--------------- QuickDiag | g3n-h@ckm@n | V5_29.10.19.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 19/05/2022 13:02:31 Updated 29/10/2019 | 06:45 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Jean Marie CARRIBON (Administrator)] - [DESKTOP-NA2IIKJ] (S-1-5-21-2982999039-1405869219-2042017926-1001) System: Microsoft Windows 10 Famille - - (10.0.19043) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (2009) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition4 Boot : Normal boot PC: HP Slimline Desktop PC 260-a130nfm - HP - IdNumber: CNV8100HY0 - UUID: 7BFB0EFE-0E03-6BF6-F39A-B63A90A1986C Processor : X64 - 1796 Mhz - AMD E2-7110 APU with AMD Radeon R2 Graphics F.21 - fr|FR|iso8859-1 - AMI - S/N: CNV8100HY0 - F.21 - HPQOEM - 1072009 CoreTemp : 30 Celsius ----------| Extended ---------- | SoundDevice AMD High Definition Audio Device - Status: OK - Manufacturer: Advanced Micro Devices - PNPDeviceID: HDAUDIO\FUNC_01&VEN_1002&DEV_AA01&SUBSYS_00AA0100&REV_1005\4&2E7F43C5&0&0001 Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0867&SUBSYS_103C81B3&REV_1000\4&F951F4C&0&0001 ---------- | Video AMD Radeon(TM) R2 Graphics - Resolution: 1280x1024 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\u0366969.inf_amd64_425e4ca908447c57\B367342\aticfx64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\u0366969.inf_amd64_425e4ca908447c57\B367342\aticfx64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\u0366969.inf_amd64_425e4ca908447c57\B367342\aticfx64.dll,C:\WINDOWS\System32\DriverStore\FileRepository\u0366969.inf_amd64_425e4ca908447c57\B367342\amdxc64.dll - PNPDeviceID: PCI\VEN_1002&DEV_9850&SUBSYS_81B3103C&REV_40\3&11583659&0&08 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 536870912 Inegrated Video Chipset DeviceName: AMD Radeon(TM) R2 Graphics - DriverVersion: 8.1.1.1634 - SpecificationVersion: 1025 ---------- | Codecs C:\WINDOWS\system32\MSYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\TSBYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\L3CODECA.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 93184 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK C:\WINDOWS\system32\IYUV_32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSRLE32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 18432 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSVIDC32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39936 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\IMAADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 37440 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34600 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSG711.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25824 - Manufacturer: Microsoft Corporation - Status: OK C:\WINDOWS\system32\MSGSM32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42904 - Manufacturer: Microsoft Corporation - Status: OK ---------- | Memory RAM = Total (MB) : 3595 | Free (MB) : 1221 Pagefile = Total (MB) : 7265 | Free (MB) : 4304 Virtual = Total (MB) : 4194 | Free (MB) : 3920 Physical Memory (MB) -------------------- Total: 3510 Available: 1192 Cached: 1170 Free: 504 Kernel Memory (MB) ------------------ Paged: 267 Nonpaged: 237 System ------ Handles: 54866 Processes: 124 Threads: 1536 ---------- | SID Users Administrateur : [S-1-5-21-2982999039-1405869219-2042017926-500] DefaultAccount : [S-1-5-21-2982999039-1405869219-2042017926-503] Invité : [S-1-5-21-2982999039-1405869219-2042017926-501] Jean Marie CARRIBON : [S-1-5-21-2982999039-1405869219-2042017926-1001] WDAGUtilityAccount : [S-1-5-21-2982999039-1405869219-2042017926-504] Administrateurs : [S-1-5-32-544] Administrateurs Hyper-V : [S-1-5-32-578] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] Propriétaires d'appareils : [S-1-5-32-583] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] ---------- | Drives C:\ -> [Fixed] | [WINDOWS 10 FAMILLE 64 BITS] | Total : 930.91 Go | Free : 737.72 Go -> NTFS [SATA] D:\ -> [Removable] | [] | Total : 366.76 Go | Free : 64.84 Go -> exFAT [USB] E:\ -> [CDROM] | [WebPlus X7] | Total : 0.37 Go | Free : 0 Go -> CDFS [SATA] F:\ -> [Removable] | [] | Total : 366.76 Go | Free : 7.21 Go -> exFAT [USB] Drive: 0 Cylinders: 121601 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 1000204886016 bytes Drive: 1 Cylinders: 47885 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 393870311424 bytes Drive: 2 Cylinders: 47885 Tracks per Cylinder: 255 Sectors per Track: 63 Bytes per Sector: 512 Total Space: 393870311424 bytes ---------- | Windows updates - Activation - License W.A.T : :) Test 1 : Windows Is Activated Volume License ---------- | Browsers IE : 11.0.19041.1566 (© Microsoft Corporation. Tous droits réservés.) GC : 101.0.4951.67 (Copyright 2022 Google LLC.) Default : "C:\Program Files\Internet Explorer\iexplore.exe" ---------- | FlashPlayer FlashPlayer ActiveX : 11.6.602.168 ---------- | Security AV : COMODO Antivirus Disabled AS : Windows Defender Enabled FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Auto(2)] = stopped AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 508 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.19041.964) = C:\Windows\System32\smss.exe [12/05/2021 05:33:51] CPU Usage:0 % 764 | [Owner : Système | Parent : 688() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe [15/10/2020 10:24:39] CPU Usage:0 % 876 | [Owner : Système | Parent : 688() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.19041.1620) = C:\Windows\System32\wininit.exe [13/04/2022 17:20:29] CPU Usage:0 % 896 | [Owner : Système | Parent : 868() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe [15/10/2020 10:24:39] CPU Usage:2 % 960 | [Owner : Système | Parent : 876(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.19041.928) = C:\Windows\System32\services.exe [14/04/2021 19:39:06] CPU Usage:0 % 976 | [Owner : Système | Parent : 876(wininit.exe) | 16.43 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.19041.1586) = C:\Windows\System32\lsass.exe [10/03/2022 22:04:02] CPU Usage:0 % 68 | [Owner : Système | Parent : 868() | 9.07 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.19041.1620) = C:\Windows\System32\winlogon.exe [13/04/2022 17:20:49] CPU Usage:0 % 1076 | [Owner : Système | Parent : 960(services.exe) | 27.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 1096 | [Owner : UMFD-0 | Parent : 876(wininit.exe) | 2.49 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.1620) = C:\Windows\System32\fontdrvhost.exe [13/04/2022 17:20:47] CPU Usage:0 % 1100 | [Owner : UMFD-1 | Parent : 68(winlogon.exe) | 7.84 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.1620) = C:\Windows\System32\fontdrvhost.exe [13/04/2022 17:20:47] CPU Usage:0 % 1184 | [Owner : SERVICE RÉSEAU | Parent : 960(services.exe) | 14.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 1284 | [Owner : DWM-1 | Parent : 68(winlogon.exe) | 55.26 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.19041.746) = C:\Windows\System32\dwm.exe [14/01/2021 10:44:02] CPU Usage:2 % 1400 | [Owner : Système | Parent : 960(services.exe) | 71.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:2 % 1448 | [Owner : Système | Parent : 960(services.exe) | 66.27 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 1592 | [Owner : SERVICE LOCAL | Parent : 960(services.exe) | 28.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 1596 | [Owner : SERVICE LOCAL | Parent : 960(services.exe) | 25.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 1608 | [Owner : SERVICE LOCAL | Parent : 960(services.exe) | 9.29 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 1616 | [Owner : SERVICE LOCAL | Parent : 960(services.exe) | 27.15 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 620 | [Owner : Système | Parent : 960(services.exe) | 6.46 Mo] - (.Advanced Micro Devices, Inc. - AMD Crash Defender Service.) - (21.10.0.7) = C:\Windows\System32\amdfendrsr.exe [30/04/2021 14:53:38] CPU Usage:0 % 1000 | [Owner : Système | Parent : 960(services.exe) | 6.3 Mo] - (.AMD - AMD External Events Service Module.) - (27.20.21003.8013) = C:\Windows\System32\DriverStore\FileRepository\u0366969.inf_amd64_425e4ca908447c57\B367342\atiesrxx.exe [28/05/2021 21:29:48] CPU Usage:0 % 948 | [Owner : SERVICE RÉSEAU | Parent : 960(services.exe) | 19.54 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 2200 | [Owner : SERVICE LOCAL | Parent : 960(services.exe) | 11.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 2712 | [Owner : SERVICE LOCAL | Parent : 1448(svchost.exe) | 12.63 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.19041.1) = C:\Windows\System32\dasHost.exe [07/12/2019 11:08:37] CPU Usage:0 % 2844 | [Owner : Système | Parent : 1000(atiesrxx.exe) | 11.79 Mo] - (.AMD - AMD External Events Client Module.) - (27.20.21003.8013) = C:\Windows\System32\DriverStore\FileRepository\u0366969.inf_amd64_425e4ca908447c57\B367342\atieclxx.exe [28/05/2021 21:29:46] CPU Usage:0 % 3044 | [Owner : SERVICE LOCAL | Parent : 960(services.exe) | 13.43 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 2244 | [Owner : Système | Parent : 960(services.exe) | 17.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 1868 | [Owner : Système | Parent : 960(services.exe) | 7.8 Mo] - (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.90.1) = C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [27/09/2019 08:28:03] CPU Usage:0 % 1696 | [Owner : Système | Parent : 1868(RtkAudioService64.exe) | 14.73 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.298.1) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [27/09/2019 08:27:53] CPU Usage:0 % 2796 | [Owner : Système | Parent : 1868(RtkAudioService64.exe) | 13.74 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.298.1) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [27/09/2019 08:27:53] CPU Usage:0 % 3084 | [Owner : SERVICE LOCAL | Parent : 960(services.exe) | 9.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 3092 | [Owner : SERVICE LOCAL | Parent : 960(services.exe) | 7.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 3272 | [Owner : Système | Parent : 960(services.exe) | 14.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 3388 | [Owner : Système | Parent : 960(services.exe) | 15.41 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.19041.1645) = C:\Windows\System32\spoolsv.exe [13/04/2022 17:19:17] CPU Usage:0 % 3496 | [Owner : SERVICE LOCAL | Parent : 960(services.exe) | 13.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 3636 | [Owner : Système | Parent : 960(services.exe) | 6.73 Mo] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe [12/08/2015 16:03:42] CPU Usage:0 % 3644 | [Owner : Système | Parent : 960(services.exe) | 23.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 3652 | [Owner : Système | Parent : 960(services.exe) | 6.28 Mo] - (.Adobe Inc. - Adobe Acrobat Update Service.) - (1.824.45.8876) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [18/11/2021 00:40:34] CPU Usage:0 % 3688 | [Owner : Système | Parent : 960(services.exe) | 7.64 Mo] - (.Nuance Communications, Inc. - Dragon NaturallySpeaking Service.) - (13.0.0.589) = C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe [24/09/2018 17:24:08] CPU Usage:0 % 3720 | [Owner : Système | Parent : 960(services.exe) | 7.68 Mo] - (.Seiko Epson Corporation - Epson Scanner Service (64bit).) - (1.1.0.1) = C:\Windows\System32\escsvc64.exe [10/02/2020 16:38:20] CPU Usage:0 % 3760 | [Owner : Système | Parent : 960(services.exe) | 9.63 Mo] - (.Seiko Epson Corporation - MyEpson Portal Service.) - (1.0.3.3) = C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe [28/06/2017 16:01:20] CPU Usage:0 % 3892 | [Owner : Système | Parent : 960(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.18.2203.5) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [06/04/2022 07:47:03] CPU Usage:0 % 3904 | [Owner : Système | Parent : 960(services.exe) | 7.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 4000 | [Owner : SERVICE LOCAL | Parent : 960(services.exe) | 12.31 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 4020 | [Owner : Système | Parent : 960(services.exe) | 7.66 Mo] - (.Realtek Semiconductor Corp. - Realtek Bluetooth BTDevManager Service Application.) - (1.1.57.1) = C:\Windows\RtkBtManServ.exe [25/06/2019 05:46:32] CPU Usage:0 % 4060 | [Owner : Système | Parent : 960(services.exe) | 14.55 Mo] - (.-.) - (0.0.0.0) = C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [11/05/2022 10:16:38] CPU Usage:0 % 3984 | [Owner : Système | Parent : 960(services.exe) | 10.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 4140 | [Owner : Système | Parent : 960(services.exe) | 6.91 Mo] - (.Nuance Communications, Inc. - Dragon NaturallySpeaking Logging Service.) - (13.0.0.589) = C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [24/09/2018 17:24:08] CPU Usage:0 % 4300 | [Owner : Jean Marie CARRIBON | Parent : 3760(mepService.exe) | 26.64 Mo] - (.Seiko Epson Corporation - MyEpson Portal.) - (1.1.3.6) = C:\Program Files (x86)\epson\MyEpson Portal\mep.exe [08/10/2021 16:56:50] CPU Usage:0 % 4588 | [Owner : SERVICE RÉSEAU | Parent : 1076(svchost.exe) | 16.3 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\System32\wbem\WmiPrvSE.exe [15/10/2020 10:21:32] CPU Usage:0 % 1444 | [Owner : Jean Marie CARRIBON | Parent : 1400(svchost.exe) | 25.11 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.19041.746) = C:\Windows\System32\sihost.exe [14/01/2021 10:42:48] CPU Usage:0 % 1680 | [Owner : Jean Marie CARRIBON | Parent : 960(services.exe) | 49.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 4860 | [Owner : Jean Marie CARRIBON | Parent : 1400(svchost.exe) | 16.05 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.19041.1503) = C:\Windows\System32\taskhostw.exe [09/02/2022 11:17:23] CPU Usage:0 % 5172 | [Owner : Jean Marie CARRIBON | Parent : 1448(svchost.exe) | 18.8 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.19041.1) = C:\Windows\System32\ctfmon.exe [07/12/2019 11:09:00] CPU Usage:0 % 5452 | [Owner : Jean Marie CARRIBON | Parent : 5400() | 119.64 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.19041.1706) = C:\Windows\explorer.exe [11/05/2022 07:01:44] CPU Usage:0 % 5492 | [Owner : Jean Marie CARRIBON | Parent : 5024() | 1.33 Mo] - (.Microsoft Corporation - Outil de configuration du Planificateur de tâches.) - (10.0.19041.1503) = C:\Windows\System32\schtasks.exe [09/02/2022 11:17:23] CPU Usage:0 % 5512 | [Owner : Jean Marie CARRIBON | Parent : 5492(schtasks.exe) | 1.09 Mo] - (.Microsoft Corporation - Hôte de la fenêtre de la console.) - (10.0.19041.1566) = C:\Windows\System32\conhost.exe [10/03/2022 22:03:52] CPU Usage:0 % 5940 | [Owner : Jean Marie CARRIBON | Parent : 960(services.exe) | 16.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 5904 | [Owner : Système | Parent : 5020() | 0.2 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.36.131) = C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe [20/04/2022 15:30:16] CPU Usage:0 % 6104 | [Owner : Système | Parent : 5020() | 0.22 Mo] - (.Google LLC - Google Crash Handler.) - (1.3.36.131) = C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe [20/04/2022 15:30:19] CPU Usage:0 % 5388 | [Owner : Jean Marie CARRIBON | Parent : 1076(svchost.exe) | 86.99 Mo] - (.-.) - (0.0.0.0) = C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe [09/02/2022 11:16:48] CPU Usage:0 % 5808 | [Owner : Jean Marie CARRIBON | Parent : 1400(svchost.exe) | 5.38 Mo] - (.CyberLink Corp. - PDStyleAgent.) - (1.0.0.507) = C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe [31/03/2022 10:42:41] CPU Usage:0 % 6112 | [Owner : Jean Marie CARRIBON | Parent : 1076(svchost.exe) | 8.1 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.19041.546) = C:\Windows\System32\dllhost.exe [15/10/2020 10:23:06] CPU Usage:0 % 7044 | [Owner : Système | Parent : 960(services.exe) | 31.76 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.19041.1620) = C:\Windows\System32\SearchIndexer.exe [13/04/2022 17:20:04] CPU Usage:0 % 6520 | [Owner : Jean Marie CARRIBON | Parent : 5452(explorer.exe) | 9.53 Mo] - (.Microsoft Corporation - Windows Security notification icon.) - (10.0.19041.1) = C:\Windows\System32\SecurityHealthSystray.exe [07/12/2019 11:08:41] CPU Usage:0 % 6756 | [Owner : SERVICE LOCAL | Parent : 960(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.18.2203.5) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [06/04/2022 07:47:03] CPU Usage:0 % 4504 | [Owner : Jean Marie CARRIBON | Parent : 5452(explorer.exe) | 20.66 Mo] - (.voidtools - Everything.) - (1.4.1.1015) = C:\Program Files\Everything\Everything.exe [07/04/2021 17:33:57] CPU Usage:0 % 2732 | [Owner : Système | Parent : 960(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1907.16384) = C:\Windows\System32\SecurityHealthService.exe [10/03/2022 22:03:53] CPU Usage:0 % 5692 | [Owner : Jean Marie CARRIBON | Parent : 5452(explorer.exe) | 8.68 Mo] - (.Seiko Epson Corporation - Epson Software Updater.) - (1.0.0.0) = C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [27/07/2020 01:00:00] CPU Usage:0 % 2444 | [Owner : Jean Marie CARRIBON | Parent : 1400(svchost.exe) | 2.22 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.707.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [27/09/2019 08:28:04] CPU Usage:0 % 3148 | [Owner : Jean Marie CARRIBON | Parent : 5452(explorer.exe) | 77.66 Mo] - (.Microsoft Corporation - Microsoft Edge.) - (101.0.1210.47) = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [22/05/2021 17:57:57] CPU Usage:0 % 3108 | [Owner : Jean Marie CARRIBON | Parent : 4504(Everything.exe) | 114.39 Mo] - (.voidtools - Everything.) - (1.4.1.1015) = C:\Program Files\Everything\Everything.exe [07/04/2021 17:33:57] CPU Usage:0 % 3828 | [Owner : Jean Marie CARRIBON | Parent : 3148(msedge.exe) | 7.62 Mo] - (.Microsoft Corporation - Microsoft Edge.) - (101.0.1210.47) = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [22/05/2021 17:57:57] CPU Usage:0 % 6624 | [Owner : Jean Marie CARRIBON | Parent : 3460() | 49.16 Mo] - (.Piriform Software Ltd - CCleaner.) - (6.0.0.9727) = C:\Program Files\CCleaner\CCleaner64.exe [11/05/2022 10:16:38] CPU Usage:0 % 6588 | [Owner : Jean Marie CARRIBON | Parent : 5452(explorer.exe) | 182.42 Mo] - (.Piriform Software - CCleaner Browser.) - (101.0.16219.57) = C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [17/05/2022 10:12:00] CPU Usage:9 % 4556 | [Owner : Jean Marie CARRIBON | Parent : 6588(CCleanerBrowser.exe) | 7.74 Mo] - (.Piriform Software - CCleaner Browser.) - (101.0.16219.57) = C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [17/05/2022 10:12:00] CPU Usage:0 % 5668 | [Owner : Jean Marie CARRIBON | Parent : 1076(svchost.exe) | 19.39 Mo] - (.Flexera Software LLC. - Common Software Manager.) - (13.6.0.62600) = C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [24/06/2013 12:16:50] CPU Usage:0 % 6388 | [Owner : Jean Marie CARRIBON | Parent : 1076(svchost.exe) | 18.96 Mo] - (.Flexera Software LLC. - FLEXnet Connect Agent.) - (13.6.100.64627) = C:\ProgramData\FLEXnet\Connect\11\agent.exe [24/06/2013 12:16:48] CPU Usage:0 % 772 | [Owner : Jean Marie CARRIBON | Parent : 3148(msedge.exe) | 32.4 Mo] - (.Microsoft Corporation - Microsoft Edge.) - (101.0.1210.47) = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [22/05/2021 17:57:57] CPU Usage:0 % 6912 | [Owner : Jean Marie CARRIBON | Parent : 3148(msedge.exe) | 29.36 Mo] - (.Microsoft Corporation - Microsoft Edge.) - (101.0.1210.47) = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [22/05/2021 17:57:57] CPU Usage:0 % 3924 | [Owner : Jean Marie CARRIBON | Parent : 3148(msedge.exe) | 17.74 Mo] - (.Microsoft Corporation - Microsoft Edge.) - (101.0.1210.47) = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe [22/05/2021 17:57:57] CPU Usage:0 % 3708 | [Owner : Jean Marie CARRIBON | Parent : 6588(CCleanerBrowser.exe) | 93.86 Mo] - (.Piriform Software - CCleaner Browser.) - (101.0.16219.57) = C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [17/05/2022 10:12:00] CPU Usage:2 % 7204 | [Owner : Jean Marie CARRIBON | Parent : 1076(svchost.exe) | 44.6 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.19041.1620) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe [13/04/2022 17:22:00] CPU Usage:0 % 7304 | [Owner : Jean Marie CARRIBON | Parent : 6588(CCleanerBrowser.exe) | 60.03 Mo] - (.Piriform Software - CCleaner Browser.) - (101.0.16219.57) = C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [17/05/2022 10:12:00] CPU Usage:0 % 6928 | [Owner : Jean Marie CARRIBON | Parent : 6588(CCleanerBrowser.exe) | 49.58 Mo] - (.Piriform Software - CCleaner Browser.) - (101.0.16219.57) = C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [17/05/2022 10:12:00] CPU Usage:0 % 7740 | [Owner : Jean Marie CARRIBON | Parent : 6588(CCleanerBrowser.exe) | 30.66 Mo] - (.Piriform Software - CCleaner Browser.) - (101.0.16219.57) = C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [17/05/2022 10:12:00] CPU Usage:0 % 5984 | [Owner : Jean Marie CARRIBON | Parent : 6588(CCleanerBrowser.exe) | 38.71 Mo] - (.Piriform Software - CCleaner Browser.) - (101.0.16219.57) = C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [17/05/2022 10:12:00] CPU Usage:0 % 3404 | [Owner : Jean Marie CARRIBON | Parent : 6588(CCleanerBrowser.exe) | 15.45 Mo] - (.Piriform Software - CCleaner Browser.) - (101.0.16219.57) = C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [17/05/2022 10:12:00] CPU Usage:0 % 5708 | [Owner : Jean Marie CARRIBON | Parent : 6588(CCleanerBrowser.exe) | 56.85 Mo] - (.Piriform Software - CCleaner Browser.) - (101.0.16219.57) = C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [17/05/2022 10:12:00] CPU Usage:0 % 2936 | [Owner : Jean Marie CARRIBON | Parent : 6588(CCleanerBrowser.exe) | 78.16 Mo] - (.Piriform Software - CCleaner Browser.) - (101.0.16219.57) = C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [17/05/2022 10:12:00] CPU Usage:0 % 2392 | [Owner : Jean Marie CARRIBON | Parent : 1076(svchost.exe) | 72.48 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.19041.1706) = C:\Windows\explorer.exe [11/05/2022 07:01:44] CPU Usage:0 % 5696 | [Owner : SERVICE LOCAL | Parent : 960(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 2340 | [Owner : Jean Marie CARRIBON | Parent : 5452(explorer.exe) | 12.91 Mo] - (.ASIP SANTE - Gestionnaire de certificats CPS WIN 64 (Version Release).) - (3.13.0.0) = C:\Program Files\santesocial\CPS\CCM.exe [03/01/2017 09:17:04] CPU Usage:0 % 8076 | [Owner : Jean Marie CARRIBON | Parent : 6796() | 13.24 Mo] - (.SEIKO EPSON CORPORATION - Fax Reception.) - (3.0.2.1) = C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [10/02/2020 16:40:47] CPU Usage:0 % 7252 | [Owner : Jean Marie CARRIBON | Parent : 6796() | 15.42 Mo] - (.SEIKO EPSON CORPORATION - Fax Transmission.) - (3.0.2.1) = C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [10/02/2020 16:40:47] CPU Usage:0 % 7524 | [Owner : Jean Marie CARRIBON | Parent : 6796() | 12.56 Mo] - (.SEIKO EPSON CORPORATION - EEventManager Application.) - (3.2.0.0) = C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [20/01/2016 13:21:14] CPU Usage:0 % 8108 | [Owner : Jean Marie CARRIBON | Parent : 6796() | 35.44 Mo] - (.-.) - (4.0.0.4) = C:\Ariane\Ariane\Ariane.exe [06/01/2021 16:49:34] CPU Usage:0 % 8388 | [Owner : Jean Marie CARRIBON | Parent : 5452(explorer.exe) | 8.25 Mo] - (.- Outil de reconnexion pour le Vital'Act-3S.) - (1.1.1.0) = C:\Program Files (x86)\XIRING\V3S Reconnexion\V3S_Reconnexion.exe [06/02/2022 14:01:42] CPU Usage:0 % 5636 | [Owner : Système | Parent : 5064() | 0.29 Mo] - (.Piriform Software - CCleaner Browser Crash Handler.) - (1.8.1208.2) = C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\CCleanerBrowserCrashHandler.exe [17/05/2022 10:08:59] CPU Usage:0 % 6220 | [Owner : Système | Parent : 5064() | 0.22 Mo] - (.Piriform Software - CCleaner Browser Crash Handler.) - (1.8.1208.2) = C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\CCleanerBrowserCrashHandler64.exe [17/05/2022 10:09:00] CPU Usage:0 % 5412 | [Owner : Jean Marie CARRIBON | Parent : 1076(svchost.exe) | 9.36 Mo] - (.Microsoft Corporation - Sink to receive asynchronous callbacks for WMI client application.) - (10.0.19041.1320) = C:\Windows\System32\wbem\unsecapp.exe [10/11/2021 17:17:11] CPU Usage:0 % 8232 | [Owner : Jean Marie CARRIBON | Parent : 2340(CCM.exe) | 7.68 Mo] - (.GIE SESAM VITALE - ASIP SANTE - Serveur du Gestionnaire d'Acces au Lecteur WIN 64 sur NP (RELEASE).) - (3.42.0.0) = C:\Program Files\santesocial\galss\galsvw64.exe [18/12/2018 15:53:34] CPU Usage:0 % 8344 | [Owner : SERVICE LOCAL | Parent : 960(services.exe) | 8.78 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.19041.1620) = C:\Windows\System32\WUDFHost.exe [13/04/2022 17:20:52] CPU Usage:0 % 2000 | [Owner : Système | Parent : 960(services.exe) | 7.43 Mo] - (.CyberLink - CyberLink RichVideo Module.) - (2.0.0.14321) = C:\Program Files\CyberLink\Shared files\RichVideo64.exe [31/03/2022 10:43:33] CPU Usage:0 % 6916 | [Owner : Jean Marie CARRIBON | Parent : 1076(svchost.exe) | 3.12 Mo] - (.Microsoft Corporation -.) - (1.22032.179.0) = C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22032.179.0_x64__8wekyb3d8bbwe\YourPhone.exe [23/04/2022 08:24:43] CPU Usage:0 % 5104 | [Owner : Jean Marie CARRIBON | Parent : 1076(svchost.exe) | 10.03 Mo] - (.Microsoft Corporation - User OOBE Broker.) - (10.0.19041.746) = C:\Windows\System32\oobe\UserOOBEBroker.exe [14/01/2021 10:44:52] CPU Usage:0 % 8748 | [Owner : Jean Marie CARRIBON | Parent : 5452(explorer.exe) | 7.38 Mo] - (.FreeFileSync.org - FreeFileSync - Folder Comparison and Synchronization.) - (11.20.0.0) = C:\Program Files\FreeFileSync\FreeFileSync.exe [17/05/2022 11:01:11] CPU Usage:0 % 7332 | [Owner : Jean Marie CARRIBON | Parent : 8748(FreeFileSync.exe) | 83.4 Mo] - (.FreeFileSync.org - FreeFileSync - Folder Comparison and Synchronization.) - (11.20.0.0) = C:\Program Files\FreeFileSync\Bin\FreeFileSync_x64.exe [17/05/2022 11:01:12] CPU Usage:2 % 5652 | [Owner : Jean Marie CARRIBON | Parent : 5452(explorer.exe) | 7.39 Mo] - (.FreeFileSync.org - FreeFileSync - Folder Comparison and Synchronization.) - (11.20.0.0) = C:\Program Files\FreeFileSync\FreeFileSync.exe [17/05/2022 11:01:11] CPU Usage:0 % 8368 | [Owner : Jean Marie CARRIBON | Parent : 5652(FreeFileSync.exe) | 63.71 Mo] - (.FreeFileSync.org - FreeFileSync - Folder Comparison and Synchronization.) - (11.20.0.0) = C:\Program Files\FreeFileSync\Bin\FreeFileSync_x64.exe [17/05/2022 11:01:12] CPU Usage:0 % 1668 | [Owner : Jean Marie CARRIBON | Parent : 1400(svchost.exe) | 3.61 Mo] - (.- Real Time Protection for UsbFix Anti-Malware Professionnal.) - (10.0.3.3) = C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe [06/10/2021 23:11:22] CPU Usage:0 % 8704 | [Owner : Jean Marie CARRIBON | Parent : 1076(svchost.exe) | 1.47 Mo] - (.-.) - (10.22031.1007.0) = C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22031.10071.0_x64__8wekyb3d8bbwe\Video.UI.exe [27/04/2022 23:18:59] CPU Usage:0 % 1148 | [Owner : Système | Parent : 3892(MsMpEng.exe) | ?????] - (.Microsoft Corporation - Microsoft Malware Protection Copy Accelerator Utility.) - (4.18.2203.5) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe [06/04/2022 07:47:03] CPU Usage:0 % 2620 | [Owner : Système | Parent : 960(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1566) = C:\Windows\System32\svchost.exe [10/03/2022 22:03:54] CPU Usage:0 % 6992 | [Owner : Jean Marie CARRIBON | Parent : 1076(svchost.exe) | 24.74 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.19041.1682) = C:\Windows\System32\smartscreen.exe [11/05/2022 07:01:52] CPU Usage:0 % 4580 | [Owner : SERVICE LOCAL | Parent : 3044(svchost.exe) | 17.58 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.19041.1503) = C:\Windows\System32\audiodg.exe [09/02/2022 11:15:48] CPU Usage:0 % 888 | [Owner : Jean Marie CARRIBON | Parent : 3108(Everything.exe) | 65.63 Mo] - (.SosVirus - QuickDiag.) - (29.10.19.1) = C:\Users\Jean Marie CARRIBON\Downloads\quickdiag_V5_29.10.19.1.exe [29/03/2022 10:07:52] CPU Usage:0 % 1052 | [Owner : Système | Parent : 1076(svchost.exe) | 10.6 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\System32\wbem\WmiPrvSE.exe [15/10/2020 10:21:32] CPU Usage:0 % 2216 | [Owner : SERVICE RÉSEAU | Parent : 1076(svchost.exe) | 11.87 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [15/10/2020 10:29:11] CPU Usage:0 % 8840 | [Owner : Jean Marie CARRIBON | Parent : 8908() | 49.2 Mo] - (.Microsoft Corporation - Bloc-notes.) - (10.0.19041.1566) = C:\Windows\System32\notepad.exe [10/03/2022 22:07:04] CPU Usage:0 % ---------- | Locked Applications ---------- | Policy Restrictions ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\UMPDC.dll (.COMODO.-.COMODO Secure Shopping.) - (1.4.50284.159) -- C:\Windows\system32\cssguard64.dll (..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\TextShaping.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\WindowManagementAPI.dll (.Advanced Micro Devices, Inc. .-.aticfx64.dll.) - (27.20.21003.8013) -- C:\WINDOWS\System32\DriverStore\FileRepository\u0366969.inf_amd64_425e4ca908447c57\B367342\aticfx64.dll (.Advanced Micro Devices, Inc. .-.atiuxpag.dll.) - (27.20.21003.8013) -- C:\WINDOWS\System32\DriverStore\FileRepository\u0366969.inf_amd64_425e4ca908447c57\B367342\atiuxp64.dll (.Advanced Micro Devices, Inc. .-.atidxx64.dll.) - (27.20.21003.8013) -- C:\WINDOWS\System32\DriverStore\FileRepository\u0366969.inf_amd64_425e4ca908447c57\B367342\atidxx64.dll (.Advanced Micro Devices, Inc..-.Radeon Settings: Host Service.) - (2.0.0.1788) -- C:\WINDOWS\SYSTEM32\amdihk64.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\VirtualMonitorManager.dll (..-..) - (0.0.0.0) -- C:\Windows\System32\Windows.Internal.UI.Shell.WindowTabManager.dll (.Apple Inc..-.Bonjour Namespace Provider.) - (3.1.0.1) -- C:\Program Files\Bonjour\mdnsNSP.dll (..-..) - (20.0.0.3185) -- C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_8_39216.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll (..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll (..-..) - (0.0.0.0) -- C:\Program Files (x86)\WinRAR\rarext64.dll (.The ICU Project.-.ICU Combined Library.) - (64.2.0.0) -- C:\Windows\System32\icu.dll ---------- | Explorer.exe Modules (Microsoft Files Whitelisted) ---------- | Winlogon.exe Modules (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\system32\UMPDC.dll ---------- | svchost.exe Modules (Microsoft Files Whitelisted) (.COMODO.-.COMODO Secure Shopping.) - (1.4.50284.159) -- C:\Windows\system32\cssguard64.dll (..-..) - (0.0.0.0) -- c:\windows\system32\UMPDC.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.29.0.0) -- C:\WINDOWS\System32\winsqlite3.dll (.Apple Inc..-.Bonjour Namespace Provider.) - (3.1.0.1) -- C:\Program Files\Bonjour\mdnsNSP.dll (..-..) - (0.0.0.0) -- c:\windows\system32\TextShaping.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU OneDrive - ("C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\...\Run]) - User: DESKTOP-NA2IIKJ\Jean Marie CARRIBON CCleaner Smart Cleaning - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\...