--------------- QuickDiag | g3n-h@ckm@n | V5_27.02.19.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 28/03/2019 18:13:41 Updated 27/02/2019 | 11:10 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [EFM_UEFM_Barrow_U (Administrator)] - [DESKTOP-810DT5O] (S-1-5-21-3534096643-12334864-2903717510-1001) System: Microsoft Windows 10 Famille - - (10.0.16299) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (1709) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\Windows|\Device\Harddisk0\Partition3 Boot : Normal boot PC: Galaxy Book 12 - SAMSUNG ELECTRONICS CO., LTD. - IdNumber: 14SWR52K30000M - UUID: 5980687F-811A-184B-3137-323830144125 Processor : X64 - 2712 Mhz - Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz P04HAC.000.180220.WY.1219 - - American Megatrends Inc. - S/N: 14SWR52K30000M - P04HAC.000.180220.WY.1219 - SECCSD - 1072009 CoreTemp : 29.8 Celsius ----------| Extended ---------- | SoundDevice Realtek High Definition Audio(SST) - Status: OK - Manufacturer: Realtek - PNPDeviceID: INTELAUDIO\FUNC_01&VEN_10EC&DEV_0298&SUBSYS_144DC14F&REV_1001\4&831CEBE&0&0001 Son Intel(R) pour écrans - Status: OK - Manufacturer: Intel(R) Corporation - PNPDeviceID: INTELAUDIO\FUNC_01&VEN_8086&DEV_280B&SUBSYS_80860101&REV_1000\4&831CEBE&0&0201 ---------- | Video Intel(R) HD Graphics 620 - Resolution: 2160x1440 - Colors: 4294967296 - RefreshRate: 59 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igdumdim64.dll,C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igd10iumd64.dll,C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igd10iumd64.dll,C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igd12umd64.dll - PNPDeviceID: PCI\VEN_8086&DEV_5916&SUBSYS_C14F144D&REV_02\3&11583659&0&10 - AdapterCompatibility: Intel Corporation - RAM: 1073741824 Inegrated Video Chipset DeviceName: Intel(R) HD Graphics 620 - DriverVersion: 25.20.100.6518 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\prodad-codec.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 607256 - Manufacturer: proDAD GmbH - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42480 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25400 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 28672 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 84480 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34864 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 33296 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:62 % CPU #2 value:50 % CPU #3 value:62 % CPU #4 value:62 % Total Overall CPU Usage value:59 % ---------- | Network Qualcomm Atheros QCA61x4A Wireless Network Adapter : SENT:0 bytes/sec / RECVD:0 bytes/sec Teredo Tunneling Pseudo-Interface : SENT:0 bytes/sec / RECVD:0 bytes/sec Overall -> SEND Maxium:59 bytes/sec, / RECEIVE Maximum:0 bytes/sec Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Bluetooth Device (RFCOMM Protocol TDI) - - Microsoft - Status: - PnPID : BTH\MS_RFCOMM\6&33BA06B4&0&0 Bluetooth Device (Personal Area Network) - Ethernet 802.3 - Microsoft - Status: - PnPID : BTH\MS_BTHPAN\6&33BA06B4&0&3 Qualcomm Atheros QCA61x4A Wireless Network Adapter - Ethernet 802.3 - Qualcomm Atheros Communications Inc. - Status: - PnPID : PCI\VEN_168C&DEV_003E&SUBSYS_C14F144D&REV_32\4&2071B281&0&00E0 Microsoft Wi-Fi Direct Virtual Adapter - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&18E1F328&0&11 Generic Mobile Broadband Adapter - - - Status: - PnPID : WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_AGILEVPNMINIPORT WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_L2TPMINIPORT WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPTPMINIPORT WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPPOEMINIPORT WAN Miniport (IP) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIP WAN Miniport (IPv6) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIPV6 WAN Miniport (Network Monitor) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANBH Teredo Tunneling Pseudo-Interface - Tunnel - Microsoft - Status: - PnPID : SWD\IP_TUNNEL_VBUS\TEREDO_TUNNEL_DEVICE ---------- | Memory RAM = Total (MB) : 4094 | Free (MB) : 363 Pagefile = Total (MB) : 9937 | Free (MB) : 1834 Virtual = Total (MB) : 4194 | Free (MB) : 3845 Physical Memory 0 : Capacity: 2147483648 - ChannelA-DIMM0 - Posit.: 1 - Manufacturer: Samsung - PartNumber: K3QF3F30BM-AGCF - S/N: 55000000 Physical Memory 1 : Capacity: 2147483648 - ChannelB-DIMM0 - Posit.: 2 - Manufacturer: Samsung - PartNumber: K3QF3F30BM-AGCF - S/N: 55000000 ---------- | SID Users Administrateur : [S-1-5-21-3534096643-12334864-2903717510-500] DefaultAccount : [S-1-5-21-3534096643-12334864-2903717510-503] EFM_UEFM_Barrow_U : [S-1-5-21-3534096643-12334864-2903717510-1001] Invité : [S-1-5-21-3534096643-12334864-2903717510-501] WDAGUtilityAccount : [S-1-5-21-3534096643-12334864-2903717510-504] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives C:\ -> [Fixed] | [] | Total : 107.22 Go | Free : 9.31 Go -> NTFS (SSD) [SATA] D:\ -> [Fixed] | [root] | Total : 13.89 Go | Free : 9.56 Go -> ext4 F:\ -> [Fixed] | [SETTINGS] | Total : 0.03 Go | Free : 0.01 Go -> ext4 L:\ -> [Removable] | [128Go micro] | Total : 117.02 Go | Free : 117 Go -> exFAT [USB] U:\ -> [Fixed] | [root0] | Total : 10.86 Go | Free : 9.62 Go -> ext4 V:\ -> [Fixed] | [] | Total : 10.06 Go | Free : 9.76 Go -> ext4 X:\ -> [Fixed] | [data] | Total : 0.5 Go | Free : 0.47 Go -> ext4 Y:\ -> [Fixed] | [root-rbp2] | Total : 11.56 Go | Free : 10.7 Go -> ext4 Z:\ -> [Fixed] | [root1] | Total : 1.95 Go | Free : 0.89 Go -> ext4 Disk Usage Information [2 total Physical Disks] Physical Drive #0 [C:] : Read:1,181,632 bytes/sec, Written:1,142,244 bytes/sec Max Read:1,181,632 bytes/sec, Max Write:1,142,244 bytes/sec Physical Drive #1 [L:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:1,181,632 bytes/sec, Write Maximum:1,142,244 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 5 Part. - PnPID : SCSI\DISK&VEN_LITEON&PROD_CV3-8D128\4&1984797D&0&000100 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_STORAGE_DEVICE&REV_0903\000000000903&0 ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Test 2 : Windows Is NOT Activated Volume License ---------- | Browsers IE : 11.0.16299.371 (© Microsoft Corporation. Tous droits réservés.) Default : "C:\Program Files\Internet Explorer\iexplore.exe" ---------- | FlashPlayer FlashPlayer ActiveX : 32.0.0.156 ---------- | Security AV : Windows Defender Disabled FW : COMODO Firewall Enabled WMI : OK WU: Windows Update Service [Auto(2)] = Running AS: Windows Defender [Auto(2)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 572 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.16299.936) = C:\Windows\System32\smss.exe [15/03/2019 05:49:39] CPU Usage:0 % 804 | [Owner : Système | Parent : 796(IntelCpHDCPSvc.exe) | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.16299.15) = C:\Windows\System32\csrss.exe [29/09/2017 14:41:43] CPU Usage:0 % 900 | [Owner : Système | Parent : 796(IntelCpHDCPSvc.exe) | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.16299.15) = C:\Windows\System32\wininit.exe [29/09/2017 14:41:43] CPU Usage:0 % 944 | [Owner : Système | Parent : 892() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.16299.15) = C:\Windows\System32\csrss.exe [29/09/2017 14:41:43] CPU Usage:0 % 972 | [Owner : Système | Parent : 900(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.16299.699) = C:\Windows\System32\services.exe [15/03/2019 05:50:07] CPU Usage:0 % 980 | [Owner : Système | Parent : 900(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.16299.755) = C:\Windows\System32\lsass.exe [15/03/2019 05:49:30] CPU Usage:0 % 420 | [Owner : Système | Parent : 892() | 2.21 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.16299.696) = C:\Windows\System32\winlogon.exe [15/03/2019 05:50:05] CPU Usage:0 % 764 | [Owner : Système | Parent : 972(services.exe) | 0.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1008 | [Owner : UMFD-1 | Parent : 420(winlogon.exe) | 3.6 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.16299.1004) = C:\Windows\System32\fontdrvhost.exe [15/03/2019 05:50:24] CPU Usage:0 % 1012 | [Owner : UMFD-0 | Parent : 900(wininit.exe) | 0.47 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.16299.1004) = C:\Windows\System32\fontdrvhost.exe [15/03/2019 05:50:24] CPU Usage:0 % 1064 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 2.08 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 1144 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 0.91 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 1196 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 1.98 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 1248 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 7.98 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 1324 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 5.84 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 1452 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 0.86 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 1528 | [Owner : Système | Parent : 972(services.exe) | 14.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1596 | [Owner : SERVICE RÉSEAU | Parent : 972(services.exe) | 10.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1648 | [Owner : Système | Parent : 972(services.exe) | 4.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1740 | [Owner : DWM-1 | Parent : 420(winlogon.exe) | 110.08 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.16299.15) = C:\Windows\System32\dwm.exe [29/09/2017 14:41:41] CPU Usage:4 % 1828 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 4.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1880 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 5.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1888 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 4.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 1912 | [Owner : Système | Parent : 972(services.exe) | 3.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2028 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 6.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2036 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 9.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2020 | [Owner : Système | Parent : 972(services.exe) | 8.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2080 | [Owner : Système | Parent : 972(services.exe) | 6.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2140 | [Owner : Système | Parent : 972(services.exe) | 3.17 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2200 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 4.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2220 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 10.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2336 | [Owner : Système | Parent : 972(services.exe) | 4.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:2 % 2364 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 5.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2492 | [Owner : Système | Parent : 972(services.exe) | 4.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2500 | [Owner : Système | Parent : 972(services.exe) | 6.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2528 | [Owner : Système | Parent : 972(services.exe) | 3.18 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2612 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 5.63 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2700 | [Owner : Système | Parent : 972(services.exe) | 5.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2836 | [Owner : Système | Parent : 972(services.exe) | 3.81 Mo] - (.Code Sector - TeraCopy Service.) - (3.0.0.0) = C:\Program Files\TeraCopy\TeraCopyService.exe [15/03/2019 09:28:15] CPU Usage:0 % 2844 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 2.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 2980 | [Owner : Système | Parent : 972(services.exe) | 4.42 Mo] - (.-.) - (0.0.0.0) = C:\Windows\System32\PanelManagerSvc.exe [12/05/2017 03:42:25] CPU Usage:0 % 2988 | [Owner : Système | Parent : 972(services.exe) | 4.52 Mo] - (.- SafiService.) - (1.0.0.7) = C:\Windows\System32\DriverStore\FileRepository\safidrv.inf_amd64_0e89535d35916282\SafiService.exe [11/10/2017 03:42:25] CPU Usage:0 % 2996 | [Owner : Système | Parent : 972(services.exe) | 5.26 Mo] - (.Samsung Electronics Co.,Ltd. - Samsung Radio Control Delegation Service executable.) - (2.3.0.7) = C:\Windows\System32\RCDService.exe [13/11/2017 02:29:37] CPU Usage:0 % 3004 | [Owner : Système | Parent : 972(services.exe) | 11.53 Mo] - (.- SamsungPenService.) - (1.0.33.0) = C:\Program Files (x86)\Samsung\Air Command\SamsungPenService.exe [28/09/2017 01:42:25] CPU Usage:0 % 3044 | [Owner : Système | Parent : 972(services.exe) | 4.79 Mo] - (.Crystal Rich Ltd - USB Safely Remove assistant service.) - (6.1.5.1274) = C:\Program Files (x86)\USB Safely Remove\USBSRService.exe [26/03/2019 10:11:23] CPU Usage:0 % 3192 | [Owner : Système | Parent : 972(services.exe) | 5.51 Mo] - (.Intel Corporation - igfxCUIService Module.) - (6.15.100.6518) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igfxCUIService.exe [15/03/2019 04:58:37] CPU Usage:0 % 3228 | [Owner : SERVICE RÉSEAU | Parent : 972(services.exe) | 9.29 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3300 | [Owner : Système | Parent : 972(services.exe) | 15.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3324 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 7.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3340 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 5.77 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16299.15) = C:\Windows\System32\WUDFHost.exe [29/09/2017 14:41:51] CPU Usage:0 % 3364 | [Owner : Système | Parent : 972(services.exe) | 5.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3372 | [Owner : Système | Parent : 972(services.exe) | 5.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3664 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 8.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3680 | [Owner : Système | Parent : 972(services.exe) | 6.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3976 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 7.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4024 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 13.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4076 | [Owner : Système | Parent : 972(services.exe) | 8.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3648 | [Owner : SERVICE RÉSEAU | Parent : 972(services.exe) | 7.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4164 | [Owner : Système | Parent : 972(services.exe) | 12.55 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4248 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 4.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4260 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 5.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4368 | [Owner : Système | Parent : 972(services.exe) | 9.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4452 | [Owner : Système | Parent : 972(services.exe) | ?????] - (.AVAST Software - Avast Service.) - (19.3.4241.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe [15/03/2019 05:28:52] CPU Usage:19 % 4468 | [Owner : Système | Parent : 972(services.exe) | 11.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4556 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 10.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4648 | [Owner : Système | Parent : 972(services.exe) | 10.66 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.16299.371) = C:\Windows\System32\spoolsv.exe [15/03/2019 05:50:03] CPU Usage:0 % 5024 | [Owner : SERVICE RÉSEAU | Parent : 972(services.exe) | 6.83 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 3744 | [Owner : Système | Parent : 972(services.exe) | 5.39 Mo] - (.Windows (R) Win 7 DDK provider - Windows Setup API.) - (10.0.10011.16384) = C:\Windows\System32\drivers\AdminService.exe [08/11/2017 20:32:08] CPU Usage:0 % 4348 | [Owner : Système | Parent : 972(services.exe) | 36.81 Mo] - (.-.) - (12.6.1005.11662) = C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareService.exe [13/02/2019 01:16:24] CPU Usage:0 % 4604 | [Owner : Système | Parent : 972(services.exe) | 7.19 Mo] - (.-.) - (0.0.0.0) = C:\Program Files\abylonsoft\SAKeySafe\SATCtrlSerX64.EXE [21/03/2019 11:01:18] CPU Usage:0 % 4664 | [Owner : Système | Parent : 972(services.exe) | 6.27 Mo] - (.Hasleo Software - Hasleo BitLocker Anywhere Service Application..) - (1.0.0.1) = C:\Program Files\Hasleo\BitLocker Anywhere\bin\BitlockerAnywhereService.exe [15/03/2019 09:12:46] CPU Usage:0 % 704 | [Owner : Système | Parent : 972(services.exe) | 5.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 796 | [Owner : Système | Parent : 972(services.exe) | 5.09 Mo] - (.Intel Corporation - Intel HD Graphics Drivers for Windows(R).) - (25.20.100.6518) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\IntelCpHDCPSvc.exe [15/03/2019 04:58:39] CPU Usage:0 % 4980 | [Owner : SERVICE RÉSEAU | Parent : 972(services.exe) | 12.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5004 | [Owner : Système | Parent : 972(services.exe) | 17.89 Mo] - (.COMODO - COMODO Internet Security.) - (11.0.0.6802) = C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [04/03/2019 22:39:28] CPU Usage:0 % 5136 | [Owner : Système | Parent : 972(services.exe) | 22.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5168 | [Owner : Système | Parent : 972(services.exe) | 12.7 Mo] - (.COMODO - COMODO Secure Shopping.) - (1.3.50284.151) = C:\Program Files (x86)\Comodo\COMODO Secure Shopping\csssrv64.exe [15/02/2019 05:48:30] CPU Usage:0 % 5176 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 15.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5184 | [Owner : Système | Parent : 972(services.exe) | 6.59 Mo] - (.Digital Wave Ltd. - Digital Wave Update Service.) - (1.0.145.124) = C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [15/03/2019 11:53:39] CPU Usage:0 % 5196 | [Owner : Système | Parent : 972(services.exe) | 7.91 Mo] - (.Comodo - Comodo Dragon.) - (1.0.0.1) = C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [08/03/2019 08:18:58] CPU Usage:0 % 5252 | [Owner : Système | Parent : 972(services.exe) | 4.19 Mo] - (.Samsung Electronics - GripResetService.) - (1.0.0.6) = C:\Windows\System32\GripResetService.exe [07/12/2017 07:05:17] CPU Usage:0 % 5260 | [Owner : Système | Parent : 972(services.exe) | 4.74 Mo] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Framework.) - (8.5.10103.7263) = C:\Windows\System32\Intel\DPTF\esif_uf.exe [12/01/2017 04:00:30] CPU Usage:0 % 5320 | [Owner : Système | Parent : 972(services.exe) | 4.2 Mo] - (.NewSoftwares.net - Service Application.) - (7.7.1.0) = C:\Windows\SysWOW64\WinFLService.exe [15/03/2019 07:34:12] CPU Usage:0 % 5332 | [Owner : Système | Parent : 972(services.exe) | 5.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5404 | [Owner : Système | Parent : 972(services.exe) | 5.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5444 | [Owner : Système | Parent : 972(services.exe) | 8.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5452 | [Owner : Système | Parent : 972(services.exe) | 6.61 Mo] - (.COMODO - Internet Security Essentials.) - (1.5.4695.175) = C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe [20/03/2019 13:00:42] CPU Usage:0 % 5536 | [Owner : Système | Parent : 972(services.exe) | 4.67 Mo] - (.Steganos Software GmbH - OkayFreedom.) - (1.8.6.12490) = C:\Program Files (x86)\OkayFreedom\OkayFreedomService.exe [05/03/2019 10:04:58] CPU Usage:0 % 5580 | [Owner : Système | Parent : 972(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5748 | [Owner : Système | Parent : 972(services.exe) | 18.16 Mo] - (.- RemoBackupSVC.) - (1.0.0.0) = C:\Program Files\Remo Backup\RemoBackupSVC.exe [15/03/2019 19:43:12] CPU Usage:0 % 5756 | [Owner : Système | Parent : 972(services.exe) | 17.18 Mo] - (.- RemoBackupSync.) - (1.0.0.0) = C:\Program Files\Remo Backup\RemoBackupSync.exe [15/03/2019 19:43:12] CPU Usage:0 % 5764 | [Owner : Système | Parent : 972(services.exe) | 21.75 Mo] - (.- RemoBackUpOBM.) - (1.0.0.0) = C:\Program Files\Remo Backup\RemoBackUpOBM.exe [15/03/2019 19:43:12] CPU Usage:0 % 5772 | [Owner : Système | Parent : 972(services.exe) | 11.46 Mo] - (.Paragon Software - Linux File Systems for Windows by Paragon Software service.) - (5.1.0.0) = C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\paragon_service.exe [09/04/2018 18:50:56] CPU Usage:0 % 5792 | [Owner : Système | Parent : 972(services.exe) | 5.83 Mo] - (.Remo Software - rsgmpsp.exe.) - (1.0.0.3) = C:\ProgramData\RSG\rsgmpsp.exe [16/03/2019 15:34:24] CPU Usage:0 % 5808 | [Owner : Système | Parent : 972(services.exe) | 13.15 Mo] - (.Samsung Electronics Co., Ltd. - SamsungSystemService.) - (1.0.48.0) = C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemService.exe [29/08/2017 06:42:22] CPU Usage:0 % 5820 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 5.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5844 | [Owner : Système | Parent : 972(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.12.16299.309) = C:\Windows\System32\SecurityHealthService.exe [15/03/2019 05:49:52] CPU Usage:0 % 5952 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 7.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5996 | [Owner : Système | Parent : 972(services.exe) | 4.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6024 | [Owner : Système | Parent : 972(services.exe) | 6.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6124 | [Owner : Système | Parent : 972(services.exe) | 14.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4296 | [Owner : Système | Parent : 972(services.exe) | 3.39 Mo] - (.Copyright 2018. - Advanced Malware Protection.) - (2.74.0.664) = C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe [15/03/2019 09:28:32] CPU Usage:0 % 6376 | [Owner : Système | Parent : 972(services.exe) | 8.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 6488 | [Owner : SERVICE RÉSEAU | Parent : 972(services.exe) | 2.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 7060 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 1.62 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 7852 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 5.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 8104 | [Owner : Système | Parent : 972(services.exe) | 1.38 Mo] - (.Intel Corporation - IntelCpHeciSvc Executable.) - (9.1.1.1117) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\IntelCpHeciSvc.exe [15/03/2019 04:58:40] CPU Usage:0 % 8336 | [Owner : Système | Parent : 972(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 9188 | [Owner : Système | Parent : 1528(svchost.exe) | 6.65 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.16299.248) = C:\Windows\System32\wbem\WmiPrvSE.exe [15/03/2019 05:49:05] CPU Usage:0 % 6460 | [Owner : EFM_UEFM_Barrow_U | Parent : 5260(esif_uf.exe) | 2.22 Mo] - (.Intel Corporation - Intel(R) Dynamic Platform and Thermal Framework Utility Application.) - (8.5.10103.7263) = C:\Windows\System32\Intel\DPTF\dptf_helper.exe [15/03/2019 04:50:25] CPU Usage:0 % 3840 | [Owner : EFM_UEFM_Barrow_U | Parent : 2980(PanelManagerSvc.exe) | 22.9 Mo] - (.- PanelManager.) - (1.0.9.0) = C:\Program Files\Samsung\PanelManager\PanelManager.exe [12/05/2017 03:42:25] CPU Usage:0 % 3560 | [Owner : EFM_UEFM_Barrow_U | Parent : 972(services.exe) | 5.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 8148 | [Owner : EFM_UEFM_Barrow_U | Parent : 2988(SafiService.exe) | 7.7 Mo] - (.- SafiAgent.) - (1.0.0.7) = C:\Windows\System32\DriverStore\FileRepository\safidrv.inf_amd64_0e89535d35916282\SafiAgent.exe [11/10/2017 03:42:24] CPU Usage:0 % 7816 | [Owner : EFM_UEFM_Barrow_U | Parent : 5808(SamsungSystemService.exe) | 5.98 Mo] - (.Samsung Electronics Co., Ltd. - SamsungSystemAgent.) - (1.0.48.0) = C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemAgent.exe [29/08/2017 06:42:18] CPU Usage:0 % 3420 | [Owner : EFM_UEFM_Barrow_U | Parent : 2500(svchost.exe) | 22.62 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.16299.15) = C:\Windows\System32\sihost.exe [29/09/2017 14:41:31] CPU Usage:0 % 10192 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 5.99 Mo] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.8833) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe [10/10/2017 17:44:45] CPU Usage:0 % 10216 | [Owner : Système | Parent : 972(services.exe) | 7.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5036 | [Owner : EFM_UEFM_Barrow_U | Parent : 972(services.exe) | 18.94 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5212 | [Owner : EFM_UEFM_Barrow_U | Parent : 1528(svchost.exe) | 4.13 Mo] - (.Intel Corporation - igfxext Module.) - (6.15.100.6518) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igfxext.exe [15/03/2019 04:58:38] CPU Usage:0 % 5460 | [Owner : EFM_UEFM_Barrow_U | Parent : 2020(svchost.exe) | 10.58 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.16299.15) = C:\Windows\System32\taskhostw.exe [29/09/2017 14:42:01] CPU Usage:0 % 6032 | [Owner : EFM_UEFM_Barrow_U | Parent : 2020(svchost.exe) | 1.26 Mo] - (.Paragon Software - Graphic user interface for Linux File Systems for Windows by Paragon Software mounter.) - (5.1.0.0) = C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\Linux File Systems for Windows by Paragon Software.exe [09/04/2018 18:53:30] CPU Usage:0 % 10304 | [Owner : EFM_UEFM_Barrow_U | Parent : 3192(igfxCUIService.exe) | 4.94 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.100.6518) = C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igfxEM.exe [15/03/2019 04:58:38] CPU Usage:0 % 10476 | [Owner : EFM_UEFM_Barrow_U | Parent : 10384() | 64.21 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.16299.637) = C:\Windows\explorer.exe [15/03/2019 05:50:30] CPU Usage:0 % 10564 | [Owner : Système | Parent : 972(services.exe) | 10.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 10712 | [Owner : Système | Parent : 972(services.exe) | 3.85 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 10744 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 2.19 Mo] - (.Microsoft Corporation - Run Once Wrapper.) - (10.0.16299.15) = C:\Windows\System32\runonce.exe [29/09/2017 14:41:47] CPU Usage:0 % 11096 | [Owner : EFM_UEFM_Barrow_U | Parent : 1528(svchost.exe) | 18.25 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.16299.15) = C:\Windows\System32\dllhost.exe [29/09/2017 14:41:43] CPU Usage:0 % 11188 | [Owner : EFM_UEFM_Barrow_U | Parent : 1528(svchost.exe) | 7.04 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.16299.1004) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [15/03/2019 05:50:13] CPU Usage:0 % 11008 | [Owner : EFM_UEFM_Barrow_U | Parent : 10744(runonce.exe) | 6.12 Mo] - (.Microsoft Corporation - Bloc-notes.) - (10.0.16299.15) = C:\Windows\System32\notepad.exe [29/09/2017 14:41:56] CPU Usage:0 % 11540 | [Owner : EFM_UEFM_Barrow_U | Parent : 1528(svchost.exe) | 0.94 Mo] - (.-.) - (8.41.0.54) = C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.41.54.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe [15/03/2019 00:31:21] CPU Usage:0 % 11808 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 7.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 11828 | [Owner : EFM_UEFM_Barrow_U | Parent : 2492(svchost.exe) | 7.12 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.16299.15) = C:\Windows\System32\ctfmon.exe [29/09/2017 14:42:00] CPU Usage:0 % 11836 | [Owner : EFM_UEFM_Barrow_U | Parent : 2492(svchost.exe) | 6.24 Mo] - (.Microsoft Corporation - Clavier tactile et volet d’écriture manuscrite.) - (10.0.16299.755) = C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [15/03/2019 05:50:30] CPU Usage:0 % 11932 | [Owner : EFM_UEFM_Barrow_U | Parent : 11836(TabTip.exe) | 0.76 Mo] - (.Microsoft Corporation - Touch Keyboard and Handwriting Panel Helper.) - (10.0.16299.15) = C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe [29/09/2017 14:42:31] CPU Usage:0 % 3444 | [Owner : EFM_UEFM_Barrow_U | Parent : 2020(svchost.exe) | 0.26 Mo] - (.CyberLink Corp. - PDStyleAgent.) - (1.0.0.507) = C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe [23/03/2019 04:50:56] CPU Usage:0 % 12372 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 3.07 Mo] - (.Microsoft Corporation - Windows Defender notification icon.) - (4.12.16299.15) = C:\Program Files\Windows Defender\MSASCuiL.exe [29/09/2017 14:41:19] CPU Usage:0 % 12596 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 3.65 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.1129) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [07/12/2017 06:47:14] CPU Usage:0 % 13008 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 2.26 Mo] - (.Samsung Electronics Co., Ltd. - Samsung OSD.) - (1.0.11.0) = C:\Program Files\Samsung\SamsungOSD\OSD.exe [02/02/2017 07:06:55] CPU Usage:0 % 13148 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 14.25 Mo] - (.-.) - (12.6.1005.11662) = C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareTray.exe [13/02/2019 01:19:50] CPU Usage:0 % 13184 | [Owner : EFM_UEFM_Barrow_U | Parent : 12848() | 3.63 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.9) = C:\Program Files\Realtek\Audio\HDA\EP64.exe [07/12/2017 06:47:14] CPU Usage:0 % 2536 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 39.59 Mo] - (.Copyright 2018. - Advanced Malware Protection.) - (2.74.0.664) = C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe [15/03/2019 09:28:32] CPU Usage:0 % 11412 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 7.96 Mo] - (.Crystal Rich Ltd - USB Safely Remove - an enhanced replacement for Windows safe removal tool.) - (6.1.5.1274) = C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe [26/03/2019 10:11:23] CPU Usage:0 % 11352 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 2.27 Mo] - (.RoseCitySoftware - Registry First Aid Agent.) - (11.3.0.2581) = C:\Program Files\RFA 11\rfagent64.exe [28/03/2019 12:45:13] CPU Usage:0 % 10620 | [Owner : EFM_UEFM_Barrow_U | Parent : 5808(SamsungSystemService.exe) | 10.82 Mo] - (.Samsung Electronics Co., Ltd. - SamsungSystemManager.) - (1.0.48.0) = C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemManager.exe [29/08/2017 06:42:20] CPU Usage:0 % 9928 | [Owner : EFM_UEFM_Barrow_U | Parent : 2020(svchost.exe) | 1.17 Mo] - (.Samsung Electronics Co., Ltd. - Show Window.) - (1.0.0.30) = C:\Program Files (x86)\Show Window\Show Window.exe [10/11/2017 06:45:30] CPU Usage:0 % 12188 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 2.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 11344 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 3.09 Mo] - (.NewSoftwares.net - Folder Lock.) - (7.7.1.0) = C:\Windows\SysWOW64\WinFLTray.exe [15/03/2019 07:34:08] CPU Usage:0 % 13280 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 2.27 Mo] - (.NewSoftwares.net -.) - (7.6.8.0) = C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [15/03/2019 07:34:21] CPU Usage:0 % 10072 | [Owner : EFM_UEFM_Barrow_U | Parent : 1528(svchost.exe) | 2.92 Mo] - (.NewSoftwares.net -.) - (7.6.5.0) = C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServ.exe [15/03/2019 07:34:16] CPU Usage:0 % 13244 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 9.3 Mo] - (.Digital Wave Ltd - Video Notifier.) - (1.0.53.124) = C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [15/03/2019 11:53:40] CPU Usage:0 % 11684 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 7.62 Mo] - (.-.) - (0.0.0.0) = C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe [17/03/2019 20:01:48] CPU Usage:0 % 10128 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 7.95 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\Clipdiary\Clipdiary.exe [17/08/2018 08:33:38] CPU Usage:0 % 13844 | [Owner : EFM_UEFM_Barrow_U | Parent : 13556() | 9.06 Mo] - (.COMODO - Internet Security Essentials.) - (1.5.4695.175) = C:\Program Files (x86)\Comodo\Internet Security Essentials\vkise.exe [20/03/2019 13:00:44] CPU Usage:0 % 14056 | [Owner : EFM_UEFM_Barrow_U | Parent : 13556() | 3.83 Mo] - (.CyberLink Corp. - CyberLink Application Manager.) - (1.3.1318.0) = C:\Program Files (x86)\CyberLink\AppManager\CAMTray.exe [26/03/2019 16:50:23] CPU Usage:0 % 14200 | [Owner : EFM_UEFM_Barrow_U | Parent : 13556() | 12.2 Mo] - (.Babylon Software Ltd. - Babylon Information Tool.) - (11.0.1.0) = C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe [26/03/2019 17:09:12] CPU Usage:0 % 13536 | [Owner : EFM_UEFM_Barrow_U | Parent : 8460() | 2.11 Mo] - (.Microsoft Corporation - Console Window Host.) - (10.0.16299.15) = C:\Windows\System32\conhost.exe [29/09/2017 14:41:45] CPU Usage:0 % 13820 | [Owner : EFM_UEFM_Barrow_U | Parent : 8460() | 0.02 Mo] - (.Microsoft Corporation - Commande TCP/IP Netstat.) - (10.0.16299.15) = C:\Windows\SysWOW64\NETSTAT.EXE [29/09/2017 14:42:13] CPU Usage:0 % 1784 | [Owner : EFM_UEFM_Barrow_U | Parent : 13648() | 28.78 Mo] - (.AVAST Software - Avast Antivirus.) - (19.3.4241.504) = C:\Program Files\AVAST Software\Avast\AvastUI.exe [26/03/2019 13:31:20] CPU Usage:0 % 13868 | [Owner : EFM_UEFM_Barrow_U | Parent : 13556() | 2.76 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe [04/07/2010 20:51:26] CPU Usage:0 % 13860 | [Owner : Système | Parent : 972(services.exe) | 2.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 14024 | [Owner : SERVICE RÉSEAU | Parent : 972(services.exe) | 9.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 13804 | [Owner : EFM_UEFM_Barrow_U | Parent : 1528(svchost.exe) | 2.18 Mo] - (.Babylon Software Ltd. - Babylon Support for 64-bit OS.) - (11.0.1.0) = C:\Program Files\Babylon\Babylon-Pro\BabylonHelper64.exe [26/03/2019 17:09:26] CPU Usage:0 % 11196 | [Owner : Système | Parent : 972(services.exe) | 1.4 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (11.7.0.1052) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [26/10/2017 09:12:08] CPU Usage:0 % 14356 | [Owner : EFM_UEFM_Barrow_U | Parent : 2020(svchost.exe) | 0.4 Mo] - (.- RBLauncher.) - (1.0.0.0) = C:\Program Files\Remo Backup\RBLauncher.exe [15/03/2019 19:43:12] CPU Usage:0 % 14372 | [Owner : EFM_UEFM_Barrow_U | Parent : 2020(svchost.exe) | 0.54 Mo] - (.Samsung Electronics Co., Ltd. - S Agent.) - (1.1.5.8) = C:\Program Files\Samsung\S Agent\CommonAgent.exe [23/02/2016 16:40:18] CPU Usage:0 % 14712 | [Owner : Système | Parent : 972(services.exe) | 1.92 Mo] - (.Microsoft Corporation - sedsvc.) - (10.0.17134.10024) = C:\Program Files\rempl\sedsvc.exe [16/03/2019 10:06:48] CPU Usage:0 % 14832 | [Owner : Système | Parent : 972(services.exe) | 1.1 Mo] - (.Samsung Electronics Co., Ltd. - WLAN SAR Service.) - (1.0.0.7) = C:\Windows\System32\WlSarService.exe [19/05/2017 08:38:06] CPU Usage:0 % 14924 | [Owner : EFM_UEFM_Barrow_U | Parent : 972(services.exe) | 1.25 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 15124 | [Owner : EFM_UEFM_Barrow_U | Parent : 5356() | 14.13 Mo] - (.IObit - UninstallerMonitor.) - (8.4.0.2) = C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe [21/03/2019 10:31:46] CPU Usage:0 % 15108 | [Owner : Système | Parent : 2020(svchost.exe) | 1.95 Mo] - (.Microsoft Corporation - sedlauncher.) - (10.0.17134.10024) = C:\Program Files\rempl\sedlauncher.exe [16/03/2019 10:05:50] CPU Usage:0 % 13436 | [Owner : Système | Parent : 15108(sedlauncher.exe) | 0.9 Mo] - (.Microsoft Corporation - Console Window Host.) - (10.0.16299.15) = C:\Windows\System32\conhost.exe [29/09/2017 14:41:45] CPU Usage:0 % 13808 | [Owner : Système | Parent : 972(services.exe) | 5.82 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 4172 | [Owner : Système | Parent : 972(services.exe) | 6.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 9544 | [Owner : EFM_UEFM_Barrow_U | Parent : 15084() | 14.32 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (19.33.218.11) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft\OneDrive\OneDrive.exe [14/03/2019 22:42:30] CPU Usage:0 % 7824 | [Owner : Système | Parent : 972(services.exe) | 3.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 5204 | [Owner : Système | Parent : 972(services.exe) | 9.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:2 % 732 | [Owner : EFM_UEFM_Barrow_U | Parent : 5792(rsgmpsp.exe) | 4.9 Mo] - (.Remo Software - rsgpsrsdk.exe.) - (1.0.0.3) = C:\ProgramData\RSG\rsgpsrsdk.exe [16/03/2019 15:34:24] CPU Usage:0 % 14072 | [Owner : EFM_UEFM_Barrow_U | Parent : 1528(svchost.exe) | 17.01 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.16299.15) = C:\Windows\System32\ApplicationFrameHost.exe [29/09/2017 14:41:37] CPU Usage:0 % 11388 | [Owner : EFM_UEFM_Barrow_U | Parent : 1528(svchost.exe) | 4.07 Mo] - (.Microsoft Corporation - Store.) - (11811.1001.18.0) = C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe [14/03/2019 23:16:35] CPU Usage:0 % 2764 | [Owner : EFM_UEFM_Barrow_U | Parent : 1528(svchost.exe) | 6.7 Mo] - (.Microsoft Corporation - Paramètres.) - (10.0.16299.15) = C:\Windows\ImmersiveControlPanel\SystemSettings.exe [29/09/2017 14:43:11] CPU Usage:0 % 5424 | [Owner : EFM_UEFM_Barrow_U | Parent : 1528(svchost.exe) | 16.69 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16299.15) = C:\Windows\System32\RuntimeBroker.exe [29/09/2017 14:41:25] CPU Usage:0 % 15064 | [Owner : EFM_UEFM_Barrow_U | Parent : 1528(svchost.exe) | 5.73 Mo] - (.-.) - (10.19021.1041.0) = C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19021.10411.0_x64__8wekyb3d8bbwe\Video.UI.exe [14/03/2019 23:25:37] CPU Usage:0 % 3460 | [Owner : EFM_UEFM_Barrow_U | Parent : 14380() | 142.1 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:4 % 1748 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 3.41 Mo] - (.Opera Software - Opera crash-reporter.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera_crashreporter.exe [26/03/2019 00:32:56] CPU Usage:0 % 940 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 209.48 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 12988 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 11.6 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 8888 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 26.94 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 15364 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 38.82 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 15372 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 6.75 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 15412 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 20.2 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 15940 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 76.52 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 16280 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 35.07 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 3968 | [Owner : Système | Parent : 972(services.exe) | 8.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 16308 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 39.48 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 7344 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 13.44 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 7068 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 41.3 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 10580 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 19.52 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 16144 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 120.87 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 16120 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 6.83 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 824 | [Owner : EFM_UEFM_Barrow_U | Parent : 15988() | 3.88 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\Apowersoft\ApowerManager\ApowersoftAndroidDaemon.exe [23/03/2019 09:19:24] CPU Usage:0 % 5852 | [Owner : EFM_UEFM_Barrow_U | Parent : 1528(svchost.exe) | 104.26 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.16299.637) = C:\Windows\explorer.exe [15/03/2019 05:50:30] CPU Usage:0 % 1384 | [Owner : EFM_UEFM_Barrow_U | Parent : 3380() | 15.21 Mo] - (.AOMEI Technology Co., Ltd. - AOMEI Partition Assistant.) - (8.1.0.0) = C:\Program Files (x86)\AOMEI Partition Assistant\PartAssist.exe [28/03/2019 16:55:48] CPU Usage:2 % 12564 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 24.62 Mo] - (.Paragon Software GmbH - A part of Paragon System Utilities.) - (16.23.0.3339) = C:\Program Files\Paragon Software\Hard Disk Manager 16 Basic\program\advlauncher.exe [09/08/2018 14:07:06] CPU Usage:0 % 2824 | [Owner : EFM_UEFM_Barrow_U | Parent : 12564(advlauncher.exe) | 5.28 Mo] - (.The Qt Company Ltd. - Qt Qtwebengineprocess.) - (5.10.1.0) = C:\Program Files\Paragon Software\Hard Disk Manager 16 Basic\program\QtWebEngineProcess.exe [09/02/2018 20:39:56] CPU Usage:0 % 13472 | [Owner : EFM_UEFM_Barrow_U | Parent : 10476(explorer.exe) | 11.91 Mo] - (.Microsoft Corporation - Outil Capture d’écran.) - (10.0.16299.15) = C:\Windows\System32\SnippingTool.exe [29/09/2017 14:42:30] CPU Usage:0 % 7960 | [Owner : Système | Parent : 1528(svchost.exe) | 11.84 Mo] - (.COMODO - COMODO Internet Security.) - (11.0.0.6802) = C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe [04/03/2019 22:31:52] CPU Usage:0 % 14152 | [Owner : EFM_UEFM_Barrow_U | Parent : 7152() | 10.58 Mo] - (.PC Helpsoft - PC Cleaner automatic scan and notifications.) - (6.9.6.1) = L:\PC Cleaner\PCCNotifications.exe [28/03/2019 17:08:10] CPU Usage:0 % 15876 | [Owner : EFM_UEFM_Barrow_U | Parent : 7152() | 17.9 Mo] - (.PC Helpsoft - PC Cleaner.) - (6.9.6.1) = L:\PC Cleaner\PCCleaner.exe [28/03/2019 17:08:08] CPU Usage:0 % 10352 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 29.88 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 2456 | [Owner : EFM_UEFM_Barrow_U | Parent : 5852(explorer.exe) | 4.29 Mo] - (.Solvusoft - WinThruster Setup .) - (1.5.6.178) = C:\Users\EFM_UEFM_Barrow_U\Documents\Setup_WinThruster_2019.exe [28/03/2019 17:09:40] CPU Usage:0 % 11764 | [Owner : EFM_UEFM_Barrow_U | Parent : 2456(Setup_WinThruster_2019.exe) | 8.18 Mo] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\EFM_UE~1\AppData\Local\Temp\is-MJTBA.tmp\Setup_WinThruster_2019.tmp [28/03/2019 17:24:04] CPU Usage:0 % 1752 | [Owner : EFM_UEFM_Barrow_U | Parent : 11764(Setup_WinThruster_2019.tmp) | 4.32 Mo] - (.Solvusoft - WinThruster Setup .) - (1.5.6.178) = C:\Users\EFM_UEFM_Barrow_U\Documents\Setup_WinThruster_2019.exe [28/03/2019 17:09:40] CPU Usage:0 % 4872 | [Owner : EFM_UEFM_Barrow_U | Parent : 1752(Setup_WinThruster_2019.exe) | 9.76 Mo] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\EFM_UE~1\AppData\Local\Temp\is-QV0AN.tmp\Setup_WinThruster_2019.tmp [28/03/2019 17:24:08] CPU Usage:0 % 3748 | [Owner : EFM_UEFM_Barrow_U | Parent : 5852(explorer.exe) | 4.9 Mo] - (.Avanquest Software - OneSafe PC Cleaner .) - (6.9.6.1) = C:\Users\EFM_UEFM_Barrow_U\Documents\OneSafe_PC_Cleaner.exe [28/03/2019 17:03:32] CPU Usage:0 % 12472 | [Owner : EFM_UEFM_Barrow_U | Parent : 3748(OneSafe_PC_Cleaner.exe) | 13.45 Mo] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\EFM_UE~1\AppData\Local\Temp\is-O7MTD.tmp\OneSafe_PC_Cleaner.tmp [28/03/2019 17:25:08] CPU Usage:0 % 7280 | [Owner : EFM_UEFM_Barrow_U | Parent : 12472(OneSafe_PC_Cleaner.tmp) | 6.77 Mo] - (.Avanquest Software - OneSafe PC Cleaner .) - (6.9.6.1) = C:\Users\EFM_UEFM_Barrow_U\Documents\OneSafe_PC_Cleaner.exe [28/03/2019 17:03:32] CPU Usage:0 % 11320 | [Owner : EFM_UEFM_Barrow_U | Parent : 7280(OneSafe_PC_Cleaner.exe) | 6.53 Mo] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\EFM_UE~1\AppData\Local\Temp\is-FFOBT.tmp\OneSafe_PC_Cleaner.tmp [28/03/2019 17:25:11] CPU Usage:0 % 16080 | [Owner : EFM_UEFM_Barrow_U | Parent : 5852(explorer.exe) | 14.41 Mo] - (.Microsoft Corporation - Bloc-notes.) - (10.0.16299.15) = C:\Windows\System32\notepad.exe [29/09/2017 14:41:56] CPU Usage:0 % 11124 | [Owner : EFM_UEFM_Barrow_U | Parent : 4244() | 3.86 Mo] - (.Moo0 - Image Viewer.) - (1.0.0.1) = C:\Program Files (x86)\Moo0\ImageViewer SP 1.80\ImageViewer.exe [22/03/2019 18:39:32] CPU Usage:0 % 16004 | [Owner : EFM_UEFM_Barrow_U | Parent : 1528(svchost.exe) | 37.58 Mo] - (.-.) - (2019.19021.18010.0) = C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe [27/03/2019 18:54:12] CPU Usage:0 % 1660 | [Owner : SERVICE LOCAL | Parent : 4024(svchost.exe) | 16.93 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.16299.1004) = C:\Windows\System32\audiodg.exe [15/03/2019 05:51:22] CPU Usage:8 % 208 | [Owner : Système | Parent : 972(services.exe) | 3.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:0 % 8580 | [Owner : Système | Parent : 972(services.exe) | 18.97 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.16299.785) = C:\Windows\System32\SearchIndexer.exe [15/03/2019 05:50:10] CPU Usage:0 % 9196 | [Owner : Système | Parent : 972(services.exe) | 4.16 Mo] - (.TechSmith Corporation - TechSmith Uploader Service.) - (5.0.6.303) = C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [14/09/2015 14:51:48] CPU Usage:0 % 12360 | [Owner : EFM_UEFM_Barrow_U | Parent : 13068() | 198.15 Mo] - (.TechSmith Corporation - Snagit.) - (19.1.1.2860) = C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe [11/02/2019 12:34:46] CPU Usage:17 % 6908 | [Owner : EFM_UEFM_Barrow_U | Parent : 12360(Snagit32.exe) | 3.46 Mo] - (.TechSmith Corporation - Snagit RPC Helper.) - (19.1.1.2860) = C:\Program Files\TechSmith\Snagit 2019\SnagPriv.exe [11/02/2019 12:34:46] CPU Usage:0 % 15984 | [Owner : EFM_UEFM_Barrow_U | Parent : 12360(Snagit32.exe) | 69.06 Mo] - (.TechSmith Corporation - Snagit Editor.) - (19.1.1.2860) = C:\Program Files\TechSmith\Snagit 2019\SnagitEditor.exe [11/02/2019 12:34:46] CPU Usage:0 % 11092 | [Owner : SERVICE LOCAL | Parent : 972(services.exe) | 37.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16299.15) = C:\Windows\System32\svchost.exe [29/09/2017 14:41:43] CPU Usage:2 % 4704 | [Owner : EFM_UEFM_Barrow_U | Parent : 2020(svchost.exe) | 15.36 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.16299.15) = C:\Windows\System32\taskhostw.exe [29/09/2017 14:42:01] CPU Usage:0 % 7240 | [Owner : EFM_UEFM_Barrow_U | Parent : 5464() | 26.52 Mo] - (.Microsoft Corporation - Paint.) - (10.0.16299.248) = C:\Windows\System32\mspaint.exe [15/03/2019 05:49:39] CPU Usage:0 % 12448 | [Owner : EFM_UEFM_Barrow_U | Parent : 8936() | 33.75 Mo] - (.Microsoft Corporation - Bloc-notes.) - (10.0.16299.15) = C:\Windows\System32\notepad.exe [29/09/2017 14:41:56] CPU Usage:0 % 16096 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 205.54 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 11916 | [Owner : EFM_UEFM_Barrow_U | Parent : 3460(opera.exe) | 90.75 Mo] - (.Opera Software - Opera Internet Browser.) - (58.0.3135.118) = C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe [26/03/2019 00:32:54] CPU Usage:0 % 1184 | [Owner : EFM_UEFM_Barrow_U | Parent : 1528(svchost.exe) | 39.1 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.16299.1004) = C:\Windows\System32\smartscreen.exe [15/03/2019 05:50:11] CPU Usage:0 % 7296 | [Owner : EFM_UEFM_Barrow_U | Parent : 5852(explorer.exe) | 62.11 Mo] - (.SosVirus - QuickDiag.) - (27.2.19.1) = C:\Program Files (x86)\QuickDiag\quickdiag_V5_27.02.19.1.exe [15/03/2019 19:24:07] CPU Usage:0 % 12260 | [Owner : SERVICE RÉSEAU | Parent : 1528(svchost.exe) | 12.1 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.16299.248) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [15/03/2019 05:48:57] CPU Usage:0 % ---------- | Locked Applications ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (.AVAST Software.-.Hook Library.) - (19.3.4.2057) -- C:\Program Files\AVAST Software\Avast\aswhook.dll (.Zemana Ltd..-.Zemana AntiLogger Free.) - (1.8.2.328) -- C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL (.COMODO.-.COMODO Internet Security.) - (11.0.0.6802) -- C:\Windows\system32\guard64.dll (.COMODO.-.COMODO Secure Shopping.) - (1.3.50284.151) -- C:\Windows\system32\cssguard64.dll (..-..) - (0.0.0.0) -- C:\Windows\SYSTEM32\inputhost.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (25.20.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igd10iumd64.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (25.20.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igdgmm64.dll (.Intel Corporation.-.Intel Graphics Shader Compiler for Intel(R) Graphics Accelerator.) - (25.20.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igc64.dll (.AVAST Software.-.Avast Shell Extension.) - (19.3.4241.0) -- C:\Program Files\AVAST Software\Avast\ashShell.dll (.Remo Software.-.Remo File Eraser.) - (2.0.0.46) -- C:\Program Files (x86)\Remo File Eraser 2.0\64\rsh64.dll (.AVAST Software.-.Avast AAVM Remote Procedure Call Library.) - (19.3.4241.0) -- C:\Program Files\AVAST Software\Avast\AavmRpch.dll ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (.IObit.-.Uninstall for explorer.) - (1.0.7.16) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll (.Moo0.-.Moo0 Shell Extension Bridge.) - (1.0.0.1) -- C:\Windows\System32\ShellExtBridge\ShellExtBridge119.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.70.0.0) -- C:\Program Files\WinRAR\rarext.dll (.IObit.-.IUMenuRightExtension.) - (1.2.0.2) -- C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll (..-..) - (1.0.0.0) -- C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll (..-..) - (0.0.0.0) -- C:\PROGRA~1\TeraCopy\TERACO~2.DLL (..-..) - (1.0.0.0) -- C:\PROGRA~1\LOARIS~1\shellext.dll (.ProtectStar(TM), Inc..-.iShredder Shell Extension.) - (7.0.1807.0) -- C:\Program Files (x86)\ProtectStar\DataShredder\DataShredderShellExt64.dll (.COMODO.-.COMODO Internet Security.) - (11.0.0.6802) -- C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll (.COMODO.-.COMODO Internet Security.) - (11.0.0.6802) -- C:\Program Files\COMODO\COMODO Internet Security\cmdres.DLL (.Hasleo Software.-.Hasleo BitLocker Anywhere Shell Extension..) - (1.0.0.1) -- C:\Program Files\Hasleo\BitLocker Anywhere\bin\BitLockerAnywhereShell.dll (..-..) - (12.6.1005.11662) -- C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareShellExtension.dll (.TechSmith Corporation.-.Snagit Shell Extension DLL.) - (19.1.1.2860) -- C:\Program Files\TechSmith\Snagit 2019\DLLx64\SnagitShellExt64.dll (.TechSmith Corporation.-.Snagit Shell Extension Resources DLL.) - (19.1.1.2860) -- C:\Program Files\TechSmith\Snagit 2019\SnagItShellExtRes.dll (.Babylon Software Ltd..-.Babylon Document Translation Menu Extention.) - (11.0.1.0) -- C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonDocTranslation64PI.dll (..-.ShellHandler for Notepad++ (64 bit).) - (0.1.0.0) -- C:\Program Files\Notepad++\NppShell_06.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) (.Zemana Ltd..-.Zemana AntiLogger Free.) - (1.8.2.328) -- C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (.COMODO.-.COMODO Internet Security.) - (11.0.0.6802) -- C:\Windows\system32\guard64.dll (.Zemana Ltd..-.Zemana AntiLogger Free.) - (1.8.2.328) -- C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL (.COMODO.-.COMODO Secure Shopping.) - (1.3.50284.151) -- C:\Windows\system32\cssguard64.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.19.3.0) -- C:\Windows\System32\winsqlite3.dll (.Intel Corporation.-.Intel Graphics Shader Compiler for Intel(R) Graphics Accelerator.) - (25.20.100.6518) -- C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igc64.dll (.AVAST Software.-.Hook Library.) - (19.3.4.2057) -- C:\Program Files\AVAST Software\Avast\aswhook.dll (.Intel Corporation.-.Intel(R) Camera MFT.) - (1.0.0.8317) -- C:\windows\system32\IntelCameraPlugin64.dll (.Intel Corporation.-.Intel® Media SDK library.) - (8.18.11.21) -- C:\Program Files\Intel\Media SDK\libmfxhw64.dll ---------- | ZeroAccess Check Zaccess : C:\Users\EFM_UEFM_Barrow_U\AppData\Local\CyberLink [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU SecurePro - (C:\Windows\Temp\SecurePro.exe /s /a [Startup]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U OneDrive - ("C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\...\Run]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U WinFLTray - (C:\Windows\SysWow64\WinFLTray.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\...\Run]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U FLBackup - (C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\...\Run]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U vidnotifier.exe - (C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\...\Run]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U SharewareOnSale Notifier - (C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\...\Run]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U Clipdiary - (C:\Program Files (x86)\Clipdiary\clipdiary.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\...\Run]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U ApowerManager - (C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe /autoStart [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\...\Run]) - User: DESKTOP-810DT5O\EFM_UEFM_Barrow_U desktop - (desktop.ini [Common Startup]) - User: Public SecurityHealth - (%ProgramFiles%\Windows Defender\MSASCuiL.exe [HKLM\SOFTWARE\...\Run]) - User: Public RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public RtHDVBg_RUNEP - ("C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /RUNEP [HKLM\SOFTWARE\...\Run]) - User: Public OSD - (C:\Program Files\Samsung\SamsungOSD\OSD.exe [HKLM\SOFTWARE\...\Run]) - User: Public AdAwareTray - ("C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareTray.exe" [HKLM\SOFTWARE\...\Run]) - User: Public ZAM - ("C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe" /minimized [HKLM\SOFTWARE\...\Run]) - User: Public COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} - (C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [HKLM\SOFTWARE\...\Run]) - User: Public COMODO Internet Security Installer - ("C:\Program Files\COMODO\COMODO Internet Security\cmdinstall.exe" -log -type "local" -camevent "install-end" [HKLM\SOFTWARE\...\Run]) - User: Public USB Safely Remove - ("C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup [HKLM\SOFTWARE\...\Run]) - User: Public rfagent - ("C:\Program Files\RFA 11\rfagent64.exe" [HKLM\SOFTWARE\...\Run]) - User: Public TechSmithSnagit - ("C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe" /i [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "WinFLTray"=C:\Windows\SysWow64\WinFLTray.exe [15/03/2019 07:34:08] "FLBackup"=C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [15/03/2019 07:34:21] "vidnotifier.exe"=C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [15/03/2019 11:53:40] "SharewareOnSale Notifier"=C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe [17/03/2019 20:01:48] "Clipdiary"=C:\Program Files (x86)\Clipdiary\clipdiary.exe [17/08/2018 08:33:38] "ApowerManager"=C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe /autoStart [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Delete Cached Update Binary"=C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" "Delete Cached Standalone Update Binary"=C:\Windows\system32\cmd.exe /q /c del /q "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" "Uninstall 19.033.0218.0009\amd64"=C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft\OneDrive\19.033.0218.0009\amd64" "Uninstall 19.033.0218.0009"=C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft\OneDrive\19.033.0218.0009" [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "OneDrive"=0x020000000000000000000000 "WinFLTray"=0x020000000000000000000000 "FLBackup"=0x020000000000000000000000 "vidnotifier.exe"=0x020000000000000000000000 "Software Informer"=0x020000000000000000000000 "SharewareOnSale Notifier"=0x020000000000000000000000 "Clipdiary"=0x020000000000000000000000 "ApowerManager"=0x020000000000000000000000 "WinSweep"=0x020000000000000000000000 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "MRUList"=a "a"= [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=Microsoft Print to PDF,winspool,Ne01: "IsMRUEstablished"=1 "LegacyDefaultPrinterMode"=0 "MenuDropAlignment"=1 "Run"= [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%ProgramFiles%\Windows Defender\MSASCuiL.exe "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "RtHDVBg_RUNEP"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /RUNEP "OSD"=C:\Program Files\Samsung\SamsungOSD\OSD.exe [02/02/2017 07:06:55] "AdAwareTray"="C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareTray.exe" "ZAM"="C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe" /minimized "COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [04/03/2019 22:32:22] "COMODO Internet Security Installer"="C:\Program Files\COMODO\COMODO Internet Security\cmdinstall.exe" -log -type "local" -camevent "install-end" "USB Safely Remove"="C:\Program Files (x86)\USB Safely Remove\USBSafelyRemove.exe" /startup "rfagent"="C:\Program Files\RFA 11\rfagent64.exe" "TechSmithSnagit"="C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe" /i [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x040000000000000000000000 "RTHDVCPL"=0x040000000000000000000000 "RtHDVBg_RUNEP"=0x040000000000000000000000 "OSD"=0x040000000000000000000000 "AdAwareTray"=0x020000000000000000000000 "ZAM"=0x020000000000000000000000 "COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=0x020000000000000000000000 "COMODO Internet Security Installer"=0x020000000000000000000000 "USB Safely Remove"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "AvastUI.exe"=0x020000000000000000000000 "vdcss"=0x020000000000000000000000 "IseUI"=0x020000000000000000000000 "Wondershare Helper Compact.exe"=0x020000000000000000000000 "CommonToolkitTray"=0x020000000000000000000000 "CAMTray"=0x020000000000000000000000 "Babylon Client"=0x020000000000000000000000 "UnlockerAssistant"=0x020000000000000000000000 "BabylonToolbar"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"=C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL [15/03/2019 09:28:34] "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "EnableMitInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=1 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D33928A8E92551 [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui "vdcss"="C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe" -tray "IseUI"=C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [20/03/2019 13:00:44] "CAMTray"="C:\Program Files (x86)\CyberLink\AppManager\CAMTray.exe" /AutoRun "Babylon Client"=C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart "UnlockerAssistant"="C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "InstallShieldSetup"=C:\PROGRA~2\INSTAL~1\{7CCFA~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{7CCFA~1\reboot.ini -l0x40c ""= [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"=C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL [15/03/2019 09:28:34] "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "EnableMitInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=1 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List Avast Emergency Update CreateExplorerShellUnelevatedTask Intel PTT EK Recertification iolo System Checkup LinuxFS GUI LinuxFS Updater Moo0 Disk Cleaner 1.23 OneDrive Standalone Update Task v2 OneDrive Standalone Update Task-S-1-5-21-3534096643-12334864-2903717510-1001 Opera scheduled Autoupdate 1552623920 PC Cleaner automatic scan and notifications PowerDirectorStyleAgent RemoBackup_Launcher RunAsStdUser Task SAgent ShowWindow Software Updater Scheduler Software Updater SkipUAC(EFM_UEFM_Barrow_U) SoftwareInformerService SU_AutoUpdate Uninstaller_SkipUac_EFM_UEFM_Barrow_U User_Feed_Synchronization-{12F40181-298F-4A8F-BA89-6EC6CD445751} ---------- | Startings up registry ¦ Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc DeviceInstall gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=2000 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(1)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(1)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=3 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [15/03/2019 19:24:07] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "LsaPid"=980 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "PendingFileRenameOperations"=\??\C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Temp\9F1.tmp.ico \??\C:\Users\EFM_UE~1\AppData\Local\Temp\_iu14D2N.tmp \??\C:\Users\EFM_UE~1\AppData\Local\Temp\nsb7584.tmp\nsProcess.dll \??\C:\Users\EFM_UE~1\AppData\Local\Temp\nsb7584.tmp\ [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=0659456f-f9c1-4523-ae49-d235204 "GlassSessionId"=1 ---------- | .LNK with Arguments ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallPaper"=C:\Windows\Web\Wallpaper\Samsung\Samsung_wallpaper.png [07/12/2017 07:05:45] "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "DelayLockInterval"=900 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9E1E078012000000 "CheckScreenSaverTimeChange"=1 "ScreenSaveTimeOut"=120 "MaxVirtualDesktopDimension"=2160 "MaxMonitorDimension"=2160 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC30100F6F83E0070080000A005000000A5DFF65749D20143003A005C00570069006E0064006F00770073005C005700650062005C00570061006C006C00700061007000650072005C00530061006D00730075006E0067005C00530061006D00730075006E0067005F00770061006C006C00700061007000650072002E0070006E0067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "WaitToKillAppTimeout"=2000 "HungAppTimeout"=2000 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x24000000342800000000000000000000000000000100000013000000000000006A000000 "UserSignedIn"=1 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "TelemetrySalt"=7 "GlobalAssocChangedCounter"=194 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "SlowContextMenuEntries"=0xF05A64A7E8D6AF488DFA023B1CF660A7ED0A00000114020000000000C000000000000046F9150000550F3DCB2CBC1A4C85ED23ED75B5106B450C000060B81DB4E464D2119906E49FADC173CAA80B00005D54A9A2C2A0B4429708A0B2BADD77C8F60B0000 "PostAppInstallTasksCompleted"=1 "link"=0x1E000000 "Browse For Folder Width"=520 "Browse For Folder Height"=460 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=1 "AutoCheckSelect"=1 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "StoreAppsOnTaskbar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=13 "TaskbarStateLastRun"=0x0E05945C00000000 "ReindexedProfile"=1 [HKLM\Software\Policies\Microsoft\Windows\System] "DontDisplayNetworkSelectionUI"=1 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableSecureUIAPath"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=0 "NoActiveDesktopChanges"=0 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "layoutxmlpath"=c:\users\default\appdata\local\microsoft\windows\shell\taskbarlayoutmodification.xml [07/12/2017 14:49:02] "GlobalAssocChangedCounter"=27 "MultipleInvokePromptMinimum"=10000 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 "UseOLEDTaskbarTransparency"=1 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\System] "DontDisplayNetworkSelectionUI"=1 [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableSecureUIAPath"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=0 "NoActiveDesktopChanges"=0 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=50 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s ---------- | Winlogon [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=16299 "FirstLogon"=0 "PUUActive"=0x143EAC9E02000200070066002C5B0300FC3F0400FC3F0400D200000011001700A265D83E6F481100901C1100A067010061F60000163D0000F12B0100DD0511004A2A00008102000046619D2E8AE5D4018E74030000000000010000008E740300AB3F000000000000 "DP"=0xD200E8002A00020006000000143EAC9EC1CC7E0000000000B1BD86A06DE5D401ECAF68475AE5D4014FE831000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F80510100EC3600C043005101C3005B01CC5D00800020202000246826E0C80080A063CA00A26FCA400CA100800C1858090C185C0909F90080082000090821900B9933018083234F4483234F65480F0180E2410023E249006709C5008080040210821702146E02008080002508800C250815130180278F0062278F0163610001004223004C42B3214C "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\windows\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "DisableCAD"=1 "LastLogOffEndTimePerfCounter"=598529720020 "ShutdownFlags"=39 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-21-3534096643-12334864-2903717510-1001 "LastUsedUsername"=EFM_UEFM_Barrow_U [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "userinit"=userinit.exe "AutoRestartShell"=1 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Clients\StartMenuInternet\OperaStable\Shell\open\Command] ""="C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\Launcher.exe" [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Clients\StartMenuInternet\OperaStable\InstallInfo] "ReinstallCommand"="C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\Launcher.exe" --makedefaultbrowser [HKLM\Software\Clients\StartMenuInternet\Dragon\Shell\open\Command] ""="C:\Program Files (x86)\Comodo\Dragon\dragon.exe" [HKLM\Software\Clients\StartMenuInternet\Dragon\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Dragon\Shell\open\Command] ""="C:\Program Files (x86)\Comodo\Dragon\dragon.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Dragon\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Comodo\Dragon\dragon.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\Launcher.exe"=32 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Users\EFM_UEFM_Barrow_U\Desktop\Adaware_Installer.exe"=0x5341435001000000000000000700000028000000B0552900EC1D2A0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000000A9E1600000000000100000001000000 "C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\PCTrans.exe"=0x534143500100000000000000070000002800000050DA45000F4B460001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000EEF93200000000000200000002000000 "C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareTray.exe"=0x5341435001000000000000000700000028000000D85D4800EE34490001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000006CC35A01000000000100000001000000 "C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.6.1005.11662\AdAwareDesktop.exe"=0x5341435001000000000000000700000028000000D80DCD00DB4ACD0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000008301F609000000000300000003000000 "C:\Windows\SysWOW64\explorer.exe"=0x5341435001000000000000000700000028000000880E35002AE5350001000000010000000000000A61220000DB80FDAC2839D3010000000000000000 "C:\Users\EFM_UEFM_Barrow_U\Documents\WinToHDD.Ent.2.6.Portable.KaranPC\WinToHDDPortable.exe"=0x53414350010000000000000007000000280000001BE901000000000001000000000000000000010600010000DB80FDAC2839D301000000000000000002000000280000000000000000000040000200000000000000000000000000005F120000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Documents\WinToHDD.Ent.2.6.Portable.KaranPC\App\WinToHDD64\x64\WinToHDD\bin\WinToHDD.exe"=0x534143500100000000000000070000002800000000E29A00EACB9B0001000000000000000000000A73220000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000044D20000000000000100000001000000 "C:\Program Files\Realtek\Audio\HDA\EP64.exe"=0x534143500100000000000000070000002800000050583C009DC33C0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000060B46C1D000000000500000005000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\DRPSu\PROGRAMS\DotNet.exe"=0x534143500100000000000000070000002800000070A7AC0363C3AC0301000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000001A980000000000000100000001000000 "C:\Program Files\Paragon Software\Hard Disk Manager 16 Basic\program\advlauncher.exe"=0x534143500100000000000000070000002800000008BF0C00F9900D0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000081951C00000000000300000003000000 "C:\Program Files (x86)\Silent Install Builder 5\Sib.exe"=0x5341435001000000000000000700000028000000C8100C001BCF0C0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000045270C00000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\SIB\Packages\7547\out\lfsh_uefm_efm_b162_w16_anaamfuw_suite_essentials_setup_sib.exe"=0x5341435001000000000000000700000028000000597E07070000000001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BA061D00000000000100000001000000 "C:\Program Files (x86)\Moo0\RightClicker Pro 1.56\RightClicker.exe"=0x534143500100000000000000070000002800000000E230000000000001000000000000000000000A73220000DB80FDAC2839D30100000000000000000200000028000000000000000000008000000000000000000000000000000000F52D0000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Documents\grande force loaris noa 13 - don pour garder lfsu_anti-tfl_100%s fin en carreaux des rairies, protectstar & loaris\loarissetup_FromDESKTOP-810DT5O.exe"=0x5341435001000000000000000700000028000000B0DF1100E392120001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000002378F301000000000100000001000000 "C:\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe"=0x5341435001000000000000000700000028000000F86D5E0071615F0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000EE020000000000000100000001000000 "C:\Program Files (x86)\NewSoftware's\Folder Lock\Folder Lock.exe"=0x534143500100000000000000070000002800000008845C002AE55C0001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000457FC201000000000100000001000000 "C:\Program Files (x86)\IObit\Software Updater\SUFeature.exe"=0x53414350010000000000000007000000280000001087020008E6020001000000000000000000000A00210000DB80FDAC2839D3010000000000000000050000001000000000000000000000000000000000000080020000002800000000000000000000800000000000000000000000000000000058010000000000000100000001000000 "C:\PortableApps\AshampooSnap10 Portable\AshampooSnapPortable.exe"=0x53414350010000000000000007000000280000003DEC03000000000001000000000000000000010600010000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000004DF6820B000000000700000007000000 "C:\Program Files\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000C80A0F00A5500F0001000000000000000000000600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000048732F00000000001100000011000000 "SIGN.MEDIA=6B2011B8 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\cadeaux récompense st jacques de conrad & lfsu100%sf 17 mars 2019\remo-shredder.exe"=0x5341435001000000000000000700000028000000D8C3AF00AE82B00001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FB2B0800000000000100000001000000 "SIGN.MEDIA=6B2011B8 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\cadeaux récompense st jacques de conrad & lfsu100%sf 17 mars 2019\remo-repair-word.exe"=0x5341435001000000000000000700000028000000D85707019EA6070101000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000057E60700000000000100000001000000 "SIGN.MEDIA=6B2011B8 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\cadeaux récompense st jacques de conrad & lfsu100%sf 17 mars 2019\remo-repair-mov.exe"=0x534143500100000000000000070000002800000028240901ED120A0101000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000C6800700000000000100000001000000 "SIGN.MEDIA=6B2011B8 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\cadeaux récompense st jacques de conrad & lfsu100%sf 17 mars 2019\remo-recover-windows.exe"=0x5341435001000000000000000700000028000000F0536801BCA9680101000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000050290700000000000100000001000000 "SIGN.MEDIA=6B2011B8 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\cadeaux récompense st jacques de conrad & lfsu100%sf 17 mars 2019\remo-outlook-backup-migrate.exe"=0x5341435001000000000000000700000028000000F82F2E003E652E0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000044DC1100000000000100000001000000 "SIGN.MEDIA=6B2011B8 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\cadeaux récompense st jacques de conrad & lfsu100%sf 17 mars 2019\remo-duplicate-photos-remover.exe"=0x5341435001000000000000000700000028000000503D3401BE17350101000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E6AC0400000000000100000001000000 "SIGN.MEDIA=6B2011B8 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\cadeaux récompense st jacques de conrad & lfsu100%sf 17 mars 2019\remo-duplicate-file-remover.exe"=0x5341435001000000000000000700000028000000F0B99500280B960001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E13D0400000000000100000001000000 "C:\Program Files\Hasleo\WinToUSB\bin\WinToUSB.exe"=0x534143500100000000000000070000002800000000427F00FC677F0001000000000000000000000A73220000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000006B601800000000000200000002000000 "C:\Program Files (x86)\SysTools PDF Bates Numberer\PDFBatesGenerator.exe"=0x5341435001000000000000000700000028000000D8103200BBDA320001000000000000000000010671020000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000009B65C605000000000200000002000000 "C:\Program Files (x86)\SysTools AD Browser\ADBrowser.exe"=0x5341435001000000000000000700000028000000D0501A00A0AD1A0001000000000000000000010671020000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000290FA605000000000100000001000000 "C:\Program Files (x86)\oldtimer otl_oth_tfc_md5look_xor_gotd-u_SEAF_remvbs_usbfileresc setup.exe"=0x5341435001000000000000000700000028000000B16994000000000001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000109E0100000000000200000002000000 "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\FreeStudioManager.exe"=0x5341435001000000000000000700000028000000E8051700787B170001000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000000EAF7E02000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Desktop\pre-scan_7_16.10.17.1_FromDESKTOP-810DT5O.exe"=0x5341435001000000000000000700000028000000A8AF2E007DB12E0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Program Files (x86)\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000108D0C0074DD0C0001000000010000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Program Files (x86)\GOTD Unlimited\Unlimited_GOTD_v1.02.exe"=0x5341435001000000000000000700000028000000002201000000000001000000000000000000000A61220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000CF720000000000000100000001000000 "SIGN.MEDIA=3C8D326 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\1ers giveaways après lfsu-anti_tfl-100%s finalis\AmazingFolderPasswordLock7888-ai37dh\Setup.exe"=0x534143500100000000000000070000002800000060CC2600C3AE270001000000000000000000010600010000DB80FDAC2839D3010000000000000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.107\opera.exe"=0x5341435001000000000000000700000028000000587818008B9A180001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "SIGN.MEDIA=86BDCE anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\1ers giveaways après lfsu-anti_tfl-100%s finalis\SharewareOnSale_Giveaway_Clipdiary_hub.exe"=0x534143500100000000000000070000002800000080122300E2A4230001000000000000000000000A71220000DB80FDAC2839D3010000000000000000 "C:\Program Files (x86)\SysTools Thunderbird Store Locator\ThunderbirdStoreLocator.exe"=0x5341435001000000000000000700000028000000F8B314005EB7140001000000000000000000010675220000DB80FDAC2839D3010000000000000000 "C:\Program Files\TechSmith\Camtasia 2018\CamRecorder.exe"=0x534143500100000000000000070000002800000050865E0047BD5E0001000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004004000000000000000000000000000000CDD80605000000000500000005000000 "C:\Program Files\Samsung\Recovery\Recovery.exe"=0x5341435001000000000000000700000028000000F0E62300120D240001000000000000000000000A73220000DB80FDAC2839D3010000000000000000 "C:\Program Files\TechSmith\Camtasia 2018\CamtasiaStudio.exe"=0x534143500100000000000000070000002800000050420700D059070001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000006093A617000000000800000008000000 "C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe"=0x534143500100000000000000070000002800000048B600006317010001000000000000000000000A73220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000084110000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\cispremium_installer_10555_51.exe"=0x5341435001000000000000000700000028000000609B5500A35A560001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DC4E101C000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\setup_Atelier_Photo_Fnac.exe"=0x5341435001000000000000000700000028000000503A1900877C190001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B39F0500000000000100000001000000 "C:\Program Files\Fnac\Atelier Photo Fnac\Atelier Photo Fnac.exe"=0x5341435001000000000000000700000028000000001640000000000001000000000000000000000A73220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000067B08701000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\setup_Logiciel_de_creation_CEWE_Cora.exe"=0x534143500100000000000000070000002800000048481900DEED190001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000C92F1400000000000100000001000000 "C:\Program Files\Cora\Logiciel de creation CEWE Cora\Logiciel de création CEWE Cora.exe"=0x534143500100000000000000070000002800000000D841000000000001000000000000000000000A73220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000004B237301000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\setup_Logiciel_de_creation_CEWE.exe"=0x5341435001000000000000000700000028000000A04619002B2A1A0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B9320D00000000000100000001000000 "C:\Program Files\CEWE\Logiciel de creation CEWE\Logiciel de création CEWE.exe"=0x534143500100000000000000070000002800000000D841000000000001000000000000000000000A73220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000393E6501000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\turbo-client-19.3.1934.0.exe"=0x5341435001000000000000000700000028000000704C880609E7880601000000000000000000000A71220000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000000F24411A000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Turbo\19.3.1934.0\Turbo-Launcher.exe"=0x534143500100000000000000070000002800000050ECF0006F96F10001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000008000000000000000000000000000000000000000E2040000000000000200000002000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Turbo\Cmd\turbosh.exe"=0x5341435001000000000000000700000028000000109F03007981040001000000000000000000000A71220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000027110000000000000100000001000000 "C:\Program Files (x86)\Turbo.net\Turbo Studio 19\Studio.exe"=0x534143500100000000000000070000002800000078856102A7C3610201000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000009BBB3403000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft\OneDrive\19.033.0218.0009\FileSyncConfig.exe"=0x534143500100000000000000070000002800000060AC04002A5C050001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\PortableApps.com_Platform_Setup_16.0.paf.exe"=0x5341435001000000000000000700000028000000687D4E0014E44E0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000033050600000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\PortableApps.com_Platform_Setup_16.0.paf (1).exe"=0x5341435001000000000000000700000028000000687D4E0014E44E0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000BA860C00000000000100000001000000 "SIGN.MEDIA=114272 anti-corvée lfsu-uefm-anti-tfl-100%s finalis, vestiges EFM-gold & jobs 2019 en cadeau finalis\ANAAMFUW Finalis anti-mc flurry ushuaïa-widen 1 à 16 gonflables\unblocker.exe"=0x5341435001000000000000000700000028000000804F0B0064290C0001000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000F0840000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\keepvid-music-tag-editor_full4171 (1).exe"=0x534143500100000000000000070000002800000048F422019FF5220101000000000000000000030600010000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000001ACA6F00000000000100000001000000 "C:\PortableApps\PortableApps.com\PortableAppsPlatform.exe"=0x534143500100000000000000070000002800000040A53A000CCD3A0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000042D58305000000000100000001000000 "C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe"=0x534143500100000000000000070000002800000010C15000E6A5510001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000028E10000000000000100000001000000 "C:\Program Files (x86)\IObit\IObit