program Files (x86)\Windows Multimedia Platform [29/09/2017 14:46:33] - |D| - [7957186] - C:\Program Files (x86)\windows nt [29/09/2017 14:46:33] - |D| - [5500720] - C:\Program Files (x86)\Windows Photo Viewer [29/09/2017 14:46:33] - |D| - [42960] - C:\Program Files (x86)\Windows Portable Devices [29/09/2017 14:46:33] - |SD| - [0] - C:\Program Files (x86)\Windows Sidebar [29/09/2017 14:46:33] - |D| - [2637109] - C:\Program Files (x86)\WindowsPowerShell [15/03/2019 09:43:47] - |D| - [29944878] - C:\Program Files (x86)\Wise [15/03/2019 19:23:22] - |A| - [2603424] - C:\Program Files (x86)\WMOSetup.exe [22/03/2019 13:08:47] - |D| - [29018267] - C:\Program Files (x86)\Wondershare [15/03/2019 09:28:32] - |D| - [28173178] - C:\Program Files (x86)\Zemana AntiLogger ---------- | C:\Program Files [21/03/2019 11:01:11] - |D| - [89856745] - C:\Program Files\abylonsoft [14/03/2019 22:53:06] - |D| - [964037240] - C:\Program Files\adaware [15/03/2019 05:27:16] - |D| - [1104054246] - C:\Program Files\AVAST Software [26/03/2019 17:09:12] - |D| - [416800] - C:\Program Files\Babylon [23/03/2019 04:59:25] - |D| - [52453959] - C:\Program Files\BorisFX [20/03/2019 14:06:55] - |D| - [552544894] - C:\Program Files\CEWE [29/09/2017 14:46:33] - |D| - [310364387] - C:\Program Files\Common Files [20/03/2019 13:00:57] - |D| - [120848964] - C:\Program Files\COMODO [20/03/2019 13:36:33] - |D| - [551869350] - C:\Program Files\Cora [15/03/2019 05:45:18] - |D| - [12758294] - C:\Program Files\CUAssistant [23/03/2019 04:42:57] - |D| - [1080263399] - C:\Program Files\CyberLink [18/03/2019 15:54:56] - |D| - [130766145] - C:\Program Files\DAUM [29/09/2017 14:46:37] - |ASH| - [174] - C:\Program Files\desktop.ini [15/03/2019 11:01:47] - |D| - [2682480] - C:\Program Files\Engelmann Software [20/03/2019 13:29:57] - |D| - [552184168] - C:\Program Files\Fnac [15/03/2019 01:02:54] - |D| - [778898739] - C:\Program Files\Hasleo [07/12/2017 07:00:14] - |D| - [118948861] - C:\Program Files\Intel [29/09/2017 14:46:33] - |D| - [2655598] - C:\Program Files\internet explorer [15/03/2019 10:51:57] - |D| - [28424584] - C:\Program Files\Loaris Trojan Remover [10/10/2017 17:45:23] - |D| - [25757] - C:\Program Files\MSBuild [23/03/2019 04:52:50] - |D| - [374151572] - C:\Program Files\NewBlue [25/03/2019 18:49:11] - |D| - [14552030] - C:\Program Files\Notepad++ [15/03/2019 08:26:21] - |D| - [284471089] - C:\Program Files\Paragon Software [23/03/2019 04:54:20] - |D| - [4538171] - C:\Program Files\proDAD [07/12/2017 06:47:24] - |D| - [26737088] - C:\Program Files\Realtek [10/10/2017 17:45:23] - |D| - [41154729] - C:\Program Files\Reference Assemblies [15/03/2019 19:43:11] - |D| - [57594713] - C:\Program Files\Remo Backup [15/03/2019 19:41:45] - |D| - [24606669] - C:\Program Files\Remo Duplicate File Remover 1.0 [15/03/2019 19:42:04] - |D| - [35818065] - C:\Program Files\Remo Duplicate Photos Remover 1.0 [15/03/2019 19:42:10] - |D| - [31428656] - C:\Program Files\Remo ONE [15/03/2019 19:43:02] - |D| - [29023353] - C:\Program Files\Remo Outlook Backup & Migrate 2.0 [15/03/2019 19:44:42] - |D| - [84437697] - C:\Program Files\Remo Recover 5.0 [15/03/2019 19:45:01] - |D| - [32147859] - C:\Program Files\Remo Repair MOV 2.0 [15/03/2019 05:45:14] - |D| - [24354550] - C:\Program Files\rempl [07/12/2017 07:04:09] - |D| - [122767476] - C:\Program Files\Samsung [18/03/2019 10:01:16] - |D| - [30343059] - C:\Program Files\SysTools VHDX Viewer [17/03/2019 05:02:53] - |D| - [312715552] - C:\Program Files\TechSmith [15/03/2019 09:28:14] - |D| - [15205295] - C:\Program Files\TeraCopy [07/12/2017 23:39:37] - |HD| - [0] - C:\Program Files\Uninstall Information [25/03/2019 18:52:26] - |D| - [14182126] - C:\Program Files\UVK - Ultra Virus Killer [15/03/2019 18:32:34] - |D| - [174855255] - C:\Program Files\VideoLAN [29/09/2017 14:46:33] - |D| - [18929701] - C:\Program Files\Windows Defender [29/09/2017 14:46:33] - |D| - [638976] - C:\Program Files\Windows Mail [29/09/2017 15:41:40] - |D| - [5215211] - C:\Program Files\Windows Media Player [29/09/2017 14:46:33] - |D| - [49680] - C:\Program Files\Windows Multimedia Platform [29/09/2017 14:46:33] - |D| - [8224962] - C:\Program Files\windows nt [29/09/2017 14:46:33] - |D| - [6278968] - C:\Program Files\Windows Photo Viewer [29/09/2017 14:46:33] - |D| - [49688] - C:\Program Files\Windows Portable Devices [29/09/2017 14:46:33] - |D| - [96941] - C:\Program Files\Windows Security [29/09/2017 14:46:33] - |SHD| - [0] - C:\Program Files\Windows Sidebar [29/09/2017 14:46:33] - |HD| - [5975958039] - C:\Program Files\WindowsApps [29/09/2017 14:46:33] - |D| - [2981087] - C:\Program Files\WindowsPowerShell [15/03/2019 00:57:32] - |D| - [7455683] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [14/03/2019 22:46:00] - |D| - [90397430] - C:\Program Files (x86)\Common Files\AntiVirus [07/12/2017 07:02:17] - |D| - [0] - C:\Program Files (x86)\Common Files\Atheros [18/03/2019 14:43:04] - |D| - [102392] - C:\Program Files (x86)\Common Files\CDTPL [22/03/2019 18:17:15] - |D| - [2116688] - C:\Program Files (x86)\Common Files\Common Toolkit Suite [15/03/2019 11:53:34] - |D| - [129858992] - C:\Program Files (x86)\Common Files\DVDVideoSoft [07/12/2017 07:03:05] - |D| - [118723313] - C:\Program Files (x86)\Common Files\Intel [21/03/2019 10:32:49] - |D| - [608] - C:\Program Files (x86)\Common Files\IObit [29/09/2017 14:46:33] - |D| - [14773432] - C:\Program Files (x86)\Common Files\microsoft shared [23/03/2019 04:52:48] - |D| - [287232] - C:\Program Files (x86)\Common Files\NewBlue [07/12/2017 07:01:22] - |D| - [73833] - C:\Program Files (x86)\Common Files\Qualcomm [29/09/2017 14:46:33] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [15/03/2019 11:05:31] - |D| - [1115] - C:\Program Files (x86)\Common Files\Steganos [29/09/2017 14:46:33] - |D| - [10440587] - C:\Program Files (x86)\Common Files\system ---------- | C:\Program Files\Common files [14/03/2019 22:45:54] - |D| - [191640315] - C:\Program Files\Common files\adaware [21/03/2019 08:10:11] - |D| - [6927831] - C:\Program Files\Common files\Aimersoft [15/03/2019 05:30:25] - |D| - [1956536] - C:\Program Files\Common files\AVAST Software [15/03/2019 11:01:47] - |D| - [54733920] - C:\Program Files\Common files\HDX4 [29/09/2017 14:46:33] - |D| - [37549837] - C:\Program Files\Common files\microsoft shared [23/03/2019 04:53:52] - |D| - [352768] - C:\Program Files\Common files\NewBlue [29/09/2017 14:46:33] - |D| - [2702] - C:\Program Files\Common files\Services [29/09/2017 14:46:33] - |D| - [11088779] - C:\Program Files\Common files\system [22/03/2019 13:10:14] - |D| - [6111699] - C:\Program Files\Common files\Wondershare ---------- | Tasks [MD5.00000000000000000000000000000000] - [21/03/2019 10:41:52] - |D| - [0] - C:\Windows\Tasks\ImCleanDisabled [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [07/12/2017 23:39:31] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.9E7AF5235E7F8C52F4323CE3740D8A6B] - [15/03/2019 05:31:08] - |A| - [4264] - C:\Windows\System32\Tasks\Avast Emergency Update : C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [MD5.00000000000000000000000000000000] - [15/03/2019 05:31:53] - |D| - [3996] - C:\Windows\System32\Tasks\Avast Software [MD5.00000000000000000000000000000000] - [20/03/2019 13:01:23] - |D| - [26256] - C:\Windows\System32\Tasks\COMODO [MD5.09650088CE3965E8EB34EB949C199736] - [07/12/2017 07:00:48] - |A| - [3118] - C:\Windows\System32\Tasks\Intel PTT EK Recertification : "C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe" [MD5.8AE3003D44045DE6F7BD4530586416DA] - [25/03/2019 23:04:33] - |A| - [2694] - C:\Windows\System32\Tasks\LinuxFS GUI : C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\Linux File Systems for Windows by Paragon Software.exe [MD5.A5666917429DC3874EE5A5400705F091] - [25/03/2019 23:04:34] - |A| - [2794] - C:\Windows\System32\Tasks\LinuxFS Updater : C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\Updater.exe [MD5.00000000000000000000000000000000] - [29/09/2017 14:46:34] - |D| - [505194] - C:\Windows\System32\Tasks\Microsoft [MD5.59DB3BAB2A9B6A2FC83E3BE033A9FB5C] - [25/03/2019 03:41:40] - |A| - [2844] - C:\Windows\System32\Tasks\Moo0 Disk Cleaner 1.23 : C:\Program Files (x86)\Moo0\DiskCleaner 1.23\DiskCleaner.exe [MD5.E5D70AED233C3F78469D27905A602E3C] - [07/12/2017 23:42:48] - |A| - [2766] - C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.ABC3BA0C06C0ACA31BB2153121654A82] - [14/03/2019 22:45:32] - |A| - [2854] - C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3534096643-12334864-2903717510-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.CD745855752013231EC6C4472D72D4F1] - [26/03/2019 17:34:41] - |A| - [2546] - C:\Windows\System32\Tasks\OneSafe PC Cleaner automatic scan and notifications : "E:\OneSafe PC Cleaner\OSPCNotifications.exe" [MD5.FBBC7FA57A06BCF4C1EA22C596E36395] - [15/03/2019 05:25:25] - |A| - [3698] - C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1552623920 : C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\launcher.exe [MD5.64DC4E308518732133B21A269F425A72] - [26/03/2019 17:40:50] - |A| - [2552] - C:\Windows\System32\Tasks\PC Cleaner automatic scan and notifications : "D:\Program Files (x86)\PC Cleaner\PCCNotifications.exe" [MD5.0E787EC2EDA454DD59EAFCF84EEEC307] - [23/03/2019 05:00:17] - |A| - [2540] - C:\Windows\System32\Tasks\PowerDirectorStyleAgent : C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe [MD5.A1CB0A196CA526646BE2B70C479B6D30] - [15/03/2019 19:43:17] - |A| - [2536] - C:\Windows\System32\Tasks\RemoBackup_Launcher : "C:\Program Files\Remo Backup\RBLauncher.exe" [MD5.7D70A0061941658209A4233239779D34] - [15/03/2019 10:49:58] - |A| - [2384] - C:\Windows\System32\Tasks\RunAsStdUser Task : C:\Program Files (x86)\Moo0\ImageViewer SP 1.80\ImageViewer.exe [MD5.9868BB984AE031B9D537DD3F7F088717] - [07/12/2017 07:06:43] - |A| - [2322] - C:\Windows\System32\Tasks\SAgent : "C:\Program Files\Samsung\S Agent\CommonAgent.exe" [MD5.00000000000000000000000000000000] - [07/12/2017 07:06:37] - |D| - [2430] - C:\Windows\System32\Tasks\Samsung [MD5.00000000000000000000000000000000] - [07/12/2017 07:03:20] - |D| - [2908] - C:\Windows\System32\Tasks\SecTimeSync [MD5.0FD61292CA2B2008E1FAF57F31171579] - [07/12/2017 07:06:13] - |A| - [2268] - C:\Windows\System32\Tasks\ShowWindow : "C:\Program Files (x86)\Show Window\Show Window.exe" [MD5.585D735070601D9340B1F75C98D539EC] - [15/03/2019 11:44:20] - |A| - [2580] - C:\Windows\System32\Tasks\Software Updater Scheduler : C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [MD5.BFD5A031DD33B23D0AFD920FDAED9A23] - [15/03/2019 11:44:20] - |A| - [2436] - C:\Windows\System32\Tasks\Software Updater SkipUAC(EFM_UEFM_Barrow_U) : C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [MD5.FF7E60D690DD38F124EA9318F823BD15] - [17/03/2019 19:56:24] - |A| - [2576] - C:\Windows\System32\Tasks\SoftwareInformerService : "C:\Program Files\Software Informer\softinfo.exe" [MD5.096203F36F8BEE2C65C8F76FCFBEEFEF] - [15/03/2019 11:45:02] - |A| - [2842] - C:\Windows\System32\Tasks\SU_AutoUpdate : C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [MD5.00000000000000000000000000000000] - [20/03/2019 23:16:18] - |D| - [7824] - C:\Windows\System32\Tasks\Universal [MD5.E36E181DE32D70ECFEB091A67D85C55C] - [16/03/2019 06:33:23] - |A| - [3340] - C:\Windows\System32\Tasks\User_Feed_Synchronization-{12F40181-298F-4A8F-BA89-6EC6CD445751} : C:\Windows\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [29/09/2017 14:46:34] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.27|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.27|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "{E1EB56F1-85A6-4387-A8AE-5D38EBC72CCD}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-3534096643-12334864-2903717510-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{DDF6792C-3BC4-4AC0-8BB4-1BD7F4CB2557}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemAgent.exe|Name=Samsung System Agent| "{B500D317-9434-420F-BB9A-C56334866D5C}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\PCTrans.exe|Name=PCTrans.exe| "{6C9CBA6D-0D6C-496D-BB35-0411A8BE3480}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\PCTrans.exe|Name=PCTrans.exe| "{0144313C-47D6-426E-B264-357F0DDD25DB}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\uexperice.exe|Name=uexperice.exe| "{D6C3DC0E-70DF-4D87-9132-5DECE10DF964}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\uexperice.exe|Name=uexperice.exe| "{F7753061-8881-472F-9918-B93D8257C35D}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Fitbit Coach|Desc=Fitbit Coach|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2529986682-1402584740-3005359367-4137886740-2476183567-2531476767-3437465235|EmbedCtxt=Fitbit Coach|Platform=2:6:2|Platform2=GTEQ| "{9D472940-2C19-494E-9312-6DF41381BEA3}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Fitbit Coach|Desc=Fitbit Coach|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2529986682-1402584740-3005359367-4137886740-2476183567-2531476767-3437465235|EmbedCtxt=Fitbit Coach|Platform=2:6:2|Platform2=GTEQ| "{3EBC33C8-4E5F-4474-9A96-2945C22F1715}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Dolby Access|Desc=Dolby Access|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-864892550-682355956-3667821578-694357232-3878941086-3291980491-2900429266|EmbedCtxt=Dolby Access|Platform=2:6:2|Platform2=GTEQ| "{C073C798-A4C7-4663-83F6-AB56DF6B7EB4}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Dolby Access|Desc=Dolby Access|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-864892550-682355956-3667821578-694357232-3878941086-3291980491-2900429266|EmbedCtxt=Dolby Access|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{A76A5497-6D7F-4065-A440-C93FBDA1FFD5}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Phototastic Collage|Desc=Phototastic Collage|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2502358608-583759769-2409807134-3449801485-999338879-2502503695-2304874636|EmbedCtxt=Phototastic Collage|Platform=2:6:2|Platform2=GTEQ| "{920229DA-7F25-4D8A-9461-44DA8EA9BCAE}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Candy Crush Friends|Desc=Candy Crush Friends|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2434645666-2532177092-3042203602-619713399-428220933-2149260498-1813168567|EmbedCtxt=Candy Crush Friends|Platform=2:6:2|Platform2=GTEQ| "{BA9B5DF5-3274-4EE1-87CD-96F72853264F}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{C69F592E-4472-4685-9D56-88F3CCEEB8E4}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{7ED7BA0E-08F9-42C2-87B5-BE8A92058554}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{C92EED7D-9A30-4DA7-9A7E-78A5515BC3C3}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{8C166279-3012-4928-A819-6788AFBCC997}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{SAMSUNGELECTRONICSCoLtd.GalaxySetting_1.0.60.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.GalaxySetting/Resources/W10_SETTING_APPLICATION_TITLE}|Desc=@{SAMSUNGELECTRONICSCoLtd.GalaxySetting_1.0.60.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.GalaxySetting/Resources/W10_SETTING_APPLICATION_TITLE}|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-4248244739-1195083218-694258176-94989366-335876269-79066479-1955954467|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.GalaxySetting_1.0.60.