--------------- QuickDiag | g3n-h@ckm@n | V5_29.10.19.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 23/07/2023 22:17:12 Updated 29/10/2019 | 06:45 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Brussels, Copenhagen, Madrid, Paris [4rem été 2023 vexe s (Administrator)] - [4REMETE2024VEXE] (S-1-5-21-3171542008-311482996-984047150-1001) System: Microsoft Windows 8.1 - - (6.3.9600) - BuildType: Multiprocessor Free - OSLanguage: 1033 (040c) -> () System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 8.1|C:\Windows|\Device\Harddisk0\Partition7 Boot : Normal boot PC: CQ2904EF - Hewlett-Packard - IdNumber: 4CH3100VPJ - UUID: 2C238515-5AA2-7984-51F0-370493363EDB Processor : X64 - 1397 Mhz - AMD E1-1200 APU with Radeon(tm) HD Graphics 8.17 - fra - AMI - S/N: 4CH3100VPJ - 8.17 - HPQOEM - 1072009 CoreTemp : ? Celsius ----------| Extended ---------- | SoundDevice High Definition Audio Device - Status: OK - Manufacturer: Microsoft - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_103C2AE3&REV_1001\4&2070A159&0&0001 ---------- | Video AMD Radeon HD 7310 Graphics - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,aticfx32,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll - PNPDeviceID: PCI\VEN_1002&DEV_9809&SUBSYS_2AE3103C&REV_00\3&11583659&0&08 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 402653184 Inegrated Video Chipset DeviceName: AMD Radeon HD 7310 Graphics - DriverVersion: 8.14.01.6354 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\bdmpega64.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 75784 - Manufacturer: - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 41880 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 52736 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 82432 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34088 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 37888 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25312 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 35664 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\bdmjpeg64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 75248 - Manufacturer: - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 26624 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\bdmpegv64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 75272 - Manufacturer: - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 15872 - Manufacturer: Microsoft Corporation - Status: OK ---------- | Memory RAM = Total (MB) : 3748 | Free (MB) : 210 Pagefile = Total (MB) : 8840 | Free (MB) : 1083 Virtual = Total (MB) : 4194 | Free (MB) : 3927 Physical Memory (MB) -------------------- Total: 3659 Available: 205 Cached: 152 Free: 384 Kernel Memory (MB) ------------------ Paged: 300 Nonpaged: 83 System ------ Handles: 49445 Processes: 102 Threads: 1427 ---------- | SID Users 4rem été 2023 vexe s : [S-1-5-21-3171542008-311482996-984047150-1001] Administrator : [S-1-5-21-3171542008-311482996-984047150-500] Guest : [S-1-5-21-3171542008-311482996-984047150-501] HomeGroupUser$ : [S-1-5-21-3171542008-311482996-984047150-1003] Administrators : [S-1-5-32-544] Distributed COM Users : [S-1-5-32-562] Event Log Readers : [S-1-5-32-573] Guests : [S-1-5-32-546] IIS_IUSRS : [S-1-5-32-568] Performance Log Users : [S-1-5-32-559] Performance Monitor Users : [S-1-5-32-558] Remote Management Users : [S-1-5-32-580] Users : [S-1-5-32-545] AMD FUEL : [S-1-5-21-3171542008-311482996-984047150-1004] HomeUsers : [S-1-5-21-3171542008-311482996-984047150-1002] WinRMRemoteWMIUsers__ : [S-1-5-21-3171542008-311482996-984047150-1000] ---------- | Drives C:\ -> [Fixed] | [] | Total : 534.8 Go | Free : 412.05 Go -> NTFS [SATA] D:\ -> [Fixed] | [] | Total : 247.01 Go | Free : 134.05 Go -> NTFS [SATA] F:\ -> [Fixed] | [] | Total : 20.78 Go | Free : 20.53 Go -> NTFS [SATA] G:\ -> [Fixed] | [] | Total : 20.24 Go | Free : 20.15 Go -> NTFS [SATA] H:\ -> [Fixed] | [] | Total : 37.28 Go | Free : 36.35 Go -> NTFS [SATA] I:\ -> [CDROM] | [Acronis Media] | Total : 0.2 Go | Free : 0 Go -> CDFS [SATA] J:\ -> [Fixed] | [] | Total : 20.43 Go | Free : 19.42 Go -> NTFS [SATA] K:\ -> [Fixed] | [] | Total : 19.46 Go | Free : 19.37 Go -> NTFS [SATA] L:\ -> [Fixed] | [windows2go workspace] | Total : 57.6 Go | Free : 2.01 Go -> NTFS (SSD) [USB] N:\ -> [Removable] | [COMODO RESC] | Total : 21.42 Go | Free : 0.3 Go -> FAT32 [USB] O:\ -> [Removable] | [POWER2GO SY] | Total : 40.99 Go | Free : 26.35 Go -> FAT32 (SSD) [USB] Q:\ -> [Removable] | [STARTMESTI] | Total : 7.48 Go | Free : 0.21 Go -> FAT32 [USB] R:\ -> [Removable] | [...] | Total : 7.48 Go | Free : 6.21 Go -> FAT32 [USB] V:\ -> [Removable] | [Ventoy] | Total : 29.26 Go | Free : 15.78 Go -> exFAT [USB] W:\ -> [Removable] | [sardu YUMI wintobootic] | Total : 57.7 Go | Free : 0.16 Go -> NTFS [USB] X:\ -> [Removable] | [] | Total : 1.74 Go | Free : 1 Go -> FAT32 [USB] Y:\ -> [Removable] | [TRANSCEND] | Total : 0.24 Go | Free : 0 Go -> FAT [USB] Drive: 0 Cylinders: 121601 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 1000204886016 bytes Drive: 1 Cylinders: 7519 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 61847527424 bytes Drive: 2 Cylinders: 979 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 8053063680 bytes ---------- | Windows updates - Activation - License W.A.T : :) Last detection : 2023-07-23 09:19:42 Downloaded last ones : 2023-07-20 22:38:05 Next search : 2023-07-24 05:44:23 Test 1 : Possible Fixed Windows Volume License ---------- | Browsers IE : 11.0.9600.17416 (© Microsoft Corporation.) Default : "C:\Program Files\Internet Explorer\iexplore.exe" ---------- | FlashPlayer FlashPlayer ActiveX : 15.0.0.189 ---------- | Security FW : Norton Security Enabled WMI : OK WU: Windows Update Service [Auto(2)] = stopped AS: Windows Defender [Auto(2)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 392 | [Owner : SYSTEM | Parent : 4(System) | ?????] - (.Microsoft Corporation - Windows Session Manager.) - (6.3.9600.17031) = C:\Windows\System32\smss.exe [21/11/2014 10:52:15] CPU Usage:0 % 772 | [Owner : SYSTEM | Parent : 760() | ?????] - (.Microsoft Corporation - Client Server Runtime Process.) - (6.3.9600.16384) = C:\Windows\System32\csrss.exe [22/08/2013 15:25:40] CPU Usage:0 % 856 | [Owner : SYSTEM | Parent : 760() | 0.18 Mo] - (.Microsoft Corporation - Windows Start-Up Application.) - (6.3.9600.17415) = C:\Windows\System32\wininit.exe [21/11/2014 11:15:12] CPU Usage:0 % 868 | [Owner : SYSTEM | Parent : 848() | ?????] - (.Microsoft Corporation - Client Server Runtime Process.) - (6.3.9600.16384) = C:\Windows\System32\csrss.exe [22/08/2013 15:25:40] CPU Usage:0 % 928 | [Owner : SYSTEM | Parent : 848() | 1.2 Mo] - (.Microsoft Corporation - Windows Logon Application.) - (6.3.9600.17415) = C:\Windows\System32\winlogon.exe [21/11/2014 11:15:50] CPU Usage:0 % 944 | [Owner : SYSTEM | Parent : 856(wininit.exe) | ?????] - (.Microsoft Corporation - Services and Controller app.) - (6.3.9600.17415) = C:\Windows\System32\services.exe [21/11/2014 11:15:12] CPU Usage:0 % 956 | [Owner : SYSTEM | Parent : 856(wininit.exe) | 7.36 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.3.9600.17415) = C:\Windows\System32\lsass.exe [21/11/2014 11:15:12] CPU Usage:0 % 296 | [Owner : SYSTEM | Parent : 944(services.exe) | 4.62 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [21/11/2014 11:15:12] CPU Usage:0 % 452 | [Owner : NETWORK SERVICE | Parent : 944(services.exe) | 5.14 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [21/11/2014 11:15:12] CPU Usage:0 % 872 | [Owner : DWM-1 | Parent : 928(winlogon.exe) | 44.73 Mo] - (.Microsoft Corporation - Desktop Window Manager.) - (6.3.9600.17415) = C:\Windows\System32\dwm.exe [21/11/2014 11:16:29] CPU Usage:21 % 600 | [Owner : SYSTEM | Parent : 944(services.exe) | 0.26 Mo] - (.AMD - AMD External Events Service Module.) - (6.14.11.1164) = C:\Windows\System32\atiesrxx.exe [21/07/2014 22:04:24] CPU Usage:0 % 1108 | [Owner : LOCAL SERVICE | Parent : 944(services.exe) | 9.44 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [21/11/2014 11:15:12] CPU Usage:0 % 1156 | [Owner : SYSTEM | Parent : 944(services.exe) | 1.31 Mo] - (.AVAST Software - Avast remediation exe.) - (21.4.6162.0) = C:\Program Files\Avast Software\Avast\wsc_proxy.exe [20/07/2023 17:00:45] CPU Usage:0 % 1244 | [Owner : SYSTEM | Parent : 944(services.exe) | 22.14 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [21/11/2014 11:15:12] CPU Usage:0 % 1272 | [Owner : LOCAL SERVICE | Parent : 944(services.exe) | 8.06 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [21/11/2014 11:15:12] CPU Usage:12 % 1324 | [Owner : SYSTEM | Parent : 600(atiesrxx.exe) | 1.78 Mo] - (.AMD - AMD External Events Client Module.) - (6.14.11.1164) = C:\Windows\System32\atieclxx.exe [21/07/2014 22:04:24] CPU Usage:0 % 1332 | [Owner : SYSTEM | Parent : 944(services.exe) | 58.84 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [21/11/2014 11:15:12] CPU Usage:11 % 1640 | [Owner : 4rem été 2023 vexe s | Parent : 1628() | 53.82 Mo] - (.Microsoft Corporation - Windows Explorer.) - (6.3.9600.17415) = C:\Windows\explorer.exe [21/11/2014 11:16:21] CPU Usage:0 % 1692 | [Owner : 4rem été 2023 vexe s | Parent : 1640(explorer.exe) | 0.35 Mo] - (.Open-Shell - Open-Shell Menu.) - (4.4.170.0) = C:\Program Files\Open-Shell\StartMenu.exe [12/05/2022 18:57:20] CPU Usage:0 % 1880 | [Owner : 4rem été 2023 vexe s | Parent : 296(svchost.exe) | 4.54 Mo] - (.Microsoft Corporation - COM Surrogate.) - (6.3.9600.17415) = C:\Windows\System32\dllhost.exe [21/11/2014 11:15:12] CPU Usage:0 % 1968 | [Owner : NETWORK SERVICE | Parent : 944(services.exe) | 7.09 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [21/11/2014 11:15:12] CPU Usage:0 % 1456 | [Owner : SYSTEM | Parent : 944(services.exe) | 42.92 Mo] - (.AVAST Software - Avast Service.) - (23.6.8271.0) = C:\Program Files\Avast Software\Avast\AvastSvc.exe [20/07/2023 17:00:43] CPU Usage:0 % 2236 | [Owner : SYSTEM | Parent : 944(services.exe) | 14.05 Mo] - (.AVAST Software - Avast Antivirus.) - (23.6.8271.0) = C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [20/07/2023 17:07:00] CPU Usage:0 % 2368 | [Owner : SYSTEM | Parent : 944(services.exe) | 2.89 Mo] - (.Microsoft Corporation - Spooler SubSystem App.) - (6.3.9600.17415) = C:\Windows\System32\spoolsv.exe [21/11/2014 11:16:13] CPU Usage:0 % 2460 | [Owner : LOCAL SERVICE | Parent : 944(services.exe) | 10.19 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [21/11/2014 11:15:12] CPU Usage:0 % 2496 | [Owner : 4rem été 2023 vexe s | Parent : 1244(svchost.exe) | 3.22 Mo] - (.Microsoft Corporation - Host Process for Windows Tasks.) - (6.3.9600.17415) = C:\Windows\System32\taskhostex.exe [21/11/2014 11:15:34] CPU Usage:0 % 2896 | [Owner : SYSTEM | Parent : 944(services.exe) | 0.22 Mo] - (.Advanced Micro Devices, Inc. - AMD Fuel Service.) - (1.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [04/07/2014 21:33:34] CPU Usage:0 % 2932 | [Owner : SYSTEM | Parent : 944(services.exe) | 4.32 Mo] - (.- BlindnessPulseTool.) - (9.5.8.6) = C:\Program Files (x86)\AmonDoveY\AmonDoveY.EXE [13/07/2023 20:16:36] CPU Usage:0 % 2960 | [Owner : SYSTEM | Parent : 944(services.exe) | 1.92 Mo] - (.Apple Inc. - Bonjour Service.) - (2.0.2.0) = C:\Program Files (x86)\Bonjour\mDNSResponder.exe [18/05/2010 16:35:14] CPU Usage:0 % 2984 | [Owner : SYSTEM | Parent : 944(services.exe) | 0.37 Mo] - (.-.) - (0.0.0.0) = C:\Program Files\NZXT CAM\resources\app.asar.unpacked\node_modules\@nzxt\cam-core\dist\target\x86_64-pc-windows-msvc\release\service.exe [20/07/2023 20:59:46] CPU Usage:0 % 1776 | [Owner : SYSTEM | Parent : 944(services.exe) | 6.57 Mo] - (.-.) - (2.4.6.0) = C:\Program Files\Grand Explorer\Grand Explorer.exe [21/07/2023 04:48:27] CPU Usage:0 % 2192 | [Owner : LOCAL SERVICE | Parent : 944(services.exe) | 0.31 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [21/11/2014 11:15:12] CPU Usage:0 % 236 | [Owner : SYSTEM | Parent : 944(services.exe) | 0.21 Mo] - (.- TeraCopy.) - (3.10.0.0) = C:\Program Files\TeraCopy\TeraCopyService.exe [29/06/2023 04:05:53] CPU Usage:0 % 608 | [Owner : SYSTEM | Parent : 944(services.exe) | 2.26 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [21/11/2014 11:15:12] CPU Usage:0 % 3808 | [Owner : 4rem été 2023 vexe s | Parent : 1776(Grand Explorer.exe) | 8.12 Mo] - (.- ClientNetApp.) - (2.4.6.0) = C:\Program Files\Grand Explorer\Grand Explorer App.exe [27/06/2023 15:09:14] CPU Usage:0 % 3912 | [Owner : SYSTEM | Parent : 296(svchost.exe) | 25.9 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.3.9600.17415) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2014 11:15:30] CPU Usage:0 % 3736 | [Owner : SYSTEM | Parent : 944(services.exe) | 26.8 Mo] - (.AVAST Software - Avast Software Analyzer.) - (23.6.8271.0) = C:\Program Files\Avast Software\Avast\aswidsagent.exe [20/07/2023 16:59:02] CPU Usage:0 % 2684 | [Owner : SYSTEM | Parent : 944(services.exe) | 8.65 Mo] - (.Microsoft Corporation - Microsoft Windows Search Indexer.) - (7.0.9600.17415) = C:\Windows\System32\SearchIndexer.exe [21/11/2014 11:17:07] CPU Usage:0 % 1864 | [Owner : LOCAL SERVICE | Parent : 944(services.exe) | 3.46 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [21/11/2014 11:15:12] CPU Usage:0 % 3312 | [Owner : NETWORK SERVICE | Parent : 944(services.exe) | 0.18 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [21/11/2014 11:15:12] CPU Usage:0 % 4148 | [Owner : LOCAL SERVICE | Parent : 944(services.exe) | 6.3 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.17415) = C:\Windows\System32\svchost.exe [21/11/2014 11:15:12] CPU Usage:0 % 4560 | [Owner : SYSTEM | Parent : 296(svchost.exe) | 1.12 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (6.3.9600.17415) = C:\Windows\System32\wbem\unsecapp.exe [21/11/2014 11:15:30] CPU Usage:0 % 3728 | [Owner : LOCAL SERVICE | Parent : 1332(svchost.exe) | 0.95 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.3.9600.17415) = C:\Windows\System32\dasHost.exe [21/11/2014 11:15:45] CPU Usage:0 % 2544 | [Owner : LOCAL SERVICE | Parent : 1332(svchost.exe) | 1.42 Mo] - (.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Host Process.) - (6.3.9600.17415) = C:\Windows\System32\WUDFHost.exe [21/11/2014 11:15:49] CPU Usage:0 % 4324 | [Owner : SYSTEM | Parent : 296(svchost.exe) | 0.71 Mo] - (.Microsoft Corporation - COM Surrogate.) - (6.3.9600.17415) = C:\Windows\System32\dllhost.exe [21/11/2014 11:15:12] CPU Usage:0 % 4336 | [Owner : LOCAL SERVICE | Parent : 1108(svchost.exe) | ?????] - (.Microsoft Corporation - Windows Audio Device Graph Isolation.) - (6.3.9600.17415) = C:\Windows\System32\audiodg.exe [21/11/2014 11:15:36] CPU Usage:0 % 2260 | [Owner : 4rem été 2023 vexe s | Parent : 1640(explorer.exe) | 5.01 Mo] - (.f.lux Software LLC - f.lux.) - (4.124.0.0) = C:\Users\4rem été 2023 vexe s\AppData\Local\FluxSoftware\Flux\flux.exe [18/05/2023 21:06:58] CPU Usage:0 % 4724 | [Owner : 4rem été 2023 vexe s | Parent : 1640(explorer.exe) | 20.75 Mo] - (.- Pinaview.) - (1.0.0.1) = C:\Users\4rem été 2023 vexe s\AppData\Local\Programs\Pinaview\Pinaview.exe [20/07/2023 16:35:32] CPU Usage:2 % 2472 | [Owner : 4rem été 2023 vexe s | Parent : 1640(explorer.exe) | 2.53 Mo] - (.www.microsip.org - MicroSIP.) - (3.21.3.0) = C:\Users\4rem été 2023 vexe s\AppData\Local\MicroSIP\microsip.exe [14/09/2022 19:02:02] CPU Usage:0 % 2504 | [Owner : 4rem été 2023 vexe s | Parent : 4648() | 4.62 Mo] - (.AVAST Software - Avast Antivirus.) - (23.6.8271.0) = C:\Program Files\Avast Software\Avast\AvastUI.exe [20/07/2023 17:26:33] CPU Usage:0 % 4756 | [Owner : 4rem été 2023 vexe s | Parent : 1640(explorer.exe) | 17.42 Mo] - (.- Taskbarify.) - (1.0.0.1) = C:\Users\4rem été 2023 vexe s\AppData\Local\Programs\Taskbarify\Taskbarify.exe [21/07/2023 04:47:51] CPU Usage:0 % 5296 | [Owner : 4rem été 2023 vexe s | Parent : 5268() | 4.27 Mo] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [07/05/2013 10:51:52] CPU Usage:0 % 5640 | [Owner : 4rem été 2023 vexe s | Parent : 5296(MOM.exe) | 4.6 Mo] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [09/10/2013 00:53:02] CPU Usage:0 % 3792 | [Owner : LOCAL SERVICE | Parent : 1244(svchost.exe) | 5.2 Mo] - (.Microsoft Corporation - Host Process for Windows Tasks.) - (6.3.9600.17415) = C:\Windows\System32\taskhost.exe [21/11/2014 11:15:34] CPU Usage:0 % 5008 | [Owner : NETWORK SERVICE | Parent : 944(services.exe) | 0.2 Mo] - (.Microsoft Corporation - Windows Media Player Network Sharing Service.) - (12.0.9600.17415) = C:\Program Files\Windows Media Player\wmpnetwk.exe [21/11/2014 11:17:14] CPU Usage:0 % 3872 | [Owner : 4rem été 2023 vexe s | Parent : 1640(explorer.exe) | 0.31 Mo] - (. - The Sims 4 Setup .) - (0.0.0.0) = C:\Users\4rem été 2023 vexe s\Desktop\The Sims 4 [FitGirl Repack]\setup.exe [20/07/2023 18:55:38] CPU Usage:0 % 4908 | [Owner : 4rem été 2023 vexe s | Parent : 3872(setup.exe) | 4.88 Mo] - (.- Setup/Uninstall.) - (51.1052.0.0) = C:\Users\4REMT2~1\AppData\Local\Temp\is-1RR8I.tmp\setup.tmp [23/07/2023 11:18:57] CPU Usage:2 % 6060 | [Owner : 4rem été 2023 vexe s | Parent : 4908(setup.tmp) | 0.2 Mo] - (.-.) - (0.0.0.0) = C:\Users\4REMT2~1\AppData\Local\Temp\is-1ENRB.tmp\cls-lollypop2_x64.exe [23/07/2023 11:19:05] CPU Usage:0 % 6040 | [Owner : 4rem été 2023 vexe s | Parent : 6060(cls-lollypop2_x64.exe) | 1.01 Mo] - (.Microsoft Corporation - Console Window Host.) - (6.3.9600.17415) = C:\Windows\System32\conhost.exe [21/11/2014 11:16:28] CPU Usage:0 % 5228 | [Owner : SYSTEM | Parent : 1332(svchost.exe) | 15.19 Mo] - (.Microsoft Corporation - Windows host process (Rundll32).) - (6.3.9600.17415) = C:\Windows\System32\rundll32.exe [21/11/2014 11:16:15] CPU Usage:14 % 4916 | [Owner : 4rem été 2023 vexe s | Parent : 4908(setup.tmp) | 0.8 Mo] - (.-.) - (0.0.0.0) = C:\Users\4REMT2~1\AppData\Local\Temp\is-1ENRB.tmp\cls-srep_x64.exe [23/07/2023 11:19:05] CPU Usage:0 % 3280 | [Owner : 4rem été 2023 vexe s | Parent : 4916(cls-srep_x64.exe) | 1.02 Mo] - (.Microsoft Corporation - Console Window Host.) - (6.3.9600.17415) = C:\Windows\System32\conhost.exe [21/11/2014 11:16:28] CPU Usage:0 % 720 | [Owner : 4rem été 2023 vexe s | Parent : 4908(setup.tmp) | 0.52 Mo] - (.-.) - (0.0.0.0) = C:\Users\4REMT2~1\AppData\Local\Temp\is-1ENRB.tmp\precomp.exe [23/07/2023 11:20:02] CPU Usage:0 % 6036 | [Owner : 4rem été 2023 vexe s | Parent : 720(precomp.exe) | 0.68 Mo] - (.Microsoft Corporation - Console Window Host.) - (6.3.9600.17415) = C:\Windows\System32\conhost.exe [21/11/2014 11:16:28] CPU Usage:0 % 5208 | [Owner : 4rem été 2023 vexe s | Parent : 4908(setup.tmp) | 1.42 Mo] - (.Razor12911 - pZLib v3.) - (3.0.1.0) = C:\Users\4REMT2~1\AppData\Local\Temp\is-1ENRB.tmp\pzlib.exe [23/07/2023 11:19:05] CPU Usage:0 % 2108 | [Owner : 4rem été 2023 vexe s | Parent : 5208(pzlib.exe) | 0.67 Mo] - (.Microsoft Corporation - Console Window Host.) - (6.3.9600.17415) = C:\Windows\System32\conhost.exe [21/11/2014 11:16:28] CPU Usage:0 % 6124 | [Owner : 4rem été 2023 vexe s | Parent : 2504(AvastUI.exe) | 0.32 Mo] - (.AVAST Software - Avast Antivirus.) - (23.6.8271.0) = C:\Program Files\Avast Software\Avast\AvastUI.exe [20/07/2023 17:26:33] CPU Usage:0 % 4980 | [Owner : 4rem été 2023 vexe s | Parent : 2504(AvastUI.exe) | 0.26 Mo] - (.AVAST Software - Avast Antivirus.) - (23.6.8271.0) = C:\Program Files\Avast Software\Avast\AvastUI.exe [20/07/2023 17:26:33] CPU Usage:0 % 5816 | [Owner : 4rem été 2023 vexe s | Parent : 1244(svchost.exe) | 0.97 Mo] - (.Microsoft Corporation - Host Process for Windows Tasks.) - (6.3.9600.17415) = C:\Windows\System32\taskhost.exe [21/11/2014 11:15:34] CPU Usage:0 % 2728 | [Owner : SYSTEM | Parent : 1776(Grand Explorer.exe) | 1159.05 Mo] - (.-.) - (2.4.6.0) = C:\Program Files\Grand Explorer\Grand Explorer.exe [21/07/2023 04:48:27] CPU Usage:2 % 228 | [Owner : 4rem été 2023 vexe s | Parent : 1640(explorer.exe) | 0.98 Mo] - (.Microsoft Corporation - Notepad.) - (6.3.9600.17415) = C:\Windows\System32\notepad.exe [21/11/2014 11:16:15] CPU Usage:0 % 4512 | [Owner : 4rem été 2023 vexe s | Parent : 1640(explorer.exe) | 384.24 Mo] - (.Mozilla Corporation - Firefox.) - (115.0.3.8599) = C:\Program Files\Mozilla Firefox\firefox.exe [19/07/2023 15:43:40] CPU Usage:5 % 2856 | [Owner : 4rem été 2023 vexe s | Parent : 4512(firefox.exe) | 2.54 Mo] - (.Mozilla Corporation - Firefox.) - (115.0.3.8599) = C:\Program Files\Mozilla Firefox\firefox.exe [19/07/2023 15:43:40] CPU Usage:0 % 140 | [Owner : 4rem été 2023 vexe s | Parent : 4512(firefox.exe) | 66.65 Mo] - (.Mozilla Corporation - Firefox.) - (115.0.3.8599) = C:\Program Files\Mozilla Firefox\firefox.exe [19/07/2023 15:43:40] CPU Usage:0 % 4412 | [Owner : 4rem été 2023 vexe s | Parent : 4512(firefox.exe) | 17.6 Mo] - (.Mozilla Corporation - Firefox.) - (115.0.3.8599) = C:\Program Files\Mozilla Firefox\firefox.exe [19/07/2023 15:43:40] CPU Usage:0 % 6804 | [Owner : 4rem été 2023 vexe s | Parent : 4512(firefox.exe) | 70.05 Mo] - (.Mozilla Corporation - Firefox.) - (115.0.3.8599) = C:\Program Files\Mozilla Firefox\firefox.exe [19/07/2023 15:43:40] CPU Usage:0 % 6736 | [Owner : 4rem été 2023 vexe s | Parent : 1856() | 14.98 Mo] - (.YL Software - WinUtilities File Splitter.) - (2.6.0.0) = C:\Program Files (x86)\WinUtilities\ToolFileSplitter.exe [23/07/2023 20:07:07] CPU Usage:0 % 32 | [Owner : 4rem été 2023 vexe s | Parent : 1640(explorer.exe) | 26.85 Mo] - (.Microsoft Corporation - Notepad.) - (6.3.9600.17415) = C:\Windows\System32\notepad.exe [21/11/2014 11:16:15] CPU Usage:0 % 3396 | [Owner : 4rem été 2023 vexe s | Parent : 2504(AvastUI.exe) | 0.2 Mo] - (.AVAST Software - Avast Antivirus.) - (23.6.8271.0) = C:\Program Files\Avast Software\Avast\AvastUI.exe [20/07/2023 17:26:33] CPU Usage:0 % 4328 | [Owner : 4rem été 2023 vexe s | Parent : 4512(firefox.exe) | 69.74 Mo] - (.Mozilla Corporation - Firefox.) - (115.0.3.8599) = C:\Program Files\Mozilla Firefox\firefox.exe [19/07/2023 15:43:40] CPU Usage:0 % 6544 | [Owner : 4rem été 2023 vexe s | Parent : 4512(firefox.exe) | 40.71 Mo] - (.Mozilla Corporation - Firefox.) - (115.0.3.8599) = C:\Program Files\Mozilla Firefox\firefox.exe [19/07/2023 15:43:40] CPU Usage:0 % 5860 | [Owner : 4rem été 2023 vexe s | Parent : 4512(firefox.exe) | 72.22 Mo] - (.Mozilla Corporation - Firefox.) - (115.0.3.8599) = C:\Program Files\Mozilla Firefox\firefox.exe [19/07/2023 15:43:40] CPU Usage:0 % 2476 | [Owner : SYSTEM | Parent : 1244(svchost.exe) | 4.56 Mo] - (.Microsoft Corporation - Task Scheduler Engine.) - (6.3.9600.17415) = C:\Windows\System32\taskeng.exe [21/11/2014 11:15:34] CPU Usage:0 % 4692 | [Owner : SYSTEM | Parent : 2476(taskeng.exe) | 0.19 Mo] - (.AVAST Software - Avast Emergency Update.) - (23.6.8271.0) = C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [20/07/2023 17:00:47] CPU Usage:0 % 6328 | [Owner : 4rem été 2023 vexe s | Parent : 4512(firefox.exe) | 37.86 Mo] - (.Mozilla Corporation - Firefox.) - (115.0.3.8599) = C:\Program Files\Mozilla Firefox\firefox.exe [19/07/2023 15:43:40] CPU Usage:0 % 3432 | [Owner : 4rem été 2023 vexe s | Parent : 4512(firefox.exe) | 90.58 Mo] - (.Mozilla Corporation - Firefox.) - (115.0.3.8599) = C:\Program Files\Mozilla Firefox\firefox.exe [19/07/2023 15:43:40] CPU Usage:0 % 3064 | [Owner : 4rem été 2023 vexe s | Parent : 1640(explorer.exe) | 152.64 Mo] - (.Bandicam Company - Bandicam - bdcam.exe.) - (6.2.4.2083) = C:\Program Files\Bandicam\bdcam.exe [14/07/2023 04:50:38] CPU Usage:37 % 4084 | [Owner : 4rem été 2023 vexe s | Parent : 1896() | 31.46 Mo] - (.Microsoft Corporation - Internet Explorer.) - (11.0.9600.17416) = C:\Program Files\Internet Explorer\iexplore.exe [21/11/2014 15:28:25] CPU Usage:0 % 1952 | [Owner : 4rem été 2023 vexe s | Parent : 4084(iexplore.exe) | 71.99 Mo] - (.Microsoft Corporation - Internet Explorer.) - (11.0.9600.17416) = C:\Program Files (x86)\Internet Explorer\iexplore.exe [21/11/2014 15:28:25] CPU Usage:0 % 8160 | [Owner : 4rem été 2023 vexe s | Parent : 1640(explorer.exe) | 173.66 Mo] - (.Team17 Software Ltd - Worms World Party.) - (1.0.0.0) = C:\GOG Games\Worms World Party Remastered\w2.exe [22/07/2023 14:17:56] CPU Usage:23 % 1684 | [Owner : 4rem été 2023 vexe s | Parent : 2504(AvastUI.exe) | 0.04 Mo] - (.AVAST Software - Avast Dump Process.) - (23.6.8271.0) = C:\Program Files\Avast Software\Avast\AvDump.exe [20/07/2023 17:06:33] CPU Usage:0 % 6496 | [Owner : 4rem été 2023 vexe s | Parent : 4512(firefox.exe) | 30.11 Mo] - (.Mozilla Corporation - Firefox.) - (115.0.3.8599) = C:\Program Files\Mozilla Firefox\firefox.exe [19/07/2023 15:43:40] CPU Usage:0 % 7692 | [Owner : 4rem été 2023 vexe s | Parent : 4512(firefox.exe) | 30.16 Mo] - (.Mozilla Corporation - Firefox.) - (115.0.3.8599) = C:\Program Files\Mozilla Firefox\firefox.exe [19/07/2023 15:43:40] CPU Usage:0 % 6900 | [Owner : 4rem été 2023 vexe s | Parent : 4512(firefox.exe) | 30.08 Mo] - (.Mozilla Corporation - Firefox.) - (115.0.3.8599) = C:\Program Files\Mozilla Firefox\firefox.exe [19/07/2023 15:43:40] CPU Usage:0 % 2768 | [Owner : 4rem été 2023 vexe s | Parent : 4512(firefox.exe) | 51.87 Mo] - (.SosVirus - QuickDiag.) - (29.10.19.1) = C:\Users\4rem été 2023 vexe s\Downloads\quickdiag_V5_29.10.19.1.exe [23/07/2023 22:13:30] CPU Usage:0 % 7756 | [Owner : LOCAL SERVICE | Parent : 296(svchost.exe) | 7.81 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.3.9600.17415) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2014 11:15:30] CPU Usage:0 % 5700 | [Owner : NETWORK SERVICE | Parent : 296(svchost.exe) | 9.01 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.3.9600.17415) = C:\Windows\System32\wbem\WmiPrvSE.exe [21/11/2014 11:15:30] CPU Usage:0 % 7640 | [Owner : NETWORK SERVICE | Parent : 296(svchost.exe) | 7.09 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.3.9600.17415) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [21/11/2014 11:16:30] CPU Usage:0 % ---------- | Locked Applications ---------- | Policy Restrictions ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (.Advanced Micro Devices, Inc. .-.aticfx64.dll.) - (8.17.10.1247) -- C:\Windows\SYSTEM32\aticfx64.dll (.Advanced Micro Devices, Inc. .-.atiuxpag.dll.) - (8.14.1.6354) -- C:\Windows\SYSTEM32\atiuxp64.dll (.Advanced Micro Devices, Inc. .-.atidxx64.dll.) - (8.17.10.525) -- C:\Windows\SYSTEM32\atidxx64.dll (.Open-Shell.-.Open-Shell Menu.) - (4.4.170.0) -- C:\Program Files\Open-Shell\StartMenuDLL.dll (.Symantec Corporation.-.Backup Shell.) - (10.8.0.27) -- C:\Program Files\Norton Security\Engine\22.14.0.54\buShell.dll (.Symantec Corporation.-.Symantec Extended File Attributes.) - (7.2.0.34) -- C:\Program Files\Norton Security\Engine\22.14.0.54\EFACli64.dll (.AVAST Software.-.Avast Shell Extension.) - (23.6.8271.0) -- C:\Program Files\Avast Software\Avast\ashShell.dll (.Tracker Software Products (Canada) Ltd..-.PDF-XChange Shell Extension.) - (10.0.1.371) -- C:\Program Files\Tracker Software\Shell Extensions\XCShInfo.x64.dll (.Apple Inc..-.Bonjour Namespace Provider.) - (2.0.2.0) -- C:\Program Files\Bonjour\mdnsNSP.dll (.Symantec Corporation.-.Symantec Trust Validation Engine 64 bit.) - (16.1.0.18) -- C:\Program Files\Norton Security\Engine\22.14.0.54\ccVrTrst.dll (.Symantec Corporation.-.Symantec Library.) - (15.1.0.2) -- C:\Program Files\Norton Security\Engine\22.14.0.54\ccLib.dll (.Symantec Corporation.-.Symantec Settings Manager Engine.) - (16.1.0.18) -- C:\Program Files\Norton Security\Engine\22.14.0.54\ccSet.dll (.Open-Shell.-.Adds classic Windows Explorer features.) - (4.4.170.0) -- C:\Program Files\Open-Shell\ClassicExplorer64.dll (.Symantec Corporation.-.Symantec ccIPC Engine.) - (16.1.0.18) -- C:\Program Files\Norton Security\Engine\22.14.0.54\ccIPC.dll (.Advanced Micro Devices, Inc..-.AMD Desktop Control Panel.) - (6.14.10.2001) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll (.Advanced Micro Devices, Inc..-.AMD Desktop Control Panel.) - (6.14.10.2001) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll (.Code Sector.-.TeraCopy Shell Extension.) - (3.8.4.0) -- C:\Program Files\TeraCopy\Context.dll (.Symantec Corporation.-.Norton Security Shell Extension Module.) - (22.14.0.54) -- C:\Program Files\Norton Security\Engine\22.14.0.54\NavShExt.dll (.Symantec Corporation.-.Client SDK.) - (22.14.0.224) -- C:\Program Files\Norton Security\Engine\22.14.0.54\csdk.dll (.Tracker Software Products (Canada) Ltd..-.PDF-XChange Shell Menu Extension.) - (10.0.1.371) -- C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll (.Open-Shell.-.Start Menu Helper Extension.) - (4.4.170.0) -- C:\Windows\system32\StartMenuHelper64.dll (.Code Sector.-.TeraCopy Shell Extension.) - (3.8.4.0) -- C:\Program Files\TeraCopy\TeraCopy.dll ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (.Apple Inc..-.Bonjour Namespace Provider.) - (2.0.2.0) -- C:\Program Files\Bonjour\mdnsNSP.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up Norton Download ManagerCCT_CERT_EXPIRY_MITIGATION - (C:\PROGRA~3\Norton\{0C55C~1\NORTON~1.EXE /m /noui [HKU\S-1-5-18\SOFTWARE\...\Run]) - User: NT AUTHORITY\SYSTEM desktop - (desktop.ini [Startup]) - User: 4remete2024vexe\4rem été 2023 vexe s f.lux - ("C:\Users\4rem été 2023 vexe s\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\...\Run]) - User: 4remete2024vexe\4rem été 2023 vexe s Pinaview - (C:\Users\4rem été 2023 vexe s\AppData\Local\Programs\Pinaview\Pinaview.exe [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\...\Run]) - User: 4remete2024vexe\4rem été 2023 vexe s qBittorrent - (C:\Program Files\qBittorrent\qbittorrent.exe [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\...\Run]) - User: 4remete2024vexe\4rem été 2023 vexe s Web Companion - (C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\...\Run]) - User: 4remete2024vexe\4rem été 2023 vexe s MicroSIP - ("C:\Users\4rem été 2023 vexe s\AppData\Local\MicroSIP\MicroSIP.exe" /minimized [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\...\Run]) - User: 4remete2024vexe\4rem été 2023 vexe s Taskbarify - (C:\Users\4rem été 2023 vexe s\AppData\Local\Programs\Taskbarify\Taskbarify.exe [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\...\Run]) - User: 4remete2024vexe\4rem été 2023 vexe s Norton Download ManagerCCT_CERT_EXPIRY_MITIGATION - (C:\PROGRA~3\Norton\{0C55C~1\NORTON~1.EXE /m /noui [HKU\.DEFAULT\SOFTWARE\...\Run]) - User: .DEFAULT desktop - (desktop.ini [Common Startup]) - User: Public AvastUI.exe - ("C:\Program Files\Avast Software\Avast\AvLaunch.exe" /gui [HKLM\SOFTWARE\...\Run]) - User: Public Open-Shell Start Menu - ("C:\Program Files\Open-Shell\StartMenu.exe" -autorun [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Command Processor] "PathCompletionChar"=9 "EnableExtensions"=1 "CompletionChar"=9 "DefaultColor"=0 [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows\CurrentVersion\Run] "f.lux"="C:\Users\4rem été 2023 vexe s\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow "Pinaview"=C:\Users\4rem été 2023 vexe s\AppData\Local\Programs\Pinaview\Pinaview.exe [20/07/2023 16:35:32] "qBittorrent"=C:\Program Files\qBittorrent\qbittorrent.exe "Web Companion"=C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize "MicroSIP"="C:\Users\4rem été 2023 vexe s\AppData\Local\MicroSIP\MicroSIP.exe" /minimized "Taskbarify"=C:\Users\4rem été 2023 vexe s\AppData\Local\Programs\Taskbarify\Taskbarify.exe [21/07/2023 04:47:51] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "f.lux"=0x020000000000000000000000 "Pinaview"=0x020000000000000000000000 "qBittorrent"=0x020000000000000000000000 "Web Companion"=0x020000000000000000000000 "MicroSIP"=0x020000000000000000000000 "Taskbarify"=0x020000000000000000000000 [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=notepad\1 "MRUList"=acfedb "b"="C:\Program Files\UCheck\UCheck64.exe"\1 "c"=firefox\1 "d"="C:\Users\4rem été 2023 vexe s\Desktop\The Sims 4 [FitGirl Repack]\Verify BIN files before installation.bat"\1 "e"="C:\Users\4rem été 2023 vexe s\Desktop\The Sims 4 [FitGirl Repack]\setup.exe"\1 "f"="C:\Users\4rem été 2023 vexe s\Desktop\setup_worms_world_party_remastered_1134_(16715)\setup_worms_world_party_remastered_1134_(16715).exe"\1 [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=CutePDF Writer,winspool,CPW4: "UserSelectedDefault"=1 [HKLM\Software\Microsoft\Command Processor] "PathCompletionChar"=64 "EnableExtensions"=1 "CompletionChar"=64 "DefaultColor"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\Avast Software\Avast\AvLaunch.exe" /gui "Open-Shell Start Menu"="C:\Program Files\Open-Shell\StartMenu.exe" -autorun [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "Everything"=0x020000000000000000000000 "AvastUI.exe"=0x020000000000000000000000 "Open-Shell Start Menu"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "StartCCC"=0x020000000000000000000000 "AdvancePCPro"=0x020000000000000000000000 "Discord"=0x020000000000000000000000 "Cyberscrub Privacy Suite Scheduler Agent"=0x020000000000000000000000 "Privacy Suite Risk Monitor"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "Spooler"=yes "DeviceNotSelectedTimeout"=15 "TransmissionRetryTimeout"=90 "EnableDwmInputProcessing"=7 "ShutdownWarningDialogTimeout"=4294967295 "USERProcessHandleQuota"=10000 "LoadAppInit_DLLs"=0 "IconServiceLib"=IconCodecService.dll "DesktopHeapLogging"=1 "DdeSendTimeout"=0 "DwmInputUsesIoCompletionPort"=1 "USERPostMessageLimit"=10000 "USERNestedWindowLimit"=50 "AppInit_DLLs"= "NaturalInputHandler"=Ninput.dll "ThreadUnresponsiveLogTimeout"=500 "GDIProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D0056BD24B50FF [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "PathCompletionChar"=64 "EnableExtensions"=1 "CompletionChar"=64 "DefaultColor"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun "AdvancePCPro"="C:\Program Files (x86)\AdvancePCPro\AdvancePCPro.exe" -startup "Discord"=C:\ProgramData\SquirrelMachineInstalls\Discord.exe --checkInstall "Cyberscrub Privacy Suite Scheduler Agent"=C:\Program Files (x86)\Privacy Suite\psSCHAgent.exe "Privacy Suite Risk Monitor"=schtasks /run /tn {995C167A-3E0F-4C93-9F4E-25AFC941C573} [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "Spooler"=yes "DeviceNotSelectedTimeout"=15 "TransmissionRetryTimeout"=90 "EnableDwmInputProcessing"=7 "ShutdownWarningDialogTimeout"=4294967295 "USERProcessHandleQuota"=10000 "LoadAppInit_DLLs"=0 "IconServiceLib"=IconCodecService.dll "DesktopHeapLogging"=1 "DdeSendTimeout"=0 "DwmInputUsesIoCompletionPort"=1 "USERPostMessageLimit"=10000 "USERNestedWindowLimit"=50 "AppInit_DLLs"= "NaturalInputHandler"=Ninput.dll "ThreadUnresponsiveLogTimeout"=500 "GDIProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List Avast Emergency Update CCleaner Update CCleanerCrashReporting CCleanerSkipUAC - 4rem été 2023 vexe s GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA Norton WSC Integration Onesafe PC Cleaner automatic scan and notifications Optimize Start Menu Cache Files-S-1-5-21-3171542008-311482996-984047150-1001 UCheck User_Feed_Synchronization-{CC03E951-3681-4D39-BD38-71CD9E04AEF5} {2B3E483C-6661-4E04-8FF4-C7FCE7D864AF} {2B3E483C-6661-4E04-8FF4-C7FCE7D864BC} {995C167A-3E0F-4C93-9F4E-25AFC941C573} ---------- | Startings up registry ¦ Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "PreshutdownOrder"=wuauserv gpsvc trustedinstaller "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM "BootDriverFlags"=28 "CurrentUser"=USERNAME "WaitToKillServiceTimeout"=2000 "ServiceControlManagerExtension"=%systemroot%\system32\scext.dll "SystemStartOptions"= NOEXECUTE=OPTIN "SystemBootDevice"=multi(0)disk(0)rdisk(2)partition(7) "FirmwareBootDevice"=multi(0)disk(0)rdisk(2)partition(2) "LastBootSucceeded"=1 "LastBootShutdown"=1 [HKLM\System\CurrentControlSet\Control\lsa] "Bounds"=0x0030000000200000 "auditbasedirectories"=0 "fullprivilegeauditing"=0x00 "crashonauditfail"=0 "auditbaseobjects"=0 "Security Packages"="" [19/07/2023 15:20:14] "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Notification Packages"=scecli "Authentication Packages"=msv1_0 "LsaPid"=956 "SecureBoot"=1 "ProductType"=3 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "restrictanonymous"=0 "restrictanonymoussam"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "GlobalFlag"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapDeCommitFreeBlockThreshold"=0 "ResourceTimeoutCount"=648000 "ObjectDirectories"=\Windows \RPC Control "ProtectionMode"=1 "CriticalSectionTimeout"=2592000 "ProcessorControl"=2 "HeapSegmentReserve"=0 "ExcludeFromKnownDlls"= "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "NumberOfInitialSessions"=2 "RunLevelExecute"=WinInit ServiceControlManager "AutoChkTimeout"=1 "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "PendingFileRenameOperations"=\??\C:\Users\4REMT2~1\AppData\Local\Temp\nsxB5A0.tmp\utils.dll \??\C:\Users\4REMT2~1\AppData\Local\Temp\nsxB5A0.tmp\ [HKLM\System\CurrentControlSet\Control\Terminal Server] "StartRCM"=0 "DeleteTempDirsOnExit"=1 "fSingleSessionPerUser"=1 "TSUserEnabled"=0 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "DelayConMgrTimeout"=0 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "AllowRemoteRPC"=0 "ProductVersion"=5.1 "fDenyTSConnections"=1 "InstanceID"=37b892f8-50c6-4db5-91be-01d2485 "GlassSessionId"=1 ---------- | .LNK with Arguments c:\programdata\microsoft\windows\start menu\programs\premieropinion\premieropinion.lnk - Encrypted: False - Target: C:\Program Files (x86)\PremierOpinion\pmropn.exe - Args: ( -brandinfo:hxxp://www.premieropinion.com/Tile.aspx) - Hidden: False - Status: OK c:\quickdiag\quarantine\s\.quickscript\pre_scan_donate.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK c:\users\4rem été 2023 vexe s\desktop\pre_scan_donate.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK d:\quickdiag\quarantine\s\.quickscript\pre_scan_donate.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK ---------- | AppCertDlls ---------- | Dnsapi.dll C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Control Panel\Desktop] "DragHeight"=4 "CoolSwitchColumns"=7 "ActiveWndTrackTimeout"=0 "MouseCornerClipLength"=6 "MouseMonitorEscapeSpeed"=0 "DragWidth"=4 "WallpaperStyle"=10 "ScreenSaveActive"=1 "TileWallpaper"=0 "WheelScrollLines"=3 "Pattern"=0 "FontSmoothingType"=2 "WindowArrangementActive"=1 "BlockSendInputResets"=0 "MenuShowDelay"=400 "ClickLockTime"=1200 "CaretWidth"=1 "FocusBorderWidth"=1 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "DragFullWindows"=1 "CoolSwitchRows"=3 "ForegroundFlashCount"=7 "LeftOverlapChars"=3 "ForegroundLockTimeout"=200000 "FontSmoothingGamma"=0 "DragFromMaximize"=1 "FontSmoothing"=2 "FocusBorderHeight"=1 "WheelScrollChars"=3 "DockMoving"=1 "SnapSizing"=1 "CursorBlinkRate"=530 "MouseWheelRouting"=1 "RightOverlapChars"=3 "FontSmoothingOrientation"=1 "PaintDesktopVersion"=0 "Win8DpiScaling"=0 "UserPreferencesMask"=0x9E1E078012000000 "AutoColorization"=1 "Wallpaper"=C:\Windows\web\wallpaper\Windows\img0.jpg [22/08/2013 08:52:55] "MaxVirtualDesktopDimension"=1920 "MaxMonitorDimension"=1920 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC30100D0B3080080070000B0040000C85E062F8398CE0143003A005C00570069006E0064006F00770073005C007700650062005C00770061006C006C00700061007000650072005C00570069006E0064006F00770073005C0069006D00670030002E006A007000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ImageColor"=2952184650 "WaitToKillAppTimeout"=2000 "HungAppTimeout"=2000 [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003428000000000000000000000000000001000000130000000000000062000000 "UserSignedIn"=1 "SIDUpdatedOnLibraries"=1 "LastClockSize"=0x270000000F000000460000000F000000410000000F000000 "GlobalAssocChangedCounter"=3 "AppReadinessLogonComplete"=1 "link"=0x15000000 [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "StoreAppsOnTaskbar"=1 "ServerAdminUI"=0 "Hidden"=0 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=6 "ReindexedProfile"=1 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableVirtualization"=1 "EnableInstallerDetection"=0 "PromptOnSecureDesktop"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "ConsentPromptBehaviorAdmin"=5 "ValidateAdminCodeSignatures"=0 "EnableUIADesktopToggle"=0 "EnableCursorSuppression"=1 "ConsentPromptBehaviorUser"=3 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktopChanges"=0 "NoActiveDesktop"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoComponents"=1 "NoAddingComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{8E74D236-7F35-4720-B138-1FED0B85EA75}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "HKeyRoot"=2147483649 "DefaultValue"=2 "ValueName"=Hidden "Text"=@shell32.dll,-30500 "Type"=radio [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=18 "SmartScreenEnabled"=RequireAdmin [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "EnableVirtualization"=1 "EnableInstallerDetection"=0 "PromptOnSecureDesktop"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "ConsentPromptBehaviorAdmin"=5 "ValidateAdminCodeSignatures"=0 "EnableUIADesktopToggle"=0 "EnableCursorSuppression"=1 "ConsentPromptBehaviorUser"=3 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "FilterAdministratorToken"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktopChanges"=0 "NoActiveDesktop"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoComponents"=1 "NoAddingComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 "{8E74D236-7F35-4720-B138-1FED0B85EA75}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "HKeyRoot"=2147483649 "DefaultValue"=2 "ValueName"=Hidden "Text"=@shell32.dll,-30500 "Type"=radio [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=38 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s ---------- | Winlogon [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;SkyDrive;Work Folders "BuildNumber"=9600 "FirstLogon"=0 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"=C:\Windows\system32\userinit.exe, "LegalNoticeText"= "Shell"=explorer.exe "LegalNoticeCaption"= "DebugServerCommand"=no "ForceUnlockLogon"=0 "ReportBootOk"=1 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "AutoRestartShell"=1 "PowerdownAfterShutdown"=0 "ShutdownWithoutLogon"=0 "Background"=0 0 0 "PasswordExpiryWarning"=5 "CachedLogonsCount"=10 "WinStationsDisabled"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "scremoveoption"=0 "DisableCAD"=1 "ShutdownFlags"=2147483687 "EnableFirstLogonAnimation"=1 "AutoLogonSID"=S-1-5-32 "LastUsedUsername"= [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"=C:\Windows\SYSWOW64\userinit.exe, "Shell"=explorer.exe "VMApplet"=SystemPropertiesPerformance.exe /pagefile "DefaultDomainName"= "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "DefaultUserName"= "AutoRestartShell"=1 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "PerceivedType"=text "Content Type"=application/hta [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=4259840 "BrowserFlags"=4096 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "NeverShowExt"= "EditFlags"=131072 "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 [HKLM\Software\Classes\Folder] "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForBrowse"=delta ""=Folder "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "ThumbnailCutoff"=0 "NoRecentDocs"= "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "PerceivedType"=text "Content Type"=application/hta [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "NeverShowExt"= "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "EditFlags"=2 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "EditFlags"=4259840 "BrowserFlags"=4096 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "NeverShowExt"= "EditFlags"=131072 "IsShortcut"= "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 [HKLM\Software\WOW6432Node\Classes\Folder] "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeLayoutPatternForBrowse"=delta ""=Folder "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "ThumbnailCutoff"=0 "NoRecentDocs"= "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files\Process Lasso\ProcessLasso.exe"=1 "C:\Program Files\Process Lasso\ProcessGovernor.exe"=1 [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Users\4rem été 2023 vexe s\Downloads\Firefox Setup 115.0.3esr.exe"=0x534143500100000000000000070000002800000070778203BA8C820301000000000000000000030600210000975FD891C99ECE010000000000000000 "C:\Program Files\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000A0790A002A590B0001000000000000000000030600210000B395E7CF049FCE010000000100000000 "SIGN.MEDIA=67644C53 CyberLinkMediaSuite16.0_Trial_MES180731-04_TR180823-022.exe"=0x5341435001000000000000000700000028000000287262A4E55F63A401000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000080000000000000000000000000000000000000002473E704000000000100000001000000 "C:\Users\4rem été 2023 vexe s\Desktop\kprm_2.14.exe"=0x5341435001000000000000000700000028000000100F2400ABA1240001000000000000000000030600210000975FD891C99ECE010000000000000000 "C:\Program Files\qBittorrent\qbittorrent.exe"=0x5341435001000000000000000700000028000000008AC8010000000001000000000000000000030600210000B395E7CF049FCE010000000000000000 "C:\Users\4rem été 2023 vexe s\AppData\Local\Temp\gh.bat"=0x53414350010000000000000007000000280000000074050047AE050001000000000000000000010500100000B395E7CF049FCE010000000000000000 "C:\Users\4rem été 2023 vexe s\AppData\Local\Temp\SymInstallStub.exe"=0x5341435001000000000000000700000028000000F0201C00DFC21C0001000000000000000000030600210000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000211F0000000000000100000001000000 "C:\Program Files\Google\Chrome\Application\chrome.exe"=0x534143500100000000000000070000002800000018153000C988300001000000000000000000030600210000B395E7CF049FCE010000000000000000 "C:\Users\4rem été 2023 vexe s\Downloads\wufinstall.exe"=0x53414350010000000000000007000000280000000053C90039F3C90001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000005E961500000000000200000002000000 "C:\Program Files (x86)\Decrap my Computer\Decrap.exe"=0x534143500100000000000000070000002800000008B73C00B8253D0001000000000000000000010600010000975FD891C99ECE010000000000000000 "C:\Users\4rem été 2023 vexe s\Desktop\quickdiag_V5_29.10.19.1.exe"=0x534143500100000000000000070000002800000098315100F351510001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000B5AFC001000000000200000002000000 "C:\Users\4rem été 2023 vexe s\Desktop\The Sims 4 [FitGirl Repack]\Verify BIN files before installation.bat"=0x53414350010000000000000007000000280000000074050047AE050001000000000000000000010500100000B395E7CF049FCE010000000000000000 "C:\Users\4rem été 2023 vexe s\Desktop\The Sims 4 [FitGirl Repack]\setup.exe"=0x5341435001000000000000000700000028000000779747000000000001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000AC5F4A00000000000100000001000000 "C:\Users\4rem été 2023 vexe s\Desktop\setup_worms_world_party_remastered_1134_(16715)\setup_worms_world_party_remastered_1134_(16715).exe"=0x5341435001000000000000000700000028000000F8FB97255B30982501000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000002C9A3800000000000100000001000000 "C:\Users\4rem été 2023 vexe s\Downloads\pre-scan_V9_18.10.19.1.exe"=0x534143500100000000000000070000002800000098072F00C9592F0001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000008E669000000000000100000001000000 "C:\Users\4rem été 2023 vexe s\Desktop\TrialDownload-21-4-46.exe"=0x534143500100000000000000070000002800000018A04307B038440701000000000000000000000671020000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000066A31000000000000100000001000000 "C:\Users\4rem été 2023 vexe s\Desktop\wufinstall.exe"=0x53414350010000000000000007000000280000000053C90039F3C90001000000000000000000030600210000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000002D580100000000000100000001000000 "C:\Users\4rem été 2023 vexe s\Downloads\OverwolfInstaller.exe"=0x534143500100000000000000070000002800000090122000EA92200001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000F9030300000000000100000001000000 "C:\Users\4rem été 2023 vexe s\Downloads\bdcamsetup.exe"=0x5341435001000000000000000700000028000000A84BF0015801F10101000000000000000000030600210000975FD891C99ECE010000000000000000 "C:\Program Files\Bandicam\bdcam.exe"=0x534143500100000000000000070000002800000040C5D200CE98D30001000000000000000000030600210000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000015480000000000000100000001000000 "C:\GOG Games\Worms World Party Remastered\w2.exe"=0x534143500100000000000000070000002800000000FC8D002DE58E0001000000000000000000030671220000975FD891C99ECE010000000000000000 "C:\Users\4rem été 2023 vexe s\Downloads\quickdiag_V5_29.10.19.1.exe"=0x534143500100000000000000070000002800000098315100F351510001000000000000000000030600210000975FD891C99ECE010000000000000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "DoubleClickSpeed"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "DragFullWindows"=USR:Control Panel\Desktop ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "MouseSpeed"=#USR:Control Panel\Mouse "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "CoolSwitch"=USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DoubleClickWidth"=#USR:Control Panel\Mouse "SnapToDefaultButton"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "ScreenSaveActive"=#USR:Control Panel\Desktop "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "PowerOffTimeOut"=#USR:Control Panel\Desktop "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon "SCRNSAVE.EXE"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "ScreenSaverActive"=USR:Control Panel\Desktop [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "DoubleClickSpeed"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "DoubleClickHeight"=#USR:Control Panel\Mouse "MouseSpeed"=#USR:Control Panel\Mouse "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "MouseThreshold2"=#USR:Control Panel\Mouse "SwapMouseButtons"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "CoolSwitch"=USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DoubleClickWidth"=#USR:Control Panel\Mouse "SnapToDefaultButton"=#USR:Control Panel\Mouse "Beep"=#USR:Control Panel\Sound "ScreenSaveActive"=#USR:Control Panel\Desktop "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "PowerOffTimeOut"=#USR:Control Panel\Desktop "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon "SCRNSAVE.EXE"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "ScreenSaverActive"=USR:Control Panel\Desktop [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=130216565553372332 "AntiVirusOverride"=0 "AntiSpywareOverride"=0 "FirewallOverride"=0 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "DisableAntiSpyware"=1 "ProductType"=2 "ProductStatus"=0 "PreserveInternalLicenseOnUpgrade"=0 "InstallTime"=0x241390C63EBAD901 "OneTimeSqmDataSent"=1 "DisableAntiVirus"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping Pinging google.com [2a00:1450:4007:80c::200e] with 32 bytes of data: Reply from 2a00:1450:4007:80c::200e: time=750ms Reply from 2a00:1450:4007:80c::200e: time=777ms Reply from 2a00:1450:4007:80c::200e: time=794ms Reply from 2a00:1450:4007:80c::200e: time=853ms Ping statistics for 2a00:1450:4007:80c::200e: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 750ms, Maximum = 853ms, Average = 793ms ---------- | @ [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=Once_Per_Session "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=C:\Windows\system32\blank.htm "Save_Session_History_On_Exit"=no "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "XMLHTTP"=1 "NoUpdateCheck"=1 "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "UseClearType"=no "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "OperationalData"=13 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF580000005800000078030000D8020000 "ImageStoreRandomFolder"=94ck5wc "Start Page Redirect Cache"=https://www.msn.com/fr-fr?ocid=iehp "Start Page Redirect Cache_TIMESTAMP"=0x39EB068346BAD901 "Start Page Redirect Cache AcceptLangs"=fr-FR "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x34E9BB8846BAD901 "DownloadWindowPlacement"=0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Internet Explorer\TypedURLs] "url1"=http://www.bing.com/search?q=firefox+beta&src=IE-TopResult&FORM=IETR02&conversationid= "url2"=http://go.microsoft.com/fwlink/p/?LinkId=255141 [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "IE5_UA_Backup_Flag"=5.0 "ZonesSecurityUpgrade"=0xAD2D06C643BAD901 "EmailName"=User@ "AutoConfigProxy"=wininet.dll "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "WarnOnPost"=0x01000000 "UseSchannelDirectly"=0x01000000 "EnableHttp1_1"=1 "UrlEncoding"=0 "SecureProtocols"=2720 "PrivacyAdvanced"=0 "DisableCachingOfSSLPages"=0 "WarnonZoneCrossing"=0 "CertificateRevocation"=1 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "ProxyOverride"=*.local [HKLM\Software\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Local Page"=C:\Windows\System32\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "DoNotTrack"=1 [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "WarnOnIntranet"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "AutoHide"=yes "Security Risk Page"=about:SecurityRisk "Extensions Off Page"=about:NoAdd-ons "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "Cache_Percent_of_Disk"=0x0A000000 "Placeholder_Width"=0x1A000000 "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "Placeholder_Height"=0x1A000000 "Default_Secondary_Page_URL"= "Use_Async_DNS"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Local Page"=C:\Windows\SysWOW64\blank.htm "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "DoNotTrack"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "Home"=270 "PostNotCached"=res://ieframe.dll/repost.