Uninstaller\AUpdate.exe"=0x53414350010000000000000007000000280000001081020089E9020001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000AC270000000000000400000004000000 "C:\Program Files\abylonsoft\SAKeySafe\SASafeX64.EXE"=0x534143500100000000000000070000002800000068094F004E9E4F0001000000000000000000000A73220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000028510100000000000200000002000000 "C:\Program Files\internet explorer\iexplore.exe"=0x534143500100000000000000070000002800000008950C008E3B0D0001000000010000000000000A00210000DB80FDAC2839D3010000000000000000 "C:\Program Files (x86)\Comodo\Dragon\dragon.exe"=0x5341435001000000000000000700000028000000F0D222005A34230001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000076F19D10000000000300000003000000 "SIGN.MEDIA=3496DF6 PortableApps\PortableApps.com\PortableAppsPlatform.exe"=0x534143500100000000000000070000002800000040A53A000CCD3A0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FD1EF111000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\tidymymusic-bing_full1701.exe"=0x5341435001000000000000000700000028000000F02C29012FDD290101000000000000000000010600010000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000007A2EBA11000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\Full-DISKfighter_Web.exe"=0x5341435001000000000000000700000028000000180D29007724290001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000CA5F0200000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\OUTDATEfighter_Web.exe"=0x5341435001000000000000000700000028000000B0EB1F00B4F21F0001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000087AC0100000000000100000001000000 "C:\Program Files (x86)\Fighters\OUTDATEfighter\OUTDATEfighter.exe"=0x5341435001000000000000000700000028000000801617001525170001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000003107810000000000300000003000000 "C:\Program Files (x86)\CyberLink\AppManager\AppManager.exe"=0x5341435001000000000000000700000028000000B8060400587B040001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000005570730E000000000100000001000000 "C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe"=0x5341435001000000000000000700000028000000305E5D0321505E0301000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000003F9E5E0D000000000300000003000000 "C:\Program Files\windows nt\accessories\wordpad.exe"=0x5341435001000000000000000700000028000000008844005901450001000000010000000000000A63220000DB80FDAC2839D3010000000000000000 "C:\Users\EFM_UEFM_Barrow_U\Desktop\rkill.exe"=0x5341435001000000000000000700000028000000D0811B0066BA1B0001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000014AD0100000000000100000001000000 "C:\Program Files (x86)\QuickDiag\quickdiag_V5_27.02.19.1.exe"=0x534143500100000000000000070000002800000098F74E00B9194F0001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000050000000000000000000000000000000000000000000000000000000C584DA03000000000200000002000000000000000000004000000000000000000000000000000000685C6600000000000100000000000000 "C:\Program Files (x86)\USBFix\UsbFix_2019_11.012.exe"=0x534143500100000000000000070000002800000058D545008D09460001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000005800500000000000100000001000000 "C:\Program Files (x86)\Moo0\DiskCleaner 1.23\DiskCleaner.exe"=0x53414350010000000000000007000000280000000010320097E5320001000000000000000000020671020000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000DC960100000000000300000003000000 "C:\Program Files (x86)\Fighters\Tray\FightersTray.exe"=0x534143500100000000000000070000002800000080E2190049621A0001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B4039F00000000000200000002000000 "SIGN.MEDIA=3B41D4C PowerDVD 365\ApplicationManager_v1126_rv199819(1.2)_STD_APM181015-01.exe"=0x53414350010000000000000007000000280000001805ED005517ED0001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000800000000000000000000000000000000000000038BE8F00000000000200000002000000 "C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16031.11328.20154.0_x86__8wekyb3d8bbwe\Office16\WINWORD.EXE"=0x5341435001000000000000000700000028000000C0131E0093BB1E0001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Program Files\Remo Outlook Backup & Migrate 2.0\rs-taskrobm.exe"=0x534143500100000000000000070000002800000000A20300782B040001000000000000000000000A71220000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000017F1C901000000000100000001000000 "C:\Program Files\Remo Duplicate Photos Remover 1.0\rs-DupMgr.exe"=0x534143500100000000000000070000002800000000640300ABC8030001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000C6C7C901000000000100000001000000 "C:\Program Files\Remo Duplicate File Remover 1.0\rs-fDupMgr.exe"=0x5341435001000000000000000700000028000000006603004A5A040001000000000000000000000A71220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B389C901000000000100000001000000 "C:\Program Files (x86)\Comodo\Dragon\modules\dragon_helper.exe"=0x534143500100000000000000070000002800000010D13000F55B310001000000000000000000000A73200000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000069370700000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\winrar-x64-570fr.exe"=0x5341435001000000000000000700000028000000E86031009859320001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000000B4F0000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe"=0x53414350010000000000000007000000280000005878180002AD180001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\EFM_UEFM_Barrow_U\Desktop\JRT.exe"=0x534143500100000000000000070000002800000048501B0027F11B0001000000000000000000010671020000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000565B0500000000000100000001000000 "C:\Program Files\WinRAR\WinRAR.exe"=0x5341435001000000000000000700000028000000C8B92200182D230001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A5AD0000000000000700000007000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\usbsafelyremovesetup_6-1-5.exe"=0x5341435001000000000000000700000028000000A06C5700599F570001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000012654F0B000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\h2testw_1.4\h2testw.exe"=0x5341435001000000000000000700000028000000006406003092060001000000000000000000000671220000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000BCDC4F03000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\BabylonNG_setup.exe"=0x5341435001000000000000000700000028000000106E0A0076E2010001000000000000000000030600010000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000005F9B5C09000000000100000001000000 "C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe"=0x5341435001000000000000000700000028000000C0621800B4BE180001000000000000000000000A73220000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000002B40900000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon-toolbar-on-ie_VkqQbj_2447881514.exe"=0x5341435001000000000000000700000028000000708220000000000001000000000000000000030600010000DB80FDAC2839D301000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000007DB30100000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon-toolbar-on-ie_VicF87_1252449242.exe"=0x5341435001000000000000000700000028000000708220000000000001000000000000000000030600010000DB80FDAC2839D3010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000098B70000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon10_setup_ns.exe"=0x5341435001000000000000000700000028000000086A0A004FFB010001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000047090000000000000200000002000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon10_setup_ns (1).exe"=0x5341435001000000000000000700000028000000086A0A004FFB010001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000050050000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon10_setup_ns (2).exe"=0x5341435001000000000000000700000028000000086A0A004FFB010001000000000000000000030600010000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000006B030000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon10_setup_ns (3).exe"=0x5341435001000000000000000700000028000000086A0A004FFB010001000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B7060000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon-toolbar-on-ie_VEvppl_3885422848.exe"=0x5341435001000000000000000700000028000000708220000000000001000000000000000000030600010000DB80FDAC2839D30100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000B62F0100000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\PC_Cleaner.exe"=0x5341435001000000000000000700000028000000F00747009A76470001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000005E311100000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\OneSafe_PC_Cleaner.exe"=0x534143500100000000000000070000002800000030AF49008AE3490001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000E4240F00000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\OneSafe_PC_Cleaner (1).exe"=0x534143500100000000000000070000002800000030AF49008AE3490001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000055550300000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\PC_Cleaner (1).exe"=0x5341435001000000000000000700000028000000F00747009A76470001000000000000000000000A00210000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000A8B61A03000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\Installer_babylon_11.0.0.13_4038416036.exe"=0x5341435001000000000000000700000028000000692320000000000001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000B2890000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon_2528611466.exe"=0x5341435001000000000000000700000028000000387F20000000000001000000000000000000010600010000DB80FDAC2839D301000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000004C1E0200000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\babylon_3765483945.exe"=0x5341435001000000000000000700000028000000387F20000000000001000000000000000000010600010000DB80FDAC2839D301000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000003B9C0100000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\Unlocker_Portable_1.9.2_32-64_Multilingual.exe"=0x5341435001000000000000000700000028000000008604000000000001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000FD310000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\unlocker-1.9.0.exe"=0x53414350010000000000000007000000280000003D800F000000000001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000097E90600000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\unlocker_1-9-2.exe"=0x53414350010000000000000007000000280000003F7510000000000001000000000000000000010600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000030750000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\Unlocker\Unlocker1.9.2\Unlocker1.9.2.exe"=0x53414350010000000000000007000000280000003F7510000000000001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000DB410000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Downloads\unlocker-1-9-1-en-win.exe"=0x5341435001000000000000000700000028000000C16B19000000000001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000FF102B09000000000100000001000000 "SIGN.MEDIA=42A950B8 renouveau du widen - babylon free & trial, & vaincre la peur de babylon toolbar & search\zhpcleaner_2019.1.17.9.exe"=0x534143500100000000000000070000002800000080633200A9B1320001000000000000000000000A00210000DB80FDAC2839D30100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000FA340000000000000100000001000000 "SIGN.MEDIA=42A950B8 renouveau du widen - babylon free & trial, & vaincre la peur de babylon toolbar & search\quickdiag_V5_27.02.19.1.exe"=0x534143500100000000000000070000002800000098F74E00B9194F0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000006BAC3500000000000100000001000000 "SIGN.MEDIA=42A950B8 renouveau du widen - babylon free & trial, & vaincre la peur de babylon toolbar & search\ZHPCleaner.exe"=0x534143500100000000000000070000002800000080A52F00013F300001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000008709F102000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\launcher.exe"=0x5341435001000000000000000700000028000000585C16001713170001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000009F5E5D09000000000300000003000000 "SIGN.MEDIA=42A950B8 renouveau du widen - babylon free & trial, & vaincre la peur de babylon toolbar & search\OTL.exe"=0x534143500100000000000000070000002800000000300900870F0A0001000000000000000000000A41220000DB80FDAC2839D301000000000000000002000000280000000000000000000040000000000000000000000000000000005B551E09000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\ZHP\ZHPCleaner.exe"=0x534143500100000000000000070000002800000080A52F00013F300001000000000000000000000A00210000DB80FDAC2839D3010000000000000000020000002800000000000000000000400000000000000000000000000000000043358506000000000100000001000000 "C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe"=0x534143500100000000000000070000002800000010462600F241270001000000000000000000030600010000DB80FDAC2839D30100000000000000000200000028000000000000000000000000000000000000000000000000000000DB000000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Desktop\delfix_1.013.exe"=0x5341435001000000000000000700000028000000402C0C00C2D00C0001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000004D490000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x534143500100000000000000070000002800000060C0C701D0BDC80101000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft\OneDrive\19.033.0218.0011\FileSyncConfig.exe"=0x534143500100000000000000070000002800000060AA0400777F050001000000000000000000000A00210000DB80FDAC2839D3010000000100000000 "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Temp\ApowersoftAutoUpdater.exe"=0x5341435001000000000000000700000028000000308605009ACB050001000000000000000000000A75220000DB80FDAC2839D3010000000000000000 "C:\Users\EFM_UEFM_Barrow_U\Documents\OneSafe_PC_Cleaner.exe"=0x534143500100000000000000070000002800000030AF49008AE3490001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000005E000000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Documents\pcmechanicpm.exe"=0x53414350010000000000000007000000280000007821120033E3120001000000000000000000030600010000DB80FDAC2839D3010000000000000000020000002800000000000000000000000000000000000000000000000000000093DF0000000000000200000002000000 "C:\Users\EFM_UEFM_Barrow_U\Documents\PCOptimizerProInstaller.exe"=0x5341435001000000000000000700000028000000C0475600F21C570001000000000000000000010600010000DB80FDAC2839D30100000000000000000200000028000000000000000000004000000000000000000000000000000000B9030000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Documents\speedupmypc.exe"=0x5341435001000000000000000700000028000000D0DE5D00C0665E0001000000000000000000010600010000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000005E000000000000000100000001000000 "C:\Users\EFM_UEFM_Barrow_U\Documents\Setup_WinThruster_2019.exe"=0x534143500100000000000000070000002800000078DD2F008D53300001000000000000000000000A00210000DB80FDAC2839D301000000000000000002000000280000000000000000000000000000000000000000000000000000006D000000000000000100000001000000 "C:\Program Files (x86)\Moo0\ImageViewer SP 1.80\ImageViewer.exe"=0x534143500100000000000000070000002800000000D01E0073791F0001000000000000000000020671200000DB80FDAC2839D3010000000000000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131571602490602647 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductType"=2 "InstallLocation"=C:\Program Files\Windows Defender\ "ProductStatus"=0 "InstallTime"=0x3926541D6ADAD401 "OneTimeSqmDataSent"=1 "OOBEInstallTime"=0xB4551ABDAEDAD401 "DisableAntiSpyware"=1 "DisableAntiVirus"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\adawareantivirusservice] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ZAM.exe" /service] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\adawareantivirusservice] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ZAM.exe" /service] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zam64.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zamguard64.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [2a00:1450:4007:816::200e] avec 32 octets de donn?es?: R?ponse de 2a00:1450:4007:816::200e?: temps=30 ms D?lai d'attente de la demande d?pass?. R?ponse de 2a00:1450:4007:816::200e?: temps=30 ms R?ponse de 2a00:1450:4007:816::200e?: temps=37 ms Statistiques Ping pour 2a00:1450:4007:816::200e: Paquets?: envoy?s = 4, re?us = 3, perdus = 1 (perte 25%), Dur?e approximative des boucles en millisecondes : Minimum = 30ms, Maximum = 37ms, Moyenne = 32ms ---------- | @ [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=https://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00 "DisableFirstRunCustomize"=3 "ImageStoreRandomFolder"=m4kjjob "OperationalData"=13 "CompatibilityFlags"=0 "SearchBandMigrationVersion"=1 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC8000000C80000000E0600004C040000 "Start Page_TIMESTAMP"=0xF06F87D11BE5D401 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x618C6EBEECDAD401 "NotifyDownloadComplete"=yes "News Feed First Run Experience"=0 "Use FormSuggest"=no "Use Custom Search URL"=0 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "CertificateRevocation"=0 "ZonesSecurityUpgrade"=0x618C6EBEECDAD401 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "GlobalUserOffline"=0 [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=about:blank "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "TabProcGrowth"=Medium [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 "SecureProtocols"=2688 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=about:blank "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "TabProcGrowth"=Medium [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"=http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=546b3573000000000000685acf6a7e41&tlver=1.4.19.19&affID=16553 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm "Tabs"=http://search.babylon.com/?babsrc=NT_ss&mntrId=546b3573000000000000685acf6a7e41&tlver=1.4.19.19&affID=16553 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amv] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bdmv] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dv] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.evo] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.f4v] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdmov] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ifo] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1v] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2p] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2v] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2v] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MPE] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpls] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv4] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mxf] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.NSR] "progid"=Potplayer.nsr [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogm] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogv] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ram] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rec] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rm] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmvb] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tp] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tps] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.trp] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vob] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webm] "Application"=wmplayer.exe [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv] "Application"=wmplayer.exe ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\AVAST Software\Avast\ashShell.dll [15/03/2019 05:28:54] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [29/09/2017 14:41:47] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Height"=0 "ITBar7Layout"=0x130000000000000000000000200000001000000000000000010000008006000099010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005BFFF2970C26CF4C834A2DDA4E29E39E00000000000000000000000000000000 [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"= "KnownProvidersUpgradeTime"=0x618C6EBEECDAD401 "Version"=5 "UpgradeTime"=0x618C6EBEECDAD401 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=0 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"= [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={7B5E17A5-1DFB-4269-9519-177F01849132} ---------- | Extensions [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}] : (Translate this web page with Babylon) - [] ---------- | SearchScopes [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0AA24E16-07B3-4694-8357-3C21ACC5F516}] - () - : [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}] - () - : [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7B5E17A5-1DFB-4269-9519-177F01849132}] - (Bing) - https://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 : [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}] - (Yahoo! Search) - http://fr.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo&type=10555005_11.0.0.6802_i_ds : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7B5E17A5-1DFB-4269-9519-177F01849132}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRSMS1&src=IE11TR&pc=SMTE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{7B5E17A5-1DFB-4269-9519-177F01849132}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRSMS1&src=IE11TR&pc=SMTE : ---------- | ElevationPolicy [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\System32\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\system32\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\System32\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\${ELV_GUID}] - (C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19) - BabylonToolbarsrv.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\sysnative\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\SysWOW64\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : ---------- | Ext\Settings [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2DD257A3-5028-41AE-A1E7-A12F76A08893}] : : C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] : : C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll ---------- | Ext\Stats [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}] : : [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25336920-03F9-11CF-8FD0-00AA00686F13}] : : C:\Windows\SysWOW64\mshtml.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2933BF90-7B36-11D2-B20E-00C04F983E60}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2DD257A3-5028-41AE-A1E7-A12F76A08893}] : : C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{333C7BC4-460F-11D0-BC04-0080C7055A83}] : : C:\Windows\SysWOW64\tdc.ocx [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64AB4BB7-111E-11D1-8F79-00C04FC2FBE1}] : : C:\Windows\SysWOW64\ieframe.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6BF52A52-394A-11D3-B153-00C04F79FAA6}] : : %SystemRoot%\system32\wmp.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}] : : C:\Windows\SysWOW64\ieframe.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{88D96A05-F192-11D4-A65F-0040963251E5}] : : C:\Windows\SysWOW64\msxml6.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9BE31822-FDAD-461B-AD51-BE1D1C159921}] : : [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] : : C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}] : : C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE09B103-97E0-11CF-978F-00A02463E06F}] : : C:\Windows\SysWOW64\scrrun.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F11-9C73-11D3-B32E-00C04F990BB4}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F16-9C73-11D3-B32E-00C04F990BB4}] : : %SystemRoot%\System32\msxml3.dll ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DD257A3-5028-41AE-A1E7-A12F76A08893}] -> (IeUrlFilter Class) : C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [15/02/2019 05:48:54] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}] -> (Babylon IE plugin) : C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll [26/03/2019 17:09:16] ---------- | Chrome [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb] ---------- | Opera C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Opera Software\Opera Stable\extensions\kipjbhgniklcnglfaldilecjomjaddfi = : __MSG_description__ - __MSG_name__ - https://extension-updates.opera.com/api/omaha/update/ ---------- | Firefox [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.6] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{e7a3896f-b4aa-4931-ba43-7ed6d96a98e9}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{e7a3896f-b4aa-4931-ba43-7ed6d96a98e9}] "NameServer"=156.154.70.25,156.154.71.25 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{e7a3896f-b4aa-4931-ba43-7ed6d96a98e9}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{e7a3896f-b4aa-4931-ba43-7ed6d96a98e9}] "NameServer"=156.154.70.25,156.154.71.25 ---------- | ActiveX [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - -> [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - -> [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4FC4FAB8-DD2C-3F8B-B378-F6EF65C0EC05}] - (.NET Framework) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{FEBEF00C-046D-438D-8A88-BF94A6C9E703}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{54BDBDCB-ED26-30CA-BFFC-5B5E414C3793}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5A604D2C-E968-429B-8327-62B5CE52126D}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{CE4BC71D-A88B-4943-BB3D-AF9C0E7D4387}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> ---------- | Applications [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Classes\Applications\bsplayer.exe] : C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe "%L" [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Classes\Applications\opera.exe] : "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\Launcher.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\Atelier Photo Fnac.exe] : "C:\Program Files\Fnac\Atelier Photo Fnac\Atelier Photo Fnac.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\GALERIE PHOTO CEWE.exe] : "C:\Program Files\CEWE\Logiciel de creation CEWE\GALERIE PHOTO CEWE.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\Launcher.exe] : "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" [HKLM\SOFTWARE\Classes\Applications\Logiciel de création CEWE Cora.exe] : "C:\Program Files\Cora\Logiciel de creation CEWE Cora\Logiciel de création CEWE Cora.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\Logiciel de création CEWE.exe] : "C:\Program Files\CEWE\Logiciel de creation CEWE\Logiciel de création CEWE.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\Ma Galerie Photo.exe] : "C:\Program Files\Fnac\Atelier Photo Fnac\Ma Galerie Photo.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\PotPlayerMini64.exe] : "C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\Classes\Applications\SnagitEditor.exe] : "C:\Program Files\TechSmith\Snagit 2019\SnagitEditor.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Atelier Photo Fnac.exe] : "C:\Program Files\Fnac\Atelier Photo Fnac\Atelier Photo Fnac.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\GALERIE PHOTO CEWE.exe] : "C:\Program Files\CEWE\Logiciel de creation CEWE\GALERIE PHOTO CEWE.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Launcher.exe] : "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\Launcher.exe" -noautoupdate -- "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Logiciel de création CEWE Cora.exe] : "C:\Program Files\Cora\Logiciel de creation CEWE Cora\Logiciel de création CEWE Cora.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Logiciel de création CEWE.exe] : "C:\Program Files\CEWE\Logiciel de creation CEWE\Logiciel de création CEWE.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Ma Galerie Photo.exe] : "C:\Program Files\Fnac\Atelier Photo Fnac\Ma Galerie Photo.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PotPlayerMini64.exe] : "C:\Program Files\DAUM\PotPlayer\PotPlayerMini64.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SnagitEditor.exe] : "C:\Program Files\TechSmith\Snagit 2019\SnagitEditor.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | DCOMApplications Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af} Name: Local Service Credential UI Broker - AppID: {00944ad3-b2ad-4bcf-9202-59bf4662d521} Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68} Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba} Name: TabTip - AppID: {01419581-4d63-4d43-ac26-6e2fc976c1f3} Name: lfsvc - AppID: {020FB939-2C8B-4DB7-9E90-9527966E38E5} Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030} Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd} Name: DevicesFlowExperienceFlow - AppID: {046AEAD9-5A27-4D3C-8A67-F82552E0A91B} Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B} Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23} Name: OOBE Bio Enrollment - AppID: {0771f7af-8de6-4bce-9528-2d4a12cb8168} Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299} Name: Retail Demo User COM Agent - AppID: {0886dae5-13ba-49d6-a6ef-d0922e502d96} Name: RtkApoApi - AppID: {08B039CA-84AA-40EA-8E9C-1D9537DC415B} Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A} Name: Proximity Sharing - AppID: {08FC06E4-C6B5-40BE-97B0-B80F943C615B} Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3} Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3} Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94} Name: NotificationController App ID - AppID: {0B789C73-D8DA-416D-B665-C1603676CEB1} Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C} Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de} Name: CamrecShellExt - AppID: {0DE69E95-29A8-4A7B-B10C-78EF7E2AA5B4} Name: IntelCpHeciSvc - AppID: {11AC3232-E7D7-49CD-ABFE-501700100B3A} Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E} Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666} Name: Shell Create Object Task Server - AppID: {133eac4f-5891-4d04-bada-d84870380a80} Name: Shell Create Object Handler - AppID: {135fd325-45b7-4c30-89f8-4386961669f0} Name: TPM Virtual Smart Card VCard Module Manager - AppID: {150F28F1-49A5-4C28-BE1A-CFA854A1D04B} Name: Remote TPM Virtual Smart Card Manager - AppID: {152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC} Name: CCasperCDNPROCOMSERVER - AppID: {15647F9A-1F59-41EB-8115-E09FDBAC5174} Name: RuntimeBroker - AppID: {15c20b67-12e7-4bb6-92bb-7aff07997402} Name: TPM Virtual Smart Card Manager - AppID: {16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A} Name: Speech Runtime COM - AppID: {1725704B-A716-4E04-8EF6-87ED4F0A180A} Name: Immersive TPM Virtual Smart Card Manager - AppID: {19833350-BF9B-42A1-BDF0-BD1FCBE1FD31} Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Name: GIDS Smart Card Simulator Manager - AppID: {1AC32B1A-E379-4CAD-B655-F978A30856EC} Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6} Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c} Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0} Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2} Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7} Name: Microsoft Software Protection Platform Admin Object (Inner) - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A717} Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526} Name: Provisioning Core - AppID: {217700E0-0000-11DF-ADB9-F4CE462D9137} Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829} Name: CortanaExperienceFlow - AppID: {24AC8F2B-4D4A-4C17-9607-6A4B14068F97} Name: Experimentation Broker - AppID: {2568BFC5-CDBE-4585-B8AE-C403A2A5B84A} Name: Update Notification Component Com Handler - AppID: {25d6d937-1fa3-4a22-8875-8680943b3f29} Name: SnagItET - AppID: {26088EFC-500F-4fff-AD37-323880CD1656} Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF} Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E} Name: WInRTDesktopBroker - AppID: {27550CA0-E9DE-4186-A566-37A59BB6CA69} Name: Cloud Change Wnf Monitor - AppID: {276D4FD3-C41D-465F-8CA9-A82A7762DF32} Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E} Name: WalletService - AppID: {27D6B72D-094D-445A-9ACE-8298CBA0611A} Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78} Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A} Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5} Name: WalletService - AppID: {2EA38040-0B9C-4379-87FD-4D38BB892F37} Name: Windows Security Health Service - AppID: {2EB6D15C-5239-41CF-82FB-353D20B816CF} Name: DevicesFlow - AppID: {2F93C02D-77F9-46B4-95FB-8CBB81EEB62C} Name: Immersive Shell Broker - AppID: {2FD08A73-D1F1-43EB-B888-24C2496F95FD} Name: ShellServiceHostBrokerProvider - AppID: {30AD8C8E-AE85-42FA-B9E8-7E99E3DFBFC5} Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7} Name: AuthHost - AppID: {31337EC7-5767-11CF-BEAB-00AA006C3606} Name: Immersive Shell - AppID: {316CDED5-E4AE-4B15-9113-7055D84DCC97} Name: UiaManagerCrossMachineProxyAppId - AppID: {31b965c2-d4a3-4d8e-ac40-a76d466cd0b7} Name: Delivery Optimization Mgmt - AppID: {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} Name: Language Components Installer Com Handler - AppID: {33ADC7D5-BAF1-4661-9822-1FD23E63B39F} Name: wpnservice - AppID: {34E76A18-223B-4E23-BEAD-F59358CC0A90} Name: TrayAppIdentityResolver - AppID: {35BC523D-8BE9-496E-8257-026E8B4750FC} Name: CoreDpusSvr - AppID: {36234D6F-D9B8-404B-91C9-736BD2EE3040} Name: Windows Push Notification Platform - AppID: {362cc086-4d81-4824-bbb5-666d34b3197d} Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB} Name: Security Health Agent Activate As Activator Host - AppID: {37096FBE-2F09-4FF6-8507-C6E4E1179893} Name: Delivery Optimization - AppID: {379001DE-7108-4A45-8A74-6CD0A9FBEF2C} Name: SnagItShellExt - AppID: {37AD3083-3787-41DC-944D-32CDEECFDB75} Name: Microsoft Portable Workspace Launcher - AppID: {37B73D7B-A976-43AE-97E4-BD4977B241F2} Name: CortanaMapiHelper - AppID: {3BFADDE5-09ED-42AE-8190-2E68B650CFE6} Name: WorkspacePolicyProcessor - AppID: {3C3F40BC-60EB-4567-B90C-480C87C21AC1} Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F} Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e} Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7} Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683} Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25} Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c} Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91} Name: Connected User Store - AppID: {40AFA0B6-3B2F-4654-8C3F-161DE85CF80E} Name: NaturalAuthentication - AppID: {412E0F20-6C5B-43EC-879F-DA444A416EAC} Name: Core Shell Broker Provider - AppID: {41928E27-7275-491C-A5A1-4FDC791BF609} Name: EntAppSvc - AppID: {42C21DF5-FB58-4102-90E9-96A213DC7CE8} Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775} Name: SPP External COM Object - AppID: {44831FEC-DC51-4716-A7E1-E898FDF83C85} Name: Thumbnail Extraction Host Class - AppID: {4545dea0-2dfc-4906-a728-6d986ba399a9} Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29} Name: Application Activation Manager - AppID: {45BA127D-10A8-46EA-8AB7-56EA9078943C} Name: Set Network Location Elevated Virtual Factory - AppID: {46B988E8-BEC2-401F-A1C5-16C694F26D3E} Name: Radio Management Service - AppID: {478B41E6-3257-4519-BDA8-E971F9843849} Name: ShellServiceHost - AppID: {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077} Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Name: Telephony App Launcher - AppID: {49EBD8BE-1A92-4A86-A651-70AC565E0FEB} Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d} Name: Virtual Factory for Languages Configuration - AppID: {4A3F2F56-454A-4CC5-9734-BB7D8141AC0A} Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17} Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C} Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC} Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94} Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345} Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B} Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630} Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25} Name: Security Health Agent Interactive User Host for WDSP only - AppID: {4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED} Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601} Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1} Name: wuapihost - AppID: {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5} Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B} Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B} Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C} Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660} Name: LockScreenContentServer Out of Proc Helper for LockScreenContent Clients - AppID: {536AACFB-5238-4314-B4D4-5B0A2E8B968E} Name: ShareFlow - AppID: {549e57e9-b362-49d1-b679-b64d510efe4b} Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF} Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B} Name: IntelAudioService - AppID: {56c68ad6-d778-4cda-84a8-71f5c3e2a429} Name: Elevated System Settings COM Host - AppID: {57360832-5F9B-4190-8467-000D2D510212} Name: PrintNotify - AppID: {588E10FA-0618-48A1-BE2F-0AD93E899FCC} Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2} Name: PfShellExtension - AppID: {59A55EF0-525F-4276-AB62-8F7E5F230399} Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61} Name: Docking.VirtualInput Create Object Server - AppID: {5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26} Name: WalletService - AppID: {5BC7A3A1-E905-414B-9790-E511346F5CA6} Name: Microsoft Maps Background Transfer Service - AppID: {5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309} Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1} Name: Splash screen - AppID: {5EAD00DC-0E8B-497C-BDE8-B9153058CBEF} Name: User OOBE Create User Object Server - AppID: {5f7f3f7b-1177-4d4b-b1db-bc6f671b8f25} Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1} Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D} Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327} Name: PenIMC2 - AppID: {63CE6D27-426A-41F9-8E51-549C1132DAE2} Name: CoreShellHost - AppID: {64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2} Name: BabylonHelper - AppID: {6536801B-F50C-449B-9476-093DFD3789E3} Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E} Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E} Name: tiledatamodelsvc - AppID: {65E2E13A-7110-4912-9F03-9A42E253D8F6} Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30} Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8} Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F} Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b} Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56} Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56} Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B} Name: TieringEngineService - AppID: {6DF5BCF4-22E9-446D-8763-A2C7677ECF7D} Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce} Name: SEMgrSvc - AppID: {6F4B8D94-91FE-4665-B1E7-A34AE3F299F6} Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca} Name: EditionUpgradeHelper - AppID: {6F65B602-F798-4094-8A41-A2A61961E5E8} Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5} Name: Windows Insider Service - AppID: {7006698d-2974-4091-a424-85dd0b909e23} Name: workfolderssvc - AppID: {712cedb9-16a4-4f79-801d-7de24d8c706e} Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC} Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD} Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED} Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950} Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070} Name: WebPlatStorageBrokerServer - AppID: {7966b4d8-4fdc-4126-a10b-39a3209ad251} Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100} Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d} Name: SNAGIT - AppID: {7AEB324B-D844-4633-AEF7-4D9417DFF5E0} Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7} Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829} Name: Shell Create Object Local Server - AppID: {7B6EA1D5-03C2-4AE4-B21C-8D0515CC91B7} Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32} Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6} Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB} Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715} Name: Security Health Agent Interactive User Host - AppID: {7E55A26D-EF95-4A45-9F55-21E52ADF9887} Name: Battery Notification Manager - AppID: {7EAD5C10-8B3F-11E6-AE22-56B6B6499611} Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {7FC12E96-4CB7-4ABD-ADAA-EF7845B10629} Name: AdAwareShellExtension - AppID: {815E3070-A914-4A36-BC40-2F35AAD1C91E} Name: CFmIfsEngine host - AppID: {82D94FB3-7FE6-4797-BB72-9A886C66073B} Name: IntelCpHDCPSvc - AppID: {84081F6F-8B2D-4FFE-AF7F-E72D488FABEB} Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F} Name: DataShredderShellExt - AppID: {86893589-0CF8-4E19-9D2B-0CB6D5D13071} Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850} Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE} Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} Name: AppReadiness Service - AppID: {88283d7c-46f4-47d5-8fc2-db0b5cf0cb54} Name: ordecom - AppID: {88E60EF9-F7D5-48ca-81DC-6A43FADD6530} Name: Activation Manager Shim - AppID: {8A9AE632-CB07-4A11-8872-358A2A271A24} Name: Desktop Wallpaper Factory - AppID: {8B30085D-A3E3-44e3-AE7F-B03A1340EBED} Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854} Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB} Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee} Name: TiWorker - AppID: {8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D} Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C} Name: WalletService - AppID: {8E44A57C-5638-44D3-9B83-34DF70EB57F2} Name: RdpSa - AppID: {8e7fae4d-cff0-41d3-a326-5a80470264bb} Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444} Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db} Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients - AppID: {924DC564-16A6-42EB-929A-9A61FA7DA06F} Name: RtkPgExt - AppID: {92842063-1ECC-4a1a-9343-9A8E1C972E60} Name: HtmlLocalFileResolver - AppID: {93AAD2A0-036A-4B11-A078-DA8776B38139} Name: BitLockerAnywhereShell - AppID: {93F734C3-473B-4093-BFF8-3D3092C3F42D} Name: UiaManager - AppID: {94a38670-983b-459c-87c8-bb6ad617fd74} Name: PenIMC4v2 - AppID: {953E4863-7AD1-4DAE-B2BD-108F1D57967B} Name: WebPlatformStorageServer - AppID: {973d20d7-562d-44b9-b70b-5a0f49ccdf3f} Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60} Name: Telephony Incoming Call Toast - AppID: {990F07C7-78DC-4BD2-B145-5F791410BDDE} Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7} Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Name: RuntimeBroker - AppID: {9CA88EE3-ACB7-47c8-AFC4-AB702511C276} Name: CommonToolkit2 - AppID: {9D5DF630-D2C3-40A5-830E-4BA4322A0107} Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8} Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030} Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D} Name: RtkCfg - AppID: {A11009A7-DC01-48F8-B6AA-C4613FC5CB15} Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Name: TrayNotify - AppID: {a2b77517-6d12-4c60-b0c6-725e971ec8fe} Name: rundll32.exe - AppID: {a2d9ca22-a492-400c-b875-78ac25c0a6f3} Name: Xhr2OOP - AppID: {a3a81ee7-be13-4dd8-89f7-26aba705d81d} Name: Virtual Factory for Windows Defender Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357} Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6} Name: DsmAdminApi - AppID: {A5065670-136D-4FD6-A45F-00C85B90359C} Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24} Name: Core Shell Service Provider - AppID: {A67168DB-418E-4087-B63E-852E822BB1ED} Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121} Name: Virtual Factory for MaintenanceUI - AppID: {A6BFEA43-501F-456F-A845-983D3AD7B8F0} Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F} Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50} Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D} Name: Delivery Optimization Mgmt - AppID: {AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800} Name: Core Shell COM Server Registrar - AppID: {AA8F1F23-D819-4E95-9B36-7FD68D5218F9} Name: F12AppFrameClient Class - AppID: {AABAA6AA-5398-4C08-AE60-6321A7F05E9C} Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22} Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94} Name: PaymentsSvc - AppID: {AC05815A-A8D5-434B-B9A8-2FFD162F2B7D} Name: RetailDemo Service - AppID: {ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325} Name: esrv - AppID: {AD25754E-D76C-42B3-A335-2F81478B722F} Name: WPN Srumon Server - AppID: {ada41b3c-c6fd-4a08-8cc1-d6efde67be7d} Name: TrayToastActivator - AppID: {AFC732E2-BA57-4B3E-A70A-71371F99B871} Name: WorkspaceBroker Class - AppID: {B06FF84E-0A77-4DD2-A919-0EABD8979DC1} Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA} Name: BabylonIEPI - AppID: {B16632F1-24E0-4D99-A68D-70BFB6447C48} Name: DockInterface COM server - AppID: {b21858c6-9711-4257-99c8-5c0084bebce1} Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492} Name: AppActivationFailedHandler - AppID: {B3AADFEA-8404-4CBE-A62E-B0B715412C9E} Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C} Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599} Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2} Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D} Name: ApplicationActivationImpl - AppID: {B9305506-D05B-4C36-81C5-0E50886C1755} Name: Application Frame Host - AppID: {B9B05098-3E30-483F-87F7-027CA78DA287} Name: ShellExtBridge119 - AppID: {ba3bdfe6-1ca3-43e9-907f-7b00567be2c9} Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4} Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70} Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B} Name: Setting Sync Task Factory - AppID: {bcbb3f8c-2889-474f-8fb7-904d4a416145} Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B} Name: EditionUpgradeManagerObj - AppID: {BD54C901-076B-434E-B6C7-17C531F4AB41} Name: escort - AppID: {BDB69379-802F-4eaf-B541-F8DE92DD98DB} Name: VM IC Heartbeat Service - AppID: {be0fc7f0-f248-4091-a123-34ca29a6901b} Name: Shell AutoPlay Direct - AppID: {BF8841C9-378A-4CAD-B4FC-5091366CBC0D} Name: ShellBrowserWindow - AppID: {c08afd90-f2a1-11d1-8455-00a0c91f3880} Name: LockAppHost Out of Proc Helper for Lock Apps - AppID: {C08B030B-E91C-479D-BEFD-02DDA7FF1BCF} Name: Spectrum - AppID: {C0E1CE99-C981-44A2-AC4C-41036FAC6593} Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6} Name: DataExchangeHost - AppID: {C2E9756F-8155-4EAC-9ED5-0B690169D412} Name: RetailCoreSystemAgent Service - AppID: {C2EA2356-994C-45AF-BDAE-10796F73BC47} Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF} Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1} Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E} Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444} Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D} Name: Xbox Live Game Saves - AppID: {C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3} Name: EntAppSvc - AppID: {C63261E4-6052-41FF-B919-496FECF4C4E5} Name: EmailClient Class - AppID: {C6E0A4C8-A933-411E-8068-406C2391665F} Name: FamilySafetyRefreshTask - AppID: {C844C79D-AED8-4DCE-AB25-4D359BED84F8} Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9} Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81} Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D} Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C} Name: editionupgradebroker - AppID: {C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125} Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F} Name: User OOBE Create Elevated Object Server - AppID: {ca8c87c1-929d-45ba-94db-ef8e6cb346ad} Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B} Name: PrintIsolationSessionHost - AppID: {CB363445-F453-4C1E-8EE4-BD123C5E394F} Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF} Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF} Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933} Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03} Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395} Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7} Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5} Name: Color Management - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937} Name: Windows.Internal.Security.SmartScreen.NetworkFiltering.NetworkFilter - AppID: {d339785e-44b3-4ce6-b01f-83a55a1b7da0} Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652} Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30} Name: UACObject - AppID: {D8239E84-D6EC-41dc-B7EA-98CDBF472200} Name: CloudStorageWizard - AppID: {D8775A07-C529-4EA7-B307-BA7C8CBBDA03} Name: Microsoft Software Protection Platform Admin Object (outer) - AppID: {D8D4249F-A8FB-44A7-8AA0-564E8C385BD6} Name: Microsoft Volumetric Audio Compositor - AppID: {DD7B2C49-A779-4055-BBD5-7C96F502F97F} Name: BrowserBrokerServer - AppID: {DD9C53BC-8441-4B94-BD0E-36E6E02A6D61} Name: Srumon Server - AppID: {ddcfd26b-feed-44cd-b71d-79487d2e5e5a} Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44} Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5} Name: LockScreen Call Broker - AppID: {DE7D3D65-5454-4EF5-9518-776739DAB39F} Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} Name: CavShell - AppID: {E11C8519-5595-4397-B515-AB036DEC467A} Name: Immersive Print Dialog Surrogate - AppID: {E15FBAC2-C276-4523-92CA-561456EBCF3E} Name: RtkAPODll - AppID: {E1D2965E-D32B-4e1c-B9F1-159ACB984258} Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212} Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB} Name: Execute Unknown - AppID: {e44e9428-bdbc-4987-a099-40dc8fd255e7} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients (Failed Mouse In Pointer) - AppID: {E45A56CE-399C-45F0-9E6F-BFAACD3C711F} Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A} Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9} Name: Orchestrator Service - AppID: {E7299E79-75E5-47BB-A03D-6D319FB7F886} Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5} Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90} Name: Remove Device elevation surrogate - AppID: {E95186C7-7D80-4311-843D-0702CBC8B1E4} Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45E1-8E7D-64414AFF281A} Name: Exchange Active Sync Policy Manager Broker - AppID: {E9DD849F-B3CF-4614-94BB-CB2696BD34FB} Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8} Name: Convert VHD - AppID: {eae61b75-98d8-4af9-94e6-84b1c6f77c8a} Name: Remote Desktop Services Message Server - AppID: {EB521D7D-4095-4E61-88FB-BF25700F142A} Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A} Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A} Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58} Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147} Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7} Name: CloudExperienceHost Broker AppID - AppID: {efe2d6d8-a81b-41e7-ae77-e5244ab80522} Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC} Name: AvailableNetworksExperienceFlow - AppID: {F2506CD7-82C2-43D9-A1D3-F85F5EFE7D09} Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7} Name: FodHelper - AppID: {F2F94BB3-595C-4509-B7EE-243FA2BDEA5B} Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801} Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A} Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248} Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717} Name: Pen Workspace Discover Broker - AppID: {F5A6ACF4-FFE0-4934-AE1D-5F960EA0AAD9} Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8} Name: CloudExperienceHost Create System Object Server - AppID: {f7fa3149-91e7-43b7-8040-b707688ced1a} Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E} Name: WLIDFDP - AppID: {F828BB1A-2FAE-4AC4-AE6F-CAC9B529F996} Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7} Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333} Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E} Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb} Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160} Name: Hotspot Auth Module - AppID: {FC5EEAF6-0002-11DF-ADB9-F4CE462D9137} Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9} Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00} Name: Proximity UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10C} Name: MP UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10D} Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} Name: EntAppSvc - AppID: {FFE1E5FE-F1F0-48C8-953E-72BA272F2744} Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-3-3215430884-1339816292-89257616-1145831019" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-84-0-0-0-0-0" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{26088EFC-500F-4fff-AD37-323880CD1656}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{26088EFC-500F-4fff-AD37-323880CD1656}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{26088EFC-500F-4fff-AD37-323880CD1656}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-15-3-1024-1314380931-3989923313-3249193833-1963115619-3940350845-1282913705-2904921893-3519892189" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1212" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-1" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-2" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-3" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-3-1024-3153509613-960666767-3724611135-2725662640-12138253-543910227-1950414635-4190290187" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-80-611605672-2879557022-2206624263-4029342278-3129212340" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-15-3-1024-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-3-1024-3625662137-2682091254-856171984-2868379045-3001028726-1009205972-4175949866-684286152" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1031" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-80-3028837079-3186095147-955107200-3701964851-1150726376" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{730BFCEC-E4BF-4D3A-9FBB-01DD132467A4}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-503" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-80-4155767994-3874329934-3800885181-2130851812-726865888" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-15-3-1024-1701033769-137094913-3738083205-577272984-1204217555-1180762924-3352773070-2589626690" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1210" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-3859068477-1314311106-1651661491-1685393560" Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-2385269614-3243675-834220592-3047885450" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-2165721414-884371012-2773947476-2437641138-4209659587-972658821-4033014341-190168586" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-2152139330-3124897132-671935159-3762809077-3273429135-2233686478-1435376800-2420532691" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-3167453650-624722384-889205278-321484983-714554697-3592933102-807660695-1632717421" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-15-3-1024-2165721414-884371012-2773947476-2437641138-4209659587-972658821-4033014341-190168586" Win32_DCOMApplication.AppID="{AA8F1F23-D819-4E95-9B36-7FD68D5218F9}" - Win32_SID.SID="S-1-15-3-1024-2152139330-3124897132-671935159-3762809077-3273429135-2233686478-1435376800-2420532691" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-3-1024-2922296261-1647482768-2017091146-3858667068-4135663662-2931985894-1627820925-818366431" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708" Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-3246321066-2451215914-3422911474-2201726393-166328789" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D8239E84-D6EC-41dc-B7EA-98CDBF472200}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{D8239E84-D6EC-41dc-B7EA-98CDBF472200}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD7B2C49-A779-4055-BBD5-7C96F502F97F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD7B2C49-A779-4055-BBD5-7C96F502F97F}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{DD7B2C49-A779-4055-BBD5-7C96F502F97F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-15-3-1024-2819154332-3691255550-2499738133-2646149002-4290075130-3069449926-721213713-3168903538" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-5-7" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-3433512109-503559027-1389316256-1766580070-2256751264" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-1260278928-804197538-2066346633-4268302704-2216462912" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-345135819-4012009209-3062012967-1747265747-3674605950" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-951620777-1059631183-2804607755-3010024351-809615488" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-1" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-2" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-3" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-32-544" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch DeviceInstall SystemEventsBroker "rdxgroup"=RetailDemo "Camera"=FrameS "diagnostics"=DiagSvc "PrintWorkflow"=PrintWorkflowUserSvc "DevicesFlow"=DevicesFlowUserSvc "GraphicsPerfSvcGroup"=GraphicsPerfSvc "smbsvcs"=lanmanserver browser "osrss"=osrss [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=PlugPlay DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\abylon] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\AC3Filter] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Aimersoft] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Amazing-Share] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\AmazingReg] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Apowersoft] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\AppDataLow] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\ASCOMP] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Ashampoo] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Avanquest] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Avast Software] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Babylon] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\BabylonToolbar] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Browser Cleanup] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\BST] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\BVRP Software] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\CeWe Color] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Chromium] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Clients] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Code Sector] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Code Systems] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Comodo] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\ComodoGroup] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Conduit] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\CyberLink] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Daum] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Dragon] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\DRP] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\DVDVideoSoft] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Engelmann Media] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Engelmann Software] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\eSellerate] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Freecom] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Gabest] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\giveawayoftheday.com] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\GNU] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Google] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Haali] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Informer Technologies, Inc.] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\InstallShield] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Intel] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\KsL Software] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\LAV] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Licenses] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Macromedia] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\MainConcept] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Moo0] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Mozilla] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\MozillaPlugins] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\MPC-HC] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\NewBlue] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\NewSoftware's] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Obsidium] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\OneSafe PC Cleaner] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Opera Software] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Paragon] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Paragon Software] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Partition Assistant] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\PC Cleaner] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\PC Optimizer Pro] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\PCVARK] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Policies] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\ProtectStar Inc.] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\QtProject] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Realtek] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\RegisteredApplications] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Remo Software] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\SafelyRemove] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\SharewareOnSale] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\ShellExtBridge110] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Softvoile] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Spoon] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Steganos] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\SubSystems] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Sunisoft] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\SyncEngines] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\sysinternals] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\TechSmith] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\TiushkovNikolay] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\WinRAR] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\WinRAR SFX] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\WinSweeper] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\WinSweeper2] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\WixSharp] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Wondershare] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Wow6432Node] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Zemana] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\ZHP] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\abylon] [HKLM\Software\Atheros] [HKLM\Software\AVAST Software] [HKLM\Software\AVC3] [HKLM\Software\Bitdefender] [HKLM\Software\BorisFX] [HKLM\Software\Clients] [HKLM\Software\Code Sector] [HKLM\Software\COMODO] [HKLM\Software\cybelsoft] [HKLM\Software\CyberLink] [HKLM\Software\DAUM] [HKLM\Software\Engelmann Software] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\Hasleo] [HKLM\Software\Ignis] [HKLM\Software\Intel] [HKLM\Software\IPS] [HKLM\Software\KeyCryptSDK] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\Microsoft] [HKLM\Software\MozillaPlugins] [HKLM\Software\NewBlue] [HKLM\Software\Notepad++] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Paragon Software] [HKLM\Software\Partner] [HKLM\Software\PC Optimizer Pro] [HKLM\Software\Policies] [HKLM\Software\proDAD] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Remo Software] [HKLM\Software\Samsung] [HKLM\Software\SCU] [HKLM\Software\SRS Labs] [HKLM\Software\sysinternals] [HKLM\Software\TechSmith] [HKLM\Software\UVK - Ultra virus killer] [HKLM\Software\VideoLAN] [HKLM\Software\WinRAR] [HKLM\Software\WOW6432Node] [HKLM\Software\Zemana] [HKLM\Software\ZmnGlobalSDK] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\Software\WOW6432Node\Aimersoft] [HKLM\Software\WOW6432Node\Amazing-Share] [HKLM\Software\WOW6432Node\ASProtect] [HKLM\Software\WOW6432Node\Atelier Photo Fnac] [HKLM\Software\WOW6432Node\ATHEROS] [HKLM\Software\WOW6432Node\Avanquest] [HKLM\Software\WOW6432Node\AVAST Software] [HKLM\Software\WOW6432Node\Babylon] [HKLM\Software\WOW6432Node\BabylonToolbar] [HKLM\Software\WOW6432Node\BSD] [HKLM\Software\WOW6432Node\BVRP Software] [HKLM\Software\WOW6432Node\Code Systems] [HKLM\Software\WOW6432Node\Common Toolkit Suite] [HKLM\Software\WOW6432Node\Comodo] [HKLM\Software\WOW6432Node\ComodoGroup] [HKLM\Software\WOW6432Node\Conduit] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\DigitalWave] [HKLM\Software\WOW6432Node\Dragon] [HKLM\Software\WOW6432Node\DVDVideoSoft] [HKLM\Software\WOW6432Node\EaseUS] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\HaaliMkx] [HKLM\Software\WOW6432Node\HPS] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\IObit] [HKLM\Software\WOW6432Node\iolo technologies, LLC] [HKLM\Software\WOW6432Node\KeepVid] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Logiciel de création CEWE] [HKLM\Software\WOW6432Node\Logiciel de création CEWE Cora] [HKLM\Software\WOW6432Node\MacroKeys] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Morgan] [HKLM\Software\WOW6432Node\NewBlue] [HKLM\Software\WOW6432Node\NewSoftware's] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenVPN] [HKLM\Software\WOW6432Node\Paragon Software] [HKLM\Software\WOW6432Node\PCVARK] [HKLM\Software\WOW6432Node\ProtectStar] [HKLM\Software\WOW6432Node\Qualcomm] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Remo Software] [HKLM\Software\WOW6432Node\SafelyRemove] [HKLM\Software\WOW6432Node\Samsung] [HKLM\Software\WOW6432Node\Steganos] [HKLM\Software\WOW6432Node\Sunisoft] [HKLM\Software\WOW6432Node\TechSmith] [HKLM\Software\WOW6432Node\Uniblue] [HKLM\Software\WOW6432Node\UsbFix] [HKLM\Software\WOW6432Node\VobSub] [HKLM\Software\WOW6432Node\Webteh] [HKLM\Software\WOW6432Node\WiseCleaner] [HKLM\Software\WOW6432Node\Wondershare] [HKLM\Software\WOW6432Node\Zemana] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows\Winkeys] [HKLM\Software\WOW6432Node\Microsoft\Windows\WinkeysVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] ---------- | FeatureControl [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "PCTrans.exe"="11000" "OkayFreedomClient.exe"="11001" "Notifier.exe"="11001" "softinfo.exe"="11000" "PotPlayerMini64.exe"="11000" "ApowerManager.exe"="11001" "ApowerManagerCoreServices.exe"="11001" "UVKInstaller.exe"="11001" "AppManager.exe"="8000" "inPixioPhotoClip9.exe"="10000" "OneDrive.exe"="11000" [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_CLIPCHILDREN_OPTIMIZATION] "PotPlayerMini64.exe"="1" [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "softinfo.exe"="0" [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL] "SnagitEditor.exe"="1" "Snagit32.exe"="1" "SnagPriv.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "UNPUXHost.exe"="11000" "advlauncher.exe"="11000" "CamtasiaStudio.exe"="11000" "softinfo.exe"="11000" "PDR.exe"="11000" "ApowerManager.exe"="11001" "ApowerManagerCoreServices.exe"="11001" "SnagitEditor.exe"="11000" "Snagit32.exe"="11000" "SnagPriv.exe"="11000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "softinfo.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL] "SnagitEditor.exe"="1" "Snagit32.exe"="1" "SnagPriv.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "ApowerManager.exe"="11001" "ApowerManagerCoreServices.exe"="11001" "Linux File Systems for Windows by Paragon Software.exe"="11001" "Updater.exe"="11001" "SnagitEditor.exe"="11000" "Snagit32.exe"="11000" "SnagPriv.exe"="11000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_AJAX_CONNECTIONEVENTS] "Linux File Systems for Windows by Paragon Software.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING ] "Linux File Systems for Windows by Paragon Software.