\Run]) - User: DESKTOP-NA2IIKJ\Jean Marie CARRIBON EPSDNMON - ("C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE" [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\...\Run]) - User: DESKTOP-NA2IIKJ\Jean Marie CARRIBON MicrosoftEdgeAutoLaunch_6D768CB6EFD8355C958E775F86903C61 - ("C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\...\Run]) - User: DESKTOP-NA2IIKJ\Jean Marie CARRIBON ISUSPM - (C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\...\Run]) - User: DESKTOP-NA2IIKJ\Jean Marie CARRIBON Power2GoExpress13 - ("C:\Program Files (x86)\CyberLink\Power2Go13\Power2GoExpress.exe" /Startup [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\...\Run]) - User: DESKTOP-NA2IIKJ\Jean Marie CARRIBON CCleanerBrowserAutoLaunch_05466BE2BE37284044E3698D9B9B6898 - ("C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --auto-launch-at-startup --check-run=src=logon --profile-directory=Default [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\...\Run]) - User: DESKTOP-NA2IIKJ\Jean Marie CARRIBON Démarrage du CCM - (C:\PROGRA~1\SANTES~1\CPS\CCM.exe [Common Startup]) - User: Public errorlog - ( [Common Startup]) - User: Public V3S Reconnexion - (C:\PROGRA~2\XIRING\V3SREC~1\V3S_RE~1.EXE [Common Startup]) - User: Public SecurityHealth - (%windir%\system32\SecurityHealthSystray.exe [HKLM\SOFTWARE\...\Run]) - User: Public Acronis Scheduler2 Service - ("C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [HKLM\SOFTWARE\...\Run]) - User: Public Everything - ("C:\Program Files\Everything\Everything.exe" -startup [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "CCleaner Smart Cleaning"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR "EPSDNMON"="C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE" "MicrosoftEdgeAutoLaunch_6D768CB6EFD8355C958E775F86903C61"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 "ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler "Power2GoExpress13"="C:\Program Files (x86)\CyberLink\Power2Go13\Power2GoExpress.exe" /Startup "CCleanerBrowserAutoLaunch_05466BE2BE37284044E3698D9B9B6898"="C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --auto-launch-at-startup --check-run=src=logon --profile-directory=Default [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "OneDrive"=0x030000005E6431073A75D501 "CCleaner Smart Cleaning"=0x020000000000000000000000 "EPSDNMON"=0x020000000000000000000000 "MicrosoftEdgeAutoLaunch_6D768CB6EFD8355C958E775F86903C61"=0x020000000000000000000000 "ISUSPM"=0x020000000000000000000000 "Power2GoExpress13"=0x03000000F0043E86656BD801 "CCleanerBrowserAutoLaunch_05466BE2BE37284044E3698D9B9B6898"=0x020000000000000000000000 "ASO3SPCDone"=0x020000000000000000000000 [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=EPSON XP-710 Series,winspool,Ne03: "IsMRUEstablished"=1 "LegacyDefaultPrinterMode"=0 "MenuDropAlignment"=0 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "SecurityHealth"=%windir%\system32\SecurityHealthSystray.exe "Acronis Scheduler2 Service"="C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" "Everything"="C:\Program Files\Everything\Everything.exe" -startup [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "SecurityHealth"=0x060000000000000000000000 "vdcss"=0x0300000010E7BA86D72AD701 "COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=0x0300000070F5918CD72AD701 "Acronis Scheduler2 Service"=0x0300000030DC4387656BD801 "Everything"=0x020000000000000000000000 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "DU Meter"=0x020000000000000000000000 "SunJavaUpdateSched"=0x030000008C3FB1083A75D501 "IseUI"=0x03000000A0D81B81D72AD701 "!CD"=0x03000000208BAF88D72AD701 "COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}"=0x03000000E070BE55C132D701 "TrueImageMonitor.exe"=0x0300000050B123562239D701 "Acronis Scheduler2 Service"=0x030000003088EA5A2239D701 "AcronisTibMounterMonitor"=0x0300000020DEDE5C2239D701 "FUFAXRCV"=0x020000000000000000000000 "FUFAXSTM"=0x020000000000000000000000 "EEventManager"=0x020000000000000000000000 "Ariane"=0x020000000000000000000000 "ISUSPM"=0x020000000000000000000000 "DNS7reminder"=0x020000000000000000000000 "CLMLServer_For_P2G13"=0x03000000D0CD4E86656BD801 [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D864F4402EE56B [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "FUFAXRCV"="C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" "FUFAXSTM"="C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "TrueImageMonitor.exe"=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [23/03/2021 23:34:02] "AcronisTibMounterMonitor"=C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [23/03/2021 22:12:58] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Ariane"="C:\Ariane\Ariane\Ariane.exe" "ISUSPM"=C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler "DNS7reminder"="C:\Program Files (x86)\Nuance\NaturallySpeaking13\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking13\Ereg.ini" "CLMLServer_For_P2G13"="C:\Program Files (x86)\CyberLink\Power2Go13\CLMLSvc_P2G13.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce] ""= [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "AppInit_DLLs"= "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=0 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Tasks List Adobe Acrobat Update Task Adobe Flash Player Updater AMDLinkUpdate APFS GUI APFS Updater CCleaner Browser Heartbeat Task (Hourly) CCleaner Browser Heartbeat Task (Logon) CCleaner Update CCleanerSkipUAC - Jean Marie CARRIBON CCleanerUpdateTaskMachineCore CCleanerUpdateTaskMachineUA CLToast CLToastRun EPSON WF-2760 Series Update {D8589CE5-9676-43FF-8170-F51862EEFBBA} GoogleUpdateTaskMachineCore GoogleUpdateTaskMachineUA iFun Screen Recorder SkipUAC (Jean Marie CARRIBON) iTop Screenshot SkipUAC (Jean Marie CARRIBON) iTop Screenshot Startup iTop Screenshot Update MicrosoftEdgeUpdateTaskMachineCore MicrosoftEdgeUpdateTaskMachineUA MiniToolPartitionWizard ModifyLinkUpdate OneDrive Reporting Task-S-1-5-21-2982999039-1405869219-2042017926-1001 OneDrive Standalone Update Task-S-1-5-21-2982999039-1405869219-2042017926-1001 PC Cleaner automatic scan and notifications PowerDirectorStyleAgent PrivaZer_SkipUAC RTKCPL StartDVR UsbFix Monitor WinThruster automatic scan and notifications ---------- | Startings up registry ¦ Folder ---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=AcrSch2Svc DeviceInstall UsoSvc gpsvc trustedinstaller "SvcHostSplitThresholdInKB"=3670016 "WaitToKillServiceTimeout"=2000 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(4) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2) "LastBootSucceeded"=0 "LastBootShutdown"=1 "DirtyShutdownCount"=54 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [26/09/2019 07:55:22] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=976 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SecureBoot"=1 [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "GlobalFlag2"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=150 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkSkipSystemPartition"=0 "PendingFileRenameOperations"=\??\C:\Users\JEANMA~1\AppData\Local\Temp\nsz5E98.tmp\nsProcess.dll \??\C:\Users\JEANMA~1\AppData\Local\Temp\nsz5E98.tmp\ [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=5c3369ab-5439-4547-a5ca-2995b20 "GlassSessionId"=1 ---------- | .LNK with Arguments C:\Users\Jean Marie CARRIBON\Desktop\Pre_Scan_Donate.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretTimeout"=5000 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "ScreenSaveActive"=1 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "WallPaper"=c:\windows\web\wallpaper\theme1\img2.jpg [07/12/2019 11:09:54] "Win8DpiScaling"=0 "DpiScalingVer"=4096 "UserPreferencesMask"=0x9E1E078012000000 "MaxVirtualDesktopDimension"=1920 "MaxMonitorDimension"=1920 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC301007F8F060080070000B00400009F332317DEACD50163003A005C00770069006E0064006F00770073005C007700650062005C00770061006C006C00700061007000650072005C007400680065006D00650031005C0069006D00670032002E006A0070006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "AutoColorization"=0 "SCRNSAVE.EXE"=C:\WINDOWS\system32\VIPSS.scr "WaitToKillAppTimeout"=2000 "HungAppTimeout"=2000 [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableLockWorkstation"=0 [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveTypeAutoRun"=255 [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "EdgeDesktopShortcutCreated"=1 "ShellState"=0x240000003F28000000000000000000000000000001000000130000000000000062000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "SlowContextMenuEntries"=0x6024B221EA3A6910A2DC08002B30309D0C120100BD0E0C47735D584D9CEDE91E22E23282F909300060B81DB4E464D2119906E49FADC173CA324B000039323CBFCF474940850B35088530A664C36700000114020000000000C0000000000000466E1B3000 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "GlobalAssocChangedCounter"=687 "TelemetrySalt"=3 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "PostAppInstallTasksCompleted"=1 "NoFileFolderConnection"=1 "Browse For Folder Width"=404 "Browse For Folder Height"=354 "ExcludedFromStableAnaheimDownloadPromotionSL"=1 "link"=0x1E000000 [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "ServerAdminUI"=0 "Hidden"=0 "ShowCompColor"=1 "HideFileExt"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=1 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "StoreAppsOnTaskbar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=13 "TaskbarStateLastRun"=0x14C8806200000000 "ReindexedProfile"=1 "ShowCortanaButton"=1 "StartMigratedBrowserPin"=1 "DisablePreviewDesktop"=0 [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\WordWheelQuery] "MRUListEx"=0x03000000020000000100000000000000FFFFFFFF "0"=0x74006500780074000000 "1"=0x64007200650061006D007700650061007600650072000000 "2"=0x5600410049004E004300520045000000 "3"=0x53004D00410052005400200050005200490056004100430059000000 [HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=0 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLinkedConnections"=1 "FilterAdministratorToken"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=0 "NoActiveDesktopChanges"=0 "NoRecentDocsHistory"=0 "NoDriveTypeAutoRun"=255 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=5 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers] "authenticodeenabled"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableFullTrustStartupTasks"=2 "EnableInstallerDetection"=0 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableUwpStartupTasks"=2 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "SupportFullTrustStartupTasks"=1 "SupportUwpStartupTasks"=1 "ValidateAdminCodeSignatures"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableLinkedConnections"=1 "FilterAdministratorToken"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=0 "NoActiveDesktopChanges"=0 "NoRecentDocsHistory"=0 "NoDriveTypeAutoRun"=255 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=55 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s ---------- | Winlogon [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=19043 "FirstLogon"=0 "PUUActive"=0x23E86B5701002B009F009604783C1C004BF629004BF62900D200000003008F00944CA3CDF9C697021C1569021D290800AE84070077B400000000000000000000000000004B275102255C00007C2D0000C87D60D7696BD801783C1C000000000001000000783C1C00614A0000BE0C00001546950000000000 "DP"=0xD200E800A4022B009F00000023E86B572F10790000000000E0A56689656BD8018E205F10536BD801C3EA23000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F8051010000DC0080122013113A241311CF1301C010AA420010BAEA20258B00801010122212101A227C400080088450501C8450500101008031408001B9489809A128008090807162B5827162D9230180400507004045070084030180FB010401FB110C21A883008038665005B8675905536400806241984C6241DC4C442E0180A920110AA9AA714E "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DefaultDomainName"= "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "scremoveoption"=0 "LastLogOffEndTimePerfCounter"=61929413166 "ShutdownFlags"=39 "Userinit"=C:\Windows\system32\userinit.exe, "AutoAdminLogon"=0 "DefaultUserName"=Jean Marie CARRIBON "DisableCad"=1 "DisableLockWorkstation"=0 "EnableFirstLogonAnimation"=1 "SFCDisable"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "SFCDisable"=0 "userinit"=C:\WINDOWS\SYSWOW64\userinit.exe, "AutoRestartShell"=1 ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "AppUserModelID"=Microsoft.Windows.Explorer "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\CCleaner Browser\Shell\open\Command] ""="C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" [HKLM\Software\Clients\StartMenuInternet\CCleaner Browser\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command] ""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" [HKLM\Software\Clients\StartMenuInternet\Microsoft Edge\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\CCleaner Browser\Shell\open\Command] ""="C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\CCleaner Browser\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command] ""="C:\Program Files\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo] "ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command] ""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser ---------- | AppcompatFlags [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Temps\Temporaire\Install_Win10_10036_07222019\setup.exe"=1 "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe"=33 "C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE"=1 [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\AMD\WU-CCC2\ccc2_install\WULaunchApp.exe"=0x5341435001000000000000000700000028000000009C06000000000001000000000000000000000A7322000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000E1130100000000000100000001000000 "C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.1903.1152.0_x64__8wekyb3d8bbwe\LocalBridge.exe"=0x534143500100000000000000070000002800000048B600006317010001000000000000000000000A7322000067077CBAC54CD40100000000000000000200000028000000000000000000000000000000000000000000000000000000301F0000000000000100000001000000 "C:\Temps\Temporaire\wrar380fr.exe"=0x534143500100000000000000070000002800000007D613000000000001000000000000000000000671220000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000A83A0000000000000100000001000000 "C:\Program Files (x86)\WinRAR\Patch.exe"=0x534143500100000000000000070000002800000000DA01000000000001000000000000000000000671200000631F6E6F0EDED401000000000000000005000000100000000000000000000000000000000008000002000000280000000000000000080040000020000000000000002000000000008E120000000000000100000001000000010000000400000001000000 "C:\Temps\Installation Forfait 1\Son\Les Codecs\Codecs DivX\DivX503Bundle.exe"=0x53414350010000000000000007000000280000007FE331000000000001000000000000000000010571200000631F6E6F0EDED40100000000000000000200000028000000000000000008004000000000000000000000000000000000A56C0000000000000100000001000000 "C:\Temps\Installation Forfait 1\Open Office\Apache_OpenOffice_4.1.6_Win_x86_install_fr.exe"=0x5341435001000000000000000700000028000000F3BEEC070000000001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000383E0200000000000100000001000000 "C:\Program Files (x86)\WinRAR\WinRAR.exe"=0x534143500100000000000000070000002800000000C80E00000000000100000000000000000000067122000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000003C7793B000000001800000018000000 "C:\Temps\Temporaire\setup_pack\keygen.exe"=0x5341435001000000000000000700000028000000003401000000000001000000000000000000000641200000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000233E0000000000000100000001000000 "C:\Program Files\Windows Sidebar\sidebar.exe"=0x534143500100000000000000070000002800000000EE1400C2E1150001000000000000000000020673020000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000002D030000000000001100000011000000 "C:\Temps\Installation Forfait 1\DriversCloud\DriversCloud_Win.exe"=0x534143500100000000000000070000002800000080920300854E040001000000000000000000000671000000631F6E6F0EDED4010000000000000000020000002800000000000000000800400000000000000000000000000000000082480000000000000100000001000000 "C:\Temps\Installation Forfait 1\Ccleaner\ccsetup556_rtb.exe"=0x5341435001000000000000000700000028000000B88D3F01E7E03F0101000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000000000040000000000000000000000000000000009C700000000000000100000001000000 "C:\Temps\Installation Forfait 1\Adobe Flashplayer\flashplayer17_ha_install.exe"=0x5341435001000000000000000700000028000000C02811003099110001000000000000000000010600010000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000ACC10300000000000100000001000000 "C:\Program Files\Java\jre1.8.0_221\bin\javacpl.exe"=0x5341435001000000000000000700000028000000F0470100980B020001000000000000000000010600010000631F6E6F0EDED40100000000000000000200000028000000000000000000000000120000000000000000000000000000803E0000000000000100000001000000 "C:\Program Files\Microsoft Office\Office14\WINWORD.EXE"=0x534143500100000000000000070000002800000058B71500D7FA15000100000000000000000001060021000050BB64EDDDACD5010000000100000000 "C:\Program Files\DriversCloud.com\DriversCloud.exe"=0x534143500100000000000000070000002800000098F56800CF18690001000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000000000040000000000000000000000000000000001C820100000000000200000002000000 "C:\Temps\Temporaire\RtsXStor_10.0.370.188\setup.exe"=0x5341435001000000000000000700000028000000D83612008576120001000000000000000000030600010000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000A8A20000000000000100000001000000 "C:\Temps\Temporaire\Install_Win10_10036_07222019\setup.exe"=0x5341435001000000000000000700000028000000585F1200C325130001000000000000000000030600010000631F6E6F0EDED4010000000000000000020000002800000000000000000000400000000000000000000000000000000071030200000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\win10-64bit-radeon-software-adrenalin-2019-edition-19.9.2-sep23.exe"=0x5341435001000000000000000700000028000000C8F7EF199C4CF01901000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000697F0500000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Documents\IMAGINE Editions\HDUpdate\hdupdate.exe"=0x534143500100000000000000070000002800000000781100E05A120001000000000000000000000A71220000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000A1070000000000000200000002000000 "C:\Users\Jean Marie CARRIBON\Documents\IMAGINE Editions\HDUpdate\HDUU.exe"=0x534143500100000000000000070000002800000000480000E3B0000001000000000000000000000A71220000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000000B060000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Documents\IMAGINE Editions\HDUpdate\setup\HDUSetup.exe"=0x534143500100000000000000070000002800000000BA06008A6E050001000000000000000000010571000000631F6E6F0EDED401000000000000000002000000280000000000000000080040000000000000000000000000000000003F410000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Documents\santesocial\srvsvcnam\SRVSVCNAM.exe"=0x53414350010000000000000007000000280000000036170019FF170001000000000000000000010671220000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000052809600000000000300000003000000 "C:\Users\Jean Marie CARRIBON\Documents\IMAGINE Editions\Technique\CCA-Installer-tp3g-3.3.4.4-production.exe"=0x5341435001000000000000000700000028000000DBB05B000000000001000000000000000000010600010000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000A0A60000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Documents\IMAGINE Editions\Technique\HDInstallVerify.exe"=0x534143500100000000000000070000002800000000680000EB78000001000000000000000000010671220000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000079060000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Documents\IMAGINE Editions\Technique\verifhellodocfor1402.exe"=0x534143500100000000000000070000002800000000DE00008662010001000000000000000000010671220000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000098060000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Documents\IMAGINE Editions\HelloDoc\HDCardiolite.exe"=0x5341435001000000000000000700000028000000001003008D14030001000000000000000000000A71220000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000057160000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Documents\IMAGINE Editions\HelloDoc\HelloDoc Acces Vidal.exe"=0x5341435001000000000000000700000028000000002204000000000001000000000000000000000A71220000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000020BD9200000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Desktop\installer_hellodoc.exe"=0x53414350010000000000000007000000280000000664AB2FA3F9160001000000000000000000010600010000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000001A6E1E00000000000200000002000000 "C:\Program Files (x86)\OpenOffice 4\program\soffice.exe"=0x534143500100000000000000070000002800000000AAA8004340A90001000000000000000000000A7122000050BB64EDDDACD501000000000000000002000000280000000000000000000010000000000000000000000000000000007E3E2F01000000001100000011000000 "C:\Program Files (x86)\Google\Picasa3\Picasa3.exe"=0x5341435001000000000000000700000028000000F835870089AF870001000000000000000000010671220000631F6E6F0EDED4010000000000000000020000002800000000000000000000000400000000000000000000000000000010740800000000000100000001000000 "C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe"=0x5341435001000000000000000700000028000000F8D54200CFE542000100000000000000000001067122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000FE7E2601000000004100000041000000 "C:\Users\Jean Marie CARRIBON\Documents\HelloDoc Enregistrement.exe"=0x5341435001000000000000000700000028000000000201000000000001000000000000000000000A75220000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000075830400000000000200000002000000 "C:\Users\Jean Marie CARRIBON\Documents\installer_hellodoc.exe"=0x53414350010000000000000007000000280000000664AB2FA3F9160001000000000000000000010600010000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000007EB30400000000000100000001000000 "C:\Windows\cpgesw32.exe"=0x5341435001000000000000000700000028000000002006000000000001000000000000000000010571000000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000009C371A00000000000100000001000000 "C:\Program Files\santesocial\CPS\cpgesw64.exe"=0x534143500100000000000000070000002800000098B40C009B440D0001000000000000000000000A7322000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000A0D20700000000002600000026000000 "SIGN.IE=01F0FA48 atsam-4.40.00.exe"=0x534143500100000000000000070000002800000048FAF001D146F10101000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000000000040000000000000000000000000000000001C1E1600000000000100000001000000 "C:\Program Files (x86)\IMAGINE Editions\HelloDoc\hellodoc indexation.exe"=0x534143500100000000000000070000002800000000260300A146030001000000000000000000000A71220000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000002FE80300000000000100000001000000 "SIGN.MEDIA=3C91D6D Installation.exe"=0x5341435001000000000000000700000028000000BE7F32000000000001000000000000000000010571000000631F6E6F0EDED4010000000000000000050000001000000000000000000000000000000000080000020000002800000000000000000800400000000000000000000000000000000066F80E00000000000100000001000000 "SIGN.MEDIA=3254C7 Installation.exe"=0x53414350010000000000000007000000280000007B6533000000000001000000000000000000010571000000631F6E6F0EDED4010000000000000000020000002800000000000000000800400000000000000000000000000000000019900700000000000100000001000000 "C:\Ecalc\ecalc.exe"=0x534143500100000000000000070000002800000000980400000000000100000000000000000001054120000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000692D0000000000000200000002000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft\OneDrive\19.174.0902.0013\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000789E0500CD91060001000000000000000000000A00210000631F6E6F0EDED4010000000100000000 "C:\Users\Jean Marie CARRIBON\Downloads\ChromeSetup.exe"=0x5341435001000000000000000700000028000000385215002B8B150001000000000000000000000A00210000631F6E6F0EDED401000000000000000002000000280000000000000000000040000000000000000000000000000000000DC30100000000000100000001000000 "C:\Program Files\Microsoft Office\Office14\MSPUB.EXE"=0x5341435001000000000000000700000028000000684BDB00C47CDB0001000000000000000000010600210000631F6E6F0EDED4010000000100000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft\OneDrive\19.232.1124.0005\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000684D05007A02060001000000000000000000000A00210000631F6E6F0EDED4010000000100000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\SimpleDriverUpdaterSetup_ppc3 (1).exe"=0x534143500100000000000000070000002800000068990001147B010101000000000000000000010600010000631F6E6F0EDED4010000000000000000 "SIGN.MEDIA=238562 InstallNavi.exe"=0x53414350010000000000000007000000280000002085230086AE230001000000000000000000030600010000631F6E6F0EDED40100000000000000000200000028000000000000000000004000000000000000000000000000000000EB649606000000000100000001000000 "C:\Windows\twain_32\escndv\escndv.exe"=0x53414350010000000000000007000000280000002853030096C8030001000000000000000000000A7120000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000200000000000000000000000000DA299500000000004F0000004F000000 "C:\Program Files (x86)\Epson Software\Epson Manual\Launcher\EPSMLAN.EXE"=0x5341435001000000000000000700000028000000A08C0A008D360B0001000000000000000000000A71220000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000000E310100000000000100000001000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft\OneDrive\19.232.1124.0010\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000686B0500F9D4050001000000000000000000000A00210000631F6E6F0EDED4010000000100000000 "C:\Program Files\Microsoft Office\Office14\POWERPNT.EXE"=0x53414350010000000000000007000000280000006803210014C4210001000000000000000000010600210000631F6E6F0EDED4010000000100000000 "C:\Program Files (x86)\OpenOffice 4\program\swriter.exe"=0x534143500100000000000000070000002800000000B004001E5B050001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000026A1100000000000D0000000D000000 "C:\Program Files (x86)\Windows Media Player\wmplayer.exe"=0x5341435001000000000000000700000028000000008C0200FE01030001000000010000000000000A61220000631F6E6F0EDED4010000000000000000 "SIGN.MEDIA=133D3B EzDicomCDViewer.exe"=0x5341435001000000000000000700000028000000700E1601ADD3160101000000000000000000000A71220000631F6E6F0EDED4010000000000000000020000002800000000000000000000000000000000000000000000000000000085100100000000000200000002000000 "SIGN.MEDIA=133D3B Ez-DicomCDViewer.exe"=0x53414350010000000000000007000000280000003FC945000000000001000000000000000000020671200000631F6E6F0EDED401000000000000000002000000280000000000000000000000001000000000000000000000000000000B420000000000000100000001000000 "SIGN.MEDIA=133D3B Ez-DicomCDViewer-9x.exe"=0x5341435001000000000000000700000028000000F2303D000000000001000000000000000000010571000000631F6E6F0EDED40100000000000000000200000028000000000000000000000000140000000000000000000000000000F59E0200000000000100000001000000 "SIGN.MEDIA=133D3B EzDicomCDViewerMPR.exe"=0x534143500100000000000000070000002800000031580000A723010001000000000000000000030671000000631F6E6F0EDED401000000000000000002000000280000000000000000000000000202000000000000000000000000002D150000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft\OneDrive\20.064.0329.0008\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000689F05002C93060001000000000000000000000A00210000631F6E6F0EDED4010000000100000000 "SIGN.MEDIA=3ABDC0 GSTARTER.EXE"=0x534143500100000000000000070000002800000000D004000000000001000000000000000000010671200000631F6E6F0EDED401000000000000000002000000280000000000000080000000000000000000000000000000000000004D651800000000000100000001000000 "C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.61.100.0_x86__kzf8qxf38zg5c\Skype\Skype.exe"=0x53414350010000000000000007000000280000006841770536F2770501000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000001000000000000000000000000000000000D0A21F0B000000000300000003000000 "SIGN.IE=01BBAE8 MicrosoftEdgeSetup.exe"=0x5341435001000000000000000700000028000000E8BA1B009AC61B0001000000000000000000000A00210000631F6E6F0EDED40100000000000000000200000028000000000000000000000000000000000000000000000000000000067D0200000000000100000001000000 "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"=0x534143500100000000000000070000002800000050521400B704150001000000000000000000000A71220000631F6E6F0EDED401000000000000000002000000280000000000000000000000000000000000000000000000000000000E030000000000000200000002000000 "C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe"=0x534143500100000000000000070000002800000068417705C67B770501000000000000000000000A00210000631F6E6F0EDED4010000000000000000020000002800000000000000000000100000000000000000000000000000000021B7F409000000000300000003000000 "SIGN.MEDIA=4A3F2186 LITEBOX\LBXSTART.EXE"=0x534143500100000000000000070000002800000000C003000000000001000000000000000000000A71200000631F6E6F0EDED4010000000000000000020000002800000000000000800000000000000000000000000000000000000052951C00000000000100000001000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft\OneDrive\20.143.0716.0003\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000687906004ACF060001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Program Files\Windows NT\Accessories\wordpad.exe"=0x534143500100000000000000070000002800000000B02E00D46C2F0001000000010000000000000A6322000050BB64EDDDACD5010000000000000000 "C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNLMW64.EXE"=0x534143500100000000000000070000002800000058560800497B080001000000000000000000000A7322000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000010000000000000000000000000A8470000000000007812000078120000 "C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNAVI.EXE"=0x5341435001000000000000000700000028000000581C28008B3628000100000000000000000003060001000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000065A2A23E000000001100000011000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft\OneDrive\20.201.1005.0009\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000789D06009504070001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe"=0x5341435001000000000000000700000028000000B8182600BDA9260001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000008D8F122A000000001F0000001F000000 "SIGN.MEDIA=32E017 Installation.exe"=0x53414350010000000000000007000000280000007B653300000000000100000000000000000001057100000050BB64EDDDACD501000000000000000002000000280000000000000000080040000000000000000000000000000000008F7A0A00000000000100000001000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft\OneDrive\21.016.0124.0003\FileSyncConfig.exe"=0x534143500100000000000000070000002800000080B70600E2DC060001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Users\Jean Marie