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.GalaxySetting/Resources/W10_SETTING_APPLICATION_TITLE}|Platform=2:6:2|Platform2=GTEQ| "{1C335FF7-55D5-47E6-B98E-6B27E4C4D966}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "{D5B028B8-758B-4693-8289-AD88A934EB6F}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{DBCFD26C-EE51-4D24-A4CE-160907DDFE36}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{3E114D53-51C4-43EE-B181-F677C14A324D}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{C56599E0-9762-4A0A-8B75-858DA8C80DAC}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=50001-50005|App=C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe|Name=ms-resource:DisplayName|Desc=ms-resource:DisplayName|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{143B9EFE-C71F-4DC5-A05F-E89E423888E5}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort2_10=50001-50005|App=C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe|Name=ms-resource:DisplayName|Desc=ms-resource:DisplayName|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{9D38ED67-5EC8-4C79-A222-7CDFCC3568BF}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=50100-50101|App=C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe|Name=ms-resource:DisplayName|Desc=ms-resource:DisplayName|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{6F298669-5312-4EB1-AB8A-7A164091C4B6}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort2_10=50100-50101|App=C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe|Name=ms-resource:DisplayName|Desc=ms-resource:DisplayName|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{7E961A64-7CBE-4399-8F8B-60F682F87B9F}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=45921-45922|App=C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe|Name=ms-resource:DisplayName|Desc=ms-resource:DisplayName|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{CA262CB3-13AC-4701-AC66-46DB9657C66F}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort2_10=45921-45922|App=C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe|Name=ms-resource:DisplayName|Desc=ms-resource:DisplayName|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{9F51E940-6818-4A88-8FD7-3ABF414070D3}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Desc=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2600175893-783355150-721138849-3391371818-2667653740-3893828195-953040500|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{A50F3CBE-13F3-4B09-AF47-D2B07393F0F4}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Desc=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2600175893-783355150-721138849-3391371818-2667653740-3893828195-953040500|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{1BA153B2-065F-4E6C-96F9-4D0FAB32F44F}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Public|IFType=Wireless|Name=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Desc=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2600175893-783355150-721138849-3391371818-2667653740-3893828195-953040500|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|TTK2_22=WFDDevices| "{DA4AEC61-60BB-47C2-8CF2-FDEA3BFA6096}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Public|IFType=Wireless|Name=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Desc=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2600175893-783355150-721138849-3391371818-2667653740-3893828195-953040500|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|TTK2_22=WFDDevices| "{3AE20AB7-5934-4D26-8D43-0FA237F4CE49}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{4587A5BA-BF5C-4121-9EC1-2CF4385E66B0}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{82144398-BC70-4DF0-983E-9522F29D9F26}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Samsung Notes|Desc=Samsung Notes|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2319996878-402160400-1732427392-1247446112-3351234178-1901033953-1076141780|EmbedCtxt=Samsung Notes|Platform=2:6:2|Platform2=GTEQ| "{CD57ADCD-53AD-461E-8D5B-CFC6314AFF72}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{EE409B9D-F434-4F78-9611-0E3AD254BFBD}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{03A0CCF0-07E7-4297-ABF9-982525BEBDF6}C:\users\efm_uefm_barrow_u\documents\sdi_r1811\sdi_x64_r1811.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\efm_uefm_barrow_u\documents\sdi_r1811\sdi_x64_r1811.exe|Name=sdi_x64_r1811.exe|Desc=sdi_x64_r1811.exe|Defer=User| "UDP Query User{A1CD55CF-A1C3-4788-BF8F-1D5D1696E353}C:\users\efm_uefm_barrow_u\documents\sdi_r1811\sdi_x64_r1811.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\efm_uefm_barrow_u\documents\sdi_r1811\sdi_x64_r1811.exe|Name=sdi_x64_r1811.exe|Desc=sdi_x64_r1811.exe|Defer=User| "TCP Query User{631973F5-54AE-4575-87F7-B71A199601D3}C:\users\efm_uefm_barrow_u\appdata\local\temp\7zipsfx.000\bin\tools\aria2c.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\efm_uefm_barrow_u\appdata\local\temp\7zipsfx.000\bin\tools\aria2c.exe|Name=aria2c.exe|Desc=aria2c.exe|Defer=User| "UDP Query User{FF02E768-0EB7-4829-8A1D-0F1DEBABCA41}C:\users\efm_uefm_barrow_u\appdata\local\temp\7zipsfx.000\bin\tools\aria2c.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\efm_uefm_barrow_u\appdata\local\temp\7zipsfx.000\bin\tools\aria2c.exe|Name=aria2c.exe|Desc=aria2c.exe|Defer=User| "{57265EF6-555B-4794-8F87-8D16A162ECC1}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{81E4477D-A7CA-4BEE-8B6F-583D1799AE1E}C:\program files\videolan\vlc\vlc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files\videolan\vlc\vlc.exe|Name=VLC media player|Desc=VLC media player|Defer=User| "UDP Query User{F72F09CC-C844-4472-9E9A-24B8A37116B6}C:\program files\videolan\vlc\vlc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files\videolan\vlc\vlc.exe|Name=VLC media player|Desc=VLC media player|Defer=User| "{C54B91CF-8063-492E-BB92-773C734FE2A2}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8319|Name=TechSmith Camtasia 2018| "{DF771E86-62AA-4340-8485-A5265CA64ECB}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe|Name=ApowerManager| "{8A6ED218-6C6E-4DEC-BAC5-F5B0CFE0A63B}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe|Name=ApowerManager| "{7B312E13-C71B-4587-B4B1-734D87F4C48F}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe|Name=ApowerManager| "{C1F75852-BECC-4D4E-9F7B-4661186A1F7D}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe|Name=ApowerManager| "{D460666D-9A3E-4C36-BCCA-908C20AB2EB5}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe|Name=Ultra virus killer| "{AB072B86-FA71-422F-8858-9CEA7D09FB30}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe|Name=Ultra virus killer| "{6605D77E-320B-445F-B397-C7FA2A39F107}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|App=C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe|Name=Ultra virus killer (TCP-OUT)| "{E698C854-14E7-41CC-B8C8-69CD4758F4AE}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game bar|Desc=Xbox Game bar|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game bar|Platform=2:6:2|Platform2=GTEQ| "{CAC09C3E-3AF7-4B16-BE84-7B16B7AAE0E6}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Candy Crush Saga|Desc=Candy Crush Saga|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2599857031-3789198952-3515498744-3120614410-3826243417-3816649221-455961092|EmbedCtxt=Candy Crush Saga|Platform=2:6:2|Platform2=GTEQ| "{F15BEFD1-D73B-4B75-87E0-98402E3E580E}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{19837c5c-96f5-45e0-9a2d-c6bb26e1b12b}] : (UIM) [] -> @oem71.inf,%UimClassName%;Universal Image Mounter [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{54f3637b-4777-4f96-970c-6bfa5477b542}] : (ParagonBlockDevice) [] -> @oem69.inf,%ClassName%;User-mode block device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c3077fcd-9c3c-482f-9317-460712f23efd}] : (DPTF) [] -> @oem14.inf,%ClassName%;Intel(R) Dynamic Platform and Thermal Framework [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D2C30470-3890-4CC2-86D4-FBDB08727EB6}] : (msgpiowin32) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [29/08/2017 12:39:10] - (1.1.0.719) - (Bitdefender - IGNIS filter driver) - C:\Windows\system32\drivers\ignis.sys [23/05/2018 05:06:16] - (11.0.0.6582) - (COMODO - COMODO Internet Security Eradication Driver) - C:\Windows\System32\DRIVERS\cmderd.sys [23/05/2018 05:06:20] - (11.0.0.6582) - (COMODO - COMODO Internet Security Sandbox Driver) - C:\Windows\system32\DRIVERS\cmdguard.sys [15/03/2019 07:34:32] - (0.0.0.0) - ( -) - C:\Windows\SysWOW64\WinFLAdrv.sys [12/05/2017 03:42:25] - (1.0.0.1) - (Samsung Electronics Co.,Ltd. - Samsung AMOLED panel driver) - C:\Windows\system32\DRIVERS\SAMOPanel.sys [11/10/2017 03:42:24] - (1.0.0.0) - (Samsung Electronics Co.,Ltd. - Samsung Firmware Interface Driver) - C:\Windows\System32\drivers\SafiDrv.sys [16/06/2016 11:36:18] - (7.0.0.16) - (BitDefender LLC - BitDefender Firewall WFP Filter Driver) - C:\Program Files\adaware\adaware antivirus\AdAwareProxyEngine\1.0.0.8\bdfwfpf.sys [23/05/2018 05:06:22] - (11.0.0.6582) - (COMODO - COMODO Internet Security Helper Driver) - C:\Windows\system32\DRIVERS\cmdhlp.sys [23/05/2018 05:06:24] - (11.0.0.6582) - (COMODO - COMODO Internet Security Firewall Driver) - C:\Windows\system32\DRIVERS\inspect.sys [15/03/2019 09:28:39] - (0.0.0.0) - (Zemana Ltd. - ZAM) - C:\Windows\System32\drivers\zamguard64.sys [15/03/2019 09:28:39] - (0.0.0.0) - (Zemana Ltd. - ZAM) - C:\Windows\System32\drivers\zam64.sys [12/09/2017 16:29:20] - (0.6.0.0) - (Paragon Software GmbH - Universal Image Mounter) - C:\Windows\System32\drivers\uimdevim.sys [12/09/2017 16:29:20] - (0.6.0.0) - (Paragon Software GmbH - Universal Image Mounter) - C:\Windows\System32\drivers\uimbus.sys [20/03/2019 13:00:45] - (1.4.993.154) - (COMODO - Internet Security Essentials Driver) - C:\Windows\system32\drivers\isedrv.sys [15/03/2019 19:44:46] - (2.0.18.79) - (EldoS Corporation - RawDisk Driver. Allows write access to files and raw disk sectors for user mode applications in Windows 2000, XP, 2003, Vista, 2008.) - C:\Windows\system32\drivers\rsdrvx64.sys [20/03/2019 13:00:09] - (1.3.48618.136) - (COMODO - COMODO Secure Shopping Driver) - C:\Windows\system32\drivers\cmdcss.sys [08/11/2017 20:32:32] - (12.0.0.820) - (Qualcomm Atheros, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver) - C:\Windows\System32\drivers\Qcamain10x64.sys [15/03/2019 09:28:33] - (1.8.2.328) - (Zemana Ltd. - Zemana AntiLogger Free) - C:\Windows\system32\DRIVERS\KeyCrypt64.sys [19/01/2017 21:29:42] - (0.0.0.0) - ( -) - C:\Windows\system32\DRIVERS\AppNodeEnum.sys [15/03/2019 04:50:08] - (1.1.102.1024) - (BayHubTech/O2Micro - BayHubTech/O2Micro SD Reader Driver) - C:\Windows\System32\drivers\bhtpcrdr.sys [03/02/2017 08:40:22] - (0.0.0.0) - ( -) - C:\Windows\System32\drivers\TchS2Helper.sys [28/09/2017 01:42:25] - (0.0.0.0) - ( -) - C:\Windows\system32\DRIVERS\PenS2Helper.sys [08/11/2017 20:32:08] - (10.0.0.815) - (Qualcomm - BT Filter) - C:\Windows\system32\DRIVERS\btfilter.sys [25/03/2019 23:04:45] - (10.0.10011.16384) - (Windows (R) Win 7 DDK provider - Dokan Filesystem Driver) - C:\Windows\system32\DRIVERS\dokan.sys [15/03/2019 07:34:31] - (0.0.0.0) - ( -) - C:\Windows\SysWow64\WinVDEdrv6.sys [15/03/2019 07:34:30] - (7.0.0.0) - (NewSoftwares.net, Inc. - Virtual Encryption Driver) - C:\Windows\SysWow64\WinVDEdrv.sys [02/05/2018 08:09:30] - (2.5.0.85) - (BitDefender S.R.L. - Trufos Kernel Module) - C:\Windows\system32\DRIVERS\Trufos.sys [02/05/2018 08:05:58] - (2.0.0.81) - (BitDefender LLC - BitDefender Gonzales FileSystem Driver) - C:\Windows\system32\DRIVERS\gzflt.sys [21/03/2019 10:32:08] - (1.0.0.20) - (IObit - IUProcessFilter) - C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [21/03/2019 10:32:09] - (1.0.0.20) - (IObit - IURegistryFilter) - C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys ---------- | LoadOrderGroup Name: System Reserved - DriverEnabled: True - GroupOrder: 1 - Status: OK Name: EMS - DriverEnabled: True - GroupOrder: 2 - Status: OK Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 3 - Status: OK Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 4 - Status: OK Name: System Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK Name: SCSI miniport - DriverEnabled: True - GroupOrder: 6 - Status: OK Name: Port - DriverEnabled: True - GroupOrder: 7 - Status: OK Name: Primary Disk - DriverEnabled: True - GroupOrder: 8 - Status: OK Name: SCSI Class - DriverEnabled: True - GroupOrder: 9 - Status: OK Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 10 - Status: OK Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 11 - Status: OK Name: FSFilter System - DriverEnabled: True - GroupOrder: 12 - Status: OK Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 13 - Status: OK Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 14 - Status: OK Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 15 - Status: OK Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 16 - Status: OK Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 17 - Status: OK Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 18 - Status: OK Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 19 - Status: OK Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 20 - Status: OK Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 21 - Status: OK Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 22 - Status: OK Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 23 - Status: OK Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 24 - Status: OK Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 25 - Status: OK Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 26 - Status: OK Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 27 - Status: OK Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 28 - Status: OK Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 29 - Status: OK Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 30 - Status: OK Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 31 - Status: OK Name: FSFilter Top - DriverEnabled: True - GroupOrder: 32 - Status: OK Name: Filter - DriverEnabled: True - GroupOrder: 33 - Status: OK Name: Boot File System - DriverEnabled: True - GroupOrder: 34 - Status: OK Name: Base - DriverEnabled: True - GroupOrder: 35 - Status: OK Name: Pointer Port - DriverEnabled: True - GroupOrder: 36 - Status: OK Name: Keyboard Port - DriverEnabled: True - GroupOrder: 37 - Status: OK Name: Pointer Class - DriverEnabled: True - GroupOrder: 38 - Status: OK Name: Keyboard Class - DriverEnabled: True - GroupOrder: 39 - Status: OK Name: Video Init - DriverEnabled: True - GroupOrder: 40 - Status: OK Name: Video - DriverEnabled: True - GroupOrder: 41 - Status: OK Name: Video Save - DriverEnabled: True - GroupOrder: 42 - Status: OK Name: File System - DriverEnabled: True - GroupOrder: 43 - Status: OK Name: Streams Drivers - DriverEnabled: True - GroupOrder: 44 - Status: OK Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 45 - Status: OK Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 46 - Status: OK Name: Event Log - DriverEnabled: True - GroupOrder: 47 - Status: OK Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 48 - Status: OK Name: AudioGroup - DriverEnabled: True - GroupOrder: 49 - Status: OK Name: UIGroup - DriverEnabled: True - GroupOrder: 50 - Status: OK Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 51 - Status: OK Name: PlugPlay - DriverEnabled: True - GroupOrder: 52 - Status: OK Name: Cryptography - DriverEnabled: True - GroupOrder: 53 - Status: OK Name: PNP_TDI - DriverEnabled: True - GroupOrder: 54 - Status: OK Name: NDIS - DriverEnabled: True - GroupOrder: 55 - Status: OK Name: TDI - DriverEnabled: True - GroupOrder: 56 - Status: OK Name: iSCSI - DriverEnabled: True - GroupOrder: 57 - Status: OK Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 58 - Status: OK Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK Name: NetworkProvider - DriverEnabled: True - GroupOrder: 63 - Status: OK Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 64 - Status: OK Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 65 - Status: OK Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 66 - Status: OK Name: Extended Base - DriverEnabled: True - GroupOrder: 67 - Status: OK Name: PCI Configuration - DriverEnabled: True - GroupOrder: 68 - Status: OK Name: MS Transactions - DriverEnabled: True - GroupOrder: 69 - Status: OK