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION] "Linux File Systems for Windows by Paragon Software.exe"="1" ---------- | The Created last ones ¦ Modified [MD5.00000000000000000000000000000000] - [28/03/2019 12:41:06] - |D| - [520749] - C:\Program Files (x86)\AC3Filter [MD5.00000000000000000000000000000000] - [17/03/2019 19:07:22] - |D| - [26557571] - C:\Program Files (x86)\Amazing-Share [MD5.00000000000000000000000000000000] - [28/03/2019 16:55:48] - |D| - [106106207] - C:\Program Files (x86)\AOMEI Partition Assistant [MD5.00000000000000000000000000000000] - [23/03/2019 09:18:54] - |D| - [283343340] - C:\Program Files (x86)\Apowersoft [MD5.00000000000000000000000000000000] - [23/03/2019 12:14:21] - |D| - [17699792] - C:\Program Files (x86)\ASCOMP Software [MD5.00000000000000000000000000000000] - [26/03/2019 17:09:10] - |D| - [14544424] - C:\Program Files (x86)\Babylon [MD5.00000000000000000000000000000000] - [28/03/2019 12:47:49] - |D| - [933387] - C:\Program Files (x86)\BabylonToolbar [MD5.00000000000000000000000000000000] - [15/03/2019 19:23:22] - |D| - [6908843] - C:\Program Files (x86)\bonus info anti-corvée - vexe, noémie & a le brulog [MD5.59D29C67EA17782D843EE39824C5F98B] - [15/03/2019 19:23:15] - |A| - [513587656] - C:\Program Files (x86)\camtasia.exe [MD5.00000000000000000000000000000000] - [17/03/2019 20:02:32] - |D| - [17124228] - C:\Program Files (x86)\Clipdiary [MD5.00000000000000000000000000000000] - [15/03/2019 19:21:43] - |D| - [41426] - C:\Program Files (x86)\Command Line Xoring File [MD5.00000000000000000000000000000000] - [20/03/2019 12:59:25] - |D| - [304237270] - C:\Program Files (x86)\Comodo [MD5.00000000000000000000000000000000] - [20/03/2019 12:30:47] - |D| - [150657600] - C:\Program Files (x86)\CyberLink [MD5.00000000000000000000000000000000] - [28/03/2019 12:40:43] - |D| - [59450402] - C:\Program Files (x86)\Digital Video Duplicator [MD5.00000000000000000000000000000000] - [15/03/2019 11:53:34] - |D| - [159903266] - C:\Program Files (x86)\DVDVideoSoft [MD5.00000000000000000000000000000000] - [14/03/2019 22:43:56] - |D| - [85838049] - C:\Program Files (x86)\EaseUS [MD5.00000000000000000000000000000000] - [28/03/2019 14:11:39] - |D| - [3324560352] - C:\Program Files (x86)\EFM & UEFM Beggin On Rêves (st j conrad & u bouton 6) [MD5.00000000000000000000000000000000] - [26/03/2019 09:51:00] - |DC| - [1945192] - C:\Program Files (x86)\Explorer++ [MD5.00000000000000000000000000000000] - [15/03/2019 11:53:35] - |D| - [20641460] - C:\Program Files (x86)\FreeCodecPack [MD5.8603A7AC0771D73CF2D9762FE0C9E093] - [15/03/2019 19:23:21] - |A| - [35327488] - C:\Program Files (x86)\FreeYouTubeDownload_4.1.88.1229_s.exe [MD5.B947B090E483836599DD407143A584CA] - [15/03/2019 19:23:21] - |A| - [2690408] - C:\Program Files (x86)\Full-DISKfighter_Web.exe [MD5.00000000000000000000000000000000] - [28/03/2019 12:41:05] - |D| - [62525] - C:\Program Files (x86)\Gabest [MD5.00000000000000000000000000000000] - [15/03/2019 19:24:07] - |D| - [74240] - C:\Program Files (x86)\GOTD Unlimited [MD5.00000000000000000000000000000000] - [15/03/2019 19:24:07] - |D| - [147456] - C:\Program Files (x86)\GOTD UnWrapper [MD5.00000000000000000000000000000000] - [16/03/2019 09:14:20] - |D| - [29554608] - C:\Program Files (x86)\iCare Format Recovery [MD5.00000000000000000000000000000000] - [28/03/2019 12:42:22] - |D| - [1224685] - C:\Program Files (x86)\inPixio [MD5.00000000000000000000000000000000] - [15/03/2019 11:44:18] - |D| - [113377530] - C:\Program Files (x86)\IObit [MD5.00000000000000000000000000000000] - [22/03/2019 19:57:11] - |D| - [32652065] - C:\Program Files (x86)\KeepVid [MD5.00000000000000000000000000000000] - [15/03/2019 09:28:33] - |D| - [198080] - C:\Program Files (x86)\KeyCryptSDK [MD5.00000000000000000000000000000000] - [28/03/2019 12:48:38] - |D| - [363301258] - C:\Program Files (x86)\Le Robert [MD5.00000000000000000000000000000000] - [28/03/2019 12:40:53] - |D| - [1893680] - C:\Program Files (x86)\LiveUpdate [MD5.00000000000000000000000000000000] - [15/03/2019 19:24:07] - |D| - [7274288] - C:\Program Files (x86)\Macro Keys [MD5.7E51A5D27AA0DAA4F5411B021085DBF4] - [15/03/2019 19:23:21] - |A| - [1227640] - C:\Program Files (x86)\macro-keys-en.exe [MD5.00000000000000000000000000000000] - [15/03/2019 19:21:43] - |D| - [254536] - C:\Program Files (x86)\MD5Look [MD5.00000000000000000000000000000000] - [15/03/2019 10:48:17] - |D| - [83746808] - C:\Program Files (x86)\Moo0 [MD5.00000000000000000000000000000000] - [28/03/2019 12:41:06] - |D| - [96112] - C:\Program Files (x86)\Morgan [MD5.00000000000000000000000000000000] - [26/03/2019 18:04:36] - |D| - [2423] - C:\Program Files (x86)\Mozilla Firefox [MD5.00000000000000000000000000000000] - [23/03/2019 04:52:11] - |D| - [309765079] - C:\Program Files (x86)\NewBlue [MD5.00000000000000000000000000000000] - [15/03/2019 07:34:05] - |D| - [20204440] - C:\Program Files (x86)\NewSoftware's [MD5.00000000000000000000000000000000] - [20/03/2019 12:30:54] - |D| - [11759170] - C:\Program Files (x86)\NSIS Uninstall Information [MD5.00000000000000000000000000000000] - [15/03/2019 11:05:30] - |D| - [56974204] - C:\Program Files (x86)\OkayFreedom [MD5.00000000000000000000000000000000] - [15/03/2019 19:21:43] - |D| - [1310208] - C:\Program Files (x86)\OldTimer [MD5.06B06972BF49BF0F270509D4051B40F0] - [28/03/2019 14:11:38] - |A| - [9726385] - C:\Program Files (x86)\oldtimer otl_oth_tfc_md5look_xor_gotd-u_SEAF_remvbs_usbfileresc setup.exe [MD5.27F8C676FAA61C00B1058386AE7615CF] - [15/03/2019 19:23:22] - |A| - [2091952] - C:\Program Files (x86)\OUTDATEfighter_Web.exe [MD5.00000000000000000000000000000000] - [25/03/2019 23:04:27] - |D| - [28674557] - C:\Program Files (x86)\Paragon Software [MD5.C82844369C9F8816992D5BEDA2B2CF56] - [28/03/2019 14:11:38] - |A| - [5597568] - C:\Program Files (x86)\pdf-bates.exe [MD5.00000000000000000000000000000000] - [28/03/2019 12:39:03] - |D| - [10761465] - C:\Program Files (x86)\Phoenix360 [MD5.00000000000000000000000000000000] - [15/03/2019 19:24:07] - |D| - [3059624] - C:\Program Files (x86)\Pre_Scan [MD5.00000000000000000000000000000000] - [15/03/2019 10:50:57] - |D| - [4124726] - C:\Program Files (x86)\ProtectStar [MD5.00000000000000000000000000000000] - [15/03/2019 19:24:07] - |D| - [5175192] - C:\Program Files (x86)\QuickDiag [MD5.00000000000000000000000000000000] - [15/03/2019 19:21:43] - |D| - [114176] - C:\Program Files (x86)\Remediate VBS Worm [MD5.00000000000000000000000000000000] - [15/03/2019 19:45:30] - |D| - [42868042] - C:\Program Files (x86)\Remo File Eraser 2.0 [MD5.00000000000000000000000000000000] - [15/03/2019 19:45:16] - |D| - [32083237] - C:\Program Files (x86)\Remo Repair Word 2.0 [MD5.00000000000000000000000000000000] - [28/03/2019 14:13:12] - |D| - [498868] - C:\Program Files (x86)\SEAF [MD5.00000000000000000000000000000000] - [15/03/2019 08:58:37] - |D| - [29291674] - C:\Program Files (x86)\Silent Install Builder 5 [MD5.00000000000000000000000000000000] - [25/03/2019 23:43:51] - |D| - [3575016] - C:\Program Files (x86)\Stardock [MD5.00000000000000000000000000000000] - [15/03/2019 11:49:11] - |D| - [2051262] - C:\Program Files (x86)\Symlink helper [MD5.09170255B1FC24AF06CA4FE366C5E435] - [15/03/2019 19:23:22] - |A| - [593587] - C:\Program Files (x86)\SymlinkHelper_1.0.1_Setup.exe [MD5.00000000000000000000000000000000] - [15/03/2019 07:36:48] - |D| - [2911224] - C:\Program Files (x86)\SysTools AD Browser [MD5.00000000000000000000000000000000] - [18/03/2019 14:43:03] - |D| - [37024947] - C:\Program Files (x86)\SysTools E01 Viewer [MD5.00000000000000000000000000000000] - [18/03/2019 00:34:38] - |D| - [28324112] - C:\Program Files (x86)\SysTools Mail Converter [MD5.00000000000000000000000000000000] - [18/03/2019 19:18:11] - |D| - [2976703] - C:\Program Files (x86)\SysTools NTFS Log Analyzer [MD5.00000000000000000000000000000000] - [15/03/2019 09:12:33] - |D| - [14484999] - C:\Program Files (x86)\SysTools PDF Bates Numberer [MD5.00000000000000000000000000000000] - [17/03/2019 04:30:44] - |D| - [2471792] - C:\Program Files (x86)\SysTools Thunderbird Store Locator [MD5.00000000000000000000000000000000] - [20/03/2019 21:47:54] - |D| - [611447437] - C:\Program Files (x86)\Turbo.net [MD5.00000000000000000000000000000000] - [26/03/2019 09:51:38] - |DC| - [9400696] - C:\Program Files (x86)\Ultra Adware Killer [MD5.00000000000000000000000000000000] - [21/03/2019 07:30:57] - |D| - [807871] - C:\Program Files (x86)\UnBlocker [MD5.00000000000000000000000000000000] - [26/03/2019 17:57:58] - |D| - [273503] - C:\Program Files (x86)\Unlocker [MD5.00000000000000000000000000000000] - [15/03/2019 19:21:43] - |D| - [423936] - C:\Program Files (x86)\USB File Resc [MD5.00000000000000000000000000000000] - [26/03/2019 10:11:19] - |D| - [16666437] - C:\Program Files (x86)\USB Safely Remove [MD5.00000000000000000000000000000000] - [23/03/2019 22:52:09] - |D| - [13002139] - C:\Program Files (x86)\USBFix [MD5.BFF64F2E303176DD498D695DCC623437] - [28/03/2019 14:11:38] - |A| - [41846888] - C:\Program Files (x86)\vlc-3.0.6-win64.exe [MD5.50990147905B96B68AFA9F00EA950684] - [28/03/2019 14:11:39] - |A| - [2152896] - C:\Program Files (x86)\WDRSetup.exe [MD5.00000000000000000000000000000000] - [28/03/2019 12:41:05] - |D| - [73065] - C:\Program Files (x86)\WinASPI [MD5.00000000000000000000000000000000] - [28/03/2019 14:13:12] - |D| - [2298095] - C:\Program Files (x86)\WinSweeper [MD5.00000000000000000000000000000000] - [15/03/2019 09:43:47] - |D| - [29944878] - C:\Program Files (x86)\Wise [MD5.E33250443413A687DC3CEA7ABFF97B01] - [15/03/2019 19:23:22] - |A| - [2603424] - C:\Program Files (x86)\WMOSetup.exe [MD5.00000000000000000000000000000000] - [22/03/2019 13:08:47] - |D| - [29018267] - C:\Program Files (x86)\Wondershare [MD5.00000000000000000000000000000000] - [28/03/2019 12:41:07] - |D| - [152488] - C:\Program Files (x86)\XviD [MD5.00000000000000000000000000000000] - [15/03/2019 09:28:32] - |D| - [28173178] - C:\Program Files (x86)\Zemana AntiLogger [MD5.16D640FFBEFE88D81AC8A90A60C28088] - [28/03/2019 16:55:51] - |A| - [2165096] - C:\Windows\ampa.exe [MD5.2AABDB49AD062CC52957094D05B1163A] - [28/03/2019 16:55:59] - |A| - [1298584] - C:\Windows\ddmmain.exe [MD5.00000000000000000000000000000000] - [27/03/2019 21:07:23] - |D| - [127384680] - C:\Windows\ERUNT [MD5.5CDE14540712838961E3B63930CE8C5D] - [15/03/2019 05:50:30] - |A| - [3904304] - C:\Windows\explorer.exe [MD5.67422BB31C52F0E4697C2A413677E033] - [15/03/2019 05:49:42] - |A| - [976896] - C:\Windows\HelpPane.exe [MD5.00000000000000000000000000000000] - [15/03/2019 06:57:03] - |D| - [0] - C:\Windows\Minidump [MD5.95785E7BDA182428944420424A33BD96] - [21/03/2019 11:03:10] - |AC| - [241] - C:\Windows\SATReg.ini [MD5.00000000000000000000000000000000] - [14/03/2019 14:34:11] - |D| - [40153904] - C:\Windows\SoftwareDistribution [MD5.D24ED62FA18AFA3A08E23C99C049F476] - [15/03/2019 09:28:44] - |A| - [204261] - C:\Windows\ZAM.krnl.trace [MD5.4B616A9A37D44C038AAE0F41BA86E04A] - [15/03/2019 09:28:44] - |A| - [153337] - C:\Windows\ZAM_Guard.krnl.trace [MD5.00000000000000000000000000000000] - [15/03/2019 08:26:15] - |SHD| - [59469168] - C:\Windows\Installer\$PatchCache$ [MD5.86B94B0DE43A5469FC92A4EC81356AF0] - [05/03/2019 08:53:29] - |A| - [131571712] - C:\Windows\Installer\160e5d3.msi [MD5.138A40D6A80D65418D8D6D0728AD79BD] - [25/03/2019 20:04:37] - |AC| - [8550324] - C:\Windows\Installer\1ca6149d.msi [MD5.C021EB3774FA9A24AEE60BEF9EC76D21] - [25/03/2019 18:55:45] - |AC| - [42409984] - C:\Windows\Installer\1ca614a0.msi [MD5.D2338454E1A01F1E297162289A96196E] - [20/03/2019 21:47:28] - |A| - [227283456] - C:\Windows\Installer\3441b67.msi [MD5.E1F75DF4441ED1B2218F7AD30336AAA5] - [16/03/2019 10:26:00] - |AC| - [1404928] - C:\Windows\Installer\370ea.msi [MD5.1684B71AA4E948A1FE5408FDE1280EA7] - [14/03/2019 22:52:28] - |AC| - [25080832] - C:\Windows\Installer\3bb17.msi [MD5.C7D9A48929B8022A23DE54CF26FEFB38] - [14/03/2019 22:53:27] - |AC| - [2624512] - C:\Windows\Installer\3bb1b.msi [MD5.A88C562DA61E8013C6852D5E48F9D1DF] - [14/03/2019 22:54:42] - |AC| - [4050432] - C:\Windows\Installer\3bb1f.msi [MD5.C37FCF1510F5807154A9AF3CB3CA0EF9] - [14/03/2019 22:54:51] - |AC| - [2513408] - C:\Windows\Installer\3bb23.msi [MD5.D9728902785BF247617DA72F189A877E] - [14/03/2019 22:54:53] - |AC| - [878080] - C:\Windows\Installer\3bb27.msi [MD5.6F5ACC65928144F468188B8DFD1BF605] - [14/03/2019 22:55:00] - |AC| - [4620800] - C:\Windows\Installer\3bb2b.msi [MD5.0D366D441943041459EF8B3422EFECEC] - [14/03/2019 22:57:50] - |A| - [106874880] - C:\Windows\Installer\3bb2f.msi [MD5.9E4C8C1AEFF32EC2CD79CA3712E15573] - [15/03/2019 08:57:58] - |AC| - [12488704] - C:\Windows\Installer\6819f8.msi [MD5.8BCA2D562DFFC6FFC8781302D2952703] - [11/03/2019 18:27:10] - |AC| - [315392] - C:\Windows\Installer\7aadb.msi [MD5.D73299888031EA05CFD64BFD381A11AF] - [22/03/2019 18:19:52] - |AC| - [7467840] - C:\Windows\Installer\ccf7d79.msi [MD5.562EC5D5D12C8564A5ED6AC373BFA663] - [05/03/2019 12:04:14] - |AC| - [4788224] - C:\Windows\Installer\cefa65.msi [MD5.00000000000000000000000000000000] - [28/03/2019 17:51:17] - |D| - [0] - C:\Windows\Installer\MSI699A.tmp- [MD5.00000000000000000000000000000000] - [28/03/2019 17:51:17] - |D| - [0] - C:\Windows\Installer\MSI6AD4.tmp- [MD5.719D719E16F0E170B9FF73E20F1613BB] - [23/03/2019 05:02:38] - |A| - [20480] - C:\Windows\Installer\SourceHash{029DA848-1A80-34D3-BFC1-A6447BFC8E7F} [MD5.D77517D6F80CB8DAFCBF98A2419068B3] - [28/03/2019 17:51:17] - |A| - [20480] - C:\Windows\Installer\SourceHash{19815424-A209-4B2C-9A86-DF2A4E4B5669} [MD5.B45A52F6EFD23CBD577F1E6E3DDDDED4] - [14/03/2019 22:53:37] - |A| - [20480] - C:\Windows\Installer\SourceHash{232046DA-BB57-4114-9A0D-1119F00C4398} [MD5.4D48848D5CFECBE15EED7BA2E91965F4] - [15/03/2019 08:58:36] - |A| - [20480] - C:\Windows\Installer\SourceHash{2452C59D-5140-4A9A-A97F-B925390619E1} [MD5.405CE11B673F38C27347ECF550B7807F] - [14/03/2019 22:54:51] - |A| - [20480] - C:\Windows\Installer\SourceHash{26F31E12-3722-45FD-903B-49012286BB4C} [MD5.6B5B10FE9738AE72601C817FD9AF4268] - [23/03/2019 04:52:59] - |A| - [20480] - C:\Windows\Installer\SourceHash{2DFD8316-9EF1-3210-908C-4CB61961C1AC} [MD5.55226765C58023CE591E6F98FA10B947] - [15/03/2019 05:45:18] - |A| - [20480] - C:\Windows\Installer\SourceHash{344F3227-F502-4219-9DC4-1967E586FAFA} [MD5.AD414753641974A3D2E564A5166E5AC1] - [23/03/2019 04:42:39] - |A| - [20480] - C:\Windows\Installer\SourceHash{37B8F9C7-03FB-3253-8781-2517C99D7C00} [MD5.2BCAE7EF292CD184444CCEFEF3D38EA8] - [15/03/2019 08:26:33] - |A| - [20480] - C:\Windows\Installer\SourceHash{38FBDB20-F62D-4CD6-A04E-87FD30F3E43A} [MD5.9BB0A5F83285B1D9B26ABAB472DABB91] - [14/03/2019 22:57:52] - |A| - [20480] - C:\Windows\Installer\SourceHash{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8} [MD5.8EFEB2CED06A977019CDBB0EC6B88454] - [23/03/2019 04:52:24] - |A| - [20480] - C:\Windows\Installer\SourceHash{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E} [MD5.18C15175A9691AD947A2479F931923A6] - [23/03/2019 05:02:48] - |A| - [20480] - C:\Windows\Installer\SourceHash{568CD07E-0824-3EEB-AEC1-8FD51F3C85CF} [MD5.D239ED9D402905BF7ED15D1F072B1886] - [14/03/2019 22:52:59] - |A| - [20480] - C:\Windows\Installer\SourceHash{5C7A5F94-02E9-4C5D-A594-B1F10865965A} [MD5.C36DC2B717371EB8A4AE35F21F818932] - [20/03/2019 13:00:54] - |A| - [20480] - C:\Windows\Installer\SourceHash{5CD8F386-6796-4500-9FD8-CF92C9276B62} [MD5.D307EF5D88F537ED30BBE61A0B1B0E43] - [20/03/2019 21:47:52] - |A| - [20480] - C:\Windows\Installer\SourceHash{61edd47c-c795-4f57-92f1-a20140231795} [MD5.50875B359363A245A52CDB424AAA8B2D] - [15/03/2019 08:26:19] - |A| - [20480] - C:\Windows\Installer\SourceHash{6AF12D35-E079-44D3-957F-CA9FBF9801A5} [MD5.25FAE87541F510B78F68970A2F7BEE5E] - [14/03/2019 22:55:00] - |A| - [20480] - C:\Windows\Installer\SourceHash{700C79E1-C8E3-454E-B760-CAFFE9F2A6AA} [MD5.DAE8E3CFA39BE37884BDB28C869FAF18] - [15/03/2019 10:50:57] - |A| - [20480] - C:\Windows\Installer\SourceHash{79087BA9-C5B5-4081-A374-310AC02E2896} [MD5.F270BE0A6EFB787FDE258312195066B2] - [14/03/2019 22:54:54] - |A| - [20480] - C:\Windows\Installer\SourceHash{7DE129E5-BB4A-4517-A6CD-C69EEB346781} [MD5.985FEE8AB1E5B3A42A29DABD4FDFCF83] - [14/03/2019 22:54:42] - |A| - [20480] - C:\Windows\Installer\SourceHash{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C} [MD5.F26BC06184AB562D98A443BE9EB8D773] - [23/03/2019 05:01:18] - |A| - [20480] - C:\Windows\Installer\SourceHash{8220EEFE-38CD-377E-8595-13398D740ACE} [MD5.EEDF4A87E118A4AAD9EE1C74678E97B4] - [15/03/2019 11:01:45] - |A| - [20480] - C:\Windows\Installer\SourceHash{8D64B0CF-B925-4AC6-A7A7-9CDDC6733122} [MD5.4213C4866B02DF7F136A40AE9EF7770E] - [23/03/2019 04:59:19] - |A| - [20480] - C:\Windows\Installer\SourceHash{929FBD26-9020-399B-9A7A-751D61F0B942} [MD5.4B67AEA614F6EE9BC5BA186FB090509C] - [23/03/2019 05:00:51] - |A| - [20480] - C:\Windows\Installer\SourceHash{9A25302D-30C0-39D9-BD6F-21E6EC160475} [MD5.CDFB40963B3B506D44BBC04EAFDAE209] - [23/03/2019 04:59:12] - |A| - [20480] - C:\Windows\Installer\SourceHash{A749D8E6-B613-3BE3-8F5F-045C84EBA29B} [MD5.CDE119F2D66E9591A6ACC788D675C88A] - [23/03/2019 05:02:03] - |A| - [20480] - C:\Windows\Installer\SourceHash{B0037450-526D-3448-A370-CACBD87769A0} [MD5.744FF6B85DE0EECEF94C0C28F3CC3183] - [23/03/2019 05:02:09] - |A| - [20480] - C:\Windows\Installer\SourceHash{B13B3E11-1555-353F-A63A-8933EE104FBD} [MD5.6F66141ED3DD489931481964E000049F] - [23/03/2019 04:42:51] - |A| - [20480] - C:\Windows\Installer\SourceHash{B175520C-86A2-35A7-8619-86DC379688B9} [MD5.B6C1A24A909098F4DE22301AB71E503A] - [17/03/2019 05:02:45] - |A| - [20480] - C:\Windows\Installer\SourceHash{B709B962-53AA-446A-A733-95D1A6C5DE50} [MD5.C988BA7CA58448452D51DB06F78B6F12] - [28/03/2019 12:36:40] - |A| - [20480] - C:\Windows\Installer\SourceHash{B8C26C25-0652-4D1D-90EF-330EAD99FFDC} [MD5.3527A462EE4D0E32606C18D70A120AEA] - [23/03/2019 04:42:49] - |A| - [20480] - C:\Windows\Installer\SourceHash{BD95A8CD-1D9F-35AD-981A-3E7925026EBB} [MD5.8553B855560BF2BDA7E66B27D000F306] - [23/03/2019 04:59:52] - |A| - [20480] - C:\Windows\Installer\SourceHash{BFF61907-AA2D-3A26-8666-98D956A62ABC} [MD5.45AE448C8C2E0E6C6FFC10B683183038] - [23/03/2019 04:42:33] - |A| - [20480] - C:\Windows\Installer\SourceHash{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97} [MD5.E56CE062A86489FB987D72B4A6E75826] - [20/03/2019 12:59:57] - |A| - [20480] - C:\Windows\Installer\SourceHash{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628} [MD5.AB8A08B1E469EF073FFD09FE5ADA8FAD] - [25/03/2019 23:04:20] - |A| - [20480] - C:\Windows\Installer\SourceHash{F0CF025B-D6F3-4F7C-939B-23291F52875C} [MD5.2A1F8F6AD44136574C0C4B2D064ECB3A] - [20/03/2019 06:38:38] - |A| - [20480] - C:\Windows\Installer\SourceHash{FBA3961B-D1DF-493C-BC1F-E67D3B832895} [MD5.00000000000000000000000000000000] - [22/03/2019 18:17:36] - |D| - [1519616] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18} [MD5.00000000000000000000000000000000] - [28/03/2019 17:51:54] - |D| - [18851264] - C:\Windows\Installer\{19815424-A209-4B2C-9A86-DF2A4E4B5669} [MD5.00000000000000000000000000000000] - [14/03/2019 22:53:46] - |D| - [59352] - C:\Windows\Installer\{232046DA-BB57-4114-9A0D-1119F00C4398} [MD5.00000000000000000000000000000000] - [15/03/2019 08:58:40] - |D| - [11502] - C:\Windows\Installer\{2452C59D-5140-4A9A-A97F-B925390619E1} [MD5.00000000000000000000000000000000] - [14/03/2019 22:54:51] - |D| - [59352] - C:\Windows\Installer\{26F31E12-3722-45FD-903B-49012286BB4C} [MD5.00000000000000000000000000000000] - [14/03/2019 22:57:57] - |D| - [1075080] - C:\Windows\Installer\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8} [MD5.00000000000000000000000000000000] - [14/03/2019 22:53:09] - |D| - [59352] - C:\Windows\Installer\{5C7A5F94-02E9-4C5D-A594-B1F10865965A} [MD5.00000000000000000000000000000000] - [20/03/2019 13:01:25] - |D| - [764030] - C:\Windows\Installer\{5CD8F386-6796-4500-9FD8-CF92C9276B62} [MD5.00000000000000000000000000000000] - [14/03/2019 22:45:57] - |DC| - [358360] - C:\Windows\Installer\{5FFF7119-74E8-442E-970E-50BAD81D5371} [MD5.00000000000000000000000000000000] - [20/03/2019 21:48:12] - |D| - [110007] - C:\Windows\Installer\{61edd47c-c795-4f57-92f1-a20140231795} [MD5.00000000000000000000000000000000] - [14/03/2019 22:55:01] - |D| - [59352] - C:\Windows\Installer\{700C79E1-C8E3-454E-B760-CAFFE9F2A6AA} [MD5.00000000000000000000000000000000] - [25/03/2019 20:10:29] - |D| - [1916928] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36} [MD5.00000000000000000000000000000000] - [14/03/2019 22:54:54] - |D| - [59352] - C:\Windows\Installer\{7DE129E5-BB4A-4517-A6CD-C69EEB346781} [MD5.00000000000000000000000000000000] - [14/03/2019 22:54:43] - |D| - [59352] - C:\Windows\Installer\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C} [MD5.00000000000000000000000000000000] - [15/03/2019 11:01:47] - |D| - [139013] - C:\Windows\Installer\{8D64B0CF-B925-4AC6-A7A7-9CDDC6733122} [MD5.00000000000000000000000000000000] - [17/03/2019 05:03:08] - |D| - [706414] - C:\Windows\Installer\{B709B962-53AA-446A-A733-95D1A6C5DE50} [MD5.00000000000000000000000000000000] - [28/03/2019 12:36:40] - |D| - [167053] - C:\Windows\Installer\{B8C26C25-0652-4D1D-90EF-330EAD99FFDC} [MD5.00000000000000000000000000000000] - [20/03/2019 13:00:03] - |D| - [8659071] - C:\Windows\Installer\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628} [MD5.00000000000000000000000000000000] - [22/03/2019 18:20:37] - |D| - [1314816] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95} [MD5.00000000000000000000000000000000] - [25/03/2019 23:04:31] - |D| - [2246258] - C:\Windows\Installer\{F0CF025B-D6F3-4F7C-939B-23291F52875C} [MD5.2B7002E9C7EA6B436F3A0F7C305AACD8] - [15/03/2019 05:46:00] - |A| - [511] - C:\Windows\system32\@NotifierToastIcon.png [MD5.C44BD542D4D5B2E2680717F3981FFC44] - [15/03/2019 05:49:32] - |A| - [231936] - C:\Windows\system32\aadauthhelper.dll [MD5.CA1A302B7E85DF401E08B840D16ED4D0] - [15/03/2019 05:49:41] - |A| - [623616] - C:\Windows\system32\aadcloudap.dll [MD5.15F695BDE38A22C16F0A102C06A26A25] - [15/03/2019 05:49:25] - |A| - [59392] - C:\Windows\system32\aadjcsp.dll [MD5.793937CA83EC21BD4B5FB307E0BDB96D] - [15/03/2019 05:49:58] - |A| - [1238016] - C:\Windows\system32\aadtb.dll [MD5.B3DF3884831B1062762BBD3124437D70] - [15/03/2019 05:49:35] - |A| - [240640] - C:\Windows\system32\AboutSettingsHandlers.dll [MD5.8A51410FA1F05A051A005518AA5FC452] - [15/03/2019 05:49:14] - |A| - [312832] - C:\Windows\system32\AboveLockAppHost.dll [MD5.BB594A934DEEB52D61732140D293D9DB] - [15/03/2019 05:51:14] - |A| - [340992] - C:\Windows\system32\AcGenral.dll [MD5.9D51DB6E5FA80C21C39A4EDA0C17626D] - [15/03/2019 05:51:27] - |A| - [301056] - C:\Windows\system32\AcLayers.dll [MD5.B3095EC92D44D75E2C45C80E88EA7012] - [15/03/2019 05:49:42] - |A| - [5500928] - C:\Windows\system32\aclui.dll [MD5.45105175B2F61F28908FF954C6A30DBE] - [15/03/2019 05:50:24] - |A| - [322360] - C:\Windows\system32\acmigration.dll [MD5.F284010B43126B1AC9E59A7018233E10] - [15/03/2019 05:49:08] - |A| - [186368] - C:\Windows\system32\ACPBackgroundManagerPolicy.dll [MD5.BF43A32C27A158EDFDADFFA0CFC4D15F] - [15/03/2019 05:49:22] - |A| - [79360] - C:\Windows\system32\acppage.dll [MD5.8A7B35883F5CFB0FAB9452636B95E7BC] - [15/03/2019 05:51:21] - |A| - [64000] - C:\Windows\system32\AcSpecfc.dll [MD5.CE782DB38F3913CF0BCEFD495133D0B3] - [15/03/2019 05:50:04] - |A| - [513536] - C:\Windows\system32\ActivationManager.dll [MD5.5B3B363AD651CAD6AC86E4B5DA0889D6] - [15/03/2019 05:50:17] - |A| - [1777664] - C:\Windows\system32\ActiveSyncProvider.dll [MD5.E67230D139EFD721BE5068D4F0992B39] - [15/03/2019 05:49:23] - |A| - [588800] - C:\Windows\system32\actxprxy.dll [MD5.268271CA8AC073C608A4ABC31D13871A] - [15/03/2019 05:49:13] - |A| - [87040] - C:\Windows\system32\adhsvc.dll [MD5.692CB7449A9609FC774301026B8A4086] - [15/03/2019 05:49:40] - |A| - [649376] - C:\Windows\system32\advapi32.dll [MD5.A0CD18682253619A6ED487871B448E06] - [15/03/2019 05:50:24] - |A| - [735760] - C:\Windows\system32\aeinv.dll [MD5.2A700B8C11446316030858C665350BC7] - [15/03/2019 05:50:24] - |A| - [512016] - C:\Windows\system32\aepic.dll [MD5.0F56A9DCB3AF3545077718D79D275782] - [15/03/2019 05:50:32] - |A| - [2871096] - C:\Windows\system32\aitstatic.exe [MD5.D0C50C113FE59C21AD59932E6B9C202F] - [28/03/2019 16:55:51] - |A| - [38320] - C:\Windows\system32\ampa.sys [MD5.54EFF5C0838ABFCBBF1F47B5B9B5031F] - [15/03/2019 05:49:43] - |A| - [369664] - C:\Windows\system32\APHostService.dll [MD5.5DDFCD5E0C012256DAEE5A219051B345] - [15/03/2019 05:49:17] - |A| - [111544] - C:\Windows\system32\apisetschema.dll [MD5.D6C6880BD673533994FC9B35E9C1290F] - [15/03/2019 05:49:06] - |A| - [101376] - C:\Windows\system32\AppCapture.dll [MD5.CAEB6AF3A134352BBFD583CA6DF89F2C] - [15/03/2019 05:49:35] - |A| - [534528] - C:\Windows\system32\apphelp.dll [MD5.1C3B2AE4AFC859E5298D5C695961F6C4] - [15/03/2019 05:49:22] - |A| - [63656] - C:\Windows\system32\appidapi.dll [MD5.BBB70415033710D6D7D58DDF2B0A06FA] - [15/03/2019 05:49:10] - |A| - [120320] - C:\Windows\system32\appidsvc.dll [MD5.80EC3D699FE5590A5911C865F8220375] - [15/03/2019 05:49:06] - |A| - [24576] - C:\Windows\system32\appidtel.exe [MD5.BCC4309051EA72384E7D76545E8DE378] - [15/03/2019 05:49:09] - |A| - [144896] - C:\Windows\system32\appinfo.dll [MD5.E59099C0CB18D30B6C0D9C52D9C3E557] - [15/03/2019 05:49:41] - |A| - [336896] - C:\Windows\system32\AppLockerCSP.dll [MD5.827AEFD1C1038400D02A82EB12AF2919] - [15/03/2019 05:50:24] - |A| - [1643832] - C:\Windows\system32\appraiser.dll [MD5.A5A600CA929194BFF81326A209D761D8] - [15/03/2019 05:50:00] - |A| - [636416] - C:\Windows\system32\AppReadiness.dll [MD5.F7B77F522276B7EACAB56ED08EEB1138] - [15/03/2019 05:49:35] - |A| - [563536] - C:\Windows\system32\AppResolver.dll [MD5.26870D20F751876D5B9B5C24EFD93BBD] - [15/03/2019 05:49:05] - |A| - [230400] - C:\Windows\system32\ApproveChildRequest.exe [MD5.3032C2E8E1EBBE4DE041C135F5FF44A9] - [15/03/2019 05:49:43] - |A| - [859648] - C:\Windows\system32\appwiz.cpl [MD5.32F593A1FA054374DDB88F60F3FBF4B3] - [15/03/2019 05:49:49] - |A| - [250368] - C:\Windows\system32\AppxAllUserStore.dll [MD5.CF0220514A83C2B76D1B366A3C9950D0] - [15/03/2019 05:49:40] - |A| - [688688] - C:\Windows\system32\AppXDeploymentClient.dll [MD5.6C3E314580159D507B9E80F38BA0105A] - [15/03/2019 05:49:45] - |A| - [1496064] - C:\Windows\system32\AppXDeploymentExtensions.desktop.dll [MD5.77219F5BE1FAB4308FF5673AE0B7D694] - [15/03/2019 05:49:54] - |A| - [2213376] - C:\Windows\system32\AppXDeploymentExtensions.onecore.dll [MD5.8CE431B3FB28FB131E6A2DB0DA600068] - [15/03/2019 05:50:29] - |A| - [3183104] - C:\Windows\system32\AppXDeploymentServer.dll [MD5.E5399452569B52242F196637E0315AF4] - [15/03/2019 05:48:59] - |A| - [125952] - C:\Windows\system32\AppxSysprep.dll [MD5.10E0EBF0C78AD28D4F63FAB8581CB377] - [15/03/2019 05:30:27] - |A| - [362888] - C:\Windows\system32\aswBoot.exe [MD5.B4234B4CA3D64CFC592E6FB814B63890] - [15/03/2019 05:49:50] - |A| - [382264] - C:\Windows\system32\atmfd.dll [MD5.FE6B10E1A858139B9FB61CDDB17CA9F9] - [15/03/2019 05:48:57] - |A| - [47104] - C:\Windows\system32\atmlib.dll [MD5.A58A7510A9EE959B5A84902BF9D2F98A] - [15/03/2019 05:51:22] - |A| - [603824] - C:\Windows\system32\audiodg.exe [MD5.131A787629FE965B99198107F1B2D80F] - [15/03/2019 05:51:22] - |A| - [688128] - C:\Windows\system32\AudioEndpointBuilder.dll [MD5.CF4A40348DA349CC3E303CECFEFF1B7D] - [15/03/2019 05:51:23] - |A| - [1426064] - C:\Windows\system32\AudioEng.dll [MD5.2DB727E40B6224D253D02E5877E36B72] - [15/03/2019 05:49:41] - |A| - [413792] - C:\Windows\system32\AUDIOKSE.dll [MD5.E51D395A60D931554994390512D44B92] - [15/03/2019 05:51:15] - |A| - [1170120] - C:\Windows\system32\AudioSes.dll [MD5.9976D44983904C3614673640F3D4B1E8] - [15/03/2019 05:51:26] - |A| - [1488384] - C:\Windows\system32\audiosrv.dll [MD5.26DF06A387B99C6505AC8AE9063C68EA] - [15/03/2019 05:49:34] - |A| - [5105664] - C:\Windows\system32\AuthFWSnapin.dll [MD5.BA9FC5B6C212625033FA4BB076B8513D] - [15/03/2019 05:49:51] - |A| - [526336] - C:\Windows\system32\authui.dll [MD5.CA193EE81EF42D3B39D69736123B5768] - [15/03/2019 05:49:14] - |A| - [288768] - C:\Windows\system32\authz.dll [MD5.F2C4F7A2AC1611A86B1EAB16E16D5420] - [15/03/2019 05:49:54] - |A| - [1925120] - C:\Windows\system32\AzureSettingSyncProvider.dll [MD5.307924EB13B316CFC0094CC1C2FD4857] - [15/03/2019 05:49:30] - |A| - [204264] - C:\Windows\system32\basecsp.dll [MD5.508B4888B5079FC5BBEBF92EDB2B5D98] - [15/03/2019 05:48:59] - |A| - [1670656] - C:\Windows\system32\batmeter.dll [MD5.A6F6C4E3DC68B8D48C4902FFDE0890EE] - [15/03/2019 05:49:13] - |A| - [1113600] - C:\Windows\system32\bcastdvr.exe [MD5.E8ECABD0EF4490D7980747DD1780D03F] - [15/03/2019 05:49:22] - |A| - [457728] - C:\Windows\system32\bcdedit.exe [MD5.08CDA21039521CAF71891D978EF7763F] - [15/03/2019 05:49:28] - |A| - [137552] - C:\Windows\system32\bcrypt.dll [MD5.4686EE46BE85BFD6C273FFA55ED3AC19] - [15/03/2019 05:50:22] - |A| - [465336] - C:\Windows\system32\bcryptprimitives.dll [MD5.F6262869E673CC957C5D820C67F34D2F] - [15/03/2019 05:50:01] - |A| - [840192] - C:\Windows\system32\BFE.DLL [MD5.8B14F3DBC532A1AE1469EEB416F26165] - [15/03/2019 04:50:04] - |A| - [1888112] - C:\Windows\system32\bhtv5Icon.dll [MD5.AD93296BB519159B9E013FAB7C0E9235] - [15/03/2019 05:50:27] - |A| - [8728064] - C:\Windows\system32\BingMaps.dll [MD5.98DF3986A4D53340AA7AB9384134AC9C] - [15/03/2019 05:49:57] - |A| - [962560] - C:\Windows\system32\BingOnlineServices.dll [MD5.80A9370CB3E4D0FACAA9F29D81EB995B] - [15/03/2019 05:50:08] - |A| - [814080] - C:\Windows\system32\bisrv.dll [MD5.168424450BCD688D24629C39CC5EB778] - [15/03/2019 05:49:37] - |A| - [182272] - C:\Windows\system32\BitLockerCsp.dll [MD5.9B71952C6DA6ABE5B703DDD49648DAE8] - [15/03/2019 05:49:12] - |A| - [3756032] - C:\Windows\system32\bootux.dll [MD5.5412090A6BD30C90963C1A06ED585837] - [15/03/2019 05:48:57] - |A| - [262656] - C:\Windows\system32\BrokerLib.dll [MD5.7D9E4DF53070F66AF8E31C6C638CC795] - [15/03/2019 05:50:06] - |A| - [248840] - C:\Windows\system32\browserbroker.dll [MD5.C331EE39EE4B43B5AAD4D192CA07E45B] - [15/03/2019 05:49:14] - |A| - [331264] - C:\Windows\system32\browserexport.exe [MD5.6DF6C72920870AF5D39C0E3C5361B409] - [15/03/2019 05:49:09] - |A| - [153600] - C:\Windows\system32\BrowserSettingSync.dll [MD5.45DF1A208792CE07EF71433AEF8973C5] - [15/03/2019 05:49:19] - |A| - [27448] - C:\Windows\system32\browser_broker.exe [MD5.69AE5D398A856800E0CC4AA1EB6EC08B] - [15/03/2019 05:49:19] - |A| - [58880] - C:\Windows\system32\ByteCodeGenerator.exe [MD5.094380D265797103F3456721FC09FD44] - [15/03/2019 05:49:43] - |A| - [483840] - C:\Windows\system32\catsrvut.dll [MD5.4F39A245AE6DDB230A707A7908AFA634] - [15/03/2019 05:50:21] - |A| - [5195776] - C:\Windows\system32\cdp.dll [MD5.BADBA864C955F645F38F85B5B4D11AFF] - [15/03/2019 05:49:18] - |A| - [1357312] - C:\Windows\system32\cdprt.dll [MD5.1563F58E08FC62896FE05C1D2D80F692] - [15/03/2019 05:49:27] - |A| - [697344] - C:\Windows\system32\cdpsvc.dll [MD5.1846957AEEA89589E527862E6BED7DDF] - [15/03/2019 05:49:33] - |A| - [484352] - C:\Windows\system32\cdpusersvc.dll [MD5.6286CBE87B64AB7D1F59E3375A2FF3F4] - [15/03/2019 05:49:14] - |A| - [188928] - C:\Windows\system32\certprop.dll [MD5.53016432AEB78705BA5E63A5D3F295C3] - [15/03/2019 05:51:19] - |A| - [8108032] - C:\Windows\system32\Chakra.dll [MD5.3B13C91E82392F687033FFDB47B68FEA] - [15/03/2019 05:51:24] - |A| - [104960] - C:\Windows\system32\Chakradiag.dll [MD5.7ED14B31AEE181CCE4D3A2E4DFFA24E5] - [15/03/2019 09:12:52] - |SH| - [128] - C:\Windows\system32\chsfzkmblhznywfd.dat [MD5.319D29D7DC0B2FB1480003CEF0570C29] - [15/03/2019 05:50:24] - |A| - [712528] - C:\Windows\system32\ci.dll [MD5.1C099AF0A64B257CE49F088B4667F7A4] - [15/03/2019 04:50:25] - |A| - [278904] - C:\Windows\system32\cilkrts20_64.dll [MD5.5D238EE18D6C07DD08B50DC536A8DF2A] - [15/03/2019 05:49:14] - |A| - [86528] - C:\Windows\system32\cldapi.dll [MD5.A3FA371CB9AD9F0788F284F8BD8DEB35] - [15/03/2019 05:49:59] - |A| - [824800] - C:\Windows\system32\ClipSVC.dll [MD5.C5E70132CD00D314CD0F662F8EE2E4A4] - [15/03/2019 05:49:57] - |A| - [384512] - C:\Windows\system32\cloudAP.dll [MD5.E89306A046F3EFE7B58436691378EC04] - [15/03/2019 05:49:15] - |A| - [300544] - C:\Windows\system32\CloudBackupSettings.dll [MD5.0C6D3D719D71149ED670E1E8884C2D1A] - [15/03/2019 05:49:43] - |A| - [406312] - C:\Windows\system32\CloudExperienceHost.dll [MD5.4FBFD79D8A30C5C025478C0AFC931A36] - [15/03/2019 05:51:03] - |A| - [436536] - C:\Windows\system32\CloudExperienceHostCommon.dll [MD5.FF7918BF603D5C43BACAD2312C2236D8] - [15/03/2019 05:49:24] - |A| - [92032] - C:\Windows\system32\CloudNotifications.exe [MD5.108F518C45C9DE6B686BD084BA7C9657] - [15/03/2019 05:49:24] - |A| - [198440] - C:\Windows\system32\CloudStorageWizard.exe [MD5.0DB734A9E8F3ECF1E558673A5B9A34C7] - [15/03/2019 05:49:37] - |A| - [997376] - C:\Windows\system32\clusapi.dll [MD5.B56976738C58421BEB8189A6D5A6A66E] - [04/03/2019 22:39:16] - |A| - [51808] - C:\Windows\system32\cmdcsr.dll [MD5.7BE91946A1A9E03217624B3A117775D3] - [20/03/2019 13:00:08] - |A| - [337080] - C:\Windows\system32\cmdkbdcss64.dll [MD5.7C35203E529FFA1485B941BE7BACD144] - [04/03/2019 22:36:28] - |A| - [470720] - C:\Windows\system32\cmdvrt64.dll [MD5.38821C1AD7BD69598B39FDDDE84372FD] - [15/03/2019 05:50:20] - |A| - [3174624] - C:\Windows\system32\combase.dll [MD5.4A06A1ED4BD35CA556B5F112A77F9A34] - [15/03/2019 05:49:29] - |A| - [661920] - C:\Windows\system32\comctl32.dll [MD5.7FF05EE65D07CABDF6F92C39D2064D8D] - [15/03/2019 05:50:07] - |A| - [1057792] - C:\Windows\system32\comdlg32.dll [MD5.F1FAC298EEED0C2352AF320053DC4B89] - [15/03/2019 05:49:57] - |A| - [454152] - C:\Windows\system32\coml2.dll [MD5.7774EF325F7E1AB4A3BF38C6B1D9B9E4] - [15/03/2019 05:50:24] - |A| - [147256] - C:\Windows\system32\CompatTelRunner.exe [MD5.6C53FB189E08C323F374598AA01F652D] - [15/03/2019 05:49:15] - |A| - [237568] - C:\Windows\system32\ComposableShellProxyStub.dll [MD5.08066A6791393DC56D026EF288599C1E] - [15/03/2019 05:49:23] - |A| - [89288] - C:\Windows\system32\CompPkgSup.dll [MD5.9766948B92D01B34BF81358627A00EF5] - [15/03/2019 05:49:07] - |A| - [308736] - C:\Windows\system32\compstui.dll [MD5.98705DD87ACA022723ABE3B2A73CD768] - [15/03/2019 05:49:48] - |A| - [1717248] - C:\Windows\system32\comsvcs.dll [MD5.8754B1C1BD7CA26428ACB01D3E660682] - [15/03/2019 05:49:38] - |A| - [157592] - C:\Windows\system32\consent.exe [MD5.04318D6DD76218E4484C0CFD9E700A17] - [15/03/2019 05:50:03] - |A| - [1856512] - C:\Windows\system32\ConstraintIndex.Search.dll [MD5.8BC54762701B089D9A78DA3C15873F14] - [15/03/2019 05:49:30] - |A| - [212992] - C:\Windows\system32\container.dll [MD5.BD09EFD7B81A495C3777BC58F8E382BD] - [15/03/2019 05:50:01] - |A| - [1488288] - C:\Windows\system32\ContentDeliveryManager.Utilities.dll [MD5.FBE86E6A6837A9D682D5EC5ECFB05A61] - [15/03/2019 05:49:01] - |A| - [232960] - C:\Windows\system32\convertvhd.exe [MD5.4B64B776A3966C92AD5059A3A3E517E8] - [15/03/2019 05:49:12] - |A| - [252416] - C:\Windows\system32\coredpus.dll [MD5.089C9159D71CE7F617324DDB67E34DCD] - [15/03/2019 05:49:54] - |A| - [898328] - C:\Windows\system32\CoreMessaging.dll [MD5.46094298CA2615763702C782F947A9E8] - [15/03/2019 05:49:43] - |A| - [1471488] - C:\Windows\system32\CoreShell.dll [MD5.F0E2E0C89BF26B5AE474E5C39949B7A9] - [15/03/2019 05:49:14] - |A| - [407552] - C:\Windows\system32\CoreShellAPI.dll [MD5.F493C6FB6A31BAB72D09C4B46637B27E] - [15/03/2019 05:50:14] - |A| - [3075240] - C:\Windows\system32\CoreUIComponents.dll [MD5.A4F3547123EAC3C8BC8E0E0D4B017C5C] - [15/03/2019 05:49:01] - |A| - [285184] - C:\Windows\system32\Cortana.Persona.dll [MD5.971C66154AB48E2B0BBE14D85C26AFB8] - [15/03/2019 05:49:07] - |A| - [200704] - C:\Windows\system32\CourtesyEngine.dll [MD5.7F6D4A5AA6F5CF471BE2B8B799C0258C] - [15/03/2019 05:49:51] - |A| - [870912] - C:\Windows\system32\CPFilters.dll [MD5.F71A8D267ACFB7DD05DE14785D4A4BB2] - [15/03/2019 05:49:33] - |A| - [101888] - C:\Windows\system32\CredProv2faHelper.dll [MD5.2286AD84D8FE33FF746503F995D3042A] - [15/03/2019 05:50:03] - |A| - [459776] - C:\Windows\system32\CredProvDataModel.dll [MD5.A06A55172BC0A500C71434B42AD83AE7] - [15/03/2019 05:49:41] - |A| - [262656] - C:\Windows\system32\credprovhost.dll [MD5.6A72F6A7AFC71C5F616DEF3A60E7A59A] - [15/03/2019 05:49:40] - |A| - [225792] - C:\Windows\system32\credprovs.dll [MD5.5CFAC7FF04BDF532E38A1EC5B220D746] - [15/03/2019 05:48:56] - |A| - [23552] - C:\Windows\system32\credssp.dll [MD5.2C99BD96DA2C08A4DF912A4EE468613A] - [15/03/2019 05:49:43] - |A| - [1873944] - C:\Windows\system32\crypt32.dll [MD5.57A7EC3D2B24DE7E1614EB1C9F487509] - [15/03/2019 05:49:31] - |A| - [126464] - C:\Windows\system32\cryptcatsvc.dll [MD5.2DADAE45FD2645B3BDAC96A6B7CAE1F0] - [15/03/2019 05:49:41] - |A| - [592384] - C:\Windows\system32\cryptui.dll [MD5.5F9E670B18B631E98AE6E01A3F06BF97] - [15/03/2019 05:49:32] - |A| - [164864] - C:\Windows\system32\cscript.exe [MD5.C08B76197C6FC8B8CCA63DFDE3A48503] - [20/03/2019 13:00:09] - |A| - [50264] - C:\Windows\system32\csscsr64.dll [MD5.18315E8C880660C91695B04348911794] - [20/03/2019 13:00:08] - |A| - [447704] - C:\Windows\system32\cssguard64.dll [MD5.35F394B7E58A9E98F38DA50366C9F67A] - [15/03/2019 05:50:05] - |A| - [5972480] - C:\Windows\system32\d2d1.dll [MD5.234E0CF51BCB2FC503BCA920044A5F1A] - [15/03/2019 05:51:02] - |A| - [7831664] - C:\Windows\system32\d3d10warp.dll [MD5.9027EA175C52B335236196A4075A2ABD] - [15/03/2019 05:50:26] - |A| - [3009736] - C:\Windows\system32\d3d11.dll [MD5.B0327832C64CF0C704A93E14612D0F8A] - [15/03/2019 05:50:15] - |A| - [1416392] - C:\Windows\system32\D3D12.dll [MD5.DE99750CF68F639683435AD1375B0F39] - [15/03/2019 05:50:11] - |A| - [1642520] - C:\Windows\system32\d3d9.dll [MD5.BD22DA95CD4C11BE4FA235D891D63573] - [15/03/2019 05:49:58] - |A| - [830464] - C:\Windows\system32\d3d9on12.dll [MD5.B5F196139B7CC61BB268378A88BFF600] - [15/03/2019 05:50:07] - |A| - [4297728] - C:\Windows\system32\D3DCompiler_47.dll [MD5.1B2E56D8A87A24C60FF23638670D9619] - [15/03/2019 05:49:14] - |A| - [107520] - C:\Windows\system32\dab.dll [MD5.EF3B328D12BDC6791FF62652A8FBC824] - [15/03/2019 05:49:02] - |A| - [119296] - C:\Windows\system32\DafPrintProvider.dll [MD5.FB1C407BF8B1DD0744D0EDD31BE598F7] - [15/03/2019 05:49:51] - |A| - [271872] - C:\Windows\system32\DAFWSD.dll [MD5.F44338D6E9FBBBDFAB849988897CA626] - [15/03/2019 05:49:02] - |A| - [84992] - C:\Windows\system32\DataStoreCacheDumpTool.exe [MD5.12B469EDEDAF69DBB39C12289D16405E] - [15/03/2019 05:49:21] - |A| - [93696] - C:\Windows\system32\davclnt.dll [MD5.840340A44C87276C85E150B50EF7B054] - [15/03/2019 05:49:57] - |A| - [535040] - C:\Windows\system32\daxexec.dll [MD5.C8272185947C80F6B0106BDA1BE9E57E] - [15/03/2019 05:50:16] - |A| - [5833216] - C:\Windows\system32\dbgeng.dll [MD5.5D5CAA6D653D396CAF17799ECCA7AEF7] - [15/03/2019 05:49:44] - |A| - [666624] - C:\Windows\system32\DbgModel.dll [MD5.8DBD8C6BCA1C46CF72E5F26D12CF6807] - [15/03/2019 05:50:07] - |A| - [505656] - C:\Windows\system32\dcntel.dll [MD5.DF6465F349C9CBDF3FCEB3F198E8FCB6] - [28/03/2019 16:55:59] - |A| - [35760] - C:\Windows\system32\ddmdrv.sys [MD5.2FBE8D307D281F7F165F6FD3EF3B9B5A] - [15/03/2019 05:49:13] - |A| - [311808] - C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll [MD5.217EF5B7F2E9352906C5102C92C53857] - [15/03/2019 05:49:25] - |A| - [35640] - C:\Windows\system32\DeviceCensus.exe [MD5.07380343D749A66AC5934C608BA7E456] - [15/03/2019 05:49:12] - |A| - [356352] - C:\Windows\system32\DeviceEnroller.exe [MD5.78F06621F8E8DBCDC476CC857CD41429] - [15/03/2019 05:49:50] - |A| - [2404864] - C:\Windows\system32\DeviceFlows.DataModel.dll [MD5.BB8B97CFB154F3CACB1A69A63714284C] - [15/03/2019 05:49:17] - |A| - [566272] - C:\Windows\system32\DevicePairing.dll [MD5.883348A614C2A6666E8E0F2D7A4E2D1B] - [15/03/2019 05:49:27] - |A| - [100136] - C:\Windows\system32\DeviceReactivation.dll [MD5.BB73FD1329739982C2915AB827A01362] - [15/03/2019 05:49:43] - |A| - [238080] - C:\Windows\system32\DeviceSetupManager.dll [MD5.7C61103F8ADB474EA2E56F3B9B533B8A] - [15/03/2019 05:49:28] - |A| - [84992] - C:\Windows\system32\DeviceUpdateAgent.dll [MD5.08F138FDE99081999A1769CBAFF0182D] - [15/03/2019 05:50:24] - |A| - [619832] - C:\Windows\system32\devinv.dll [MD5.FDB38FF469568190277A694D1BF599F5] - [15/03/2019 05:48:57] - |A| - [379392] - C:\Windows\system32\dhcpcore.dll [MD5.2D62FA8D0FB596F610BC818CF2265CA5] - [15/03/2019 05:48:57] - |A| - [298496] - C:\Windows\system32\dhcpcore6.dll [MD5.26DE1F77BFA5A95834427A6449F9DF62] - [15/03/2019 05:51:04] - |A| - [666112] - C:\Windows\system32\DHolographicDisplay.dll [MD5.C59C6E3665EF55382D25A3F3B62AEC1A] - [15/03/2019 05:50:57] - |A| - [2637824] - C:\Windows\system32\diagtrack.dll [MD5.23E935F494FC0407AFF24788CEC40607] - [15/03/2019 05:49:39] - |A| - [474112] - C:\Windows\system32\DictationManager.dll [MD5.BE5F07BA486D34048EC9B0B40E2565DE] - [15/03/2019 05:49:25] - |A| - [165376] - C:\Windows\system32\dinput.dll [MD5.A53C3A6225F1E29923DD452B340919DE] - [15/03/2019 05:49:34] - |A| - [216576] - C:\Windows\system32\dinput8.dll [MD5.C263FB92A9FA0666EDC3BEAEF23B472A] - [15/03/2019 05:48:57] - |A| - [28672] - C:\Windows\system32\dispex.dll [MD5.5EE46ED78742D939459BA3A7237C486B] - [15/03/2019 05:49:39] - |A| - [164864] - C:\Windows\system32\dmcertinst.exe [MD5.F77D48A838B18FCD75682DA59AEE6509] - [15/03/2019 05:49:24] - |A| - [102912] - C:\Windows\system32\dmclient.exe [MD5.BEE525570C56BB4C40FCE695672CE217] - [15/03/2019 05:49:51] - |A| - [518144] - C:\Windows\system32\dmenrollengine.dll [MD5.4FD3168268A6EDC0934B79A6C0FDA89B] - [15/03/2019 05:51:16] - |A| - [739184] - C:\Windows\system32\dnsapi.dll [MD5.1FB9A9A07395E096500EBA2417E4ECA2] - [15/03/2019 05:49:23] - |A| - [286720] - C:\Windows\system32\dnsrslvr.dll [MD5.1914F98652EE03B69B5CA3FA3E8BA4BB] - [15/03/2019 05:49:45] - |A| - [758272] - C:\Windows\system32\DolbyHrtfEnc.dll [MD5.62FF46285672FBA33833996CBA519BA7] - [15/03/2019 05:48:17] - |A| - [253440] - C:\Windows\system32\domgmt.dll [MD5.0A8B601A9E46EC8A15A9A3CEE5805D2F] - [15/03/2019 05:50:20] - |A| - [1342976] - C:\Windows\system32\dosvc.dll [MD5.E1C233826ECA1E52672052C49BD42485] - [15/03/2019 05:48:57] - |A| - [253440] - C:\Windows\system32\dot3svc.dll [MD5.00000000000000000000000000000000] - [25/03/2019 23:04:45] - |DC| - [88336] - C:\Windows\system32\DRVSTORE [MD5.DC06411C7EAF74500832231D2D6CF13B] - [15/03/2019 05:49:00] - |A| - [691200] - C:\Windows\system32\dsreg.dll [MD5.2ABF48AFA9A7011286EC3E6F69FE19C5] - [15/03/2019 05:49:37] - |A| - [155136] - C:\Windows\system32\dssvc.dll [MD5.A05724426389EBC1351E3D6F95CF3EAC] - [15/03/2019 05:49:45] - |A| - [334848] - C:\Windows\system32\dusmsvc.dll [MD5.BF713D9C580BC58934FED58E6562EAD5] - [15/03/2019 05:51:14] - |A| - [2858496] - C:\Windows\system32\dwmcore.dll [MD5.BC1E9637223F8DE90195E5766FB75FE9] - [15/03/2019 05:50:24] - |A| - [3161088] - C:\Windows\system32\DWrite.dll [MD5.46D2F0E302BD88193D3FEDF1FE9EF250] - [15/03/2019 05:49:50] - |A| - [703536] - C:\Windows\system32\dxgi.dll [MD5.82945872A8099848CAC38565DDCF09FF] - [15/03/2019 05:49:51] - |A| - [1327104] - C:\Windows\system32\dxilconv.dll [MD5.164B7EC29CEFC6E2094DE1B3BD451369] - [15/03/2019 05:49:23] - |A| - [456704] - C:\Windows\system32\dxtmsft.dll [MD5.89F21FD6D5A90845BAF1547C4F17B706] - [15/03/2019 05:49:20] - |A| - [276480] - C:\Windows\system32\dxtrans.dll [MD5.3F508EE631EEBAA744C32B9A9B2D90F8] - [15/03/2019 05:49:22] - |A| - [64512] - C:\Windows\system32\EASPolicyManagerBrokerHost.exe [MD5.28342495F3755D2C7681045BC700305C] - [15/03/2019 05:49:13] - |A| - [14336] - C:\Windows\system32\EasPolicyManagerBrokerPS.dll [MD5.71917C1899ECC9D4AEC203E9F585B1A4] - [15/03/2019 05:51:06] - |A| - [25270272] - C:\Windows\system32\edgehtml.dll [MD5.10C38E1CA0D664F58E8B9F3645885E1D] - [15/03/2019 05:48:54] - |A| - [72] - C:\Windows\system32\edgehtmlpluginpolicy.bin [MD5.DB0B81DD8BD75E6A6FE217FDB59576F5] - [15/03/2019 05:49:47] - |A| - [536064] - C:\Windows\system32\edgeIso.dll [MD5.D653FEDF8938EF8EDF88810B8647899F] - [15/03/2019 05:49:29] - |A| - [200704] - C:\Windows\system32\EdgeManager.dll [MD5.D36BCEDC8E72B82DC957F711D8696A44] - [15/03/2019 05:49:06] - |A| - [83968] - C:\Windows\system32\EditBufferTestHook.dll [MD5.76C8BA3C19BA2FDA6B02906D28BF7D2F] - [15/03/2019 05:48:57] - |A| - [177152] - C:\Windows\system32\EditionUpgradeHelper.dll [MD5.77649DBD973A901B987569DEF8FE7D8B] - [15/03/2019 05:49:33] - |A| - [714768] - C:\Windows\system32\EditionUpgradeManagerObj.dll [MD5.F444186533C53A4825A27F7A3B3E62CD] - [15/03/2019 05:49:32] - |A| - [255488] - C:\Windows\system32\edputil.dll [MD5.BD57476ED17768520DC2996A703E85C3] - [15/03/2019 05:50:04] - |A| - [1029536] - C:\Windows\system32\efscore.dll [MD5.A089F15CF85978796DE211D3075F0CE8] - [15/03/2019 05:48:57] - |A| - [81408] - C:\Windows\system32\efslsaext.dll [MD5.378A30A40DF26E089B46F66069BDD1F8] - [15/03/2019 05:48:56] - |A| - [57856] - C:\Windows\system32\efssvc.dll [MD5.88E11DC055F1596989FAF715EA75B816] - [15/03/2019 05:49:47] - |A| - [634880] - C:\Windows\system32\efswrt.dll [MD5.63780C98D82C438FFC4B82185CA30CB4] - [15/03/2019 05:49:41] - |A| - [434176] - C:\Windows\system32\EncDec.dll [MD5.9E15122839C37BF84C5AAFBE21D39749] - [15/03/2019 05:49:28] - |A| - [215552] - C:\Windows\system32\enrollmentapi.dll [MD5.358554029D6645AADCF103BA18D22DC7] - [15/03/2019 05:49:06] - |A| - [25088] - C:\Windows\system32\EnterpriseAppMgmtClient.dll [MD5.3BC17ABD52295C64A8BEE3CF4B244B12] - [15/03/2019 05:49:38] - |A| - [302592] - C:\Windows\system32\EnterpriseAppMgmtSvc.dll [MD5.4D6F2F02DC4647BB70147171F7806724] - [15/03/2019 05:50:15] - |A| - [1574912] - C:\Windows\system32\enterprisecsps.dll [MD5.DBDFEFD6ED5B807388C1943BACCCDBE4] - [15/03/2019 05:49:12] - |A| - [88576] - C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll [MD5.0A56591CDE0BBC9B7D8A064568D53B49] - [15/03/2019 05:49:24] - |A| - [450560] - C:\Windows\system32\es.dll [MD5.07E28F922D6F686348C5A28D4CF4476B] - [15/03/2019 05:49:12] - |A| - [109568] - C:\Windows\system32\eShims.dll [MD5.9D7D33BEF975A084CDC8DC9B2B1EA3DB] - [15/03/2019 05:50:04] - |A| - [755712] - C:\Windows\system32\evr.dll [MD5.FC8442D6B1C03CCEC5A16F681DAAF201] - [15/03/2019 05:49:47] - |A| - [292864] - C:\Windows\system32\ExecModelClient.dll [MD5.6C8A6E37851EA7538820B3426E5510B7] - [15/03/2019 05:50:13] - |A| - [4772352] - C:\Windows\system32\ExplorerFrame.dll [MD5.CD63F15237D81AFEDA484E10464FEF36] - [15/03/2019 05:49:04] - |A| - [257536] - C:\Windows\system32\ExSMime.dll [MD5.D0F48A8C2CD225A7FEDE98223EE62FCA] - [15/03/2019 05:49:26] - |A| - [464384] - C:\Windows\system32\facecredentialprovider.dll [MD5.BEB1E18B7F2CE225D7B8B246B896F5F1] - [15/03/2019 05:51:02] - |A| - [975360] - C:\Windows\system32\FaceProcessor.dll [MD5.C009F5D7740AAC4BDC99EF7C62803C21] - [15/03/2019 05:51:03] - |A| - [269600] - C:\Windows\system32\FaceProcessorCore.dll [MD5.365DDDE9AE10319ED840D9289716650D] - [15/03/2019 05:49:08] - |A| - [155136] - C:\Windows\system32\fdeploy.dll [MD5.C8F7F0ED919EEAE6F9430E65390A94AD] - [15/03/2019 05:48:56] - |A| - [58368] - C:\Windows\system32\fdPnp.dll [MD5.850E528D7D439D1EBFF9AF61B7DC965A] - [15/03/2019 05:49:01] - |A| - [68096] - C:\Windows\system32\fdProxy.dll [MD5.017CE932B1C642DD1639370200A9618D] - [15/03/2019 05:48:56] - |A| - [29184] - C:\Windows\system32\fdWNet.dll [MD5.E65D2A37B6D4445D0CD9234BA933475B] - [15/03/2019 05:48:17] - |A| - [74716] - C:\Windows\system32\FeatureToastHeroImg.jpg [MD5.8DB0A301B592AAD6AB548CFCF771091E] - [15/03/2019 05:51:15] - |A| - [542208] - C:\Windows\system32\FirewallAPI.dll [MD5.D60095FBC488AE1A805FEA5E22BA3F94] - [15/03/2019 05:50:16] - |A| - [1967104] - C:\Windows\system32\FntCache.dll [MD5.923D40C6C8285C3116791A3487B3CED8] - [15/03/2019 05:50:24] - |A| - [779856] - C:\Windows\system32\fontdrvhost.exe [MD5.473DE64499A4EA699A95D3F907C41E88] - [15/03/2019 05:49:13] - |A| - [965632] - C:\Windows\system32\fontext.dll [MD5.8FDF57C98BB3D82B6968D4606372599D] - [15/03/2019 05:49:14] - |A| - [141824] - C:\Windows\system32\FontProvider.dll [MD5.E7156CB4A9247261093920CB3CB10774] - [15/03/2019 05:49:21] - |A| - [121856] - C:\Windows\system32\fontsub.dll [MD5.27F4211199EB5A8E5169020B88EE201C] - [15/03/2019 05:50:01] - |A| - [667136] - C:\Windows\system32\FrameServer.dll [MD5.D13E7221130C8AB2DEAC6CADF1C65E23] - [15/03/2019 05:49:08] - |A| - [82944] - C:\Windows\system32\frprov.dll [MD5.84471E2E955A6BD7CF9BEB7421C0734D] - [15/03/2019 05:49:42] - |A| - [306688] - C:\Windows\system32\FSClient.dll [MD5.4B72A5274B42B64ADA7CE6D89122DA35] - [15/03/2019 05:49:26] - |A| - [98272] - C:\Windows\system32\FsIso.exe [MD5.F4AE2ECB766D7FF7025F9A3F8B9EA343] - [15/03/2019 05:49:41] - |A| - [216064] - C:\Windows\system32\fwpolicyiomgr.dll [MD5.0F9894730901E728FBA7031BEAF2E677] - [15/03/2019 05:49:04] - |A| - [647168] - C:\Windows\system32\FXSCOMEX.dll [MD5.86A2029691F46C53C0061BF032E8A8EC] - [15/03/2019 05:49:10] - |A| - [253952] - C:\Windows\system32\FXST30.dll [MD5.BDE183BD581BDDB43CB5A83C66190D11] - [15/03/2019 05:49:11] - |A| - [299008] - C:\Windows\system32\GameBarPresenceWriter.exe [MD5.54BA19F4D05BECCDE89DA2F84370390E] - [15/03/2019 05:49:38] - |A| - [1297920] - C:\Windows\system32\GamePanel.exe [MD5.27AB670019D08100BE61CB47D41E3023] - [15/03/2019 05:49:06] - |A| - [28160] - C:\Windows\system32\GamePanelExternalHook.dll [MD5.098E31F8AF7CBE1EB289F0E8C4672D1B] - [15/03/2019 05:49:21] - |A| - [2523136] - C:\Windows\system32\gameux.dll [MD5.124D05EE91361B77C6D615D55CC2F289] - [15/03/2019 05:49:43] - |A| - [174080] - C:\Windows\system32\gamingtcui.dll [MD5.A690DB93AE821579CA2DF940748A58F2] - [15/03/2019 05:49:32] - |A| - [155440] - C:\Windows\system32\gdi32.dll [MD5.991DD2F7FF79427D99BCCDC4A0999E95] - [15/03/2019 05:50:29] - |A| - [1638840] - C:\Windows\system32\gdi32full.dll [MD5.4E8F42283889367694A8FC690C22DA27] - [15/03/2019 05:49:48] - |A| - [1666048] - C:\Windows\system32\GdiPlus.dll [MD5.CE3EA9B5DF1B32AA3B3F917B93DA747C] - [15/03/2019 05:50:14] - |A| - [808248] - C:\Windows\system32\generaltel.dll [MD5.EDE76DE334861DA0D4BB6A2C465E9303] - [15/03/2019 05:50:01] - |A| - [496640] - C:\Windows\system32\Geolocation.dll [MD5.7BD14FA8FF575F5DF525203BFDF97E6B] - [15/03/2019 05:49:25] - |A| - [325632] - C:\Windows\system32\GlobCollationHost.dll [MD5.44A8F60A38C87271B582FE4DEEAF73E0] - [15/03/2019 05:50:41] - |A| - [4876800] - C:\Windows\system32\gnsdk_fp.dll [MD5.A6D0AE61FDBA546491A4318721F6A5CF] - [15/03/2019 05:49:16] - |A| - [127136] - C:\Windows\system32\gpapi.dll [MD5.E33DF1740D7DDFC98EF4BF4E329A19A8] - [15/03/2019 05:49:57] - |A| - [1280000] - C:\Windows\system32\gpsvc.dll [MD5.9736D0316780DC662B91C27328789B97] - [04/03/2019 22:38:58] - |A| - [925832] - C:\Windows\system32\guard64.dll [MD5.336ADF701A525A3974BB74A2E1D33C32] - [15/03/2019 05:49:45] - |A| - [471968] - C:\Windows\system32\hal.dll [MD5.4017AECCD2CCAC9DF39130FF4C93D5D3] - [15/03/2019 05:49:13] - |A| - [85504] - C:\Windows\system32\hascsp.dll [MD5.089B5DF78AF7572942D49285B9DECEC0] - [15/03/2019 05:49:24] - |A| - [325832] - C:\Windows\system32\HdcpHandler.dll [MD5.35D1DF2B6009ACE98109AA224CD74B3C] - [15/03/2019 05:49:30] - |A| - [640000] - C:\Windows\system32\HeadTrackerStorage.dll [MD5.181D4A848B7CB99E6562474BF59C44B2] - [15/03/2019 05:49:13] - |A| - [621056] - C:\Windows\system32\hgcpl.dll [MD5.677C3CDAF042D99BD402CA3C2FD03CD5] - [15/03/2019 05:49:53] - |A| - [657408] - C:\Windows\system32\hhctrl.ocx [MD5.524496D74062801DCC1749D2B306EF11] - [15/03/2019 05:49:14] - |A| - [99328] - C:\Windows\system32\hlink.dll [MD5.09D4B8D2B6E858AC52341D344826AEE4] - [15/03/2019 05:51:01] - |A| - [17085952] - C:\Windows\system32\HologramCompositor.dll [MD5.76768AF451E1B38F23265AD781A4E301] - [15/03/2019 05:50:47] - |A| - [543232] - C:\Windows\system32\HolographicExtensions.dll [MD5.9EBE69283AB8B4577B81F63E760DD25F] - [15/03/2019 05:51:04] - |A| - [336896] - C:\Windows\system32\HolographicRuntimes.dll [MD5.63F36F992AA8562D606D6BA6F4121300] - [15/03/2019 05:49:13] - |A| - [230912] - C:\Windows\system32\HoloShellRuntime.dll [MD5.0CF1459F51A30C2D695BCC16302CBE1B] - [15/03/2019 05:49:50] - |A| - [416768] - C:\Windows\system32\html.iec [MD5.1F19647CBA14376080C8C74EEA8CD93B] - [15/03/2019 05:48:56] - |A| - [125440] - C:\Windows\system32\httpprxm.dll [MD5.A34E405462EA388C6252858A9BE0963A] - [15/03/2019 05:51:18] - |A| - [1072952] - C:\Windows\system32\hvax64.exe [MD5.C4450D832472A5A973082D84DED16DCF] - [15/03/2019 05:49:21] - |A| - [60320] - C:\Windows\system32\hvhostsvc.dll [MD5.6D864D75907BBBE76C9C6C8B2151FE21] - [15/03/2019 05:51:08] - |A| - [1252872] - C:\Windows\system32\hvix64.exe [MD5.77B75A9238AF5246A2B1C6E8EFB7BDA5] - [15/03/2019 05:49:25] - |A| - [78648] - C:\Windows\system32\hvloader.dll [MD5.38FE767209BD278F38687D906D004E73] - [15/03/2019 05:51:01] - |A| - [21754368] - C:\Windows\system32\Hydrogen.dll [MD5.4ABBF315B97DBA5053FD689ED01DE87D] - [15/03/2019 05:49:16] - |A| - [113568] - C:\Windows\system32\icfupgd.dll [MD5.E1B89703CF7A52E4A18FFC39B1AAD916] - [15/03/2019 05:49:17] - |A| - [245248] - C:\Windows\system32\icm32.dll [MD5.49E87146F7EB33F1570D4F19D3431296] - [15/03/2019 05:49:06] - |A| - [72192] - C:\Windows\system32\IcsEntitlementHost.exe [MD5.16071A66A9313085B54037B5D7D1C353] - [15/03/2019 05:48:57] - |A| - [286208] - C:\Windows\system32\icsvc.dll [MD5.F03A5454EAE669167639CA3F2EDF73B1] - [15/03/2019 05:48:57] - |A| - [309760] - C:\Windows\system32\icsvcext.dll [MD5.B124CE8AA3DA07EFF85AFA443CBE1B9A] - [15/03/2019 05:49:55] - |RA| - [1900544] - C:\Windows\system32\icuin.dll [MD5.54D8C41BCDFDFDC49A3185B972A92EB2] - [15/03/2019 05:49:42] - |RA| - [1341440] - C:\Windows\system32\icuuc.dll [MD5.8E2C97F29AAC07323245584B279B843D] - [15/03/2019 05:49:18] - |A| - [112640] - C:\Windows\system32\IdCtrls.dll [MD5.FF091D5B0AB5835BFF5E0D57F8F0FD15] - [15/03/2019 05:49:13] - |A| - [229888] - C:\Windows\system32\ie4uinit.exe [MD5.49E80B31EACFA85C923C3662CD0ADEFA] - [15/03/2019 05:48:59] - |A| - [143360] - C:\Windows\system32\IEAdvpack.dll [MD5.58197E2670D62659D6AE437F37B0F74C] - [15/03/2019 05:49:28] - |A| - [1597952] - C:\Windows\system32\ieapfltr.dll [MD5.2EC79671C5F0F09EC06985D410718C59] - [15/03/2019 05:49:43] - |A| - [392704] - C:\Windows\system32\iedkcs32.dll [MD5.F737DEE776F393785B82FCDBB580E341] - [15/03/2019 05:50:27] - |A| - [12833792] - C:\Windows\system32\ieframe.dll [MD5.A2D646DFDABBD41986990289CB5D7F8E] - [15/03/2019 05:49:00] - |A| - [142848] - C:\Windows\system32\iepeers.dll [MD5.0E4326077420664DFC39880BB386C325] - [15/03/2019 05:49:56] - |A| - [816128] - C:\Windows\system32\ieproxy.dll [MD5.E22ED27C52605C52D1ADEEF867BDE5F2] - [15/03/2019 05:48:58] - |A| - [46080] - C:\Windows\system32\iernonce.dll [MD5.472B463EB9E4E436AB3EAD452B1F9214] - [15/03/2019 05:50:12] - |A| - [2736152] - C:\Windows\system32\iertutil.dll [MD5.5DD8C49F75649B48746B8411665E9B04] - [15/03/2019 05:48:58] - |A| - [78336] - C:\Windows\system32\iesetup.dll [MD5.852843AF82669C327630B307F8E7C0FB] - [15/03/2019 05:48:58] - |A| - [117760] - C:\Windows\system32\iesysprep.dll [MD5.32162FE7FA515D40E162985C42ABBF81] - [15/03/2019 05:49:50] - |A| - [561152] - C:\Windows\system32\ieui.dll [MD5.C1127463655F541956FF02A325996ECF] - [15/03/2019 05:48:53] - |A| - [3329] - C:\Windows\system32\ieuinit.inf [MD5.D73C516671C645189B3CF7AD3E20A2EF] - [15/03/2019 05:49:00] - |A| - [151040] - C:\Windows\system32\ieUnatt.exe [MD5.DC9D6FEDFC7DD7AB116A4FDBB8E1870F] - [15/03/2019 05:48:58] - |A| - [167424] - C:\Windows\system32\iexpress.exe [MD5.289363EADA7DB6E07730985D8F2B44C2] - [15/03/2019 05:49:26] - |A| - [984064] - C:\Windows\system32\IKEEXT.DLL [MD5.0E05CFA887C40A1DA00D95E8A915807E] - [15/03/2019 05:48:58] - |A| - [55808] - C:\Windows\system32\imgutil.dll [MD5.C5D273F400B8EE5BEB81097D3E4FAF04] - [15/03/2019 04:50:45] - |A| - [166520] - C:\Windows\system32\IMX241_FN50FF-562H_SKY.cpf [MD5.330FA58DF5F4C4B6CC439FDEF04658CD] - [15/03/2019 04:51:17] - |A| - [41470] - C:\Windows\system32\IMX241_FRONT.aiqd [MD5.F609489142774262ABD4AB204E56C4D9] - [15/03/2019 04:50:45] - |A| - [171348] - C:\Windows\system32\IMX241_START2FRONT_SKY.cpf [MD5.B216175F6574C5D40A6BFFFEB28E8938] - [15/03/2019 04:50:45] - |A| - [171276] - C:\Windows\system32\IMX241_START2FRONT_SKY_Video.cpf [MD5.74FC5B9C7CC049384CC51A5E11465BD6] - [15/03/2019 04:51:18] - |A| - [41470] - C:\Windows\system32\IMX258_REAR.aiqd [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - [15/03/2019 04:50:45] - |A| - [276840] - C:\Windows\system32\IMX258_START2REAR_SKY.cpf [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - [15/03/2019 04:50:45] - |A| - [276840] - C:\Windows\system32\IMX258_START2REAR_SKY_Video.cpf [MD5.D5E5AA845308F4F7372C7C7C13CD34B3] - [15/03/2019 05:49:01] - |A| - [206848] - C:\Windows\system32\IndexedDbLegacy.dll [MD5.56320DB26C0BF067E705CA6CBD2B3A3A] - [15/03/2019 05:49:58] - |A| - [985600] - C:\Windows\system32\inetcomm.dll [MD5.CAC8A27E15D8FE20A3B91D3816DFC66A] - [15/03/2019 05:49:40] - |A| - [2083840] - C:\Windows\system32\inetcpl.cpl [MD5.8B1E46241831FBB615A8FCB220754ECA] - [15/03/2019 05:48:58] - |A| - [85504] - C:\Windows\system32\INETRES.dll [MD5.2B6D7ACE8C37A726F442B69DA1AC8B4A] - [15/03/2019 05:49:24] - |A| - [184336] - C:\Windows\system32\InputHost.dll [MD5.C230B93474BE5ED902D45DA248D22E76] - [15/03/2019 05:49:08] - |A| - [134656] - C:\Windows\system32\InputLocaleManager.dll [MD5.04B3DF2C36B59699A61D4B39CFF914C0] - [15/03/2019 05:50:21] - |A| - [3126272] - C:\Windows\system32\InputService.dll [MD5.8DA5D118D664BEE3ED00A90B2BA23263] - [15/03/2019 05:49:06] - |A| - [421376] - C:\Windows\system32\InputSwitch.dll [MD5.730463EFD1F7B2BD745DB01D96E86649] - [15/03/2019 05:48:58] - |A| - [115200] - C:\Windows\system32\inseng.dll [MD5.4269BF5A7C39DE7BED6F30604CCC4F52] - [15/03/2019 05:50:14] - |A| - [1314304] - C:\Windows\system32\InstallService.dll [MD5.36CB60FE6D29C91D3604DBC144CBE1EE] - [15/03/2019 04:50:29] - |A| - [5707856] - C:\Windows\system32\IntelCameraPlugin64.dll [MD5.CE37628BB55D0CE1078DF19AA8DBC91B] - [15/03/2019 05:00:46] - |A| - [209032] - C:\Windows\system32\intel_gfx_api-x64.dll [MD5.5D2998184807773AB1604CB592081D37] - [15/03/2019 05:50:09] - |A| - [460088] - C:\Windows\system32\invagent.dll [MD5.1C5867DC4091C2E23329AB984BF95604] - [15/03/2019 05:48:58] - |A| - [820224] - C:\Windows\system32\iphlpsvc.dll [MD5.F40AC719646B8E31BBDEA664CEAF28A2] - [15/03/2019 05:49:59] - |A| - [602624] - C:\Windows\system32\ipnathlp.dll [MD5.5E40DA079703587DC4E14EF221EEC597] - [15/03/2019 05:49:36] - |A| - [559616] - C:\Windows\system32\iprtrmgr.dll [MD5.F2DB1D6AD6D0ED387DFFB914CDC151A4] - [20/03/2019 13:00:45] - |A| - [255520] - C:\Windows\system32\iseguard64.dll [MD5.0684BEE414439DEE3C6509A1635AF9C1] - [15/03/2019 05:51:03] - |A| - [1167360] - C:\Windows\system32\ISM.dll [MD5.7135FA19C74FD3676A8F1024D4D0596A] - [15/03/2019 05:49:17] - |A| - [194048] - C:\Windows\system32\itircl.dll [MD5.87FE01C4E2BC79B44FEE81576ED6FC36] - [15/03/2019 05:49:32] - |A| - [172544] - C:\Windows\system32\itss.dll [MD5.AA11EC86D11E24863E839672D1B5E0EF] - [15/03/2019 05:49:16] - |A| - [22800] - C:\Windows\system32\iumbase.dll [MD5.D6F786705F206C119A1FBBB9D480CD36] - [15/03/2019 05:49:20] - |A| - [66720] - C:\Windows\system32\iumcrypt.dll [MD5.EBF8626AB63A7DF9D5FD39150CA5035F] - [15/03/2019 05:49:16] - |A| - [15632] - C:\Windows\system32\iumdll.dll [MD5.0EEB17E3B21A9D299CD189205D698FA9] - [15/03/2019 05:49:17] - |A| - [22208] - C:\Windows\system32\IumSdk.dll [MD5.AE4E3282F24D42422B0AF3EF0971D288] - [15/03/2019 05:48:58] - |A| - [94720] - C:\Windows\system32\JavaScriptCollectionAgent.dll [MD5.21E46E6A5EAF413E1F7AB1F0B5895062] - [15/03/2019 05:49:47] - |A| - [1262592] - C:\Windows\system32\JpMapControl.dll [MD5.A498D4BE2A3D619602621CB3EF918034] - [15/03/2019 05:51:19] - |A| - [809472] - C:\Windows\system32\jscript.dll [MD5.E086E9FEBA689C5F973A1D6659DAB8AB] - [15/03/2019 05:51:24] - |A| - [4724224] - C:\Windows\system32\jscript9.dll [MD5.1F928B3E1B823E6014565254116F8DA6] - [15/03/2019 05:51:19] - |A| - [672768] - C:\Windows\system32\jscript9diag.dll [MD5.19937B3AB4B31523FB9CB7461E31AB1D] - [15/03/2019 05:49:22] - |A| - [114984] - C:\Windows\system32\kdnet.dll [MD5.2568382851DCFDEDD02ACB62BDDB7B8C] - [15/03/2019 05:50:09] - |A| - [945152] - C:\Windows\system32\kerberos.dll [MD5.6BE2CC3494A8FFDF13861F8A51BD84D6] - [15/03/2019 05:49:23] - |A| - [54376] - C:\Windows\system32\kernel.appcore.dll [MD5.F753030AD630541B52D0366AC410ADBF] - [15/03/2019 05:49:48] - |A| - [702472] - C:\Windows\system32\kernel32.dll [MD5.6A712C8944062227C8F8A47DE844B3FD] - [15/03/2019 05:50:08] - |A| - [2515360] - C:\Windows\system32\KernelBase.dll [MD5.7919C327FE8E5C6DC970CB804D2EDF7B] - [15/03/2019 05:48:57] - |A| - [90112] - C:\Windows\system32\keyiso.dll [MD5.18A6CB8199D3DF64B8B93FFE241E43B3] - [15/03/2019 05:49:27] - |A| - [278528] - C:\Windows\system32\ksproxy.ax [MD5.A79FBB1A98459C9CFDB4E844017B4A54] - [15/03/2019 05:49:06] - |A| - [41984] - C:\Windows\system32\LaunchWinApp.exe [MD5.EEE38B21A9B514397EFCB66FF7AFDADC] - [15/03/2019 09:12:52] - |SH| - [128] - C:\Windows\system32\lgxzqgavzxsjwhkr.tbl [MD5.20E09FA2219BE2BF77A17AD7644176CA] - [15/03/2019 04:50:31] - |A| - [12435024] - C:\Windows\system32\libia_cp64.dll [MD5.81DA651C930AC4C1F963B5B642B8BC70] - [15/03/2019 05:50:12] - |A| - [980448] - C:\Windows\system32\LicenseManager.dll [MD5.6A361ED0DE59D58CC633F7BB40AB950D] - [15/03/2019 05:48:57] - |A| - [48640] - C:\Windows\system32\LicenseManagerSvc.dll [MD5.24FADDA3F7C2B8E2AA6BA30A673A86B7] - [15/03/2019 05:49:29] - |A| - [857616] - C:\Windows\system32\LicensingWinRT.dll [MD5.3BA01163DBF121AEE5910A77256459A7] - [15/03/2019 05:48:58] - |A| - [32256] - C:\Windows\system32\licmgr10.dll [MD5.459EC4290CF0D8269DB28FBFD6284C58] - [15/03/2019 05:49:30] - |A| - [270336] - C:\Windows\system32\ListSvc.dll [MD5.EF0C1B809402E2291CF88AE7B3982E89] - [15/03/2019 05:49:49] - |A| - [804120] - C:\Windows\system32\locale.nls [MD5.8003FDB02637E02C1BE8DDA113920893] - [15/03/2019 05:49:56] - |A| - [1156608] - C:\Windows\system32\localspl.dll [MD5.0841C829D8608A97890B13157B6859E3] - [15/03/2019 05:50:08] - |A| - [2296320] - C:\Windows\system32\LocationFramework.dll [MD5.40D621BD97B50CCDE100C589A7EBB6B1] - [15/03/2019 05:49:11] - |A| - [80896] - C:\Windows\system32\LocationFrameworkInternalPS.dll [MD5.051485DB8FD8AD2CC72627D6ED61BECD] - [15/03/2019 05:49:17] - |A| - [39736] - C:\Windows\system32\LocationFrameworkPS.dll [MD5.1B109E687B125AF3C93CC4DE8913090A] - [15/03/2019 05:50:05] - |A| - [556544] - C:\Windows\system32\LockAppBroker.dll [MD5.D4E692078892D77D612387A4428A1CB5] - [15/03/2019 05:49:18] - |A| - [674304] - C:\Windows\system32\LockController.dll [MD5.EAF4FD9B241935ED4C1CD75BCA6358DB] - [15/03/2019 05:49:47] - |A| - [448000] - C:\Windows\system32\LockHostingFramework.dll [MD5.FAA1479779AD5F7676D5837D2DCD52B8] - [15/03/2019 05:49:05] - |A| - [160768] - C:\Windows\system32\LockScreenContent.dll [MD5.DF510111E0E809D3EEE60CFBF646D1D5] - [15/03/2019 05:49:16] - |A| - [247480] - C:\Windows\system32\logoncli.dll [MD5.A69447F60670FAC84DE4A23A392AA6F9] - [15/03/2019 05:50:10] - |A| - [721920] - C:\Windows\system32\LogonController.dll [MD5.83FD5674CE41005ED5657D6E2C5B0B4C] - [15/03/2019 05:49:30] - |A| - [1346048] - C:\Windows\system32\lpasvc.dll [MD5.175B20F3504B9A0DE42879B1EA6F0DE9] - [15/03/2019 05:49:20] - |A| - [270208] - C:\Windows\system32\LsaIso.exe [MD5.20688C85B483C3512CDCFB8A913E24B0] - [15/03/2019 05:51:16] - |A| - [1561088] - C:\Windows\system32\lsasrv.dll [MD5.AF3F47A3DD5A799DD0F3D9F3BFDED0EA] - [15/03/2019 05:49:30] - |A| - [57576] - C:\Windows\system32\lsass.exe [MD5.EBA3441FAE390DB599C9B9523A262F2C] - [15/03/2019 05:50:07] - |A| - [699904] - C:\Windows\system32\lsm.dll [MD5.1C61381DA712ABACD2814CEF4514D927] - [15/03/2019 05:49:43] - |A| - [800768] - C:\Windows\system32\Magnify.exe [MD5.3713E9619CDC4526FF431FB37DCFEF15] - [15/03/2019 05:49:32] - |A| - [479744] - C:\Windows\system32\MapConfiguration.dll [MD5.4E3C95475FFE3D4150B3B3608FB1B6BF] - [15/03/2019 05:49:50] - |A| - [885760] - C:\Windows\system32\MapControlCore.dll [MD5.E6F8782C1256FEA671F5069ABBEE3A49] - [15/03/2019 05:50:03] - |A| - [2849792] - C:\Windows\system32\MapGeocoder.dll [MD5.5CF5F03AEC978EA5D4E9693EABB3FC7D] - [15/03/2019 05:50:12] - |A| - [3400192] - C:\Windows\system32\MapRouter.dll [MD5.8C5FD4B49428C7417DF5EF62FA0BCEBD] - [15/03/2019 05:49:50] - |A| - [1173504] - C:\Windows\system32\MapsStore.dll [MD5.A23448D2D5761F2CFF6F121D3C5B5ACD] - [15/03/2019 05:49:26] - |A| - [344064] - C:\Windows\system32\mcbuilder.exe [MD5.A588BF5C7532DA51890D894878874E3F] - [15/03/2019 05:49:32] - |A| - [971264] - C:\Windows\system32\MCRecvSrc.dll [MD5.565E22DDD04311C7CBD25DE977F429B1] - [15/03/2019 05:49:30] - |A| - [146432] - C:\Windows\system32\MDMAppInstaller.exe [MD5.CF565C0A44A5968CBA96AC5B2A860B75] - [15/03/2019 05:48:59] - |A| - [139264] - C:\Windows\system32\mdmmigrator.dll [MD5.B1C8D90D085EAA671E423D60F12ECBC4] - [15/03/2019 05:49:30] - |A| - [231936] - C:\Windows\system32\mdmregistration.dll [MD5.C97D9B1A233E79A3B858239D83F8CBC2] - [15/03/2019 05:49:53] - |A| - [595472] - C:\Windows\system32\mf.dll [MD5.D639625670C14805990C63871A52C4BC] - [15/03/2019 05:49:23] - |A| - [58368] - C:\Windows\system32\mf3216.dll [MD5.1090F390D244BF56406D16E2B403C03A] - [15/03/2019 05:51:26] - |A| - [1971944] - C:\Windows\system32\mfasfsrcsnk.dll [MD5.BF03FA7D74A37C5E6E9301D32B66C380] - [15/03/2019 05:49:41] - |A| - [479232] - C:\Windows\system32\MFCaptureEngine.dll [MD5.D6C9D1D9109117064B44F023029FBA1B] - [15/03/2019 05:51:07] - |A| - [4507000] - C:\Windows\system32\mfcore.dll [MD5.BCE0D2792EB8615683F306F5379F6141] - [15/03/2019 05:49:50] - |A| - [297984] - C:\Windows\system32\mfksproxy.dll [MD5.D4B63C6A96C7B0C30541D529207E99BE] - [15/03/2019 05:50:37] - |A| - [4814336] - C:\Windows\system32\MFMediaEngine.dll [MD5.6B230EC47337BC315E0C3AE00AECB855] - [15/03/2019 05:50:04] - |A| - [1363968] - C:\Windows\system32\mfmkvsrcsnk.dll [MD5.81433E5EC823B116B1243998A2092064] - [15/03/2019 05:51:26] - |A| - [2712592] - C:\Windows\system32\mfmp4srcsnk.dll [MD5.ABE6CDA32F94D8EA6FA16D18A656F61A] - [15/03/2019 05:51:17] - |A| - [1507624] - C:\Windows\system32\mfmpeg2srcsnk.dll [MD5.1B4B0381972D94D6D75351B37F4C488E] - [15/03/2019 05:50:14] - |A| - [1203552] - C:\Windows\system32\mfnetcore.dll [MD5.90FE4A3CE3804E13E86F2C400F507E46] - [15/03/2019 05:50:19] - |A| - [1633632] - C:\Windows\system32\mfnetsrc.dll [MD5.B57DC0F60473D635FBB6544866F110B1] - [15/03/2019 05:50:21] - |A| - [1781360] - C:\Windows\system32\mfplat.dll [MD5.C0BF8256EB2C1A8C8C4E435828D46F29] - [15/03/2019 05:49:25] - |A| - [261008] - C:\Windows\system32\mfps.dll [MD5.6C6EAACC156EAD38DCD2372D2635D5E0] - [15/03/2019 05:50:06] - |A| - [1084736] - C:\Windows\system32\mfreadwrite.dll [MD5.037FBC2FC80B77216B55F6068A07E8B9] - [15/03/2019 05:49:29] - |A| - [212880] - C:\Windows\system32\mfsensorgroup.dll [MD5.152CDDB18C6070007F378B3C7E004CC8] - [15/03/2019 05:51:22] - |A| - [2267616] - C:\Windows\system32\mfsrcsnk.dll [MD5.57737B9D7CC844EDA1454DEBB28FE5DC] - [15/03/2019 05:50:20] - |A| - [1255056] - C:\Windows\system32\mfsvr.dll [MD5.9B9FCE8FAA72F4AB5CDE2C7A8A2FC0C3] - [15/03/2019 05:48:58] - |A| - [408064] - C:\Windows\system32\microsoft-windows-system-events.dll [MD5.3C79D487CF729AC8D9A5C7AA486D1EE7] - [15/03/2019 05:50:29] - |A| - [3124224] - C:\Windows\system32\Microsoft.Bluetooth.Profiles.Gatt.dll [MD5.ECA2489CE3AEAB6D7E7BD3E693BD6150] - [15/03/2019 05:49:35] - |A| - [222720] - C:\Windows\system32\Microsoft.Bluetooth.Proxy.dll [MD5.A9534BA6072E7041106CA151554D42B8] - [15/03/2019 05:49:02] - |A| - [307200] - C:\Windows\system32\MicrosoftAccountExtension.dll [MD5.6C3A5715D983576DE082A411A48C2BC8] - [15/03/2019 05:49:48] - |A| - [301056] - C:\Windows\system32\MicrosoftAccountWAMExtension.dll [MD5.6760B3B054AECE4800BA539B6E1C5CFD] - [15/03/2019 05:50:38] - |A| - [3478016] - C:\Windows\system32\mispace.dll [MD5.25A01E7B77B696693957812508D7F55D] - [15/03/2019 05:50:17] - |A| - [1936384] - C:\Windows\system32\mmc.exe [MD5.F410DF08D1B887D61155A65DDD912CE0] - [15/03/2019 05:49:23] - |A| - [341504] - C:\Windows\system32\mmcbase.dll [MD5.FDBCBC9D2B1A92E06273905633737959] - [15/03/2019 05:50:26] - |A| - [2983936] - C:\Windows\system32\mmcndmgr.dll [MD5.6681F355FA230A94C8AE5E168CC05775] - [15/03/2019 05:49:43] - |A| - [2186240] - C:\Windows\system32\mmgaclient.dll [MD5.40278F866D7E5BCF082482E796A6CD78] - [15/03/2019 05:49:00] - |A| - [155136] - C:\Windows\system32\mmgaproxystub.dll [MD5.24BB6E99A885407B93C499FBBE546E59] - [15/03/2019 05:49:40] - |A| - [1685504] - C:\Windows\system32\mmgaserver.exe [MD5.40A25734AEC3DF10B675852B34A9ECDA] - [15/03/2019 05:49:08] - |A| - [841216] - C:\Windows\system32\mmsys.cpl [MD5.6B9E286EB5FE6AE0CD4EEEFCEBF62082] - [15/03/2019 05:50:15] - |A| - [1001472] - C:\Windows\system32\modernexecserver.dll [MD5.33CDDD75A86DD1CEEC7AC7F9B4805ECF] - [15/03/2019 05:50:24] - |A| - [7145472] - C:\Windows\system32\mos.dll [MD5.CD246DF8215B59C279E2E03F45959CD8] - [15/03/2019 05:49:24] - |A| - [334136] - C:\Windows\system32\moshostcore.dll [MD5.127A6387191315B5DA5F11C6B5DE3941] - [15/03/2019 05:49:31] - |A| - [856064] - C:\Windows\system32\mprddm.dll [MD5.F8F3CF089351D6D1ACBC1F69824BE9A8] - [15/03/2019 05:51:15] - |A| - [926720] - C:\Windows\system32\MPSSVC.dll [MD5.00000000000000000000000000000000] - [15/03/2019 07:10:38] - |D| - [0] - C:\Windows\system32\MRT [MD5.CC6D8A17DE725C3B3D5C516F41E0D2F5] - [15/03/2019 07:10:35] - |AC| - [127411920] - C:\Windows\system32\MRT.exe [MD5.E2166A792A76A6AFCEB2C5EBD6035F3E] - [15/03/2019 05:49:56] - |A| - [3329536] - C:\Windows\system32\MSAJApi.dll [MD5.DCD6F00342570C576CF1FC50BE3CC141] - [15/03/2019 05:49:33] - |A| - [596480] - C:\Windows\system32\mscms.dll [MD5.E0369FBA21C9EBD0237A915432CFEB81] - [15/03/2019 05:50:44] - |A| - [1463424] - C:\Windows\system32\msctf.dll [MD5.743BD214A7D3CC536105B6B84AFC13F2] - [15/03/2019 05:49:10] - |A| - [217600] - C:\Windows\system32\msctfp.dll [MD5.E0E75372BB921BB501ADEEF1872C0827] - [15/03/2019 05:49:06] - |A| - [826880] - C:\Windows\system32\msdtcprx.dll [MD5.5FE7C8C2DDDB0C52F4CA2935C9C83452] - [15/03/2019 05:49:57] - |A| - [757760] - C:\Windows\system32\msfeeds.dll [MD5.7EB4D9FBBBDABC10FCEDDF210A6EACB3] - [15/03/2019 05:48:59] - |A| - [73216] - C:\Windows\system32\msfeedsbs.dll [MD5.E7DDAE7010C1FDB4C0AB3A61AFE3A5F8] - [15/03/2019 05:48:58] - |A| - [14848] - C:\Windows\system32\msfeedssync.exe [MD5.6EE486D0EFA7AE6F913B500D82B354B0] - [15/03/2019 05:50:23] - |A| - [3198464] - C:\Windows\system32\msftedit.dll [MD5.79BF05DD5D6A2D7AFDD5E37F58EC723A] - [15/03/2019 05:48:58] - |A| - [14848] - C:\Windows\system32\mshta.exe [MD5.DCFCD0C293A24ECC37D6B1F8524F9F02] - [15/03/2019 05:51:11] - |A| - [23678976] - C:\Windows\system32\mshtml.dll [MD5.F967C83FA9D5D51ED58234E80C1284FF] - [15/03/2019 05:48:59] - |A| - [82432] - C:\Windows\system32\MshtmlDac.dll [MD5.766FB5FE9DE7BA21B2012EDC87EAD619] - [15/03/2019 05:49:02] - |A| - [93696] - C:\Windows\system32\mshtmled.dll [MD5.3D79C7815D2AB80F75345D425006E1DB] - [15/03/2019 05:49:43] - |A| - [4056576] - C:\Windows\system32\msi.dll [MD5.E1ED698D30BDEC92923A313AE0006E67] - [15/03/2019 05:49:18] - |A| - [66048] - C:\Windows\system32\msiexec.exe [MD5.D5E29A2F2F9E9AC6D834C62EF3962F63] - [15/03/2019 05:49:22] - |A| - [29696] - C:\Windows\system32\msisip.dll [MD5.A61D61C990FB1DFA2D3C1AE782E8D612] - [15/03/2019 05:49:30] - |A| - [431616] - C:\Windows\system32\msIso.dll [MD5.72074F2A0701F07849762E5C3CDBD435] - [15/03/2019 05:50:22] - |A| - [2406456] - C:\Windows\system32\msmpeg2vdec.dll [MD5.AD4B8BEB88D6AB6960FFE553B59EC3D3] - [15/03/2019 05:49:06] - |A| - [112640] - C:\Windows\system32\msoert2.dll [MD5.C46BEF8F23E222DD2AE0C16A8D1BDC07] - [15/03/2019 05:48:59] - |A| - [159232] - C:\Windows\system32\MSOpusDecoder.dll [MD5.63C7A4EA5EA3C54D92B7D10E0B394650] - [15/03/2019 05:49:39] - |A| - [6722560] - C:\Windows\system32\mspaint.exe [MD5.DBEC7A5098819255A8784901F05D9467] - [15/03/2019 05:49:50] - |A| - [1737728] - C:\Windows\system32\MSPhotography.dll [MD5.6F3D3C7F83E3B9FC7CC7C0F3295C9443] - [15/03/2019 05:49:54] - |A| - [568832] - C:\Windows\system32\msra.exe [MD5.CDDD27C966C0B66669535DEBB9B4FAA1] - [15/03/2019 05:48:56] - |A| - [12288] - C:\Windows\system32\msrating.dll [MD5.3B2EA8F6503C3227DE8194277A195272] - [15/03/2019 05:49:08] - |A| - [126976] - C:\Windows\system32\mssitlb.dll [MD5.EE2B36737C3C4687B67B70EDF8B7782B] - [15/03/2019 05:50:07] - |A| - [863744] - C:\Windows\system32\MsSpellCheckingFacility.dll [MD5.1722934E0B2B33B4A22B81FB4E0A40E4] - [15/03/2019 05:49:30] - |A| - [179712] - C:\Windows\system32\mssph.dll [MD5.2977F5ED72AD79AAF0A12CFE6D52E088] - [15/03/2019 05:49:11] - |A| - [143872] - C:\Windows\system32\mssprxy.dll [MD5.84DC8A262476F86E1103C847016D713F] - [15/03/2019 05:50:31] - |A| - [2741248] - C:\Windows\system32\mssrch.dll [MD5.0D6DAAFE37DA2CB5C2CDAC613488BF20] - [15/03/2019 05:49:52] - |A| - [792064] - C:\Windows\system32\mssvp.dll [MD5.8F50A925596FE12E22ADF123A6DD547C] - [15/03/2019 05:50:06] - |A| - [3630080] - C:\Windows\system32\mstsc.exe [MD5.22067EB06BA5C043E8051E82C8CCA0C5] - [15/03/2019 05:50:39] - |A| - [8432640] - C:\Windows\system32\mstscax.dll [MD5.E127DD22470E8F247E067CE13DCA8E76] - [15/03/2019 05:50:44] - |A| - [418832] - C:\Windows\system32\msv1_0.dll [MD5.4DD4882448C4B91C2095A0A7FC14B16F] - [15/03/2019 05:49:16] - |A| - [586800] - C:\Windows\system32\msvcp110_win.dll [MD5.AE7D6A0EC371EF8716D04749352991C9] - [15/03/2019 05:49:41] - |A| - [628752] - C:\Windows\system32\msvcp_win.dll [MD5.68195105C7D9A2B5DF5BB82ECA521092] - [15/03/2019 05:49:14] - |A| - [630752] - C:\Windows\system32\msvcrt.dll [MD5.CE95CE111E96A0CB34AEB81AB6F7D077] - [15/03/2019 05:50:26] - |A| - [3505664] - C:\Windows\system32\MSVidCtl.dll [MD5.C2C72150753814A00EC18678751C9B9A] - [15/03/2019 05:49:32] - |A| - [710888] - C:\Windows\system32\MSVideoDSP.dll [MD5.41C0900B662510B6826134041FE1E8EF] - [15/03/2019 05:50:04] - |A| - [1133880] - C:\Windows\system32\MSVP9DEC.dll [MD5.9EB931BAC4C10F09B31C7FD353557240] - [15/03/2019 05:49:35] - |A| - [1054392] - C:\Windows\system32\msvproc.dll [MD5.8BBFE8D41D6C69F03C05687792EF6345] - [15/03/2019 05:49:32] - |A| - [1282048] - C:\Windows\system32\MSVPXENC.dll [MD5.19DC173B93EDEFBE5623207FAC243AFF] - [15/03/2019 05:50:33] - |A| - [1856512] - C:\Windows\system32\msxml3.dll [MD5.A5322B11AC5A8D1AC152324CF5E0AA0D] - [15/03/2019 05:50:12] - |A| - [2415864] - C:\Windows\system32\msxml6.dll [MD5.550BEF071FBDE328D5184C87B0E176B5] - [15/03/2019 05:48:16] - |A| - [107520] - C:\Windows\system32\musdialoghandlers.dll [MD5.0435CD4C81A18385011351C5F0A0AD39] - [15/03/2019 05:49:59] - |A| - [402432] - C:\Windows\system32\MusNotification.exe [MD5.7A5752FB02F0F6049327C1951CA62A19] - [15/03/2019 05:49:49] - |A| - [249856] - C:\Windows\system32\MusNotificationUx.exe [MD5.658B8DA74124AA6C0FDF07B35A91B58C] - [15/03/2019 05:47:50] - |A| - [264040] - C:\Windows\system32\MusNotifyIcon.exe [MD5.AD4E90D785CD57CAE7E02792A25E7AA4] - [15/03/2019 05:50:07] - |A| - [858624] - C:\Windows\system32\MusUpdateHandlers.dll [MD5.ACA6E6068D5FBCD64CB599B4B7234FCF] - [15/03/2019 05:49:26] - |A| - [795136] - C:\Windows\system32\NaturalAuth.dll [MD5.2A265F3FE5F77F22CEA9D2785E0399C1] - [15/03/2019 05:49:07] - |A| - [374272] - C:\Windows\system32\ncbservice.dll [MD5.A7578A7B641F07BCC67E76488AB101FF] - [15/03/2019 05:49:50] - |A| - [331776] - C:\Windows\system32\ncryptprov.dll [MD5.2D18D79028AEAE257B4429D08C6F1CA5] - [15/03/2019 05:49:32] - |A| - [118360] - C:\Windows\system32\ncryptsslp.dll [MD5.62232B43114B273462D1CAAEC1D193F8] - [15/03/2019 05:49:54] - |A| - [401408] - C:\Windows\system32\ncsi.dll [MD5.71E830EDA092759585D3DB0B54382018] - [15/03/2019 05:49:06] - |A| - [109568] - C:\Windows\system32\NetDriverInstall.dll [MD5.8451E368813DE8EC59F9E84F88B071AD] - [15/03/2019 05:48:58] - |A| - [20480] - C:\Windows\system32\netevent.dll [MD5.7DBEADC144F91284718ADE81820398B0] - [15/03/2019 05:49:55] - |A| - [820224] - C:\Windows\system32\netlogon.dll [MD5.CB4AEE99CA02DC86DB1F676AC94D188A] - [15/03/2019 05:49:17] - |A| - [298496] - C:\Windows\system32\netplwiz.dll [MD5.50F4B563AF2CA9AC3F9FCAA158735B33] - [15/03/2019 05:49:06] - |A| - [220160] - C:\Windows\system32\netprofm.dll [MD5.8EF316A3190D8E14CA7C85FFE7FF8DB2] - [15/03/2019 05:50:02] - |A| - [541696] - C:\Windows\system32\netprofmsvc.dll [MD5.718D8A5C4F597BE421EEDFE9B4F64191] - [15/03/2019 05:49:21] - |A| - [143264] - C:\Windows\system32\NetSetupApi.dll [MD5.E63CDE5E42666C808C43BB8E330429ED] - [15/03/2019 05:49:50] - |A| - [774560] - C:\Windows\system32\NetSetupEngine.dll [MD5.2049881AB1FC5C03FA3E4E0522EF8DC1] - [15/03/2019 05:49:26] - |A| - [492032] - C:\Windows\system32\NetSetupShim.dll [MD5.B368E739AF3F577EA8D1B256F91036AD] - [15/03/2019 05:49:45] - |A| - [308224] - C:\Windows\system32\NetSetupSvc.dll [MD5.78AE15CCCD334F0A25AE6897ABD502FC] - [15/03/2019 05:49:48] - |A| - [339872] - C:\Windows\system32\NetworkBindingEngineMigPlugin.dll [MD5.0F5A4EC823C8DCF4B333DD66898D06B5] - [15/03/2019 05:49:19] - |A| - [713216] - C:\Windows\system32\NetworkCollectionAgent.dll [MD5.F032DE2CFBFCF82A8BFCF75C1072F13E] - [15/03/2019 05:49:05] - |A| - [234496] - C:\Windows\system32\NetworkDesktopSettings.dll [MD5.5E3BC794D46DD8C5D226374BF49E32B0] - [15/03/2019 05:50:09] - |A| - [3211776] - C:\Windows\system32\NetworkMobileSettings.dll [MD5.8598E34248BE85F5EAC595B2DADDE6EA] - [15/03/2019 05:49:35] - |A| - [513536] - C:\Windows\system32\newdev.dll [MD5.72970159333D72A0CF1EF04BFA5C22E5] - [15/03/2019 05:49:33] - |A| - [703488] - C:\Windows\system32\ngccredprov.dll [MD5.7AF205FDA5EE40EE55346359A610B607] - [15/03/2019 05:49:54] - |A| - [1081856] - C:\Windows\system32\ngcsvc.dll [MD5.B43A42F2C4BA71A227966BEE24712B56] - [15/03/2019 05:49:49] - |A| - [381440] - C:\Windows\system32\ninput.dll [MD5.FA274B36F951A5EF359CF07E2EE188D6] - [15/03/2019 05:49:14] - |A| - [79872] - C:\Windows\system32\nlaapi.dll [MD5.7F609310AC1EC8D66D912438AC792392] - [15/03/2019 05:49:47] - |A| - [366080] - C:\Windows\system32\nlasvc.dll [MD5.AB87EEBCDAEE572447AC9781DFCB4BFB] - [15/03/2019 05:48:59] - |A| - [29184] - C:\Windows\system32\nlmproxy.dll [MD5.DD26719F2CA900D1854CB33F8CDD28E2] - [15/03/2019 05:49:51] - |A| - [893440] - C:\Windows\system32\NMAA.dll [MD5.F86C3D8ADEDCD5B264DCD0926B11621D] - [15/03/2019 05:49:09] - |A| - [330752] - C:\Windows\system32\NmaDirect.dll [MD5.EF2D1D9B50C2D1113DF098074D91A4AB] - [15/03/2019 05:50:12] - |A| - [1043968] - C:\Windows\system32\NotificationController.dll [MD5.C1BCDEC21F6F06D39676B70AB93FFE41] - [15/03/2019 05:49:00] - |A| - [32768] - C:\Windows\system32\NotificationControllerPS.dll [MD5.998B56D83775ADE9BEB1D93A40ED7BF0] - [15/03/2019 05:49:01] - |A| - [321024] - C:\Windows\system32\NotificationObjFactory.dll [MD5.52F71FC6F1F2F999E43D5EE5FD5CC66E] - [15/03/2019 05:46:00] - |A| - [278448] - C:\Windows\system32\Notifier.exe [MD5.A9DC75994F7F4E2CBA45C7A84C2AA768] - [15/03/2019 05:49:21] - |A| - [39936] - C:\Windows\system32\npmproxy.dll [MD5.2DFEF4C2686DAAF6290D110D1599E320] - [15/03/2019 05:48:56] - |A| - [18944] - C:\Windows\system32\nrpsrv.dll [MD5.C705010038DE66EB3A31E7DEF8291758] - [15/03/2019 05:49:23] - |A| - [43008] - C:\Windows\system32\nshhttp.dll [MD5.54407F4E774AE8AD37885BBCC0FFDB3E] - [15/03/2019 05:48:56] - |A| - [30720] - C:\Windows\system32\nsisvc.dll [MD5.D8123E3A02B579CEF41E203E785877C8] - [15/03/2019 05:50:34] - |A| - [1953960] - C:\Windows\system32\ntdll.dll [MD5.31DB1D0F12E1901F4887FCD36752C6A8] - [15/03/2019 05:49:21] - |A| - [38792] - C:\Windows\system32\NtlmShared.dll [MD5.FBD9186168699C827C3E5F6A74A3E402] - [15/03/2019 05:51:20] - |A| - [8617000] - C:\Windows\system32\ntoskrnl.exe [MD5.806E8310B07C740D8DA5E4A52A8A0DE4] - [15/03/2019 05:49:30] - |A| - [863744] - C:\Windows\system32\ntshrui.dll [MD5.89B975455D901D95C43B41FC572DA102] - [15/03/2019 05:49:01] - |A| - [147968] - C:\Windows\system32\occache.dll [MD5.6261F8CD9756B7327313BD8A341990DC] - [15/03/2019 05:48:58] - |A| - [28160] - C:\Windows\system32\odbcconf.dll [MD5.1F8FFE8E8C123E82A5F3951285B843D9] - [15/03/2019 05:49:33] - |A| - [87040] - C:\Windows\system32\ofdeploy.exe [MD5.293AF9A5A6DDCB99A4D08B43B64294D7] - [15/03/2019 05:49:39] - |A| - [128512] - C:\Windows\system32\officecsp.dll [MD5.C6F6297A040E1078DD82BF5F673FDD1F] - [15/03/2019 05:49:29] - |A| - [128928] - C:\Windows\system32\offlinelsa.dll [MD5.D915AECD65AE5221886CDB0654485F5F] - [15/03/2019 05:49:21] - |A| - [250168] - C:\Windows\system32\offlinesam.dll [MD5.BC6B7ECF2743D512324B9E1703885505] - [15/03/2019 05:48:57] - |A| - [79360] - C:\Windows\system32\offreg.dll [MD5.8D566B9BE681F5494E54DFF4DAA7BF9B] - [15/03/2019 05:49:52] - |A| - [1337280] - C:\Windows\system32\ole32.dll [MD5.60F506A9A2FC42D91AAA181376D6B09B] - [15/03/2019 05:49:49] - |A| - [795400] - C:\Windows\system32\oleaut32.dll [MD5.F87B03D9EEC05C03FCFC4AF57B4B0086] - [15/03/2019 05:49:25] - |A| - [428544] - C:\Windows\system32\OneCoreCommonProxyStub.dll [MD5.9F1291F6DDD5AE735635B0BEAD3A9D02] - [15/03/2019 05:49:58] - |A| - [6282184] - C:\Windows\system32\OneCoreUAPCommonProxyStub.dll [MD5.10E758F8E55E2330AD65142C1C2FD3A7] - [15/03/2019 05:50:00] - |A| - [652288] - C:\Windows\system32\OneDriveSettingSyncProvider.dll [MD5.83782E4CC506B9FC2559444F11BBA04E] - [15/03/2019 05:49:19] - |A| - [892872] - C:\Windows\system32\ortcengine.dll [MD5.68FE833F29BE5740B1243E39145AEF7D] - [15/03/2019 05:49:33] - |A| - [620032] - C:\Windows\system32\osk.exe [MD5.E0406C2951A24073AB920705A9CC9D59] - [14/03/2019 22:54:50] - |A| - [130808] - C:\Windows\system32\osrss.dll [MD5.2AE5C6285BA54B5FBAC8B62C64B40432] - [15/03/2019 05:49:26] - |A| - [210944] - C:\Windows\system32\P2P.dll [MD5.35E6495236E917BDFD9659F62EFE2E33] - [15/03/2019 05:49:31] - |A| - [423936] - C:\Windows\system32\p2psvc.dll [MD5.D44C268680739C6F1E7BAC10F6CF9B9D] - [15/03/2019 05:49:39] - |A| - [909312] - C:\Windows\system32\PayloadRestrictions.dll [MD5.1C42CAC7FA34293E1054AE90016710DE] - [15/03/2019 05:48:56] - |A| - [67584] - C:\Windows\system32\pcadm.dll [MD5.56A89E8835F5D74B46109E531D107559] - [15/03/2019 05:48:56] - |A| - [12800] - C:\Windows\system32\pcaevts.dll [MD5.3E7FA87C5EB7584562B4CE1C302B9384] - [15/03/2019 05:49:03] - |A| - [50176] - C:\Windows\system32\pcalua.exe [MD5.E15707C33948656B376FC759A8DA3C60] - [15/03/2019 05:49:54] - |A| - [542520] - C:\Windows\system32\pcasvc.dll [MD5.8810600DB3EEA8120FC9BF3B812902D4] - [15/03/2019 05:49:58] - |A| - [18432] - C:\Windows\system32\PCShellCommonProxyStub.dll [MD5.51B153D12F8983BC02DA8C87D24D1B7C] - [15/03/2019 05:49:13] - |A| - [25088] - C:\Windows\system32\perfnet.dll [MD5.F3FF59A90E24C3DF7CC339668ACE7D0C] - [15/03/2019 05:49:24] - |A| - [203776] - C:\Windows\system32\PersonaX.dll [MD5.F4CD038AA9340B0C9A09E13421D7E389] - [15/03/2019 05:49:13] - |A| - [748032] - C:\Windows\system32\PhoneProviders.dll [MD5.C811E13F01FB77570B727337BBCF64B8] - [15/03/2019 05:49:27] - |A| - [791552] - C:\Windows\system32\PhoneService.dll [MD5.B4E3E0A84E2FC1DC4CC03D6CF100C9CA] - [15/03/2019 05:49:05] - |A| - [430592] - C:\Windows\system32\PhotoMetadataHandler.dll [MD5.D59CD92CE3784678C09B8DF518A8E1A6] - [15/03/2019 05:49:05] - |A| - [188416] - C:\Windows\system32\PimIndexMaintenance.dll [MD5.D6CDA8B7F265DDB16974D3EF2664DA9A] - [15/03/2019 05:48:57] - |A| - [62976] - C:\Windows\system32\PimIndexMaintenanceClient.dll [MD5.A272FE3D88EE84812B334977461DCB22] - [15/03/2019 05:48:58] - |A| - [61440] - C:\Windows\system32\pngfilt.dll [MD5.C15E7930EB01FDDF8A5B874D6AE05BFD] - [15/03/2019 05:49:56] - |A| - [2117632] - C:\Windows\system32\pnidui.dll [MD5.3C899D21CE920195CA987756769B1820] - [15/03/2019 05:49:28] - |A| - [341504] - C:\Windows\system32\pnrpsvc.dll [MD5.45CE809A13CD17BBFE0B4816E37B9C90] - [15/03/2019 05:49:35] - |A| - [491264] - C:\Windows\system32\policymanager.dll [MD5.89A5659721061CA9A9EF702471B41EFB] - [15/03/2019 05:49:00] - |A| - [66560] - C:\Windows\system32\POSyncServices.dll [MD5.01136999E9066C38A2103BC32A4D8E4B] - [15/03/2019 05:49:06] - |A| - [54784] - C:\Windows\system32\Print.Workflow.Source.dll [MD5.C68150067C7EE0469CF21842DD6EA7B1] - [15/03/2019 05:49:13] - |A| - [45056] - C:\Windows\system32\printfilterpipelineprxy.dll [MD5.D2E6947BAD475DAA0E1B203A85625DAA] - [15/03/2019 05:49:57] - |A| - [836608] - C:\Windows\system32\printfilterpipelinesvc.exe [MD5.A363E4424F5AF1E5CF5DB6217EDE30AE] - [15/03/2019 05:48:59] - |A| - [24576] - C:\Windows\system32\PrintWorkflowProxy.dll [MD5.806CA0CAA81AC15C0E275E43529A1EE4] - [15/03/2019 05:49:06] - |A| - [167936] - C:\Windows\system32\PrintWorkflowService.dll [MD5.0225FC6F0D91F84B44CE252487D8D725] - [23/03/2019 04:54:25] - |A| - [607256] - C:\Windows\system32\prodad-codec.dll [MD5.A14E6B78E10DE725955CC39EAADF4046] - [23/03/2019 04:54:21] - |A| - [376344] - C:\Windows\system32\proDAD-PA-Support.dll [MD5.5660B827F4D484E3329E3714CAED957D] - [15/03/2019 05:49:55] - |A| - [408064] - C:\Windows\system32\profsvc.dll [MD5.0B9AC8B320354B9A03C86D24B4C36113] - [15/03/2019 05:49:51] - |A| - [1778272] - C:\Windows\system32\propsys.dll [MD5.F06B4740D08CC0B4CD68C3FC4CCDA5A2] - [15/03/2019 05:49:11] - |A| - [82944] - C:\Windows\system32\provdatastore.dll [MD5.40FB59ED85686F28D54CCEAAAFD4FAA5] - [15/03/2019 05:49:49] - |A| - [432640] - C:\Windows\system32\provengine.dll [MD5.75FE3FDF28D14F1B6E0DFCF870035747] - [15/03/2019 05:49:56] - |A| - [427008] - C:\Windows\system32\provhandlers.dll [MD5.C53E3676A270126AAD93B6607BDF774B] - [15/03/2019 05:49:14] - |A| - [204288] - C:\Windows\system32\provisioningcsp.dll [MD5.6ADC63AAE868274BAB657CF9BB7D2E91] - [15/03/2019 05:49:01] - |A| - [141312] - C:\Windows\system32\provpackageapidll.dll [MD5.27EDE94217CFF0CCAC36BD02DA8DFE38] - [15/03/2019 05:49:31] - |A| - [73216] - C:\Windows\system32\provtool.exe [MD5.0BF27B28677B73B0C19E4DD13620A62F] - [15/03/2019 05:49:27] - |A| - [436224] - C:\Windows\system32\PsmServiceExtHost.dll [MD5.728EB09C07EAA290F4E852068D0016C6] - [15/03/2019 05:48:57] - |A| - [233984] - C:\Windows\system32\psmsrv.dll [MD5.98E0EFDA157E3B407D546C0A3F0412EF] - [15/03/2019 05:49:26] - |A| - [200704] - C:\Windows\system32\puiapi.dll [MD5.E616BFB0ECAD3AFB62EFFA562577A121] - [15/03/2019 05:49:51] - |A| - [459776] - C:\Windows\system32\puiobj.dll [MD5.15DA6327829E1E0440DB2465194CFCE2] - [15/03/2019 05:49:34] - |A| - [254976] - C:\Windows\system32\PushToInstall.dll [MD5.8F81AAE120E5A058E1D311E012965A96] - [15/03/2019 04:50:35] - |A| - [31565888] - C:\Windows\system32\pvl64.dll [MD5.72F089FAC0BD345EA11965B5E5179435] - [15/03/2019 04:50:37] - |A| - [505920] - C:\Windows\system32\pvl_perspective_control64.dll [MD5.9B8E48ACB0D2BD037A11E247F31117A8] - [15/03/2019 04:50:37] - |A| - [136792] - C:\Windows\system32\pvl_skin_smoothing_denoising64.dll [MD5.4C5431E5B7AC5F27FF825B0FFABEF7BF] - [15/03/2019 05:50:19] - |A| - [1348608] - C:\Windows\system32\qmgr.dll [MD5.0490769A6EB5D1B97AB0CD22935C73C8] - [15/03/2019 05:50:09] - |A| - [1607168] - C:\Windows\system32\quartz.dll [MD5.3875F33EB57E7F1BB2A86B1D3BDCA2B5] - [15/03/2019 05:49:06] - |A| - [128000] - C:\Windows\system32\racpldlg.dll [MD5.BF218FF08F540B0EF42F2CAB20E667FE] - [15/03/2019 05:50:11] - |A| - [939520] - C:\Windows\system32\rasapi32.dll [MD5.54D8A771A5C32C293288E64ABE07FE50] - [15/03/2019 05:49:08] - |A| - [104960] - C:\Windows\system32\rasauto.dll [MD5.8BAD7D33FDA414CE1E37C90D787664A1] - [15/03/2019 05:49:27] - |A| - [137216] - C:\Windows\system32\raschap.dll [MD5.B377348423BE76EF5A072EB24A3192BF] - [15/03/2019 05:49:26] - |A| - [401920] - C:\Windows\system32\rascustom.dll [MD5.8E16A46C36B545F821CA4D13B460BDAC] - [15/03/2019 05:49:58] - |A| - [939520] - C:\Windows\system32\rasdlg.dll [MD5.2504824FCC332D7C1F4D0BB8434D8520] - [15/03/2019 05:49:40] - |A| - [950784] - C:\Windows\system32\rasgcw.dll [MD5.B6D5DF64A92DAFDF967D9CB21B30036D] - [15/03/2019 05:49:52] - |A| - [930816] - C:\Windows\system32\rasmans.dll [MD5.0F31945FCE3188D081C6FC23BD98EF9D] - [15/03/2019 05:49:25] - |A| - [499200] - C:\Windows\system32\rastls.dll [MD5.30179149ED1745DC3F18E75792B24964] - [15/03/2019 04:57:24] - |A| - [2939408] - C:\Windows\system32\RCoInstII64.dll [MD5.AFDF4CC4C644C2015B98A33E1BC534A2] - [15/03/2019 05:49:32] - |A| - [1097728] - C:\Windows\system32\rdpbase.dll [MD5.171CEBA2650AC43BC521BFC5C63F587A] - [15/03/2019 05:50:04] - |A| - [627712] - C:\Windows\system32\rdpcore.dll [MD5.700B07A51B7D62596E48536F2451D44E] - [15/03/2019 05:50:16] - |A| - [2035712] - C:\Windows\system32\rdpcorets.dll [MD5.D221EC240104F5477C91C9D0268AD0BD] - [15/03/2019 05:49:04] - |A| - [216576] - C:\Windows\system32\RdpRelayTransport.dll [MD5.59257FC9875CA3F55F326B1BBADE9052] - [15/03/2019 05:49:59] - |A| - [1659904] - C:\Windows\system32\rdpserverbase.dll [MD5.1A30AA7762B455591A05DEBA533D978F] - [15/03/2019 05:49:18] - |A| - [93712] - C:\Windows\system32\rdpudd.dll [MD5.E23990F2AD13908725816FAF299C7278] - [15/03/2019 05:49:31] - |A| - [392192] - C:\Windows\system32\RDXTaskFactory.dll [MD5.180BFFC501C8C3B8539C063A648F7B54] - [15/03/2019 05:50:00] - |A| - [1570304] - C:\Windows\system32\RecoveryDrive.exe [MD5.5B67DDCA453FFBA07C4848E315B69C6B] - [15/03/2019 05:49:13] - |A| - [24064] - C:\Windows\system32\regsvr32.exe [MD5.5B204F7918F0FC3ECDB97784A139325D] - [15/03/2019 05:49:24] - |A| - [87296] - C:\Windows\system32\remoteaudioendpoint.dll [MD5.E91B129A61DE9F362FEA7CAA8E0311D3] - [15/03/2019 05:49:56] - |A| - [1160704] - C:\Windows\system32\reseteng.dll [MD5.1D3C3EC5405E2173EB6F5A1C222EE728] - [15/03/2019 05:50:19] - |A| - [2511360] - C:\Windows\system32\ResetEngine.dll [MD5.11A988DF0EA81F092A0BA341227AF79E] - [15/03/2019 05:49:34] - |A| - [602624] - C:\Windows\system32\resutils.dll [MD5.112F8D853ECE27672FBD7257E3CBC210] - [15/03/2019 05:49:16] - |A| - [125568] - C:\Windows\system32\rmclient.dll [MD5.7EF8C80804B85EB40B9F6EF041854286] - [15/03/2019 05:49:48] - |A| - [1172976] - C:\Windows\system32\rpcrt4.dll [MD5.3B50C211FADE00AD16939157CE2FFC25] - [15/03/2019 05:49:47] - |A| - [1117184] - C:\Windows\system32\rpcss.dll [MD5.483AA94E050F674E19DF2BB664D8F501] - [15/03/2019 05:49:43] - |A| - [203568] - C:\Windows\system32\rsaenh.dll [MD5.7D0314BA4E7BDA57D231C925DDA1F77E] - [15/03/2019 05:49:04] - |A| - [130048] - C:\Windows\system32\rshx32.dll [MD5.5652D8A0F9CB8D8376868B5021460A85] - [15/03/2019 05:49:08] - |A| - [266752] - C:\Windows\system32\rstrui.exe [MD5.0AFA68F828B06A520E8DEA30B84B66E1] - [15/03/2019 04:57:26] - |A| - [1353216] - C:\Windows\system32\RTCOM64.dll [MD5.C4DF02175D74BD8C78B27D036FE180F9] - [15/03/2019 04:57:27] - |A| - [692272] - C:\Windows\system32\RtDataProc64.dll [MD5.F2A04577990047992B9613DD13605AB7] - [15/03/2019 04:57:28] - |A| - [3340520] - C:\Windows\system32\RtkApi64.dll [MD5.7C8B7C210319CBBB97BAF418E4273BFF] - [15/03/2019 04:57:29] - |A| - [193088] - C:\Windows\system32\RtkCfg64.dll [MD5.C1693D9DCCA99B7416A67818B6A031EB] - [15/03/2019 04:57:32] - |A| - [343808] - C:\Windows\system32\RtlCPAPI64.dll [MD5.8060A5DAFA23EC92DF33C452C21FFDAA] - [15/03/2019 05:49:56] - |A| - [1002952] - C:\Windows\system32\rtmcodecs.dll [MD5.59C0B00208A4BF639BB993CAA0EF83B9] - [15/03/2019 05:49:02] - |A| - [438784] - C:\Windows\system32\RTMediaFrame.dll [MD5.4E05E95B0CF7BE0E023D81AB9AA15F12] - [15/03/2019 05:49:18] - |A| - [65992] - C:\Windows\system32\rtmmvrortc.dll [MD5.CFC6BF1458AD09748CCCE07CDE3B44C9] - [15/03/2019 05:50:04] - |A| - [1234888] - C:\Windows\system32\rtmpal.dll [MD5.7C66C26DC87BA64D6BBD57E41DF2CF7D] - [15/03/2019 05:50:32] - |A| - [4959688] - C:\Windows\system32\rtmpltfm.dll [MD5.2736EFFC2767D36DD8C4F8BE7EE1D424] - [15/03/2019 04:57:32] - |A| - [3159888] - C:\Windows\system32\RtPgEx64.dll [MD5.4AF4F67BB18BAABBB28ED84FFF278562] - [15/03/2019 04:57:44] - |A| - [3677288] - C:\Windows\system32\RTSnMg64.cpl [MD5.969A44335D6F50FB061733DEA5AC0709] - [15/03/2019 05:49:39] - |A| - [172112] - C:\Windows\system32\RTWorkQ.dll [MD5.3767825203BB89C66309BFE62E75E6D2] - [15/03/2019 05:50:47] - |A| - [97792] - C:\Windows\system32\runexehelper.exe [MD5.AB25414E0736EEFA6EE50969A5177AD2] - [15/03/2019 05:49:49] - |A| - [899584] - C:\Windows\system32\samsrv.dll [MD5.30FA05F0212168F6E01E0274CDF55364] - [15/03/2019 05:49:16] - |A| - [82432] - C:\Windows\system32\SCardDlg.dll [MD5.93B12AC7CEAF6BA742DC13AEA349217A] - [15/03/2019 05:49:33] - |A| - [259072] - C:\Windows\system32\SCardSvr.dll [MD5.3396A6A892987E8B81289583FC416360] - [15/03/2019 05:49:06] - |A| - [198144] - C:\Windows\system32\ScDeviceEnum.dll [MD5.3D506B517314C35D63A01C3A20119D60] - [15/03/2019 