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "mosaic"=http:// "www"=http:// "home"=http:// "ftp"=ftp:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "CodeBaseSearchPath"=CODEBASE "WarnOnIntranet"=1 "EnablePunycode"=1 "MinorVersion"=0 "ActiveXCache"=C:\Windows\Downloaded Program Files ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pdf] "Progid"=PDFXEdit.PDF "Application"=PDFXEdit.exe [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xcesession] "Progid"=PDFXEdit.XCESESSION "Application"=PDFXEdit.exe [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xclpack] "Progid"=PDFXEdit.XCLPACK "Application"=PDFXEdit.exe ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OverlayExcluded] - {4433A54A-1AC8-432F-90FC-85F045CF383C} -- C:\Program Files\Norton Security\Engine\22.14.0.54\buShell.dll [21/07/2023 11:35:45] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OverlayPending] - {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} -- C:\Program Files\Norton Security\Engine\22.14.0.54\buShell.dll [21/07/2023 11:35:45] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OverlayProtected] - {476D0EA3-80F9-48B5-B70B-05E677C9C148} -- C:\Program Files\Norton Security\Engine\22.14.0.54\buShell.dll [21/07/2023 11:35:45] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\Avast Software\Avast\ashShell.dll [20/07/2023 17:01:32] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [21/11/2014 11:15:49] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShareOverlay] - {594D4122-1F87-41E2-96C7-825FB4796516} -- C:\Program Files\Open-Shell\ClassicExplorer64.dll [12/05/2022 18:55:58] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OverlayExcluded] - {4433A54A-1AC8-432F-90FC-85F045CF383C} -- C:\Program Files\Norton Security\Engine32\22.14.0.54\buShell.dll [21/07/2023 11:35:44] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OverlayPending] - {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} -- C:\Program Files\Norton Security\Engine32\22.14.0.54\buShell.dll [21/07/2023 11:35:44] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OverlayProtected] - {476D0EA3-80F9-48B5-B70B-05E677C9C148} -- C:\Program Files\Norton Security\Engine32\22.14.0.54\buShell.dll [21/07/2023 11:35:44] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\Avast Software\Avast\x86\ashShell.dll [20/07/2023 17:00:20] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShareOverlay] - {594D4122-1F87-41E2-96C7-825FB4796516} -- C:\Program Files\Open-Shell\ClassicExplorer32.dll [12/05/2022 18:58:38] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Layout"=0x13000000000000000000000020000000100002002000000001000000000700005E01000007000000410100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000E3EFEB7F196B494398D2FFB09D4B49CA000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000076A09999E2A9994C8A2B632FC942922300000000000000000000000000000000 "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=0xE3EFEB7F196B494398D2FFB09D4B49CA0164070000 "ITBar7Layout64"=0x13000000000000000000000004000000100001000000000001000000000000005E010000060000004101000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000E3EFEB7F196B494398D2FFB09D4B49CA0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height"=0 [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "KnownProvidersUpgradeTime"=0xF695398546BAD901 "Version"=4 "UpgradeTime"=0x77DB018646BAD901 [HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{553891B7-A0D5-4526-BE18-D3CE461D6310}"= "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=Norton Toolbar [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{553891B7-A0D5-4526-BE18-D3CE461D6310}"= "{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=Norton Toolbar [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{56753E59-AF1D-4FBA-9E15-31557124ADA2}] : (Classic IE Settings) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7F9DB11C-E358-4ca6-A83D-ACC663939424}] : () - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{56753E59-AF1D-4FBA-9E15-31557124ADA2}] : (Classic IE Settings) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{7F9DB11C-E358-4ca6-A83D-ACC663939424}] : () - [] ---------- | SearchScopes [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}] - (Norton Safe Search) - https://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11913&l=dis&prt=NGC&chn=oem&geo=FR&ver=22.14.0.54&locale=en_FR&guid=533FC5D9-D168-413A-B8C9-4DB709A50C33&doi=2016-09-01&gct=kwd&qsrc=2869 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | ElevationPolicy [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{02E6771D-8375-42B9-9F83-B4730F697900}] - (C:\Program Files\Open-Shell) - Update.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041a5213-ea64-4c45-99af-70d7d8e902ec}] - (C:\Program Files\Internet Explorer) - ielowutil.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{067FB231-3933-4782-8F5E-1E17139E9B44}] - (C:\Program Files\Tracker Software\PDF Editor\) - C:\Program Files\Tracker Software\PDF Editor\PDFXHost32.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}] - (C:\Program Files\Norton Security\Engine\22.14.0.54) - symerr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56753E59-AF1D-4FBA-9E15-31557124ADA2}] - (C:\Program Files\Open-Shell) - ClassicIE_32.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\System32\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\system32\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F1C58E0-2797-4EB7-A74A-397B24BB769D}] - (C:\Program Files\Tracker Software\PDF-XChange Lite\) - C:\Program Files\Tracker Software\PDF-XChange Lite\pdfSaverL.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\System32\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9E7161E2-5C33-42A8-B73E-889664D28461}] - (C:\Program Files\Tracker Software\PDF Editor\) - C:\Program Files\Tracker Software\PDF Editor\PDFXHost64.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0393554-9B48-458A-B91B-3F684D003B2F}] - (C:\Program Files\Open-Shell) - ClassicIE_64.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DC20BE1E-4424-422A-8A6D-A3B3F751E93A}] - (C:\Program Files\Tracker Software\PDF Editor\) - C:\Program Files\Tracker Software\PDF Editor\PDFX.ProcessPool.Worker.x64.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\system32\IME\SHARED\) - imedictupdateui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{02E6771D-8375-42B9-9F83-B4730F697900}] - (C:\Program Files\Open-Shell) - Update.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{041a5213-ea64-4c45-99af-70d7d8e902ec}] - (C:\Program Files (x86)\Internet Explorer) - ielowutil.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}] - (C:\Program Files\Norton Security\Engine\22.14.0.54) - symerr.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{56753E59-AF1D-4FBA-9E15-31557124ADA2}] - (C:\Program Files\Open-Shell) - ClassicIE_32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\sysnative\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\SysWOW64\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0393554-9B48-458A-B91B-3F684D003B2F}] - (C:\Program Files\Open-Shell) - ClassicIE_64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\sysnative\IME\SHARED\) - imedictupdateui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : ---------- | Ext\Settings [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}] : : C:\Program Files\Open-Shell\ClassicExplorer32.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{553891B7-A0D5-4526-BE18-D3CE461D6310}] : : C:\Program Files\Open-Shell\ClassicExplorer32.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] : : C:\Program Files\Norton Security\Engine32\22.14.0.54\coIEPlg.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}] : : C:\Program Files\Norton Security\Engine32\22.14.0.54\coIEPlg.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9999A076-A9E2-4C99-8A2B-632FC9429223}] : : C:\Program Files (x86)\Bonjour SDK\Bin\ExplorerPlugin.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}] : : C:\Program Files\Open-Shell\ClassicIEDLL_32.dll ---------- | Ext\Stats [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2933BF90-7B36-11D2-B20E-00C04F983E60}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}] : : C:\Program Files\Open-Shell\ClassicExplorer32.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{53719C00-353D-4FCF-A8AB-1B1027B60A49}] : : C:\Program Files\Tracker Software\PDF Editor\iePDFXEditPlugin.x86.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{553891B7-A0D5-4526-BE18-D3CE461D6310}] : : C:\Program Files\Open-Shell\ClassicExplorer32.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] : : C:\Program Files\Norton Security\Engine32\22.14.0.54\coIEPlg.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}] : : C:\Program Files\Norton Security\Engine32\22.14.0.54\coIEPlg.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9999A076-A9E2-4C99-8A2B-632FC9429223}] : : C:\Program Files (x86)\Bonjour SDK\Bin\ExplorerPlugin.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}] : : C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F11-9C73-11D3-B32E-00C04F990BB4}] : : %SystemRoot%\System32\msxml3.dll ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}] -> (ExplorerBHO Class) : C:\Program Files\Open-Shell\ClassicExplorer32.dll [12/05/2022 18:58:38] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] -> (Norton Identity Safety) : C:\Program Files\Norton Security\Engine32\22.14.0.54\coIEPlg.dll [21/07/2023 11:36:18] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}] -> (ClassicIEBHO Class) : C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [12/05/2022 18:59:00] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}] -> (ExplorerBHO Class) : C:\Program Files\Open-Shell\ClassicExplorer32.dll [12/05/2022 18:58:38] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] -> (Norton Identity Safety) : C:\Program Files\Norton Security\Engine32\22.14.0.54\coIEPlg.dll [21/07/2023 11:36:18] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}] -> (ClassicIEBHO Class) : C:\Program Files\Open-Shell\ClassicIEDLL_32.dll [12/05/2022 18:59:00] ---------- | Chrome [HKLM\Software\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe] [HKLM\Software\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\iikflkcanblccfahdhdonehdalibjnif] ---------- | Opera ---------- | Firefox [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "bonjour4firefox@apple.com"=C:\Program Files (x86)\Bonjour SDK\Bin\FirefoxExtension\ [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf] - (Handles PDF files in place in the browser) : C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf] - (Handles PDF files in place in the browser) : C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf] - (Handles PDF files in place in the browser) : C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf] - (Handles PDF files in place in the browser) : C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf] - (Handles PDF files in place in the browser) : C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf] - (Handles PDF files in place in the browser) : C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf] - (Handles PDF files in place in the browser) : C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf] - (Handles PDF files in place in the browser) : C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf] - (Handles PDF files in place in the browser) : C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll C:\Users\2024antiasarl2023vex\AppData\Roaming\Mozilla\Firefox\Profiles\211gv617.default-esr\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20230706200017"); user_pref("browser.startup.homepage_override.mstone", "115.0.1"); user_pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"unified-extensions-area\":[],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"customizableui-special-spring1\",\"urlbar-container\",\"customizableui-special-spring2\",\"save-to-pocket-button\",\"downloads-button\",\"fxa-toolbar-menu-button\",\"unified-extensions-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"TabsToolbar\":[\"firefox-view-button\",\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"PersonalToolbar\":[\"personal-bookmarks\"]},\"seen\":[\"save-to-pocket-button\",\"developer-button\"],\"dirtyAreaCache\":[\"nav-bar\",\"PersonalToolbar\",\"toolbar-menubar\",\"TabsToolbar\"],\"currentVersion\":19,\"newElementCount\":2}"); user_pref("extensions.activeThemeID", "default-theme@mozilla.org"); user_pref("extensions.blocklist.pingCountVersion", 0); user_pref("extensions.databaseSchema", 35); user_pref("extensions.getAddons.cache.lastUpdate", 1689762032); user_pref("extensions.getAddons.databaseSchema", 6); user_pref("extensions.lastAppBuildId", "20230706200017"); user_pref("extensions.lastAppVersion", "115.0.1"); user_pref("extensions.lastPlatformVersion", "115.0.1"); user_pref("extensions.pendingOperations", false); user_pref("extensions.pictureinpicture.enable_picture_in_picture_overrides", true); user_pref("extensions.quarantinedDomains.list", "autoatendimento.bb.com.br,ibpf.sicredi.com.br,ibpj.sicredi.com.br,internetbanking.caixa.gov.br,www.ib12.bradesco.com.br,www2.bancobrasil.com.br"); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.webcompat.enable_shims", true); user_pref("extensions.webcompat.perform_injections", true); user_pref("extensions.webcompat.perform_ua_overrides", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.screenshots@mozilla.org", true); user_pref("extensions.webextensions.uuids", "{\"formautofill@mozilla.org\":\"e903e284-7fb5-4b5e-8ea9-e4bbbe16887c\",\"pictureinpicture@mozilla.org\":\"95d62c98-e7c8-4ea0-a675-4dd3fcb4994d\",\"screenshots@mozilla.org\":\"412b1045-12c4-4e3a-872c-ba91c606e0de\",\"webcompat-reporter@mozilla.org\":\"d9b7589d-e37c-4e45-b3d3-ca1488bba8fe\",\"webcompat@mozilla.org\":\"20616a31-e5aa-40f1-a755-a1cb9b6ba611\",\"default-theme@mozilla.org\":\"16f9de32-8aba-4977-a190-c9d14f11c633\",\"google@search.mozilla.org\":\"c272ab3c-b73e-46bf-a976-43b0d65b43ac\",\"wikipedia@search.mozilla.org\":\"62b43244-1cb7-48e4-8db6-5d79008b4b7b\",\"bing@search.mozilla.org\":\"ed8bfb3b-4caf-4812-90e8-c4c8294939ce\",\"amazon@search.mozilla.org\":\"edb05b7d-7ff5-452f-b05c-1a5150577920\",\"ddg@search.mozilla.org\":\"10573a8a-d65b-4da1-a959-52f049c6c6d5\",\"ebay@search.mozilla.org\":\"933e7423-2b04-4da5-88c2-9b20f204ee70\",\"qwant@search.mozilla.org\":\"a468d0d2-571b-4d13-9887-6b0c64b47020\",\"addons-search-detection@mozilla.com\":\"390d966f-03d4-40a3-b79c-10cdae190f6d\",\"holder@cholder\":\"4488f1cd-fb73-433d-9b77-f4221205649f\"}"); C:\Users\4rem été 2023 vexe s\AppData\Roaming\Mozilla\Firefox\Profiles\1r1h1ovi.default\Prefs.js C:\Users\4rem été 2023 vexe s\AppData\Roaming\Mozilla\Firefox\Profiles\gobgn6cm.default-esr\Prefs.js user_pref("browser.startup.homepage_override.buildID", "20230718155128"); user_pref("browser.startup.homepage_override.mstone", "115.0.3"); user_pref("browser.uiCustomization.state", "{\"placements\":{\"widget-overflow-fixed-list\":[],\"unified-extensions-area\":[],\"nav-bar\":[\"back-button\",\"forward-button\",\"stop-reload-button\",\"customizableui-special-spring1\",\"urlbar-container\",\"customizableui-special-spring2\",\"save-to-pocket-button\",\"downloads-button\",\"fxa-toolbar-menu-button\",\"unified-extensions-button\"],\"toolbar-menubar\":[\"menubar-items\"],\"TabsToolbar\":[\"firefox-view-button\",\"tabbrowser-tabs\",\"new-tab-button\",\"alltabs-button\"],\"PersonalToolbar\":[\"import-button\",\"personal-bookmarks\"]},\"seen\":[\"save-to-pocket-button\",\"developer-button\"],\"dirtyAreaCache\":[\"nav-bar\",\"PersonalToolbar\",\"toolbar-menubar\",\"TabsToolbar\"],\"currentVersion\":19,\"newElementCount\":2}"); user_pref("extensions.activeThemeID", "default-theme@mozilla.org"); user_pref("extensions.blocklist.pingCountVersion", 0); user_pref("extensions.databaseSchema", 35); user_pref("extensions.getAddons.cache.lastUpdate", 1690122627); user_pref("extensions.getAddons.databaseSchema", 6); user_pref("extensions.lastAppBuildId", "20230718155128"); user_pref("extensions.lastAppVersion", "115.0.3"); user_pref("extensions.lastPlatformVersion", "115.0.3"); user_pref("extensions.pendingOperations", true); user_pref("extensions.pictureinpicture.enable_picture_in_picture_overrides", true); user_pref("extensions.quarantinedDomains.list", "autoatendimento.bb.com.br,ibpf.sicredi.com.br,ibpj.sicredi.com.br,internetbanking.caixa.gov.br,www.ib12.bradesco.com.br,www2.bancobrasil.com.br"); user_pref("extensions.screenshots.disabled", true); user_pref("extensions.systemAddon.update.enabled", false); user_pref("extensions.systemAddon.update.url", ""); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}"); user_pref("extensions.webcompat.enable_shims", true); user_pref("extensions.webcompat.perform_injections", true); user_pref("extensions.webcompat.perform_ua_overrides", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.screenshots@mozilla.org", true); user_pref("extensions.webextensions.uuids", "{\"formautofill@mozilla.org\":\"79135462-a2c1-4c42-ac19-63f628572cfd\",\"pictureinpicture@mozilla.org\":\"5cae42fc-9b59-4d30-8f35-c6b6d1f5a40e\",\"screenshots@mozilla.org\":\"143ee8c9-01bb-44c0-a7e9-857aa29475e8\",\"webcompat-reporter@mozilla.org\":\"51d0663d-4f24-4c5e-ad5a-d37857daaac1\",\"webcompat@mozilla.org\":\"2670baca-d36a-4f0c-8d42-39a40ca1911a\",\"default-theme@mozilla.org\":\"bf3fdc3e-352c-499c-9ac4-a3ee2c754658\",\"google@search.mozilla.org\":\"e8bfb17a-f6ee-4561-913b-52863e102a18\",\"wikipedia@search.mozilla.org\":\"299ce61d-3c90-48c5-a4f8-055210ac1bc3\",\"bing@search.mozilla.org\":\"ddbee940-09e9-4b16-8dc0-42efbe64cb8b\",\"ddg@search.mozilla.org\":\"8e3c3976-5415-4c0d-9520-8df17a6f15bf\",\"ebay@search.mozilla.org\":\"7253e2b3-bd9e-40f4-9a67-f8470a80f871\",\"qwant@search.mozilla.org\":\"74eb8aea-43d5-4722-ad63-b0d79f5b437c\",\"addons-search-detection@mozilla.com\":\"98fb9702-9a3e-4bb2-83f2-b812d70abd9a\",\"amazon@search.mozilla.org\":\"b9636097-b8e6-4732-b1b7-a31ba6696a93\"}"); [Profile0] - Name=default-esr -> Profiles/211gv617.default-esr [Profile0] - Name=default-esr -> Profiles/gobgn6cm.default-esr ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{70BF30F0-8781-478B-85DF-F70992FF84D3}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{70BF30F0-8781-478B-85DF-F70992FF84D3}] "DhcpNameServer"=192.168.1.1 ---------- | ActiveX [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - -> [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - () - -> [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - -> [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - () - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - @%SystemRoot%\system32\themeui.dll,-2682 -> /UserInstall [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{78E345F7-E976-3595-9C30-2458D6A8EC32}] - (.NET Framework) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - @%SystemRoot%\system32\shell32.dll,-32969 -> U [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - (Google Chrome) - -> "C:\Program Files\Google\Chrome\Application\109.0.5414.149\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{EC43E638-09F0-38CC-A585-72FCCDDF035C}] - (.NET Framework) - -> ---------- | Applications [HKLM\SOFTWARE\Classes\Applications\EditPadLite8.exe] : "C:\Program Files\Just Great Software\EditPad Lite 8\EditPadLite8.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\pdfsam.exe] : "C:\Program Files\PDFsam Basic\pdfsam.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\PDFXEdit.exe] : "C:\Program Files\Tracker Software\PDF Editor\PDFXEdit.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\EditPadLite8.exe] : "C:\Program Files\Just Great Software\EditPad Lite 8\EditPadLite8.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\pdfsam.exe] : "C:\Program Files\PDFsam Basic\pdfsam.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PDFXEdit.exe] : "C:\Program Files\Tracker Software\PDF Editor\PDFXEdit.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | DCOMApplications Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af} Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68} Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba} Name: TabTip - AppID: {01419581-4d63-4d43-ac26-6e2fc976c1f3} Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030} Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd} Name: WinStore OM - AppID: {03e64e17-b220-4052-9b9b-155f9cb8e016} Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B} Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23} Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299} Name: EchoLink - AppID: {08C843FB-3AFA-456F-86C0-09AA21EAF9F3} Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A} Name: Proximity Sharing - AppID: {08FC06E4-C6B5-40BE-97B0-B80F943C615B} Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3} Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3} Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94} Name: Import Duplicate Detection Manager - AppID: {0C00D6E0-078D-4275-8110-4336695AA586} Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C} Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de} Name: Vista Elevated Windows Update Web Control - AppID: {11c058e0-9f3e-4c90-a459-2553f2f9e011} Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E} Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666} Name: Shell Create Object Task Server - AppID: {133eac4f-5891-4d04-bada-d84870380a80} Name: Shell Create Object Handler - AppID: {135fd325-45b7-4c30-89f8-4386961669f0} Name: TPM Virtual Smart Card VCard Module Manager - AppID: {150F28F1-49A5-4C28-BE1A-CFA854A1D04B} Name: Remote TPM Virtual Smart Card Manager - AppID: {152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC} Name: TPM Virtual Smart Card Manager - AppID: {16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A} Name: lfsvc - AppID: {18210155-49CD-444C-B582-FA9DE415B89F} Name: Immersive TPM Virtual Smart Card Manager - AppID: {19833350-BF9B-42A1-BDF0-BD1FCBE1FD31} Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Name: GIDS Smart Card Simulator Manager - AppID: {1AC32B1A-E379-4CAD-B655-F978A30856EC} Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6} Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c} Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0} Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2} Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7} Name: Microsoft Software Protection Platform Admin Object (Inner) - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A717} Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526} Name: Provisioning Core - AppID: {217700E0-0000-11DF-ADB9-F4CE462D9137} Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829} Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF} Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E} Name: WInRTDesktopBroker - AppID: {27550CA0-E9DE-4186-A566-37A59BB6CA69} Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E} Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78} Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A} Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5} Name: WinStore OM - AppID: {2CD19B3E-3897-4EAB-9AC6-B1438F520CA1} Name: DevicesFlow - AppID: {2F93C02D-77F9-46B4-95FB-8CBB81EEB62C} Name: Immersive Shell Broker - AppID: {2FD08A73-D1F1-43EB-B888-24C2496F95FD} Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7} Name: AuthHost - AppID: {31337EC7-5767-11CF-BEAB-00AA006C3606} Name: Immersive Shell - AppID: {316CDED5-E4AE-4B15-9113-7055D84DCC97} Name: Windows Push Notification Platform - AppID: {362cc086-4d81-4824-bbb5-666d34b3197d} Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB} Name: Microsoft Portable Workspace Launcher - AppID: {37B73D7B-A976-43AE-97E4-BD4977B241F2} Name: WorkspacePolicyProcessor - AppID: {3C3F40BC-60EB-4567-B90C-480C87C21AC1} Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F} Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e} Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7} Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683} Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25} Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c} Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91} Name: Connected User Store - AppID: {40AFA0B6-3B2F-4654-8C3F-161DE85CF80E} Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775} Name: SPP External COM Object - AppID: {44831FEC-DC51-4716-A7E1-E898FDF83C85} Name: Thumbnail Extraction Host Class - AppID: {4545dea0-2dfc-4906-a728-6d986ba399a9} Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29} Name: Application Activation Manager - AppID: {45BA127D-10A8-46EA-8AB7-56EA9078943C} Name: Health Key and Certificate Management - AppID: {46298684-0fd3-47f3-94b3-65650c65b36a} Name: Set Network Location Elevated Virtual Factory - AppID: {46B988E8-BEC2-401F-A1C5-16C694F26D3E} Name: RadioManagement Lib Class - AppID: {478B41E6-3257-4519-BDA8-E971F9843849} Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077} Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d} Name: Virtual Factory for Languages Configuration - AppID: {4A3F2F56-454A-4CC5-9734-BB7D8141AC0A} Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17} Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C} Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC} Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94} Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345} Name: ServiceModule - AppID: {4EB61BAC-A3B6-4760-9581-655041EF4D69} Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B} Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630} Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25} Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601} Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1} Name: NavShExt - AppID: {50FBD810-BC18-42A9-B2D4-0E8352AA8CA5} Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5} Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B} Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B} Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C} Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660} Name: LockScreenContentServer Out of Proc Helper for LockScreenContent Clients - AppID: {536AACFB-5238-4314-B4D4-5B0A2E8B968E} Name: ShareFlow - AppID: {549e57e9-b362-49d1-b679-b64d510efe4b} Name: Bonjour - AppID: {56608F9C-223B-4CB6-813D-85EDCCADFB4B} Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF} Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B} Name: PrintNotify - AppID: {588E10FA-0618-48A1-BE2F-0AD93E899FCC} Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2} Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61} Name: %SystemRoot%\System32\wsclient.dll - AppID: {5C917E9C-0B2F-40D6-928B-5C43FDB16DF4} Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1} Name: Splash screen - AppID: {5EAD00DC-0E8B-497C-BDE8-B9153058CBEF} Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1} Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D} Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327} Name: StartMenuHelper - AppID: {62D2FBE4-89F7-48A5-A35F-DA2B8A3C54B7} Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E} Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E} Name: ClassicExplorer - AppID: {65843E27-A491-429F-84A0-30A947E20F92} Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30} Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8} Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F} Name: Activator - AppID: {6c482a9c-033d-45fe-a01c-9722ef35e255} Name: Sensors CPL Change Device Permission LUA Helper - AppID: {6CE51F75-0448-438e-B9CA-69C352A248A7} Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b} Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56} Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56} Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B} Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce} Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca} Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5} Name: workfolderssvc - AppID: {712cedb9-16a4-4f79-801d-7de24d8c706e} Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC} Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD} Name: GeofenceServerSimulator - AppID: {72F8681D-D893-46a1-A3C4-CEC073EF3EC5} Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED} Name: PenIMC4 - AppID: {7568952A-571E-4C70-BEA9-7F9004393436} Name: Bulk File Operations Manager - AppID: {7649f23b-5a5e-4e2a-ba1e-fdeecb94ed83} Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950} Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070} Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100} Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d} Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7} Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829} Name: Shell Create Object Local Server - AppID: {7B6EA1D5-03C2-4AE4-B21C-8D0515CC91B7} Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32} Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6} Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB} Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715} Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {7FC12E96-4CB7-4ABD-ADAA-EF7845B10629} Name: RecuvaShell - AppID: {80109467-DE5A-42A1-9445-7E3952C80B6E} Name: OpenOffice Service Manager (Ver 1.0) - AppID: {82154420-0FBF-11d4-8313-005004526AB4} Name: WinStore OM - AppID: {82C49192-BE68-467F-BF50-971FD01DABF3} Name: CFmIfsEngine host - AppID: {82D94FB3-7FE6-4797-BB72-9A886C66073B} Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F} Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850} Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE} Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} Name: AppReadiness Service - AppID: {88283d7c-46f4-47d5-8fc2-db0b5cf0cb54} Name: SymDgnHc - AppID: {8933BDBF-DADC-44c3-BA6D-F944EBF16362} Name: Desktop Wallpaper Factory - AppID: {8B30085D-A3E3-44e3-AE7F-B03A1340EBED} Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854} Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB} Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee} Name: TiWorker - AppID: {8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D} Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C} Name: RdpSa - AppID: {8e7fae4d-cff0-41d3-a326-5a80470264bb} Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444} Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients - AppID: {924DC564-16A6-42EB-929A-9A61FA7DA06F} Name: HtmlLocalFileResolver - AppID: {93AAD2A0-036A-4B11-A078-DA8776B38139} Name: ServiceModule - AppID: {9465B4B4-5216-4042-9A2C-754D3BCDC410} Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60} Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7} Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Name: RuntimeBroker - AppID: {9CA88EE3-ACB7-47c8-AFC4-AB702511C276} Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8} Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030} Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D} Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Name: TrayNotify - AppID: {a2b77517-6d12-4c60-b0c6-725e971ec8fe} Name: Windows Parental Controls - AppID: {A2D8CFE7-7BA4-4bad-B86B-851376B59134} Name: rundll32.exe - AppID: {a2d9ca22-a492-400c-b875-78ac25c0a6f3} Name: Elevated System Settings COM Host - AppID: {A36294D6-90C9-4BA5-AD98-EEA4AB6D53D4} Name: Virtual Factory for Windows Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357} Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6} Name: DsmAdminApi - AppID: {A5065670-136D-4FD6-A45F-00C85B90359C} Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24} Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121} Name: Virtual Factory for MaintenanceUI - AppID: {A6BFEA43-501F-456F-A845-983D3AD7B8F0} Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F} Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50} Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D} Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22} Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94} Name: WPN Srumon Server - AppID: {ada41b3c-c6fd-4a08-8cc1-d6efde67be7d} Name: WorkspaceBroker Class - AppID: {B06FF84E-0A77-4DD2-A919-0EABD8979DC1} Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA} Name: NAP Agent Service - AppID: {B292921D-AF50-400c-9B75-0C57A7F29BA1} Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492} Name: WinStore OM - AppID: {B3823009-106A-4898-8C5A-F28A7CA83ED6} Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C} Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599} Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2} Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D} Name: Windows App Certification Kit Fast User Switching Utility Service - AppID: {B8DD253B-2CF6-4F4F-96F4-97D1E4D82C78} Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4} Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70} Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B} Name: Setting Sync Task Factory - AppID: {bcbb3f8c-2889-474f-8fb7-904d4a416145} Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B} Name: VM IC Heartbeat Service - AppID: {be0fc7f0-f248-4091-a123-34ca29a6901b} Name: Shell AutoPlay Direct - AppID: {BF8841C9-378A-4CAD-B4FC-5091366CBC0D} Name: ShellBrowserWindow - AppID: {c08afd90-f2a1-11d1-8455-00a0c91f3880} Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6} Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF} Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1} Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E} Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444} Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D} Name: Nap Elevated COM class - AppID: {c5bbbd35-e321-468a-9884-6708aa083f83} Name: EmailClient Class - AppID: {C6E0A4C8-A933-411E-8068-406C2391665F} Name: LockScreen Application Notification Broker - AppID: {C89FC3EF-A0DC-4feb-BFBC-F13A9C334D4F} Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9} Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81} Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D} Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C} Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F} Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B} Name: PrintIsolationSessionHost - AppID: {CB363445-F453-4C1E-8EE4-BD123C5E394F} Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF} Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF} Name: WcsPlugInServiceLib - AppID: {CD11FAB6-1C0E-45e1-BA31-5C6008EF2607} Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933} Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03} Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395} Name: TrackerUpdate COM Server - AppID: {CFF399DD-5017-4A64-BC49-235836DDDD56} Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7} Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5} Name: Color Management - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937} Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652} Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30} Name: CloudStorageWizard - AppID: {D8775A07-C529-4EA7-B307-BA7C8CBBDA03} Name: Microsoft Software Protection Platform Admin Object (outer) - AppID: {D8D4249F-A8FB-44A7-8AA0-564E8C385BD6} Name: Microsoft.Live.FolderShare.Client - AppID: {daa6bc26-4dfa-4e8f-8d5f-47202dc8e400} Name: Srumon Server - AppID: {ddcfd26b-feed-44cd-b71d-79487d2e5e5a} Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44} Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5} Name: LockScreen Call Broker - AppID: {DE7D3D65-5454-4EF5-9518-776739DAB39F} Name: ClassicIE - AppID: {DF3255F4-FF55-44FA-A728-E77B83E9E403} Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} Name: Immersive Print Dialog Surrogate - AppID: {E15FBAC2-C276-4523-92CA-561456EBCF3E} Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212} Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB} Name: Execute Unknown - AppID: {e44e9428-bdbc-4987-a099-40dc8fd255e7} Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A} Name: InstallShield InstallDriver - AppID: {E4A51076-BCD3-11D4-AB7D-00B0D02332EB} Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9} Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5} Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90} Name: Remove Device elevation surrogate - AppID: {E95186C7-7D80-4311-843D-0702CBC8B1E4} Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45e1-8E7D-64414AFF281A} Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8} Name: Remote Desktop Services Message Server - AppID: {EB521D7D-4095-4E61-88FB-BF25700F142A} Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A} Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A} Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58} Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147} Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7} Name: SyncEngineCOMServer - AppID: {EEABD3A3-784D-4334-AAFC-BB13234F17CF} Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC} Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7} Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801} Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A} Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248} Name: Windows Update Agent User Interface - AppID: {f62fdd2e-66d2-423b-9a04-f71ea00f892a} Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8} Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E} Name: WLIDFDP - AppID: {F828BB1A-2FAE-4AC4-AE6F-CAC9B529F996} Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7} Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333} Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E} Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb} Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160} Name: WinStore OM - AppID: {fc470800-12e0-4da3-81f3-e67240d19093} Name: Hotspot Auth Module - AppID: {FC5EEAF6-0002-11DF-ADB9-F4CE462D9137} Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9} Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00} Name: Proximity UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10C} Name: MP UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10D} Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559" Win32_DCOMApplication.AppID="{03e64e17-b220-4052-9b9b-155f9cb8e016}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{03e64e17-b220-4052-9b9b-155f9cb8e016}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03e64e17-b220-4052-9b9b-155f9cb8e016}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{03e64e17-b220-4052-9b9b-155f9cb8e016}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{03e64e17-b220-4052-9b9b-155f9cb8e016}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{03e64e17-b220-4052-9b9b-155f9cb8e016}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{11c058e0-9f3e-4c90-a459-2553f2f9e011}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{11c058e0-9f3e-4c90-a459-2553f2f9e011}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{11c058e0-9f3e-4c90-a459-2553f2f9e011}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{18210155-49CD-444C-B582-FA9DE415B89F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{18210155-49CD-444C-B582-FA9DE415B89F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{18210155-49CD-444C-B582-FA9DE415B89F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{18210155-49CD-444C-B582-FA9DE415B89F}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{478B41E6-3257-4519-BDA8-E971F9843849}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-80-611605672-2879557022-2206624263-4029342278-3129212340" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{5C917E9C-0B2F-40D6-928B-5C43FDB16DF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{5C917E9C-0B2F-40D6-928B-5C43FDB16DF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5C917E9C-0B2F-40D6-928B-5C43FDB16DF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6c482a9c-033d-45fe-a01c-9722ef35e255}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6c482a9c-033d-45fe-a01c-9722ef35e255}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6c482a9c-033d-45fe-a01c-9722ef35e255}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6CE51F75-0448-438e-B9CA-69C352A248A7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6CE51F75-0448-438e-B9CA-69C352A248A7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6CE51F75-0448-438e-B9CA-69C352A248A7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{6CF9B800-50DB-46B5-9218-EACF07F5E414}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{72F8681D-D893-46a1-A3C4-CEC073EF3EC5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{72F8681D-D893-46a1-A3C4-CEC073EF3EC5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{72F8681D-D893-46a1-A3C4-CEC073EF3EC5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{72F8681D-D893-46a1-A3C4-CEC073EF3EC5}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8933BDBF-DADC-44c3-BA6D-F944EBF16362}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9CA88EE3-ACB7-47c8-AFC4-AB702511C276}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9CA88EE3-ACB7-47c8-AFC4-AB702511C276}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9CA88EE3-ACB7-47c8-AFC4-AB702511C276}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{9CA88EE3-ACB7-47c8-AFC4-AB702511C276}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{9CA88EE3-ACB7-47c8-AFC4-AB702511C276}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A2D8CFE7-7BA4-4bad-B86B-851376B59134}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A2D8CFE7-7BA4-4bad-B86B-851376B59134}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A2D8CFE7-7BA4-4bad-B86B-851376B59134}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{A36294D6-90C9-4BA5-AD98-EEA4AB6D53D4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A36294D6-90C9-4BA5-AD98-EEA4AB6D53D4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A36294D6-90C9-4BA5-AD98-EEA4AB6D53D4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B8DD253B-2CF6-4F4F-96F4-97D1E4D82C78}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B8DD253B-2CF6-4F4F-96F4-97D1E4D82C78}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c5bbbd35-e321-468a-9884-6708aa083f83}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{CD11FAB6-1C0E-45e1-BA31-5C6008EF2607}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f62fdd2e-66d2-423b-9a04-f71ea00f892a}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f62fdd2e-66d2-423b-9a04-f71ea00f892a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f62fdd2e-66d2-423b-9a04-f71ea00f892a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{FE2F9D0D-18A4-4845-BA41-DE6451A66D11}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch DeviceInstall SystemEventsBroker "regsvc"=RemoteRegistry [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=PlugPlay DcomLaunch DeviceInstall ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\499c114e-8890-5040-9c02-24abe7d3ebe9] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\774f2290-3906-58eb-baae-35b0dc01c31e] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\AdjustBar] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Adlice Software] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Adobe] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\AG Projects] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\APCTab] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\AppDataLow] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Apple Inc.] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\ASpeedupTab] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\ATI] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\AVAST Software] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\BandiMPEG1] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\BANDISOFT] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\BridleBuddles] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Caphyon] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Chromium] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Code Sector] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\ComfortSoftware] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Cyberscrub] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\EFD Software] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\EUDK] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Gabest] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Glarysoft] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\GOG.com] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Google] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Grand Explorer] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\HSTools] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\HWiNFO64] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\IM Providers] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Intel] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\JGsoft] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\K1RFD] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Lavasoft] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Licenses] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\MBSP] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Michael Herf] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\MicroSIP] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Mine] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Mozilla] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\MozillaPlugins] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Norton] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Obsidium x64] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Onesafe Driver Manager] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Onesafe PC Cleaner] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\ONLYOFFICE] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\OpenOffice] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\OpenShell] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\PDFsam Basic] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\PinaJob] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Piriform] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Policies] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\RegisteredApplications] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Team17DigitalLTD] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\The Document Foundation] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Tracker Software] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\VB and VBA Program Settings] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\VS Revo Group] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Wow6432Node] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\.NETFramework] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Active Setup] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\ActiveMovie] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Assistance] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\AuthCookies] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Command Processor] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\CTF] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\DirectInput] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\EchoLink] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\EventSystem] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\F12] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Fax] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Feeds] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\FTP] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\IdentityCRL] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Internet Connection Wizard] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Internet Explorer] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Jitsi] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Keyboard] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\MediaPlayer] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\MSF] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Narrator] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Notepad] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Osk] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\PeerNet] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\PlayToReceiver] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Remote Assistance] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\ScreenMagnifier] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Speech] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Spelling] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\SQMClient] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\SystemCertificates] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\TabletTip] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\TelemetryClient] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\WAB] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\WcmSvc] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\wfs] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows Kits] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows Mail Setup] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows Media] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows NT] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Windows Search] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Wisp] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\RestartManager] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows\Roaming] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows\ShellNoRoam] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-3171542008-311482996-984047150-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\ac0666ae-ee66-5310-ac01-9d6348133b2d] [HKLM\Software\Acro Software Inc] [HKLM\Software\AMD] [HKLM\Software\Apple Inc.] [HKLM\Software\Ascrod] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\Avast Software] [HKLM\Software\BandiMPEG1] [HKLM\Software\Caphyon] [HKLM\Software\Clients] [HKLM\Software\Code Sector] [HKLM\Software\CodeGear] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Grand Explorer] [HKLM\Software\IM Providers] [HKLM\Software\Intel] [HKLM\Software\JGsoft] [HKLM\Software\Jitsi] [HKLM\Software\Khronos] [HKLM\Software\KPRM] [HKLM\Software\KVIrc] [HKLM\Software\LibreOffice] [HKLM\Software\Macromedia] [HKLM\Software\MBSP] [HKLM\Software\Michael Herf] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\Norton] [HKLM\Software\ODBC] [HKLM\Software\ONLYOFFICE] [HKLM\Software\OpenShell] [HKLM\Software\PDFsam Basic] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\RegisteredApplications] [HKLM\Software\Symantec] [HKLM\Software\The Document Foundation] [HKLM\Software\Tracker Software] [HKLM\Software\Volatile] [HKLM\Software\Wow6432Node] [HKLM\SOFTWARE\Microsoft\.NETFramework] [HKLM\SOFTWARE\Microsoft\Active Setup] [HKLM\SOFTWARE\Microsoft\ADs] [HKLM\SOFTWARE\Microsoft\Advanced INF Setup] [HKLM\SOFTWARE\Microsoft\ALG] [HKLM\SOFTWARE\Microsoft\AllUserInstallAgent] [HKLM\SOFTWARE\Microsoft\AMSI] [HKLM\SOFTWARE\Microsoft\Assistance] [HKLM\SOFTWARE\Microsoft\AuthHost] [HKLM\SOFTWARE\Microsoft\BidInterface] [HKLM\SOFTWARE\Microsoft\Chkdsk] [HKLM\SOFTWARE\Microsoft\COM3] [HKLM\SOFTWARE\Microsoft\Command Processor] [HKLM\SOFTWARE\Microsoft\Cryptography] [HKLM\SOFTWARE\Microsoft\CTF] [HKLM\SOFTWARE\Microsoft\DataAccess] [HKLM\SOFTWARE\Microsoft\DevDiv] [HKLM\SOFTWARE\Microsoft\Device Association Framework] [HKLM\SOFTWARE\Microsoft\Dfrg] [HKLM\SOFTWARE\Microsoft\DFS] [HKLM\SOFTWARE\Microsoft\DirectDraw] [HKLM\SOFTWARE\Microsoft\DirectInput] [HKLM\SOFTWARE\Microsoft\DirectMusic] [HKLM\SOFTWARE\Microsoft\DirectPlay8] [HKLM\SOFTWARE\Microsoft\DirectPlayNATHelp] [HKLM\SOFTWARE\Microsoft\DirectShow] [HKLM\SOFTWARE\Microsoft\DirectX] [HKLM\SOFTWARE\Microsoft\DownloadManager] [HKLM\SOFTWARE\Microsoft\Driver Signing] [HKLM\SOFTWARE\Microsoft\DRM] [HKLM\SOFTWARE\Microsoft\DVR] [HKLM\SOFTWARE\Microsoft\DXP] [HKLM\SOFTWARE\Microsoft\EAPSIMMethods] [HKLM\SOFTWARE\Microsoft\EnterpriseCertificates] [HKLM\SOFTWARE\Microsoft\EventSystem] [HKLM\SOFTWARE\Microsoft\F12] [HKLM\SOFTWARE\Microsoft\Fax] [HKLM\SOFTWARE\Microsoft\FaxServer] [HKLM\SOFTWARE\Microsoft\Feeds] [HKLM\SOFTWARE\Microsoft\FTH] [HKLM\SOFTWARE\Microsoft\Function Discovery] [HKLM\SOFTWARE\Microsoft\Fusion] [HKLM\SOFTWARE\Microsoft\HTMLHelp] [HKLM\SOFTWARE\Microsoft\IdentityCRL] [HKLM\SOFTWARE\Microsoft\IdentityStore] [HKLM\SOFTWARE\Microsoft\IHDS] [HKLM\SOFTWARE\Microsoft\IMAPI] [HKLM\SOFTWARE\Microsoft\IME] [HKLM\SOFTWARE\Microsoft\IMEJP] [HKLM\SOFTWARE\Microsoft\IMEKR] [HKLM\SOFTWARE\Microsoft\IMETC] [HKLM\SOFTWARE\Microsoft\Immersive Browser] [HKLM\SOFTWARE\Microsoft\InputMethod] [HKLM\SOFTWARE\Microsoft\Internet Account Manager] [HKLM\SOFTWARE\Microsoft\Internet Domains] [HKLM\SOFTWARE\Microsoft\Internet Explorer] [HKLM\SOFTWARE\Microsoft\IsoBurn] [HKLM\SOFTWARE\Microsoft\Location] [HKLM\SOFTWARE\Microsoft\MediaEngine] [HKLM\SOFTWARE\Microsoft\MediaPlayer] [HKLM\SOFTWARE\Microsoft\MemoryDiagnostic] [HKLM\SOFTWARE\Microsoft\MessengerService] [HKLM\SOFTWARE\Microsoft\Migwiz] [HKLM\SOFTWARE\Microsoft\MMC] [HKLM\SOFTWARE\Microsoft\Mobile] [HKLM\SOFTWARE\Microsoft\MSBuild] [HKLM\SOFTWARE\Microsoft\MSDE] [HKLM\SOFTWARE\Microsoft\MSDRM] [HKLM\SOFTWARE\Microsoft\MSDTC] [HKLM\SOFTWARE\Microsoft\MSF] [HKLM\SOFTWARE\Microsoft\MSLicensing] [HKLM\SOFTWARE\Microsoft\MSMQ] [HKLM\SOFTWARE\Microsoft\MSN Apps] [HKLM\SOFTWARE\Microsoft\Multimedia] [HKLM\SOFTWARE\Microsoft\NapServer] [HKLM\SOFTWARE\Microsoft\NET Framework Setup] [HKLM\SOFTWARE\Microsoft\NetSh] [HKLM\SOFTWARE\Microsoft\Network] [HKLM\SOFTWARE\Microsoft\NetworkAccessProtection] [HKLM\SOFTWARE\Microsoft\Non-Driver Signing] [HKLM\SOFTWARE\Microsoft\Notepad] [HKLM\SOFTWARE\Microsoft\ODBC] [HKLM\SOFTWARE\Microsoft\OEM] [HKLM\SOFTWARE\Microsoft\Office] [HKLM\SOFTWARE\Microsoft\Ole] [HKLM\SOFTWARE\Microsoft\OnlineProviders] [HKLM\SOFTWARE\Microsoft\Outlook Express] [HKLM\SOFTWARE\Microsoft\Photos] [HKLM\SOFTWARE\Microsoft\PLA] [HKLM\SOFTWARE\Microsoft\PowerShell] [HKLM\SOFTWARE\Microsoft\Print] [HKLM\SOFTWARE\Microsoft\RADAR] [HKLM\SOFTWARE\Microsoft\Ras] [HKLM\SOFTWARE\Microsoft\Reliability Analysis] [HKLM\SOFTWARE\Microsoft\RemovalTools] [HKLM\SOFTWARE\Microsoft\RendezvousApps] [HKLM\SOFTWARE\Microsoft\Router] [HKLM\SOFTWARE\Microsoft\Rpc] [HKLM\SOFTWARE\Microsoft\SchedulingAgent] [HKLM\SOFTWARE\Microsoft\Security Center] [HKLM\SOFTWARE\Microsoft\Sensors] [HKLM\SOFTWARE\Microsoft\Shared Tools] [HKLM\SOFTWARE\Microsoft\Shared Tools Location] [HKLM\SOFTWARE\Microsoft\SideShow] [HKLM\SOFTWARE\Microsoft\Software] [HKLM\SOFTWARE\Microsoft\Speech] [HKLM\SOFTWARE\Microsoft\SQMClient] [HKLM\SOFTWARE\Microsoft\Sync Framework] [HKLM\SOFTWARE\Microsoft\Sysprep] [HKLM\SOFTWARE\Microsoft\SystemCertificates] [HKLM\SOFTWARE\Microsoft\SystemSettings] [HKLM\SOFTWARE\Microsoft\TableTextService] [HKLM\SOFTWARE\Microsoft\TabletTip] [HKLM\SOFTWARE\Microsoft\Tcpip] [HKLM\SOFTWARE\Microsoft\TelemetryClient] [HKLM\SOFTWARE\Microsoft\Terminal Server Client] [HKLM\SOFTWARE\Microsoft\TermServLicensing] [HKLM\SOFTWARE\Microsoft\TMM] [HKLM\SOFTWARE\Microsoft\TouchPrediction] [HKLM\SOFTWARE\Microsoft\TPG] [HKLM\SOFTWARE\Microsoft\Tpm] [HKLM\SOFTWARE\Microsoft\Tracing] [HKLM\SOFTWARE\Microsoft\Transaction Server] [HKLM\SOFTWARE\Microsoft\TV System Services] [HKLM\SOFTWARE\Microsoft\uDRM] [HKLM\SOFTWARE\Microsoft\UPnP Device Host] [HKLM\SOFTWARE\Microsoft\Virtual Machine] [HKLM\SOFTWARE\Microsoft\VisualStudio] [HKLM\SOFTWARE\Microsoft\VSD3DProviders] [HKLM\SOFTWARE\Microsoft\WAB] [HKLM\SOFTWARE\Microsoft\Wbem] [HKLM\SOFTWARE\Microsoft\WcmSvc] [HKLM\SOFTWARE\Microsoft\WIMMount] [HKLM\SOFTWARE\Microsoft\Windows] [HKLM\SOFTWARE\Microsoft\Windows App Certification Kit] [HKLM\SOFTWARE\Microsoft\Windows Defender] [HKLM\SOFTWARE\Microsoft\Windows Desktop Search] [HKLM\SOFTWARE\Microsoft\Windows Kits] [HKLM\SOFTWARE\Microsoft\Windows Mail] [HKLM\SOFTWARE\Microsoft\Windows Media Device Manager] [HKLM\SOFTWARE\Microsoft\Windows Media Foundation] [HKLM\SOFTWARE\Microsoft\Windows Media Player NSS] [HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem] [HKLM\SOFTWARE\Microsoft\Windows NT] [HKLM\SOFTWARE\Microsoft\Windows Photo Viewer] [HKLM\SOFTWARE\Microsoft\Windows Portable Devices] [HKLM\SOFTWARE\Microsoft\Windows Script Host] [HKLM\SOFTWARE\Microsoft\Windows Search] [HKLM\SOFTWARE\Microsoft\WindowsRuntime] [HKLM\SOFTWARE\Microsoft\Wisp] [HKLM\SOFTWARE\Microsoft\WlanSvc] [HKLM\SOFTWARE\Microsoft\WSDAPI] [HKLM\SOFTWARE\Microsoft\WwanSvc] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\Software\WOW6432Node\Acro Software Inc] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AMD] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\ASpeedupTab] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\Avast Software] [HKLM\Software\WOW6432Node\BandiMPEG1] [HKLM\Software\WOW6432Node\BANDISOFT] [HKLM\Software\WOW6432Node\Code Sector] [HKLM\Software\WOW6432Node\ComfortSoftware] [HKLM\Software\WOW6432Node\Cyberscrub] [HKLM\Software\WOW6432Node\Glarysoft] [HKLM\Software\WOW6432Node\GOG.com] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\GPL Ghostscript] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\InstallerTech] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\ITA] [HKLM\Software\WOW6432Node\Jitsi] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Lavasoft] [HKLM\Software\WOW6432Node\Licenses] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Maxis] [HKLM\Software\WOW6432Node\MBSP] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenOffice] [HKLM\Software\WOW6432Node\Symantec] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\Wow6432Node] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\.NETFramework] [HKLM\Software\WOW6432Node\Microsoft\Active Setup] [HKLM\Software\WOW6432Node\Microsoft\ADs] [HKLM\Software\WOW6432Node\Microsoft\Advanced INF Setup] [HKLM\Software\WOW6432Node\Microsoft\AMSI] [HKLM\Software\WOW6432Node\Microsoft\Assistance] [HKLM\Software\WOW6432Node\Microsoft\AuthHost] [HKLM\Software\WOW6432Node\Microsoft\BidInterface] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] [HKLM\Software\WOW6432Node\Microsoft\Cryptography] [HKLM\Software\WOW6432Node\Microsoft\CTF] [HKLM\Software\WOW6432Node\Microsoft\DataAccess] [HKLM\Software\WOW6432Node\Microsoft\DevDiv] [HKLM\Software\WOW6432Node\Microsoft\Device Association Framework] [HKLM\Software\WOW6432Node\Microsoft\Direct3D] [HKLM\Software\WOW6432Node\Microsoft\DirectDraw] [HKLM\Software\WOW6432Node\Microsoft\DirectInput] [HKLM\Software\WOW6432Node\Microsoft\DirectMusic] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay8] [HKLM\Software\WOW6432Node\Microsoft\DirectPlayNATHelp] [HKLM\Software\WOW6432Node\Microsoft\DirectShow] [HKLM\Software\WOW6432Node\Microsoft\DirectX] [HKLM\Software\WOW6432Node\Microsoft\DownloadManager] [HKLM\Software\WOW6432Node\Microsoft\DRM] [HKLM\Software\WOW6432Node\Microsoft\DVR] [HKLM\Software\WOW6432Node\Microsoft\EAPSIMMethods] [HKLM\Software\WOW6432Node\Microsoft\Exchange] [HKLM\Software\WOW6432Node\Microsoft\Fax] [HKLM\Software\WOW6432Node\Microsoft\Feeds] [HKLM\Software\WOW6432Node\Microsoft\Function Discovery] [HKLM\Software\WOW6432Node\Microsoft\Fusion] [HKLM\Software\WOW6432Node\Microsoft\HTMLHelp] [HKLM\Software\WOW6432Node\Microsoft\IdentityCRL] [HKLM\Software\WOW6432Node\Microsoft\IdentityStore] [HKLM\Software\WOW6432Node\Microsoft\IMAPI] [HKLM\Software\WOW6432Node\Microsoft\IME] [HKLM\Software\WOW6432Node\Microsoft\IMEJP] [HKLM\Software\WOW6432Node\Microsoft\IMEKR] [HKLM\Software\WOW6432Node\Microsoft\IMETC] [HKLM\Software\WOW6432Node\Microsoft\Immersive Browser] [HKLM\Software\WOW6432Node\Microsoft\InputMethod] [HKLM\Software\WOW6432Node\Microsoft\Internet Account Manager] [HKLM\Software\WOW6432Node\Microsoft\Internet Domains] [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer] [HKLM\Software\WOW6432Node\Microsoft\IsoBurn] [HKLM\Software\WOW6432Node\Microsoft\Jet] [HKLM\Software\WOW6432Node\Microsoft\Location] [HKLM\Software\WOW6432Node\Microsoft\MediaEngine] [HKLM\Software\WOW6432Node\Microsoft\MediaPlayer] [HKLM\Software\WOW6432Node\Microsoft\MessengerService] [HKLM\Software\WOW6432Node\Microsoft\Microsoft SDKs] [HKLM\Software\WOW6432Node\Microsoft\MMC] [HKLM\Software\WOW6432Node\Microsoft\MSBuild] [HKLM\Software\WOW6432Node\Microsoft\MSDE] [HKLM\Software\WOW6432Node\Microsoft\MSDRM] [HKLM\Software\WOW6432Node\Microsoft\MSDTC] [HKLM\Software\WOW6432Node\Microsoft\MSF] [HKLM\Software\WOW6432Node\Microsoft\MSLicensing] [HKLM\Software\WOW6432Node\Microsoft\MSN Apps] [HKLM\Software\WOW6432Node\Microsoft\Multimedia] [HKLM\Software\WOW6432Node\Microsoft\NapServer] [HKLM\Software\WOW6432Node\Microsoft\NET Framework Setup] [HKLM\Software\WOW6432Node\Microsoft\netsh] [HKLM\Software\WOW6432Node\Microsoft\Network] [HKLM\Software\WOW6432Node\Microsoft\NetworkAccessProtection] [HKLM\Software\WOW6432Node\Microsoft\Notepad] [HKLM\Software\WOW6432Node\Microsoft\ODBC] [HKLM\Software\WOW6432Node\Microsoft\OEM] [HKLM\Software\WOW6432Node\Microsoft\Office] [HKLM\Software\WOW6432Node\Microsoft\OnlineProviders] [HKLM\Software\WOW6432Node\Microsoft\Outlook Express] [HKLM\Software\WOW6432Node\Microsoft\Photos] [HKLM\Software\WOW6432Node\Microsoft\PLA] [HKLM\Software\WOW6432Node\Microsoft\PowerShell] [HKLM\Software\WOW6432Node\Microsoft\Print] [HKLM\Software\WOW6432Node\Microsoft\RADAR] [HKLM\Software\WOW6432Node\Microsoft\Reliability Analysis] [HKLM\Software\WOW6432Node\Microsoft\RendezvousApps] [HKLM\Software\WOW6432Node\Microsoft\RFC1156Agent] [HKLM\Software\WOW6432Node\Microsoft\SchedulingAgent] [HKLM\Software\WOW6432Node\Microsoft\Security Center] [HKLM\Software\WOW6432Node\Microsoft\Sensors] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools Location] [HKLM\Software\WOW6432Node\Microsoft\Software] [HKLM\Software\WOW6432Node\Microsoft\Speech] [HKLM\Software\WOW6432Node\Microsoft\SQMClient] [HKLM\Software\WOW6432Node\Microsoft\Sync Framework] [HKLM\Software\WOW6432Node\Microsoft\TableTextService] [HKLM\Software\WOW6432Node\Microsoft\TabletTip] [HKLM\Software\WOW6432Node\Microsoft\Tcpip] [HKLM\Software\WOW6432Node\Microsoft\Terminal Server Client] [HKLM\Software\WOW6432Node\Microsoft\TouchPrediction] [HKLM\Software\WOW6432Node\Microsoft\TPG] [HKLM\Software\WOW6432Node\Microsoft\Tpm] [HKLM\Software\WOW6432Node\Microsoft\Tracing] [HKLM\Software\WOW6432Node\Microsoft\TV System Services] [HKLM\Software\WOW6432Node\Microsoft\uDRM] [HKLM\Software\WOW6432Node\Microsoft\Updates] [HKLM\Software\WOW6432Node\Microsoft\UPnP Device Host] [HKLM\Software\WOW6432Node\Microsoft\VisualStudio] [HKLM\Software\WOW6432Node\Microsoft\VSD3DProviders] [HKLM\Software\WOW6432Node\Microsoft\WAB] [HKLM\Software\WOW6432Node\Microsoft\WBEM] [HKLM\Software\WOW6432Node\Microsoft\WIMMount] [HKLM\Software\WOW6432Node\Microsoft\Windows] [HKLM\Software\WOW6432Node\Microsoft\Windows Desktop Search] [HKLM\Software\WOW6432Node\Microsoft\Windows Kits] [HKLM\Software\WOW6432Node\Microsoft\Windows Mail] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Device Manager] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Foundation] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Player NSS] [HKLM\Software\WOW6432Node\Microsoft\Windows Messaging Subsystem] [HKLM\Software\WOW6432Node\Microsoft\Windows NT] [HKLM\Software\WOW6432Node\Microsoft\Windows Photo Viewer] [HKLM\Software\WOW6432Node\Microsoft\Windows Portable Devices] [HKLM\Software\WOW6432Node\Microsoft\Windows Script Host] [HKLM\Software\WOW6432Node\Microsoft\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\WindowsRuntime] [HKLM\Software\WOW6432Node\Microsoft\Wisp] [HKLM\Software\WOW6432Node\Microsoft\WlanSvc] [HKLM\Software\WOW6432Node\Microsoft\WSDAPI] [HKLM\Software\WOW6432Node\Microsoft\COM3] [HKLM\Software\WOW6432Node\Microsoft\DFS] [HKLM\Software\WOW6432Node\Microsoft\Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseCertificates] [HKLM\Software\WOW6432Node\Microsoft\EventSystem] [HKLM\Software\WOW6432Node\Microsoft\MSMQ] [HKLM\Software\WOW6432Node\Microsoft\Non-Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\Ole] [HKLM\Software\WOW6432Node\Microsoft\Ras] [HKLM\Software\WOW6432Node\Microsoft\Rpc] [HKLM\Software\WOW6432Node\Microsoft\SystemCertificates] [HKLM\Software\WOW6432Node\Microsoft\TermServLicensing] [HKLM\Software\WOW6432Node\Microsoft\Transaction Server] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | FeatureControl [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "DigitalEditions.exe"="1" [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "flux.exe"="11000" "AdvancePCPro.exe"="9999" "pc-decrapifier.exe"="9999" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL] "WindowsAnytimeUpgradeUI.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "prevhost.exe"="1" "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "iexplore.exe"="1" "*"="1" "infopath.exe"="0" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "prevhost.exe"="1" "HelpPane.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "bdcam.exe"="11000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "iexplore.exe"="1" "SAPLOGON.exe"="0" "SAPLgPad.exe"="0" "explorer.exe"="1" "SAPGuiIT.exe"="0" "wmplayer.exe"="1" "SAPfewgsrv.exe"="0" "Scale_for_R3.exe"="0" "SAPGUI.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "iexplore.exe"="1" "ieuser.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "helppane.exe"="1" "devenv.exe"="1" "dexplore.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "wm.exe"="1" "cs.exe"="1" "waol.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "prevhost.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "prevhost.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "sidebar.exe"="1" "outlook.exe"="1" "mshta.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "iexplore.exe"="0" "explorer.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "prevhost.exe"="1" "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "prevhost.exe"="1" "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "prevhost.exe"="1" "winmail.exe"="1" "msimn.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "prevhost.exe"="1" "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "HelpPane.exe"="1" "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION] "bdcam.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "prevhost.exe"="0" "HelpPane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "winmail.exe"="1" "msimn.exe"="1" "outlook.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "infopath.exe"="1" "winword.exe"="1" "excel.exe"="1" "powerpnt.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "prevhost.exe"="1" "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "prevhost.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "prevhost.exe"="1" "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "iexplore.exe"="1" "*"="1" "infopath.exe"="0" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "AdvancePCPro.exe"="9999" "PDFXEdit.exe"="11000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "iexplore.exe"="1" "SAPLOGON.exe"="0" "SAPLgPad.exe"="0" "explorer.exe"="1" "SAPGuiIT.exe"="0" "wmplayer.exe"="1" "SAPfewgsrv.exe"="0" "Scale_for_R3.exe"="0" "SAPGUI.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "iexplore.exe"="1" "ieuser.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "helppane.exe"="1" "PresentationHost.exe"="0" "devenv.exe"="1" "dexplore.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "wm.exe"="1" "cs.exe"="1" "waol.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "explorer.exe"="1" "PresentationHost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "sidebar.exe"="1" "outlook.exe"="1" "mshta.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "iexplore.exe"="0" "explorer.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "winmail.exe"="1" "prevhost.exe"="1" "msimn.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "prevhost.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "HelpPane.exe"="1" "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "winmail.exe"="1" "msimn.exe"="1" "outlook.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "infopath.exe"="1" "winword.exe"="1" "excel.exe"="1" "powerpnt.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "iexplore.exe"="1" "explorer.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "iexplore.exe"="1" "prevhost.exe"="1" "explorer.exe"="1" "PresentationHost.exe"="1" "wmplayer.exe"="1" ---------- | The Created last ones ¦ Modified [MD5.00000000000000000000000000000000] - [20/07/2023 16:33:26] - |D| - [3310592] - C:\Program Files (x86)\AmonDoveY [MD5.00000000000000000000000000000000] - [19/07/2023 15:45:30] - |D| - [4321248280] - C:\Program Files (x86)\Anti-ASARL Videos & Suite v1 [MD5.00000000000000000000000000000000] - [20/07/2023 12:27:05] - |D| - [317546] - C:\Program Files (x86)\Application Verifier [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:27] - |D| - [66233413] - C:\Program Files (x86)\ATI Technologies [MD5.00000000000000000000000000000000] - [23/07/2023 21:17:36] - |D| - [9130326] - C:\Program Files (x86)\BandiMPEG1 [MD5.00000000000000000000000000000000] - [20/07/2023 14:18:58] - |D| - [617164] - C:\Program Files (x86)\Bonjour [MD5.00000000000000000000000000000000] - [20/07/2023 14:19:30] - |D| - [1015712] - C:\Program Files (x86)\Bonjour SDK [MD5.00000000000000000000000000000000] - [20/07/2023 11:32:31] - |D| - [10823993] - C:\Program Files (x86)\ComfortClipboard [MD5.00000000000000000000000000000000] - [20/07/2023 19:11:08] - |D| - [5217084] - C:\Program Files (x86)\CutePDF Writer [MD5.00000000000000000000000000000000] - [21/07/2023 10:21:15] - |D| - [7654633] - C:\Program Files (x86)\Decrap my Computer [MD5.00000000000000000000000000000000] - [20/07/2023 14:32:49] - |D| - [664729114] - C:\Program Files (x86)\Evernote [MD5.00000000000000000000000000000000] - [20/07/2023 11:25:18] - |D| - [31896863] - C:\Program Files (x86)\Glarysoft [MD5.00000000000000000000000000000000] - [20/07/2023 19:14:09] - |D| - [14001334] - C:\Program Files (x86)\GPLGS [MD5.00000000000000000000000000000000] - [20/07/2023 21:56:58] - |D| - [0] - C:\Program Files (x86)\K1RFD [MD5.00000000000000000000000000000000] - [20/07/2023 12:28:33] - |D| - [16196123] - C:\Program Files (x86)\Microsoft SDKs [MD5.00000000000000000000000000000000] - [19/07/2023 15:43:55] - |D| - [345991] - C:\Program Files (x86)\Mozilla Maintenance Service [MD5.00000000000000000000000000000000] - [20/07/2023 16:16:56] - |D| - [0] - C:\Program Files (x86)\MuleMRTG [MD5.00000000000000000000000000000000] - [20/07/2023 12:02:19] - |D| - [744926922] - C:\Program Files (x86)\Windows Kits [MD5.00000000000000000000000000000000] - [23/07/2023 20:06:38] - |D| - [32342252] - C:\Program Files (x86)\WinUtilities [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/07/2023 16:06:25] - |A| - [0] - C:\Windows\ativpsrm.bin [MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/07/2023 16:34:51] - |A| - [0] - C:\Windows\BoosteFry.INI [MD5.1510F02DD6CFDB245875119E20D6CA0B] - [22/07/2023 14:44:01] - |A| - [10123] - C:\Windows\DirectX.log [MD5.00000000000000000000000000000000] - [21/07/2023 10:51:15] - |D| - [10941451] - C:\Windows\Downloaded Installations [MD5.00000000000000000000000000000000] - [20/07/2023 00:37:36] - |D| - [2788770] - C:\Windows\Panther [MD5.00000000000000000000000000000000] - [19/07/2023 14:44:36] - |D| - [11371299] - C:\Windows\Prefetch [MD5.00000000000000000000000000000000] - [19/07/2023 14:57:56] - |D| - [4250738737] - C:\Windows\SoftwareDistribution [MD5.19D760EFF4ADC7FB13CC15C6C86EFC23] - [19/07/2023 14:57:53] - |A| - [1403098] - C:\Windows\WindowsUpdate.log [MD5.00000000000000000000000000000000] - [20/07/2023 11:58:13] - |SHD| - [193803872] - C:\Windows\Installer\$PatchCache$ [MD5.577CE893B2CFC4CA5FA946E95AEE0135] - [20/07/2023 11:32:45] - |A| - [851968] - C:\Windows\Installer\4858e9f.msi [MD5.C7F3408A868A488F5F655A54DE2167DF] - [20/07/2023 11:32:40] - |RA| - [48087040] - C:\Windows\Installer\4858ea0.msp [MD5.3F0AE0423DE6427890A24132F587CC17] - [20/07/2023 11:37:42] - |A| - [544768] - C:\Windows\Installer\4858eb3.msi [MD5.78892F2850F56B4B51AB2867F9A7283F] - [20/07/2023 11:37:39] - |RA| - [22364160] - C:\Windows\Installer\4858eb4.msp [MD5.7C56E78745D1D0E66F655B0E23224CC4] - [20/07/2023 11:40:45] - |A| - [294912] - C:\Windows\Installer\4858ebc.msi [MD5.D8BE4AC5010D8D2848A18B7DA029459D] - [20/07/2023 11:40:41] - |RA| - [31866880] - C:\Windows\Installer\4858ebd.msp [MD5.51BD5CA2C9096EB3A5D475AEDE46D50A] - [20/07/2023 11:41:36] - |A| - [294912] - C:\Windows\Installer\4858ec5.msi [MD5.FA5F5892E0F3DAD859D278615834681C] - [20/07/2023 11:41:33] - |RA| - [581632] - C:\Windows\Installer\4858ec6.msp [MD5.3BE2B8AFB0D77029D213A4FEDCF7B116] - [20/07/2023 11:41:53] - |A| - [294912] - C:\Windows\Installer\4858ece.msi [MD5.0A8C3FA026449B860AFB79E55466250E] - [20/07/2023 11:41:52] - |RA| - [684032] - C:\Windows\Installer\4858ecf.msp [MD5.090855CD4FCD6652C738996923314A11] - [20/07/2023 11:42:23] - |A| - [299008] - C:\Windows\Installer\4858ed7.msi [MD5.19CA1C512D8513266F084AF69FFDD941] - [20/07/2023 11:42:21] - |RA| - [17629184] - C:\Windows\Installer\4858ed8.msp [MD5.C429345C9FCEB19EE416D5F7096524D2] - [20/07/2023 11:42:56] - |A| - [299008] - C:\Windows\Installer\4858ee0.msi [MD5.C4884DC0CA65516D51531C95A326EB27] - [20/07/2023 11:42:52] - |RA| - [18862080] - C:\Windows\Installer\4858ee1.msp [MD5.FDD52D290B3586EE297E802856322963] - [20/07/2023 11:43:36] - |A| - [13373440] - C:\Windows\Installer\4858ee9.msi [MD5.9CC6ECB1A8099CFF2DC0B3197C879C41] - [20/07/2023 11:43:14] - |RA| - [6864896] - C:\Windows\Installer\4858eea.msp [MD5.E86D3A7C69488D0E8E0E95ED3F65C383] - [20/07/2023 11:44:33] - |A| - [294912] - C:\Windows\Installer\4858ef2.msi [MD5.34CC8307BE9FFFE5B3E0B03B772714F2] - [20/07/2023 11:44:31] - |RA| - [35237888] - C:\Windows\Installer\4858ef3.msp [MD5.D53C5E43F0B702CA6FD2D4061499F1F9] - [20/07/2023 11:47:21] - |A| - [405504] - C:\Windows\Installer\4858efb.msi [MD5.45AF44FC2D597FAAC9B6DF8596B30DD1] - [20/07/2023 11:47:11] - |RA| - [59424768] - C:\Windows\Installer\4858efc.msp [MD5.5672798DF89D836D5DA4228D43AC8D2C] - [20/07/2023 11:49:15] - |A| - [3510272] - C:\Windows\Installer\4858f04.msi [MD5.79FA263C9C1638619F81199DD57F4C6F] - [20/07/2023 11:49:12] - |RA| - [1925120] - C:\Windows\Installer\4858f05.msp [MD5.905641A937F2941FC61E0C42DFD15559] - [20/07/2023 11:49:16] - |A| - [417792] - C:\Windows\Installer\4858f0c.msi [MD5.B9F3BDAB5480CC9AE7B52654CE8407A9] - [20/07/2023 11:49:22] - |A| - [323584] - C:\Windows\Installer\4858f13.msi [MD5.84BEC4AF693793D6C1D3E43DF479C92C] - [20/07/2023 11:49:35] - |A| - [290816] - C:\Windows\Installer\4858f1a.msi [MD5.DD789128124D186AC2012B79D8A9B34D] - [20/07/2023 11:50:13] - |A| - [454656] - C:\Windows\Installer\4858f24.msi [MD5.388995D3EF64825EF243D73FD4CE6AEC] - [20/07/2023 11:50:10] - |RA| - [18468864] - C:\Windows\Installer\4858f25.msp [MD5.1560CF35AB787E0FB75807FB7F210E82] - [20/07/2023 11:50:47] - |A| - [385024] - C:\Windows\Installer\4858f30.msi [MD5.B0BED43E698D4D5C37FA3A5EBA5C0ED3] - [20/07/2023 11:50:47] - |RA| - [3305472] - C:\Windows\Installer\4858f31.msp [MD5.034BBF59634C7A21E981F89C51C2471C] - [20/07/2023 11:51:05] - |A| - [294912] - C:\Windows\Installer\4858f39.msi [MD5.1E65FD9A6AF9C0043CD51210D8B11584] - [20/07/2023 11:51:02] - |RA| - [49152] - C:\Windows\Installer\4858f3a.msp [MD5.157405F53FB88D014349488EE632A1E3] - [20/07/2023 11:51:40] - |A| - [294912] - C:\Windows\Installer\4858f42.msi [MD5.AD12192D3CE6C8158BB57C97A45D56DA] - [20/07/2023 11:51:36] - |RA| - [3387392] - C:\Windows\Installer\4858f43.msp [MD5.8D0E7E1F8C333975BAE8E731AC639388] - [20/07/2023 14:27:57] - |A| - [57224192] - C:\Windows\Installer\51446fe.msi [MD5.383544E80BCDF2BFFCA253C6E0D950F5] - [20/07/2023 14:35:25] - |A| - [191168512] - C:\Windows\Installer\51b2897.msi [MD5.7B80938F2B8F86F54A062EB8AFA282AA] - [20/07/2023 12:07:45] - |A| - [360321024] - C:\Windows\Installer\526442d.msi [MD5.F60619336A896E247B3A2ED3E3CEA39A] - [20/07/2023 12:23:27] - |A| - [1231609856] - C:\Windows\Installer\544e436.msi [MD5.FF0F49238B2F54908C0D249821731336] - [20/07/2023 12:26:22] - |A| - [70557696] - C:\Windows\Installer\61aa253.msi [MD5.2883997F4591DCBB700744B7E10C615A] - [20/07/2023 12:29:36] - |A| - [354361344] - C:\Windows\Installer\61aa254.msi [MD5.7AA54823D63F1236CA88011F7E67A623] - [20/07/2023 20:56:36] - |A| - [5040587] - C:\Windows\Installer\67827ab.msi [MD5.BCD3588BACD2CCFD500CC8920192DA7B] - [05/07/2023 12:45:42] - |A| - [3415552] - C:\Windows\Installer\67827b2.msi [MD5.2883997F4591DCBB700744B7E10C615A] - [20/07/2023 21:39:03] - |A| - [354361344] - C:\Windows\Installer\69ef42a.msi [MD5.00000000000000000000000000000000] - [20/07/2023 19:19:02] - |D| - [0] - C:\Windows\Installer\MSIAEE2.tmp- [MD5.2E06A69326429A9BC4DF30E7D13FC052] - [20/07/2023 19:21:20] - |A| - [7386031] - C:\Windows\Installer\MSID600.tmp [MD5.A66582D1D53BF74D10CA41B32408BD4E] - [20/07/2023 15:13:13] - |A| - [20480] - C:\Windows\Installer\SourceHash{0025DD72-A959-45B5-A0A3-7EFEB15A8050} [MD5.151E08421E18C7B99D1E3A35A7FCC24C] - [19/07/2023 16:07:58] - |A| - [20480] - C:\Windows\Installer\SourceHash{070232F8-068B-1FF6-B5C4-F8F38E09C7E1} [MD5.0375679609A785B40489D81807EEEBE6] - [20/07/2023 19:20:51] - |A| - [20480] - C:\Windows\Installer\SourceHash{0EF28CD3-9372-475F-ADAC-3286280CBC3A} [MD5.954ABB7243D1A61075C291DF2E5F2D95] - [19/07/2023 16:08:01] - |A| - [20480] - C:\Windows\Installer\SourceHash{104DE091-6C4F-C5A9-F619-5D6C965A0296} [MD5.6C007F8F031238C7D0665E3DD828FEFA] - [20/07/2023 15:22:46] - |A| - [20480] - C:\Windows\Installer\SourceHash{18661EC5-2942-4C88-BCC1-A8A0DE135DA8} [MD5.F074F7D6166D1176E71E6A0D3B934C69] - [20/07/2023 12:28:10] - |A| - [20480] - C:\Windows\Installer\SourceHash{19A5926D-66E1-46FC-854D-163AA10A52D3} [MD5.6034BBEA3C3639BF1BA71FB958232131] - [20/07/2023 12:36:13] - |A| - [20480] - C:\Windows\Installer\SourceHash{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE} [MD5.9D7950132F9C52417994800F79464702] - [20/07/2023 12:38:00] - |A| - [20480] - C:\Windows\Installer\SourceHash{1F5C7BAE-1E1A-7C93-1B90-84CE308AFC1C} [MD5.D3857A9CE1A484E7991AC567308E88A2] - [19/07/2023 16:07:29] - |A| - [20480] - C:\Windows\Installer\SourceHash{25A3B953-1423-3F15-640E-B620DD0F419A} [MD5.40EC0B983F2FC05CDD4D68C5249AA9F1] - [19/07/2023 16:07:42] - |A| - [20480] - C:\Windows\Installer\SourceHash{285C9F30-3BF8-697B-BD1D-353435E94B78} [MD5.AE5EBD153B012BB00812B8291CE1C52F] - [19/07/2023 16:07:43] - |A| - [20480] - C:\Windows\Installer\SourceHash{29967A7C-6E18-91CD-BBE4-9C09F401E950} [MD5.92FF0C5F53CEDA71D3D69F5A59CEEFD4] - [20/07/2023 15:49:53] - |A| - [20480] - C:\Windows\Installer\SourceHash{2A4553B2-B56E-1014-AED5-97CC8B569609} [MD5.63EF36385D2EA8F9042357D48D4278CF] - [20/07/2023 14:19:27] - |A| - [20480] - C:\Windows\Installer\SourceHash{3002F564-4BC6-496A-9EB1-6656F0ADD0F5} [MD5.0D90F13E91F58E5C161A5D79FD3CB543] - [20/07/2023 14:28:02] - |A| - [20480] - C:\Windows\Installer\SourceHash{30589E5B-46DD-446F-B3DA-5D9F5AE5CC3E} [MD5.6E4DE410CEB35D0AB577624C4D4BA40C] - [20/07/2023 19:16:31] - |A| - [20480] - C:\Windows\Installer\SourceHash{337435D9-A24E-4655-90A6-4DD51FFFBB59} [MD5.B5261DDB9BA065E02668535629C27841] - [20/07/2023 12:18:20] - |A| - [20480] - C:\Windows\Installer\SourceHash{34B86C7D-4103-201B-3A13-03934DB11543} [MD5.0AA3EA150337A5BAFFE785DF515F6AF5] - [20/07/2023 12:13:10] - |A| - [20480] - C:\Windows\Installer\SourceHash{37464E70-B0B9-9DFF-649A-CBE169BAD657} [MD5.FB95E077D443E6E1152812E0E6EECBCC] - [22/07/2023 14:38:27] - |A| - [20480] - C:\Windows\Installer\SourceHash{37B8F9C7-03FB-3253-8781-2517C99D7C00} [MD5.AE4AA41387DAE7B77F1E289437E90BEF] - [20/07/2023 20:59:56] - |A| - [32768] - C:\Windows\Installer\SourceHash{3B52584E-B01A-456B-A6D9-A2135F8B1E98} [MD5.998EC4CFE55F50EBC1A8C992D0279406] - [19/07/2023 16:08:03] - |A| - [20480] - C:\Windows\Installer\SourceHash{4B3EF5E6-9A2C-0A1B-C61C-B1FD444B84BC} [MD5.C50523A34AA3FC446308334E404997B6] - [20/07/2023 12:18:45] - |A| - [20480] - C:\Windows\Installer\SourceHash{5247E16E-BCF8-95AB-1653-B3F8FBF8B3F1} [MD5.71BADB9A6DC5FC4D084925D82AC5AAA6] - [19/07/2023 16:07:52] - |A| - [20480] - C:\Windows\Installer\SourceHash{54D05374-2428-7BE0-58CD-CE8031163DE6} [MD5.1411074ABBAC773A1D15146131C2FAE3] - [20/07/2023 12:18:59] - |A| - [20480] - C:\Windows\Installer\SourceHash{56AD3004-0B49-967F-F682-B05650B61A78} [MD5.93F75947DAA566DD3605D24677C1DBBA] - [20/07/2023 21:56:56] - |A| - [20480] - C:\Windows\Installer\SourceHash{59B4D4B8-E6E3-4E8B-9711-420E989675F5} [MD5.F19838F6358E6B96B92F5A77D8792A72] - [19/07/2023 16:07:54] - |A| - [20480] - C:\Windows\Installer\SourceHash{5C6AFE98-08BF-086A-300D-18F77D284966} [MD5.0935FFDB17E47C2402B3602FDCB3F7F8] - [19/07/2023 16:07:44] - |A| - [20480] - C:\Windows\Installer\SourceHash{5C757800-27E8-2AE3-889A-8B959AE689F8} [MD5.F26B66C3ACFBA545E69A4EBCC212D607] - [19/07/2023 16:08:13] - |A| - [20480] - C:\Windows\Installer\SourceHash{5D2B5E19-C333-4519-3D32-AAB8EEE9ACA4} [MD5.C167F77DE761CC9E0FF7DE38CDB48D93] - [19/07/2023 16:07:39] - |A| - [20480] - C:\Windows\Installer\SourceHash{5D3EC645-B957-36A1-068A-FE8450963669} [MD5.881A43541AC13054B83A456D4511E6DC] - [20/07/2023 15:21:10] - |A| - [20480] - C:\Windows\Installer\SourceHash{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} [MD5.EFA71F4E8FFE39D98CB78C471B451850] - [19/07/2023 16:07:48] - |A| - [20480] - C:\Windows\Installer\SourceHash{61B90A4D-8CC9-2FED-2495-AC8C9467C984} [MD5.E7D468AD9820D6A146A512DDF5824C15] - [20/07/2023 12:21:43] - |A| - [20480] - C:\Windows\Installer\SourceHash{64F3FB9A-9250-B2D6-00B4-50BE0358AEE8} [MD5.4329B3BC079E4817BB1527A0E8222775] - [20/07/2023 12:26:38] - |A| - [20480] - C:\Windows\Installer\SourceHash{77F3D72C-465F-BD51-890E-CC3914B1365F} [MD5.2A52EE3825E02DCF40F6D044CF7EE65D] - [21/07/2023 10:50:45] - |A| - [20480] - C:\Windows\Installer\SourceHash{790EC520-CCCC-4810-A0FE-061633204CE4} [MD5.FFD53C2B3483DCE30F7F9F43A9DD2E69] - [19/07/2023 16:07:41] - |A| - [20480] - C:\Windows\Installer\SourceHash{7C5B13DA-6A68-86C7-ED29-610CA0F49555} [MD5.4192BBB7A240ED8A1C3D07F2A6AA7851] - [19/07/2023 16:07:27] - |A| - [20480] - C:\Windows\Installer\SourceHash{80680785-2EE1-053F-9CD3-4B2C904596EE} [MD5.D44D529BEDCA678A7743E9ED9D1270FA] - [20/07/2023 12:22:15] - |A| - [20480] - C:\Windows\Installer\SourceHash{9274C832-3D8A-A294-FDE8-8B9272357098} [MD5.D41A0C7DA99196040F6677A7A9A72FCC] - [20/07/2023 15:12:45] - |A| - [20480] - C:\Windows\Installer\SourceHash{929FBD26-9020-399B-9A7A-751D61F0B942} [MD5.9EF6EE21D0A40371EDA835494E8CC488] - [19/07/2023 16:07:46] - |A| - [20480] - C:\Windows\Installer\SourceHash{95B8F519-8C35-9010-A63C-51B3E0EE8D4E} [MD5.EB42D319A0D78D62332B4516B2A88CD7] - [20/07/2023 12:19:33] - |A| - [20480] - C:\Windows\Installer\SourceHash{96F4525A-470D-F15C-796E-58D9988C3E5F} [MD5.EDDFD95481F765A23269DE6039C1EF60] - [20/07/2023 11:53:20] - |A| - [20480] - C:\Windows\Installer\SourceHash{984022F2-9BCA-A41D-6A38-1AE658F01415} [MD5.30C9F295BBA2FDA8873B710399EA0301] - [20/07/2023 15:21:54] - |A| - [20480] - C:\Windows\Installer\SourceHash{9BE518E6-ECC6-35A9-88E4-87755C07200F} [MD5.0DC18AD897C767BA8FF36E6A14BDB405] - [20/07/2023 12:18:35] - |A| - [20480] - C:\Windows\Installer\SourceHash{A1CB8286-CFB3-A985-D799-721A0F2A27F3} [MD5.A29AE7EF5EC577C2FB0BAE8292D005B1] - [19/07/2023 16:07:40] - |A| - [20480] - C:\Windows\Installer\SourceHash{A3806AB7-AB46-7672-A825-F9AE0DE6910A} [MD5.C60F6C3D603F5C5CF533B1DC50CF7C88] - [20/07/2023 15:12:37] - |A| - [20480] - C:\Windows\Installer\SourceHash{A749D8E6-B613-3BE3-8F5F-045C84EBA29B} [MD5.85F990016876B1396BFB2064318169E9] - [19/07/2023 16:07:36] - |A| - [20480] - C:\Windows\Installer\SourceHash{B079957C-3276-4B9F-DB08-D1CA8C090D9E} [MD5.EE09B5574DB6B69097F75F6AB5999B1F] - [19/07/2023 16:07:31] - |A| - [20480] - C:\Windows\Installer\SourceHash{B12BE177-DC00-5746-3AB9-91CD090AF555} [MD5.A3F12B9DF158327CC5938BF14E5ADA86] - [22/07/2023 14:35:29] - |A| - [20480] - C:\Windows\Installer\SourceHash{B175520C-86A2-35A7-8619-86DC379688B9} [MD5.4B3EB040E8F4A04A5BEC679B134A9575] - [20/07/2023 12:30:34] - |A| - [20480] - C:\Windows\Installer\SourceHash{B74E65FD-CC47-41C5-4B89-791A3F61942D} [MD5.5220D6E7EBC3B0ED1BF879FC79966D11] - [20/07/2023 14:49:58] - |A| - [20480] - C:\Windows\Installer\SourceHash{B8BF99B6-750E-45C5-A07D-AF394E5B6139} [MD5.E0E005E6FC1C5C485C9517AE560E3805] - [20/07/2023 14:18:45] - |A| - [20480] - C:\Windows\Installer\SourceHash{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1} [MD5.42C4DE4B4D57027AE6C44DE718C9CA6A] - [22/07/2023 14:33:28] - |A| - [20480] - C:\Windows\Installer\SourceHash{BD95A8CD-1D9F-35AD-981A-3E7925026EBB} [MD5.997A5D96874CF1A1A30D56BBEBDAEF75] - [19/07/2023 16:07:59] - |A| - [20480] - C:\Windows\Installer\SourceHash{BF5509A0-250A-25EA-0C19-61505E9EBA13} [MD5.7D69644DC7E26DAC3A54A46376EC618A] - [20/07/2023 12:20:21] - |A| - [20480] - C:\Windows\Installer\SourceHash{BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB} [MD5.E0EBD976EB135A3CAE9158253DED8DAB] - [19/07/2023 16:07:56] - |A| - [20480] - C:\Windows\Installer\SourceHash{C4EE2BA3-EEA5-9650-86E0-0405ECA5C22C} [MD5.806905EA0B6A75C8DB9DE0B48B5EDD35] - [19/07/2023 16:07:35] - |A| - [20480] - C:\Windows\Installer\SourceHash{C69EA753-0D3F-E48B-8C98-7F6310DC29B8} [MD5.DF0D9B04019C6AA0E94AEE3A86036F63] - [22/07/2023 14:38:02] - |A| - [20480] - C:\Windows\Installer\SourceHash{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97} [MD5.528667EECA0D7EE637FB039D412B4861] - [20/07/2023 12:38:11] - |A| - [20480] - C:\Windows\Installer\SourceHash{CF3A1CA6-5E5E-B4BD-6CF1-363056816CA2} [MD5.DE5E4C76258FDAD77DAF5DB7B8B29161] - [20/07/2023 12:29:40] - |A| - [20480] - C:\Windows\Installer\SourceHash{D1D37853-0004-3E36-A7AA-74F4EEA35F64} [MD5.B1953D8B95281344154445C4DE45A3EF] - [20/07/2023 15:13:06] - |A| - [20480] - C:\Windows\Installer\SourceHash{D5D19E2F-7189-42FE-8103-92CD1FA457C2} [MD5.FDAD76DE13525A535A640945768195A0] - [19/07/2023 16:08:05] - |A| - [20480] - C:\Windows\Installer\SourceHash{E7ACB435-E0B4-4770-77DE-ED38887CD133} [MD5.8492281CE65B04F25732766221DF322F] - [19/07/2023 16:07:45] - |A| - [20480] - C:\Windows\Installer\SourceHash{EB766D4A-C56C-946D-F74D-43C78FE4521E} [MD5.623D55D16EEC996BC969B4AC8E9289C4] - [19/07/2023 16:07:50] - |A| - [20480] - C:\Windows\Installer\SourceHash{ED0D7699-1943-0C29-7465-6530F8DE2DA2} [MD5.A311A9447B8CFD5F2D1B730AC226569E] - [19/07/2023 16:07:33] - |A| - [20480] - C:\Windows\Installer\SourceHash{EDA5BB56-AAF4-6889-AD8E-E25A17BD140B} [MD5.19D7B02E3BCDE457F649E25E960A2CD0] - [20/07/2023 14:35:40] - |A| - [20480] - C:\Windows\Installer\SourceHash{EE38015E-CE4F-4551-8132-71677961B8AD} [MD5.31E88504D08659676CB4FB6ED49BA4C5] - [19/07/2023 16:07:34] - |A| - [20480] - C:\Windows\Installer\SourceHash{EEF14371-2D24-5A2D-0EF2-22010DB4CFA6} [MD5.BF595DD93A9F0987D61C4D9BDA471BF5] - [20/07/2023 20:57:53] - |A| - [20480] - C:\Windows\Installer\SourceHash{F07C0CF2-6021-403A-99CA-1164340B09FB} [MD5.AEA73129970B32C0C03562AA531BBFAD] - [20/07/2023 12:31:16] - |A| - [20480] - C:\Windows\Installer\SourceHash{F395FD4F-40E5-7B56-2BCB-B3CF52B3B52C} [MD5.157D95CE07BD734D8C4F168F170CA113] - [19/07/2023 16:07:51] - |A| - [20480] - C:\Windows\Installer\SourceHash{FDD69799-37B2-9ACE-F70C-ABD1F96FD04C} [MD5.BF7786D2D7B45760A03262E455CB1848] - [19/07/2023 16:07:37] - |A| - [20480] - C:\Windows\Installer\SourceHash{FDF2FE33-426D-45C2-4E70-76C162F1B790} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:59] - |D| - [88102] - C:\Windows\Installer\{070232F8-068B-1FF6-B5C4-F8F38E09C7E1} [MD5.00000000000000000000000000000000] - [20/07/2023 21:40:42] - |D| - [372526] - C:\Windows\Installer\{0EF28CD3-9372-475F-ADAC-3286280CBC3A} [MD5.00000000000000000000000000000000] - [19/07/2023 16:08:01] - |D| - [88102] - C:\Windows\Installer\{104DE091-6C4F-C5A9-F619-5D6C965A0296} [MD5.00000000000000000000000000000000] - [20/07/2023 15:28:47] - |D| - [32813] - C:\Windows\Installer\{18661EC5-2942-4C88-BCC1-A8A0DE135DA8} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:30] - |D| - [10134] - C:\Windows\Installer\{25A3B953-1423-3F15-640E-B620DD0F419A} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:42] - |D| - [88102] - C:\Windows\Installer\{285C9F30-3BF8-697B-BD1D-353435E94B78} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:43] - |D| - [88102] - C:\Windows\Installer\{29967A7C-6E18-91CD-BBE4-9C09F401E950} [MD5.00000000000000000000000000000000] - [20/07/2023 19:07:15] - |D| - [9262] - C:\Windows\Installer\{2A4553B2-B56E-1014-AED5-97CC8B569609} [MD5.00000000000000000000000000000000] - [20/07/2023 14:19:36] - |D| - [92809] - C:\Windows\Installer\{3002F564-4BC6-496A-9EB1-6656F0ADD0F5} [MD5.00000000000000000000000000000000] - [20/07/2023 14:28:41] - |D| - [356352] - C:\Windows\Installer\{30589E5B-46DD-446F-B3DA-5D9F5AE5CC3E} [MD5.00000000000000000000000000000000] - [20/07/2023 