Name: Core - DriverEnabled: False - GroupOrder: 70 - Status: OK Name: PnP Filter - DriverEnabled: False - GroupOrder: 71 - Status: OK Name: Early-Launch - DriverEnabled: False - GroupOrder: 72 - Status: OK Name: Network - DriverEnabled: False - GroupOrder: 73 - Status: OK Name: System - DriverEnabled: False - GroupOrder: 74 - Status: OK Name: Core Security Extensions - DriverEnabled: False - GroupOrder: 75 - Status: OK Name: NetworkService - DriverEnabled: False - GroupOrder: 76 - Status: OK Name: _Early-Launch - DriverEnabled: False - GroupOrder: 77 - Status: OK Name: LocalService - DriverEnabled: False - GroupOrder: 78 - Status: OK ---------- | LoadOrderGroupServiceDependencies LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs" ---------- | LoadOrderGroupServiceMembers LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc" LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder" LoadOrderGroup.Name="AudioGroup" - Service.Name="Audiosrv" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="avast! Antivirus" LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="BrokerInfrastructure" LoadOrderGroup.Name="NetworkProvider" - Service.Name="Browser" LoadOrderGroup.Name="Core" - Service.Name="CmdAgent" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch" LoadOrderGroup.Name="PlugPlay" - Service.Name="DeviceInstall" LoadOrderGroup.Name="TDI" - Service.Name="Dhcp" LoadOrderGroup.Name="TDI" - Service.Name="Dnscache" LoadOrderGroup.Name="TDI" - Service.Name="dot3svc" LoadOrderGroup.Name="TDI" - Service.Name="DusmSvc" LoadOrderGroup.Name="Event Log" - Service.Name="EventLog" LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc" LoadOrderGroup.Name="TDI" - Service.Name="icssvc" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="igfxCUIService2.0.0.0" LoadOrderGroup.Name="TDI" - Service.Name="irmon" LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation" LoadOrderGroup.Name="TDI" - Service.Name="lmhosts" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="LSM" LoadOrderGroup.Name="NetworkService" - Service.Name="MapsBroker" LoadOrderGroup.Name="Base" - Service.Name="MdmLdrSvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="MpsSvc" LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI" LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcCtnrSvc" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcSvc" LoadOrderGroup.Name="Base" - Service.Name="PanelManagerSvc" LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay" LoadOrderGroup.Name="Plugplay" - Service.Name="Power" LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc" LoadOrderGroup.Name="Base" - Service.Name="RCD" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs" LoadOrderGroup.Name="Base" - Service.Name="SafiService" LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs" LoadOrderGroup.Name="Base" - Service.Name="Samsung Pen Service" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr" LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection" LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler" LoadOrderGroup.Name="profsvc_group" - Service.Name="SysMain" LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService" LoadOrderGroup.Name="System Reserved" - Service.Name="TeraCopyService" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc" LoadOrderGroup.Name="TDI" - Service.Name="Wcmsvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient" LoadOrderGroup.Name="TDI" - Service.Name="WlanSvc" LoadOrderGroup.Name="TDI" - Service.Name="wlpasvc" LoadOrderGroup.Name="LocalService" - Service.Name="workfolderssvc" LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc" LoadOrderGroup.Name="Base" - Service.Name="USBSafelyRemoveService" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="3ware" LoadOrderGroup.Name="Core" - SystemDriver.Name="ACPI" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AcpiDev" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="acpiex" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="acpitime" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ADP80XX" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsbs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="aswArDisk" LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="aswElam" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="aswKbd" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="aswMonFlt" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="aswRdr" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="aswRvrt" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="aswSnx" LoadOrderGroup.Name="FSFilter Security Enhancer" - SystemDriver.Name="aswSP" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="aswStm" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="aswVmm" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="atc" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="b06bdrv" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicDisplay" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicRender" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn2" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="bdfwfpf" LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="BHTPCRDR" LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthAvrcpTg" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthHFEnum" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="BthPan" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHPORT" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHUSB" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="bttflt" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="cht4iscsi" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="cht4vbd" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass" LoadOrderGroup.Name="FSFilter HSM" - SystemDriver.Name="CldFlt" LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS" LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="cmdboot" LoadOrderGroup.Name="Primary Disk" - SystemDriver.Name="cmderd" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="cmdGuard" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="cmdhlp" LoadOrderGroup.Name="Core" - SystemDriver.Name="CNG" LoadOrderGroup.Name="Base" - SystemDriver.Name="cnghwassist" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus" LoadOrderGroup.Name="Base" - SystemDriver.Name="condrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CSI2HostControllerDriver" LoadOrderGroup.Name="Network" - SystemDriver.Name="Dfsc" LoadOrderGroup.Name="File System" - SystemDriver.Name="Dokan" LoadOrderGroup.Name="Base" - SystemDriver.Name="dptf_acpi" LoadOrderGroup.Name="Base" - SystemDriver.Name="dptf_cpu" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="ebdrv" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorClass" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorTcgDrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev" LoadOrderGroup.Name="Base" - SystemDriver.Name="esif_lf" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat" LoadOrderGroup.Name="FSFilter Encryption" - SystemDriver.Name="FileCrypt" LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="FsDepends" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol" LoadOrderGroup.Name="Base" - SystemDriver.Name="genericusbfn" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="GPIOClx0101" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="gzflt" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidi2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidinterrupt" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hvservice" LoadOrderGroup.Name="System" - SystemDriver.Name="HwNClx0101" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hyperkbd" LoadOrderGroup.Name="Video" - SystemDriver.Name="HyperVideo" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt" LoadOrderGroup.Name="Base" - SystemDriver.Name="iai2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2_BXT_P" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C_BXT_P" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2_GPIO2" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2_I2C" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2_UART2" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSSi_GPIO" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSSi_I2C" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorA" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAC" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAV" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="ibbus" LoadOrderGroup.Name="Video" - SystemDriver.Name="igfx" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ignis" LoadOrderGroup.Name="Base" - SystemDriver.Name="IndirectKmd" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="inspect" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="IntcAudioBus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="IntcOED" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="intelpep" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="iorate" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="irda" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="kdnic" LoadOrderGroup.Name="Keyboard Class" - SystemDriver.Name="keycrypt" LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD" LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS3i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SSS" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv" LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbhost" LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbip" LoadOrderGroup.Name="Base" - SystemDriver.Name="MdmIf" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasr" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MEIx64" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="mlx4_bus" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ModemCtrl" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr" LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb10" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsBridge" LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="msgpiowin32" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidumdf" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsLldp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig" LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="mvumis" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ndfltr" LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisTapi" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="ndiswanlegacy" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ndproxy" LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="netvsc" LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="NTFS" LoadOrderGroup.Name="Base" - SystemDriver.Name="Null" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor" LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia" LoadOrderGroup.Name="System Reserved" - SystemDriver.Name="pcw" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pdc" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="PenS2Helper" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas3i" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Qcamain10x64" LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd" LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFS" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFSv1" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="RFCOMM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="rhproxy" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr" LoadOrderGroup.Name="Video" - SystemDriver.Name="s3cap" LoadOrderGroup.Name="Base" - SystemDriver.Name="SafiDrv" LoadOrderGroup.Name="Base" - SystemDriver.Name="SAMOPanel" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="sdbus" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="spaceport" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="SpatialGraphFilter" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2" LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="storahci" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="storflt" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stornvme" LoadOrderGroup.Name="FSFilter Quota Management" - SystemDriver.Name="storqosflt" LoadOrderGroup.Name="Base" - SystemDriver.Name="storvsc" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="supportdriver" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="swenum" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="Synth3dVsc" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="TchS2Helper" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="terminpt" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="TPM" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Trufos" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="TsUsbGD" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmCx0101" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmTcpciCx0101" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Ucx01000" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="Ufx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UfxChipidea" LoadOrderGroup.Name="Base" - SystemDriver.Name="ufxsynopsys" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsChipidea" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UrsCx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsSynopsys" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub" LoadOrderGroup.Name="Base" - SystemDriver.Name="USBHUB3" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci" LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="VerifierExt" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp" LoadOrderGroup.Name="Base" - SystemDriver.Name="vhf" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vmbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="VMBusHID" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vpci" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="VSTXRAID" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwififlt" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwifimp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarpv6" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="wcifs" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="wcnfs" LoadOrderGroup.Name="_Early-Launch" - SystemDriver.Name="WdBoot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="WdFilter" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wdnsfltr" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="WFPLWFS" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="WIMMount" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRT" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRTProxy" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="WinFLAdrv" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinMad" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinVerbs" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wmbclass" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi" LoadOrderGroup.Name="FSFilter Compression" - SystemDriver.Name="Wof" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="WpdUpFltr" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl" LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf" LoadOrderGroup.Name="base" - SystemDriver.Name="WUDFRd" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="xboxgip" LoadOrderGroup.Name="Base" - SystemDriver.Name="xinputhid" ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - aswArDisk (aswArDisk) -> system32\drivers\aswArDisk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswbidsh (aswbidsh) -> system32\drivers\aswbidsh.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswblog (aswblog) -> system32\drivers\aswblog.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswbuniv (aswbuniv) -> system32\drivers\aswbuniv.