CARRIBON\Desktop\OTM.exe"=0x534143500100000000000000070000002800000000F807000E4C080001000000000000000000000A4122000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000006BBC8A00000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\cav_installer_138430010_1a.exe"=0x53414350010000000000000007000000280000008028570042FA570001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000336C2500000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\css_installer.exe"=0x534143500100000000000000070000002800000098742D010DCC2D0101000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000099050100000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Desktop\pre-scan_V9_18.10.19.1.exe"=0x534143500100000000000000070000002800000098072F00C9592F0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000089D76500000000000300000003000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft\OneDrive\21.052.0314.0001\FileSyncConfig.exe"=0x534143500100000000000000070000002800000078C70600A1F7060001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Program Files\Microsoft Office\Office14\OIS.EXE"=0x5341435001000000000000000700000028000000689104007C9704000100000000000000000001067322000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000F55C0000000000000100000001000000 "SIGN.MEDIA=3B8212 PinnacleDazzle_ISO.exe"=0x534143500100000000000000070000002800000098823B0050FA3B0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000034AD5701000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\CyberLink_PowerDVD_Downloader.exe"=0x534143500100000000000000070000002800000040C31100684C120001000000000000000000000A7122000050BB64EDDDACD5010000000000000000 "C:\Users\Jean Marie CARRIBON\Downloads\ssusetupg_systweak-default.exe"=0x5341435001000000000000000700000028000000F8206A00ED7E6A0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000816BD800000000000100000001000000 "C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe"=0x534143500100000000000000070000002800000080623F00243E400001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000050000000000000000000000000000000000000000000000000000000F9260C01000000000600000002000000000000000000004000000000000000000000000000000000D30C7707000000000100000000000000 "C:\Users\Jean Marie CARRIBON\Downloads\S.O.S.exe"=0x5341435001000000000000000700000028000000E05BC100CFBBC10001000000000000000000000A0021000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000047276E00000000000200000002000000 "C:\Program Files\Microsoft Office\Office14\EXCEL.EXE"=0x534143500100000000000000070000002800000060CBAE014E62AF010100000000000000000001060021000050BB64EDDDACD5010000000100000000 "C:\Program Files (x86)\iFun\iFun Screenshot\iScrShot.exe"=0x534143500100000000000000070000002800000018D83700F4D5380001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000003F80F00000000000200000002000000 "C:\Users\Jean Marie CARRIBON\Downloads\setup-freeripmp3-frp.exe"=0x5341435001000000000000000700000028000000C05C22004D94220001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000090AE4500000000000100000001000000 "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000D8AA0E00FC490F000100000000000000000000060001000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000D47D7501000000000600000006000000 "C:\Program Files (x86)\UsbFix\UsbFix.exe"=0x534143500100000000000000070000002800000088541F00FC741F0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000E2046600000000000300000003000000 "C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.68.96.0_x86__kzf8qxf38zg5c\Skype\Skype.exe"=0x534143500100000000000000070000002800000088CD6C055FD06C0501000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000010000000000000000000000000000000001DC14206000000000400000004000000 "C:\Users\Jean Marie CARRIBON\Downloads\rufus-3.13.exe"=0x534143500100000000000000070000002800000038A4110019F4110001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000000A590400000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\AcronisTrueImage2021.exe"=0x5341435001000000000000000700000028000000E84A6C30CF676C3001000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Users\Jean Marie CARRIBON\Desktop\ZHPSuite.exe"=0x534143500100000000000000070000002800000098EC34008370350001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000EA9D2A00000000000100000001000000 "C:\Program Files\Pinnacle\Studio for Dazzle\programs\PinnacleStudio.EXE"=0x534143500100000000000000070000002800000060BE0600D73F070001000000000000000000000A7320000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000002AD00800000000000100000001000000 "C:\Program Files\Pinnacle Studio for Dazzle\Dazzle MyDVD\MyDVDApp.exe"=0x5341435001000000000000000700000028000000A096300046F9300001000000000000000000000A7320000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000C7CB0100000000000200000002000000 "C:\Users\Jean Marie CARRIBON\Downloads\S.O.S(1).exe"=0x5341435001000000000000000700000028000000E0B9C3003E88C40001000000000000000000000A0021000050BB64EDDDACD501000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000005C100000000000000300000003000000 "SIGN.MEDIA=C72EE68C sardu_3.exe"=0x534143500100000000000000070000002800000000401D008A5B1D0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000088E93E00000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\PAssist_Std.exe"=0x534143500100000000000000070000002800000000D0F4013E34F5010100000000000000000001060001000050BB64EDDDACD5010000000000000000 "C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLED.EXE"=0x534143500100000000000000070000002800000050D901007C4202000100000000000000000001067322000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000AE7C0100000000000100000001000000 "SIGN.MEDIA=285A7D40 sardu_3.exe"=0x534143500100000000000000070000002800000000401D008A5B1D0001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000005BFB0600000000000100000001000000 "C:\Program Files (x86)\IObit\Software Updater\SUFeature.exe"=0x534143500100000000000000070000002800000010810200B4E4020001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000B4090000000000000200000002000000 "C:\Users\Jean Marie CARRIBON\Desktop\usb-file-resc_x64 19.0.0.2.exe"=0x5341435001000000000000000700000028000000277C0E000000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000078F7313000000000300000003000000 "C:\Program Files (x86)\AOMEI Partition Assistant\PartAssist.exe"=0x5341435001000000000000000700000028000000C031C400C08CC40001000000000000000000000A7122000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000006A23882B000000000B0000000B000000 "C:\Program Files (x86)\IMAGINE Editions\Technique\Tele-Assistance.exe"=0x534143500100000000000000070000002800000040462E000000000001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000008CF12900000000000400000004000000 "C:\ProgramData\IObit\Software Updater\Download\c94b6a0e844db82519985da71741dc1b.exe"=0x5341435001000000000000000700000028000000E09C63035B34640301000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000008FA10000000000000100000001000000 "C:\Program Files (x86)\IMAGINE Editions\HelloDoc\HelloDoc.exe"=0x5341435001000000000000000700000028000000004CE30193D5E30101000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000002004006000000000000000000000000000000000C3110000000000000200000002000000 "C:\Program Files (x86)\iFun\iFun Screen Recorder\iScrRec.exe"=0x534143500100000000000000070000002800000018DA3D00168E3E0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000CF044735000000000700000007000000 "SIGN.MEDIA=9032E Start.exe"=0x5341435001000000000000000700000028000000182C0200F06202000100000000000000000000067100000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000096ED1500000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\wsx5_go_icmgo_direct.exe"=0x534143500100000000000000070000002800000050AF330012C9330001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000005CBA2000000000000100000001000000 "C:\Program Files\WebSite X5 v2021.2 - Go\WebSiteX5.exe"=0x534143500100000000000000070000002800000098EF8E00D8368F0001000000000000000000000A7322000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000016331835000000000400000004000000 "C:\Users\Jean Marie CARRIBON\Downloads\PortableApps.com_Platform_Setup_17.1.1.paf.exe"=0x5341435001000000000000000700000028000000300E52008C46520001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000009A3B3A01000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\DreamweaverPortable10.0.0.4117En-Fr-De.exe"=0x5341435001000000000000000700000028000000C9168B03000000000100000000000000000001060001000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000C0511900000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\rufus-3.14.exe"=0x534143500100000000000000070000002800000038E811003339120001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000000B7EB811000000000200000002000000 "C:\Users\Jean Marie CARRIBON\Downloads\PortableApps.com_Platform_Setup_18.0_Beta_3.paf.exe"=0x534143500100000000000000070000002800000000385100643D510001000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Program Files\Serif\WebPlus\X7\Program\WebPlus.exe"=0x5341435001000000000000000700000028000000382FE201A28DE2010100000000000000000002060001000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000006564A41B000000000500000005000000 "C:\Users\Jean Marie CARRIBON\Downloads\ashampoo_snap_10_10.1.0_sm.exe"=0x5341435001000000000000000700000028000000D0CF5003720B510301000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Program Files\Corel\MultiCam Capture Lite\MultiCamCapture.exe"=0x5341435001000000000000000700000028000000A85E0500FBB5050001000000000000000000000A7322000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000EDF10100000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Desktop\AdsFix.exe"=0x5341435001000000000000000700000028000000F0625A00959F5A0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000014ADDA00000000000100000001000000 "C:\Program Files (x86)\Advanced System Optimizer 3\HighestAvailable.exe"=0x534143500100000000000000070000002800000080C00100F7B7020001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000004004000000000000000000000000000000D028B504000000000700000007000000 "C:\Users\Jean Marie CARRIBON\Downloads\ZHPCleaner.exe"=0x534143500100000000000000070000002800000098AC310015C3310001000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Program Files (x86)\Wondershare\Wondershare DemoCreator\DemoCreator.exe"=0x5341435001000000000000000700000028000000A8D62100F87E220001000000000000000000000A7322000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000020FC7502000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\setup.exe"=0x534143500100000000000000070000002800000030A78801AB9A890101000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000059307611000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\YaraEditor64.exe"=0x534143500100000000000000070000002800000038E63A01C10E3B0101000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000030C57411000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\Diag_portable64.exe"=0x534143500100000000000000070000002800000050A5E901257AEA0101000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000AA0A7411000000000100000001000000 "C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2105.19601.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe"=0x5341435001000000000000000700000028000000008406000000000001000000000000000000000A7322000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000F3B50000000000000200000002000000 "C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe"=0x5341435001000000000000000700000028000000B85A99015AA1990101000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000058450306000000000100000001000000 "C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe"=0x534143500100000000000000070000002800000080DF8D062D058E0601000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000001000000000000000000000000000000000F72AC543000000000300000003000000 "C:\Program Files\Macrorit\NTFS To FAT32 Converter\dm.n2f.exe"=0x534143500100000000000000070000002800000018DDDE006925DF0001000000000000000000000A7322000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000062C10200000000000200000002000000 "C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe"=0x5341435001000000000000000700000028000000008406000000000001000000000000000000000A7322000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000846E0100000000000600000006000000 "C:\Users\Jean Marie CARRIBON\Downloads\YaraEditor64(1).exe"=0x534143500100000000000000070000002800000050615B019ABF5B0101000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000006DD40200000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\ashampoo_uninstaller_10_33821.exe"=0x5341435001000000000000000700000028000000B0A5190128161A0101000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000BF3D1500000000000100000001000000 "C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.73.124.0_x86__kzf8qxf38zg5c\Skype\Skype.exe"=0x534143500100000000000000070000002800000068AFCB06F6EACB0601000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000001000000000000000000000000000000000E092F832000000000100000001000000 "C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe"=0x534143500100000000000000070000002800000078C5CB06A33BCC0601000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000010000000000000000000000000000000000D36585D000000000200000002000000 "C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2108.25001.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe"=0x5341435001000000000000000700000028000000008406000000000001000000000000000000000A7322000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000009F6C0100000000000400000004000000 "SIGN.MEDIA=1D1304 HiSuiteDownLoader.exe"=0x5341435001000000000000000700000028000000C8DA1D009C1D1E0001000000000000000000000A7122000050BB64EDDDACD5010000000000000000020000002800000000000000800000000000000000000000000000000000000061950200000000000200000002000000 "C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe"=0x5341435001000000000000000700000028000000008406000000000001000000000000000000000A7322000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000034C00000000000000400000004000000 "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"=0x5341435001000000000000000700000028000000E0FE2D00448C2E0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000001000000000000000000000000000000000A4DD0200000000000900000009000000 "C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.78.159.0_x86__kzf8qxf38zg5c\Skype\Skype.exe"=0x53414350010000000000000007000000280000008081CB066BB2CB0601000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000001000000000000000000000000000000000D349D01B000000000300000003000000 "C:\Program Files\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000E0D90C00DE860D0001000000010000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2110.13603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe"=0x534143500100000000000000070000002800000000A006000000000001000000000000000000000A7322000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000004BFD0000000000000D0000000D000000 "C:\Program Files (x86)\IMAGINE Editions\HelloDoc Mail\HelloDoc Mail.exe"=0x53414350010000000000000007000000280000000008A200E18DA20001000000000000000000000A7122000050BB64EDDDACD501000000000000000002000000280000000000000020000060000000000000000000000000000000008DD20100000000000100000001000000 "C:\Program Files (x86)\IMAGINE Editions\HDUpdate\hdupdate.exe"=0x534143500100000000000000070000002800000000C41E006AC81E0001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000302C0000000000000100000001000000 "C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.79.95.0_x86__kzf8qxf38zg5c\Skype\Skype.exe"=0x5341435001000000000000000700000028000000A0E9AF060D3BB00601000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000010000000000000000000000000000000002CE33E32000000000400000004000000 "C:\Users\Jean Marie CARRIBON\Downloads\win32diskimager-1.0.0-install.exe"=0x534143500100000000000000070000002800000094C2BF000000000001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000011A11400000000000200000002000000 "C:\Users\Jean Marie CARRIBON\Downloads\rufus-3.17.exe"=0x53414350010000000000000007000000280000003810150087FB150001000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000F4BF0000000000000100000001000000 "C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe"=0x534143500100000000000000070000002800000000A806000000000001000000000000000000000A7322000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000052B30000000000000700000007000000 "C:\Users\Jean Marie CARRIBON\Documents\OTM.exe"=0x534143500100000000000000070000002800000000F807000E4C080001000000000000000000000A4122000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000566C0000000000000200000002000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft\OneDrive\21.220.1024.0005\FileSyncConfig.exe"=0x534143500100000000000000070000002800000078A7080067EF080001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Program Files (x86)\TransMac\TransMac.exe"=0x5341435001000000000000000700000028000000C8F323003E85240001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000C2110000000000000100000001000000 "C:\Program Files\Mozilla Firefox\updater.exe"=0x5341435001000000000000000700000028000000B809060066D3060001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000000D1D0000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft\OneDrive\22.012.0117.0003\FileSyncConfig.exe"=0x534143500100000000000000070000002800000078D30A00BE780B0001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Users\Jean Marie CARRIBON\Downloads\pw1206-free-online.exe"=0x5341435001000000000000000700000028000000F0502000A743210001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000DE812F00000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\rufus-3.17(1).exe"=0x53414350010000000000000007000000280000003810150087FB150001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000DD042200000000000300000003000000 "C:\Users\Jean Marie CARRIBON\Downloads\isotousb_setup.exe"=0x5341435001000000000000000700000028000000EC5D1A00000000000100000000000000000001060001000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000318C0700000000000100000001000000 "C:\Program Files\MiniTool Partition Wizard 12\partitionwizard.exe"=0x5341435001000000000000000700000028000000A8D506008439070001000000000000000000000A7322000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000032308A2B000000000B0000000B000000 "C:\Users\Jean Marie CARRIBON\Downloads\epm_free_install_20220222.412840.exe"=0x5341435001000000000000000700000028000000B0A71D0058CF1D0001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000009DE10F00000000000100000001000000 "C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.80.194.0_x86__kzf8qxf38zg5c\Skype\Skype.exe"=0x534143500100000000000000070000002800000088D9AF069C42B00601000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000100000000000000000000000000000000051480E0C000000000300000003000000 "C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe"=0x534143500100000000000000070000002800000000A806000000000001000000000000000000000A7322000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000FFE70000000000000A0000000A000000 "C:\Users\Jean Marie CARRIBON\Downloads\dvt2805_dragon-recorder-edition.exe"=0x53414350010000000000000007000000280000006732A4FA0000000001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000050000000000000000000004000000000000000000000000000000000C6320700000000000100000001000000000000000000000000000000000000000000000000000000EDDF4900000000000600000000000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x534143500100000000000000070000002800000080CF3C036F2B3D0301000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft\OneDrive\22.033.0213.0002\FileSyncConfig.exe"=0x534143500100000000000000070000002800000078D90A00AE930B0001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Program Files (x86)\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000D0A30C00DEE50C0001000000010000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Temp\NaturallySpeaking\setup.exe"=0x534143500100000000000000070000002800000080D417008CCF18000100000000000000000002060001000050BB64EDDDACD501000000000000000002000000280000000000020600000040000000000000000000000000000000001E5F1900000000000100000001000000 "C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\natspeak.exe"=0x534143500100000000000000070000002800000008F84A00D8D04B000100000000000000000002060001000050BB64EDDDACD50100000000000000000200000028000000000000000000001000100000000000000000000000000000082EB100000000000C0000000C000000 "C:\Program Files (x86)\Common Files\Nuance\NaturallySpeaking13\dragonbar.exe"=0x5341435001000000000000000700000028000000085A0B00CA5A0B000100000000000000000002060001000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000E2040000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\rufus-3.18.exe"=0x534143500100000000000000070000002800000048121500AC41150001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000016949000000000000200000002000000 "C:\Users\Jean Marie CARRIBON\Downloads\UsbFix_Premium.exe"=0x53414350010000000000000007000000280000002D2A4A000000000001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000083796220000000000600000006000000 "C:\Users\Jean Marie CARRIBON\Downloads\quickdiag_V5_29.10.19.1.exe"=0x534143500100000000000000070000002800000098315100F351510001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000009C4A7200000000000200000002000000 "C:\Users\Jean Marie CARRIBON\Downloads\ad-aware-free-10-5-3-es-en-win.exe"=0x534143500100000000000000070000002800000088B2550073B156000100000000000000000002067102000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000D4020906000000000200000002000000 "C:\Users\Jean Marie CARRIBON\Downloads\ad-aware-free-10-5-2-es-en-win.exe"=0x534143500100000000000000070000002800000078965D004F6E5E000100000000000000000001067102000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000A0020000000000000100000001000000 "C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe"=0x534143500100000000000000070000002800000098EDEA06A759EB0601000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000001000000000000000000000000000000000A8E11514000000000500000005000000 "C:\Program Files (x86)\Advanced System Optimizer 3\RequireAdministrator.exe"=0x5341435001000000000000000700000028000000805E01005D2C020001000000000000000000000A7122000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000010C96C00000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\CyberLink_PowerDirector_Downloader.exe"=0x534143500100000000000000070000002800000060B81100D013120001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000D7921100000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\Everything-1.4.1.1015.x64-Setup.exe"=0x5341435001000000000000000700000028000000388F1B00248D1C0001000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Program Files\CyberLink\PowerDirector20\GDPR\GDPRDlg.exe"=0x5341435001000000000000000700000028000000A85806000095060001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000074330000000000000100000001000000 "C:\Program Files\CyberLink\PowerDirector20\Trial\TrialMgr.exe"=0x5341435001000000000000000700000028000000A846020012DC020001000000000000000000000A7322000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000DC750000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\Bitser-03-SEP-2018-V150.exe"=0x5341435001000000000000000700000028000000686B35000C6E35000100000000000000000002060001000050BB64EDDDACD5010000000000000000020000002800000000000000800100000000000000000000000000000000000092770D00000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\free_partition_manager.exe"=0x534143500100000000000000070000002800000093273800000000000100000000000000000001060001000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000001E720100000000000100000001000000 "C:\Program Files\Everything\Everything.exe"=0x5341435001000000000000000700000028000000A08422000FB5220001000000000000000000000A7322000050BB64EDDDACD501000000000000000002000000500000000000000000000000000000000000000000000000000000004E1A0000000000000100000001000000000000000000004000000000000000000000000000000000F63E7F23000000000700000000000000 "SIGN.MEDIA=130A00 VirtualBox\Portable-VirtualBox\Portable-VirtualBox.exe"=0x5341435001000000000000000700000028000000000A1300CE9613000100000000000000000003060001000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000008D970000000000000100000001000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000580B28006E0A290001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000001750000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\CyberLink_Power2Go_Downloader.exe"=0x5341435001000000000000000700000028000000B8EA1100D0A7120001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000C1970C00000000000100000001000000 "C:\Program Files (x86)\CyberLink\Power2Go13\Trial\TrialMgr.exe"=0x5341435001000000000000000700000028000000B824020067CA020001000000000000000000000A7122000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000FCDFA703000000001600000016000000 "C:\Program Files (x86)\CyberLink\Power2Go13\SystemBackup.exe"=0x5341435001000000000000000700000028000000B8620C008C7D0C0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000FCF80200000000000200000002000000 "C:\Users\Jean Marie CARRIBON\Downloads\qemu-w64-setup-20211215.exe"=0x5341435001000000000000000700000028000000387C020C6FC7020C01000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000F3BD0300000000000200000002000000 "C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2203.4603.0_x64__8wekyb3d8bbwe\Win32Bridge.Server.exe"=0x534143500100000000000000070000002800000000A806000000000001000000000000000000000A7322000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000045610100000000001300000013000000 "C:\Program Files (x86)\Bitser\Bitser.exe"=0x534143500100000000000000070000002800000068810A0027C10A000100000000000000000003060001000050BB64EDDDACD5010000000000000000 "C:\Users\Jean Marie CARRIBON\Downloads\YUMI-UEFI-0.0.4.5.exe"=0x5341435001000000000000000700000028000000DCD95C000000000001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000075AE0C00000000000300000003000000 "C:\Users\Jean Marie CARRIBON\Downloads\win32diskimager-1.0.0-install(1).exe"=0x534143500100000000000000070000002800000094C2BF000000000001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000008F880200000000000100000001000000 "C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe"=0x534143500100000000000000070000002800000088EFEA06F4F3EA0601000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000010000000000000000000000000000000006F677A0A000000000200000002000000 "C:\Users\Jean Marie CARRIBON\Downloads\Smart-Privacy-Cleaner.exe"=0x5341435001000000000000000700000028000000088D1400C30615000100000000000000000001060001000050BB64EDDDACD5010000000000000000 "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe"=0x534143500100000000000000070000002800000018354000371A410001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000030410000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\iphonebackupextractor-latest.exe"=0x534143500100000000000000070000002800000050D451011B35520101000000000000000000000A7122000050BB64EDDDACD5010000000000000000 "C:\Users\Jean Marie CARRIBON\Downloads\iMazing2forWindows.exe"=0x5341435001000000000000000700000028000000F8CFF6070E43F70701000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000076B65400000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\SFCFix(3).exe"=0x5341435001000000000000000700000028000000505723005821240001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000218B4A00000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\mobilego-b_setup_full1871.exe"=0x5341435001000000000000000700000028000000904A0E0035AA0E000100000000000000000001060001000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000076F42A00000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\S.O.S(3).exe"=0x53414350010000000000000007000000280000005815F1006D57F10001000000000000000000000A0021000050BB64EDDDACD5010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000017110000000000000200000002000000 "C:\Users\Jean Marie CARRIBON\Downloads\UltraAdwareKiller.exe"=0x5341435001000000000000000700000028000000780AE100EAF7E10001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000A61B0000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\PCOptimizerProInstaller.exe"=0x534143500100000000000000070000002800000060D3550045C656000100000000000000000001060001000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000E8F70100000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\Setup_WinThruster_2022.exe"=0x534143500100000000000000070000002800000040C1620015EB620001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000052AD0100000000000100000001000000 "C:\Program Files (x86)\Paragon Software\APFS for Windows\APFS for Windows by Paragon Software.exe"=0x5341435001000000000000000700000028000000B00B2B00152C2B0001000000000000000000000A7122000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000007B080000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\SFCFix(4).exe"=0x5341435001000000000000000700000028000000505723005821240001000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000024FB000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\BCUninstaller_5.2_setup.exe"=0x534143500100000000000000070000002800000088248D0468C78D0401000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000046EB1800000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\S.O.S(4).exe"=0x53414350010000000000000007000000280000005865D8003FFCD80001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000008A100000000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\SFCFix(6).exe"=0x5341435001000000000000000700000028000000505723005821240001000000000000000000000A0021000050BB64EDDDACD50100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000AC600920000000000100000001000000 "C:\Program Files\CCleaner\CCleaner64.exe"=0x5341435001000000000000000700000028000000F01432024299320201000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000091140000000000000400000004000000 "C:\Users\Jean Marie CARRIBON\AppData\Local\Temp\{_av_312d9252-c71c-4c84-b171-f4ad46e22098}\ccleaner_browser_setup-mini.exe"=0x534143500100000000000000070000002800000028410C0047E50C0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000620B0500000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\FreeFileSync_11.20_Windows_Setup.exe"=0x5341435001000000000000000700000028000000288424017527250101000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000D7F80000000000000100000001000000 "C:\Program Files\FreeFileSync\FreeFileSync.exe"=0x53414350010000000000000007000000280000000883090084EB090001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000005600C700000000000400000004000000 "C:\Program Files\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000C093090048E0090001000000000000000000000A0021000050BB64EDDDACD5010000000100000000 "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"=0x5341435001000000000000000700000028000000A81F36007676360001000000000000000000000A0021000050BB64EDDDACD5010000000000000000 "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe"=0x5341435001000000000000000700000028000000F8C42900C2202A0001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000000000000000000000000000000000000009BE90200000000000100000001000000 "C:\Users\Jean Marie