05:50:00] - |A| - [474624] - C:\Windows\system32\schannel.dll [MD5.07317D59B3CCABD09D0EE71A7527DCEA] - [15/03/2019 05:49:57] - |A| - [880640] - C:\Windows\system32\schedsvc.dll [MD5.EA631200C695C445B3F4824A367D4F92] - [15/03/2019 05:49:29] - |A| - [256000] - C:\Windows\system32\scksp.dll [MD5.B407369B419F517AFCEAD3DEAEE39B6E] - [15/03/2019 05:49:35] - |A| - [222208] - C:\Windows\system32\scrobj.dll [MD5.F45F8BCCDDCFF6E79136A9323A0E1CCF] - [15/03/2019 05:49:29] - |A| - [193024] - C:\Windows\system32\scrrun.dll [MD5.9F59502CE682C1C627679562A5387D2A] - [15/03/2019 05:49:16] - |A| - [35744] - C:\Windows\system32\SDFHost.dll [MD5.C006E2BDBF2EBA914C05838694C8020D] - [15/03/2019 05:49:36] - |A| - [388608] - C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll [MD5.B6FA8F0AE5DAEFFD22696E06309C0692] - [15/03/2019 05:49:30] - |A| - [225280] - C:\Windows\system32\SearchFilterHost.exe [MD5.F47F55176933808FFA05DF8AE1DE40CC] - [15/03/2019 05:50:10] - |A| - [982016] - C:\Windows\system32\SearchIndexer.exe [MD5.C5294F7B850EE1CD7BC8E87BB65ABBB7] - [15/03/2019 05:49:20] - |A| - [377856] - C:\Windows\system32\SearchProtocolHost.exe [MD5.1FE0FA8C6C73F25AD72E0109C85028DC] - [15/03/2019 05:50:04] - |A| - [1044792] - C:\Windows\system32\SecConfig.efi [MD5.10571AB73F1E9602D2AF5435974D4EC4] - [15/03/2019 05:49:40] - |A| - [371496] - C:\Windows\system32\sechost.dll [MD5.75BB18120B9478E608EC7F7547D06481] - [15/03/2019 05:49:20] - |A| - [30720] - C:\Windows\system32\seclogon.dll [MD5.EBEEFB13397547D7E7D1B88BB24404BB] - [15/03/2019 05:49:13] - |A| - [27648] - C:\Windows\system32\secur32.dll [MD5.C72938C9FA368F7E680BB3FCF23FAF98] - [15/03/2019 05:49:44] - |A| - [600872] - C:\Windows\system32\securekernel.exe [MD5.CC1D832210DDF3E3C598025F643C8336] - [15/03/2019 05:49:35] - |A| - [189344] - C:\Windows\system32\SecurityHealthAgent.dll [MD5.6660372C957E3013488EC5CE960C02C0] - [15/03/2019 05:49:20] - |A| - [75168] - C:\Windows\system32\SecurityHealthProxyStub.dll [MD5.2BBC2F0C8DF38DD72AF7EC97298101C0] - [15/03/2019 05:49:52] - |A| - [519152] - C:\Windows\system32\SecurityHealthService.exe [MD5.DE87FFC643205C99D0D906520381B7D1] - [15/03/2019 05:49:03] - |A| - [37376] - C:\Windows\system32\SEMgrPS.dll [MD5.A8A23102301BCB047B269C59167D4B8F] - [15/03/2019 05:49:59] - |A| - [1234432] - C:\Windows\system32\SEMgrSvc.dll [MD5.109A90EF5B1E771DA47C371BA9485960] - [15/03/2019 05:49:41] - |A| - [555520] - C:\Windows\system32\SensorService.dll [MD5.3C7280B0BB401D6645128A9D5B076D35] - [15/03/2019 05:49:47] - |A| - [205312] - C:\Windows\system32\sensrsvc.dll [MD5.7F7EBA3672F5FEB1F6F3A4039BF7340B] - [15/03/2019 05:50:07] - |A| - [616888] - C:\Windows\system32\services.exe [MD5.846F99625DB02B06E0581715D0C4D0C9] - [15/03/2019 05:48:57] - |A| - [387584] - C:\Windows\system32\SessEnv.dll [MD5.9253C02DF8782AA6FE66B595F555CBAC] - [15/03/2019 05:49:45] - |A| - [197632] - C:\Windows\system32\SettingMonitor.dll [MD5.7AE1FC977254F3398C7A2D4D7590CFFA] - [15/03/2019 05:49:39] - |A| - [363008] - C:\Windows\system32\SettingsEnvironment.Desktop.dll [MD5.009C5AC2EF035AD6F3BEBE7E5B6658AA] - [15/03/2019 05:49:23] - |A| - [170496] - C:\Windows\system32\SettingsHandlers_ContentDeliveryManager.dll [MD5.4A7A922FBB02862FDF0928C63A8DF15C] - [15/03/2019 05:49:35] - |A| - [620032] - C:\Windows\system32\SettingsHandlers_Devices.dll [MD5.75F731CC28BD247C1D7EA887AD1E72C4] - [15/03/2019 05:49:29] - |A| - [332800] - C:\Windows\system32\SettingsHandlers_Notifications.dll [MD5.B5A611F180E62FB9CABE64F5ECE4E10F] - [15/03/2019 05:50:15] - |A| - [4113408] - C:\Windows\system32\SettingsHandlers_nt.dll [MD5.668D7B537300437CF39FD64306420188] - [15/03/2019 05:49:07] - |A| - [188928] - C:\Windows\system32\SettingsHandlers_OneCore_BatterySaver.dll [MD5.8BBE5C37BFAC7FDD88C010C7FA131BFB] - [15/03/2019 05:49:09] - |A| - [250368] - C:\Windows\system32\SettingsHandlers_SignInOptions.dll [MD5.C402E09AA10A8BEDB85690426A131F32] - [15/03/2019 05:49:34] - |A| - [168448] - C:\Windows\system32\SettingsHandlers_SIUF.dll [MD5.3CB8B94FA26165343AAE6C37E73FB3A8] - [15/03/2019 05:49:19] - |A| - [503296] - C:\Windows\system32\SettingsHandlers_User.dll [MD5.65BF5781AFE833EBCAD1AF6F023D8DCE] - [15/03/2019 05:49:55] - |A| - [508928] - C:\Windows\system32\SettingSync.dll [MD5.05512E5D7C13AB0C9E38AB3FA56DC752] - [15/03/2019 05:50:00] - |A| - [1135104] - C:\Windows\system32\SettingSyncCore.dll [MD5.077448FDBA43596FA4372C21AFF67CBC] - [15/03/2019 05:50:10] - |A| - [967584] - C:\Windows\system32\SettingSyncHost.exe [MD5.7DC3B104CB9F145E125286B09659774B] - [15/03/2019 05:49:13] - |A| - [90624] - C:\Windows\system32\SettingSyncPolicy.dll [MD5.23E661467FA2EB68B711EA20974B4CB7] - [15/03/2019 05:49:38] - |A| - [4537040] - C:\Windows\system32\setupapi.dll [MD5.B6AE95336BCB33015D4EA0E59892960A] - [15/03/2019 05:49:35] - |A| - [201728] - C:\Windows\system32\SharedPCCSP.dll [MD5.5FD29217730A8A58CC9B200088E788B0] - [15/03/2019 05:49:01] - |A| - [421376] - C:\Windows\system32\SharedRealitySvc.dll [MD5.9EE04793D8F4EEDAB82FCAD0FF163032] - [15/03/2019 05:50:15] - |A| - [1224704] - C:\Windows\system32\ShareHost.dll [MD5.EC401EE3E2A122C9AAE1D5AE26F05FD4] - [15/03/2019 05:49:45] - |A| - [671024] - C:\Windows\system32\SHCore.dll [MD5.42B0F9A7E077773D59537E1A69B9113E] - [15/03/2019 05:50:43] - |A| - [21357232] - C:\Windows\system32\shell32.dll [MD5.00000000000000000000000000000000] - [15/03/2019 10:48:27] - |D| - [7572480] - C:\Windows\system32\ShellExtBridge [MD5.84E959936BEAED3A43696628AFFFC1F1] - [15/03/2019 05:49:16] - |A| - [327008] - C:\Windows\system32\shlwapi.dll [MD5.F627EEEFA3EFC67886949658EA4B2695] - [15/03/2019 05:49:26] - |A| - [135680] - C:\Windows\system32\shsetup.dll [MD5.503256AB8B30EA0931C071C140B908D1] - [15/03/2019 05:49:47] - |A| - [276992] - C:\Windows\system32\shutdownux.dll [MD5.D248F3C64B3CD64270FF9A507B814C53] - [15/03/2019 05:49:14] - |A| - [266752] - C:\Windows\system32\SIHClient.exe [MD5.B25335B958E12D2DB48774ADBCA00910] - [15/03/2019 05:49:33] - |A| - [192920] - C:\Windows\system32\skci.dll [MD5.D3419A191F8CABEFBCE0E280265B53DA] - [15/03/2019 05:49:06] - |A| - [21504] - C:\Windows\system32\slcext.dll [MD5.AE884EB0EB1281E2BBDF6509C8149B90] - [15/03/2019 05:50:10] - |A| - [898560] - C:\Windows\system32\SmartcardCredentialProvider.dll [MD5.6E7E085F439B587E0E00B71EB4CA9F3C] - [15/03/2019 05:50:11] - |A| - [2596352] - C:\Windows\system32\smartscreen.exe [MD5.53F1E64294B8944D1202C83A7FD13217] - [15/03/2019 05:49:26] - |A| - [239104] - C:\Windows\system32\smartscreenps.dll [MD5.F4B4E405BCDE95D748F8429FCC30E668] - [15/03/2019 05:48:59] - |A| - [588800] - C:\Windows\system32\SmsRouterSvc.dll [MD5.4C86746E7618463C45DAC6E9ADE6C44F] - [15/03/2019 05:49:39] - |A| - [144288] - C:\Windows\system32\smss.exe [MD5.EFAFE91A54F016498BA983ECA19649EF] - [15/03/2019 05:49:30] - |A| - [708096] - C:\Windows\system32\SndVolSSO.dll [MD5.CBF0FFBF3ECC91258C4E3E5C92224AE9] - [15/03/2019 05:49:29] - |A| - [161792] - C:\Windows\system32\spacebridge.dll [MD5.D4F22CDF9E777345B32CEC0501334D1E] - [15/03/2019 05:49:25] - |A| - [361984] - C:\Windows\system32\SpatializerApo.dll [MD5.DF9885196765DCBB770F48CF42463F80] - [15/03/2019 05:49:00] - |A| - [262656] - C:\Windows\system32\SpatialStore.dll [MD5.4B0E1AAF4ED7387032A4F0CC11BA6080] - [15/03/2019 05:51:03] - |A| - [956416] - C:\Windows\system32\Spectrum.exe [MD5.8D30AAF519A40D69F6BABFFD60C75E56] - [15/03/2019 05:49:09] - |A| - [37888] - C:\Windows\system32\SpectrumSyncClient.dll [MD5.153F12DE99760ACC89F53848DED45679] - [15/03/2019 05:50:03] - |A| - [765952] - C:\Windows\system32\spoolsv.exe [MD5.FA5485502AAC39E157E67EF530B9C351] - [15/03/2019 05:49:07] - |A| - [496640] - C:\Windows\system32\sppcext.dll [MD5.86DEC9B3347DE7F835EE125AB8F7FB85] - [15/03/2019 05:50:29] - |A| - [1619720] - C:\Windows\system32\sppobjs.dll [MD5.CED434DA6E043B450141932D974FF8C1] - [15/03/2019 05:50:50] - |A| - [4504464] - C:\Windows\system32\sppsvc.exe [MD5.0629BBE5DD859B00B10D65BC5B4029D9] - [15/03/2019 05:49:59] - |A| - [730984] - C:\Windows\system32\sppwinob.dll [MD5.9E874B6792C5DBC2F7B89B246A4BAC4C] - [15/03/2019 05:49:13] - |A| - [365568] - C:\Windows\system32\srchadmin.dll [MD5.B8FADC95A9126277F78618D4D162B9AE] - [15/03/2019 05:49:50] - |A| - [482816] - C:\Windows\system32\srcore.dll [MD5.B4E201F2895690EA72A79787FA1CB06F] - [15/03/2019 05:50:18] - |A| - [3578368] - C:\Windows\system32\SRH.dll [MD5.D0319B61F040E7F0025E82A46A87DF72] - [15/03/2019 05:49:26] - |A| - [145408] - C:\Windows\system32\srpapi.dll [MD5.2EC02DFC530560D0C01C7428E4CC9D27] - [15/03/2019 05:48:57] - |A| - [270848] - C:\Windows\system32\srvsvc.dll [MD5.7B5E955BB63726AB625F79AA7AF7FA11] - [15/03/2019 05:48:57] - |A| - [228352] - C:\Windows\system32\ssdpsrv.dll [MD5.A88484D9242C7866E2CCBD67594A8908] - [15/03/2019 05:50:44] - |A| - [185120] - C:\Windows\system32\sspicli.dll [MD5.37E75177909C82D55DA2AD847EDF439E] - [15/03/2019 05:50:44] - |A| - [28672] - C:\Windows\system32\sspisrv.dll [MD5.5C225B8B1C3D1FEEAEEB4FFC2CAFD9C3] - [15/03/2019 05:50:51] - |A| - [5890120] - C:\Windows\system32\StartTileData.dll [MD5.6A72BCAA25F7755F97E99D01AF2A8190] - [15/03/2019 05:50:16] - |A| - [614160] - C:\Windows\system32\StateRepository.Core.dll [MD5.4C74FCF3B3010B5D0EAE3F12E6374E89] - [15/03/2019 05:49:34] - |A| - [417792] - C:\Windows\system32\stobject.dll [MD5.15F2382335C5759B2901BE93D081DF8C] - [15/03/2019 05:48:57] - |A| - [2666496] - C:\Windows\system32\storagewmi.dll [MD5.82EEF358E4F1B0D43C044A3CF5676FC2] - [15/03/2019 05:50:05] - |A| - [964096] - C:\Windows\system32\StorSvc.dll [MD5.63CBA982B6B59722CC872E5F8CBA8BF3] - [15/03/2019 05:49:50] - |A| - [687456] - C:\Windows\system32\StructuredQuery.dll [MD5.FF9B35E7816C61A9376149C4D706FD92] - [15/03/2019 05:49:37] - |A| - [680960] - C:\Windows\system32\sud.dll [MD5.5BA645BB55CA869ADC6A25A8F430F7F7] - [15/03/2019 05:49:15] - |A| - [248320] - C:\Windows\system32\svf.dll [MD5.AE80F089FF890EF483FDB82B9F2A2EA8] - [15/03/2019 06:58:58] - |A| - [313] - C:\Windows\system32\swhealthex.log [MD5.ACED35B02458BC836186B90A20DEA246] - [15/03/2019 05:49:48] - |A| - [3367936] - C:\Windows\system32\SyncCenter.dll [MD5.A6AFB43933A96338CD50E890D4278ACB] - [15/03/2019 05:49:30] - |A| - [624128] - C:\Windows\system32\SyncController.dll [MD5.3109BEE37B1375D85548D64562240CFF] - [15/03/2019 05:49:48] - |A| - [324096] - C:\Windows\system32\SyncSettings.dll [MD5.EE6CEBDB3C9AAD1C80AE32878FCD17C4] - [15/03/2019 05:49:49] - |A| - [970240] - C:\Windows\system32\sysmain.dll [MD5.F29FF0B9CCFF1F99C39B1C90F0B80300] - [15/03/2019 05:48:56] - |A| - [24576] - C:\Windows\system32\sysntfy.dll [MD5.1B38351CB4C71E4004B9850BDCD9D907] - [15/03/2019 05:49:01] - |A| - [284672] - C:\Windows\system32\SystemEventsBrokerServer.dll [MD5.200F0F66CD090CFBD8B3FB1DD0DDDD79] - [15/03/2019 05:49:41] - |A| - [508272] - C:\Windows\system32\systemreset.exe [MD5.E25F219E0F11CCF4B463276CC78100B6] - [15/03/2019 05:49:12] - |A| - [1425408] - C:\Windows\system32\SystemSettings.Handlers.dll [MD5.43FD5C58AE2FE95BB303496E35C3C202] - [15/03/2019 05:49:24] - |A| - [490496] - C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll [MD5.F02767A3A341537680997ECAE674155B] - [15/03/2019 05:49:23] - |A| - [398728] - C:\Windows\system32\SystemSettingsAdminFlows.exe [MD5.68FC5C874F6AAA1EC6E57E2B36725C1C] - [15/03/2019 05:50:02] - |A| - [4592640] - C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll [MD5.1656DC169878FAEDAEDB94BC1A91B2E5] - [15/03/2019 05:49:59] - |A| - [175616] - C:\Windows\system32\t2embed.dll [MD5.5653A2B4FEA9469D31778371B6479232] - [15/03/2019 05:49:22] - |A| - [505344] - C:\Windows\system32\taskcomp.dll [MD5.D680547DC49CA40369817569736C944C] - [15/03/2019 05:50:02] - |A| - [1313016] - C:\Windows\system32\Taskmgr.exe [MD5.EF5DE2C2EA37E6752218D838BE0B6CF2] - [15/03/2019 05:48:58] - |A| - [36352] - C:\Windows\system32\tbauth.dll [MD5.AD1699FD799669CB79427BFD33B9BAA9] - [15/03/2019 05:49:13] - |A| - [217088] - C:\Windows\system32\tcpmon.dll [MD5.E9C39C6E8FCE5C084F2D0FF16C02EB4A] - [15/03/2019 05:48:58] - |A| - [84992] - C:\Windows\system32\tdc.ocx [MD5.FDEE0F5290465D65CC857E8C565FCBC0] - [15/03/2019 05:49:26] - |A| - [507392] - C:\Windows\system32\TDLMigration.dll [MD5.27DF79C4F8B680C70895B844CB2A0DB3] - [15/03/2019 05:49:01] - |A| - [173056] - C:\Windows\system32\tdlrecover.exe [MD5.0CF99D60588AF7F198C135BABCA287F2] - [15/03/2019 05:49:35] - |A| - [208384] - C:\Windows\system32\tetheringservice.dll [MD5.4AFC829A777CAD161200F1169B6C27B1] - [15/03/2019 05:49:22] - |A| - [617312] - C:\Windows\system32\TextInputFramework.dll [MD5.9721A6BEAB8E57262FF72A64C9D5C7A5] - [15/03/2019 05:49:07] - |A| - [2490880] - C:\Windows\system32\themecpl.dll [MD5.7C5272A6CC0D18CFD5C47B4ABA766A23] - [15/03/2019 05:49:47] - |A| - [2873856] - C:\Windows\system32\themeui.dll [MD5.C8F0C26F8780B39508A07886FEB7F037] - [15/03/2019 05:50:29] - |A| - [571392] - C:\Windows\system32\TileDataRepository.dll [MD5.FEF910A47EC2E7F9A5E6847D10E5BB50] - [15/03/2019 05:49:07] - |A| - [561152] - C:\Windows\system32\tileobjserver.dll [MD5.EA80B2C811A7F6B1C9EED312F06F26FB] - [15/03/2019 05:48:57] - |A| - [175616] - C:\Windows\system32\TimeBrokerServer.dll [MD5.5AF4B46215DD0A7CE86910E4668BAFB7] - [15/03/2019 05:49:23] - |A| - [508416] - C:\Windows\system32\timedate.cpl [MD5.B46BABA224F615C80C1CC215316F6445] - [15/03/2019 05:49:23] - |A| - [47616] - C:\Windows\system32\tokenbinding.dll [MD5.CF2A9365420A4162127F9850145A6437] - [15/03/2019 05:50:20] - |A| - [1236992] - C:\Windows\system32\TokenBroker.dll [MD5.5423A9B70C585470C5C9D855281626AB] - [15/03/2019 05:48:58] - |A| - [17408] - C:\Windows\system32\TokenBrokerCookies.exe [MD5.6F89BEA8EEEB205E10CE4CD434B470D9] - [15/03/2019 05:49:01] - |A| - [44032] - C:\Windows\system32\TokenBrokerUI.dll [MD5.8D3D8C7288448BE8E6A7024CFA9E507D] - [15/03/2019 05:50:29] - |A| - [3405824] - C:\Windows\system32\tquery.dll [MD5.554F8E8143ECAD0127775F34FBF49D5C] - [15/03/2019 05:49:39] - |A| - [118272] - C:\Windows\system32\TSpkg.dll [MD5.989DA824E995457D98873DD21CA2B8B9] - [15/03/2019 05:49:30] - |A| - [240128] - C:\Windows\system32\TtlsAuth.dll [MD5.E4BA1324CC7C7B789A066416F3B33B05] - [15/03/2019 05:49:07] - |A| - [219648] - C:\Windows\system32\TtlsCfg.dll [MD5.6E39A1F7FCC3D9034435F93C8B41FF82] - [15/03/2019 05:49:29] - |A| - [222208] - C:\Windows\system32\TtlsExt.dll [MD5.7B4A3705A6AB2E55139A9F0CD0696BB7] - [15/03/2019 05:49:35] - |A| - [181760] - C:\Windows\system32\twext.dll [MD5.BB57360E8E1C53E42F12C7893D1E6A65] - [15/03/2019 05:50:46] - |A| - [1554120] - C:\Windows\system32\twinapi.appcore.dll [MD5.729AF3B925184841627A8F64F9CA6C75] - [15/03/2019 05:49:25] - |A| - [506880] - C:\Windows\system32\twinapi.dll [MD5.08CD5055B9EB98355655203457D3C73F] - [15/03/2019 05:49:56] - |A| - [825856] - C:\Windows\system32\twinui.appcore.dll [MD5.BFB58B4C4EB68045DACE696E6289F106] - [15/03/2019 05:50:46] - |A| - [7545344] - C:\Windows\system32\twinui.dll [MD5.79D4D9388D364211FD178E7746125C85] - [15/03/2019 05:50:46] - |A| - [2976256] - C:\Windows\system32\twinui.pcshell.dll [MD5.13498F649996490D466B1B281A48BC26] - [15/03/2019 05:49:11] - |A| - [96256] - C:\Windows\system32\tzautoupdate.dll [MD5.FE42984491E09E598EE6EEEB825ABB98] - [15/03/2019 05:48:58] - |A| - [2560] - C:\Windows\system32\tzres.dll [MD5.99E5408214F6862F4AB5005B8A793B58] - [15/03/2019 05:49:54] - |A| - [268288] - C:\Windows\system32\ubpm.dll [MD5.37916C7AF318FB27C49D7E8AF706D1FB] - [15/03/2019 05:49:58] - |A| - [997312] - C:\Windows\system32\ucrtbase.dll [MD5.C63E5850148405D3C78D1D9E2E93CE82] - [15/03/2019 05:49:40] - |A| - [478792] - C:\Windows\system32\ucrtbase_enclave.dll [MD5.DAA89209D01484568CF0485ADAD643A3] - [15/03/2019 05:50:02] - |A| - [849920] - C:\Windows\system32\uDWM.dll [MD5.396D03A5151D02BDCB4C8EB72AFE0C08] - [15/03/2019 05:49:53] - |A| - [704000] - C:\Windows\system32\UiaManager.dll [MD5.02E4A06475CD8BC2C399DC5A5FE68DF1] - [15/03/2019 05:50:00] - |A| - [2088448] - C:\Windows\system32\UIAutomationCore.dll [MD5.BA6FFF876F08A02CED2D4106DA72503B] - [15/03/2019 05:49:59] - |A| - [3994624] - C:\Windows\system32\UIRibbon.dll [MD5.A34CE4887F43E75899D08C9CEA1EB229] - [15/03/2019 05:48:59] - |A| - [584192] - C:\Windows\system32\UIRibbonRes.dll [MD5.A3CCFB8A5BD48F56EF2ACB4A427A1AC7] - [15/03/2019 05:49:23] - |A| - [151040] - C:\Windows\system32\umpo.dll [MD5.E8732956707ABBD370F17BAFFBDC8908] - [15/03/2019 05:48:57] - |A| - [293376] - C:\Windows\system32\unimdm.tsp [MD5.F0A388AA51F0DE22AA38A4BA9B04AD9E] - [15/03/2019 05:48:57] - |A| - [1245184] - C:\Windows\system32\Unistore.dll [MD5.0C05615CEA9592E405B97453D9E2D732] - [15/03/2019 05:50:22] - |A| - [2472352] - C:\Windows\system32\UpdateAgent.dll [MD5.3ECF690B9FEA24D615AEAB0C1EDB01F6] - [15/03/2019 05:49:29] - |A| - [97792] - C:\Windows\system32\updatecsp.dll [MD5.01454A8D24BEC12506F47BD7AB03AB5B] - [15/03/2019 05:50:04] - |A| - [530944] - C:\Windows\system32\updatehandlers.dll [MD5.A10FFC968403DE26D5658DC4C611BA54] - [15/03/2019 05:49:26] - |A| - [115712] - C:\Windows\system32\updatepolicy.dll [MD5.0CE4FE9B087077A277955F51462EB43D] - [15/03/2019 05:48:59] - |A| - [235520] - C:\Windows\system32\url.dll [MD5.4390CD6D37391A04EB3EF241CBB7EC63] - [15/03/2019 05:50:34] - |A| - [1808384] - C:\Windows\system32\urlmon.dll [MD5.79F04C5FE59CEC9D3928DB996FDE90EC] - [15/03/2019 05:48:57] - |A| - [329216] - C:\Windows\system32\usbmon.dll [MD5.0370364D4D8846B6CF316ABBB2EDB083] - [15/03/2019 05:50:31] - |A| - [1634288] - C:\Windows\system32\user32.dll [MD5.201707DA4259ACAE6B37E474BE75D58C] - [15/03/2019 05:49:52] - |A| - [1353728] - C:\Windows\system32\usercpl.dll [MD5.DBB8DA23D912E799683A34BFBAE3EF70] - [15/03/2019 05:49:53] - |A| - [1573376] - C:\Windows\system32\UserDataService.dll [MD5.A6B5C9A47D0195688F7C037C4E85987F] - [15/03/2019 05:49:12] - |A| - [119808] - C:\Windows\system32\UserDataTimeUtil.dll [MD5.04499A41CC5210854D1DBB42A79E5389] - [15/03/2019 05:49:14] - |A| - [199168] - C:\Windows\system32\UserDeviceRegistration.dll [MD5.099D6E1F4242EE5D78D9E09D0E8BDCB9] - [15/03/2019 05:49:22] - |A| - [648704] - C:\Windows\system32\UserLanguagesCpl.dll [MD5.29D52BDF7605DBD39C2D6D089E72C6F4] - [15/03/2019 05:50:04] - |A| - [951808] - C:\Windows\system32\usermgr.dll [MD5.F9DA0FBC575D86356086D244D1698F2C] - [15/03/2019 05:49:11] - |A| - [92160] - C:\Windows\system32\usoapi.dll [MD5.A6C37370BCC7643513F173E87C98B591] - [15/03/2019 05:49:13] - |A| - [39424] - C:\Windows\system32\UsoClient.exe [MD5.81D45253B7A2EF8D99AC811B0DB3AF41] - [15/03/2019 05:50:17] - |A| - [1329664] - C:\Windows\system32\usocore.dll [MD5.2B5736C77D7B7FCB3277A66F0F6A277D] - [15/03/2019 05:49:13] - |A| - [100352] - C:\Windows\system32\utcutil.dll [MD5.081E644616F1E977BCD3E7C7D54A635C] - [15/03/2019 05:49:42] - |A| - [587776] - C:\Windows\system32\uxtheme.dll [MD5.C897E0AF7C74F525F6263647069AFAF0] - [15/03/2019 05:50:47] - |A| - [374152] - C:\Windows\system32\vac.exe [MD5.E18B8F39E55BD5D346F071B1C9A03196] - [15/03/2019 05:51:23] - |A| - [591360] - C:\Windows\system32\vbscript.dll [MD5.A30C74FAB23919754CE600A80A0B4E40] - [15/03/2019 05:49:26] - |A| - [159120] - C:\Windows\system32\vertdll.dll [MD5.A8F60A16C5DA699B20C4092417351039] - [15/03/2019 05:48:59] - |A| - [55808] - C:\Windows\system32\virtdisk.dll [MD5.AE57A6E2BABE56569867BA8A12D76DEF] - [15/03/2019 05:48:59] - |A| - [17408] - C:\Windows\system32\VmApplicationHealthMonitorProxy.dll [MD5.11FB09A2C990DCFAA2B5BF1AC29E9545] - [15/03/2019 05:49:16] - |A| - [28520] - C:\Windows\system32\vmbuspipe.dll [MD5.01DF7DCAA6BFF4EFEF8B0BCB03185269] - [15/03/2019 05:48:56] - |A| - [50176] - C:\Windows\system32\vmictimeprovider.dll [MD5.F4DAC5A713AC57273A8BFCC83B84E8BF] - [15/03/2019 05:49:14] - |A| - [425984] - C:\Windows\system32\vmrdvcore.dll [MD5.58292E77A039EE1CF59412B386865C76] - [15/03/2019 05:49:57] - |A| - [689152] - C:\Windows\system32\vpnike.dll [MD5.912B2CBB6DE1FFB193B2640C51CA554B] - [15/03/2019 05:49:38] - |A| - [1661440] - C:\Windows\system32\vssapi.dll [MD5.FB0BB0ADA2DBE4DCC2462AADBC9A44DD] - [15/03/2019 05:49:56] - |A| - [1556992] - C:\Windows\system32\VSSVC.exe [MD5.179798523995687C5A0B49B762827007] - [15/03/2019 05:01:30] - |A| - [1014784] - C:\Windows\system32\vulkan-1-999-0-0-0.dll [MD5.179798523995687C5A0B49B762827007] - [15/03/2019 05:01:30] - |A| - [1014784] - C:\Windows\system32\vulkan-1.dll [MD5.B23B857ED2A89D932DC091CADFA176E3] - [15/03/2019 04:58:41] - |A| - [254944] - C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe [MD5.B23B857ED2A89D932DC091CADFA176E3] - [15/03/2019 04:58:41] - |A| - [254944] - C:\Windows\system32\vulkaninfo.exe [MD5.04910751D877903AB7C7564EB0772E61] - [15/03/2019 05:49:01] - |A| - [563712] - C:\Windows\system32\w32time.dll [MD5.E6BDA76F764395F0A7FDEB22BD9037B6] - [15/03/2019 05:49:06] - |A| - [348160] - C:\Windows\system32\WaaSMedic.exe [MD5.A0B4836C489C2535795C4E71E378AD07] - [15/03/2019 05:49:55] - |A| - [975872] - C:\Windows\system32\wbiosrvc.dll [MD5.B739C2D6AD2B13E56F43BBC33EC42E91] - [15/03/2019 05:49:24] - |A| - [45056] - C:\Windows\system32\wcimage.dll [MD5.4CA2566F615577391AC59A6ABDBA139F] - [15/03/2019 05:49:38] - |A| - [229376] - C:\Windows\system32\wcmcsp.dll [MD5.5376D231E2500D4E103D834450FCECE0] - [15/03/2019 05:49:58] - |A| - [891392] - C:\Windows\system32\wcmsvc.dll [MD5.DCAB9E8C7C34ACE7BC9C1935A382C361] - [15/03/2019 05:49:17] - |A| - [134656] - C:\Windows\system32\WcnApi.dll [MD5.505E50A4819CF28DCE8176DB15952D49] - [15/03/2019 05:49:26] - |A| - [465920] - C:\Windows\system32\wcncsvc.dll [MD5.FF17A8B1232A2E4386C15E2D334EA03F] - [15/03/2019 05:49:06] - |A| - [34816] - C:\Windows\system32\WcnEapAuthProxy.dll [MD5.1EA5504E81D2040C4B71DE171D2DFA4B] - [15/03/2019 05:49:06] - |A| - [36352] - C:\Windows\system32\WcnEapPeerProxy.dll [MD5.F4766FF027EAC8C0DEE720E717ECD189] - [15/03/2019 05:48:57] - |A| - [306176] - C:\Windows\system32\wc_storage.dll [MD5.A7D73A6C8F787B10B304FEA88CB3849E] - [15/03/2019 05:49:16] - |A| - [258560] - C:\Windows\system32\webcheck.dll [MD5.36947722152A5C5CE9CAA33AD84ACCB5] - [15/03/2019 05:49:37] - |A| - [217088] - C:\Windows\system32\WebClnt.dll [MD5.3C2A077D031A5E5B621D81B48969EF38] - [15/03/2019 05:49:53] - |A| - [580096] - C:\Windows\system32\webio.dll [MD5.3785CE25A8B762C5695174ACD4C6C6C4] - [15/03/2019 05:49:07] - |A| - [675328] - C:\Windows\system32\webplatstorageserver.dll [MD5.6E1021D6FA0FB54CAF4D1CDB9AD35046] - [15/03/2019 05:50:12] - |A| - [1498112] - C:\Windows\system32\WebRuntimeManager.dll [MD5.3ADC90E13C117241350E83F4AF6401EC] - [15/03/2019 05:50:06] - |A| - [1358496] - C:\Windows\system32\webservices.dll [MD5.4C0A75EBAF4F9632955C7A9814D549D8] - [15/03/2019 05:49:40] - |A| - [757704] - C:\Windows\system32\wer.dll [MD5.C0A125F36E46C4A2BD26FBC3E3FB9C9B] - [15/03/2019 05:49:23] - |A| - [472576] - C:\Windows\system32\werui.dll [MD5.7BD65A0DD7FB5EFFAEA253A48AEEF73C] - [15/03/2019 05:50:05] - |A| - [1816576] - C:\Windows\system32\wevtsvc.dll [MD5.5CDE5FB8CB29653671475FF0D59027BC] - [15/03/2019 05:48:58] - |A| - [144896] - C:\Windows\system32\wextract.exe [MD5.807C0614AA0B65F10E5C32B7BA7AA19B] - [15/03/2019 05:49:06] - |A| - [46080] - C:\Windows\system32\wfdprov.dll [MD5.F1010CB647AB1F4C847254C211E2FBF7] - [15/03/2019 05:49:23] - |A| - [133632] - C:\Windows\system32\wificonnapi.dll [MD5.F055775869E157638C17C620F724D9E1] - [15/03/2019 05:50:11] - |A| - [1343488] - C:\Windows\system32\wifinetworkmanager.dll [MD5.095BCCFD7C4C595D2B7F181847635FF8] - [15/03/2019 05:49:41] - |A| - [309248] - C:\Windows\system32\wifiprofilessettinghandler.dll [MD5.273F7201C712931688F1D066D9F07609] - [15/03/2019 05:49:47] - |A| - [461728] - C:\Windows\system32\wifitask.exe [MD5.D3B74276EE38F315B3192E0B08A245BF] - [15/03/2019 05:49:51] - |A| - [705944] - C:\Windows\system32\wimgapi.dll [MD5.B796D998074BDDAB54BB0AA7B058D9F2] - [15/03/2019 05:49:43] - |A| - [525728] - C:\Windows\system32\wimserv.exe [MD5.8A1358D867935BF2FE7A8A1E616D6A98] - [15/03/2019 05:50:24] - |A| - [70968] - C:\Windows\system32\win32appinventorycsp.dll [MD5.13F095B2055B5A2CAA146196C0050AEB] - [15/03/2019 05:51:20] - |A| - [2085376] - C:\Windows\system32\win32kbase.sys [MD5.BCE027740A279FFEBEEFA9751F055E31] - [15/03/2019 05:51:20] - |A| - [3660800] - C:\Windows\system32\win32kfull.sys [MD5.26DEFFCCD0776A274A747230B41E29FC] - [15/03/2019 05:49:56] - |A| - [837120] - C:\Windows\system32\win32spl.dll [MD5.38A3673FB4619A079759D2679B18639E] - [15/03/2019 05:49:34] - |A| - [96200] - C:\Windows\system32\winbrand.dll [MD5.0E785E85231321F3FADC7FE25A7A7B63] - [15/03/2019 05:49:29] - |A| - [436224] - C:\Windows\system32\wincorlib.dll [MD5.379BDBB2F96B131278B17953F0D974ED] - [15/03/2019 05:49:00] - |A| - [210944] - C:\Windows\system32\Windows.ApplicationModel.Core.dll [MD5.40762277F9D91AE7966A36F4F83DCCB7] - [15/03/2019 05:49:29] - |A| - [668848] - C:\Windows\system32\Windows.ApplicationModel.dll [MD5.22D549483E60B5DA881AE7A26AD0967F] - [15/03/2019 05:49:38] - |A| - [432640] - C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll [MD5.FBA732173590BBE0DA70C72054793BAD] - [15/03/2019 05:50:05] - |A| - [1925760] - C:\Windows\system32\Windows.ApplicationModel.Store.dll [MD5.44A396EF44738DB3114F513E570BD092] - [15/03/2019 05:49:38] - |A| - [308736] - C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll [MD5.FBB9CBF4C5CCF17BF67DDBBD116BD871] - [15/03/2019 05:50:19] - |A| - [3187200] - C:\Windows\system32\Windows.CloudStore.dll [MD5.268F20B93BE5E6F981DA57FA0C211987] - [15/03/2019 05:50:06] - |A| - [583680] - C:\Windows\system32\Windows.CloudStore.Schema.Shell.dll [MD5.6134CBAD8C1353D60DE86C1016C16FD2] - [15/03/2019 05:50:32] - |A| - [8040448] - C:\Windows\system32\Windows.Data.Pdf.dll [MD5.C53968C5F3CEFA26630D0367B902113C] - [15/03/2019 05:49:44] - |A| - [933376] - C:\Windows\system32\Windows.Devices.Sensors.dll [MD5.6243410C71F50942A132FB8FCB423A74] - [15/03/2019 05:50:06] - |A| - [1577984] - C:\Windows\system32\Windows.Globalization.dll [MD5.FB882427EA2621CF96394D63597C9B74] - [15/03/2019 05:49:52] - |A| - [456192] - C:\Windows\system32\Windows.Graphics.Printing.Workflow.dll [MD5.FD3C3B649AF7FB4CD749D231ECC12651] - [15/03/2019 05:48:59] - |A| - [16896] - C:\Windows\system32\Windows.Graphics.Printing.Workflow.Native.dll [MD5.29F76B91214004E44E6A7741D71EC823] - [15/03/2019 05:49:53] - |A| - [524800] - C:\Windows\system32\windows.immersiveshell.serviceprovider.dll [MD5.A87425A3B81939C04FABDEBD3A159EA8] - [15/03/2019 05:49:16] - |A| - [674816] - C:\Windows\system32\Windows.Internal.AdaptiveCards.XamlCardRenderer.dll [MD5.5CD05499F7A7D1A223ADCBE692B12F6C] - [15/03/2019 05:49:40] - |A| - [616960] - C:\Windows\system32\Windows.Internal.Bluetooth.dll [MD5.92F1720AFB4305DA91924AC263E9762F] - [15/03/2019 05:49:32] - |A| - [329728] - C:\Windows\system32\Windows.Internal.Feedback.Analog.dll [MD5.5BC34122A1974DD18880C3EBE955BC20] - [15/03/2019 05:49:31] - |A| - [702464] - C:\Windows\system32\Windows.Internal.Management.dll [MD5.5C34D8E3D668CD91B66DEF6F2CF0458E] - [15/03/2019 05:49:05] - |A| - [385024] - C:\Windows\system32\Windows.Internal.PredictionUnit.dll [MD5.241EA7C5D5EE801A5172C8CE69E10F9B] - [15/03/2019 05:49:42] - |A| - [1114040] - C:\Windows\system32\Windows.Internal.Shell.Broker.dll [MD5.31FD8E351E031A4F366274C2D077560F] - [15/03/2019 05:49:12] - |A| - [253952] - C:\Windows\system32\windows.internal.shellcommon.shareexperience.dll [MD5.665689C2AAA4CF6D5239A22D1848D9E0] - [15/03/2019 05:49:28] - |A| - [730112] - C:\Windows\system32\Windows.Internal.Signals.dll [MD5.8F4573B2E4B018CA626D50EA7654F213] - [15/03/2019 05:48:59] - |A| - [31744] - C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll [MD5.ED9FC1BECA2E783FA78E3DC8955CE37B] - [15/03/2019 05:50:08] - |A| - [943104] - C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll [MD5.3314AB85DADC58E646E5200F19A9B2BB] - [15/03/2019 05:51:07] - |A| - [6793408] - C:\Windows\system32\Windows.Media.dll [MD5.C7D5EB7345BCA800782FEA56323D1AF3] - [15/03/2019 05:49:09] - |A| - [820736] - C:\Windows\system32\Windows.Media.Import.dll [MD5.A35B676B46E948D564F856B3219F08F8] - [15/03/2019 05:49:48] - |A| - [941568] - C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll [MD5.586774A2C25B6EF349A4A4B2720FC643] - [15/03/2019 05:50:08] - |A| - [918528] - C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll [MD5.088D19BB161E1E25ED34BB7696533454] - [15/03/2019 05:49:01] - |A| - [111104] - C:\Windows\system32\Windows.Media.Playback.ProxyStub.dll [MD5.87E79239FBF5676BF635FD003D8AFCCE] - [15/03/2019 05:50:59] - |A| - [7385208] - C:\Windows\system32\Windows.Media.Protection.PlayReady.dll [MD5.08C5E6C9BD022C822B1984B7FE74BA3E] - [15/03/2019 05:51:02] - |A| - [3331120] - C:\Windows\system32\Windows.Mirage.dll [MD5.258A4ADA7466EF95AAECAC8024EA981A] - [15/03/2019 05:51:03] - |A| - [882688] - C:\Windows\system32\Windows.Mirage.Internal.dll [MD5.D92E19CF04EE1AD177911B47FA265239] - [15/03/2019 05:49:08] - |A| - [504320] - C:\Windows\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll [MD5.D5570C34DBDB3802A767204D6E4F6D78] - [15/03/2019 05:50:06] - |A| - [969728] - C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll [MD5.60422C5B6ACD473260D518105C5FAD21] - [15/03/2019 05:49:55] - |A| - [887296] - C:\Windows\system32\Windows.Networking.dll [MD5.0708BA4D2C574578BD79BA05034C6010] - [15/03/2019 05:49:39] - |A| - [138240] - C:\Windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll [MD5.31AB95BA7E184C0C21B1B148C0A60E32] - [15/03/2019 05:49:53] - |A| - [568832] - C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll [MD5.5F1D47E0D1F527A31F5E44D54C49B5E2] - [15/03/2019 05:50:06] - |A| - [1217024] - C:\Windows\system32\Windows.Networking.Vpn.dll [MD5.6AF9E448E6305FAD56FC9B9417B1C48D] - [15/03/2019 05:49:53] - |A| - [579584] - C:\Windows\system32\Windows.Payments.dll [MD5.7466B53D8141267FC62A96110A87A852] - [15/03/2019 05:51:03] - |A| - [840440] - C:\Windows\system32\Windows.Perception.Stub.dll [MD5.6522E312912EBAEB8B64F76758058A73] - [15/03/2019 05:50:10] - |A| - [837632] - C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll [MD5.1E0C32C48955E92042BFB9E3F38386F0] - [15/03/2019 05:49:45] - |A| - [1012120] - C:\Windows\system32\Windows.Services.TargetedContent.dll [MD5.22D189338E12AA0866036044CB19522F] - [15/03/2019 05:49:07] - |A| - [300032] - C:\Windows\system32\Windows.Sets.dll [MD5.B1059CFCFE303F9EAC7366A49B7C749F] - [15/03/2019 05:49:22] - |A| - [340480] - C:\Windows\system32\Windows.Shell.BlueLightReduction.dll [MD5.CDD63226F2EFAF5F213E17751E7E4E02] - [15/03/2019 05:49:06] - |A| - [59904] - C:\Windows\system32\Windows.Shell.Search.UriHandler.dll [MD5.BE3C0C7D5DD0CC6D02299D3B9B812F18] - [15/03/2019 05:50:30] - |A| - [4486400] - C:\Windows\system32\Windows.StateRepository.dll [MD5.1BF8BB97424C3458DA9EF96966882F22] - [15/03/2019 05:49:23] - |A| - [100248] - C:\Windows\system32\Windows.StateRepositoryBroker.dll [MD5.196829FE464FA2DC401B274829BF4204] - [15/03/2019 05:49:24] - |A| - [154520] - C:\Windows\system32\Windows.StateRepositoryClient.dll [MD5.72EA023C9B7EF1369171F38E844A4744] - [15/03/2019 05:49:56] - |A| - [1193192] - C:\Windows\system32\Windows.StateRepositoryPS.dll [MD5.CCB5C29676DB16A176A32CD05C75C146] - [15/03/2019 05:49:23] - |A| - [173568] - C:\Windows\system32\Windows.StateRepositoryUpgrade.dll [MD5.8BAB130CFD7C787524AC8F5F5E636FA6] - [15/03/2019 05:49:18] - |A| - [367344] - C:\Windows\system32\Windows.Storage.ApplicationData.dll [MD5.6BA01636F239C1C212286BEBC6762388] - [15/03/2019 05:50:48] - |A| - [7673112] - C:\Windows\system32\windows.storage.dll [MD5.386E9DCFBBDF183D7B011E8A77DE0AA7] - [15/03/2019 05:49:27] - |A| - [406528] - C:\Windows\system32\Windows.UI.BioFeedback.dll [MD5.019E34211A60C16502E4E58DA6189D25] - [15/03/2019 05:49:13] - |A| - [458752] - C:\Windows\system32\Windows.UI.BlockedShutdown.dll [MD5.3115BB3B89EB77C5C21FF320203AC56E] - [15/03/2019 05:49:54] - |A| - [599552] - C:\Windows\system32\Windows.UI.Core.TextInput.dll [MD5.30AC3659A576BDD90EEB7F95160AADCA] - [15/03/2019 05:50:06] - |A| - [1574912] - C:\Windows\system32\Windows.UI.Cred.dll [MD5.6D05B20136FB9E5B543D9343AD8A93A5] - [15/03/2019 05:50:15] - |A| - [1717760] - C:\Windows\system32\Windows.UI.Immersive.dll [MD5.0D0EDB59740BA3D0946EF2EE428AE638] - [15/03/2019 05:50:32] - |A| - [1666048] - C:\Windows\system32\Windows.UI.Input.Inking.dll [MD5.678C0128384DAB9E9ECC9200845FAC61] - [15/03/2019 05:50:21] - |A| - [2837504] - C:\Windows\system32\Windows.UI.Logon.dll [MD5.70CE72A1932A279F662015DFEE96BA80] - [15/03/2019 05:49:51] - |A| - [885248] - C:\Windows\system32\Windows.UI.Search.dll [MD5.98F78E9DF4C2B5B9A13523686EFCFA39] - [15/03/2019 05:49:19] - |A| - [2362368] - C:\Windows\system32\Windows.UI.Xaml.Controls.dll [MD5.7D6EBEE64D3567286BFBA0C7F0938129] - [15/03/2019 05:50:39] - |A| - [17168896] - C:\Windows\system32\Windows.UI.Xaml.dll [MD5.84D0CD807894E0610EFA4EFF7FEC937E] - [15/03/2019 05:49:34] - |A| - [987136] - C:\Windows\system32\Windows.UI.Xaml.InkControls.dll [MD5.BB3E9264D9F7748B764FD0BC27DE3C93] - [15/03/2019 05:50:00] - |A| - [1543680] - C:\Windows\system32\Windows.UI.Xaml.Maps.dll [MD5.B7CD47D5D74CB1703FDCBA61AC117BBD] - [15/03/2019 05:50:17] - |A| - [1341440] - C:\Windows\system32\Windows.UI.Xaml.Phone.dll [MD5.88AEBB1FB6558CE17D773D39C8E0CF23] - [15/03/2019 05:49:28] - |A| - [2890240] - C:\Windows\system32\Windows.UI.Xaml.Resources.dll [MD5.517447B8034B3059ADCE60B34787FE35] - [15/03/2019 05:49:37] - |A| - [167936] - C:\Windows\system32\Windows.UI.XamlHost.dll [MD5.313A07AE0E8C108E837106AA1474B5D5] - [15/03/2019 05:50:05] - |A| - [735744] - C:\Windows\system32\Windows.Web.dll [MD5.89BBDACC2E47560ED14A3E79226F1A88] - [15/03/2019 05:50:11] - |A| - [1757824] - C:\Windows\system32\WindowsCodecs.dll [MD5.381BB8EE313A4978548211BD3400A8C8] - [15/03/2019 05:50:14] - |A| - [32544344] - C:\Windows\system32\WindowsCodecsRaw.dll [MD5.609DB243039F5FF2BD303FAED31002FC] - [15/03/2019 05:49:58] - |A| - [903856] - C:\Windows\system32\winhttp.dll [MD5.DB640873D9E1C956F7C54BB96C3E8408] - [15/03/2019 05:48:59] - |A| - [97792] - C:\Windows\system32\winhttpcom.dll [MD5.B29057DDBF225608F9086E14C204DCF5] - [15/03/2019 05:51:13] - |A| - [4831744] - C:\Windows\system32\wininet.dll [MD5.8C6D9927870CB8B359C1A1C17EF8A6BA] - [15/03/2019 05:50:09] - |A| - [1416776] - C:\Windows\system32\winload.efi [MD5.D70E86CF94D114D9F7811A81A10F92AD] - [15/03/2019 05:50:06] - |A| - [1210688] - C:\Windows\system32\winload.exe [MD5.107DC6159F1939DC75D448A18929BBAD] - [15/03/2019 05:50:05] - |A| - [715776] - C:\Windows\system32\winlogon.exe [MD5.57EDC5930DCAB599EF96580A00245376] - [15/03/2019 05:50:20] - |A| - [1695136] - C:\Windows\system32\winmde.dll [MD5.AD95E816156C56F30988FCBD2181310D] - [15/03/2019 05:50:07] - |A| - [1092664] - C:\Windows\system32\winresume.efi [MD5.9E7B52F9039CCA5953E6AF3E66702964] - [15/03/2019 05:50:04] - |A| - [924552] - C:\Windows\system32\winresume.exe [MD5.501685CF63B38490997F979C6160A643] - [15/03/2019 05:49:36] - |A| - [243712] - C:\Windows\system32\WinSCard.dll [MD5.E3368BAE17EE8CD64CE69D5CC585196C] - [15/03/2019 05:48:59] - |A| - [288256] - C:\Windows\system32\winsku.dll [MD5.BD89989FF60994C9596F93ED7B9242DD] - [15/03/2019 05:49:31] - |A| - [532480] - C:\Windows\system32\winspool.drv [MD5.1CB60DF3661669C2E3E0762420E2AA0A] - [15/03/2019 05:48:58] - |A| - [66048] - C:\Windows\system32\winsrv.dll [MD5.CE9B82524C860899C34145D62CEB3997] - [15/03/2019 05:49:50] - |A| - [359968] - C:\Windows\system32\wintrust.dll [MD5.DB65C7BD067F68098EB1BA5720E872E9] - [15/03/2019 05:49:47] - |A| - [1269520] - C:\Windows\system32\WinTypes.dll [MD5.5C0F59B35D9B1725BF702048778A243B] - [15/03/2019 05:49:37] - |A| - [283648] - C:\Windows\system32\wisp.dll [MD5.F1CA14E0B00B1E4165E18DEFF50B0E1A] - [15/03/2019 05:49:02] - |A| - [31232] - C:\Windows\system32\wksprtPS.dll [MD5.F8097F90811E9BB10F5B96262399F3C7] - [15/03/2019 05:48:57] - |A| - [276480] - C:\Windows\system32\wkssvc.dll [MD5.ABE84FDE95C0CE0DE35B1C6122491265] - [15/03/2019 05:49:17] - |A| - [417440] - C:\Windows\system32\wlanapi.dll [MD5.CD1ED22F1328A4644ADBFADBD5DEE4A5] - [15/03/2019 05:49:02] - |A| - [477696] - C:\Windows\system32\wlangpui.dll [MD5.4CB7FF8E01D32BBBDC48B0ADF858F11B] - [15/03/2019 05:49:44] - |A| - [409600] - C:\Windows\system32\wlanmsm.dll [MD5.2639442CD9667E1CE8D1B258FDFC59B7] - [15/03/2019 05:51:13] - |A| - [461824] - C:\Windows\system32\wlansec.dll [MD5.800C7E7761EADC53AE6FC53DBA43F029] - [15/03/2019 05:50:07] - |A| - [2528768] - C:\Windows\system32\wlansvc.dll [MD5.5118946157DA262A20AD605D26048484] - [15/03/2019 05:49:48] - |A| - [358400] - C:\Windows\system32\Wldap32.dll [MD5.DA3DE0FC7DB57ACC02222C50E9D26D91] - [15/03/2019 05:49:42] - |A| - [91088] - C:\Windows\system32\wldp.dll [MD5.5F6AB4CB0B2C64822208D999EEF69B9C] - [15/03/2019 05:49:11] - |A| - [117248] - C:\Windows\system32\wlgpclnt.dll [MD5.BC8ABFDCFF9AB1ECC868BAB16F7AD0F1] - [15/03/2019 05:49:38] - |A| - [715776] - C:\Windows\system32\wlidcli.dll [MD5.23C0F1BAAC79D2F34561F6BC270A9102] - [15/03/2019 05:49:55] - |A| - [682496] - C:\Windows\system32\wlidprov.dll [MD5.717FE96AE0988B1F443EED06E6A703D4] - [15/03/2019 05:50:24] - |A| - [2223616] - C:\Windows\system32\wlidsvc.dll [MD5.D0F4EAF68D216156A911E9D3015ACBB6] - [15/03/2019 05:48:56] - |A| - [29184] - C:\Windows\system32\wmiprop.dll [MD5.C6B106FB81A4C6755D6EBC0141D3F8E4] - [15/03/2019 05:51:08] - |A| - [13713920] - C:\Windows\system32\wmp.dll [MD5.728E78BDDB6D115A4C11CED174D4F59B] - [15/03/2019 05:49:45] - |A| - [284744] - C:\Windows\system32\wmpeffects.dll [MD5.A8B89B7D42467B23ED713EEBC3790CC6] - [15/03/2019 05:49:27] - |A| - [387536] - C:\Windows\system32\wmpps.dll [MD5.CFAF1A187A37E2B0BBEB73100A39E2DF] - [15/03/2019 05:49:32] - |A| - [128000] - C:\Windows\system32\wmpshell.dll [MD5.D87BDF0ECDFDC74E74D8D0300C76AB4D] - [15/03/2019 05:49:30] - |A| - [433152] - C:\Windows\system32\WMVSENCD.DLL [MD5.CB2CF8CC2BE0857C2AA4D5B717BEEB1B] - [15/03/2019 05:49:36] - |A| - [624640] - C:\Windows\system32\WMVXENCD.DLL [MD5.5E3CFD7740D761E028D65F2E6F286CF2] - [15/03/2019 05:49:06] - |A| - [40448] - C:\Windows\system32\WordBreakers.dll [MD5.950807F3EDFE221145C0C728166186F6] - [15/03/2019 05:49:50] - |A| - [319976] - C:\Windows\system32\wow64.dll [MD5.81A946965FEE1491B18F0CDE0293F73F] - [15/03/2019 05:49:19] - |A| - [22512] - C:\Windows\system32\wow64cpu.dll [MD5.DAAB6F7B679723ED909CDF0F7F1B4DE9] - [15/03/2019 05:49:31] - |A| - [403968] - C:\Windows\system32\WpAXHolder.dll [MD5.D7A7D4E50DE332D86A1C12C968461170] - [15/03/2019 05:50:08] - |A| - [1669120] - C:\Windows\system32\Wpc.dll [MD5.7A05F72D87E1D4F56790403635338897] - [15/03/2019 05:49:23] - |A| - [190976] - C:\Windows\system32\WpcApi.dll [MD5.9E5C0CF5F7205A8E9FB172AA1628A300] - [15/03/2019 05:49:53] - |A| - [1430672] - C:\Windows\system32\WpcMon.exe [MD5.DA7E0AA9FB34DAEC76C5ABCDB7C02DE2] - [15/03/2019 05:49:40] - |A| - [911360] - C:\Windows\system32\WpcRefreshTask.dll [MD5.70BF5B3A7AFCC9C1CF372F157E849F4C] - [15/03/2019 05:49:23] - |A| - [235008] - C:\Windows\system32\WpcTok.exe [MD5.2397D864D2235605CB106DF1DEDD99F9] - [15/03/2019 05:49:37] - |A| - [908800] - C:\Windows\system32\WpcWebFilter.dll [MD5.DFA27421D9B3CFDEA3E89D9B86332C95] - [15/03/2019 05:49:33] - |A| - [82944] - C:\Windows\system32\wpdbusenum.dll [MD5.475E167E34D22C1FA32E875FEBB9B1E1] - [15/03/2019 05:49:23] - |A| - [223232] - C:\Windows\system32\wpd_ci.dll [MD5.A78769FF8F3149A547671930EB02F77D] - [15/03/2019 05:49:49] - |A| - [1249792] - C:\Windows\system32\wpnapps.dll [MD5.907563F68600792E0D0C03D9EF5F06F8] - [15/03/2019 05:50:03] - |A| - [1760768] - C:\Windows\system32\wpncore.dll [MD5.B9E8DB8F151A0BDE50DF3F053EE3F992] - [15/03/2019 05:49:07] - |A| - [565248] - C:\Windows\system32\wpnprv.dll [MD5.DD130AE4DA21FF158A0EFB74CF475407] - [15/03/2019 05:48:57] - |A| - [172544] - C:\Windows\system32\WPTaskScheduler.dll [MD5.AAA232FF889B1B0CB053ABFE634429D3] - [15/03/2019 05:49:21] - |A| - [292384] - C:\Windows\system32\wscapi.dll [MD5.D14AACF9DA196365D77BD2809B82FE76] - [15/03/2019 05:49:05] - |A| - [18944] - C:\Windows\system32\wscproxystub.dll [MD5.C23775D8D4013B6950A70BA1D5EAF958] - [15/03/2019 05:49:32] - |A| - [164864] - C:\Windows\system32\wscript.exe [MD5.95E6DA58562C14947935B1C5D393A7F0] - [15/03/2019 05:49:06] - |A| - [246784] - C:\Windows\system32\wscsvc.dll [MD5.1D4727DC5B1C796553C2CA2FE05A556F] - [15/03/2019 05:48:57] - |A| - [568832] - C:\Windows\system32\WSDMon.dll [MD5.EC780BC2CBF403F4D86F8C8B93B71980] - [15/03/2019 05:49:13] - |A| - [1472000] - C:\Windows\system32\wsecedit.dll [MD5.B2A6401E9AD3AC4949C43575EDB8E0DB] - [15/03/2019 05:49:14] - |A| - [18680] - C:\Windows\system32\wshhyperv.dll [MD5.A0C15290E3F9A626A6A013AC65490CA2] - [15/03/2019 05:49:04] - |A| - [140800] - C:\Windows\system32\wshom.ocx [MD5.396D7399BF825F048E801B47C7CF669A] - [15/03/2019 05:49:08] - |A| - [62976] - C:\Windows\system32\wsnmp32.dll [MD5.46EED421A140F4223AAEE5D927E83216] - [15/03/2019 05:50:01] - |A| - [2053120] - C:\Windows\system32\wsp_fs.dll [MD5.126A4A82299609ABD5FEB7DAB44F9D10] - [15/03/2019 05:49:55] - |A| - [1785856] - C:\Windows\system32\wsp_health.dll [MD5.6A91D8A1F1C7351FAA452038CDC65DFA] - [15/03/2019 05:49:58] - |A| - [1055744] - C:\Windows\system32\wuapi.dll [MD5.E56EF8F5124E6FEB100C06EA3871A275] - [15/03/2019 05:47:43] - |A| - [48112] - C:\Windows\system32\wuauclt.exe [MD5.F7CED99454DE77E7271843CB9A2367BF] - [15/03/2019 05:51:16] - |A| - [2785280] - C:\Windows\system32\wuaueng.dll [MD5.BFAAA171876487DE2B75005A5F033F58] - [15/03/2019 05:47:02] - |A| - [57856] - C:\Windows\system32\wuautoappupdate.dll [MD5.3882D1DE41AD201B9C965A3A342412A8] - [15/03/2019 05:48:07] - |A| - [84480] - C:\Windows\system32\wudriver.dll [MD5.477DB6D457C68B11ECEDE9132AF5D9B0] - [15/03/2019 05:49:04] - |A| - [65024] - C:\Windows\system32\wups.dll [MD5.F1A2986BCEE443E14FB1D96FC93A2B6A] - [15/03/2019 05:49:13] - |A| - [33792] - C:\Windows\system32\wups2.dll [MD5.94731FE25985BDB4D1EFAA5F00801256] - [15/03/2019 05:51:22] - |A| - [462336] - C:\Windows\system32\wuuhext.dll [MD5.94AAF41E035013F1F3FB2321F9DAADF4] - [15/03/2019 05:49:30] - |A| - [170496] - C:\Windows\system32\wuuhosdeployment.dll [MD5.73720F99270A725E233924B4EC3B1465] - [15/03/2019 05:49:49] - |A| - [354304] - C:\Windows\system32\WwaApi.dll [MD5.22D04AA8D16D2511F25272CA056BCF4E] - [15/03/2019 05:49:46] - |A| - [893456] - C:\Windows\system32\WWAHost.exe [MD5.30C3502F292F05ADD3414CCB08635F9B] - [15/03/2019 05:49:53] - |A| - [549552] - C:\Windows\system32\WWanAPI.dll [MD5.02DCDAE63AB343418D7420D481FE839C] - [15/03/2019 05:50:11] - |A| - [1424896] - C:\Windows\system32\wwansvc.dll [MD5.22C33A1B30BCD0592ED357A4374C59A0] - [15/03/2019 05:49:20] - |A| - [94080] - C:\Windows\system32\wwapi.dll [MD5.59B2BBFC7157DE301DB2CA58C43F8B92] - [15/03/2019 05:50:27] - |A| - [4496896] - C:\Windows\system32\xpsrchvw.exe [MD5.79DF0E3B8597D8F6998BAF9A3E70DBD5] - [15/03/2019 05:49:33] - |A| - [386560] - C:\Windows\system32\zipfldr.dll [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2019 14:34:40] - |A| - [0] - C:\Windows\system32\Drivers\144D_SAMSUNG_na_Galaxy Book 12_P04H.mrk [MD5.334BAC25FE297342B119730E699B826C] - [15/03/2019 05:50:00] - |A| - [733592] - C:\Windows\system32\Drivers\acpi.sys [MD5.66E7F43C756AB790475161C1B7E7937D] - [15/03/2019 05:49:24] - |A| - [614200] - C:\Windows\system32\Drivers\afd.sys [MD5.DCE606F0E15E0FB75ECC02EBB3DEFA9C] - [15/03/2019 05:49:06] - |A| - [240640] - C:\Windows\system32\Drivers\ahcache.sys [MD5.654824DF0CE32C9D274C1943DEB19AEA] - [15/03/2019 05:49:23] - |A| - [180736] - C:\Windows\system32\Drivers\amdk8.sys [MD5.12C4246CE1B769B720BE0848F75AB4C1] - [15/03/2019 05:49:32] - |A| - [178688] - C:\Windows\system32\Drivers\amdppm.sys [MD5.B822E27AF26BD01DAE2043A03BB40504] - [15/03/2019 05:49:34] - |A| - [192416] - C:\Windows\system32\Drivers\appid.sys [MD5.09C01FC2138C0FB761329804E518C4FC] - [15/03/2019 05:30:54] - |A| - [37320] - C:\Windows\system32\Drivers\aswArDisk.sys [MD5.A3AF4A4FA6CBA27284F8289436C2F074] - [15/03/2019 05:30:54] - |A| - [205608] - C:\Windows\system32\Drivers\aswArPot.sys [MD5.E525ABD22FA957922A531F589B99F080] - [15/03/2019 05:30:53] - |A| - [254408] - C:\Windows\system32\Drivers\aswbidsdriver.sys [MD5.AC278D0CEFDA171454DC48D30041BFFD] - [15/03/2019 05:30:53] - |A| - [196304] - C:\Windows\system32\Drivers\aswbidsh.sys [MD5.B31E571256A3E633A35262E6B7C33277] - [15/03/2019 05:30:53] - |A| - [320904] - C:\Windows\system32\Drivers\aswblog.sys [MD5.3F6D4EA88CE585FFEC4AA686BD76273F] - [15/03/2019 05:30:53] - |A| - [58168] - C:\Windows\system32\Drivers\aswbuniv.sys [MD5.51EAD3FF390326279C353D871F1EB0C1] - [15/03/2019 05:30:54] - |A| - [15488] - C:\Windows\system32\Drivers\aswElam.sys [MD5.70E130BBF054EBC419B480347CA073A8] - [15/03/2019 05:30:54] - |A| - [249152] - C:\Windows\system32\Drivers\aswHdsKe.sys [MD5.E806A0DE7F5A63B3483C03E8BDD082EB] - [15/03/2019 05:30:54] - |A| - [42496] - C:\Windows\system32\Drivers\aswKbd.sys [MD5.36ED05FEB52E576F8BF732A2A0299946] - [15/03/2019 05:30:54] - |A| - [169104] - C:\Windows\system32\Drivers\aswMonFlt.sys [MD5.9C9F2D853E37CB6AC8AAA2E370ADCDC9] - [15/03/2019 05:30:54] - |A| - [112520] - C:\Windows\system32\Drivers\aswRdr2.sys [MD5.B95D1E1D3396632216CB9EE8700BB5A5] - [15/03/2019 05:30:54] - |A| - [88152] - C:\Windows\system32\Drivers\aswRvrt.sys [MD5.3F71FFEFD3C6D5B9271C1278911864F6] - [15/03/2019 05:30:54] - |A| - [1034640] - C:\Windows\system32\Drivers\aswSnx.sys [MD5.F925AF0153444FBDA28E10B87B7B4E06] - [15/03/2019 05:30:54] - |A| - [476256] - C:\Windows\system32\Drivers\aswSP.sys [MD5.67779F2101A8157C4FFED2FE113523E3] - [15/03/2019 05:30:54] - |A| - [220632] - C:\Windows\system32\Drivers\aswStm.sys [MD5.CCF5E79EE37B6FDEF509E1C609DCE8C1] - [15/03/2019 05:30:54] - |A| - [380160] - C:\Windows\system32\Drivers\aswVmm.sys [MD5.B173197D8F7801F2225A357B166F264D] - [15/03/2019 05:49:17] - |A| - [194456] - C:\Windows\system32\Drivers\ataport.sys [MD5.B33105421D8B1405CDC1C71389AFEFFA] - [15/03/2019 04:49:47] - |A| - [57624] - C:\Windows\system32\Drivers\AthrBT_0x00000300.dfu [MD5.436FB5F9872186A1E888B1064D675B17] - [15/03/2019 04:49:47] - |A| - [64168] - C:\Windows\system32\Drivers\AthrBT_0x00000302.dfu [MD5.5016FB403AB29A3159EBA08905E2AB61] - [15/03/2019 04:49:47] - |A| - [62948] - C:\Windows\system32\Drivers\AthrBT_TF_0x00000302.dfu [MD5.3CC12A09AE7293F4CD1688117B46B9BB] - [15/03/2019 05:49:24] - |A| - [59808] - C:\Windows\system32\Drivers\bam.sys [MD5.FAFAEDFC7CAFD8B8FADA6A81BAF92E3A] - [15/03/2019 05:51:25] - |A| - [34816] - C:\Windows\system32\Drivers\BasicRender.sys [MD5.CADE9022115860DC170C19BB5D953FF3] - [15/03/2019 04:56:12] - |A| - [129184] - C:\Windows\system32\Drivers\BcmGnssBus.sys [MD5.355D162E52819C19396FB01A8E005A1F] - [15/03/2019 05:48:59] - |A| - [10240] - C:\Windows\system32\Drivers\beep.sys [MD5.66D86C5509929E26A5896EA56966DC78] - [15/03/2019 04:50:08] - |A| - [199544] - C:\Windows\system32\Drivers\bhtpcrdr.sys [MD5.CBD250252D5152064B3C0366BF42CF5E] - [15/03/2019 05:49:19] - |A| - [101888] - C:\Windows\system32\Drivers\bowser.sys [MD5.EAF76A54383F7F13E90DA081C06A35F3] - [15/03/2019 05:49:25] - |A| - [116736] - C:\Windows\system32\Drivers\bridge.sys [MD5.8E1D70E7778202D82A82E0E6710B827A] - [15/03/2019 05:49:29] - |A| - [129536] - C:\Windows\system32\Drivers\bthpan.sys [MD5.9FE6899D354BE916E1B37FA6121DDF7B] - [15/03/2019 05:51:14] - |A| - [1015296] - C:\Windows\system32\Drivers\bthport.sys [MD5.03BB051642FC5A8186FCD2BA693F2C19] - [15/03/2019 05:49:12] - |A| - [93184] - C:\Windows\system32\Drivers\cdfs.sys [MD5.7DC141311B1DF9FA162711BBA8990ACC] - [15/03/2019 05:49:25] - |A| - [159744] - C:\Windows\system32\Drivers\cdrom.sys [MD5.CE46F05E36B2C0A667FEB7CC30022E99] - [15/03/2019 05:49:50] - |A| - [385536] - C:\Windows\system32\Drivers\cldflt.sys [MD5.F2B55209327431954BA0700B87148C86] - [15/03/2019 05:51:25] - |A| - [373656] - C:\Windows\system32\Drivers\clfs.sys [MD5.ECDEF8A4EFD0C3AC76FD0D4CF7EEACA2] - [20/03/2019 13:01:07] - |A| - [17944] - C:\Windows\system32\Drivers\cmdboot.sys [MD5.419679B07459AE41BED0EA733702E960] - [20/03/2019 13:00:09] - |A| - [125000] - C:\Windows\system32\Drivers\cmdcss.sys [MD5.FFD0E46512B5BE00184B0DCC6F60AFCA] - [15/03/2019 05:50:22] - |A| - [677184] - C:\Windows\system32\Drivers\cng.sys [MD5.4AFE2DC916208912D4172B74759BC796] - [15/03/2019 04:50:22] - |A| - [1213432] - C:\Windows\system32\Drivers\css_fw.bin [MD5.6B47A9A309BC407C4114D439F4CB7839] - [15/03/2019 05:06:04] - |A| - [97200] - C:\Windows\system32\Drivers\Data61x4_2_2.msc [MD5.D7E6591F3D2B9FB5C4F0D05D5CF3A9F8] - [15/03/2019 05:49:35] - |A| - [150528] - C:\Windows\system32\Drivers\dfsc.sys [MD5.8C7FF86607E367E6319F7F637115D665] - [15/03/2019 05:49:16] - |A| - [94104] - C:\Windows\system32\Drivers\disk.sys [MD5.804480F177952A3B75B7AEDE79BDFF01] - [15/03/2019 05:49:14] - |A| - [38808] - C:\Windows\system32\Drivers\Diskdump.sys [MD5.64009621AAF4BC6626BC1A623A26FAD1] - [15/03/2019 05:49:02] - |A| - [46592] - C:\Windows\system32\Drivers\dmvsc.sys [MD5.5AA448099BECCD500382A98D01348E61] - [25/03/2019 23:04:45] - |A| - [76608] - C:\Windows\system32\Drivers\dokan.sys [MD5.FC1075485CEBFC2EE39CA12AC1FB9CA2] - [15/03/2019 04:50:22] - |A| - [243016] - C:\Windows\system32\Drivers\dsp_fw_release.bin [MD5.212FA255A8E4BE45855CB675F83E4BC1] - [15/03/2019 04:50:22] - |A| - [12288] - C:\Windows\system32\Drivers\dsp_fw_release_7CAD0808-AB10-CD23-EF45-12AB34CD56EF.bin [MD5.47E729643369871A55E6FC88E1CBC49B] - [15/03/2019 05:49:23] - |A| - [91152] - C:\Windows\system32\Drivers\dumpfve.sys [MD5.895AE5D7784FA170505971B49D8C9158] - [15/03/2019 05:51:27] - |A| - [187296] - C:\Windows\system32\Drivers\dumpsd.sys [MD5.198277EABE39BF31B0E46108D62292FF] - [15/03/2019 05:49:05] - |A| - [25600] - C:\Windows\system32\Drivers\Dumpstorport.sys [MD5.F18E76222F415311338BE05B9830D705] - [17/03/2019 05:37:48] - |A| - [2275] - C:\Windows\system32\Drivers\dump_cmd_history.log [MD5.C4E8D6CD22BB45B35B88C9F1105DAA90] - [15/03/2019 05:51:20] - |A| - [2567168] - C:\Windows\system32\Drivers\dxgkrnl.sys [MD5.40B77D73F0905CFB8380464C96C8E336] - [15/03/2019 05:49:48] - |A| - [409088] - C:\Windows\system32\Drivers\dxgmms1.sys [MD5.AC327BD7641E63FB779124C58021765C] - [15/03/2019 05:50:05] - |A| - [749368] - C:\Windows\system32\Drivers\dxgmms2.sys [MD5.4521B54D93433E772071666E52CB5B90] - [15/03/2019 05:49:15] - |A| - [354304] - C:\Windows\system32\Drivers\exfat.sys [MD5.32ABC203BAF146E09B92E78C4B950E0B] - [15/03/2019 05:49:27] - |A| - [371512] - C:\Windows\system32\Drivers\fastfat.sys [MD5.12402712DF6D8CDF56BA277D894615B8] - [17/03/2019 05:37:47] - |A| - [1107] - C:\Windows\system32\Drivers\firmware_assert.log [MD5.ECD2030E78AF8D696A2E59796CA0B798] - [15/03/2019 05:49:36] - |A| - [398744] - C:\Windows\system32\Drivers\fltMgr.sys [MD5.0425D9D2A679060CC9755449779FBA54] - [15/03/2019 05:49:25] - |A| - [62880] - C:\Windows\system32\Drivers\fsdepends.sys [MD5.B962036CAADC05E466FEB165E0974587] - [15/03/2019 05:49:14] - |A| - [34208] - C:\Windows\system32\Drivers\fs_rec.sys [MD5.E69DD852F5D8B6E74A6014C01FD094B9] - [15/03/2019 05:50:01] - |A| - [727352] - C:\Windows\system32\Drivers\fvevol.sys [MD5.D6FD2A0EB741A756294837048DCF4BB4] - [25/03/2019 23:50:41] - |A| - [8148] - C:\Windows\system32\Drivers\fvstore.dat [MD5.E293FF985D94B4C4C78F3BD08B470869] - [17/03/2019 05:37:48] - |A| - [98304] - C:\Windows\system32\Drivers\fwdump_ar6320v3_axi1.log [MD5.CA77BEC7316F381CB186C7B97F9C8B09] - [17/03/2019 05:37:48] - |A| - [688128] - C:\Windows\system32\Drivers\fwdump_ar6320v3_dram.log [MD5.EAE4273AC7D45705FC6A2F356C1D7161] - [17/03/2019 05:37:48] - |A| - [524288] - C:\Windows\system32\Drivers\fwdump_ar6320v3_iram.log [MD5.E3F1E2CD8154645AB3183F1EF0969A52] - [17/03/2019 05:37:47] - |A| - [522272] - C:\Windows\system32\Drivers\fwdump_ar6320v3_reg.log [MD5.522B3F3AB2B017C6EB0483591E6A0C4F] - [17/03/2019 05:37:48] - |A| - [1958] - C:\Windows\system32\Drivers\fwdump_ce_reg.log [MD5.1330C4C0F6216317BC18E239736D99E6] - [17/03/2019 05:37:47] - |A| - [240] - C:\Windows\system32\Drivers\fwdump_cpu_ctx.log [MD5.676DDED9855BDE7097CE58E7506B5CAE] - [15/03/2019 05:49:19] - |A| - [441248] - C:\Windows\system32\Drivers\FWPKCLNT.SYS [MD5.582578F031109BE65C15E1D8A45BA547] - [15/03/2019 05:48:58] - |A| - [8192] - C:\Windows\system32\Drivers\gpuenergydrv.sys [MD5.13B124DF8C029832ED67A5A7057D2966] - [15/03/2019 05:49:26] - |A| - [46080] - C:\Windows\system32\Drivers\hidparse.sys [MD5.569A3F866795E86AC43651C7C7613ED1] - [27/03/2019 08:06:45] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_115188375.log [MD5.70D0246F6A4C67F71363EC65E07CCBAE] - [17/03/2019 05:37:49] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_116930093.log [MD5.16A36D3261DF0E33F469B898F1C41B7A] - [22/03/2019 08:14:31] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_178802734.log [MD5.465640655420A50E64BFF27C422CCF4E] - [22/03/2019 08:29:01] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_179672437.log [MD5.C09CD149F4EFCD38AC001B111740E93E] - [22/03/2019 08:43:29] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_180540812.log [MD5.C03ECE9A0A3A3DB23352541CFBFBCC0E] - [22/03/2019 09:12:31] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_182282015.log [MD5.7C9C2E1637E2DAF85C75E9868FAA6C76] - [22/03/2019 09:27:01] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_183152421.log [MD5.B15B1EDBB16E88D338C3C8F4A1DE5555] - [22/03/2019 09:55:58] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_184889671.log [MD5.34626155E19D4DB3DD16FBB611340800] - [21/03/2019 08:04:30] - |A| - [2097152] - C:\Windows\system32\Drivers\hostdump_mem_log_100001d7_91801656.log [MD5.35F1FA08AF3177C5297664D664263753] - [15/03/2019 05:49:51] - |A| - [1101624] - C:\Windows\system32\Drivers\http.sys [MD5.19F47BC54BDF101B38600C06936336EF] - [15/03/2019 05:49:23] - |A| - [75784] - C:\Windows\system32\Drivers\hvservice.sys [MD5.66710EB477D6FADE86B61C9BA9765DB9] - [15/03/2019 05:49:19] - |A| - [129432] - C:\Windows\system32\Drivers\hvsocket.sys [MD5.E3BDE6C567ED5CD7B15B2E522C120D02] - [15/03/2019 05:49:01] - |A| - [16896] - C:\Windows\system32\Drivers\hyperkbd.sys [MD5.1D7BBC4C6F33A4A6189AEA1509615DF9] - [15/03/2019 05:49:00] - |A| - [28160] - C:\Windows\system32\Drivers\HyperVideo.sys [MD5.12E538BA534F70A5D60437726B44145C] - [15/03/2019 04:50:40] - |A| - [2410368] - C:\Windows\system32\Drivers\iacamera64.sys [MD5.473D483EF010EE979F6B9306A79C9222] - [15/03/2019 04:50:40] - |A| - [179792] - C:\Windows\system32\Drivers\iactrllogic64.sys [MD5.FB514FC05E409D407C9B3D0398D3ECC0] - [15/03/2019 04:55:07] - |A| - [1018032] - C:\Windows\system32\Drivers\iaStorAC.sys [MD5.96B59E21B1D54BFA79787F33230ACFB8] - [15/03/2019 04:50:41] - |A| - [145360] - C:\Windows\system32\Drivers\imx241.sys [MD5.AE29B00FB26F8A621AFC01762A35130D] - [15/03/2019 04:50:23] - |A| - [131248] - C:\Windows\system32\Drivers\IMX241_FN50FF-562H_SKY_pipeCfg.bin [MD5.178BA728DAECB35B5772BA02FCCC48AD] - [15/03/2019 04:50:41] - |A| - [138384] - C:\Windows\system32\Drivers\imx258.sys [MD5.FB61F36529199C6051126B272BA07BB6] - [15/03/2019 04:50:23] - |A| - [1108688] - C:\Windows\system32\Drivers\IMX258_START2REAR_SKY_pipeCfg.bin [MD5.688D95B6C2986603EE8A0E5351FFC98F] - [15/03/2019 04:50:41] - |A| - [770600] - C:\Windows\system32\Drivers\IntcOED.sys [MD5.E05247CDC6F9E6C5C1F92CA4BF59D649] - [15/03/2019 05:49:22] - |A| - [130600] - C:\Windows\system32\Drivers\intelpep.sys [MD5.7344528DFD4484CF86F36E24E7CB59B1] - [15/03/2019 05:49:31] - |A| - [199168] - C:\Windows\system32\Drivers\intelppm.sys [MD5.BF933330256DEDAFA939BEBC46D060C7] - [15/03/2019 05:49:02] - |A| - [119808] - C:\Windows\system32\Drivers\irda.sys [MD5.A3B7A93F32E110949CA01DDE7C6B991B] - [15/03/2019 05:49:14] - |A| - [22936] - C:\Windows\system32\Drivers\isapnp.sys [MD5.0BEB78AC69A1E8B77FE407CF5BE9DB1E] - [20/03/2019 13:00:45] - |A| - [63256] - C:\Windows\system32\Drivers\isedrv.sys [MD5.BF0E0B7DE4E9BC8E0515779F66ACA853] - [15/03/2019 09:28:33] - |A| - [161408] - C:\Windows\system32\Drivers\KeyCrypt64.sys [MD5.5CEC554765156FC7E534D8D640D98AE0] - [15/03/2019 05:49:36] - |A| - [394752] - C:\Windows\system32\Drivers\ks.sys [MD5.1D0BCBD3BFFCB16C3C033938211382E7] - [15/03/2019 05:50:44] - |A| - [138768] - C:\Windows\system32\Drivers\ksecdd.sys [MD5.4A466AEA66978648088B0019FCE9F89D] - [15/03/2019 05:49:31] - |A| - [170808] - C:\Windows\system32\Drivers\ksecpkg.sys [MD5.56B6326B15A14043C82ED9EA3B817E2C] - [15/03/2019 05:49:03] - |A| - [65024] - C:\Windows\system32\Drivers\lltdio.sys [MD5.8209AC7D3F8AF41E3A14D022CD1F2040] - [15/03/2019 05:49:17] - |A| - [103320] - C:\Windows\system32\Drivers\mountmgr.sys [MD5.919839EEEFE4DA2BFF8D236A17306F00] - [15/03/2019 05:49:21] - |A| - [75776] - C:\Windows\system32\Drivers\mpsdrv.sys [MD5.DAFBC585B0EE92CE047219778C033A17] - [15/03/2019 05:49:26] - |A| - [143872] - C:\Windows\system32\Drivers\mrxdav.sys [MD5.E1A004C870BFE8021AE0174F0FD4B259] - [15/03/2019 05:49:54] - |A| - [494592] - C:\Windows\system32\Drivers\mrxsmb.sys [MD5.53E44A855B6EB8D83B5DE147193F9AD5] - [15/03/2019 05:51:21] - |A| - [285696] - C:\Windows\system32\Drivers\mrxsmb10.sys [MD5.2161BD866271E678B97A46AA3EFC78DD] - [15/03/2019 05:50:08] - |A| - [230200] - C:\Windows\system32\Drivers\mrxsmb20.sys [MD5.70F6376E82A58774C2F89B22D049AE0B] - [15/03/2019 05:49:12] - |A| - [31232] - C:\Windows\system32\Drivers\msfs.sys [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2019 22:42:48] - |AH| - [0] - C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf [MD5.13BAA9B1970343AE7B7028B611E52133] - [15/03/2019 05:49:39] - |A| - [279968] - C:\Windows\system32\Drivers\msiscsi.sys [MD5.804A1E2A1ADCB6ED07E2FF63F18D54A8] - [15/03/2019 05:49:16] - |A| - [33280] - C:\Windows\system32\Drivers\mskssrv.sys [MD5.71742A35608B336411E1F1FFBD03616F] - [15/03/2019 05:49:26] - |A| - [377656] - C:\Windows\system32\Drivers\msrpc.sys [MD5.DD673D9422457EFCCDEE45C73C0DF241] - [15/03/2019 05:49:17] - |A| - [123800] - C:\Windows\system32\Drivers\mup.sys [MD5.C80B48A76224CA80CFAB2C341C29C96B] - [15/03/2019 05:49:36] - |A| - [1277968] - C:\Windows\system32\Drivers\ndis.sys [MD5.E9676E94DEA144259344A15D68785B17] - [15/03/2019 05:49:02] - |A| - [65024] - C:\Windows\system32\Drivers\ndisuio.sys [MD5.8ABF5B8D5839F8DAE2E0D3165AE732F6] - [15/03/2019 05:49:16] - |A| - [62976] - C:\Windows\system32\Drivers\ndproxy.sys [MD5.80475A12D4AA90937CE69265BAFA993F] - [15/03/2019 05:49:18] - |A| - [57760] - C:\Windows\system32\Drivers\netbios.sys [MD5.E258CE8B8053518AF47610BC0486E915] - [15/03/2019 05:49:25] - |A| - [316928] - C:\Windows\system32\Drivers\netbt.sys [MD5.6842DCD883B41E60C62729B66955E54F] - [15/03/2019 05:49:54] - |A| - [537600] - C:\Windows\system32\Drivers\netio.sys [MD5.8AED8AF4CBF661E82CF74CBF198B0C56] - [15/03/2019 05:49:30] - |A| - [192512] - C:\Windows\system32\Drivers\netvsc.sys [MD5.94ADC3DC91478B67723BDBAD3DDA9101] - [15/03/2019 05:49:25] - |A| - [73728] - C:\Windows\system32\Drivers\npfs.sys [MD5.201F3764A379001168DFB2B90F7C1E57] - [15/03/2019 05:49:03] - |A| - [44544] - C:\Windows\system32\Drivers\nsiproxy.sys [MD5.B38E30B22AD57B71749E261A74F167DB] - [15/03/2019 05:51:13] - |A| - [2394640] - C:\Windows\system32\Drivers\ntfs.sys [MD5.6D8A287B88F76EB47ACC6BF8E318E1FD] - [15/03/2019 05:48:58] - |A| - [7168] - C:\Windows\system32\Drivers\null.sys [MD5.C749DA8C4B8F4DCABF61651B65938E69] - [15/03/2019 05:51:12] - |A| - [529408] - C:\Windows\system32\Drivers\nwifi.sys [MD5.681E8A68C13253D23B93953FDE569120] - [15/03/2019 05:49:39] - |A| - [166304] - C:\Windows\system32\Drivers\partmgr.sys [MD5.87B874DB35D134324C21A3B2A92BD14D] - [15/03/2019 05:49:55] - |A| - [363536] - C:\Windows\system32\Drivers\pci.sys [MD5.6F55F5AD830F8EA1D37ED23A0CBD7112] - [15/03/2019 05:49:17] - |A| - [53152] - C:\Windows\system32\Drivers\pcw.sys [MD5.7D9F4EB1450CFB32D708BF943C170475] - [15/03/2019 05:49:03] - |A| - [723968] - C:\Windows\system32\Drivers\PEAuth.sys [MD5.C009BE61D95CAD5F999D0F4785AEFB7B] - [15/03/2019 05:49:32] - |A| - [177664] - C:\Windows\system32\Drivers\processr.sys [MD5.3AF12A2C0142A9CD5F136012AFA06AE1] - [15/03/2019 05:06:01] - |A| - [1089632] - C:\Windows\system32\Drivers\qca61x4_2_2.bin [MD5.07D8BF4B5744F5F8E891588E73406901] - [15/03/2019 04:49:47] - |A| - [1859] - C:\Windows\system32\Drivers\ramps_0x00000200_48.dfu [MD5.5953E08D660E69C47C562F1B9B2B32DF] - [15/03/2019 04:49:47] - |A| - [1890] - C:\Windows\system32\Drivers\ramps_0x00000300_48.dfu [MD5.DC028F49652F4D17B951F440A5576ED0] - [15/03/2019 04:49:47] - |A| - [1890] - C:\Windows\system32\Drivers\ramps_0x00000300_48_NFA435_10db.dfu [MD5.7A86618CA07A6C9CD998040DDC7C320C] - [15/03/2019 04:49:47] - |A| - [1996] - C:\Windows\system32\Drivers\ramps_0x00000302_48.dfu [MD5.1AC4B82E4032024B93C6D23AC448338D] - [15/03/2019 04:49:47] - |A| - [1996] - C:\Windows\system32\Drivers\ramps_0x00000302_48_NFA354A_10db.dfu [MD5.7CF9306F281E45A1244C48A1E61B55D3] - [15/03/2019 04:49:47] - |A| - [2020] - C:\Windows\system32\Drivers\ramps_0x00000302_48_tx8.dfu [MD5.3FC0599A2C17BBD47A12D76B97AB6AD6] - [15/03/2019 04:49:47] - |A| - [1996] - C:\Windows\system32\Drivers\ramps_TF_0x00000302_48.dfu [MD5.90CBBD24C872B35D220175D296A26896] - [15/03/2019 04:49:47] - |A| - [1996] - C:\Windows\system32\Drivers\ramps_TF_0x00000302_48_NFA435_10dbm.dfu [MD5.BD6EF1748DC3DBACEC97B87B6252AAC7] - [15/03/2019 05:49:00] - |A| - [17920] - C:\Windows\system32\Drivers\rasacd.sys [MD5.AACA74DEF7BE3DED322411787494878B] - [15/03/2019 05:49:30] - |A| - [97280] - C:\Windows\system32\Drivers\raspptp.sys [MD5.A63A038ADA3D316E0255A1529BC0044A] - [15/03/2019 05:51:24] - |A| - [428048] - C:\Windows\system32\Drivers\rdbss.sys [MD5.9D7E65A15478944836C353B556F9CB87] - [15/03/2019 05:49:02] - |A| - [27136] - C:\Windows\system32\Drivers\rdpbus.sys [MD5.3F091F69F7D595C04229DDA0C55D59A6] - [15/03/2019 05:49:26] - |A| - [182784] - C:\Windows\system32\Drivers\rdpdr.sys [MD5.A4C3DC6530752AF3C78DAAC8B2B23EA7] - [15/03/2019 05:49:18] - |A| - [282528] - C:\Windows\system32\Drivers\rdyboost.sys [MD5.E6DE6B3BE8743E5817943035C83183BA] - [15/03/2019 05:49:37] - |A| - [1849872] - C:\Windows\system32\Drivers\refs.sys [MD5.F29EE7C740DCC9CAFC5E6995C1552B2E] - [15/03/2019 05:49:32] - |A| - [937784] - C:\Windows\system32\Drivers\refsv1.sys [MD5.70EFFC47D86C7A3084247614C7E68999] - [15/03/2019 05:49:05] - |A| - [43008] - C:\Windows\system32\Drivers\RfxVmt.sys [MD5.42FE8F090C876F8013CBDA4413F6E1B1] - [15/03/2019 05:49:03] - |A| - [149504] - C:\Windows\system32\Drivers\rmcast.sys [MD5.4778EEECB75C6FB419745BEED3530B9D] - [15/03/2019 19:44:46] - |A| - [26024] - C:\Windows\system32\Drivers\rsdrvx64.sys [MD5.AD13DE72124DE7679B4434D1DDEA6105] - [15/03/2019 04:57:48] - |A| - [28641214] - C:\Windows\system32\Drivers\RTAIODAT.DAT [MD5.88A88DFB87FFAF1728F010D78D97EC5F] - [15/03/2019 05:49:29] - |A| - [118688] - C:\Windows\system32\Drivers\scmbus.sys [MD5.1F58E6D5C1F211DE8BF5131BF12077D1] - [15/03/2019 05:51:25] - |A| - [285080] - C:\Windows\system32\Drivers\sdbus.sys [MD5.80E9563F0B75E98482ECB7D5CBA56BBA] - [15/03/2019 05:49:29] - |A| - [97176] - C:\Windows\system32\Drivers\sdstor.sys [MD5.70152AEAF7BA36ECE077DFE520E3962D] - [25/03/2019 23:47:59] - |A| - [1346337] - C:\Windows\system32\Drivers\sfi.dat [MD5.B0BD3A226096405CC1E02E0D37F9B8DA] - [15/03/2019 05:49:32] - |A| - [172560] - C:\Windows\system32\Drivers\spacedump.sys [MD5.0B365656491D21B3ED378035550CC9A6] - [15/03/2019 05:49:58] - |A| - [571704] - C:\Windows\system32\Drivers\spaceport.sys [MD5.0AC8443614164E0F52A062B21ABFE466] - [15/03/2019 05:50:20] - |A| - [725504] - C:\Windows\system32\Drivers\srv2.sys [MD5.2D4F0054F73AB875C9B9FB1AB6BA18D2] - [15/03/2019 05:49:29] - |A| - [259072] - C:\Windows\system32\Drivers\srvnet.sys [MD5.7D975D562E5F8A9CBDBC55328F3D1200] - [15/03/2019 05:49:34] - |A| - [149400] - C:\Windows\system32\Drivers\storahci.sys [MD5.B5C44E8262AA6D3B20E45F8D2FAE54A3] - [15/03/2019 05:49:28] - |A| - [103320] - C:\Windows\system32\Drivers\stornvme.sys [MD5.C9FD44EDBE1D85B75C34854E3A7333EB] - [15/03/2019 05:51:16] - |A| - [558592] - C:\Windows\system32\Drivers\storport.sys [MD5.15599E47C28DC511F0CA3B664A257728] - [15/03/2019 05:49:04] - |A| - [79872] - C:\Windows\system32\Drivers\storqosflt.sys [MD5.4D6FF8DDBF9CC61EC95A4BF4096D52FF] - [15/03/2019 05:49:46] - |A| - [45472] - C:\Windows\system32\Drivers\storufs.sys [MD5.6FD2D01E4AD9494874A3A8BA74A8FA64] - [15/03/2019 05:49:16] - |A| - [39328] - C:\Windows\system32\Drivers\storvsc.sys [MD5.3D63A58A9DD3F984A7E3C2F2CB357E06] - [15/03/2019 05:49:02] - |A| - [64512] - C:\Windows\system32\Drivers\Synth3dVsc.sys [MD5.17F5A1C48CC8E6CDE18889746AD2DD72] - [15/03/2019 05:49:44] - |A| - [2774840] - C:\Windows\system32\Drivers\tcpip.sys [MD5.09125A12CAB5F8D5EAE9C83C25792FDD] - [15/03/2019 05:49:17] - |A| - [121248] - C:\Windows\system32\Drivers\tdx.sys [MD5.D96E9BAA9B222AB6CB3A24EC76EF61F6] - [15/03/2019 05:49:26] - |A| - [128312] - C:\Windows\system32\Drivers\tm.sys [MD5.F54728E32D67537C5A13454E23449C7A] - [15/03/2019 05:49:19] - |A| - [229272] - C:\Windows\system32\Drivers\tpm.sys [MD5.248DEE24AB2EC426ACB12425AD222262] - [15/03/2019 05:51:21] - |A| - [57344] - C:\Windows\system32\Drivers\UcmUcsi.sys [MD5.1A0D1F1FFDBFFECE8DA47DC0096A7C2A] - [15/03/2019 05:49:30] - |A| - [225696] - C:\Windows\system32\Drivers\Ucx01000.sys [MD5.02AAA4B56D789818A8DDB36CF963177B] - [15/03/2019 05:49:12] - |A| - [323072] - C:\Windows\system32\Drivers\udfs.sys [MD5.A97114134A672616A807F2EC1439F566] - [15/03/2019 05:49:20] - |A| - [28576] - C:\Windows\system32\Drivers\uefi.sys [MD5.FD96B5C2479728B1ECB395440CE562A5] - [15/03/2019 05:50:17] - |A| - [555928] - C:\Windows\system32\Drivers\USBHUB3.SYS [MD5.3259EFED98AC5120CEEB5F63837D6A77] - [15/03/2019 05:49:46] - |A| - [453024] - C:\Windows\system32\Drivers\usbport.sys [MD5.446F2908C891A583BEA930226E37036E] - [15/03/2019 05:49:00] - |A| - [71680] - C:\Windows\system32\Drivers\usbser.sys [MD5.343FAE2654C428DD977BDC064FA852AA] - [15/03/2019 05:49:52] - |A| - [437664] - C:\Windows\system32\Drivers\USBXHCI.SYS [MD5.BF13071600C1A0B090BEEC159A75B133] - [15/03/2019 05:49:16] - |A| - [54688] - C:\Windows\system32\Drivers\vdrvroot.sys [MD5.6C4BFF83995B2D9A41F70C372C2C3A3E] - [15/03/2019 05:49:34] - |A| - [712504] - C:\Windows\system32\Drivers\vhdmp.sys [MD5.E6D8C5353865C21F48C8217456526B38] - [15/03/2019 05:49:17] - |A| - [81304] - C:\Windows\system32\Drivers\vmbkmcl.sys [MD5.F0E8663CCA6F4573CF6011DEFD0F4633] - [15/03/2019 05:49:04] - |A| - [80384] - C:\Windows\system32\Drivers\vmbkmclr.sys [MD5.8A5A3B9927832D514D3DAE87D7D692B1] - [15/03/2019 05:49:19] - |A| - [110008] - C:\Windows\system32\Drivers\vmbus.sys [MD5.12723C0F54432B4A98702110B344B030] - [15/03/2019 05:48:59] - |A| - [25088] - C:\Windows\system32\Drivers\VMBusHID.sys [MD5.DFAB4D8FE39C64EAD3A4DCBA25AAFEE0] - [15/03/2019 05:48:59] - |A| - [13312] - C:\Windows\system32\Drivers\vmgencounter.sys [MD5.3269D9C7600317EEAA6AAF3AD1A31D34] - [15/03/2019 05:48:59] - |A| - [10240] - C:\Windows\system32\Drivers\vmgid.sys [MD5.96C14A080CE15E4D8A9C7AE526F7B804] - [15/03/2019 05:48:58] - |A| - [9216] - C:\Windows\system32\Drivers\vms3cap.sys [MD5.03B1F66AB47618A6123EB0631B57A31B] - [15/03/2019 05:49:16] - |A| - [47512] - C:\Windows\system32\Drivers\vmstorfl.sys [MD5.E4FF0D44DE5AA492DEA3902D0349024E] - [15/03/2019 05:49:32] - |A| - [82840] - C:\Windows\system32\Drivers\volmgr.sys [MD5.5B27846CF4B1C21AFB3A35A8336BA02F] - [15/03/2019 05:49:32] - |A| - [401304] - C:\Windows\system32\Drivers\volsnap.sys [MD5.91A151ECECE676EA7D7C30FF440D5324] - [15/03/2019 05:49:22] - |A| - [76584] - C:\Windows\system32\Drivers\vpci.sys [MD5.0D34F98DBDF09D239533AC345C360F03] - [15/03/2019 05:49:23] - |A| - [41472] - C:\Windows\system32\Drivers\vwifimp.sys [MD5.84933C2D49DFF14FDCAC06DC57A03346] - [15/03/2019 05:49:18] - |A| - [80896] - C:\Windows\system32\Drivers\wanarp.sys [MD5.0610F02EC87DBF6BA319CB1D6B8771AE] - [15/03/2019 05:49:59] - |A| - [147872] - C:\Windows\system32\Drivers\wcifs.sys [MD5.87F462C7D37F380187BE12F079F73216] - [15/03/2019 05:49:26] - |A| - [75264] - C:\Windows\system32\Drivers\wcnfs.sys [MD5.76206471CAECD15BF1EC0A3E6ABC1899] - [15/03/2019 05:49:56] - |A| - [775168] - C:\Windows\system32\Drivers\WdiWiFi.sys [MD5.C82198D3B33854D9578F9B09025E4293] - [15/03/2019 05:49:32] - |A| - [163744] - C:\Windows\system32\Drivers\wfplwfs.sys [MD5.4499AB24236526E5CFCE817CD02EC034] - [15/03/2019 05:49:17] - |A| - [71208] - C:\Windows\system32\Drivers\WindowsTrustedRT.sys [MD5.D1730E3D3D231BAFB4A39757FBEC4719] - [15/03/2019 05:49:18] - |A| - [31672] - C:\Windows\system32\Drivers\winhv.sys [MD5.52608B1E0541C4BBEC904F4A1F4A6C86] - [15/03/2019 05:49:14] - |A| - [62464] - C:\Windows\system32\Drivers\winhvr.sys [MD5.F6496AA598D59BFB7B54940C874C00E4] - [15/03/2019 05:49:33] - |A| - [226816] - C:\Windows\system32\Drivers\winnat.sys [MD5.4E2AAE9374C1E22A5AD33C2E55C1685D] - [15/03/2019 05:08:32] - |A| - [2097152] - C:\Windows\system32\Drivers\wlan_memlog.log [MD5.15CB59B1D2E97169E74CF3CDABF4A6B2] - [15/03/2019 05:49:48] - |A| - [339968] - C:\Windows\system32\Drivers\wmbclass.sys [MD5.21E13F2CB269DEFEAE5E1D09887D47BB] - [15/03/2019 09:28:39] - |A| - [203680] - C:\Windows\system32\Drivers\zam64.sys [MD5.21E13F2CB269DEFEAE5E1D09887D47BB] - [15/03/2019 09:28:39] - |A| - [203680] - C:\Windows\system32\Drivers\zamguard64.sys [MD5.EDA56DAD3FD915D33268D9186AF82EE3] - [15/03/2019 05:49:23] - |A| - [155136] - C:\Windows\syswow64\aadauthhelper.dll [MD5.ED3794591127223D1C894394111F5B05] - [15/03/2019 05:49:38] - |A| - [955392] - C:\Windows\syswow64\aadtb.dll [MD5.A64158A18C23A80BCF2E064B8009F9F0] - [15/03/2019 05:49:01] - |A| - [252928] - C:\Windows\syswow64\AboveLockAppHost.dll [MD5.AD666E2117B38BC7D2479DB29873753B] - [28/03/2019 12:41:06] - |A| - [172032] - C:\Windows\syswow64\ac3filter.cpl [MD5.ECA369FB5E31F66FF895650657484D24] - [15/03/2019 05:51:21] - |A| - [2402304] - C:\Windows\syswow64\AcGenral.dll [MD5.E76559F87F7F0A1EBE091D56E8F129BB] - [15/03/2019 05:51:25] - |A| - [372736] - C:\Windows\syswow64\AcLayers.dll [MD5.CA0518ED04AC054E5F3687F5DD8A558B] - [15/03/2019 05:49:25] - |A| - [5388800] - C:\Windows\syswow64\aclui.dll [MD5.04182E0E5ACC0E8D6990AECC508B7F0D] - [15/03/2019 05:49:22] - |A| - [68096] - C:\Windows\syswow64\acppage.dll [MD5.94CA9C635FCDF0007D9B152E51D46694] - [15/03/2019 05:51:25] - |A| - [473088] - C:\Windows\syswow64\AcSpecfc.dll [MD5.50FD3B24A690228EF6376076D8A48359] - [15/03/2019 05:50:00] - |A| - [443904] - C:\Windows\syswow64\ActivationManager.dll [MD5.0B92E22CA7615C63D1FE8962AD40E34B] - [15/03/2019 05:50:13] - |A| - [1546752] - C:\Windows\syswow64\ActiveSyncProvider.dll [MD5.D6140C97A2803B4151A83732A9710038] - [15/03/2019 05:49:18] - |A| - [261632] - C:\Windows\syswow64\actxprxy.dll [MD5.3A718179031B96707D9202FFB06E64E3] - [15/03/2019 05:49:32] - |A| - [481552] - C:\Windows\syswow64\advapi32.dll [MD5.8F36A806022ECA990463615D88F8E285] - [15/03/2019 05:50:11] - |A| - [383288] - C:\Windows\syswow64\aepic.dll [MD5.D0C50C113FE59C21AD59932E6B9C202F] - [28/03/2019 16:55:51] - |A| - [38320] - C:\Windows\syswow64\ampa.sys [MD5.D978E94C6E705B462A136B7130128042] - [15/03/2019 05:49:00] - |A| - [84480] - C:\Windows\syswow64\AppCapture.dll [MD5.27392A93FA251F6A90DF876F99CD648C] - [15/03/2019 05:49:48] - |A| - [614912] - C:\Windows\syswow64\apphelp.dll [MD5.9855E3C9AEA3DAF68A5E816A3979EAB8] - [15/03/2019 05:49:24] - |A| - [52248] - C:\Windows\syswow64\appidapi.dll [MD5.E8E8FEA931FDBF1E6D7F0B50F2945FD6] - [15/03/2019 05:49:40] - |A| - [233984] - C:\Windows\syswow64\AppLockerCSP.dll [MD5.D2F1A5DEC93E5CCED76FEED9BE7ABD2E] - [15/03/2019 05:49:25] - |A| - [444416] - C:\Windows\syswow64\AppResolver.dll [MD5.78A588C3E0250B96FD8321AC314E2767] - [15/03/2019 05:49:42] - |A| - [755712] - C:\Windows\syswow64\appwiz.cpl [MD5.C98F1C7A9A6B6F6C61F5712A5E5245BB] - [15/03/2019 05:49:43] - |A| - [201728] - C:\Windows\syswow64\AppxAllUserStore.dll [MD5.76E4BC6F0A68AA87BC6DC2F6C027553B] - [15/03/2019 05:49:39] - |A| - [544336] - C:\Windows\syswow64\AppXDeploymentClient.dll [MD5.7E04D46B430873BA2DB5DBE92B567CCB] - [15/03/2019 05:28:24] - |A| - [86016] - C:\Windows\syswow64\atl70.dll [MD5.3AA83651D14BED011EE9A3460F336CB1] - [15/03/2019 05:28:24] - |A| - [90112] - C:\Windows\syswow64\atl71.dll [MD5.1594A2F3301172E0C32316ECA8681D99] - [15/03/2019 05:49:45] - |A| - [311096] - C:\Windows\syswow64\atmfd.dll [MD5.647C1592A54A228EED5996A813DF8F8A] - [15/03/2019 05:48:57] - |A| - [38912] - C:\Windows\syswow64\atmlib.dll [MD5.4E0723A2A20628DE9CD9CE42678431F9] - [15/03/2019 05:51:26] - |A| - [1246336] - C:\Windows\syswow64\AudioEng.dll [MD5.3FFCF854457B5DFCE5DD2102F11B4E66] - [15/03/2019 05:49:19] - |A| - [386336] - C:\Windows\syswow64\AUDIOKSE.dll [MD5.D5228464E6EC1FF090670AD4101FA9E9] - [15/03/2019 05:51:22] - |A| - [982952] - C:\Windows\syswow64\AudioSes.dll [MD5.EA985A6D511726B5D219A4D4A2E79543] - [15/03/2019 05:49:34] - |A| - [5105664] - C:\Windows\syswow64\AuthFWSnapin.dll [MD5.FE32916A1D8EB46E7502D93E14C27A92] - [15/03/2019 05:49:45] - |A| - [455680] - C:\Windows\syswow64\authui.dll [MD5.9D97FFD3CF17D1CF5C2B7169E28AE585] - [15/03/2019 05:48:59] - |A| - [184832] - C:\Windows\syswow64\authz.dll [MD5.8B0C43850C0C05E9AC505D64C7615648] - [15/03/2019 05:49:27] - |A| - [1277440] - C:\Windows\syswow64\AzureSettingSyncProvider.dll [MD5.53A654A1EC589A0E2DC587D611FE18FF] - [15/03/2019 05:49:29] - |A| - [180720] - C:\Windows\syswow64\basecsp.dll [MD5.7B9AF7AB0A6B394C4C7B76C98F24CE2F] - [15/03/2019 05:48:59] - |A| - [1663488] - C:\Windows\syswow64\batmeter.dll [MD5.BC84A33F6C185FB5A58EC60F73DADAED] - [15/03/2019 05:49:06] - |A| - [886784] - C:\Windows\syswow64\bcastdvr.exe [MD5.69FE669280B3571DF31FC1B83E2ACBAB] - [15/03/2019 05:49:20] - |A| - [97160] - C:\Windows\syswow64\bcrypt.dll [MD5.F5E1C873F38828D4D12D88E4089BA68D] - [15/03/2019 05:49:33] - |A| - [353752] - C:\Windows\syswow64\bcryptprimitives.dll [MD5.8B14F3DBC532A1AE1469EEB416F26165] - [15/03/2019 04:50:04] - |A| - [1888112] - C:\Windows\syswow64\bhtv5Icon.dll [MD5.9851FD294456B72440B86B084D39F2AE] - [15/03/2019 05:49:52] - |A| - [6204416] - C:\Windows\syswow64\BingMaps.dll [MD5.D494D0B42DB2042FC64F5303765D1DC6] - [15/03/2019 05:49:38] - |A| - [756736] - C:\Windows\syswow64\BingOnlineServices.dll [MD5.D9AAD89CD5D2ACB0CEAA183C594545E9] - [15/03/2019 05:49:29] - |A| - [113664] - C:\Windows\syswow64\BitLockerCsp.dll [MD5.556F2B248BE79615271876189FEB6F2A] - [15/03/2019 05:48:59] - |A| - [124928] - C:\Windows\syswow64\BrowserSettingSync.dll [MD5.55A5C226494526C328A165E56C0425CC] - [15/03/2019 05:49:02] - |A| - [48128] - C:\Windows\syswow64\ByteCodeGenerator.exe [MD5.00EF9C60666CD4AA5C834F87A0AD1236] - [15/03/2019 05:49:38] - |A| - [408576] - C:\Windows\syswow64\catsrvut.dll [MD5.A4ACB09E6AC6A2FC3D67324ECD39C9C6] - [15/03/2019 05:49:57] - |A| - [3181568] - C:\Windows\syswow64\cdp.dll [MD5.30C8254C86A845A641991B8D28DC9010] - [15/03/2019 05:49:18] - |A| - [938496] - C:\Windows\syswow64\cdprt.dll [MD5.FE233BF2695CD2835827DD34A28CA685] - [15/03/2019 05:51:23] - |A| - [6039040] - C:\Windows\syswow64\Chakra.dll [MD5.8E7BDED6AB621FAD6E8A76E793604D63] - [15/03/2019 05:49:43] - |A| - [79360] - C:\Windows\syswow64\Chakradiag.dll [MD5.8A04B69262DAEA010A34EB152BC6D49C] - [15/03/2019 05:49:13] - |A| - [76288] - C:\Windows\syswow64\cldapi.dll [MD5.FF27694FCFBEFA89CD9DA36A65316974] - [15/03/2019 05:49:13] - |A| - [236544] - C:\Windows\syswow64\CloudBackupSettings.dll [MD5.01D3FABF806DA11241F914F1B41CFB32] - [15/03/2019 05:51:04] - |A| - [354104] - C:\Windows\syswow64\CloudExperienceHostCommon.dll [MD5.F2C0A4009D5B447345E5F1F9AB673376] - [15/03/2019 05:49:17] - |A| - [77552] - C:\Windows\syswow64\CloudNotifications.exe [MD5.483DF47D6383D7E545180F767406E455] - [15/03/2019 05:49:21] - |A| - [166408] - C:\Windows\syswow64\CloudStorageWizard.exe [MD5.2D9C4EBB63E5C3C1B18DEB9071F8321E] - [15/03/2019 05:49:20] - |A| - [763904] - C:\Windows\syswow64\clusapi.dll [MD5.BC3B6239D0F74FFA152FCE165CFB6424] - [20/03/2019 13:00:06] - |A| - [267448] - C:\Windows\syswow64\cmdkbdcss32.dll [MD5.A6DE9F867ED5C583347ACE03AEF74A98] - [04/03/2019 22:34:52] - |A| - [373440] - C:\Windows\syswow64\cmdvrt32.dll [MD5.841942F548DC62C6D406B4891D3D63E0] - [15/03/2019 05:50:14] - |A| - [2381280] - C:\Windows\syswow64\combase.dll [MD5.814CFB7B6D61211C02A15BF1D3A192BE] - [15/03/2019 05:28:24] - |A| - [170920] - C:\Windows\syswow64\comct232.ocx [MD5.50F9E631CA79D0CE9C2F4143ED90C455] - [15/03/2019 05:28:24] - |A| - [416408] - C:\Windows\syswow64\comct332.ocx [MD5.307E2A8D261CDC3512D92AD064F5D3E7] - [15/03/2019 05:49:19] - |A| - [572312] - C:\Windows\syswow64\comctl32.dll [MD5.F5564D7F69C7BDEF4E078F610431D426] - [15/03/2019 05:28:24] - |A| - [617896] - C:\Windows\syswow64\comctl32.ocx [MD5.0A215C24A2EC8CCEC65F4192E5C57A83] - [15/03/2019 05:49:54] - |A| - [842240] - C:\Windows\syswow64\comdlg32.dll [MD5.9A4D0F97F0D84F877B388D4A12D90B6B] - [15/03/2019 05:28:24] - |A| - [163480] - C:\Windows\syswow64\comdlg32.ocx [MD5.FAA72D9619CE73852FBD248966EB6F17] - [15/03/2019 05:49:55] - |A| - [377864] - C:\Windows\syswow64\coml2.dll [MD5.CCCB515642FC67B25BD8F672177A0730] - [15/03/2019 05:49:22] - |A| - [116224] - C:\Windows\syswow64\ComposableShellProxyStub.dll [MD5.E960B5AF45C9A4080BF84BD337A5458C] - [15/03/2019 05:49:17] - |A| - [73424] - C:\Windows\syswow64\CompPkgSup.dll [MD5.F524BE75046D4CB3323AFFA297BA87B7] - [15/03/2019 05:49:06] - |A| - [288768] - C:\Windows\syswow64\compstui.dll [MD5.E3AEF9691884A39429097528ABBC42D1] - [15/03/2019 05:49:34] - |A| - [1353216] - C:\Windows\syswow64\comsvcs.dll [MD5.4187945869C7A57DE965F9BC83257899] - [15/03/2019 05:49:00] - |A| - [51200] - C:\Windows\syswow64\ContactActivation.dll [MD5.4C24C90FE03AAB4B95E0CED1A6BB7560] - [15/03/2019 05:49:24] - |A| - [149504] - C:\Windows\syswow64\container.dll [MD5.BE5F30C12439CDA8EFC46E7B8E817222] - [15/03/2019 05:50:07] - |A| - [1124768] - C:\Windows\syswow64\ContentDeliveryManager.Utilities.dll [MD5.80A292E1B756825A92D63FF970651F9A] - [15/03/2019 05:49:25] - |A| - [566568] - C:\Windows\syswow64\CoreMessaging.dll [MD5.C9AB5D0A1C62AFB1BE02EBBB24A2302C] - [15/03/2019 05:49:09] - |A| - [319488] - C:\Windows\syswow64\CoreShellAPI.dll [MD5.11501AFB44A172013463045AFB8EDB1B] - [15/03/2019 05:49:55] - |A| - [2314920] - C:\Windows\syswow64\CoreUIComponents.dll [MD5.F9D96C5F48913825BF3997F3DAA71182] - [15/03/2019 05:49:04] - |A| - [243712] - C:\Windows\syswow64\Cortana.Persona.dll [MD5.7A26208A1DC9AC89343FE3F969837294] - [15/03/2019 05:49:48] - |A| - [699904] - C:\Windows\syswow64\CPFilters.dll [MD5.04BB4B99A09E5F2F731FBD3DE7843FA4] - [15/03/2019 05:49:32] - |A| - [78336] - C:\Windows\syswow64\CredProv2faHelper.dll [MD5.BF0DD9BE96CCA1217B612E8395F35C3D] - [15/03/2019 05:49:57] - |A| - [381440] - C:\Windows\syswow64\CredProvDataModel.dll [MD5.BEC7C17D84AE27F739DBD7D3AA02DFFE] - [15/03/2019 05:49:40] - |A| - [218112] - C:\Windows\syswow64\credprovhost.dll [MD5.6087E891E4CE0A633C41A935914EDCCB] - [15/03/2019 05:49:39] - |A| - [192512] - C:\Windows\syswow64\credprovs.dll [MD5.56B10788B1272945A4612801736545EC] - [15/03/2019 05:48:57] - |A| - [19456] - C:\Windows\syswow64\credssp.dll [MD5.BD104AE1416B5B146071D2A06DBB1C86] - [15/03/2019 05:49:49] - |A| - [1575896] - C:\Windows\syswow64\crypt32.dll [MD5.BECA45641D7C13280B4CFD8048332E18] - [15/03/2019 05:49:39] - |A| - [547840] - C:\Windows\syswow64\cryptui.dll [MD5.B142E24CAFEEC3C4489B7F53E5EE3DE6] - [15/03/2019 05:49:30] - |A| - [143360] - C:\Windows\syswow64\cscript.exe [MD5.5FD2AB268E79600FED51E072EB69F8B2] - [20/03/2019 13:00:08] - |A| - [349496] - C:\Windows\syswow64\cssguard32.dll [MD5.5906AEDAD21BDB88A8C6100F43A7E9B5] - [15/03/2019 05:50:04] - |A| - [5279744] - C:\Windows\syswow64\d2d1.dll [MD5.1A5732AF2CD5F644AEF43A168753A20C] - [15/03/2019 05:50:49] - |A| - [5616088] - C:\Windows\syswow64\d3d10warp.dll [MD5.22DC4F2C169CF7D9D320FBA7ED5A6741] - [15/03/2019 05:50:21] - |A| - [2338272] - C:\Windows\syswow64\d3d11.dll [MD5.BEBBADCE3A72432C3DC0480303F739BA] - [15/03/2019 05:50:10] - |A| - [1123464] - C:\Windows\syswow64\D3D12.dll [MD5.DA426B074E12B3A47B848D2A31E66E1C] - [15/03/2019 05:50:08] - |A| - [1474680] - C:\Windows\syswow64\d3d9.dll [MD5.32BEFC02B90C23EF2D04E945790AFA85] - [15/03/2019 05:49:54] - |A| - [557056] - C:\Windows\syswow64\d3d9on12.dll [MD5.34061DA4AA9941B1FC8B6D0F48D89B77] - [15/03/2019 05:49:47] - |A| - [3648000] - C:\Windows\syswow64\D3DCompiler_47.dll [MD5.E01FB010191C5AD6923123B6FEB4CA85] - [15/03/2019 05:48:57] - |A| - [91648] - C:\Windows\syswow64\DafPrintProvider.dll [MD5.7654386CAEA3D5F306DFCB4BA852423D] - [15/03/2019 05:49:18] - |A| - [78848] - C:\Windows\syswow64\davclnt.dll [MD5.A67188E3CFAA0013A06A1ECA660942C7] - [15/03/2019 05:49:54] - |A| - [374272] - C:\Windows\syswow64\daxexec.dll [MD5.BA451393DE44C93814530A993D67DF72] - [15/03/2019 