19:18:50] - |D| - [121276] - C:\Windows\Installer\{337435D9-A24E-4655-90A6-4DD51FFFBB59} [MD5.00000000000000000000000000000000] - [20/07/2023 21:00:14] - |D| - [315156] - C:\Windows\Installer\{3B52584E-B01A-456B-A6D9-A2135F8B1E98} [MD5.00000000000000000000000000000000] - [19/07/2023 16:08:04] - |D| - [88102] - C:\Windows\Installer\{4B3EF5E6-9A2C-0A1B-C61C-B1FD444B84BC} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:53] - |D| - [88102] - C:\Windows\Installer\{54D05374-2428-7BE0-58CD-CE8031163DE6} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:55] - |D| - [88102] - C:\Windows\Installer\{5C6AFE98-08BF-086A-300D-18F77D284966} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:45] - |D| - [88102] - C:\Windows\Installer\{5C757800-27E8-2AE3-889A-8B959AE689F8} [MD5.00000000000000000000000000000000] - [19/07/2023 16:08:38] - |D| - [88102] - C:\Windows\Installer\{5D2B5E19-C333-4519-3D32-AAB8EEE9ACA4} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:39] - |D| - [88102] - C:\Windows\Installer\{5D3EC645-B957-36A1-068A-FE8450963669} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:48] - |D| - [88102] - C:\Windows\Installer\{61B90A4D-8CC9-2FED-2495-AC8C9467C984} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:41] - |D| - [88102] - C:\Windows\Installer\{7C5B13DA-6A68-86C7-ED29-610CA0F49555} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:28] - |D| - [88102] - C:\Windows\Installer\{80680785-2EE1-053F-9CD3-4B2C904596EE} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:47] - |D| - [88102] - C:\Windows\Installer\{95B8F519-8C35-9010-A63C-51B3E0EE8D4E} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:40] - |D| - [88102] - C:\Windows\Installer\{A3806AB7-AB46-7672-A825-F9AE0DE6910A} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:37] - |D| - [88102] - C:\Windows\Installer\{B079957C-3276-4B9F-DB08-D1CA8C090D9E} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:32] - |D| - [88102] - C:\Windows\Installer\{B12BE177-DC00-5746-3AB9-91CD090AF555} [MD5.00000000000000000000000000000000] - [20/07/2023 15:05:38] - |D| - [195843] - C:\Windows\Installer\{B8BF99B6-750E-45C5-A07D-AF394E5B6139} [MD5.00000000000000000000000000000000] - [20/07/2023 14:19:07] - |D| - [92809] - C:\Windows\Installer\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1} [MD5.00000000000000000000000000000000] - [19/07/2023 16:08:00] - |D| - [88102] - C:\Windows\Installer\{BF5509A0-250A-25EA-0C19-61505E9EBA13} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:56] - |D| - [88102] - C:\Windows\Installer\{C4EE2BA3-EEA5-9650-86E0-0405ECA5C22C} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:36] - |D| - [88102] - C:\Windows\Installer\{C69EA753-0D3F-E48B-8C98-7F6310DC29B8} [MD5.00000000000000000000000000000000] - [19/07/2023 16:08:08] - |D| - [4846] - C:\Windows\Installer\{E7ACB435-E0B4-4770-77DE-ED38887CD133} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:46] - |D| - [88102] - C:\Windows\Installer\{EB766D4A-C56C-946D-F74D-43C78FE4521E} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:50] - |D| - [88102] - C:\Windows\Installer\{ED0D7699-1943-0C29-7465-6530F8DE2DA2} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:34] - |D| - [88102] - C:\Windows\Installer\{EDA5BB56-AAF4-6889-AD8E-E25A17BD140B} [MD5.00000000000000000000000000000000] - [20/07/2023 14:36:20] - |D| - [370070] - C:\Windows\Installer\{EE38015E-CE4F-4551-8132-71677961B8AD} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:35] - |D| - [88102] - C:\Windows\Installer\{EEF14371-2D24-5A2D-0EF2-22010DB4CFA6} [MD5.00000000000000000000000000000000] - [20/07/2023 20:58:03] - |D| - [68988] - C:\Windows\Installer\{F07C0CF2-6021-403A-99CA-1164340B09FB} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:51] - |D| - [88102] - C:\Windows\Installer\{FDD69799-37B2-9ACE-F70C-ABD1F96FD04C} [MD5.00000000000000000000000000000000] - [19/07/2023 16:07:38] - |D| - [88102] - C:\Windows\Installer\{FDF2FE33-426D-45C2-4E70-76C162F1B790} [MD5.ED14B64C94F543974B7FDC592FA0594B] - [20/07/2023 14:47:17] - |A| - [12640] - C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll [MD5.1908861649E67CDC20C563C234A89914] - [20/07/2023 14:47:16] - |A| - [15712] - C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll [MD5.AF851DFD0D9FECB76FF2B403F3C30F5B] - [20/07/2023 14:47:16] - |A| - [12128] - C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll [MD5.0F143310FADE4DE116070A3917A79C18] - [20/07/2023 14:47:18] - |A| - [13664] - C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll [MD5.F97E7878A2B372291B1269D80327BBF6] - [20/07/2023 14:47:18] - |A| - [12640] - C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll [MD5.761DDD8669A661D57D9CF9C335949C06] - [20/07/2023 14:47:17] - |A| - [12128] - C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll [MD5.56556659C691DD043DBE24B0A195D64C] - [20/07/2023 14:47:17] - |A| - [20832] - C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll [MD5.E9F6D776545843A9817D8ACF38D06D09] - [20/07/2023 14:47:17] - |A| - [19808] - C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll [MD5.653CB5DF3CEC6A4A0E402B33D8AA5C08] - [20/07/2023 14:47:15] - |A| - [63840] - C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll [MD5.6631C212F79350458589A5281374B38B] - [20/07/2023 14:47:16] - |A| - [12640] - C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll [MD5.BBAE7B5436D6D1B0FC967FF67E35415F] - [20/07/2023 14:47:15] - |A| - [16224] - C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll [MD5.53E9526AF1FDCE39F799BFE9217397A8] - [20/07/2023 14:47:16] - |A| - [17760] - C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll [MD5.ECCF5973B80D771A79643732017CEA9A] - [20/07/2023 14:47:17] - |A| - [17760] - C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll [MD5.090DD0BB2BDDEE3EAAE5B6FF15FAE209] - [20/07/2023 14:47:18] - |A| - [14176] - C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll [MD5.CC337898E64D9078CB697AC19F995C7F] - [20/07/2023 14:47:16] - |A| - [12128] - C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll [MD5.CDF578649B4F58A1D6F25F4A544587C9] - [20/07/2023 17:09:27] - |A| - [313240] - C:\Windows\system32\aswBoot.exe [MD5.F61F21FEECD660939F51765F31AC7A68] - [20/07/2023 19:14:05] - |A| - [93008] - C:\Windows\system32\cpwmon64_v40.dll [MD5.3EBF620536A13CA343E52ECA4F0DE7F8] - [22/07/2023 14:52:05] - |A| - [1400176] - C:\Windows\system32\D3DCompiler_33.dll [MD5.9D9407F52B8E24E99358D9944B0D5FA3] - [22/07/2023 14:52:27] - |A| - [1401200] - C:\Windows\system32\D3DCompiler_34.dll [MD5.B21427EDF0449E92000FF497DAAF89C9] - [22/07/2023 14:52:43] - |A| - [1985904] - C:\Windows\system32\D3DCompiler_35.dll [MD5.7299DF5CF81135934740211D9A946737] - [22/07/2023 14:52:59] - |A| - [2006552] - C:\Windows\system32\D3DCompiler_36.dll [MD5.31026CEA5AFA2798292179102C06FE40] - [22/07/2023 14:53:44] - |A| - [1860120] - C:\Windows\system32\D3DCompiler_37.dll [MD5.A7E59BB6FAC119FABB83F18BD72AA1D7] - [22/07/2023 14:54:40] - |A| - [1941528] - C:\Windows\system32\D3DCompiler_38.dll [MD5.7741A0A6CED6C441B97D625B730D6075] - [22/07/2023 14:55:35] - |A| - [1942552] - C:\Windows\system32\D3DCompiler_39.dll [MD5.37309B833480DC69FDE7DB68F9B8BC20] - [22/07/2023 14:56:37] - |A| - [2605920] - C:\Windows\system32\D3DCompiler_40.dll [MD5.A59A5BADE4AF200C720D99EAE6E04E0E] - [22/07/2023 14:59:15] - |A| - [2430312] - C:\Windows\system32\D3DCompiler_41.dll [MD5.E92D2E4AFA43CD39A8C1C2C2DB59667E] - [22/07/2023 14:59:53] - |A| - [2582888] - C:\Windows\system32\D3DCompiler_42.dll [MD5.ADA0C39D4EACDC81FD84163A95D62079] - [22/07/2023 15:01:36] - |A| - [2526056] - C:\Windows\system32\D3DCompiler_43.dll [MD5.F13B90F5090EBA9041558BC6AAED79B8] - [22/07/2023 14:59:44] - |A| - [5554512] - C:\Windows\system32\d3dcsx_42.dll [MD5.5F1DA86286A2DFB01C4FED55C2DD1D61] - [22/07/2023 15:01:25] - |A| - [1907552] - C:\Windows\system32\d3dcsx_43.dll [MD5.8251826F04BA0822D08AD9B92C65A3D5] - [22/07/2023 14:51:23] - |A| - [469264] - C:\Windows\system32\d3dx10.dll [MD5.839C3921005BB41D441E3752C74F2292] - [22/07/2023 14:52:05] - |A| - [506728] - C:\Windows\system32\d3dx10_33.dll [MD5.1ED4E7A82BD5C7DEED082F00E63BB7A0] - [22/07/2023 14:52:27] - |A| - [506728] - C:\Windows\system32\d3dx10_34.dll [MD5.84116AA94672D623B95217648AE5B5B9] - [22/07/2023 14:52:43] - |A| - [508264] - C:\Windows\system32\d3dx10_35.dll [MD5.570FDAE7041775DE0C67747BB7081939] - [22/07/2023 14:52:59] - |A| - [508264] - C:\Windows\system32\d3dx10_36.dll [MD5.A8C5688BBA00C1630550F26260AB5CAE] - [22/07/2023 14:53:44] - |A| - [529424] - C:\Windows\system32\d3dx10_37.dll [MD5.72CB653CECF4EA670E7F5A8D74358423] - [22/07/2023 14:54:40] - |A| - [540688] - C:\Windows\system32\d3dx10_38.dll [MD5.EAA692FDC990ED0407DF957316DA33C2] - [22/07/2023 14:55:35] - |A| - [540688] - C:\Windows\system32\d3dx10_39.dll [MD5.862586AD4B1355F7DCDE111EE0AAF350] - [22/07/2023 14:56:37] - |A| - [519000] - C:\Windows\system32\d3dx10_40.dll [MD5.E730967811E3702499446FFC8A432607] - [22/07/2023 14:59:15] - |A| - [520544] - C:\Windows\system32\d3dx10_41.dll [MD5.B739C423276AE62D7AC91773226EC13B] - [22/07/2023 14:59:31] - |A| - [523088] - C:\Windows\system32\d3dx10_42.dll [MD5.AD7FA9485059F4DC53C98B49CAB13F0B] - [22/07/2023 15:01:10] - |A| - [511328] - C:\Windows\system32\d3dx10_43.dll [MD5.522749761B6CC69F8630F4B472DCA623] - [22/07/2023 14:59:37] - |A| - [285024] - C:\Windows\system32\d3dx11_42.dll [MD5.9D6429F410597750B2DC2579B2347303] - [22/07/2023 15:01:17] - |A| - [276832] - C:\Windows\system32\d3dx11_43.dll [MD5.B165DF72E13E6AF74D47013504319921] - [22/07/2023 14:43:40] - |A| - [3544272] - C:\Windows\system32\d3dx9_24.dll [MD5.4C56E7C5B2A61353E534C7D15D05856D] - [22/07/2023 14:44:08] - |A| - [3823312] - C:\Windows\system32\d3dx9_25.dll [MD5.44F5C5E27D6825E4E62420BC29B8B533] - [22/07/2023 14:44:58] - |A| - [3767504] - C:\Windows\system32\d3dx9_26.dll [MD5.914C3237E4D145A18DCD1D0D4C8659E1] - [22/07/2023 14:45:47] - |A| - [3807440] - C:\Windows\system32\d3dx9_27.dll [MD5.88BAC8306D4EC79A82B1FFA17DC8CF4A] - [22/07/2023 14:45:58] - |A| - [3815120] - C:\Windows\system32\d3dx9_28.dll [MD5.68B35CBDB4A8CC424718BBCC894FEEEA] - [22/07/2023 14:46:09] - |A| - [3830992] - C:\Windows\system32\d3dx9_29.dll [MD5.E09A9CF383ACF4A28038561E62277377] - [22/07/2023 14:48:24] - |A| - [3927248] - C:\Windows\system32\d3dx9_30.dll [MD5.FAAA0BB9CD2905B25334132E5BA093EB] - [22/07/2023 14:51:00] - |A| - [3977496] - C:\Windows\system32\d3dx9_31.dll [MD5.A4DDFE5DC4E73D1FED9B1B3A3D885612] - [22/07/2023 14:51:18] - |A| - [4398360] - C:\Windows\system32\d3dx9_32.dll [MD5.3172C3CAC8EA7CA1B5D5AF6699C037D6] - [22/07/2023 14:51:59] - |A| - [4494184] - C:\Windows\system32\d3dx9_33.dll [MD5.AE5D5439525B4A4CBF206058D493685D] - [22/07/2023 14:52:21] - |A| - [4496232] - C:\Windows\system32\d3dx9_34.dll [MD5.1B3AF16A27D390096925576202A64037] - [22/07/2023 14:52:36] - |A| - [5073256] - C:\Windows\system32\d3dx9_35.dll [MD5.BBB6C6833C30E323B41860D6DF61972D] - [22/07/2023 14:52:54] - |A| - [5081608] - C:\Windows\system32\d3dx9_36.dll [MD5.8A10974DC6E1E42BDC635C2C2AFBD2CC] - [22/07/2023 14:53:34] - |A| - [4910088] - C:\Windows\system32\D3DX9_37.dll [MD5.E5EC2AB7156A752F9614CDA4BE66EFE8] - [22/07/2023 14:54:23] - |A| - [4991496] - C:\Windows\system32\D3DX9_38.dll [MD5.7505C133FC704B40CFDDFD38777BAAC3] - [22/07/2023 14:55:27] - |A| - [4992520] - C:\Windows\system32\D3DX9_39.dll [MD5.29A79F0B607FAF5722D7BAF2485F632A] - [22/07/2023 14:56:26] - |A| - [5631312] - C:\Windows\system32\D3DX9_40.dll [MD5.ECDDB13BC805B9F3EF3A855E6FD85C69] - [22/07/2023 14:59:06] - |A| - [5425496] - C:\Windows\system32\D3DX9_41.dll [MD5.1AF7AE1FDE027A30B9097280819A0A86] - [22/07/2023 14:59:23] - |A| - [2475352] - C:\Windows\system32\D3DX9_42.dll [MD5.7160FC226391C0B50C85571FA1A546E5] - [22/07/2023 15:01:04] - |A| - [2401112] - C:\Windows\system32\D3DX9_43.dll [MD5.C038C7A5F9320242300BD7C435DC0DCD] - [20/07/2023 16:40:11] - |A| - [1098080] - C:\Windows\system32\pmls64.dll [MD5.53C46E0F44430C446090993E828CD2CA] - [20/07/2023 21:40:51] - |A| - [983688] - C:\Windows\system32\pxcpmL.dll [MD5.2381E189321EAD521FF71E72D08A6B17] - [20/07/2023 14:47:15] - |A| - [984448] - C:\Windows\system32\ucrtbase.dll [MD5.F77D5AB654881E683CFF6650916C424E] - [22/07/2023 14:47:06] - |A| - [16592] - C:\Windows\system32\x3daudio1_0.dll [MD5.489E5B8BB1BD1028FF1C798EAAEC65E4] - [22/07/2023 14:51:07] - |A| - [17688] - C:\Windows\system32\x3daudio1_1.dll [MD5.BC78D5328541410510DDE06B9FA92024] - [22/07/2023 14:52:30] - |A| - [21000] - C:\Windows\system32\X3DAudio1_2.dll [MD5.C4C2ED69B18EE1C60026877FCC470FA7] - [22/07/2023 14:53:52] - |A| - [28168] - C:\Windows\system32\X3DAudio1_3.dll [MD5.DE6004D16DBACD781ED4596C4FEA7D14] - [22/07/2023 14:54:58] - |A| - [28168] - C:\Windows\system32\X3DAudio1_4.dll [MD5.CFF1C1F7B9F855DDEE431D7B5DCACDF8] - [22/07/2023 14:56:01] - |A| - [25936] - C:\Windows\system32\X3DAudio1_5.dll [MD5.EEE871CC4F5563FF8B3C8385B32B0C5F] - [22/07/2023 14:56:51] - |A| - [24920] - C:\Windows\system32\X3DAudio1_6.dll [MD5.B4FF2A39685C1A6D43F0E56EB350AF3A] - [22/07/2023 15:00:25] - |A| - [24920] - C:\Windows\system32\X3DAudio1_7.dll [MD5.CE5753F9A27837259EB52F3F47F39593] - [22/07/2023 14:47:06] - |A| - [355536] - C:\Windows\system32\xactengine2_0.dll [MD5.0CC809422AB40974DFF8078392E4D507] - [22/07/2023 14:48:36] - |A| - [352464] - C:\Windows\system32\xactengine2_1.dll [MD5.E8932AF24786765859558CB79E385AC2] - [22/07/2023 14:53:05] - |A| - [411656] - C:\Windows\system32\xactengine2_10.dll [MD5.DC5A914C34EB12056531777D4DD0F44E] - [22/07/2023 14:50:45] - |A| - [354072] - C:\Windows\system32\xactengine2_2.dll [MD5.0396D2A98B0CCD4419B572EBF618E81E] - [22/07/2023 14:50:56] - |A| - [363288] - C:\Windows\system32\xactengine2_3.dll [MD5.58BB51253427A834A8807B9245CC5965] - [22/07/2023 14:51:07] - |A| - [364824] - C:\Windows\system32\xactengine2_4.dll [MD5.398FF46FF7354FED2F0F1AECDB546866] - [22/07/2023 14:51:27] - |A| - [390424] - C:\Windows\system32\xactengine2_5.dll [MD5.4837A54574A6105D404A8560984B93DD] - [22/07/2023 14:51:34] - |A| - [393576] - C:\Windows\system32\xactengine2_6.dll [MD5.8C970509E0AE10061E3ED6D51E34FEB9] - [22/07/2023 14:52:10] - |A| - [403304] - C:\Windows\system32\xactengine2_7.dll [MD5.FA485E76F94B7457767E372F47757733] - [22/07/2023 14:52:30] - |A| - [409960] - C:\Windows\system32\xactengine2_8.dll [MD5.A69C32C2BD01522A088D254342826866] - [22/07/2023 14:52:47] - |A| - [411496] - C:\Windows\system32\xactengine2_9.dll [MD5.A8B5370B7B61D3777D840DA1C64A1C2D] - [22/07/2023 14:53:58] - |A| - [177672] - C:\Windows\system32\xactengine3_0.dll [MD5.A2A098BF5A8C255A0090818AD8E87B0F] - [22/07/2023 14:55:09] - |A| - [177672] - C:\Windows\system32\xactengine3_1.dll [MD5.CC8399A9E51B2AF1C2C20A26D85EB60E] - [22/07/2023 14:55:44] - |A| - [177672] - C:\Windows\system32\xactengine3_2.dll [MD5.84B41FD03CAFC5048346B3B2AB92D199] - [22/07/2023 14:56:06] - |A| - [175440] - C:\Windows\system32\xactengine3_3.dll [MD5.1BA01062450BD1F052C54C01C12248F6] - [22/07/2023 14:56:59] - |A| - [174936] - C:\Windows\system32\xactengine3_4.dll [MD5.51D65BE2F794B944CADAF287B34EF603] - [22/07/2023 14:59:59] - |A| - [176968] - C:\Windows\system32\xactengine3_5.dll [MD5.936DCC640B2991905D909395E03B64F9] - [22/07/2023 15:00:33] - |A| - [176984] - C:\Windows\system32\xactengine3_6.dll [MD5.BDEC09A032DB44D9CDB3A0D97224D64E] - [22/07/2023 15:02:12] - |A| - [176984] - C:\Windows\system32\xactengine3_7.dll [MD5.0E92D8C0ECA74B6D0A55ABAD53226113] - [22/07/2023 14:55:18] - |A| - [68104] - C:\Windows\system32\XAPOFX1_0.dll [MD5.0F2DB378FBE2D124E4D3631B329688AE] - [22/07/2023 14:55:51] - |A| - [72200] - C:\Windows\system32\XAPOFX1_1.dll [MD5.2F8F9B707FED2405A787380230CC6FA9] - [22/07/2023 14:56:15] - |A| - [74576] - C:\Windows\system32\XAPOFX1_2.dll [MD5.37B348A79C4C9B8AB925B18FFD241E96] - [22/07/2023 14:58:51] - |A| - [73544] - C:\Windows\system32\XAPOFX1_3.dll [MD5.A9724EB3D6CC032D0C4ECAFF4AD8C17F] - [22/07/2023 15:00:44] - |A| - [78680] - C:\Windows\system32\XAPOFX1_4.dll [MD5.E9739AE8B2FA28DCD6F2EF5525DA8827] - [22/07/2023 15:05:07] - |A| - [77656] - C:\Windows\system32\XAPOFX1_5.dll [MD5.29AF48F6C894328A58DEFDC560A70CF3] - [22/07/2023 14:54:04] - |A| - [489480] - C:\Windows\system32\XAudio2_0.dll [MD5.E9C0F926D7C9082A805F4FEF81DEEB30] - [22/07/2023 14:55:18] - |A| - [511496] - C:\Windows\system32\XAudio2_1.dll [MD5.E335DF094836EE7030F1B9CE7429E884] - [22/07/2023 14:55:51] - |A| - [513544] - C:\Windows\system32\XAudio2_2.dll [MD5.758139A39AECC1B512576275A27C1177] - [22/07/2023 14:56:14] - |A| - [518480] - C:\Windows\system32\XAudio2_3.dll [MD5.B94F08069EFE2F8151DEF350E526E063] - [22/07/2023 14:58:51] - |A| - [521560] - C:\Windows\system32\XAudio2_4.dll [MD5.C291AEFD47A587FF5F509E2F96613F7D] - [22/07/2023 15:00:08] - |A| - [517960] - C:\Windows\system32\XAudio2_5.dll [MD5.05E88C8D8E652DFF03B469331F474CCE] - [22/07/2023 15:00:44] - |A| - [530776] - C:\Windows\system32\XAudio2_6.dll [MD5.4F7513FF4DE6303088DB28DCBCEF372C] - [22/07/2023 15:05:07] - |A| - [518488] - C:\Windows\system32\XAudio2_7.dll [MD5.6F9D3289D8B166E478AFFF9EFA92C42C] - [22/07/2023 14:49:29] - |A| - [83664] - C:\Windows\system32\xinput1_1.dll [MD5.06F15D3CB1AE0EAFA50F595B3FF8D9F5] - [22/07/2023 14:50:51] - |A| - [83736] - C:\Windows\system32\xinput1_2.dll [MD5.BFB3091B167550EC6E6454813D3DB244] - [22/07/2023 14:52:17] - |A| - [107368] - C:\Windows\system32\xinput1_3.dll [MD5.FBBD9DCBB259501CE24ED9DDAFF567F1] - [20/07/2023 17:09:19] - |A| - [31368] - C:\Windows\system32\Drivers\aswArDisk.sys [MD5.B792527F57C18139406AF6615918F41D] - [20/07/2023 17:09:19] - |A| - [237424] - C:\Windows\system32\Drivers\aswArPot.sys [MD5.F02D1F9A7860F77DBCA20D9AA22027B7] - [20/07/2023 17:09:18] - |A| - [392832] - C:\Windows\system32\Drivers\aswbidsdriver.sys [MD5.B7D45401B0D34CDFE3B5001CBDB86B85] - [20/07/2023 17:09:19] - |A| - [297832] - C:\Windows\system32\Drivers\aswbidsh.sys [MD5.85EBD39638CDD6B593B2B9D51D5C581E] - [20/07/2023 17:09:19] - |A| - [95960] - C:\Windows\system32\Drivers\aswbuniv.sys [MD5.05D8C03838EB429F544E3E98754BC954] - [20/07/2023 17:09:19] - |A| - [39600] - C:\Windows\system32\Drivers\aswKbd.sys [MD5.B75A5484585D022FDC411D7017B5B04B] - [20/07/2023 17:09:19] - |A| - [272016] - C:\Windows\system32\Drivers\aswMonFlt.sys [MD5.0039C1B729FDE7903C14C04C7C9622B1] - [20/07/2023 17:09:19] - |A| - [556576] - C:\Windows\system32\Drivers\aswNetHub.sys [MD5.47373472E82D333F8DCFDEBEBAAB11F8] - [20/07/2023 17:09:19] - |A| - [105248] - C:\Windows\system32\Drivers\aswRdr2.sys [MD5.322CE0E1EB112C477350B8C2315EBBA1] - [20/07/2023 17:09:19] - |A| - [80416] - C:\Windows\system32\Drivers\aswRvrt.sys [MD5.578A6E6043B0DADA82481ADA1AC91878] - [20/07/2023 17:09:18] - |A| - [943456] - C:\Windows\system32\Drivers\aswSnx.sys [MD5.8B2CA408D9361F43A40494D2F040BC06] - [20/07/2023 17:09:19] - |A| - [704264] - C:\Windows\system32\Drivers\aswSP.sys [MD5.E8266F2E5D3F275A2F7FB5AC2B797668] - [20/07/2023 17:09:19] - |A| - [212632] - C:\Windows\system32\Drivers\aswStm.sys [MD5.AA6F7AC3E0C513B7F07C3DD8C047A353] - [20/07/2023 17:09:20] - |A| - [319512] - C:\Windows\system32\Drivers\aswVmm.sys [MD5.7E8D2DD117579F79F574F8F410364F42] - [20/07/2023 16:54:16] - |A| - [367096] - C:\Windows\system32\Drivers\bddci.sys [MD5.D41D8CD98F00B204E9800998ECF8427E] - [21/07/2023 11:15:12] - |AH| - [0] - C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/07/2023 14:44:42] - |AH| - [0] - C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/07/2023 15:32:14] - |AH| - [0] - C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf [MD5.00000000000000000000000000000000] - [21/07/2023 11:30:24] - |D| - [11744151] - C:\Windows\system32\Drivers\NGCx64 [MD5.4E82C3987B6C8F6DDC660FC611511CA7] - [21/07/2023 11:46:14] - |A| - [10364] - C:\Windows\system32\Drivers\SYMEVENT64x86.CAT [MD5.8C44B7132212E8CBE3A01A676D07984C] - [21/07/2023 11:46:14] - |A| - [855] - C:\Windows\system32\Drivers\SYMEVENT64x86.INF [MD5.9B6F1133F3FC40EFBAC5A6422205187D] - [21/07/2023 11:46:14] - |A| - [99920] - C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [MD5.B9C2EB1291BACAF8D979D7DF06D1E4EE] - [23/07/2023 20:06:44] - |A| - [33968] - C:\Windows\syswow64\anim.dll [MD5.8E534F49C77D787DB69BABFF931A497A] - [20/07/2023 14:47:16] - |A| - [12640] - C:\Windows\syswow64\api-ms-win-crt-conio-l1-1-0.dll [MD5.33E8CCBE05123C8146CD16293B688417] - [20/07/2023 14:47:16] - |A| - [15712] - C:\Windows\syswow64\api-ms-win-crt-convert-l1-1-0.dll [MD5.85CEBA9A21CE5D51B35EF2DE9EBFBAC4] - [20/07/2023 14:47:17] - |A| - [12128] - C:\Windows\syswow64\api-ms-win-crt-environment-l1-1-0.dll [MD5.73CED8B30963E54D262DAE2559116E46] - [20/07/2023 14:47:16] - |A| - [13664] - C:\Windows\syswow64\api-ms-win-crt-filesystem-l1-1-0.dll [MD5.4669249FB01EA369C7FD40A530966FA1] - [20/07/2023 14:47:17] - |A| - [12640] - C:\Windows\syswow64\api-ms-win-crt-heap-l1-1-0.dll [MD5.B23936CF83DAC4B64660A88711B5234A] - [20/07/2023 14:47:17] - |A| - [12128] - C:\Windows\syswow64\api-ms-win-crt-locale-l1-1-0.dll [MD5.C1096DA4634AD3356A10C00B24F53393] - [20/07/2023 14:47:17] - |A| - [22368] - C:\Windows\syswow64\api-ms-win-crt-math-l1-1-0.dll [MD5.CBF3CFC9EE1FD29707D95C63A5E7A78B] - [20/07/2023 14:47:17] - |A| - [19808] - C:\Windows\syswow64\api-ms-win-crt-multibyte-l1-1-0.dll [MD5.94FEB4417CF3E39C8C58A1B73620687E] - [20/07/2023 14:47:15] - |A| - [66400] - C:\Windows\syswow64\api-ms-win-crt-private-l1-1-0.dll [MD5.00A0A24BB2E9AADE11494B627EB164C4] - [20/07/2023 14:47:17] - |A| - [12640] - C:\Windows\syswow64\api-ms-win-crt-process-l1-1-0.dll [MD5.408019E57D3D2DA62A9F28389EED0AC1] - [20/07/2023 14:47:15] - |A| - [16224] - C:\Windows\syswow64\api-ms-win-crt-runtime-l1-1-0.dll [MD5.9D66FCC681389EC619D4E801F1DDBB2F] - [20/07/2023 14:47:16] - |A| - [17760] - C:\Windows\syswow64\api-ms-win-crt-stdio-l1-1-0.dll [MD5.6C7F782FDBF9AEFFE7663FA1579A610E] - [20/07/2023 14:47:17] - |A| - [17760] - C:\Windows\syswow64\api-ms-win-crt-string-l1-1-0.dll [MD5.39F9D0F1B698D53D78C79576C7C60526] - [20/07/2023 14:47:16] - |A| - [14176] - C:\Windows\syswow64\api-ms-win-crt-time-l1-1-0.dll [MD5.9F9FE5F52E9B2AD655C896B849883B1A] - [20/07/2023 14:47:16] - |A| - [12128] - C:\Windows\syswow64\api-ms-win-crt-utility-l1-1-0.dll [MD5.422F3E72612C8FD661F7812DF0FC141A] - [19/07/2023 16:08:55] - |A| - [60601] - C:\Windows\syswow64\CCCInstall_202307191608550134.log [MD5.FAE7E1D578C42A7C3D9D61A99D178BD5] - [22/07/2023 14:52:05] - |A| - [1123696] - C:\Windows\syswow64\D3DCompiler_33.dll [MD5.75F206C195BBACA6EF28565B1C0CD75C] - [22/07/2023 14:52:27] - |A| - [1124720] - C:\Windows\syswow64\D3DCompiler_34.dll [MD5.5B441670A4F5F8BCCE76741902B8AF56] - [22/07/2023 14:52:43] - |A| - [1358192] - C:\Windows\syswow64\D3DCompiler_35.dll [MD5.FB4299688A0D3A37687C015AC2B9922D] - [22/07/2023 14:52:59] - |A| - [1374232] - C:\Windows\syswow64\D3DCompiler_36.dll [MD5.EA752DBCE35045D3C830DC16578CC8AB] - [22/07/2023 14:53:44] - |A| - [1420824] - C:\Windows\syswow64\D3DCompiler_37.dll [MD5.103CBFC5591008AD33046E20E8E1EEBE] - [22/07/2023 14:54:40] - |A| - [1491992] - C:\Windows\syswow64\D3DCompiler_38.dll [MD5.C4F1972497FE2CEB7D900938C97FCF91] - [22/07/2023 14:55:35] - |A| - [1493528] - C:\Windows\syswow64\D3DCompiler_39.dll [MD5.3384134EEB8F223178C2EB8323003EC0] - [22/07/2023 14:56:37] - |A| - [2036576] - C:\Windows\syswow64\D3DCompiler_40.dll [MD5.781E8B5B6FDB3C9B4E4A4A9FB019960D] - [22/07/2023 14:59:15] - |A| - [1846632] - C:\Windows\syswow64\D3DCompiler_41.dll [MD5.B33B21DB610116262D906305CE65C354] - [22/07/2023 14:59:53] - |A| - [1974616] - C:\Windows\syswow64\D3DCompiler_42.dll [MD5.1C9B45E87528B8BB8CFA884EA0099A85] - [22/07/2023 15:01:36] - |A| - [2106216] - C:\Windows\syswow64\D3DCompiler_43.dll [MD5.B337306DFB508A1BCEF1974BFBB8D924] - [22/07/2023 14:59:44] - |A| - [5501792] - C:\Windows\syswow64\d3dcsx_42.dll [MD5.83EBA442F07AAB8D6375D2EEC945C46C] - [22/07/2023 15:01:25] - |A| - [1868128] - C:\Windows\syswow64\d3dcsx_43.dll [MD5.6F34F7405807DCBF0B9BF6811C94C6D9] - [22/07/2023 14:51:23] - |A| - [440080] - C:\Windows\syswow64\d3dx10.dll [MD5.37A8171ACCF46A9C196054066C28827F] - [22/07/2023 14:52:05] - |A| - [443752] - C:\Windows\syswow64\d3dx10_33.dll [MD5.5AA9987F2E62B56D7661B6901901F927] - [22/07/2023 14:52:27] - |A| - [443752] - C:\Windows\syswow64\d3dx10_34.dll [MD5.F3764552E45880DC49B82F38699AA87C] - [22/07/2023 14:52:43] - |A| - [444776] - C:\Windows\syswow64\d3dx10_35.dll [MD5.D9158E78A368B08D9133043EB3058C12] - [22/07/2023 14:52:59] - |A| - [444776] - C:\Windows\syswow64\d3dx10_36.dll [MD5.4A43E9A2B17E4CAFA9CB5FEC0B5B686B] - [22/07/2023 14:53:44] - |A| - [462864] - C:\Windows\syswow64\d3dx10_37.dll [MD5.A2650B27472C21CDD817EEEDE65648E1] - [22/07/2023 14:54:40] - |A| - [467984] - C:\Windows\syswow64\d3dx10_38.dll [MD5.E6C2F1D8B667DDC04CB55B9F0159EF97] - [22/07/2023 14:55:35] - |A| - [467984] - C:\Windows\syswow64\d3dx10_39.dll [MD5.91B4AAD4412BB223B466F3DFB43E86DA] - [22/07/2023 14:56:37] - |A| - [452440] - C:\Windows\syswow64\d3dx10_40.dll [MD5.1AA571774936717EE776DBED51E9EDF4] - [22/07/2023 14:59:15] - |A| - [453456] - C:\Windows\syswow64\d3dx10_41.dll [MD5.501AC862517C5445742BEE8A2B88414E] - [22/07/2023 14:59:31] - |A| - [453456] - C:\Windows\syswow64\d3dx10_42.dll [MD5.20C835843FCEC4DEDFCD7BFFA3B91641] - [22/07/2023 15:01:10] - |A| - [470880] - C:\Windows\syswow64\d3dx10_43.dll [MD5.D09AC80A4B5312239852836C84DF3392] - [22/07/2023 14:59:37] - |A| - [235344] - C:\Windows\syswow64\d3dx11_42.dll [MD5.8E0BB968FF41D80E5F2C747C04DB79AE] - [22/07/2023 15:01:17] - |A| - [248672] - C:\Windows\syswow64\d3dx11_43.dll [MD5.BC831661963763AC4D504C5CABB1FDD9] - [22/07/2023 14:43:40] - |A| - [2222800] - C:\Windows\syswow64\d3dx9_24.dll [MD5.5B48FE9D6686F0D54B26A005ACE24D1D] - [22/07/2023 14:44:08] - |A| - [2337488] - C:\Windows\syswow64\d3dx9_25.dll [MD5.523AB607EEF81CC4D909E7FEBD8A788E] - [22/07/2023 14:44:58] - |A| - [2297552] - C:\Windows\syswow64\d3dx9_26.dll [MD5.852EDC778A7A50077694F84D8E601234] - [22/07/2023 14:45:47] - |A| - [2319568] - C:\Windows\syswow64\d3dx9_27.dll [MD5.BE19B603DFBAA829EE5B7749B3BA97DB] - [22/07/2023 14:45:58] - |A| - [2323664] - C:\Windows\syswow64\d3dx9_28.dll [MD5.99F4FC172A5ACE36CF00AA7038D23F2C] - [22/07/2023 14:46:09] - |A| - [2332368] - C:\Windows\syswow64\d3dx9_29.dll [MD5.E415862612E65F10D7D888443ECD7594] - [22/07/2023 14:48:24] - |A| - [2388176] - C:\Windows\syswow64\d3dx9_30.dll [MD5.797E24743937D67D69F28F2CF5052EE8] - [22/07/2023 14:51:00] - |A| - [2414360] - C:\Windows\syswow64\d3dx9_31.dll [MD5.26AF232140C88B42D92A88F2198EDF6A] - [22/07/2023 14:51:18] - |A| - [3426072] - C:\Windows\syswow64\d3dx9_32.dll [MD5.CDB1CD22BAFF21F48606B3C1A18B000B] - [22/07/2023 14:51:59] - |A| - [3495784] - C:\Windows\syswow64\d3dx9_33.dll [MD5.1CA939918ED1B930059B3A882DE6F648] - [22/07/2023 14:52:21] - |A| - [3497832] - C:\Windows\syswow64\d3dx9_34.dll [MD5.3EF18B78D17C962F2B71AC1CB7757684] - [22/07/2023 14:52:36] - |A| - [3727720] - C:\Windows\syswow64\d3dx9_35.dll [MD5.44BFEC5C9C82A2EE9871D88FD3B9A0E2] - [22/07/2023 14:52:54] - |A| - [3734536] - C:\Windows\syswow64\d3dx9_36.dll [MD5.AC3C517FB0FBBE45FE44007BCD3625A7] - [22/07/2023 14:53:34] - |A| - [3786760] - C:\Windows\syswow64\D3DX9_37.dll [MD5.8F3EB548AC4ED90252394F60C77E3196] - [22/07/2023 14:54:23] - |A| - [3850760] - C:\Windows\syswow64\D3DX9_38.dll [MD5.8CB3DEFB8887C4F0846DB1FC1304D6D2] - [22/07/2023 14:55:27] - |A| - [3851784] - C:\Windows\syswow64\D3DX9_39.dll [MD5.EEA5E428CE63804F9B12D21C97B5968F] - [22/07/2023 14:56:26] - |A| - [4379984] - C:\Windows\syswow64\D3DX9_40.dll [MD5.3FA06CF5079B84155D18B05C08F7131B] - [22/07/2023 14:59:06] - |A| - [4178264] - C:\Windows\syswow64\D3DX9_41.dll [MD5.C6A44FC3CF2F5801561804272217B14D] - [22/07/2023 14:59:23] - |A| - [1892184] - C:\Windows\syswow64\D3DX9_42.dll [MD5.86E39E9161C3D930D93822F1563C280D] - [22/07/2023 15:01:04] - |A| - [1998168] - C:\Windows\syswow64\D3DX9_43.dll [MD5.0BA9ECF96BED0720B93C941809F5E315] - [20/07/2023 16:40:11] - |A| - [740704] - C:\Windows\syswow64\pmls.dll [MD5.CF295F9A323B1EC8B196E598636E78E4] - [23/07/2023 20:06:44] - |A| - [439] - C:\Windows\syswow64\shfolder.inf [MD5.5B55E9A1360A6C52CC988DA6804D6CA2] - [20/07/2023 14:47:14] - |A| - [901264] - C:\Windows\syswow64\ucrtbase.dll [MD5.F8D176DB5B14AED7C9B25E0640226BD1] - [23/07/2023 20:06:44] - |A| - [258352] - C:\Windows\syswow64\unicows.dll [MD5.7210D5407A2D2F52E851604666403024] - [23/07/2023 20:06:44] - |A| - [2272] - C:\Windows\syswow64\W95INF16.DLL [MD5.7D4A0D6C685107AC1B5089806CD4273B] - [23/07/2023 20:06:44] - |A| - [4608] - C:\Windows\syswow64\W95INF32.DLL [MD5.7BDB3B1F1303F0370D7E4CE82AD73D37] - [23/07/2023 20:06:44] - |A| - [56496] - C:\Windows\syswow64\wbhelp2.dll [MD5.4BAF561A4819F0EDF96C6FD903A5694F] - [23/07/2023 20:06:44] - |A| - [544768] - C:\Windows\syswow64\wbocx.ocx [MD5.00000000000000000000000000000000] - [22/07/2023 14:24:16] - |D| - [932] - C:\Windows\syswow64\Worms World Party Remastered [GOG.com] [MD5.4E961525CC7FF0E5D7DA19E170B7C14C] - [22/07/2023 14:46:19] - |A| - [14032] - C:\Windows\syswow64\x3daudio1_0.dll [MD5.121B131EAA369D8F58DACC5C39A77D80] - [22/07/2023 14:51:07] - |A| - [15128] - C:\Windows\syswow64\x3daudio1_1.dll [MD5.F6A9FC2AD2F9111372B5AB3BBA3707EC] - [22/07/2023 14:52:30] - |A| - [17928] - C:\Windows\syswow64\X3DAudio1_2.dll [MD5.C593FD0A96EE4B6390B653C4C641313F] - [22/07/2023 14:53:52] - |A| - [25608] - C:\Windows\syswow64\X3DAudio1_3.dll [MD5.E3832514BD21236067B7227F6165EF95] - [22/07/2023 14:54:58] - |A| - [25608] - C:\Windows\syswow64\X3DAudio1_4.dll [MD5.350FEFE18B86BD4D9AB2A96D00215A49] - [22/07/2023 14:56:01] - |A| - [23376] - C:\Windows\syswow64\X3DAudio1_5.dll [MD5.E763798CAD2A90B6AB61854F50CD47DD] - [22/07/2023 14:56:51] - |A| - [22360] - C:\Windows\syswow64\X3DAudio1_6.dll [MD5.C811E70C8804CFFF719038250A43B464] - [22/07/2023 15:00:25] - |A| - [22360] - C:\Windows\syswow64\X3DAudio1_7.dll [MD5.2112FE0C46662D429347A7D7B49E3ECE] - [22/07/2023 14:46:19] - |A| - [230096] - C:\Windows\syswow64\xactengine2_0.dll [MD5.7C9952111F4C743B9F0D8B68B6ED93C9] - [22/07/2023 14:48:36] - |A| - [229584] - C:\Windows\syswow64\xactengine2_1.dll [MD5.73E055AF78A64F9B2779D44407CA2AB6] - [22/07/2023 14:53:05] - |A| - [267272] - C:\Windows\syswow64\xactengine2_10.dll [MD5.5C4D3843B491C047B7A619901FBD2EC1] - [22/07/2023 14:50:09] - |A| - [230168] - C:\Windows\syswow64\xactengine2_2.dll [MD5.69D841744B2BAE38FBB2D40A230A549C] - [22/07/2023 14:50:56] - |A| - [236824] - C:\Windows\syswow64\xactengine2_3.dll [MD5.6550E1A0A7BE611592C31222FCB981FB] - [22/07/2023 14:51:07] - |A| - [237848] - C:\Windows\syswow64\xactengine2_4.dll [MD5.86C93789E9006F1AC47ED9DD47D4C8A1] - [22/07/2023 14:51:27] - |A| - [251672] - C:\Windows\syswow64\xactengine2_5.dll [MD5.39000E033D39D19CCCE21AEAFCCE2476] - [22/07/2023 14:51:34] - |A| - [255848] - C:\Windows\syswow64\xactengine2_6.dll [MD5.7FEBB8CE2233CBAE738B16D42ED29674] - [22/07/2023 14:52:10] - |A| - [261480] - C:\Windows\syswow64\xactengine2_7.dll [MD5.499210C45AFEAADEE8CF4DCF7D5E570B] - [22/07/2023 14:52:30] - |A| - [266088] - C:\Windows\syswow64\xactengine2_8.dll [MD5.46EE68F04A75A1CCF40235EA6F1CBA05] - [22/07/2023 14:52:47] - |A| - [267112] - C:\Windows\syswow64\xactengine2_9.dll [MD5.8A83673F0AB001870583FDE2B004FA59] - [22/07/2023 14:53:58] - |A| - [238088] - C:\Windows\syswow64\xactengine3_0.dll [MD5.2E0E25252E1D41752876E9FE12ADE175] - [22/07/2023 14:55:09] - |A| - [238088] - C:\Windows\syswow64\xactengine3_1.dll [MD5.F3C6BE26949CAADB11DBF0086082FAC9] - [22/07/2023 14:55:44] - |A| - [238088] - C:\Windows\syswow64\xactengine3_2.dll [MD5.8BA296419AF3417D1E9806B83166E472] - [22/07/2023 14:56:06] - |A| - [235856] - C:\Windows\syswow64\xactengine3_3.dll [MD5.686F8D1B4926D48227A06ACD4D41CD1E] - [22/07/2023 14:56:59] - |A| - [235352] - C:\Windows\syswow64\xactengine3_4.dll [MD5.DB3C93E87452B8DAB4F58ED1FD2B1998] - [22/07/2023 14:59:59] - |A| - [238936] - C:\Windows\syswow64\xactengine3_5.dll [MD5.F81C4678A55FFEE585AC75825FAF5582] - [22/07/2023 15:00:33] - |A| - [238936] - C:\Windows\syswow64\xactengine3_6.dll [MD5.4FD7BCB9D8AF6A165E9BA0C2EB702E7C] - [22/07/2023 15:02:12] - |A| - [239960] - C:\Windows\syswow64\xactengine3_7.dll [MD5.DD165760F1B95200A3DA2D9DFDB84234] - [22/07/2023 14:55:18] - |A| - [65032] - C:\Windows\syswow64\XAPOFX1_0.dll [MD5.D95EAABF5D277EF91D9CA70151209E56] - [22/07/2023 14:55:51] - |A| - [68616] - C:\Windows\syswow64\XAPOFX1_1.dll [MD5.295E47A75F278580F9441041EAAEA3D2] - [22/07/2023 14:56:15] - |A| - [70992] - C:\Windows\syswow64\XAPOFX1_2.dll [MD5.30686ECE80545E06D78D156EB9F7D463] - [22/07/2023 14:58:51] - |A| - [69464] - C:\Windows\syswow64\XAPOFX1_3.dll [MD5.E4CE2AF32F501A7F7DDDD908704A0EE6] - [22/07/2023 15:00:44] - |A| - [74072] - C:\Windows\syswow64\XAPOFX1_4.dll [MD5.8A4CEBF34370D689E198E6673C1F2C40] - [22/07/2023 15:03:20] - |A| - [74072] - C:\Windows\syswow64\XAPOFX1_5.dll [MD5.418CDC57E55EE79C3F86C13A19B3D5E3] - [22/07/2023 14:54:04] - |A| - [479752] - C:\Windows\syswow64\XAudio2_0.dll [MD5.E34FF0115B1EE3B4E03D22AE9840EE03] - [22/07/2023 14:55:18] - |A| - [507400] - C:\Windows\syswow64\XAudio2_1.dll [MD5.50F4A0D5E6A0BAFEFA78F353533B8E06] - [22/07/2023 14:55:51] - |A| - [509448] - C:\Windows\syswow64\XAudio2_2.dll [MD5.47ED15DC87AE334C13C4DACD1BE2CCED] - [22/07/2023 14:56:14] - |A| - [514384] - C:\Windows\syswow64\XAudio2_3.dll [MD5.E684C5FA18ADF9EA14737757413BF727] - [22/07/2023 14:57:09] - |A| - [517448] - C:\Windows\syswow64\XAudio2_4.dll [MD5.8B01FB723F3B30AB3DEBDDBF97CFE577] - [22/07/2023 15:00:08] - |A| - [515416] - C:\Windows\syswow64\XAudio2_5.dll [MD5.4976243BD70FAE3D1D24E49739AB2710] - [22/07/2023 15:00:44] - |A| - [528216] - C:\Windows\syswow64\XAudio2_6.dll [MD5.81DFDDFB401D663BA7E6AD1C80364216] - [22/07/2023 15:03:19] - |A| - [527192] - C:\Windows\syswow64\XAudio2_7.dll [MD5.F1726346E583442541FE73429F8E9C10] - [22/07/2023 14:49:29] - |A| - [62672] - C:\Windows\syswow64\xinput1_1.dll [MD5.33B62BE226934E1B01F5043870C70427] - [22/07/2023 14:50:51] - |A| - [62744] - C:\Windows\syswow64\xinput1_2.dll [MD5.77F595DEE5FFACEA72B135B1FCE1312E] - [22/07/2023 14:52:17] - |A| - [81768] - C:\Windows\syswow64\xinput1_3.dll [MD5.D68F7C730CB159093838FF7358632ACA] - [23/07/2023 20:07:59] - |A| - [45] - C:\Windows\syswow64\_WKERNEL.SYL ---------- | Drives D: [08/07/2023 15:36:36] - |A| - (.-.) - [661] - (0.0.0.0) - D:\PCTuneUp.lnk [08/07/2023 15:36:35] - |A| - (.-.) - [1799] - (0.0.0.0) - D:\PowerArchiver 2023.lnk F: G: H: J: K: L: [09/01/2023 16:16:05] - |N| - (.Ashampoo GmbH & Co. KG - Ashampoo UnInstaller 12 Setup .) - [28727032] - (12.0.11.0) - L:\ashampoo_uninstaller_12_12.00.11_sm.exe [09/01/2023 19:14:53] - |N| - (.Carifred.com - Clear Disk Info.) - [949528] - (4.0.0.0) - L:\ClearDiskInfo.exe [12/09/2022 13:40:32] - |N| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1089304] - (2.9.1.8012) - L:\CyberLink_Media_Suite_v14.0.exe [14/01/2019 14:58:57] - |N| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1174200] - (3.0.0.2816) - L:\CyberLink_PhotoDirector_Downloader(1).exe [12/09/2022 13:40:31] - |N| - (.Copyright (C) CyberLink Corporation. All rights reserved - CyberLink Downloader.) - [1174200] - (3.0.0.2816) - L:\CyberLink_Power2Go_Downloader.exe [25/02/2019 10:12:15] - |N| - (.NCH Software - Debut Video Capture Software.) - [2406960] - (0.0.0.0) - L:\DebutVideoCaptureSoftware.exe [20/06/2019 15:54:37] - |N| - (. - .) - [61197060] - (4.1.100.1332) - L:\digital-video-duplicator_1_16766.exe [20/06/2019 15:54:40] - |N| - (. - .) - [61197060] - (4.1.100.1332) - L:\DigitalVideoDuplicator3_FR.exe [20/06/2019 15:55:02] - |N| - (.Copyright © Avanquest Software 2016 - eXpert PDF FR.) - [1863496] - (10.0.0.0) - L:\eXpertPDF_FR.exe [25/02/2019 10:12:15] - |N| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [1802704] - (2.9.1.0) - L:\iExplore.exe [20/06/2019 15:55:41] - |N| - (.Copyright © inPixio 2019 - inPixio Photo Cutter.) - [2204760] - (9.0.0.0) - L:\InPixioPhotoCutter.exe [20/06/2019 15:55:41] - |N| - (.Copyright © inPixio 2019 - inPixio Photo Eraser.) - [2230360] - (9.0.0.0) - L:\InPixioPhotoEraser.exe [20/06/2019 15:55:41] - |N| - (.Copyright © InPixio 2017 - InPixio Photo Focus.) - [2516992] - (3.0.0.0) - L:\InPixioPhotoFocus3.0_TR_DM.exe [20/06/2019 15:55:40] - |N| - (.Copyright © inPixio 2019 - inPixio Photo Clip.) - [2756680] - (9.0.0.0) - L:\InPixio_PhotoClip_DT.exe [12/01/2019 17:19:23] - |N| - (.Copyright (C) 2013-2017 SosVirus Software - Look_my_hardware.) - [1239464] - (26.4.17.1) - L:\look-my-hardware_2_26.04.17.1.exe [20/06/2019 15:55:59] - |N| - (.Copyright © Malwarebytes Corporation - Malwarebytes Anti-Rootkit.) - [14178840] - (1.10.1.1002) - L:\mbar-1.10.3.1001.exe [12/09/2022 13:40:29] - |N| - (.© Microsoft Corporation. - Windows 10 Setup.) - [19463448] - (10.0.19041.572) - L:\MediaCreationTool21H2.exe [12/09/2022 13:40:38] - |N| - (.Copyright (C) 2009 Secure By Design Inc - Ninite.) - [425304] - (0.1.1.1183) - L:\Ninite Chrome Firefox OpenOffice VLC Installer.exe [20/06/2019 15:56:01] - |N| - (. - Online Video Recorder Setup .) - [16879392] - (3.4.4.1) - L:\OnlineVideoRecorder_3_4_4_AQFR.exe [20/06/2019 15:54:03] - |N| - (.-.) - [833117] - (3.1.0.0) - L:\pdf2wordd.exe [01/02/2019 10:15:33] - |N| - (.PortableApps.com - PortableApps.com Platform.) - [5144128] - (15.999.0.2) - L:\PortableApps.com_Platform_Setup_16.0_Beta_2.paf (1).exe [01/02/2019 10:15:03] - |N| - (.PortableApps.com - PortableApps.com Platform.) - [5144128] - (15.999.0.2) - L:\PortableApps.com_Platform_Setup_16.0_Beta_2.paf.exe [20/06/2019 15:54:05] - |N| - (.Avanquest Software - Protect your privacy .) - [1370624] - (2.0.0.0) - L:\SmartPrivacyCleaner_FR (2).exe [22/01/2019 07:35:34] - |N| - (.(C) 2015 Smart PC Utilities, Ltd. - PC Startup Master Setup.) - [7784934] - (3.0.238.0) - L:\startupmaster.exe [20/06/2019 15:54:09] - |N| - (.Stellar Information Technology Pvt Ltd. - Stellar Information Technology Pvt Ltd .) - [16660680] - (5.0.0.0) - L:\StellarOSTtoPSTConverter_TR.exe [20/06/2019 15:54:10] - |N| - (.Stellar Information Technology Pvt Ltd. - Stellar Information Technology Pvt Ltd. .) - [6489944] - (5.5.0.0) - L:\StellarPhoenixWordRepair.exe [20/06/2019 15:54:06] - |N| - (.Stellar Information Technology Pvt Ltd. - Stellar Information Technology Pvt Ltd. .) - [73247824] - (5.0.0.0) - L:\Stellar_Data_Recovery_Iphone.exe [09/01/2023 19:14:54] - |N| - (.Copyright 2008-2014, Sysnative - Diagnostic Logfile Collection.) - [175952] - (4.6.0.0) - L:\SysnativeBSODCollectionApp.exe [09/01/2023 19:14:57] - |N| - (.-.) - [1331856] - (0.0.0.0) - L:\Tweaking.com-RepairWindowsUpdates.exe [12/09/2022 13:40:31] - |N| - (.-.) - [1551208] - (0.0.0.0) - L:\video_downloader_trial_installer.exe [09/01/2023 16:16:01] - |N| - (.WiseCleaner.com - Wise Program Uninstaller .) - [11011296] - (3.1.1.253) - L:\WPUSetup_3.1.1.253 (1).exe [09/01/2023 16:16:03] - |N| - (.WiseCleaner.com - Wise Program Uninstaller .) - [11011296] - (3.1.1.253) - L:\WPUSetup_3.1.1.253.exe [09/01/2023 16:17:42] - |N| - (.Nicolas Coolman - ZHPCleaner.) - [3305672] - (2023.1.3.1) - L:\ZHPCleaner.exe [09/01/2023 19:14:56] - |N| - (.Nicolas Coolman - ZHPDiag.) - [3311816] - (2023.1.3.1) - L:\ZHPDiag3.exe [09/01/2023 19:14:56] - |N| - (.Nicolas Coolman - ZHPSuite.) - [3510472] - (2023.1.3.1) - L:\ZHPSuite.exe N: O: [21/07/2023 11:59:07] - |A| - (.© Merkur 2002-2021 - eMule Installer.) - [4277206] - (0.60.3.1) - O:\eMule0.60d-Installer.exe [21/07/2023 11:59:24] - |A| - (.(c) 2006-2022 Digital Wave Ltd - Free Studio Setup .) - [105610760] - (6.7.7.1110) - O:\FreeStudio_6.7.7.1110_o(1).exe [21/07/2023 12:00:28] - |A| - (.(c) 2006-2022 Digital Wave Ltd - Free Studio Setup .) - [105610760] - (6.7.7.1110) - O:\FreeStudio_6.7.7.1110_o.exe [21/07/2023 12:01:35] - |A| - (. - Grand Explorer Setup .) - [68934624] - (0.0.0.0) - O:\gesetup1125.exe [21/07/2023 12:02:24] - |A| - (. - Grand Explorer Setup .) - [68934624] - (0.0.0.0) - O:\gesetup7234.exe [21/07/2023 12:03:07] - |A| - (. - Grand Explorer Setup .) - [68934624] - (0.0.0.0) - O:\gesetup7796.exe [21/07/2023 12:03:42] - |A| - (. - Grand Explorer Setup .) - [68934624] - (0.0.0.0) - O:\gesetup9281.exe [21/07/2023 12:07:32] - |A| - (.Avanquest - Onesafe PC Cleaner .) - [7270632] - (9.1.0.0) - O:\OneSafe_PC_Cleaner_D.exe [21/07/2023 12:10:07] - |A| - (.Copyright ©2006-2022 The qBittorrent project - qBittorrent - A Bittorrent Client.) - [32779052] - (4.5.4.0) - O:\qbittorrent_4.5.4_x64_setup.exe [21/07/2023 12:11:02] - |A| - (.Adventurous Cloth LLC. - Adventurous Cloth Tool.) - [3341488] - (1.0.0.0) - O:\The-Sims-4-Free-v1.99.264.1030-ALL_759406.exe Q: [02/12/2022 13:49:45] - |A| - (.-.) - [2841] - (0.0.0.0) - Q:\Sophos Virus Removal Tool.lnk [02/12/2022 13:49:45] - |A| - (.-.) - [878] - (0.0.0.0) - Q:\ZHPCleaner.lnk [02/12/2022 13:50:02] - |A| - (.-.) - [2154] - (0.0.0.0) - Q:\COMODO Internet Security Premium.lnk [02/12/2022 13:50:02] - |A| - (.-.) - [2138] - (0.0.0.0) - Q:\Comodo Secure Shopping.lnk [02/12/2022 13:50:04] - |A| - (.-.) - [1262] - (0.0.0.0) - Q:\IObit Malware Fighter.lnk [02/12/2022 13:50:04] - |A| - (.-.) - [1421] - (0.0.0.0) - Q:\IObit Software Updater.lnk [02/12/2022 13:50:04] - |A| - (.-.) - [1091] - (0.0.0.0) - Q:\iTop VPN.lnk [25/03/2023 06:47:52] - |A| - (.-.) - [825] - (0.0.0.0) - Q:\Tixati.lnk [25/03/2023 06:47:52] - |A| - (.-.) - [1025] - (0.0.0.0) - Q:\Vuze Leap.lnk [25/03/2023 06:47:53] - |A| - (.-.) - [1057] - (0.0.0.0) - Q:\Internet Explorer.lnk [02/12/2022 13:49:47] - |A| - (. - AudioRanger Setup .) - [10326504] - (3.4.3.0) - Q:\AudioRangerSetup.exe R: [25/03/2023 06:48:54] - |A| - (.-.) - [825] - (0.0.0.0) - R:\Tixati.lnk [25/03/2023 06:48:54] - |A| - (.-.) - [1025] - (0.0.0.0) - R:\Vuze Leap.lnk [25/03/2023 06:48:54] - |A| - (.-.) - [1057] - (0.0.0.0) - R:\Internet Explorer.lnk V: [04/01/2023 15:03:58] - |A| - (.-.) - [2757915176] - (0.0.0.0) - V:\CyberLinkMediaSuite16.0_Trial_MES180731-04_TR180823-022.exe W: [23/02/2023 11:24:16] - |A| - (.-.) - [2154] - (0.0.0.0) - W:\COMODO Internet Security Premium.lnk [23/02/2023 11:24:18] - |A| - (.-.) - [2138] - (0.0.0.0) - W:\Comodo Secure Shopping.lnk [20/02/2023 21:04:46] - |A| - (.-.) - [1286] - (0.0.0.0) - W:\ESET Online Scanner.lnk [20/02/2023 21:05:44] - |A| - (.-.) - [1821] - (0.0.0.0) - W:\Facebook.lnk [23/02/2023 11:27:48] - |A| - (.-.) - [1055] - (0.0.0.0) - W:\Internet Explorer.lnk [23/02/2023 11:27:50] - |A| - (.-.) - [1262] - (0.0.0.0) - W:\IObit Malware Fighter.lnk [23/02/2023 11:27:52] - |A| - (.-.) - [1421] - (0.0.0.0) - W:\IObit Software Updater.lnk [23/02/2023 11:27:58] - |A| - (.-.) - [1091] - (0.0.0.0) - W:\iTop VPN.lnk [22/02/2023 18:33:18] - |A| - (.-.) - [817] - (0.0.0.0) - W:\Mes Images.lnk [22/02/2023 18:33:20] - |A| - (.-.) - [804] - (0.0.0.0) - W:\Mes Musiques.lnk [27/05/2020 08:27:24] - |A| - (.-.) - [1450] - (0.0.0.0) - W:\Microsoft Edge.lnk [22/02/2023 18:33:20] - |A| - (.-.) - [1769] - (0.0.0.0) - W:\Microsoft News les actualités à ne pas manquer.lnk [22/02/2023 18:33:20] - |A| - (.-.) - [1825] - (0.0.0.0) - W:\Microsoft Solitaire Collection.lnk [26/01/2023 19:20:48] - |A| - (.-.) - [1516] - (0.0.0.0) - W:\Navigateur Opera.lnk [22/02/2023 18:33:58] - |A| - (.-.) - [1677] - (0.0.0.0) - W:\Paint 3D.lnk [26/01/2023 19:20:48] - |A| - (.-.) - [789] - (0.0.0.0) - W:\PC Cleaner.lnk [26/01/2023 19:20:49] - |A| - (.-.) - [450] - (0.0.0.0) - W:\Poursuivez l'installation de CorelDRAW Graphics Suite.lnk [26/01/2023 19:20:53] - |A| - (.-.) - [1915] - (0.0.0.0) - W:\Spotify.lnk [26/01/2023 19:20:53] - |A| - (.-.) - [2232] - (0.0.0.0) - W:\Tweaking.com - Windows Repair.lnk [26/01/2023 19:20:54] - |A| - (.-.) - [943] - (0.0.0.0) - W:\TweakPower.lnk [26/01/2023 19:20:54] - |A| - (.-.) - [623] - (0.0.0.0) - W:\WinThruster.lnk [26/01/2023 19:20:54] - |A| - (.-.) - [2592] - (0.0.0.0) - W:\Yandex.lnk [22/02/2023 20:04:04] - |A| - (.Copyright (c) 1999-2018 Igor Pavlov - 7-Zip Shell Extension.) - [50688] - (19.0.0.0) - W:\7-zip.dll [21/02/2023 11:05:26] - |A| - (.-.) - [0] - (0.0.0.0) - W:\ad-aware&comodo_bundle2019_setup_sib.exe [23/02/2023 11:13:38] - |A| - (.-.) - [0] - (0.0.0.0) - W:\Adaware_protect_Installer (1).exe [23/02/2023 11:14:22] - |A| - (.-.) - [13252600] - (0.0.0.0) - W:\Adaware_protect_Installer.exe [26/01/2023 19:45:04] - |A| - (.Copyright 2022 Malwarebytes - AdwCleaner.) - [8791352] - (8.4.0.0) - W:\adwcleaner.exe [23/02/2023 11:14:28] - |A| - (.Copyright(C) 2002-2022 Alcohol Soft Development Team - Alcohol 120% 2.1.1.2201 Setup.) - [12996256] - (4.45.1.2201) - W:\Alcohol120_trial_2.1.1.2201.exe [21/02/2023 11:05:34] - |A| - (.-.) - [0] - (0.0.0.0) - W:\apower-manager.exe [22/02/2023 18:28:56] - |A| - (.-.) - [15533336] - (0.0.0.0) - W:\ApplicationManager_v1126_rv199819(1.2)_STD_APM181015-01.exe [21/02/2023 11:05:38] - |A| - (.-.) - [0] - (0.0.0.0) - W:\ApplicationManager_v1318_rv200683(1.3)_STD_APM190117-01.exe [21/02/2023 11:05:40] - |A| - (.-.) - [0] - (0.0.0.0) - W:\ashampoo_snap_10_10.0.8_sm.exe [21/02/2023 11:05:40] - |A| - (.-.) - [0] - (0.0.0.0) - W:\ashampoo_snap_9_9.0.6_sm.exe [09/01/2023 16:16:05] - |A| - (.Ashampoo GmbH & Co. KG - Ashampoo UnInstaller 12 Setup .) - [28727032] - (12.0.11.0) - W:\ashampoo_uninstaller_12_12.00.11_sm.exe [26/01/2023 19:45:08] - |A| - (.Copyright © Systweak Software 2022 - Advanced System Protector .) - [10072336] - (2.5.1111.29090) - W:\aspsetup_systweaksite-default.exe [23/02/2023 11:23:46] - |A| - (. - AudioRanger Setup .) - [10326504] - (3.4.3.0) - W:\AudioRangerSetup.exe [23/02/2023 11:23:50] - |A| - (.-.) - [6306000] - (0.0.0.0) - W:\avira_en_aps10_4038334424_y1w138e32zxnj2s0t39m_wdp.exe [23/02/2023 11:23:54] - |A| - (.Copyright © 2023 Avira Operations GmbH & Co. KG and its Licensors - Avira Security.) - [6306000] - (1.0.40.2) - W:\avira_fr_sptl1_643296187-1674075398__pavwws.exe [22/02/2023 18:29:18] - |A| - (.2005-2020 COMODO. - COMODO Internet Security.) - [5712000] - (12.2.2.7098) - W:\cav_installer_138430010_1a.exe [23/02/2023 11:24:16] - |A| - (.Copyright (C) 2010-2014 Andrea Russo - Italy - Clam Sentinel Setup .) - [737886] - (1.22.0.0) - W:\ClamSentinel1.22.exe [21/02/2023 11:05:48] - |A| - (.-.) - [0] - (0.0.0.0) - W:\clear-fi-media_VAwqVx_0121044746.exe [09/01/2023 19:14:53] - |A| - (.Carifred.com - Clear Disk Info.) - [949528] - (4.0.0.0) - W:\ClearDiskInfo.exe [25/02/2019 10:12:15] - |A| - (.NCH Software - Debut Video Capture Software.) - [2406960] - (0.0.0.0) - W:\DebutVideoCaptureSoftware.exe [20/06/2019 15:54:37] - |A| - (. - .) - [61197060] - (4.1.100.1332) - W:\digital-video-duplicator_1_16766.exe [22/02/2023 18:29:32] - |A| - (.Copyright©2017 Wondershare. - drfone_setup_full3371.exe.) - [1056496] - (2.1.3.2) - W:\drfone_repair_setup_full3371.exe [22/02/2023 18:29:36] - |A| - (.-.) - [0] - (0.0.0.0) - W:\DriverPack-17-Online.exe [20/02/2023 21:04:46] - |A| - (.Copyright (c) ESET, spol. s r.o. 1992-2022. - ESET Online Scanner.) - [15274968] - (10.23.31.0) - W:\esetonlinescanner.exe [20/06/2019 15:55:02] - |A| - (.Copyright © Avanquest Software 2016 - eXpert PDF FR.) - [1863496] - (10.0.0.0) - W:\eXpertPDF_FR.exe [09/01/2023 15:39:57] - |A| - (.(c) 2006-2022 Digital Wave Ltd - Free Studio Setup .) - [105610760] - (6.7.7.1110) - W:\FreeStudio_6.7.7.1110_d.exe [22/02/2023 18:29:56] - |A| - (.©1999-2018 Jonathan Bennett & AutoIt Team - Farbar Recovery Scan Tool.) - [2281472] - (15.4.2020.0) - W:\FRST64.exe [23/02/2023 05:15:30] - |A| - (.-.) - [0] - (0.0.0.0) - W:\GiveawayClub_Magix_Music_Maker.exe [21/02/2023 11:16:00] - |A| - (.