CARRIBON\Downloads\Rem-VBSworm.exe"=0x534143500100000000000000070000002800000000BE0100000000000100000000000000000001067102000050BB64EDDDACD5010000000000000000 ---------- | IFEO ---------- | Mountpoints2 ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=132442649872811638 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=windowsdefender:// "DisableAntiSpyware"=0 "ProductType"=2 "InstallTime"=0xFB67C0902C74D501 "InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\ "ProductStatus"=0 "OOBEInstallTime"=0x1C2A1E99E387D601 "ManagedDefenderProductType"=0 "DisableAntiVirus"=0 "BackupLocation"=C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0 "LastEnabledTime"=0x80AA0848CE2AD701 "PUAProtection"=0 "HybridModeEnabled"=0 "VerifiedAndReputableTrustModeEnabled"=0 "IsServiceRunning"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\epmdkdrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EuGdiDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\epmdkdrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EuGdiDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsQuic] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcCtnrSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) ---------- | Hosts ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [2a00:1450:4007:80c::200e] avec 32 octets de donn?es?: R?ponse de 2a00:1450:4007:80c::200e?: temps=50 ms R?ponse de 2a00:1450:4007:80c::200e?: temps=30 ms R?ponse de 2a00:1450:4007:80c::200e?: temps=30 ms R?ponse de 2a00:1450:4007:80c::200e?: temps=29 ms Statistiques Ping pour 2a00:1450:4007:80c::200e: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 29ms, Maximum = 50ms, Moyenne = 34ms ---------- | @ [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=https://www.google.fr/?gws_rd=ssl#spf=1569591345726 "ImageStoreRandomFolder"=euub6ap "OperationalData"=13 "CompatibilityFlags"=0 "SearchBandMigrationVersion"=1 "FullScreen"=no "Start Page_TIMESTAMP"=0xE1E4107F3875D501 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"= "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0xE697DCDBB934D801 "IE10TourShown"=1 "IE10TourShownTime"=0xE697DCDBB934D801 "Window_Placement"=0x2C00000002000000030000000083FFFF0083FFFFFFFFFFFFFFFFFFFF440000004400000064030000C4020000 "IE11EdgeNotifyTime"=0xC067461ECB38D701 "EdgeReminderRemainingCount"=0 "DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF10010000D400000090030000B4020000 "Use FormSuggest"=yes "IE11DefaultsFREGPOFileOptions"=0 "IE11DefaultsFREGPOFileCheck"=1 "IE11DefaultsFREGPOCheckTimestamp"=0x98813C9D7042D701 "IE11DefaultsFREOfferInterval"=60 "IE11DefaultsFREOfferType"=1 "IE11DefaultsFREMaxOfferShowCount"=1 "IE11DefaultsFRECurrentOfferShowCount"=0 "IEAppEolNotificationLastShownTimeStamp"=0x4CB275C84A35D801 [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "CertificateRevocation"=1 "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0xE697DCDBB934D801 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "WarnonZoneCrossing"=0 "LockDatabase"=132972485337327517 "EnableAutodial"=0 "ProxyOverride"=*.local "ProxyOverride.Bonjour"= [HKLM\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 "SecureProtocols"=2688 [HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings] "CallLegacyWCMPolicies"=0 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Anchor_Visitation_Horizon"=0x01000000 "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\CurrentVersion\Internet Settings] "CallLegacyWCMPolicies"=0 ---------- | Proxy ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snapdoc] "ProgID"=SNAP.DOC ---------- | SIOI | SEH | URLSH [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AcronisDrive] - {5D74FD4B-4EFB-4586-8022-8637BBE40970} -- C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_8_39216.dll [23/03/2021 22:13:32] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AcronisSyncError] - {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} -- C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_8_39216.dll [23/03/2021 22:13:32] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AcronisSyncInProgress] - {00F848DC-B1D4-4892-9C25-CAADC86A215D} -- C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_8_39216.dll [23/03/2021 22:13:32] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ AcronisSyncOk] - {71573297-552E-46fc-BE3D-3DFAF88D47B7} -- C:\Program Files (x86)\Acronis\TrueImageHome\tishell64_25_8_39216.dll [23/03/2021 22:13:32] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [14/01/2021 10:44:19] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} -- [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks] "{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"= ---------- | Toolbar [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Layout"=0x13000000000000000000000020000000100000001500000001000000000700005E010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height"=26 [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "KnownProvidersUpgradeTime"=0xE697DCDBB934D801 "Version"=5 "UpgradeTime"=0xE697DCDBB934D801 "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "DownloadRetries"=1 ---------- | Extensions ---------- | SearchScopes [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | ElevationPolicy [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{000209FF-0000-0000-C000-000000000046}] - (C:\Program Files\Microsoft Office\Office14) - winword.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{082d4d92-46a7-41f2-b877-cd44fa0a7524}] - (C:\WINDOWS\system32\spool\DRIVERS\x64\3) - E_YPREM1E.EXE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{191DA03B-FBE7-4579-B64D-273DC8358F1B}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat) - Acrobat.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21bf3ea0-1c0f-4705-9180-179f55bc1cc6}] - (C:\WINDOWS\system32\spool\DRIVERS\x64\3) - E_YARNM1E.EXE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BBE903C-2776-4574-9855-EC1597ABE3D6}] - (C:\Program Files\Microsoft Office\Office14) - excel.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}] - (C:\Program Files\Java\jre1.8.0_271\bin) - jp2launcher.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4d846fad-8bc7-4a97-aab0-46e8f0b1ea44}] - (C:\WINDOWS\system32\spool\DRIVERS\x64\3) - E_YJACM1E.EXE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}] - (C:\Program Files\Java\jre1.8.0_271\bin) - javaws.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\System32\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\system32\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89322207-5E2E-40CE-90ED-5957180E3B2C}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat\) - AcroBroker.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D13E03F-8289-4c15-A84F-7A8F655C830A}] - (C:\Program Files\Microsoft Office\Office14) - NAMECONTROLSERVER.EXE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\System32\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A492E928-85D7-4ea3-B601-9BFFA4C2EE25}] - (C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64) - natspeak.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5054EC7-B9CB-4ad5-9F95-D8171A6D6BFA}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD18A03F-31CC-4CC0-B52D-9E199122923D}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE0A2BA1-1E09-4A59-BE36-AA32DC25931B}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat) - AdobeCollabSync.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}] - (C:\Program Files\Java\jre1.8.0_271\bin) - ssvagent.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}] - (C:\Program Files (x86)\Microsoft\Edge\Application\101.0.1210.47\BHO) - ie_to_edge_stub.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF27C7F4-B47A-4011-8177-6408DC5DDB1A}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroCEF) - AcroCEF.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6A6CA96-B08E-4429-BA30-39232494F292}] - (C:\Program Files\Microsoft Office\Office14) - MSPUB.EXE : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\WINDOWS\system32\Macromed\Flash) - FlashUtil64_11_6_602_168_ActiveX.exe : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC88B53C-9B2A-1A25-5867-C8612E79DBF6}] - (C:\Program Files\Microsoft Office\Office14) - POWERPNT.EXE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{000209FF-0000-0000-C000-000000000046}] - (C:\Program Files\Microsoft Office\Office14) - winword.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{191DA03B-FBE7-4579-B64D-273DC8358F1B}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat) - Acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28E08968-59C8-4A77-BEBA-12C9394AE077}] - (C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2) - CCleanerBrowserUpdateBroker.exe : C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\npCCleanerBrowserUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BBE903C-2776-4574-9855-EC1597ABE3D6}] - (C:\Program Files\Microsoft Office\Office14) - excel.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}] - (C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2) - CCleanerBrowserUpdateWebPlugin.exe : C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\npCCleanerBrowserUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A7C9604-8A57-4B28-821B-BDEDF0E04788}] - (C:\Program Files\Microsoft Office\Office14) - winproj.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E2369A-75BA-41F9-8B9E-16059E5CF9A6}] - (C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\) - AdobeARM.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AC06A6F-4C88-4707-8DEC-61017CB50E1E}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat) - AcroRd32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\sysnative\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89322207-5E2E-40CE-90ED-5957180E3B2C}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat\) - AcroBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D13E03F-8289-4c15-A84F-7A8F655C830A}] - (C:\Program Files\Microsoft Office\Office14) - NAMECONTROLSERVER.EXE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\SysWOW64\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A492E928-85D7-4ea3-B601-9BFFA4C2EE25}] - (C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program) - natspeak.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5054EC7-B9CB-4ad5-9F95-D8171A6D6BFA}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD18A03F-31CC-4CC0-B52D-9E199122923D}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE0A2BA1-1E09-4A59-BE36-AA32DC25931B}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat) - AdobeCollabSync.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}] - (C:\Program Files (x86)\Microsoft\Edge\Application\101.0.1210.47\BHO) - ie_to_edge_stub.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF27C7F4-B47A-4011-8177-6408DC5DDB1A}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroCEF) - AcroCEF.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6A6CA96-B08E-4429-BA30-39232494F292}] - (C:\Program Files\Microsoft Office\Office14) - MSPUB.EXE : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\WINDOWS\SysWOW64\Macromed\Flash) - FlashUtil32_11_6_602_168_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC88B53C-9B2A-1A25-5867-C8612E79DBF6}] - (C:\Program Files\Microsoft Office\Office14) - POWERPNT.EXE : ---------- | Ext\Settings [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] : : C:\Program Files (x86)\Microsoft\Edge\Application\101.0.1210.47\BHO\ie_to_edge_bho.dll [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{609C0837-8DD3-4F9B-AAC5-446F36BC0353}] : : C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] : : C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL ---------- | Ext\Stats [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] : : C:\Program Files (x86)\Microsoft\Edge\Application\101.0.1210.47\BHO\ie_to_edge_bho.dll [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25336920-03F9-11CF-8FD0-00AA00686F13}] : : C:\Windows\SysWOW64\mshtml.dll [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2933BF90-7B36-11D2-B20E-00C04F983E60}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{609C0837-8DD3-4F9B-AAC5-446F36BC0353}] : : C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64247C52-5C34-4597-B2A3-17BF5617F17F}] : : [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6BF52A52-394A-11D3-B153-00C04F79FAA6}] : : %SystemRoot%\system32\wmp.dll [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9BE31822-FDAD-461B-AD51-BE1D1C159921}] : : C:\Program Files (x86)\VideoLAN\VLC\axvlc.dll [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] : : C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA8A9780-280D-11CF-A24D-444553540000}] : : C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}] : : C:\WINDOWS\SysWow64\Macromed\Flash\Flash32_11_6_602_168.ocx [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8C108E-4349-11D2-91A4-00C04F7969E8}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F11-9C73-11D3-B32E-00C04F990BB4}] : : %SystemRoot%\System32\msxml3.dll [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f5f7f1b8-4c19-5379-9c55-22fd64ed558b}] : : C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\npDgnRia2.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{28E08968-59C8-4A77-BEBA-12C9394AE077}] : : C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\npCCleanerBrowserUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}] : : C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\npCCleanerBrowserUpdate3.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{f5f7f1b8-4c19-5379-9c55-22fd64ed558b}] : : C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\npDgnRia2.dll ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\101.0.1210.47\BHO\ie_to_edge_bho.dll [15/05/2022 11:33:25] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{609C0837-8DD3-4F9B-AAC5-446F36BC0353}] -> (Dragon Web Extension For Internet Explorer) : C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll [24/09/2018 17:25:18] [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\101.0.1210.47\BHO\ie_to_edge_bho.dll [15/05/2022 11:33:25] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{609C0837-8DD3-4F9B-AAC5-446F36BC0353}] -> (Dragon Web Extension For Internet Explorer) : C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\dgnriaie.dll [24/09/2018 17:25:18] ---------- | Chrome C:\Users\Jean Marie CARRIBON\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Jean Marie CARRIBON\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Jean Marie CARRIBON\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Jean Marie CARRIBON\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Jean Marie CARRIBON\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Jean Marie CARRIBON\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Jean Marie CARRIBON\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Jean Marie CARRIBON\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail - Google & co - [*://mail.google.com/mail] - https://clients2.google.com/service/update2/crx ---------- | Opera ---------- | Firefox [HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.271.2] - (Java™ Deployment Toolkit) : C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.271.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [HKLM\Software\MozillaPlugins\Adobe Acrobat] - (Handles PDFs in-place in Firefox) : C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [HKLM\Software\MozillaPlugins\nuance.com/DgnRia2_x86_64] - () : C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\npDgnRia2_x64.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0] - (Picasa3 plugin) : C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] - (Office Authorization plug-in for NPAPI browsers) : C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=3] - (CCleaner Browser) : C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\npCCleanerBrowserUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@update.ccleanerbrowser.com/CCleaner Browser;version=9] - (CCleaner Browser) : C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\npCCleanerBrowserUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.12] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=3.0.16] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\nuance.com/DgnRia2] - () : C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\npDgnRia2.dll C:\Users\Jean Marie CARRIBON\AppData\Roaming\Mozilla\Firefox\Profiles\azigoii6.default-release\Prefs.js user_pref("browser.startup.homepage", "https://www.google.com/webhp?client=firefox-b-d"); user_pref("browser.startup.homepage_override.buildID", "20220513165813"); user_pref("browser.startup.homepage_override.mstone", "100.0.1"); user_pref("browser.urlbar.resultBuckets", "{\"children\":[{\"maxResultCount\":1,\"children\":[{\"group\":\"heuristicTest\"},{\"group\":\"heuristicExtension\"},{\"group\":\"heuristicSearchTip\"},{\"group\":\"heuristicOmnibox\"},{\"group\":\"heuristicUnifiedComplete\"},{\"group\":\"heuristicAutofill\"},{\"group\":\"heuristicTokenAliasEngine\"},{\"group\":\"heuristicFallback\"}]},{\"group\":\"extension\",\"maxResultCount\":5},{\"flexChildren\":true,\"children\":[{\"flexChildren\":true,\"children\":[{\"flex\":2,\"group\":\"formHistory\"},{\"flex\":4,\"group\":\"remoteSuggestion\"},{\"flex\":0,\"group\":\"tailSuggestion\"}],\"flex\":2},{\"group\":\"general\",\"flex\":1}]}]}"); user_pref("browser.urlbar.resultGroups", "{\"children\":[{\"maxResultCount\":1,\"children\":[{\"group\":\"heuristicTest\"},{\"group\":\"heuristicExtension\"},{\"group\":\"heuristicSearchTip\"},{\"group\":\"heuristicOmnibox\"},{\"group\":\"heuristicEngineAlias\"},{\"group\":\"heuristicBookmarkKeyword\"},{\"group\":\"heuristicAutofill\"},{\"group\":\"heuristicPreloaded\"},{\"group\":\"heuristicTokenAliasEngine\"},{\"group\":\"heuristicFallback\"}]},{\"group\":\"extension\",\"availableSpan\":5},{\"flexChildren\":true,\"children\":[{\"children\":[{\"flexChildren\":true,\"children\":[{\"flex\":2,\"group\":\"formHistory\"},{\"flex\":4,\"group\":\"remoteSuggestion\"}]},{\"group\":\"tailSuggestion\"}],\"flex\":2},{\"group\":\"generalParent\",\"children\":[{\"availableSpan\":3,\"group\":\"inputHistory\"},{\"flexChildren\":true,\"children\":[{\"flex\":1,\"group\":\"remoteTab\"},{\"flex\":2,\"group\":\"general\"},{\"flex\":2,\"group\":\"aboutPages\"},{\"flex\":1,\"group\":\"preloaded\"}]},{\"group\":\"inputHistory\"}],\"flex\":1}]}]}"); user_pref("extensions.activeThemeID", "firefox-compact-light@mozilla.org"); user_pref("extensions.blocklist.lastModified", "Mon, 10 Feb 2020 13:21:57 GMT"); user_pref("extensions.blocklist.pingCountTotal", 11); user_pref("extensions.blocklist.pingCountVersion", -1); user_pref("extensions.databaseSchema", 35); user_pref("extensions.getAddons.cache.lastUpdate", 1652959284); user_pref("extensions.getAddons.databaseSchema", 6); user_pref("extensions.incognito.migrated", true); user_pref("extensions.lastAppBuildId", "20220513165813"); user_pref("extensions.lastAppVersion", "100.0.1"); user_pref("extensions.lastPlatformVersion", "100.0.1"); user_pref("extensions.pendingOperations", false); user_pref("extensions.pictureinpicture.enable_picture_in_picture_overrides", true); user_pref("extensions.reset_default_search.runonce.3", true); user_pref("extensions.reset_default_search.runonce.reason", "previousRun"); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"directory\":\"{eba6a177-82cc-4c0b-b960-d1aabe880e73}\",\"addons\":{\"webcompat@mozilla.org\":{\"version\":\"100.2.1buildid20220504.194401\"}}}"); user_pref("extensions.webcompat.enable_picture_in_picture_overrides", true); user_pref("extensions.webcompat.enable_shims", true); user_pref("extensions.webcompat.perform_injections", true); user_pref("extensions.webcompat.perform_ua_overrides", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.doh-rollout@mozilla.org", true); user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.screenshots@mozilla.org", true); user_pref("extensions.webextensions.uuids", "{\"formautofill@mozilla.org\":\"747925fb-bbe4-4112-8ba9-b052aeef155e\",\"fxmonitor@mozilla.org\":\"ab5cafe0-ade2-4ba6-b170-ceea8cefb4de\",\"screenshots@mozilla.org\":\"e1968c92-59bd-481a-b601-1aaab6a82bdc\",\"webcompat-reporter@mozilla.org\":\"1205ccec-3ed3-4372-8538-b6f9260a45cd\",\"webcompat@mozilla.org\":\"f4ae2df6-a7d0-4a43-8be0-07e4bab3999f\",\"default-theme@mozilla.org\":\"8685d83e-ad21-4afa-81fb-8086052adc7b\",\"google@search.mozilla.org\":\"b9f78431-c238-4908-b770-5d497820e375\",\"bing@search.mozilla.org\":\"35002fc0-85ed-42b0-b62d-3c95ab4c23a6\",\"amazon@search.mozilla.org\":\"2daf4bbf-a2d0-4a7d-995b-ce5becdf88a2\",\"ddg@search.mozilla.org\":\"e65b49b2-ad6b-4827-ac69-9ccb422bbb6a\",\"ebay@search.mozilla.org\":\"a599ced4-7a09-4d44-9563-2adbcfeffe07\",\"qwant@search.mozilla.org\":\"a6dce602-fb04-4b67-ac97-5c20205a0938\",\"wikipedia@search.mozilla.org\":\"77663576-c4f4-4c59-9cba-adf10f3a6541\",\"CPS2ter-2020_Firefox@asipsante.fr\":\"a98c530f-c254-4979-ae1b-8a59cebb6246\",\"doh-rollout@mozilla.org\":\"e1ddfa2f-36e2-4af5-ad87-dbe5b4cf7455\",\"pictureinpicture@mozilla.org\":\"131d2615-15b1-4bad-8dac-c1ab0d8c7471\",\"firefox-compact-light@mozilla.org\":\"22535bd3-3c62-4aad-b9ea-aa5d459275d3\",\"addons-search-detection@mozilla.com\":\"c4db2c11-c338-4864-96ce-be18046c3eb6\",\"proxy-failover@mozilla.com\":\"127162bc-65fb-4292-a3d2-478e94f0870f\"}"); [Profile0] - Name=default-release -> Profiles/azigoii6.default-release ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{1b49aed0-6e3e-4cc6-809b-01037219e97d}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{2894c1d7-6d5c-4785-8b59-ac2afcbd88b8}] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{1b49aed0-6e3e-4cc6-809b-01037219e97d}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{2894c1d7-6d5c-4785-8b59-ac2afcbd88b8}] "DhcpNameServer"=192.168.1.1 192.168.1.1 ---------- | ActiveX [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{052EB454-9F19-CB42-7875-807F79F311C4}] - () - -> [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - -> [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - -> [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - () - -> [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}] - () - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{052860C8-3E53-3D0B-9332-48A8B4971352}] - (.NET Framework) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{052EB454-9F19-CB42-7875-807F79F311C4}] - (CCleaner Browser) - -> "C:\Program Files (x86)\CCleaner Browser\Application\101.0.16219.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - @%SystemRoot%\system32\themeui.dll,-2682 -> /UserInstall [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - @%SystemRoot%\system32\shell32.dll,-32969 -> U [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - (Google Chrome) - -> "C:\Program Files (x86)\Google\Chrome\Application\101.0.4951.67\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8F5D9E08-71EC-370E-BA96-36E6EF916DF2}] - (.NET Framework) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}] - (Microsoft Edge) - -> "C:\Program Files (x86)\Microsoft\Edge\Application\101.0.1210.47\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> [HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{FEBEF00C-046D-438D-8A88-BF94A6C9E703}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{8E0A742C-D031-348A-954F-AFE3CB92EFB7}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{990CB269-A600-38D0-B7D1-FBD392495F13}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> ---------- | Applications [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Classes\Applications\HelloDOC.exe] : "C:\Program Files (x86)\IMAGINE Editions\HelloDoc\HelloDOC.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\Acrobat.exe] : "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\ois.exe] : C:\PROGRA~1\MICROS~1\Office14\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\Classes\Applications\PicasaPhotoViewer.exe] : "C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Acrobat.exe] : "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ois.exe] : C:\PROGRA~1\MICROS~1\Office14\OIS.EXE /shellOpen "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PicasaPhotoViewer.exe] : "C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | DCOMApplications Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af} Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68} Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba} Name: TabTip - AppID: {01419581-4d63-4d43-ac26-6e2fc976c1f3} Name: LogViewer2 - AppID: {01D17912-1791-47FF-8C89-F0F8E9409A86} Name: lfsvc - AppID: {020FB939-2C8B-4DB7-9E90-9527966E38E5} Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030} Name: dgnuiasvr_x64.exe - AppID: {03C140B2-4039-4AE3-A819-53BD10023E02} Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd} Name: InstallServiceUserBroker - AppID: {0450178e-e3ee-46d8-9130-c0b84f169f53} Name: DevicesFlowExperienceFlow - AppID: {046AEAD9-5A27-4D3C-8A67-F82552E0A91B} Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B} Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23} Name: OOBE Bio Enrollment - AppID: {0771f7af-8de6-4bce-9528-2d4a12cb8168} Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299} Name: Retail Demo User COM Agent - AppID: {0886dae5-13ba-49d6-a6ef-d0922e502d96} Name: RtkApoApi - AppID: {08B039CA-84AA-40EA-8E9C-1D9537DC415B} Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A} Name: Proximity Sharing - AppID: {08FC06E4-C6B5-40BE-97B0-B80F943C615B} Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3} Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3} Name: SEAPO - AppID: {0A21D954-674A-4C09-806E-DB4FBE8F199C} Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94} Name: MainController App ID - AppID: {0B789C73-D8DA-416D-B665-C1603676CEB1} Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C} Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de} Name: MpUx Agent Host - AppID: {1111A26D-EF95-4A45-9F55-21E52ADF9887} Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E} Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666} Name: Shell Create Object Task Server - AppID: {133eac4f-5891-4d04-bada-d84870380a80} Name: Shell Create Object Handler - AppID: {135fd325-45b7-4c30-89f8-4386961669f0} Name: TPM Virtual Smart Card VCard Module Manager - AppID: {150F28F1-49A5-4C28-BE1A-CFA854A1D04B} Name: Remote TPM Virtual Smart Card Manager - AppID: {152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC} Name: PerAppRuntimeBroker - AppID: {15c20b67-12e7-4bb6-92bb-7aff07997402} Name: ServiceModule - AppID: {16962488-ADC4-4DF7-BD84-0016C63255C5} Name: TPM Virtual Smart Card Manager - AppID: {16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A} Name: Speech Runtime COM - AppID: {1725704B-A716-4E04-8EF6-87ED4F0A180A} Name: Immersive TPM Virtual Smart Card Manager - AppID: {19833350-BF9B-42A1-BDF0-BD1FCBE1FD31} Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Name: Dispatch - AppID: {1A8607FE-37DE-40ef-821B-E442CB2FC967} Name: GIDS Smart Card Simulator Manager - AppID: {1AC32B1A-E379-4CAD-B655-F978A30856EC} Name: PerceptionSimulation - AppID: {1B162A5B-B67A-4468-9613-C3F9765B353B} Name: DebugTargetAdapters Class - AppID: {1b7778f3-fe54-443c-8729-1e78b0715299} Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6} Name: Office Licensing COM Server 14 - AppID: {1E886174-DC88-4B83-8BC5-66409EC75F14} Name: MyEpson Portal Service - AppID: {1EA8AE6B-3E49-4C56-B4F6-91BC83604BEB} Name: TIManagersProxy Class Application - AppID: {1EF75F33-893B-4E8F-9655-C3D602BA4897} Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c} Name: CommonSoftwareManager - AppID: {1F50E391-C083-4E93-A37A-64D6DFC97ADB} Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0} Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2} Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7} Name: Microsoft Software Protection Platform Admin Object (Inner) - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A717} Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526} Name: Provisioning Core - AppID: {217700E0-0000-11DF-ADB9-F4CE462D9137} Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829} Name: CortanaExperienceFlow - AppID: {24AC8F2B-4D4A-4C17-9607-6A4B14068F97} Name: Experimentation Broker - AppID: {2568BFC5-CDBE-4585-B8AE-C403A2A5B84A} Name: Update Notification Component Com Handler - AppID: {25d6d937-1fa3-4a22-8875-8680943b3f29} Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF} Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E} Name: WInRTDesktopBroker - AppID: {27550CA0-E9DE-4186-A566-37A59BB6CA69} Name: Cloud Change Wnf Monitor - AppID: {276D4FD3-C41D-465F-8CA9-A82A7762DF32} Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E} Name: WalletService - AppID: {27D6B72D-094D-445A-9ACE-8298CBA0611A} Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78} Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A} Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5} Name: WalletService - AppID: {2EA38040-0B9C-4379-87FD-4D38BB892F37} Name: Windows Security Health Service - AppID: {2EB6D15C-5239-41CF-82FB-353D20B816CF} Name: WaaSMedicSvc - AppID: {2ED83BAA-B2FD-43B1-99BF-E6149C622692} Name: DevicesFlow - AppID: {2F93C02D-77F9-46B4-95FB-8CBB81EEB62C} Name: ImmersiveShellBrokers - AppID: {2FD08A73-D1F1-43EB-B888-24C2496F95FD} Name: ShellServiceHostBrokerProvider - AppID: {30AD8C8E-AE85-42FA-B9E8-7E99E3DFBFC5} Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7} Name: AuthHost - AppID: {31337EC7-5767-11CF-BEAB-00AA006C3606} Name: ie_to_edge_bho - AppID: {31575964-95F7-414B-85E4-0E9A93699E13} Name: Immersive Shell - AppID: {316CDED5-E4AE-4B15-9113-7055D84DCC97} Name: UiaManagerCrossMachineProxyAppId - AppID: {31b965c2-d4a3-4d8e-ac40-a76d466cd0b7} Name: Delivery Optimization User - AppID: {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} Name: Language Components Installer Com Handler - AppID: {33ADC7D5-BAF1-4661-9822-1FD23E63B39F} Name: wpnservice - AppID: {34E76A18-223B-4E23-BEAD-F59358CC0A90} Name: TrayAppIdentityResolver - AppID: {35BC523D-8BE9-496E-8257-026E8B4750FC} Name: CoreDpuWapSvr - AppID: {36234D6F-D9B8-404B-91C9-736BD2EE3040} Name: Windows Push Notification Platform - AppID: {362cc086-4d81-4824-bbb5-666d34b3197d} Name: adminsvr - AppID: {366E9A85-B500-4268-B4DC-2AE01848CEB3} Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB} Name: Security Health Agent Activate As Activator Host - AppID: {37096FBE-2F09-4FF6-8507-C6E4E1179893} Name: AppServiceContainerBroker - AppID: {37399c92-dc3f-4b55-ae5b-811ee82398ad} Name: Delivery Optimization - AppID: {379001DE-7108-4A45-8A74-6CD0A9FBEF2C} Name: Microsoft Portable Workspace Launcher - AppID: {37B73D7B-A976-43AE-97E4-BD4977B241F2} Name: MiracastTestRemoteCommandSender - AppID: {39214908-5362-44b4-97f4-1aa724d3e0da} Name: WorkspacePolicyProcessor - AppID: {3C3F40BC-60EB-4567-B90C-480C87C21AC1} Name: EEL64A - AppID: {3D5781D9-B2FF-4396-8478-395412020995} Name: StarBurnXLib - AppID: {3DD7EA49-B5E1-4493-895D-C73562138FC0} Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F} Name: PFReceiveFax - AppID: {3E445191-CE33-487e-8569-AB639246B4F7} Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e} Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7} Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683} Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25} Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c} Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91} Name: Connected User Store - AppID: {40AFA0B6-3B2F-4654-8C3F-161DE85CF80E} Name: NaturalAuthentication - AppID: {412E0F20-6C5B-43EC-879F-DA444A416EAC} Name: Core Shell Broker Provider - AppID: {41928E27-7275-491C-A5A1-4FDC791BF609} Name: EntAppSvc - AppID: {42C21DF5-FB58-4102-90E9-96A213DC7CE8} Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775} Name: SPP External COM Object - AppID: {44831FEC-DC51-4716-A7E1-E898FDF83C85} Name: Thumbnail Extraction Host Class - AppID: {4545dea0-2dfc-4906-a728-6d986ba399a9} Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29} Name: Application Activation Manager - AppID: {45BA127D-10A8-46EA-8AB7-56EA9078943C} Name: Set Network Location Elevated Virtual Factory - AppID: {46B988E8-BEC2-401F-A1C5-16C694F26D3E} Name: Radio Management Service - AppID: {478B41E6-3257-4519-BDA8-E971F9843849} Name: EEG64A - AppID: {47EC1E17-F30B-430b-B9C4-DF60ED501A4B} Name: ShellServiceHost - AppID: {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077} Name: COM_SRS_HP360 - AppID: {49611624-F1A3-4AA7-8A06-0209D7D6BA92} Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Name: Telephony App Launcher - AppID: {49EBD8BE-1A92-4A86-A651-70AC565E0FEB} Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d} Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17} Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C} Name: AszBrowseHelper - AppID: {4D0EF64C-71D3-4A05-93B1-8EC58AE8D6D9} Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC} Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94} Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345} Name: ServiceModule - AppID: {4EB61BAC-A3B6-4760-9581-655041EF4D69} Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B} Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630} Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25} Name: Security Health Agent Interactive User Host for WDSP only - AppID: {4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED} Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601} Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1} Name: wuapihost - AppID: {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5} Name: Telephony Service UI Toast - AppID: {52B65EB7-907C-4D83-A535-283BE9104DE4} Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B} Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B} Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C} Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660} Name: LockScreenContentServer Out of Proc Helper for LockScreenContent Clients - AppID: {536AACFB-5238-4314-B4D4-5B0A2E8B968E} Name: ShareFlow - AppID: {549e57e9-b362-49d1-b679-b64d510efe4b} Name: SRS_APO_Universal - AppID: {553C48B2-BA6B-412B-9F8D-2B62B1B912AA} Name: Bonjour - AppID: {56608F9C-223B-4CB6-813D-85EDCCADFB4B} Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF} Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B} Name: Elevated System Settings COM Host - AppID: {57360832-5F9B-4190-8467-000D2D510212} Name: PrintNotify - AppID: {588E10FA-0618-48A1-BE2F-0AD93E899FCC} Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2} Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61} Name: Docking.VirtualInput Create Object Server - AppID: {5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26} Name: WalletService - AppID: {5BC7A3A1-E905-414B-9790-E511346F5CA6} Name: Microsoft Maps Background Transfer Service - AppID: {5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309} Name: EED64A - AppID: {5C73574D-FC7B-4747-8352-143F011923A0} Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1} Name: Splash screen - AppID: {5EAD00DC-0E8B-497C-BDE8-B9153058CBEF} Name: User OOBE Create User Object Server - AppID: {5f7f3f7b-1177-4d4b-b1db-bc6f671b8f25} Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1} Name: CLMLSvc_P2G13 - AppID: {610B18B9-4544-42b4-9988-7E5590478BD7} Name: gusvc - AppID: {61E28BF8-C02B-499F-8E7A-34C1E4A1C649} Name: PDFPrevHndlr - AppID: {6236FF8C-E747-4173-86D3-99F511B61DF3} Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D} Name: Dragon Service - AppID: {6242320F-AA11-4969-99AD-9FA1BA5FA01E} Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327} Name: PenIMC2 - AppID: {63CE6D27-426A-41F9-8E51-549C1132DAE2} Name: CoreShellHost - AppID: {64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2} Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E} Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E} Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30} Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8} Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F} Name: Watson subscriber for SENS Network Events - AppID: {6CF90891-3E04-4092-B96C-28E071EEEACB} Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b} Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56} Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56} Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B} Name: Recommended Troubleshooting Service - AppID: {6de5dc63-3c0c-4dda-9220-1028a37298ba} Name: TieringEngineService - AppID: {6DF5BCF4-22E9-446D-8763-A2C7677ECF7D} Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce} Name: SEMgrSvc - AppID: {6F4B8D94-91FE-4665-B1E7-A34AE3F299F6} Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca} Name: EditionUpgradeHelper - AppID: {6F65B602-F798-4094-8A41-A2A61961E5E8} Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5} Name: Windows Insider Service - AppID: {7006698d-2974-4091-a424-85dd0b909e23} Name: SerifLTComAdapter - AppID: {710DCDEA-5655-478F-B99D-B0B6D4504AF7} Name: workfolderssvc - AppID: {712cedb9-16a4-4f79-801d-7de24d8c706e} Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC} Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD} Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED} Name: ServiceModule - AppID: {75C1FF73-0BBE-4032-88DF-0A268F3A2080} Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950} Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070} Name: WebPlatStorageBrokerServer - AppID: {7966b4d8-4fdc-4126-a10b-39a3209ad251} Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100} Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d} Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7} Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829} Name: Shell Create Object Local Server - AppID: {7B6EA1D5-03C2-4AE4-B21C-8D0515CC91B7} Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32} Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6} Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB} Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715} Name: Security Health Agent Interactive User Host - AppID: {7E55A26D-EF95-4A45-9F55-21E52ADF9887} Name: Battery Notification Manager - AppID: {7EAD5C10-8B3F-11E6-AE22-56B6B6499611} Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {7FC12E96-4CB7-4ABD-ADAA-EF7845B10629} Name: CFmIfsEngine host - AppID: {82D94FB3-7FE6-4797-BB72-9A886C66073B} Name: MVSNClientDownloadManager61Lib - AppID: {830DB37A-B286-4092-9758-9934982F2004} Name: UsoCoreWorker Class - AppID: {831EF03D-BAF2-46AD-81B6-6AA5C9E30317} Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F} Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850} Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE} Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} Name: AppReadiness Service - AppID: {88283d7c-46f4-47d5-8fc2-db0b5cf0cb54} Name: Activation Manager Shim - AppID: {8A9AE632-CB07-4A11-8872-358A2A271A24} Name: Desktop Wallpaper Factory - AppID: {8B30085D-A3E3-44e3-AE7F-B03A1340EBED} Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854} Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB} Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee} Name: TiWorker - AppID: {8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D} Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C} Name: WalletService - AppID: {8E44A57C-5638-44D3-9B83-34DF70EB57F2} Name: RdpSa - AppID: {8e7fae4d-cff0-41d3-a326-5a80470264bb} Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444} Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db} Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients - AppID: {924DC564-16A6-42EB-929A-9A61FA7DA06F} Name: RtkPgExt - AppID: {92842063-1ECC-4a1a-9343-9A8E1C972E60} Name: HtmlLocalFileResolver - AppID: {93AAD2A0-036A-4B11-A078-DA8776B38139} Name: Wwan Service Toast Notification - AppID: {941C53C2-D2D7-4C74-84EA-28F8F6438D4B} Name: ServiceModule - AppID: {9465B4B4-5216-4042-9A2C-754D3BCDC410} Name: UiaManager - AppID: {94a38670-983b-459c-87c8-bb6ad617fd74} Name: PenIMC4v2 - AppID: {953E4863-7AD1-4DAE-B2BD-108F1D57967B} Name: WebPlatformStorageServer - AppID: {973d20d7-562d-44b9-b70b-5a0f49ccdf3f} Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60} Name: Telephony Incoming Call Toast - AppID: {990F07C7-78DC-4BD2-B145-5F791410BDDE} Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7} Name: Bluetooth User Service - AppID: {9980CAAB-B154-408C-B5FD-29A701E40825} Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Name: RuntimeBroker - AppID: {9CA88EE3-ACB7-47c8-AFC4-AB702511C276} Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8} Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030} Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D} Name: RtkCfg - AppID: {A11009A7-DC01-48F8-B6AA-C4613FC5CB15} Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Name: TrayNotify - AppID: {a2b77517-6d12-4c60-b0c6-725e971ec8fe} Name: rundll32.exe - AppID: {a2d9ca22-a492-400c-b875-78ac25c0a6f3} Name: Xhr2OOP - AppID: {a3a81ee7-be13-4dd8-89f7-26aba705d81d} Name: Virtual Factory for Windows Defender Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357} Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6} Name: DsmAdminApi - AppID: {A5065670-136D-4FD6-A45F-00C85B90359C} Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24} Name: Core Shell Service Provider - AppID: {A67168DB-418E-4087-B63E-852E822BB1ED} Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121} Name: ServiceModule - AppID: {A6B716CB-028B-404D-B72C-50E153DD68DA} Name: Virtual Factory for MaintenanceUI - AppID: {A6BFEA43-501F-456F-A845-983D3AD7B8F0} Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F} Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50} Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D} Name: Core Shell LPAC Broker Provider - AppID: {A7E84C44-F0C0-44F9-A4F2-68B5EA50B200} Name: Delivery Optimization Managment - AppID: {AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800} Name: Core Shell COM Server Registrar - AppID: {AA8F1F23-D819-4E95-9B36-7FD68D5218F9} Name: F12AppFrameClient Class - AppID: {AABAA6AA-5398-4C08-AE60-6321A7F05E9C} Name: QuietHours App ID - AppID: {AB7BDC53-0BB5-44F5-9E25-C444313D4686} Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22} Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94} Name: PaymentsSvc - AppID: {AC05815A-A8D5-434B-B9A8-2FFD162F2B7D} Name: RetailDemo Service - AppID: {ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325} Name: Microsoft Volumetric Audio Compositor - AppID: {AD829705-CCA8-44D4-88E0-331E48336059} Name: WPN Srumon Server - AppID: {ada41b3c-c6fd-4a08-8cc1-d6efde67be7d} Name: PFStatusManager2 - AppID: {AF2F6F23-AC73-48FB-B200-2C037AA0E26C} Name: TrayToastActivator - AppID: {AFC732E2-BA57-4B3E-A70A-71371F99B871} Name: WorkspaceBroker Class - AppID: {B06FF84E-0A77-4DD2-A919-0EABD8979DC1} Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA} Name: DockInterface COM server - AppID: {b21858c6-9711-4257-99c8-5c0084bebce1} Name: WpcMonSvc - AppID: {B34F88D1-F26B-42D5-8DD5-A442303A05D7} Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492} Name: AppActivationFailedHandler - AppID: {B3AADFEA-8404-4CBE-A62E-B0B715412C9E} Name: FireBreathWin - AppID: {B415CD14-B45D-4BCA-B552-B06175C38606} Name: RichVideo64 - AppID: {B58B304A-D419-4c50-BE1F-6F6CD234B7EF} Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C} Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599} Name: Com_SRS_TruSurroundHD - AppID: {B6D5C1B8-6F68-4A82-8E20-2D0F3A52BD6A} Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2} Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D} Name: ApplicationActivationImpl - AppID: {B9305506-D05B-4C36-81C5-0E50886C1755} Name: Bluetooth AVCTP Service - AppID: {B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B} Name: Application Frame Host - AppID: {B9B05098-3E30-483F-87F7-027CA78DA287} Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4} Name: AcroPDF - AppID: {BBAA0E44-3862-490C-8E63-AC2D2D6EF733} Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70} Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B} Name: Setting Sync Task Factory - AppID: {bcbb3f8c-2889-474f-8fb7-904d4a416145} Name: LxpSvc - AppID: {BCE82FB7-43F4-4827-A503-69E561667293} Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B} Name: EditionUpgradeManagerObj - AppID: {BD54C901-076B-434E-B6C7-17C531F4AB41} Name: VM IC Heartbeat Service - AppID: {be0fc7f0-f248-4091-a123-34ca29a6901b} Name: VailAudioProxy.exe - AppID: {BEEE3226-ECC5-464E-981B-BC123674C8DE} Name: Shell AutoPlay Direct - AppID: {BF8841C9-378A-4CAD-B4FC-5091366CBC0D} Name: ShellBrowserWindow - AppID: {c08afd90-f2a1-11d1-8455-00a0c91f3880} Name: LockAppHost Out of Proc Helper for Lock Apps - AppID: {C08B030B-E91C-479D-BEFD-02DDA7FF1BCF} Name: Spectrum - AppID: {C0E1CE99-C981-44A2-AC4C-41036FAC6593} Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6} Name: DataExchangeHost - AppID: {C2E9756F-8155-4EAC-9ED5-0B690169D412} Name: RetailCoreSystemAgent Service - AppID: {C2EA2356-994C-45AF-BDAE-10796F73BC47} Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF} Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1} Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E} Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444} Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D} Name: Acronis True Image Shell Extension Backend - AppID: {C4E69DB9-E094-483e-B922-E7ADE65FB497} Name: Xbox Live Game Saves - AppID: {C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3} Name: Input Switch Toast Handler - AppID: {C5DFE802-CE61-11E8-A8D5-F2801F1B9FD1} Name: EntAppSvc - AppID: {C63261E4-6052-41FF-B919-496FECF4C4E5} Name: EmailClient Class - AppID: {C6E0A4C8-A933-411E-8068-406C2391665F} Name: JumpViewExecuteHelper - AppID: {c82192ee-6cb5-4bc0-9ef0-fb818773790a} Name: FamilySafetyRefreshTask - AppID: {C844C79D-AED8-4DCE-AB25-4D359BED84F8} Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9} Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81} Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D} Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C} Name: editionupgradebroker - AppID: {C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125} Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F} Name: User OOBE Create Elevated Object Server - AppID: {ca8c87c1-929d-45ba-94db-ef8e6cb346ad} Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B} Name: PrintIsolationSessionHost - AppID: {CB363445-F453-4C1E-8EE4-BD123C5E394F} Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF} Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF} Name: GraphicsPerfSvc - AppID: {cd93979b-c14e-4c29-87a4-75e4f9fa5e0a} Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933} Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} Name: ServiceModule - AppID: {CECDDD22-2E72-4832-9606-A9B0E5E344B2} Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03} Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395} Name: Dispatch - AppID: {D011083C-3270-483f-B272-1C231E9DB7CA} Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7} Name: ScoreFitter - AppID: {D1A47ADC-2940-4689-98CC-88D223F3A9CE} Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5} Name: Color Management - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937} Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652} Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30} Name: MoUsoCoreWorker Class - AppID: {D726464B-98F1-4627-86CD-4A082A1E5307} Name: dgnuiasvr.exe - AppID: {D72EC95C-C74B-4ABC-874A-3FE9222E9846} Name: Microsoft Software Protection Platform Admin Object (outer) - AppID: {D8D4249F-A8FB-44A7-8AA0-564E8C385BD6} Name: natspeak.exe - AppID: {dd10ffff-6205-11cf-ae61-0000e8a28647} Name: BrowserBrokerServer - AppID: {DD9C53BC-8441-4B94-BD0E-36E6E02A6D61} Name: Srumon Server - AppID: {ddcfd26b-feed-44cd-b71d-79487d2e5e5a} Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44} Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5} Name: LockScreen Call Broker - AppID: {DE7D3D65-5454-4EF5-9518-776739DAB39F} Name: OneSetttings Broker - AppID: {E055B85B-22BD-4E15-A34D-46C58AB320AD} Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} Name: CavShell - AppID: {E11C8519-5595-4397-B515-AB036DEC467A} Name: RtkAPODll - AppID: {E1D2965E-D32B-4e1c-B9F1-159ACB984258} Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212} Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB} Name: SmartSoundASPlugin - AppID: {E4039489-1EBB-4707-9916-B217F158365A} Name: WinRTNet MUA hostserver AppID - AppID: {E4422CBC-05DF-4AF1-A84E-A5638479CDE7} Name: Execute Unknown - AppID: {e44e9428-bdbc-4987-a099-40dc8fd255e7} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients (Failed Mouse In Pointer) - AppID: {E45A56CE-399C-45F0-9E6F-BFAACD3C711F} Name: COM_SRS_WOWHD2 - AppID: {E46D2660-D86E-4B0A-BB61-F0FFE9BBDEB5} Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A} Name: ContainerHostActivation - AppID: {e53cd6ee-5c5c-4701-9ff2-c204bfed819d} Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9} Name: Orchestrator Service - AppID: {E7299E79-75E5-47BB-A03D-6D319FB7F886} Name: 33D63042-0E54-4F7B-9C4C-9325E8E0A180 - AppID: {E7F904D5-83DE-43F6-8EF5-9443DF243CFA} Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5} Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90} Name: Remove Device elevation surrogate - AppID: {E95186C7-7D80-4311-843D-0702CBC8B1E4} Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45E1-8E7D-64414AFF281A} Name: Exchange Active Sync Policy Manager Broker - AppID: {E9DD849F-B3CF-4614-94BB-CB2696BD34FB} Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8} Name: Feature Usage Listener - AppID: {EAB99738-0ADF-4A53-856C-DE58AFDE7682} Name: SuspendablePerAppRuntimeBroker - AppID: {eadbb044-2aed-4aba-bab5-1f8ae07a4a0c} Name: Convert VHD - AppID: {eae61b75-98d8-4af9-94e6-84b1c6f77c8a} Name: Remote Desktop Services Message Server - AppID: {EB521D7D-4095-4E61-88FB-BF25700F142A} Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A} Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A} Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58} Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147} Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7} Name: MixedRealityCapture - AppID: {EE3C7093-A852-49BA-8AC8-7DFBEC469F72} Name: CloudExperienceHostAppManager - AppID: {EEABBBC4-12D0-48F4-A9C5-9AB471806C29} Name: CloudExperienceHost Broker AppID - AppID: {efe2d6d8-a81b-41e7-ae77-e5244ab80522} Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC} Name: AcroBroker - AppID: {F2383816-917A-46CC-AD2A-5013BED3800F} Name: AvailableNetworksExperienceFlow - AppID: {F2506CD7-82C2-43D9-A1D3-F85F5EFE7D09} Name: Acronis VSS Requestor - AppID: {F282135C-65A6-4A99-80F1-F315BAC76BF4} Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7} Name: FodHelper - AppID: {F2F94BB3-595C-4509-B7EE-243FA2BDEA5B} Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801} Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A} Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248} Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717} Name: ActivatableApplicationRegistrar - AppID: {f59bbec1-0907-4464-b04d-1da329585370} Name: Pen Workspace Discover Broker - AppID: {F5A6ACF4-FFE0-4934-AE1D-5F960EA0AAD9} Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8} Name: Account Manager Service - AppID: {f7f34f79-6791-4d4e-9f15-9eaecd50bd78} Name: CloudExperienceHost Create System Object Server - AppID: {f7fa3149-91e7-43b7-8040-b707688ced1a} Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E} Name: WLIDFDP - AppID: {F828BB1A-2FAE-4AC4-AE6F-CAC9B529F996} Name: capdab - AppID: {F8B7455C-95BA-4EC8-85AC-8C32C4DC8E26} Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7} Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333} Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E} Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb} Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160} Name: Hotspot Auth Module - AppID: {FC5EEAF6-0002-11DF-ADB9-F4CE462D9137} Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9} Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00} Name: Proximity UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10C} Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} Name: EntAppSvc - AppID: {FFE1E5FE-F1F0-48C8-953E-72BA272F2744} Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-3-3215430884-1339816292-89257616-1145831019" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1111A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1111A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1111A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1111A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522" Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-84-0-0-0-0-0" Win32_DCOMApplication.AppID="{15c653f2-77f1-4cac-9644-656982d12f12}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{15c653f2-77f1-4cac-9644-656982d12f12}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{15c653f2-77f1-4cac-9644-656982d12f12}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{15c653f2-77f1-4cac-9644-656982d12f12}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{1A8607FE-37DE-40ef-821B-E442CB2FC967}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1A8607FE-37DE-40ef-821B-E442CB2FC967}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{1B162A5B-B67A-4468-9613-C3F9765B353B}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522" Win32_DCOMApplication.AppID="{1B162A5B-B67A-4468-9613-C3F9765B353B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1B162A5B-B67A-4468-9613-C3F9765B353B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1B162A5B-B67A-4468-9613-C3F9765B353B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F14}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F14}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F14}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F14}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{2A81FE91-95D7-487E-BBF8-B03308E54207}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{2A81FE91-95D7-487E-BBF8-B03308E54207}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422" Win32_DCOMApplication.AppID="{2A81FE91-95D7-487E-BBF8-B03308E54207}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2A81FE91-95D7-487E-BBF8-B03308E54207}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2A81FE91-95D7-487E-BBF8-B03308E54207}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-15-3-1024-1314380931-3989923313-3249193833-1963115619-3940350845-1282913705-2904921893-3519892189" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1212" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{354ff91b-5e49-4bdc-a8e6-1cb6c6877182}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{354ff91b-5e49-4bdc-a8e6-1cb6c6877182}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{354ff91b-5e49-4bdc-a8e6-1cb6c6877182}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{354ff91b-5e49-4bdc-a8e6-1cb6c6877182}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{366E9A85-B500-4268-B4DC-2AE01848CEB3}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{366E9A85-B500-4268-B4DC-2AE01848CEB3}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{37B05236-FFB5-4D42-B0C8-4A36CBF1BE62}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{37B05236-FFB5-4D42-B0C8-4A36CBF1BE62}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-1" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-2" Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-3" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-3-1024-3153509613-960666767-3724611135-2725662640-12138253-543910227-1950414635-4190290187" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-80-611605672-2879557022-2206624263-4029342278-3129212340" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-15-3-1024-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{52B65EB7-907C-4D83-A535-283BE9104DE4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{52B65EB7-907C-4D83-A535-283BE9104DE4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{52B65EB7-907C-4D83-A535-283BE9104DE4}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-15-2-460998419-1048838040-1306765847-3036341007-2963401754-1630001092-3310782549" Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-15-3-1024-2152139330-3124897132-671935159-3762809077-3273429135-2233686478-1435376800-2420532691" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-3-1024-3625662137-2682091254-856171984-2868379045-3001028726-1009205972-4175949866-684286152" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1031" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-80-3028837079-3186095147-955107200-3701964851-1150726376" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{730BFCEC-E4BF-4D3A-9FBB-01DD132467A4}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{831EF03D-BAF2-46AD-81B6-6AA5C9E30317}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{831EF03D-BAF2-46AD-81B6-6AA5C9E30317}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{831EF03D-BAF2-46AD-81B6-6AA5C9E30317}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{831EF03D-BAF2-46AD-81B6-6AA5C9E30317}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{831EF03D-BAF2-46AD-81B6-6AA5C9E30317}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{831EF03D-BAF2-46AD-81B6-6AA5C9E30317}" - Win32_SID.SID="S-1-5-80-223807737-1693445485-119162242-1977420160-1403034029" Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-3-1024-79080987-3398622760-2608912076-1085899501-4039864605-4024366022-736258278-368603348" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-80-4155767994-3874329934-3800885181-2130851812-726865888" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D02CEE1-70BC-449A-B873-70AC08B2676A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D02CEE1-70BC-449A-B873-70AC08B2676A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-15-3-1024-1701033769-137094913-3738083205-577272984-1204217555-1180762924-3352773070-2589626690" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1210" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{941C53C2-D2D7-4C74-84EA-28F8F6438D4B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{941C53C2-D2D7-4C74-84EA-28F8F6438D4B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{941C53C2-D2D7-4C74-84EA-28F8F6438D4B}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{9980CAAB-B154-408C-B5FD-29A701E40825}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{9980CAAB-B154-408C-B5FD-29A701E40825}" - Win32_SID.SID="S-1-5-80-2586557155-168560303-1373426920-983201488-1499765686" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-2165721414-884371012-2773947476-2437641138-4209659587-972658821-4033014341-190168586" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-2152139330-3124897132-671935159-3762809077-3273429135-2233686478-1435376800-2420532691" Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-3167453650-624722384-889205278-321484983-714554697-3592933102-807660695-1632717421" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-3-1024-2922296261-1647482768-2017091146-3858667068-4135663662-2931985894-1627820925-818366431" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AD829705-CCA8-44D4-88E0-331E48336059}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AD829705-CCA8-44D4-88E0-331E48336059}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{AD829705-CCA8-44D4-88E0-331E48336059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-3-1024-79080987-3398622760-2608912076-1085899501-4039864605-4024366022-736258278-368603348" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708" Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{BEEE3226-ECC5-464E-981B-BC123674C8DE}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{BEEE3226-ECC5-464E-981B-BC123674C8DE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BEEE3226-ECC5-464E-981B-BC123674C8DE}" - Win32_SID.SID="S-1-5-7" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-3246321066-2451215914-3422911474-2201726393-166328789" Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D011083C-3270-483f-B272-1C231E9DB7CA}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{D011083C-3270-483f-B272-1C231E9DB7CA}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D726464B-98F1-4627-86CD-4A082A1E5307}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{D726464B-98F1-4627-86CD-4A082A1E5307}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D726464B-98F1-4627-86CD-4A082A1E5307}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{D726464B-98F1-4627-86CD-4A082A1E5307}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{D726464B-98F1-4627-86CD-4A082A1E5307}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{D726464B-98F1-4627-86CD-4A082A1E5307}" - Win32_SID.SID="S-1-5-80-223807737-1693445485-119162242-1977420160-1403034029" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E4422CBC-05DF-4AF1-A84E-A5638479CDE7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E4422CBC-05DF-4AF1-A84E-A5638479CDE7}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{E4422CBC-05DF-4AF1-A84E-A5638479CDE7}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{E4422CBC-05DF-4AF1-A84E-A5638479CDE7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E4422CBC-05DF-4AF1-A84E-A5638479CDE7}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E4422CBC-05DF-4AF1-A84E-A5638479CDE7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E45A56CE-399C-45F0-9E6F-BFAACD3C711F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E45A56CE-399C-45F0-9E6F-BFAACD3C711F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{E45A56CE-399C-45F0-9E6F-BFAACD3C711F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E45A56CE-399C-45F0-9E6F-BFAACD3C711F}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{E45A56CE-399C-45F0-9E6F-BFAACD3C711F}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E45A56CE-399C-45F0-9E6F-BFAACD3C711F}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-7" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EE3C7093-A852-49BA-8AC8-7DFBEC469F72}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EE3C7093-A852-49BA-8AC8-7DFBEC469F72}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-5-7" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-3433512109-503559027-1389316256-1766580070-2256751264" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-1260278928-804197538-2066346633-4268302704-2216462912" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-345135819-4012009209-3062012967-1747265747-3674605950" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-951620777-1059631183-2804607755-3010024351-809615488" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-1" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-2" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-3" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-32-544" ---------- | SvcHost (Whitelist) [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay DcomLaunch SystemEventsBroker DeviceInstall "rdxgroup"=RetailDemo "Camera"=FrameS "LocalServiceNoNetworkFirewall"=BFE mpssvc "diagnostics"=DiagSvc "AarSvcGroup"=AarSvc "PrintWorkflow"=PrintWorkflowUserSvc "wusvcs"=WaaSMedicSvc "BcastDVRUserService"=BcastDVRUserService "GraphicsPerfSvcGroup"=GraphicsPerfSvc "autoTimeSvc"=autoTimeSvc "ClipboardSvcGroup"=cbdhsvc "BthAppGroup"=BluetoothUserService "smbsvcs"=lanmanserver "UdkSvcGroup"=UdkUserSvc "DevicesFlow"=DeviceAssociationBrokerSvc DevicesFlowUserSvc ConsentUxUserSvc DevicePickerUserSvc [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=DcomLaunch DeviceInstall "PrintWorkflow"=PrintWorkflowUserSvc "AarSvcGroup"=AarSvc "DevicesFlow"=DeviceAssociationBrokerSvc "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\8GadgetPack] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Acronis] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Adlice Software] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Adobe] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Akeo Consulting] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\AMD] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\AppDataLow] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\ATI] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\AvastAdSDK] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Avid] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\BugSplat] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Canneverbe Limited] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Chromium] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Clients] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Clipboarder] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\ComodoGroup] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\CompuGROUP] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Corel] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\CyberLink] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Cygnus Solutions] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\DemoCreator] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\DivXNetworks] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Dragon Systems] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Edge] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\EPSON] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\EPSON Software Updater] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Etiam] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\FLEXnet] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\GNU] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Google] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\GreenTree Applications] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Hagel] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\IMAGINE Editions] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Incomedia] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\iPhone Backup Extractor] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\JavaSoft] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Licenses] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Local AppWizard-Generated Applications] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Macromedia] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\MainConcept] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\MiniTool Software Limited] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Mozilla] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Netscape] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\ODBC] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\OpenOffice] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Partition Assistant] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\PC Cleaner] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\PC HelpSoft Driver Updater] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\PC Optimizer Pro] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Pinnacle Systems] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Piriform] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Policies] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\PrivaZer] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\QtProject] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Realtek] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\RegisteredApplications] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Roxio] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\ScanSoft] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Seiko Epson Corporation] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Serif] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Sysinternals] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\SYSSU] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Systweak] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\TeamViewer] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\UsbFix] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\vita-X AG] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\VOB] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Win32DiskImager] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\WinRAR] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\WinRAR SFX] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\WinThruster] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Wondershare] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Wow6432Node] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\ZHP] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\{17398D1C-F449-4356-BA28-D696CFD232F0}] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\{97794477-C2E2-46a3-8A2E-8B5C1371A133}] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Accessibility] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Active Setup] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\ActiveMovie] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\ActiveSync] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\ADs] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Assistance] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\AuthCookies] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Avalon.Graphics] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Clipboard] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\CommsAPHost] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\ComPstUI] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Connection Manager] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\CTF] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\DirectShow] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Ease of Access] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Edge] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\EdgeUpdate] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\EdgeWebView] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\EventSystem] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\F12] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Fax] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Feeds] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\FTP] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\GameBar] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\GameBarApi] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\IdentityCRL] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\IME] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\IMEMIP] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Input] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\InputMethod] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\InputPersonalization] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Installer] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Internet Connection Wizard] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Internet Explorer] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Keyboard] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\LanguageOverlay] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\MediaPlayer] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Messaging] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Microsoft Management Console] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\MicrosoftEdge] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\MiracastReceiver] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\MPEG2Demultiplexer] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\MS Design Tools] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\MSF] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Multimedia] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\MVA] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Narrator] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\NGC] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Notepad] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Office] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\OneDrive] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Osk] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Payment] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\PeerNet] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Personalization] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Phone] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Pim] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\PlayToReceiver] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Poom] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\RAS AutoDial] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Remote Assistance] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\ScreenMagnifier] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Sensors] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Shared] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Shared Tools] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\SkyDrive] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Speech] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Speech Virtual] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Speech_OneCore] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Spelling] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\SQMClient] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\StorageLibrary] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\SystemCertificates] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\TabletTip] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\TPG] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Unified Store] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Unistore] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\UserData] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\VisualStudio] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\WAB] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\WcmSvc] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Web Service Providers] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\wfs] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows Defender Security Center] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows Media] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows NT] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows Script] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows Script Host] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows Search] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows Security Health] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Windows Sidebar] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Wisp] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\XboxLive] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\RestartManager] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\AssignedAccessConfiguration] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows\Winlogon] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Acronis] [HKLM\Software\Adobe] [HKLM\Software\AMD] [HKLM\Software\AMDDVR] [HKLM\Software\AMDLOG] [HKLM\Software\Apple Inc.] [HKLM\Software\ASIP] [HKLM\Software\ASIP Sante] [HKLM\Software\ATI] [HKLM\Software\ATI Technologies] [HKLM\Software\Avid] [HKLM\Software\Bazwise] [HKLM\Software\Clients] [HKLM\Software\ComodoGroup] [HKLM\Software\Conduit] [HKLM\Software\Corel] [HKLM\Software\Corel Corporation] [HKLM\Software\CVSM] [HKLM\Software\cybelsoft] [HKLM\Software\CyberLink] [HKLM\Software\DefaultUserEnvironment] [HKLM\Software\DemoCreator] [HKLM\Software\EPSON] [HKLM\Software\Fortemedia] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\GIE SESAM VITALE] [HKLM\Software\Google] [HKLM\Software\Incomedia] [HKLM\Software\INextUUID] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\mcafeeupdater] [HKLM\Software\Microsoft] [HKLM\Software\MiniTool ShadowMaker] [HKLM\Software\MiniTool Software Limited] [HKLM\Software\Mozilla] [HKLM\Software\mozilla.org] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nuance] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\OpenSSH] [HKLM\Software\Oracle] [HKLM\Software\Partner] [HKLM\Software\PC Optimizer Pro] [HKLM\Software\Pegasus Imaging] [HKLM\Software\Pinnacle] [HKLM\Software\Pinnacle Systems] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\QEMU] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Roxio] [HKLM\Software\RTLSetup] [HKLM\Software\S.O.S Security] [HKLM\Software\Serif] [HKLM\Software\SonicFocus] [HKLM\Software\SoundResearch] [HKLM\Software\SRS Labs] [HKLM\Software\SYSSU] [HKLM\Software\Ulead Systems] [HKLM\Software\USB2800] [HKLM\Software\voidtools] [HKLM\Software\Windows] [HKLM\Software\Wondershare] [HKLM\Software\WOW6432Node] [HKLM\SOFTWARE\Microsoft\.NETFramework] [HKLM\SOFTWARE\Microsoft\AccountsControl] [HKLM\SOFTWARE\Microsoft\Active Setup] [HKLM\SOFTWARE\Microsoft\ActiveSync] [HKLM\SOFTWARE\Microsoft\ADs] [HKLM\SOFTWARE\Microsoft\Advanced INF Setup] [HKLM\SOFTWARE\Microsoft\ALG] [HKLM\SOFTWARE\Microsoft\AllUserInstallAgent] [HKLM\SOFTWARE\Microsoft\AMSI] [HKLM\SOFTWARE\Microsoft\Analog] [HKLM\SOFTWARE\Microsoft\AOMEI] [HKLM\SOFTWARE\Microsoft\AppServiceProtocols] [HKLM\SOFTWARE\Microsoft\ASP.NET] [HKLM\SOFTWARE\Microsoft\ASP.NET Core] [HKLM\SOFTWARE\Microsoft\Assistance] [HKLM\SOFTWARE\Microsoft\AudioCompressionManager] [HKLM\SOFTWARE\Microsoft\AuthHost] [HKLM\SOFTWARE\Microsoft\BidInterface] [HKLM\SOFTWARE\Microsoft\BitLockerCsp] [HKLM\SOFTWARE\Microsoft\CallAndMessagingEnhancement] [HKLM\SOFTWARE\Microsoft\Cellular] [HKLM\SOFTWARE\Microsoft\Chkdsk] [HKLM\SOFTWARE\Microsoft\Clipboard] [HKLM\SOFTWARE\Microsoft\ClipboardServer] [HKLM\SOFTWARE\Microsoft\CloudManagedUpdate] [HKLM\SOFTWARE\Microsoft\COM3] [HKLM\SOFTWARE\Microsoft\Command Processor] [HKLM\SOFTWARE\Microsoft\CommsAPHost] [HKLM\SOFTWARE\Microsoft\CoreShell] [HKLM\SOFTWARE\Microsoft\Cryptography] [HKLM\SOFTWARE\Microsoft\CTF] [HKLM\SOFTWARE\Microsoft\DataAccess] [HKLM\SOFTWARE\Microsoft\DataCollection] [HKLM\SOFTWARE\Microsoft\DataSharing] [HKLM\SOFTWARE\Microsoft\DDDS] [HKLM\SOFTWARE\Microsoft\DevDiv] [HKLM\SOFTWARE\Microsoft\Device Association Framework] [HKLM\SOFTWARE\Microsoft\DeviceReg] [HKLM\SOFTWARE\Microsoft\Dfrg] [HKLM\SOFTWARE\Microsoft\DFS] [HKLM\SOFTWARE\Microsoft\DiagnosticLogCSP] [HKLM\SOFTWARE\Microsoft\DirectDraw] [HKLM\SOFTWARE\Microsoft\DirectInput] [HKLM\SOFTWARE\Microsoft\DirectMusic] [HKLM\SOFTWARE\Microsoft\DirectPlay8] [HKLM\SOFTWARE\Microsoft\DirectPlayNATHelp] [HKLM\SOFTWARE\Microsoft\DirectShow] [HKLM\SOFTWARE\Microsoft\DirectX] [HKLM\SOFTWARE\Microsoft\DownloadManager] [HKLM\SOFTWARE\Microsoft\Driver Signing] [HKLM\SOFTWARE\Microsoft\DRM] [HKLM\SOFTWARE\Microsoft\DusmSvc] [HKLM\SOFTWARE\Microsoft\DVDNavigator] [HKLM\SOFTWARE\Microsoft\DVR] [HKLM\SOFTWARE\Microsoft\DXP] [HKLM\SOFTWARE\Microsoft\EAPSIMMethods] [HKLM\SOFTWARE\Microsoft\Edge] [HKLM\SOFTWARE\Microsoft\Enrollment] [HKLM\SOFTWARE\Microsoft\Enrollments] [HKLM\SOFTWARE\Microsoft\EnterpriseCertificates] [HKLM\SOFTWARE\Microsoft\EnterpriseDataProtection] [HKLM\SOFTWARE\Microsoft\EnterpriseResourceManager] [HKLM\SOFTWARE\Microsoft\EventSounds] [HKLM\SOFTWARE\Microsoft\EventSystem] [HKLM\SOFTWARE\Microsoft\F12] [HKLM\SOFTWARE\Microsoft\FamilyStore] [HKLM\SOFTWARE\Microsoft\Fax] [HKLM\SOFTWARE\Microsoft\FaxServer] [HKLM\SOFTWARE\Microsoft\Feeds] [HKLM\SOFTWARE\Microsoft\FilePicker] [HKLM\SOFTWARE\Microsoft\FilterDS] [HKLM\SOFTWARE\Microsoft\FingerKB] [HKLM\SOFTWARE\Microsoft\FTH] [HKLM\SOFTWARE\Microsoft\Function Discovery] [HKLM\SOFTWARE\Microsoft\Fusion] [HKLM\SOFTWARE\Microsoft\FuzzyDS] [HKLM\SOFTWARE\Microsoft\GameOverlay] [HKLM\SOFTWARE\Microsoft\HTMLHelp] [HKLM\SOFTWARE\Microsoft\Hub] [HKLM\SOFTWARE\Microsoft\Hvsi] [HKLM\SOFTWARE\Microsoft\IdentityCRL] [HKLM\SOFTWARE\Microsoft\IdentityStore] [HKLM\SOFTWARE\Microsoft\IHDS] [HKLM\SOFTWARE\Microsoft\ImageTimeSettings] [HKLM\SOFTWARE\Microsoft\IMAPI] [HKLM\SOFTWARE\Microsoft\IME] [HKLM\SOFTWARE\Microsoft\IMEJP] [HKLM\SOFTWARE\Microsoft\IMEKR] [HKLM\SOFTWARE\Microsoft\IMETC] [HKLM\SOFTWARE\Microsoft\InProcLogger] [HKLM\SOFTWARE\Microsoft\Input] [HKLM\SOFTWARE\Microsoft\InputMethod] [HKLM\SOFTWARE\Microsoft\InputPersonalization] [HKLM\SOFTWARE\Microsoft\Internet Account Manager] [HKLM\SOFTWARE\Microsoft\Internet Domains] [HKLM\SOFTWARE\Microsoft\Internet Explorer] [HKLM\SOFTWARE\Microsoft\IsoBurn] [HKLM\SOFTWARE\Microsoft\KGL] [HKLM\SOFTWARE\Microsoft\LanguageOverlay] [HKLM\SOFTWARE\Microsoft\LexiconUpdate] [HKLM\SOFTWARE\Microsoft\Managed Desktop] [HKLM\SOFTWARE\Microsoft\MdmCommon] [HKLM\SOFTWARE\Microsoft\MdmDiagnostics] [HKLM\SOFTWARE\Microsoft\MediaEngine] [HKLM\SOFTWARE\Microsoft\MediaPlayer] [HKLM\SOFTWARE\Microsoft\MemoryDiagnostic] [HKLM\SOFTWARE\Microsoft\Messaging] [HKLM\SOFTWARE\Microsoft\MessengerService] [HKLM\SOFTWARE\Microsoft\Microsoft Camera Codec Pack] [HKLM\SOFTWARE\Microsoft\Microsoft Reference] [HKLM\SOFTWARE\Microsoft\MiracastReceiver] [HKLM\SOFTWARE\Microsoft\MMC] [HKLM\SOFTWARE\Microsoft\Mobile] [HKLM\SOFTWARE\Microsoft\MpSigStub] [HKLM\SOFTWARE\Microsoft\MSBuild] [HKLM\SOFTWARE\Microsoft\MSDE] [HKLM\SOFTWARE\Microsoft\MSDRM] [HKLM\SOFTWARE\Microsoft\MSDTC] [HKLM\SOFTWARE\Microsoft\MSF] [HKLM\SOFTWARE\Microsoft\MSIME] [HKLM\SOFTWARE\Microsoft\MSLicensing] [HKLM\SOFTWARE\Microsoft\MSMQ] [HKLM\SOFTWARE\Microsoft\MSN Apps] [HKLM\SOFTWARE\Microsoft\MSOSOAP] [HKLM\SOFTWARE\Microsoft\MTF] [HKLM\SOFTWARE\Microsoft\MTFFuzzyFactors] [HKLM\SOFTWARE\Microsoft\MTFInputType] [HKLM\SOFTWARE\Microsoft\MTFKeyboardMappings] [HKLM\SOFTWARE\Microsoft\Multimedia] [HKLM\SOFTWARE\Microsoft\Multivariant] [HKLM\SOFTWARE\Microsoft\NET Framework Setup] [HKLM\SOFTWARE\Microsoft\NetSh] [HKLM\SOFTWARE\Microsoft\Network] [HKLM\SOFTWARE\Microsoft\Non-Driver Signing] [HKLM\SOFTWARE\Microsoft\Notepad] [HKLM\SOFTWARE\Microsoft\ODBC] [HKLM\SOFTWARE\Microsoft\OEM] [HKLM\SOFTWARE\Microsoft\Office] [HKLM\SOFTWARE\Microsoft\OfficeCSP] [HKLM\SOFTWARE\Microsoft\OfficeSoftwareProtectionPlatform] [HKLM\SOFTWARE\Microsoft\Ole] [HKLM\SOFTWARE\Microsoft\OnlineProviders] [HKLM\SOFTWARE\Microsoft\Outlook Express] [HKLM\SOFTWARE\Microsoft\Palm] [HKLM\SOFTWARE\Microsoft\Personalization] [HKLM\SOFTWARE\Microsoft\Phone] [HKLM\SOFTWARE\Microsoft\Photos] [HKLM\SOFTWARE\Microsoft\Pim] [HKLM\SOFTWARE\Microsoft\PLA] [HKLM\SOFTWARE\Microsoft\PlayToReceiver] [HKLM\SOFTWARE\Microsoft\PointOfService] [HKLM\SOFTWARE\Microsoft\Policies] [HKLM\SOFTWARE\Microsoft\PolicyManager] [HKLM\SOFTWARE\Microsoft\Poom] [HKLM\SOFTWARE\Microsoft\PowerShell] [HKLM\SOFTWARE\Microsoft\Print] [HKLM\SOFTWARE\Microsoft\Provisioning] [HKLM\SOFTWARE\Microsoft\PushRouter] [HKLM\SOFTWARE\Microsoft\RADAR] [HKLM\SOFTWARE\Microsoft\Ras] [HKLM\SOFTWARE\Microsoft\RAS AutoDial] [HKLM\SOFTWARE\Microsoft\RcsPresence] [HKLM\SOFTWARE\Microsoft\Reliability Analysis] [HKLM\SOFTWARE\Microsoft\Remediation] [HKLM\SOFTWARE\Microsoft\RemovalTools] [HKLM\SOFTWARE\Microsoft\RendezvousApps] [HKLM\SOFTWARE\Microsoft\Router] [HKLM\SOFTWARE\Microsoft\Rpc] [HKLM\SOFTWARE\Microsoft\SchedulingAgent] [HKLM\SOFTWARE\Microsoft\Schema Library] [HKLM\SOFTWARE\Microsoft\Security Center] [HKLM\SOFTWARE\Microsoft\SecurityManager] [HKLM\SOFTWARE\Microsoft\SEMgr] [HKLM\SOFTWARE\Microsoft\Sensors] [HKLM\SOFTWARE\Microsoft\Shared] [HKLM\SOFTWARE\Microsoft\Shared Tools] [HKLM\SOFTWARE\Microsoft\Shared Tools Location] [HKLM\SOFTWARE\Microsoft\Shell] [HKLM\SOFTWARE\Microsoft\SIH] [HKLM\SOFTWARE\Microsoft\Siuf] [HKLM\SOFTWARE\Microsoft\Software] [HKLM\SOFTWARE\Microsoft\Speech] [HKLM\SOFTWARE\Microsoft\Speech_OneCore] [HKLM\SOFTWARE\Microsoft\SQMClient] [HKLM\SOFTWARE\Microsoft\StrongName] [HKLM\SOFTWARE\Microsoft\Sync Framework] [HKLM\SOFTWARE\Microsoft\Sysprep] [HKLM\SOFTWARE\Microsoft\SystemCertificates] [HKLM\SOFTWARE\Microsoft\SystemSettings] [HKLM\SOFTWARE\Microsoft\TableTextService] [HKLM\SOFTWARE\Microsoft\TabletTip] [HKLM\SOFTWARE\Microsoft\TaskFlowDataEngine] [HKLM\SOFTWARE\Microsoft\Tcpip] [HKLM\SOFTWARE\Microsoft\TelemetryClient] [HKLM\SOFTWARE\Microsoft\Terminal Server Client] [HKLM\SOFTWARE\Microsoft\TermServLicensing] [HKLM\SOFTWARE\Microsoft\TouchPrediction] [HKLM\SOFTWARE\Microsoft\TPG] [HKLM\SOFTWARE\Microsoft\Tpm] [HKLM\SOFTWARE\Microsoft\Tracing] [HKLM\SOFTWARE\Microsoft\Transaction Server] [HKLM\SOFTWARE\Microsoft\TV System Services] [HKLM\SOFTWARE\Microsoft\uDRM] [HKLM\SOFTWARE\Microsoft\Uev] [HKLM\SOFTWARE\Microsoft\Unified Store] [HKLM\SOFTWARE\Microsoft\UNP] [HKLM\SOFTWARE\Microsoft\UPnP Control Point] [HKLM\SOFTWARE\Microsoft\UPnP Device Host] [HKLM\SOFTWARE\Microsoft\UserData] [HKLM\SOFTWARE\Microsoft\UserManager] [HKLM\SOFTWARE\Microsoft\VBA] [HKLM\SOFTWARE\Microsoft\Virtual Machine] [HKLM\SOFTWARE\Microsoft\VisualStudio] [HKLM\SOFTWARE\Microsoft\WAB] [HKLM\SOFTWARE\Microsoft\Wallet] [HKLM\SOFTWARE\Microsoft\Wbem] [HKLM\SOFTWARE\Microsoft\WcmSvc] [HKLM\SOFTWARE\Microsoft\WIMMount] [HKLM\SOFTWARE\Microsoft\Windows] [HKLM\SOFTWARE\Microsoft\Windows Defender] [HKLM\SOFTWARE\Microsoft\Windows Defender Security Center] [HKLM\SOFTWARE\Microsoft\Windows Desktop Search] [HKLM\SOFTWARE\Microsoft\Windows Mail] [HKLM\SOFTWARE\Microsoft\Windows Media Device Manager] [HKLM\SOFTWARE\Microsoft\Windows Media Foundation] [HKLM\SOFTWARE\Microsoft\Windows Media Player NSS] [HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem] [HKLM\SOFTWARE\Microsoft\Windows NT] [HKLM\SOFTWARE\Microsoft\Windows Photo Viewer] [HKLM\SOFTWARE\Microsoft\Windows Portable Devices] [HKLM\SOFTWARE\Microsoft\Windows Script Host] [HKLM\SOFTWARE\Microsoft\Windows Search] [HKLM\SOFTWARE\Microsoft\Windows Security Health] [HKLM\SOFTWARE\Microsoft\WindowsRuntime] [HKLM\SOFTWARE\Microsoft\WindowsSelfHost] [HKLM\SOFTWARE\Microsoft\WindowsUpdate] [HKLM\SOFTWARE\Microsoft\Wisp] [HKLM\SOFTWARE\Microsoft\WlanSvc] [HKLM\SOFTWARE\Microsoft\Wlpasvc] [HKLM\SOFTWARE\Microsoft\Wow64] [HKLM\SOFTWARE\Microsoft\WSDAPI] [HKLM\SOFTWARE\Microsoft\WwanSvc] [HKLM\SOFTWARE\Microsoft\XAML] [HKLM\Software\Microsoft\Windows\Autopilot] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\Dwm] [HKLM\Software\Microsoft\Windows\DynamicManagement] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\Heat] [HKLM\Software\Microsoft\Windows\Help] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\NcsiUwpApp] [HKLM\Software\Microsoft\Windows\Notepad] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\UpdateApi] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\autotimesvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UdkSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] [HKLM\Software\WOW6432Node\8GadgetPack] [HKLM\Software\WOW6432Node\Acronis] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\Avid] [HKLM\Software\WOW6432Node\Axilog] [HKLM\Software\WOW6432Node\Canneverbe Limited] [HKLM\Software\WOW6432Node\CCA] [HKLM\Software\WOW6432Node\ComodoGroup] [HKLM\Software\WOW6432Node\CompuGROUP] [HKLM\Software\WOW6432Node\Corel] [HKLM\Software\WOW6432Node\Corel Corporation] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\Cygnus Solutions] [HKLM\Software\WOW6432Node\DemoCreator] [HKLM\Software\WOW6432Node\DivXNetworks] [HKLM\Software\WOW6432Node\Dragon Systems] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\EUClone] [HKLM\Software\WOW6432Node\FreeFileSync] [HKLM\Software\WOW6432Node\GIE SESAM VITALE] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\GreenTree Applications] [HKLM\Software\WOW6432Node\Hagel] [HKLM\Software\WOW6432Node\iFun] [HKLM\Software\WOW6432Node\IMAGINE Editions] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Intermedix] [HKLM\Software\WOW6432Node\iTop Screenshot] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Licenses] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OldTimer Tools] [HKLM\Software\WOW6432Node\OpenSC] [HKLM\Software\WOW6432Node\Paragon Software] [HKLM\Software\WOW6432Node\Pegasus Imaging] [HKLM\Software\WOW6432Node\Pinnacle Systems] [HKLM\Software\WOW6432Node\Piriform] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\ScanSoft] [HKLM\Software\WOW6432Node\SEIKO EPSON Corp.] [HKLM\Software\WOW6432Node\Seiko Epson Corporation] [HKLM\Software\WOW6432Node\Serif] [HKLM\Software\WOW6432Node\Systweak] [HKLM\Software\WOW6432Node\TeamViewer] [HKLM\Software\WOW6432Node\USB2800] [HKLM\Software\WOW6432Node\VideoLAN] [HKLM\Software\WOW6432Node\vita-X AG] [HKLM\Software\WOW6432Node\Voice] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\WafCX] [HKLM\Software\WOW6432Node\WinRAR] [HKLM\Software\WOW6432Node\WinThruster] [HKLM\Software\WOW6432Node\WiseCleaner] [HKLM\Software\WOW6432Node\Wondershare] [HKLM\Software\WOW6432Node\Wow6432Node] [HKLM\Software\WOW6432Node\XIRING] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\.NETFramework] [HKLM\Software\WOW6432Node\Microsoft\Active Setup] [HKLM\Software\WOW6432Node\Microsoft\ADs] [HKLM\Software\WOW6432Node\Microsoft\Advanced INF Setup] [HKLM\Software\WOW6432Node\Microsoft\AMSI] [HKLM\Software\WOW6432Node\Microsoft\AOMEI] [HKLM\Software\WOW6432Node\Microsoft\AppServiceProtocols] [HKLM\Software\WOW6432Node\Microsoft\ASP.NET] [HKLM\Software\WOW6432Node\Microsoft\ASP.NET Core] [HKLM\Software\WOW6432Node\Microsoft\Assistance] [HKLM\Software\WOW6432Node\Microsoft\AudioCompressionManager] [HKLM\Software\WOW6432Node\Microsoft\AuthHost] [HKLM\Software\WOW6432Node\Microsoft\BidInterface] [HKLM\Software\WOW6432Node\Microsoft\BitLockerCsp] [HKLM\Software\WOW6432Node\Microsoft\ClipboardServer] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] [HKLM\Software\WOW6432Node\Microsoft\Cryptography] [HKLM\Software\WOW6432Node\Microsoft\CTF] [HKLM\Software\WOW6432Node\Microsoft\DataAccess] [HKLM\Software\WOW6432Node\Microsoft\DevDiv] [HKLM\Software\WOW6432Node\Microsoft\Device Association Framework] [HKLM\Software\WOW6432Node\Microsoft\Direct3D] [HKLM\Software\WOW6432Node\Microsoft\DirectDraw] [HKLM\Software\WOW6432Node\Microsoft\DirectInput] [HKLM\Software\WOW6432Node\Microsoft\DirectMusic] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay] [HKLM\Software\WOW6432Node\Microsoft\DirectPlay8] [HKLM\Software\WOW6432Node\Microsoft\DirectPlayNATHelp] [HKLM\Software\WOW6432Node\Microsoft\DirectShow] [HKLM\Software\WOW6432Node\Microsoft\DirectX] [HKLM\Software\WOW6432Node\Microsoft\DownloadManager] [HKLM\Software\WOW6432Node\Microsoft\DRM] [HKLM\Software\WOW6432Node\Microsoft\DVDNavigator] [HKLM\Software\WOW6432Node\Microsoft\DVR] [HKLM\Software\WOW6432Node\Microsoft\EAPSIMMethods] [HKLM\Software\WOW6432Node\Microsoft\Edge] [HKLM\Software\WOW6432Node\Microsoft\EdgeUpdate] [HKLM\Software\WOW6432Node\Microsoft\ENROLLMENTS] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Exchange] [HKLM\Software\WOW6432Node\Microsoft\F12] [HKLM\Software\WOW6432Node\Microsoft\Fax] [HKLM\Software\WOW6432Node\Microsoft\Feeds] [HKLM\Software\WOW6432Node\Microsoft\FilePicker] [HKLM\Software\WOW6432Node\Microsoft\Function Discovery] [HKLM\Software\WOW6432Node\Microsoft\Fusion] [HKLM\Software\WOW6432Node\Microsoft\GameOverlay] [HKLM\Software\WOW6432Node\Microsoft\HTMLHelp] [HKLM\Software\WOW6432Node\Microsoft\IdentityCRL] [HKLM\Software\WOW6432Node\Microsoft\IdentityStore] [HKLM\Software\WOW6432Node\Microsoft\IMAPI] [HKLM\Software\WOW6432Node\Microsoft\IME] [HKLM\Software\WOW6432Node\Microsoft\IMEJP] [HKLM\Software\WOW6432Node\Microsoft\IMEKR] [HKLM\Software\WOW6432Node\Microsoft\IMETC] [HKLM\Software\WOW6432Node\Microsoft\InputMethod] [HKLM\Software\WOW6432Node\Microsoft\InputPersonalization] [HKLM\Software\WOW6432Node\Microsoft\Internet Account Manager] [HKLM\Software\WOW6432Node\Microsoft\Internet Domains] [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer] [HKLM\Software\WOW6432Node\Microsoft\IsoBurn] [HKLM\Software\WOW6432Node\Microsoft\Jet] [HKLM\Software\WOW6432Node\Microsoft\MediaEngine] [HKLM\Software\WOW6432Node\Microsoft\MediaPlayer] [HKLM\Software\WOW6432Node\Microsoft\MessengerService] [HKLM\Software\WOW6432Node\Microsoft\Microsoft Camera Codec Pack] [HKLM\Software\WOW6432Node\Microsoft\MiracastReceiver] [HKLM\Software\WOW6432Node\Microsoft\MMC] [HKLM\Software\WOW6432Node\Microsoft\MSBuild] [HKLM\Software\WOW6432Node\Microsoft\MSDE] [HKLM\Software\WOW6432Node\Microsoft\MSDRM] [HKLM\Software\WOW6432Node\Microsoft\MSDTC] [HKLM\Software\WOW6432Node\Microsoft\MSF] [HKLM\Software\WOW6432Node\Microsoft\MSLicensing] [HKLM\Software\WOW6432Node\Microsoft\MSN Apps] [HKLM\Software\WOW6432Node\Microsoft\MSSOAP] [HKLM\Software\WOW6432Node\Microsoft\MTF] [HKLM\Software\WOW6432Node\Microsoft\Multimedia] [HKLM\Software\WOW6432Node\Microsoft\NET Framework Setup] [HKLM\Software\WOW6432Node\Microsoft\NetSh] [HKLM\Software\WOW6432Node\Microsoft\Network] [HKLM\Software\WOW6432Node\Microsoft\Notepad] [HKLM\Software\WOW6432Node\Microsoft\ODBC] [HKLM\Software\WOW6432Node\Microsoft\OEM] [HKLM\Software\WOW6432Node\Microsoft\Office] [HKLM\Software\WOW6432Node\Microsoft\Office Server] [HKLM\Software\WOW6432Node\Microsoft\OnlineProviders] [HKLM\Software\WOW6432Node\Microsoft\Outlook Express] [HKLM\Software\WOW6432Node\Microsoft\Palm] [HKLM\Software\WOW6432Node\Microsoft\PCHealth] [HKLM\Software\WOW6432Node\Microsoft\Personalization] [HKLM\Software\WOW6432Node\Microsoft\Photos] [HKLM\Software\WOW6432Node\Microsoft\PLA] [HKLM\Software\WOW6432Node\Microsoft\Policies] [HKLM\Software\WOW6432Node\Microsoft\PowerShell] [HKLM\Software\WOW6432Node\Microsoft\Print] [HKLM\Software\WOW6432Node\Microsoft\Provisioning] [HKLM\Software\WOW6432Node\Microsoft\RADAR] [HKLM\Software\WOW6432Node\Microsoft\RendezvousApps] [HKLM\Software\WOW6432Node\Microsoft\RFC1156Agent] [HKLM\Software\WOW6432Node\Microsoft\SchedulingAgent] [HKLM\Software\WOW6432Node\Microsoft\Schema Library] [HKLM\Software\WOW6432Node\Microsoft\Security