05:49:53] - |A| - [4839424] - C:\Windows\syswow64\dbgeng.dll [MD5.B4BC9143CC3E79BF54D56FAAEDD869CC] - [15/03/2019 05:49:11] - |A| - [471040] - C:\Windows\syswow64\DbgModel.dll [MD5.9981490539D5BBBC72FFBE3AB35BFCE7] - [15/03/2019 05:28:24] - |A| - [218776] - C:\Windows\syswow64\dblist32.ocx [MD5.877B7E3E7C3574DE6A4C4E890EABDC4F] - [28/03/2019 16:55:59] - |A| - [33200] - C:\Windows\syswow64\ddmdrv.sys [MD5.6FF3B140638AF46B588B69A787F55ACD] - [15/03/2019 05:49:31] - |A| - [1996800] - C:\Windows\syswow64\DeviceFlows.DataModel.dll [MD5.C8A81273DA2C3920E7033F0FF08DBFC2] - [15/03/2019 05:49:20] - |A| - [504832] - C:\Windows\syswow64\DevicePairing.dll [MD5.441987412F61E1DE5FF84F53886D79E4] - [15/03/2019 05:49:16] - |A| - [79256] - C:\Windows\syswow64\DeviceReactivation.dll [MD5.66EEE5CB93EB985144E37668D7102D72] - [15/03/2019 05:48:57] - |A| - [314880] - C:\Windows\syswow64\dhcpcore.dll [MD5.0D7BFC2A08BC5B523BF397B631DE9E3F] - [15/03/2019 05:48:57] - |A| - [257536] - C:\Windows\syswow64\dhcpcore6.dll [MD5.46FEF9525AD7BB9CC6E56774082640BA] - [15/03/2019 05:49:35] - |A| - [351232] - C:\Windows\syswow64\DictationManager.dll [MD5.FE5D6DB1A5FD75A8B2C628E6B2437BFF] - [15/03/2019 05:49:11] - |A| - [138752] - C:\Windows\syswow64\dinput.dll [MD5.40C907501CAFB63C0C5F8F430B61886F] - [15/03/2019 05:49:31] - |A| - [178176] - C:\Windows\syswow64\dinput8.dll [MD5.EE36877B858BC74D613CF34A1860D0E7] - [15/03/2019 05:48:59] - |A| - [17408] - C:\Windows\syswow64\dispex.dll [MD5.48FD4B9B94D69CD741380F7CD11CAFEE] - [15/03/2019 05:49:49] - |A| - [440832] - C:\Windows\syswow64\dmenrollengine.dll [MD5.677721DE2125B0B65EB52754591A8D56] - [15/03/2019 05:51:22] - |A| - [596648] - C:\Windows\syswow64\dnsapi.dll [MD5.082659C01AC2985A1D3A084F88CC8C94] - [15/03/2019 05:51:21] - |A| - [2465792] - C:\Windows\syswow64\dwmcore.dll [MD5.6C5F349F8960A861202A02F4B4F29A8A] - [15/03/2019 05:50:19] - |A| - [2577408] - C:\Windows\syswow64\DWrite.dll [MD5.066CB398DDE5E6A30DBAE15A1FC881C4] - [15/03/2019 05:49:58] - |A| - [590944] - C:\Windows\syswow64\dxgi.dll [MD5.A61ABAD4BCA6E78EB63AA79392C9CBFD] - [15/03/2019 05:49:21] - |A| - [910336] - C:\Windows\syswow64\dxilconv.dll [MD5.C2E45A1B7A9E64E556FB133972522297] - [15/03/2019 05:49:16] - |A| - [397824] - C:\Windows\syswow64\dxtmsft.dll [MD5.58069D702861D22CCEBF8E5BF73A47A0] - [15/03/2019 05:49:04] - |A| - [268288] - C:\Windows\syswow64\dxtrans.dll [MD5.DA2963537201D0CA86582BFD2367DD64] - [15/03/2019 05:51:05] - |A| - [18948096] - C:\Windows\syswow64\edgehtml.dll [MD5.90693C180091F9EE68D18DD75B51A4A9] - [15/03/2019 05:49:21] - |A| - [344576] - C:\Windows\syswow64\edgeIso.dll [MD5.9ACC2B31F85A19F38B125930A39B2E74] - [15/03/2019 05:49:21] - |A| - [155136] - C:\Windows\syswow64\EdgeManager.dll [MD5.20B198BCE18175872A30739A03C4AD3F] - [15/03/2019 05:48:59] - |A| - [174592] - C:\Windows\syswow64\EditionUpgradeHelper.dll [MD5.83FDC0F1671944CE208AF63A4950EF60] - [15/03/2019 05:49:43] - |A| - [662216] - C:\Windows\syswow64\EditionUpgradeManagerObj.dll [MD5.988381570DA910D027CE366374314E9D] - [15/03/2019 05:49:29] - |A| - [232960] - C:\Windows\syswow64\edputil.dll [MD5.C9764599F10D42020862F313DB492DD1] - [15/03/2019 05:49:51] - |A| - [466432] - C:\Windows\syswow64\efswrt.dll [MD5.CDE43F9933B41D6A209325929E55084F] - [15/03/2019 05:49:33] - |A| - [380928] - C:\Windows\syswow64\EncDec.dll [MD5.B1AB0C8429D62396A2E7F21C7171E35D] - [15/03/2019 05:49:01] - |A| - [181760] - C:\Windows\syswow64\enrollmentapi.dll [MD5.BEC53D453B0CA811A93207D469D75998] - [15/03/2019 05:49:00] - |A| - [16384] - C:\Windows\syswow64\EnterpriseAppMgmtClient.dll [MD5.7900AD6F9C1630DFA8F3802BFC61D435] - [15/03/2019 05:49:24] - |A| - [332288] - C:\Windows\syswow64\es.dll [MD5.8B61739D53D930459AEF0A45ACCBB50E] - [15/03/2019 05:50:03] - |A| - [662208] - C:\Windows\syswow64\evr.dll [MD5.D0DA38CCFF3CD23F74842E9350F4CC0A] - [15/03/2019 05:49:42] - |A| - [242176] - C:\Windows\syswow64\ExecModelClient.dll [MD5.78ECF80299B700E66486A2D58144A3B3] - [15/03/2019 05:50:26] - |A| - [3484848] - C:\Windows\syswow64\explorer.exe [MD5.051E1C425AFCCCA7774485EB2E016D94] - [15/03/2019 05:50:12] - |A| - [4384768] - C:\Windows\syswow64\ExplorerFrame.dll [MD5.7AEB8E015BA434B3053DE93D9EB057EB] - [15/03/2019 05:49:20] - |A| - [129536] - C:\Windows\syswow64\fdeploy.dll [MD5.1B96735472A878AD85592F0334EC25E3] - [15/03/2019 05:48:57] - |A| - [48128] - C:\Windows\syswow64\fdPnp.dll [MD5.BC8ED221EF952816388C3827FBD80D59] - [15/03/2019 05:49:02] - |A| - [28672] - C:\Windows\syswow64\fdProxy.dll [MD5.C7A76E53B32A2343F38E9CC9E828492D] - [15/03/2019 05:48:56] - |A| - [25088] - C:\Windows\syswow64\fdWNet.dll [MD5.AB37FC984562EF4B8F748AF49BB1231B] - [15/03/2019 05:51:21] - |A| - [374784] - C:\Windows\syswow64\FirewallAPI.dll [MD5.5A3BCFCCEAA2C9950532BCE313BAB55C] - [15/03/2019 07:34:34] - |A| - [2232] - C:\Windows\syswow64\FolderLockAdrv.inf [MD5.CCCE2AAEACFBEA0ABF62BF0C155CF783] - [15/03/2019 05:50:22] - |A| - [649208] - C:\Windows\syswow64\fontdrvhost.exe [MD5.047A3D70979DDDCB2C8B33F3B56F5E4B] - [15/03/2019 05:49:09] - |A| - [908800] - C:\Windows\syswow64\fontext.dll [MD5.7789D68CD7A3D608908CEB66EB38CADE] - [15/03/2019 05:49:21] - |A| - [96768] - C:\Windows\syswow64\fontsub.dll [MD5.6197BFFCE473AC63D8178BA2AE9C1EB2] - [15/03/2019 05:49:41] - |A| - [236032] - C:\Windows\syswow64\FSClient.dll [MD5.FB2F8886B7963FAE2D4E113BE6175EF0] - [15/03/2019 05:49:39] - |A| - [176128] - C:\Windows\syswow64\fwpolicyiomgr.dll [MD5.AC19F229838A89B6592CE78E8B8D88C3] - [15/03/2019 05:48:59] - |A| - [517632] - C:\Windows\syswow64\FXSCOMEX.dll [MD5.A285B7902E5629E804975398B842939D] - [15/03/2019 05:49:11] - |A| - [212992] - C:\Windows\syswow64\GameBarPresenceWriter.exe [MD5.5380B3B5DC8AE2FB386ABD060B47D00F] - [15/03/2019 05:49:26] - |A| - [963584] - C:\Windows\syswow64\GamePanel.exe [MD5.C492E666DE1589555FBC9B565CD8B6A3] - [15/03/2019 05:49:47] - |A| - [2413568] - C:\Windows\syswow64\gameux.dll [MD5.7EF681053E42D85DD92AC4191448FFF0] - [15/03/2019 05:49:40] - |A| - [136704] - C:\Windows\syswow64\gamingtcui.dll [MD5.A80CF168C3CF4650F02A27FA22873508] - [15/03/2019 05:49:27] - |A| - [133904] - C:\Windows\syswow64\gdi32.dll [MD5.ED76B21059A9394513E95602C9EE8C91] - [15/03/2019 05:50:28] - |A| - [1433264] - C:\Windows\syswow64\gdi32full.dll [MD5.47D8A84190782585108116822902B736] - [15/03/2019 05:49:46] - |A| - [1473024] - C:\Windows\syswow64\GdiPlus.dll [MD5.5CE936FD859679BCE159E0A8C4B94F69] - [15/03/2019 05:49:57] - |A| - [366592] - C:\Windows\syswow64\Geolocation.dll [MD5.1E91815C329345AD54FE08BF7A98F749] - [15/03/2019 05:50:37] - |A| - [4171264] - C:\Windows\syswow64\gnsdk_fp.dll [MD5.7F6A10AF073204F0BFEA03296A719DF8] - [04/03/2019 22:39:04] - |A| - [712224] - C:\Windows\syswow64\guard32.dll [MD5.5C93EAC5FFA5AAAEEE71E7AFB82AB13B] - [15/03/2019 05:49:20] - |A| - [225288] - C:\Windows\syswow64\HdcpHandler.dll [MD5.16308115D8C87AAF8D2FC684A8026905] - [15/03/2019 05:49:39] - |A| - [576512] - C:\Windows\syswow64\hgcpl.dll [MD5.A337279439568BDCEEFB66F0CCFEB2A3] - [15/03/2019 05:49:41] - |A| - [540672] - C:\Windows\syswow64\hhctrl.ocx [MD5.B50F5C1F65B53564DA720FACCFB88AA1] - [15/03/2019 05:49:18] - |A| - [99840] - C:\Windows\syswow64\hlink.dll [MD5.9FFDC8ED3B2261C6EC0EF2B4C893BD5B] - [15/03/2019 05:49:09] - |A| - [181760] - C:\Windows\syswow64\HoloShellRuntime.dll [MD5.0D39CE935744E80D4B17687967A6532D] - [15/03/2019 05:49:37] - |A| - [340480] - C:\Windows\syswow64\html.iec [MD5.D6DFCAAA26F7081B309CA16298523EC9] - [15/03/2019 05:49:23] - |A| - [230912] - C:\Windows\syswow64\icm32.dll [MD5.9D0FDC241ECD537B7DE219A98A726563] - [15/03/2019 05:49:35] - |RA| - [1640960] - C:\Windows\syswow64\icuin.dll [MD5.C18014A1063903CC299E4045C93F862B] - [15/03/2019 05:49:33] - |RA| - [1158656] - C:\Windows\syswow64\icuuc.dll [MD5.800427263F85FDB6DCB853AD54C41B0C] - [15/03/2019 05:49:04] - |A| - [96256] - C:\Windows\syswow64\IdCtrls.dll [MD5.5FFCF010BC7879214146ECEB661AC0F4] - [15/03/2019 05:48:59] - |A| - [120320] - C:\Windows\syswow64\IEAdvpack.dll [MD5.FF7A9609092DDB0AC946DBDEEEB497F8] - [15/03/2019 05:49:22] - |A| - [1474560] - C:\Windows\syswow64\ieapfltr.dll [MD5.AFBB00290D266FA72569731352E869BD] - [15/03/2019 05:49:15] - |A| - [344064] - C:\Windows\syswow64\iedkcs32.dll [MD5.DA269D4F2A46DB8567F1CB481B26B278] - [15/03/2019 05:50:20] - |A| - [11924992] - C:\Windows\syswow64\ieframe.dll [MD5.D9BBA1B7456562F484F2F1E79D7B1467] - [15/03/2019 05:49:00] - |A| - [133632] - C:\Windows\syswow64\iepeers.dll [MD5.427386173975A650828F079C15866EB1] - [15/03/2019 05:49:33] - |A| - [365568] - C:\Windows\syswow64\ieproxy.dll [MD5.D42F18F9E37C27A9238A2EC567B7B946] - [15/03/2019 05:48:58] - |A| - [38400] - C:\Windows\syswow64\iernonce.dll [MD5.408A86B0BCEE0EF829540FC3BD6D9013] - [15/03/2019 05:50:10] - |A| - [2217016] - C:\Windows\syswow64\iertutil.dll [MD5.C191093254976AD3589EA942D2BCF983] - [15/03/2019 05:48:58] - |A| - [70144] - C:\Windows\syswow64\iesetup.dll [MD5.088C6A5E7856CC582543485DE3E2A9C7] - [15/03/2019 05:48:59] - |A| - [98304] - C:\Windows\syswow64\iesysprep.dll [MD5.FF2EF8AF7DE0EA8FC5C2EC80950ECAF5] - [15/03/2019 05:49:40] - |A| - [475648] - C:\Windows\syswow64\ieui.dll [MD5.C1127463655F541956FF02A325996ECF] - [15/03/2019 05:48:53] - |A| - [3329] - C:\Windows\syswow64\ieuinit.inf [MD5.827E3C18E13B7FF90B7BB24FE78E3084] - [15/03/2019 05:49:00] - |A| - [123392] - C:\Windows\syswow64\ieUnatt.exe [MD5.5905887875F87E10146E301FC5F16347] - [15/03/2019 05:48:58] - |A| - [152064] - C:\Windows\syswow64\iexpress.exe [MD5.D9A3919CAE425168C8EAB63F3E820A37] - [15/03/2019 05:48:58] - |A| - [43520] - C:\Windows\syswow64\imgutil.dll [MD5.C5D273F400B8EE5BEB81097D3E4FAF04] - [15/03/2019 04:50:45] - |A| - [166520] - C:\Windows\syswow64\IMX241_FN50FF-562H_SKY.cpf [MD5.F609489142774262ABD4AB204E56C4D9] - [15/03/2019 04:50:45] - |A| - [171348] - C:\Windows\syswow64\IMX241_START2FRONT_SKY.cpf [MD5.B216175F6574C5D40A6BFFFEB28E8938] - [15/03/2019 04:50:45] - |A| - [171276] - C:\Windows\syswow64\IMX241_START2FRONT_SKY_Video.cpf [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - [15/03/2019 04:50:45] - |A| - [276840] - C:\Windows\syswow64\IMX258_START2REAR_SKY.cpf [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - [15/03/2019 04:50:45] - |A| - [276840] - C:\Windows\syswow64\IMX258_START2REAR_SKY_Video.cpf [MD5.BA829AECF1E87E08DFA61F0A3BD4AAF5] - [15/03/2019 05:49:48] - |A| - [897024] - C:\Windows\syswow64\inetcomm.dll [MD5.E1936270DC771A21C48700C309B6893B] - [15/03/2019 05:49:40] - |A| - [2014720] - C:\Windows\syswow64\inetcpl.cpl [MD5.268659BB0B0FB686FD7026251282C626] - [15/03/2019 05:48:58] - |A| - [84992] - C:\Windows\syswow64\INETRES.dll [MD5.4CED7C72B126C457F5E00A943B18B924] - [15/03/2019 05:49:21] - |A| - [149960] - C:\Windows\syswow64\InputHost.dll [MD5.50B7D9B4C9B97A008BEA00F118D6C4BB] - [15/03/2019 05:50:18] - |A| - [2349568] - C:\Windows\syswow64\InputService.dll [MD5.E8476A80897B574D8C15EFD7E3575CD8] - [15/03/2019 05:49:30] - |A| - [329728] - C:\Windows\syswow64\InputSwitch.dll [MD5.1F72A8E652C34C55029808FCD1AEA208] - [15/03/2019 05:48:58] - |A| - [97280] - C:\Windows\syswow64\inseng.dll [MD5.EFC0942C387256B31F304D3A1B24F136] - [15/03/2019 05:50:11] - |A| - [1008640] - C:\Windows\syswow64\InstallService.dll [MD5.F9744A07214F95169459D9F0630F0EEE] - [15/03/2019 05:00:46] - |A| - [180720] - C:\Windows\syswow64\intel_gfx_api-x86.dll [MD5.7EAE5AAA7F7392A361A67AA128AC53CF] - [15/03/2019 05:49:44] - |A| - [514560] - C:\Windows\syswow64\iprtrmgr.dll [MD5.F5BE56A8A18B3315935EE3AA8F920010] - [20/03/2019 13:00:45] - |A| - [205528] - C:\Windows\syswow64\iseguard32.dll [MD5.64E6A7C3561E12A93267FA497694D04C] - [15/03/2019 05:49:24] - |A| - [162304] - C:\Windows\syswow64\itircl.dll [MD5.D5384EAB3FCC04D3FE2D2C92F3995A31] - [15/03/2019 05:49:29] - |A| - [150528] - C:\Windows\syswow64\itss.dll [MD5.FDF2DF009331F6E04D03EBC8AFE1B00E] - [15/03/2019 05:48:58] - |A| - [72704] - C:\Windows\syswow64\JavaScriptCollectionAgent.dll [MD5.FEC559B53E3B0CBBB4858866659A9D37] - [15/03/2019 05:49:31] - |A| - [981504] - C:\Windows\syswow64\JpMapControl.dll [MD5.A874225CBD50744ADC1893B2DDF0123C] - [15/03/2019 05:51:27] - |A| - [664576] - C:\Windows\syswow64\jscript.dll [MD5.4319CE4F3CA748CACB6A1E80C546B46F] - [15/03/2019 05:51:26] - |A| - [3662336] - C:\Windows\syswow64\jscript9.dll [MD5.B3E8433F4EBB363174C44A29059BBC59] - [15/03/2019 05:49:37] - |A| - [539136] - C:\Windows\syswow64\jscript9diag.dll [MD5.EFDF3EEF2766F11078F720F726838B85] - [15/03/2019 05:50:05] - |A| - [773120] - C:\Windows\syswow64\kerberos.dll [MD5.F4EC8E1F0236746581356B806D7EE868] - [15/03/2019 05:49:22] - |A| - [47608] - C:\Windows\syswow64\kernel.appcore.dll [MD5.8AC413D8F541DAD9F516A1A14372B321] - [15/03/2019 05:49:33] - |A| - [595560] - C:\Windows\syswow64\kernel32.dll [MD5.64E7884B7FFCC1C924CDDADB7E95F04B] - [15/03/2019 05:50:00] - |A| - [1932216] - C:\Windows\syswow64\KernelBase.dll [MD5.52FA4FF4BC1865172AB3AD6DA6969B8F] - [15/03/2019 05:48:56] - |A| - [71680] - C:\Windows\syswow64\keyiso.dll [MD5.3AA9A2B7FB715C24C90AEB0A38E0F057] - [15/03/2019 05:49:06] - |A| - [233984] - C:\Windows\syswow64\ksproxy.ax [MD5.9CEED6E21BF4E53A3EE25D4624E3BC07] - [15/03/2019 05:50:10] - |A| - [749864] - C:\Windows\syswow64\LicenseManager.dll [MD5.09BAF8936A48665E1504D3E93D332E1E] - [15/03/2019 05:49:29] - |A| - [726544] - C:\Windows\syswow64\LicensingWinRT.dll [MD5.335EC3A0133B2C608B70496614DED4BA] - [15/03/2019 05:48:58] - |A| - [27136] - C:\Windows\syswow64\licmgr10.dll [MD5.EF0C1B809402E2291CF88AE7B3982E89] - [15/03/2019 05:49:49] - |A| - [804120] - C:\Windows\syswow64\locale.nls [MD5.F5225DFED4BFAE26CDFA8447E0F4CBF1] - [15/03/2019 05:49:07] - |A| - [44032] - C:\Windows\syswow64\LocationFrameworkInternalPS.dll [MD5.E8EB7F25B70B2DDAF4CCF7B4B4A47921] - [15/03/2019 05:49:19] - |A| - [27664] - C:\Windows\syswow64\LocationFrameworkPS.dll [MD5.9F087ACEF8B372C70455F6FFE99A8E1B] - [15/03/2019 05:49:58] - |A| - [456704] - C:\Windows\syswow64\LockAppBroker.dll [MD5.E9FFC3057B2D0C129FB623926C489C22] - [15/03/2019 05:49:16] - |A| - [186520] - C:\Windows\syswow64\logoncli.dll [MD5.2D426F46BF2AD22C46BF772F94481039] - [15/03/2019 05:49:38] - |A| - [731136] - C:\Windows\syswow64\Magnify.exe [MD5.0D70020EA9201DEF8A57DF7102490695] - [15/03/2019 05:49:17] - |A| - [356864] - C:\Windows\syswow64\MapConfiguration.dll [MD5.AE47D1F7EFC8271D464D5B8E5B2EADA6] - [15/03/2019 05:49:13] - |A| - [706048] - C:\Windows\syswow64\MapControlCore.dll [MD5.A101C673996272DFC20B07ABBC988231] - [15/03/2019 05:49:43] - |A| - [1948672] - C:\Windows\syswow64\MapGeocoder.dll [MD5.2DF6FBC6BDB50916328D0E5F7C87277C] - [15/03/2019 05:49:42] - |A| - [2409984] - C:\Windows\syswow64\MapRouter.dll [MD5.2BA5FA4EBFAA18C4915AB697D10AA9D6] - [15/03/2019 05:49:31] - |A| - [299008] - C:\Windows\syswow64\mcbuilder.exe [MD5.455941DE967B579A3D5D8066B8DE79FC] - [15/03/2019 05:28:25] - |A| - [212112] - C:\Windows\syswow64\mci32.ocx [MD5.AE1701B7048E97981DDB9D1F15EEDA91] - [15/03/2019 05:49:24] - |A| - [669184] - C:\Windows\syswow64\MCRecvSrc.dll [MD5.2A0C578A0F0D9281330CB0943F930337] - [15/03/2019 05:49:05] - |A| - [194560] - C:\Windows\syswow64\mdmregistration.dll [MD5.E5EBA18A6B253ED288A2EDDF8D8A1E81] - [15/03/2019 05:49:39] - |A| - [551696] - C:\Windows\syswow64\mf.dll [MD5.AC4C45B38D325A8567FDC77FB45F7606] - [15/03/2019 05:49:25] - |A| - [44544] - C:\Windows\syswow64\mf3216.dll [MD5.30FA7D73EBDC30392C73E2733F0116D9] - [15/03/2019 05:51:27] - |A| - [1377088] - C:\Windows\syswow64\mfasfsrcsnk.dll [MD5.88BEA7A2A26E0A6622ABC6F6148F5C00] - [28/03/2019 12:40:51] - |A| - [57344] - C:\Windows\syswow64\Mfc42loc.dll [MD5.5D3C0F40336B490EDE971C394CFB8F78] - [15/03/2019 05:28:25] - |A| - [1024000] - C:\Windows\syswow64\mfc70.dll [MD5.A4CCA3F3145BA93383DFB126EC61C695] - [15/03/2019 05:28:25] - |A| - [40960] - C:\Windows\syswow64\mfc70chs.dll [MD5.A0502BCED5C98A51E7E305029BD4009B] - [15/03/2019 05:28:25] - |A| - [45056] - C:\Windows\syswow64\mfc70cht.dll [MD5.054809EA25F0110122B17835E94848F2] - [15/03/2019 05:28:25] - |A| - [61440] - C:\Windows\syswow64\mfc70deu.dll [MD5.3F0E5AD6604D6585C2219D6688514817] - [15/03/2019 05:28:25] - |A| - [57344] - C:\Windows\syswow64\mfc70enu.dll [MD5.D88BE83455C13B80B1AB103E82052F33] - [15/03/2019 05:28:25] - |A| - [61440] - C:\Windows\syswow64\mfc70esp.dll [MD5.8F59C1FB4C18F08C0D4D24550E2F7375] - [15/03/2019 05:28:25] - |A| - [61440] - C:\Windows\syswow64\mfc70fra.dll [MD5.78C3F9FFBC860D2153D6470BC65556FE] - [15/03/2019 05:28:25] - |A| - [61440] - C:\Windows\syswow64\mfc70ita.dll [MD5.8448C67B7FF7A65AEAA25747D0E861B7] - [15/03/2019 05:28:25] - |A| - [49152] - C:\Windows\syswow64\mfc70jpn.dll [MD5.E83773E9ED198BB59C072B453AF4F797] - [15/03/2019 05:28:25] - |A| - [49152] - C:\Windows\syswow64\mfc70kor.dll [MD5.C440493ABF8CF179FF3351357C1EB426] - [15/03/2019 05:28:25] - |A| - [1017344] - C:\Windows\syswow64\mfc70u.dll [MD5.0EAD1C87DC75863E7CFF7B2691C1B90C] - [15/03/2019 05:28:25] - |A| - [1060864] - C:\Windows\syswow64\MFC71.dll [MD5.F0C3773C480C8E8FD8DD8BF82689D390] - [15/03/2019 05:28:25] - |A| - [40960] - C:\Windows\syswow64\MFC71CHS.DLL [MD5.B80E70737148130AC3975F84E88ED8B0] - [15/03/2019 05:28:25] - |A| - [45056] - C:\Windows\syswow64\MFC71CHT.DLL [MD5.92436C5844333188D8746079640419BF] - [15/03/2019 05:28:25] - |A| - [65536] - C:\Windows\syswow64\MFC71DEU.DLL [MD5.DF8241122459E097DD393B74D3ABF64E] - [15/03/2019 05:28:25] - |A| - [57344] - C:\Windows\syswow64\MFC71ENU.DLL [MD5.B1219D49B804F8D20D4A812E9AA773FB] - [15/03/2019 05:28:25] - |A| - [61440] - C:\Windows\syswow64\MFC71ESP.DLL [MD5.4CF93C1BD454AC576D787FC8256E3D58] - [15/03/2019 05:28:25] - |A| - [61440] - C:\Windows\syswow64\MFC71FRA.DLL [MD5.A31727B0310F97C279B4278A44D68F2E] - [15/03/2019 05:28:25] - |A| - [61440] - C:\Windows\syswow64\MFC71ITA.DLL [MD5.DCDB167567AAD5A54EF6096324F7A67B] - [15/03/2019 05:28:25] - |A| - [49152] - C:\Windows\syswow64\MFC71JPN.DLL [MD5.337E4EDA92C2858386E0072F604FE2D3] - [15/03/2019 05:28:25] - |A| - [49152] - C:\Windows\syswow64\MFC71KOR.DLL [MD5.E1F8293B0CDD3FEBD80A4879CA53B771] - [28/03/2019 12:40:51] - |N| - [61440] - C:\Windows\syswow64\MFC71LOC.DLL [MD5.1A53510BFE257CE75CB6EA4D596243BE] - [15/03/2019 05:28:25] - |A| - [1054208] - C:\Windows\syswow64\MFC71u.dll [MD5.10410E04AD337D4EC0DBCA9B02C5E4C9] - [15/03/2019 05:49:48] - |A| - [454080] - C:\Windows\syswow64\MFCaptureEngine.dll [MD5.7BA506818C5989032D4DB87A0F5C7638] - [15/03/2019 05:51:17] - |A| - [4668584] - C:\Windows\syswow64\mfcore.dll [MD5.EBB5B4DA61EF6C862F93BD672A2A141F] - [15/03/2019 05:49:44] - |A| - [201728] - C:\Windows\syswow64\mfksproxy.dll [MD5.3539091FB267DDB155936BD517388525] - [15/03/2019 05:50:31] - |A| - [4248064] - C:\Windows\syswow64\MFMediaEngine.dll [MD5.BACFC25E43BB8B5D6DECA0D4564004EC] - [15/03/2019 05:49:59] - |A| - [821248] - C:\Windows\syswow64\mfmkvsrcsnk.dll [MD5.DF37BC3CB604FE6D60FF200540227712] - [15/03/2019 05:51:22] - |A| - [2462704] - C:\Windows\syswow64\mfmp4srcsnk.dll [MD5.2D3C1ACA95568850D860DD9EB0FD80BC] - [15/03/2019 05:51:27] - |A| - [1017056] - C:\Windows\syswow64\mfmpeg2srcsnk.dll [MD5.5244E275BE355536AEF4BB53CFC41369] - [15/03/2019 05:50:12] - |A| - [1132088] - C:\Windows\syswow64\mfnetcore.dll [MD5.DA10E08DC258BAD3DC67EF59687C8EEB] - [15/03/2019 05:50:17] - |A| - [1652872] - C:\Windows\syswow64\mfnetsrc.dll [MD5.7D42FEA87A7B4E515CE07F538039E83D] - [15/03/2019 05:50:18] - |A| - [1524776] - C:\Windows\syswow64\mfplat.dll [MD5.1B297BD7736AAC76B6001EA0FE1195CD] - [15/03/2019 05:49:27] - |A| - [129088] - C:\Windows\syswow64\mfps.dll [MD5.9AE00438B293991B43F8BD7C59425815] - [15/03/2019 05:50:10] - |A| - [1033584] - C:\Windows\syswow64\mfreadwrite.dll [MD5.7F86306F9C91D63566556265E06D5381] - [15/03/2019 05:49:35] - |A| - [193248] - C:\Windows\syswow64\mfsensorgroup.dll [MD5.F85563A8D8A12E75AF2B1C9553343C1A] - [15/03/2019 05:51:26] - |A| - [1455704] - C:\Windows\syswow64\mfsrcsnk.dll [MD5.AE0F7535EF06AF37DD994D37E0761B67] - [15/03/2019 05:50:15] - |A| - [1149280] - C:\Windows\syswow64\mfsvr.dll [MD5.4676D80B0DF7C59350EE149737B00212] - [15/03/2019 05:49:32] - |A| - [133632] - C:\Windows\syswow64\Microsoft.Bluetooth.Proxy.dll [MD5.20F0FDEAB29EC969E542F92D56BC0A8A] - [15/03/2019 05:49:43] - |A| - [220672] - C:\Windows\syswow64\MicrosoftAccountWAMExtension.dll [MD5.2A13B01C0E7E877B7B5BF87D912FEAE7] - [15/03/2019 05:50:38] - |A| - [2864640] - C:\Windows\syswow64\mispace.dll [MD5.88E23DAF98F708E2803F1CA66DDEC081] - [15/03/2019 05:50:11] - |A| - [1488896] - C:\Windows\syswow64\mmc.exe [MD5.9C512EA78BCA946584B56C98E8D902C6] - [15/03/2019 05:49:01] - |A| - [301056] - C:\Windows\syswow64\mmcbase.dll [MD5.2C7E93985BF751751AE48EFCB171D870] - [15/03/2019 05:50:19] - |A| - [2427904] - C:\Windows\syswow64\mmcndmgr.dll [MD5.E7BF82A3DFC1BF2A12FFEA843E0181B3] - [15/03/2019 05:49:19] - |A| - [1428480] - C:\Windows\syswow64\mmgaclient.dll [MD5.3E2EA3513ED7AF84C367FE1DC7B70544] - [15/03/2019 05:49:00] - |A| - [62976] - C:\Windows\syswow64\mmgaproxystub.dll [MD5.F473FEA5123341991EA3ABCC3B6A3DFF] - [15/03/2019 05:49:09] - |A| - [1060352] - C:\Windows\syswow64\mmgaserver.exe [MD5.61A0E62679B865D98C941F8D58CB907B] - [28/03/2019 12:41:06] - |A| - [51712] - C:\Windows\syswow64\MMSwitch.ax [MD5.520F6CD243CC4981CAD66FBF33ED970E] - [15/03/2019 05:49:01] - |A| - [769536] - C:\Windows\syswow64\mmsys.cpl [MD5.334D8E404D831E4B6B311CFA58056B7D] - [15/03/2019 05:50:16] - |A| - [6118912] - C:\Windows\syswow64\mos.dll [MD5.51A96B6AAD0D10A2299EF336D7553817] - [15/03/2019 05:49:19] - |A| - [761856] - C:\Windows\syswow64\mprddm.dll [MD5.256A429526CE5148004AA2C9EFCA693E] - [15/03/2019 05:49:36] - |A| - [2680832] - C:\Windows\syswow64\MSAJApi.dll [MD5.061902202BF0DE086B9A148B2F40C352] - [15/03/2019 05:49:32] - |A| - [537088] - C:\Windows\syswow64\mscms.dll [MD5.8D8AAD175C9779503A68136E49EEA2B4] - [15/03/2019 05:28:25] - |A| - [660120] - C:\Windows\syswow64\mscomct2.ocx [MD5.766F501B61C22723536AF696A74133D4] - [15/03/2019 05:28:25] - |A| - [1070232] - C:\Windows\syswow64\mscomctl.ocx [MD5.D60FD0C924C0172B5AD2967E8473FFCD] - [15/03/2019 05:28:25] - |A| - [119960] - C:\Windows\syswow64\mscomm32.ocx [MD5.7951488EB6F201564D5C6D35B40452AB] - [15/03/2019 05:50:45] - |A| - [1323408] - C:\Windows\syswow64\msctf.dll [MD5.2B03DB1BC61E8D08C4DC721EE5FE0EC0] - [15/03/2019 05:49:07] - |A| - [91648] - C:\Windows\syswow64\msctfp.dll [MD5.552088FF7667D59E29D3231077B92D30] - [15/03/2019 05:28:25] - |A| - [279192] - C:\Windows\syswow64\msdatgrd.ocx [MD5.C0393287EC3D0098932BC6DD7753CE50] - [15/03/2019 05:28:25] - |A| - [253080] - C:\Windows\syswow64\msdatlst.ocx [MD5.2C0E473ABAA7F84F332F66C2221B3EB7] - [15/03/2019 05:48:56] - |A| - [707584] - C:\Windows\syswow64\msdtcprx.dll [MD5.959315775A3EDD649A7C6B535F6ED522] - [15/03/2019 05:50:10] - |A| - [340480] - C:\Windows\syswow64\msexcl40.dll [MD5.EE68EB9D3DD974FE30B4846F98F1CD94] - [15/03/2019 05:49:48] - |A| - [669184] - C:\Windows\syswow64\msfeeds.dll [MD5.6092BA0CC502F3F1E7C9E15AA7BC707E] - [15/03/2019 05:48:58] - |A| - [64000] - C:\Windows\syswow64\msfeedsbs.dll [MD5.2DAAB612B55CC7C09076C66492A8A4C7] - [15/03/2019 05:48:58] - |A| - [13824] - C:\Windows\syswow64\msfeedssync.exe [MD5.151229FE0011294475AF03E2FBBAF33B] - [15/03/2019 05:28:25] - |A| - [259736] - C:\Windows\syswow64\msflxgrd.ocx [MD5.ECAA3D1451DBAE5B5E8C69740BF88ECA] - [15/03/2019 05:50:19] - |A| - [2762752] - C:\Windows\syswow64\msftedit.dll [MD5.D19D5DDC8D6446B8E08161012461210D] - [15/03/2019 05:28:25] - |A| - [444328] - C:\Windows\syswow64\MShflxgd.ocx [MD5.7C94C627DB30B00F70E2911BFF2FD7EF] - [15/03/2019 05:48:58] - |A| - [13312] - C:\Windows\syswow64\mshta.exe [MD5.6025B350ACC9A6039AB24CB3F6C8DC78] - [15/03/2019 05:51:05] - |A| - [19360256] - C:\Windows\syswow64\mshtml.dll [MD5.53924134EA878417820AF4774C4B9E98] - [15/03/2019 05:48:58] - |A| - [64000] - C:\Windows\syswow64\MshtmlDac.dll [MD5.1761ECED62ADC975E957610823D2DE00] - [15/03/2019 05:49:03] - |A| - [78336] - C:\Windows\syswow64\mshtmled.dll [MD5.0DEEDA846B0B1671B79CFA587EABDBA3] - [15/03/2019 05:49:41] - |A| - [4057600] - C:\Windows\syswow64\msi.dll [MD5.B1DD9C48AA6DC1F2E236ADC96189319A] - [15/03/2019 05:49:25] - |A| - [59904] - C:\Windows\syswow64\msiexec.exe [MD5.BED46F55AF9A7B495EC0F2DE0CB5AD3F] - [15/03/2019 05:28:25] - |A| - [131728] - C:\Windows\syswow64\msinet.ocx [MD5.4605BDF100671FF0FFD1FF7940E15F51] - [15/03/2019 05:49:20] - |A| - [26112] - C:\Windows\syswow64\msisip.dll [MD5.400D7390199C64329F4336E0E9CCA83C] - [15/03/2019 05:49:21] - |A| - [369152] - C:\Windows\syswow64\msIso.dll [MD5.7B0E187A3A7AF49CA4F9936A70E5FBE2] - [15/03/2019 05:49:58] - |A| - [1311744] - C:\Windows\syswow64\msjet40.dll [MD5.9D1D5B434B7BC82A9167CA2D01000F78] - [15/03/2019 05:28:25] - |A| - [179352] - C:\Windows\syswow64\msmask32.ocx [MD5.17ED96A86D54827BE9BA2FAFC836C787] - [15/03/2019 05:50:15] - |A| - [2255112] - C:\Windows\syswow64\msmpeg2vdec.dll [MD5.541E45F0DE693BAAB7F8B40B488580A0] - [15/03/2019 05:49:01] - |A| - [97792] - C:\Windows\syswow64\msoert2.dll [MD5.3B55A4EB9AF85099BA665F370D16304B] - [15/03/2019 05:49:12] - |A| - [136704] - C:\Windows\syswow64\MSOpusDecoder.dll [MD5.29E1E6FF2BD32317ACBFFEBD2E811FC2] - [15/03/2019 05:49:00] - |A| - [6532096] - C:\Windows\syswow64\mspaint.exe [MD5.B9C0D4F2BF3BCA9A56FEF594CC5BE466] - [15/03/2019 05:49:10] - |A| - [1348608] - C:\Windows\syswow64\MSPhotography.dll [MD5.DB605CE020000C370781658FECF360D9] - [15/03/2019 05:48:56] - |A| - [10752] - C:\Windows\syswow64\msrating.dll [MD5.814C1DD90E113B094F5552B8FC1313C4] - [15/03/2019 05:49:40] - |A| - [313344] - C:\Windows\syswow64\msrd2x40.dll [MD5.C695EE1CC3B37ED20FC1A95E59340F3F] - [15/03/2019 05:49:52] - |A| - [352768] - C:\Windows\syswow64\msrd3x40.dll [MD5.A4930013B4BCCE83018A5EFD0C088999] - [15/03/2019 05:49:22] - |A| - [101376] - C:\Windows\syswow64\msscript.ocx [MD5.0D5A7783A481F02BED5A0A564B6D8439] - [15/03/2019 05:49:58] - |A| - [713216] - C:\Windows\syswow64\MsSpellCheckingFacility.dll [MD5.A36A1DF2C27D4431FFF933B69CFE3454] - [15/03/2019 05:49:18] - |A| - [145408] - C:\Windows\syswow64\mssph.dll [MD5.5C0084DBF9979BA50D52A0574D36A3E5] - [15/03/2019 05:49:09] - |A| - [59392] - C:\Windows\syswow64\mssprxy.dll [MD5.F61FE819F1BC3268202DB4D33774B302] - [15/03/2019 05:50:27] - |A| - [2184192] - C:\Windows\syswow64\mssrch.dll [MD5.1E27A0F62EBE8277C61B89C3747CC45D] - [15/03/2019 05:28:25] - |A| - [130712] - C:\Windows\syswow64\msstdfmt.dll [MD5.FC1E1896F31DAE6E8C68D95A645C9B1A] - [15/03/2019 05:28:26] - |A| - [108696] - C:\Windows\syswow64\MSSTKPRP.DLL [MD5.31FC6327F8320A4BE68E14F17A5D2CA2] - [15/03/2019 05:49:39] - |A| - [721920] - C:\Windows\syswow64\mssvp.dll [MD5.CF8964466D129910CE72AE661EAF58D9] - [15/03/2019 05:50:08] - |A| - [3430400] - C:\Windows\syswow64\mstsc.exe [MD5.E0C1AEAC44C2B80385C1CEC679DEE48F] - [15/03/2019 05:50:34] - |A| - [7813120] - C:\Windows\syswow64\mstscax.dll [MD5.AEECB1770D0BD0B513B30AD700EC0EA6] - [15/03/2019 05:50:45] - |A| - [353080] - C:\Windows\syswow64\msv1_0.dll [MD5.D577EAF2B7E74DFDA9D9DFF6DC54C37A] - [15/03/2019 05:28:29] - |A| - [1355776] - C:\Windows\syswow64\msvbvm50.dll [MD5.07B8A966FA4D08B797DE3FCC5C67EAB6] - [15/03/2019 05:28:26] - |A| - [54784] - C:\Windows\syswow64\msvci70.dll [MD5.35E8431ACDDB1F236393CF661738F5FD] - [15/03/2019 05:49:31] - |A| - [417368] - C:\Windows\syswow64\msvcp110_win.dll [MD5.D04F7AACA2319A3BCDB2C5D5DD6F6026] - [15/03/2019 05:28:26] - |A| - [487424] - C:\Windows\syswow64\MSVCP70.DLL [MD5.1874BBAD9AE4C993B74B7ABAA8B9D535] - [15/03/2019 05:28:26] - |A| - [503808] - C:\Windows\syswow64\msvcp71.dll [MD5.67097B9C1F179BF217E79500343F43CE] - [15/03/2019 05:49:30] - |A| - [505064] - C:\Windows\syswow64\msvcp_win.dll [MD5.8D8A3965D5D4CCBBE4489DA028CEF6FC] - [15/03/2019 05:28:26] - |A| - [339968] - C:\Windows\syswow64\msvcr70.dll [MD5.837B1E310F2AA8B20F07A9B1CE90AC4F] - [15/03/2019 05:28:26] - |A| - [344064] - C:\Windows\syswow64\msvcr71.dll [MD5.C52BF7DC4864653FFF45ECC634B65F9B] - [15/03/2019 05:49:14] - |A| - [769096] - C:\Windows\syswow64\msvcrt.dll [MD5.DF252F37880142ED5574C2BE4DADF5A7] - [15/03/2019 05:28:26] - |A| - [210944] - C:\Windows\syswow64\msvcrt10.dll [MD5.0664ECFC89D1B287860A71FA38033CF7] - [15/03/2019 05:50:18] - |A| - [2329088] - C:\Windows\syswow64\MSVidCtl.dll [MD5.F9DD92E21937DC1354EDF46339582F25] - [15/03/2019 05:49:22] - |A| - [574960] - C:\Windows\syswow64\MSVideoDSP.dll [MD5.C31B3A1DD41B538A860C3A668DC080D0] - [15/03/2019 05:50:08] - |A| - [1383784] - C:\Windows\syswow64\MSVP9DEC.dll [MD5.76B3FA6E953A4B74AEE658AC7B5C95C2] - [15/03/2019 05:49:36] - |A| - [1057728] - C:\Windows\syswow64\msvproc.dll [MD5.7D95EC69DC6A976E3ACC9F3D9C920C07] - [15/03/2019 05:49:28] - |A| - [1286656] - C:\Windows\syswow64\MSVPXENC.dll [MD5.57325D394119DB3D3B3CF8A3BBFDA5CA] - [15/03/2019 05:28:26] - |A| - [127640] - C:\Windows\syswow64\mswinsck.ocx [MD5.D35B65954312CDFEB0568EF262BADF49] - [15/03/2019 05:50:33] - |A| - [1588224] - C:\Windows\syswow64\msxml3.dll [MD5.6CC314919E92D9C3E76568B397E17E68] - [15/03/2019 05:50:08] - |A| - [1991600] - C:\Windows\syswow64\msxml6.dll [MD5.62C208F510D0A8F18F43DE85B809AE84] - [15/03/2019 05:49:47] - |A| - [275968] - C:\Windows\syswow64\ncryptprov.dll [MD5.7887DD78F1017ED6154C7B5E988D7F03] - [15/03/2019 05:49:32] - |A| - [105384] - C:\Windows\syswow64\ncryptsslp.dll [MD5.5F7E26B061421A442D4C28D87E62E679] - [15/03/2019 05:48:58] - |A| - [20480] - C:\Windows\syswow64\netevent.dll [MD5.453191DC1804BEA45BEB335D2675A03E] - [15/03/2019 05:49:46] - |A| - [658432] - C:\Windows\syswow64\netlogon.dll [MD5.5063C164CDB4914B96371AAF9DEB4E64] - [15/03/2019 05:49:01] - |A| - [221184] - C:\Windows\syswow64\netplwiz.dll [MD5.D8127658477648CF075A82AF48DED62E] - [15/03/2019 05:49:50] - |A| - [564640] - C:\Windows\syswow64\NetSetupEngine.dll [MD5.100BEC7126E447EA89C2EE2ADA9C2A10] - [15/03/2019 05:49:17] - |A| - [343552] - C:\Windows\syswow64\NetSetupShim.dll [MD5.E5C0E7E39674279CD6F52E00AAFB59CC] - [15/03/2019 05:49:13] - |A| - [480768] - C:\Windows\syswow64\NetworkCollectionAgent.dll [MD5.B8D9DA34E644EEE70610C6BC49F3AAFA] - [15/03/2019 05:49:37] - |A| - [483328] - C:\Windows\syswow64\newdev.dll [MD5.3B6F976D4AA6D833E77E14C1FACD58F8] - [15/03/2019 05:49:49] - |A| - [571904] - C:\Windows\syswow64\ngccredprov.dll [MD5.24A62781F7809C726BBFDA5A6A28C181] - [15/03/2019 05:49:01] - |A| - [124928] - C:\Windows\syswow64\ngckeyenum.dll [MD5.A4030310418CD237246C95A1D216C9B9] - [15/03/2019 05:49:46] - |A| - [322560] - C:\Windows\syswow64\ninput.dll [MD5.56C81BBD2C727B43ABC5FC7B135D3BA5] - [15/03/2019 05:49:14] - |A| - [63488] - C:\Windows\syswow64\nlaapi.dll [MD5.6482CB48283F621622F3933632ED2411] - [15/03/2019 05:48:59] - |A| - [18432] - C:\Windows\syswow64\nlmproxy.dll [MD5.4534BF48A1B42E0E16F0ACDCF677C65D] - [15/03/2019 05:49:28] - |A| - [743424] - C:\Windows\syswow64\NMAA.dll [MD5.7C94270D6FA438A9690F2FEC69E0544C] - [15/03/2019 05:48:59] - |A| - [256512] - C:\Windows\syswow64\NmaDirect.dll [MD5.B75EC2E0F9CEDCF922C7E7975F736B2A] - [15/03/2019 05:49:00] - |A| - [282624] - C:\Windows\syswow64\NotificationObjFactory.dll [MD5.F8D0DEEB9DB14FCD6B6E89A0BEFE1F7F] - [15/03/2019 05:49:13] - |A| - [21504] - C:\Windows\syswow64\npmproxy.dll [MD5.1E60A516C148F6A14FBEBBD6E84C2143] - [15/03/2019 05:49:17] - |A| - [35328] - C:\Windows\syswow64\nshhttp.dll [MD5.C1322631C502879B140DFAE9582E4C8A] - [15/03/2019 05:50:34] - |A| - [1614560] - C:\Windows\syswow64\ntdll.dll [MD5.B6CB4D3AD73A2E75826CE2C900EE5BE7] - [15/03/2019 05:49:20] - |A| - [33240] - C:\Windows\syswow64\NtlmShared.dll [MD5.449EC93966F08434A78DD2E260F61419] - [15/03/2019 05:49:00] - |A| - [796160] - C:\Windows\syswow64\ntshrui.dll [MD5.591E81D5E8CF862D6F12C2E2E53D87C1] - [15/03/2019 07:34:09] - |A| - [40960] - C:\Windows\syswow64\nwsftUninstall.exe [MD5.CD54AE745B0BC46EEE0F858524B796FF] - [15/03/2019 05:49:01] - |A| - [126464] - C:\Windows\syswow64\occache.dll [MD5.8BAFC41F2F6704B6752C345789222BF3] - [15/03/2019 05:48:58] - |A| - [24064] - C:\Windows\syswow64\odbcconf.dll [MD5.1279BCEF6FC0D14701B64CC2ABA5BFB3] - [15/03/2019 05:49:28] - |A| - [115104] - C:\Windows\syswow64\offlinelsa.dll [MD5.BF45A980F336B7EC2778AE317032396B] - [15/03/2019 05:49:21] - |A| - [221496] - C:\Windows\syswow64\offlinesam.dll [MD5.0987DE12F35268B4ACE122BD49275504] - [15/03/2019 05:48:57] - |A| - [58880] - C:\Windows\syswow64\offreg.dll [MD5.039D506BC23A03C3441DD96377627DB3] - [15/03/2019 05:49:45] - |A| - [1002552] - C:\Windows\syswow64\ole32.dll [MD5.B02F7E2A8233C88D4907A1F2831CB4C4] - [15/03/2019 05:49:41] - |A| - [595528] - C:\Windows\syswow64\oleaut32.dll [MD5.326DBB76161432BB0E2E97C493144D59] - [15/03/2019 05:48:59] - |A| - [89088] - C:\Windows\syswow64\olepro32.dll [MD5.850662AE177AE0F2F59FE73BA38E4AA3] - [15/03/2019 05:49:15] - |A| - [196096] - C:\Windows\syswow64\OneCoreCommonProxyStub.dll [MD5.39C1BD1C25576FAE97D0F2C108946031] - [15/03/2019 05:50:09] - |A| - [2993728] - C:\Windows\syswow64\OneCoreUAPCommonProxyStub.dll [MD5.2FEC4165D32E4586D4E7F7CE2A2C8334] - [15/03/2019 05:49:56] - |A| - [534016] - C:\Windows\syswow64\OneDriveSettingSyncProvider.dll [MD5.3480674AB5CB33E9765554C691E5A08A] - [15/03/2019 05:49:18] - |A| - [649672] - C:\Windows\syswow64\ortcengine.dll [MD5.2B87AEEC9C40E28B79BC88BEADF868C6] - [15/03/2019 05:49:25] - |A| - [174592] - C:\Windows\syswow64\P2P.dll [MD5.686DF71AEAC3A14506D549579BEC111D] - [15/03/2019 05:49:13] - |A| - [662528] - C:\Windows\syswow64\PayloadRestrictions.dll [MD5.FC0831DE773FEDF6A050CE02955C6D4F] - [15/03/2019 05:49:16] - |A| - [13312] - C:\Windows\syswow64\PCShellCommonProxyStub.dll [MD5.8C0C30BDD3CE3FC34A59B4B101162ED3] - [15/03/2019 05:48:56] - |A| - [21504] - C:\Windows\syswow64\perfhost.exe [MD5.00CB919465D369EFEEB6206B7329A7D7] - [15/03/2019 05:49:13] - |A| - [22016] - C:\Windows\syswow64\perfnet.dll [MD5.341E09E0EFC804C0F7C23AF8F3EBE6D7] - [15/03/2019 05:49:32] - |A| - [336384] - C:\Windows\syswow64\PhotoMetadataHandler.dll [MD5.7DB44D8D5AAA1890044E8B9EE2E4BF50] - [15/03/2019 05:28:26] - |A| - [104088] - C:\Windows\syswow64\picclp32.ocx [MD5.643981D9878EE7AE4407831B309A624A] - [15/03/2019 05:48:57] - |A| - [51712] - C:\Windows\syswow64\PimIndexMaintenanceClient.dll [MD5.353D58208E390A3E97960D9132549F54] - [15/03/2019 05:48:58] - |A| - [57856] - C:\Windows\syswow64\pngfilt.dll [MD5.3424A8C1C1098B7B5253A0160130F546] - [15/03/2019 05:49:46] - |A| - [422592] - C:\Windows\syswow64\policymanager.dll [MD5.0D04383FCB59738452E14D764A048A6D] - [15/03/2019 05:49:00] - |A| - [16384] - C:\Windows\syswow64\PrintWorkflowProxy.dll [MD5.E6D15A1014B17B001DC9D24A625C878C] - [15/03/2019 05:49:01] - |A| - [136192] - C:\Windows\syswow64\PrintWorkflowService.dll [MD5.02126DC60E05CABB9048A23A0F638763] - [15/03/2019 05:49:52] - |A| - [1555904] - C:\Windows\syswow64\propsys.dll [MD5.05AE52B85897B127FB41EDA66DE27F71] - [15/03/2019 05:49:03] - |A| - [175104] - C:\Windows\syswow64\puiapi.dll [MD5.2302BC814B4C3EED1803F742CF53A13D] - [15/03/2019 05:49:42] - |A| - [380416] - C:\Windows\syswow64\puiobj.dll [MD5.D135E6F9EDDBC13B4FBA15BDD34E7067] - [15/03/2019 05:49:59] - |A| - [1508864] - C:\Windows\syswow64\quartz.dll [MD5.0B0C861030404F800AD1B3AED3ECCF6F] - [15/03/2019 05:50:10] - |A| - [862208] - C:\Windows\syswow64\rasapi32.dll [MD5.4412AB1AD854AEA2236BA91F76025854] - [15/03/2019 05:49:27] - |A| - [118272] - C:\Windows\syswow64\raschap.dll [MD5.8C7F032B5C4C5F57215C194CA0C5E306] - [15/03/2019 05:49:58] - |A| - [862208] - C:\Windows\syswow64\rasdlg.dll [MD5.03D830B99C082FF00BD47B3BB87A216A] - [15/03/2019 05:49:39] - |A| - [856576] - C:\Windows\syswow64\rasgcw.dll [MD5.5A7236224908F9D1F6EFDC4B75EEDDCB] - [15/03/2019 05:49:29] - |A| - [447488] - C:\Windows\syswow64\rastls.dll [MD5.3B033A0E5B95423CA7CD246D0634E530] - [15/03/2019 05:49:49] - |A| - [956928] - C:\Windows\syswow64\rdpbase.dll [MD5.63FE21A2435A312D0F7603F528624EFC] - [15/03/2019 05:50:00] - |A| - [535552] - C:\Windows\syswow64\rdpcore.dll [MD5.90E4D8B9C5E893D78CD430A937407639] - [15/03/2019 05:50:06] - |A| - [1486336] - C:\Windows\syswow64\rdpserverbase.dll [MD5.96AA838D5326B695FE4B613A0B355232] - [15/03/2019 05:49:12] - |A| - [20992] - C:\Windows\syswow64\regsvr32.exe [MD5.925B241FD4D12B6C6D97313468AC8140] - [15/03/2019 05:49:22] - |A| - [74896] - C:\Windows\syswow64\remoteaudioendpoint.dll [MD5.EC63553E52300A5DCB387D83590C32D5] - [15/03/2019 05:49:25] - |A| - [472576] - C:\Windows\syswow64\resutils.dll [MD5.14BB5CF93C7D69D019423C73C60AA856] - [15/03/2019 05:28:27] - |A| - [219288] - C:\Windows\syswow64\richtx32.ocx [MD5.629AC8C9CBDD74B8B9D54DB513F8D79F] - [15/03/2019 05:49:17] - |A| - [99240] - C:\Windows\syswow64\rmclient.dll [MD5.94D04AE05FA75D5F094CA316E243BEB2] - [15/03/2019 05:49:39] - |A| - [777536] - C:\Windows\syswow64\rpcrt4.dll [MD5.F93F223D2BE61294ABBAE7DAC50A1275] - [15/03/2019 05:49:42] - |A| - [185896] - C:\Windows\syswow64\rsaenh.dll [MD5.B98FC4E03EFE0A4618F55B717999EC2A] - [15/03/2019 05:49:56] - |A| - [854976] - C:\Windows\syswow64\rtmcodecs.dll [MD5.54108324F0174686F66C600FEA060118] - [15/03/2019 05:49:27] - |A| - [340480] - C:\Windows\syswow64\RTMediaFrame.dll [MD5.470EE236394512EA55E79369CED249F8] - [15/03/2019 05:49:18] - |A| - [54720] - C:\Windows\syswow64\rtmmvrortc.dll [MD5.8159946E891BA8883942F43B10DF9EEF] - [15/03/2019 05:50:04] - |A| - [921032] - C:\Windows\syswow64\rtmpal.dll [MD5.193F73A6EF5E9C8504578604FDC0642D] - [15/03/2019 05:50:30] - |A| - [3903944] - C:\Windows\syswow64\rtmpltfm.dll [MD5.B37F4F7B61970640DC868578C964A5C8] - [15/03/2019 05:49:36] - |A| - [140592] - C:\Windows\syswow64\RTWorkQ.dll [MD5.C24BFF718FB7BB2CEEC1E9553502E28C] - [15/03/2019 05:49:55] - |A| - [406016] - C:\Windows\syswow64\schannel.dll [MD5.4EB3248D1CC646AED08953D6BD2A4522] - [15/03/2019 05:49:34] - |A| - [235520] - C:\Windows\syswow64\scksp.dll [MD5.36848C43D7F65EBCD6E6FC4F63EFA252] - [15/03/2019 05:49:35] - |A| - [206336] - C:\Windows\syswow64\scrobj.dll [MD5.550CCC568DC5A3067150E6080D21022C] - [15/03/2019 05:49:31] - |A| - [166912] - C:\Windows\syswow64\scrrun.dll [MD5.D1B57B22749620EC2C0D43BDC3692487] - [15/03/2019 05:49:23] - |A| - [288768] - C:\Windows\syswow64\Search.ProtocolHandler.MAPI2.dll [MD5.CD5C635A1900BC617D1F8D7476CC96B3] - [15/03/2019 05:49:04] - |A| - [199680] - C:\Windows\syswow64\SearchFilterHost.exe [MD5.CE1C89BC34B4818C185E9BB045CB4BCF] - [15/03/2019 05:50:06] - |A| - [826880] - C:\Windows\syswow64\SearchIndexer.exe [MD5.E64748AEA2096FC5D4218BD7B8A120F4] - [15/03/2019 05:49:22] - |A| - [324608] - C:\Windows\syswow64\SearchProtocolHost.exe [MD5.40FB50AE0B91EEF97AB98C9F4AB445DC] - [15/03/2019 05:49:36] - |A| - [268536] - C:\Windows\syswow64\sechost.dll [MD5.D7AB2A83F76824232D3369961B3E896A] - [15/03/2019 05:49:13] - |A| - [23040] - C:\Windows\syswow64\secur32.dll [MD5.F405B01AD58218BC0C02DDF3D28A5557] - [15/03/2019 05:49:02] - |A| - [124928] - C:\Windows\syswow64\sendmail.dll [MD5.A3941E454899041C8D860119B9918237] - [15/03/2019 05:48:57] - |A| - [339456] - C:\Windows\syswow64\SessEnv.dll [MD5.4DC52A665378788E2B6F8748D673E693] - [15/03/2019 05:49:42] - |A| - [169472] - C:\Windows\syswow64\SettingMonitor.dll [MD5.D52C744E0F22E970088268FB78D40476] - [15/03/2019 05:49:53] - |A| - [402432] - C:\Windows\syswow64\SettingSync.dll [MD5.B5EE49FF45E707B724F3D8D8A28BC018] - [15/03/2019 05:50:05] - |A| - [935424] - C:\Windows\syswow64\SettingSyncCore.dll [MD5.ADC122BCCFDEC09B043CF2E5ED5C184E] - [15/03/2019 05:50:09] - |A| - [832952] - C:\Windows\syswow64\SettingSyncHost.exe [MD5.EF021A2F0460523591D478A64FE2879B] - [15/03/2019 05:49:13] - |A| - [74240] - C:\Windows\syswow64\SettingSyncPolicy.dll [MD5.52FF3F6896651EE727063028E5452439] - [15/03/2019 05:49:11] - |A| - [26112] - C:\Windows\syswow64\setup16.exe [MD5.F254DD8493F7F749A7992D66FFD27C49] - [15/03/2019 05:49:54] - |A| - [4382032] - C:\Windows\syswow64\setupapi.dll [MD5.97E37B7DC478FB28B09D770716A7B3F0] - [15/03/2019 05:50:10] - |A| - [997376] - C:\Windows\syswow64\ShareHost.dll [MD5.5FD02663F35F9A3F1B19E807B6114EE7] - [15/03/2019 05:49:53] - |A| - [550176] - C:\Windows\syswow64\SHCore.dll [MD5.B24A534E5E9310D6B91B3E3895333A1C] - [15/03/2019 05:50:16] - |A| - [20290152] - C:\Windows\syswow64\shell32.dll [MD5.4B5FFEB58E510852D07C9FF26B668F86] - [15/03/2019 05:49:16] - |A| - [279472] - C:\Windows\syswow64\shlwapi.dll [MD5.76BBDE4C2A91DBB4CD656CC2840ADB80] - [15/03/2019 05:49:27] - |A| - [110080] - C:\Windows\syswow64\shsetup.dll [MD5.D0E732A3FC63AB837B6BC6D9D223AA68] - [15/03/2019 05:49:06] - |A| - [19456] - C:\Windows\syswow64\slcext.dll [MD5.C66166250655AFB521129231208F318D] - [15/03/2019 05:50:05] - |A| - [625152] - C:\Windows\syswow64\SmartcardCredentialProvider.dll [MD5.D8F78BF3BECBA3E4083725B95A55D14F] - [15/03/2019 05:49:14] - |A| - [160256] - C:\Windows\syswow64\smartscreenps.dll [MD5.9C9D0C423707637BFAECF4EF7B9D37D6] - [15/03/2019 05:49:34] - |A| - [676352] - C:\Windows\syswow64\SndVolSSO.dll [MD5.AEB41C580C4011E803980921D68560B4] - [15/03/2019 05:49:28] - |A| - [156672] - C:\Windows\syswow64\spacebridge.dll [MD5.9EB21EE497A716717E015B17DD38636C] - [15/03/2019 05:49:04] - |A| - [271872] - C:\Windows\syswow64\SpatializerApo.dll [MD5.34D737A0D07277088D5E50FA5B4293E9] - [15/03/2019 05:49:07] - |A| - [481792] - C:\Windows\syswow64\sppcext.dll [MD5.10204B5E7BFF059D87848F0BD0E0F0E9] - [15/03/2019 05:49:28] - |A| - [403968] - C:\Windows\syswow64\sppcomapi.dll [MD5.86FC1A7104F34A974834C58B8544EDCD] - [15/03/2019 05:48:59] - |A| - [332288] - C:\Windows\syswow64\srchadmin.dll [MD5.130EEB06981B74AAA69A25130BCA47DA] - [15/03/2019 05:50:17] - |A| - [2859520] - C:\Windows\syswow64\SRH.dll [MD5.D367F1A5FEE392A9E6075949A45ACCF3] - [15/03/2019 05:49:26] - |A| - [126976] - C:\Windows\syswow64\srpapi.dll [MD5.BC569AB0944D0FD78B84AFFE4B52BD8D] - [15/03/2019 05:50:44] - |A| - [123616] - C:\Windows\syswow64\sspicli.dll [MD5.A1F910366AE150EA2215A9C94526B703] - [15/03/2019 05:50:14] - |A| - [527864] - C:\Windows\syswow64\StateRepository.Core.dll [MD5.A608CA372905FB1D36A735343451FE58] - [15/03/2019 05:49:36] - |A| - [383488] - C:\Windows\syswow64\stobject.dll [MD5.2F8D43F082459EA107705677D99AA420] - [15/03/2019 05:48:57] - |A| - [1980928] - C:\Windows\syswow64\storagewmi.dll [MD5.75B34450304498DD42B7CAFC67D9F1A2] - [15/03/2019 05:50:02] - |A| - [559984] - C:\Windows\syswow64\StructuredQuery.dll [MD5.42EB38A0D300A8723794659F6957FE93] - [15/03/2019 05:49:34] - |A| - [653312] - C:\Windows\syswow64\sud.dll [MD5.7DF30A0CF7DE5DF85B5DB2645F161817] - [15/03/2019 05:49:41] - |A| - [3287040] - C:\Windows\syswow64\SyncCenter.dll [MD5.27FF5A1AA9858C2D4F0A0416C3501DD7] - [15/03/2019 05:49:02] - |A| - [524800] - C:\Windows\syswow64\SyncController.dll [MD5.90AD1B513F3D0FFFFAEC3B5D678FDE1C] - [15/03/2019 05:49:43] - |A| - [243200] - C:\Windows\syswow64\SyncSettings.dll [MD5.D06C58D3691A7F09A36923291E9915EF] - [15/03/2019 05:49:06] - |A| - [315904] - C:\Windows\syswow64\sysdm.cpl [MD5.25A010E52C6B8C94C1F00A849D210433] - [15/03/2019 05:28:27] - |A| - [84624] - C:\Windows\syswow64\sysinfo.ocx [MD5.8D2AF16B17FA7FF098A4F084CCF52747] - [15/03/2019 05:49:55] - |A| - [133632] - C:\Windows\syswow64\t2embed.dll [MD5.3F2B4D475AC8ED3F30E5A857EE413F7F] - [15/03/2019 05:28:27] - |A| - [222360] - C:\Windows\syswow64\tabctl32.ocx [MD5.AC42C6689277F98B4A7FA0A18B393E96] - [15/03/2019 05:48:57] - |A| - [371200] - C:\Windows\syswow64\taskcomp.dll [MD5.A4A6D271FE357663479CCEFD9C620AF1] - [15/03/2019 05:50:02] - |A| - [1250528] - C:\Windows\syswow64\Taskmgr.exe [MD5.7CED307FA413C9BA1E8D762CEA00C770] - [15/03/2019 05:48:58] - |A| - [30720] - C:\Windows\syswow64\tbauth.dll [MD5.F779D209F6FB1B8CF25F9FCABE014967] - [15/03/2019 05:48:58] - |A| - [74240] - C:\Windows\syswow64\tdc.ocx [MD5.D5C8986C1AC0F5CCFF5B36D84DAE7D5F] - [15/03/2019 05:49:10] - |A| - [2462208] - C:\Windows\syswow64\themecpl.dll [MD5.81F24AEBB800C56179E5D2EBABBC49BD] - [15/03/2019 05:49:33] - |A| - [2815488] - C:\Windows\syswow64\themeui.dll [MD5.9B547D7FC518A62EC2E1B7DD181E8CE2] - [15/03/2019 05:51:04] - |A| - [452608] - C:\Windows\syswow64\TileDataRepository.dll [MD5.ADBCF0F6F438C509AE8CFF276D3D4062] - [15/03/2019 05:49:02] - |A| - [463360] - C:\Windows\syswow64\timedate.cpl [MD5.1CAD95428D1F17F6FC03A6B1A76D7B27] - [15/03/2019 05:49:19] - |A| - [35328] - C:\Windows\syswow64\tokenbinding.dll [MD5.C20A3CAAE775FDBE2847D5701C986E8B] - [15/03/2019 05:50:13] - |A| - [920064] - C:\Windows\syswow64\TokenBroker.dll [MD5.3C35F53D16282A5B892685C4C1280D2C] - [15/03/2019 05:48:58] - |A| - [15360] - C:\Windows\syswow64\TokenBrokerCookies.exe [MD5.6D9DF4768CEAC6798002FAEA42A07DCA] - [15/03/2019 05:49:01] - |A| - [37888] - C:\Windows\syswow64\TokenBrokerUI.dll [MD5.FD779118E9115F8684361CE6B9AC1881] - [15/03/2019 05:50:24] - |A| - [2677248] - C:\Windows\syswow64\tquery.dll [MD5.6F7CCD986159E2FC544E4CE349F29CB6] - [15/03/2019 05:49:37] - |A| - [98304] - C:\Windows\syswow64\TSpkg.dll [MD5.EBB966D5D1DA9F55E2527EA46A4C2131] - [15/03/2019 05:49:12] - |A| - [178176] - C:\Windows\syswow64\TtlsAuth.dll [MD5.82ED68D7C9E7E0BA0CB90FF6069FA439] - [15/03/2019 05:49:01] - |A| - [164352] - C:\Windows\syswow64\TtlsCfg.dll [MD5.DAB67699D26B78F1BDF3F948C59DA75B] - [15/03/2019 05:49:29] - |A| - [158208] - C:\Windows\syswow64\twext.dll [MD5.065C88ACF9DCB147103BF65327DB37E3] - [15/03/2019 05:50:37] - |A| - [1261768] - C:\Windows\syswow64\twinapi.appcore.dll [MD5.F500780AEBEC7326D63FD51CA1BF2C85] - [15/03/2019 05:49:40] - |A| - [433664] - C:\Windows\syswow64\twinapi.dll [MD5.539296663A3DAF45C1BD9D519829A7BC] - [15/03/2019 05:49:15] - |A| - [697344] - C:\Windows\syswow64\twinui.appcore.dll [MD5.4D774D6A1E45E6798C27524CA070A936] - [15/03/2019 05:50:37] - |A| - [6466560] - C:\Windows\syswow64\twinui.dll [MD5.36FE23A873481E10FF09596F8839E200] - [15/03/2019 05:48:58] - |A| - [2560] - C:\Windows\syswow64\tzres.dll [MD5.F094E5CBF271BFFBDC565000FAF09B19] - [15/03/2019 05:50:00] - |A| - [1141392] - C:\Windows\syswow64\ucrtbase.dll [MD5.7C91A0284C3BE85296CECF986BC4C9A4] - [15/03/2019 05:49:50] - |A| - [466432] - C:\Windows\syswow64\UiaManager.dll [MD5.9B120E03AFB87B5466CC828D862268E7] - [15/03/2019 05:49:44] - |A| - [1668096] - C:\Windows\syswow64\UIAutomationCore.dll [MD5.692E79906AEBD813180AB4DA9A23C8E5] - [15/03/2019 05:49:51] - |A| - [3490816] - C:\Windows\syswow64\UIRibbon.dll [MD5.56DE762470DD45C5363BCADE7CD8543C] - [15/03/2019 05:48:59] - |A| - [584192] - C:\Windows\syswow64\UIRibbonRes.dll [MD5.DB40D2D74478E3BE07BB08CC24BFBA9E] - [15/03/2019 05:48:57] - |A| - [253952] - C:\Windows\syswow64\unimdm.tsp [MD5.9C3652626FBEEA98EFC1C751F54DE1E6] - [15/03/2019 05:49:00] - |A| - [966656] - C:\Windows\syswow64\Unistore.dll [MD5.4FC7DB01116C14A6C58C740698437815] - [15/03/2019 05:49:23] - |A| - [98304] - C:\Windows\syswow64\updatepolicy.dll [MD5.5033CBC73D3957D6ECDAD0DA38B7EC81] - [15/03/2019 05:48:59] - |A| - [233472] - C:\Windows\syswow64\url.dll [MD5.9144927DCA7832342F15DE0B4B6B993D] - [15/03/2019 05:50:34] - |A| - [1566720] - C:\Windows\syswow64\urlmon.dll [MD5.D0B9CBCAEAE963F74AC910ADF47F2F50] - [15/03/2019 05:48:56] - |A| - [4608] - C:\Windows\syswow64\user.exe [MD5.5D41A00F6ED104C9639D5CBF0D38A1D6] - [15/03/2019 05:50:31] - |A| - [1528904] - C:\Windows\syswow64\user32.dll [MD5.65316876798BD589A05781B6B68BBCD9] - [15/03/2019 05:49:49] - |A| - [1230848] - C:\Windows\syswow64\usercpl.dll [MD5.4F9B1BD8A47543F3575B196A69F6F1E8] - [15/03/2019 05:49:12] - |A| - [95232] - C:\Windows\syswow64\UserDataTimeUtil.dll [MD5.039BDAA1C6A50FEA69BA170D071C0506] - [15/03/2019 05:49:02] - |A| - [160256] - C:\Windows\syswow64\UserDeviceRegistration.dll [MD5.2D4F3342630DB4E1592AA5CEDE775B72] - [15/03/2019 05:49:40] - |A| - [559104] - C:\Windows\syswow64\UserLanguagesCpl.dll [MD5.3498ACDDCF5A3EA89A207122934D1046] - [15/03/2019 05:49:10] - |A| - [65536] - C:\Windows\syswow64\usoapi.dll [MD5.EC1270DAF0E157756D0F6B8D66A732B1] - [15/03/2019 05:49:27] - |A| - [472576] - C:\Windows\syswow64\uxtheme.dll [MD5.73978DD6DD93DFD1FDD83620AE604DD4] - [15/03/2019 05:28:28] - |A| - [722192] - C:\Windows\syswow64\Vb40032.dll [MD5.4C6F2D2CE86330335801F2982B26223E] - [28/03/2019 12:40:51] - |A| - [89360] - C:\Windows\syswow64\VB5DB.DLL [MD5.1358DEE033BFD95A759890703EE8DBB1] - [15/03/2019 05:51:27] - |A| - [464384] - C:\Windows\syswow64\vbscript.dll [MD5.90742CB3A232B8C28EB72D7326ABBF3F] - [15/03/2019 05:49:02] - |A| - [110080] - C:\Windows\syswow64\VEDataLayerHelpers.dll [MD5.B55FF9CC8010601EBC5ED52BF57A2C30] - [15/03/2019 05:48:59] - |A| - [48640] - C:\Windows\syswow64\virtdisk.dll [MD5.1454D47AF54831F8FF59210825EA8698] - [15/03/2019 05:50:04] - |A| - [1159680] - C:\Windows\syswow64\vssapi.dll [MD5.8F224D31DA0884C547AB6E65C2CBBE93] - [15/03/2019 05:01:30] - |A| - [878592] - C:\Windows\syswow64\vulkan-1-999-0-0-0.dll [MD5.8F224D31DA0884C547AB6E65C2CBBE93] - [15/03/2019 05:01:30] - |A| - [878592] - C:\Windows\syswow64\vulkan-1.dll [MD5.AA008CDFA795097F16F18170FF5FB815] - [15/03/2019 04:58:41] - |A| - [229344] - C:\Windows\syswow64\vulkaninfo-1-999-0-0-0.exe [MD5.AA008CDFA795097F16F18170FF5FB815] - [15/03/2019 04:58:41] - |A| - [229344] - C:\Windows\syswow64\vulkaninfo.exe [MD5.DA00A8ED9201E0293C8D1EF38315B4B8] - [15/03/2019 05:49:27] - |A| - [97280] - C:\Windows\syswow64\WcnApi.dll [MD5.74DFA3493E51A942A4C2F89254FE3EF6] - [15/03/2019 05:49:24] - |A| - [235008] - C:\Windows\syswow64\webcheck.dll [MD5.C5FABC086E613BB7B0826EA564DC922B] - [15/03/2019 05:49:40] - |A| - [190464] - C:\Windows\syswow64\WebClnt.dll [MD5.1FA7FDB5EEC6DED40C2AE75D39B3CE12] - [15/03/2019 05:49:49] - |A| - [462336] - C:\Windows\syswow64\webio.dll [MD5.DCB82B9B6BA959C99624B82CC6245506] - [15/03/2019 05:49:05] - |A| - [459776] - C:\Windows\syswow64\webplatstorageserver.dll [MD5.F308C9718D84DC576345940DF074AA97] - [15/03/2019 05:50:02] - |A| - [1075984] - C:\Windows\syswow64\webservices.dll [MD5.7F23FDE90B62C59D65BCAC54430A7F24] - [15/03/2019 05:49:33] - |A| - [639408] - C:\Windows\syswow64\wer.dll [MD5.C4E40C2D052172841A6AE7881DAFC6C8] - [15/03/2019 05:49:13] - |A| - [414720] - C:\Windows\syswow64\werui.dll [MD5.F0BCD5D25B955F1DA115EA4A64D5FD14] - [15/03/2019 05:48:58] - |A| - [136192] - C:\Windows\syswow64\wextract.exe [MD5.A011152FDCF4CA7251B0038B077047AB] - [15/03/2019 05:49:44] - |A| - [592800] - C:\Windows\syswow64\wimgapi.dll [MD5.EC4D792B9EBEE98B4BBAFD5578453147] - [15/03/2019 05:51:25] - |A| - [2902528] - C:\Windows\syswow64\win32kfull.sys [MD5.812E9241C7844424DFE2985846070CFD] - [15/03/2019 05:49:31] - |A| - [83216] - C:\Windows\syswow64\winbrand.dll [MD5.A0C135507DB0167282168F3E5BDCC396] - [15/03/2019 05:49:08] - |A| - [309248] - C:\Windows\syswow64\wincorlib.dll [MD5.84EF8242B5B2B9E3036398AED7C46E2E] - [15/03/2019 05:49:00] - |A| - [162304] - C:\Windows\syswow64\Windows.ApplicationModel.Core.dll [MD5.8647781A64C26771C70D6F5EC48224BD] - [15/03/2019 05:49:33] - |A| - [522176] - C:\Windows\syswow64\Windows.ApplicationModel.dll [MD5.3AD75BC01182888898EF9F05C68F3A6A] - [15/03/2019 05:49:18] - |A| - [315392] - C:\Windows\syswow64\Windows.ApplicationModel.LockScreen.dll [MD5.CC811E2D58465654DC2562867521648F] - [15/03/2019 05:50:11] - |A| - [1490856] - C:\Windows\syswow64\Windows.ApplicationModel.Store.dll [MD5.9EC72380FCE884CB4A0C678F8EA7AA56] - [15/03/2019 05:49:36] - |A| - [246272] - C:\Windows\syswow64\Windows.ApplicationModel.Store.TestingFramework.dll [MD5.ABAE1466E7D328F959AA18CC967C34E9] - [15/03/2019 05:50:18] - |A| - [6587392] - C:\Windows\syswow64\Windows.Data.Pdf.dll [MD5.DF77877093677CEB49DF418D6B3507C7] - [15/03/2019 05:49:21] - |A| - [696832] - C:\Windows\syswow64\Windows.Devices.Sensors.dll [MD5.149E2C31A7AD8257641D6663DE54C5E5] - [15/03/2019 05:49:49] - |A| - [1236480] - C:\Windows\syswow64\Windows.Globalization.dll [MD5.98DA92BE5E7D5A1133D25565D1CDF8DD] - [15/03/2019 05:49:53] - |A| - [335360] - C:\Windows\syswow64\Windows.Graphics.Printing.Workflow.dll [MD5.798389B0F019FC7DA876A5838128C220] - [15/03/2019 05:49:00] - |A| - [12288] - C:\Windows\syswow64\Windows.Graphics.Printing.Workflow.Native.dll [MD5.3E58599D26AFE1761F87CECD252B9EB5] - [15/03/2019 05:49:13] - |A| - [430080] - C:\Windows\syswow64\Windows.Internal.Bluetooth.dll [MD5.1C9C38A788F22AEAC21ED2B9C54ECD3F] - [15/03/2019 05:49:21] - |A| - [516608] - C:\Windows\syswow64\Windows.Internal.Management.dll [MD5.0251CAD1B6C180A67A089DFA2D716548] - [15/03/2019 05:49:57] - |A| - [621568] - C:\Windows\syswow64\Windows.Media.BackgroundMediaPlayback.dll [MD5.C179D1218AD113537E309CB9323B15DF] - [15/03/2019 05:51:16] - |A| - [6014688] - C:\Windows\syswow64\Windows.Media.dll [MD5.9E23CAE30930787245399397EBD9A029] - [15/03/2019 05:49:05] - |A| - [583680] - C:\Windows\syswow64\Windows.Media.Import.dll [MD5.D2ACB013E86EAB5C56587C44734E7399] - [15/03/2019 05:49:37] - |A| - [620544] - C:\Windows\syswow64\Windows.Media.Playback.BackgroundMediaPlayer.dll [MD5.6C41D581CB2C832619F7290F2A0BA19B] - [15/03/2019 05:49:57] - |A| - [604672] - C:\Windows\syswow64\Windows.Media.Playback.MediaPlayer.dll [MD5.73256E92AA201252E82BD8A711B6A1FD] - [15/03/2019 05:49:01] - |A| - [56832] - C:\Windows\syswow64\Windows.Media.Playback.ProxyStub.dll [MD5.023EADA98464DD6E5297356A3C43F93C] - [15/03/2019 05:50:58] - |A| - [6475880] - C:\Windows\syswow64\Windows.Media.Protection.PlayReady.dll [MD5.83381DE5516C34328C4F5E76A64BE789] - [15/03/2019 05:51:03] - |A| - [2491232] - C:\Windows\syswow64\Windows.Mirage.dll [MD5.3E12477042313D18A52812979BB32A82] - [15/03/2019 05:51:04] - |A| - [618496] - C:\Windows\syswow64\Windows.Mirage.Internal.dll [MD5.D01EFC2E14294C12094102545CC85EC3] - [15/03/2019 05:50:05] - |A| - [891904] - C:\Windows\syswow64\Windows.Networking.BackgroundTransfer.dll [MD5.343D98F99A919964216DC60A1AD34C69] - [15/03/2019 05:49:53] - |A| - [660480] - C:\Windows\syswow64\Windows.Networking.dll [MD5.3D5B2BE5CA748BBDDF97DA0FB1F9967F] - [15/03/2019 05:49:34] - |A| - [109056] - C:\Windows\syswow64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll [MD5.94E8B4EBA0DA649AC0A6D8B5FC7DAE9D] - [15/03/2019 05:49:54] - |A| - [941568] - C:\Windows\syswow64\Windows.Networking.Vpn.dll [MD5.A2B45051F3DA399BA1B83599E2E23726] - [15/03/2019 05:49:53] - |A| - [405504] - C:\Windows\syswow64\Windows.Payments.dll [MD5.4EB540B4A1A428DF59A27E7FB3F885A8] - [15/03/2019 05:51:04] - |A| - [506256] - C:\Windows\syswow64\Windows.Perception.Stub.dll [MD5.3F51E3B936974BAA26CB7C96793E55E1] - [15/03/2019 05:50:04] - |A| - [598528] - C:\Windows\syswow64\Windows.Security.Authentication.Web.Core.dll [MD5.EAE9E8A3AEA8955C854EB572DF461F4A] - [15/03/2019 05:49:52] - |A| - [746904] - C:\Windows\syswow64\Windows.Services.TargetedContent.dll [MD5.131891D46023A4624CC9DA2A068317A5] - [15/03/2019 05:50:27] - |A| - [3979696] - C:\Windows\syswow64\Windows.StateRepository.dll [MD5.1FA0115DBEDD4006FB65246768DEC991] - [15/03/2019 05:49:22] - |A| - [89504] - C:\Windows\syswow64\Windows.StateRepositoryBroker.dll [MD5.B9DBAC940038A737E63BE80FDD7CE70A] - [15/03/2019 05:49:24] - |A| - [123808] - C:\Windows\syswow64\Windows.StateRepositoryClient.dll [MD5.A06DF410D350562F0FD699E98FD0FE84] - [15/03/2019 05:49:41] - |A| - [542856] - C:\Windows\syswow64\Windows.StateRepositoryPS.dll [MD5.2251D76E2BE4AF1C40BB1D8127846DED] - [15/03/2019 05:49:16] - |A| - [147456] - C:\Windows\syswow64\Windows.StateRepositoryUpgrade.dll [MD5.48ECCD9FF5FAB136BC86538C6FB6581D] - [15/03/2019 05:49:18] - |A| - [289824] - C:\Windows\syswow64\Windows.Storage.ApplicationData.dll [MD5.0DB91C3B1F2810931F47B842FE88B84F] - [15/03/2019 05:50:40] - |A| - [6087040] - C:\Windows\syswow64\windows.storage.dll [MD5.65E56E51EB7A2A664CCBDED8CFA72AA4] - [15/03/2019 05:49:55] - |A| - [464384] - C:\Windows\syswow64\Windows.UI.Core.TextInput.dll [MD5.C2E57A51AB0628DAE35F0E6ECFA5D5BA] - [15/03/2019 05:49:33] - |A| - [981504] - C:\Windows\syswow64\Windows.UI.Cred.dll [MD5.39CB8103B31D73464452424AE495DA9E] - [15/03/2019 05:50:08] - |A| - [1510912] - C:\Windows\syswow64\Windows.UI.Immersive.dll [MD5.6BE2B2B64DC32BCD7BB145466F114B37] - [15/03/2019 05:50:32] - |A| - [1321472] - C:\Windows\syswow64\Windows.UI.Input.Inking.dll [MD5.B1E781E62D28B6BC7C3DFFCDB9C9AF07] - [15/03/2019 05:49:25] - |A| - [695296] - C:\Windows\syswow64\Windows.UI.Search.dll [MD5.3149A8E3B25987FDFB534142BD50DE1E] - [15/03/2019 05:49:12] - |A| - [1892864] - C:\Windows\syswow64\Windows.UI.Xaml.Controls.dll [MD5.8D681CC5EE863278394291C743EFCB2E] - [15/03/2019 05:50:30] - |A| - [13710848] - C:\Windows\syswow64\Windows.UI.Xaml.dll [MD5.799FB49F3FC7B5D1D7CDCEF292F8E241] - [15/03/2019 05:49:20] - |A| - [720896] - C:\Windows\syswow64\Windows.UI.Xaml.InkControls.dll [MD5.E532CC88734519C8E8F02DA065FE05FB] - [15/03/2019 05:49:39] - |A| - [1312256] - C:\Windows\syswow64\Windows.UI.Xaml.Maps.dll [MD5.934266FD56473D79BC63E6A4A0742529] - [15/03/2019 05:50:11] - |A| - [1259520] - C:\Windows\syswow64\Windows.UI.Xaml.Phone.dll [MD5.AC36BA1674C606189C95E498415A42D9] - [15/03/2019 05:49:35] - |A| - [132608] - C:\Windows\syswow64\Windows.UI.XamlHost.dll [MD5.5ABBF9E152427692658A49F8F0AF0DA0] - [15/03/2019 05:50:02] - |A| - [594944] - C:\Windows\syswow64\Windows.Web.dll [MD5.5D320952A868EB0EADDD9641B461BCA2] - [15/03/2019 05:50:08] - |A| - [1503504] - C:\Windows\syswow64\WindowsCodecs.dll [MD5.11264C3ACE0F9F15031362CF57AECF4E] - [15/03/2019 05:50:23] - |A| - [31619072] - C:\Windows\syswow64\WindowsCodecsRaw.dll [MD5.FFD2F3835BC170C7B3858F326262EBDA] - [15/03/2019 07:34:32] - |A| - [36472] - C:\Windows\syswow64\WinFLAdrv.sys [MD5.503E4A64E8FB731D415510B676F2BFFA] - [15/03/2019 07:34:11] - |A| - [14184] - C:\Windows\syswow64\WinFLMsgService.exe [MD5.A3B55D9B3F656E4F82C5D79C632B0038] - [15/03/2019 07:34:12] - |A| - [94728] - C:\Windows\syswow64\WinFLService.exe [MD5.14E6BAFD6C80C9D0E2E31A6BC40479C7] - [15/03/2019 07:34:08] - |A| - [335880] - C:\Windows\syswow64\WinFLTray.exe [MD5.14E6BAFD6C80C9D0E2E31A6BC40479C7] - [15/03/2019 07:34:07] - |A| - [335880] - C:\Windows\syswow64\WinFLTrayShred.exe [MD5.50EDEB42F3C5C7BB4932FF7353E3F7D1] - [15/03/2019 05:49:53] - |A| - [704496] - C:\Windows\syswow64\winhttp.dll [MD5.64CB9AF0ABD1D750929C6BACBC59B350] - [15/03/2019 05:49:00] - |A| - [82944] - C:\Windows\syswow64\winhttpcom.dll [MD5.8C049019A4BFD95AA455CD94A1D8B114] - [15/03/2019 05:51:21] - |A| - [4369408] - C:\Windows\syswow64\wininet.dll [MD5.02BF610B95E05855DD612D57D3183E82] - [15/03/2019 05:49:51] - |A| - [1558856] - C:\Windows\syswow64\winmde.dll [MD5.43FDCB8CC2DF2FC470D5C04C06780C9B] - [15/03/2019 05:49:27] - |A| - [181760] - C:\Windows\syswow64\WinSCard.dll [MD5.BA6A61A00365044876F945A06A4D6493] - [15/03/2019 05:49:04] - |A| - [247296] - C:\Windows\syswow64\winsku.dll [MD5.0F3456A440A1584E227A40E275223EE9] - [15/03/2019 05:49:26] - |A| - [420352] - C:\Windows\syswow64\winspool.drv [MD5.988EA42B2B90B91CE1ACBBEDAAA424C8] - [15/03/2019 05:49:48] - |A| - [287848] - C:\Windows\syswow64\wintrust.dll [MD5.BDCE5E5BFC67B7D0CA6530E69B20BB0A] - [15/03/2019 05:49:51] - |A| - [832648] - C:\Windows\syswow64\WinTypes.dll [MD5.3CC985A4E7D90F5B6D9FF1FD5CD486D7] - [15/03/2019 07:34:30] - |A| - [225680] - C:\Windows\syswow64\WinVDEdrv.sys [MD5.2D446F342467128EA389CF44EC79C2BA] - [15/03/2019 07:34:31] - |A| - [197648] - C:\Windows\syswow64\WinVDEdrv6.sys [MD5.F2ECB87B996541BF44B55D301586E2C5] - [15/03/2019 11:44:42] - |AS| - [11781] - C:\Windows\syswow64\win_flfiles_sys.dat [MD5.A1A8919960FB16CE0B4CEDF6B1864939] - [15/03/2019 11:44:42] - |AS| - [3465] - C:\Windows\syswow64\win_stlthdb_sys.dat [MD5.B8EACD109C18140D169BBB9D1D91180D] - [15/03/2019 05:49:38] - |A| - [232448] - C:\Windows\syswow64\wisp.dll [MD5.A01F94A9181A6647C6C490DF0018E916] - [15/03/2019 05:49:11] - |A| - [246272] - C:\Windows\syswow64\wlancfg.dll [MD5.0EE5A7508D19ED3A264D36EF3D2B2CF7] - [15/03/2019 05:49:05] - |A| - [407040] - C:\Windows\syswow64\wlangpui.dll [MD5.0D8C53EF58FDA3925609164DFC9EEFDE] - [15/03/2019 05:49:41] - |A| - [319488] - C:\Windows\syswow64\Wldap32.dll [MD5.715BBF22FAB87ECFDDA03ABF590F46A1] - [15/03/2019 05:49:40] - |A| - [78184] - C:\Windows\syswow64\wldp.dll [MD5.2EA24AC64D38D4ECE807041E92DF194B] - [15/03/2019 05:49:12] - |A| - [98304] - C:\Windows\syswow64\wlgpclnt.dll [MD5.5099FE087A7EF6AD1431EA8B96FB01A1] - [15/03/2019 05:49:07] - |A| - [507904] - C:\Windows\syswow64\wlidcli.dll [MD5.A6ECF31E43274FA7EC787E8C1CD2FFB2] - [15/03/2019 05:49:55] - |A| - [531968] - C:\Windows\syswow64\wlidprov.dll [MD5.CEA51371971E187F478C5933F5BF4E91] - [15/03/2019 05:48:56] - |A| - [25088] - C:\Windows\syswow64\wmiprop.dll [MD5.300D4A863AC3D75472DED1020315D664] - [15/03/2019 05:51:17] - |A| - [12730880] - C:\Windows\syswow64\wmp.dll [MD5.9B05BEEACF372ADAC85BF47849672597] - [15/03/2019 05:49:27] - |A| - [251200] - C:\Windows\syswow64\wmpeffects.dll [MD5.FE72EBC643DB7BCC7A8CD8F4E46DDD68] - [15/03/2019 05:49:25] - |A| - [154392] - C:\Windows\syswow64\wmpps.dll [MD5.93930202EC453DF50804090DB0EB0F07] - [15/03/2019 05:49:31] - |A| - [103424] - C:\Windows\syswow64\wmpshell.dll [MD5.975890347C7998063E77E2C6F249878C] - [15/03/2019 05:49:33] - |A| - [392704] - C:\Windows\syswow64\WMVSENCD.DLL [MD5.0C3AB19FF0B062AD808C9DAD2CCE3D56] - [15/03/2019 05:49:40] - |A| - [681472] - C:\Windows\syswow64\WMVXENCD.DLL [MD5.F52DC608FABA50E9A6D51C1F77936E71] - [15/03/2019 05:49:52] - |A| - [1342464] - C:\Windows\syswow64\Wpc.dll [MD5.1505A2BE0DEF18632472CD4C1AF3090D] - [15/03/2019 05:49:27] - |A| - [636416] - C:\Windows\syswow64\WpcWebFilter.dll [MD5.91CF6717E5CBA979A23EF887770B1FAB] - [15/03/2019 05:49:35] - |A| - [975360] - C:\Windows\syswow64\wpnapps.dll [MD5.D968CB0D323A9A54B5E81A2A4F239C0F] - [15/03/2019 05:49:14] - |A| - [258808] - C:\Windows\syswow64\wscapi.dll [MD5.74D90548993E4DC4CC4CBC5AF8B96417] - [15/03/2019 05:49:00] - |A| - [12800] - C:\Windows\syswow64\wscproxystub.dll [MD5.355C1249EE15E153199FE1B54C3BE873] - [15/03/2019 05:49:26] - |A| - [147456] - C:\Windows\syswow64\wscript.exe [MD5.3E8DBDE2536682E3EA33BAB970197F90] - [15/03/2019 05:49:42] - |A| - [1332736] - C:\Windows\syswow64\wsecedit.dll [MD5.BE0D487494FCFF4B4E7D29A333BAF0DF] - [15/03/2019 05:49:16] - |A| - [16600] - C:\Windows\syswow64\wshhyperv.dll [MD5.73339DF7BBD7DEB99C2D92448C1B2A60] - [15/03/2019 05:49:03] - |A| - [123392] - C:\Windows\syswow64\wshom.ocx [MD5.39E63D680474BB0DDDB3D57BFC881FD7] - [15/03/2019 05:49:12] - |A| - [52736] - C:\Windows\syswow64\wsnmp32.dll [MD5.C69885E3DAD1BEF60319010698E8DA24] - [15/03/2019 05:49:38] - |A| - [1453056] - C:\Windows\syswow64\wsp_fs.dll [MD5.8593D702416E2A6D120C813B1717A8CC] - [15/03/2019 05:49:39] - |A| - [1309696] - C:\Windows\syswow64\wsp_health.dll [MD5.28BE6DD3090240B709EB710B88E38DFC] - [15/03/2019 05:49:45] - |A| - [825856] - C:\Windows\syswow64\wuapi.dll [MD5.1EFB575D7E2A8234DCC9D4531070106E] - [15/03/2019 05:48:00] - |A| - [67072] - C:\Windows\syswow64\wudriver.dll [MD5.D7AF31C2ADA4D3580583CA76BFD3EBAE] - [15/03/2019 05:49:05] - |A| - [30208] - C:\Windows\syswow64\wups.dll [MD5.660E6FB6972DB04E74C45C040D4DDE8C] - [15/03/2019 05:49:49] - |A| - [293888] - C:\Windows\syswow64\WwaApi.dll [MD5.F6DE38B57FAA27471BD99060BE9F9496] - [15/03/2019 05:49:39] - |A| - [793400] - C:\Windows\syswow64\WWAHost.exe [MD5.A2E0419D7FBDFEFA19F5BB53556A22EB] - [15/03/2019 05:49:16] - |A| - [450936] - C:\Windows\syswow64\WWanAPI.dll [MD5.653DB51549B7CB7EC76EB8562D260D4F] - [15/03/2019 05:49:16] - |A| - [73896] - C:\Windows\syswow64\wwapi.dll [MD5.414CF6ED0142DAB4BDFC7AE95558AD4C] - [15/03/2019 05:50:22] - |A| - [3418112] - C:\Windows\syswow64\xpsrchvw.exe [MD5.D07878AB6E404AD22759759B4CFB47BC] - [15/03/2019 05:49:29] - |A| - [346112] - C:\Windows\syswow64\zipfldr.dll ---------- | Drives D: F: L: U: V: X: Y: Z: ---------- | C: [13/03/2019 07:17:24] - |SHDC| - [129] - C:\$RECYCLE.BIN [15/03/2019 07:23:44] - |DC| - [387596] - C:\$Windows.~WS [23/03/2019 09:26:05] - |DC| - [2420] - C:\.android [MD5.3655EBCD3318345AAF1B3E88D0A29AC4] - [28/03/2019 14:08:56] - |A| - (.-.) - [894442004] - (0.0.0.0) - C:\3rem scène 8_3_2019_14h40 u bouton 4 et 100pour100 séc finalis.mp4 [28/03/2019 14:07:54] - |D| - [81675] - C:\5 makeupdirector 3 & ms 17 utilities pt 3 setup & info [MD5.72C5C3B4DB0A065E11C97CC5B140E23F] - [28/03/2019 14:09:19] - |A| - (.-.) - [65536] - (0.0.0.0) - C:\Additional Free Tools.exe [MD5.18919B8F4DD98CC049DF6C5EFA670648] - [28/03/2019 14:09:19] - |A| - (.-.) - [98059] - (0.0.0.0) - C:\AdsFix_13_03_2019_00_39_27.txt [28/03/2019 14:07:18] - |D| - [106] - C:\Advanced.System.Repair.Pro.1.8.1.1 [MD5.C03776114F4C74B87ECAB1C7E88C6FEA] - [28/03/2019 14:09:19] - |A| - (.-.) - [15447761] - (0.0.0.0) - C:\Advanced.System.Repair.Pro.1.8.1.1.rar [MD5.A3DBE5FF1F05FFFA1AF0BDE7DEA32021] - [28/03/2019 16:56:08] - |H| - (.-.) - [1024] - (0.0.0.0) - C:\AMTAG.BIN [MD5.84252D2014ED1C20C8CA186F7DF2D8F2] - [28/03/2019 14:09:20] - |A| - (.Copyright(c) 2019 Apowersoft Ltd. All rights reserved - ApowerManager Setup .) - [91894352] - (3.2.4.3) - C:\apower-manager.exe [MD5.1437837E6A90E061D8D8C12132A4EC5E] - [28/03/2019 14:09:22] - |A| - (.-.) - [15542000] - (0.0.0.0) - C:\ApplicationManager_v1318_rv200683(1.3)_STD_APM190117-01.exe [MD5.BAB15ACF6580F27138BFF7DCFEE2C41D] - [28/03/2019 14:09:24] - |A| - (.Ashampoo GmbH & Co. KG - Ashampoo Snap 10 Setup .) - [54663528] - (10.0.8.0) - C:\ashampoo_snap_10_10.0.8_sm.exe [MD5.986E05603A4DC82058E77E95DA7C683B] - [28/03/2019 14:09:23] - |A| - (.Ashampoo GmbH & Co. KG - Ashampoo Snap 9 Setup .) - [58258152] - (9.0.6.0) - C:\ashampoo_snap_9_9.0.6_sm.exe [23/03/2019 22:57:16] - |RASHDC| - [2] - C:\autorun.inf [MD5.5DD6B7A68B6C36D6F389501090098FF1] - [28/03/2019 14:09:26] - |A| - (.-.) - [1640992] - (0.0.0.0) - C:\Autoruns.zip [28/03/2019 14:07:18] - |D| - [284514158] - C:\AVS4YOU.AIO.Package.4.2.2.154 [MD5.BEED5CE09BAAA9B7EF6FD412D08DB4D6] - [28/03/2019 14:09:26] - |A| - (.-.) - [285167878] - (0.0.0.0) - C:\AVS4YOU.AIO.Package.4.2.2.154.rar [MD5.E4D34746B69FDDE5E0FA10555BA1148C] - [28/03/2019 14:09:33] - |A| - (.Copyright 2018 Marcin Szeniak - BCUninstaller Setup .) - [5187536] - (4.12.3.0) - C:\BCUninstaller_4.12.3_setup.exe [MD5.2FBB45F608D3FAF94B4BC2D91CC9F229] - [28/03/2019 14:09:33] - |A| - (.Copyright(C) 2009-2019 Bandicam.com, - Bandicam Setup File.) - [18717976] - (4.3.4.1503) - C:\bdcamsetup.exe [MD5.31818469590D2E0922831957BAFA0B26] - [28/03/2019 14:09:34] - |A| - (.-.) - [6775574] - (0.0.0.0) - C:\billie-eilish-wish-you-were-gay-audio.mp3 [15/03/2019 19:56:33] - |DC| - [450581645] - C:\boot [MD5.6140F74C347B1AE02D2D3FD3406217A7] - [28/03/2019 14:09:34] - |A| - (.Copyright (c) TechSmith Corporation. - Camtasia 9.) - [285144256] - (9.0.0.1306) - C:\camtasia.exe [MD5.DF9FCAFEB0FCF4702ACE593B665A2E24] - [28/03/2019 14:09:42] - |A| - (.-.) - [97888] - (0.0.0.0) - C:\CARTE_LA_CITY (1).pdf [MD5.DF9FCAFEB0FCF4702ACE593B665A2E24] - [28/03/2019 14:09:42] - |A| - (.-.) - [97888] - (0.0.0.0) - C:\CARTE_LA_CITY.pdf [MD5.123C468F6D0FCCFC3AD5CD49B26311E4] - [28/03/2019 14:09:42] - |A| - (.-.) - [85066] - (0.0.0.0) - C:\CARTE_LA_CITY_3.pdf [MD5.BFAE5F458FF9804B6F6338CC62B259EE] - [28/03/2019 14:09:42] - |A| - (.©2017 SysTools Software Private Limited - SysTools CDR Recovery Setup .) - [4447968] - (3.0.0.0) - C:\cdr-recovery.exe [MD5.F9C1D1060100D1C69063062A079C1433] - [28/03/2019 14:09:42] - |A| - (.-.) - [770018] - (0.0.0.0) - C:\ChipGenius_v4_19_0319.zip [MD5.5B396D04F0AEF9ACE6BB81600BC3C47C] - [28/03/2019 14:09:42] - |A| - (.2005-2019 COMODO. - COMODO Internet Security.) - [5610336] - (11.0.0.6802) - C:\cispremium_installer_10555_51.exe [MD5.D41D8CD98F00B204E9800998ECF8427E] - [28/03/2019 14:09:42] - |A| - (.-.) - [0] - (0.0.0.0) - C:\clear-fi-media_VAwqVx_0121044746.exe [MD5.74EE78204D088B642B5E2D95ABE8B7BB] - [25/02/2019 06:40:18] - |A| - (.-.) - [1520] - (0.0.0.0) - C:\DelFix.txt [MD5.819C27AE07898F1A5EFDA4E146DBB174] - [28/03/2019 14:13:40] - |A| - (.-.) - [298] - (0.0.0.0) - C:\desktop.ini [MD5.0CF973931EB37C797FBE91E12E107C73] - [28/03/2019 14:13:40] - |A| - (.Adlice Software - Diag Installer .) - [29011040] - (1.1.1.0) - C:\Diag_setup.exe [21/03/2019 07:09:24] - |RDC| - [674] - C:\Documents [MD5.1681937166D17933724A390C816F7BB0] - [28/03/2019 14:09:42] - |A| - (.-.) - [923] - (0.0.0.0) - C:\décli A B rem.html [MD5.8E8439AF1C36AA076552BD1B63049C57] - [28/03/2019 14:09:42] - |A| - (.-.) - [4834204168] - (0.0.0.0) - C:\décli A B rem.mp4 [MD5.3C5688078F0C6773A372442B9B1EFAA2] - [28/03/2019 14:13:40] - |A| - (.-.) - [2843] - (0.0.0.0) - C:\décli A B rem_config.xml [MD5.9BCE6AA5BA63A560B2FCB4EBC81E4F59] - [28/03/2019 14:13:40] - |A| - (.-.) - [385] - (0.0.0.0) - C:\décli A B rem_embed.css [MD5.291A836541CF5D99DDA2522BE278ED45] - [28/03/2019 14:13:40] - |A| - (.-.) - [6868] - (0.0.0.0) - C:\décli A B rem_player.html [MD5.2E5B58DCDE63B8E3B33D2D166DFE4D8E] - [28/03/2019 14:13:40] - |A| - (.-.) - [864662] - (0.0.0.0) - C:\décli_A_B_rem_First_Frame.png [15/03/2019 06:19:27] - |DC| - [0] - C:\ESD [MD5.DFA80085A57B133BFDA1A4656C3AF21B] - [28/03/2019 14:13:41] - |A| - (.-.) - [3306603] - (0.0.0.0) - C:\Eva - On Fleek ft. Lartiste.mp3 [MD5.606B1F7D6D2F6D56ABAC578C4F3E83AC] - [28/03/2019 14:13:41] - |A| - (.© 2018 SysTools Software Private Limited - SysTools Excel Recovery Setup .) - [2788624] - (4.0.0.0) - C:\excel-recovery.exe [28/03/2019 14:07:25] - |D| - [1945192] - C:\explorer++_1.3.5_x64 (1) [MD5.5D119964DB7B5DE6A1C34FED4DFFC37E] - [28/03/2019 14:13:41] - |A| - (.-.) - [709805] - (0.0.0.0) - C:\explorer++_1.3.5_x64 (1).zip [MD5.5D119964DB7B5DE6A1C34FED4DFFC37E] - [28/03/2019 14:13:41] - |A| - (.-.) - [709805] - (0.0.0.0) - C:\explorer++_1.3.5_x64.zip [MD5.7C654BAD95F1E5F9932B9D37A0853B3B] - [28/03/2019 14:13:41] - |A| - (.Copyright©2017 Wondershare. - wondershare-filmora-(fr)_setup_full1084.exe.) - [1041000] - (2.0.10.2) - C:\filmora_setup_full1084.exe [MD5.EBF163FA8403B254BFA95387DED47EEA] - [28/03/2019 14:13:41] - |A| - (.-.) - [6263990] - (0.0.0.0) - C:\foals-on-the-luna-official-video.mp3 [MD5.588EC62D230354F3A37CCDABBC2431F5] - [28/03/2019 14:13:41] - |A| - (.Copyright (C) 2018 SPAMfighter ApS - Installation Package.) - [2690328] - (1.5.14.0) - C:\Full-DISKfighter_Web.exe [28/03/2019 14:07:26] - |D| - [6917820] - C:\gif_to_video_converter [MD5.BB76EE289996CDB30B451C85F442648B] - [28/03/2019 14:13:41] - |A| - (.� 2018 SysTools Software - SysTools Gmail Backup Setup .) - [18199152] - (5.0.0.0) - C:\gmail-backup.exe [28/03/2019 14:07:26] - |D| - [73218288] - C:\grande force loaris noa - stopzilla apps for gel d'aloe vera 1 [28/03/2019 14:07:28] - |D| - [3212] - C:\grande force loaris noa - topic wd element galaxy book sandisk ultra fit cadeau eau de coco 24_2_2019 5 [28/03/2019 14:07:28] - |D| - [26711112] - C:\grande force loaris noa - yara editor 1er anniversaire muscade-moulue invention mc flury widen-ushuaïa 25_2_2019 8 [28/03/2019 14:07:28] - |D| - [11797136] - C:\grande force loaris noa - zemana antimalware beta 6 [MD5.BBAF22E9B53077E8FE7102FCEC3A536C] - [28/03/2019 14:13:42] - |A| - (.-.) - [11963] - (0.0.0.0) - C:\grande force loaris noa 19 topic clubic sd usb hdd pc cadeau réc eau de coco 23_3_2019.rtf [28/03/2019 14:07:29] - |D| - [0] - C:\grande force loaris noa 20 moo0 image view SP en don pour maintenir lfsu100%s finalisés [28/03/2019 14:07:29] - |D| - [6775574] - C:\grande force loaris noa 21 anti-tfl finalis du 25_3_2019 avec wish you were gay [MD5.EAA5FA9F131E091C478D21BCAAAE2336] - [28/03/2019 14:13:42] - |A| - (.-.) - [764] - (0.0.0.0) - C:\grande force loaris noa 22 topic micro sd 1 To cadeau réc eau de coco 23_3_2019.rtf [MD5.94FAA059F4F18FC5FDFED4B8D0958284] - [28/03/2019 14:13:42] - |A| - (.-.) - [948] - (0.0.0.0) - C:\grande force loaris noa 23 topic clubic désinfection E cadeau réc eau de coco 23_3_2019.rtf [MD5.503D919E521EF84D974784F8B557B546] - [28/03/2019 14:13:42] - |A| - (.-.) - [1838] - (0.0.0.0) - C:\grande force loaris noa 25 - topic manque d'espace tablette cadeau récomp finalis part shock.txt [MD5.B329B758E8F9C0EB79135660EEA18DB6] - [28/03/2019 14:13:42] - |A| - (.-.) - [26926] - (0.0.0.0) - C:\grande force loaris noa 26 - topic final usb pc hdd sd cadeau récomp finalis part shock.txt [MD5.C8FAE90E5407E0629033CEBB4FC62A30] - [28/03/2019 14:13:42] - |A| - (.©2016 SysTools Software Private Limited - SysTools G Suite to Office 365 Migrator Setup .) - [6236592] - (1.0.0.0) - C:\gsuite-to-office365-migrator.exe [MD5.E56FBCBC6F0A2C7AE125869951C63992] - [28/03/2019 14:13:42] - |A| - (.-.) - [218129] - (0.0.0.0) - C:\h2testw_1.4.zip [MD5.8C9B1E9720212417F41AFFA1164C7E41] - [28/03/2019 14:13:42] - |A| - (.© 2019 SysTools Software Private Limited - SysTools Hard Drive Data Recovery v9.0 Setup .) - [9047360] - (9.0.0.0) - C:\hard-drive-recovery.exe [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2019 14:33:40] - |ASH| - (.-.) - [1676853248] - (0.0.0.0) - C:\hiberfil.sys [20/02/2019 14:36:04] - |DC| - [17889325] - C:\IconPack [MD5.ECDBC4EAACD8B6BCC5E8E73B3984547C] - [28/03/2019 14:13:43] - |A| - (.-.) - [6310366] - (0.0.0.0) - C:\IconPack X0 ttone.sfx.exe [07/12/2017 07:02:19] - |DC| - [177072] - C:\Intel [MD5.C991B994C45A25A235F4D4308D6D40CE] - [28/03/2019 14:13:43] - |A| - (.-.) - [6738178] - (0.0.0.0) - C:\interpol-fine-mess.mp3 [MD5.FAD361B20B833689393E12532B58A739] - [28/03/2019 14:13:43] - |A| - (.©IObit. - IObit Software Updater .) - [11049464] - (1.0.1.1698) - C:\iobit-software-updater-setup-final.exe [MD5.8AA78A1EFE0419859E6CB2025C5D8338] - [28/03/2019 14:13:43] - |A| - (.-.) - [6699032] - (2.9.15255.1) - C:\jing.exe [MD5.50A8CCC188FB1DDB9277E62772897746] - [28/03/2019 14:13:43] - |A| - (.-.) - [9205902] - (0.0.0.0) - C:\john-legend-preach-official-video.mp3 [MD5.E40542C4CC75E658A4615BFEFB308570] - [28/03/2019 14:13:44] - |A| - (.- Junkware Removal Tool.) - [1790024] - (8.1.4.0) - C:\JRT.exe [MD5.D0C6B5422A1FC7D4A720B13F051ABC5D] - [28/03/2019 14:13:44] - |A| - (.Copyright © 2018 KeepVid Studio. - KeepVid Music Tag Editor Setup .) - [19067976] - (2.0.0.17) - C:\keepvid-music-tag-editor_full4171 (1).exe [MD5.D0C6B5422A1FC7D4A720B13F051ABC5D] - [28/03/2019 14:13:44] - |A| - (.Copyright © 2018 KeepVid Studio. - KeepVid Music Tag Editor Setup .) - [19067976] - (2.0.0.17) - C:\keepvid-music-tag-editor_full4171.exe [MD5.DC34B060A61D82FF21FAFDF6FA8327CC] - [28/03/2019 14:13:45] - |A| - (.-.) - [856034145] - (0.0.0.0) - C:\la folie on fleek pour 3rem & 4rem.wmv [MD5.5502D4EAAFCC5B7C2B5098435EF61113] - [28/03/2019 14:14:07] - |A| - (.-.) - [3165448] - (0.0.0.0) - C:\LAFAWNDAH - STORM CHASER.mp3 [MD5.7218662D0667F2F8A4D90BB59BE01141] - [28/03/2019 14:14:07] - |A| - (.© PCPinpoint Technologies - LikeNEWPC Setup.) - [5690440] - (1.0.3.0) - C:\LikeNEWPCSetup.exe [MD5.C021EB3774FA9A24AEE60BEF9EC76D21] - [28/03/2019 14:14:07] - |A| - (.-.) - [42409984] - (0.0.0.0) - C:\linuxwin_trial.msi [MD5.72DCC74E0FA0435448C50C2B8FA69936] - [28/03/2019 14:14:09] - |A| - (.-.) - [25021958] - (0.0.0.0) - C:\mde-pro.zip [MD5.7EC4B089E5ADBDD4485558B8AEE013D2] - [28/03/2019 14:14:09] - |A| - (.(c) Moo0. - Moo0 Installer.) - [2928640] - (1.0.0.0) - C:\Moo0 ImageViewer SP v1.80 Installer (1).exe [MD5.7EC4B089E5ADBDD4485558B8AEE013D2] - [28/03/2019 14:14:09] - |A| - (.(c) Moo0. - Moo0 Installer.) - [2928640] - (1.0.0.0) - C:\Moo0 ImageViewer SP v1.80 Installer.exe [MD5.CFD55487A4BF74DDD948DD5A0BBEE7A4] - [28/03/2019 14:14:09] - |A| - (.(c) Moo0. - Moo0 Installer.) - [7294976] - (1.0.0.0) - C:\Moo0 RightClicker Pro 1_48 Installer.exe [MD5.70806E027BF1928F5A32A17E000425BA] - [28/03/2019 14:14:10] - |A| - (.Copyleft 1998-2017 by Don HO - Notepad++ : a free (GNU) source code editor.) - [3809704] - (7.6.4.0) - C:\npp.7.6.4.Installer.x64.exe [MD5.234D615B7F363A243AF6C0E6791771EA] - [28/03/2019 14:14:10] - |A| - (.-.) - [2997109] - (0.0.0.0) - C:\Ocean Park Standoff - Good Time (Audio Only).mp3 [MD5.28B8E683BC0D5F2CB28C6919284ADC9D] - [28/03/2019 14:14:10] - |A| - (.� 2016 SysTools Software - SysTools Office365 Backup & Restore Setup .) - [16025536] - (1.1.0.0) - C:\office365-backup.exe [MD5.8EA0D8B250DBD9DF4FC238B5967F85EC] - [28/03/2019 14:14:10] - |A| - (.©2017 SysTools Software Private Limited - SysTools Office365 Express Migrator Setup .) - [3394008] - (2.0.0.0) - C:\office365-express-migrator.exe [MD5.06B06972BF49BF0F270509D4051B40F0] - [28/03/2019 14:14:10] - |A| - (.-.) - [9726385] - (0.0.0.0) - C:\oldtimer otl_oth_tfc_md5look_xor_gotd-u_SEAF_remvbs_usbfileresc setup.exe [28/03/2019 16:26:07] - |HD| - [0] - C:\OneDriveTemp [MD5.9D56BD190540ADA4EF8ADB9CE554FAD9] - [28/03/2019 14:14:11] - |A| - (.© 2015 SysTools Software Private Limited - SyTools Open Office Writer Recovery - DEMO Vesrion 2.0 Setup.) - [812504] - (2.0.0.0) - C:\open-office-recovery.exe [MD5.A78BA540C1C9DDC8FDC6F57130F248D4] - [28/03/2019 14:14:11] - |A| - (.-.) - [259584] - (1.0.5.0) - C:\OTH.exe [MD5.27F8C676FAA61C00B1058386AE7615CF] - [28/03/2019 14:14:11] - |A| - (.Copyright (C) 2012 SPAMfighter ApS - OUTDATEfighter Installation Package.) - [2091952] - (1.1.97.0) - C:\OUTDATEfighter_Web.exe [MD5.2BC6BD6A081FD78F1693D8CFF3F76422] - [28/03/2019 14:14:11] - |A| - (.� 2016 SysTools Software - SysTools Outlook Cache Contacts Recovery Setup .) - [5462592] - (1.0.0.0) - C:\outlook-cached-contacts-recovery.exe [MD5.767B88C686EAB2D2D4632DD8EEC14AEA] - [28/03/2019 14:14:11] - |A| - (.© 2018 SysTools Software Private Limited - SysTools Outlook Recovery Setup .) - [27651176] - (7.0.0.0) - C:\outlook-recovery.exe [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2019 14:29:28] - |ASH| - (.-.) - [5983543296] - (0.0.0.0) - C:\pagefile.sys [MD5.C82844369C9F8816992D5BEDA2B2CF56] - [28/03/2019 14:14:12] - |A| - (.© 2016 SysTools Software Private Limited - SysTools PDF Bates Numberer Setup .) - [5597568] - (3.5.0.0) - C:\pdf-bates.exe [MD5.D0ACFD58970EFF881B4CDD8ED9F2F709] - [28/03/2019 14:14:12] - |A| - (.© 2016 SysTools Software Private Limited - SysTools PDF Recovery Setup .) - [1558200] - (1.0.0.1) - C:\pdf-recovery.exe [MD5.1EEFA36510B43A011A7A3F9C31DAD66C] - [28/03/2019 14:14:12] - |A| - (.©2016 SysTools Software Private Limited - SysTools PDF Watermark Remover Setup .) - [3241840] - (1.0.0.0) - C:\pdf-watermark-remover.exe [29/09/2017 14:46:33] - |D| - [0] - C:\PerfLogs [MD5.5396EB64ECFCEFBC8A48A58BA61E8271] - [28/03/2019 14:14:12] - |A| - (.-.) - [177258205] - (0.0.0.0) - C:\Plan_TAM_Ete_2018 (1).pdf [MD5.5396EB64ECFCEFBC8A48A58BA61E8271] - [28/03/2019 14:14:16] - |A| - (.-.) - [177258205] - (0.0.0.0) - C:\Plan_TAM_Ete_2018.pdf [12/03/2019 17:00:51] - |RDC| - [149206102] - C:\PortableApps [MD5.A6B3060699C61502D7437C106FDC57C9] - [28/03/2019 14:14:21] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [5143912] - (16.0.0.0) - C:\PortableApps.com_Platform_Setup_16.0.paf (1).exe [MD5.A6B3060699C61502D7437C106FDC57C9] - [28/03/2019 14:14:21] - |A| - (.PortableApps.com - PortableApps.com Platform.) - [5143912] - (16.0.0.0) - C:\PortableApps.com_Platform_Setup_16.0.paf.exe [28/03/2019 14:07:46] - |D| - [237019313] - C:\Pre_Scan [29/09/2017 14:46:33] - |RD| - [15380588736] - C:\Program Files [29/09/2017 14:46:33] - |RD| - [7784025947] - C:\Program Files (x86) [29/09/2017 14:46:33] - |HDC| - [4526975592] - C:\ProgramData [19/02/2019 13:13:41] - |DC| - [722280] - C:\PSMenu [28/03/2019 18:13:28] - |D| - [68685] - C:\QuickDiag [MD5.A6E003F179F6ED0B4A8AD901DF602645] - [28/03/2019 14:14:21] - |A| - (.-.) - [615644] - (0.0.0.0) - C:\QuickDiag.txt [MD5.1AE443DBD490A8DC720B13392D051428] - [27/03/2019 20:56:03] - |A| - (.-.) - [4646514] - (0.0.0.0) - C:\QuickScript.txt [MD5.373512595CF9BEA2CE4D2F372BABA6D7] - [28/03/2019 14:14:21] - |A| - (.-.) - [3506] - (0.0.0.0) - C:\rapport delfix 27 mars 2019.txt [MD5.EA931B76129947461FE0301213DF5B1B] - [28/03/2019 14:14:21] - |A| - (.-.) - [222] - (0.0.0.0) - C:\rapport h2testw.txt [MD5.1A5B3D8F0137D558779C18B49A2C4F7F] - [28/03/2019 14:14:21] - |A| - (.-.) - [9287410] - (0.0.0.0) - C:\rapport quickdiag 27 mars 2019.txt [07/12/2017 14:48:59] - |HDC| - [1158477351] - C:\recovery [MD5.7C94C938CDF4C99A6E46A9367F34D94C] - [02/03/2019 08:20:09] - |A| - (.-.) - [2775] - (0.0.0.0) - C:\Rem-VBS.log [26/02/2019 14:52:45] - |DC| - [1162] - C:\Rem-VBSqt [28/03/2019 14:07:52] - |D| - [47555334] - C:\renouveau du widen - babylon free & trial, & vaincre la peur de babylon toolbar & search [MD5.6DFA80443A9995F633E31CD3DD7AFF96] - [28/03/2019 14:14:22] - |A| - (.-.) - [264379704] - (0.0.0.0) - C:\scénario social wdet 10_4_2019.mp4 [MD5.B527C38D6B67B7CF4378837C9F574BE0] - [28/03/2019 14:14:28] - |A| - (.-.) - [8967087] - (0.0.0.0) - C:\setup ultra adware killer & explorer++ 2019.exe [MD5.A7B9E6D6A84DA1477369E1827452EA56] - [28/03/2019 14:14:28] - |A| - (.-.) - [1653328] - (0.0.0.0) - C:\setup_Atelier_Photo_Fnac.exe [MD5.D4813DDB5889ACEE28458720EDE93148] - [28/03/2019 14:14:29] - |A| - (.-.) - [1656480] - (0.0.0.0) - C:\setup_Logiciel_de_creation_CEWE.exe [MD5.7B5EACC560AEA447BF32AECA3257D3BB] - [28/03/2019 14:14:29] - |A| - (.