©2016 SysTools Software Private Limited - SysTools G Suite to Office 365 Migrator Setup .) - [6236592] - (1.0.0.0) - W:\gsuite-to-office365-migrator.exe [22/02/2023 18:32:12] - |A| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [1802704] - (2.9.1.0) - W:\iExplore.exe [22/02/2023 18:32:32] - |A| - (.Copyright © 2020 iMyFone Technology Co., Ltd. All Rights Reserved - Fixppo for Android.) - [2911160] - (2.2.0.1) - W:\imyfone-fixppo-for-android_setup.exe [20/06/2019 15:55:41] - |A| - (.Copyright © inPixio 2019 - inPixio Photo Cutter.) - [2204760] - (9.0.0.0) - W:\InPixioPhotoCutter.exe [20/06/2019 15:55:41] - |A| - (.Copyright © inPixio 2019 - inPixio Photo Eraser.) - [2230360] - (9.0.0.0) - W:\InPixioPhotoEraser.exe [20/06/2019 15:55:41] - |A| - (.Copyright © InPixio 2017 - InPixio Photo Focus.) - [2516992] - (3.0.0.0) - W:\InPixioPhotoFocus3.0_TR_DM.exe [20/06/2019 15:55:40] - |A| - (.Copyright © inPixio 2019 - inPixio Photo Clip.) - [2756680] - (9.0.0.0) - W:\InPixio_PhotoClip_DT.exe [21/02/2023 11:16:04] - |A| - (.©IObit. - IObit Software Updater .) - [11049464] - (1.0.1.1698) - W:\iobit-software-updater-setup-final.exe [22/02/2023 16:35:40] - |A| - (.© iTop Inc. - iTop Screen Recorder .) - [93384472] - (3.1.0.1102) - W:\itop-screen-recorder-frseo_hp-setup.exe [23/02/2023 11:28:36] - |A| - (.© Apple Inc. - iTunes Installer.) - [210495816] - (12.9.4.102) - W:\iTunesSetup.exe [23/02/2023 11:30:08] - |A| - (.Copyright (C) 2013-2017 SosVirus Software - Look_my_hardware.) - [1239464] - (26.4.17.1) - W:\look-my-hardware_2_26.04.17.1.exe [20/06/2019 15:55:59] - |A| - (.Copyright © Malwarebytes Corporation - Malwarebytes Anti-Rootkit.) - [14178840] - (1.10.1.1002) - W:\mbar-1.10.3.1001.exe [12/09/2022 13:40:29] - |A| - (.© Microsoft Corporation. - Windows 10 Setup.) - [19463448] - (10.0.19041.572) - W:\MediaCreationTool21H2.exe [26/01/2023 19:46:05] - |A| - (.Copyright Microsoft Corporation - Microsoft Edge Update Setup.) - [1608000] - (1.3.171.37) - W:\MicrosoftEdgeSetup.exe [21/02/2023 11:31:54] - |A| - (.(c) Moo0. - Moo0 Installer.) - [2928640] - (1.0.0.0) - W:\Moo0 ImageViewer SP v1.80 Installer (1).exe [26/01/2023 19:46:16] - |A| - (.Copyright © Systweak Software 2022 - Photos Recovery .) - [7485088] - (2.1.0.372) - W:\phrecsetupipg_direct-_hp_menu_wp_dl.exe [26/01/2023 19:46:19] - |A| - (.Copyright © Systweak Software 2018 - Photo Organizer .) - [6595256] - (1.1.0.12) - W:\posetup_direct-_hp_menu_wp_dl.exe [23/02/2023 05:15:50] - |A| - (.-.) - [0] - (0.0.0.0) - W:\ResetBrowser.exe [23/02/2023 05:16:02] - |A| - (.-.) - [0] - (0.0.0.0) - W:\WinsockxpFix.exe [22/02/2023 16:31:28] - |A| - (.-.) - [224] - (0.0.0.0) - W:\autorun (1).inf [23/02/2023 06:20:56] - |A| - (.-.) - [166] - (0.0.0.0) - W:\autorun (10).inf [23/02/2023 10:27:24] - |A| - (.-.) - [128] - (0.0.0.0) - W:\autorun (11).inf [23/02/2023 11:23:46] - |A| - (.-.) - [128] - (0.0.0.0) - W:\autorun (12).inf [22/02/2023 18:29:08] - |A| - (.-.) - [16] - (0.0.0.0) - W:\AUTORUN (2).INF [22/02/2023 18:55:12] - |A| - (.-.) - [128] - (0.0.0.0) - W:\autorun (3).inf [22/02/2023 19:04:58] - |A| - (.-.) - [134] - (0.0.0.0) - W:\autorun (4).inf [22/02/2023 21:15:20] - |A| - (.-.) - [128] - (0.0.0.0) - W:\autorun (5).inf [23/02/2023 01:34:24] - |A| - (.-.) - [128] - (0.0.0.0) - W:\autorun (6).inf [23/02/2023 02:13:40] - |A| - (.-.) - [128] - (0.0.0.0) - W:\autorun (7).inf [23/02/2023 02:48:14] - |A| - (.-.) - [238] - (0.0.0.0) - W:\autorun (8).inf [23/02/2023 05:15:18] - |A| - (.-.) - [0] - (0.0.0.0) - W:\autorun (9).inf [23/02/2023 07:07:44] - |A| - (.-.) - [16] - (0.0.0.0) - W:\AUTORUN(1).INF [23/02/2023 07:07:52] - |A| - (.-.) - [44165] - (0.0.0.0) - W:\Brazilian.ini [23/02/2023 07:08:00] - |A| - (.-.) - [41137] - (0.0.0.0) - W:\Danish.ini [23/02/2023 07:08:42] - |A| - (.-.) - [68] - (0.0.0.0) - W:\pmp_usb (2).ini [23/02/2023 07:08:42] - |A| - (.-.) - [68] - (0.0.0.0) - W:\pmp_usb (3).ini [23/02/2023 07:08:42] - |A| - (.-.) - [68] - (0.0.0.0) - W:\pmp_usb.ini X: [07/07/2023 16:13:37] - |A| - (.-.) - [960] - (0.0.0.0) - X:\Firefox.lnk Y: ---------- | C: [20/07/2023 18:00:05] - |D| - [135168] - C:\$AV_ASW [22/08/2013 17:36:31] - |SHD| - [258] - C:\$Recycle.Bin [19/07/2023 16:06:32] - |D| - [87009020] - C:\AMD [MD5.0B17239B2E03F5AEA96929003CA22337] - [22/08/2013 17:44:03] - |RASH| - (.-.) - [404250] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [22/08/2013 17:44:04] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [22/07/2023 10:01:43] - |D| - [90112] - C:\Device [22/08/2013 16:45:52] - |SD| - [0] - C:\Documents and Settings [22/07/2023 14:17:16] - |D| - [823769624] - C:\GOG Games [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/07/2023 14:47:55] - |ASH| - (.-.) - [3069992960] - (0.0.0.0) - C:\hiberfil.sys [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/07/2023 14:43:55] - |ASH| - (.-.) - [6129459200] - (0.0.0.0) - C:\pagefile.sys [22/08/2013 17:36:30] - |D| - [0] - C:\PerfLogs [23/07/2023 16:30:17] - |D| - [0] - C:\Pre_Scan [MD5.4155C73C2939E1365F20726D872D5410] - [22/07/2023 17:55:22] - |RA| - (.-.) - [40272] - (0.0.0.0) - C:\Pre_Scan_22_07_2023_17_55_05.txt [22/08/2013 15:36:15] - |D| - [9487682636] - C:\Program Files [22/08/2013 15:36:15] - |RD| - [6013709785] - C:\Program Files (x86) [22/08/2013 15:36:15] - |HD| - [2259726011] - C:\ProgramData [20/07/2023 09:27:10] - |D| - [16130403] - C:\Quarantine [20/07/2023 07:41:36] - |D| - [36900762225] - C:\QuickDiag [MD5.69AA519BF96E60836CA20C4512D7D15F] - [23/07/2023 22:17:12] - |A| - (.-.) - [342026] - (0.0.0.0) - C:\QuickDiag.txt [MD5.9FAE4ECA4592F27742A1127595A0CDF2] - [20/07/2023 10:47:37] - |A| - (.-.) - [303533573] - (0.0.0.0) - C:\QuickScript le denier de ma vie pour 2024, year of the dragon.txt [19/07/2023 14:46:58] - |SHD| - [255846187] - C:\Recovery [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/07/2023 14:43:55] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [19/07/2023 14:43:54] - |SHD| - [0] - C:\System Volume Information [22/08/2013 15:36:15] - |RD| - [49037280203] - C:\Users [22/08/2013 15:36:15] - |D| - [21619551333] - C:\Windows ---------- | C:\Windows [22/08/2013 17:36:30] - |D| - [802] - C:\Windows\addins [22/08/2013 17:36:31] - |D| - [1160704] - C:\Windows\ADFS [22/08/2013 17:36:30] - |D| - [3912643] - C:\Windows\AppCompat [22/08/2013 17:36:31] - |D| - [11883922] - C:\Windows\apppatch [22/08/2013 17:36:30] - |D| - [0] - C:\Windows\AppReadiness [22/08/2013 17:36:30] - |RD| - [548272832] - C:\Windows\assembly [MD5.EBCFA11C16A9A073E797622BAA74D76F] - [21/07/2014 22:04:38] - |A| - (.-.) - [47887] - (0.0.0.0) - C:\Windows\atiogl.xml [MD5.D41D8CD98F00B204E9800998ECF8427E] - [19/07/2023 16:06:25] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\ativpsrm.bin [MD5.FA78F9739F8F0239A539A06B10D354C7] - [22/08/2013 13:21:53] - |A| - (.© Microsoft Corporation. - Boot File Servicing Utility.) - [56832] - (6.3.9600.16384) - C:\Windows\bfsvc.exe [MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/07/2023 16:34:51] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\BoosteFry.INI [22/08/2013 17:36:31] - |D| - [36824366] - C:\Windows\Boot [MD5.503AD786163C337E2D6BF0AB60A41CF1] - [22/08/2013 16:46:23] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat [22/08/2013 17:36:31] - |D| - [2296376] - C:\Windows\Branding [22/08/2013 17:36:30] - |D| - [7211916] - C:\Windows\Camera [22/08/2013 17:20:01] - |D| - [0] - C:\Windows\CbsTemp [MD5.0505315076F50DE128B8256927B94722] - [21/11/2014 10:25:45] - |A| - (.-.) - [35851] - (0.0.0.0) - C:\Windows\Core.xml [22/08/2013 17:36:30] - |D| - [4503720] - C:\Windows\Cursors [22/08/2013 17:36:31] - |D| - [601] - C:\Windows\debug [22/08/2013 17:36:30] - |RD| - [22590] - C:\Windows\DesktopTileResources [22/08/2013 17:36:30] - |D| - [3495466] - C:\Windows\diagnostics [22/08/2013 17:43:29] - |D| - [0] - C:\Windows\DigitalLocker [MD5.1510F02DD6CFDB245875119E20D6CA0B] - [22/07/2023 14:44:01] - |A| - (.-.) - [10123] - (0.0.0.0) - C:\Windows\DirectX.log [21/07/2023 10:51:15] - |D| - [10941451] - C:\Windows\Downloaded Installations [22/08/2013 17:36:31] - |SD| - [65] - C:\Windows\Downloaded Program Files [MD5.67C55008157477A24854CA29C3B18BB1] - [22/08/2013 17:37:25] - |A| - (.-.) - [2988] - (0.0.0.0) - C:\Windows\DtcInstall.log [22/08/2013 17:36:31] - |D| - [24608] - C:\Windows\ELAMBKUP [22/08/2013 17:43:29] - |D| - [97792] - C:\Windows\en-US [MD5.85D47EB257B06094F052E0C8AEFA3BEE] - [21/11/2014 11:16:21] - |A| - (.© Microsoft Corporation. - Windows Explorer.) - [2501368] - (6.3.9600.17415) - C:\Windows\explorer.exe [22/08/2013 17:36:30] - |D| - [14519657] - C:\Windows\FileManager [22/08/2013 15:36:15] - |RSD| - [554574465] - C:\Windows\Fonts [22/08/2013 17:36:30] - |D| - [93333783] - C:\Windows\Globalization [22/08/2013 17:36:31] - |D| - [1626642] - C:\Windows\Help [MD5.80E856B1AFAEB6195EADAAD65945147C] - [21/11/2014 11:15:58] - |A| - (.© Microsoft Corporation. - Microsoft Help and Support.) - [1001472] - (6.3.9600.17415) - C:\Windows\HelpPane.exe [MD5.B934411DFE7DEACFA95A1255A48133C9] - [21/11/2014 11:15:58] - |A| - (.© Microsoft Corporation. - Microsoft® HTML Help Executable.) - [17408] - (6.3.9600.17415) - C:\Windows\hh.exe [22/08/2013 17:36:30] - |D| - [152843668] - C:\Windows\IME [22/08/2013 17:36:31] - |RD| - [7287020] - C:\Windows\ImmersiveControlPanel [22/08/2013 15:36:15] - |D| - [42781572] - C:\Windows\Inf [22/08/2013 17:36:31] - |D| - [119175822] - C:\Windows\InputMethod [22/08/2013 17:36:31] - |SHD| - [3180470714] - C:\Windows\Installer [22/08/2013 17:36:31] - |D| - [61417] - C:\Windows\L2Schemas [22/08/2013 17:36:31] - |D| - [0] - C:\Windows\LiveKernelReports [22/08/2013 15:36:15] - |D| - [375144331] - C:\Windows\Logs [22/08/2013 17:36:30] - |RSD| - [19944453] - C:\Windows\Media [22/08/2013 17:36:31] - |D| - [18917376] - C:\Windows\MediaViewer [MD5.23AF90D2355D8C83AA4567EF1763B467] - [22/08/2013 09:01:23] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin [22/08/2013 17:36:30] - |D| - [532099631] - C:\Windows\Microsoft.NET [22/08/2013 17:36:31] - |D| - [0] - C:\Windows\ModemLogs [MD5.959A31D0CD013CEA0C66DB7C03BCBDDF] - [21/11/2014 11:16:15] - |A| - (.© Microsoft Corporation. - Notepad.) - [221184] - (6.3.9600.17415) - C:\Windows\notepad.exe [22/08/2013 17:36:30] - |RD| - [65] - C:\Windows\Offline Web Pages [20/07/2023 00:37:36] - |D| - [2788770] - C:\Windows\Panther [22/08/2013 17:36:30] - |D| - [44835882] - C:\Windows\Performance [MD5.8F87266A75862BF5AC8284CC231758F5] - [21/11/2014 10:34:05] - |A| - (.-.) - [29818] - (0.0.0.0) - C:\Windows\PFRO.log [22/08/2013 17:36:30] - |D| - [1121834] - C:\Windows\PLA [22/08/2013 17:36:30] - |D| - [2326841] - C:\Windows\PolicyDefinitions [19/07/2023 14:44:36] - |D| - [11371299] - C:\Windows\Prefetch [MD5.B67DB709F5FDAA89CA6C2CB6C1E39B3B] - [21/11/2014 11:15:43] - |A| - (.© Microsoft Corporation. - Registry Editor.) - [154624] - (6.3.9600.17415) - C:\Windows\regedit.exe [22/08/2013 17:36:30] - |D| - [22588] - C:\Windows\Registration [22/08/2013 17:36:30] - |D| - [3704063] - C:\Windows\rescache [22/08/2013 17:36:31] - |D| - [2578803] - C:\Windows\Resources [22/08/2013 17:36:31] - |D| - [0] - C:\Windows\SchCache [22/08/2013 17:36:30] - |D| - [118561] - C:\Windows\schemas [22/08/2013 17:36:31] - |D| - [1085788] - C:\Windows\security [22/08/2013 16:45:15] - |D| - [67664161] - C:\Windows\ServiceProfiles [22/08/2013 15:36:15] - |D| - [125955574] - C:\Windows\servicing [22/08/2013 16:45:23] - |D| - [42] - C:\Windows\Setup [MD5.AA17600271B35038D4B40214BAE6CA02] - [22/08/2013 16:46:17] - |A| - (.-.) - [37008] - (0.0.0.0) - C:\Windows\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [22/08/2013 16:46:17] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log [21/11/2014 10:25:32] - |D| - [4544] - C:\Windows\ShellNew [21/11/2014 10:25:32] - |D| - [31373168] - C:\Windows\SKB [19/07/2023 14:57:56] - |D| - [4250738737] - C:\Windows\SoftwareDistribution [22/08/2013 17:36:30] - |D| - [125808437] - C:\Windows\Speech [MD5.4D9DA155B7B449964E14FC32124CC601] - [21/11/2014 11:16:13] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [128512] - (6.3.9600.17415) - C:\Windows\splwow64.exe [MD5.A77E65831A152C8FCA5B822749E2624D] - [22/08/2013 17:19:59] - |A| - (.-.) - [35891] - (0.0.0.0) - C:\Windows\Starter.xml [22/08/2013 17:36:30] - |D| - [31039] - C:\Windows\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [22/08/2013 15:25:43] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini [22/08/2013 15:36:16] - |RD| - [3490671748] - C:\Windows\System32 [22/08/2013 17:36:30] - |D| - [8110216] - C:\Windows\SystemResources [22/08/2013 15:36:16] - |D| - [1416490091] - C:\Windows\SysWOW64 [22/08/2013 17:36:31] - |D| - [0] - C:\Windows\TAPI [22/08/2013 17:36:30] - |D| - [766] - C:\Windows\Tasks [22/08/2013 15:36:16] - |D| - [1781099] - C:\Windows\Temp [22/08/2013 17:36:30] - |RD| - [22151] - C:\Windows\ToastData [22/08/2013 17:36:31] - |D| - [0] - C:\Windows\tracing [22/08/2013 17:36:31] - |D| - [7680] - C:\Windows\twain_32 [MD5.727B4519FE9919447108CBEC4768F34A] - [21/11/2014 11:17:13] - |A| - (.- Twain_32 Source Manager (Image Acquisition Interface).) - [54272] - (1.7.1.3) - C:\Windows\twain_32.dll [MD5.BC07D77B5377F38E5B9B0EE486BF6A7C] - [22/08/2013 16:46:17] - |A| - (.-.) - [5446] - (0.0.0.0) - C:\Windows\vmgcoinstall.log [22/08/2013 17:36:30] - |D| - [15844382] - C:\Windows\vpnplugins [22/08/2013 17:36:30] - |D| - [12420] - C:\Windows\Vss [22/08/2013 17:36:31] - |D| - [8817972] - C:\Windows\Web [MD5.23CF8138F49416231807E6DE371FB9E6] - [22/08/2013 15:25:43] - |A| - (.-.) - [92] - (0.0.0.0) - C:\Windows\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [22/08/2013 08:53:50] - |RA| - (.-.) - [670] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest [MD5.19D760EFF4ADC7FB13CC15C6C86EFC23] - [19/07/2023 14:57:53] - |A| - (.-.) - [1403098] - (0.0.0.0) - C:\Windows\WindowsUpdate.log [MD5.335C38783B3F1B383ECAC17DB3705895] - [21/11/2014 11:15:14] - |A| - (.© Microsoft Corporation. - Windows Winhlp32 Stub.) - [9728] - (6.3.9600.17415) - C:\Windows\winhlp32.exe [22/08/2013 17:36:31] - |D| - [1788917] - C:\Windows\WinStore [22/08/2013 15:36:16] - |D| - [6254850180] - C:\Windows\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [22/08/2013 08:52:18] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx [MD5.73E19BE0E0ECD88616B5762F621B0226] - [21/11/2014 11:16:16] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (6.3.9600.17415) - C:\Windows\write.exe ---------- | C:\Windows\System32\GroupPolicy ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [14/07/2014 22:47:56] - C:\Windows\Installer\48c085.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/04/2014 13:21:34] - C:\Windows\Installer\48c08c.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:47:50] - C:\Windows\Installer\48c093.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:45:28] - C:\Windows\Installer\48c09a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:45:34] - C:\Windows\Installer\48c0a1.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:45:40] - C:\Windows\Installer\48c0a8.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:45:48] - C:\Windows\Installer\48c0af.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:45:54] - C:\Windows\Installer\48c0b6.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:46:00] - C:\Windows\Installer\48c0bd.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:46:06] - C:\Windows\Installer\48c0c4.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:46:12] - C:\Windows\Installer\48c0cb.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:46:18] - C:\Windows\Installer\48c0d2.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:46:24] - C:\Windows\Installer\48c0d9.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:46:30] - C:\Windows\Installer\48c0e0.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:46:36] - C:\Windows\Installer\48c0e7.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:46:42] - C:\Windows\Installer\48c0ee.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:46:48] - C:\Windows\Installer\48c0f5.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:46:54] - C:\Windows\Installer\48c0fc.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:47:00] - C:\Windows\Installer\48c103.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:47:06] - C:\Windows\Installer\48c10a.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:47:12] - C:\Windows\Installer\48c111.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:47:18] - C:\Windows\Installer\48c118.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:47:28] - C:\Windows\Installer\48c11f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:47:34] - C:\Windows\Installer\48c126.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:47:40] - C:\Windows\Installer\48c12d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:48:08] - C:\Windows\Installer\48c134.msi : (Catalyst Control Center Utility 64 - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:48:54] - C:\Windows\Installer\48c13b.msi : (AMD Fuel - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/07/2014 22:45:20] - C:\Windows\Installer\48c142.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/05/2010 17:39:38] - C:\Windows\Installer\50bba07.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/05/2010 18:37:42] - C:\Windows\Installer\50bba0a.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/07/2023 14:27:57] - C:\Windows\Installer\51446fe.msi : (e-Sword - Rick Meyers) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/02/2023 15:11:30] - C:\Windows\Installer\544e42f.msi : (OpenOffice 4.1.14 - OpenOffice) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/07/2023 12:26:22] - C:\Windows\Installer\61aa253.msi : (A free open source tool to manipulate PDF documents - Sober Lemur S.r.l.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/07/2023 20:56:36] - C:\Windows\Installer\67827ab.msi : (Open-Shell - The Open-Shell Team) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2023 12:45:42] - C:\Windows\Installer\67827b2.msi : (TeraCopy - Code Sector) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/07/2021 15:26:48] - C:\Windows\Installer\6af4077.msi : (EchoLink® Amateur Radio VoIP Application - Synergenics, LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/07/2023 11:32:40] - [48087040] - (.().-. - ()) - C:\Windows\Installer\4858ea0.msp [20/07/2023 11:37:39] - [22364160] - (.().-. - ()) - C:\Windows\Installer\4858eb4.msp [20/07/2023 11:40:41] - [31866880] - (.().-. - ()) - C:\Windows\Installer\4858ebd.msp [20/07/2023 11:41:33] - [581632] - (.().-. - ()) - C:\Windows\Installer\4858ec6.msp [20/07/2023 11:41:52] - [684032] - (.().-. - ()) - C:\Windows\Installer\4858ecf.msp [20/07/2023 11:42:21] - [17629184] - (.().-. - ()) - C:\Windows\Installer\4858ed8.msp [20/07/2023 11:42:52] - [18862080] - (.().-. - ()) - C:\Windows\Installer\4858ee1.msp [20/07/2023 11:43:14] - [6864896] - (.().-. - ()) - C:\Windows\Installer\4858eea.msp [20/07/2023 11:44:31] - [35237888] - (.().-. - ()) - C:\Windows\Installer\4858ef3.msp [20/07/2023 11:47:11] - [59424768] - (.().-. - ()) - C:\Windows\Installer\4858efc.msp [20/07/2023 11:49:12] - [1925120] - (.().-. - ()) - C:\Windows\Installer\4858f05.msp [20/07/2023 11:50:10] - [18468864] - (.().-. - ()) - C:\Windows\Installer\4858f25.msp [20/07/2023 11:50:47] - [3305472] - (.().-. - ()) - C:\Windows\Installer\4858f31.msp [20/07/2023 11:51:02] - [49152] - (.().-. - ()) - C:\Windows\Installer\4858f3a.msp [20/07/2023 11:51:36] - [3387392] - (.().-. - ()) - C:\Windows\Installer\4858f43.msp [19/07/2023 16:07:59] - [88102] - C:\Windows\Installer\{070232F8-068B-1FF6-B5C4-F8F38E09C7E1}\ARPPRODUCTICON.exe () - () [19/07/2023 16:08:01] - [88102] - C:\Windows\Installer\{104DE091-6C4F-C5A9-F619-5D6C965A0296}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:30] - [10134] - C:\Windows\Installer\{25A3B953-1423-3F15-640E-B620DD0F419A}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:42] - [88102] - C:\Windows\Installer\{285C9F30-3BF8-697B-BD1D-353435E94B78}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:43] - [88102] - C:\Windows\Installer\{29967A7C-6E18-91CD-BBE4-9C09F401E950}\ARPPRODUCTICON.exe () - () [20/07/2023 14:28:41] - [118784] - C:\Windows\Installer\{30589E5B-46DD-446F-B3DA-5D9F5AE5CC3E}\ARPPRODUCTICON.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [20/07/2023 14:28:41] - [118784] - C:\Windows\Installer\{30589E5B-46DD-446F-B3DA-5D9F5AE5CC3E}\NewShortcut1_3595383078794C628D3A0D860AE3E673.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [20/07/2023 14:28:41] - [118784] - C:\Windows\Installer\{30589E5B-46DD-446F-B3DA-5D9F5AE5CC3E}\NewShortcut2_7D37213280D44D33BD34CB94FCB99BAC.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [20/07/2023 21:00:14] - [292774] - C:\Windows\Installer\{3B52584E-B01A-456B-A6D9-A2135F8B1E98}\ext.exe () - () [20/07/2023 21:00:14] - [22382] - C:\Windows\Installer\{3B52584E-B01A-456B-A6D9-A2135F8B1E98}\TeraCopySmall.exe () - () [19/07/2023 16:08:04] - [88102] - C:\Windows\Installer\{4B3EF5E6-9A2C-0A1B-C61C-B1FD444B84BC}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:53] - [88102] - C:\Windows\Installer\{54D05374-2428-7BE0-58CD-CE8031163DE6}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:55] - [88102] - C:\Windows\Installer\{5C6AFE98-08BF-086A-300D-18F77D284966}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:45] - [88102] - C:\Windows\Installer\{5C757800-27E8-2AE3-889A-8B959AE689F8}\ARPPRODUCTICON.exe () - () [19/07/2023 16:08:38] - [88102] - C:\Windows\Installer\{5D2B5E19-C333-4519-3D32-AAB8EEE9ACA4}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:39] - [88102] - C:\Windows\Installer\{5D3EC645-B957-36A1-068A-FE8450963669}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:48] - [88102] - C:\Windows\Installer\{61B90A4D-8CC9-2FED-2495-AC8C9467C984}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:41] - [88102] - C:\Windows\Installer\{7C5B13DA-6A68-86C7-ED29-610CA0F49555}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:28] - [88102] - C:\Windows\Installer\{80680785-2EE1-053F-9CD3-4B2C904596EE}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:47] - [88102] - C:\Windows\Installer\{95B8F519-8C35-9010-A63C-51B3E0EE8D4E}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:40] - [88102] - C:\Windows\Installer\{A3806AB7-AB46-7672-A825-F9AE0DE6910A}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:37] - [88102] - C:\Windows\Installer\{B079957C-3276-4B9F-DB08-D1CA8C090D9E}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:32] - [88102] - C:\Windows\Installer\{B12BE177-DC00-5746-3AB9-91CD090AF555}\ARPPRODUCTICON.exe () - () [19/07/2023 16:08:00] - [88102] - C:\Windows\Installer\{BF5509A0-250A-25EA-0C19-61505E9EBA13}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:56] - [88102] - C:\Windows\Installer\{C4EE2BA3-EEA5-9650-86E0-0405ECA5C22C}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:36] - [88102] - C:\Windows\Installer\{C69EA753-0D3F-E48B-8C98-7F6310DC29B8}\ARPPRODUCTICON.exe () - () [19/07/2023 16:08:08] - [4846] - C:\Windows\Installer\{E7ACB435-E0B4-4770-77DE-ED38887CD133}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:46] - [88102] - C:\Windows\Installer\{EB766D4A-C56C-946D-F74D-43C78FE4521E}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:50] - [88102] - C:\Windows\Installer\{ED0D7699-1943-0C29-7465-6530F8DE2DA2}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:34] - [88102] - C:\Windows\Installer\{EDA5BB56-AAF4-6889-AD8E-E25A17BD140B}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:35] - [88102] - C:\Windows\Installer\{EEF14371-2D24-5A2D-0EF2-22010DB4CFA6}\ARPPRODUCTICON.exe () - () [20/07/2023 20:58:03] - [34494] - C:\Windows\Installer\{F07C0CF2-6021-403A-99CA-1164340B09FB}\StartScreen.exe () - () [19/07/2023 16:07:51] - [88102] - C:\Windows\Installer\{FDD69799-37B2-9ACE-F70C-ABD1F96FD04C}\ARPPRODUCTICON.exe () - () [19/07/2023 16:07:38] - [88102] - C:\Windows\Installer\{FDF2FE33-426D-45C2-4E70-76C162F1B790}\ARPPRODUCTICON.exe () - () ---------- | %System%\*.in* [22/08/2013 17:36:48] - [75] - C:\Windows\System32\desktop.ini [22/08/2013 10:30:15] - [16284] - C:\Windows\System32\ieuinit.inf [21/11/2014 10:44:26] - [818732] - C:\Windows\System32\PerfStringBackup.INI [22/08/2013 08:56:03] - [60124] - C:\Windows\System32\tcpmon.ini [21/11/2014 10:52:27] - [2255] - C:\Windows\System32\WimBootCompress.ini [22/08/2013 03:43:03] - [16284] - C:\Windows\Syswow64\ieuinit.inf [23/07/2023 20:06:44] - [439] - C:\Windows\Syswow64\shfolder.inf [21/11/2014 10:52:42] - [2255] - C:\Windows\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.BE452D7BF880125D2832F99BFDBFD1AE] - |A| - [22/08/2013 08:57:05] - (.-.) - [6.83 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\pcamain.sdb [MD5.F6EAEE0DA9BE8D6F149ACE957D41AE80] - |A| - [21/11/2014 11:16:28] - (.-.) - [423.47 Ko] - (0.0.0.0) - C:\Windows\AppPatch\AppPatch64\sysmain.sdb [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\AppPatch\Custom\Custom64 [MD5.DBB2B4E0264935C72BDC463F449D2002] - |A| - [22/07/2023 01:46:03] - (.-.) - [243.38 Ko] - (0.0.0.0) - C:\Windows\Temp\AppAndDeviceInventory.log [MD5.00000000000000000000000000000000] - |D| - [20/07/2023 16:43:09] - [0 Ko] - C:\Windows\Temp\asw.914804f40c95a43a [MD5.00000000000000000000000000000000] - |D| - [20/07/2023 17:20:00] - [0.35 Ko] - C:\Windows\Temp\avast_ash2 [MD5.00000000000000000000000000000000] - |D| - [22/07/2023 01:43:14] - [625.79 Ko] - C:\Windows\Temp\CompatTelemetryLogs [MD5.00000000000000000000000000000000] - |D| - [20/07/2023 17:40:11] - [0.04 Ko] - C:\Windows\Temp\Crashpad [MD5.DBEA1F81EDF4178F9D4E6F31CD5FABC8] - |A| - [19/07/2023 16:07:21] - (.-.) - [8.04 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_vcredist_amd64_20230719160721.log [MD5.9D1676F24CB95C783B066E61AE83A1FA] - |A| - [19/07/2023 16:07:22] - (.-.) - [167.18 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_vcredist_amd64_20230719160721_0_vcRuntimeMinimum_x64.log [MD5.02B9DF809C4D0DEB0F1D7BEBACFC67CC] - |A| - [19/07/2023 16:07:24] - (.-.) - [194.48 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_vcredist_amd64_20230719160721_1_vcRuntimeAdditional_x64.log [MD5.9BE5192B0BF6F142F888C7BD6A6909A7] - |A| - [19/07/2023 16:07:09] - (.-.) - [7.9 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_vcredist_x86_20230719160709.log [MD5.A404882DE3826D9E391D7B5A67E49916] - |A| - [19/07/2023 16:07:12] - (.-.) - [170.23 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_vcredist_x86_20230719160709_0_vcRuntimeMinimum_x86.log [MD5.A667C9EAC941D01B6D9944C41CC8F55F] - |A| - [19/07/2023 16:07:16] - (.-.) - [207.77 Ko] - (0.0.0.0) - C:\Windows\Temp\dd_vcredist_x86_20230719160709_1_vcRuntimeAdditional_x86.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [21/07/2023 17:23:39] - (.-.) - [0 Ko] - (0.0.0.0) - C:\Windows\Temp\DMI571E.tmp [MD5.AA720213BB0C8938D4EFB24BF3812DE2] - |A| - [21/07/2023 13:29:09] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\Temp\Module9182.txt [MD5.7C7F1DDFB8FD9539A09834F7364310AB] - |A| - [19/07/2023 14:44:51] - (.-.) - [30.71 Ko] - (0.0.0.0) - C:\Windows\Temp\MpCmdRun.log [MD5.00000000000000000000000000000000] - |D| - [19/07/2023 15:29:20] - [0 Ko] - C:\Windows\Temp\MPInstrumentation [MD5.00000000000000000000000000000000] - |D| - [19/07/2023 15:43:22] - [0 Ko] - C:\Windows\Temp\MPTelemetrySubmit [MD5.00000000000000000000000000000000] - |D| - [19/07/2023 16:06:30] - [11 Ko] - C:\Windows\Temp\nsp1BA8.tmp [MD5.83C0B3FED669FCEEF24B72458F7C1D8A] - |A| - [21/07/2014 22:03:42] - (.-.) - [131.5 Ko] - (0.0.0.0) - C:\Windows\System32\amdhdl64.dll [MD5.87934E2EB2D6362490EC20C8C3C47BC6] - |A| - [21/07/2014 22:03:42] - (.-.) - [403 Ko] - (0.0.0.0) - C:\Windows\System32\amdmiracast.dll [MD5.9929E58AB4181979CE5F4A8F474B62F5] - |A| - [21/07/2014 22:04:04] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 1.2 Runtime.) - [28693.5 Ko] - (10.0.1348.5) - C:\Windows\System32\amdocl64.dll [MD5.ECC9D68F5BEF5CD67BE2D2F758661980] - |A| - [21/07/2014 22:04:04] - (.-.) - [1159.51 Ko] - (0.0.0.0) - C:\Windows\System32\amdocl_as64.exe [MD5.DD3E0FE46F9AB3F9A339F4DD3B2B2E4C] - |A| - [21/07/2014 22:04:04] - (.-.) - [1037.01 Ko] - (0.0.0.0) - C:\Windows\System32\amdocl_ld64.exe [MD5.C5A5D65C2D7732B7C2D63CD6F57A7B2D] - |A| - [21/07/2014 22:04:06] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [76.59 Ko] - (8.14.10.23) - C:\Windows\System32\amdpcom64.dll [MD5.3C7600CDA882D9B73A5DBD023B83FC9B] - |A| - [21/11/2014 11:16:04] - (.-.) - [379.9 Ko] - (0.0.0.0) - C:\Windows\System32\ApnDatabase.xml [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\System32\AppLocker [MD5.376E4D84F716C5754BA2E110136E5310] - |A| - [18/06/2013 07:46:56] - (.-.) - [637.95 Ko] - (0.0.0.0) - C:\Windows\System32\appverif.chm [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [529.69 Ko] - C:\Windows\System32\ar-SA [MD5.CDF578649B4F58A1D6F25F4A544587C9] - |A| - [20/07/2023 17:09:27] - (.Copyright (c) 2023 AVAST Software - Avast Antivirus start-up scanner.) - [305.9 Ko] - (23.6.8271.0) - C:\Windows\System32\aswBoot.exe [MD5.7C6C74AB778BC3B7683017A6026B2B35] - |A| - [21/07/2014 22:04:06] - (.Copyright (C) 2008-2011 Advanced Micro Devices, Inc. - ADL.) - [1117.5 Ko] - (6.14.10.1129) - C:\Windows\System32\atiadlxx.dll [MD5.579E9592AE6F0C56896BAC2BA0723686] - |A| - [21/07/2014 22:04:06] - (.-.) - [537.57 Ko] - (0.0.0.0) - C:\Windows\System32\atiapfxx.blb [MD5.C4AA588A6E6EF1E59E80EDF084A02A74] - |A| - [21/07/2014 22:04:06] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [360 Ko] - (6.14.10.1001) - C:\Windows\System32\atiapfxx.exe [MD5.749584902AE80A53EFDA4F8FA03E1713] - |A| - [21/07/2014 22:04:06] - (.Copyright (C) 2008 Advanced Micro Devices, Inc. - ATIBRTMON.) - [116 Ko] - (2.0.0.0) - C:\Windows\System32\atibtmon.exe [MD5.E270AFD3091444785EE4CD04D2705936] - |A| - [21/07/2014 22:04:06] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [54.5 Ko] - (6.14.10.1848) - C:\Windows\System32\aticalcl64.dll [MD5.01D27BB8AD954E099288330F2137C31F] - |A| - [21/07/2014 22:04:14] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [15348 Ko] - (6.14.10.1848) - C:\Windows\System32\aticaldd64.dll [MD5.0F2C6B8C896CB7080E51CED7DCA8EE92] - |A| - [21/07/2014 22:04:16] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [61 Ko] - (6.14.10.1848) - C:\Windows\System32\aticalrt64.dll [MD5.867CDA25497E8A6B878A189EE5736498] - |A| - [21/07/2014 22:04:16] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx64.dll.) - [1287.65 Ko] - (8.17.10.1247) - C:\Windows\System32\aticfx64.dll [MD5.57501E8CB62C0ED9DD99E2AFE064C514] - |A| - [21/07/2014 22:04:16] - (.2002-2012 - Graphics DEM.) - [432 Ko] - (4.5.5298.37087) - C:\Windows\System32\atidemgy.dll [MD5.A6290EBBB8DBF3426F022EFC98A46779] - |A| - [21/07/2014 22:04:22] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx64.dll.) - [9525.15 Ko] - (8.17.10.525) - C:\Windows\System32\atidxx64.dll [MD5.89B1B68B76363ABD2E24E3BB614CE53C] - |A| - [21/07/2014 22:04:24] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [574.5 Ko] - (6.14.11.1164) - C:\Windows\System32\atieclxx.exe [MD5.6CF81DD5083D7F94A7E76E50429A949C] - |A| - [21/07/2014 22:04:24] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [234 Ko] - (6.14.11.1164) - C:\Windows\System32\atiesrxx.exe [MD5.E6F08F8A43BB02915B778D8767934EC6] - |A| - [21/07/2014 22:04:24] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [73 Ko] - (8.14.1.6354) - C:\Windows\System32\atig6pxx.dll [MD5.FAA19E9F9B4CECC7AFA4684ADD37250F] - |A| - [21/07/2014 22:04:24] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [98 Ko] - (8.14.1.6354) - C:\Windows\System32\atig6txx.dll [MD5.C640A5D15DE097BE8F3860187E51D601] - |A| - [21/07/2014 22:04:24] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [68 Ko] - (8.14.1.6354) - C:\Windows\System32\atiglpxx.dll [MD5.D68F4FBFC475E5E64260169B8BE9D5E6] - |A| - [21/07/2014 22:04:24] - (.-.) - [704.39 Ko] - (0.0.0.0) - C:\Windows\System32\atiicdxx.dat [MD5.A203932D01E57D16E06D8987A603207C] - |A| - [21/07/2014 22:04:30] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [76.59 Ko] - (8.14.10.23) - C:\Windows\System32\atimpc64.dll [MD5.1FA0535466D8899901643452FF0A7AEF] - |A| - [21/07/2014 22:04:30] - (.Copyright ฉ 2009 AMD - Multi-language DPPE DLL.) - [30.5 Ko] - (6.14.10.1002) - C:\Windows\System32\atimuixx.dll [MD5.57A4BE04E15894E81A3FE0E8CBB16B3C] - |A| - [21/07/2014 22:04:38] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [25734.5 Ko] - (6.14.10.12618) - C:\Windows\System32\atio6axx.dll [MD5.A6BAAA6608A9B00220E9D5C023FC53D1] - |A| - [21/07/2014 22:04:38] - (.Copyright (C) 2008 - ATIODCLI Application.) - [50 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODCLI.exe [MD5.463FFBD3350E3EB57F7D5746EBD233CA] - |A| - [21/07/2014 22:04:38] - (.Copyright (C) 2008 - ATIODE Application.) - [325 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODE.exe [MD5.64A0869F18560CD529120ADE00155C3E] - |A| - [21/07/2014 22:04:46] - (.-.) - [3.83 Ko] - (0.0.0.0) - C:\Windows\System32\atipblag.dat [MD5.7E8BC710E0B932EEB2BB8CCEFB302D59] - |A| - [21/07/2014 22:04:46] - (.Copy Right © 2012 Advanced Micro Devices, Inc - TMM Clone Control Module.) - [186.5 Ko] - (6.14.11.25) - C:\Windows\System32\atitmm64.dll [MD5.02A4E519659652BF606A79B152F8C432] - |A| - [21/07/2014 22:04:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [112.8 Ko] - (8.14.1.6354) - C:\Windows\System32\atiu9p64.dll [MD5.3379E7E075A9F430CC60667ECCE9B549] - |A| - [21/07/2014 22:04:48] - (.Copyright (C) 1998-2011 AMD Inc. - atiumd64.dll.) - [7570.23 Ko] - (9.14.10.1001) - C:\Windows\System32\atiumd64.dll [MD5.0C7B057AE1F740786F41999B51C951D9] - |A| - [21/07/2014 22:04:50] - (.-.) - [3346.38 Ko] - (0.0.0.0) - C:\Windows\System32\atiumd6a.cap [MD5.60C8A1F53BE76E2EF92EFFF0F96377CD] - |A| - [21/07/2014 22:04:52] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [8718.46 Ko] - (8.14.10.429) - C:\Windows\System32\atiumd6a.dll [MD5.1FC51C8E2EC6D156C4907C27B3432EA0] - |A| - [21/07/2014 22:04:58] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [139.95 Ko] - (8.14.1.6354) - C:\Windows\System32\atiuxp64.dll [MD5.EE8B93F0A196F70FDA0C18BB40386433] - |A| - [21/07/2014 22:04:58] - (.-.) - [81.59 Ko] - (0.0.0.0) - C:\Windows\System32\ativce02.dat [MD5.9633F90657A212F3EF98BF9F9493D083] - |A| - [21/07/2014 22:04:58] - (.-.) - [228.55 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cik.dat [MD5.76E6DBFC06B27F745C37BDF6276792BD] - |A| - [21/07/2014 22:04:58] - (.-.) - [228.3 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cik_nd.dat [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [21/07/2014 22:04:58] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [21/07/2014 22:04:58] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsvl.dat [MD5.D638E3AD81E149A75EEF59E9C743E27C] - |A| - [22/08/2013 17:36:38] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\Windows\System32\AutoWorkplace.exe.config [MD5.531F17189C60ED61BDE4DCC82CC66B59] - |A| - [26/01/2017 09:26:44] - (.-.) - [73.48 Ko] - (0.0.0.0) - C:\Windows\System32\bdmjpeg64.dll [MD5.2F42956D6772A840D47C92C48004C946] - |A| - [26/01/2017 09:26:50] - (.-.) - [74.01 Ko] - (0.0.0.0) - C:\Windows\System32\bdmpega64.acm [MD5.12C2E65CA9CDFB4E77B65CC311FD97C3] - |A| - [26/01/2017 09:26:46] - (.-.) - [73.51 Ko] - (0.0.0.0) - C:\Windows\System32\bdmpegv64.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [530.09 Ko] - C:\Windows\System32\bg-BG [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [5980.69 Ko] - C:\Windows\System32\Boot [MD5.A5F320FFE96F6939D2FF39360ADA9B5A] - |A| - [21/11/2014 11:16:04] - (.Copyright (C) 2008 - Bthpan Context Handler.) - [94 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [0.93 Ko] - C:\Windows\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [82969.69 Ko] - C:\Windows\System32\catroot [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [55970.17 Ko] - C:\Windows\System32\catroot2 [MD5.29CE8104F3995C6CBCB0D2EC649CDE81] - |A| - [21/07/2014 22:05:22] - (.-.) - [225.5 Ko] - (0.0.0.0) - C:\Windows\System32\clinfo.exe [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [1987.26 Ko] - C:\Windows\System32\CodeIntegrity [MD5.35A4C50BFD9831495FC7B5C35E35A825] - |A| - [21/07/2014 22:05:22] - (.AMD. - CoInstaller DLL.) - [132 Ko] - (1.0.5.9) - C:\Windows\System32\coinst_13.251.9001.1001.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [362.5 Ko] - C:\Windows\System32\Com [MD5.00000000000000000000000000000000] - |SD| - [21/11/2014 17:56:33] - [14148.8 Ko] - C:\Windows\System32\CompatTel [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [257457.8 Ko] - C:\Windows\System32\config [MD5.00000000000000000000000000000000] - |SD| - [22/08/2013 17:36:31] - [19.02 Ko] - C:\Windows\System32\Configuration [MD5.F61F21FEECD660939F51765F31AC7A68] - |A| - [20/07/2023 19:14:05] - (.-.) - [90.83 Ko] - (0.0.0.0) - C:\Windows\System32\cpwmon64_v40.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [403.51 Ko] - C:\Windows\System32\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [365.41 Ko] - C:\Windows\System32\da-DK [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [416.73 Ko] - C:\Windows\System32\de-DE [MD5.08750A50CF027F93070C8BB78E27C3B7] - |ASH| - [22/08/2013 17:36:48] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\Windows\System32\desktop.ini [MD5.DCF2510E0745720E543E84F5E921FCC0] - |A| - [21/11/2014 10:53:12] - (.-.) - [256.19 Ko] - (0.0.0.0) - C:\Windows\System32\dfpinc.dat [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [6140.67 Ko] - C:\Windows\System32\Dism [MD5.7479C0E32EDF381C1DC2984BA426AB09] - |A| - [22/08/2013 16:44:50] - (.-.) - [467.32 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [415.29 Ko] - C:\Windows\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\System32\FxsTmp [MD5.55158C8F4CFAB021134137B68BBFD01F] - |A| - [22/08/2013 08:58:31] - (.-.) - [72.53 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [491.52 Ko] - C:\Windows\System32\he-IL [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [335.47 Ko] - C:\Windows\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [412.53 Ko] - C:\Windows\System32\hu-HU [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [5.36 Ko] - C:\Windows\System32\ias [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [36.27 Ko] - C:\Windows\System32\icsxml [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [23316.67 Ko] - C:\Windows\System32\IME [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\System32\inetsrv [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [4637.5 Ko] - C:\Windows\System32\InputMethod [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [411.2 Ko] - C:\Windows\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [559.29 Ko] - C:\Windows\System32\ja-JP [MD5.FAFA8B2317AABF4EBDC94D74CDB73394] - |A| - [22/08/2013 08:59:51] - (.-.) - [11741.31 Ko] - (0.0.0.0) - C:\Windows\System32\korwbrkr.lex [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [86.43 Ko] - C:\Windows\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [13305.68 Ko] - C:\Windows\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [346.75 Ko] - C:\Windows\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [349.78 Ko] - C:\Windows\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [24182.85 Ko] - C:\Windows\System32\Macromed [MD5.00000000000000000000000000000000] - |SD| - [22/08/2013 16:45:10] - [4.18 Ko] - C:\Windows\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [4605 Ko] - C:\Windows\System32\migration [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [44080.56 Ko] - C:\Windows\System32\migwiz [MD5.3774B5C0E0BBA8C8EE54DF3606AB815C] - |A| - [22/08/2013 08:53:23] - (.-.) - [1.14 Ko] - (0.0.0.0) - C:\Windows\System32\migwiz.lnk [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [45.5 Ko] - C:\Windows\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [4148.28 Ko] - C:\Windows\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [5.5 Ko] - C:\Windows\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [367.66 Ko] - C:\Windows\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\System32\NDF [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [22/08/2013 08:58:31] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [51 Ko] - C:\Windows\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [393.83 Ko] - C:\Windows\System32\nl-NL [MD5.F746E5DDC489931AD269ECFFA4A39815] - |A| - [22/08/2013 17:36:38] - (.-.) - [8.5 Ko] - (0.0.0.0) - C:\Windows\System32\OEMDefaultAssociations.xml [MD5.2901049544FDF863362FABA2363EB647] - |A| - [22/08/2013 08:52:33] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [13396.66 Ko] - C:\Windows\System32\oobe [MD5.ECB6BAECECCF79E0916C946CDE1C0A07] - |A| - [21/07/2014 22:05:22] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenVideo 1.1 Runtime.) - [98 Ko] - (10.0.1348.5) - C:\Windows\System32\OpenVideo64.dll [MD5.7BC85035917933E7DF7F7D515BD99DFC] - |A| - [21/07/2014 22:05:22] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OVDecode 1.1 Runtime.) - [84.5 Ko] - (10.0.1348.5) - C:\Windows\System32\OVDecode64.dll [MD5.CCFCCAD5ED442BD71AD868A6F58BCAB2] - |A| - [22/08/2013 17:39:08] - (.-.) - [124.62 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat [MD5.32BC2E0CC95E2DCEE25B15BFB82D07B8] - |A| - [22/08/2013 17:39:08] - (.-.) - [32.58 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat [MD5.C391CD450B4E6C724695BBFE1DCE84AB] - |A| - [22/08/2013 17:39:08] - (.-.) - [670.88 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat [MD5.AE75CB8957C0DAA417584871EC720F2A] - |A| - [21/11/2014 10:44:26] - (.-.) - [799.54 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [414.94 Ko] - C:\Windows\System32\pl-PL [MD5.C038C7A5F9320242300BD7C435DC0DCD] - |A| - [20/07/2023 16:40:11] - (.Copyright © 2001-2019 - PremierOpinion.) - [1072.34 Ko] - (4.0.21.26) - C:\Windows\System32\pmls64.dll [MD5.00000000000000000000000000000000] - |D| - [21/11/2014 10:00:39] - [413.88 Ko] - C:\Windows\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\System32\ProximityToast [MD5.007893E8374C766471239EB291BA8C17] - |A| - [22/08/2013 11:17:09] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\Windows\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [396.25 Ko] - C:\Windows\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [394.39 Ko] - C:\Windows\System32\pt-PT [MD5.53C46E0F44430C446090993E828CD2CA] - |A| - [20/07/2023 21:40:51] - (.Copyright (C) 2001-23 by Tracker Software Products (Canada) Ltd. - PDF-XChange Port Monitor.) - [960.63 Ko] - (0.3.2560.1) - C:\Windows\System32\pxcpmL.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [23.75 Ko] - C:\Windows\System32\ras [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\System32\RasToast [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [1.02 Ko] - C:\Windows\System32\Recovery [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0.07 Ko] - C:\Windows\System32\restore [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [366.01 Ko] - C:\Windows\System32\ro-RO [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [608.16 Ko] - C:\Windows\System32\ru-RU [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [22/08/2013 12:54:19] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [3.92 Ko] - C:\Windows\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [22/08/2013 08:55:37] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [347.75 Ko] - C:\Windows\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [333.1 Ko] - C:\Windows\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [21/11/2014 10:00:40] - [45.92 Ko] - C:\Windows\System32\slmgr [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [12113.02 Ko] - C:\Windows\System32\SMI [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [7791.31 Ko] - C:\Windows\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [49272.18 Ko] - C:\Windows\System32\spool [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [4185.68 Ko] - C:\Windows\System32\spp [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [23.63 Ko] - C:\Windows\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [224.5 Ko] - C:\Windows\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [341.23 Ko] - C:\Windows\System32\sr-Latn-RS [MD5.B7CC32E00C5C5152D221DF182827F58E] - |A| - [21/11/2014 11:15:38] - (.-.) - [49.56 Ko] - (0.0.0.0) - C:\Windows\System32\srms.dat [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [3152 Ko] - C:\Windows\System32\sru [MD5.8394EA4CA89E8BC26D4E31C3EBB680CA] - |A| - [12/05/2022 18:56:22] - (.Copyright (C) 2017-2018, The Open-Shell Team - Start Menu Helper Extension.) - [398 Ko] - (4.4.170.0) - C:\Windows\System32\StartMenuHelper64.dll [MD5.B59958CD06C9F89C39281FB12F1BB233] - |A| - [22/08/2013 08:57:09] - (.-.) - [513.74 Ko] - (0.0.0.0) - C:\Windows\System32\staticurllist.bin [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [373.81 Ko] - C:\Windows\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [1534.29 Ko] - C:\Windows\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [1074.49 Ko] - C:\Windows\System32\SystemResetPlatform [MD5.FFFCC3C3ED6886A95D3C0E1B49C652BA] - |A| - [21/11/2014 10:52:24] - (.-.) - [136.33 Ko] - (0.0.0.0) - C:\Windows\System32\systemsf.ebd [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [452.63 Ko] - C:\Windows\System32\Tasks [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [22/08/2013 08:56:03] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini [MD5.60CE51972E0A06217C52202F7208EB9A] - |A| - [22/08/2013 12:18:00] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\Windows\System32\TelemetrySampleManifest.xml [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [555.95 Ko] - C:\Windows\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [394.54 Ko] - C:\Windows\System32\tr-TR [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [542 Ko] - C:\Windows\System32\uk-UA [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [66134.92 Ko] - C:\Windows\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [21/11/2014 10:00:39] - [0 Ko] - C:\Windows\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [131080.89 Ko] - C:\Windows\System32\wdi [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [22/08/2013 10:29:44] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [128 Ko] - C:\Windows\System32\wfp [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [0 Ko] - C:\Windows\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [46 Ko] - C:\Windows\System32\WinBioPlugIns [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [14.53 Ko] - C:\Windows\System32\WindowsInternal.Inbox.Media.Shared [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [27.59 Ko] - C:\Windows\System32\WindowsInternal.Inbox.Shared [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [7299.07 Ko] - C:\Windows\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [38544 Ko] - C:\Windows\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [1928.5 Ko] - C:\Windows\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [21/11/2014 10:00:40] - [100.11 Ko] - C:\Windows\System32\winrm [MD5.F1DF7849450DBC5D5C3A464E8A791C8C] - |A| - [22/08/2013 08:57:09] - (.-.) - [1485.18 Ko] - (0.0.0.0) - C:\Windows\System32\WpcNBModel.bin [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [390.47 Ko] - C:\Windows\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:30] - [407.15 Ko] - C:\Windows\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [406.5 Ko] - C:\Windows\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [21/11/2014 10:00:41] - [0 Ko] - C:\Windows\SysWOW64\0409 [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [2228.5 Ko] - C:\Windows\SysWOW64\AdvancedInstallers [MD5.E42605BFEB376CE46FEE0AC54F5DC217] - |A| - [21/07/2014 22:03:42] - (.-.) - [120.