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswElam (aswElam) -> system32\drivers\aswElam.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswRvrt (aswRvrt) -> system32\drivers\aswRvrt.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswVmm (aswVmm) -> system32\drivers\aswVmm.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - cmdboot (COMODO Early Launch Driver) -> System32\DRIVERS\cmdboot.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (@disk.inf,%disk_ServiceDesc%;Pilote de disque) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorA () -> System32\drivers\iaStorA.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - iaStorAC (@oem61.inf,%iaStorAC.DeviceDesc%;Intel(R) Chipset SATA/PCIe RST Premium Controller) -> System32\drivers\iaStorAC.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Ignis (Ignis Service) -> system32\drivers\ignis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswArPot (aswArPot) -> system32\drivers\aswArPot.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswbidsdriver (aswbidsdriver) -> system32\drivers\aswbidsdriver.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswHdsKe (aswHdsKe) -> system32\drivers\aswHdsKe.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswKbd (aswKbd) -> system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswRdr (aswRdr) -> system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSnx (aswSnx) -> system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSP (aswSP) -> system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bdfwfpf (bdfwfpf) -> \??\C:\Program Files\adaware\adaware antivirus\AdAwareProxyEngine\1.0.0.8\bdfwfpf.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cmdcss (COMODO Secure Shopping) -> \SystemRoot\system32\drivers\cmdcss.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - cmderd (COMODO Internet Security Eradication Driver) -> System32\DRIVERS\cmderd.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - cmdGuard (COMODO Internet Security Sandbox Driver) -> system32\DRIVERS\cmdguard.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cmdhlp (COMODO Internet Security Helper Driver) -> \SystemRoot\system32\DRIVERS\cmdhlp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ElRawDisk (ElRawDisk) -> \??\C:\Windows\system32\drivers\rsdrvx64.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - inspect (@oem6.inf,%inspect_Desc%;COMODO Internet Security Firewall Driver) -> \SystemRoot\system32\DRIVERS\inspect.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - isedrv (Internet Security Essentials) -> \SystemRoot\system32\drivers\isedrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - SafiDrv (@oem5.inf,%SafiDrv.SVCDESC%;SafiDrv Service) -> \SystemRoot\System32\drivers\SafiDrv.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - SAMOPanel (@oem24.inf,%SAMOPanel.SVCDESC%;SAMOPanel Service) -> \SystemRoot\system32\DRIVERS\SAMOPanel.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - UimBus (@oem70.inf,%UIMDeviceDesc%;UIM Bus Controller) -> \SystemRoot\System32\drivers\uimbus.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Uim_DEVIM (@oem71.inf,%UIMDeviceDesc%;UIM Direct Device Image Plugin) -> \SystemRoot\System32\drivers\uimdevim.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ZAM (ZAM Helper Driver) -> \??\C:\Windows\System32\drivers\zam64.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ZAM_Guard (ZAM Guard Driver) -> \??\C:\Windows\System32\drivers\zamguard64.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True S2 - [Kernel Driver] - aswStm (aswStm) -> system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: False R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - Dokan (Dokan File System Driver) -> system32\DRIVERS\dokan.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - NEWDRIVER (NEWDRIVER) -> \??\C:\Windows\SysWow64\WinVDEdrv6.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - WinVDEDrv (WinVDEDrv) -> \??\C:\Windows\SysWow64\WinVDEdrv.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - 1394ohci (@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\1394ohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AcpiDev (@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver) -> \SystemRoot\System32\drivers\AcpiDev.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - acpipagr (@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver) -> \SystemRoot\System32\drivers\acpipagr.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - AcpiPmi (@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver) -> \SystemRoot\System32\drivers\acpipmi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - acpitime (@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver) -> \SystemRoot\System32\drivers\acpitime.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdK8 (@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver) -> \SystemRoot\System32\drivers\amdk8.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdPPM (@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver) -> \SystemRoot\System32\drivers\amdppm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AppID (@%systemroot%\system32\srpapi.dll,-100) -> system32\drivers\appid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - applockerfltr (@%systemroot%\system32\srpapi.dll,-102) -> system32\drivers\applockerfltr.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - AppNodeEnum (@oem37.inf,%AppNodeEnum.SVCDESC%;AppNodeEnum Service) -> \SystemRoot\system32\DRIVERS\AppNodeEnum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - AsyncMac (@%systemroot%\system32\mprmsg.dll,-32000) -> \SystemRoot\System32\drivers\asyncmac.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - atc (atc) -> system32\DRIVERS\atc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - bcmfn2 (@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service) -> \SystemRoot\System32\drivers\bcmfn2.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BcmGnssBus (@oem62.inf,%BcmGnssDriver.SVCDESC%;Broadcom GNSS Bus Driver disk) -> \SystemRoot\System32\drivers\BcmGnssBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - BHTPCRDR () -> \SystemRoot\System32\drivers\bhtpcrdr.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BioNTDrv (BioNTDrv) -> \??\C:\Program Files\Paragon Software\Hard Disk Manager 16 Basic\program\BioNTDrv.SYS - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - bowser (@%systemroot%\system32\browser.dll,-102) -> system32\DRIVERS\bowser.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - BtFilter (BtFilter) -> \SystemRoot\system32\DRIVERS\btfilter.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BthAvrcpTg (@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID) -> \SystemRoot\System32\drivers\BthAvrcpTg.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BthEnum (@bth.inf,%BthEnum.SVCDESC%;Service d’énumérateur Bluetooth) -> \SystemRoot\System32\drivers\BthEnum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BthHFEnum (@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator) -> \SystemRoot\System32\drivers\bthhfenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - bthhfhid (@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID) -> \SystemRoot\System32\drivers\BthHFHid.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - bthl2cap (@bthl2cap.inf,%bthl2cap_desc%;Microsoft Bluetooth Protocol Support Driver) -> \SystemRoot\system32\DRIVERS\bthl2cap.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - BthLEEnum (@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver) -> \SystemRoot\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BTHMODEM (@mdmbtmdm.inf,%BthModem.DisplayName%;Bluetooth Modem Communications Driver) -> \SystemRoot\System32\drivers\bthmodem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BthPan (@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network)) -> \SystemRoot\System32\drivers\bthpan.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BTHPORT (@bth.inf,%BTHPORT.SvcDesc%;Pilote de port Bluetooth) -> \SystemRoot\System32\drivers\BTHport.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BTHUSB (@bth.inf,%BTHUSB.SvcDesc%;Pilote USB radio Bluetooth) -> \SystemRoot\System32\drivers\BTHUSB.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - buttonconverter (@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices) -> \SystemRoot\System32\drivers\buttonconverter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CAD (@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver) -> \SystemRoot\System32\drivers\CAD.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - CapImg (@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen) -> \SystemRoot\System32\drivers\capimg.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - cht4vbd (@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver) -> \SystemRoot\System32\drivers\cht4vx64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - circlass (@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices) -> \SystemRoot\System32\drivers\circlass.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CmBatt (@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver) -> \SystemRoot\System32\drivers\CmBatt.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - CompositeBus (@compositebus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver) -> \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - condrv (Console Driver) -> System32\drivers\condrv.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - CSI2HostControllerDriver (@oem49.inf,%CSI2HostControllerDriver.SVCDESC%;Intel(R) CSI2 Host Controller services) -> \SystemRoot\System32\drivers\CSI2HostControllerDriver.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - dmvsc () -> \SystemRoot\System32\drivers\dmvsc.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - dptf_acpi () -> \SystemRoot\System32\drivers\dptf_acpi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - dptf_cpu () -> \SystemRoot\System32\drivers\dptf_cpu.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - drmkaud (@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers) -> \SystemRoot\System32\drivers\drmkaud.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ErrDev (@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver) -> \SystemRoot\System32\drivers\errdev.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - esif_lf () -> \SystemRoot\system32\DRIVERS\esif_lf.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - exfat (exFAT File System Driver) -> (?) - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - fastfat (FAT12/16/32 File System Driver) -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - fdc (@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver) -> \SystemRoot\System32\drivers\fdc.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - flpydisk (@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver) -> \SystemRoot\System32\drivers\flpydisk.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - gencounter (@wGenCounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter) -> \SystemRoot\System32\drivers\vmgencounter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - genericusbfn (@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class) -> \SystemRoot\System32\drivers\genericusbfn.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - GPIOClx0101 (Microsoft GPIO Class Extension Driver) -> System32\Drivers\msgpioclx.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - gzflt (gzflt) -> system32\DRIVERS\gzflt.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - HDAudBus (@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio) -> \SystemRoot\System32\drivers\HDAudBus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidBatt (@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver) -> \SystemRoot\System32\drivers\HidBatt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidBth (@hidbth.inf,%HIDBTH.SvcDesc%;Miniport HID Microsoft Bluetooth) -> \SystemRoot\System32\drivers\hidbth.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - hidi2c (@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver) -> \SystemRoot\System32\drivers\hidi2c.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - hidinterrupt (@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts) -> \SystemRoot\System32\drivers\hidinterrupt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidIr (@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver) -> \SystemRoot\System32\drivers\hidir.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HidUsb (@input.inf,%HID.SvcDesc%;Pilote de classe HID Microsoft) -> \SystemRoot\System32\drivers\hidusb.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - hvservice (@%SystemRoot%\system32\drivers\hvservice.sys,-16) -> system32\drivers\hvservice.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HwNClx0101 (Microsoft Hardware Notifications Class Extension Driver) -> System32\Drivers\mshwnclx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hyperkbd () -> \SystemRoot\System32\drivers\hyperkbd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HyperVideo () -> \SystemRoot\System32\drivers\HyperVideo.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - i8042prt (@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver) -> \SystemRoot\System32\drivers\i8042prt.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - iacamera64 (@oem58.inf,%iacamera64.DeviceDesc%;Intel(R) AVStream Camera 2500) -> \SystemRoot\system32\DRIVERS\iacamera64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - iactrllogic (@oem45.inf,%iactrllogic.SVCDESC%;Intel(R) Control Logic) -> \SystemRoot\System32\drivers\iactrllogic64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - iagpio (@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iagpio.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iai2c (@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller) -> \SystemRoot\System32\drivers\iai2c.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_GPIO2 (@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_GPIO2_BXT_P (@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_I2C (@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_I2C_BXT_P (@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C_BXT_P.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - iaLPSS2_GPIO2 (@oem56.inf,%iaLPSS2_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2_GPIO2.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - iaLPSS2_I2C (@oem47.inf,%iaLPSS2_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2_I2C.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - iaLPSS2_UART2 (@oem54.inf,%iaLPSS2_UART2.SVCDESC%;Intel(R) Serial IO UART Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2_UART2.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - iaLPSSi_GPIO (@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSSi_I2C (@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_I2C.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ibbus (@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver)) -> \SystemRoot\System32\drivers\ibbus.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - igfx () -> \SystemRoot\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igdkmd64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - IMX241 (@oem48.inf,%IMX241.SVCDESC%;Camera Sensor IMX241) -> \SystemRoot\System32\drivers\imx241.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - IMX258 (@oem52.inf,%IMX258.SVCDESC%;Camera Sensor IMX258) -> \SystemRoot\System32\drivers\imx258.