-.) - [1656904] - (0.0.0.0) - C:\setup_Logiciel_de_creation_CEWE_Cora.exe [MD5.D41D8CD98F00B204E9800998ECF8427E] - [14/03/2019 14:29:28] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys [14/03/2019 14:29:26] - |SHD| - [0] - C:\System Volume Information [MD5.788FCDDD88240A85039F7F561093B118] - [28/03/2019 14:14:29] - |A| - (.-.) - [448512] - (3.1.9.0) - C:\TFC.exe [MD5.9D3FD49FC860F9C85D9F383875E7EF6F] - [28/03/2019 14:14:29] - |A| - (.Copyright © 2018 Wondershare. - Wondershare TidyMyMusic Setup .) - [19475696] - (1.6.0.3) - C:\tidymymusic-bing_full1701.exe [MD5.98EF4B255D85A7C005FF55F883C6D16A] - [28/03/2019 14:14:29] - |A| - (.-.) - [1342622270] - (0.0.0.0) - C:\transition 3rem 4rem A B rem lite.mp4 [MD5.D2338454E1A01F1E297162289A96196E] - [28/03/2019 14:15:06] - |A| - (.-.) - [227283456] - (0.0.0.0) - C:\turbo-studio-19.1.1178.msi [28/03/2019 14:07:54] - |D| - [2117947] - C:\Unlocker [MD5.70CDF58C761DED85D6D15884281974FC] - [28/03/2019 14:15:12] - |A| - (.-.) - [1665985] - (0.0.0.0) - C:\unlocker-1-9-1-en-win.exe [MD5.312F5CF6CE52DF4A0A1A5B48D6A12D7D] - [28/03/2019 14:15:12] - |A| - (.-.) - [209518] - (0.0.0.0) - C:\UsbFix-Report-01 multi sd usb ssd hdd pc 28 mars 2019.txt [29/09/2017 09:45:11] - |RD| - [45692636428] - C:\Users [MD5.1521F4E327C1EA5686E2A61FEBF365DD] - [28/03/2019 14:15:12] - |A| - (.Carifred © 2010 - 2019 - Ultra Virus Killer installer.) - [14834552] - (10.11.3.0) - C:\UVKInstaller.exe [25/03/2019 23:51:22] - |HDC| - [77443725] - C:\VTRoot [MD5.81D78DDC31E736CEA01BA7D8CE5858C0] - [28/03/2019 14:22:56] - |A| - (.-.) - [865053315] - (0.0.0.0) - C:\widen 4 & lfs ultra & 100% sécurisé finalis pour 3rem.wmv [29/09/2017 09:45:11] - |D| - [35726992561] - C:\Windows [MD5.E2C50C54B594A39FD6ABE39CDD2A3714] - [28/03/2019 14:15:12] - |A| - (.-.) - [104631471] - (0.0.0.0) - C:\Windows_MediaFeaturePack_x64_1809Oct.msu [MD5.E2C50C54B594A39FD6ABE39CDD2A3714] - [28/03/2019 14:15:15] - |A| - (.-.) - [104631471] - (0.0.0.0) - C:\Windows_MediaFeaturePack_x64_1809Oct_FromDESKTOP-5HP7UU4.msu [MD5.E2C50C54B594A39FD6ABE39CDD2A3714] - [28/03/2019 14:15:18] - |A| - (.-.) - [104631471] - (0.0.0.0) - C:\Windows_MediaFeaturePack_x64_1809Oct_FromDESKTOP-810DT5O.msu [MD5.958F1B242AD38B044269975DF624EB3B] - [28/03/2019 14:15:21] - |A| - (.Copyright © Alexander Roshal 1993-2019 - WinRAR archiver.) - [3236072] - (5.70.0.0) - C:\winrar-x64-570fr.exe [MD5.06A68A95800F45D387A0A028D19EBB5B] - [28/03/2019 14:15:21] - |A| - (.Copyright (C) 2010 - Zinstall Loader.) - [190506576] - (2.6.0.0) - C:\zinstall-fullback.exe ---------- | C:\Windows [MD5.A486C15BA34B4C23677AA34F47CE2C0D] - [07/12/2017 07:01:45] - |A| - (.-.) - [1078] - (0.0.0.0) - C:\Windows\ACU.ico [29/09/2017 14:46:33] - |D| - [802] - C:\Windows\addins [MD5.16D640FFBEFE88D81AC8A90A60C28088] - [28/03/2019 16:55:51] - |A| - (.-.) - [2165096] - (0.0.0.0) - C:\Windows\ampa.exe [29/09/2017 14:46:33] - |D| - [11998212] - C:\Windows\appcompat [29/09/2017 14:46:33] - |D| - [9242112] - C:\Windows\apppatch [29/09/2017 14:46:33] - |D| - [0] - C:\Windows\AppReadiness [29/09/2017 14:46:33] - |RSD| - [815516467] - C:\Windows\assembly [29/09/2017 14:46:33] - |D| - [692493] - C:\Windows\bcastdvr [MD5.55F49769891E4DC7CAB3E293E1238888] - [29/09/2017 14:41:23] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [65536] - (10.0.16299.15) - C:\Windows\bfsvc.exe [29/09/2017 14:46:33] - |D| - [38305426] - C:\Windows\Boot [MD5.A6FF87567BC317E3E31FC19CA50766C2] - [07/12/2017 23:39:33] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [29/09/2017 14:46:33] - |D| - [2471504] - C:\Windows\Branding [29/09/2017 14:37:01] - |D| - [0] - C:\Windows\CbsTemp [MD5.A155FFABF2F04265A97274CCAB44D773] - [07/12/2017 14:08:15] - |A| - (.-.) - [35138] - (0.0.0.0) - C:\Windows\core.xml [MD5.A155FFABF2F04265A97274CCAB44D773] - [29/09/2017 15:43:11] - |A| - (.-.) - [35138] - (0.0.0.0) - C:\Windows\CoreSingleLanguage.xml [MD5.BD1868AC684B5AD6C0A2A7A1C764FA1F] - [07/12/2017 07:05:29] - |A| - (.-.) - [10] - (0.0.0.0) - C:\Windows\Csup.txt [29/09/2017 14:46:33] - |D| - [11482410] - C:\Windows\Cursors [MD5.2AABDB49AD062CC52957094D05B1163A] - [28/03/2019 16:55:59] - |A| - (.-.) - [1298584] - (0.0.0.0) - C:\Windows\ddmmain.exe [29/09/2017 14:46:33] - |D| - [2540] - C:\Windows\debug [29/09/2017 14:46:33] - |D| - [6684526438] - C:\Windows\DeliveryOptimization [MD5.050C668A459D689E7C033DBCA4417642] - [07/12/2017 07:12:58] - |A| - (.-.) - [22863] - (0.0.0.0) - C:\Windows\diagerr.xml [29/09/2017 14:46:33] - |D| - [5799735] - C:\Windows\diagnostics [29/09/2017 15:41:15] - |D| - [0] - C:\Windows\DigitalLocker [29/09/2017 14:46:33] - |SD| - [65] - C:\Windows\Downloaded Program Files [29/09/2017 14:46:33] - |D| - [78040] - C:\Windows\ELAMBKUP [07/12/2017 14:35:07] - |D| - [47104] - C:\Windows\en-GB [29/09/2017 15:41:15] - |D| - [49664] - C:\Windows\en-US [27/03/2019 21:07:23] - |D| - [127384680] - C:\Windows\ERUNT [07/12/2017 14:11:38] - |D| - [107520] - C:\Windows\es-ES [MD5.5CDE14540712838961E3B63930CE8C5D] - [15/03/2019 05:50:30] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3904304] - (10.0.16299.637) - C:\Windows\explorer.exe [29/09/2017 14:46:33] - |RSD| - [360460900] - C:\Windows\Fonts [07/12/2017 14:15:54] - |D| - [109568] - C:\Windows\fr-FR [29/09/2017 14:46:33] - |D| - [0] - C:\Windows\GameBarPresenceWriter [29/09/2017 14:46:33] - |D| - [46654231] - C:\Windows\Globalization [29/09/2017 14:46:33] - |D| - [3747842] - C:\Windows\Help [MD5.67422BB31C52F0E4697C2A413677E033] - [15/03/2019 05:49:42] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [976896] - (10.0.16299.402) - C:\Windows\HelpPane.exe [MD5.620517DFE23E0DEB918F70538DF8AD67] - [29/09/2017 14:41:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [17920] - (10.0.16299.15) - C:\Windows\hh.exe [29/09/2017 14:46:33] - |D| - [173064560] - C:\Windows\IME [29/09/2017 14:46:33] - |RD| - [7839228] - C:\Windows\ImmersiveControlPanel [29/09/2017 14:44:34] - |D| - [77188067] - C:\Windows\INF [29/09/2017 14:46:33] - |D| - [5932356143] - C:\Windows\InfusedApps [29/09/2017 14:46:33] - |D| - [38118841] - C:\Windows\InputMethod [29/09/2017 14:46:33] - |SHD| - [2019555594] - C:\Windows\Installer [07/12/2017 14:30:10] - |D| - [107008] - C:\Windows\it-IT [29/09/2017 14:46:33] - |D| - [94163] - C:\Windows\L2Schemas [29/09/2017 14:46:33] - |D| - [2097152] - C:\Windows\LiveKernelReports [29/09/2017 09:45:14] - |D| - [13622792] - C:\Windows\Logs [29/09/2017 14:46:33] - |RSD| - [20331141] - C:\Windows\media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [29/09/2017 14:42:00] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [29/09/2017 14:46:33] - |RD| - [946042767] - C:\Windows\Microsoft.NET [29/09/2017 14:46:33] - |D| - [3298] - C:\Windows\Migration [15/03/2019 06:57:03] - |D| - [0] - C:\Windows\Minidump [29/09/2017 14:46:33] - |D| - [0] - C:\Windows\ModemLogs [MD5.D4EE18887818F0782C0D72F1D67AAB5E] - [07/12/2017 07:10:42] - |A| - (.(c) Samsung Electronics. - Conditional Caller.) - [1731072] - (1.0.0.1) - C:\Windows\MSetCaller.exe [07/12/2017 14:12:44] - |D| - [968482] - C:\Windows\MSetup [MD5.15750221BBFFA36C055D656C46899460] - [29/09/2017 14:41:38] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [246784] - (10.0.16299.15) - C:\Windows\notepad.exe [29/09/2017 15:42:03] - |D| - [199472] - C:\Windows\OCR [29/09/2017 14:46:33] - |RD| - [65] - C:\Windows\Offline Web Pages [10/10/2017 17:41:56] - |D| - [2071364] - C:\Windows\Panther [29/09/2017 14:46:33] - |D| - [378575] - C:\Windows\Performance [29/09/2017 14:46:33] - |D| - [1596669] - C:\Windows\PLA [29/09/2017 14:46:33] - |D| - [5036896] - C:\Windows\PolicyDefinitions [07/12/2017 23:39:31] - |D| - [11147102] - C:\Windows\Prefetch [29/09/2017 14:46:33] - |RD| - [2165945] - C:\Windows\PrintDialog [29/09/2017 14:46:33] - |D| - [4057203] - C:\Windows\Provisioning [MD5.14A3681D6247758B1F4880022ABEE0D7] - [29/09/2017 14:41:58] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [335872] - (10.0.16299.15) - C:\Windows\regedit.exe [29/09/2017 14:46:33] - |D| - [1071164] - C:\Windows\Registration [29/09/2017 14:46:33] - |D| - [7433456] - C:\Windows\rescache [29/09/2017 14:46:33] - |D| - [3899983] - C:\Windows\Resources [07/12/2017 07:00:50] - |D| - [0] - C:\Windows\RSTLog [MD5.49F66188C137CEEEBDAF751041B60B79] - [07/12/2017 06:47:14] - |A| - (.Copyright (C) 2017 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2839488] - (1.0.7.1) - C:\Windows\RtlExUpd.dll [MD5.294DF39F9DCF1DC2EB384F835661B06E] - [07/12/2017 07:05:49] - |A| - (.-.) - [6284] - (0.0.0.0) - C:\Windows\Samsung.png [MD5.95785E7BDA182428944420424A33BD96] - [21/03/2019 11:03:10] - |AC| - (.-.) - [241] - (0.0.0.0) - C:\Windows\SATReg.ini [29/09/2017 14:46:33] - |D| - [0] - C:\Windows\SchCache [29/09/2017 14:46:33] - |D| - [122082] - C:\Windows\schemas [10/10/2017 17:46:07] - |D| - [149836] - C:\Windows\sec [MD5.69D0E0C0848937803A2B0D73F2F0F533] - [07/12/2017 07:03:20] - |A| - (.(c) . All right reserved. - Time Sync Utility.) - [1630256] - (1.0.2.0) - C:\Windows\SecTimeSync.exe [29/09/2017 14:46:33] - |D| - [4241804] - C:\Windows\security [07/12/2017 23:39:23] - |D| - [160217934] - C:\Windows\ServiceProfiles [29/09/2017 09:45:11] - |D| - [137231056] - C:\Windows\servicing [29/09/2017 14:49:45] - |D| - [42] - C:\Windows\Setup [29/09/2017 14:46:33] - |D| - [53789696] - C:\Windows\ShellExperiences [29/09/2017 15:41:49] - |D| - [3070736] - C:\Windows\SKB [14/03/2019 14:34:11] - |D| - [40153904] - C:\Windows\SoftwareDistribution [29/09/2017 14:46:33] - |D| - [86044865] - C:\Windows\Speech [29/09/2017 14:46:33] - |D| - [61728519] - C:\Windows\Speech_OneCore [MD5.B3FBABDA876CFA2B4695471D5348F59F] - [29/09/2017 14:42:06] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [130560] - (10.0.16299.15) - C:\Windows\splwow64.exe [29/09/2017 14:46:33] - |AD| - [2003615] - C:\Windows\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [29/09/2017 14:46:38] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [29/09/2017 09:45:11] - |D| - [6565376005] - C:\Windows\System32 [29/09/2017 14:46:34] - |D| - [201933048] - C:\Windows\SystemApps [29/09/2017 14:46:34] - |D| - [28404506] - C:\Windows\SystemResources [29/09/2017 09:45:15] - |AD| - [1535425316] - C:\Windows\SysWOW64 [29/09/2017 14:46:34] - |D| - [0] - C:\Windows\TAPI [29/09/2017 14:46:34] - |D| - [340] - C:\Windows\Tasks [29/09/2017 14:46:34] - |DC| - [32500] - C:\Windows\Temp [29/09/2017 14:46:34] - |D| - [13428736] - C:\Windows\TextInput [29/09/2017 14:46:34] - |DC| - [0] - C:\Windows\tracing [29/09/2017 14:46:34] - |D| - [7680] - C:\Windows\twain_32 [MD5.F6C33A8A65C6AF007812EED398D783B2] - [29/09/2017 14:42:16] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65536] - (1.7.1.3) - C:\Windows\twain_32.dll [29/09/2017 14:46:34] - |D| - [12420] - C:\Windows\Vss [29/09/2017 14:46:34] - |D| - [32195506] - C:\Windows\Web [MD5.3EFEB20E042AF2EBC710F857FBF62FA9] - [29/09/2017 14:46:38] - |A| - (.-.) - [155] - (0.0.0.0) - C:\Windows\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [29/09/2017 14:41:58] - |RA| - (.-.) - [670] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.02BD03E57C66CB40AEDB7039E93E7CB0] - [29/09/2017 14:42:16] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.16299.15) - C:\Windows\winhlp32.exe [29/09/2017 09:45:11] - |D| - [9395978623] - C:\Windows\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [29/09/2017 14:41:16] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.0D5D4E344F5581C954355D7164DD4BE1] - [29/09/2017 14:41:38] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.16299.15) - C:\Windows\write.exe [MD5.F9BC571D03FDDF0ADD64C8CAB6EF9CEE] - [15/03/2019 09:28:44] - |A| - (.-.) - [204854] - (0.0.0.0) - C:\Windows\ZAM.krnl.trace [MD5.B02BE02E39056A46FF043B97EF069D43] - [15/03/2019 09:28:44] - |A| - (.-.) - [153960] - (0.0.0.0) - C:\Windows\ZAM_Guard.krnl.trace ---------- | C:\Windows\System32\GroupPolicy ---------- | Systemroot\System [15/03/2019 05:28:29] - |A| - [935632] - C:\Windows\System\Vb40016.dll (Copyright © 1987-1995 Microsoft Corp.) - (Visual Basic 4.0 runtime library) [15/03/2019 05:28:29] - |A| - [271264] - C:\Windows\System\vbrun100.dll () - () [15/03/2019 05:28:29] - |A| - [356992] - C:\Windows\System\vbrun200.dll (Copyright © 1987-1992 Microsoft Corp) - (Visual Basic 2.0 runtime library) [15/03/2019 05:28:29] - |A| - [398416] - C:\Windows\System\Vbrun300.dll (Copyright © 1987-1993 Microsoft Corp) - (Visual Basic 3.0 runtime library) [10/09/1999 12:06:00] - |A| - [5600] - C:\Windows\System\WINASPI.DLL (Copyright © 1989-1999 Adaptec, Inc.) - (ASPI for Win16 (95/NT) DLL) [10/09/1999 12:06:00] - |A| - [4672] - C:\Windows\System\WOWPOST.EXE (Copyright © 1989-1999 Adaptec, Inc.) - (ASPI for Win16 (NT) Callback Helper) ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [15/02/2019 06:51:28] - C:\Windows\Installer\160e5cf.msi : (COMODO Secure Shopping - COMODO) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/03/2019 20:04:37] - C:\Windows\Installer\1ca6149d.msi : (FULL-DISKfighter - SPAMfighter ApS.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/03/2019 18:55:45] - C:\Windows\Installer\1ca614a0.msi : (Linux File Systems for Windows by Paragon Software - Paragon Software GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/02/2019 16:00:15] - C:\Windows\Installer\24b3d4.msi : (Blank Project Template - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/10/2017 02:16:36] - C:\Windows\Installer\39e2.msi : (Intel(R) ME UninstallLegacy - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:21:34] - C:\Windows\Installer\39e9.msi : (Intel(R) Management Engine Driver - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:20:18] - C:\Windows\Installer\39f0.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:20:42] - C:\Windows\Installer\39f7.msi : (Microsoft VC++ redistributables repacked. - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:20:50] - C:\Windows\Installer\39fe.msi : (Microsoft VC++ redistributables repacked. - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2017 09:21:22] - C:\Windows\Installer\3a05.msi : (Intel(R) Management Engine Components - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/09/2017 16:25:02] - C:\Windows\Installer\3a0c.msi : (Intel(R) Trusted Connect Service Client x64 - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/09/2017 16:21:30] - C:\Windows\Installer\3a13.msi : (Intel(R) Trusted Connect Service Client x86 - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/11/2016 11:34:12] - C:\Windows\Installer\3a1a.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2019 22:52:28] - C:\Windows\Installer\3bb17.msi : (AntimalwareEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2019 22:53:27] - C:\Windows\Installer\3bb1b.msi : (FirewallEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2019 22:54:42] - C:\Windows\Installer\3bb1f.msi : (ProxyEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2019 22:54:51] - C:\Windows\Installer\3bb23.msi : (OnlineThreatsEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2019 22:54:53] - C:\Windows\Installer\3bb27.msi : (AntispamEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/03/2019 22:55:00] - C:\Windows\Installer\3bb2b.msi : (AvcEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/12/2017 07:01:24] - C:\Windows\Installer\3ea5.msi : (Blank Project Template - InstallShield) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/05/2017 08:38:06] - C:\Windows\Installer\3eac.msi : (WlSarService - Samsung Electronics Co., Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/12/2017 07:02:01] - C:\Windows\Installer\3eb4.msi : (Blank Project Template - InstallShield) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/08/2018 14:09:28] - C:\Windows\Installer\4a837f.msi : (24.17.0 - Paragon Software) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/10/2016 11:16:02] - C:\Windows\Installer\4abb.msi : (Intel(R) Chipset Device Software - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/03/2019 08:57:58] - C:\Windows\Installer\6819f8.msi : (Silent Install Builder 5 - Aprel Tech, LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/08/2017 03:30:28] - C:\Windows\Installer\7eda.msi : ( - Samsung) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/11/2017 08:04:38] - C:\Windows\Installer\7eef.msi : ( - Samsung) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/11/2017 06:48:12] - C:\Windows\Installer\7ef6.msi : (Show Window - Samsung Electronics Co., Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/02/2016 16:40:24] - C:\Windows\Installer\7efb.msi : ( - Samsung Electronics Co., Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/02/2017 09:58:16] - C:\Windows\Installer\7f00.msi : ( - Samsung Electronics) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/03/2019 18:19:52] - C:\Windows\Installer\ccf7d79.msi : (OUTDATEfighter - SPAMfighter ApS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/03/2019 12:04:14] - C:\Windows\Installer\cefa65.msi : ( - ProtectStar Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/02/2019 17:08:32] - C:\Windows\Installer\cfb15fa.msi : (Hardware Detection DriversCloud.com - Cybelsoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/08/2018 14:09:36] - C:\Windows\Installer\d8da5a.msi : (Simply Good Pictures 5 Free - Engelmann Software) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/03/2019 18:17:37] - [229376] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\collect_logs_46415E4E6A244A68BCD90E2A7BBBE92D.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:17:37] - [65536] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\eulaSc_8384FC6846E7455F813279C4A4BD7848.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:17:37] - [217088] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\faqSc_6850097D521D412C9D557BF6AAF77966.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:17:37] - [217088] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\OpenProductShortcu_7B40FA946E0C4B2BB676ACAD0C712C08.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:17:37] - [217088] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\OpenProductShortcu_E4EB4CA62A0B4356AC2B2A2F509B24DB.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:17:37] - [217088] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\privacySc_15450EAD0C55421290B773659CA982E3.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:17:37] - [217088] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\supportSc_00298BA3FA76493999ED2765008C425A.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:17:37] - [45056] - C:\Windows\Installer\{0F8DE83C-A073-47B9-928A-8CA381C28C18}\UninstallShortcut_29E3AA1700F24071BDD9C28FB44BF35D.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [07/12/2017 07:01:24] - [53248] - C:\Windows\Installer\{18373B57-4FC3-4B1A-95B3-A7E5DCA577F7}\ARPPRODUCTICON.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [28/03/2019 17:51:54] - [9879520] - C:\Windows\Installer\{19815424-A209-4B2C-9A86-DF2A4E4B5669}\SnagitEditorIcon.exe (Copyright 2008-2019 TechSmith Corp.) - (Snagit Editor) [28/03/2019 17:51:54] - [8971744] - C:\Windows\Installer\{19815424-A209-4B2C-9A86-DF2A4E4B5669}\SnagitIcon.exe (Copyright 1996-2019 TechSmith Corp.) - (Snagit) [14/03/2019 22:53:46] - [59352] - C:\Windows\Installer\{232046DA-BB57-4114-9A0D-1119F00C4398}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [14/03/2019 22:54:51] - [59352] - C:\Windows\Installer\{26F31E12-3722-45FD-903B-49012286BB4C}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [14/03/2019 22:57:57] - [358360] - C:\Windows\Installer\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [14/03/2019 22:57:57] - [358360] - C:\Windows\Installer\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}\NewShortcut1_9D26517437AB43F988CAFF4AC3CA05DE.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [14/03/2019 22:57:57] - [358360] - C:\Windows\Installer\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}\NewShortcut6_46B5678CC4A24F4AA166FBA0D99B16EE.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [07/12/2017 07:06:00] - [109207] - C:\Windows\Installer\{5493FC89-21E8-4D88-BCA1-4D33F1410968}\_853F67D554F05449430E7E.exe () - () [14/03/2019 22:53:09] - [59352] - C:\Windows\Installer\{5C7A5F94-02E9-4C5D-A594-B1F10865965A}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [25/02/2019 16:00:31] - [358360] - C:\Windows\Installer\{5FFF7119-74E8-442E-970E-50BAD81D5371}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [20/03/2019 21:48:12] - [110007] - C:\Windows\Installer\{61edd47c-c795-4f57-92f1-a20140231795}\controlPanelIcon.exe () - () [07/12/2017 07:02:02] - [59664] - C:\Windows\Installer\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}\ARPPRODUCTICON.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [14/03/2019 22:55:01] - [59352] - C:\Windows\Installer\{700C79E1-C8E3-454E-B760-CAFFE9F2A6AA}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [25/03/2019 20:10:30] - [53248] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\ARPPRODUCTICON.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:31] - [229376] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\collect_logs_46415E4E6A244A68BCD90E2A7BBBE92D.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:31] - [65536] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\eulaSc_8384FC6846E7455F813279C4A4BD7848.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:38] - [217088] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\faqSc_6850097D521D412C9D557BF6AAF77966.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:31] - [217088] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\OpenProductShortcu_7B40FA946E0C4B2BB676ACAD0C712C08.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:49] - [217088] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\OpenProductShortcu_9374267BBB8D415AB667F29A074CE29E.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:49] - [217088] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\OpenProductShortcu_E4EB4CA62A0B4356AC2B2A2F509B24DB.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:47] - [217088] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\privacySc_15450EAD0C55421290B773659CA982E3.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:47] - [217088] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\supportSc_00298BA3FA76493999ED2765008C425A.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 20:10:48] - [45056] - C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\UninstallShortcut_29E3AA1700F24071BDD9C28FB44BF35D.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [14/03/2019 22:54:54] - [59352] - C:\Windows\Installer\{7DE129E5-BB4A-4517-A6CD-C69EEB346781}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [14/03/2019 22:54:43] - [59352] - C:\Windows\Installer\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC.) - (InstallShield) [07/12/2017 07:06:13] - [372526] - C:\Windows\Installer\{87A08690-781E-4A8E-8300-775A2EA02932}\icon.exe () - () [15/03/2019 11:01:47] - [10134] - C:\Windows\Installer\{8D64B0CF-B925-4AC6-A7A7-9CDDC6733122}\I_SetupIcon.exe () - () [15/03/2019 11:01:47] - [4846] - C:\Windows\Installer\{8D64B0CF-B925-4AC6-A7A7-9CDDC6733122}\I__HelpIcon.exe () - () [15/03/2019 11:01:47] - [124033] - C:\Windows\Installer\{8D64B0CF-B925-4AC6-A7A7-9CDDC6733122}\I__ProgramIcon.exe () - () [17/03/2019 05:03:08] - [669696] - C:\Windows\Installer\{B709B962-53AA-446A-A733-95D1A6C5DE50}\CamtasiaIcons.exe () - () [07/12/2017 07:06:59] - [138667] - C:\Windows\Installer\{D21EED26-59C0-4315-BDCC-D682496465E9}\_853F67D554F05449430E7E.exe () - () [07/12/2017 07:06:59] - [138667] - C:\Windows\Installer\{D21EED26-59C0-4315-BDCC-D682496465E9}\_C99CA1BB496FD6B48BD347.exe () - () [22/03/2019 18:20:37] - [53248] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\ARPPRODUCTICON.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [229376] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\collect_logs_0CEF7DB7296B4A039FAE8EA6AAE968C0.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:39] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\DesktopOUTDATEfigh_C272B461619A4C97A904A0E3ABB46C5B.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [65536] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\eula_shortcut_C37361C725D74AB7BCC5FA4022E0CC35.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\faqShortcut_18DBFAE846FB4E8396F1DF2D2A44F8D0.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\OTDFQuickLaunchSho_613E7DD854804C118887E5C2334BEC0A.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:37] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\OUTDATEfighterShor_5758C9D68C974ADC98E826C66C5A6501.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\OUTDATEfighterShor_EDB09256466C4C97A4E882232CB0D404.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\privacyShortcut_CB5E683ED0FF4258AF788FA33BD022DE.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [102400] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\req_support_B88499ED99C741E88D5FCC5F21DB5674.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [22/03/2019 18:20:38] - [45056] - C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\UninstallShortcut_E345426E1BED4E97835AC4645E72B19C.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [25/03/2019 23:04:31] - [2108608] - C:\Windows\Installer\{F0CF025B-D6F3-4F7C-939B-23291F52875C}\ParagonLinuxFSforWindows.exe (Copyright (C) 2018) - (Graphic user interface for Linux File Systems for Windows by Paragon Software mounter) ---------- | %System%\*.in* [15/03/2019 05:48:53] - [3329] - C:\Windows\System32\ieuinit.inf [07/12/2017 23:46:15] - [4636986] - C:\Windows\System32\PerfStringBackup.INI [29/09/2017 14:41:57] - [60124] - C:\Windows\System32\tcpmon.ini [29/09/2017 14:41:41] - [2307] - C:\Windows\System32\WimBootCompress.ini [15/03/2019 07:34:34] - [2232] - C:\Windows\Syswow64\FolderLockAdrv.inf [15/03/2019 05:48:53] - [3329] - C:\Windows\Syswow64\ieuinit.inf [27/08/2002 00:42:18] - [1199] - C:\Windows\Syswow64\panadv.inf [29/09/2017 14:42:13] - [2307] - C:\Windows\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\AppPatch\Custom\Custom64 [MD5.00000000000000000000000000000000] - |DC| - [28/03/2019 18:19:26] - [0 Ko] - C:\Windows\Temp\5e1259eb-e419-4508-aa07-79b4bceb7df5 [MD5.00000000000000000000000000000000] - |DC| - [28/03/2019 16:21:41] - [0 Ko] - C:\Windows\Temp\ae7732ee-ad5c-424e-9e33-a0adb07b8e47 [MD5.00000000000000000000000000000000] - |DC| - [28/03/2019 16:29:20] - [0 Ko] - C:\Windows\Temp\avast_ash2 [MD5.00000000000000000000000000000000] - |DC| - [28/03/2019 16:18:46] - [0 Ko] - C:\Windows\Temp\bb2b61be-cc0f-4107-98ba-324210e0f05a [MD5.00000000000000000000000000000000] - |DC| - [28/03/2019 17:19:29] - [0 Ko] - C:\Windows\Temp\cf65f048-e0ca-467e-bd07-d101f5cf22c7 [MD5.E5B23D28B099419D23276D5DEE165066] - |AC| - [28/03/2019 16:24:44] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\Temp\FailureReportMetadata_19823.txt [MD5.0CF223E44D7C4BC6BDCD1C6713E183F5] - |AC| - [28/03/2019 16:31:21] - (.-.) - [18.34 Ko] - (0.0.0.0) - C:\Windows\Temp\HighPerformancePlan.log [MD5.00000000000000000000000000000000] - |DC| - [15/03/2019 08:26:40] - [1.44 Ko] - C:\Windows\Temp\Logs [MD5.38ECDEDFF4CEB5EB378BE3B51584C4CC] - |AC| - [28/03/2019 16:31:21] - (.-.) - [0.1 Ko] - (0.0.0.0) - C:\Windows\Temp\PowerPlan.log [MD5.0674F9DE7AE1460945A8B0181137F903] - |AC| - [28/03/2019 16:31:19] - (.-.) - [11.44 Ko] - (0.0.0.0) - C:\Windows\Temp\UsoStoreFile.xml [MD5.00000000000000000000000000000000] - |DC| - [15/03/2019 05:31:55] - [0 Ko] - C:\Windows\Temp\_avast_ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:15] - [0 Ko] - C:\Windows\System32\0409 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [29/09/2017 14:41:41] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\Windows\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [29/09/2017 14:41:27] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\Windows\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [29/09/2017 14:41:47] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\Windows\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [29/09/2017 14:41:33] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\Windows\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [29/09/2017 14:41:50] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\Windows\System32\@language_notification_icon.png [MD5.2B7002E9C7EA6B436F3A0F7C305AACD8] - |A| - [15/03/2019 05:46:00] - (.-.) - [0.5 Ko] - (0.0.0.0) - C:\Windows\System32\@NotifierToastIcon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [29/09/2017 14:41:56] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\Windows\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [29/09/2017 14:41:58] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\System32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [29/09/2017 14:42:07] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\Windows\System32\@WiFiNotificationIcon.png [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [29/09/2017 14:41:33] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [29/09/2017 14:41:41] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\System32\@WirelessDisplayToast.png [MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [29/09/2017 14:41:31] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\Windows\System32\@WwanNotificationIcon.png [MD5.85D91E478AF18125007C531227FF6E59] - |A| - [29/09/2017 14:41:31] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\Windows\System32\@WwanSimLockIcon.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:14] - [2985.4 Ko] - C:\Windows\System32\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\af-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [22 Ko] - C:\Windows\System32\am-ET [MD5.D0C50C113FE59C21AD59932E6B9C202F] - |A| - [28/03/2019 16:55:51] - (.-.) - [37.42 Ko] - (0.0.0.0) - C:\Windows\System32\ampa.sys [MD5.6DBFE2F49ADAA2E3683B93B437133734] - |A| - [07/12/2017 14:42:40] - (.-.) - [431.94 Ko] - (0.0.0.0) - C:\Windows\System32\ApnDatabase.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [2686.05 Ko] - C:\Windows\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [299 Ko] - C:\Windows\System32\ar-SA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\as-IN [MD5.10E0EBF0C78AD28D4F63FAB8581CB377] - |A| - [15/03/2019 05:30:27] - (.Copyright (c) 2019 AVAST Software - Avast start-up scanner.) - [354.38 Ko] - (19.3.4241.0) - C:\Windows\System32\aswBoot.exe [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [29/09/2017 14:41:25] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\Windows\System32\AverageRoom.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\be-BY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [287 Ko] - C:\Windows\System32\bg-BG [MD5.8B14F3DBC532A1AE1469EEB416F26165] - |A| - [15/03/2019 04:50:04] - (.Copyright (C) 2015-2020, BayHubTech/O2Micro. - Icon.) - [1843.86 Ko] - (1.0.0.6) - C:\Windows\System32\bhtv5Icon.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\bn-BD [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\bn-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [4949.7 Ko] - C:\Windows\System32\Boot [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\bs-Latn-BA [MD5.5712256A8FAB555CC50AEAC2A899A17A] - |A| - [29/09/2017 14:41:41] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [180.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0.1 Ko] - C:\Windows\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\ca-ES [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\System32\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:11] - [105510.77 Ko] - C:\Windows\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [64550.24 Ko] - C:\Windows\System32\catroot2 [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 06:47:21] - [12483.09 Ko] - C:\Windows\System32\cAVS [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [23 Ko] - C:\Windows\System32\chr-CHER-US [MD5.7ED14B31AEE181CCE4D3A2E4DFFA24E5] - |SH| - [15/03/2019 09:12:52] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\chsfzkmblhznywfd.dat [MD5.B56976738C58421BEB8189A6D5A6A66E] - |A| - [04/03/2019 22:39:16] - (.2005-2018 COMODO. - COMODO Internet Security.) - [50.59 Ko] - (11.0.0.6802) - C:\Windows\System32\cmdcsr.dll [MD5.7BE91946A1A9E03217624B3A117775D3] - |A| - [20/03/2019 13:00:08] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [329.18 Ko] - (1.3.50284.151) - C:\Windows\System32\cmdkbdcss64.dll [MD5.7C35203E529FFA1485B941BE7BACD144] - |A| - [04/03/2019 22:36:28] - (.2005-2018 COMODO. - COMODO Internet Security.) - [459.69 Ko] - (11.0.0.6802) - C:\Windows\System32\cmdvrt64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [3338.82 Ko] - C:\Windows\System32\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [373 Ko] - C:\Windows\System32\com [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:11] - [441907.74 Ko] - C:\Windows\System32\config [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:33] - [160.31 Ko] - C:\Windows\System32\Configuration [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [346 Ko] - C:\Windows\System32\cs-CZ [MD5.C08B76197C6FC8B8CCA63DFDE3A48503] - |A| - [20/03/2019 13:00:09] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [49.09 Ko] - (1.3.50284.151) - C:\Windows\System32\csscsr64.dll [MD5.18315E8C880660C91695B04348911794] - |A| - [20/03/2019 13:00:08] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [437.21 Ko] - (1.3.50284.151) - C:\Windows\System32\cssguard64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\System32\cy-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [342 Ko] - C:\Windows\System32\da-DK [MD5.F44338D6E9FBBBDFAB849988897CA626] - |A| - [15/03/2019 05:49:02] - (.-.) - [83 Ko] - (0.0.0.0) - C:\Windows\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [203.41 Ko] - C:\Windows\System32\DDFs [MD5.DF6465F349C9CBDF3FCEB3F198E8FCB6] - |A| - [28/03/2019 16:55:59] - (.-.) - [34.92 Ko] - (0.0.0.0) - C:\Windows\System32\ddmdrv.sys [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [386 Ko] - C:\Windows\System32\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [29/09/2017 14:41:26] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultAccountTile.png [MD5.26206C944AD7CDD1F50DD58868B32F7F] - |A| - [19/03/2017 11:30:58] - (.-.) - [64.38 Ko] - (0.0.0.0) - C:\Windows\System32\defaultCpff.aiqb [MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [29/09/2017 14:41:25] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [29/09/2017 14:46:41] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultQuestions.json [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:33] - [876 Ko] - C:\Windows\System32\DiagSvcs [MD5.5FF3FA1BFBB0CD05534F650EA27A6651] - |A| - [29/09/2017 14:41:45] - (.-.) - [90.75 Ko] - (0.0.0.0) - C:\Windows\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:13] - [9595.32 Ko] - C:\Windows\System32\Dism [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:13] - [1127.34 Ko] - C:\Windows\System32\downlevel [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:04] - [187456.79 Ko] - C:\Windows\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:11] - [2495846.27 Ko] - C:\Windows\System32\DriverStore [MD5.00000000000000000000000000000000] - |DC| - [25/03/2019 23:04:45] - [86.27 Ko] - C:\Windows\System32\DRVSTORE [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:33] - [336 Ko] - C:\Windows\System32\dsc [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [29/09/2017 14:41:25] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [29/09/2017 14:41:25] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [29/09/2017 14:41:25] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicShort.bin [MD5.10C38E1CA0D664F58E8B9F3645885E1D] - |A| - [15/03/2019 05:48:54] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\edgehtmlpluginpolicy.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [381.5 Ko] - C:\Windows\System32\el-GR [MD5.481FDBEEE807EEAADFD7143CA74467AF] - |A| - [30/04/2018 10:47:24] - (.Copyright (C) 2018 Engelmann Software. -.) - [1576.84 Ko] - (4.4.18.430) - C:\Windows\System32\EMRegSys44.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:16] - [3118 Ko] - C:\Windows\System32\en [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [17005.3 Ko] - C:\Windows\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [25300.6 Ko] - C:\Windows\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:11:38] - [3381 Ko] - C:\Windows\System32\es [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [44139.46 Ko] - C:\Windows\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [298.5 Ko] - C:\Windows\System32\es-MX [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [266.5 Ko] - C:\Windows\System32\et-EE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:33] - [28899.66 Ko] - C:\Windows\System32\F12 [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\fa-IR [MD5.BEB1E18B7F2CE225D7B8B246B896F5F1] - |A| - [15/03/2019 05:51:02] - (.-.) - [952.5 Ko] - (0.0.0.0) - C:\Windows\System32\FaceProcessor.dll [MD5.C009F5D7740AAC4BDC99EF7C62803C21] - |A| - [15/03/2019 05:51:03] - (.-.) - [263.28 Ko] - (0.0.0.0) - C:\Windows\System32\FaceProcessorCore.dll [MD5.812CDFD967D2E82A3D24FCAA5784749D] - |A| - [29/09/2017 14:41:33] - (.-.) - [1325.65 Ko] - (0.0.0.0) - C:\Windows\System32\FaceTrackerInternal.dll [MD5.E65D2A37B6D4445D0CD9234BA933475B] - |A| - [15/03/2019 05:48:17] - (.-.) - [72.96 Ko] - (0.0.0.0) - C:\Windows\System32\FeatureToastHeroImg.jpg [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [346 Ko] - C:\Windows\System32\fi-FI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\fil-PH [MD5.993FCF9D01728A6A3BBB13AE3A3FFABC] - |A| - [07/12/2017 23:39:23] - (.-.) - [243.13 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:15:55] - [3403 Ko] - C:\Windows\System32\fr [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [306.5 Ko] - C:\Windows\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [45084.6 Ko] - C:\Windows\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\ga-IE [MD5.D07F2281427BD098356EE74B6CB26B86] - |A| - [29/09/2017 14:42:03] - (.-.) - [89 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [34 Ko] - C:\Windows\System32\gd-GB [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [07/12/2017 07:03:13] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\System32\GfxValDisplayLog.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\System32\gl-ES [MD5.44A8F60A38C87271B582FE4DEEAF73E0] - |A| - [15/03/2019 05:50:41] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4762.5 Ko] - (3.10.5.5585) - C:\Windows\System32\gnsdk_fp.dll [MD5.D3294ACCC2B60A8754801D392C3E1820] - |A| - [07/12/2017 07:05:17] - (.- GripResetService.) - [21 Ko] - (1.0.0.6) - C:\Windows\System32\GripResetService.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\gu-IN [MD5.9736D0316780DC662B91C27328789B97] - |A| - [04/03/2019 22:38:58] - (.2005-2018 COMODO. - COMODO Internet Security.) - [904.13 Ko] - (11.0.0.6802) - C:\Windows\System32\guard64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [284 Ko] - C:\Windows\System32\he-IL [MD5.4CD16A9C15397E1FAD5F19E35A13BE58] - |A| - [29/09/2017 14:41:27] - (.-.) - [215.5 Ko] - (0.0.0.0) - C:\Windows\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\hi-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [278 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [352.5 Ko] - C:\Windows\System32\hu-HU [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\System32\hy-AM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:41] - [124.21 Ko] - C:\Windows\System32\hydrogen [MD5.A565537F1580872AE5B95D0CA457D780] - |A| - [29/09/2017 14:41:23] - (.-.) - [44.4 Ko] - (0.0.0.0) - C:\Windows\System32\hypervisor.mof [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [5.36 Ko] - C:\Windows\System32\ias [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.B124CE8AA3DA07EFF85AFA443CBE1B9A] - |RA| - [15/03/2019 05:49:55] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1856 Ko] - (59.1.0.0) - C:\Windows\System32\icuin.dll [MD5.54D8C41BCDFDFDC49A3185B972A92EB2] - |RA| - [15/03/2019 05:49:42] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1310 Ko] - (59.1.0.0) - C:\Windows\System32\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\id-ID [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27 Ko] - C:\Windows\System32\ig-NG [MD5.65F0FE85D2A3892A1D0030ACC197CB91] - |A| - [24/02/2017 10:20:54] - (.-.) - [279.8 Ko] - (0.0.0.0) - C:\Windows\System32\igfxCPL.cpl [MD5.19C3C8394B1A8EBE7CF61A8C0221C024] - |A| - [29/09/2017 14:41:25] - (.-.) - [168.5 Ko] - (0.0.0.0) - C:\Windows\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 07:01:24] - [2848.42 Ko] - C:\Windows\System32\ihvmanager [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [24877.17 Ko] - C:\Windows\System32\IME [MD5.922D5BABA5B7BA8253C6257B26FEDA6C] - |A| - [19/03/2017 11:30:58] - (.-.) - [188.18 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_CM500RF05SW700_SKY.cpf [MD5.1DE08BB9D54D2B2931D3A39695892511] - |A| - [19/03/2017 11:30:58] - (.-.) - [186.9 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_CM500RF05SW700_SKY_Video.cpf [MD5.C5D273F400B8EE5BEB81097D3E4FAF04] - |A| - [15/03/2019 04:50:45] - (.-.) - [162.62 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_FN50FF-562H_SKY.cpf [MD5.CFC5B24CA92142B55EF237208466205E] - |A| - [19/03/2017 11:30:58] - (.-.) - [162.38 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_FN50FF469H_SKY.cpf [MD5.330FA58DF5F4C4B6CC439FDEF04658CD] - |A| - [15/03/2019 04:51:17] - (.-.) - [40.5 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_FRONT.aiqd [MD5.29A8CA39130FCC8647014CFF162C608C] - |A| - [19/03/2017 11:30:58] - (.-.) - [221.56 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_NSMM4D5_SKY.cpf [MD5.AA6EFEDA4D5C5E22FF8EEB15CEF88098] - |A| - [19/03/2017 11:30:58] - (.-.) - [216.24 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_NSMM4D5_SKY_Video.cpf [MD5.F609489142774262ABD4AB204E56C4D9] - |A| - [15/03/2019 04:50:45] - (.-.) - [167.33 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_START2FRONT_SKY.cpf [MD5.B216175F6574C5D40A6BFFFEB28E8938] - |A| - [15/03/2019 04:50:45] - (.-.) - [167.26 Ko] - (0.0.0.0) - C:\Windows\System32\IMX241_START2FRONT_SKY_Video.cpf [MD5.74FC5B9C7CC049384CC51A5E11465BD6] - |A| - [15/03/2019 04:51:18] - (.-.) - [40.5 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_REAR.aiqd [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - |A| - [15/03/2019 04:50:45] - (.-.) - [270.35 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_START2REAR_SKY.cpf [MD5.E172D9B2DF8542B9BA124338476D65A8] - |A| - [19/03/2017 11:30:58] - (.-.) - [309.15 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_START2REAR_SKY_4KVideo.cpf [MD5.D5082A13FF3DA91F6DE930951F6DA404] - |A| - [19/03/2017 11:30:58] - (.-.) - [312.56 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_START2REAR_SKY_HD120fpsVideo.cpf [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - |A| - [15/03/2019 04:50:45] - (.-.) - [270.35 Ko] - (0.0.0.0) - C:\Windows\System32\IMX258_START2REAR_SKY_Video.cpf [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.2B6D7ACE8C37A726F442B69DA1AC8B4A] - |A| - [15/03/2019 05:49:24] - (.-.) - [180.02 Ko] - (0.0.0.0) - C:\Windows\System32\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [6389.5 Ko] - C:\Windows\System32\InputMethod [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 06:47:21] - [91413.77 Ko] - C:\Windows\System32\Intel [MD5.FC0CFC2A883FFD6B255F9C0A14F747A3] - |A| - [24/02/2017 10:20:55] - (.Copyright © The Khronos Group Inc 2016 - OpenCL Client DLL.) - [141.71 Ko] - (2.1.1.0) - C:\Windows\System32\Intel_OpenCL_ICD64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [0 Ko] - C:\Windows\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\is-IS [MD5.F2DB1D6AD6D0ED387DFFB914CDC151A4] - |A| - [20/03/2019 13:00:45] - (.2005-2018 COMODO. - Internet Security Essentials.) - [249.53 Ko] - (1.5.4695.175) - C:\Windows\System32\iseguard64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:30:11] - [3368.5 Ko] - C:\Windows\System32\it [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [42870.8 Ko] - C:\Windows\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [270.91 Ko] - C:\Windows\System32\ja-jp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\ka-GE [MD5.C781EC82ED4F82C42ABE87774B56009C] - |A| - [19/03/2017 14:35:14] - (.-.) - [457.41 Ko] - (0.0.0.0) - C:\Windows\System32\KBL_AIC64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28 Ko] - C:\Windows\System32\km-KH [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\System32\kn-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [262 Ko] - C:\Windows\System32\ko-KR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\kok-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\ky-KG [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [29/09/2017 14:41:25] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\Windows\System32\LargeRoom.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [33 Ko] - C:\Windows\System32\lb-LU [MD5.EEE38B21A9B514397EFCB66FF7AFDADC] - |SH| - [15/03/2019 09:12:52] - (.-.) - [0.13 Ko] - (0.0.0.0) - C:\Windows\System32\lgxzqgavzxsjwhkr.tbl [MD5.20E09FA2219BE2BF77A17AD7644176CA] - |A| - [15/03/2019 04:50:31] - (.-.) - [12143.58 Ko] - (0.0.0.0) - C:\Windows\System32\libia_cp64.dll [MD5.B209D959831AEF092817ECF8756F71B3] - |A| - [29/09/2017 14:41:58] - (.-.) - [776 Ko] - (0.0.0.0) - C:\Windows\System32\MBR2GPT.EXE [MD5.F2E9643DC05CD824F0E5525E5C940714] - |A| - [13/11/2017 02:29:30] - (.Copyright (C) 2016 - Samsung Modem Loader Service executable.) - [438.1 Ko] - (2.3.0.7) - C:\Windows\System32\MdmLdrSvc.exe [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [29/09/2017 14:41:25] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\Windows\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\mi-NZ [MD5.00000000000000000000000000000000] - |SD| - [07/12/2017 23:39:23] - [3.7 Ko] - C:\Windows\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [5631.06 Ko] - C:\Windows\System32\migration [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:33] - [47110.6 Ko] - C:\Windows\System32\migwiz [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\mk-MK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\ml-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\mn-MN [MD5.2CF0B546AA8A9863D54367948BF8AAB9] - |A| - [07/12/2017 07:11:19] - (.-.) - [1.08 Ko] - (0.0.0.0) - C:\Windows\System32\Modellist.txt [MD5.6E1EF1F6FBB2002AE726199EA2EDFACE] - |RA| - [10/11/2017 08:13:14] - (.-.) - [30433.5 Ko] - (0.0.0.0) - C:\Windows\System32\modem.bin [MD5.00000000000000000000000000000000] - |HD| - [07/12/2017 07:03:18] - [31068.88 Ko] - C:\Windows\System32\modem_core [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\mr-IN [MD5.00000000000000000000000000000000] - |D| - [15/03/2019 07:10:38] - [0 Ko] - C:\Windows\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\ms-MY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [45.5 Ko] - C:\Windows\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [4148.28 Ko] - C:\Windows\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\System32\mt-MT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [44.95 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [334 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\System32\NDF [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\System32\ne-NP [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [29/09/2017 14:42:03] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [51 Ko] - C:\Windows\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [359.5 Ko] - C:\Windows\System32\nl-NL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\nn-NO [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [3781.5 Ko] - C:\Windows\System32\Nui [MD5.34FFABE8384D7FD3A39D0A0073058FE7] - |A| - [07/12/2017 07:03:23] - (.-.) - [47.94 Ko] - (0.0.0.0) - C:\Windows\System32\nv_data.bin [MD5.19C3C27105083637FCF230BF0C04E0E0] - |A| - [07/12/2017 07:03:23] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\Windows\System32\nv_data.bin.md5 [MD5.B910E47C485808E59BC56E9FECE71E2A] - |A| - [07/12/2017 07:03:23] - (.-.) - [3.51 Ko] - (0.0.0.0) - C:\Windows\System32\nv_log.txt [MD5.5D4A5E27D573738E0C8C8FF4C0715DAF] - |A| - [29/09/2017 14:46:43] - (.-.) - [17.16 Ko] - (0.0.0.0) - C:\Windows\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [15946.68 Ko] - C:\Windows\System32\oobe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\or-IN [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [29/09/2017 14:41:25] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\Windows\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\pa-IN [MD5.AD93D5412F3A30D74D6FD5D7053CCB48] - |A| - [12/05/2017 03:42:25] - (.-.) - [375.45 Ko] - (0.0.0.0) - C:\Windows\System32\PanelManagerSvc.exe [MD5.0EF4602DD100C4D7AC655B55289CF5FD] - |A| - [29/09/2017 14:48:30] - (.-.) - [226.86 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.EF7B4AB4CA236508B4174D40E790A4FC] - |A| - [07/12/2017 14:11:42] - (.-.) - [248.28 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00A.dat [MD5.5FCFF8FEB2BEC05066616FB8441ED608] - |A| - [07/12/2017 14:15:59] - (.-.) - [249.88 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat [MD5.FFBF9270ABBDE02D81113310C6050977] - |A| - [07/12/2017 14:30:15] - (.-.) - [239.06 Ko] - (0.0.0.0) - C:\Windows\System32\perfc010.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [29/09/2017 14:48:30] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.08728AEF33BBAC5884423C1597E74A29] - |A| - [07/12/2017 14:11:42] - (.-.) - [42.92 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00A.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [07/12/2017 14:15:59] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat [MD5.4F32511BD6124C1B65C8F7FCD244A82B] - |A| - [07/12/2017 14:30:15] - (.-.) - [38.93 Ko] - (0.0.0.0) - C:\Windows\System32\perfd010.dat [MD5.ADA42AB32CA89FDC0467DBA581CF7D34] - |A| - [29/09/2017 14:48:30] - (.-.) - [872.24 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.C24C43354AC103824039D580A80EC6E6] - |A| - [07/12/2017 14:11:42] - (.-.) - [946.12 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00A.dat [MD5.17554ED76F79FAFE40319EFD67E038C7] - |A| - [07/12/2017 14:15:59] - (.-.) - [1103.31 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat [MD5.96B80F84482D9763651C717663E2EE31] - |A| - [07/12/2017 14:30:15] - (.-.) - [938.67 Ko] - (0.0.0.0) - C:\Windows\System32\perfh010.dat [MD5.2C3949505964F25E743D36A20C2468F1] - |A| - [07/12/2017 23:46:15] - (.-.) - [4528.31 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 07:11:19] - [353.13 Ko] - C:\Windows\System32\Phonexml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [358.5 Ko] - C:\Windows\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [708.5 Ko] - C:\Windows\System32\PointOfService [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [1806.4 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.0225FC6F0D91F84B44CE252487D8D725] - |A| - [23/03/2019 04:54:25] - (.Copyright (C) 2008-2013 - Video-Codec by proDAD.) - [593.02 Ko] - (1.0.18.0) - C:\Windows\System32\prodad-codec.dll [MD5.A14E6B78E10DE725955CC39EAADF4046] - |A| - [23/03/2019 04:54:21] - (.Copyright (C) 2008 - Part of the proDAD.) - [367.52 Ko] - (1.0.4.0) - C:\Windows\System32\proDAD-PA-Support.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\System32\ProximityToast [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\prs-AF [MD5.007893E8374C766471239EB291BA8C17] - |A| - [29/09/2017 14:42:04] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\Windows\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [359.5 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [355 Ko] - C:\Windows\System32\pt-PT [MD5.8F81AAE120E5A058E1D311E012965A96] - |A| - [15/03/2019 04:50:35] - (.-.) - [30826.06 Ko] - (0.0.0.0) - C:\Windows\System32\pvl64.dll [MD5.72F089FAC0BD345EA11965B5E5179435] - |A| - [15/03/2019 04:50:37] - (.-.) - [494.06 Ko] - (0.0.0.0) - C:\Windows\System32\pvl_perspective_control64.dll [MD5.9B8E48ACB0D2BD037A11E247F31117A8] - |A| - [15/03/2019 04:50:37] - (.-.) - [133.59 Ko] - (0.0.0.0) - C:\Windows\System32\pvl_skin_smoothing_denoising64.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\quz-PE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [23.75 Ko] - C:\Windows\System32\ras [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\System32\RasToast [MD5.49A390CA472675F87262798CBD46BBEA] - |A| - [13/11/2017 02:29:37] - (.Copyright (C) 2016 - Samsung Radio Control Delegation Service executable.) - [460.1 Ko] - (2.3.0.7) - C:\Windows\System32\RCDService.exe [MD5.692DC6EF573FFCDD9DFB55D1C783DB93] - |A| - [29/09/2017 14:41:23] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\Windows\System32\removehypervisor.mof [MD5.E17EAD4E09FB96BD6DB717CB605B17F1] - |A| - [29/09/2017 14:42:06] - (.-.) - [8.86 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriHMImageList [MD5.8286304CD9A20E2A4621D931F1CEF5CB] - |A| - [29/09/2017 14:42:06] - (.-.) - [8.28 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriImageList [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0.07 Ko] - C:\Windows\System32\restore [MD5.D07E424408708A52CC5680F2C552EE5A] - |A| - [07/12/2017 07:04:05] - (.-.) - [17.07 Ko] - (0.0.0.0) - C:\Windows\System32\results.xml [MD5.3767825203BB89C66309BFE62E75E6D2] - |A| - [15/03/2019 05:50:47] - (.-.) - [95.5 Ko] - (0.0.0.0) - C:\Windows\System32\runexehelper.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\rw-RW [MD5.0EF31C4363277197B9528FDC80128B7E] - |A| - [19/01/2017 21:30:00] - (.Copyright (C) 2017 -.) - [26.61 Ko] - (1.0.48.0) - C:\Windows\System32\SamsungSystemAgentInstaller.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [29/09/2017 14:43:11] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.png [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\sd-Arab-PK [MD5.99F86B98160742F3395A688D70B45FF5] - |A| - [13/11/2017 02:29:37] - (.-.) - [162.6 Ko] - (0.0.0.0) - C:\Windows\System32\SecRilProxy.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [6.92 Ko] - C:\Windows\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [29/09/2017 14:42:04] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [15/03/2019 10:48:27] - [7395 Ko] - C:\Windows\System32\ShellExtBridge [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\si-LK [MD5.55AA2F021E09B07B7F36E1C1F439C1E8] - |A| - [07/12/2017 14:12:45] - (.-.) - [241.46 Ko] - (0.0.0.0) - C:\Windows\System32\SingleBom.xml [MD5.9600A53FFCD61F92ED1933AF66EF2E42] - |A| - [07/12/2017 14:12:45] - (.-.) - [951.41 Ko] - (0.0.0.0) - C:\Windows\System32\SingleBom2.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [283 Ko] - C:\Windows\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [279.5 Ko] - C:\Windows\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 23:39:23] - [29134.33 Ko] - C:\Windows\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [202.87 Ko] - C:\Windows\System32\slmgr [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [29/09/2017 14:41:25] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\Windows\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:11] - [13385.02 Ko] - C:\Windows\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [29/09/2017 14:41:12] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.png [MD5.8D30AAF519A40D69F6BABFFD60C75E56] - |A| - [15/03/2019 05:49:09] - (.-.) - [37 Ko] - (0.0.0.0) - C:\Windows\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [7882.4 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [12629.58 Ko] - C:\Windows\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [39321.73 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [8001.51 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [23.61 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\System32\sq-AL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [282 Ko] - C:\Windows\System32\sr-Latn-RS [MD5.B461D2CE1D93ADAB10E0E5495A06E403] - |A| - [29/09/2017 14:42:07] - (.-.) - [16.74 Ko] - (0.0.0.0) - C:\Windows\System32\srms-apr.dat [MD5.047BCF71FB0E5EC754437879E8DAA7F6] - |A| - [29/09/2017 14:42:00] - (.-.) - [56.38 Ko] - (0.0.0.0) - C:\Windows\System32\srms.dat [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [30360 Ko] - C:\Windows\System32\sru [MD5.1BA92CDCF58B0D7D298CC09799B4D431] - |A| - [29/09/2017 14:41:25] - (.-.) - [410 Ko] - (0.0.0.0) - C:\Windows\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [341 Ko] - C:\Windows\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\sw-KE [MD5.AE80F089FF890EF483FDB82B9F2A2EA8] - |A| - [15/03/2019 06:58:58] - (.-.) - [0.31 Ko] - (0.0.0.0) - C:\Windows\System32\swhealthex.log [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:13] - [1341.9 Ko] - C:\Windows\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [930.28 Ko] - C:\Windows\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [34 Ko] - C:\Windows\System32\ta-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [598.84 Ko] - C:\Windows\System32\Tasks [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [29/09/2017 14:41:57] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\te-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32 Ko] - C:\Windows\System32\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [260 Ko] - C:\Windows\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [22.5 Ko] - C:\Windows\System32\ti-ET [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\System32\tk-TM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\System32\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 07:03:18] - [330.69 Ko] - C:\Windows\System32\ToastGenerator [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [336 Ko] - C:\Windows\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [29/09/2017 14:42:07] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [29/09/2017 14:42:07] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\System32\tt-RU [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28 Ko] - C:\Windows\System32\ug-CN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [277.5 Ko] - C:\Windows\System32\uk-UA [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [2739.92 Ko] - C:\Windows\System32\UNP [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\System32\ur-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32 Ko] - C:\Windows\System32\uz-Latn-UZ [MD5.DD4447DFCB5018987FDA850C6BCDE2A7] - |A| - [07/12/2017 07:11:19] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\System32\VersionID.txt [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\System32\vi-VN [MD5.F6580F5D0408FCD200F535F08BEA1C18] - |A| - [23/11/2016 01:22:56] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [259.28 Ko] - (1.0.33.0) - C:\Windows\System32\vulkan-1-1-0-33-0.dll [MD5.179798523995687C5A0B49B762827007] - |A| - [15/03/2019 05:01:30] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [991 Ko] - (1.1.92.1) - C:\Windows\System32\vulkan-1-999-0-0-0.dll [MD5.179798523995687C5A0B49B762827007] - |A| - [15/03/2019 05:01:30] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [991 Ko] - (1.1.92.1) - C:\Windows\System32\vulkan-1.dll [MD5.324D0656179A6237150B851A03F2FB17] - |A| - [23/11/2016 01:22:24] - (.-.) - [122.28 Ko] - (0.0.0.0) - C:\Windows\System32\vulkaninfo-1-1-0-33-0.exe [MD5.B23B857ED2A89D932DC091CADFA176E3] - |A| - [15/03/2019 04:58:41] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [248.97 Ko] - (1.1.92.1) - C:\Windows\System32\vulkaninfo-1-999-0-0-0.exe [MD5.B23B857ED2A89D932DC091CADFA176E3] - |A| - [15/03/2019 04:58:41] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [248.97 Ko] - (1.1.92.1) - C:\Windows\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [125802.85 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [0 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [136513.6 Ko] - C:\Windows\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [29/09/2017 14:41:40] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [1.12 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [80360.22 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.1E38A547C9380DAB0F0692E1EE9CC5B3] - |A| - [29/09/2017 14:41:27] - (.-.) - [102.5 Ko] - (0.0.0.0) - C:\Windows\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [10453.51 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [134956 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [5286.48 Ko] - C:\Windows\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [419.85 Ko] - C:\Windows\System32\winrm [MD5.63CFE4B848F85D1883FE8D9F1820B667] - |A| - [19/05/2017 08:38:06] - (.Copyright (C) 2015 Samsung Electronics Co., Ltd. - WLAN SAR Service.) - [54.5 Ko] - (1.0.0.7) - C:\Windows\System32\WlSarService.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\System32\wo-SN [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [29/09/2017 14:42:07] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\Windows\System32\wpcmon.png [MD5.D224E07A6F89FD14C3FD8A83127811CC] - |A| - [29/09/2017 14:41:43] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\Windows\System32\wpr.config.xml [MD5.200BCDE9B44C32B1633B68A9AADA8AAA] - |A| - [29/09/2017 14:41:25] - (.-.) - [78 Ko] - (0.0.0.0) - C:\Windows\System32\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\System32\yo-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [260.04 Ko] - C:\Windows\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [225.5 Ko] - C:\Windows\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\System32\zu-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [0 Ko] - C:\Windows\SysWOW64\0409 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [29/09/2017 14:42:13] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [29/09/2017 14:42:11] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [29/09/2017 14:42:24] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [29/09/2017 14:42:13] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@WirelessDisplayToast.png [MD5.AD666E2117B38BC7D2479DB29873753B] - |A| - [28/03/2019 12:41:06] - (.Copyright © 2002 by Vigovsky Alexander - ac3filter.) - [168 Ko] - (0.6.8.0) - C:\Windows\SysWOW64\ac3filter.cpl [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 09:45:15] - [2001.4 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\af-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [22 Ko] - C:\Windows\SysWOW64\am-ET [MD5.D0C50C113FE59C21AD59932E6B9C202F] - |A| - [28/03/2019 16:55:51] - (.-.) - [37.42 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ampa.sys [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [280.5 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\as-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\az-Latn-AZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\be-BY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [265.5 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.8B14F3DBC532A1AE1469EEB416F26165] - |A| - [15/03/2019 04:50:04] - (.Copyright (C) 2015-2020, BayHubTech/O2Micro. - Icon.) - [1843.86 Ko] - (1.0.0.6) - C:\Windows\SysWOW64\bhtv5Icon.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\bn-BD [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\bn-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\bs-Latn-BA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0.1 Ko] - C:\Windows\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\ca-ES [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\SysWOW64\ca-ES-valencia [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [23 Ko] - C:\Windows\SysWOW64\chr-CHER-US [MD5.BC3B6239D0F74FFA152FCE165CFB6424] - |A| - [20/03/2019 13:00:06] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [261.18 Ko] - (1.3.50284.151) - C:\Windows\SysWOW64\cmdkbdcss32.dll [MD5.A6DE9F867ED5C583347ACE03AEF74A98] - |A| - [04/03/2019 22:34:52] - (.2005-2018 COMODO. - COMODO Internet Security.) - [364.69 Ko] - (11.0.0.6802) - C:\Windows\SysWOW64\cmdvrt32.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [330 Ko] - C:\Windows\SysWOW64\com [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [33987.29 Ko] - C:\Windows\SysWOW64\config [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [160.31 Ko] - C:\Windows\SysWOW64\Configuration [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [325 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.5FD2AB268E79600FED51E072EB69F8B2] - |A| - [20/03/2019 13:00:08] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [341.3 Ko] - (1.3.50284.151) - C:\Windows\SysWOW64\cssguard32.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\SysWOW64\cy-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [322 Ko] - C:\Windows\SysWOW64\da-DK [MD5.877B7E3E7C3574DE6A4C4E890EABDC4F] - |A| - [28/03/2019 16:55:59] - (.-.) - [32.42 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ddmdrv.sys [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [364 Ko] - C:\Windows\SysWOW64\de-DE [MD5.C04ED7B2794D40E8E777FD44ED44FC50] - |A| - [29/09/2017 14:42:09] - (.-.) - [0.36 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\DefaultAccountTile.png [MD5.26206C944AD7CDD1F50DD58868B32F7F] - |A| - [19/03/2017 11:30:58] - (.-.) - [64.38 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\defaultCpff.aiqb [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [200.5 Ko] - C:\Windows\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [7730.7 Ko] - C:\Windows\SysWOW64\Dism [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [1079.58 Ko] - C:\Windows\SysWOW64\downlevel [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [3502.94 Ko] - C:\Windows\SysWOW64\drivers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0.75 Ko] - C:\Windows\SysWOW64\DriverStore [MD5.9B8413CAD2279F7D2C92506270FD820E] - |A| - [11/12/2002 09:19:59] - (.Copyright (C) 2001-2002 Gabest - DirectVobSub.) - [244 Ko] - (2.0.23.0) - C:\Windows\SysWOW64\DVobSub.ax [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [358.5 Ko] - C:\Windows\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [3118 Ko] - C:\Windows\SysWOW64\en [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [13663.06 Ko] - C:\Windows\SysWOW64\en-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [21167.31 Ko] - C:\Windows\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:11:40] - [3128 Ko] - C:\Windows\SysWOW64\es [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [36790.04 Ko] - C:\Windows\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [277 Ko] - C:\Windows\SysWOW64\es-MX [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [247.5 Ko] - C:\Windows\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\eu-ES [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [24785.16 Ko] - C:\Windows\SysWOW64\F12 [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\fa-IR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [325 Ko] - C:\Windows\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\fil-PH [MD5.5A3BCFCCEAA2C9950532BCE313BAB55C] - |A| - [15/03/2019 07:34:34] - (.-.) - [2.18 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\FolderLockAdrv.inf [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:15:56] - [3149.5 Ko] - C:\Windows\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [284 Ko] - C:\Windows\SysWOW64\fr-CA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [37532.15 Ko] - C:\Windows\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\ga-IE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [34 Ko] - C:\Windows\SysWOW64\gd-GB [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\SysWOW64\gl-ES [MD5.1E91815C329345AD54FE08BF7A98F749] - |A| - [15/03/2019 05:50:37] - (.Copyright (C) 2017 - Gracenote SDK component.) - [4073.5 Ko] - (3.10.5.5585) - C:\Windows\SysWOW64\gnsdk_fp.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\gu-IN [MD5.7F6A10AF073204F0BFEA03296A719DF8] - |A| - [04/03/2019 22:39:04] - (.2005-2018 COMODO. - COMODO Internet Security.) - [695.53 Ko] - (11.0.0.6802) - C:\Windows\SysWOW64\guard32.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\ha-Latn-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [266.5 Ko] - C:\Windows\SysWOW64\he-IL [MD5.3A7F920893FD6F49BC4CC07B72914013] - |A| - [29/09/2017 14:42:09] - (.-.) - [188.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\hi-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [258 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [331 Ko] - C:\Windows\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\SysWOW64\hy-AM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml [MD5.9D0FDC241ECD537B7DE219A98A726563] - |RA| - [15/03/2019 05:49:35] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1602.5 Ko] - (59.1.0.0) - C:\Windows\SysWOW64\icuin.dll [MD5.C18014A1063903CC299E4045C93F862B] - |RA| - [15/03/2019 05:49:33] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1131.5 Ko] - (59.1.0.0) - C:\Windows\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\id-ID [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27 Ko] - C:\Windows\SysWOW64\ig-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [20706.67 Ko] - C:\Windows\SysWOW64\IME [MD5.922D5BABA5B7BA8253C6257B26FEDA6C] - |A| - [19/03/2017 11:30:58] - (.-.) - [188.18 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_CM500RF05SW700_SKY.cpf [MD5.1DE08BB9D54D2B2931D3A39695892511] - |A| - [19/03/2017 11:30:58] - (.-.) - [186.9 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_CM500RF05SW700_SKY_Video.cpf [MD5.C5D273F400B8EE5BEB81097D3E4FAF04] - |A| - [15/03/2019 04:50:45] - (.-.) - [162.62 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_FN50FF-562H_SKY.cpf [MD5.CFC5B24CA92142B55EF237208466205E] - |A| - [19/03/2017 11:30:58] - (.-.) - [162.38 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_FN50FF469H_SKY.cpf [MD5.29A8CA39130FCC8647014CFF162C608C] - |A| - [19/03/2017 11:30:58] - (.-.) - [221.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_NSMM4D5_SKY.cpf [MD5.AA6EFEDA4D5C5E22FF8EEB15CEF88098] - |A| - [19/03/2017 11:30:58] - (.-.) - [216.24 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_NSMM4D5_SKY_Video.cpf [MD5.F609489142774262ABD4AB204E56C4D9] - |A| - [15/03/2019 04:50:45] - (.-.) - [167.33 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_START2FRONT_SKY.cpf [MD5.B216175F6574C5D40A6BFFFEB28E8938] - |A| - [15/03/2019 04:50:45] - (.-.) - [167.26 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX241_START2FRONT_SKY_Video.cpf [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - |A| - [15/03/2019 04:50:45] - (.-.) - [270.35 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX258_START2REAR_SKY.cpf [MD5.E172D9B2DF8542B9BA124338476D65A8] - |A| - [19/03/2017 11:30:58] - (.-.) - [309.15 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX258_START2REAR_SKY_4KVideo.cpf [MD5.D5082A13FF3DA91F6DE930951F6DA404] - |A| - [19/03/2017 11:30:58] - (.-.) - [312.56 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX258_START2REAR_SKY_HD120fpsVideo.cpf [MD5.6B1CD2FED17DF605E9721AF5CF0970C7] - |A| - [15/03/2019 04:50:45] - (.-.) - [270.35 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\IMX258_START2REAR_SKY_Video.cpf [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\inetsrv [MD5.4CED7C72B126C457F5E00A943B18B924] - |A| - [15/03/2019 05:49:21] - (.-.) - [146.45 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\InputHost.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [218.5 Ko] - C:\Windows\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield [MD5.E444C15CD99DE0407A7E9125F609C493] - |A| - [24/02/2017 10:20:55] - (.Copyright © The Khronos Group Inc 2016 - OpenCL Client DLL.) - [117.23 Ko] - (2.1.1.0) - C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\is-IS [MD5.F5BE56A8A18B3315935EE3AA8F920010] - |A| - [20/03/2019 13:00:45] - (.2005-2018 COMODO. - Internet Security Essentials.) - [200.71 Ko] - (1.5.4695.175) - C:\Windows\SysWOW64\iseguard32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:30:12] - [3116 Ko] - C:\Windows\SysWOW64\it [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [35606.25 Ko] - C:\Windows\SysWOW64\it-IT [MD5.214F51F66802C851F1C50BC662EDA828] - |A| - [19/03/2017 14:35:10] - (.-.) - [398.41 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\KBL_AIC.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\kk-KZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28 Ko] - C:\Windows\SysWOW64\km-KH [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\SysWOW64\kn-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [249 Ko] - C:\Windows\SysWOW64\ko-KR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\kok-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\ku-Arab-IQ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\ky-KG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [33 Ko] - C:\Windows\SysWOW64\lb-LU [MD5.B3F9F1DAF735F5FAF167542C5C79E494] - |A| - [24/02/2017 10:20:56] - (.-.) - [144.21 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libEGL.dll [MD5.0379A7F33DB3097E87D51AC91278F07F] - |A| - [24/02/2017 10:20:56] - (.-.) - [123.23 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libGLESv1_CM.dll [MD5.56335027A2B5C73AFB97F85B5E0CD4CA] - |A| - [24/02/2017 10:20:56] - (.-.) - [157.73 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libGLESv2.dll [MD5.D6834D1BA5633B96C628EC62AFE9241C] - |A| - [19/03/2017 14:35:16] - (.-.) - [10144.91 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\libia_cp.dll [MD5.61A0E62679B865D98C941F8D58CB907B] - |A| - [28/03/2019 12:41:06] - (.Copyright (C) 1990-2001 Morgan Multimedia. - MM Switcher.) - [50.5 Ko] - (0.9.7.0) - C:\Windows\SysWOW64\MMSwitch.ax [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\mn-MN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\mr-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\ms-MY [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [45.5 Ko] - C:\Windows\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc [MD5.DF252F37880142ED5574C2BE4DADF5A7] - |A| - [15/03/2019 05:28:26] - (.-.) - [206 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\msvcrt10.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31 Ko] - C:\Windows\SysWOW64\mt-MT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [44.95 Ko] - C:\Windows\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [315 Ko] - C:\Windows\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\SysWOW64\ne-NP [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [51 Ko] - C:\Windows\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [338 Ko] - C:\Windows\SysWOW64\nl-NL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\nn-NO [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\nso-ZA [MD5.00000000000000000000000000000000] - |SD| - [29/09/2017 14:46:34] - [3781.5 Ko] - C:\Windows\SysWOW64\Nui [MD5.591E81D5E8CF862D6F12C2E2E53D87C1] - |A| - [15/03/2019 07:34:09] - (.-.) - [40 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\nwsftUninstall.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [650.72 Ko] - C:\Windows\SysWOW64\oobe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\or-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [28.5 Ko] - C:\Windows\SysWOW64\pa-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\pa-IN [MD5.C412BBA31B6443874BC677B92620B161] - |A| - [27/08/2002 00:42:18] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\panadv.inf [MD5.C998E69D8884F49D0A6316DF96BA3DF2] - |A| - [19/11/1999 15:49:50] - (.Copyright (C) Matsushita Electric 1998 - DV Video for Windows Driver.) - [259.57 Ko] - (2.64.1119.1600) - C:\Windows\SysWOW64\pdvcodec.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [336.5 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [1806.38 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\prs-AF [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [338.5 Ko] - C:\Windows\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [333.5 Ko] - C:\Windows\SysWOW64\pt-PT [MD5.D5315B9A346EA9AEAD836DBCE8FED34A] - |A| - [19/03/2017 14:35:32] - (.-.) - [15023.41 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\pvl.dll [MD5.6BE006E30928C81322196A1949B042E2] - |A| - [19/03/2017 14:35:38] - (.-.) - [749.91 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\pvl_perspective_control.dll [MD5.70A36915F333E318C67E463375F192BF] - |A| - [19/03/2017 14:35:44] - (.-.) - [108.41 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\pvl_skin_smoothing_denoising.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\quc-Latn-GT [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\quz-PE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [23.75 Ko] - C:\Windows\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0.82 Ko] - C:\Windows\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [261.5 Ko] - C:\Windows\SysWOW64\ro-RO [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 06:47:24] - [2214.8 Ko] - C:\Windows\SysWOW64\RTCOM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [329.5 Ko] - C:\Windows\SysWOW64\ru-RU [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\rw-RW [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\sd-Arab-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\si-LK [MD5.55AA2F021E09B07B7F36E1C1F439C1E8] - |A| - [07/12/2017 14:12:45] - (.-.) - [241.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\SingleBom.xml [MD5.9600A53FFCD61F92ED1933AF66EF2E42] - |A| - [07/12/2017 14:12:45] - (.-.) - [951.41 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\SingleBom2.xml [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [261 Ko] - C:\Windows\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [259 Ko] - C:\Windows\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [202.87 Ko] - C:\Windows\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\SMI [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [4241.4 Ko] - C:\Windows\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [9043.49 Ko] - C:\Windows\SysWOW64\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [1319.31 Ko] - C:\Windows\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [23.61 Ko] - C:\Windows\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30.5 Ko] - C:\Windows\SysWOW64\sq-AL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\sr-Cyrl-BA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\sr-Cyrl-RS [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [262 Ko] - C:\Windows\SysWOW64\sr-Latn-RS [MD5.B461D2CE1D93ADAB10E0E5495A06E403] - |A| - [29/09/2017 14:42:27] - (.-.) - [16.74 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\sru [MD5.30FE146E2F0712AFEEA1ECF3E0EA270C] - |A| - [29/09/2017 14:42:09] - (.-.) - [302 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [321.5 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\sw-KE [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:17] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [34 Ko] - C:\Windows\SysWOW64\ta-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\te-IN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32 Ko] - C:\Windows\SysWOW64\tg-Cyrl-TJ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [241 Ko] - C:\Windows\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [22.5 Ko] - C:\Windows\SysWOW64\ti-ET [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\SysWOW64\tk-TM [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32.5 Ko] - C:\Windows\SysWOW64\tn-ZA [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [316.5 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.5DF89E27F8161E0105D129EB32AFD06F] - |A| - [15/10/2002 23:54:04] - (.-.) - [149.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\unrar.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29.5 Ko] - C:\Windows\SysWOW64\ur-PK [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [32 Ko] - C:\Windows\SysWOW64\uz-Latn-UZ [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [31.5 Ko] - C:\Windows\SysWOW64\vi-VN [MD5.C4F97E10038EDC4E772480B0DA11B9D8] - |A| - [11/12/2002 09:19:32] - (.Copyright (C) 2000-2002 Gabest - vobsub.) - [360 Ko] - (2.0.23.0) - C:\Windows\SysWOW64\vobsub.dll [MD5.1083642C30E7A3F79D565698BC1B70E4] - |A| - [23/11/2016 01:23:44] - (.Copyright (C) 2015-2016 - Vulkan Loader.) - [265.28 Ko] - (1.0.33.0) - C:\Windows\SysWOW64\vulkan-1-1-0-33-0.dll [MD5.8F224D31DA0884C547AB6E65C2CBBE93] - |A| - [15/03/2019 05:01:30] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [858 Ko] - (1.1.92.1) - C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll [MD5.8F224D31DA0884C547AB6E65C2CBBE93] - |A| - [15/03/2019 05:01:30] - (.Copyright (C) 2015-2018 - Vulkan Loader.) - [858 Ko] - (1.1.92.1) - C:\Windows\SysWOW64\vulkan-1.dll [MD5.900B60ECDDF695C0A55CA7C82AD75668] - |A| - [23/11/2016 01:23:14] - (.