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdhdl32.dll [MD5.171AFB08DF01F6DFA61A4BB8D41ED4D5] - |A| - [21/07/2014 22:03:52] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 1.2 Runtime.) - [24277.5 Ko] - (10.0.1348.5) - C:\Windows\SysWOW64\amdocl.dll [MD5.56B986D13C74903FE27B71BA85C76037] - |A| - [21/07/2014 22:04:04] - (.-.) - [972.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdocl_as32.exe [MD5.28F4F5BAC73505F71B8AEC95B7FBE1DD] - |A| - [21/07/2014 22:04:04] - (.-.) - [780.01 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdocl_ld32.exe [MD5.261A1E5A929CF97FD91F4E2164513BCC] - |A| - [21/07/2014 22:04:04] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [70.02 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\amdpcom32.dll [MD5.B9C2EB1291BACAF8D979D7DF06D1E4EE] - |A| - [23/07/2023 20:06:44] - (.Copyright © 1999 Stardock Systems, Inc - Animation Core.) - [33.17 Ko] - (3.1.0.0) - C:\Windows\SysWOW64\anim.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\SysWOW64\AppLocker [MD5.376E4D84F716C5754BA2E110136E5310] - |A| - [18/06/2013 05:23:20] - (.-.) - [637.95 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\appverif.chm [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [513.69 Ko] - C:\Windows\SysWOW64\ar-SA [MD5.AB783A0B11AAD95FD99EEC5900F6C8F4] - |A| - [21/07/2014 22:04:06] - (.Copyright (C) 2008-2011 Advanced Micro Devices, Inc. - ADL.) - [806 Ko] - (6.14.10.1129) - C:\Windows\SysWOW64\atiadlxy.dll [MD5.579E9592AE6F0C56896BAC2BA0723686] - |A| - [21/07/2014 22:04:06] - (.-.) - [537.57 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiapfxx.blb [MD5.3FFF932E38D884DC4980D2948242B5EA] - |A| - [21/07/2014 22:04:06] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [48 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticalcl.dll [MD5.F400B796047B871C78C244B21807FC7F] - |A| - [21/07/2014 22:04:10] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [13967 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticaldd.dll [MD5.87B95EDDE3FEC879EDF0825C218C127E] - |A| - [21/07/2014 22:04:14] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [51 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticalrt.dll [MD5.9E688C01B4C6070CA10125A8D58F00E9] - |A| - [21/07/2014 22:04:16] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx32.dll.) - [1074.43 Ko] - (8.17.10.1247) - C:\Windows\SysWOW64\aticfx32.dll [MD5.64F3BD22714DC650084328154A8A6B9B] - |A| - [21/07/2014 22:04:20] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx32.dll.) - [8209.01 Ko] - (8.17.10.525) - C:\Windows\SysWOW64\atidxx32.dll [MD5.20B011DDE81CC0403D053F35D217DDD3] - |A| - [21/07/2014 22:04:24] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [94.5 Ko] - (8.14.1.6354) - C:\Windows\SysWOW64\atigktxx.dll [MD5.C640A5D15DE097BE8F3860187E51D601] - |A| - [21/07/2014 22:04:24] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [68 Ko] - (8.14.1.6354) - C:\Windows\SysWOW64\atiglpxx.dll [MD5.D77830F22E9A9020437B1266D3D06693] - |A| - [21/07/2014 22:04:28] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [70.02 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\atimpc32.dll [MD5.D9BA95B5A361353C10B2D91C5935B796] - |A| - [21/07/2014 22:04:46] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [21638.5 Ko] - (6.14.10.12618) - C:\Windows\SysWOW64\atioglxx.dll [MD5.64A0869F18560CD529120ADE00155C3E] - |A| - [21/07/2014 22:04:46] - (.-.) - [3.83 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atipblag.dat [MD5.3891AFF28BF57CDD413AFD00335B87A8] - |A| - [21/07/2014 22:04:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [96.19 Ko] - (8.14.1.6354) - C:\Windows\SysWOW64\atiu9pag.dll [MD5.C6B2E30B577C4E1A7D5FE562021DDC00] - |A| - [21/07/2014 22:04:54] - (.Copyright (C) 1998-2011 AMD Inc. - atiumdag.dll.) - [6474.84 Ko] - (9.14.10.1001) - C:\Windows\SysWOW64\atiumdag.dll [MD5.1535F349C16769F331E0B383C188C22D] - |A| - [21/07/2014 22:04:56] - (.-.) - [3379.92 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiumdva.cap [MD5.5F35C5C82AC555A900E65D09C0DC4B7E] - |A| - [21/07/2014 22:04:58] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [8092.78 Ko] - (8.14.10.429) - C:\Windows\SysWOW64\atiumdva.dll [MD5.A1F2E63A393A958FBD2F127815BE1685] - |A| - [21/07/2014 22:04:58] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [123.38 Ko] - (8.14.1.6354) - C:\Windows\SysWOW64\atiuxpag.dll [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [21/07/2014 22:04:58] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [21/07/2014 22:04:58] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsvl.dat [MD5.69BC2386DFA5E79BCDD1079B59CCA1C4] - |A| - [26/01/2017 09:26:38] - (.-.) - [69.48 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\bdmjpeg.dll [MD5.9B3C54A9C49CA00F5A9DA7C7F84A57F9] - |A| - [26/01/2017 09:26:48] - (.-.) - [69.51 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\bdmpega.acm [MD5.90476773F98F4AE0A3CB013F4D21650B] - |A| - [26/01/2017 09:26:44] - (.-.) - [69.51 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\bdmpegv.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [511.09 Ko] - C:\Windows\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0.93 Ko] - C:\Windows\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\SysWOW64\catroot [MD5.422F3E72612C8FD661F7812DF0FC141A] - |A| - [19/07/2023 16:08:55] - (.-.) - [59.18 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\CCCInstall_202307191608550134.log [MD5.199FF21A4C482E384F0AC7D7BD41B98F] - |A| - [24/10/2018 15:42:20] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - [3091.47 Ko] - (18.6.0.0) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [MD5.6824701590C2FE444DC8869CFC4A6B3A] - |A| - [24/10/2018 15:42:22] - (.©1998-2018 Codejock Software, - Xtreme Docking Pane ActiveX Control Module.) - [2059.47 Ko] - (18.6.0.0) - C:\Windows\SysWOW64\Codejock.DockingPane.Unicode.v18.6.0.ocx [MD5.809FD64D810A9B06CD27886AF0584A24] - |A| - [24/10/2018 15:42:38] - (.©1998-2018 Codejock Software, - Xtreme Report Control ActiveX Module.) - [2577.47 Ko] - (18.6.0.0) - C:\Windows\SysWOW64\Codejock.ReportControl.Unicode.v18.6.0.ocx [MD5.20FC81A9815F2BE8E8ED49AB5EC7A18B] - |A| - [24/10/2018 15:42:44] - (.©1998-2018 Codejock Software, - Xtreme SkinFramework ActiveX Control Module.) - [1275.97 Ko] - (18.6.0.0) - C:\Windows\SysWOW64\Codejock.SkinFramework.Unicode.v18.6.0.ocx [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [316 Ko] - C:\Windows\SysWOW64\Com [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [0.29 Ko] - C:\Windows\SysWOW64\config [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [385.01 Ko] - C:\Windows\SysWOW64\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [347.91 Ko] - C:\Windows\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [396.73 Ko] - C:\Windows\SysWOW64\de-DE [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [4706.67 Ko] - C:\Windows\SysWOW64\Dism [MD5.7E2F029392053D6FAF2D1083977FC717] - |A| - [19/05/2014 11:26:22] - (.Copyright (c) 2014 DownloadXCtrl.com. - DownloadX ActiveX Download Control.) - [212 Ko] - (1.6.8.0) - C:\Windows\SysWOW64\DownloadXPro.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [3387.15 Ko] - C:\Windows\SysWOW64\drivers [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\SysWOW64\DriverStore [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [614.08 Ko] - C:\Windows\SysWOW64\el-GR [MD5.00000000000000000000000000000000] - |D| - [21/11/2014 10:00:41] - [1653.5 Ko] - C:\Windows\SysWOW64\en [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [282.98 Ko] - C:\Windows\SysWOW64\en-GB [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [31311.88 Ko] - C:\Windows\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [376.81 Ko] - C:\Windows\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [288.41 Ko] - C:\Windows\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [367.62 Ko] - C:\Windows\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [394.79 Ko] - C:\Windows\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\SysWOW64\FxsTmp [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [476.02 Ko] - C:\Windows\SysWOW64\he-IL [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [317.47 Ko] - C:\Windows\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [393.03 Ko] - C:\Windows\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [18875.67 Ko] - C:\Windows\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [184 Ko] - C:\Windows\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [391.7 Ko] - C:\Windows\SysWOW64\it-IT [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [547.29 Ko] - C:\Windows\SysWOW64\ja-JP [MD5.6E1EA774EB7393B0F982DF429996D60F] - |A| - [21/07/2014 22:05:22] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenVideo 1.1 Runtime.) - [82 Ko] - (10.0.1348.5) - C:\Windows\SysWOW64\OpenVideo.dll [MD5.AA3A92AF25ABABCD3A979D4A4CA7F15D] - |A| - [21/07/2014 22:05:22] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OVDecode 1.1 Runtime.) - [72 Ko] - (10.0.1348.5) - C:\Windows\SysWOW64\OVDecode.dll [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [394.94 Ko] - C:\Windows\SysWOW64\pl-PL [MD5.0BA9ECF96BED0720B93C941809F5E315] - |A| - [20/07/2023 16:40:11] - (.Copyright © 2001-2019 - PremierOpinion.) - [723.34 Ko] - (4.0.21.26) - C:\Windows\SysWOW64\pmls.dll [MD5.00000000000000000000000000000000] - |D| - [21/11/2014 10:00:40] - [413.88 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [377.25 Ko] - C:\Windows\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [375.39 Ko] - C:\Windows\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [23.75 Ko] - C:\Windows\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\SysWOW64\RasToast [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0.76 Ko] - C:\Windows\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [347.51 Ko] - C:\Windows\SysWOW64\ro-RO [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [589.66 Ko] - C:\Windows\SysWOW64\ru-RU [MD5.CF295F9A323B1EC8B196E598636E78E4] - |A| - [23/07/2023 20:06:44] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\shfolder.inf [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [328.25 Ko] - C:\Windows\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [314.6 Ko] - C:\Windows\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [21/11/2014 10:00:41] - [45.92 Ko] - C:\Windows\SysWOW64\slmgr [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [0 Ko] - C:\Windows\SysWOW64\SMI [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [4213.31 Ko] - C:\Windows\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [558.28 Ko] - C:\Windows\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [23.63 Ko] - C:\Windows\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [206.5 Ko] - C:\Windows\SysWOW64\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [323.23 Ko] - C:\Windows\SysWOW64\sr-Latn-RS [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\SysWOW64\sru [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [356.31 Ko] - C:\Windows\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [21/11/2014 10:00:41] - [0 Ko] - C:\Windows\SysWOW64\sysprep [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [0 Ko] - C:\Windows\SysWOW64\Tasks [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [538.95 Ko] - C:\Windows\SysWOW64\th-TH [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [377.04 Ko] - C:\Windows\SysWOW64\tr-TR [MD5.E4B9DC6AA4D94885C2111B5EFDC31964] - |A| - [22/05/2019 03:00:00] - (.Copyright © Text Control GmbH - TX Text Control Core Component.) - [1418 Ko] - (27.0.2700.500) - C:\Windows\SysWOW64\tx27.dll [MD5.B9633A73F948F927972268EA444F8E76] - |A| - [06/05/2019 05:00:00] - (.Copyright © Text Control GmbH - TX Text Control CSS Filter.) - [332 Ko] - (27.0.500.500) - C:\Windows\SysWOW64\tx27_css.dll [MD5.FDB5A493B803430F5065B016EE1B6AF6] - |A| - [26/04/2019 07:40:00] - (.Copyright © Text Control GmbH - TX Text Control DOC Filter.) - [887.5 Ko] - (27.0.740.500) - C:\Windows\SysWOW64\tx27_doc.dll [MD5.7E050F6F294943D5824283752B8B2135] - |A| - [26/04/2019 03:40:00] - (.Copyright © Text Control GmbH - TX Text Control DOCX Filter.) - [1512 Ko] - (27.0.340.500) - C:\Windows\SysWOW64\tx27_dox.dll [MD5.E96592187C0E4F6A4144C190E02C49E8] - |A| - [06/05/2019 07:00:00] - (.Copyright © Text Control GmbH - TX Text Control HTML Filter.) - [963.5 Ko] - (27.0.700.500) - C:\Windows\SysWOW64\tx27_htm.dll [MD5.1B38855181ABFA98E9594FAF79CB57F9] - |A| - [26/04/2019 11:00:00] - (.Copyright © Text Control GmbH - IC Image Control.) - [294.5 Ko] - (27.0.1100.500) - C:\Windows\SysWOW64\tx27_ic.dll [MD5.BFF7C0D480754B4FBD6C150248C39740] - |A| - [07/05/2019 01:42:00] - (.Copyright © Text Control GmbH - TX Text Control OLE container library.) - [320 Ko] - (27.0.142.500) - C:\Windows\SysWOW64\tx27_obj.dll [MD5.6C23DFEBA858F613EB761B1FC426DE39] - |A| - [26/04/2019 03:40:00] - (.Copyright © Text Control GmbH - TX Text Control PDF Filter.) - [739 Ko] - (27.0.340.500) - C:\Windows\SysWOW64\tx27_pdf.dll [MD5.2EFF1DF792508F05CDCEC1C2B521C54C] - |A| - [26/04/2019 07:40:00] - (.Copyright © Text Control GmbH - TX Text Control RTF Filter.) - [766 Ko] - (27.0.740.500) - C:\Windows\SysWOW64\tx27_rtf.dll [MD5.DD14317AB39D781F745AA1E24C439775] - |A| - [13/05/2019 10:00:00] - (.Copyright © Text Control GmbH - Tool Bars for TX Text Control.) - [600 Ko] - (27.0.1000.500) - C:\Windows\SysWOW64\tx27_tls.dll [MD5.2E0A3661EBB48D3A0F6461408311C27D] - |A| - [12/03/2019 04:02:00] - (.Copyright © Text Control GmbH - TX Text Control Window Management.) - [21.5 Ko] - (27.0.302.500) - C:\Windows\SysWOW64\tx27_wnd.dll [MD5.59F2AA8926782BDF58FAE8969227803C] - |A| - [17/05/2019 02:00:00] - (.Copyright © Text Control GmbH - TX Text Control Excel Filter.) - [1086 Ko] - (27.0.200.500) - C:\Windows\SysWOW64\tx27_xlx.dll [MD5.3649BC737EFEFD5269B7CB76858F325C] - |A| - [11/03/2019 05:00:00] - (.Copyright © Text Control GmbH - TX Text Control XML Filter.) - [321 Ko] - (27.0.400.500) - C:\Windows\SysWOW64\tx27_xml.dll [MD5.5798F9765287ED8DD06475D8F2697D51] - |A| - [08/05/2019 03:56:00] - (.Copyright © Text Control GmbH - TX TextControl Custom OLE Control.) - [412 Ko] - (27.0.356.500) - C:\Windows\SysWOW64\tx4ole27.ocx [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 17:36:31] - [523.5 Ko] - C:\Windows\SysWOW64\uk-UA [MD5.4709E11809BE446FEB577BC2CA0132C3] - |A| - [11/10/2000 09:39:16] - (.Copyright VideoSoft 1999, 2000 - VSSpell6 Control.) - [156.34 Ko] - (6.0.0.22) - C:\Windows\SysWOW64\vsspell6.ocx [MD5.2D7B35CC6F9083C6858907455EFC5CFA] - |A| - [11/01/2000 14:03:40] - (.Copyright VideoSoft 1999 - VSThes6 Control.) - [81.41 Ko] - (6.0.0.3) - C:\Windows\SysWOW64\vsthes6.ocx [MD5.00000000000000000000000000000000] - |D| - [22/08/2013 15:36:16] - [13257.58 Ko] - C:\Windows\SysWOW64\wbem [MD5.7BDB3B1F1303F0370D7E4CE82AD73D37] - |A| - [23/07/2023 20:06:44] - (.Copyright © 2000 Stardock.Net, Inc - WindowBlinds Helper DLL.) - [55.17 Ko] - (1.5.0.0) - C:\Windows\SysWOW64\wbhelp2.dll [MD5.D68F7C730CB159093838FF7358632ACA] - |A| - [23/07/2023 20:07:59] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\_WKERNEL.SYL ---------- | [2023sifatalbarrow2ef] [20/07/2023 08:13:07] - |HD| - [1430543] - C:\Users\2023sifatalbarrow2ef\AppData [20/07/2023 08:13:08] - |RD| - [0] - C:\Users\2023sifatalbarrow2ef\Desktop [20/07/2023 08:13:08] - |RD| - [0] - C:\Users\2023sifatalbarrow2ef\Documents [20/07/2023 08:13:08] - |RD| - [0] - C:\Users\2023sifatalbarrow2ef\Downloads [20/07/2023 08:13:08] - |RD| - [0] - C:\Users\2023sifatalbarrow2ef\Favorites [20/07/2023 08:13:08] - |RD| - [0] - C:\Users\2023sifatalbarrow2ef\Links [20/07/2023 08:13:08] - |RD| - [0] - C:\Users\2023sifatalbarrow2ef\Music [20/07/2023 08:13:07] - |ASH| - [262144] - C:\Users\2023sifatalbarrow2ef\NTUSER.DAT [20/07/2023 08:13:07] - |ASH| - [24576] - C:\Users\2023sifatalbarrow2ef\ntuser.dat.LOG1 [20/07/2023 08:13:07] - |ASH| - [20480] - C:\Users\2023sifatalbarrow2ef\ntuser.dat.LOG2 [20/07/2023 08:13:07] - |ASH| - [65536] - C:\Users\2023sifatalbarrow2ef\NTUSER.DAT{050e281c-7154-11e4-80c6-b8ca3aeea201}.TM.blf [20/07/2023 08:13:07] - |ASH| - [524288] - C:\Users\2023sifatalbarrow2ef\NTUSER.DAT{050e281c-7154-11e4-80c6-b8ca3aeea201}.TMContainer00000000000000000001.regtrans-ms [20/07/2023 08:13:07] - |ASH| - [524288] - C:\Users\2023sifatalbarrow2ef\NTUSER.DAT{050e281c-7154-11e4-80c6-b8ca3aeea201}.TMContainer00000000000000000002.regtrans-ms [20/07/2023 08:13:08] - |RD| - [0] - C:\Users\2023sifatalbarrow2ef\Pictures [20/07/2023 08:13:08] - |D| - [0] - C:\Users\2023sifatalbarrow2ef\Saved Games [20/07/2023 08:13:08] - |RD| - [0] - C:\Users\2023sifatalbarrow2ef\Videos [20/07/2023 08:13:07] - |D| - [1414379] - C:\Users\2023sifatalbarrow2ef\AppData\Local [20/07/2023 08:13:08] - |D| - [16164] - C:\Users\2023sifatalbarrow2ef\AppData\Roaming [20/07/2023 08:13:07] - |D| - [1414379] - C:\Users\2023sifatalbarrow2ef\AppData\Local\Microsoft [20/07/2023 08:13:08] - |D| - [0] - C:\Users\2023sifatalbarrow2ef\AppData\Local\Temp [20/07/2023 08:13:08] - |SD| - [16164] - C:\Users\2023sifatalbarrow2ef\AppData\Roaming\Microsoft [20/07/2023 08:13:08] - |RD| - [11693] - C:\Users\2023sifatalbarrow2ef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [20/07/2023 08:13:08] - |RD| - [3888] - C:\Users\2023sifatalbarrow2ef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [20/07/2023 08:13:08] - |RD| - [1486] - C:\Users\2023sifatalbarrow2ef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [20/07/2023 08:13:08] - |AS| - [137] - C:\Users\2023sifatalbarrow2ef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [20/07/2023 08:13:08] - |A| - [369] - C:\Users\2023sifatalbarrow2ef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk [20/07/2023 08:13:08] - |D| - [170] - C:\Users\2023sifatalbarrow2ef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [20/07/2023 08:13:08] - |A| - [369] - C:\Users\2023sifatalbarrow2ef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk [20/07/2023 08:13:08] - |RD| - [5274] - C:\Users\2023sifatalbarrow2ef\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools ---------- | [2024anti asarl] [20/07/2023 08:13:09] - |HD| - [1430543] - C:\Users\2024anti asarl\AppData [20/07/2023 08:13:10] - |RD| - [0] - C:\Users\2024anti asarl\Desktop [20/07/2023 08:13:10] - |RD| - [0] - C:\Users\2024anti asarl\Documents [20/07/2023 08:13:10] - |RD| - [0] - C:\Users\2024anti asarl\Downloads [20/07/2023 08:13:10] - |RD| - [0] - C:\Users\2024anti asarl\Favorites [20/07/2023 08:13:10] - |RD| - [0] - C:\Users\2024anti asarl\Links [20/07/2023 08:13:10] - |RD| - [0] - C:\Users\2024anti asarl\Music [20/07/2023 08:13:08] - |ASH| - [262144] - C:\Users\2024anti asarl\NTUSER.DAT [20/07/2023 08:13:08] - |ASH| - [24576] - C:\Users\2024anti asarl\ntuser.dat.LOG1 [20/07/2023 08:13:08] - |ASH| - [20480] - C:\Users\2024anti asarl\ntuser.dat.LOG2 [20/07/2023 08:13:08] - |ASH| - [65536] - C:\Users\2024anti asarl\NTUSER.DAT{050e281c-7154-11e4-80c6-b8ca3aeea201}.TM.blf [20/07/2023 08:13:08] - |ASH| - [524288] - C:\Users\2024anti asarl\NTUSER.DAT{050e281c-7154-11e4-80c6-b8ca3aeea201}.TMContainer00000000000000000001.regtrans-ms [20/07/2023 08:13:08] - |ASH| - [524288] - C:\Users\2024anti asarl\NTUSER.DAT{050e281c-7154-11e4-80c6-b8ca3aeea201}.TMContainer00000000000000000002.regtrans-ms [20/07/2023 08:13:10] - |RD| - [0] - C:\Users\2024anti asarl\Pictures [20/07/2023 08:13:10] - |D| - [0] - C:\Users\2024anti asarl\Saved Games [20/07/2023 08:13:10] - |RD| - [0] - C:\Users\2024anti asarl\Videos [20/07/2023 08:13:09] - |D| - [1414379] - C:\Users\2024anti asarl\AppData\Local [20/07/2023 08:13:09] - |D| - [16164] - C:\Users\2024anti asarl\AppData\Roaming [20/07/2023 08:13:09] - |D| - [1414379] - C:\Users\2024anti asarl\AppData\Local\Microsoft [20/07/2023 08:13:09] - |D| - [0] - C:\Users\2024anti asarl\AppData\Local\Temp [20/07/2023 08:13:09] - |SD| - [16164] - C:\Users\2024anti asarl\AppData\Roaming\Microsoft [20/07/2023 08:13:09] - |RD| - [11693] - C:\Users\2024anti asarl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [20/07/2023 08:13:09] - |RD| - [3888] - C:\Users\2024anti asarl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [20/07/2023 08:13:09] - |RD| - [1486] - C:\Users\2024anti asarl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [20/07/2023 08:13:09] - |AS| - [137] - C:\Users\2024anti asarl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [20/07/2023 08:13:09] - |A| - [369] - C:\Users\2024anti asarl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk [20/07/2023 08:13:09] - |D| - [170] - C:\Users\2024anti asarl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [20/07/2023 08:13:09] - |A| - [369] - C:\Users\2024anti asarl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk [20/07/2023 08:13:10] - |RD| - [5274] - C:\Users\2024anti asarl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools ---------- | [2024antiasarl2023vex] [20/07/2023 08:13:10] - |D| - [82232] - C:\Users\2024antiasarl2023vex\.android [20/07/2023 08:13:10] - |HD| - [3188167135] - C:\Users\2024antiasarl2023vex\AppData [20/07/2023 08:40:13] - |RD| - [412] - C:\Users\2024antiasarl2023vex\Contacts [20/07/2023 08:40:13] - |RD| - [580405480] - C:\Users\2024antiasarl2023vex\Desktop [20/07/2023 08:41:59] - |RD| - [13985480089] - C:\Users\2024antiasarl2023vex\Documents [20/07/2023 09:11:47] - |RD| - [2134425542] - C:\Users\2024antiasarl2023vex\Downloads [20/07/2023 09:26:19] - |RD| - [690] - C:\Users\2024antiasarl2023vex\Favorites [20/07/2023 09:26:19] - |RD| - [2364] - C:\Users\2024antiasarl2023vex\Links [20/07/2023 09:26:19] - |RD| - [7383006] - C:\Users\2024antiasarl2023vex\Music [20/07/2023 08:13:10] - |A| - [1048576] - C:\Users\2024antiasarl2023vex\NTUSER.DAT [20/07/2023 08:13:10] - |ASH| - [57344] - C:\Users\2024antiasarl2023vex\ntuser.dat.LOG1 [20/07/2023 08:13:10] - |ASH| - [847872] - C:\Users\2024antiasarl2023vex\ntuser.dat.LOG2 [20/07/2023 08:13:10] - |ASH| - [1048576] - C:\Users\2024antiasarl2023vex\NTUSER.DAT{050e281b-7154-11e4-80c6-b8ca3aeea201}.TxR.0.regtrans-ms [20/07/2023 08:13:10] - |ASH| - [1048576] - C:\Users\2024antiasarl2023vex\NTUSER.DAT{050e281b-7154-11e4-80c6-b8ca3aeea201}.TxR.1.regtrans-ms [20/07/2023 08:13:10] - |ASH| - [1048576] - C:\Users\2024antiasarl2023vex\NTUSER.DAT{050e281b-7154-11e4-80c6-b8ca3aeea201}.TxR.2.regtrans-ms [20/07/2023 08:13:10] - |ASH| - [65536] - C:\Users\2024antiasarl2023vex\NTUSER.DAT{050e281b-7154-11e4-80c6-b8ca3aeea201}.TxR.blf [20/07/2023 08:13:10] - |ASH| - [65536] - C:\Users\2024antiasarl2023vex\NTUSER.DAT{050e281c-7154-11e4-80c6-b8ca3aeea201}.TM.blf [20/07/2023 08:13:10] - |ASH| - [524288] - C:\Users\2024antiasarl2023vex\NTUSER.DAT{050e281c-7154-11e4-80c6-b8ca3aeea201}.TMContainer00000000000000000001.regtrans-ms [20/07/2023 08:13:10] - |ASH| - [524288] - C:\Users\2024antiasarl2023vex\NTUSER.DAT{050e281c-7154-11e4-80c6-b8ca3aeea201}.TMContainer00000000000000000002.regtrans-ms [20/07/2023 08:13:10] - |ASH| - [20] - C:\Users\2024antiasarl2023vex\ntuser.ini [20/07/2023 09:26:20] - |RD| - [161889] - C:\Users\2024antiasarl2023vex\Pictures [20/07/2023 09:26:20] - |RD| - [282] - C:\Users\2024antiasarl2023vex\Saved Games [20/07/2023 09:26:20] - |RD| - [1875] - C:\Users\2024antiasarl2023vex\Searches [20/07/2023 09:26:20] - |RD| - [504] - C:\Users\2024antiasarl2023vex\Videos [20/07/2023 08:13:10] - |D| - [2870036618] - C:\Users\2024antiasarl2023vex\AppData\Local [20/07/2023 08:38:49] - |D| - [40361325] - C:\Users\2024antiasarl2023vex\AppData\LocalLow [20/07/2023 08:38:57] - |D| - [277769192] - C:\Users\2024antiasarl2023vex\AppData\Roaming [20/07/2023 08:13:10] - |D| - [17349859] - C:\Users\2024antiasarl2023vex\AppData\Local\Adaware [20/07/2023 08:13:14] - |D| - [82] - C:\Users\2024antiasarl2023vex\AppData\Local\Aimersoft [20/07/2023 08:13:14] - |D| - [2] - C:\Users\2024antiasarl2023vex\AppData\Local\AMD [20/07/2023 08:13:14] - |D| - [60541] - C:\Users\2024antiasarl2023vex\AppData\Local\ATI [20/07/2023 08:13:14] - |D| - [0] - C:\Users\2024antiasarl2023vex\AppData\Local\Avira [20/07/2023 08:13:14] - |D| - [0] - C:\Users\2024antiasarl2023vex\AppData\Local\CEF [20/07/2023 08:13:14] - |D| - [20153383] - C:\Users\2024antiasarl2023vex\AppData\Local\CrashDumps [20/07/2023 08:13:15] - |D| - [227374] - C:\Users\2024antiasarl2023vex\AppData\Local\CyberLink [20/07/2023 08:13:15] - |SHD| - [0] - C:\Users\2024antiasarl2023vex\AppData\Local\EmieBrowserModeList [20/07/2023 08:13:15] - |SHD| - [0] - C:\Users\2024antiasarl2023vex\AppData\Local\EmieSiteList [20/07/2023 08:13:15] - |SHD| - [0] - C:\Users\2024antiasarl2023vex\AppData\Local\EmieUserList [20/07/2023 08:13:15] - |D| - [750912304] - C:\Users\2024antiasarl2023vex\AppData\Local\Microsoft [20/07/2023 08:18:26] - |D| - [707908802] - C:\Users\2024antiasarl2023vex\AppData\Local\Mozilla [20/07/2023 08:33:11] - |D| - [7783587] - C:\Users\2024antiasarl2023vex\AppData\Local\Packages [20/07/2023 08:33:23] - |D| - [1464] - C:\Users\2024antiasarl2023vex\AppData\Local\Patch_My_PC,_LLC [20/07/2023 08:33:23] - |D| - [40960] - C:\Users\2024antiasarl2023vex\AppData\Local\Power2Go13 [20/07/2023 08:33:23] - |D| - [0] - C:\Users\2024antiasarl2023vex\AppData\Local\Programs [20/07/2023 08:33:23] - |D| - [1339585434] - C:\Users\2024antiasarl2023vex\AppData\Local\Temp [20/07/2023 08:38:47] - |D| - [0] - C:\Users\2024antiasarl2023vex\AppData\Local\VirtualStore [20/07/2023 08:38:47] - |D| - [26012826] - C:\Users\2024antiasarl2023vex\AppData\Local\Wondershare [20/07/2023 08:38:49] - |SHD| - [0] - C:\Users\2024antiasarl2023vex\AppData\LocalLow\EmieBrowserModeList [20/07/2023 08:38:49] - |SHD| - [0] - C:\Users\2024antiasarl2023vex\AppData\LocalLow\EmieSiteList [20/07/2023 08:38:49] - |SHD| - [0] - C:\Users\2024antiasarl2023vex\AppData\LocalLow\EmieUserList [20/07/2023 08:38:49] - |D| - [39905988] - C:\Users\2024antiasarl2023vex\AppData\LocalLow\iTop Screen Recorder [20/07/2023 08:38:49] - |SD| - [455337] - C:\Users\2024antiasarl2023vex\AppData\LocalLow\Microsoft [20/07/2023 08:38:57] - |D| - [0] - C:\Users\2024antiasarl2023vex\AppData\Roaming\360TotalSecurity [20/07/2023 08:38:57] - |D| - [200479] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Adaware [20/07/2023 08:38:57] - |D| - [2322] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Adaware Protect [20/07/2023 08:38:57] - |D| - [0] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Adobe [20/07/2023 08:38:57] - |D| - [0] - C:\Users\2024antiasarl2023vex\AppData\Roaming\ATI [20/07/2023 08:38:57] - |D| - [28] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Avanquest [20/07/2023 08:38:57] - |D| - [26] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Avant Downloader [20/07/2023 08:38:57] - |D| - [75228006] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Avant Profiles [20/07/2023 08:39:38] - |D| - [2656016] - C:\Users\2024antiasarl2023vex\AppData\Roaming\balena-etcher [20/07/2023 08:39:40] - |D| - [524] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Bandicam Company [20/07/2023 08:39:40] - |D| - [93110744] - C:\Users\2024antiasarl2023vex\AppData\Roaming\ByClick [20/07/2023 08:39:41] - |D| - [0] - C:\Users\2024antiasarl2023vex\AppData\Roaming\CyberLink [20/07/2023 08:39:41] - |D| - [242] - C:\Users\2024antiasarl2023vex\AppData\Roaming\IrfanView [20/07/2023 08:39:41] - |D| - [7226121] - C:\Users\2024antiasarl2023vex\AppData\Roaming\iTop Screen Recorder [20/07/2023 08:39:42] - |D| - [7096801] - C:\Users\2024antiasarl2023vex\AppData\Roaming\KeepVid [20/07/2023 08:39:43] - |SD| - [697655] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft [20/07/2023 08:39:46] - |D| - [91516907] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Mozilla [20/07/2023 08:40:13] - |D| - [27284] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Notepad++ [20/07/2023 08:40:13] - |D| - [5243] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Onesafe PC Cleaner [20/07/2023 08:40:13] - |D| - [40] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Opera Software [20/07/2023 08:40:13] - |D| - [754] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Wondershare [20/07/2023 08:39:45] - |AS| - [174] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [20/07/2023 08:39:45] - |A| - [1823] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\PowerArchiver 2023.lnk [20/07/2023 08:39:45] - |RD| - [16580] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [20/07/2023 08:39:45] - |RD| - [3888] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [20/07/2023 08:39:45] - |RD| - [1486] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [20/07/2023 08:39:45] - |RD| - [174] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [20/07/2023 08:39:45] - |D| - [2670] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\COMODO [20/07/2023 08:39:45] - |AS| - [564] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [20/07/2023 08:39:45] - |A| - [369] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk [20/07/2023 08:39:45] - |A| - [1442] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [20/07/2023 08:39:45] - |D| - [170] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [20/07/2023 08:39:45] - |A| - [369] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk [20/07/2023 08:39:45] - |RD| - [174] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [20/07/2023 08:39:45] - |RD| - [5274] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [20/07/2023 08:39:46] - |D| - [0] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat [20/07/2023 08:39:45] - |AS| - [174] - C:\Users\2024antiasarl2023vex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [4rem été 2023 vexe s] [21/07/2023 12:18:32] - |HD| - [1472] - C:\Users\4rem été 2023 vexe s\.obs64 [19/07/2023 15:20:14] - |HD| - [2599286421] - C:\Users\4rem été 2023 vexe s\AppData [19/07/2023 15:20:15] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\Application Data [19/07/2023 15:20:30] - |RD| - [412] - C:\Users\4rem été 2023 vexe s\Contacts [19/07/2023 15:20:15] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\Cookies [19/07/2023 15:20:14] - |RD| - [23225205325] - C:\Users\4rem été 2023 vexe s\Desktop [19/07/2023 15:20:14] - |RD| - [58594546] - C:\Users\4rem été 2023 vexe s\Documents [19/07/2023 15:20:14] - |RD| - [39948240] - C:\Users\4rem été 2023 vexe s\Downloads [20/07/2023 11:49:59] - |D| - [4589889] - C:\Users\4rem été 2023 vexe s\FastCopy [19/07/2023 15:20:14] - |RD| - [690] - C:\Users\4rem été 2023 vexe s\Favorites [19/07/2023 15:20:14] - |RD| - [2364] - C:\Users\4rem été 2023 vexe s\Links [19/07/2023 15:20:15] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\Local Settings [19/07/2023 15:20:14] - |RD| - [504] - C:\Users\4rem été 2023 vexe s\Music [19/07/2023 15:20:15] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\My Documents [19/07/2023 15:20:15] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\NetHood [19/07/2023 15:20:14] - |ASH| - [786432] - C:\Users\4rem été 2023 vexe s\NTUSER.DAT [19/07/2023 15:20:15] - |ASH| - [704512] - C:\Users\4rem été 2023 vexe s\ntuser.dat.LOG1 [19/07/2023 15:20:15] - |ASH| - [1601536] - C:\Users\4rem été 2023 vexe s\ntuser.dat.LOG2 [19/07/2023 15:20:15] - |ASH| - [65536] - C:\Users\4rem été 2023 vexe s\NTUSER.DAT{050e281c-7154-11e4-80c6-b8ca3aeea201}.TM.blf [19/07/2023 15:20:15] - |ASH| - [524288] - C:\Users\4rem été 2023 vexe s\NTUSER.DAT{050e281c-7154-11e4-80c6-b8ca3aeea201}.TMContainer00000000000000000001.regtrans-ms [19/07/2023 15:20:15] - |ASH| - [524288] - C:\Users\4rem été 2023 vexe s\NTUSER.DAT{050e281c-7154-11e4-80c6-b8ca3aeea201}.TMContainer00000000000000000002.regtrans-ms [19/07/2023 15:20:15] - |SH| - [20] - C:\Users\4rem été 2023 vexe s\ntuser.ini [19/07/2023 15:20:14] - |RD| - [504] - C:\Users\4rem été 2023 vexe s\Pictures [19/07/2023 15:20:15] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\PrintHood [19/07/2023 15:20:15] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\Recent [19/07/2023 15:20:14] - |RD| - [282] - C:\Users\4rem été 2023 vexe s\Saved Games [19/07/2023 15:20:30] - |RD| - [1872] - C:\Users\4rem été 2023 vexe s\Searches [19/07/2023 15:20:15] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\SendTo [19/07/2023 15:20:15] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\Start Menu [19/07/2023 15:20:15] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\Templates [19/07/2023 15:20:14] - |RD| - [504] - C:\Users\4rem été 2023 vexe s\Videos [19/07/2023 15:20:14] - |D| - [2521905300] - C:\Users\4rem été 2023 vexe s\AppData\Local [19/07/2023 15:20:15] - |D| - [205410] - C:\Users\4rem été 2023 vexe s\AppData\LocalLow [19/07/2023 15:20:14] - |HD| - [77175711] - C:\Users\4rem été 2023 vexe s\AppData\Roaming [20/07/2023 14:37:44] - |D| - [206010952] - C:\Users\4rem été 2023 vexe s\AppData\Local\@joplinapp-desktop-updater [20/07/2023 19:10:53] - |D| - [92634544] - C:\Users\4rem été 2023 vexe s\AppData\Local\@standardnotesinner-desktop-updater [20/07/2023 16:53:19] - |D| - [32021] - C:\Users\4rem été 2023 vexe s\AppData\Local\AdvancePCPro [23/07/2023 11:19:26] - |D| - [2] - C:\Users\4rem été 2023 vexe s\AppData\Local\AMD [19/07/2023 15:20:15] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Local\Application Data [21/07/2023 11:13:44] - |D| - [64596] - C:\Users\4rem été 2023 vexe s\AppData\Local\ATI [20/07/2023 18:00:44] - |D| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Local\Avast Software [20/07/2023 17:28:38] - |D| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Local\CEF [20/07/2023 12:16:17] - |D| - [33737794] - C:\Users\4rem été 2023 vexe s\AppData\Local\CrashDumps [20/07/2023 19:04:42] - |D| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Local\crssync [21/07/2023 11:15:30] - |D| - [307594694] - C:\Users\4rem été 2023 vexe s\AppData\Local\Discord [20/07/2023 14:27:58] - |D| - [57224192] - C:\Users\4rem été 2023 vexe s\AppData\Local\Downloaded Installations [19/07/2023 15:40:08] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Local\EmieBrowserModeList [19/07/2023 15:40:08] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Local\EmieSiteList [19/07/2023 15:40:08] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Local\EmieUserList [20/07/2023 11:50:04] - |D| - [2744563] - C:\Users\4rem été 2023 vexe s\AppData\Local\FluxSoftware [20/07/2023 17:46:35] - |D| - [84467000] - C:\Users\4rem été 2023 vexe s\AppData\Local\Google [19/07/2023 15:20:15] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Local\History [20/07/2023 16:58:02] - |D| - [5253] - C:\Users\4rem été 2023 vexe s\AppData\Local\Lavasoft [20/07/2023 21:59:19] - |D| - [20196529] - C:\Users\4rem été 2023 vexe s\AppData\Local\MicroSIP [19/07/2023 15:20:14] - |D| - [136780681] - C:\Users\4rem été 2023 vexe s\AppData\Local\Microsoft [19/07/2023 15:46:04] - |D| - [369834568] - C:\Users\4rem été 2023 vexe s\AppData\Local\Mozilla [20/07/2023 11:57:57] - |D| - [220448122] - C:\Users\4rem été 2023 vexe s\AppData\Local\nzxt cam-updater [23/07/2023 22:07:34] - |D| - [916460] - C:\Users\4rem été 2023 vexe s\AppData\Local\OpenShell [23/07/2023 21:12:08] - |D| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Local\Overwolf [19/07/2023 15:20:25] - |D| - [7733480] - C:\Users\4rem été 2023 vexe s\AppData\Local\Packages [20/07/2023 11:59:18] - |D| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Local\ProcessLasso [20/07/2023 08:30:29] - |D| - [904870695] - C:\Users\4rem été 2023 vexe s\AppData\Local\Programs [20/07/2023 16:59:18] - |D| - [7923988] - C:\Users\4rem été 2023 vexe s\AppData\Local\qBittorrent [21/07/2023 11:14:50] - |D| - [7700] - C:\Users\4rem été 2023 vexe s\AppData\Local\SquirrelTemp [20/07/2023 21:41:11] - |D| - [20108248] - C:\Users\4rem été 2023 vexe s\AppData\Local\SumatraPDF [19/07/2023 15:20:14] - |D| - [48569218] - C:\Users\4rem été 2023 vexe s\AppData\Local\Temp [19/07/2023 15:20:15] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Local\Temporary Internet Files [21/07/2023 11:36:52] - |D| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Local\Tracker Software [19/07/2023 15:20:24] - |D| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Local\VirtualStore [19/07/2023 15:40:12] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\AppData\LocalLow\EmieBrowserModeList [19/07/2023 15:39:57] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\AppData\LocalLow\EmieSiteList [19/07/2023 15:40:12] - |SHD| - [0] - C:\Users\4rem été 2023 vexe s\AppData\LocalLow\EmieUserList [19/07/2023 15:20:18] - |SD| - [205410] - C:\Users\4rem été 2023 vexe s\AppData\LocalLow\Microsoft [19/07/2023 15:20:25] - |D| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Adobe [20/07/2023 21:43:17] - |D| - [1567] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\AIMP [21/07/2023 11:13:44] - |D| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\ATI [20/07/2023 17:28:38] - |D| - [6982710] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Avast Software [23/07/2023 21:21:21] - |D| - [524] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Bandicam Company [21/07/2023 10:51:33] - |D| - [4522951] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Cyberscrub [20/07/2023 11:47:20] - |D| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\DVDVideoSoft [20/07/2023 12:18:07] - |D| - [99382] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\JAM Software [20/07/2023 16:55:26] - |D| - [121343] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Lavasoft [19/07/2023 15:20:14] - |SD| - [836787] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft [19/07/2023 15:46:04] - |D| - [62870968] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Mozilla [20/07/2023 12:00:12] - |D| - [1602810] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\NZXT CAM [21/07/2023 12:18:32] - |D| - [1472] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Obsidium x64 [21/07/2023 10:57:19] - |D| - [102] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Onesafe PC Cleaner [23/07/2023 22:07:21] - |D| - [2100] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\OpenShell [20/07/2023 12:00:09] - |D| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\ProcessLasso [20/07/2023 16:59:18] - |D| - [2690] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\qBittorrent [20/07/2023 21:00:10] - |D| - [130305] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\TeraCopy [19/07/2023 15:20:30] - |S| - [174] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [19/07/2023 15:20:14] - |RD| - [34025] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [20/07/2023 21:41:14] - |A| - [2120] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\SumatraPDF.lnk [19/07/2023 15:20:14] - |RD| - [3888] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [19/07/2023 15:20:14] - |RD| - [1486] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [19/07/2023 15:20:30] - |RD| - [174] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [21/07/2023 10:23:05] - |D| - [4198] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Decrap my Computer [19/07/2023 15:20:15] - |S| - [564] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [19/07/2023 15:20:15] - |A| - [369] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk [20/07/2023 11:50:21] - |A| - [2211] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk [20/07/2023 11:50:02] - |A| - [944] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FastCopy.lnk [19/07/2023 15:20:25] - |A| - [1442] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [20/07/2023 14:37:56] - |A| - [2415] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Joplin.lnk [19/07/2023 15:20:14] - |D| - [170] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [20/07/2023 21:59:21] - |D| - [4849] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MicroSIP [20/07/2023 16:17:12] - |D| - [0] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MuleMRTG [19/07/2023 15:20:15] - |A| - [369] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk [20/07/2023 16:36:02] - |D| - [1299] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pinaview [20/07/2023 19:10:58] - |A| - [2876] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Standard Notes.lnk [19/07/2023 15:20:30] - |RD| - [174] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [19/07/2023 15:20:14] - |RD| - [5274] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [21/07/2023 04:47:52] - |D| - [1323] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Taskbarify [19/07/2023 15:20:30] - |S| - [174] - C:\Users\4rem été 2023 vexe s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [20/07/2023 09:26:22] - |D| - [35714] - C:\Users\Public\AccountPictures [20/07/2023 09:26:22] - |D| - [0] - C:\Users\Public\CyberLink [22/08/2013 17:36:30] - |RHD| - [6315] - C:\Users\Public\Desktop [22/08/2013 17:36:32] - |AS| - [174] - C:\Users\Public\desktop.ini [22/08/2013 17:36:30] - |RD| - [930802459] - C:\Users\Public\Documents [22/08/2013 17:36:30] - |RD| - [5301403] - C:\Users\Public\Downloads [22/08/2013 17:36:30] - |RHD| - [1174] - C:\Users\Public\Libraries [22/08/2013 17:36:30] - |RD| - [380] - C:\Users\Public\Music [22/08/2013 17:36:30] - |RD| - [380] - C:\Users\Public\Pictures [20/07/2023 09:27:09] - |D| - [8808] - C:\Users\Public\Security Sessions [20/07/2023 09:27:09] - |D| - [9090] - C:\Users\Public\Speedup Sessions [22/08/2013 17:36:30] - |RD| - [380] - C:\Users\Public\Videos ---------- | C:\ProgramData [19/07/2023 16:08:09] - |D| - [0] - C:\ProgramData\AMD [20/07/2023 14:18:58] - |D| - [12176896] - C:\ProgramData\Apple [22/08/2013 16:45:52] - |SHD| - [0] - C:\ProgramData\Application Data [21/07/2023 11:13:44] - |D| - [186] - C:\ProgramData\ATI [20/07/2023 16:43:07] - |D| - [59300982] - C:\ProgramData\Avast Software [20/07/2023 12:16:53] - |D| - [11605880] - C:\ProgramData\Caphyon [21/07/2023 12:20:10] - |D| - [776] - C:\ProgramData\Code Sector [21/07/2023 10:55:28] - |D| - [121484] - C:\ProgramData\Cyberscrub [22/08/2013 16:45:52] - |SHD| - [0] - C:\ProgramData\Desktop [20/07/2023 11:48:20] - |D| - [0] - C:\ProgramData\DockerDesktop [22/08/2013 16:45:52] - |SHD| - [0] - C:\ProgramData\Documents [20/07/2023 14:34:04] - |D| - [297317248] - C:\ProgramData\evernote-client-updater [20/07/2023 21:40:37] - |D| - [55932] - C:\ProgramData\FileOpen [22/07/2023 15:09:07] - |D| - [707823] - C:\ProgramData\GOG.com [20/07/2023 16:42:44] - |D| - [0] - C:\ProgramData\Lavasoft [21/07/2023 10:51:28] - |D| - [249] - C:\ProgramData\Licenses [22/08/2013 15:36:15] - |SD| - [1001636015] - C:\ProgramData\Microsoft [19/07/2023 15:46:04] - |D| - [12413] - C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 [20/07/2023 14:10:49] - |D| - [147612482] - C:\ProgramData\Norton [21/07/2023 11:28:19] - |D| - [15489598] - C:\ProgramData\NortonInstaller [19/07/2023 16:07:11] - |D| - [616419725] - C:\ProgramData\Package Cache [22/08/2013 17:36:30] - |D| - [988] - C:\ProgramData\regid.1991-06.com.microsoft [20/07/2023 21:55:57] - |D| - [95781144] - C:\ProgramData\SquirrelMachineInstalls [22/08/2013 16:45:52] - |SHD| - [0] - C:\ProgramData\Start Menu [21/07/2023 10:51:18] - |D| - [4] - C:\ProgramData\TEMP [22/08/2013 16:45:52] - |SHD| - [0] - C:\ProgramData\Templates [20/07/2023 21:39:51] - |D| - [0] - C:\ProgramData\Tracker Software [20/07/2023 12:33:55] - |D| - [1619200] - C:\ProgramData\Windows App Certification Kit ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [22/08/2013 17:36:33] - |AS| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [22/08/2013 17:36:30] - |RD| - [244641] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [20/07/2023 11:25:44] - |A| - [1270] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Absolute Uninstaller.lnk [22/08/2013 17:36:30] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [22/08/2013 17:36:30] - |RD| - [18212] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [22/08/2013 17:36:30] - |RD| - [27216] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [20/07/2023 21:43:30] - |D| - [3683] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP [20/07/2023 21:50:53] - |A| - [930] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ambassador.lnk [19/07/2023 16:08:39] - |D| - [4255] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [20/07/2023 17:27:54] - |D| - [2109] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software [23/07/2023 21:18:49] - |D| - [1566] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam [20/07/2023 11:30:20] - |D| - [1905] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BCUninstaller [20/07/2023 14:19:36] - |D| - [2044] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour SDK [22/08/2013 08:57:22] - |RAS| - [2131] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camera.lnk [20/07/2023 11:31:48] - |D| - [934] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [20/07/2023 11:32:47] - |D| - [5822] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comfort Clipboard [20/07/2023 11:32:47] - |A| - [1097] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comfort Clipboard Pro.lnk [20/07/2023 11:32:54] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [20/07/2023 11:34:14] - |D| - [3604] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskMark8 [20/07/2023 19:14:20] - |D| - [2352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF Writer [21/07/2023 10:23:05] - |D| - [4117] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Decrap my Computer [22/08/2013 17:36:33] - |AS| - [1086] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [22/08/2013 08:57:05] - |RAS| - [853] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk [20/07/2023 14:28:41] - |D| - [1975] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Sword [20/07/2023 21:57:00] - |D| - [1095] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EchoLink [20/07/2023 14:27:42] - |A| - [1644] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EditPad Lite 8.lnk [21/11/2014 17:57:14] - |RD| - [1818] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embedded Lockdown Manager [20/07/2023 14:34:24] - |A| - [2081] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote.lnk [21/11/2014 10:52:51] - |RAS| - [2440] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk [19/07/2023 15:44:06] - |A| - [948] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [22/07/2023 14:09:59] - |D| - [2123] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [20/07/2023 11:25:44] - |D| - [1354] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft [20/07/2023 17:45:05] - |A| - [2262] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [20/07/2023 11:50:27] - |D| - [3672] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune [20/07/2023 11:50:49] - |D| - [1118] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro [22/08/2013 08:54:10] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [20/07/2023 14:36:20] - |A| - [1801] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jitsi.lnk [20/07/2023 14:47:58] - |A| - [1682] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KVIrc.lnk [20/07/2023 16:58:48] - |D| - [2499] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft [20/07/2023 15:05:39] - |SD| - [10914] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.5 [22/08/2013 17:36:30] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [20/07/2023 16:17:12] - |D| - [1778] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MuleMRTG [19/07/2023 15:44:07] - |A| - [2094] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk [21/07/2023 11:30:12] - |RD| - [2294] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security [20/07/2023 11:58:34] - |A| - [1739] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NZXT CAM.lnk [21/07/2023 10:57:09] - |D| - [2161] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Onesafe