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IndirectKmd (@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100) -> \SystemRoot\System32\drivers\IndirectKmd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - IntcAudioBus (@oem2.inf,%IntcAudioBus.SVCDESC%;Intel(R) Smart Sound Technology (Intel(R) SST) Bus) -> \SystemRoot\System32\drivers\IntcAudioBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - IntcAzAudAddService (Service for Realtek HD Audio (WDM)) -> \SystemRoot\system32\drivers\RTKVHD64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - IntcDAud (@oem64.inf,%IntcAud.SvcDesc%;Son Intel(R) pour écrans) -> \SystemRoot\System32\DriverStore\FileRepository\intcdaud.inf_amd64_ebc6f6a745bbd391\IntcDAud.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - IntcOED (@oem59.inf,%IntcOED.SVCDESC%;Pilote OED de la technologie Intel(R) Smart Sound) -> \SystemRoot\System32\drivers\IntcOED.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - intelppm (@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver) -> \SystemRoot\System32\drivers\intelppm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - invdimm (@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver) -> \SystemRoot\System32\drivers\invdimm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IpFilterDriver (@%systemroot%\system32\mprmsg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPMIDRV () -> \SystemRoot\System32\drivers\IPMIDrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPT () -> \SystemRoot\System32\drivers\ipt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - irda (IrDA) -> \SystemRoot\system32\drivers\irda.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IRENUM (@%SystemRoot%\system32\drivers\irenum.sys,-100) -> system32\drivers\irenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iScsiPrt (@iscsi.inf,%iScsiPortName%;iScsiPort Driver) -> \SystemRoot\System32\drivers\msiscsi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - IUProcessFilter (IUProcessFilter) -> \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - IURegistryFilter (IURegistryFilter) -> \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kbdclass (@keyboard.inf,%kbdclass.SvcDesc%;Pilote de la classe Clavier) -> \SystemRoot\System32\drivers\kbdclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kbdhid (@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver) -> \SystemRoot\System32\drivers\kbdhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kdnic (@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20)) -> \SystemRoot\System32\drivers\kdnic.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - keycrypt () -> system32\DRIVERS\KeyCrypt64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mausbhost (@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver) -> \SystemRoot\System32\drivers\mausbhost.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mausbip (@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver) -> \SystemRoot\System32\drivers\mausbip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MdmIf (@oem20.inf,%MdmIfSvcDesc%;Modem Interface driver for Xmm726x) -> \SystemRoot\System32\Drivers\MdmIf.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - MEIx64 (@oem57.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface) -> \SystemRoot\System32\drivers\TeeDriverW8x64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mlx4_bus (@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator) -> \SystemRoot\System32\drivers\mlx4_bus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Modem () -> system32\drivers\modem.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ModemCtrl (@oem20.inf,%ModemCtrlSvcDesc%;ModemCtrl Service) -> \SystemRoot\System32\drivers\ModemCtrl.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - monitor (@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service) -> \SystemRoot\System32\drivers\monitor.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouclass (@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver) -> \SystemRoot\System32\drivers\mouclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouhid (@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver) -> \SystemRoot\System32\drivers\mouhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mpsdrv (@%SystemRoot%\system32\drivers\mpsdrv.sys,-23092) -> System32\drivers\mpsdrv.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - MsBridge (@%SystemRoot%\system32\bridgeres.dll,-1) -> System32\drivers\bridge.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - msgpiowin32 (@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator) -> \SystemRoot\System32\drivers\msgpiowin32.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mshidkmdf () -> \SystemRoot\System32\drivers\mshidkmdf.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mshidumdf (@%SystemRoot%\system32\drivers\mshidumdf.sys,-100) -> \SystemRoot\System32\drivers\mshidumdf.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - MSKSSRV (@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy) -> \SystemRoot\System32\drivers\MSKSSRV.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - MSPCLOCK (@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy) -> \SystemRoot\System32\drivers\MSPCLOCK.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPQM (@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy) -> \SystemRoot\System32\drivers\MSPQM.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MsRPC () -> (?) - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSTEE (@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter) -> \SystemRoot\System32\drivers\MSTEE.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - MTConfig (@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver) -> \SystemRoot\System32\drivers\MTConfig.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NativeWifiP (@%SystemRoot%\System32\drivers\nwifi.sys,-101) -> system32\DRIVERS\nwifi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ndfltr (@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service) -> \SystemRoot\System32\drivers\ndfltr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisCap (@%SystemRoot%\System32\drivers\ndiscap.sys,-5000) -> System32\drivers\ndiscap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisImPlatform (@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501) -> System32\drivers\NdisImPlatform.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisTapi (@%systemroot%\system32\mprmsg.dll,-32001) -> System32\DRIVERS\ndistapi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - Ndisuio (NDIS Usermode I/O Protocol) -> system32\drivers\ndisuio.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NdisVirtualBus (@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200) -> \SystemRoot\System32\drivers\NdisVirtualBus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - NdisWan (@%systemroot%\system32\mprmsg.dll,-32002) -> \SystemRoot\System32\drivers\ndiswan.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ndiswanlegacy (@%systemroot%\system32\mprmsg.dll,-32014) -> System32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ndproxy (@%SystemRoot%\system32\drivers\todo.sys,-101;NDIS Proxy) -> System32\DRIVERS\NDProxy.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NetAdapterCx (Network Adapter Wdf Class Extension Library) -> system32\drivers\NetAdapterCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - netvsc () -> \SystemRoot\System32\drivers\netvsc.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - NTFS () -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - nvdimmn (@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver) -> \SystemRoot\System32\drivers\nvdimmn.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Parport (@msports.inf,%Parport.SVCDESC%;Parallel port driver) -> \SystemRoot\System32\drivers\parport.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - PenS2Helper (@oem33.inf,%PenS2Helper.SVCDESC%;PenS2Helper Service) -> \SystemRoot\system32\DRIVERS\PenS2Helper.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - pmem (@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver) -> \SystemRoot\System32\drivers\pmem.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - PNPMEM (@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver) -> \SystemRoot\System32\drivers\pnpmem.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - PptpMiniport (@%systemroot%\system32\mprmsg.dll,-32006) -> \SystemRoot\System32\drivers\raspptp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Processor (@cpu.inf,%Processor.SvcDesc%;Processor Driver) -> \SystemRoot\System32\drivers\processr.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - Qcamain10x64 (@oem68.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN 11AC device driver) -> \SystemRoot\System32\drivers\Qcamain10x64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasAgileVpn (@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2)) -> \SystemRoot\System32\drivers\AgileVpn.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Rasl2tp (@%systemroot%\system32\mprmsg.dll,-32005) -> \SystemRoot\System32\drivers\rasl2tp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasPppoe (@%systemroot%\system32\mprmsg.dll,-32007) -> \SystemRoot\System32\drivers\raspppoe.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> \SystemRoot\System32\drivers\rassstp.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - rdpbus (@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver) -> \SystemRoot\System32\drivers\rdpbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - RDPDR (@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100) -> System32\drivers\rdpdr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - ReFS () -> (?) - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - ReFSv1 () -> (?) - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RFCOMM (@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI)) -> \SystemRoot\System32\drivers\rfcomm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - rhproxy (@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver) -> \SystemRoot\System32\drivers\rhproxy.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - s3cap () -> \SystemRoot\System32\drivers\vms3cap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdbus () -> \SystemRoot\System32\drivers\sdbus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SDFRd (@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector) -> \SystemRoot\System32\drivers\SDFRd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdstor (@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver) -> \SystemRoot\System32\drivers\sdstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SerCx (Serial UART Support Library) -> system32\drivers\SerCx.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - SerCx2 (Serial UART Support Library) -> system32\drivers\SerCx2.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Serenum (@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver) -> \SystemRoot\System32\drivers\serenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serial (@msports.inf,%Serial.SVCDESC%;Serial port driver) -> \SystemRoot\System32\drivers\serial.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sermouse (@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver) -> \SystemRoot\System32\drivers\sermouse.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sfloppy (@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive) -> \SystemRoot\System32\drivers\sfloppy.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SkcController (@oem25.inf,%SkcController.SVCDESC%;Intel(R) Control Logic) -> \SystemRoot\System32\drivers\SkcController.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SpatialGraphFilter (Holographic Spatial Graph Filter) -> System32\drivers\SpatialGraphFilter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - SpbCx (Simple Peripheral Bus Support Library) -> system32\drivers\SpbCx.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srvnet () -> System32\DRIVERS\srvnet.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - supportdriver (@oem50.inf,%supportdriver.SVCDESC%;Intel(R) Imaging Signal Processor 2500) -> \SystemRoot\System32\drivers\iaisp64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - swenum (@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver) -> \SystemRoot\System32\drivers\swenum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Synth3dVsc () -> \SystemRoot\System32\drivers\Synth3dVsc.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - TchS2Helper (@oem32.inf,%TchS2Helper.SVCDESC%;TchS2Helper Service) -> \SystemRoot\System32\drivers\TchS2Helper.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Tcpip6 (@todo.dll,-100;Microsoft IPv6 Protocol Driver) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - terminpt (@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver) -> \SystemRoot\System32\drivers\terminpt.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - TPM (@tpm.inf,%TPM%;TPM) -> \SystemRoot\System32\drivers\tpm.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - Trufos (Trufos) -> system32\DRIVERS\Trufos.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - tsusbflt (@%SystemRoot%\system32\drivers\tsusbflt.sys,-1000) -> System32\drivers\TsUsbFlt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TsUsbGD (@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device) -> \SystemRoot\System32\drivers\TsUsbGD.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - tunnel (@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver) -> \SystemRoot\System32\drivers\tunnel.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UASPStor (@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver) -> \SystemRoot\System32\drivers\uaspstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmCx0101 (USB Connector Manager KMDF Class Extension) -> System32\Drivers\UcmCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmTcpciCx0101 (UCM-TCPCI KMDF Class Extension) -> System32\Drivers\UcmTcpciCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmUcsi (@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client) -> \SystemRoot\System32\drivers\UcmUcsi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - Ucx01000 (USB Host Support Library) -> system32\drivers\ucx01000.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UdeCx (USB Device Emulation Support Library) -> system32\drivers\udecx.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - UEFI (@uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver) -> \SystemRoot\System32\drivers\UEFI.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Ufx01000 (USB Function Class Extension) -> system32\drivers\ufx01000.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UfxChipidea (@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller) -> \SystemRoot\System32\drivers\UfxChipidea.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ufxsynopsys (@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller) -> \SystemRoot\System32\drivers\ufxsynopsys.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - umbus (@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver) -> \SystemRoot\System32\drivers\umbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UmPass (@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver) -> \SystemRoot\System32\drivers\umpass.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsChipidea (@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urschipidea.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsCx01000 (USB Role-Switch Support Library) -> system32\drivers\urscx01000.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsSynopsys (@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urssynopsys.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbccgp (@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver) -> \SystemRoot\System32\drivers\usbccgp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbcir (@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR)) -> \SystemRoot\System32\drivers\usbcir.