-.) - [108.28 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\vulkaninfo-1-1-0-33-0.exe [MD5.AA008CDFA795097F16F18170FF5FB815] - |A| - [15/03/2019 04:58:41] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [223.97 Ko] - (1.1.92.0) - C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe [MD5.AA008CDFA795097F16F18170FF5FB815] - |A| - [15/03/2019 04:58:41] - (.Copyright (C) 2015-2018 - Vulkan Info.) - [223.97 Ko] - (1.1.92.0) - C:\Windows\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [25071.71 Ko] - C:\Windows\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:18] - [0 Ko] - C:\Windows\SysWOW64\WCN [MD5.ACC1181C0AA4D01B537F53A1CC33E766] - |A| - [29/09/2017 14:42:09] - (.-.) - [90 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [9617.54 Ko] - C:\Windows\SysWOW64\WindowsPowerShell [MD5.FFD2F3835BC170C7B3858F326262EBDA] - |A| - [15/03/2019 07:34:32] - (.-.) - [35.62 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WinFLAdrv.sys [MD5.503E4A64E8FB731D415510B676F2BFFA] - |A| - [15/03/2019 07:34:11] - (.-.) - [13.85 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WinFLMsgService.exe [MD5.A3B55D9B3F656E4F82C5D79C632B0038] - |A| - [15/03/2019 07:34:12] - (.2002-2018 © NewSoftwares.net - Service Application.) - [92.51 Ko] - (7.7.1.0) - C:\Windows\SysWOW64\WinFLService.exe [MD5.14E6BAFD6C80C9D0E2E31A6BC40479C7] - |A| - [15/03/2019 07:34:08] - (.2002-2018 © NewSoftwares.net - Folder Lock.) - [328.01 Ko] - (7.7.1.0) - C:\Windows\SysWOW64\WinFLTray.exe [MD5.14E6BAFD6C80C9D0E2E31A6BC40479C7] - |A| - [15/03/2019 07:34:07] - (.2002-2018 © NewSoftwares.net - Folder Lock.) - [328.01 Ko] - (7.7.1.0) - C:\Windows\SysWOW64\WinFLTrayShred.exe [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [5286.49 Ko] - C:\Windows\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:41:18] - [419.85 Ko] - C:\Windows\SysWOW64\winrm [MD5.3CC985A4E7D90F5B6D9FF1FD5CD486D7] - |A| - [15/03/2019 07:34:30] - (.Copyright © 1998-2011 NewSoftwares.net, Inc. - Virtual Encryption Driver.) - [220.39 Ko] - (7.0.0.0) - C:\Windows\SysWOW64\WinVDEdrv.sys [MD5.2D446F342467128EA389CF44EC79C2BA] - |A| - [15/03/2019 07:34:31] - (.-.) - [193.02 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WinVDEdrv6.sys [MD5.F2ECB87B996541BF44B55D301586E2C5] - |AS| - [15/03/2019 11:44:42] - (.-.) - [11.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\win_flfiles_sys.dat [MD5.A1A8919960FB16CE0B4CEDF6B1864939] - |AS| - [15/03/2019 11:44:42] - (.-.) - [3.38 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\win_stlthdb_sys.dat [MD5.128EC62FF59A59BEB5772E52ED8D3148] - |A| - [10/09/1999 12:06:00] - (.Copyright © 1989-1999 Adaptec, Inc. - ASPI for Win32 (95/NT) DLL.) - [44 Ko] - (4.6.0.1021) - C:\Windows\SysWOW64\WNASPI32.DLL [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [27.5 Ko] - C:\Windows\SysWOW64\wo-SN [MD5.E1FEDF746C5EE63886B06756867F728C] - |A| - [11/10/2017 03:42:25] - (.Copyright (C) 2012 - WSABI.) - [42.28 Ko] - (1.0.0.3) - C:\Windows\SysWOW64\wsabi.dll [MD5.12D91C9A9837995A137ACE4B2E674918] - |A| - [29/09/2017 14:42:09] - (.-.) - [54.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xboxgipsynthetic.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\xh-ZA [MD5.00000000000000000000000000000000] - |D| - [07/12/2017 14:11:41] - [30.47 Ko] - C:\Windows\SysWOW64\XPSViewer [MD5.9C45D1FA91FB1E1CA1419B784DF48A74] - |A| - [05/06/2004 12:59:14] - (.-.) - [64 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xvid.ax [MD5.9EC5F689CC007E0A6386ACED8612DF56] - |A| - [05/06/2004 12:56:16] - (.-.) - [664 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xvidcore.dll [MD5.1ACE95D61B47E4ED680A9831AA03529B] - |A| - [06/06/2004 12:53:42] - (.-.) - [152 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xvidvfw.dll [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [29 Ko] - C:\Windows\SysWOW64\yo-NG [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [220.5 Ko] - C:\Windows\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 14:46:34] - [214.5 Ko] - C:\Windows\SysWOW64\zh-TW [MD5.00000000000000000000000000000000] - |D| - [29/09/2017 15:42:11] - [30 Ko] - C:\Windows\SysWOW64\zu-ZA ---------- | [EFM_UEFM_Barrow_U] [15/03/2019 05:09:53] - |DC| - [10136] - C:\Users\EFM_UEFM_Barrow_U\.cache [22/03/2019 10:10:42] - |HDC| - [1248] - C:\Users\EFM_UEFM_Barrow_U\.obs32 [14/03/2019 22:40:32] - |RDC| - [298] - C:\Users\EFM_UEFM_Barrow_U\3D Objects [14/03/2019 22:40:02] - |HDC| - [10142905616] - C:\Users\EFM_UEFM_Barrow_U\AppData [14/03/2019 22:40:32] - |RDC| - [412] - C:\Users\EFM_UEFM_Barrow_U\Contacts [14/03/2019 22:40:02] - |RDC| - [311719440] - C:\Users\EFM_UEFM_Barrow_U\Desktop [14/03/2019 22:40:02] - |RDC| - [25499710393] - C:\Users\EFM_UEFM_Barrow_U\Documents [14/03/2019 22:40:02] - |RDC| - [1188834] - C:\Users\EFM_UEFM_Barrow_U\Downloads [14/03/2019 22:40:02] - |RDC| - [746] - C:\Users\EFM_UEFM_Barrow_U\Favorites [14/03/2019 22:40:30] - |SHDC| - [25308] - C:\Users\EFM_UEFM_Barrow_U\IntelGraphicsProfiles [14/03/2019 22:40:02] - |RDC| - [2045] - C:\Users\EFM_UEFM_Barrow_U\Links [14/03/2019 22:40:50] - |HDC| - [457] - C:\Users\EFM_UEFM_Barrow_U\MicrosoftEdgeBackups [14/03/2019 22:40:02] - |RDC| - [9469664] - C:\Users\EFM_UEFM_Barrow_U\Music [14/03/2019 22:40:02] - |AH| - [3670016] - C:\Users\EFM_UEFM_Barrow_U\NTUSER.DAT [14/03/2019 22:40:02] - |ASH| - [1015808] - C:\Users\EFM_UEFM_Barrow_U\ntuser.dat.LOG1 [14/03/2019 22:40:02] - |ASH| - [979968] - C:\Users\EFM_UEFM_Barrow_U\ntuser.dat.LOG2 [14/03/2019 22:40:02] - |ASH| - [65536] - C:\Users\EFM_UEFM_Barrow_U\NTUSER.DAT{47a6a17a-a514-11e7-a94e-ec0d9a05c860}.TM.blf [14/03/2019 22:40:02] - |ASH| - [524288] - C:\Users\EFM_UEFM_Barrow_U\NTUSER.DAT{47a6a17a-a514-11e7-a94e-ec0d9a05c860}.TMContainer00000000000000000001.regtrans-ms [14/03/2019 22:40:02] - |ASH| - [524288] - C:\Users\EFM_UEFM_Barrow_U\NTUSER.DAT{47a6a17a-a514-11e7-a94e-ec0d9a05c860}.TMContainer00000000000000000002.regtrans-ms [14/03/2019 22:40:02] - |SHC| - [20] - C:\Users\EFM_UEFM_Barrow_U\ntuser.ini [14/03/2019 22:42:30] - |RADC| - [3933799579] - C:\Users\EFM_UEFM_Barrow_U\OneDrive [14/03/2019 22:40:02] - |RDC| - [644018470] - C:\Users\EFM_UEFM_Barrow_U\Pictures [14/03/2019 22:40:02] - |RDC| - [282] - C:\Users\EFM_UEFM_Barrow_U\Saved Games [14/03/2019 22:40:32] - |RDC| - [1872] - C:\Users\EFM_UEFM_Barrow_U\Searches [14/03/2019 22:40:02] - |RDC| - [614775208] - C:\Users\EFM_UEFM_Barrow_U\Videos [14/03/2019 22:40:02] - |DC| - [5737592424] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local [14/03/2019 22:40:02] - |DC| - [16742874] - C:\Users\EFM_UEFM_Barrow_U\AppData\LocalLow [14/03/2019 22:40:02] - |HDC| - [4388570318] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming [14/03/2019 23:15:44] - |DC| - [143360] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\AdAwareDesktop [14/03/2019 22:51:03] - |DC| - [138240] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\AdAwareUpdater [21/03/2019 08:10:15] - |DC| - [82] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Aimersoft [15/03/2019 18:26:30] - |DC| - [38490] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Ashampoo [20/03/2019 13:36:14] - |DC| - [262512] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Atelier Photo Fnac [15/03/2019 05:34:24] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\AVAST Software [27/03/2019 20:50:50] - |DC| - [13118] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Babylon [15/03/2019 08:28:26] - |DC| - [21320] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\cache [15/03/2019 06:16:45] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\CEF [14/03/2019 22:50:40] - |DC| - [18898948] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Comms [20/03/2019 12:59:40] - |DC| - [485321258] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Comodo [14/03/2019 22:40:30] - |DC| - [1855] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\ConnectedDevicesPlatform [15/03/2019 09:07:52] - |DC| - [48716281] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\CrashDumps [22/03/2019 11:17:15] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\CrashRpt [14/03/2019 22:46:10] - |DC| - [21367128] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\CyberLink [14/03/2019 22:43:31] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\DBG [28/03/2019 12:39:00] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Downloaded Installations [15/03/2019 11:01:54] - |DC| - [1369] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Engelmann_Software [22/03/2019 18:21:53] - |DC| - [118911] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Fighters [14/03/2019 22:48:23] - |AHC| - [121478] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\IconCache.db [15/03/2019 05:04:45] - |DC| - [86] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Intel [15/03/2019 09:12:18] - |DC| - [88716] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\lfsh_uefm_efm_b162_w16_anaamfuw suite essentials setup [20/03/2019 14:14:11] - |DC| - [278896] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Logiciel de création CEWE [20/03/2019 13:58:38] - |DC| - [549232] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Logiciel de création CEWE Cora [14/03/2019 22:40:31] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\LoopBackService [14/03/2019 22:40:02] - |DC| - [301738683] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Microsoft [14/03/2019 22:40:42] - |DC| - [72267] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\MicrosoftEdge [15/03/2019 05:25:26] - |DC| - [253311656] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Opera Software [14/03/2019 22:40:31] - |DC| - [147171954] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Packages [14/03/2019 22:49:19] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\PanelManager [15/03/2019 08:26:58] - |DC| - [6890108] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Paragon [28/03/2019 12:39:18] - |DC| - [4339] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Phoenix360 [14/03/2019 22:59:04] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\PlaceholderTileLogoFolder [14/03/2019 22:43:47] - |DC| - [380195332] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs [14/03/2019 22:40:37] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Publishers [14/03/2019 22:49:20] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\SafiAgent [15/03/2019 08:59:05] - |DC| - [118017265] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\SIB [20/03/2019 21:23:18] - |DC| - [775588718] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Spoon [17/03/2019 05:03:26] - |DC| - [1665141095] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\TechSmith [14/03/2019 22:40:02] - |DC| - [437639347] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Temp [20/03/2019 21:22:35] - |DC| - [775588718] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Turbo [20/03/2019 21:48:43] - |DC| - [612] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Turbo Studio 19 [20/03/2019 21:48:24] - |DC| - [171613127] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Turbo.net [14/03/2019 22:40:31] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\VirtualStore [23/03/2019 22:45:58] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\WinSweeper [22/03/2019 13:10:22] - |DC| - [82] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Wondershare [15/03/2019 09:28:29] - |DC| - [128313099] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Zemana [26/03/2019 18:42:30] - |DC| - [224742] - C:\Users\EFM_UEFM_Barrow_U\AppData\Local\ZHP [28/03/2019 16:20:52] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\LocalLow\BabylonToolbar [15/03/2019 11:44:18] - |DC| - [305] - C:\Users\EFM_UEFM_Barrow_U\AppData\LocalLow\IObit [14/03/2019 22:41:01] - |SDC| - [16742569] - C:\Users\EFM_UEFM_Barrow_U\AppData\LocalLow\Microsoft [18/03/2019 19:09:27] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\LocalLow\Temp [14/03/2019 22:45:57] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\adaware [14/03/2019 22:40:31] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Adobe [17/03/2019 19:07:27] - |DC| - [10] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\AmazingFolderPasswordLock [23/03/2019 09:20:59] - |DC| - [1247034] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Apowersoft [23/03/2019 12:14:33] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\ASCOMP Software [15/03/2019 05:34:39] - |DC| - [2058444] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\AVAST Software [26/03/2019 17:10:10] - |DC| - [863859] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Babylon [23/03/2019 05:54:38] - |DC| - [262] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\BorisFX [18/03/2019 15:48:41] - |DC| - [26924275] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\BSplayer [18/03/2019 15:48:41] - |DC| - [6292] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\BSplayer Pro [18/03/2019 00:34:39] - |DC| - [11603941] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\CDTPL [17/03/2019 20:03:08] - |DC| - [505164] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Clipdiary [22/03/2019 20:57:23] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Comodo [23/03/2019 05:49:35] - |DC| - [8896036] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\CyberLink [18/03/2019 15:56:28] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Daum [15/03/2019 11:53:24] - |DC| - [19845721] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\DVDVideoSoft [15/03/2019 09:28:10] - |DC| - [4868202] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\IObit [14/03/2019 22:44:26] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Macromedia [14/03/2019 22:40:02] - |SDC| - [14425815] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft [25/03/2019 18:49:11] - |DC| - [2047782] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Notepad++ [22/03/2019 10:10:41] - |HDC| - [1248] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Obsidium [15/03/2019 05:24:29] - |DC| - [53467039] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Opera Software [28/03/2019 17:08:14] - |DC| - [121] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\PC Cleaner [18/03/2019 15:55:03] - |DC| - [213] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\PotPlayerMini64 [23/03/2019 04:54:26] - |DC| - [49054] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\proDAD [15/03/2019 10:50:58] - |DC| - [596] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\ProtectStar [15/03/2019 19:41:49] - |DC| - [14323] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Remo [16/03/2019 05:03:55] - |DC| - [0] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Remo Backup [16/03/2019 05:03:55] - |DC| - [12566] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Remo Backup OBM [15/03/2019 11:05:36] - |DC| - [1808066] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Steganos [17/03/2019 05:04:00] - |DC| - [4110] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\TechSmith [22/03/2019 10:10:39] - |DC| - [455456] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\TeraCopy [26/03/2019 10:11:40] - |DC| - [12660] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\USBSafelyRemove [15/03/2019 18:35:01] - |DC| - [98701] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\vlc [15/03/2019 00:58:43] - |DC| - [12] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\WinRAR [26/03/2019 18:42:30] - |DC| - [4239353316] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\ZHP [14/03/2019 22:40:32] - |SHC| - [174] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [26/03/2019 17:57:59] - |AC| - [1140] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\eBay.lnk [14/03/2019 22:40:02] - |RDC| - [70676] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [26/03/2019 17:57:48] - |AC| - [198] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.url [28/03/2019 12:41:06] - |DC| - [6246] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AC3Filter [14/03/2019 22:40:02] - |RDC| - [3888] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [14/03/2019 22:40:02] - |RDC| - [2925] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [14/03/2019 22:40:32] - |RDC| - [174] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [14/03/2019 22:40:32] - |SHC| - [174] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [28/03/2019 12:42:22] - |DC| - [4184] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\inPixio [15/03/2019 11:46:47] - |DC| - [4407] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macro Keys [14/03/2019 22:40:02] - |DC| - [170] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [15/03/2019 10:48:39] - |DC| - [11011] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moo0 [28/03/2019 12:41:06] - |DC| - [3287] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Morgan Stream Switcher [15/03/2019 05:25:21] - |AC| - [1511] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk [14/03/2019 22:42:30] - |AC| - [2437] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [15/03/2019 10:50:57] - |DC| - [3113] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProtectStar [14/03/2019 22:40:32] - |RDC| - [1113] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [14/03/2019 22:40:02] - |RDC| - [3496] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [20/03/2019 21:23:11] - |DC| - [2501] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turbo.net [26/03/2019 17:57:58] - |DC| - [5581] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [28/03/2019 12:41:05] - |DC| - [2047] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VobSub [14/03/2019 22:40:02] - |RDC| - [7754] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [15/03/2019 00:57:44] - |DC| - [4657] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [14/03/2019 22:40:32] - |SHC| - [174] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [14/03/2019 22:44:26] - |AC| - [939] - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SecurePro.lnk ---------- | [Public] [07/12/2017 23:42:11] - |RHDC| - [196] - C:\Users\Public\AccountPictures [23/03/2019 05:54:11] - |DC| - [0] - C:\Users\Public\CyberLink [29/09/2017 14:46:33] - |RHD| - [69681] - C:\Users\Public\Desktop [29/09/2017 14:46:38] - |ASHC| - [174] - C:\Users\Public\desktop.ini [29/09/2017 14:46:33] - |RDC| - [278] - C:\Users\Public\Documents [29/09/2017 14:46:33] - |RDC| - [174] - C:\Users\Public\Downloads [29/09/2017 14:46:33] - |RHDC| - [1174] - C:\Users\Public\Libraries [29/09/2017 14:46:33] - |RDC| - [380] - C:\Users\Public\Music [29/09/2017 14:46:33] - |RDC| - [380] - C:\Users\Public\Pictures [29/09/2017 14:46:33] - |RDC| - [380] - C:\Users\Public\Videos ---------- | [UEFM LFS Hyper EFM] [14/03/2019 22:55:30] - |DC| - [0] - C:\Users\UEFM LFS Hyper EFM\Downloads [14/03/2019 22:55:27] - |D| - [0] - C:\Users\UEFM LFS Hyper EFM\Pictures ---------- | C:\ProgramData [28/03/2019 17:51:42] - |DC| - [8849] - C:\ProgramData\ABBYY [14/03/2019 22:45:57] - |DC| - [452800449] - C:\ProgramData\adaware [21/03/2019 08:10:58] - |DC| - [0] - C:\ProgramData\Aimersoft [21/03/2019 11:08:32] - |DC| - [0] - C:\ProgramData\APM [15/03/2019 05:26:49] - |D| - [44989592] - C:\ProgramData\AVAST Software [26/03/2019 17:09:09] - |DC| - [118580600] - C:\ProgramData\Babylon [15/03/2019 03:07:59] - |DC| - [0] - C:\ProgramData\BitDefender [23/03/2019 04:59:25] - |DC| - [20350847] - C:\ProgramData\BorisFX [07/12/2017 07:05:27] - |DC| - [91342] - C:\ProgramData\Broadcom [20/03/2019 23:16:35] - |DC| - [165623] - C:\ProgramData\BSD [28/03/2019 12:40:39] - |DC| - [0] - C:\ProgramData\BVRP Software [07/12/2017 06:47:34] - |ADC| - [0] - C:\ProgramData\CacheWrite [23/03/2019 04:42:01] - |DC| - [207] - C:\ProgramData\CLSK [22/03/2019 18:16:41] - |DC| - [3584] - C:\ProgramData\Common Toolkit Suite [20/03/2019 12:56:37] - |D| - [787467669] - C:\ProgramData\Comodo [20/03/2019 12:56:37] - |DC| - [239559851] - C:\ProgramData\Comodo Downloader [14/03/2019 22:46:10] - |DC| - [111137042] - C:\ProgramData\CyberLink [15/03/2019 11:53:54] - |DC| - [0] - C:\ProgramData\DigitalWave.ApplicationUpdater_files [28/03/2019 12:36:40] - |DC| - [2071843] - C:\ProgramData\DriversCloud.com [15/03/2019 11:01:54] - |DC| - [0] - C:\ProgramData\Engelmann Software [22/03/2019 18:16:24] - |DC| - [75238] - C:\ProgramData\Fighters [23/03/2019 04:59:26] - |DC| - [327] - C:\ProgramData\GenArts [20/03/2019 13:35:59] - |DC| - [15998127] - C:\ProgramData\hps [17/03/2019 19:56:26] - |DC| - [3817] - C:\ProgramData\Informer Technologies, Inc [20/03/2019 12:30:59] - |DC| - [228684263] - C:\ProgramData\install_backup [20/03/2019 12:30:26] - |DC| - [518177] - C:\ProgramData\install_clap [07/12/2017 07:00:43] - |DC| - [149102075] - C:\ProgramData\Intel [15/03/2019 11:44:20] - |DC| - [216915] - C:\ProgramData\IObit [21/03/2019 08:09:40] - |DC| - [2099] - C:\ProgramData\KeepVid [28/03/2019 12:48:40] - |DC| - [2090402] - C:\ProgramData\Le Robert [15/03/2019 11:01:54] - |DC| - [1108] - C:\ProgramData\Licenses [15/03/2019 10:51:58] - |DC| - [53798331] - C:\ProgramData\Loaris [07/12/2017 07:10:18] - |AC| - [2064264] - C:\ProgramData\MakeMarkerFile.exe [07/12/2017 07:10:18] - |A| - [3004] - C:\ProgramData\MakeMarkerFile.xml [29/09/2017 14:46:33] - |SD| - [689301102] - C:\ProgramData\Microsoft [07/12/2017 23:42:23] - |DC| - [0] - C:\ProgramData\Microsoft OneDrive [07/12/2017 07:00:12] - |D| - [1083716576] - C:\ProgramData\Package Cache [15/03/2019 19:47:36] - |D| - [9789440] - C:\ProgramData\Packages [15/03/2019 08:26:27] - |DC| - [443279] - C:\ProgramData\Paragon [15/03/2019 08:28:14] - |DC| - [0] - C:\ProgramData\Paragon Software [23/03/2019 22:45:31] - |DC| - [447] - C:\ProgramData\PC Cleaner [23/03/2019 04:54:22] - |DC| - [66867486] - C:\ProgramData\proDAD [28/03/2019 16:21:09] - |DC| - [556] - C:\ProgramData\ProductData [29/09/2017 14:46:33] - |D| - [0] - C:\ProgramData\regid.1991-06.com.microsoft [28/03/2019 12:45:12] - |DC| - [906] - C:\ProgramData\Registry First Aid [16/03/2019 15:34:24] - |DC| - [22509792] - C:\ProgramData\RSG [07/12/2017 07:05:31] - |DC| - [4330955] - C:\ProgramData\Samsung [20/03/2019 12:56:37] - |DC| - [0] - C:\ProgramData\Shared Space [17/03/2019 20:01:48] - |DC| - [1008816] - C:\ProgramData\SharewareOnSale Notifier [29/09/2017 14:46:33] - |D| - [0] - C:\ProgramData\SoftwareDistribution [25/03/2019 21:07:50] - |DC| - [3618909] - C:\ProgramData\SUPPORTDIR [14/03/2019 22:44:12] - |DC| - [4176] - C:\ProgramData\SystemAcCrux [17/03/2019 05:02:53] - |DC| - [388715214] - C:\ProgramData\TechSmith [20/03/2019 13:35:56] - |DC| - [145374] - C:\ProgramData\tmp [17/03/2019 07:13:36] - |DC| - [9081] - C:\ProgramData\ToastGenerator [26/03/2019 10:11:25] - |DC| - [22086] - C:\ProgramData\USBSRService [29/09/2017 14:46:33] - |D| - [13213] - C:\ProgramData\USOPrivate [07/12/2017 06:57:09] - |DC| - [1445888] - C:\ProgramData\USOShared [25/03/2019 18:52:31] - |D| - [25251849] - C:\ProgramData\UVK [29/09/2017 15:42:41] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices [22/03/2019 13:08:47] - |DC| - [1674] - C:\ProgramData\Wondershare ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [18/03/2019 15:49:36] - |A| - [1201] - C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk [29/09/2017 14:46:38] - |AS| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [29/09/2017 14:46:33] - |RD| - [321478] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [15/03/2019 09:28:15] - |AC| - [1725] - C:\ProgramData\Microsoft\Windows\Start Menu\TeraCopy.lnk [15/03/2019 00:57:44] - |AC| - [1136] - C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [21/03/2019 11:01:34] - |D| - [4189] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\abylonsoft [29/09/2017 14:46:33] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [29/09/2017 14:46:33] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [14/03/2019 22:57:54] - |D| - [2603] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\adaware [29/09/2017 14:46:33] - |RD| - [21770] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [17/03/2019 19:07:24] - |D| - [2920] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazing-Share [28/03/2019 16:56:01] - |D| - [2609] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant Demo Edition 8.1 [23/03/2019 09:20:59] - |D| - [2644] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft [23/03/2019 12:14:24] - |D| - [3662] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASCOMP Software [20/03/2019 13:35:50] - |D| - [4470] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atelier Photo Fnac [15/03/2019 05:33:55] - |AC| - [2088] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Antivirus Gratuit.lnk [28/03/2019 12:46:44] - |D| - [1236] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Babylon [23/03/2019 04:59:45] - |D| - [58] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boris FX Continuum CYBERLINK [18/03/2019 15:49:36] - |D| - [3325] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player [17/03/2019 20:03:03] - |D| - [2264] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clipdiary [20/03/2019 12:59:40] - |D| - [9030] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo [26/03/2019 16:50:32] - |A| - [2300] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Application Manager.lnk [23/03/2019 04:51:54] - |A| - [2065] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 17 (64-bit).lnk [23/03/2019 05:04:09] - |A| - [2154] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Screen Recorder 2.lnk [18/03/2019 15:55:05] - |D| - [2054] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum [29/09/2017 14:46:38] - |SH| - [962] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [28/03/2019 12:41:07] - |D| - [6383] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digital Video Duplicator [28/03/2019 12:36:40] - |D| - [2967] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com [15/03/2019 11:53:46] - |D| - [8722] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [14/03/2019 22:44:07] - |D| - [2868] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans [15/03/2019 07:34:37] - |D| - [3406] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Lock [15/03/2019 08:26:29] - |D| - [1440] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Manager 16 Basic [15/03/2019 09:12:51] - |D| - [2462] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo BitLocker Anywhere [15/03/2019 11:44:14] - |D| - [3399] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo BitLocker Data Recovery [15/03/2019 09:28:05] - |D| - [2277] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo EasyUEFI [15/03/2019 09:28:24] - |D| - [2277] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo WinToHDD [15/03/2019 01:02:57] - |D| - [2277] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hasleo WinToUSB [16/03/2019 09:14:21] - |D| - [1161] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCare Format Recovery [29/09/2017 14:43:11] - |RASC| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [15/03/2019 11:44:20] - |D| - [2681] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater [21/03/2019 10:32:14] - |D| - [2742] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller [21/03/2019 10:32:16] - |A| - [1424] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk [28/03/2019 12:39:03] - |D| - [828] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iolo [22/03/2019 19:57:27] - |D| - [1312] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeepVid [28/03/2019 12:48:40] - |D| - [2224] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Le Petit Robert 2017 [25/03/2019 23:04:32] - |D| - [2675] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Linux File Systems for Windows by Paragon Software [15/03/2019 10:52:03] - |D| - [976] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loaris Trojan Remover [20/03/2019 14:13:41] - |D| - [4741] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logiciel de création CEWE [20/03/2019 13:58:23] - |D| - [4906] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logiciel de création CEWE Cora [29/09/2017 14:46:33] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [23/03/2019 04:52:49] - |D| - [7028] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue [25/03/2019 18:49:18] - |A| - [877] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk [15/03/2019 11:05:42] - |D| - [1160] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OkayFreedom [28/03/2019 17:08:11] - |D| - [2289] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner [28/03/2019 12:45:12] - |SD| - [19128] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry First Aid 11 [15/03/2019 19:43:12] - |D| - [2840] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Backup [15/03/2019 19:41:47] - |D| - [4340] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Duplicate File Remover [15/03/2019 19:42:08] - |D| - [4396] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Duplicate Photos Remover [15/03/2019 19:45:32] - |D| - [4815] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo File Eraser 2.0 [15/03/2019 19:43:04] - |D| - [5218] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Outlook Backup & Migrate 2.0 [15/03/2019 19:44:45] - |D| - [3736] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover [15/03/2019 19:45:03] - |D| - [3994] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair MOV [15/03/2019 19:45:17] - |D| - [4805] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Word [07/12/2017 07:06:02] - |D| - [4307] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [15/03/2019 08:58:37] - |D| - [1007] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silent Install Builder 5 [15/03/2019 11:01:47] - |D| - [2393] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Simply Good Pictures 5 Free [17/03/2019 19:56:24] - |D| - [1868] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer [29/09/2017 14:46:33] - |D| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [15/03/2019 11:49:11] - |D| - [2342] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Symlink helper [29/09/2017 14:46:33] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [15/03/2019 07:36:49] - |D| - [2392] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools AD Browser [18/03/2019 14:43:05] - |D| - [2347] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools E01 Viewer [18/03/2019 00:34:40] - |D| - [2463] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools Mail Converter [18/03/2019 19:18:12] - |D| - [2475] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools NTFS Log Analyzer [15/03/2019 09:12:35] - |D| - [2499] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools PDF Bates Numberer [17/03/2019 04:30:44] - |D| - [2672] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools Thunderbird Store Locator [18/03/2019 10:01:20] - |D| - [2257] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools VHDX Viewer [17/03/2019 05:03:08] - |D| - [10400] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith [20/03/2019 21:47:54] - |D| - [2153] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Turbo Studio 19 [21/03/2019 07:30:57] - |D| - [2317] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnBlocker [26/03/2019 10:11:24] - |D| - [7939] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Safely Remove [25/03/2019 18:52:33] - |D| - [4905] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UVK - Ultra Virus Killer [15/03/2019 18:32:48] - |D| - [5850] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [15/03/2019 00:57:44] - |D| - [4585] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [23/03/2019 22:44:19] - |D| - [1722] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSweeper [15/03/2019 11:39:03] - |D| - [1307] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Data Recovery [15/03/2019 09:43:48] - |D| - [1295] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Folder Hider [15/03/2019 11:39:32] - |D| - [1338] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer [15/03/2019 17:27:24] - |D| - [1332] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise YouTube Downloader [22/03/2019 13:09:37] - |D| - [9144] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare [28/03/2019 12:41:07] - |D| - [15688] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XviD [15/03/2019 09:28:33] - |D| - [1240] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [29/09/2017 14:46:38] - |AS| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [28/03/2019 12:41:06] - |D| - [520749] - C:\Program Files (x86)\AC3Filter [17/03/2019 19:07:22] - |D| - [26557571] - C:\Program Files (x86)\Amazing-Share [28/03/2019 16:55:48] - |D| - [106106207] - C:\Program Files (x86)\AOMEI Partition Assistant [23/03/2019 09:18:54] - |D| - [283343340] - C:\Program Files (x86)\Apowersoft [23/03/2019 12:14:21] - |D| - [17699792] - C:\Program Files (x86)\ASCOMP Software [26/03/2019 17:09:10] - |D| - [14544424] - C:\Program Files (x86)\Babylon [28/03/2019 12:47:49] - |D| - [933387] - C:\Program Files (x86)\BabylonToolbar [07/12/2017 07:02:02] - |D| - [1793479] - C:\Program Files (x86)\Bluetooth Suite [15/03/2019 19:23:22] - |D| - [6908843] - C:\Program Files (x86)\bonus info anti-corvée - vexe, noémie & a le brulog [15/03/2019 19:23:15] - |A| - [513587656] - C:\Program Files (x86)\camtasia.exe [17/03/2019 20:02:32] - |D| - [17124228] - C:\Program Files (x86)\Clipdiary [15/03/2019 19:21:43] - |D| - [41426] - C:\Program Files (x86)\Command Line Xoring File [29/09/2017 14:46:33] - |D| - [373961671] - C:\Program Files (x86)\Common Files [20/03/2019 12:59:25] - |D| - [304237270] - C:\Program Files (x86)\Comodo [20/03/2019 12:30:47] - |D| - [150657600] - C:\Program Files (x86)\CyberLink [29/09/2017 14:46:37] - |AS| - [174] - C:\Program Files (x86)\desktop.ini [28/03/2019 12:40:43] - |D| - [59450402] - C:\Program Files (x86)\Digital Video Duplicator [15/03/2019 11:53:34] - |D| - [159903266] - C:\Program Files (x86)\DVDVideoSoft [14/03/2019 22:43:56] - |D| - [85838049] - C:\Program Files (x86)\EaseUS [28/03/2019 14:11:39] - |D| - [3324560352] - C:\Program Files (x86)\EFM & UEFM Beggin On Rêves (st j conrad & u bouton 6) [26/03/2019 09:51:00] - |DC| - [1945192] - C:\Program Files (x86)\Explorer++ [15/03/2019 11:53:35] - |D| - [20641460] - C:\Program Files (x86)\FreeCodecPack [15/03/2019 19:23:21] - |A| - [35327488] - C:\Program Files (x86)\FreeYouTubeDownload_4.1.88.1229_s.exe [15/03/2019 19:23:21] - |A| - [2690408] - C:\Program Files (x86)\Full-DISKfighter_Web.exe [28/03/2019 12:41:05] - |D| - [62525] - C:\Program Files (x86)\Gabest [15/03/2019 19:24:07] - |D| - [74240] - C:\Program Files (x86)\GOTD Unlimited [15/03/2019 19:24:07] - |D| - [147456] - C:\Program Files (x86)\GOTD UnWrapper [16/03/2019 09:14:20] - |D| - [29554608] - C:\Program Files (x86)\iCare Format Recovery [28/03/2019 12:42:22] - |D| - [1224685] - C:\Program Files (x86)\inPixio [07/12/2017 06:47:14] - |HD| - [64806738] - C:\Program Files (x86)\InstallShield Installation Information [07/12/2017 07:00:44] - |D| - [17962376] - C:\Program Files (x86)\Intel [29/09/2017 14:46:33] - |D| - [2032011] - C:\Program Files (x86)\Internet Explorer [15/03/2019 11:44:18] - |D| - [113377530] - C:\Program Files (x86)\IObit [22/03/2019 19:57:11] - |D| - [32652065] - C:\Program Files (x86)\KeepVid [15/03/2019 09:28:33] - |D| - [198080] - C:\Program Files (x86)\KeyCryptSDK [28/03/2019 12:48:38] - |D| - [363301258] - C:\Program Files (x86)\Le Robert [28/03/2019 12:40:53] - |D| - [1893680] - C:\Program Files (x86)\LiveUpdate [15/03/2019 19:24:07] - |D| - [7274288] - C:\Program Files (x86)\Macro Keys [15/03/2019 19:23:21] - |A| - [1227640] - C:\Program Files (x86)\macro-keys-en.exe [15/03/2019 19:21:43] - |D| - [254536] - C:\Program Files (x86)\MD5Look [29/09/2017 14:46:33] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [15/03/2019 10:48:17] - |D| - [83746808] - C:\Program Files (x86)\Moo0 [28/03/2019 12:41:06] - |D| - [96112] - C:\Program Files (x86)\Morgan [26/03/2019 18:04:36] - |D| - [2423] - C:\Program Files (x86)\Mozilla Firefox [10/10/2017 17:45:23] - |D| - [25757] - C:\Program Files (x86)\MSBuild [23/03/2019 04:52:11] - |D| - [309765079] - C:\Program Files (x86)\NewBlue [15/03/2019 07:34:05] - |D| - [20204440] - C:\Program Files (x86)\NewSoftware's [20/03/2019 12:30:54] - |D| - [11759170] - C:\Program Files (x86)\NSIS Uninstall Information [15/03/2019 11:05:30] - |D| - [56974204] - C:\Program Files (x86)\OkayFreedom [15/03/2019 19:21:43] - |D| - [1310208] - C:\Program Files (x86)\OldTimer [28/03/2019 14:11:38] - |A| - [9726385] - C:\Program Files (x86)\oldtimer otl_oth_tfc_md5look_xor_gotd-u_SEAF_remvbs_usbfileresc setup.exe [15/03/2019 19:23:22] - |A| - [2091952] - C:\Program Files (x86)\OUTDATEfighter_Web.exe [25/03/2019 23:04:27] - |D| - [28674557] - C:\Program Files (x86)\Paragon Software [28/03/2019 14:11:38] - |A| - [5597568] - C:\Program Files (x86)\pdf-bates.exe [28/03/2019 12:39:03] - |D| - [10761465] - C:\Program Files (x86)\Phoenix360 [15/03/2019 19:24:07] - |D| - [3059624] - C:\Program Files (x86)\Pre_Scan [15/03/2019 10:50:57] - |D| - [4124726] - C:\Program Files (x86)\ProtectStar [07/12/2017 07:01:24] - |D| - [6830294] - C:\Program Files (x86)\Qualcomm [15/03/2019 19:24:07] - |D| - [5175192] - C:\Program Files (x86)\QuickDiag [07/12/2017 06:47:14] - |D| - [3616297] - C:\Program Files (x86)\Realtek [10/10/2017 17:45:23] - |D| - [41363713] - C:\Program Files (x86)\Reference Assemblies [15/03/2019 19:21:43] - |D| - [114176] - C:\Program Files (x86)\Remediate VBS Worm [15/03/2019 19:45:30] - |D| - [42868042] - C:\Program Files (x86)\Remo File Eraser 2.0 [15/03/2019 19:45:16] - |D| - [32083237] - C:\Program Files (x86)\Remo Repair Word 2.0 [07/12/2017 07:05:14] - |D| - [21559691] - C:\Program Files (x86)\Samsung [28/03/2019 14:13:12] - |D| - [498868] - C:\Program Files (x86)\SEAF [07/12/2017 07:06:13] - |D| - [2399176] - C:\Program Files (x86)\Show Window [15/03/2019 08:58:37] - |D| - [29291674] - C:\Program Files (x86)\Silent Install Builder 5 [25/03/2019 23:43:51] - |D| - [3575016] - C:\Program Files (x86)\Stardock [15/03/2019 11:49:11] - |D| - [2051262] - C:\Program Files (x86)\Symlink helper [15/03/2019 19:23:22] - |A| - [593587] - C:\Program Files (x86)\SymlinkHelper_1.0.1_Setup.exe [15/03/2019 07:36:48] - |D| - [2911224] - C:\Program Files (x86)\SysTools AD Browser [18/03/2019 14:43:03] - |D| - [37024947] - C:\Program Files (x86)\SysTools E01 Viewer [18/03/2019 00:34:38] - |D| - [28324112] - C:\Program Files (x86)\SysTools Mail Converter [18/03/2019 19:18:11] - |D| - [2976703] - C:\Program Files (x86)\SysTools NTFS Log Analyzer [15/03/2019 09:12:33] - |D| - [14484999] - C:\Program Files (x86)\SysTools PDF Bates Numberer [17/03/2019 04:30:44] - |D| - [2471792] - C:\Program Files (x86)\SysTools Thunderbird Store Locator [07/12/2017 06:47:14] - |D| - [0] - C:\Program Files (x86)\Temp [20/03/2019 21:47:54] - |D| - [611447437] - C:\Program Files (x86)\Turbo.net [26/03/2019 09:51:38] - |DC| - [9400696] - C:\Program Files (x86)\Ultra Adware Killer [21/03/2019 07:30:57] - |D| - [807871] - C:\Program Files (x86)\UnBlocker [26/03/2019 17:57:58] - |D| - [273503] - C:\Program Files (x86)\Unlocker [15/03/2019 19:21:43] - |D| - [423936] - C:\Program Files (x86)\USB File Resc [26/03/2019 10:11:19] - |D| - [16666437] - C:\Program Files (x86)\USB Safely Remove [23/03/2019 22:52:09] - |D| - [13002139] - C:\Program Files (x86)\USBFix [28/03/2019 14:11:38] - |A| - [41846888] - C:\Program Files (x86)\vlc-3.0.6-win64.exe [07/12/2017 07:03:13] - |D| - [846730] - C:\Program Files (x86)\VulkanRT [28/03/2019 14:11:39] - |A| - [2152896] - C:\Program Files (x86)\WDRSetup.exe [28/03/2019 12:41:05] - |D| - [73065] - C:\Program Files (x86)\WinASPI [29/09/2017 14:46:33] - |D| - [1963776] - C:\Program Files (x86)\Windows Defender [29/09/2017 14:46:33] - |D| - [627712] - C:\Program Files (x86)\Windows Mail [29/09/2017 15:41:40] - |D| - [3545031] - C:\Program Files (x86)\Windows Media Player [29/09/2017 14:46:33] - |D| - [42960] - C:\Program Files (x86)\Windows Multimedia Platform [29/09/2017 14:46:33] - |D| - [7957186] - C:\Program Files (x86)\windows nt [29/09/2017 14:46:33] - |D| - [5500720] - C:\Program Files (x86)\Windows Photo Viewer [29/09/2017 14:46:33] - |D| - [42960] - C:\Program Files (x86)\Windows Portable Devices [29/09/2017 14:46:33] - |SD| - [0] - C:\Program Files (x86)\Windows Sidebar [29/09/2017 14:46:33] - |D| - [2637109] - C:\Program Files (x86)\WindowsPowerShell [28/03/2019 14:13:12] - |D| - [2298095] - C:\Program Files (x86)\WinSweeper [15/03/2019 09:43:47] - |D| - [29944878] - C:\Program Files (x86)\Wise [15/03/2019 19:23:22] - |A| - [2603424] - C:\Program Files (x86)\WMOSetup.exe [22/03/2019 13:08:47] - |D| - [29018267] - C:\Program Files (x86)\Wondershare [28/03/2019 12:41:07] - |D| - [152488] - C:\Program Files (x86)\XviD [15/03/2019 09:28:32] - |D| - [28173178] - C:\Program Files (x86)\Zemana AntiLogger ---------- | C:\Program Files [21/03/2019 11:01:11] - |D| - [89856745] - C:\Program Files\abylonsoft [14/03/2019 22:53:06] - |D| - [964728239] - C:\Program Files\adaware [15/03/2019 05:27:16] - |D| - [1083905923] - C:\Program Files\AVAST Software [26/03/2019 17:09:12] - |D| - [416800] - C:\Program Files\Babylon [23/03/2019 04:59:25] - |D| - [52453959] - C:\Program Files\BorisFX [20/03/2019 14:06:55] - |D| - [552544894] - C:\Program Files\CEWE [29/09/2017 14:46:33] - |D| - [314117218] - C:\Program Files\Common Files [20/03/2019 13:00:57] - |D| - [120848964] - C:\Program Files\COMODO [20/03/2019 13:36:33] - |D| - [551869350] - C:\Program Files\Cora [15/03/2019 05:45:18] - |D| - [13544726] - C:\Program Files\CUAssistant [23/03/2019 04:42:57] - |D| - [1080263399] - C:\Program Files\CyberLink [18/03/2019 15:54:56] - |D| - [130766145] - C:\Program Files\DAUM [29/09/2017 14:46:37] - |ASH| - [174] - C:\Program Files\desktop.ini [28/03/2019 12:36:40] - |D| - [19536755] - C:\Program Files\DriversCloud.com [15/03/2019 11:01:47] - |D| - [2682480] - C:\Program Files\Engelmann Software [20/03/2019 13:29:57] - |D| - [552184168] - C:\Program Files\Fnac [15/03/2019 01:02:54] - |D| - [779003127] - C:\Program Files\Hasleo [07/12/2017 07:00:14] - |D| - [118948861] - C:\Program Files\Intel [29/09/2017 14:46:33] - |D| - [2655598] - C:\Program Files\internet explorer [15/03/2019 10:51:57] - |D| - [28424584] - C:\Program Files\Loaris Trojan Remover [10/10/2017 17:45:23] - |D| - [25757] - C:\Program Files\MSBuild [23/03/2019 04:52:50] - |D| - [374151572] - C:\Program Files\NewBlue [25/03/2019 18:49:11] - |D| - [14552030] - C:\Program Files\Notepad++ [15/03/2019 08:26:21] - |D| - [284471504] - C:\Program Files\Paragon Software [23/03/2019 04:54:20] - |D| - [4538171] - C:\Program Files\proDAD [07/12/2017 06:47:24] - |D| - [26737088] - C:\Program Files\Realtek [10/10/2017 17:45:23] - |D| - [41154729] - C:\Program Files\Reference Assemblies [15/03/2019 19:43:11] - |D| - [57897824] - C:\Program Files\Remo Backup [15/03/2019 19:41:45] - |D| - [24606669] - C:\Program Files\Remo Duplicate File Remover 1.0 [15/03/2019 19:42:04] - |D| - [35818318] - C:\Program Files\Remo Duplicate Photos Remover 1.0 [15/03/2019 19:42:10] - |D| - [31428656] - C:\Program Files\Remo ONE [15/03/2019 19:43:02] - |D| - [29023606] - C:\Program Files\Remo Outlook Backup & Migrate 2.0 [15/03/2019 19:44:42] - |D| - [84437697] - C:\Program Files\Remo Recover 5.0 [15/03/2019 19:45:01] - |D| - [32148112] - C:\Program Files\Remo Repair MOV 2.0 [15/03/2019 05:45:14] - |D| - [27303670] - C:\Program Files\rempl [28/03/2019 12:45:12] - |D| - [22740926] - C:\Program Files\RFA 11 [07/12/2017 07:04:09] - |D| - [122767476] - C:\Program Files\Samsung [18/03/2019 10:01:16] - |D| - [30343059] - C:\Program Files\SysTools VHDX Viewer [17/03/2019 05:02:53] - |D| - [870961481] - C:\Program Files\TechSmith [15/03/2019 09:28:14] - |D| - [15205295] - C:\Program Files\TeraCopy [07/12/2017 23:39:37] - |HD| - [0] - C:\Program Files\Uninstall Information [25/03/2019 18:52:26] - |D| - [14182126] - C:\Program Files\UVK - Ultra Virus Killer [15/03/2019 18:32:34] - |D| - [174855255] - C:\Program Files\VideoLAN [29/09/2017 14:46:33] - |D| - [18929701] - C:\Program Files\Windows Defender [29/09/2017 14:46:33] - |D| - [638976] - C:\Program Files\Windows Mail [29/09/2017 15:41:40] - |D| - [5215211] - C:\Program Files\Windows Media Player [29/09/2017 14:46:33] - |D| - [49680] - C:\Program Files\Windows Multimedia Platform [29/09/2017 14:46:33] - |D| - [8224962] - C:\Program Files\windows nt [29/09/2017 14:46:33] - |D| - [6278968] - C:\Program Files\Windows Photo Viewer [29/09/2017 14:46:33] - |D| - [49688] - C:\Program Files\Windows Portable Devices [29/09/2017 14:46:33] - |D| - [96941] - C:\Program Files\Windows Security [29/09/2017 14:46:33] - |SHD| - [0] - C:\Program Files\Windows Sidebar [29/09/2017 14:46:33] - |HD| - [6552565478] - C:\Program Files\WindowsApps [29/09/2017 14:46:33] - |D| - [2981087] - C:\Program Files\WindowsPowerShell [15/03/2019 00:57:32] - |D| - [7455683] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [14/03/2019 22:46:00] - |DC| - [90397430] - C:\Program Files (x86)\Common Files\AntiVirus [07/12/2017 07:02:17] - |D| - [0] - C:\Program Files (x86)\Common Files\Atheros [28/03/2019 12:42:22] - |D| - [1366895] - C:\Program Files (x86)\Common Files\Avanquest Software [18/03/2019 14:43:04] - |D| - [102392] - C:\Program Files (x86)\Common Files\CDTPL [22/03/2019 18:17:15] - |D| - [2116688] - C:\Program Files (x86)\Common Files\Common Toolkit Suite [15/03/2019 11:53:34] - |D| - [129858992] - C:\Program Files (x86)\Common Files\DVDVideoSoft [28/03/2019 12:39:44] - |D| - [1743078] - C:\Program Files (x86)\Common Files\InstallShield [07/12/2017 07:03:05] - |D| - [118723313] - C:\Program Files (x86)\Common Files\Intel [21/03/2019 10:32:49] - |D| - [608] - C:\Program Files (x86)\Common Files\IObit [29/09/2017 14:46:33] - |D| - [14773432] - C:\Program Files (x86)\Common Files\microsoft shared [23/03/2019 04:52:48] - |D| - [287232] - C:\Program Files (x86)\Common Files\NewBlue [07/12/2017 07:01:22] - |D| - [73833] - C:\Program Files (x86)\Common Files\Qualcomm [29/09/2017 14:46:33] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [15/03/2019 11:05:31] - |D| - [1115] - C:\Program Files (x86)\Common Files\Steganos [29/09/2017 14:46:33] - |D| - [10440587] - C:\Program Files (x86)\Common Files\system [28/03/2019 17:51:29] - |D| - [4073374] - C:\Program Files (x86)\Common Files\TechSmith Shared ---------- | C:\Program Files\Common files [14/03/2019 22:45:54] - |D| - [191640315] - C:\Program Files\Common files\adaware [21/03/2019 08:10:11] - |D| - [6927831] - C:\Program Files\Common files\Aimersoft [15/03/2019 05:30:25] - |D| - [1956536] - C:\Program Files\Common files\AVAST Software [15/03/2019 11:01:47] - |D| - [54733920] - C:\Program Files\Common files\HDX4 [29/09/2017 14:46:33] - |D| - [37549837] - C:\Program Files\Common files\microsoft shared [23/03/2019 04:53:52] - |D| - [352768] - C:\Program Files\Common files\NewBlue [29/09/2017 14:46:33] - |D| - [2702] - C:\Program Files\Common files\Services [29/09/2017 14:46:33] - |D| - [11088779] - C:\Program Files\Common files\system [28/03/2019 17:51:42] - |D| - [3752831] - C:\Program Files\Common files\TechSmith Shared [22/03/2019 13:10:14] - |D| - [6111699] - C:\Program Files\Common files\Wondershare ---------- | Tasks [MD5.00000000000000000000000000000000] - [21/03/2019 10:41:52] - |D| - [0] - C:\Windows\Tasks\ImCleanDisabled [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [07/12/2017 23:39:31] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.3076C81E878BBEBE257B85308F121A00] - [28/03/2019 16:41:29] - |A| - [334] - C:\Windows\Tasks\Uninstaller_SkipUac_EFM_UEFM_Barrow_U.job [MD5.66289A61B213692BE6E68E6A5A04A928] - [15/03/2019 05:31:08] - |A| - [4264] - C:\Windows\System32\Tasks\Avast Emergency Update : C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [MD5.00000000000000000000000000000000] - [15/03/2019 05:31:53] - |D| - [3996] - C:\Windows\System32\Tasks\Avast Software [MD5.00000000000000000000000000000000] - [20/03/2019 13:01:23] - |D| - [26256] - C:\Windows\System32\Tasks\COMODO [MD5.DA8524A35B120C1D8858A43F013C6D47] - [27/03/2019 21:07:31] - |A| - [2586] - C:\Windows\System32\Tasks\CreateExplorerShellUnelevatedTask : C:\Windows\explorer.exe [MD5.09650088CE3965E8EB34EB949C199736] - [07/12/2017 07:00:48] - |A| - [3118] - C:\Windows\System32\Tasks\Intel PTT EK Recertification : "C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe" [MD5.830647CA55AF08919C60E8DB16C2CC07] - [28/03/2019 12:39:19] - |A| - [3714] - C:\Windows\System32\Tasks\iolo System Checkup : C:\Program [MD5.8AE3003D44045DE6F7BD4530586416DA] - [25/03/2019 23:04:33] - |A| - [2694] - C:\Windows\System32\Tasks\LinuxFS GUI : C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\Linux File Systems for Windows by Paragon Software.exe [MD5.A5666917429DC3874EE5A5400705F091] - [25/03/2019 23:04:34] - |A| - [2794] - C:\Windows\System32\Tasks\LinuxFS Updater : C:\Program Files (x86)\Paragon Software\LinuxFS for Windows\Updater.exe [MD5.00000000000000000000000000000000] - [29/09/2017 14:46:34] - |D| - [505252] - C:\Windows\System32\Tasks\Microsoft [MD5.59DB3BAB2A9B6A2FC83E3BE033A9FB5C] - [25/03/2019 03:41:40] - |A| - [2844] - C:\Windows\System32\Tasks\Moo0 Disk Cleaner 1.23 : C:\Program Files (x86)\Moo0\DiskCleaner 1.23\DiskCleaner.exe [MD5.E5D70AED233C3F78469D27905A602E3C] - [07/12/2017 23:42:48] - |A| - [2766] - C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.45DAEFB50243A7BAC690C70416D84A17] - [14/03/2019 22:45:32] - |A| - [3400] - C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3534096643-12334864-2903717510-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.FBBC7FA57A06BCF4C1EA22C596E36395] - [15/03/2019 05:25:25] - |A| - [3698] - C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1552623920 : C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\launcher.exe [MD5.A93CD55CC601BD73AEFDA3131979505B] - [26/03/2019 17:40:50] - |A| - [3418] - C:\Windows\System32\Tasks\PC Cleaner automatic scan and notifications : "L:\PC Cleaner\PCCNotifications.exe" [MD5.0E787EC2EDA454DD59EAFCF84EEEC307] - [23/03/2019 05:00:17] - |A| - [2540] - C:\Windows\System32\Tasks\PowerDirectorStyleAgent : C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe [MD5.A1CB0A196CA526646BE2B70C479B6D30] - [15/03/2019 19:43:17] - |A| - [2536] - C:\Windows\System32\Tasks\RemoBackup_Launcher : "C:\Program Files\Remo Backup\RBLauncher.exe" [MD5.7D70A0061941658209A4233239779D34] - [15/03/2019 10:49:58] - |A| - [2384] - C:\Windows\System32\Tasks\RunAsStdUser Task : C:\Program Files (x86)\Moo0\ImageViewer SP 1.80\ImageViewer.exe [MD5.9868BB984AE031B9D537DD3F7F088717] - [07/12/2017 07:06:43] - |A| - [2322] - C:\Windows\System32\Tasks\SAgent : "C:\Program Files\Samsung\S Agent\CommonAgent.exe" [MD5.00000000000000000000000000000000] - [07/12/2017 07:06:37] - |D| - [2430] - C:\Windows\System32\Tasks\Samsung [MD5.00000000000000000000000000000000] - [07/12/2017 07:03:20] - |D| - [2908] - C:\Windows\System32\Tasks\SecTimeSync [MD5.0FD61292CA2B2008E1FAF57F31171579] - [07/12/2017 07:06:13] - |A| - [2268] - C:\Windows\System32\Tasks\ShowWindow : "C:\Program Files (x86)\Show Window\Show Window.exe" [MD5.585D735070601D9340B1F75C98D539EC] - [15/03/2019 11:44:20] - |A| - [2580] - C:\Windows\System32\Tasks\Software Updater Scheduler : C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [MD5.BFD5A031DD33B23D0AFD920FDAED9A23] - [15/03/2019 11:44:20] - |A| - [2436] - C:\Windows\System32\Tasks\Software Updater SkipUAC(EFM_UEFM_Barrow_U) : C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [MD5.FF7E60D690DD38F124EA9318F823BD15] - [17/03/2019 19:56:24] - |A| - [2576] - C:\Windows\System32\Tasks\SoftwareInformerService : "C:\Program Files\Software Informer\softinfo.exe" [MD5.096203F36F8BEE2C65C8F76FCFBEEFEF] - [15/03/2019 11:45:02] - |A| - [2842] - C:\Windows\System32\Tasks\SU_AutoUpdate : C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [MD5.5DB710D48B572595FB5DC0A71D66A35E] - [28/03/2019 16:41:29] - |A| - [2568] - C:\Windows\System32\Tasks\Uninstaller_SkipUac_EFM_UEFM_Barrow_U : C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [MD5.00000000000000000000000000000000] - [20/03/2019 23:16:18] - |D| - [7824] - C:\Windows\System32\Tasks\Universal [MD5.C308B0E764DCB17F00EB5F39DFDB398B] - [16/03/2019 06:33:23] - |A| - [4198] - C:\Windows\System32\Tasks\User_Feed_Synchronization-{12F40181-298F-4A8F-BA89-6EC6CD445751} : C:\Windows\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [29/09/2017 14:46:34] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.27|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.27|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "{E1EB56F1-85A6-4387-A8AE-5D38EBC72CCD}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-3534096643-12334864-2903717510-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{DDF6792C-3BC4-4AC0-8BB4-1BD7F4CB2557}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|App=C:\Program Files (x86)\Samsung\Samsung System Agent\SamsungSystemAgent.exe|Name=Samsung System Agent| "{B500D317-9434-420F-BB9A-C56334866D5C}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\PCTrans.exe|Name=PCTrans.exe| "{6C9CBA6D-0D6C-496D-BB35-0411A8BE3480}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\PCTrans.exe|Name=PCTrans.exe| "{0144313C-47D6-426E-B264-357F0DDD25DB}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\uexperice.exe|Name=uexperice.exe| "{D6C3DC0E-70DF-4D87-9132-5DECE10DF964}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\EaseUS\EaseUS Todo PCTrans\bin\uexperice.exe|Name=uexperice.exe| "{F7753061-8881-472F-9918-B93D8257C35D}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Fitbit Coach|Desc=Fitbit Coach|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2529986682-1402584740-3005359367-4137886740-2476183567-2531476767-3437465235|EmbedCtxt=Fitbit Coach|Platform=2:6:2|Platform2=GTEQ| "{9D472940-2C19-494E-9312-6DF41381BEA3}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Fitbit Coach|Desc=Fitbit Coach|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2529986682-1402584740-3005359367-4137886740-2476183567-2531476767-3437465235|EmbedCtxt=Fitbit Coach|Platform=2:6:2|Platform2=GTEQ| "{3EBC33C8-4E5F-4474-9A96-2945C22F1715}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Dolby Access|Desc=Dolby Access|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-864892550-682355956-3667821578-694357232-3878941086-3291980491-2900429266|EmbedCtxt=Dolby Access|Platform=2:6:2|Platform2=GTEQ| "{C073C798-A4C7-4663-83F6-AB56DF6B7EB4}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Dolby Access|Desc=Dolby Access|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-864892550-682355956-3667821578-694357232-3878941086-3291980491-2900429266|EmbedCtxt=Dolby Access|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{A76A5497-6D7F-4065-A440-C93FBDA1FFD5}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Phototastic Collage|Desc=Phototastic Collage|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2502358608-583759769-2409807134-3449801485-999338879-2502503695-2304874636|EmbedCtxt=Phototastic Collage|Platform=2:6:2|Platform2=GTEQ| "{920229DA-7F25-4D8A-9461-44DA8EA9BCAE}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Candy Crush Friends|Desc=Candy Crush Friends|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2434645666-2532177092-3042203602-619713399-428220933-2149260498-1813168567|EmbedCtxt=Candy Crush Friends|Platform=2:6:2|Platform2=GTEQ| "{BA9B5DF5-3274-4EE1-87CD-96F72853264F}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{C69F592E-4472-4685-9D56-88F3CCEEB8E4}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{7ED7BA0E-08F9-42C2-87B5-BE8A92058554}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{C92EED7D-9A30-4DA7-9A7E-78A5515BC3C3}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{8C166279-3012-4928-A819-6788AFBCC997}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{SAMSUNGELECTRONICSCoLtd.GalaxySetting_1.0.60.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.GalaxySetting/Resources/W10_SETTING_APPLICATION_TITLE}|Desc=@{SAMSUNGELECTRONICSCoLtd.GalaxySetting_1.0.60.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.GalaxySetting/Resources/W10_SETTING_APPLICATION_TITLE}|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-4248244739-1195083218-694258176-94989366-335876269-79066479-1955954467|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.GalaxySetting_1.0.60.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.GalaxySetting/Resources/W10_SETTING_APPLICATION_TITLE}|Platform=2:6:2|Platform2=GTEQ| "{1C335FF7-55D5-47E6-B98E-6B27E4C4D966}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "{D5B028B8-758B-4693-8289-AD88A934EB6F}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{DBCFD26C-EE51-4D24-A4CE-160907DDFE36}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{3E114D53-51C4-43EE-B181-F677C14A324D}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ| "{C56599E0-9762-4A0A-8B75-858DA8C80DAC}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=50001-50005|App=C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe|Name=ms-resource:DisplayName|Desc=ms-resource:DisplayName|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{143B9EFE-C71F-4DC5-A05F-E89E423888E5}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort2_10=50001-50005|App=C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe|Name=ms-resource:DisplayName|Desc=ms-resource:DisplayName|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{9D38ED67-5EC8-4C79-A222-7CDFCC3568BF}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=50100-50101|App=C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe|Name=ms-resource:DisplayName|Desc=ms-resource:DisplayName|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{6F298669-5312-4EB1-AB8A-7A164091C4B6}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort2_10=50100-50101|App=C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe|Name=ms-resource:DisplayName|Desc=ms-resource:DisplayName|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{7E961A64-7CBE-4399-8F8B-60F682F87B9F}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=45921-45922|App=C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe|Name=ms-resource:DisplayName|Desc=ms-resource:DisplayName|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{CA262CB3-13AC-4701-AC66-46DB9657C66F}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort2_10=45921-45922|App=C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy\DesktopApp\SamsungFlowDesktop.exe|Name=ms-resource:DisplayName|Desc=ms-resource:DisplayName|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{9F51E940-6818-4A88-8FD7-3ABF414070D3}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Desc=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2600175893-783355150-721138849-3391371818-2667653740-3893828195-953040500|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{A50F3CBE-13F3-4B09-AF47-D2B07393F0F4}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Desc=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2600175893-783355150-721138849-3391371818-2667653740-3893828195-953040500|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{1BA153B2-065F-4E6C-96F9-4D0FAB32F44F}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Public|IFType=Wireless|Name=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Desc=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2600175893-783355150-721138849-3391371818-2667653740-3893828195-953040500|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|TTK2_22=WFDDevices| "{DA4AEC61-60BB-47C2-8CF2-FDEA3BFA6096}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Public|IFType=Wireless|Name=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Desc=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2600175893-783355150-721138849-3391371818-2667653740-3893828195-953040500|EmbedCtxt=@{SAMSUNGELECTRONICSCoLtd.SamsungFlux_3.7.16.0_x64__wyx1vj98g3asy?ms-resource://SAMSUNGELECTRONICSCoLtd.SamsungFlux/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|TTK2_22=WFDDevices| "{3AE20AB7-5934-4D26-8D43-0FA237F4CE49}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{4587A5BA-BF5C-4121-9EC1-2CF4385E66B0}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{82144398-BC70-4DF0-983E-9522F29D9F26}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Samsung Notes|Desc=Samsung Notes|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2319996878-402160400-1732427392-1247446112-3351234178-1901033953-1076141780|EmbedCtxt=Samsung Notes|Platform=2:6:2|Platform2=GTEQ| "{CD57ADCD-53AD-461E-8D5B-CFC6314AFF72}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{EE409B9D-F434-4F78-9611-0E3AD254BFBD}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{03A0CCF0-07E7-4297-ABF9-982525BEBDF6}C:\users\efm_uefm_barrow_u\documents\sdi_r1811\sdi_x64_r1811.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\efm_uefm_barrow_u\documents\sdi_r1811\sdi_x64_r1811.exe|Name=sdi_x64_r1811.exe|Desc=sdi_x64_r1811.exe|Defer=User| "UDP Query User{A1CD55CF-A1C3-4788-BF8F-1D5D1696E353}C:\users\efm_uefm_barrow_u\documents\sdi_r1811\sdi_x64_r1811.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\efm_uefm_barrow_u\documents\sdi_r1811\sdi_x64_r1811.exe|Name=sdi_x64_r1811.exe|Desc=sdi_x64_r1811.exe|Defer=User| "TCP Query User{631973F5-54AE-4575-87F7-B71A199601D3}C:\users\efm_uefm_barrow_u\appdata\local\temp\7zipsfx.000\bin\tools\aria2c.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\efm_uefm_barrow_u\appdata\local\temp\7zipsfx.000\bin\tools\aria2c.exe|Name=aria2c.exe|Desc=aria2c.exe|Defer=User| "UDP Query User{FF02E768-0EB7-4829-8A1D-0F1DEBABCA41}C:\users\efm_uefm_barrow_u\appdata\local\temp\7zipsfx.000\bin\tools\aria2c.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\efm_uefm_barrow_u\appdata\local\temp\7zipsfx.000\bin\tools\aria2c.exe|Name=aria2c.exe|Desc=aria2c.exe|Defer=User| "{57265EF6-555B-4794-8F87-8D16A162ECC1}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{81E4477D-A7CA-4BEE-8B6F-583D1799AE1E}C:\program files\videolan\vlc\vlc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files\videolan\vlc\vlc.exe|Name=VLC media player|Desc=VLC media player|Defer=User| "UDP Query User{F72F09CC-C844-4472-9E9A-24B8A37116B6}C:\program files\videolan\vlc\vlc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files\videolan\vlc\vlc.exe|Name=VLC media player|Desc=VLC media player|Defer=User| "{C54B91CF-8063-492E-BB92-773C734FE2A2}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8319|Name=TechSmith Camtasia 2018| "{D460666D-9A3E-4C36-BCCA-908C20AB2EB5}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe|Name=Ultra virus killer| "{AB072B86-FA71-422F-8858-9CEA7D09FB30}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe|Name=Ultra virus killer| "{6605D77E-320B-445F-B397-C7FA2A39F107}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Public|App=C:\Program Files\UVK - Ultra Virus Killer\UVK_en64.exe|Name=Ultra virus killer (TCP-OUT)| "{E698C854-14E7-41CC-B8C8-69CD4758F4AE}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game bar|Desc=Xbox Game bar|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game bar|Platform=2:6:2|Platform2=GTEQ| "{F15BEFD1-D73B-4B75-87E0-98402E3E580E}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Programs\Opera\58.0.3135.118\opera.exe|Name=Opera Internet Browser (mDNS-In)|Desc=Inbound rule to allow mDNS traffic.|EmbedCtxt=Opera Internet Browser| "{6ED0592D-C765-4ECF-9E79-6E2FF3AF3801}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Candy Crush Saga|Desc=Candy Crush Saga|LUOwn=S-1-5-21-3534096643-12334864-2903717510-1001|AppPkgId=S-1-15-2-2599857031-3789198952-3515498744-3120614410-3826243417-3816649221-455961092|EmbedCtxt=Candy Crush Saga|Platform=2:6:2|Platform2=GTEQ| "{26D64EF1-F07E-480D-B183-A1B76AF9E21A}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud| "{74672B9A-114C-4521-A063-D44267BA963A}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud| "{AA2D16E6-388E-41AA-89A1-C34CA5631075}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe|Name=ApowerManager| "{930EDE06-5D94-44F8-89B3-ADC25940AA17}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManager.exe|Name=ApowerManager| "{6DE964C5-F9A4-4B49-8453-63CAD7763351}"=v2.27|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe|Name=ApowerManager| "{C09391CA-E64C-4318-AE3F-8AB994E6958A}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files (x86)\Apowersoft\ApowerManager\ApowerManagerCoreServices.exe|Name=ApowerManager| "{1C7FA8E4-71CE-4B1B-AED3-3D355CCBC77B}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8299|Name=TechSmith Snagit 19| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (igfx) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{19837c5c-96f5-45e0-9a2d-c6bb26e1b12b}] : (UIM) [] -> @oem71.inf,%UimClassName%;Universal Image Mounter [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{54f3637b-4777-4f96-970c-6bfa5477b542}] : (ParagonBlockDevice) [] -> @oem69.inf,%ClassName%;User-mode block device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c3077fcd-9c3c-482f-9317-460712f23efd}] : (DPTF) [] -> @oem14.inf,%ClassName%;Intel(R) Dynamic Platform and Thermal Framework [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{D2C30470-3890-4CC2-86D4-FBDB08727EB6}] : (msgpiowin32) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [29/08/2017 12:39:10] - (1.1.0.719) - (Bitdefender - IGNIS filter driver) - C:\Windows\system32\drivers\ignis.sys [23/05/2018 05:06:16] - (11.0.0.6582) - (COMODO - COMODO Internet Security Eradication Driver) - C:\Windows\System32\DRIVERS\cmderd.sys [23/05/2018 05:06:20] - (11.0.0.6582) - (COMODO - COMODO Internet Security Sandbox Driver) - C:\Windows\system32\DRIVERS\cmdguard.sys [15/03/2019 07:34:32] - (0.0.0.0) - ( -) - C:\Windows\SysWOW64\WinFLAdrv.sys [12/05/2017 03:42:25] - (1.0.0.1) - (Samsung Electronics Co.,Ltd. - Samsung AMOLED panel driver) - C:\Windows\system32\DRIVERS\SAMOPanel.sys [11/10/2017 03:42:24] - (1.0.0.0) - (Samsung Electronics Co.,Ltd. - Samsung Firmware Interface Driver) - C:\Windows\System32\drivers\SafiDrv.sys [16/06/2016 11:36:18] - (7.0.0.16) - (BitDefender LLC - BitDefender Firewall WFP Filter Driver) - C:\Program Files\adaware\adaware antivirus\AdAwareProxyEngine\1.0.0.8\bdfwfpf.sys [23/05/2018 05:06:22] - (11.0.0.6582) - (COMODO - COMODO Internet Security Helper Driver) - C:\Windows\system32\DRIVERS\cmdhlp.sys [23/05/2018 05:06:24] - (11.0.0.6582) - (COMODO - COMODO Internet Security Firewall Driver) - C:\Windows\system32\DRIVERS\inspect.sys [15/03/2019 09:28:39] - (0.0.0.0) - (Zemana Ltd. - ZAM) - C:\Windows\System32\drivers\zamguard64.sys [15/03/2019 09:28:39] - (0.0.0.0) - (Zemana Ltd. - ZAM) - C:\Windows\System32\drivers\zam64.sys [12/09/2017 16:29:20] - (0.6.0.0) - (Paragon Software GmbH - Universal Image Mounter) - C:\Windows\System32\drivers\uimdevim.sys [12/09/2017 16:29:20] - (0.6.0.0) - (Paragon Software GmbH - Universal Image Mounter) - C:\Windows\System32\drivers\uimbus.sys [20/03/2019 13:00:45] - (1.4.993.154) - (COMODO - Internet Security Essentials Driver) - C:\Windows\system32\drivers\isedrv.sys [15/03/2019 19:44:46] - (2.0.18.79) - (EldoS Corporation - RawDisk Driver. Allows write access to files and raw disk sectors for user mode applications in Windows 2000, XP, 2003, Vista, 2008.) - C:\Windows\system32\drivers\rsdrvx64.sys [20/03/2019 13:00:09] - (1.3.48618.136) - (COMODO - COMODO Secure Shopping Driver) - C:\Windows\system32\drivers\cmdcss.sys [08/11/2017 20:32:32] - (12.0.0.820) - (Qualcomm Atheros, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver) - C:\Windows\System32\drivers\Qcamain10x64.sys [15/03/2019 09:28:33] - (1.8.2.328) - (Zemana Ltd. - Zemana AntiLogger Free) - C:\Windows\system32\DRIVERS\KeyCrypt64.sys [19/01/2017 21:29:42] - (0.0.0.0) - ( -) - C:\Windows\system32\DRIVERS\AppNodeEnum.sys [15/03/2019 04:50:08] - (1.1.102.1024) - (BayHubTech/O2Micro - BayHubTech/O2Micro SD Reader Driver) - C:\Windows\System32\drivers\bhtpcrdr.sys [03/02/2017 08:40:22] - (0.0.0.0) - ( -) - C:\Windows\System32\drivers\TchS2Helper.sys [28/09/2017 01:42:25] - (0.0.0.0) - ( -) - C:\Windows\system32\DRIVERS\PenS2Helper.sys [08/11/2017 20:32:08] - (10.0.0.815) - (Qualcomm - BT Filter) - C:\Windows\system32\DRIVERS\btfilter.sys [25/03/2019 23:04:45] - (10.0.10011.16384) - (Windows (R) Win 7 DDK provider - Dokan Filesystem Driver) - C:\Windows\system32\DRIVERS\dokan.sys [15/03/2019 07:34:31] - (0.0.0.0) - ( -) - C:\Windows\SysWow64\WinVDEdrv6.sys [15/03/2019 07:34:30] - (7.0.0.0) - (NewSoftwares.net, Inc. - Virtual Encryption Driver) - C:\Windows\SysWow64\WinVDEdrv.sys [02/05/2018 08:09:30] - (2.5.0.85) - (BitDefender S.R.L. - Trufos Kernel Module) - C:\Windows\system32\DRIVERS\Trufos.sys [02/05/2018 08:05:58] - (2.0.0.81) - (BitDefender LLC - BitDefender Gonzales FileSystem Driver) - C:\Windows\system32\DRIVERS\gzflt.sys [21/03/2019 10:32:08] - (1.0.0.20) - (IObit - IUProcessFilter) - C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys [21/03/2019 10:32:09] - (1.0.0.20) - (IObit - IURegistryFilter) - C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys [31/01/2018 12:38:04] - (1.3.0.0) - (Paragon Software GmbH - A part of Paragon System Utilities) - C:\Program Files\Paragon Software\Hard Disk Manager 16 Basic\program\BioNTDrv.SYS [28/03/2019 16:55:59] - (0.0.0.0) - ( -) - C:\Windows\system32\ddmdrv.sys [28/03/2019 16:55:51] - (0.0.0.0) - ( -) - C:\Windows\system32\ampa.sys ---------- | LoadOrderGroup Name: System Reserved - DriverEnabled: True - GroupOrder: 1 - Status: OK Name: EMS - DriverEnabled: True - GroupOrder: 2 - Status: OK Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 3 - Status: OK Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 4 - Status: OK Name: System Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK Name: SCSI miniport - DriverEnabled: True - GroupOrder: 6 - Status: OK Name: Port - DriverEnabled: True - GroupOrder: 7 - Status: OK Name: Primary Disk - DriverEnabled: True - GroupOrder: 8 - Status: OK Name: SCSI Class - DriverEnabled: True - GroupOrder: 9 - Status: OK Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 10 - Status: OK Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 11 - Status: OK Name: FSFilter System - DriverEnabled: True - GroupOrder: 12 - Status: OK Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 13 - Status: OK Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 14 - Status: OK Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 15 - Status: OK Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 16 - Status: OK Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 17 - Status: OK Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 18 - Status: OK Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 19 - Status: OK Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 20 - Status: OK Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 21 - Status: OK Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 22 - Status: OK Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 23 - Status: OK Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 24 - Status: OK Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 25 - Status: OK Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 26 - Status: OK Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 27 - Status: OK Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 28 - Status: OK Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 29 - Status: OK Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 30 - Status: OK Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 31 - Status: OK Name: FSFilter Top - DriverEnabled: True - GroupOrder: 32 - Status: OK Name: Filter - DriverEnabled: True - GroupOrder: 33 - Status: OK Name: Boot File System - DriverEnabled: True - GroupOrder: 34 - Status: OK Name: Base - DriverEnabled: True - GroupOrder: 35 - Status: OK Name: Pointer Port - DriverEnabled: True - GroupOrder: 36 - Status: OK Name: Keyboard Port - DriverEnabled: True - GroupOrder: 37 - Status: OK Name: Pointer Class - DriverEnabled: True - GroupOrder: 38 - Status: OK Name: Keyboard Class - DriverEnabled: True - GroupOrder: 39 - Status: OK Name: Video Init - DriverEnabled: True - GroupOrder: 40 - Status: OK Name: Video - DriverEnabled: True - GroupOrder: 41 - Status: OK Name: Video Save - DriverEnabled: True - GroupOrder: 42 - Status: OK Name: File System - DriverEnabled: True - GroupOrder: 43 - Status: OK Name: Streams Drivers - DriverEnabled: True - GroupOrder: 44 - Status: OK Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 45 - Status: OK Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 46 - Status: OK Name: Event Log - DriverEnabled: True - GroupOrder: 47 - Status: OK Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 48 - Status: OK Name: AudioGroup - DriverEnabled: True - GroupOrder: 49 - Status: OK Name: UIGroup - DriverEnabled: True - GroupOrder: 50 - Status: OK Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 51 - Status: OK Name: PlugPlay - DriverEnabled: True - GroupOrder: 52 - Status: OK Name: Cryptography - DriverEnabled: True - GroupOrder: 53 - Status: OK Name: PNP_TDI - DriverEnabled: True - GroupOrder: 54 - Status: OK Name: NDIS - DriverEnabled: True - GroupOrder: 55 - Status: OK Name: TDI - DriverEnabled: True - GroupOrder: 56 - Status: OK Name: iSCSI - DriverEnabled: True - GroupOrder: 57 - Status: OK Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 58 - Status: OK Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK Name: NetworkProvider - DriverEnabled: True - GroupOrder: 63 - Status: OK Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 64 - Status: OK Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 65 - Status: OK Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 66 - Status: OK Name: Extended Base - DriverEnabled: True - GroupOrder: 67 - Status: OK Name: PCI Configuration - DriverEnabled: True - GroupOrder: 68 - Status: OK Name: MS Transactions - DriverEnabled: True - GroupOrder: 69 - Status: OK Name: Core - DriverEnabled: False - GroupOrder: 70 - Status: OK Name: PnP Filter - DriverEnabled: False - GroupOrder: 71 - Status: OK Name: Early-Launch - DriverEnabled: False - GroupOrder: 72 - Status: OK Name: Network - DriverEnabled: False - GroupOrder: 73 - Status: OK Name: System - DriverEnabled: False - GroupOrder: 74 - Status: OK Name: Core Security Extensions - DriverEnabled: False - GroupOrder: 75 - Status: OK Name: NetworkService - DriverEnabled: False - GroupOrder: 76 - Status: OK Name: _Early-Launch - DriverEnabled: False - GroupOrder: 77 - Status: OK Name: LocalService - DriverEnabled: False - GroupOrder: 78 - Status: OK ---------- | LoadOrderGroupServiceDependencies LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs" ---------- | LoadOrderGroupServiceMembers LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc" LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder" LoadOrderGroup.Name="AudioGroup" - Service.Name="Audiosrv" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="avast! Antivirus" LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="BrokerInfrastructure" LoadOrderGroup.Name="NetworkProvider" - Service.Name="Browser" LoadOrderGroup.Name="Core" - Service.Name="CmdAgent" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch" LoadOrderGroup.Name="PlugPlay" - Service.Name="DeviceInstall" LoadOrderGroup.Name="TDI" - Service.Name="Dhcp" LoadOrderGroup.Name="TDI" - Service.Name="Dnscache" LoadOrderGroup.Name="TDI" - Service.Name="dot3svc" LoadOrderGroup.Name="TDI" - Service.Name="DusmSvc" LoadOrderGroup.Name="Event Log" - Service.Name="EventLog" LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc" LoadOrderGroup.Name="TDI" - Service.Name="icssvc" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="igfxCUIService2.0.0.0" LoadOrderGroup.Name="TDI" - Service.Name="irmon" LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation" LoadOrderGroup.Name="TDI" - Service.Name="lmhosts" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="LSM" LoadOrderGroup.Name="NetworkService" - Service.Name="MapsBroker" LoadOrderGroup.Name="Base" - Service.Name="MdmLdrSvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="MpsSvc" LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI" LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcCtnrSvc" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcSvc" LoadOrderGroup.Name="Base" - Service.Name="PanelManagerSvc" LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay" LoadOrderGroup.Name="Plugplay" - Service.Name="Power" LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc" LoadOrderGroup.Name="Base" - Service.Name="RCD" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs" LoadOrderGroup.Name="Base" - Service.Name="SafiService" LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs" LoadOrderGroup.Name="Base" - Service.Name="Samsung Pen Service" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr" LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection" LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler" LoadOrderGroup.Name="profsvc_group" - Service.Name="SysMain" LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService" LoadOrderGroup.Name="System Reserved" - Service.Name="TeraCopyService" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller" LoadOrderGroup.Name="Base" - Service.Name="USBSafelyRemoveService" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc" LoadOrderGroup.Name="TDI" - Service.Name="Wcmsvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient" LoadOrderGroup.Name="TDI" - Service.Name="WlanSvc" LoadOrderGroup.Name="TDI" - Service.Name="wlpasvc" LoadOrderGroup.Name="LocalService" - Service.Name="workfolderssvc" LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="3ware" LoadOrderGroup.Name="Core" - SystemDriver.Name="ACPI" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AcpiDev" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="acpiex" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="acpitime" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ADP80XX" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsbs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="aswArDisk" LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="aswElam" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="aswKbd" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="aswMonFlt" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="aswRdr" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="aswRvrt" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="aswSnx" LoadOrderGroup.Name="FSFilter Security Enhancer" - SystemDriver.Name="aswSP" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="aswStm" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="aswVmm" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="atc" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="b06bdrv" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicDisplay" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicRender" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn2" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="bdfwfpf" LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="BHTPCRDR" LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthAvrcpTg" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthHFEnum" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="BthPan" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHPORT" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHUSB" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="bttflt" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="cht4iscsi" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="cht4vbd" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass" LoadOrderGroup.Name="FSFilter HSM" - SystemDriver.Name="CldFlt" LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS" LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="cmdboot" LoadOrderGroup.Name="Primary Disk" - SystemDriver.Name="cmderd" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="cmdGuard" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="cmdhlp" LoadOrderGroup.Name="Core" - SystemDriver.Name="CNG" LoadOrderGroup.Name="Base" - SystemDriver.Name="cnghwassist" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus" LoadOrderGroup.Name="Base" - SystemDriver.Name="condrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CSI2HostControllerDriver" LoadOrderGroup.Name="Network" - SystemDriver.Name="Dfsc" LoadOrderGroup.Name="File System" - SystemDriver.Name="Dokan" LoadOrderGroup.Name="Base" - SystemDriver.Name="dptf_acpi" LoadOrderGroup.Name="Base" - SystemDriver.Name="dptf_cpu" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="ebdrv" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorClass" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorTcgDrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev" LoadOrderGroup.Name="Base" - SystemDriver.Name="esif_lf" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat" LoadOrderGroup.Name="FSFilter Encryption" - SystemDriver.Name="FileCrypt" LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="FsDepends" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol" LoadOrderGroup.Name="Base" - SystemDriver.Name="genericusbfn" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="GPIOClx0101" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="gzflt" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidi2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidinterrupt" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hvservice" LoadOrderGroup.Name="System" - SystemDriver.Name="HwNClx0101" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hyperkbd" LoadOrderGroup.Name="Video" - SystemDriver.Name="HyperVideo" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt" LoadOrderGroup.Name="Base" - SystemDriver.Name="iai2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2_BXT_P" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C_BXT_P" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2_GPIO2" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2_I2C" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2_UART2" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSSi_GPIO" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSSi_I2C" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorA" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAC" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAV" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="ibbus" LoadOrderGroup.Name="Video" - SystemDriver.Name="igfx" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ignis" LoadOrderGroup.Name="Base" - SystemDriver.Name="IndirectKmd" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="inspect" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="IntcAudioBus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="IntcOED" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="intelpep" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="iorate" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="irda" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="kdnic" LoadOrderGroup.Name="Keyboard Class" - SystemDriver.Name="keycrypt" LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD" LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS3i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SSS" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv" LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbhost" LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbip" LoadOrderGroup.Name="Base" - SystemDriver.Name="MdmIf" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasr" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MEIx64" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="mlx4_bus" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ModemCtrl" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr" LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb10" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsBridge" LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="msgpiowin32" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidumdf" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsLldp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig" LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="mvumis" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ndfltr" LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisTapi" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="ndiswanlegacy" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ndproxy" LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="netvsc" LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="NTFS" LoadOrderGroup.Name="Base" - SystemDriver.Name="Null" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor" LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia" LoadOrderGroup.Name="System Reserved" - SystemDriver.Name="pcw" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pdc" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="PenS2Helper" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas3i" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Qcamain10x64" LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd" LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFS" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFSv1" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="RFCOMM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="rhproxy" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr" LoadOrderGroup.Name="Video" - SystemDriver.Name="s3cap" LoadOrderGroup.Name="Base" - SystemDriver.Name="SafiDrv" LoadOrderGroup.Name="Base" - SystemDriver.Name="SAMOPanel" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="sdbus" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="spaceport" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="SpatialGraphFilter" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2" LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="storahci" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="storflt" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stornvme" LoadOrderGroup.Name="FSFilter Quota Management" - SystemDriver.Name="storqosflt" LoadOrderGroup.Name="Base" - SystemDriver.Name="storvsc" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="supportdriver" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="swenum" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="Synth3dVsc" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="TchS2Helper" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="terminpt" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="TPM" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Trufos" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="TsUsbGD" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmCx0101" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmTcpciCx0101" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Ucx01000" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="Ufx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UfxChipidea" LoadOrderGroup.Name="Base" - SystemDriver.Name="ufxsynopsys" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsChipidea" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UrsCx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsSynopsys" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub" LoadOrderGroup.Name="Base" - SystemDriver.Name="USBHUB3" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci" LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="VerifierExt" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp" LoadOrderGroup.Name="Base" - SystemDriver.Name="vhf" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vmbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="VMBusHID" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vpci" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="VSTXRAID" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwififlt" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwifimp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarpv6" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="wcifs" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="wcnfs" LoadOrderGroup.Name="_Early-Launch" - SystemDriver.Name="WdBoot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="WdFilter" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wdnsfltr" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="WFPLWFS" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="WIMMount" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRT" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRTProxy" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="WinFLAdrv" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinMad" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinVerbs" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wmbclass" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi" LoadOrderGroup.Name="FSFilter Compression" - SystemDriver.Name="Wof" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="WpdUpFltr" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl" LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf" LoadOrderGroup.Name="base" - SystemDriver.Name="WUDFRd" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="xboxgip" LoadOrderGroup.Name="Base" - SystemDriver.Name="xinputhid" ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - aswArDisk (aswArDisk) -> system32\drivers\aswArDisk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswbidsh (aswbidsh) -> system32\drivers\aswbidsh.