PC Cleaner [20/07/2023 20:58:02] - |D| - [7415] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open-Shell [20/07/2023 15:28:47] - |SD| - [7392] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.14 [20/07/2023 19:18:25] - |D| - [3032] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFsam Basic [22/08/2013 08:57:08] - |RAS| - [2365] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotosApp.lnk [20/07/2023 16:40:38] - |D| - [1125] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion [21/07/2023 10:49:56] - |D| - [6607] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Privacy Suite [20/07/2023 19:00:45] - |D| - [8497] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QGIS 3.32.0 [20/07/2023 12:01:43] - |D| - [3353] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva [20/07/2023 12:02:28] - |D| - [3453] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [22/08/2013 08:45:50] - |RAS| - [1588] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk [22/08/2013 17:36:30] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [22/08/2013 17:36:30] - |RD| - [6359] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [21/11/2014 10:25:32] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [20/07/2023 21:00:15] - |A| - [919] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy.lnk [20/07/2023 21:40:42] - |D| - [9643] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tracker Software [20/07/2023 12:17:48] - |D| - [3242] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free [20/07/2023 08:31:29] - |D| - [826] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck [20/07/2023 12:22:33] - |D| - [3223] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat [20/07/2023 12:12:00] - |D| - [27402] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits [22/08/2013 08:48:43] - |RAS| - [2191] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk [23/07/2023 20:07:09] - |D| - [2220] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinUtilities [22/07/2023 15:09:02] - |D| - [4804] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Worms World Party Remastered [GOG.com] ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [22/08/2013 17:36:33] - |AS| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [20/07/2023 16:33:26] - |D| - [3310592] - C:\Program Files (x86)\AmonDoveY [19/07/2023 15:45:30] - |D| - [4321248280] - C:\Program Files (x86)\Anti-ASARL Videos & Suite v1 [20/07/2023 12:27:05] - |D| - [317546] - C:\Program Files (x86)\Application Verifier [19/07/2023 16:07:27] - |D| - [66233413] - C:\Program Files (x86)\ATI Technologies [23/07/2023 21:17:36] - |D| - [9130326] - C:\Program Files (x86)\BandiMPEG1 [20/07/2023 14:18:58] - |D| - [617164] - C:\Program Files (x86)\Bonjour [20/07/2023 14:19:30] - |D| - [1015712] - C:\Program Files (x86)\Bonjour SDK [20/07/2023 11:32:31] - |D| - [10823993] - C:\Program Files (x86)\ComfortClipboard [22/08/2013 15:36:15] - |D| - [52898599] - C:\Program Files (x86)\Common Files [20/07/2023 19:11:08] - |D| - [5217084] - C:\Program Files (x86)\CutePDF Writer [21/07/2023 10:21:15] - |D| - [7654633] - C:\Program Files (x86)\Decrap my Computer [22/08/2013 17:36:33] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [20/07/2023 14:32:49] - |D| - [664729114] - C:\Program Files (x86)\Evernote [20/07/2023 11:25:18] - |D| - [31896863] - C:\Program Files (x86)\Glarysoft [20/07/2023 19:14:09] - |D| - [14001334] - C:\Program Files (x86)\GPLGS [22/08/2013 17:36:30] - |D| - [6852995] - C:\Program Files (x86)\Internet Explorer [20/07/2023 21:56:58] - |D| - [0] - C:\Program Files (x86)\K1RFD [20/07/2023 12:28:33] - |D| - [16196123] - C:\Program Files (x86)\Microsoft SDKs [22/08/2013 17:36:30] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET [19/07/2023 15:43:55] - |D| - [345991] - C:\Program Files (x86)\Mozilla Maintenance Service [20/07/2023 16:16:56] - |D| - [0] - C:\Program Files (x86)\MuleMRTG [22/08/2013 17:36:30] - |D| - [1228016] - C:\Program Files (x86)\Windows Defender [20/07/2023 12:02:19] - |D| - [744926922] - C:\Program Files (x86)\Windows Kits [22/08/2013 17:36:30] - |D| - [5953536] - C:\Program Files (x86)\Windows Mail [22/08/2013 17:36:30] - |D| - [3315226] - C:\Program Files (x86)\Windows Media Player [22/08/2013 17:36:30] - |D| - [230912] - C:\Program Files (x86)\Windows Multimedia Platform [22/08/2013 17:36:30] - |D| - [7472698] - C:\Program Files (x86)\Windows NT [22/08/2013 17:36:30] - |D| - [5495440] - C:\Program Files (x86)\Windows Photo Viewer [22/08/2013 17:36:30] - |D| - [230912] - C:\Program Files (x86)\Windows Portable Devices [22/08/2013 17:36:30] - |SD| - [0] - C:\Program Files (x86)\Windows Sidebar [22/08/2013 17:36:30] - |D| - [0] - C:\Program Files (x86)\WindowsPowerShell [23/07/2023 20:06:38] - |D| - [32342252] - C:\Program Files (x86)\WinUtilities ---------- | C:\Program Files [19/07/2023 16:06:02] - |D| - [57795294] - C:\Program Files\AMD [20/07/2023 12:27:04] - |D| - [363826] - C:\Program Files\Application Verifier [19/07/2023 16:08:07] - |D| - [5593344] - C:\Program Files\ATI Technologies [20/07/2023 16:50:13] - |D| - [1573338873] - C:\Program Files\Avast Software [23/07/2023 21:17:55] - |D| - [109558888] - C:\Program Files\Bandicam [20/07/2023 11:26:36] - |D| - [197183532] - C:\Program Files\BCUninstaller [20/07/2023 14:18:58] - |D| - [195940] - C:\Program Files\Bonjour [20/07/2023 14:19:29] - |D| - [9913637] - C:\Program Files\Bonjour SDK [22/08/2013 15:36:15] - |D| - [620750958] - C:\Program Files\Common Files [20/07/2023 11:32:52] - |D| - [0] - C:\Program Files\CPUID [20/07/2023 11:34:00] - |D| - [7645185] - C:\Program Files\CrystalDiskMark8 [22/08/2013 17:36:45] - |N| - [174] - C:\Program Files\desktop.ini [21/11/2014 17:57:14] - |D| - [1907200] - C:\Program Files\Embedded Lockdown Manager [20/07/2023 17:40:13] - |D| - [0] - C:\Program Files\Google [21/07/2023 04:48:18] - |D| - [78107721] - C:\Program Files\Grand Explorer [22/08/2013 17:36:31] - |D| - [26815836] - C:\Program Files\Internet Explorer [20/07/2023 12:17:22] - |D| - [46161380] - C:\Program Files\JAM Software [20/07/2023 14:35:55] - |D| - [189666599] - C:\Program Files\Jitsi [20/07/2023 14:27:30] - |D| - [23829267] - C:\Program Files\Just Great Software [20/07/2023 14:53:14] - |D| - [699508316] - C:\Program Files\LibreOffice [19/07/2023 15:43:39] - |D| - [232864244] - C:\Program Files\Mozilla Firefox [21/07/2023 11:30:09] - |D| - [1028625918] - C:\Program Files\Norton Security [20/07/2023 11:55:20] - |D| - [442135287] - C:\Program Files\NZXT CAM [20/07/2023 20:58:02] - |D| - [13033603] - C:\Program Files\Open-Shell [20/07/2023 19:18:25] - |D| - [88355739] - C:\Program Files\PDFsam Basic [20/07/2023 18:19:20] - |D| - [2696382884] - C:\Program Files\QGIS 3.32.0 [20/07/2023 12:01:17] - |D| - [18333976] - C:\Program Files\Recuva [20/07/2023 21:00:10] - |D| - [19193973] - C:\Program Files\TeraCopy [20/07/2023 21:39:51] - |D| - [392868856] - C:\Program Files\Tracker Software [22/08/2013 16:47:10] - |HD| - [0] - C:\Program Files\Uninstall Information [20/07/2023 12:02:11] - |D| - [22572244] - C:\Program Files\VS Revo Group [22/08/2013 17:36:31] - |D| - [9599599] - C:\Program Files\Windows Defender [21/11/2014 10:25:32] - |D| - [8954488] - C:\Program Files\Windows Journal [22/08/2013 17:36:31] - |D| - [6312448] - C:\Program Files\Windows Mail [22/08/2013 17:36:31] - |D| - [5367870] - C:\Program Files\Windows Media Player [22/08/2013 17:36:31] - |D| - [286208] - C:\Program Files\Windows Multimedia Platform [22/08/2013 17:36:31] - |D| - [7824954] - C:\Program Files\Windows NT [22/08/2013 17:36:31] - |D| - [6426768] - C:\Program Files\Windows Photo Viewer [22/08/2013 17:36:31] - |D| - [286208] - C:\Program Files\Windows Portable Devices [22/08/2013 17:36:31] - |SHD| - [0] - C:\Program Files\Windows Sidebar [22/08/2013 17:36:31] - |HD| - [615790515] - C:\Program Files\WindowsApps [22/08/2013 17:36:31] - |D| - [0] - C:\Program Files\WindowsPowerShell ---------- | C:\Program Files (x86)\Common Files [20/07/2023 14:28:18] - |D| - [1126400] - C:\Program Files (x86)\Common Files\EzTools [21/07/2023 10:50:53] - |D| - [1699840] - C:\Program Files (x86)\Common Files\InstallShield [20/07/2023 12:02:23] - |D| - [2221] - C:\Program Files (x86)\Common Files\Microsoft [22/08/2013 17:36:30] - |D| - [39674481] - C:\Program Files (x86)\Common Files\Microsoft Shared [22/08/2013 17:36:30] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [21/07/2023 12:17:02] - |D| - [687600] - C:\Program Files (x86)\Common Files\Symantec Shared [22/08/2013 17:36:30] - |D| - [9705355] - C:\Program Files (x86)\Common Files\System ---------- | C:\Program Files\Common files [21/07/2023 13:37:59] - |D| - [3250620] - C:\Program Files\Common files\AV [20/07/2023 17:08:19] - |D| - [2144664] - C:\Program Files\Common files\Avast Software [22/08/2013 17:36:31] - |D| - [45620517] - C:\Program Files\Common files\microsoft shared [22/08/2013 17:36:31] - |D| - [2702] - C:\Program Files\Common files\Services [21/07/2023 11:46:14] - |D| - [381746] - C:\Program Files\Common files\Symantec Shared [22/08/2013 17:36:31] - |D| - [10687883] - C:\Program Files\Common files\System [20/07/2023 21:39:51] - |D| - [558662826] - C:\Program Files\Common files\Tracker Software ---------- | Tasks [MD5.75F9BCDD46D12D410BFE3801AC0227A5] - [20/07/2023 11:32:24] - |A| - [760] - C:\Windows\Tasks\CCleanerCrashReporting.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [22/08/2013 16:45:54] - |AH| - [6] - C:\Windows\Tasks\SA.DAT [MD5.493137247EA8D68DEF64C51605C92D60] - [20/07/2023 17:11:45] - |A| - [3910] - C:\Windows\System32\Tasks\Avast Emergency Update : C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [MD5.00000000000000000000000000000000] - [20/07/2023 17:16:18] - |D| - [3914] - C:\Windows\System32\Tasks\Avast Software [MD5.5D8EB9EA5943CAC2100B64717A8B7B71] - [20/07/2023 11:32:20] - |A| - [3870] - C:\Windows\System32\Tasks\CCleaner Update : C:\Program Files\CCleaner\CCUpdate.exe [MD5.22DB372F94FB463E20A61ECCD3059CCB] - [20/07/2023 11:32:26] - |A| - [3376] - C:\Windows\System32\Tasks\CCleanerCrashReporting : C:\Program Files\CCleaner\CCleanerBugReport.exe [MD5.E2D81CB8C6B52DB9E75A282FFFB97A13] - [20/07/2023 11:32:23] - |A| - [2852] - C:\Windows\System32\Tasks\CCleanerSkipUAC - 4rem été 2023 vexe s : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.F6C925BEECF9FD94AC263EFFC814BB21] - [20/07/2023 17:29:51] - |A| - [3670] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore : "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" [MD5.9D1BB7BEA5CE578DCD5BCACC4A8EE310] - [20/07/2023 17:29:53] - |A| - [3798] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA : "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" [MD5.00000000000000000000000000000000] - [20/07/2023 08:12:52] - |D| - [3934] - C:\Windows\System32\Tasks\KpRm-quarantines [MD5.00000000000000000000000000000000] - [22/08/2013 17:36:30] - |D| - [384694] - C:\Windows\System32\Tasks\Microsoft [MD5.00000000000000000000000000000000] - [19/07/2023 15:44:07] - |D| - [8304] - C:\Windows\System32\Tasks\Mozilla [MD5.00000000000000000000000000000000] - [21/07/2023 11:49:56] - |D| - [6690] - C:\Windows\System32\Tasks\Norton Security [MD5.4649D3390D0262B951A552F874A5939C] - [21/07/2023 11:46:47] - |A| - [3206] - C:\Windows\System32\Tasks\Norton WSC Integration : "C:\Program Files\Norton Security\Engine\22.14.0.54\WSCStub.exe" [MD5.B6E8ADA8F72BDB616E31951FF0FFC3C9] - [21/07/2023 11:02:17] - |A| - [3102] - C:\Windows\System32\Tasks\Onesafe PC Cleaner automatic scan and notifications : "s:\Program Files (x86)\Onesafe PC Cleaner\OSPCNotifications.exe" [MD5.4892597C259FF4EA8D9C8262781E6EF9] - [19/07/2023 15:25:43] - |A| - [3594] - C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3171542008-311482996-984047150-1001 : "s:\Program Files (x86)\Onesafe PC Cleaner\OSPCNotifications.exe" [MD5.00000000000000000000000000000000] - [21/07/2023 13:38:09] - |D| - [3902] - C:\Windows\System32\Tasks\Remediation [MD5.18BD5CAF29A06A25B88BAEDADB8E33E5] - [20/07/2023 08:32:41] - |A| - [3040] - C:\Windows\System32\Tasks\UCheck : C:\Program Files\UCheck\UCheck64.exe [MD5.3E2EA68484B07C5D9B9D30083B01176D] - [19/07/2023 15:40:09] - |A| - [4014] - C:\Windows\System32\Tasks\User_Feed_Synchronization-{CC03E951-3681-4D39-BD38-71CD9E04AEF5} : C:\Windows\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [19/07/2023 15:20:47] - |D| - [4518] - C:\Windows\System32\Tasks\WPD [MD5.4C4CA10A2A0E6ADEEC765E8B8AD5C078] - [21/07/2023 10:52:41] - |A| - [2964] - C:\Windows\System32\Tasks\{2B3E483C-6661-4E04-8FF4-C7FCE7D864AF} : C:\Program Files (x86)\Privacy Suite\CP.exe [MD5.311A93F65BA2A1380B0322C0CA8CCF05] - [21/07/2023 10:54:21] - |A| - [2990] - C:\Windows\System32\Tasks\{2B3E483C-6661-4E04-8FF4-C7FCE7D864BC} : C:\Program Files (x86)\Privacy Suite\psUpdateMonitor.exe [MD5.DE8E8DF59D1BD090FD7857AAE422006E] - [21/07/2023 10:54:34] - |A| - [3152] - C:\Windows\System32\Tasks\{995C167A-3E0F-4C93-9F4E-25AFC941C573} : "C:\Program Files (x86)\Privacy Suite\etRiskMonitor.exe" [MD5.00000000000000000000000000000000] - [22/08/2013 17:36:31] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "Netlogon-NamedPipe-In"=v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.22|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ| "{560448D6-095C-4907-B046-AC7F710701A7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D6980480-941A-4DF6-AB81-3734ECD3D779}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ| "{EC799E33-72BA-42D7-9127-DEFE68F9799D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F64300AD-D559-4000-BD45-0997BCC8E70A}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ| "{F77E5446-4378-4E99-8B7A-7061AAAEA193}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{9E3D57FC-7C37-4424-9352-4831E97D029D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ| "{4282FE99-8560-4BC7-9576-5F3ED84E263F}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{6A22EF92-AAB6-4480-A4E5-E11F472BFE5D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-3171542008-311482996-984047150-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{74A42717-0A82-47E3-892F-05111E4D54E8}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-3171542008-311482996-984047150-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{DBC6C80B-7D07-40A8-9439-274BA17602FF}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-3171542008-311482996-984047150-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{FDBF4111-548D-47C3-817B-FC6CE8C99ADF}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{74A27075-D85C-4FAD-8E41-1B5232DA4914}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{3CEFC811-F6A9-4B28-82BE-0AE6BBAF206D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\PremierOpinion\pmropn.exe|Name=pmropn.exe| "{7425BADD-DA98-4513-B1A6-7F147A7A7FB2}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\PremierOpinion\pmropn.exe|Name=pmropn.exe| "{7C1655C7-BC6E-482D-8E58-86A4E6D9C0C5}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files\Avast Software\Avast\AvastUI.exe|Name=Avast UI (TCP-In)|Desc=Allow all incoming traffic to UI|EmbedCtxt=Avast UI| "{A07C4AC2-A939-4C75-BE10-C09AD9D39634}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files\Avast Software\Avast\AvastUI.exe|Name=Avast UI (UDP-In)|Desc=Allow all incoming traffic to UI|EmbedCtxt=Avast UI| "{7D3CDB84-BAF4-4F28-B3C9-87E7F09622A6}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Inbound rule for Google Chrome to allow mDNS traffic.|EmbedCtxt=Google Chrome| "{555DF1BF-30B2-457F-B6CF-F6463CEA0D46}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Ambassador\ambassador.exe|Name=Ambassador (C:\Program Files\Ambassador)| "{6DB71865-D706-4F23-AD85-B317C5D8EFB4}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Ambassador\ambassador.exe|Name=Ambassador (C:\Program Files\Ambassador)| "{409BF110-565F-4121-9435-2EFA80E6D175}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\K1RFD\EchoLink\EchoLink.exe|Name=EchoLink|Desc=Allows incoming UDP connections for EchoLink. This is required since EchoLink uses a peer-to-peer UDP protocol.|Edge=TRUE| "TCP Query User{8AD22D74-A3C3-4F4F-B3FC-41DD1B334503}C:\users\4rem été 2023 vexe s\appdata\local\microsip\microsip.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\users\4rem été 2023 vexe s\appdata\local\microsip\microsip.exe|Name=microsip.exe|Desc=microsip.exe|Defer=User| "UDP Query User{BD67AB69-AE11-4C59-AC0A-56F56FC5709A}C:\users\4rem été 2023 vexe s\appdata\local\microsip\microsip.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\users\4rem été 2023 vexe s\appdata\local\microsip\microsip.exe|Name=microsip.exe|Desc=microsip.exe|Defer=User| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @PrintQueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%SECURITYACCELERATORCLASSNAME%;Security Accelerator [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @mgtdyn.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @%SystemRoot%\System32\Montr_CI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8c78b96c-9120-4da4-a144-ff427f2cf132}] : (BarcodeScanner) [] -> @hidscanner.inf,%ClassName%;POS HID Barcode scanners [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\sccls.dll,-300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{B95B836B-234E-4857-A1F8-D0D9A9BEC1C5}] : (vmbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @AudioEndpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @WSDPrint.Inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\sccls.dll,-301 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{E004269C-D387-4461-B955-25A64CFE23CE}] : (amdkmdag) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [21/07/2023 11:36:44] - (7.2.0.29) - (Symantec Corporation - Symantec Extended File Attributes) - C:\Windows\system32\drivers\NGCx64\160E000.036\SYMEFASI64.SYS [21/07/2023 11:35:51] - (16.0.0.77) - (Symantec Corporation - Common Client Settings Driver) - C:\Windows\system32\drivers\NGCx64\160E000.036\ccSetx64.sys [21/07/2023 11:36:40] - (15.5.0.124) - (Symantec Corporation - Symantec AutoProtect) - C:\Windows\system32\drivers\NGCx64\160E000.036\SRTSP64.SYS [21/07/2023 11:36:40] - (15.5.0.124) - (Symantec Corporation - Symantec AutoProtect) - C:\Windows\system32\drivers\NGCx64\160E000.036\SRTSPX64.SYS [21/07/2023 11:46:14] - (14.0.6.27) - (Symantec Corporation - Symantec Event Library) - C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [21/07/2023 11:36:06] - (8.1.0.50) - (Symantec Corporation - Iron Driver) - C:\Windows\system32\drivers\NGCx64\160E000.036\Ironx64.SYS [21/07/2023 11:36:40] - (16.1.0.55) - (Symantec Corporation - Network Security Driver) - C:\Windows\system32\drivers\NGCx64\160E000.036\SYMNETS.SYS [21/07/2023 22:48:26] - (17.2.11.37) - (Broadcom - IDS Core Driver) - C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IPSDefs\20230721.061\IDSvia64.sys [21/07/2023 12:17:03] - (119.1.5.1) - (Broadcom - Broadcom Eraser Control Driver) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [23/07/2023 11:13:44] - (119.1.5.1) - (Broadcom - Broadcom Eraser Utility Driver) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [20/07/2023 07:21:38] - (12.7.0.63) - (Broadcom - BASH Driver) - C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\BASHDefs\20230720.001\BHDrvx64.sys [22/08/2013 08:57:53] - (2.1.0.16) - (Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controller) - C:\Windows\system32\DRIVERS\L1C63x64.sys [21/11/2014 11:16:27] - (5.1.2.238) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\Windows\System32\ATMFD.DLL [20/07/2023 16:54:16] - (3.1.9.53) - (Bitdefender - BDDCI filter driver) - C:\Windows\system32\DRIVERS\bddci.sys [22/08/2013 17:36:40] - (4.3.86.0) - (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. - Macrovision SECURITY Driver) - C:\Windows\System32\Drivers\secdrv.SYS ---------- | LoadOrderGroup Name: System Reserved - DriverEnabled: True - GroupOrder: 1 - Status: OK Name: EMS - DriverEnabled: True - GroupOrder: 2 - Status: OK Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 3 - Status: OK Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 4 - Status: OK Name: System Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK Name: SCSI miniport - DriverEnabled: True - GroupOrder: 6 - Status: OK Name: Port - DriverEnabled: True - GroupOrder: 7 - Status: OK Name: Primary Disk - DriverEnabled: True - GroupOrder: 8 - Status: OK Name: SCSI Class - DriverEnabled: True - GroupOrder: 9 - Status: OK Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 10 - Status: OK Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 11 - Status: OK Name: FSFilter System - DriverEnabled: True - GroupOrder: 12 - Status: OK Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 13 - Status: OK Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 14 - Status: OK Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 15 - Status: OK Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 16 - Status: OK Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 17 - Status: OK Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 18 - Status: OK Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 19 - Status: OK Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 20 - Status: OK Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 21 - Status: OK Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 22 - Status: OK Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 23 - Status: OK Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 24 - Status: OK Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 25 - Status: OK Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 26 - Status: OK Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 27 - Status: OK Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 28 - Status: OK Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 29 - Status: OK Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 30 - Status: OK Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 31 - Status: OK Name: FSFilter Top - DriverEnabled: True - GroupOrder: 32 - Status: OK Name: Filter - DriverEnabled: True - GroupOrder: 33 - Status: OK Name: Boot File System - DriverEnabled: True - GroupOrder: 34 - Status: OK Name: Base - DriverEnabled: True - GroupOrder: 35 - Status: OK Name: Pointer Port - DriverEnabled: True - GroupOrder: 36 - Status: OK Name: Keyboard Port - DriverEnabled: True - GroupOrder: 37 - Status: OK Name: Pointer Class - DriverEnabled: True - GroupOrder: 38 - Status: OK Name: Keyboard Class - DriverEnabled: True - GroupOrder: 39 - Status: OK Name: Video Init - DriverEnabled: True - GroupOrder: 40 - Status: OK Name: Video - DriverEnabled: True - GroupOrder: 41 - Status: OK Name: Video Save - DriverEnabled: True - GroupOrder: 42 - Status: OK Name: File System - DriverEnabled: True - GroupOrder: 43 - Status: OK Name: Streams Drivers - DriverEnabled: True - GroupOrder: 44 - Status: OK Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 45 - Status: OK Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 46 - Status: OK Name: Event Log - DriverEnabled: True - GroupOrder: 47 - Status: OK Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 48 - Status: OK Name: AudioGroup - DriverEnabled: True - GroupOrder: 49 - Status: OK Name: UIGroup - DriverEnabled: True - GroupOrder: 50 - Status: OK Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 51 - Status: OK Name: PlugPlay - DriverEnabled: True - GroupOrder: 52 - Status: OK Name: Cryptography - DriverEnabled: True - GroupOrder: 53 - Status: OK Name: PNP_TDI - DriverEnabled: True - GroupOrder: 54 - Status: OK Name: NDIS - DriverEnabled: True - GroupOrder: 55 - Status: OK Name: TDI - DriverEnabled: True - GroupOrder: 56 - Status: OK Name: iSCSI - DriverEnabled: True - GroupOrder: 57 - Status: OK Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 58 - Status: OK Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK Name: NetworkProvider - DriverEnabled: True - GroupOrder: 63 - Status: OK Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 64 - Status: OK Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 65 - Status: OK Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 66 - Status: OK Name: Extended Base - DriverEnabled: True - GroupOrder: 67 - Status: OK Name: PCI Configuration - DriverEnabled: True - GroupOrder: 68 - Status: OK Name: MS Transactions - DriverEnabled: True - GroupOrder: 69 - Status: OK Name: Core - DriverEnabled: False - GroupOrder: 70 - Status: OK Name: PnP Filter - DriverEnabled: False - GroupOrder: 71 - Status: OK Name: Network - DriverEnabled: False - GroupOrder: 72 - Status: OK Name: FSFilter Filter Content Screener - DriverEnabled: False - GroupOrder: 73 - Status: OK Name: Early-Launch - DriverEnabled: False - GroupOrder: 74 - Status: OK Name: _Early-Launch - DriverEnabled: False - GroupOrder: 75 - Status: OK Name: LocalService - DriverEnabled: False - GroupOrder: 76 - Status: OK ---------- | LoadOrderGroupServiceDependencies LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs" ---------- | LoadOrderGroupServiceMembers LoadOrderGroup.Name="Event log" - Service.Name="AMD External Events Utility" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc" LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder" LoadOrderGroup.Name="AudioGroup" - Service.Name="Audiosrv" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="avast! Antivirus" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="avast! Tools" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AvastWscReporter" LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="BrokerInfrastructure" LoadOrderGroup.Name="NetworkProvider" - Service.Name="Browser" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch" LoadOrderGroup.Name="PlugPlay" - Service.Name="DeviceInstall" LoadOrderGroup.Name="TDI" - Service.Name="Dhcp" LoadOrderGroup.Name="TDI" - Service.Name="Dnscache" LoadOrderGroup.Name="TDI" - Service.Name="dot3svc" LoadOrderGroup.Name="Event Log" - Service.Name="EventLog" LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="3ware" LoadOrderGroup.Name="Core" - SystemDriver.Name="ACPI" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="acpiex" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="acpitime" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ADP80XX" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="agp440" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8" LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdag" LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdap" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsbs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="aswArDisk" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="aswKbd" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="aswMonFlt" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="aswNetHub" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="aswRdr" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="aswRvrt" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="aswSnx" LoadOrderGroup.Name="FSFilter Security Enhancer" - SystemDriver.Name="aswSP" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="aswStm" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="aswVmm" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="b06bdrv" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicDisplay" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicRender" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn2" LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep" LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthAvrcpTg" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthHFEnum" LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="ccSet_NGC" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation" LoadOrderGroup.Name="TDI" - Service.Name="lmhosts" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="LSM" LoadOrderGroup.Name="NetworkProvider" - Service.Name="MpsSvc" LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI" LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon" LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay" LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS" LoadOrderGroup.Name="Core" - SystemDriver.Name="CNG" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus" LoadOrderGroup.Name="Base" - SystemDriver.Name="condrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="Dfsc" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="ebdrv" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorClass" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorTcgDrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat" LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="FsDepends" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="FxPPM" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="gagp30kx" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="GPIOClx0101" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidi2c" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hyperkbd" LoadOrderGroup.Name="Video" - SystemDriver.Name="HyperVideo" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSSi_GPIO" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSSi_I2C" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAV" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm" LoadOrderGroup.Name="Plugplay" - Service.Name="Power" LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs" LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr" LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection" LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler" LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="kdnic" LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD" LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="L1C" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS3" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SSS" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasr" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr" LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb10" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsBridge" LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="msgpiowin32" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidkmdf" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidumdf" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsLldp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig" LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="mvumis" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP" LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc" LoadOrderGroup.Name="TDI" - Service.Name="Wcmsvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient" LoadOrderGroup.Name="TDI" - Service.Name="WlanSvc" LoadOrderGroup.Name="LocalService" - Service.Name="workfolderssvc" LoadOrderGroup.Name="PlugPlay" - Service.Name="wudfsvc" LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="NdisVirtualBus" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NDProxy" LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="netvsc" LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="Ntfs" LoadOrderGroup.Name="Base" - SystemDriver.Name="Null" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="nv_agp" LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia" LoadOrderGroup.Name="Base" - SystemDriver.Name="pcw" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pdc" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched" LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd" LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFS" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr" LoadOrderGroup.Name="Video" - SystemDriver.Name="s3cap" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="sdbus" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="spaceport" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="SRTSP" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2" LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="storahci" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="storflt" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stornvme" LoadOrderGroup.Name="Base" - SystemDriver.Name="storvsc" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="swenum" LoadOrderGroup.Name="FSFilter Filter Content Screener" - SystemDriver.Name="SymEFASI" LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="SymELAM" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="SymIRON" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="terminpt" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="TPM" LoadOrderGroup.Name="base" - SystemDriver.Name="TsUsbFlt" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="TsUsbGD" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="uagp35" LoadOrderGroup.Name="Base" - SystemDriver.Name="UCX01000" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="uliagpkx" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub" LoadOrderGroup.Name="Base" - SystemDriver.Name="USBHUB3" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci" LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="VerifierExt" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="viaide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vmbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="VMBusHID" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vpci" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="VSTXRAID" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen" LoadOrderGroup.Name="_Early-Launch" - SystemDriver.Name="WdBoot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="WdFilter" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="WFPLWFS" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="WIMMount" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi" LoadOrderGroup.Name="FSFilter Compression" - SystemDriver.Name="Wof" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wpcfltr" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="WpdUpFltr" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WSDPrintDevice" LoadOrderGroup.Name="Base" - SystemDriver.Name="WSDScan" LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf" LoadOrderGroup.Name="Base" - SystemDriver.Name="WUDFRd" LoadOrderGroup.Name="Base" - SystemDriver.Name="WUDFSensorLP" ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - aswArDisk (aswArDisk) -> system32\drivers\aswArDisk.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswbidsh (aswbidsh) -> system32\drivers\aswbidsh.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - aswbuniv (aswbuniv) -> system32\drivers\aswbuniv.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswRvrt (aswRvrt) -> system32\drivers\aswRvrt.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - aswVmm (aswVmm) -> system32\drivers\aswVmm.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - gagp30kx (@machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) -> System32\drivers\gagp30kx.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2 () -> System32\drivers\lsi_sas2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3 () -> System32\drivers\lsi_sas3.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nv_agp (@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter) -> System32\drivers\nv_agp.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@machine.inf,%pci_svcdesc%;PCI Bus Driver) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - storflt (@%SystemRoot%\system32\vmstorfltres.dll,-1000) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - SymEFASI (Symantec Extended File Attributes (SI)) -> system32\drivers\NGCx64\160E000.036\SYMEFASI64.SYS - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - SymELAM (Symantec ELAM Driver) -> system32\drivers\NGCx64\160E000.036\SymELAM.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - uagp35 (@machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter) -> System32\drivers\uagp35.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - uliagpkx (@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter) -> System32\drivers\uliagpkx.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - viaide () -> System32\drivers\viaide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - vmbus (@%SystemRoot%\system32\vmbusres.dll,-1000) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@volume.inf,%VolumeClassName%;Storage volumes) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> system32\DRIVERS\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswArPot (aswArPot) -> system32\drivers\aswArPot.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswbidsdriver (aswbidsdriver) -> system32\drivers\aswbidsdriver.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswKbd (aswKbd) -> system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswMonFlt (aswMonFlt) -> system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswNetHub (aswNetHub) -> system32\drivers\aswNetHub.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - aswRdr (aswRdr) -> system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSnx (aswSnx) -> system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - aswSP (aswSP) -> system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BHDrvx64 (BHDrvx64) -> \??\C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\BASHDefs\20230720.001\BHDrvx64.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ccSet_NGC (NGC Settings Manager) -> \SystemRoot\system32\drivers\NGCx64\160E000.036\ccSetx64.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - eeCtrl (Symantec Eraser Control driver) -> \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - IDSVia64 (IDSVia64) -> \??\C:\Program Files\Norton Security\NortonData\22.14.0.54\Definitions\IPSDefs\20230721.061\IDSvia64.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@netnb.inf,%NetBIOS_Desc%;NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> \SystemRoot\system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - SRTSP (Symantec Real Time Storage Protection x64) -> \SystemRoot\system32\drivers\NGCx64\160E000.036\SRTSP64.SYS - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - SRTSPX (Symantec Real Time Storage Protection (PEL) x64) -> \SystemRoot\system32\drivers\NGCx64\160E000.036\SRTSPX64.SYS - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - SymIRON (Symantec Iron Driver) -> \SystemRoot\system32\drivers\NGCx64\160E000.036\Ironx64.SYS - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - SymNetS (Symantec Network Security WFP Driver) -> \SystemRoot\system32\drivers\NGCx64\160E000.036\SYMNETS.SYS - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True S2 - [Kernel Driver] - agp440 (@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter) -> System32\drivers\agp440.sys - AcceptPause: False - AcceptStop: False R2 - [Kernel Driver] - aswStm (aswStm) -> system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - BdDci (BdDci Service) -> \SystemRoot\system32\DRIVERS\bddci.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> \SystemRoot\system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> \SystemRoot\system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - secdrv (Security Driver) -> (?) - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - 1394ohci (@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\1394ohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - acpipagr (@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver) -> \SystemRoot\System32\drivers\acpipagr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AcpiPmi (@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver) -> \SystemRoot\System32\drivers\acpipmi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - acpitime (@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver) -> \SystemRoot\System32\drivers\acpitime.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdK8 (@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver) -> \SystemRoot\System32\drivers\amdk8.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - amdkmdag () -> \SystemRoot\system32\DRIVERS\atikmdag.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - amdkmdap () -> \SystemRoot\system32\DRIVERS\atikmpag.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - AmdPPM (@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver) -> \SystemRoot\System32\drivers\amdppm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - AppID (@%systemroot%\system32\appidsvc.dll,-102) -> \SystemRoot\system32\drivers\appid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - bcmfn2 (@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service) -> \SystemRoot\System32\drivers\bcmfn2.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - bowser (@%systemroot%\system32\browser.dll,-102) -> system32\DRIVERS\bowser.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BthAvrcpTg (@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID) -> \SystemRoot\System32\drivers\BthAvrcpTg.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BthHFEnum (@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator) -> \SystemRoot\System32\drivers\bthhfenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - bthhfhid (@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID) -> \SystemRoot\System32\drivers\BthHFHid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BTHMODEM (@bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver) -> \SystemRoot\System32\drivers\bthmodem.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - circlass (@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices) -> \SystemRoot\System32\drivers\circlass.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - CmBatt (@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver) -> \SystemRoot\System32\drivers\CmBatt.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CompositeBus (@CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver) -> \SystemRoot\System32\drivers\CompositeBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - condrv (Console Driver) -> System32\drivers\condrv.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - dmvsc () -> \SystemRoot\System32\drivers\dmvsc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - drmkaud (@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers) -> \SystemRoot\system32\drivers\drmkaud.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - EraserUtilRebootDrv (EraserUtilRebootDrv) -> \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ErrDev (@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver) -> \SystemRoot\System32\drivers\errdev.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - exfat (exFAT File System Driver) -> (?) - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - fastfat (FAT12/16/32 File System Driver) -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - fdc (@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver) -> \SystemRoot\System32\drivers\fdc.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - flpydisk (@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver) -> \SystemRoot\System32\drivers\flpydisk.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - FxPPM (@cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver) -> \SystemRoot\System32\drivers\fxppm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - gencounter (@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter) -> \SystemRoot\System32\drivers\vmgencounter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - GPIOClx0101 (Microsoft GPIO Class Extension Driver) -> System32\Drivers\msgpioclx.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HdAudAddService (@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Function Driver for High Definition Audio Service) -> \SystemRoot\system32\drivers\HdAudio.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - HDAudBus (@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio) -> \SystemRoot\System32\drivers\HDAudBus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - HidBatt (@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver) -> \SystemRoot\System32\drivers\HidBatt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidBth (@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport) -> \SystemRoot\System32\drivers\hidbth.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hidi2c (@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver) -> \SystemRoot\System32\drivers\hidi2c.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidIr (@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver) -> \SystemRoot\System32\drivers\hidir.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HidUsb (@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver) -> \SystemRoot\System32\drivers\hidusb.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - hyperkbd () -> \SystemRoot\System32\drivers\hyperkbd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HyperVideo () -> \SystemRoot\system32\DRIVERS\HyperVideo.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - i8042prt (@keyboard.inf,%i8042prt.SvcDesc%;i8042 Keyboard and PS/2 Mouse Port Driver) -> \SystemRoot\System32\drivers\i8042prt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSSi_GPIO (@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSSi_I2C (@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_I2C.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - intelppm (@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver) -> \SystemRoot\System32\drivers\intelppm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IpFilterDriver (@%systemroot%\system32\rascfg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPMIDRV () -> \SystemRoot\System32\drivers\IPMIDrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IRENUM (@%SystemRoot%\system32\drivers\irenum.sys,-100) -> system32\drivers\irenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iScsiPrt (@iscsi.inf,%iScsiPortName%;iScsiPort Driver) -> \SystemRoot\System32\drivers\msiscsi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - kbdclass (@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver) -> \SystemRoot\System32\drivers\kbdclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kbdhid (@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver) -> \SystemRoot\System32\drivers\kbdhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kdnic (@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20)) -> \SystemRoot\system32\DRIVERS\kdnic.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - L1C (@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller) -> \SystemRoot\system32\DRIVERS\L1C63x64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Modem () -> system32\drivers\modem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - monitor (@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service) -> \SystemRoot\System32\drivers\monitor.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouclass (@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver) -> \SystemRoot\System32\drivers\mouclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouhid (@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver) -> \SystemRoot\System32\drivers\mouhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mpsdrv (@%SystemRoot%\system32\FirewallAPI.dll,-23092) -> System32\drivers\mpsdrv.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - MsBridge (@%SystemRoot%\system32\bridgeres.dll,-1) -> \SystemRoot\system32\DRIVERS\bridge.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - msgpiowin32 (@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator) -> \SystemRoot\System32\drivers\msgpiowin32.