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbehci (@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbehci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbhub (@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver) -> \SystemRoot\System32\drivers\usbhub.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBHUB3 (@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub) -> \SystemRoot\System32\drivers\UsbHub3.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbohci (@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbprint (@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class) -> \SystemRoot\System32\drivers\usbprint.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbser (@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver) -> \SystemRoot\System32\drivers\usbser.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBSTOR (@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver) -> \SystemRoot\System32\drivers\USBSTOR.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbuhci (@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbuhci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbvideo (@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM)) -> \SystemRoot\System32\Drivers\usbvideo.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBXHCI (@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\USBXHCI.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - VerifierExt (@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000) -> system32\drivers\VerifierExt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhdmp () -> \SystemRoot\System32\drivers\vhdmp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhf (@%SystemRoot%\system32\drivers\vhf.sys,-100) -> \SystemRoot\System32\drivers\vhf.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - VirtualButtons (@oem55.inf,%VirtualButtons%;Intel(R) Virtual Buttons) -> \SystemRoot\System32\drivers\VirtualButtons.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - VMBusHID () -> \SystemRoot\System32\drivers\VMBusHID.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vmgid (@wvmgid.inf,%VmGid.SVCDESC%;Microsoft Hyper-V Guest Infrastructure Driver) -> \SystemRoot\System32\drivers\vmgid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vnvdimm (@vnvdimm.inf,%vnvdimm.SvcDesc%;Microsoft virtual NVDIMM device driver) -> \SystemRoot\System32\drivers\vnvdimm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vpci (@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus) -> \SystemRoot\System32\drivers\vpci.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - vwifimp (@%SystemRoot%\System32\drivers\vwifimp.sys,-261) -> \SystemRoot\System32\drivers\vwifimp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WacomPen (@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver) -> \SystemRoot\System32\drivers\wacompen.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wanarpv6 (@%systemroot%\system32\mprmsg.dll,-32012) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - wcnfs (@%systemroot%\system32\drivers\wcnfs.sys,-100) -> \SystemRoot\system32\drivers\wcnfs.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> \SystemRoot\system32\drivers\WdBoot.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> \SystemRoot\system32\drivers\WdFilter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - wdiwifi (WDI Driver Framework) -> system32\DRIVERS\wdiwifi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WdNisDrv (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370) -> system32\Drivers\WdNisDrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wdnsfltr (Windows Defender Network Stream Filter Driver) -> system32\drivers\wdnsfltr.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - WIMMount (@%SystemRoot%\system32\drivers\wimmount.sys,-101) -> system32\drivers\wimmount.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinMad (@mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service) -> \SystemRoot\System32\drivers\winmad.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinNat (@%SystemRoot%\system32\drivers\winnat.sys,-10001) -> system32\drivers\winnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WINUSB (@winusb.inf,%WINUSB_SvcDesc%;WinUsb Driver) -> \SystemRoot\System32\drivers\WinUSB.SYS - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinVerbs (@mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service) -> \SystemRoot\System32\drivers\winverbs.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wmbclass (@netwmbclass.inf,%wmbclass.Service.DispName%;USB Mobile Broadband Adapter Driver) -> \SystemRoot\System32\drivers\wmbclass.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WmiAcpi (@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI) -> \SystemRoot\System32\drivers\wmiacpi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WpdUpFltr (@%systemroot%\System32\drivers\WpdUpFltr.sys,-100) -> System32\drivers\WpdUpFltr.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WUDFRd (@%SystemRoot%\system32\drivers\WudfRd.sys,-1000) -> \SystemRoot\System32\drivers\WUDFRd.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WUDFWpdFs () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - xboxgip (@xboxgip.inf,%XBOXGIP_Desc%;Xbox Game Input Protocol Driver) -> \SystemRoot\System32\drivers\xboxgip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - xinputhid (@xinputhid.inf,%xinputhid.SvcDesc%;XINPUT HID Filter Driver) -> \SystemRoot\System32\drivers\xinputhid.sys - AcceptPause: False - AcceptStop: False S4 - [File System Driver] - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - cnghwassist (@%SystemRoot%\system32\drivers\cnghwassist.sys,-100) -> System32\DRIVERS\cnghwassist.sys - AcceptPause: False - AcceptStop: False S4 - [File System Driver] - udfs (udfs) -> system32\DRIVERS\udfs.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: False ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CEB9F3E9BD4E4FF1ACEB2370E55A36AC1] : (.-.) -> [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8248212A-01F7-4BF1-A4FD-BA0A965198B4}] : (Turbo.net Sandbox Manager 19.3.-.Code Systems Corporation) -> "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Turbo\19.3.1945.0\Turbo-Sandbox.exe" /uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\abylonprotectionmanagersafe_is1] : (abylon KEYSAFE 17.60.1 (Privatversion).-.abylonsoft) -> "C:\Program Files\abylonsoft\SAKeySafe\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BitLocker Anywhere_is1] : (BitLocker Anywhere version 5.0.-.Hasleo Software.) -> "C:\Program Files\Hasleo\BitLocker Anywhere\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CEB9F3E9BD4E4FF1ACEB2370E55A36AC0] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EasyUEFI_is1] : (EasyUEFI version 3.6.-.Hasleo Software.) -> "C:\Program Files\Hasleo\EasyUEFI\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\PC Optimizer Pro] : (PC Optimizer Pro.-.Xportsoft Technologies) -> D:\PC Optimizer Pro\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\proDAD-Adorage-3.0] : (proDAD Adorage 3.0 (64bit).-.proDAD GmbH) -> "C:\Program Files\proDAD\Adorage-3.0\uninstall.exe" uninstall spcp PATHVERSION "3.0" MAINNAME "Adorage" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Software Informer_is1] : (Software Informer 1.4.1305.0.-.Informer Technologies, Inc.) -> "C:\Program Files\Software Informer\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Unlocker] : (Unlocker 1.9.2.-.Cedrick Collomb) -> C:\Program Files (x86)\Unlocker\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinToHDD_is1] : (WinToHDD version 3.2.-.Hasleo Software.) -> "C:\Program Files\Hasleo\WinToHDD\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0052BF58-5307-4F7D-A379-8F4EC9212FA8}] : (S Agent.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{0052BF58-5307-4F7D-A379-8F4EC9212FA8} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{06886E89-6E1B-4DD9-87F9-B9E25F63D74F}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{06886E89-6E1B-4DD9-87F9-B9E25F63D74F} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{125B62DE-4575-4D4D-982F-AB6F9E913B54}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{125B62DE-4575-4D4D-982F-AB6F9E913B54} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{20CA507E-24AA-4741-87CF-CC1B250790B7}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{232046DA-BB57-4114-9A0D-1119F00C4398}] : (FirewallEngine.-.adaware) -> MsiExec.exe /I{232046DA-BB57-4114-9A0D-1119F00C4398} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{258E992F-46AD-45FB-B83B-0CE0EC6FC549}] : (Intel(R) Management Engine Driver.-.Intel Corporation) -> MsiExec.exe /I{258E992F-46AD-45FB-B83B-0CE0EC6FC549} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26F31E12-3722-45FD-903B-49012286BB4C}] : (OnlineThreatsEngine.-.adaware) -> MsiExec.exe /I{26F31E12-3722-45FD-903B-49012286BB4C} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{38FBDB20-F62D-4CD6-A04E-87FD30F3E43A}] : (Paragon UIM.-.Paragon Software) -> MsiExec.exe /I{38FBDB20-F62D-4CD6-A04E-87FD30F3E43A} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}] : (AdAwareInstaller.-.adaware) -> MsiExec.exe /I{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5C7A5F94-02E9-4C5D-A594-B1F10865965A}] : (AntimalwareEngine.-.adaware) -> MsiExec.exe /I{5C7A5F94-02E9-4C5D-A594-B1F10865965A} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5CD8F386-6796-4500-9FD8-CF92C9276B62}] : (COMODO Internet Security Premium.-.COMODO Security Solutions Inc.) -> MsiExec.exe /I{5CD8F386-6796-4500-9FD8-CF92C9276B62} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5FFF7119-74E8-442E-970E-50BAD81D5371}] : (AdAwareUpdater.-.adaware) -> MsiExec.exe /I{5FFF7119-74E8-442E-970E-50BAD81D5371} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}] : (Qualcomm Atheros Bluetooth Installer (64).-.Qualcomm Atheros) -> MsiExec.exe /X{628988B4-3FA5-4EA6-BAA3-DA640F6718BD} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6AF12D35-E079-44D3-957F-CA9FBF9801A5}] : (Paragon Hard Disk Manager™ 16.5 Advanced.-.Paragon Software) -> MsiExec.exe /X{6AF12D35-E079-44D3-957F-CA9FBF9801A5} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{700C79E1-C8E3-454E-B760-CAFFE9F2A6AA}] : (AvcEngine.-.adaware) -> MsiExec.exe /I{700C79E1-C8E3-454E-B760-CAFFE9F2A6AA} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7DE129E5-BB4A-4517-A6CD-C69EEB346781}] : (AntispamEngine.-.adaware) -> MsiExec.exe /I{7DE129E5-BB4A-4517-A6CD-C69EEB346781} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C}] : (AdAwareProxyEngine.-.adaware) -> MsiExec.exe /I{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{81520FC5-3518-40E9-9803-70CE8A801D07}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{81520FC5-3518-40E9-9803-70CE8A801D07} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8B4DBB94-B69B-4C4F-AADD-C10CFB220F1F}] : (Microsoft VC++ redistributables repacked..-.Intel Corporation) -> MsiExec.exe /I{8B4DBB94-B69B-4C4F-AADD-C10CFB220F1F} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8D64B0CF-B925-4AC6-A7A7-9CDDC6733122}] : (Simply Good Pictures 5 Free.-.Engelmann Software) -> MsiExec.exe /I{8D64B0CF-B925-4AC6-A7A7-9CDDC6733122} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8DB422C2-D359-49B1-A685-B71DA7358D5C}_is1] : (Remo ONE 1.0.0.-.Remo Software) -> "C:\Program Files\Remo ONE\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8DD5B1BF-E1BB-43DB-965C-DC6180A19518}_is1] : (Remo Repair MOV.-.Remo Software) -> "C:\Program Files\Remo Repair MOV 2.0\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A573D759-F894-448D-A420-3A9C31879F88}_is1] : (Remo Recover 5.0.-.Remo Software) -> "C:\Program Files\Remo Recover 5.0\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AFD24778-C2B9-41AC-881C-1E0DD7E07A7A}_is1] : (Remo Duplicate File Remover.-.Remo Software) -> "C:\Program Files\Remo Duplicate File Remover 1.0\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B709B962-53AA-446A-A733-95D1A6C5DE50}] : (Camtasia 2018.-.TechSmith Corporation) -> MsiExec.exe /I{B709B962-53AA-446A-A733-95D1A6C5DE50} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C0C78593-1CF0-4CD8-A80C-191FE561F5A5}] : (WlSarService.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{C0C78593-1CF0-4CD8-A80C-191FE561F5A5} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C9552825-7BF2-4344-BA91-D3CD46F4C442}] : (Intel(R) Trusted Connect Service Client x64.-.Intel Corporation) -> MsiExec.exe /I{C9552825-7BF2-4344-BA91-D3CD46F4C442} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D21EED26-59C0-4315-BDCC-D682496465E9}] : (Samsung Recovery.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{D21EED26-59C0-4315-BDCC-D682496465E9} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DF4E2424-348F-4227-9096-8EA478DFAB4E}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{DF4E2424-348F-4227-9096-8EA478DFAB4E} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E8CFA44D-E9D9-4FBB-B5A5-7022E2FB8ACC}_is1] : (Remo Backup.-.Remo Software) -> "C:\Program Files\Remo Backup\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}] : (Intel(R) ME UninstallLegacy.-.Intel Corporation) -> MsiExec.exe /I{E9B9A1A5-6398-4C99-8FDE-10794F6505C5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Babylon] : (Babylon.-.Babylon) -> C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BabylonToolbar] : (Babylon toolbar.-.) -> "C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BSPlayerf] : (BS.Player FREE.-.AB Team, d.o.o.) -> "C:\Program Files (x86)\Webteh\BSPlayer\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CEB9F3E9BD4E4FF1ACEB2370E55A36AC2] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Folder Lock] : (Folder Lock.-.New Softwares.net) -> "C:\Program Files (x86)\NewSoftware's\Folder Lock\uninstall.exe" -u [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FULL-DISKfighter] : (FULL-DISKfighter.-.SPAMfighter ApS.) -> "C:\Program Files (x86)\Fighters\FULL-DISKfighter\Uninstall.exe" Remove [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IObit Software Updater_is1] : (IObit Software Updater.-.IObit) -> "C:\Program Files (x86)\IObit\Software Updater\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IObitUninstall] : (IObit Uninstaller 8.-.IObit) -> "C:\Program Files (x86)\IObit\IObit Uninstaller\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\lfsh_uefm_efm_b162_w16_anaamfuw suite essentials setup] : (lfsh_uefm_efm_b162_w16_anaamfuw suite essentials setup.-.EFM_UEFM_Barrow_U) -> "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\lfsh_uefm_efm_b162_w16_anaamfuw suite essentials setup\uninst.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Moo0 DiskCleaner] : (Moo0 Néttoyeur de Disque 1.23.-.) -> C:\Program Files (x86)\Moo0\DiskCleaner 1.23\uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Moo0 ImageViewer] : (Moo0 Visionneuse d'Image SP 1.80.-.) -> C:\Program Files (x86)\Moo0\ImageViewer SP 1.80\uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Moo0 RightClicker] : (Moo0 Clic Droit Pro 1.56.-.) -> C:\Program Files (x86)\Moo0\RightClicker Pro 1.56\uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Moo0 VideoMinimizer] : (Moo0 Resizer vidéo 1.24.-.) -> C:\Program Files (x86)\Moo0\VideoResizer 1.24\uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\OneSafe PC Cleaner_is1] : (OneSafe PC Cleaner v6.9.6.1.-.Avanquest Software) -> "E:\OneSafe PC Cleaner\unins001.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\OUTDATEfighter] : (OUTDATEfighter.-.SPAMfighter ApS) -> "C:\Program Files (x86)\Fighters\OUTDATEfighter\Uninstall.exe" Remove [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PC Cleaner_is1] : (PC Cleaner v6.9.6.1.-.PC Helpsoft) -> "D:\Program Files (x86)\PC Cleaner\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PDF Conversa_is1] : (PDF Conversa.-.ASCOMP Software GmbH) -> "C:\Program Files (x86)\ASCOMP Software\PDF Conversa\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1] : (QuickStores-Toolbar 1.1.0.