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswblog (aswblog) -> system32\drivers\aswblog.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswbuniv (aswbuniv) -> system32\drivers\aswbuniv.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswElam (aswElam) -> system32\drivers\aswElam.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswRvrt (aswRvrt) -> system32\drivers\aswRvrt.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswVmm (aswVmm) -> system32\drivers\aswVmm.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - cmdboot (COMODO Early Launch Driver) -> System32\DRIVERS\cmdboot.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Disk (@disk.inf,%disk_ServiceDesc%;Pilote de disque) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorA () -> System32\drivers\iaStorA.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - iaStorAC (@oem61.inf,%iaStorAC.DeviceDesc%;Intel(R) Chipset SATA/PCIe RST Premium Controller) -> System32\drivers\iaStorAC.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Ignis (Ignis Service) -> system32\drivers\ignis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswArPot (aswArPot) -> system32\drivers\aswArPot.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswbidsdriver (aswbidsdriver) -> system32\drivers\aswbidsdriver.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswHdsKe (aswHdsKe) -> system32\drivers\aswHdsKe.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswKbd (aswKbd) -> system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswRdr (aswRdr) -> system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSnx (aswSnx) -> system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSP (aswSP) -> system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bdfwfpf (bdfwfpf) -> \??\C:\Program Files\adaware\adaware antivirus\AdAwareProxyEngine\1.0.0.8\bdfwfpf.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cmdcss (COMODO Secure Shopping) -> \SystemRoot\system32\drivers\cmdcss.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - cmderd (COMODO Internet Security Eradication Driver) -> System32\DRIVERS\cmderd.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - cmdGuard (COMODO Internet Security Sandbox Driver) -> system32\DRIVERS\cmdguard.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cmdhlp (COMODO Internet Security Helper Driver) -> \SystemRoot\system32\DRIVERS\cmdhlp.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ElRawDisk (ElRawDisk) -> \??\C:\Windows\system32\drivers\rsdrvx64.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - inspect (@oem6.inf,%inspect_Desc%;COMODO Internet Security Firewall Driver) -> \SystemRoot\system32\DRIVERS\inspect.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - isedrv (Internet Security Essentials) -> \SystemRoot\system32\drivers\isedrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - SafiDrv (@oem5.inf,%SafiDrv.SVCDESC%;SafiDrv Service) -> \SystemRoot\System32\drivers\SafiDrv.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - SAMOPanel (@oem24.inf,%SAMOPanel.SVCDESC%;SAMOPanel Service) -> \SystemRoot\system32\DRIVERS\SAMOPanel.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - UimBus (@oem70.inf,%UIMDeviceDesc%;UIM Bus Controller) -> \SystemRoot\System32\drivers\uimbus.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Uim_DEVIM (@oem71.inf,%UIMDeviceDesc%;UIM Direct Device Image Plugin) -> \SystemRoot\System32\drivers\uimdevim.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ZAM (ZAM Helper Driver) -> \??\C:\Windows\System32\drivers\zam64.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ZAM_Guard (ZAM Guard Driver) -> \??\C:\Windows\System32\drivers\zamguard64.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True S2 - [Kernel Driver] - aswStm (aswStm) -> system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: False R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - Dokan (Dokan File System Driver) -> system32\DRIVERS\dokan.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - NEWDRIVER (NEWDRIVER) -> \??\C:\Windows\SysWow64\WinVDEdrv6.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - WinVDEDrv (WinVDEDrv) -> \??\C:\Windows\SysWow64\WinVDEdrv.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - 1394ohci (@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\1394ohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AcpiDev (@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver) -> \SystemRoot\System32\drivers\AcpiDev.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - acpipagr (@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver) -> \SystemRoot\System32\drivers\acpipagr.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - AcpiPmi (@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver) -> \SystemRoot\System32\drivers\acpipmi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - acpitime (@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver) -> \SystemRoot\System32\drivers\acpitime.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdK8 (@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver) -> \SystemRoot\System32\drivers\amdk8.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdPPM (@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver) -> \SystemRoot\System32\drivers\amdppm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AppID (@%systemroot%\system32\srpapi.dll,-100) -> system32\drivers\appid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - applockerfltr (@%systemroot%\system32\srpapi.dll,-102) -> system32\drivers\applockerfltr.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - AppNodeEnum (@oem37.inf,%AppNodeEnum.SVCDESC%;AppNodeEnum Service) -> \SystemRoot\system32\DRIVERS\AppNodeEnum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - AsyncMac (@%systemroot%\system32\mprmsg.dll,-32000) -> \SystemRoot\System32\drivers\asyncmac.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - atc (atc) -> system32\DRIVERS\atc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - bcmfn2 (@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service) -> \SystemRoot\System32\drivers\bcmfn2.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BcmGnssBus (@oem62.inf,%BcmGnssDriver.SVCDESC%;Broadcom GNSS Bus Driver disk) -> \SystemRoot\System32\drivers\BcmGnssBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - BHTPCRDR () -> \SystemRoot\System32\drivers\bhtpcrdr.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - bowser (@%systemroot%\system32\browser.dll,-102) -> system32\DRIVERS\bowser.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - BtFilter (BtFilter) -> \SystemRoot\system32\DRIVERS\btfilter.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BthAvrcpTg (@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID) -> \SystemRoot\System32\drivers\BthAvrcpTg.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BthEnum (@bth.inf,%BthEnum.SVCDESC%;Service d’énumérateur Bluetooth) -> \SystemRoot\System32\drivers\BthEnum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BthHFEnum (@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator) -> \SystemRoot\System32\drivers\bthhfenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - bthhfhid (@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID) -> \SystemRoot\System32\drivers\BthHFHid.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - bthl2cap (@bthl2cap.inf,%bthl2cap_desc%;Microsoft Bluetooth Protocol Support Driver) -> \SystemRoot\system32\DRIVERS\bthl2cap.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - BthLEEnum (@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver) -> \SystemRoot\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BTHMODEM (@mdmbtmdm.inf,%BthModem.DisplayName%;Bluetooth Modem Communications Driver) -> \SystemRoot\System32\drivers\bthmodem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BthPan (@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network)) -> \SystemRoot\System32\drivers\bthpan.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BTHPORT (@bth.inf,%BTHPORT.SvcDesc%;Pilote de port Bluetooth) -> \SystemRoot\System32\drivers\BTHport.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BTHUSB (@bth.inf,%BTHUSB.SvcDesc%;Pilote USB radio Bluetooth) -> \SystemRoot\System32\drivers\BTHUSB.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - buttonconverter (@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices) -> \SystemRoot\System32\drivers\buttonconverter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CAD (@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver) -> \SystemRoot\System32\drivers\CAD.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - CapImg (@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen) -> \SystemRoot\System32\drivers\capimg.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - cht4vbd (@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver) -> \SystemRoot\System32\drivers\cht4vx64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - circlass (@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices) -> \SystemRoot\System32\drivers\circlass.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CmBatt (@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver) -> \SystemRoot\System32\drivers\CmBatt.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - CompositeBus (@compositebus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver) -> \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - condrv (Console Driver) -> System32\drivers\condrv.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - CSI2HostControllerDriver (@oem49.inf,%CSI2HostControllerDriver.SVCDESC%;Intel(R) CSI2 Host Controller services) -> \SystemRoot\System32\drivers\CSI2HostControllerDriver.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - dmvsc () -> \SystemRoot\System32\drivers\dmvsc.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - dptf_acpi () -> \SystemRoot\System32\drivers\dptf_acpi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - dptf_cpu () -> \SystemRoot\System32\drivers\dptf_cpu.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - drmkaud (@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers) -> \SystemRoot\System32\drivers\drmkaud.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ErrDev (@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver) -> \SystemRoot\System32\drivers\errdev.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - esif_lf () -> \SystemRoot\system32\DRIVERS\esif_lf.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - exfat (exFAT File System Driver) -> (?) - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - fastfat (FAT12/16/32 File System Driver) -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - fdc (@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver) -> \SystemRoot\System32\drivers\fdc.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - flpydisk (@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver) -> \SystemRoot\System32\drivers\flpydisk.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - gencounter (@wGenCounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter) -> \SystemRoot\System32\drivers\vmgencounter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - genericusbfn (@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class) -> \SystemRoot\System32\drivers\genericusbfn.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - GPIOClx0101 (Microsoft GPIO Class Extension Driver) -> System32\Drivers\msgpioclx.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - gzflt (gzflt) -> system32\DRIVERS\gzflt.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - HDAudBus (@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio) -> \SystemRoot\System32\drivers\HDAudBus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidBatt (@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver) -> \SystemRoot\System32\drivers\HidBatt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidBth (@hidbth.inf,%HIDBTH.SvcDesc%;Miniport HID Microsoft Bluetooth) -> \SystemRoot\System32\drivers\hidbth.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - hidi2c (@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver) -> \SystemRoot\System32\drivers\hidi2c.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - hidinterrupt (@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts) -> \SystemRoot\System32\drivers\hidinterrupt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidIr (@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver) -> \SystemRoot\System32\drivers\hidir.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HidUsb (@input.inf,%HID.SvcDesc%;Pilote de classe HID Microsoft) -> \SystemRoot\System32\drivers\hidusb.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - hvservice (@%SystemRoot%\system32\drivers\hvservice.sys,-16) -> system32\drivers\hvservice.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HwNClx0101 (Microsoft Hardware Notifications Class Extension Driver) -> System32\Drivers\mshwnclx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hyperkbd () -> \SystemRoot\System32\drivers\hyperkbd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HyperVideo () -> \SystemRoot\System32\drivers\HyperVideo.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - i8042prt (@msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver) -> \SystemRoot\System32\drivers\i8042prt.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - iacamera64 (@oem58.inf,%iacamera64.DeviceDesc%;Intel(R) AVStream Camera 2500) -> \SystemRoot\system32\DRIVERS\iacamera64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - iactrllogic (@oem45.inf,%iactrllogic.SVCDESC%;Intel(R) Control Logic) -> \SystemRoot\System32\drivers\iactrllogic64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - iagpio (@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iagpio.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iai2c (@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller) -> \SystemRoot\System32\drivers\iai2c.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_GPIO2 (@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_GPIO2_BXT_P (@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_I2C (@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_I2C_BXT_P (@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C_BXT_P.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - iaLPSS2_GPIO2 (@oem56.inf,%iaLPSS2_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2_GPIO2.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - iaLPSS2_I2C (@oem47.inf,%iaLPSS2_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2_I2C.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - iaLPSS2_UART2 (@oem54.inf,%iaLPSS2_UART2.SVCDESC%;Intel(R) Serial IO UART Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2_UART2.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - iaLPSSi_GPIO (@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSSi_I2C (@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_I2C.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ibbus (@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver)) -> \SystemRoot\System32\drivers\ibbus.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - igfx () -> \SystemRoot\System32\DriverStore\FileRepository\igdlh64.inf_amd64_cfb8c540931e087a\igdkmd64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - IMX241 (@oem48.inf,%IMX241.SVCDESC%;Camera Sensor IMX241) -> \SystemRoot\System32\drivers\imx241.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - IMX258 (@oem52.inf,%IMX258.SVCDESC%;Camera Sensor IMX258) -> \SystemRoot\System32\drivers\imx258.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IndirectKmd (@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100) -> \SystemRoot\System32\drivers\IndirectKmd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - IntcAudioBus (@oem2.inf,%IntcAudioBus.SVCDESC%;Intel(R) Smart Sound Technology (Intel(R) SST) Bus) -> \SystemRoot\System32\drivers\IntcAudioBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - IntcAzAudAddService (Service for Realtek HD Audio (WDM)) -> \SystemRoot\system32\drivers\RTKVHD64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - IntcDAud (@oem64.inf,%IntcAud.SvcDesc%;Son Intel(R) pour écrans) -> \SystemRoot\System32\DriverStore\FileRepository\intcdaud.inf_amd64_ebc6f6a745bbd391\IntcDAud.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - IntcOED (@oem59.inf,%IntcOED.SVCDESC%;Pilote OED de la technologie Intel(R) Smart Sound) -> \SystemRoot\System32\drivers\IntcOED.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - intelppm (@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver) -> \SystemRoot\System32\drivers\intelppm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - invdimm (@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver) -> \SystemRoot\System32\drivers\invdimm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IpFilterDriver (@%systemroot%\system32\mprmsg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPMIDRV () -> \SystemRoot\System32\drivers\IPMIDrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPT () -> \SystemRoot\System32\drivers\ipt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - irda (IrDA) -> \SystemRoot\system32\drivers\irda.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IRENUM (@%SystemRoot%\system32\drivers\irenum.sys,-100) -> system32\drivers\irenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iScsiPrt (@iscsi.inf,%iScsiPortName%;iScsiPort Driver) -> \SystemRoot\System32\drivers\msiscsi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - IUProcessFilter (IUProcessFilter) -> \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUProcessFilter.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - IURegistryFilter (IURegistryFilter) -> \??\C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegistryFilter.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kbdclass (@keyboard.inf,%kbdclass.SvcDesc%;Pilote de la classe Clavier) -> \SystemRoot\System32\drivers\kbdclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kbdhid (@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver) -> \SystemRoot\System32\drivers\kbdhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kdnic (@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20)) -> \SystemRoot\System32\drivers\kdnic.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - keycrypt () -> system32\DRIVERS\KeyCrypt64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mausbhost (@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver) -> \SystemRoot\System32\drivers\mausbhost.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mausbip (@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver) -> \SystemRoot\System32\drivers\mausbip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MdmIf (@oem20.inf,%MdmIfSvcDesc%;Modem Interface driver for Xmm726x) -> \SystemRoot\System32\Drivers\MdmIf.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - MEIx64 (@oem57.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface) -> \SystemRoot\System32\drivers\TeeDriverW8x64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mlx4_bus (@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator) -> \SystemRoot\System32\drivers\mlx4_bus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Modem () -> system32\drivers\modem.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ModemCtrl (@oem20.inf,%ModemCtrlSvcDesc%;ModemCtrl Service) -> \SystemRoot\System32\drivers\ModemCtrl.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - monitor (@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service) -> \SystemRoot\System32\drivers\monitor.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouclass (@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver) -> \SystemRoot\System32\drivers\mouclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouhid (@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver) -> \SystemRoot\System32\drivers\mouhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mpsdrv (@%SystemRoot%\system32\drivers\mpsdrv.sys,-23092) -> System32\drivers\mpsdrv.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - MsBridge (@%SystemRoot%\system32\bridgeres.dll,-1) -> System32\drivers\bridge.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - msgpiowin32 (@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator) -> \SystemRoot\System32\drivers\msgpiowin32.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mshidkmdf () -> \SystemRoot\System32\drivers\mshidkmdf.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mshidumdf (@%SystemRoot%\system32\drivers\mshidumdf.sys,-100) -> \SystemRoot\System32\drivers\mshidumdf.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - MSKSSRV (@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy) -> \SystemRoot\System32\drivers\MSKSSRV.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - MSPCLOCK (@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy) -> \SystemRoot\System32\drivers\MSPCLOCK.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPQM (@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy) -> \SystemRoot\System32\drivers\MSPQM.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MsRPC () -> (?) - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSTEE (@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter) -> \SystemRoot\System32\drivers\MSTEE.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - MTConfig (@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver) -> \SystemRoot\System32\drivers\MTConfig.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NativeWifiP (@%SystemRoot%\System32\drivers\nwifi.sys,-101) -> system32\DRIVERS\nwifi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ndfltr (@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service) -> \SystemRoot\System32\drivers\ndfltr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisCap (@%SystemRoot%\System32\drivers\ndiscap.sys,-5000) -> System32\drivers\ndiscap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisImPlatform (@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501) -> System32\drivers\NdisImPlatform.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - NdisTapi (@%systemroot%\system32\mprmsg.dll,-32001) -> System32\DRIVERS\ndistapi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - Ndisuio (NDIS Usermode I/O Protocol) -> system32\drivers\ndisuio.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NdisVirtualBus (@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200) -> \SystemRoot\System32\drivers\NdisVirtualBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NdisWan (@%systemroot%\system32\mprmsg.dll,-32002) -> \SystemRoot\System32\drivers\ndiswan.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ndiswanlegacy (@%systemroot%\system32\mprmsg.dll,-32014) -> System32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - ndproxy (@%SystemRoot%\system32\drivers\todo.sys,-101;NDIS Proxy) -> System32\DRIVERS\NDProxy.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - NetAdapterCx (Network Adapter Wdf Class Extension Library) -> system32\drivers\NetAdapterCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - netvsc () -> \SystemRoot\System32\drivers\netvsc.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - NTFS () -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - nvdimmn (@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver) -> \SystemRoot\System32\drivers\nvdimmn.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Parport (@msports.inf,%Parport.SVCDESC%;Parallel port driver) -> \SystemRoot\System32\drivers\parport.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - PenS2Helper (@oem33.inf,%PenS2Helper.SVCDESC%;PenS2Helper Service) -> \SystemRoot\system32\DRIVERS\PenS2Helper.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - pmem (@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver) -> \SystemRoot\System32\drivers\pmem.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - PNPMEM (@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver) -> \SystemRoot\System32\drivers\pnpmem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - PptpMiniport (@%systemroot%\system32\mprmsg.dll,-32006) -> \SystemRoot\System32\drivers\raspptp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Processor (@cpu.inf,%Processor.SvcDesc%;Processor Driver) -> \SystemRoot\System32\drivers\processr.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - Qcamain10x64 (@oem68.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN 11AC device driver) -> \SystemRoot\System32\drivers\Qcamain10x64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RasAgileVpn (@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2)) -> \SystemRoot\System32\drivers\AgileVpn.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - Rasl2tp (@%systemroot%\system32\mprmsg.dll,-32005) -> \SystemRoot\System32\drivers\rasl2tp.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RasPppoe (@%systemroot%\system32\mprmsg.dll,-32007) -> \SystemRoot\System32\drivers\raspppoe.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> \SystemRoot\System32\drivers\rassstp.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - rdpbus (@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver) -> \SystemRoot\System32\drivers\rdpbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - RDPDR (@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100) -> System32\drivers\rdpdr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - ReFS () -> (?) - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - ReFSv1 () -> (?) - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RFCOMM (@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI)) -> \SystemRoot\System32\drivers\rfcomm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - rhproxy (@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver) -> \SystemRoot\System32\drivers\rhproxy.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - s3cap () -> \SystemRoot\System32\drivers\vms3cap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdbus () -> \SystemRoot\System32\drivers\sdbus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SDFRd (@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector) -> \SystemRoot\System32\drivers\SDFRd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdstor (@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver) -> \SystemRoot\System32\drivers\sdstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SerCx (Serial UART Support Library) -> system32\drivers\SerCx.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - SerCx2 (Serial UART Support Library) -> system32\drivers\SerCx2.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Serenum (@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver) -> \SystemRoot\System32\drivers\serenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serial (@msports.inf,%Serial.SVCDESC%;Serial port driver) -> \SystemRoot\System32\drivers\serial.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sermouse (@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver) -> \SystemRoot\System32\drivers\sermouse.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sfloppy (@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive) -> \SystemRoot\System32\drivers\sfloppy.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SkcController (@oem25.inf,%SkcController.SVCDESC%;Intel(R) Control Logic) -> \SystemRoot\System32\drivers\SkcController.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SpatialGraphFilter (Holographic Spatial Graph Filter) -> System32\drivers\SpatialGraphFilter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - SpbCx (Simple Peripheral Bus Support Library) -> system32\drivers\SpbCx.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srvnet () -> System32\DRIVERS\srvnet.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - supportdriver (@oem50.inf,%supportdriver.SVCDESC%;Intel(R) Imaging Signal Processor 2500) -> \SystemRoot\System32\drivers\iaisp64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - swenum (@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver) -> \SystemRoot\System32\drivers\swenum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Synth3dVsc () -> \SystemRoot\System32\drivers\Synth3dVsc.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - TchS2Helper (@oem32.inf,%TchS2Helper.SVCDESC%;TchS2Helper Service) -> \SystemRoot\System32\drivers\TchS2Helper.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Tcpip6 (@todo.dll,-100;Microsoft IPv6 Protocol Driver) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - terminpt (@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver) -> \SystemRoot\System32\drivers\terminpt.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - TPM (@tpm.inf,%TPM%;TPM) -> \SystemRoot\System32\drivers\tpm.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - Trufos (Trufos) -> system32\DRIVERS\Trufos.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - tsusbflt (@%SystemRoot%\system32\drivers\tsusbflt.sys,-1000) -> System32\drivers\TsUsbFlt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TsUsbGD (@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device) -> \SystemRoot\System32\drivers\TsUsbGD.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - tunnel (@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver) -> \SystemRoot\System32\drivers\tunnel.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UASPStor (@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver) -> \SystemRoot\System32\drivers\uaspstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmCx0101 (USB Connector Manager KMDF Class Extension) -> System32\Drivers\UcmCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmTcpciCx0101 (UCM-TCPCI KMDF Class Extension) -> System32\Drivers\UcmTcpciCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmUcsi (@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client) -> \SystemRoot\System32\drivers\UcmUcsi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - Ucx01000 (USB Host Support Library) -> system32\drivers\ucx01000.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UdeCx (USB Device Emulation Support Library) -> system32\drivers\udecx.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - UEFI (@uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver) -> \SystemRoot\System32\drivers\UEFI.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Ufx01000 (USB Function Class Extension) -> system32\drivers\ufx01000.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UfxChipidea (@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller) -> \SystemRoot\System32\drivers\UfxChipidea.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ufxsynopsys (@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller) -> \SystemRoot\System32\drivers\ufxsynopsys.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - umbus (@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver) -> \SystemRoot\System32\drivers\umbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UmPass (@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver) -> \SystemRoot\System32\drivers\umpass.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsChipidea (@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urschipidea.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsCx01000 (USB Role-Switch Support Library) -> system32\drivers\urscx01000.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsSynopsys (@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urssynopsys.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbccgp (@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver) -> \SystemRoot\System32\drivers\usbccgp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbcir (@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR)) -> \SystemRoot\System32\drivers\usbcir.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbehci (@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbehci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbhub (@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver) -> \SystemRoot\System32\drivers\usbhub.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBHUB3 (@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub) -> \SystemRoot\System32\drivers\UsbHub3.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbohci (@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbprint (@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class) -> \SystemRoot\System32\drivers\usbprint.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbser (@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver) -> \SystemRoot\System32\drivers\usbser.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBSTOR (@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver) -> \SystemRoot\System32\drivers\USBSTOR.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbuhci (@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbuhci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbvideo (@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM)) -> \SystemRoot\System32\Drivers\usbvideo.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBXHCI (@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\USBXHCI.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - VerifierExt (@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000) -> system32\drivers\VerifierExt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhdmp () -> \SystemRoot\System32\drivers\vhdmp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhf (@%SystemRoot%\system32\drivers\vhf.sys,-100) -> \SystemRoot\System32\drivers\vhf.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - VirtualButtons (@oem55.inf,%VirtualButtons%;Intel(R) Virtual Buttons) -> \SystemRoot\System32\drivers\VirtualButtons.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - VMBusHID () -> \SystemRoot\System32\drivers\VMBusHID.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vmgid (@wvmgid.inf,%VmGid.SVCDESC%;Microsoft Hyper-V Guest Infrastructure Driver) -> \SystemRoot\System32\drivers\vmgid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vnvdimm (@vnvdimm.inf,%vnvdimm.SvcDesc%;Microsoft virtual NVDIMM device driver) -> \SystemRoot\System32\drivers\vnvdimm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vpci (@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus) -> \SystemRoot\System32\drivers\vpci.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - vwifimp (@%SystemRoot%\System32\drivers\vwifimp.sys,-261) -> \SystemRoot\System32\drivers\vwifimp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WacomPen (@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver) -> \SystemRoot\System32\drivers\wacompen.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wanarpv6 (@%systemroot%\system32\mprmsg.dll,-32012) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - wcnfs (@%systemroot%\system32\drivers\wcnfs.sys,-100) -> \SystemRoot\system32\drivers\wcnfs.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> \SystemRoot\system32\drivers\WdBoot.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> \SystemRoot\system32\drivers\WdFilter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - wdiwifi (WDI Driver Framework) -> system32\DRIVERS\wdiwifi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WdNisDrv (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370) -> system32\Drivers\WdNisDrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wdnsfltr (Windows Defender Network Stream Filter Driver) -> system32\drivers\wdnsfltr.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - WIMMount (@%SystemRoot%\system32\drivers\wimmount.sys,-101) -> system32\drivers\wimmount.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinMad (@mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service) -> \SystemRoot\System32\drivers\winmad.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinNat (@%SystemRoot%\system32\drivers\winnat.sys,-10001) -> system32\drivers\winnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WINUSB (@winusb.inf,%WINUSB_SvcDesc%;WinUsb Driver) -> \SystemRoot\System32\drivers\WinUSB.SYS - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinVerbs (@mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service) -> \SystemRoot\System32\drivers\winverbs.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wmbclass (@netwmbclass.inf,%wmbclass.Service.DispName%;USB Mobile Broadband Adapter Driver) -> \SystemRoot\System32\drivers\wmbclass.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WmiAcpi (@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI) -> \SystemRoot\System32\drivers\wmiacpi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WpdUpFltr (@%systemroot%\System32\drivers\WpdUpFltr.sys,-100) -> System32\drivers\WpdUpFltr.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WUDFRd (@%SystemRoot%\system32\drivers\WudfRd.sys,-1000) -> \SystemRoot\System32\drivers\WUDFRd.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WUDFWpdFs () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - xboxgip (@xboxgip.inf,%XBOXGIP_Desc%;Xbox Game Input Protocol Driver) -> \SystemRoot\System32\drivers\xboxgip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - xinputhid (@xinputhid.inf,%xinputhid.SvcDesc%;XINPUT HID Filter Driver) -> \SystemRoot\System32\drivers\xinputhid.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - ampa (ampa) -> \??\C:\Windows\system32\ampa.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - ddmdrv (ddmdrv) -> \??\C:\Windows\system32\ddmdrv.sys - AcceptPause: False - AcceptStop: True R4 - [Kernel Driver] - BioNTDrv (BioNTDrv) -> \??\C:\Program Files\Paragon Software\Hard Disk Manager 16 Basic\program\BioNTDrv.SYS - AcceptPause: False - AcceptStop: False S4 - [File System Driver] - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - cnghwassist (@%SystemRoot%\system32\drivers\cnghwassist.sys,-100) -> System32\DRIVERS\cnghwassist.sys - AcceptPause: False - AcceptStop: False S4 - [File System Driver] - udfs (udfs) -> system32\DRIVERS\udfs.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: False ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CEB9F3E9BD4E4FF1ACEB2370E55A36AC1] : (.-.) -> [HKU\S-1-5-21-3534096643-12334864-2903717510-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8248212A-01F7-4BF1-A4FD-BA0A965198B4}] : (Turbo.net Sandbox Manager 19.3.-.Code Systems Corporation) -> "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\Turbo\19.3.1945.0\Turbo-Sandbox.exe" /uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\abylonprotectionmanagersafe_is1] : (abylon KEYSAFE 17.60.1 (Privatversion).-.abylonsoft) -> "C:\Program Files\abylonsoft\SAKeySafe\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BitLocker Anywhere_is1] : (BitLocker Anywhere version 5.0.-.Hasleo Software.) -> "C:\Program Files\Hasleo\BitLocker Anywhere\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CEB9F3E9BD4E4FF1ACEB2370E55A36AC0] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EasyUEFI_is1] : (EasyUEFI version 3.6.-.Hasleo Software.) -> "C:\Program Files\Hasleo\EasyUEFI\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\proDAD-Adorage-3.0] : (proDAD Adorage 3.0 (64bit).-.proDAD GmbH) -> "C:\Program Files\proDAD\Adorage-3.0\uninstall.exe" uninstall spcp PATHVERSION "3.0" MAINNAME "Adorage" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\RFA11_is1] : (Registry First Aid 11.-.RoseCitySoftware) -> "C:\Program Files\RFA 11\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Software Informer_is1] : (Software Informer 1.4.1305.0.-.Informer Technologies, Inc.) -> "C:\Program Files\Software Informer\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Unlocker] : (Unlocker 1.9.2.-.Cedrick Collomb) -> C:\Program Files (x86)\Unlocker\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinToHDD_is1] : (WinToHDD version 3.2.-.Hasleo Software.) -> "C:\Program Files\Hasleo\WinToHDD\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0052BF58-5307-4F7D-A379-8F4EC9212FA8}] : (S Agent.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{0052BF58-5307-4F7D-A379-8F4EC9212FA8} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{06886E89-6E1B-4DD9-87F9-B9E25F63D74F}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{06886E89-6E1B-4DD9-87F9-B9E25F63D74F} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{125B62DE-4575-4D4D-982F-AB6F9E913B54}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{125B62DE-4575-4D4D-982F-AB6F9E913B54} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{19815424-A209-4B2C-9A86-DF2A4E4B5669}] : (Snagit 2019.-.TechSmith Corporation) -> MsiExec.exe /I{19815424-A209-4B2C-9A86-DF2A4E4B5669} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{20CA507E-24AA-4741-87CF-CC1B250790B7}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{232046DA-BB57-4114-9A0D-1119F00C4398}] : (FirewallEngine.-.adaware) -> MsiExec.exe /I{232046DA-BB57-4114-9A0D-1119F00C4398} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{258E992F-46AD-45FB-B83B-0CE0EC6FC549}] : (Intel(R) Management Engine Driver.-.Intel Corporation) -> MsiExec.exe /I{258E992F-46AD-45FB-B83B-0CE0EC6FC549} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26F31E12-3722-45FD-903B-49012286BB4C}] : (OnlineThreatsEngine.-.adaware) -> MsiExec.exe /I{26F31E12-3722-45FD-903B-49012286BB4C} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{38FBDB20-F62D-4CD6-A04E-87FD30F3E43A}] : (Paragon UIM.-.Paragon Software) -> MsiExec.exe /I{38FBDB20-F62D-4CD6-A04E-87FD30F3E43A} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}] : (AdAwareInstaller.-.adaware) -> MsiExec.exe /I{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5C7A5F94-02E9-4C5D-A594-B1F10865965A}] : (AntimalwareEngine.-.adaware) -> MsiExec.exe /I{5C7A5F94-02E9-4C5D-A594-B1F10865965A} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5CD8F386-6796-4500-9FD8-CF92C9276B62}] : (COMODO Internet Security Premium.-.COMODO Security Solutions Inc.) -> MsiExec.exe /I{5CD8F386-6796-4500-9FD8-CF92C9276B62} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5FFF7119-74E8-442E-970E-50BAD81D5371}] : (AdAwareUpdater.-.adaware) -> MsiExec.exe /I{5FFF7119-74E8-442E-970E-50BAD81D5371} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}] : (Qualcomm Atheros Bluetooth Installer (64).-.Qualcomm Atheros) -> MsiExec.exe /X{628988B4-3FA5-4EA6-BAA3-DA640F6718BD} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6AF12D35-E079-44D3-957F-CA9FBF9801A5}] : (Paragon Hard Disk Manager™ 16.5 Advanced.-.Paragon Software) -> MsiExec.exe /X{6AF12D35-E079-44D3-957F-CA9FBF9801A5} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{700C79E1-C8E3-454E-B760-CAFFE9F2A6AA}] : (AvcEngine.-.adaware) -> MsiExec.exe /I{700C79E1-C8E3-454E-B760-CAFFE9F2A6AA} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7DE129E5-BB4A-4517-A6CD-C69EEB346781}] : (AntispamEngine.-.adaware) -> MsiExec.exe /I{7DE129E5-BB4A-4517-A6CD-C69EEB346781} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C}] : (AdAwareProxyEngine.-.adaware) -> MsiExec.exe /I{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{81520FC5-3518-40E9-9803-70CE8A801D07}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{81520FC5-3518-40E9-9803-70CE8A801D07} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8B4DBB94-B69B-4C4F-AADD-C10CFB220F1F}] : (Microsoft VC++ redistributables repacked..-.Intel Corporation) -> MsiExec.exe /I{8B4DBB94-B69B-4C4F-AADD-C10CFB220F1F} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8D64B0CF-B925-4AC6-A7A7-9CDDC6733122}] : (Simply Good Pictures 5 Free.-.Engelmann Software) -> MsiExec.exe /I{8D64B0CF-B925-4AC6-A7A7-9CDDC6733122} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8DB422C2-D359-49B1-A685-B71DA7358D5C}_is1] : (Remo ONE 1.0.0.-.Remo Software) -> "C:\Program Files\Remo ONE\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8DD5B1BF-E1BB-43DB-965C-DC6180A19518}_is1] : (Remo Repair MOV.-.Remo Software) -> "C:\Program Files\Remo Repair MOV 2.0\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A573D759-F894-448D-A420-3A9C31879F88}_is1] : (Remo Recover 5.0.-.Remo Software) -> "C:\Program Files\Remo Recover 5.0\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AFD24778-C2B9-41AC-881C-1E0DD7E07A7A}_is1] : (Remo Duplicate File Remover.-.Remo Software) -> "C:\Program Files\Remo Duplicate File Remover 1.0\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B709B962-53AA-446A-A733-95D1A6C5DE50}] : (Camtasia 2018.-.TechSmith Corporation) -> MsiExec.exe /I{B709B962-53AA-446A-A733-95D1A6C5DE50} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B8C26C25-0652-4D1D-90EF-330EAD99FFDC}] : (DriversCloud.com (64 bits).-.Cybelsoft) -> MsiExec.exe /X{B8C26C25-0652-4D1D-90EF-330EAD99FFDC} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C0C78593-1CF0-4CD8-A80C-191FE561F5A5}] : (WlSarService.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{C0C78593-1CF0-4CD8-A80C-191FE561F5A5} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C9552825-7BF2-4344-BA91-D3CD46F4C442}] : (Intel(R) Trusted Connect Service Client x64.-.Intel Corporation) -> MsiExec.exe /I{C9552825-7BF2-4344-BA91-D3CD46F4C442} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D21EED26-59C0-4315-BDCC-D682496465E9}] : (Samsung Recovery.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{D21EED26-59C0-4315-BDCC-D682496465E9} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DF4E2424-348F-4227-9096-8EA478DFAB4E}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{DF4E2424-348F-4227-9096-8EA478DFAB4E} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E8CFA44D-E9D9-4FBB-B5A5-7022E2FB8ACC}_is1] : (Remo Backup.-.Remo Software) -> "C:\Program Files\Remo Backup\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}] : (Intel(R) ME UninstallLegacy.-.Intel Corporation) -> MsiExec.exe /I{E9B9A1A5-6398-4C99-8FDE-10794F6505C5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Babylon] : (Babylon.-.Babylon) -> C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\uninstbb.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BabylonToolbar] : (Babylon toolbar.-.) -> "C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BSPlayerf] : (BS.Player FREE.-.AB Team, d.o.o.) -> "C:\Program Files (x86)\Webteh\BSPlayer\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\CEB9F3E9BD4E4FF1ACEB2370E55A36AC2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Compel install Adaptec WinASPI-4.6.0(1021)_is1] : (Compel Adaptec WinASPI.-.) -> "C:\Program Files (x86)\WinASPI\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Folder Lock] : (Folder Lock.-.New Softwares.net) -> "C:\Program Files (x86)\NewSoftware's\Folder Lock\uninstall.exe" -u [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FULL-DISKfighter] : (FULL-DISKfighter.-.SPAMfighter ApS.) -> "C:\Program Files (x86)\Fighters\FULL-DISKfighter\Uninstall.exe" Remove [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IObit Software Updater_is1] : (IObit Software Updater.-.IObit) -> "C:\Program Files (x86)\IObit\Software Updater\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IObitUninstall] : (IObit Uninstaller 8.-.IObit) -> "C:\Program Files (x86)\IObit\IObit Uninstaller\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\lfsh_uefm_efm_b162_w16_anaamfuw suite essentials setup] : (lfsh_uefm_efm_b162_w16_anaamfuw suite essentials setup.-.EFM_UEFM_Barrow_U) -> "C:\Users\EFM_UEFM_Barrow_U\AppData\Local\lfsh_uefm_efm_b162_w16_anaamfuw suite essentials setup\uninst.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\mmswitch] : (Morgan Stream Switcher.-.) -> "C:\Program Files (x86)\Morgan\mmswitch\uninst.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Moo0 DiskCleaner] : (Moo0 Néttoyeur de Disque 1.23.-.) -> C:\Program Files (x86)\Moo0\DiskCleaner 1.23\uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Moo0 ImageViewer] : (Moo0 Visionneuse d'Image SP 1.80.-.) -> C:\Program Files (x86)\Moo0\ImageViewer SP 1.80\uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Moo0 RightClicker] : (Moo0 Clic Droit Pro 1.56.-.) -> C:\Program Files (x86)\Moo0\RightClicker Pro 1.56\uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Moo0 VideoMinimizer] : (Moo0 Resizer vidéo 1.24.-.) -> C:\Program Files (x86)\Moo0\VideoResizer 1.24\uninstaller.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\OneSafe PC Cleaner_is1] : (OneSafe PC Cleaner v6.9.6.1.-.Avanquest Software) -> "E:\OneSafe PC Cleaner\unins001.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\OUTDATEfighter] : (OUTDATEfighter.-.SPAMfighter ApS) -> "C:\Program Files (x86)\Fighters\OUTDATEfighter\Uninstall.exe" Remove [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PC Cleaner_is1] : (PC Cleaner v6.9.6.1.-.PC Helpsoft) -> "L:\PC Cleaner\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PDF Conversa_is1] : (PDF Conversa.-.ASCOMP Software GmbH) -> "C:\Program Files (x86)\ASCOMP Software\PDF Conversa\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\QuickStores-Toolbar_is1] : (QuickStores-Toolbar 1.1.0.-.AB-Tools.com) -> "C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\QuickStoresToolbar\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\UnBlocker - FREEWARE_is1] : (UnBlocker.-.) -> "C:\Program Files (x86)\UnBlocker\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Unlocker] : (Unlocker 1.9.1.-.Cedrick Collomb) -> C:\Program Files (x86)\Unlocker\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VobSub] : (VobSub v2.23 (Remove Only).-.) -> "C:\Program Files (x86)\Gabest\VobSub\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Folder Hider_is1] : (Wise Folder Hider.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Folder Hider\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Memory Optimizer_is1] : (Wise Memory Optimizer 3.6.4.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Memory Optimizer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise YouTube Downloader_is1] : (Wise YouTube Downloader 2.8.2.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise YouTube Downloader\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{040FAA1B-3FB0-4610-A12D-4D165645E6D4}_is1] : (SysTools AD Browser v1.0.-.SysTools Software Pvt. Ltd.) -> "C:\Program Files (x86)\SysTools AD Browser\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{09170A3C-022B-42DF-BD63-D5FDD326133F}_is1] : (Symlink helper version 1.0.1.0.-.Marcin Szeniak) -> "C:\Program Files (x86)\Symlink helper\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2452C59D-5140-4A9A-A97F-B925390619E1}] : (Silent Install Builder 5.-.Aprel Tech, LLC) -> MsiExec.exe /X{2452C59D-5140-4A9A-A97F-B925390619E1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2CB37FA5-4137-49EE-8EE3-FB6424FED39D}_is1] : (iCare Format Recovery.-.iCareAll Inc.) -> "C:\Program Files (x86)\iCare Format Recovery\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{33A9041E-C619-4387-84C2-04DA1A5231E1}_is1] : (SysTools Mail Converter v1.0.-.SysTools Software Pvt. Ltd.) -> "C:\Program Files (x86)\SysTools Mail Converter\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{34CCB0FE-A68A-4C97-8F33-45B8BBDAC4B8}}_is1] : (SysTools VHDX Viewer v5.0.-.SysTools Software Pvt. Ltd.) -> "C:\Program Files\SysTools VHDX Viewer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3F3FB10C-7175-4D38-9335-3488B89C12AF}] : (OkayFreedom.-.Steganos Software GmbH) -> C:\Program Files (x86)\OkayFreedom\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5493FC89-21E8-4D88-BCA1-4D33F1410968}] : (Air Command.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{5493FC89-21E8-4D88-BCA1-4D33F1410968} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{56C76A75-BF3A-41E9-96D6-929E058DD38F}] : (Microsoft VC++ redistributables repacked..-.Intel Corporation) -> MsiExec.exe /I{56C76A75-BF3A-41E9-96D6-929E058DD38F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{61edd47c-c795-4f57-92f1-a20140231795}] : (Turbo Studio 19.-.Code Systems) -> MsiExec.exe /I{61edd47c-c795-4f57-92f1-a20140231795} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{79087BA9-C5B5-4081-A374-310AC02E2896}] : (ProtectStar(TM) iShredder 7.-.ProtectStar Inc.) -> MsiExec.exe /I{79087BA9-C5B5-4081-A374-310AC02E2896} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7C656021-D87C-4236-80DD-DBBEB205DA36}] : (FULL-DISKfighter.-.SPAMfighter ApS.) -> MsiExec.exe /X{7C656021-D87C-4236-80DD-DBBEB205DA36} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{87A08690-781E-4A8E-8300-775A2EA02932}] : (Show Window.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{87A08690-781E-4A8E-8300-775A2EA02932} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8B438F56-F6B0-4A48-8753-EA84E536E5D5}_is1] : (SysTools PDF Bates Numberer v3.5.-.SysTools Software Pvt. Ltd.) -> "C:\Program Files (x86)\SysTools PDF Bates Numberer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A8DF9623-2275-42d5-B47F-5BC6B2625246}_is1] : (SysTools E01 Viewer v2.0.-.SysTools Software Pvt. Ltd.) -> "C:\Program Files (x86)\SysTools E01 Viewer\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AmazingFreeFolderPasswordLock}_is1] : (Amazing Folder Password Lock version 7.8.8.8.-.www.Amazing-Share.com) -> "C:\Program Files (x86)\Amazing-Share\Amazing Folder Password Lock\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B00E4D16-FCAD-4F83-8CC4-FE6A14096770}_is1] : (SysTools NTFS Log Analyzer 1.0.-.SysTools Software) -> "C:\Program Files (x86)\SysTools NTFS Log Analyzer\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C9552825-7BF2-4344-BA91-D3CD46F4C441}] : (Intel(R) Trusted Connect Service Client x86.-.Intel Corporation) -> MsiExec.exe /I{C9552825-7BF2-4344-BA91-D3CD46F4C441} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CDB4F12C-2E9E-48CC-8591-663964C1BAE3}] : (Samsung System Agent.-.Samsung Electronics Co., Ltd.) -> MsiExec.exe /I{CDB4F12C-2E9E-48CC-8591-663964C1BAE3} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628}] : (COMODO Secure Shopping.-.COMODO) -> MsiExec.exe /X{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D3A5E63A-5648-48D8-9283-149D9BFE44E9}_is1] : (Remo Repair Word.-.Remo Software) -> "C:\Program Files (x86)\Remo Repair Word 2.0\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}] : (OUTDATEfighter.-.SPAMfighter ApS) -> MsiExec.exe /X{DD016DFA-EDD4-46F4-B847-6B09724ECA95} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0CF025B-D6F3-4F7C-939B-23291F52875C}] : (Linux File Systems for Windows by Paragon Software.-.Paragon Software GmbH) -> MsiExec.exe /X{F0CF025B-D6F3-4F7C-939B-23291F52875C} ---------- | Ports ---------- | Microsoft Specifications CheckID: FULL_DISKfighter1{7C656021-D87C-4236-80DD-DBBEB205DA36} - Not VersionNT64 -> FULL_DISKfighter CheckID: FULL_DISKfighter_x641{7C656021-D87C-4236-80DD-DBBEB205DA36} - VersionNT64 -> FULL_DISKfighter_x64 CheckID: Options_Files_320{B709B962-53AA-446A-A733-95D1A6C5DE50} - NOT VersionNT64 -> Options_Files_32 CheckID: AutoCrashDump640{19815424-A209-4B2C-9A86-DF2A4E4B5669} - NOT(VersionNT64) -> AutoCrashDump64 CheckID: UCRT0{19815424-A209-4B2C-9A86-DF2A4E4B5669} - UCRT_INSTALLED -> UCRT CheckID: dokanlib.x640{F0CF025B-D6F3-4F7C-939B-23291F52875C} - Not VersionNT64 -> dokanlib.x64 CheckID: dokandrv.x640{F0CF025B-D6F3-4F7C-939B-23291F52875C} - Not VersionNT64 -> dokandrv.x64 ---------- | CLSID (Whitelist) [HKCR\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}] - (.-.) - C:\Windows\SysWow64\xvid.ax [05/06/2004 12:59:14] [HKCR\CLSID\{15FD01A3-6E5D-4ECD-9EBD-1813CB3887A1}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{179F3D56-1B0B-42B2-A962-59B7EF59FE1B}] - (.-.) - C:\Windows\SysWOW64\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll [15/03/2019 05:50:11] [HKCR\CLSID\{181A38F4-6CE6-4edc-8DB0-6E5631963A1E}] - (.-.) - C:\Windows\SysWOW64\LocationFramework.dll [HKCR\CLSID\{1965FEA3-3896-438B-B789-F5981797E7E7}] - (.-.) - C:\Windows\SysWOW64\MapsBtSvcProxy.dll [HKCR\CLSID\{1CEBDE3E-6B91-484A-AF48-5E4F4ED6B1E1}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{1EA8EE18-48CB-49B6-9525-CF08BD600175}] - (.-.) - C:\Users\EFM_UEFM_Barrow_U\AppData\Roaming\CDTPL\Krypt.dll [18/03/2019 00:34:39] [HKCR\CLSID\{206FA6D0-A493-41FA-943D-3F655088F7B9}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}] - (.-.) - "C:\Program Files (x86)\Windows Defender\MpOav.dll" [HKCR\CLSID\{2C5F9B72-7148-4D97-BFC9-68A0E076BEBD}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{2DD257A3-5028-41AE-A1E7-A12F76A08893}] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [15/02/2019 05:48:54] [HKCR\CLSID\{2FE8F810-B2A5-11d0-A787-0000F803ABFC}] - (.-.) - C:\Windows\system32\dplayx.dll [HKCR\CLSID\{363BE3C0-DDD4-4B21-BC6D-7E9DF8CE19CB}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{3647D1DF-A67B-4882-A74E-67EEB4178F89}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [15/03/2019 05:51:03] [HKCR\CLSID\{3F052B8E-512B-419D-9E06-9B9ADDC7118C}] - (.-.) - C:\Windows\SysWOW64\MapsCSP.dll [HKCR\CLSID\{4062C116-0270-11D3-8BCB-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{4108FA85-3586-11D3-8BD7-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{4516EC43-8F20-11D0-9B6D-0000C0781BC3}] - (.-.) - C:\Windows\system32\d3dxof.dll [HKCR\CLSID\{4EE17959-931E-49E4-A2C6-977ECF3628F3}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{51A00247-40A8-4845-9F17-7DBFCC9A8783}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\avi.dll [15/03/2019 11:53:35] [HKCR\CLSID\{51FC9E18-6E66-4BE2-BA40-3F68213E6EC0}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [15/03/2019 05:51:03] [HKCR\CLSID\{53D9DE0B-FC61-4650-9773-74D13CC7E582}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\mkx.dll [15/03/2019 11:53:35] [HKCR\CLSID\{54B7D246-951E-4BEA-B551-93D178284D13}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [15/03/2019 05:51:03] [HKCR\CLSID\{5DE7918B-BFD7-4C1E-B4E0-B16D0A3EA76B}] - (.-.) - C:\Windows\SysWOW64\AuthHostProxy.dll [HKCR\CLSID\{5EB699B3-9296-41BA-9258-DE70F03B7D6C}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{640167b4-59b0-47a6-b335-a6b3c0695aea}] - (.-.) - C:\Windows\system32\audiodev.dll [HKCR\CLSID\{64697678-0000-0010-8000-00AA00389B71}] - (.-.) - C:\Windows\SysWow64\xvid.ax [05/06/2004 12:59:14] [HKCR\CLSID\{64F2005C-6CF5-4652-B94F-600360B15B27}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\mkx.dll [15/03/2019 11:53:35] [HKCR\CLSID\{67213461-9306-4978-AC8D-608589F90F03}] - (.WiseVideoSuite.com - IE Add-on for download YouTube video..) - C:\PROGRA~2\Wise\WISEYO~1\WVDAdd.dll [15/03/2019 17:27:24] [HKCR\CLSID\{6ABB1C11-E261-4CEA-BBB5-3836225689DD}] - (.-.) - C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt32.dll [15/03/2019 09:28:40] [HKCR\CLSID\{760A8F35-97E7-479D-AAF5-DA9EFF95D751}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\dxr.dll [15/03/2019 11:53:35] [HKCR\CLSID\{79BA9E00-B6EE-11D1-86BE-00C04FBF8FEF}] - (.-.) - C:\Windows\System32\dmband.dll [HKCR\CLSID\{7A4A2147-162A-4c0b-ACF3-34620AECA9ED}] - (.(c) Intelligent Converters. - This is COM API implementing PDF-to-Word conversion. It has been developed by Intelligent Converters for PROMT..) - C:\Program Files (x86)\ASCOMP Software\PDF Conversa\p2wcom.dll [23/03/2019 12:14:23] [HKCR\CLSID\{810B5013-E88D-11D2-8BC1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{8685C4A9-D0E4-444C-87A0-D9FB858235A7}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{882BC1E4-C79E-475D-8CC7-CC8D112FDB17}] - (.-.) - C:\Windows\SysWOW64\RMSRoamingSecurity.dll [HKCR\CLSID\{8839A1BA-6D01-4525-98EB-723C628320F0}] - (.-.) - C:\Windows\SysWOW64\Windows.Mirage.dll [15/03/2019 05:51:03] [HKCR\CLSID\{8E8B4A31-408B-4929-86A4-A9FA9F01BA43}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\dxr.dll [15/03/2019 11:53:35] [HKCR\CLSID\{95BD18C1-D7FB-4BD3-839A-1C37C90131B1}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{994B3B2F-2880-4318-A583-15C38A01F571}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{9F2D4924-C5F4-43B6-A4AB-C4161C4C2879}] - (.-.) - C:\Program Files\COMODO\COMODO Internet Security\cmdcom32.dll [04/03/2019 22:34:22] [HKCR\CLSID\{A020FAD9-D661-4857-AA43-E6A86FF1163E}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{A36C253D-CEE4-4BCA-9CC2-E03CF6BBB054}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\dxr.dll [15/03/2019 11:53:35] [HKCR\CLSID\{A6098E79-9C50-4F87-8973-5FB4532C93D8}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{A7005AF0-D6E8-48AF-8DFA-023B1CF660A7}] - (.-.) - C:\Program Files\TeraCopy\TeraCopy.dll [15/03/2019 09:28:14] [HKCR\CLSID\{A8005AF0-D6E8-48AF-8DFA-023B1CF660A7}] - (.-.) - C:\PROGRA~1\TeraCopy\TERACO~3.DLL [15/03/2019 09:28:15] [HKCR\CLSID\{A82536D7-C8E6-4CEF-AA66-11E97EDDFC6D}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{A861C6E2-FCFC-11D2-8BC9-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{B3DE7EDC-0CD4-4d07-B1C5-92219CD475CC}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\mp4.dll [15/03/2019 11:53:35] [HKCR\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}] - (.(c) Babylon Ltd. -.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarEng.dll [07/11/2010 10:21:48] [HKCR\CLSID\{B841F346-4835-4de8-AA5E-2E7CD2D4C435}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\ts.dll [15/03/2019 11:53:35] [HKCR\CLSID\{BD4FB4BE-809D-487b-ADD6-F7D164247E52}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\mkx.dll [15/03/2019 11:53:35] [HKCR\CLSID\{C5621364-87CC-4731-8947-929CAE75323E}] - (.-.) - %windir%\system32\F12\msdbg2.dll [HKCR\CLSID\{C64501F6-E6E6-451f-A150-25D0839BC510}] - (.-.) - C:\Windows\SysWOW64\speech\engines\tts\MSTTSEngine.dll [29/09/2017 14:42:24] [HKCR\CLSID\{C70EB77F-EFD4-4678-A27B-BF1648F30D04}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{CDAEB70C-E686-4299-93EB-7D63D77B7F63}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{D1EB6D20-8923-11d0-9D97-00A0C90A43CB}] - (.-.) - C:\Windows\system32\dplayx.dll [HKCR\CLSID\{D2AC2894-B39B-11D1-8704-00600893B1BD}] - (.-.) - C:\Windows\System32\dmband.dll [HKCR\CLSID\{D3075F87-A7BD-4231-9F6A-60C5E07374A7}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{D6FCA954-F7AE-4EAC-8783-85F5E4ABD840}] - (.-.) - %windir%\system32\F12\pdmproxy100.dll [HKCR\CLSID\{D8E090A5-4149-467D-8103-BFB8F51E8BCB}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{DB43B405-43AA-4f01-82D8-D84D47E6019C}] - (.-.) - C:\Program Files (x86)\FreeCodecPack\Haali\ogm.dll [15/03/2019 11:53:35] [HKCR\CLSID\{DDE4BEEB-DDE6-48fd-8EB5-035C09923F83}] - (.-.) - C:\Program Files (x86)\Unlocker\UnlockerCOM.dll [04/07/2010 22:32:38] [HKCR\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}] - (.-.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll [HKCR\CLSID\{e8cc4cbe-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll [HKCR\CLSID\{e8cc4cbf-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll [HKCR\CLSID\{EBF2320A-2502-11D3-8BD1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{FA6C507D-A9AF-4385-86C0-80115F0AE20B}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{fdb00e52-a214-4aa1-8fba-4357bb0072ec}] - (.-.) - %windir%\system32\amsi.dll [HKCR\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}] - (.(c) Babylon Ltd. -.) - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll [07/11/2010 10:21:52] ---------- | Installer [HKCR\Installer\Products\02BDBF83D26F6DC40AE478DF033F4EA3] : Paragon UIM [HKCR\Installer\Products\09680A78E187E8A4380077A5E20A9223] : Show Window -> C:\windows\Installer\{87A08690-781E-4A8E-8300-775A2EA02932}\icon.exe [HKCR\Installer\Products\0B9FD51D89A3FEB47B5DCFA3AE746382] : COMODO Secure Shopping -> C:\Windows\Installer\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628}\icon.ico [HKCR\Installer\Products\0DA3CAEF620136F4AAFA5EFC4F22CBDC] : [HKCR\Installer\Products\0EA8C7F7B169DEA49BA99DEB920C2FC4] : AdAwareProxyEngine -> C:\Windows\Installer\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\120656C7C78D632408DDBDEB2B50AD63] : FULL-DISKfighter -> C:\Windows\Installer\{7C656021-D87C-4236-80DD-DBBEB205DA36}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1E97C0073E8CE4547B06ACFF9E2F6AAA] : AvcEngine -> C:\Windows\Installer\{700C79E1-C8E3-454E-B760-CAFFE9F2A6AA}\ARPPRODUCTICON.exe [HKCR\Installer\Products\21E13F622273DF5409B394102268BBC4] : OnlineThreatsEngine -> C:\Windows\Installer\{26F31E12-3722-45FD-903B-49012286BB4C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\269B907BAA35A6447A33591D6A5CED05] : Camtasia 2018 -> C:\Windows\Installer\{B709B962-53AA-446A-A733-95D1A6C5DE50}\CamStudio.ico [HKCR\Installer\Products\39587C0C0FC18DC48AC091F15E165F5A] : WlSarService [HKCR\Installer\Products\4242E4FDF84372240969E84A87FDBAE4] : Intel(R) Management Engine Components [HKCR\Installer\Products\42451891902AC2B4A968FDA2E4B46596] : Snagit 2019 [HKCR\Installer\Products\49F5A7C59E20D5C45A491B1F805669A5] : AntimalwareEngine -> C:\Windows\Installer\{5C7A5F94-02E9-4C5D-A594-B1F10865965A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4B8898265AF36AE4AB3AAD46F07681DB] : Qualcomm Atheros Bluetooth Installer (64) -> C:\windows\Installer\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}\ARPPRODUCTICON.exe [HKCR\Installer\Products\51E3D52DDBACc0246BC2071C5CEE36DF] : [HKCR\Installer\Products\5282559C2FB74434AB193DDC644F4C14] : Intel(R) Trusted Connect Service Client x86 [HKCR\Installer\Products\5282559C2FB74434AB193DDC644F4C24] : Intel(R) Trusted Connect Service Client x64 [HKCR\Installer\Products\52C62C8B2560D1D409FE33E0DA99FFCD] : DriversCloud.com (64 bits) -> C:\Windows\Installer\{B8C26C25-0652-4D1D-90EF-330EAD99FFDC}\maconfico [HKCR\Installer\Products\53D21FA6970E3D4459F7ACF9FB89105A] : Paragon Hard Disk Manager™ 16.5 Advanced [HKCR\Installer\Products\5A1A9B9E893699C4F8ED0197F456505C] : Intel(R) ME UninstallLegacy [HKCR\Installer\Products\5CF0251881539E04893007ECA808D170] : Intel(R) Chipset Device Software [HKCR\Installer\Products\5E921ED7A4BB71546ADC6CE9BE437618] : AntispamEngine -> C:\Windows\Installer\{7DE129E5-BB4A-4517-A6CD-C69EEB346781}\ARPPRODUCTICON.exe [HKCR\Installer\Products\62DEE12D0C955134DBCC6D289446569E] : Samsung Recovery -> C:\windows\Installer\{D21EED26-59C0-4315-BDCC-D682496465E9}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\683F8DC569760054F98DFC299C72B626] : COMODO Internet Security Premium [HKCR\Installer\Products\70916FFBD2AA62A36866899D656AA2CB] : Visual C++ 10.0 CRT (x64) [HKCR\Installer\Products\7223F443205F9124D94C91765E68AFAF] : Update for Windows 10 for x64-based Systems (KB4480730) [HKCR\Installer\Products\75B373813CF4A1B4593B7A5ECD5A777F] : Qualcomm Atheros Setup -> C:\windows\Installer\{18373B57-4FC3-4B1A-95B3-A7E5DCA577F7}\ARPPRODUCTICON.exe [HKCR\Installer\Products\85FB25007035D7F43A97F8E49C12F28A] : S Agent [HKCR\Installer\Products\9117FFF58E47E24479E005AB8DD13517] : AdAwareUpdater -> C:\Windows\Installer\{5FFF7119-74E8-442E-970E-50BAD81D5371}\ARPPRODUCTICON.exe [HKCR\Installer\Products\98CF39458E1288D4CB1AD4331F149086] : Air Command -> C:\windows\Installer\{5493FC89-21E8-4D88-BCA1-4D33F1410968}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\98E68860B1E69DD4789F9B2EF5367DF4] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\AD64023275BB4114A9D011910FC03489] : FirewallEngine -> C:\Windows\Installer\{232046DA-BB57-4114-9A0D-1119F00C4398}\ARPPRODUCTICON.exe [HKCR\Installer\Products\AFD610DD4DDE4F648B74B69027E4AC59] : OUTDATEfighter -> C:\Windows\Installer\{DD016DFA-EDD4-46F4-B847-6B09724ECA95}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B1693ABFFD1DC394CBF16ED7B3388259] : Update for Windows 10 for x64-based Systems (KB4023057) [HKCR\Installer\Products\B520FC0F3F6DC7F439B93292F12578C5] : Linux File Systems for Windows by Paragon Software -> C:\Windows\Installer\{F0CF025B-D6F3-4F7C-939B-23291F52875C}\LinuxFS4Win.ico [HKCR\Installer\Products\C21F4BDCE9E2CC8458196693461CAB3E] : Samsung System Agent [HKCR\Installer\Products\c74dde16597c75f4291f2a1004327159] : Turbo Studio 19 -> C:\Windows\Installer\{61edd47c-c795-4f57-92f1-a20140231795}\controlPanelIcon.exe [HKCR\Installer\Products\D95C25420415A9A49AF79B529360911E] : Silent Install Builder 5 -> C:\Windows\Installer\{2452C59D-5140-4A9A-A97F-B925390619E1}\app_icon.ico [HKCR\Installer\Products\ED26B5215754D4D489F2BAF6E919B345] : Intel(R) Management Engine Components [HKCR\Installer\Products\EFE689CFCCA0DC443BF4245CCDAF8700] : [HKCR\Installer\Products\F299E852DA64BF548BB3C00ECEF65C94] : Intel(R) Management Engine Driver [HKCR\Installer\Products\FC0B46D8529B6CA47A7AC9DD6C371322] : Simply Good Pictures 5 Free [HKCR\Installer\Products\FD91ED4468AAA794C9ACF4250DFB9F8A] : AdAwareInstaller -> C:\Windows\Installer\{44DE19DF-AA86-497A-9CCA-4F52D0BFF9A8}\ARPPRODUCTICON.exe ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Nom de l’application défaillante CHXSmartScreen.exe, version : 10.0.16299.1004, horodatage : 0x5c68b819 Nom du module défaillant : edgehtml.dll, version : 11.0.16299.1029, horodatage : 0x846c2745 Code d’exception : 0x80070005 Décalage d’erreur : 0x00000000005355e9 ID du processus défaillant : 0x3dc4 Heure de début de l’application défaillante : 0x01d4e5897482d12a Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\edgehtml.dll ID de rapport : 04ef0980-0aad-471b-b606-2b330eb3d889 Nom complet du package défaillant : Microsoft.Windows.Apprep.ChxApp_1000.16299.1004.0_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : App ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\AOMEI Partition Assistant\MFC80U.DLL ». Assembly dépendant Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\AOMEI Partition Assistant\MFC80U.DLL ». Assembly dépendant Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" introuvable. Utilisez sxstrace.exe pour un diagnostic détaillé. ------------ Nom de l’application défaillante PinTaskbarTool.exe, version : 1.0.0.0, horodatage : 0x5a1e4c46 Nom du module défaillant : KERNELBASE.dll, version : 10.0.16299.1004, horodatage : 0x690aa820 Code d’exception : 0xe0434352 Décalage d’erreur : 0x00104622 ID du processus défaillant : 0x39a8 Heure de début de l’application défaillante : 0x01d4e57c6ede5b73 Chemin d’accès de l’application défaillante : C:\Users\EFM_UE~1\AppData\Local\Temp\is-GB5R1.tmp\PinTaskbarTool.exe Chemin d’accès du module défaillant: C:\Windows\System32\KERNELBASE.dll ID de rapport : f9b45dc5-99fc-4a2a-b1ba-2658422fc710 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Application : PinTaskbarTool.exe Version du Framework : v4.0.30319 Description : le processus a été arrêté en raison d'une exception non gérée. Informations sur l'exception : System.Exception à PintoTB10.Utils.ChangeImagePathName(System.String) à PintoTB10.Program.Main(System.String[]) ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ Erreur lors de la mise à jour du statut vers SECURITY_PRODUCT_STATE_OFF. ------------ ----------( EOF)---------- - 9206 | 18:33:51