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mshidkmdf (@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100) -> \SystemRoot\System32\drivers\mshidkmdf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mshidumdf (@%SystemRoot%\system32\drivers\mshidumdf.sys,-100) -> \SystemRoot\System32\drivers\mshidumdf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSKSSRV (@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy) -> \SystemRoot\system32\drivers\MSKSSRV.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MsLldp (@C:\Windows\system32\DRIVERS\mslldp.sys,-200) -> \SystemRoot\system32\DRIVERS\mslldp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPCLOCK (@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy) -> \SystemRoot\system32\drivers\MSPCLOCK.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPQM (@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy) -> \SystemRoot\system32\drivers\MSPQM.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MsRPC () -> (?) - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSTEE (@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter) -> \SystemRoot\system32\drivers\MSTEE.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MTConfig (@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver) -> \SystemRoot\System32\drivers\MTConfig.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - NativeWifiP (@%SystemRoot%\System32\drivers\nwifi.sys,-101) -> \SystemRoot\system32\DRIVERS\nwifi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - NdisCap (@%SystemRoot%\System32\drivers\ndiscap.sys,-5000) -> \SystemRoot\system32\DRIVERS\ndiscap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisImPlatform (@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501) -> \SystemRoot\system32\DRIVERS\NdisImPlatform.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisTapi (@%systemroot%\system32\rascfg.dll,-32001) -> \SystemRoot\system32\DRIVERS\ndistapi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - Ndisuio (@ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol) -> \SystemRoot\system32\DRIVERS\ndisuio.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NdisVirtualBus (@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200) -> \SystemRoot\System32\drivers\NdisVirtualBus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - NdisWan (@%systemroot%\system32\rascfg.dll,-32002) -> \SystemRoot\system32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisWanLegacy (@%systemroot%\system32\rascfg.dll,-32014) -> \SystemRoot\system32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NDProxy (NDIS Proxy) -> (?) - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - netvsc () -> \SystemRoot\System32\drivers\netvsc63.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - Ntfs () -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Parport (@msports.inf,%Parport.SVCDESC%;Parallel port driver) -> \SystemRoot\System32\drivers\parport.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Processor (@cpu.inf,%Processor.SvcDesc%;Processor Driver) -> \SystemRoot\System32\drivers\processr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasPppoe (@%systemroot%\system32\rascfg.dll,-32007) -> \SystemRoot\system32\DRIVERS\raspppoe.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> \SystemRoot\system32\DRIVERS\rassstp.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - rdpbus (@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver) -> \SystemRoot\System32\drivers\rdpbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - RDPDR (@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100) -> System32\drivers\rdpdr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - ReFS () -> (?) - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - s3cap () -> \SystemRoot\System32\drivers\vms3cap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdbus () -> \SystemRoot\System32\drivers\sdbus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdstor (@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver) -> \SystemRoot\System32\drivers\sdstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SerCx (Serial UART Support Library) -> system32\drivers\SerCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SerCx2 (Serial UART Support Library) -> system32\drivers\SerCx2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serenum (@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver) -> \SystemRoot\System32\drivers\serenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serial (@msports.inf,%Serial.SVCDESC%;Serial port driver) -> \SystemRoot\System32\drivers\serial.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sermouse (@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver) -> \SystemRoot\System32\drivers\sermouse.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sfloppy (@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive) -> \SystemRoot\System32\drivers\sfloppy.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SpbCx (Simple Peripheral Bus Support Library) -> system32\drivers\SpbCx.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srvnet () -> System32\DRIVERS\srvnet.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - swenum (@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver) -> \SystemRoot\System32\drivers\swenum.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - SymEvent () -> \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - TCPIP6 (@netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver) -> \SystemRoot\system32\DRIVERS\tcpip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - terminpt (@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver) -> \SystemRoot\System32\drivers\terminpt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TPM (@tpm.inf,%TPM%;TPM) -> \SystemRoot\system32\drivers\tpm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TsUsbFlt () -> system32\drivers\tsusbflt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TsUsbGD (@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device) -> \SystemRoot\System32\drivers\TsUsbGD.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - tunnel (@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver) -> \SystemRoot\system32\DRIVERS\tunnel.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UASPStor (@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver) -> \SystemRoot\System32\drivers\uaspstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UCX01000 (USB Controller Extension) -> \SystemRoot\System32\drivers\ucx01000.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UEFI (@uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver) -> \SystemRoot\System32\drivers\UEFI.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - umbus (@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver) -> \SystemRoot\System32\drivers\umbus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - UmPass (@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver) -> \SystemRoot\System32\drivers\umpass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - usbccgp (@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver) -> \SystemRoot\System32\drivers\usbccgp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbcir (@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR)) -> \SystemRoot\System32\drivers\usbcir.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbehci (@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbehci.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - usbhub (@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver) -> \SystemRoot\System32\drivers\usbhub.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - USBHUB3 (@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub) -> \SystemRoot\System32\drivers\UsbHub3.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbohci (@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbohci.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbprint (@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class) -> \SystemRoot\System32\drivers\usbprint.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBSTOR (@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver) -> \SystemRoot\System32\drivers\USBSTOR.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbuhci (@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbuhci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbvideo (@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM)) -> \SystemRoot\System32\Drivers\usbvideo.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - USBXHCI (@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\USBXHCI.SYS - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - VerifierExt (@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000) -> system32\drivers\VerifierExt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhdmp () -> \SystemRoot\System32\drivers\vhdmp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - VMBusHID () -> \SystemRoot\System32\drivers\VMBusHID.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vpci (@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus) -> \SystemRoot\System32\drivers\vpci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WacomPen (@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver) -> \SystemRoot\System32\drivers\wacompen.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> \SystemRoot\system32\drivers\WdBoot.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> \SystemRoot\system32\drivers\WdFilter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WdNisDrv (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370) -> system32\Drivers\WdNisDrv.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - WIMMount (WIMMount) -> system32\drivers\wimmount.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinUsb (@wpdmtp.inf,%WinUsb.SvcDesc%;WinUsb) -> \SystemRoot\system32\DRIVERS\WinUsb.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WmiAcpi (@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI) -> \SystemRoot\System32\drivers\wmiacpi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wpcfltr (Family Safety Filter Driver) -> system32\DRIVERS\wpcfltr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wpCtrlDrv_NGC (Symantec Webcam Control functional driver) -> \SystemRoot\system32\drivers\NGCx64\160E000.036\wpCtrlDrv.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WpdUpFltr (@%systemroot%\System32\drivers\WpdUpFltr.sys,-100) -> System32\drivers\WpdUpFltr.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WSDPrintDevice (@WSDPrint.Inf,%WSDPrintDevice.SVCDESC%;WSD Print Support) -> \SystemRoot\System32\drivers\WSDPrint.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WSDScan (@sti.inf,%WSDScan.SvcDesc%;WSD Scan Support) -> \SystemRoot\system32\DRIVERS\WSDScan.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WUDFRd (@hidbthle.inf,%WudfRdDisplayName%;Windows Driver Foundation - User-mode Driver Framework Reflector) -> \SystemRoot\System32\drivers\WUDFRd.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WUDFSensorLP (@locationprovider.inf,%WudfLocationProviderDisplayName%;UMDF Reflector service for LocationProvider) -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WUDFWpdFs () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WUDFWpdMtp () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: True R4 - [File System Driver] - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys - AcceptPause: False - AcceptStop: True S4 - [File System Driver] - udfs (udfs) -> system32\DRIVERS\udfs.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: False ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\499c114e-8890-5040-9c02-24abe7d3ebe9] : (Joplin 2.11.11.-.Laurent Cozic) -> "C:\Users\4rem été 2023 vexe s\AppData\Local\Programs\Joplin\Uninstall Joplin.exe" /currentuser [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\774f2290-3906-58eb-baae-35b0dc01c31e] : (Standard Notes 3.167.1.-.Standard Notes) -> "C:\Users\4rem été 2023 vexe s\AppData\Local\Programs\@standardnotesinner-desktop\Uninstall Standard Notes.exe" /currentuser [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MicroSIP] : (.-.) -> [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{377267F8-CCF7-4815-8D70-922BB31544D3}_is1] : (Taskbarify version 1.0.0.1.-.Taskbarify) -> "C:\Users\4rem été 2023 vexe s\AppData\Local\Programs\Taskbarify\unins000.exe" [HKU\S-1-5-21-3171542008-311482996-984047150-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{84397963-BE19-41C0-96B5-A99788C74F2A}_is1] : (Pinaview version 1.0.0.1.-.Pinaview) -> "C:\Users\4rem été 2023 vexe s\AppData\Local\Programs\Pinaview\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Ambassador 1.3.0 (x64 en-US)] : (Ambassador 1.3.0 (x64 en-US).-.Ascrod) -> "C:\Program Files\Ambassador\uninstall\helper.exe" ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EditPad Lite 8] : (EditPad Lite 8 v.8.4.1.-.Just Great Software) -> C:\Program Files\Just Great Software\EditPad Lite 8\UnDeploy64.exe "C:\Program Files\Just Great Software\EditPad Lite 8\Deploy.log" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Grand Explorer] : (Grand Explorer.-.GrandExp Soft Devs) -> C:\Program Files\Grand Explorer\Uninstaller.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Sevinst] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\TreeSize Free_is1] : (TreeSize Free V4.6.3 (64 bit).-.JAM Software) -> "C:\Program Files\JAM Software\TreeSize Free\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0EF28CD3-9372-475F-ADAC-3286280CBC3A}] : (PDF-XChange Editor.-.Tracker Software Products (Canada) Ltd.) -> MsiExec.exe /I{0EF28CD3-9372-475F-ADAC-3286280CBC3A} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2A4553B2-B56E-1014-AED5-97CC8B569609}] : (QGIS 3.32.0 'Lima'.-.QGIS.org) -> MsiExec.exe /X{2A4553B2-B56E-1014-AED5-97CC8B569609} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3002F564-4BC6-496A-9EB1-6656F0ADD0F5}] : (Bonjour SDK.-.Apple Inc.) -> MsiExec.exe /I{3002F564-4BC6-496A-9EB1-6656F0ADD0F5} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{337435D9-A24E-4655-90A6-4DD51FFFBB59}] : (PDFsam Basic.-.Sober Lemur S.r.l.) -> MsiExec.exe /I{337435D9-A24E-4655-90A6-4DD51FFFBB59} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3B52584E-B01A-456B-A6D9-A2135F8B1E98}] : (TeraCopy.-.Code Sector) -> MsiExec.exe /I{3B52584E-B01A-456B-A6D9-A2135F8B1E98} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4B3EF5E6-9A2C-0A1B-C61C-B1FD444B84BC}] : (ccc-utility64.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B8BF99B6-750E-45C5-A07D-AF394E5B6139}] : (LibreOffice 7.5.4.2.-.The Document Foundation) -> MsiExec.exe /I{B8BF99B6-750E-45C5-A07D-AF394E5B6139} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E7ACB435-E0B4-4770-77DE-ED38887CD133}] : (AMD Fuel.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{EE38015E-CE4F-4551-8132-71677961B8AD}] : (Jitsi.-.Jitsi) -> MsiExec.exe /I{EE38015E-CE4F-4551-8132-71677961B8AD} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F07C0CF2-6021-403A-99CA-1164340B09FB}] : (Open-Shell.-.The Open-Shell Team) -> MsiExec.exe /X{F07C0CF2-6021-403A-99CA-1164340B09FB} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1433238834_is1] : (Worms World Party Remastered.-.GOG.com) -> "C:\GOG Games\Worms World Party Remastered\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Absolute Uninstaller] : (Absolute Uninstaller 5.3.1.49.-.Glarysoft Ltd) -> C:\Program Files (x86)\Glarysoft\Absolute Uninstaller 5\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AdvancePCPro] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Decrap my Computer] : (Decrap my Computer.-.Macecraft Software) -> "C:\Program Files (x86)\Decrap my Computer\Uninstall\uninstall.exe" "/U:C:\Program Files (x86)\Decrap my Computer\Uninstall\uninstall.xml" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Decrap my Computer-InstallData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Flux] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Onesafe PC Cleaner_is1] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Privacy Suite_is1] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{070232F8-068B-1FF6-B5C4-F8F38E09C7E1}] : (CCC Help Turkish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{104DE091-6C4F-C5A9-F619-5D6C965A0296}] : (CCC Help Chinese Traditional.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{18661EC5-2942-4C88-BCC1-A8A0DE135DA8}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{25A3B953-1423-3F15-640E-B620DD0F419A}] : (Catalyst Control Center - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{25A3B953-1423-3F15-640E-B620DD0F419A} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{285C9F30-3BF8-697B-BD1D-353435E94B78}] : (CCC Help Hungarian.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{29967A7C-6E18-91CD-BBE4-9C09F401E950}] : (CCC Help Italian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{30589E5B-46DD-446F-B3DA-5D9F5AE5CC3E}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4bdf0d88-95ab-4e7a-af3a-0e42b44d00e2}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{54D05374-2428-7BE0-58CD-CE8031163DE6}] : (CCC Help Russian.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{59B4D4B8-E6E3-4E8B-9711-420E989675F5}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5C6AFE98-08BF-086A-300D-18F77D284966}] : (CCC Help Swedish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5C757800-27E8-2AE3-889A-8B959AE689F8}] : (CCC Help Japanese.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5D2B5E19-C333-4519-3D32-AAB8EEE9ACA4}] : (AMD Catalyst Control Center.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5D3EC645-B957-36A1-068A-FE8450963669}] : (CCC Help Spanish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{61B90A4D-8CC9-2FED-2495-AC8C9467C984}] : (CCC Help Norwegian.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7C5B13DA-6A68-86C7-ED29-610CA0F49555}] : (CCC Help French.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{80680785-2EE1-053F-9CD3-4B2C904596EE}] : (Catalyst Control Center InstallProxy.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{95B8F519-8C35-9010-A63C-51B3E0EE8D4E}] : (CCC Help Dutch.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{969568E5-5613-4BA5-8FA9-FB9023C9DE71}_is1] : (Comfort Clipboard Pro.-.Comfort Software Group) -> "C:\Program Files (x86)\ComfortClipboard\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A3806AB7-AB46-7672-A825-F9AE0DE6910A}] : (CCC Help Finnish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B079957C-3276-4B9F-DB08-D1CA8C090D9E}] : (CCC Help Greek.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B12BE177-DC00-5746-3AB9-91CD090AF555}] : (Catalyst Control Center Localization All.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BF5509A0-250A-25EA-0C19-61505E9EBA13}] : (CCC Help Chinese Standard.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C4EE2BA3-EEA5-9650-86E0-0405ECA5C22C}] : (CCC Help Thai.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C69EA753-0D3F-E48B-8C98-7F6310DC29B8}] : (CCC Help German.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EB766D4A-C56C-946D-F74D-43C78FE4521E}] : (CCC Help Korean.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ED0D7699-1943-0C29-7465-6530F8DE2DA2}] : (CCC Help Polish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EDA5BB56-AAF4-6889-AD8E-E25A17BD140B}] : (CCC Help Czech.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}] : (PremierOpinion.-.VoiceFive, Inc.) -> C:\Program Files (x86)\PremierOpinion\pmropn.exe -bootremove -uninst:PremierOpinion ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EEF14371-2D24-5A2D-0EF2-22010DB4CFA6}] : (CCC Help Danish.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FDD69799-37B2-9ACE-F70C-ABD1F96FD04C}] : (CCC Help Portuguese.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FDF2FE33-426D-45C2-4E70-76C162F1B790}] : (CCC Help English.-.Advanced Micro Devices, Inc.) -> ---------- | Ports ---------- | Microsoft Specifications CheckID: fe8d43ddda40eb4501ac9a210b9fef59db1{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe8d43ddda40eb4501ac9a210b9fef59db CheckID: fef6533c84d9a64bdc891c52a0f48f35ac1{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fef6533c84d9a64bdc891c52a0f48f35ac CheckID: fe9875c59842204b6fa47918bb767b67e11{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe9875c59842204b6fa47918bb767b67e1 CheckID: fe9e983757cc744f3fb740aad43d105baf1{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe9e983757cc744f3fb740aad43d105baf CheckID: fe61aa8a41a16e4120a270e3524a2162261{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe61aa8a41a16e4120a270e3524a216226 CheckID: fe755daa407b5749778172fd57c7b861b71{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe755daa407b5749778172fd57c7b861b7 CheckID: fe1559e6e1022144a8b5b0ae14281475a31{9274C832-3D8A-A294-FDE8-8B9272357098} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe1559e6e1022144a8b5b0ae14281475a3 CheckID: feb7b9575052ab4586b63f578a0d5ed6b41{9274C832-3D8A-A294-FDE8-8B9272357098} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> feb7b9575052ab4586b63f578a0d5ed6b4 CheckID: fec42e8b7606bb4090a496becefe2785a81{9274C832-3D8A-A294-FDE8-8B9272357098} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fec42e8b7606bb4090a496becefe2785a8 CheckID: fe92a6fa100b51498caacf731e82bd81ad1{9274C832-3D8A-A294-FDE8-8B9272357098} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe92a6fa100b51498caacf731e82bd81ad CheckID: fecacc723cc50741eeb5fd7028c96880731{9274C832-3D8A-A294-FDE8-8B9272357098} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fecacc723cc50741eeb5fd7028c9688073 CheckID: fe8803619b89914fb0912461ada0ec67e41{9274C832-3D8A-A294-FDE8-8B9272357098} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe8803619b89914fb0912461ada0ec67e4 CheckID: fe4300b8a611cf4618947fd022627501961{9274C832-3D8A-A294-FDE8-8B9272357098} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe4300b8a611cf4618947fd02262750196 CheckID: fef2e9d6a7356c44258d89660e8cbfa55d1{9274C832-3D8A-A294-FDE8-8B9272357098} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fef2e9d6a7356c44258d89660e8cbfa55d CheckID: fe5f43a552a04e47be97e28681602cb4ce1{9274C832-3D8A-A294-FDE8-8B9272357098} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe5f43a552a04e47be97e28681602cb4ce CheckID: fe724bbd90bd1949ceb1bf35faf10f29711{9274C832-3D8A-A294-FDE8-8B9272357098} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe724bbd90bd1949ceb1bf35faf10f2971 CheckID: fe5a84ed98de324b7495aab22f66ada3dd1{9274C832-3D8A-A294-FDE8-8B9272357098} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe5a84ed98de324b7495aab22f66ada3dd CheckID: ClassicIE1{F07C0CF2-6021-403A-99CA-1164340B09FB} - IE_BUILD>=90000 -> ClassicIE CheckID: fe1559e6e1022144a8b5b0ae14281475a31{BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe1559e6e1022144a8b5b0ae14281475a3 CheckID: fe8d43ddda40eb4501ac9a210b9fef59db1{77F3D72C-465F-BD51-890E-CC3914B1365F} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe8d43ddda40eb4501ac9a210b9fef59db CheckID: fef6533c84d9a64bdc891c52a0f48f35ac1{77F3D72C-465F-BD51-890E-CC3914B1365F} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fef6533c84d9a64bdc891c52a0f48f35ac CheckID: fe9875c59842204b6fa47918bb767b67e11{77F3D72C-465F-BD51-890E-CC3914B1365F} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe9875c59842204b6fa47918bb767b67e1 CheckID: fe9e983757cc744f3fb740aad43d105baf1{77F3D72C-465F-BD51-890E-CC3914B1365F} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe9e983757cc744f3fb740aad43d105baf CheckID: fe61aa8a41a16e4120a270e3524a2162261{77F3D72C-465F-BD51-890E-CC3914B1365F} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe61aa8a41a16e4120a270e3524a216226 CheckID: fe755daa407b5749778172fd57c7b861b71{77F3D72C-465F-BD51-890E-CC3914B1365F} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe755daa407b5749778172fd57c7b861b7 CheckID: AI64BitFiles0{3B52584E-B01A-456B-A6D9-A2135F8B1E98} - NOT VersionNT64 -> AI64BitFiles CheckID: fe691cf2e12069492d90ac31389ed768161{5247E16E-BCF8-95AB-1653-B3F8FBF8B3F1} - ("AMD64" ~= %PROCESSOR_ARCHITECTURE) AND ("x64" ~= ProductArchitecture) -> fe691cf2e12069492d90ac31389ed76816 CheckID: fea721edbfa1174f728a639dbb8a6660b11{F395FD4F-40E5-7B56-2BCB-B3CF52B3B52C} - NOT VersionNT64 -> fea721edbfa1174f728a639dbb8a6660b1 CheckID: fe572c9f1eae3546679166fececef16dc61{F395FD4F-40E5-7B56-2BCB-B3CF52B3B52C} - VersionNT64 -> fe572c9f1eae3546679166fececef16dc6 CheckID: fe1559e6e1022144a8b5b0ae14281475a31{F395FD4F-40E5-7B56-2BCB-B3CF52B3B52C} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe1559e6e1022144a8b5b0ae14281475a3 ---------- | CLSID (Whitelist) [HKCR\CLSID\{08D6D113-675E-4f07-A869-60A0713BBDB5}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{15FD01A3-6E5D-4ECD-9EBD-1813CB3887A1}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{1CEBDE3E-6B91-484A-AF48-5E4F4ED6B1E1}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{1CF9D401-3BC6-47eb-9607-004DCFEFD88D}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{1F77B17B-F531-44DB-ACA4-76ABB5010A28}] - (.-.) - C:\Program Files\AIMP\System\aimp_menu32.dll [HKCR\CLSID\{2386CB87-96FF-473D-A009-957E3BFE6F88}] - (.© 2007-2021 Code Sector - TeraCopy Shell Extension.) - C:\Program Files\TeraCopy\32-bit\Context.dll [21/04/2021 16:14:28] [HKCR\CLSID\{2C5F9B72-7148-4D97-BFC9-68A0E076BEBD}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{2FE8F810-B2A5-11d0-A787-0000F803ABFC}] - (.-.) - C:\Windows\system32\dplayx.dll [HKCR\CLSID\{4062C116-0270-11D3-8BCB-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{4108FA85-3586-11D3-8BD7-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{4516EC43-8F20-11D0-9B6D-0000C0781BC3}] - (.-.) - C:\Windows\system32\d3dxof.dll [HKCR\CLSID\{4D919989-4AE1-47ca-BD41-39BB9F1C4973}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{4EE17959-931E-49E4-A2C6-977ECF3628F3}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{4FF2411F-0C96-4cbf-86D3-C8D6669E21CE}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{523CE105-D7CD-4FE3-8CB0-1E9C8A572E45}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.36.272\psmachine.dll [HKCR\CLSID\{5826D73D-BB39-40B0-83AB-F6264C28AECC}] - (.-.) - C:\Program Files (x86)\e-Sword\ComboList.ocx [HKCR\CLSID\{584D2B36-4C34-4d88-83A2-F6E1EC56784D}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{5DE7918B-BFD7-4C1E-B4E0-B16D0A3EA76B}] - (.-.) - C:\Windows\SysWOW64\AuthHostProxy.dll [HKCR\CLSID\{60DCC162-E643-4809-A9F4-4F905F295716}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{640167b4-59b0-47a6-b335-a6b3c0695aea}] - (.-.) - C:\Windows\system32\audiodev.dll [HKCR\CLSID\{79BA9E00-B6EE-11D1-86BE-00C04FBF8FEF}] - (.-.) - C:\Windows\System32\dmband.dll [HKCR\CLSID\{810B5013-E88D-11D2-8BC1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{824A0A93-F495-48c1-83C4-09EDA26D15FC}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{860F9E75-4CF7-11D4-AD41-00B0D014C786}] - (.-.) - C:\Program Files (x86)\e-Sword\RichEdit.ocx [HKCR\CLSID\{860F9E77-4CF7-11D4-AD41-00B0D014C786}] - (.-.) - C:\Program Files (x86)\e-Sword\RichEdit.ocx [HKCR\CLSID\{882D7360-B957-4DE6-91FD-E82832F8ED9D}] - (.-.) - C:\Program Files (x86)\ComfortClipboard\CClipboardDeskBand.dll [20/07/2023 11:32:46] [HKCR\CLSID\{8AEC9DD4-6A7C-4ab2-A2DA-B6F2F35366A4}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{8BFA0A6B-30E1-43E3-A817-5D2FD1BBA4E4}] - (.-.) - C:\Program Files (x86)\e-Sword\ComboList.ocx [HKCR\CLSID\{9768DBDE-CA7E-400b-8C7D-F02CEF85B98D}] - (.YL Software - WinUtilities ComSkin Module.) - C:\PROGRA~2\WINUTI~1\dll\ComSkin.dll [23/07/2023 20:06:45] [HKCR\CLSID\{97D02319-5225-4BD6-BCD8-D8E65AA8A842}] - (.-.) - C:\PROGRA~2\PRIVAC~1\PSEDDS~1.DLL [HKCR\CLSID\{9B7CB601-AC89-4143-B879-D3856E8992A9}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.36.272\psmachine.dll [HKCR\CLSID\{9DF29763-A061-4329-BAD1-B18F95F8D9D9}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{9FBDFCF7-35ED-42bd-BF9C-417CAD0C9343}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{A0763D81-B7C9-487c-BEFC-1A1B1D8F4B63}] - (.YL Software - WinUtilities License Module.) - C:\PROGRA~2\WINUTI~1\dll\COMLIC~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{A35E5F84-E3CF-4914-8FDB-DB96D9D9624A}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{A6098E79-9C50-4F87-8973-5FB4532C93D8}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{A861C6E2-FCFC-11D2-8BC9-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{ADC5425D-C13C-4713-ADBA-09CEAAF68276}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{AF7A75BE-33DC-4c3a-9ACD-4EF8AAF02185}] - (.YL Software - WinUtilities History Cleaner Module.) - C:\PROGRA~2\WINUTI~1\dll\COMHIS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{B1AAB3CB-5C0B-BC9C-177B-74C1C6D25EC7}] - (.-.) - C:\Windows\system32\civdjaanke.dll [HKCR\CLSID\{B51593B2-75D7-4a06-9356-00B9B94AD1B1}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{BD7561B4-4084-4D63-9C73-C054C99B6D1D}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.34.13\psmachine.dll [HKCR\CLSID\{C0DE1860-000D-4CB4-A924-D00A640A917D}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-0499-429C-8FAF-12AC08E801BE}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-1080-4CA0-AE3C-FB017B98ADB2}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-17A6-427A-972A-53BAE2D968C7}] - (.©1998-2018 Codejock Software, - Xtreme Report Control ActiveX Module.) - C:\Windows\SysWOW64\Codejock.ReportControl.Unicode.v18.6.0.ocx [24/10/2018 15:42:38] [HKCR\CLSID\{C0DE1860-1C32-4FCF-AD92-0ABC8202DDD9}] - (.©1998-2018 Codejock Software, - Xtreme Docking Pane ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.DockingPane.Unicode.v18.6.0.ocx [24/10/2018 15:42:22] [HKCR\CLSID\{C0DE1860-1D63-41A5-852A-34FF6C9EA7A9}] - (.©1998-2018 Codejock Software, - Xtreme Docking Pane ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.DockingPane.Unicode.v18.6.0.ocx [24/10/2018 15:42:22] [HKCR\CLSID\{C0DE1860-2217-42EE-B1B0-82C890431F17}] - (.©1998-2018 Codejock Software, - Xtreme SkinFramework ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.SkinFramework.Unicode.v18.6.0.ocx [24/10/2018 15:42:44] [HKCR\CLSID\{C0DE1860-2A14-45F4-920A-C02C893A4C1C}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-2FB1-4365-BD0C-AEC78898E607}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-31D2-4B4A-85B8-14C2465ADA30}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-32A9-4CF3-BC6B-AF5D960124C2}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-3417-4473-8683-60262B0C8485}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-3F65-453D-91A6-AACCAAD134BF}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-40D2-42F1-AAD8-2EE2CAB54C6E}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-4B8C-4830-B77F-4CDFCF11A5F4}] - (.©1998-2018 Codejock Software, - Xtreme Report Control ActiveX Module.) - C:\Windows\SysWOW64\Codejock.ReportControl.Unicode.v18.6.0.ocx [24/10/2018 15:42:38] [HKCR\CLSID\{C0DE1860-51C1-4139-994D-C16DFB8F7D9E}] - (.©1998-2018 Codejock Software, - Xtreme Report Control ActiveX Module.) - C:\Windows\SysWOW64\Codejock.ReportControl.Unicode.v18.6.0.ocx [24/10/2018 15:42:38] [HKCR\CLSID\{C0DE1860-53A3-4B3E-BFF4-44DFFBA03997}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-589B-49D9-908F-E40E135F82C0}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-5F3F-4975-9280-ACE1204412E4}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-607A-4DB1-9392-FC8FE2C8CE94}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-6549-4F7F-BF37-CCE38B157FFB}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-6A65-432B-83B0-17D03E48AFEF}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-6CA4-494F-B1DF-0F5D257BFDBD}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-6CF3-4E62-84E0-3A294384BEFC}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-7279-4FEB-8673-6816B6C9FE24}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-73AF-48E7-916F-F759FA2AA93A}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-7A60-4B27-A594-D1E045BBA3D3}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-8422-4D30-85AC-FB0B655D400F}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-85F1-47D9-A237-01BE9203BB36}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-8AA3-49E1-875E-582467D570BE}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-9015-4D9A-9FE2-D6921AACF412}] - (.©1998-2018 Codejock Software, - Xtreme Report Control ActiveX Module.) - C:\Windows\SysWOW64\Codejock.ReportControl.Unicode.v18.6.0.ocx [24/10/2018 15:42:38] [HKCR\CLSID\{C0DE1860-9159-461C-B514-B69932020221}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-9796-4F31-8ECF-208741CB4E49}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-9842-4F93-AC54-693B54AE668E}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-9C06-4328-AD29-2603CF893882}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-B7EF-4125-A870-113F0518A583}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-B8DD-4D4F-85D6-A7C155829B18}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-C16F-427D-91D1-D90B7E3A341E}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-C4B0-4042-9124-45306CDABACB}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-CFE9-4705-8260-22CAD3AA4554}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-D9CB-4B48-82FB-38A57D81F48A}] - (.©1998-2018 Codejock Software, - Xtreme Docking Pane ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.DockingPane.Unicode.v18.6.0.ocx [24/10/2018 15:42:22] [HKCR\CLSID\{C0DE1860-E1B5-41B0-B19B-81AA676DB5D4}] - (.©1998-2018 Codejock Software, - Xtreme Report Control ActiveX Module.) - C:\Windows\SysWOW64\Codejock.ReportControl.Unicode.v18.6.0.ocx [24/10/2018 15:42:38] [HKCR\CLSID\{C0DE1860-F3BE-4610-92E7-E7BF40156859}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-F43F-4510-9EE7-94845C6675DF}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-F612-4B9F-A9F0-041221FE48B0}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-F744-4373-B38D-29CE83EF0EE5}] - (.©1998-2018 Codejock Software, - Xtreme SkinFramework ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.SkinFramework.Unicode.v18.6.0.ocx [24/10/2018 15:42:44] [HKCR\CLSID\{C0DE1860-FB64-432E-84AA-2F2902214402}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C0DE1860-FE61-4788-BB33-C106E17462DD}] - (.©1998-2018 Codejock Software, - Xtreme Suite ActiveX Control Module.) - C:\Windows\SysWOW64\Codejock.Controls.Unicode.v18.6.0.ocx [24/10/2018 15:42:20] [HKCR\CLSID\{C2175ABC-D15D-4828-AA36-10C662E32999}] - (.© 2007-2021 Code Sector - TeraCopy Shell Extension.) - C:\Program Files\TeraCopy\32-bit\TeraCopy.dll [21/04/2021 16:14:28] [HKCR\CLSID\{C5324769-D2B9-43a5-8DE5-A2A1A7F24FEF}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.36.272\psmachine.dll [HKCR\CLSID\{C64501F6-E6E6-451f-A150-25D0839BC510}] - (.-.) - C:\Windows\SysWOW64\speech\engines\tts\MSTTSEngine.dll [21/11/2014 11:15:21] [HKCR\CLSID\{C70EB77F-EFD4-4678-A27B-BF1648F30D04}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{D1EB6D20-8923-11d0-9D97-00A0C90A43CB}] - (.-.) - C:\Windows\system32\dplayx.dll [HKCR\CLSID\{D2AC2894-B39B-11D1-8704-00600893B1BD}] - (.-.) - C:\Windows\System32\dmband.dll [HKCR\CLSID\{D3075F87-A7BD-4231-9F6A-60C5E07374A7}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{DBCDAF53-8C25-4697-BBC3-6936E6E138FB}] - (.YL Software - WinUtilities System Control Module.) - C:\PROGRA~2\WINUTI~1\dll\COMSYS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{E19A7C4A-CC40-4722-9CB7-918AF6823702}] - (.YL Software - WinUtilities History Cleaner Module.) - C:\PROGRA~2\WINUTI~1\dll\COMHIS~1.DLL [23/07/2023 20:06:45] [HKCR\CLSID\{E4288337-873B-11D1-BAA0-00AA00BBB8C0}] - (.-.) - C:\Windows\SysWOW64\InputMethod\CHS\ChsIFEComp.dll [21/11/2014 11:17:18] [HKCR\CLSID\{e8cc4cbe-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll [HKCR\CLSID\{e8cc4cbf-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll [HKCR\CLSID\{EBF2320A-2502-11D3-8BD1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll [HKCR\CLSID\{F51FB829-3CE0-40E7-9926-43CCF4949C62}] - (.-.) - C:\PROGRA~2\PRIVAC~1\PSEFFS~1.DLL ---------- | Installer [HKCR\Installer\Products\008757C58E723EA288A9B859A96E988F] : CCC Help Japanese -> C:\Windows\Installer\{5C757800-27E8-2AE3-889A-8B959AE689F8}\ARPPRODUCTICON.exe [HKCR\Installer\Products\03F9C5828FB3B796DBD15343539EB487] : CCC Help Hungarian -> C:\Windows\Installer\{285C9F30-3BF8-697B-BD1D-353435E94B78}\ARPPRODUCTICON.exe [HKCR\Installer\Products\07E464739B0BFFD946A9BC1E96AB6D75] : Windows Software Development Kit for Windows Store Apps [HKCR\Installer\Products\0A9055FBA052AE52C0911605E5E9AB31] : CCC Help Chinese Standard -> C:\Windows\Installer\{BF5509A0-250A-25EA-0C19-61505E9EBA13}\ARPPRODUCTICON.exe [HKCR\Installer\Products\16CEC2D10F3CE72C27089F6D1B3087EB] : Windows App Certification Kit Native Components [HKCR\Installer\Products\17341FEE42D2D2A5E02F2210D04BFC6A] : CCC Help Danish -> C:\Windows\Installer\{EEF14371-2D24-5A2D-0EF2-22010DB4CFA6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\190ED401F4C69A5C6F91D5C669A52069] : CCC Help Chinese Traditional -> C:\Windows\Installer\{104DE091-6C4F-C5A9-F619-5D6C965A0296}\ARPPRODUCTICON.exe [HKCR\Installer\Products\238C4729A8D3492ADF8EB82927530789] : SDK Debuggers [HKCR\Installer\Products\2B3554A2E65B4101EA5D79CCB8656990] : QGIS 3.32.0 'Lima' -> C:\Windows\Installer\{2A4553B2-B56E-1014-AED5-97CC8B569609}\icon.ico [HKCR\Installer\Products\2F220489ACB9D14AA683A16E850F4151] : Windows Software Development Kit [HKCR\Installer\Products\2FC0C70F1206A30499AC114643B090BF] : Open-Shell -> C:\Windows\Installer\{F07C0CF2-6021-403A-99CA-1164340B09FB}\icon.ico [HKCR\Installer\Products\33EF2FDFD6242C54E407671C261F7B09] : CCC Help English -> C:\Windows\Installer\{FDF2FE33-426D-45C2-4E70-76C162F1B790}\ARPPRODUCTICON.exe [HKCR\Installer\Products\357AE96CF3D0B84EC889F73601CD928B] : CCC Help German -> C:\Windows\Installer\{C69EA753-0D3F-E48B-8C98-7F6310DC29B8}\ARPPRODUCTICON.exe [HKCR\Installer\Products\359B3A52324151F346E06B02DDF014A9] : Catalyst Control Center - Branding -> C:\Windows\Installer\{25A3B953-1423-3F15-640E-B620DD0F419A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3AB2EE4C5AEE0569680E4050CE5A2CC2] : CCC Help Thai -> C:\Windows\Installer\{C4EE2BA3-EEA5-9650-86E0-0405ECA5C22C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\3DC82FE02739F574DACA236882C0CBA3] : PDF-XChange Editor -> C:\Windows\Installer\{0EF28CD3-9372-475F-ADAC-3286280CBC3A}\AppIco [HKCR\Installer\Products\4003DA6594B0F7696F280B65056BA187] : Windows Software Development Kit for Windows Store Apps DirectX x86 Remote [HKCR\Installer\Products\465F20036CB4A694E91B66650FDA0D5F] : Bonjour SDK -> C:\Windows\Installer\{3002F564-4BC6-496A-9EB1-6656F0ADD0F5}\Bonjour.ico [HKCR\Installer\Products\47350D4582420EB785DCEC081361D36E] : CCC Help Russian -> C:\Windows\Installer\{54D05374-2428-7BE0-58CD-CE8031163DE6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\534BCA7E4B0E077477EDDE8388C71D33] : AMD Fuel -> C:\Windows\Installer\{E7ACB435-E0B4-4770-77DE-ED38887CD133}\ARPPRODUCTICON.exe [HKCR\Installer\Products\546CE3D5759B1A6360A8EF4805696396] : CCC Help Spanish -> C:\Windows\Installer\{5D3EC645-B957-36A1-068A-FE8450963669}\ARPPRODUCTICON.exe [HKCR\Installer\Products\587086081EE2F350C93DB4C2095469EE] : Catalyst Control Center InstallProxy -> C:\Windows\Installer\{80680785-2EE1-053F-9CD3-4B2C904596EE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5BC18FFB7C8E4814BF4B47DABF6CCCBC] : WPTx64 [HKCR\Installer\Products\5CE16681249288C4CB1C8A0AED31D58A] : OpenOffice 4.1.14 -> C:\Windows\Installer\{18661EC5-2942-4C88-BCC1-A8A0DE135DA8}\soffice.ico [HKCR\Installer\Products\65BB5ADE4FAA9886DAE82EA571DB41B0] : CCC Help Czech -> C:\Windows\Installer\{EDA5BB56-AAF4-6889-AD8E-E25A17BD140B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\6828BC1A3BFC589A7D9927A1F0A2723F] : Windows Software Development Kit DirectX x86 Remote [HKCR\Installer\Products\6AC1A3FCE5E5DB4BC61F63036518C62A] : MSI Development Tools [HKCR\Installer\Products\6B99FB8BE0575C540AD7FA93E4B51693] : LibreOffice 7.5.4.2 -> C:\Windows\Installer\{B8BF99B6-750E-45C5-A07D-AF394E5B6139}\soffice.ico [HKCR\Installer\Products\6E5FE3B4C2A9B1A06CC11BDF44B448CB] : ccc-utility64 -> C:\Windows\Installer\{4B3EF5E6-9A2C-0A1B-C61C-B1FD444B84BC}\ARPPRODUCTICON.exe [HKCR\Installer\Products\771EB21B00CD6475A39B19DC90A05F55] : Catalyst Control Center Localization All -> C:\Windows\Installer\{B12BE177-DC00-5746-3AB9-91CD090AF555}\ARPPRODUCTICON.exe [HKCR\Installer\Products\7BA6083A64BA27678A529FEAD06E19A0] : CCC Help Finnish -> C:\Windows\Installer\{A3806AB7-AB46-7672-A825-F9AE0DE6910A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\89EFA6C5FB80A68003D0817FD7829466] : CCC Help Swedish -> C:\Windows\Installer\{5C6AFE98-08BF-086A-300D-18F77D284966}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8B4D4B953E6EB8E4791124E08969575F] : EchoLink [HKCR\Installer\Products\8F232070B8606FF15B4C8F3FE8907C1E] : CCC Help Turkish -> C:\Windows\Installer\{070232F8-068B-1FF6-B5C4-F8F38E09C7E1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\915F8B5953C801096AC3153B0EEED8E4] : CCC Help Dutch -> C:\Windows\Installer\{95B8F519-8C35-9010-A63C-51B3E0EE8D4E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\91E5B2D5333C9154D323AA8BEE9ECA4A] : AMD Catalyst Control Center -> C:\Windows\Installer\{5D2B5E19-C333-4519-3D32-AAB8EEE9ACA4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9967D0DE349192C0475656038FEDD22A] : CCC Help Polish -> C:\Windows\Installer\{ED0D7699-1943-0C29-7465-6530F8DE2DA2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\99796DDF2B73ECA97FC0BA1D9FF60DC4] : CCC Help Portuguese -> C:\Windows\Installer\{FDD69799-37B2-9ACE-F70C-ABD1F96FD04C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9D534733E42A5564096AD45DF1FFBB95] : PDFsam Basic -> C:\Windows\Installer\{337435D9-A24E-4655-90A6-4DD51FFFBB59}\pdfsam.ico [HKCR\Installer\Products\A4D667BEC65CD6497FD4347CF84E25E1] : CCC Help Korean -> C:\Windows\Installer\{EB766D4A-C56C-946D-F74D-43C78FE4521E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A5254F69D074C51F97E6859D89C8E3F5] : Windows Software Development Kit for Windows Store Apps DirectX x64 Remote [HKCR\Installer\Products\A9BF3F4605296D2B004B05EB3085EA8E] : WPT Redistributables [HKCR\Installer\Products\AD31B5C786A67C68DE9216C00A4F5955] : CCC Help French -> C:\Windows\Installer\{7C5B13DA-6A68-86C7-ED29-610CA0F49555}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B5E98503DD64F6443BADD5F9A55ECCE3] : e-Sword -> C:\Windows\Installer\{30589E5B-46DD-446F-B3DA-5D9F5AE5CC3E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BF01119B4B33B864092CD4E5A83EAF1E] : Bonjour -> C:\Windows\Installer\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}\Bonjour.ico [HKCR\Installer\Products\C27D3F77F56415DB98E0CC93411B63F5] : Application Verifier x64 External Package [HKCR\Installer\Products\C759970B6723F9B4BD801DACC890D0E9] : CCC Help Greek -> C:\Windows\Installer\{B079957C-3276-4B9F-DB08-D1CA8C090D9E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C7A7699281E6DC19BB4EC9904F109E05] : CCC Help Italian -> C:\Windows\Installer\{29967A7C-6E18-91CD-BBE4-9C09F401E950}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D4A09B169CC8DEF24259CAC849769C48] : CCC Help Norwegian -> C:\Windows\Installer\{61B90A4D-8CC9-2FED-2495-AC8C9467C984}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D7C68B433014B102A3313039D41B5134] : Windows Software Development Kit Redistributables [HKCR\Installer\Products\DF56E47B74CC5C14B49897A1F31649D2] : Kits Configuration Installer [HKCR\Installer\Products\E48525B3A10BB6546A9D2A31F5B8E189] : TeraCopy -> C:\Windows\Installer\{3B52584E-B01A-456B-A6D9-A2135F8B1E98}\TeraCopySmall.exe [HKCR\Installer\Products\E51083EEF4EC15541823177697168BDA] : Jitsi -> C:\Windows\Installer\{EE38015E-CE4F-4551-8132-71677961B8AD}\Icon.ico [HKCR\Installer\Products\E61E74258FCBBA5961353B8FBF8F3B1F] : Windows Software Development Kit DirectX x64 Remote [HKCR\Installer\Products\EAB7C5F1A1E139C7B10948EC03A8CFC1] : Windows Software Development Kit EULA [HKCR\Installer\Products\F4DF593F5E0465B7B2BC3BFC253B5BC2] : Windows App Certification Kit x64 ---------- | ADS ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog App windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel did not launch within its allotted time. ------------ Faulting application name: OWinstaller.exe, version: 2.218.0.6, time stamp: 0x63e0dc39 Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737 Exception code: 0xe0434352 Fault offset: 0x0000000000008b9c Faulting process id: 0x187c Faulting application start time: 0x01d9bd9998e9182e Faulting application path: C:\Users\4REMT2~1\AppData\Local\Temp\nsxB5A0.tmp\OWinstaller.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: f2d9aefc-298c-11ee-8252-4c72b9f956a2 Faulting package full name: Faulting package-relative application ID: ------------ Application: OWinstaller.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.MissingMethodException Stack: at OWInstaller.Program.PerfomInitialization(System.String[], OWInstaller.OWCommandLine.Options) at OWInstaller.Program.Main(System.String[]) ------------ The program SystemSettings.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1a28 Start Time: 01d9bd84477d1f0a Termination Time: 4294967295 Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe Report Id: 90fa57bf-2977-11ee-8252-4c72b9f956a2 Faulting package full name: windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel ------------ App windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel did not launch within its allotted time. ------------ ------------ ------------ The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. ------------ Faulting application name: setup.tmp, version: 51.1052.0.0, time stamp: 0x506a75b5 Faulting module name: cls-lollypop2.dll, version: 0.0.0.0, time stamp: 0x5a464340 Exception code: 0xc0000005 Fault offset: 0x00001589 Faulting process id: 0x1294 Faulting application start time: 0x01d9bc94e6a0168e Faulting application path: C:\Users\4REMT2~1\AppData\Local\Temp\is-TTN62.tmp\setup.tmp Faulting module path: C:\Users\4REMT2~1\AppData\Local\Temp\is-PQUKG.tmp\cls-lollypop2.dll Report Id: 82b3c96a-288b-11ee-8251-4c72b9f956a2 Faulting package full name: Faulting package-relative application ID: ------------ The Collect Procedure for the "C:\Windows\System32\winspool.drv" service in DLL "Spooler" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code. ------------ Volume Shadow Copy Service error: Unexpected error DeviceIoControl(\\?\Volume{7891ee5f-2632-11ee-8250-4c72b9f956a2} - 00000000000001B0,0x0053c008,000000F25817AA70,0,000000F25817BA80,4096,[0]). hr = 0x80070570, The file or directory is corrupted and unreadable. . Operation: Processing EndPrepareSnapshots Context: Execution Context: System Provider ------------ The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. ------------ ------------ ------------ Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070005, Access is denied. . ------------ Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070005, Access is denied. ] ------------ Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070005, Access is denied. . ------------ Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x80070005, Access is denied. ] ------------ Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80070005, Access is denied. . ------------ ----------( EOF)---------- - 6620 | 01:00:23