-.AB-Tools.com) -> "C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\QuickStoresToolbar\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\UnBlocker - FREEWARE_is1] : (UnBlocker.-.) -> "C:\Program Files (x86)\UnBlocker\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Unlocker] : (Unlocker 1.9.1.-.Cedrick Collomb) -> C:\Program Files (x86)\Unlocker\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Folder Hider_is1] : (Wise Folder Hider.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Folder Hider\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Memory Optimizer_is1] : (Wise Memory Optimizer 3.6.4.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Memory Optimizer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise YouTube Downloader_is1] : (Wise YouTube Downloader 2.8.2.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise YouTube Downloader\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{040FAA1B-3FB0-4610-A12D-4D165645E6D4}_is1] : (SysTools AD Browser v1.0.-.SysTools Software Pvt. Ltd.) -> "C:\Program Files (x86)\SysTools AD Browser\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{09170A3C-022B-42DF-BD63-D5FDD326133F}_is1] : (Symlink helper version 1.0.1.0.-.Marcin Szeniak) -> "C:\Program Files (x86)\Symlink helper\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2452C59D-5140-4A9A-A97F-B925390619E1}] : (Silent Install Builder 5.-.Aprel Tech, LLC) -> MsiExec.exe /X{2452C59D-5140-4A9A-A97F-B925390619E1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2CB37FA5-4137-49EE-8EE3-FB6424FED39D}_is1] : (iCare Format Recovery.-.iCareAll Inc.) -> "C:\Program Files (x86)\iCare Format Recovery\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{33A9041E-C619-4387-84C2-04DA1A5231E1}_is1] : (SysTools Mail Converter v1.0.-.SysTools Software Pvt. Ltd.) -> "C:\Program Files (x86)\SysTools Mail Converter\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{34CCB0FE-A68A-4C97-8F33-45B8BBDAC4B8}}_is1] : (SysTools VHDX Viewer v5.0.-.SysTools Software Pvt. Ltd.) -> "C:\Program Files\SysTools VHDX Viewer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3F3FB10C-7175-4D38-9335-3488B89C12AF}] : (OkayFreedom.-.Steganos Software GmbH) -> C:\Program Files (x86)\OkayFreedom\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5493FC89-21E8-4D88-BCA1-4D33F1410968}] : (Air Command.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{5493FC89-21E8-4D88-BCA1-4D33F1410968} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{56C76A75-BF3A-41E9-96D6-929E058DD38F}] : (Microsoft VC++ redistributables repacked..-.Intel Corporation) -> MsiExec.exe /I{56C76A75-BF3A-41E9-96D6-929E058DD38F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{61edd47c-c795-4f57-92f1-a20140231795}] : (Turbo Studio 19.-.Code Systems) -> MsiExec.exe /I{61edd47c-c795-4f57-92f1-a20140231795} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{79087BA9-C5B5-4081-A374-310AC02E2896}] : (ProtectStar(TM) iShredder 7.-.ProtectStar Inc.) -> MsiExec.exe /I{79087BA9-C5B5-4081-A374-310AC02E2896} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7C656021-D87C-4236-80DD-DBBEB205DA36}] : (FULL-DISKfighter.-.SPAMfighter ApS.) -> MsiExec.exe /X{7C656021-D87C-4236-80DD-DBBEB205DA36} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{87A08690-781E-4A8E-8300-775A2EA02932}] : (Show Window.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{87A08690-781E-4A8E-8300-775A2EA02932} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8B438F56-F6B0-4A48-8753-EA84E536E5D5}_is1] : (SysTools PDF Bates Numberer v3.5.-.SysTools Software Pvt. Ltd.) -> "C:\Program Files (x86)\SysTools PDF Bates Numberer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{96E8A815-3053-4616-AAC2-865E6B1792F5}_is1] : (WinSweeper 3.2.-.Solvusoft Corporation) -> "D:\Program Files (x86)\WinSweeper\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A8DF9623-2275-42d5-B47F-5BC6B2625246}_is1] : (SysTools E01 Viewer v2.0.-.SysTools Software Pvt. Ltd.) -> "C:\Program Files (x86)\SysTools E01 Viewer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AmazingFreeFolderPasswordLock}_is1] : (Amazing Folder Password Lock version 7.8.8.8.-.www.Amazing-Share.com) -> "C:\Program Files (x86)\Amazing-Share\Amazing Folder Password Lock\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B00E4D16-FCAD-4F83-8CC4-FE6A14096770}_is1] : (SysTools NTFS Log Analyzer 1.0.-.SysTools Software) -> "C:\Program Files (x86)\SysTools NTFS Log Analyzer\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C9552825-7BF2-4344-BA91-D3CD46F4C441}] : (Intel(R) Trusted Connect Service Client x86.-.Intel Corporation) -> MsiExec.exe /I{C9552825-7BF2-4344-BA91-D3CD46F4C441} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CDB4F12C-2E9E-48CC-8591-663964C1BAE3}] : (Samsung System Agent.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{CDB4F12C-2E9E-48CC-8591-663964C1BAE3} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628}] : (COMODO Secure Shopping.-.COMODO) -> MsiExec.exe /X{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D3A5E63A-5648-48D8-9283-149D9BFE44E9}_is1] : (Remo Repair Word.-.Remo Software) -> "C:\Program Files (x86)\Remo Repair Word 2.0\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}] : (OUTDATEfighter.-.SPAMfighter ApS) -> MsiExec.exe /X{DD016DFA-EDD4-46F4-B847-6B09724ECA95} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0CF025B-D6F3-4F7C-939B-23291F52875C}] : (Linux File Systems for Windows by Paragon Software.-.Paragon Software GmbH) -> MsiExec.exe /X{F0CF025B-D6F3-4F7C-939B-23291F52875C} ---------- | Ports ---------- | Microsoft Specifications CheckID: FULL_DISKfighter1{7C656021-D87C-4236-80DD-DBBEB205DA36} - Not VersionNT64 -> FULL_DISKfighter CheckID: FULL_DISKfighter_x641{7C656021-D87C-4236-80DD-DBBEB205DA36} - VersionNT64 -> FULL_DISKfighter_x64 CheckID: Options_Files_320{B709B962-53AA-446A-A733-95D1A6C5DE50} - NOT VersionNT64 -> Options_Files_32 CheckID: dokanlib.x640{F0CF025B-D6F3-4F7C-939B-23291F52875C} - Not VersionNT64 -> dokanlib.x64 CheckID: dokandrv.x640{F0CF025B-D6F3-4F7C-939B-23291F52875C} - Not VersionNT64 -> dokandrv.x64 ---------- | CLSID (Whitelist) [HKCR\CLSID\{15FD01A3-6E5D-4ECD-9EBD-1813CB3887A1}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{179F3D56-1B0B-42B2-A962-59B7EF59FE1B}] - (.-.) - C:\Windows\SysWOW64\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll [15/03/2019 05:50:11] [HKCR\CLSID\{181A38F4-6CE6-4edc-8DB0-6E5631963A1E}] - (.-.) - C:\Windows\SysWOW64\LocationFramework.dll [HKCR\CLSID\{1965FEA3-3896-438B-B789-F5981797E7E7}] - (.-.) - C:\Windows\SysWOW64\MapsBtSvcProxy.dll [HKCR\CLSID\{1CEBDE3E-6B91-484A-AF48-5E4F4ED6B1E1}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{1EA8EE18-48CB-49B6-9525-CF08BD600175}] - (.-.) - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\CDTPL\Krypt.dll [18/03/2019 00:34:39] [HKCR\CLSID\{206FA6D0-A493-41FA-943D-3F655088F7B9}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}] - (.-.) - "C:\Program Files (x86)\Windows Defender\MpOav.dll" [HKCR\CLSID\{2C5F9B72-7148-4D97-BFC9-68A0E076BEBD}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{2DD257A3-5028-41AE-A1E7-A12F76A08893}] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [15/02/2019 05:48:54] [HKCR\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}] - (.(c) Babylon Ltd. -.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll [07/11/2010 14:45:26] [HKCR\CLSID\{2FE8F810-B2A5-11d0-A787-0000F803ABFC}] - (.-.) - C:\Windows\system32\dplayx.dll [HKCR\CLSID\{363BE3C0-DDD4-4B21-BC6D-7E9DF8CE19CB}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{3647D1DF-A67B-4882-A74E-67EEB4178F89}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [15/03/2019 05:51:03] [HKCR\CLSID\{3F052B8E-512B-419D-9E06-9B9ADDC7118C}] - (.-.) - C:\Windows\SysWOW64\MapsCSP.dll [HKCR\CLSID\{4062C116-0270-11D3-8BCB-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{4108FA85-3586-11D3-8BD7-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{4516EC43-8F20-11D0-9B6D-0000C0781BC3}] - (.-.) - C:\Windows\system32\d3dxof.dll [HKCR\CLSID\{4EE17959-931E-49E4-A2C6-977ECF3628F3}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{51A00247-40A8-4845-9F17-7DBFCC9A8783}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\avi.dll [15/03/2019 11:53:35] [HKCR\CLSID\{51FC9E18-6E66-4BE2-BA40-3F68213E6EC0}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [15/03/2019 05:51:03] [HKCR\CLSID\{53D9DE0B-FC61-4650-9773-74D13CC7E582}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\mkx.dll [15/03/2019 11:53:35] [HKCR\CLSID\{54B7D246-951E-4BEA-B551-93D178284D13}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [15/03/2019 05:51:03] [HKCR\CLSID\{5DE7918B-BFD7-4C1E-B4E0-B16D0A3EA76B}] - (.-.) - C:\Windows\SysWOW64\AuthHostProxy.dll [HKCR\CLSID\{5EB699B3-9296-41BA-9258-DE70F03B7D6C}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{640167b4-59b0-47a6-b335-a6b3c0695aea}] - (.-.) - C:\Windows\system32\audiodev.dll [HKCR\CLSID\{64F2005C-6CF5-4652-B94F-600360B15B27}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\mkx.dll [15/03/2019 11:53:35] [HKCR\CLSID\{67213461-9306-4978-AC8D-608589F90F03}] - (.WiseVideoSuite.com - IE Add-on for download YouTube video..) - C:\PROGRA~2\Wise\WISEYO~1\WVDAdd.dll [15/03/2019 17:27:24] [HKCR\CLSID\{6ABB1C11-E261-4CEA-BBB5-3836225689DD}] - (.-.) - C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt32.dll [15/03/2019 09:28:40] [HKCR\CLSID\{760A8F35-97E7-479D-AAF5-DA9EFF95D751}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\dxr.dll [15/03/2019 11:53:35] [HKCR\CLSID\{79BA9E00-B6EE-11D1-86BE-00C04FBF8FEF}] - (.-.) - C:\Windows\System32\dmband.dll [HKCR\CLSID\{7A4A2147-162A-4c0b-ACF3-34620AECA9ED}] - (.(c) Intelligent Converters. - This is COM API implementing PDF-to-Word conversion. It has been developed by Intelligent Converters for PROMT..) - C:\Program Files (x86)\ASCOMP Software\PDF Conversa\p2wcom.dll [23/03/2019 12:14:23] [HKCR\CLSID\{810B5013-E88D-11D2-8BC1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{8685C4A9-D0E4-444C-87A0-D9FB858235A7}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{882BC1E4-C79E-475D-8CC7-CC8D112FDB17}] - (.-.) - C:\Windows\SysWOW64\RMSRoamingSecurity.dll [HKCR\CLSID\{8839A1BA-6D01-4525-98EB-723C628320F0}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [15/03/2019 05:51:03] [HKCR\CLSID\{8E8B4A31-408B-4929-86A4-A9FA9F01BA43}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\dxr.dll [15/03/2019 11:53:35] [HKCR\CLSID\{95BD18C1-D7FB-4BD3-839A-1C37C90131B1}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}] - (.(c) Babylon Ltd. -.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll [07/11/2010 14:45:26] [HKCR\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}] - (.(c) Babylon Ltd. -.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll [07/11/2010 14:45:28] [HKCR\CLSID\{994B3B2F-2880-4318-A583-15C38A01F571}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{9F2D4924-C5F4-43B6-A4AB-C4161C4C2879}] - (.-.) - C:\Program Files\COMODO\COMODO Internet Security\cmdcom32.dll [04/03/2019 22:34:22] [HKCR\CLSID\{A020FAD9-D661-4857-AA43-E6A86FF1163E}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{A36C253D-CEE4-4BCA-9CC2-E03CF6BBB054}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\dxr.dll [15/03/2019 11:53:35] [HKCR\CLSID\{A6098E79-9C50-4F87-8973-5FB4532C93D8}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{A7005AF0-D6E8-48AF-8DFA-023B1CF660A7}] - (.-.) - C:\Program Files\TeraCopy\TeraCopy.dll [15/03/2019 09:28:14] [HKCR\CLSID\{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}] - (.-.) - C:\PROGRA~1\TeraCopy\TERACO~3.DLL [15/03/2019 09:28:15] [HKCR\CLSID\{A82536D7-C8E6-4CEF-AA66-11E97EDDFC6D}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{A861C6E2-FCFC-11D2-8BC9-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{B3DE7EDC-0CD4-4d07-B1C5-92219CD475CC}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\mp4.dll [15/03/2019 11:53:35] [HKCR\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}] - (.(c) Babylon Ltd. -.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll [07/11/2010 10:21:48] [HKCR\CLSID\{B841F346-4835-4de8-AA5E-2E7CD2D4C435}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\ts.dll [15/03/2019 11:53:35] [HKCR\CLSID\{BD4FB4BE-809D-487b-ADD6-F7D164247E52}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\mkx.dll [15/03/2019 11:53:35] [HKCR\CLSID\{C5621364-87CC-4731-8947-929CAE75323E}] - (.-.) - %windir%\system32\F12\msdbg2.dll [HKCR\CLSID\{C64501F6-E6E6-451f-A150-25D0839BC510}] - (.-.) - C:\Windows\SysWOW64\speech\engines\tts\MSTTSEngine.dll [29/09/2017 14:42:24] [HKCR\CLSID\{C70EB77F-EFD4-4678-A27B-BF1648F30D04}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{CDAEB70C-E686-4299-93EB-7D63D77B7F63}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{D1EB6D20-8923-11d0-9D97-00A0C90A43CB}] - (.-.) - C:\Windows\system32\dplayx.dll [HKCR\CLSID\{D2AC2894-B39B-11D1-8704-00600893B1BD}] - (.-.) - C:\Windows\System32\dmband.dll [HKCR\CLSID\{D3075F87-A7BD-4231-9F6A-60C5E07374A7}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{D6FCA954-F7AE-4EAC-8783-85F5E4ABD840}] - (.-.) - %windir%\system32\F12\pdmproxy100.dll [HKCR\CLSID\{D8E090A5-4149-467D-8103-BFB8F51E8BCB}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{DB43B405-43AA-4f01-82D8-D84D47E6019C}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\ogm.dll [15/03/2019 11:53:35] [HKCR\CLSID\{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}] - (.-.) - C:\Program Files (x86)\Unlocker\UnlockerCOM.dll [04/07/2010 22:32:38] [HKCR\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}] - (.(c) Babylon Ltd. -.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll [07/11/2010 14:45:26] [HKCR\CLSID\{e8cc4cbe-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll [HKCR\CLSID\{e8cc4cbf-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll [HKCR\CLSID\{EBF2320A-2502-11D3-8BD1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{FA6C507D-A9AF-4385-86C0-80115F0AE20B}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{fdb00e52-a214-4aa1-8fba-4357bb0072ec}] - (.-.) - %windir%\system32\amsi.dll [HKCR\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}] - (.(c) Babylon Ltd. -.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll [07/11/2010 10:21:52] ---------- | Installer [HKCR\Installer\Products\02BDBF83D26F6DC40AE478DF033F4EA3] : Paragon UIM [HKCR\Installer\Products\09680A78E187E8A4380077A5E20A9223] : Show Window -> C:\windows\Installer\{87A08690-781E-4A8E-8300-775A2EA02932}\icon.exe [HKCR\Installer\Products\0B9FD51D89A3FEB47B5DCFA3AE746382] : COMODO Secure Shopping -> C:\Windows\Installer\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628}\icon.ico [HKCR\Installer\Products\0DA3CAEF620136F4AAFA5EFC4F22CBDC] : [HKCR\Installer\Products\0EA8C7F7B169DEA49BA99DEB920C2FC4] : AdAwareProxyEngine -> C:\Windows\Installer\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\120656C7C78D632408DDBDEB2B50AD63] : FULL-DISKfighter -> C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1E97C0073E8CE4547B06ACFF9E2F6AAA] : AvcEngine -> C:\Windows\Installer\{700C79E1-C8E3-454E-B760-CAFFE9F2A6AA}\ARPPRODUCTICON.exe [HKCR\Installer\Products\21E13F622273DF5409B394102268BBC4] : OnlineThreatsEngine -> C:\Windows\Installer\{26F31E12-3722-45FD-903B-49012286BB4C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\269B907BAA35A6447A33591D6A5CED05] : Camtasia 2018 -> C:\Windows\Installer\{B709B962-53AA-446A-A733-95D1A6C5DE50}\CamStudio.ico [HKCR\Installer\Products\39587C0C0FC18DC48AC091F15E165F5A] : WlSarService [HKCR\Installer\Products\4242E4FDF84372240969E84A87FDBAE4] : Intel(R) Management Engine Components [HKCR\Installer\Products\49F5A7C59E20D5C45A491B1F805669A5] : AntimalwareEngine -> C:\Windows\Installer\{5C7A5F94-02E9-4C5D-A594-B1F10865965A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4B8898265AF36AE4AB3AAD46F07681DB] : Qualcomm Atheros Bluetooth Installer (64) -> C:\windows\Installer\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}\ARPPRODUCTICON.exe [HKCR\Installer\Products\51E3D52DDBACc0246BC2071C5CEE36DF] : [HKCR\Installer\Products\5282559C2FB74434AB193DDC644F4C14] : Intel(R) Trusted Connect Service Client x86 [HKCR\Installer\Products\5282559C2FB74434AB193DDC644F4C24] : Intel(R) Trusted Connect Service Client x64 [HKCR\Installer\Products\53D21FA6970E3D4459F7ACF9FB89105A] : Paragon Hard Disk Manager™ 16.5 Advanced [HKCR\Installer\Products\5A1A9B9E893699C4F8ED0197F456505C] : Intel(R) ME UninstallLegacy [HKCR\Installer\Products\5CF0251881539E04893007ECA808D170] : Intel(R) Chipset Device Software [HKCR\Installer\Products\5E921ED7A4BB71546ADC6CE9BE437618] : AntispamEngine -> C:\Windows\Installer\{7DE129E5-BB4A-4517-A6CD-C69EEB346781}\ARPPRODUCTICON.exe [HKCR\Installer\Products\62DEE12D0C955134DBCC6D289446569E] : Samsung Recovery -> C:\windows\Installer\{D21EED26-59C0-4315-BDCC-D682496465E9}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\683F8DC569760054F98DFC299C72B626] : COMODO Internet Security Premium [HKCR\Installer\Products\70916FFBD2AA62A36866899D656AA2CB] : Visual C++ 10.0 CRT (x64) [HKCR\Installer\Products\7223F443205F9124D94C91765E68AFAF] : Update for Windows 10 for x64-based Systems (KB4480730) [HKCR\Installer\Products\75B373813CF4A1B4593B7A5ECD5A777F] : Qualcomm Atheros Setup -> C:\windows\Installer\{18373B57-4FC3-4B1A-95B3-A7E5DCA577F7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\85FB25007035D7F43A97F8E49C12F28A] : S Agent [HKCR\Installer\Products\9117FFF58E47E24479E005AB8DD13517] : AdAwareUpdater -> C:\Windows\Installer\{5FFF7119-74E8-442E-970E-50BAD81D5371}\ARPPRODUCTICON.exe [HKCR\Installer\Products\98CF39458E1288D4CB1AD4331F149086] : Air Command -> C:\windows\Installer\{5493FC89-21E8-4D88-BCA1-4D33F1410968}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\98E68860B1E69DD4789F9B2EF5367DF4] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\AD64023275BB4114A9D011910FC03489] : FirewallEngine -> C:\Windows\Installer\{232046DA-BB57-4114-9A0D-1119F00C4398}\ARPPRODUCTICON.exe [HKCR\Installer\Products\AFD610DD4DDE4F648B74B69027E4AC59] : OUTDATEfighter -> C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B1693ABFFD1DC394CBF16ED7B3388259] : Update for Windows 10 for x64-based Systems (KB4023057) [HKCR\Installer\Products\B520FC0F3F6DC7F439B93292F12578C5] : Linux File Systems for Windows by Paragon Software -> C:\Windows\Installer\{F0CF025B-D6F3-4F7C-939B-23291F52875C}\LinuxFS4Win.ico [HKCR\Installer\Products\C21F4BDCE9E2CC8458196693461CAB3E] : Samsung System Agent [HKCR\Installer\Products\c74dde16597c75f4291f2a1004327159] : Turbo Studio 19 -> C:\Windows\Installer\{61edd47c-c795-4f57-92f1-a20140231795}\controlPanelIcon.exe [HKCR\Installer\Products\D95C25420415A9A49AF79B529360911E] : Silent Install Builder 5 -> C:\Windows\Installer\{2452C59D-5140-4A9A-A97F-B925390619E1}\app_icon.ico [HKCR\Installer\Products\ED26B5215754D4D489F2BAF6E919B345] : Intel(R) Management Engine Components [HKCR\Installer\Products\EFE689CFCCA0DC443BF4245CCDAF8700] : [HKCR\Installer\Products\F299E852DA64BF548BB3C00ECEF65C94] : Intel(R) Management Engine Driver [HKCR\Installer\Products\FC0B46D8529B6CA47A7AC9DD6C371322] : Simply Good Pictures 5 Free [HKCR\Installer\Products\FD91ED4468AAA794C9ACF4250DFB9F8A] : AdAwareInstaller -> C:\Windows\Installer\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}\ARPPRODUCTICON.exe ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Nom de l’application défaillante svchost.exe_FrameServer, version : 10.0.16299.15, horodatage : 0x9c786b9a Nom du module défaillant : frameserver.dll, version : 10.0.16299.579, horodatage : 0x2a1bdeb4 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000005bf6e ID du processus défaillant : 0xb50 Heure de début de l’application défaillante : 0x01d4e3fb75edef6b Chemin d’accès de l’application défaillante : C:\Windows\System32\svchost.exe Chemin d’accès du module défaillant: c:\windows\system32\frameserver.dll ID de rapport : 51f801ec-b367-49d7-88a6-25d782ffd840 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante svchost.exe_FrameServer, version : 10.0.16299.15, horodatage : 0x9c786b9a Nom du module défaillant : frameserver.dll, version : 10.0.16299.579, horodatage : 0x2a1bdeb4 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000005bf6e ID du processus défaillant : 0x1f74 Heure de début de l’application défaillante : 0x01d4e3f5d7d4f350 Chemin d’accès de l’application défaillante : C:\Windows\System32\svchost.exe Chemin d’accès du module défaillant: c:\windows\system32\frameserver.dll ID de rapport : d8ff9fa3-29fe-40be-b563-75cb687cc669 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante svchost.exe_FrameServer, version : 10.0.16299.15, horodatage : 0x9c786b9a Nom du module défaillant : frameserver.dll, version : 10.0.16299.579, horodatage : 0x2a1bdeb4 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000005bf6e ID du processus défaillant : 0x2894 Heure de début de l’application défaillante : 0x01d4e3f52401fc25 Chemin d’accès de l’application défaillante : C:\Windows\System32\svchost.exe Chemin d’accès du module défaillant: c:\windows\system32\frameserver.dll ID de rapport : c856d715-63d6-42ee-91f0-79343d83d6c8 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante svchost.exe_FrameServer, version : 10.0.16299.15, horodatage : 0x9c786b9a Nom du module défaillant : frameserver.dll, version : 10.0.16299.579, horodatage : 0x2a1bdeb4 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000005bf6e ID du processus défaillant : 0x32ac Heure de début de l’application défaillante : 0x01d4e3f39553ff3d Chemin d’accès de l’application défaillante : C:\Windows\System32\svchost.exe Chemin d’accès du module défaillant: c:\windows\system32\frameserver.dll ID de rapport : 502d6195-a078-4840-beab-e87f03c8917a Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante babylon_3765483945.exe, version : 0.0.0.0, horodatage : 0x2a425e19 Nom du module défaillant : KERNELBASE.dll, version : 10.0.16299.1004, horodatage : 0x690aa820 Code d’exception : 0x0eedfade Décalage d’erreur : 0x00104622 ID du processus défaillant : 0x2fdc Heure de début de l’application défaillante : 0x01d4e3f41ce2065a Chemin d’accès de l’application défaillante : C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon_3765483945.exe Chemin d’accès du module défaillant: C:\Windows\System32\KERNELBASE.dll ID de rapport : cbb1c3fa-da8d-4b24-abc4-0a694072ad0b Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante babylon_3765483945.exe, version : 0.0.0.0, horodatage : 0x2a425e19 Nom du module défaillant : ntdll.dll, version : 10.0.16299.936, horodatage : 0x7b4896c1 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0002c236 ID du processus défaillant : 0x2fdc Heure de début de l’application défaillante : 0x01d4e3f41ce2065a Chemin d’accès de l’application défaillante : C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon_3765483945.exe Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : 14da47e7-e48d-4f54-9128-878c1396ca4d Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante babylon_2528611466.exe, version : 0.0.0.0, horodatage : 0x2a425e19 Nom du module défaillant : KERNELBASE.dll, version : 10.0.16299.1004, horodatage : 0x690aa820 Code d’exception : 0x0eedfade Décalage d’erreur : 0x00104622 ID du processus défaillant : 0x2db4 Heure de début de l’application défaillante : 0x01d4e3f3e795f5a1 Chemin d’accès de l’application défaillante : C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon_2528611466.exe Chemin d’accès du module défaillant: C:\Windows\System32\KERNELBASE.dll ID de rapport : bc46b959-a179-4a5d-8b44-8f0865340d57 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante babylon_2528611466.exe, version : 0.0.0.0, horodatage : 0x2a425e19 Nom du module défaillant : ntdll.dll, version : 10.0.16299.936, horodatage : 0x7b4896c1 Code d’exception : 0xc0000005 Décalage d’erreur : 0x0002c236 ID du processus défaillant : 0x2db4 Heure de début de l’application défaillante : 0x01d4e3f3e795f5a1 Chemin d’accès de l’application défaillante : C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon_2528611466.exe Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : bb7444eb-4ca0-4a6a-bab9-289522790af9 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante PCCNotifications.exe, version : 0.0.0.0, horodatage : 0x5c920f37 Nom du module défaillant : PCCNotifications.exe, version : 0.0.0.0, horodatage : 0x5c920f37 Code d’exception : 0xc000041d Décalage d’erreur : 0x00131001 ID du processus défaillant : 0x3360 Heure de début de l’application défaillante : 0x01d4e3f189c7a0d0 Chemin d’accès de l’application défaillante : E:\PC Cleaner\PCCNotifications.exe Chemin d’accès du module défaillant: E:\PC Cleaner\PCCNotifications.exe ID de rapport : cc4c7af6-1e51-41a5-bc0c-4f5757cd5b41 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Windows ne peut pas accéder au fichier pour une des raisons suivantes : un problème s’est produit avec la connexion réseau, le disque sur lequel le fichier est enregistré, ou les pilotes de stockage installés sur cet ordinateur, ou le disque est manquant. Windows a fermé le programme PCCNotifications.exe en raison de cette erreur. Programme : PCCNotifications.exe Fichier : La valeur de l’erreur est affichée dans la section Données supplémentaires. Action utilisateur 1. Ouvrez à nouveau le fichier. Cette situation peut résulter d’un problème temporaire qui se corrigera de lui-même à la prochaine exécution du programme. 2. Si le fichier est toujours inaccessible et - Il se trouve sur le réseau : votre administrateur réseau devrait vérifier qu’il n’y a aucun problème avec le réseau et que le serveur peut être contacté. - Il se trouve sur un disque amovible, par exemple une disquette ou un CD-ROM : vérifiez que le disque est inséré correctement dans l’ordinateur. 3. Vérifiez et réparez le système de fichiers en exécutant CHKDSK. Pour exécuter CHKDSK, cliquez sur Démarrer, Exécuter, entrez CMD puis cliquez sur OK. À l’invite de commandes, entrez CHKDSK /F et appuyez sur Entrée. 4. Si le problème persiste, restaurez le fichier à partir d’une copie de sauvegarde. 5. Déterminez si d’autres fichiers du même disque peuvent être ouverts. Si ce n’est pas le cas, le disque est peut-être endommagé. S’il s’agit d’un disque dur, contactez votre administrateur ou le distributeur de votre ordinateur pour obtenir une assistance supplémentaire. Données supplémentaires Valeur de l’erreur : 00000000 Type du disque : 0 ------------ Nom de l’application défaillante OSPCNotifications.exe, version : 0.0.0.0, horodatage : 0x5c921242 Nom du module défaillant : ntdll.dll, version : 10.0.16299.936, horodatage : 0x7b4896c1 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00061cdd ID du processus défaillant : 0x3760 Heure de début de l’application défaillante : 0x01d4e3f1cd257e8c Chemin d’accès de l’application défaillante : E:\OneSafe PC Cleaner\OSPCNotifications.exe Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll ID de rapport : 5aa8a53c-4507-4544-b221-1d1151f30beb Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante PCCNotifications.exe, version : 0.0.0.0, horodatage : 0x5c920f37 Nom du module défaillant : PCCNotifications.exe, version : 0.0.0.0, horodatage : 0x5c920f37 Code d’exception : 0xc0000096 Décalage d’erreur : 0x00131001 ID du processus défaillant : 0x3360 Heure de début de l’application défaillante : 0x01d4e3f189c7a0d0 Chemin d’accès de l’application défaillante : E:\PC Cleaner\PCCNotifications.exe Chemin d’accès du module défaillant: E:\PC Cleaner\PCCNotifications.exe ID de rapport : b6aa7636-5a42-43fe-adc6-34627eaa53af Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante svchost.exe_FrameServer, version : 10.0.16299.15, horodatage : 0x9c786b9a Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00007ffefffffffe ID du processus défaillant : 0x2844 Heure de début de l’application défaillante : 0x01d4e3f284f3be63 Chemin d’accès de l’application défaillante : C:\Windows\System32\svchost.exe Chemin d’accès du module défaillant: unknown ID de rapport : e1b3a401-e000-41cd-92cc-77bcf0d2b4ef Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante svchost.exe_FrameServer, version : 10.0.16299.15, horodatage : 0x9c786b9a Nom du module défaillant : frameserver.dll, version : 10.0.16299.579, horodatage : 0x2a1bdeb4 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000005bf6e ID du processus défaillant : 0x4284 Heure de début de l’application défaillante : 0x01d4e3f1d3f75c24 Chemin d’accès de l’application défaillante : C:\Windows\System32\svchost.exe Chemin d’accès du module défaillant: c:\windows\system32\frameserver.dll ID de rapport : c29def23-202b-4626-87ad-bfadb3e84e5c Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante OneSafePCCleaner.exe, version : 6.9.6.1, horodatage : 0x5c9217cb Nom du module défaillant : OneSafePCCleaner.exe, version : 6.9.6.1, horodatage : 0x5c9217cb Code d’exception : 0xc0000005 Décalage d’erreur : 0x00441283 ID du processus défaillant : 0x2dbc Heure de début de l’application défaillante : 0x01d4e3f24748b8cd Chemin d’accès de l’application défaillante : E:\OneSafe PC Cleaner\OneSafePCCleaner.exe Chemin d’accès du module défaillant: E:\OneSafe PC Cleaner\OneSafePCCleaner.exe ID de rapport : eb58114c-a890-4c7e-8a61-fcd88e93a3ec Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante OSPCNotifications.exe, version : 6.9.6.1, horodatage : 0x5c921242 Nom du module défaillant : unknown, version : 0.0.0.0, horodatage : 0x00000000 Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000 ID du processus défaillant : 0x4324 Heure de début de l’application défaillante : 0x01d4e3f246d5cacd Chemin d’accès de l’application défaillante : E:\OneSafe PC Cleaner\OSPCNotifications.exe Chemin d’accès du module défaillant: unknown ID de rapport : 0c3f1e29-2394-40b8-b680-7fd94eca8967 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante unins000.exe, version : 51.1052.0.0, horodatage : 0x5b226d52 Nom du module défaillant : unins000.exe, version : 51.1052.0.0, horodatage : 0x5b226d52 Code d’exception : 0xc0000005 Décalage d’erreur : 0x001025d8 ID du processus défaillant : 0x3418 Heure de début de l’application défaillante : 0x01d4e3f216f5653f Chemin d’accès de l’application défaillante : E:\OneSafe PC Cleaner\unins000.exe Chemin d’accès du module défaillant: E:\OneSafe PC Cleaner\unins000.exe ID de rapport : aec81397-7fdf-450a-bec1-4794dc6a03a8 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante OneSafePCCleaner.exe, version : 6.9.6.1, horodatage : 0x5c9217cb Nom du module défaillant : OneSafePCCleaner.exe, version : 6.9.6.1, horodatage : 0x5c9217cb Code d’exception : 0xc0000005 Décalage d’erreur : 0x0043ea1f ID du processus défaillant : 0x3e50 Heure de début de l’application défaillante : 0x01d4e3f1cd3eff28 Chemin d’accès de l’application défaillante : E:\OneSafe PC Cleaner\OneSafePCCleaner.exe Chemin d’accès du module défaillant: E:\OneSafe PC Cleaner\OneSafePCCleaner.exe ID de rapport : b6d6aa50-665c-4189-a3ca-8f92174ee2f6 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Nom de l’application défaillante svchost.exe_FrameServer, version : 10.0.16299.15, horodatage : 0x9c786b9a Nom du module défaillant : frameserver.dll, version : 10.0.16299.579, horodatage : 0x2a1bdeb4 Code d’exception : 0xc0000005 Décalage d’erreur : 0x000000000005bf6e ID du processus défaillant : 0x2370 Heure de début de l’application défaillante : 0x01d4e3f0cb80f280 Chemin d’accès de l’application défaillante : C:\Windows\System32\svchost.exe Chemin d’accès du module défaillant: c:\windows\system32\frameserver.dll ID de rapport : 159ea964-bd3b-4fb9-af6a-80401b39cf23 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ ----------( EOF)---------- - 9305 | 19:38:00