Center] [HKLM\Software\WOW6432Node\Microsoft\Sensors] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools] [HKLM\Software\WOW6432Node\Microsoft\Shared Tools Location] [HKLM\Software\WOW6432Node\Microsoft\Software] [HKLM\Software\WOW6432Node\Microsoft\SPEECH] [HKLM\Software\WOW6432Node\Microsoft\SpeechAPI] [HKLM\Software\WOW6432Node\Microsoft\Speech_OneCore] [HKLM\Software\WOW6432Node\Microsoft\SQMClient] [HKLM\Software\WOW6432Node\Microsoft\Sync Framework] [HKLM\Software\WOW6432Node\Microsoft\SystemSettings] [HKLM\Software\WOW6432Node\Microsoft\TableTextService] [HKLM\Software\WOW6432Node\Microsoft\TabletTip] [HKLM\Software\WOW6432Node\Microsoft\Tcpip] [HKLM\Software\WOW6432Node\Microsoft\Terminal Server Client] [HKLM\Software\WOW6432Node\Microsoft\TouchPrediction] [HKLM\Software\WOW6432Node\Microsoft\TPG] [HKLM\Software\WOW6432Node\Microsoft\Tpm] [HKLM\Software\WOW6432Node\Microsoft\Tracing] [HKLM\Software\WOW6432Node\Microsoft\TV System Services] [HKLM\Software\WOW6432Node\Microsoft\uDRM] [HKLM\Software\WOW6432Node\Microsoft\Updates] [HKLM\Software\WOW6432Node\Microsoft\UPnP Control Point] [HKLM\Software\WOW6432Node\Microsoft\UPnP Device Host] [HKLM\Software\WOW6432Node\Microsoft\VisualStudio] [HKLM\Software\WOW6432Node\Microsoft\VSTA Runtime Setup] [HKLM\Software\WOW6432Node\Microsoft\VSTO Runtime Setup] [HKLM\Software\WOW6432Node\Microsoft\WAB] [HKLM\Software\WOW6432Node\Microsoft\WBEM] [HKLM\Software\WOW6432Node\Microsoft\WIA] [HKLM\Software\WOW6432Node\Microsoft\WIMMount] [HKLM\Software\WOW6432Node\Microsoft\Windows] [HKLM\Software\WOW6432Node\Microsoft\Windows Desktop Search] [HKLM\Software\WOW6432Node\Microsoft\Windows Mail] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Device Manager] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Foundation] [HKLM\Software\WOW6432Node\Microsoft\Windows Media Player NSS] [HKLM\Software\WOW6432Node\Microsoft\Windows Messaging Subsystem] [HKLM\Software\WOW6432Node\Microsoft\Windows NT] [HKLM\Software\WOW6432Node\Microsoft\Windows Photo Viewer] [HKLM\Software\WOW6432Node\Microsoft\Windows Portable Devices] [HKLM\Software\WOW6432Node\Microsoft\Windows Script Host] [HKLM\Software\WOW6432Node\Microsoft\WindowsRuntime] [HKLM\Software\WOW6432Node\Microsoft\WindowsUpdate] [HKLM\Software\WOW6432Node\Microsoft\Wisp] [HKLM\Software\WOW6432Node\Microsoft\WlanSvc] [HKLM\Software\WOW6432Node\Microsoft\WSDAPI] [HKLM\Software\WOW6432Node\Microsoft\WSE] [HKLM\Software\WOW6432Node\Microsoft\Cellular] [HKLM\Software\WOW6432Node\Microsoft\COM3] [HKLM\Software\WOW6432Node\Microsoft\DeviceReg] [HKLM\Software\WOW6432Node\Microsoft\DFS] [HKLM\Software\WOW6432Node\Microsoft\Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\EnterpriseCertificates] [HKLM\Software\WOW6432Node\Microsoft\EventSystem] [HKLM\Software\WOW6432Node\Microsoft\FingerKB] [HKLM\Software\WOW6432Node\Microsoft\FuzzyDS] [HKLM\Software\WOW6432Node\Microsoft\Input] [HKLM\Software\WOW6432Node\Microsoft\LanguageOverlay] [HKLM\Software\WOW6432Node\Microsoft\Messaging] [HKLM\Software\WOW6432Node\Microsoft\MSMQ] [HKLM\Software\WOW6432Node\Microsoft\MTFFuzzyFactors] [HKLM\Software\WOW6432Node\Microsoft\MTFInputType] [HKLM\Software\WOW6432Node\Microsoft\MTFKeyboardMappings] [HKLM\Software\WOW6432Node\Microsoft\Non-Driver Signing] [HKLM\Software\WOW6432Node\Microsoft\Ole] [HKLM\Software\WOW6432Node\Microsoft\Phone] [HKLM\Software\WOW6432Node\Microsoft\Pim] [HKLM\Software\WOW6432Node\Microsoft\Poom] [HKLM\Software\WOW6432Node\Microsoft\Ras] [HKLM\Software\WOW6432Node\Microsoft\Rpc] [HKLM\Software\WOW6432Node\Microsoft\SecurityManager] [HKLM\Software\WOW6432Node\Microsoft\Semgr] [HKLM\Software\WOW6432Node\Microsoft\Shell] [HKLM\Software\WOW6432Node\Microsoft\SystemCertificates] [HKLM\Software\WOW6432Node\Microsoft\TermServLicensing] [HKLM\Software\WOW6432Node\Microsoft\Transaction Server] [HKLM\Software\WOW6432Node\Microsoft\Unified Store] [HKLM\Software\WOW6432Node\Microsoft\UserData] [HKLM\Software\WOW6432Node\Microsoft\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\XAML] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\Heat] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs] ---------- | FeatureControl [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "AcroRd32.exe"="11000" "ashsnap.exe"="10001" "UI10.exe"="10001" "Acrobat.exe"="11000" "Main.exe"="11000" "OneDrive.exe"="11000" "PCTrans.exe"="11000" "Trial.exe"="8888" [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CrossDomain_Fix_KB867801] "ashsnap.exe"="1" "UI10.exe"="1" [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation] "ashsnap.exe"="1" "UI10.exe"="1" [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "ashsnap.exe"="10" "UI10.exe"="10" [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "ashsnap.exe"="10" "UI10.exe"="10" [HKU\S-1-5-21-2982999039-1405869219-2042017926-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION] "ashsnap.exe"="1" "UI10.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "UNPUXHost.exe"="11000" "ngstudio.exe"="9999" "WebPlus.exe"="0" "WebSiteX5.exe"="9999" "DemoCreator.exe"="9999" "AASIapp.exe"="11000" "Acrobat.exe"="11000" "AcroDist.exe"="11000" "AcroLicApp.exe"="11000" "experience.exe"="11000" "system_backup_gui.exe"="11000" "partitionwizard.exe"="11000" "updatechecker.exe"="11000" "PDR.exe"="11000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_IE_SHELLEXECUTE_CALLS] "*"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "infopath.exe"="1" "excel.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "clview.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_IE_SHELLEXECUTE_CALLS] "*"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "infopath.exe"="1" "excel.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" ---------- | The Created last ones ¦ Modified [MD5.00000000000000000000000000000000] - [19/05/2022 10:03:15] - |D| - [149889286] - C:\Program Files (x86)\AOMEI Partition Assistant [MD5.00000000000000000000000000000000] - [17/05/2022 10:08:56] - |D| - [693635215] - C:\Program Files (x86)\CCleaner Browser [MD5.00000000000000000000000000000000] - [03/05/2022 11:26:27] - |D| - [26239931] - C:\Program Files (x86)\Paragon Software [MD5.00000000000000000000000000000000] - [19/05/2022 11:47:06] - |D| - [10647672] - C:\Program Files (x86)\Wise [MD5.D51EA7FE5A74E919E5DF9CD55EBFC1A7] - [19/05/2022 10:03:39] - |A| - [1305680] - C:\WINDOWS\ddmmain.exe [MD5.D45BD7C7B7BF977246E9409D63435231] - [11/05/2022 07:01:44] - |A| - [5114880] - C:\WINDOWS\explorer.exe [MD5.00000000000000000000000000000000] - [19/05/2022 10:39:07] - |D| - [148028493] - C:\WINDOWS\LastGood.Tmp [MD5.00000000000000000000000000000000] - [19/05/2022 10:06:15] - |D| - [0] - C:\WINDOWS\Minidump [MD5.67D2CFDB80AC3B097E020425B2F43039] - [19/05/2022 11:51:22] - |A| - [3142] - C:\WINDOWS\PFRO.log [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [19/05/2022 11:51:49] - |A| - [276] - C:\WINDOWS\WindowsUpdate.log [MD5.A3CCCBFA44968D1A62EF72163456CDBF] - [03/05/2022 10:31:29] - |A| - [20094976] - C:\WINDOWS\Installer\14a0226c.msi [MD5.7F4182487D665485239F3FFB0BB25C88] - [03/05/2022 11:07:24] - |A| - [35811328] - C:\WINDOWS\Installer\14c526be.msi [MD5.C0F3822F5403F7BE0C0AF47D3ABE074D] - [17/05/2022 10:08:54] - |A| - [32768] - C:\WINDOWS\Installer\3b5e9e.msi [MD5.59FE5E58C4EE6D20AC177CB754AB8DA7] - [03/05/2022 12:10:05] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{56DDDFB8-7F79-4480-89D5-25E1F52AB28F} [MD5.1914557F7BC698198BCA4512C2B04C05] - [03/05/2022 10:32:00] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{61C37457-E06C-4EC1-B097-DBFD65E8467F} [MD5.461CFD2D49D1B47792596A9B1B364279] - [03/05/2022 12:12:03] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{82C2A7D9-6BFC-4BED-9EF9-C49780F02C3E} [MD5.35BAC6524D1D272D50C9B9838C340014] - [03/05/2022 11:25:56] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{D1F92E87-D837-491F-A588-34EB2CD184D1} [MD5.D2652A46E89CDC8659A0FE86EFB5382F] - [17/05/2022 10:17:07] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93} [MD5.00000000000000000000000000000000] - [03/05/2022 12:10:33] - |D| - [92809] - C:\WINDOWS\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F} [MD5.00000000000000000000000000000000] - [03/05/2022 11:26:35] - |D| - [3191110] - C:\WINDOWS\Installer\{D1F92E87-D837-491F-A588-34EB2CD184D1} [MD5.143807FB2A68E6BDC04B45CBA2F4E602] - [11/05/2022 07:03:57] - |A| - [415232] - C:\WINDOWS\system32\AcGenral.dll [MD5.7EBC4745686496918EF54660CB9640DE] - [11/05/2022 07:01:43] - |A| - [699872] - C:\WINDOWS\system32\advapi32.dll [MD5.0B5C05CF6870772324F1C23C82923536] - [11/05/2022 07:01:35] - |A| - [885248] - C:\WINDOWS\system32\agentactivationruntimewindows.dll [MD5.00000000000000000000000000000000] - [19/05/2022 10:55:49] - |D| - [120037] - C:\WINDOWS\system32\AMD [MD5.41100149E517EDA4F6E73629FEBD47E3] - [11/05/2022 07:02:08] - |A| - [1207040] - C:\WINDOWS\system32\ApplyTrustOffline.exe [MD5.D64223D5B9EEC17266DE48D5C8B7F615] - [11/05/2022 07:02:08] - |A| - [210944] - C:\WINDOWS\system32\AppXApplicabilityBlob.dll [MD5.4C976E5B96B8A44BCC8AE0C7475073A0] - [11/05/2022 07:02:07] - |A| - [1768960] - C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll [MD5.D8841378A3BE70FA8DF8BE9F1F5ADDD2] - [11/05/2022 07:02:07] - |A| - [2461696] - C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll [MD5.C3EA23628E287F907ED93188D5C8A305] - [11/05/2022 07:02:07] - |A| - [3904512] - C:\WINDOWS\system32\AppXDeploymentServer.dll [MD5.617C796943A8A8BEE803C0CED2262E5C] - [11/05/2022 07:03:52] - |A| - [561152] - C:\WINDOWS\system32\authfwcfg.dll [MD5.0F4CBB748916370DD8ED7DE01857A2D5] - [11/05/2022 07:02:38] - |A| - [5107712] - C:\WINDOWS\system32\AuthFWSnapin.dll [MD5.E7C16817BB28B58555E9283EAB3BE036] - [11/05/2022 07:01:34] - |A| - [80384] - C:\WINDOWS\system32\autopilot.dll [MD5.88CB6866110814C0BD73DA63374AAC51] - [11/05/2022 07:03:31] - |A| - [1387520] - C:\WINDOWS\system32\bcastdvruserservice.dll [MD5.610106916DA4654BA4C0F92143BED862] - [11/05/2022 07:02:00] - |A| - [892928] - C:\WINDOWS\system32\BFE.DLL [MD5.DF6E45722744343E50CC93D4F7C4B59F] - [11/05/2022 07:02:02] - |A| - [103936] - C:\WINDOWS\system32\bindfltapi.dll [MD5.7C08858480874C925F9EB12619FAAC6B] - [11/05/2022 07:01:55] - |A| - [9037312] - C:\WINDOWS\system32\BingMaps.dll [MD5.A6CF19D44ED3E7B17CF1568577DED266] - [11/05/2022 07:03:31] - |A| - [745952] - C:\WINDOWS\system32\BioIso.exe [MD5.03CF7163B4837A001BD4667A8880D6CD] - [11/05/2022 07:03:52] - |A| - [30208] - C:\WINDOWS\system32\CheckNetIsolation.exe [MD5.5F3306CDB44E9EE76255A39E0AC00C7E] - [11/05/2022 07:02:21] - |A| - [923656] - C:\WINDOWS\system32\ci.dll [MD5.FCE494855F3C9373357791CEEDEA74D3] - [11/05/2022 07:02:02] - |A| - [185856] - C:\WINDOWS\system32\cimfs.dll [MD5.3F541F1ACC33701EC66025D21D0EB23F] - [11/05/2022 07:02:09] - |A| - [115200] - C:\WINDOWS\system32\cldapi.dll [MD5.83E8BF8414B75A6CF42337A8B00E77B5] - [11/05/2022 07:03:36] - |A| - [1129600] - C:\WINDOWS\system32\ClipUp.exe [MD5.92B71D798EE75FE6AD9C89280FBA20E2] - [11/05/2022 07:01:52] - |A| - [1187176] - C:\WINDOWS\system32\CloudExperienceHostCommon.dll [MD5.F08031A8C4058C5599CAFEAB87DC4480] - [11/05/2022 07:02:21] - |A| - [3503896] - C:\WINDOWS\system32\combase.dll [MD5.124E258C59D6E67A00BE56D926014306] - [11/05/2022 07:03:57] - |A| - [520704] - C:\WINDOWS\system32\CPFilters.dll [MD5.0E29F5C6B6DE8D2ECF4E579BAE092EB2] - [11/05/2022 07:02:08] - |A| - [138752] - C:\WINDOWS\system32\CustomInstallExec.exe [MD5.2145AF7BC0134B76B49438BC5638EC99] - [11/05/2022 07:01:54] - |A| - [739328] - C:\WINDOWS\system32\d3d9on12.dll [MD5.DF6465F349C9CBDF3FCEB3F198E8FCB6] - [19/05/2022 10:03:39] - |A| - [35760] - C:\WINDOWS\system32\ddmdrv.sys [MD5.C4A3E565F14F5B70D5E1E0FED5D3DA03] - [11/05/2022 07:02:37] - |A| - [10752] - C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll [MD5.AF595355DE9E56E118FBB32ED42DF68A] - [11/05/2022 07:02:35] - |A| - [229848] - C:\WINDOWS\system32\dmcmnutils.dll [MD5.D493C06F782C0F5A79A6175EA18A1A4E] - [11/05/2022 07:02:36] - |A| - [681472] - C:\WINDOWS\system32\dmenrollengine.dll [MD5.2E37C0DC6ADE84C28D0CB8F803148B3B] - [11/05/2022 07:02:36] - |A| - [330752] - C:\WINDOWS\system32\dmenterprisediagnostics.dll [MD5.3584E65439C5FFB531B9EF17963B4BF7] - [11/05/2022 07:04:24] - |A| - [1138024] - C:\WINDOWS\system32\DolbyDecMFT.dll [MD5.EDCB7C73EB3BBDB73EEF67CE03A984A6] - [11/05/2022 07:01:44] - |A| - [94208] - C:\WINDOWS\system32\dot3api.dll [MD5.C8D22DCE3A1D5FCDD763DAE98FAD1422] - [11/05/2022 07:01:44] - |A| - [106496] - C:\WINDOWS\system32\dot3msm.dll [MD5.AF66F57D975333E819A8BD166E0F4A75] - [11/05/2022 07:01:44] - |A| - [329728] - C:\WINDOWS\system32\dot3svc.dll [MD5.EBB51D519FE7F15ECE4131247ECEEA8F] - [11/05/2022 07:03:33] - |A| - [11799] - C:\WINDOWS\system32\DrtmAuthTxt.wim [MD5.34C49120BDB824A7D2D8F5325AB16054] - [11/05/2022 07:02:19] - |A| - [3574784] - C:\WINDOWS\system32\dwmcore.dll [MD5.2170EEF3B5995F7453B9CED16D755B50] - [11/05/2022 07:03:37] - |A| - [235008] - C:\WINDOWS\system32\DWWIN.EXE [MD5.25C9CCB89B29D8F3143834D9E6F590D9] - [11/05/2022 07:01:53] - |A| - [3750912] - C:\WINDOWS\system32\EdgeContent.dll [MD5.402DA1C10FA8FCF5309014DEC644D06A] - [11/05/2022 07:03:37] - |A| - [26268672] - C:\WINDOWS\system32\edgehtml.dll [MD5.ED4F1F59BC689374D93B8D8F197E6376] - [11/05/2022 07:02:39] - |A| - [448000] - C:\WINDOWS\system32\edgeIso.dll [MD5.692374D0A81C14736C5EB0CFD22ECD24] - [11/05/2022 07:02:37] - |A| - [86528] - C:\WINDOWS\system32\efslsaext.dll [MD5.BF35DA1CE657355675EAE7086F3ACA22] - [11/05/2022 07:02:36] - |A| - [56320] - C:\WINDOWS\system32\enrollmentapi.dll [MD5.B3B2F7CE4EDDD54BC25CF90022C6120E] - [11/05/2022 07:02:29] - |A| - [496352] - C:\WINDOWS\system32\Faultrep.dll [MD5.0C61FFD432E0AD9380D6CD41081EC0D4] - [11/05/2022 07:01:37] - |A| - [31744] - C:\WINDOWS\system32\FaxPrinterInstaller.dll [MD5.C44E68FACFD8EDF4D294DA90B12390B7] - [11/05/2022 07:02:00] - |A| - [635904] - C:\WINDOWS\system32\FirewallAPI.dll [MD5.56FF0F60DF16C6E27C07E54996069631] - [11/05/2022 07:02:00] - |A| - [215552] - C:\WINDOWS\system32\fwbase.dll [MD5.6C0BA7FDE11E9C5A65B2907911154C6A] - [11/05/2022 07:03:52] - |A| - [58880] - C:\WINDOWS\system32\fwcfg.dll [MD5.D2AF140C43E65BD30FF9AF39370920E4] - [11/05/2022 07:01:59] - |A| - [181248] - C:\WINDOWS\system32\fwmdmcsp.dll [MD5.C2EF69F85959E537786A09A77D41EBD0] - [11/05/2022 07:02:00] - |A| - [312320] - C:\WINDOWS\system32\fwpolicyiomgr.dll [MD5.D5AED490A3A0B133684F207042383E04] - [11/05/2022 07:02:01] - |A| - [506368] - C:\WINDOWS\system32\FWPUCLNT.DLL [MD5.ABA4948C5E8A9DF3F02F282CC9577EF7] - [11/05/2022 07:02:37] - |A| - [101888] - C:\WINDOWS\system32\FwRemoteSvr.dll [MD5.F8FE53E6922961F75CBF003BB70EDEDC] - [11/05/2022 07:05:26] - |A| - [434176] - C:\WINDOWS\system32\FXSCOMPOSE.dll [MD5.72CEA4559F12B26997E0188E8D63CA30] - [11/05/2022 07:05:26] - |A| - [35328] - C:\WINDOWS\system32\FXSCOMPOSERES.dll [MD5.46A77C091D914D7045D8C9B0046AFB2D] - [11/05/2022 07:05:26] - |A| - [248320] - C:\WINDOWS\system32\FXSCOVER.exe [MD5.B3ECCBD0DED56EA7891C68BF058D688B] - [11/05/2022 07:05:26] - |A| - [186368] - C:\WINDOWS\system32\FXSUTILITY.dll [MD5.06BFD2184E6DDA427B8C5DA2A38FCAB0] - [11/05/2022 07:01:51] - |A| - [72032] - C:\WINDOWS\system32\GameInput.dll [MD5.6FBAC88CF94C949841DCFFF4AB3B2AC2] - [11/05/2022 07:02:38] - |A| - [1076928] - C:\WINDOWS\system32\gdi32full.dll [MD5.48136ABACB217C3DBFA2058FF21AE0FA] - [11/05/2022 07:02:38] - |A| - [1709056] - C:\WINDOWS\system32\GdiPlus.dll [MD5.C34D67C0837017E1FD34409F842A19A4] - [11/05/2022 07:02:42] - |A| - [674040] - C:\WINDOWS\system32\GenValObj.exe [MD5.C4035A67682786D7B2BF36E508CA3D05] - [11/05/2022 07:02:39] - |A| - [134776] - C:\WINDOWS\system32\gpapi.dll [MD5.9ECFE5A93EDF579F493A30B0A6BC1EDA] - [11/05/2022 07:02:38] - |A| - [1335808] - C:\WINDOWS\system32\gpsvc.dll [MD5.3F46FB1E0694B1117B0328CEC729BE90] - [11/05/2022 07:02:40] - |A| - [139264] - C:\WINDOWS\system32\hlink.dll [MD5.739C0C10A029A83EC3EDD7B869FD3E9E] - [11/05/2022 07:04:19] - |A| - [18768384] - C:\WINDOWS\system32\HologramWorld.dll [MD5.4663C13263D080E1584D33C9E1C7C42D] - [11/05/2022 07:04:18] - |A| - [848896] - C:\WINDOWS\system32\HolographicExtensions.dll [MD5.543C0A0E017F34428F08100A656F7864] - [11/05/2022 07:04:24] - |A| - [1092096] - C:\WINDOWS\system32\HoloSI.PCShell.dll [MD5.D4F9C3565B227E9CAC235697025C8EB5] - [11/05/2022 07:03:32] - |A| - [1269080] - C:\WINDOWS\system32\hvax64.exe [MD5.3323E2EE464BADFBB914E60264B3AD81] - [11/05/2022 07:03:32] - |A| - [1572192] - C:\WINDOWS\system32\hvix64.exe [MD5.4B7C77C0EECE238DBF3221153780AE26] - [11/05/2022 07:04:21] - |A| - [24272384] - C:\WINDOWS\system32\Hydrogen.dll [MD5.52EF5DDD0019C445708DBD8D99B1C5A3] - [11/05/2022 07:02:00] - |A| - [165728] - C:\WINDOWS\system32\icfupgd.dll [MD5.640ED241173A9F733905E9BB465F0C8F] - [11/05/2022 07:03:43] - |A| - [7703552] - C:\WINDOWS\system32\ieframe.dll [MD5.ADA09BE00DB6C0BD3A67B59A1BD0F2DA] - [11/05/2022 07:03:51] - |A| - [65536] - C:\WINDOWS\system32\iemigplugin.dll [MD5.31425A5CE86E608925C9D3E7631634EA] - [11/05/2022 07:03:37] - |A| - [187392] - C:\WINDOWS\system32\iepeers.dll [MD5.3CD2C4CFDA2DEC2A13F12BFF44444CB2] - [11/05/2022 07:02:39] - |A| - [2813440] - C:\WINDOWS\system32\iertutil.dll [MD5.44FAABBA62574F878F80656415FA2D89] - [11/05/2022 07:03:51] - |A| - [532992] - C:\WINDOWS\system32\IESettingSync.exe [MD5.094F770C484CA1FFDE283A79D8630846] - [11/05/2022 07:02:01] - |A| - [1053696] - C:\WINDOWS\system32\IKEEXT.DLL [MD5.46388D4FD228BB6E575BEE12AC1847A0] - [11/05/2022 07:03:43] - |A| - [237056] - C:\WINDOWS\system32\IndexedDbLegacy.dll [MD5.EBD060E19B498D32C291F4D411AF173D] - [11/05/2022 07:02:42] - |A| - [539648] - C:\WINDOWS\system32\InputSwitch.dll [MD5.2960FCCA618B9C5C7A81B14D820E23FC] - [11/05/2022 07:01:57] - |A| - [2430976] - C:\WINDOWS\system32\InstallService.dll [MD5.A360F1B86D08E949FB142478EFC78D22] - [11/05/2022 07:01:57] - |A| - [231936] - C:\WINDOWS\system32\InstallServiceTasks.dll [MD5.2CD8DD9B82DA2684E41C5786F00040AF] - [11/05/2022 07:02:43] - |A| - [841216] - C:\WINDOWS\system32\iphlpsvc.dll [MD5.4372FC65DAF6A5912DBA10118A20A386] - [11/05/2022 07:02:37] - |A| - [463360] - C:\WINDOWS\system32\IPSECSVC.DLL [MD5.52486757E349B02F7CBC41C724C6C48B] - [11/05/2022 07:01:56] - |A| - [2250240] - C:\WINDOWS\system32\ISM.dll [MD5.68FC68923652FF9763AC2782B46A806B] - [11/05/2022 07:01:36] - |A| - [27136] - C:\WINDOWS\system32\kdcpw.dll [MD5.0AAB8CB957E967F33EB48668CF35EF60] - [11/05/2022 07:02:29] - |A| - [125776] - C:\WINDOWS\system32\kdnet.dll [MD5.C7989B08BB6AF8E7C578E18CFB440DAE] - [11/05/2022 07:01:59] - |A| - [199952] - C:\WINDOWS\system32\KerbClientShared.dll [MD5.C0DD44AED37CA409514B171915D55F8C] - [11/05/2022 07:01:59] - |A| - [1101824] - C:\WINDOWS\system32\kerberos.dll [MD5.2D9B4805352252E611807B4024FAF113] - [11/05/2022 07:01:48] - |A| - [766040] - C:\WINDOWS\system32\kernel32.dll [MD5.B3E936B8670B1A432BAF3795DE8E57C3] - [11/05/2022 07:02:33] - |A| - [2946624] - C:\WINDOWS\system32\KernelBase.dll [MD5.92A772ED7910DF7FC55D812C6A258A1E] - [11/05/2022 07:01:45] - |A| - [203264] - C:\WINDOWS\system32\L2SecHC.dll [MD5.ECD12741B596B934B45F356EDEBB64A9] - [11/05/2022 07:01:47] - |A| - [45056] - C:\WINDOWS\system32\LaunchWinApp.exe [MD5.350D5655C53BD9B3A162C2901AD60099] - [11/05/2022 07:01:37] - |A| - [1272832] - C:\WINDOWS\system32\localspl.dll [MD5.E08A3AB10DA38D581D4F00417E030880] - [11/05/2022 07:02:25] - |A| - [271648] - C:\WINDOWS\system32\logoncli.dll [MD5.944E917E8750777FF5AD3643E930B519] - [11/05/2022 07:02:27] - |A| - [1657344] - C:\WINDOWS\system32\lsasrv.dll [MD5.7838EC7AB9439ECBE3A0941C9C1AB45A] - [11/05/2022 07:01:46] - |A| - [847360] - C:\WINDOWS\system32\lsm.dll [MD5.ABB08AC43BA19E09C2AD7B69AB890E2A] - [11/05/2022 07:01:56] - |A| - [2632704] - C:\WINDOWS\system32\MapGeocoder.dll [MD5.04D6EAAC5313CE0DD60239FA1400EAA3] - [11/05/2022 07:02:37] - |A| - [2142208] - C:\WINDOWS\system32\MdmDiagnostics.dll [MD5.859678FFC47DC635220776018CED9329] - [11/05/2022 07:02:02] - |A| - [52736] - C:\WINDOWS\system32\MdmDiagnosticsTool.exe [MD5.DC62AAF81450DFE7AFA27FCD0AEDA40F] - [11/05/2022 07:02:36] - |A| - [169984] - C:\WINDOWS\system32\mdmmigrator.dll [MD5.642441E1763FF5BD4F134AAACEA0226A] - [11/05/2022 07:02:02] - |A| - [330752] - C:\WINDOWS\system32\mdmregistration.dll [MD5.13D25281543592793D6915513DF471B7] - [11/05/2022 07:04:14] - |A| - [532032] - C:\WINDOWS\system32\mf.dll [MD5.134C466CB6E624F947D2C080BECFDBE5] - [11/05/2022 07:04:14] - |A| - [1957576] - C:\WINDOWS\system32\mfasfsrcsnk.dll [MD5.FC628C73CBB35C4BF02852FE9663B241] - [11/05/2022 07:04:14] - |A| - [4801952] - C:\WINDOWS\system32\mfcore.dll [MD5.BB793FF02736E53E4571A6F01BF57646] - [11/05/2022 07:04:16] - |A| - [4305920] - C:\WINDOWS\system32\MFMediaEngine.dll [MD5.21A26D7FBEE96201F775B586E69AA162] - [11/05/2022 07:04:17] - |A| - [1353312] - C:\WINDOWS\system32\mfmpeg2srcsnk.dll [MD5.43151C43381D378AA982D2EAACD2D8B6] - [11/05/2022 07:04:15] - |A| - [268056] - C:\WINDOWS\system32\mfps.dll [MD5.77808A7B2EE336B939677CDEC4A6C0BD] - [11/05/2022 07:02:03] - |A| - [1677312] - C:\WINDOWS\system32\MoUsoCoreWorker.exe [MD5.2A5C4BCF87470A0CF8C8D4E49EFFE05F] - [11/05/2022 07:04:17] - |A| - [363128] - C:\WINDOWS\system32\MP4SDECD.DLL [MD5.3B1BEE8A81742F2512BFCB23294FCDB9] - [11/05/2022 07:02:00] - |A| - [1173504] - C:\WINDOWS\system32\MPSSVC.dll [MD5.C6DF7DE35C3056B902BCC86EF627CEEF] - [11/05/2022 07:04:18] - |A| - [424272] - C:\WINDOWS\system32\MSAudDecMFT.dll [MD5.D3362077A544BF97FF51E98F3A20EC4B] - [11/05/2022 07:03:40] - |A| - [23447040] - C:\WINDOWS\system32\mshtml.dll [MD5.45BF9EAC23D5271F66B0257D64877628] - [11/05/2022 07:03:51] - |A| - [3336192] - C:\WINDOWS\system32\msi.dll [MD5.A188412A512DFD3D7A2BF369373BFE77] - [11/05/2022 07:03:52] - |A| - [26112] - C:\WINDOWS\system32\msimsg.dll [MD5.400759B9CB36D969BF77FA2AC7B49E24] - [11/05/2022 07:02:39] - |A| - [339456] - C:\WINDOWS\system32\msIso.dll [MD5.407DE25CF17A7ADD20B344591FA0B064] - [11/05/2022 07:04:17] - |A| - [2520056] - C:\WINDOWS\system32\msmpeg2vdec.dll [MD5.A8FBE01498AD1323CE0D859BCD3ED35E] - [11/05/2022 07:01:54] - |A| - [2977792] - C:\WINDOWS\system32\mssrch.dll [MD5.4988A6CC3CAB9C16C0ADE8003208F4F8] - [11/05/2022 07:03:56] - |A| - [1543680] - C:\WINDOWS\system32\mstsc.exe [MD5.EBF92923D836FCD92F79FD9AE380C0F7] - [11/05/2022 07:03:55] - |A| - [8249344] - C:\WINDOWS\system32\mstscax.dll [MD5.04646934ECBD50D88F87909C7DFAFDB0] - [11/05/2022 07:04:16] - |A| - [1440504] - C:\WINDOWS\system32\msvproc.dll [MD5.EA99DD3365754F6BADDC06C53435DD6A] - [11/05/2022 07:02:02] - |A| - [94072] - C:\WINDOWS\system32\netapi32.dll [MD5.927F12CB72E06287033A586B7485A310] - [11/05/2022 07:02:33] - |A| - [875520] - C:\WINDOWS\system32\netlogon.dll [MD5.13F8A7259021EB5486C24AD68CF46FD6] - [11/05/2022 07:03:54] - |A| - [544768] - C:\WINDOWS\system32\nltest.exe [MD5.14A14ADC5ED2972A5132FC19D2C21F91] - [11/05/2022 07:03:52] - |A| - [793088] - C:\WINDOWS\system32\nshwfp.dll [MD5.31BBD1FB0C8A92CE65DDDB9BE4C1A1C7] - [11/05/2022 07:02:30] - |A| - [2026296] - C:\WINDOWS\system32\ntdll.dll [MD5.FD73495B3D550FF5CE5CD5B92C30A961] - [11/05/2022 07:02:30] - |A| - [10848616] - C:\WINDOWS\system32\ntoskrnl.exe [MD5.A1DB3F03C2250F1A5A27FA4E25E49E1A] - [11/05/2022 07:02:28] - |A| - [136016] - C:\WINDOWS\system32\offlinelsa.dll [MD5.488F7B496DFDDB160020369CC7F9F9BC] - [11/05/2022 07:02:25] - |A| - [272744] - C:\WINDOWS\system32\offlinesam.dll [MD5.8489EBBF7875B52F6500EBC696E5F24F] - [11/05/2022 07:02:36] - |A| - [431616] - C:\WINDOWS\system32\omadmclient.exe [MD5.B6B462C589F62F9D3C457922BF29D568] - [11/05/2022 07:01:52] - |A| - [8022840] - C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll [MD5.1B6136D8977EDC037610FFF204AB65C6] - [11/05/2022 07:02:27] - |A| - [12288] - C:\WINDOWS\system32\pacjsworker.exe [MD5.A6EC3B977A8F521BDA43AD47B6ADB028] - [11/05/2022 07:02:05] - |A| - [226304] - C:\WINDOWS\system32\PeopleBand.dll [MD5.B7329E4A5F0FF0F9E660B36446A35983] - [11/05/2022 07:01:57] - |A| - [465920] - C:\WINDOWS\system32\PhoneOm.dll [MD5.FC155539F44D2173B033C8E8312F0BDD] - [11/05/2022 07:01:35] - |A| - [964096] - C:\WINDOWS\system32\PhoneService.dll [MD5.D25EB51DF0B5EF05AA5E00C324B6BB27] - [11/05/2022 07:01:35] - |A| - [2560] - C:\WINDOWS\system32\PhoneServiceRes.dll [MD5.90ABFB306F5371784BD3586F481DDCB1] - [11/05/2022 07:02:41] - |A| - [1088864] - C:\WINDOWS\system32\pidgenx.dll [MD5.C2AF5D349BAC0776BF279FE96E53B210] - [11/05/2022 07:03:36] - |A| - [614400] - C:\WINDOWS\system32\PlayToManager.dll [MD5.3389EDFA73927124F33630226E0A434D] - [11/05/2022 07:02:36] - |A| - [646688] - C:\WINDOWS\system32\policymanager.dll [MD5.95453885DE649714730982851C9A1A5A] - [11/05/2022 07:02:37] - |A| - [354304] - C:\WINDOWS\system32\polstore.dll [MD5.46411482AC02B4B7E477A91D3AA53C7C] - [11/05/2022 06:03:53] - |A| - [495616] - C:\WINDOWS\system32\poqexec.exe [MD5.F09493FEEC61F854C913C47C70AA0CE9] - [11/05/2022 07:02:45] - |A| - [505856] - C:\WINDOWS\system32\rascustom.dll [MD5.FBBC12575848CEC6333B7325BB2BE7BC] - [11/05/2022 07:02:45] - |A| - [188928] - C:\WINDOWS\system32\rasman.dll [MD5.897F56AA759E70D9D3C51A7186CA8937] - [11/05/2022 07:02:45] - |A| - [1026560] - C:\WINDOWS\system32\rasmans.dll [MD5.45400A532078D8ED0B7F3F61CAFA7854] - [11/05/2022 07:03:54] - |A| - [1635840] - C:\WINDOWS\system32\rdpcorets.dll [MD5.58A765717D8CB4867DBEE9CCDCAD8377] - [11/05/2022 07:03:54] - |A| - [98128] - C:\WINDOWS\system32\rdpudd.dll [MD5.145AE14F6FF2B043D7F8B2B59A92021F] - [11/05/2022 07:03:57] - |A| - [228864] - C:\WINDOWS\system32\rdsdwmdr.dll [MD5.051852A4C8774376BDA31FD42889B2E3] - [11/05/2022 07:02:09] - |A| - [1026560] - C:\WINDOWS\system32\refsutil.exe [MD5.D127DA4689927D8F7934B0F9CBF8EE66] - [11/05/2022 07:01:42] - |A| - [579584] - C:\WINDOWS\system32\RMActivate.exe [MD5.07107862093B0FD41C79AB23F7FCC44F] - [11/05/2022 07:01:43] - |A| - [607744] - C:\WINDOWS\system32\RMActivate_isv.exe [MD5.BD0286D43F3BBE29B80A69383AE998CF] - [11/05/2022 07:01:42] - |A| - [501760] - C:\WINDOWS\system32\RMActivate_ssp.exe [MD5.6AA2E5AFAA04E3AB3FE0D188D1F84B94] - [11/05/2022 07:03:36] - |A| - [178688] - C:\WINDOWS\system32\Robocopy.exe [MD5.B8644BB698118E4F811F0DC9A89375FF] - [11/05/2022 07:02:32] - |A| - [1196272] - C:\WINDOWS\system32\rpcrt4.dll [MD5.552C06C94F4996C04B004D5B6481E543] - [11/05/2022 07:02:24] - |A| - [1328128] - C:\WINDOWS\system32\rpcss.dll [MD5.4116EF84CA77AD9DAA6C7012657194B6] - [11/05/2022 07:02:25] - |A| - [137728] - C:\WINDOWS\system32\samlib.dll [MD5.E0846A23ED896B9A59B502B21ECB62BE] - [11/05/2022 07:02:24] - |A| - [897024] - C:\WINDOWS\system32\samsrv.dll [MD5.CA167C5FE4B319ADD7E4A8C75F5B477F] - [11/05/2022 07:02:46] - |A| - [345600] - C:\WINDOWS\system32\scecli.dll [MD5.505BEB5C28AC9E06B3CEE936137DE674] - [11/05/2022 07:02:25] - |A| - [566784] - C:\WINDOWS\system32\schannel.dll [MD5.C9283BB60369FC51FD0C2426C5D46558] - [11/05/2022 07:03:33] - |A| - [1316704] - C:\WINDOWS\system32\SecConfig.efi [MD5.DE1E733158DD8F78654DCE2CDA2180B9] - [11/05/2022 07:01:42] - |A| - [402432] - C:\WINDOWS\system32\secproc.dll [MD5.38A6CC58C08C0FC34277874F3D983151] - [11/05/2022 07:01:43] - |A| - [399872] - C:\WINDOWS\system32\secproc_isv.dll [MD5.333C0531F016468DEBB59AC1D3B34DF1] - [11/05/2022 07:01:37] - |A| - [112128] - C:\WINDOWS\system32\secproc_ssp.dll [MD5.B8EB09F7B3ED7C73D23538FC862014AB] - [11/05/2022 07:02:04] - |A| - [548352] - C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll [MD5.99A69C7ED32960E49F858F808FDB85E4] - [11/05/2022 07:04:24] - |A| - [240128] - C:\WINDOWS\system32\SettingsHandlers_AnalogShell.dll [MD5.26E9FC508B80F44862B13F44F1DDCBC1] - [11/05/2022 07:02:43] - |A| - [3945472] - C:\WINDOWS\system32\SettingsHandlers_nt.dll [MD5.EB8D5569A039907D6A262C8ECB2F012A] - [11/05/2022 07:02:44] - |A| - [4684160] - C:\WINDOWS\system32\setupapi.dll [MD5.C63B36D418804BA40E4972481C5AAC51] - [11/05/2022 07:03:32] - |A| - [419440] - C:\WINDOWS\system32\SgrmEnclave.dll [MD5.28C386D5D679573F0D96B49D8C10791A] - [11/05/2022 07:03:32] - |A| - [415344] - C:\WINDOWS\system32\SgrmEnclave_secure.dll [MD5.E4E24CBD61C5D92609E3F68553AFA8DA] - [11/05/2022 07:02:46] - |A| - [7650392] - C:\WINDOWS\system32\shell32.dll [MD5.13EF6F7E64605548F3E832697423AFD6] - [11/05/2022 07:02:46] - |A| - [343488] - C:\WINDOWS\system32\shlwapi.dll [MD5.48ECF883719184E90CD348BE6AD4A547] - [11/05/2022 07:03:57] - |A| - [387464] - C:\WINDOWS\system32\SIHClient.exe [MD5.DD96756C60529168672B224511738F5B] - [11/05/2022 07:03:33] - |A| - [307984] - C:\WINDOWS\system32\skci.dll [MD5.B3549BFD5E300EFE8C67EAB647901B8D] - [11/05/2022 07:02:42] - |A| - [146944] - C:\WINDOWS\system32\slc.dll [MD5.85F49514237A1E8D874C678099138B71] - [11/05/2022 07:02:41] - |A| - [22528] - C:\WINDOWS\system32\slcext.dll [MD5.02FB7069B8D8426DC72C9D8A495AF55A] - [11/05/2022 07:01:52] - |A| - [2378752] - C:\WINDOWS\system32\smartscreen.exe [MD5.65D50425AADE95774AF4BDFC5142A3AA] - [11/05/2022 07:02:40] - |A| - [74432] - C:\WINDOWS\system32\SortWindows62.dll [MD5.893BAEEC697929FDC07FAAB64F9F5FCF] - [11/05/2022 07:01:34] - |A| - [1580544] - C:\WINDOWS\system32\SpeechPal.dll [MD5.47C1DDD85FCBC468391E089C6DE487C3] - [11/05/2022 07:02:42] - |A| - [130048] - C:\WINDOWS\system32\sppc.dll [MD5.198B3F9E9F3BCA0EA12DE8592A9509FE] - [11/05/2022 07:02:41] - |A| - [608768] - C:\WINDOWS\system32\sppcext.dll [MD5.F846AB9A62DD6DA0B08AE71261A129E0] - [11/05/2022 07:02:41] - |A| - [572928] - C:\WINDOWS\system32\SppExtComObj.Exe [MD5.81BF662C207FAA2CB12A451B1BA4414C] - [11/05/2022 07:02:41] - |A| - [1752472] - C:\WINDOWS\system32\sppobjs.dll [MD5.D3D3FD1F9B444E5FBEB0C66843E0A730] - [11/05/2022 07:02:40] - |A| - [4630368] - C:\WINDOWS\system32\sppsvc.exe [MD5.8213C5AEEEF8C229F7C606A5477C712B] - [11/05/2022 07:02:42] - |A| - [363064] - C:\WINDOWS\system32\sppwinob.dll [MD5.92789142901A3EC4EC617E8BC7FCA07A] - [11/05/2022 07:02:34] - |A| - [302080] - C:\WINDOWS\system32\srvsvc.dll [MD5.C90FD152958D90C1E46BA6088CE09B41] - [11/05/2022 07:02:34] - |A| - [48128] - C:\WINDOWS\system32\sscore.dll [MD5.94D9BF2C59C0361EA39A5A70348F4E54] - [11/05/2022 07:01:57] - |A| - [296960] - C:\WINDOWS\system32\storewuauth.dll [MD5.293902F91BF623A789A60CA03E5A81B8] - [11/05/2022 07:02:43] - |A| - [1434112] - C:\WINDOWS\system32\SystemSettings.Handlers.dll [MD5.E2BC3684A8E61F54FB9F08947A77342E] - [11/05/2022 07:03:32] - |A| - [809344] - C:\WINDOWS\system32\tcblaunch.exe [MD5.6533BA8D4419010009C4C1E744A2132F] - [11/05/2022 07:03:32] - |A| - [223592] - C:\WINDOWS\system32\tcbloader.dll [MD5.3D100D617E5C6CB52800C06B19FACBA7] - [11/05/2022 07:02:37] - |A| - [1126912] - C:\WINDOWS\system32\tdh.dll [MD5.70172E2FA9D349474D22C0AF919F6716] - [11/05/2022 07:03:56] - |A| - [1134080] - C:\WINDOWS\system32\termsrv.dll [MD5.E6CE109406C0D707F659C71BA07F17CF] - [11/05/2022 07:01:43] - |A| - [3584] - C:\WINDOWS\system32\TpmCertResources.dll [MD5.88D89B0E7EAED66B8EAE2295ABA649C1] - [11/05/2022 07:01:43] - |A| - [1171456] - C:\WINDOWS\system32\TpmCoreProvisioning.dll [MD5.43B4FAE344B4201F535376E63849F784] - [11/05/2022 07:01:43] - |A| - [295424] - C:\WINDOWS\system32\TpmTasks.dll [MD5.FDA00AA32A3C58887B7C9EBA503FBDB1] - [11/05/2022 07:03:56] - |A| - [71168] - C:\WINDOWS\system32\tsgqec.dll [MD5.08022D885383F7D98D90EFB6F9AF0B35] - [11/05/2022 07:01:46] - |A| - [6190080] - C:\WINDOWS\system32\twinui.dll [MD5.A789C964F8A8EA001C6B3D8A8A0FF3C9] - [11/05/2022 07:02:05] - |A| - [6417920] - C:\WINDOWS\system32\twinui.pcshell.dll [MD5.972E0A85FAECC64643B4555869AE51EE] - [11/05/2022 07:01:52] - |A| - [3063296] - C:\WINDOWS\system32\UIAutomationCore.dll [MD5.60172AC1CDFEFB6CB5ABD1C9B01D8E9F] - [11/05/2022 07:02:09] - |A| - [806400] - C:\WINDOWS\system32\uReFS.dll [MD5.115053F0ABCF7AE2BDD23F94DBDF8D58] - [11/05/2022 07:02:39] - |A| - [1949184] - C:\WINDOWS\system32\urlmon.dll [MD5.866C6F3056A3ECE59BEB5FF93D1A636B] - [11/05/2022 07:02:03] - |A| - [1413120] - C:\WINDOWS\system32\usocoreworker.exe [MD5.F81E1AB10FAC8548DE233A9171965C01] - [11/05/2022 07:02:03] - |A| - [569856] - C:\WINDOWS\system32\usosvc.dll [MD5.0781CE7ECCD9F6318BA72CD96B5B8992] - [11/05/2022 07:01:47] - |A| - [723968] - C:\WINDOWS\system32\vds.exe [MD5.472A05A6ADC167E9E5D2328AD98E3067] - [11/05/2022 07:01:47] - |A| - [27136] - C:\WINDOWS\system32\vdsldr.exe [MD5.15CBE461375505D8EF85A160A9B10817] - [11/05/2022 07:01:47] - |A| - [135168] - C:\WINDOWS\system32\vdsutil.dll [MD5.543DCE5EEDAAA113B7B2AFD160EA7CAB] - [11/05/2022 07:01:47] - |A| - [109056] - C:\WINDOWS\system32\vds_ps.dll [MD5.C9BFD88E466A0FD6AC6ACA99B6B1CA9D] - [11/05/2022 07:03:32] - |A| - [173144] - C:\WINDOWS\system32\vertdll.dll [MD5.CAF76A2FF20280FB06DCCAF04C49128C] - [11/05/2022 07:02:45] - |A| - [737792] - C:\WINDOWS\system32\vpnike.dll [MD5.F5C5BFD7174D97254536C8DF73D82797] - [11/05/2022 07:01:57] - |A| - [112128] - C:\WINDOWS\system32\WaaSMedicAgent.exe [MD5.02ACB753C3AAA8106AA5C9BCC2EECCF8] - [11/05/2022 07:01:57] - |A| - [358912] - C:\WINDOWS\system32\WaaSMedicCapsule.dll [MD5.FEAA74B4ADD252A06E133465F3CCF884] - [11/05/2022 07:01:57] - |A| - [29184] - C:\WINDOWS\system32\WaaSMedicPS.dll [MD5.59185BDAC90502E8C5CF69AA8D53D502] - [11/05/2022 07:01:57] - |A| - [433152] - C:\WINDOWS\system32\WaaSMedicSvc.dll [MD5.C315D40174B3966ECE568344FDE42319] - [11/05/2022 07:02:28] - |A| - [889424] - C:\WINDOWS\system32\wer.dll [MD5.63C980C461E4AE90A17CAB8653D0F962] - [11/05/2022 07:03:37] - |A| - [892928] - C:\WINDOWS\system32\werconcpl.dll [MD5.709E33220A2BA7CCD36993B7CEE6D1AA] - [11/05/2022 07:03:37] - |A| - [128000] - C:\WINDOWS\system32\wercplsupport.dll [MD5.06CBCFFF8ED0BD55BE1030AFE601701C] - [11/05/2022 07:02:29] - |A| - [47104] - C:\WINDOWS\system32\werdiagcontroller.dll [MD5.D1A69EE635017C07C5FCFC020DD0E1D5] - [11/05/2022 07:02:28] - |A| - [254056] - C:\WINDOWS\system32\weretw.dll [MD5.CC43D35144E0095491FCCA175C7C70F0] - [11/05/2022 07:02:29] - |A| - [576336] - C:\WINDOWS\system32\WerFault.exe [MD5.C86F71DAFB6589DC711DD2BC27373F5A] - [11/05/2022 07:02:29] - |A| - [172072] - C:\WINDOWS\system32\WerFaultSecure.exe [MD5.9EFBC658DD79307924C8BF534CC6275B] - [11/05/2022 07:02:29] - |A| - [229712] - C:\WINDOWS\system32\wermgr.exe [MD5.E241D0B289AB8CFAD7A6E10BA07B8642] - [11/05/2022 07:02:29] - |A| - [246272] - C:\WINDOWS\system32\wersvc.dll [MD5.44B5DF07896E7D2272E092ABA2F4902D] - [11/05/2022 07:03:37] - |A| - [249344] - C:\WINDOWS\system32\werui.dll [MD5.648486085C1FCA20FDC514E5F781E652] - [11/05/2022 07:02:03] - |A| - [403936] - C:\WINDOWS\system32\wevtapi.dll [MD5.E44635D92C93E360303DEDD4AFC928B5] - [11/05/2022 07:02:02] - |A| - [1880576] - C:\WINDOWS\system32\wevtsvc.dll [MD5.1AAE26BD68B911D0420626A27070EB8D] - [11/05/2022 07:02:03] - |A| - [278016] - C:\WINDOWS\system32\wevtutil.exe [MD5.D77EE9BABD9015F7D099231632B6D56C] - [11/05/2022 07:02:00] - |A| - [25088] - C:\WINDOWS\system32\wfapigp.dll [MD5.9DEEF2131AAC49D59B0D4AAA7F17B160] - [11/05/2022 07:01:45] - |A| - [41472] - C:\WINDOWS\system32\wfdprov.dll [MD5.A9B59187326E5856C9622BC699A27E83] - [11/05/2022 07:05:26] - |A| - [966656] - C:\WINDOWS\system32\WFS.exe [MD5.079F44285E5B87D5D6F08D2304C00B05] - [11/05/2022 07:05:26] - |A| - [669696] - C:\WINDOWS\system32\WFSR.dll [MD5.A1647C2E55EA7AEDAD7F68F84BDD3C69] - [11/05/2022 07:01:45] - |A| - [41984] - C:\WINDOWS\system32\WiFiConfigSP.dll [MD5.2D34283FA7D3FD80EE6BC9D5D9B01A23] - [11/05/2022 07:02:01] - |A| - [596992] - C:\WINDOWS\system32\win32k.sys [MD5.F223D3A79705799ADFF4B4B8435EF081] - [11/05/2022 07:02:01] - |A| - [3814400] - C:\WINDOWS\system32\win32kfull.sys [MD5.F9298ADEA1EA4F8EAD018DE6E2DACF01] - [11/05/2022 07:02:01] - |A| - [133800] - C:\WINDOWS\system32\win32u.dll [MD5.2D95CF99AB0DE2B1210F54610332CC5F] - [11/05/2022 07:02:23] - |A| - [437248] - C:\WINDOWS\system32\wincorlib.dll [MD5.B82B1C7252F64A52C2AEBAAF3593D9D8] - [11/05/2022 07:02:46] - |A| - [592896] - C:\WINDOWS\system32\Windows.Cortana.Desktop.dll [MD5.4DD182C99516BEDAEAFBC19B1F2D3287] - [11/05/2022 07:01:51] - |A| - [2308096] - C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll [MD5.830A4098F006E5D9E0C250AFD9A9A9AE] - [11/05/2022 07:02:36] - |A| - [1015808] - C:\WINDOWS\system32\Windows.Internal.Management.dll [MD5.7022A9DC0F851F03484C1B3A6475A50D] - [11/05/2022 07:01:34] - |A| - [71168] - C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll [MD5.78405877A217E259511BF63E97BBC75D] - [11/05/2022 07:01:34] - |A| - [288768] - C:\WINDOWS\system32\Windows.Management.InprocObjects.dll [MD5.C63B3526A9F53869F7826327C77E7E3B] - [11/05/2022 07:01:34] - |A| - [811520] - C:\WINDOWS\system32\Windows.Management.Service.dll [MD5.8535BE287E2A3C838E22252B98AAE845] - [11/05/2022 07:04:15] - |A| - [7548648] - C:\WINDOWS\system32\Windows.Media.dll [MD5.98C12EBE67F28C5AFEEB14254933D973] - [11/05/2022 07:02:20] - |A| - [10345720] - C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll [MD5.A0C61DE6A6FF3829D8BFB66AAA2F3FE1] - [11/05/2022 07:01:58] - |A| - [7984592] - C:\WINDOWS\system32\windows.storage.dll [MD5.2E95A4F26C2689796A085E99364DB6DC] - [11/05/2022 07:03:54] - |A| - [150856] - C:\WINDOWS\system32\Windows.System.Profile.HardwareId.dll [MD5.52C8E45C3046533BEA63457F967837A2] - [11/05/2022 07:01:46] - |A| - [285184] - C:\WINDOWS\system32\Windows.UI.AppDefaults.dll [MD5.011CF522F501E647EBC86ACD846B78E4] - [11/05/2022 07:01:48] - |A| - [17543168] - C:\WINDOWS\system32\Windows.UI.Xaml.dll [MD5.FB3BEC15F9E06F55BEBB112FF9D5BAFF] - [11/05/2022 07:01:51] - |A| - [44032] - C:\WINDOWS\system32\Windows.UI.Xaml.Resources.Common.dll [MD5.5B7AE2640B9318E1CE39EF4125E379F3] - [11/05/2022 07:01:54] - |A| - [1785544] - C:\WINDOWS\system32\WindowsCodecs.dll [MD5.88E591FA5B582E6B7D11BDDBC01465B4] - [11/05/2022 07:01:34] - |A| - [82136] - C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll [MD5.9CB035E4505B5B69EF0D91F8F8F9773C] - [11/05/2022 07:02:26] - |A| - [1087736] - C:\WINDOWS\system32\winhttp.dll [MD5.8ECA001F717FA962A61E1E1F34CB4B99] - [11/05/2022 07:02:38] - |A| - [101888] - C:\WINDOWS\system32\winipsec.dll [MD5.6A1CC4082274B5AD5F056BDA2C198D48] - [11/05/2022 07:02:10] - |A| - [1828984] - C:\WINDOWS\system32\winload.efi [MD5.C0844BB52F234193220F6CF7074F5D15] - [11/05/2022 07:02:10] - |A| - [1561872] - C:\WINDOWS\system32\winload.exe [MD5.4D4EBDFD4BD6456087D2BCBC21D44A8C] - [11/05/2022 07:02:18] - |A| - [1396624] - C:\WINDOWS\system32\winresume.efi [MD5.7048B4BC09862D41555EC7E1B27F64A8] - [11/05/2022 07:02:10] - |A| - [1200888] - C:\WINDOWS\system32\winresume.exe [MD5.544FFA1D0F7DF920797C34EE3132EDE9] - [11/05/2022 07:01:37] - |A| - [590848] - C:\WINDOWS\system32\winspool.drv [MD5.2302CACA92E2EFF9C85034EB9275AA66] - [11/05/2022 07:01:59] - |A| - [418888] - C:\WINDOWS\system32\wintrust.dll [MD5.4C8650D543C823C12DB9D22F92AC52EF] - [11/05/2022 07:02:23] - |A| - [1395040] - C:\WINDOWS\system32\WinTypes.dll [MD5.C61139B3B1E4C7D9F9D9D0D005C91057] - [11/05/2022 07:01:44] - |A| - [45568] - C:\WINDOWS\system32\WiredNetworkCSP.dll [MD5.C0F1027737E80A65D47E019BA18DF2C7] - [11/05/2022 07:01:45] - |A| - [470536] - C:\WINDOWS\system32\wlanapi.dll [MD5.6BEB53011EABB853BA772DC2943878B2] - [11/05/2022 07:01:45] - |A| - [16896] - C:\WINDOWS\system32\wlanhlp.dll [MD5.D312C62E0316D50A0EF81359019EDD24] - [11/05/2022 07:01:45] - |A| - [435712] - C:\WINDOWS\system32\wlanmsm.dll [MD5.B2773B4CD94227E38639FD9EB4A123DC] - [11/05/2022 07:01:45] - |A| - [480768] - C:\WINDOWS\system32\wlansec.dll [MD5.D5FABB94A02EC3263653E0DD90F58840] - [11/05/2022 07:01:44] - |A| - [2652672] - C:\WINDOWS\system32\wlansvc.dll [MD5.3FC63120C18005C24D685262059C6976] - [11/05/2022 07:01:45] - |A| - [36352] - C:\WINDOWS\system32\wlansvcpal.dll [MD5.DA77D773BD9ECEE8C3C4CA22CCE00FCB] - [11/05/2022 07:02:25] - |A| - [327168] - C:\WINDOWS\system32\Wldap32.dll [MD5.EAAAD2EC99B15D0DCF0E29C7083E0A8C] - [11/05/2022 07:02:20] - |A| - [174048] - C:\WINDOWS\system32\wldp.dll [MD5.8897E679CEF7422BF185A9AFEBB3DF5D] - [11/05/2022 07:01:51] - |A| - [2244096] - C:\WINDOWS\system32\wlidsvc.dll [MD5.2D6E096E8DF88C8309559F503000B0A3] - [11/05/2022 07:04:18] - |A| - [2454424] - C:\WINDOWS\system32\WMVCORE.DLL [MD5.18D607A0D31C459E34488ED99AD10A18] - [11/05/2022 07:01:37] - |A| - [1870848] - C:\WINDOWS\system32\WpcDesktopMonSvc.dll [MD5.46667D957727B463DD977302743A9B15] - [11/05/2022 07:02:01] - |A| - [1334784] - C:\WINDOWS\system32\wpnapps.dll [MD5.59426F44F4A755DFE5E2D69EAB17688A] - [11/05/2022 07:02:01] - |A| - [1506816] - C:\WINDOWS\system32\wpncore.dll [MD5.DB1D9E44A280FBA1F79047F53425325A] - [11/05/2022 07:03:54] - |A| - [1983328] - C:\WINDOWS\system32\wsp_fs.dll [MD5.0B73B7FD0DF24D2CC8DF39550DD771D6] - [11/05/2022 07:03:55] - |A| - [1722200] - C:\WINDOWS\system32\wsp_health.dll [MD5.E4D551673C774949E1AD760EF7BC1A9A] - [11/05/2022 07:02:42] - |A| - [112640] - C:\WINDOWS\system32\wsqmcons.exe [MD5.5132B0FA7304F136CF47376CC25B38D2] - [11/05/2022 07:02:04] - |A| - [65048] - C:\WINDOWS\system32\wuauclt.exe [MD5.561B3A58A74ED878AFF41A294E443C8E] - [11/05/2022 07:02:04] - |A| - [3406336] - C:\WINDOWS\system32\wuaueng.dll [MD5.101D17712B218BD9196F481857AFDAC1] - [11/05/2022 07:02:04] - |A| - [64000] - C:\WINDOWS\system32\wups2.dll [MD5.AC03C11A1F97058D78EABD601E019696] - [11/05/2022 07:02:35] - |A| - [529920] - C:\WINDOWS\system32\wuuhext.dll [MD5.5A4F85AF6F71909C74D43AE44C88977B] - [11/05/2022 07:02:04] - |A| - [273920] - C:\WINDOWS\system32\wuuhosdeployment.dll [MD5.C711E01C6FBA3A247FEE832763410EA2] - [11/05/2022 07:02:44] - |A| - [2844672] - C:\WINDOWS\system32\xpsservices.dll [MD5.58943500415F471DF6C2AD41E8A04C5B] - [11/05/2022 07:02:45] - |A| - [114176] - C:\WINDOWS\system32\Drivers\agilevpn.sys [MD5.B70AED04728350E0C9843D99DF9E9D3D] - [11/05/2022 07:02:02] - |A| - [145760] - C:\WINDOWS\system32\Drivers\bindflt.sys [MD5.B3AFD99A9BF8341D4A12C2ACABEA2BFA] - [11/05/2022 07:01:30] - |A| - [113664] - C:\WINDOWS\system32\Drivers\bthenum.sys [MD5.E02208DF3A6159033A9759190FCF5131] - [11/05/2022 07:01:30] - |A| - [45568] - C:\WINDOWS\system32\Drivers\BthMini.SYS [MD5.9366740FAD8339878E61D5ACC86EF256] - [11/05/2022 07:01:30] - |A| - [1555968] - C:\WINDOWS\system32\Drivers\bthport.sys [MD5.B39EFF5E5EC5F67137D909D221C8D3FD] - [11/05/2022 07:01:30] - |A| - [110592] - C:\WINDOWS\system32\Drivers\BTHUSB.SYS [MD5.78FDC6DA54888C279262BE8C80977577] - [11/05/2022 07:02:02] - |A| - [93696] - C:\WINDOWS\system32\Drivers\cimfs.sys [MD5.7A3F9DCA9880E6BC9C9B9847DBBCB75E] - [11/05/2022 07:02:19] - |A| - [495616] - C:\WINDOWS\system32\Drivers\cldflt.sys [MD5.C2CD2E320BEA17B20791308621B38278] - [11/05/2022 07:02:34] - |A| - [105320] - C:\WINDOWS\system32\Drivers\crashdmp.sys [MD5.015CAEEC9148194054B5B1DE64762A43] - [11/05/2022 07:02:35] - |A| - [41296] - C:\WINDOWS\system32\Drivers\Diskdump.sys [MD5.74D351531733C76E4BF267E0830C80EF] - [11/05/2022 07:02:35] - |A| - [20480] - C:\WINDOWS\system32\Drivers\Dmpusbstor.sys [MD5.AD54415AC462E84982A6200BC36E7260] - [03/05/2022 11:27:53] - |A| - [77216] - C:\WINDOWS\system32\Drivers\dokan.sys [MD5.103A22590A5E401F34AAFF1F0BCB97DF] - [11/05/2022 07:02:08] - |A| - [40784] - C:\WINDOWS\system32\Drivers\Dumpata.sys [MD5.5CB23BCDC1065BA70979B8A004C7329C] - [11/05/2022 07:05:26] - |A| - [95184] - C:\WINDOWS\system32\Drivers\dumpfve.sys [MD5.99508DE5962EABE3BE612800212AB090] - [11/05/2022 07:01:31] - |A| - [198496] - C:\WINDOWS\system32\Drivers\dumpsd.sys [MD5.C9D6CCB33C23B446C0473DCBAA1355AF] - [11/05/2022 07:02:35] - |A| - [38240] - C:\WINDOWS\system32\Drivers\Dumpstorport.sys [MD5.E20E4E292AAAB2ED471AE479104E08C0] - [11/05/2022 07:02:30] - |A| - [436560] - C:\WINDOWS\system32\Drivers\fltMgr.sys [MD5.E770B50B1E938934DAEEF2069D0A5E29] - [11/05/2022 07:05:26] - |A| - [803152] - C:\WINDOWS\system32\Drivers\fvevol.sys [MD5.19C69F5FA3F4380D3AB2077122E1D85F] - [11/05/2022 07:02:33] - |A| - [503648] - C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS [MD5.F5E57EC489AAC6476A569D3BC4FE0EE2] - [11/05/2022 07:03:57] - |A| - [149328] - C:\WINDOWS\system32\Drivers\hvsocket.sys [MD5.0748273B4B0D441EE11FBDD1DC36A22F] - [11/05/2022 07:02:28] - |A| - [181096] - C:\WINDOWS\system32\Drivers\ksecpkg.sys [MD5.A966320B09CF949FF99790D21F93734B] - [11/05/2022 07:02:35] - |A| - [580960] - C:\WINDOWS\system32\Drivers\mrxsmb.sys [MD5.7BC7E6666FFBDABDF939CD93086DD813] - [11/05/2022 07:02:35] - |A| - [266080] - C:\WINDOWS\system32\Drivers\mrxsmb20.sys [MD5.CED8FF3BBF5E7F652515D4FE1BB251EB] - [11/05/2022 07:02:32] - |A| - [376688] - C:\WINDOWS\system32\Drivers\msrpc.sys [MD5.2E37D4EDEA5E5B6F3151D38700FAFC09] - [11/05/2022 07:02:45] - |A| - [208384] - C:\WINDOWS\system32\Drivers\ndiswan.sys [MD5.12A95FD79B8FF669C28C5B1FE699EA69] - [11/05/2022 07:02:32] - |A| - [601944] - C:\WINDOWS\system32\Drivers\netio.sys [MD5.CED3D258C3F70D53CA5410C1E56745B6] - [11/05/2022 07:01:31] - |A| - [252256] - C:\WINDOWS\system32\Drivers\netvsc.sys [MD5.9610D915491B47A36E3D42F5FC0040F1] - [11/05/2022 07:02:30] - |A| - [2852176] - C:\WINDOWS\system32\Drivers\ntfs.sys [MD5.23136528B7B5E9CF1C5CF8DB8B6619D9] - [11/05/2022 07:01:30] - |A| - [477040] - C:\WINDOWS\system32\Drivers\pci.sys [MD5.3C76317D046F1CB772972346106C7D8E] - [11/05/2022 07:01:37] - |A| - [825344] - C:\WINDOWS\system32\Drivers\PEAuth.sys [MD5.FA35E6864526D4B3B501033B1578A973] - [11/05/2022 07:03:55] - |A| - [131424] - C:\WINDOWS\system32\Drivers\PktMon.sys [MD5.C775F57CBA3E6A3CBC3612D26FE1471E] - [11/05/2022 07:01:30] - |A| - [142184] - C:\WINDOWS\system32\Drivers\pmem.sys [MD5.DCDD8D5943AF462013B39A05FE7B823D] - [11/05/2022 07:02:45] - |A| - [110080] - C:\WINDOWS\system32\Drivers\rasl2tp.sys [MD5.413A31013E1F9827888CFEFB5B42045D] - [11/05/2022 07:02:45] - |A| - [102400] - C:\WINDOWS\system32\Drivers\raspptp.sys [MD5.3EBD43383483887A4DB0264375A41746] - [11/05/2022 07:03:54] - |A| - [32600] - C:\WINDOWS\system32\Drivers\rdpvideominiport.sys [MD5.CD95BC23C964290296FBCF492CAC5070] - [11/05/2022 07:02:08] - |A| - [2008400] - C:\WINDOWS\system32\Drivers\refs.sys [MD5.82024166E5E10E806A3E972192F141B5] - [11/05/2022 07:01:31] - |A| - [306512] - C:\WINDOWS\system32\Drivers\sdbus.sys [MD5.3633CE4EA044793BD91DAA3EA4F5EC8E] - [11/05/2022 07:01:29] - |A| - [220008] - C:\WINDOWS\system32\Drivers\spacedump.sys [MD5.8A10B25A3345BFC70BC9EE56055B7249] - [11/05/2022 07:01:29] - |A| - [680784] - C:\WINDOWS\system32\Drivers\spaceport.sys [MD5.1201656BEDF263E7DC12E56F509F56F7] - [11/05/2022 07:02:35] - |A| - [323584] - C:\WINDOWS\system32\Drivers\srvnet.sys [MD5.58B787208AE774AE53F367CAFD653155] - [11/05/2022 07:01:30] - |A| - [64848] - C:\WINDOWS\system32\Drivers\storufs.sys [MD5.F7691009A30EC79518550E2FA4813A42] - [11/05/2022 07:02:33] - |A| - [2992464] - C:\WINDOWS\system32\Drivers\tcpip.sys [MD5.E51FEC42B4820C74BB75DAAE3A49C3F2] - [11/05/2022 07:01:30] - |A| - [83792] - C:\WINDOWS\system32\Drivers\uaspstor.sys [MD5.D515F6E614AE8672243EE8CA9DCED1DF] - [11/05/2022 07:01:29] - |A| - [205312] - C:\WINDOWS\system32\Drivers\USBAUDIO.sys [MD5.FE9BA629CA927C9A4DE2DA8D6BC11B3E] - [11/05/2022 07:01:31] - |A| - [139600] - C:\WINDOWS\system32\Drivers\USBSTOR.SYS [MD5.24BB3C5E411D9702A245B3FE2ADF73F5] - [11/05/2022 07:02:01] - |A| - [181600] - C:\WINDOWS\system32\Drivers\wfplwfs.sys [MD5.6AC0E96D729B50AA7605134C85CD35F6] - [11/05/2022 07:04:13] - |A| - [2432000] - C:\WINDOWS\syswow64\AcGenral.dll [MD5.DDE0A7C9AC38A37EB4E50E0EE631007B] - [11/05/2022 07:03:14] - |A| - [496360] - C:\WINDOWS\syswow64\advapi32.dll [MD5.C4AAB8FD782896E0C2422333EC164FEB] - [11/05/2022 07:04:11] - |A| - [373248] - C:\WINDOWS\syswow64\authfwcfg.dll [MD5.0FF9FEBCA789BD2C7BC74296C184C213] - [11/05/2022 07:03:27] - |A| - [5107712] - C:\WINDOWS\syswow64\AuthFWSnapin.dll [MD5.5477BCA761FD2F06D990FBD88EFB79F6] - [11/05/2022 07:04:09] - |A| - [5820928] - C:\WINDOWS\syswow64\Chakra.dll [MD5.712F673ACF999A475D49976CC0ADE71E] - [11/05/2022 07:04:11] - |A| - [26112] - C:\WINDOWS\syswow64\CheckNetIsolation.exe [MD5.CAD235E1A5F0BDFE627B1FB61EEFD781] - [11/05/2022 07:03:24] - |A| - [99328] - C:\WINDOWS\syswow64\cldapi.dll [MD5.3B6C23768D7E4A94BC926640A6003D0A] - [11/05/2022 07:03:19] - |A| - [1011040] - C:\WINDOWS\syswow64\CloudExperienceHostCommon.dll [MD5.5FDD6D3DE81774BF0B7A3297CD330DC3] - [11/05/2022 07:03:24] - |A| - [2630496] - C:\WINDOWS\syswow64\combase.dll [MD5.D9247077609D684024EE8C0D50B03D4E] - [11/05/2022 07:04:13] - |A| - [408576] - C:\WINDOWS\syswow64\CPFilters.dll [MD5.7AEE4317B505C102795789F315BDA30B] - [11/05/2022 07:03:19] - |A| - [550912] - C:\WINDOWS\syswow64\d3d9on12.dll [MD5.3AEA1477E2ED8191563EF2E046D108D0] - [11/05/2022 07:03:27] - |A| - [7680] - C:\WINDOWS\syswow64\DMAlertListener.ProxyStub.dll [MD5.4C5FE2232D84141BE0BD4C806546F28B] - [11/05/2022 07:03:26] - |A| - [164240] - C:\WINDOWS\syswow64\dmcmnutils.dll [MD5.78DEC667C8837AF37B7CCD2C0C3D038C] - [11/05/2022 07:03:26] - |A| - [556032] - C:\WINDOWS\syswow64\dmenrollengine.dll [MD5.DFD5666EC53254645A05B30C6A89A0F6] - [11/05/2022 07:04:27] - |A| - [960160] - C:\WINDOWS\syswow64\DolbyDecMFT.dll [MD5.57A4F3E9F6F5AA7AFA57FAACBF578453] - [11/05/2022 07:04:04] - |A| - [189440] - C:\WINDOWS\syswow64\DWWIN.EXE [MD5.699786EB612F9FEA58B1012BD53C95D2] - [11/05/2022 07:04:05] - |A| - [19865600] - C:\WINDOWS\syswow64\edgehtml.dll [MD5.181ED8C0DC6E79DA27AE97EF900BA944] - [11/05/2022 07:03:28] - |A| - [402944] - C:\WINDOWS\syswow64\edgeIso.dll [MD5.ADA352007665E022A7484BF30A9CD447] - [11/05/2022 07:03:26] - |A| - [40960] - C:\WINDOWS\syswow64\enrollmentapi.dll [MD5.4C1679A0F25690DD81E1F31B419BE9D8] - [11/05/2022 07:03:15] - |A| - [4491448] - C:\WINDOWS\syswow64\explorer.exe [MD5.D31BFD41A902721B3BBAB1D8EC8B1191] - [11/05/2022 07:03:26] - |A| - [416840] - C:\WINDOWS\syswow64\Faultrep.dll [MD5.9D3781D113A16511B563F590466429F7] - [11/05/2022 07:03:21] - |A| - [431104] - C:\WINDOWS\syswow64\FirewallAPI.dll [MD5.087EFD291C603C8B5CD4ED1AAFED4577] - [11/05/2022 07:03:22] - |A| - [173056] - C:\WINDOWS\syswow64\fwbase.dll [MD5.778B2DD1EE310415850AAE62469529D6] - [11/05/2022 07:04:11] - |A| - [46080] - C:\WINDOWS\syswow64\fwcfg.dll [MD5.5E23C1E8D463C849095730F0C075C462] - [11/05/2022 07:03:22] - |A| - [244224] - C:\WINDOWS\syswow64\fwpolicyiomgr.dll [MD5.870B6B076744FAD46CB649EE00FB35DC] - [11/05/2022 07:03:22] - |A| - [347648] - C:\WINDOWS\syswow64\FWPUCLNT.DLL [MD5.C74641C1613502C9BAAF9179031BDE5B] - [11/05/2022 07:03:27] - |A| - [58880] - C:\WINDOWS\syswow64\FwRemoteSvr.dll [MD5.9AA145BF40D4D0598F3395E4336E72DC] - [11/05/2022 07:03:19] - |A| - [62800] - C:\WINDOWS\syswow64\GameInput.dll [MD5.3F76783CB28DA0B61F7A9047ED07A3EE] - [11/05/2022 07:03:27] - |A| - [896104] - C:\WINDOWS\syswow64\gdi32full.dll [MD5.D36B1D084D56A45EC6BB96080711C6F4] - [11/05/2022 07:03:27] - |A| - [1449984] - C:\WINDOWS\syswow64\GdiPlus.dll [MD5.44D2E17CF334F7E59ADC15E65EFF5A4E] - [11/05/2022 07:03:28] - |A| - [129024] - C:\WINDOWS\syswow64\hlink.dll [MD5.2691200485999E35AED0C3454D4C11E7] - [11/05/2022 07:04:10] - |A| - [6490624] - C:\WINDOWS\syswow64\ieframe.dll [MD5.112A454BD88327D0AC3B19C0E840B70B] - [11/05/2022 07:04:10] - |A| - [62976] - C:\WINDOWS\syswow64\iemigplugin.dll [MD5.7DAE7B54CE72AF6387BC97C38E9B8236] - [11/05/2022 07:04:05] - |A| - [160256] - C:\WINDOWS\syswow64\iepeers.dll [MD5.EB7DD720D43C52FFC773834ECC55A56A] - [11/05/2022 07:03:28] - |A| - [2272656] - C:\WINDOWS\syswow64\iertutil.dll [MD5.A4BD13EA04285ED9599F5400BE6CAA29] - [11/05/2022 07:04:09] - |A| - [176640] - C:\WINDOWS\syswow64\IndexedDbLegacy.dll [MD5.335093D867BF15FF52664C7B363DD51D] - [11/05/2022 07:03:16] - |A| - [430080] - C:\WINDOWS\syswow64\InputSwitch.dll [MD5.D1F0090F6D80C6D8717ADDD826A5DC2E] - [11/05/2022 07:03:20] - |A| - [1839616] - C:\WINDOWS\syswow64\InstallService.dll [MD5.4E119F9060F73571713FC6DFA30141D6] - [11/05/2022 07:03:20] - |A| - [186880] - C:\WINDOWS\syswow64\InstallServiceTasks.dll [MD5.22D7E87CBF9392C0B312B37B4DAC856E] - [11/05/2022 07:03:21] - |A| - [147232] - C:\WINDOWS\syswow64\KerbClientShared.dll [MD5.8095C8A10CF51C52CE2B9798434F34CE] - [11/05/2022 07:03:21] - |A| - [837632] - C:\WINDOWS\syswow64\kerberos.dll [MD5.2BD581A222905FA9D6824EB85E99FDC5] - [11/05/2022 07:03:16] - |A| - [637744] - C:\WINDOWS\syswow64\kernel32.dll [MD5.0F2550C6256BD2CB449267F9641A743F] - [11/05/2022 07:02:34] - |A| - [2200768] - C:\WINDOWS\syswow64\KernelBase.dll [MD5.8EC64A6BBD4F06DADF193B6BE300F74C] - [11/05/2022 07:03:15] - |A| - [162304] - C:\WINDOWS\syswow64\L2SecHC.dll [MD5.7E83DA8D4287C799134BC397A93DBFB4] - [11/05/2022 07:03:16] - |A| - [34304] - C:\WINDOWS\syswow64\LaunchWinApp.exe [MD5.00C2E991AAC6247AC7CB9B8027FBAFF9] - [11/05/2022 07:03:25] - |A| - [199352] - C:\WINDOWS\syswow64\logoncli.dll [MD5.EAF036FF8B0B0494A22422E1C6479E3F] - [11/05/2022 07:03:23] - |A| - [264192] - C:\WINDOWS\syswow64\mdmregistration.dll [MD5.07333C188C0B7EC2EADDB565169C4DBD] - [11/05/2022 07:04:24] - |A| - [539192] - C:\WINDOWS\syswow64\mf.dll [MD5.3408E1B7E696FD994F43BB1E55CA223D] - [11/05/2022 07:04:24] - |A| - [1302648] - C:\WINDOWS\syswow64\mfasfsrcsnk.dll [MD5.33466F7DEAD687883231F10636A0B8D3] - [11/05/2022 07:04:25] - |A| - [3562768] - C:\WINDOWS\syswow64\mfcore.dll [MD5.9A41CABCD87996EE65CC8DA702726C55] - [11/05/2022 07:04:26] - |A| - [3656704] - C:\WINDOWS\syswow64\MFMediaEngine.dll [MD5.253C25E3F33A2DAEBEE99CE7C3245AD8] - [11/05/2022 07:04:26] - |A| - [1015944] - C:\WINDOWS\syswow64\mfmpeg2srcsnk.dll [MD5.B2A7DBCB57944E5B145EA17545F0F5C0] - [11/05/2022 07:04:25] - |A| - [130160] - C:\WINDOWS\syswow64\mfps.dll [MD5.F0825E2B4AFB6293C6B2C6666AFF7F75] - [11/05/2022 07:04:27] - |A| - [344456] - C:\WINDOWS\syswow64\MP4SDECD.DLL [MD5.2760FE918952E403B47C45A56414B01B] - [11/05/2022 07:04:07] - |A| - [18080256] - C:\WINDOWS\syswow64\mshtml.dll [MD5.B216105CE6CAEA6FF47B8B3A398D514A] - [11/05/2022 07:04:11] - |A| - [2692096] - C:\WINDOWS\syswow64\msi.dll [MD5.A0EDA707814EB674D3D2DBE0D6F4175A] - [11/05/2022 07:04:11] - |A| - [26112] - C:\WINDOWS\syswow64\msimsg.dll [MD5.511CD310D2E727EF1074B746FCA84EBE] - [11/05/2022 07:03:28] - |A| - [271872] - C:\WINDOWS\syswow64\msIso.dll [MD5.A9051EFC9C93EB1B375B0169198A2DEC] - [11/05/2022 07:04:26] - |A| - [2340304] - C:\WINDOWS\syswow64\msmpeg2vdec.dll [MD5.EA4A02BE14C405327EEBA8D9AD2BD42C] - [11/05/2022 07:04:13] - |A| - [1264640] - C:\WINDOWS\syswow64\mstsc.exe [MD5.DFFBE95BF53C684DBC1F012A35A6B17F] - [11/05/2022 07:04:12] - |A| - [7120384] - C:\WINDOWS\syswow64\mstscax.dll [MD5.0DC737CD74911420DD848C4EB93A849F] - [11/05/2022 07:04:26] - |A| - [1262296] - C:\WINDOWS\syswow64\msvproc.dll [MD5.90DDFE20329359AB6A4228A46F11B92B] - [11/05/2022 07:03:16] - |A| - [78024] - C:\WINDOWS\syswow64\netapi32.dll [MD5.5611DB81941FDD2055417AA12AE852FE] - [11/05/2022 07:03:26] - |A| - [679424] - C:\WINDOWS\syswow64\netlogon.dll [MD5.12199BFF2801EA39AD09C37290A8BBB5] - [11/05/2022 07:04:11] - |A| - [617984] - C:\WINDOWS\syswow64\nshwfp.dll [MD5.7F886A13080FE6C7EC744B74F205E093] - [11/05/2022 07:03:13] - |A| - [1698824] - C:\WINDOWS\syswow64\ntdll.dll [MD5.36DD44C941E22D6AFB34FFAA61A4AB50] - [11/05/2022 07:03:25] - |A| - [236904] - C:\WINDOWS\syswow64\offlinesam.dll [MD5.ED32010E9C84E830CB5359D747AE265A] - [11/05/2022 07:03:22] - |A| - [3828872] - C:\WINDOWS\syswow64\OneCoreUAPCommonProxyStub.dll [MD5.47AEAC81E56C721FA857528FC333A80F] - [11/05/2022 07:03:20] - |A| - [351744] - C:\WINDOWS\syswow64\PhoneOm.dll [MD5.A769B36E5483E23D7F28D1B03A004386] - [11/05/2022 07:02:41] - |A| - [889704] - C:\WINDOWS\syswow64\pidgenx.dll [MD5.07C7985E05D700394E00AD57D7AFF10C] - [11/05/2022 07:04:04] - |A| - [425472] - C:\WINDOWS\syswow64\PlayToManager.dll [MD5.DED511853437EEC1E3E24F6CD11BA489] - [11/05/2022 07:03:26] - |A| - [531992] - C:\WINDOWS\syswow64\policymanager.dll [MD5.22C476CFE6ABC19A9A89B9EEBA2FF258] - [11/05/2022 07:03:27] - |A| - [296448] - C:\WINDOWS\syswow64\polstore.dll [MD5.BC7F0279E124EEBFB19DD74BC87F35B6] - [11/05/2022 06:03:57] - |A| - [391168] - C:\WINDOWS\syswow64\poqexec.exe [MD5.F1F775DE0F107F1A4BE6FDE1C01CD757] - [11/05/2022 07:03:30] - |A| - [156672] - C:\WINDOWS\syswow64\rasman.dll [MD5.5030DB8398D1B1E9275AA1C3F51AAA90] - [11/05/2022 07:03:14] - |A| - [541184] - C:\WINDOWS\syswow64\RMActivate.exe [MD5.CB999CC05F196DCF7300A5D534B3BE7B] - [11/05/2022 07:03:14] - |A| - [558080] - C:\WINDOWS\syswow64\RMActivate_isv.exe [MD5.6599A09C160036131E4A933168DA245F] - [11/05/2022 07:03:14] - |A| - [478720] - C:\WINDOWS\syswow64\RMActivate_ssp.exe [MD5.4E8D1DC83E7132EAE582E3974666D3A4] - [11/05/2022 07:04:04] - |A| - [135680] - C:\WINDOWS\syswow64\Robocopy.exe [MD5.59A9E8C467ED80FDD303FD63A5C86E25] - [11/05/2022 07:03:13] - |A| - [776824] - C:\WINDOWS\syswow64\rpcrt4.dll [MD5.37CE8D55ADEDA0702C6ED8CA1893A5DD] - [11/05/2022 07:03:25] - |A| - [93184] - C:\WINDOWS\syswow64\samlib.dll [MD5.A63BC7D7E4917E997960D48B84602670] - [11/05/2022 07:03:30] - |A| - [255488] - C:\WINDOWS\syswow64\scecli.dll [MD5.9B8D3B54188D072729CAE383BC4681BA] - [11/05/2022 07:03:25] - |A| - [468992] - C:\WINDOWS\syswow64\schannel.dll [MD5.4AC0A6A5198967B20E5B62680EA70672] - [11/05/2022 07:03:14] - |A| - [350208] - C:\WINDOWS\syswow64\secproc.dll [MD5.0C7CF2CFBA51DD179D89271D53E2B17C] - [11/05/2022 07:03:14] - |A| - [348160] - C:\WINDOWS\syswow64\secproc_isv.dll [MD5.AFDD52FB1E595A999C1B6FC654243E90] - [11/05/2022 07:03:14] - |A| - [88576] - C:\WINDOWS\syswow64\secproc_ssp.dll [MD5.6F9344082C17734AB3874D33DB976770] - [11/05/2022 07:03:29] - |A| - [4461528] - C:\WINDOWS\syswow64\setupapi.dll [MD5.ACB572C4A268DE7ED72B17C45F38C418] - [11/05/2022 07:03:30] - |A| - [6016696] - C:\WINDOWS\syswow64\shell32.dll [MD5.9C1F7CB888C87EC00146BA0EAA6A9A1F] - [11/05/2022 07:03:30] - |A| - [276864] - C:\WINDOWS\syswow64\shlwapi.dll [MD5.AA1C585C3059A69EADA53F6C7D38E55D] - [11/05/2022 07:03:15] - |A| - [114176] - C:\WINDOWS\syswow64\slc.dll [MD5.86F96074BB1CFE5B014A711601CFAB36] - [11/05/2022 07:03:15] - |A| - [19968] - C:\WINDOWS\syswow64\slcext.dll [MD5.49C91516B5F4C8B74E26BBA0E1DD39FA] - [11/05/2022 07:03:29] - |A| - [68728] - C:\WINDOWS\syswow64\SortWindows62.dll [MD5.A464BF8D0ECE8433AD40B8C5C7813D27] - [11/05/2022 07:03:15] - |A| - [98816] - C:\WINDOWS\syswow64\sppc.dll [MD5.A8BDF94C08434D388B40E0F5B39EC744] - [11/05/2022 07:03:15] - |A| - [546816] - C:\WINDOWS\syswow64\sppcext.dll [MD5.921B63ECBE4D206D808D4A99A6DA5045] - [11/05/2022 07:03:27] - |A| - [885248] - C:\WINDOWS\syswow64\tdh.dll [MD5.9BE04FE13BAAAB98B799B22097F665D4] - [11/05/2022 07:03:14] - |A| - [3584] - C:\WINDOWS\syswow64\TpmCertResources.dll [MD5.EA7C7F46D64B86498ED29008F1E1899C] - [11/05/2022 07:03:14] - |A| - [940032] - C:\WINDOWS\syswow64\TpmCoreProvisioning.dll [MD5.58F6766CA8913A433F6A79A2847CC962] - [11/05/2022 07:04:13] - |A| - [54784] - C:\WINDOWS\syswow64\tsgqec.dll [MD5.9D59CA555FC24732D5983F3C137B081F] - [11/05/2022 07:03:16] - |A| - [4748288] - C:\WINDOWS\syswow64\twinui.dll [MD5.DB346BA22E7C71C8BD1049C9013661A5] - [11/05/2022 07:03:19] - |A| - [2539520] - C:\WINDOWS\syswow64\UIAutomationCore.dll [MD5.3B4C9D4C1CDEFFD69165A79759480088] - [11/05/2022 07:03:24] - |A| - [685568] - C:\WINDOWS\syswow64\uReFS.dll [MD5.05C724156794CA83D8F3E5498E1AE69E] - [11/05/2022 07:03:28] - |A| - [1680896] - C:\WINDOWS\syswow64\urlmon.dll [MD5.03B5BED05C2E13B063AEBEA6DB66FA32] - [11/05/2022 07:03:22] - |A| - [1681744] - C:\WINDOWS\syswow64\user32.dll [MD5.52395EBB8C09CF2CC5B7F25E8CB9F735] - [11/05/2022 07:03:25] - |A| - [706568] - C:\WINDOWS\syswow64\wer.dll [MD5.7DA7B6BC6EFDA7DAB8CBF61D93266E09] - [11/05/2022 07:03:26] - |A| - [38912] - C:\WINDOWS\syswow64\werdiagcontroller.dll [MD5.DA3DFD73548E51D51A7632D638ECB4A9] - [11/05/2022 07:03:25] - |A| - [196736] - C:\WINDOWS\syswow64\weretw.dll [MD5.BF6DEE7F5F743B8637D3E1970822DC89] - [11/05/2022 07:03:26] - |A| - [489320] - C:\WINDOWS\syswow64\WerFault.exe [MD5.639F77D5FB30839A5ED188281452E7C8] - [11/05/2022 07:03:26] - |A| - [152936] - C:\WINDOWS\syswow64\WerFaultSecure.exe [MD5.5C77CE474D9FE5A3E5CD81FB4D35344B] - [11/05/2022 07:03:26] - |A| - [202600] - C:\WINDOWS\syswow64\wermgr.exe [MD5.5BDB697ED6DF4D34833F310A8876D8FA] - [11/05/2022 07:04:04] - |A| - [209920] - C:\WINDOWS\syswow64\werui.dll [MD5.07408CC879313E83A173F79B67FA8301] - [11/05/2022 07:03:23] - |A| - [294920] - C:\WINDOWS\syswow64\wevtapi.dll [MD5.3C0E48DA02447863279B0FE3CE7FE5E8] - [11/05/2022 07:03:24] - |A| - [208384] - C:\WINDOWS\syswow64\wevtutil.exe [MD5.6E32E1BB563A05EB9E6A7B6393598B42] - [11/05/2022 07:03:22] - |A| - [18944] - C:\WINDOWS\syswow64\wfapigp.dll [MD5.0A059ECDDAC3F1E8DD6F3A8FB888B701] - [11/05/2022 07:03:23] - |A| - [329728] - C:\WINDOWS\syswow64\win32k.sys [MD5.40C26453602CFC6F279FD6D5B214097B] - [11/05/2022 07:03:23] - |A| - [2753024] - C:\WINDOWS\syswow64\win32kfull.sys [MD5.F2BB6863EAFF719A50FB3D2563DFBBE9] - [11/05/2022 07:03:23] - |A| - [94008] - C:\WINDOWS\syswow64\win32u.dll [MD5.1B3994968DEC657CA560E256DC717D66] - [11/05/2022 07:03:24] - |A| - [297984] - C:\WINDOWS\syswow64\wincorlib.dll [MD5.988C0BFE120014A83BA1D4C7A1F10942] - [11/05/2022 07:03:26] - |A| - [712192] - C:\WINDOWS\syswow64\Windows.Internal.Management.dll [MD5.603E2E60F5625E82237D75BB68960091] - [11/05/2022 07:04:25] - |A| - [5355624] - C:\WINDOWS\syswow64\Windows.Media.dll [MD5.AC9B9F9DCCCA6800F4EB0FAACF05993B] - [11/05/2022 07:03:28] - |A| - [8890016] - C:\WINDOWS\syswow64\Windows.Media.Protection.PlayReady.dll [MD5.CB0DC6170FF28592A7884601A2FAF524] - [11/05/2022 07:03:20] - |A| - [6375144] - C:\WINDOWS\syswow64\windows.storage.dll [MD5.5A61DD9BB74FEB7029A9E988D00FD8A1] - [11/05/2022 07:03:17] - |A| - [14760448] - C:\WINDOWS\syswow64\Windows.UI.Xaml.dll [MD5.763E01B81AA83CF7EE34F25E3F3DF4B3] - [11/05/2022 07:03:19] - |A| - [1511344] - C:\WINDOWS\syswow64\WindowsCodecs.dll [MD5.3AC770E4634D0DA7A962A2C191F9D145] - [11/05/2022 07:03:25] - |A| - [822224] - C:\WINDOWS\syswow64\winhttp.dll [MD5.E6B626770283A9C1A06CA3AFFF26E193] - [11/05/2022 07:03:27] - |A| - [69632] - C:\WINDOWS\syswow64\winipsec.dll [MD5.B7C35F75BB082E9857D76A12CA0C8113] - [11/05/2022 07:03:14] - |A| - [445952] - C:\WINDOWS\syswow64\winspool.drv [MD5.8187E1606E456B011679538D89D66DCE] - [11/05/2022 07:03:21] - |A| - [315048] - C:\WINDOWS\syswow64\wintrust.dll [MD5.08329746D747163F01116B4C122722A8] - [11/05/2022 07:03:25] - |A| - [897112] - C:\WINDOWS\syswow64\WinTypes.dll [MD5.74E80D07DF94EE8AA8D0B7890251F848] - [11/05/2022 07:03:25] - |A| - [335872] - C:\WINDOWS\syswow64\Wldap32.dll [MD5.B9CFEBA7260DE681D1D1DF35BF3EBB48] - [11/05/2022 07:03:24] - |A| - [141536] - C:\WINDOWS\syswow64\wldp.dll [MD5.539B94BB160FEED7E43DE9B9CDC0A944] - [11/05/2022 07:04:27] - |A| - [2138304] - C:\WINDOWS\syswow64\WMVCORE.DLL [MD5.6CCBCE25DDEA52E540A1E10282FD3A82] - [11/05/2022 07:03:22] - |A| - [1047040] - C:\WINDOWS\syswow64\wpnapps.dll [MD5.73DD1BE3A31EFA691BDD98837EA0A86B] - [11/05/2022 07:04:12] - |A| - [1507680] - C:\WINDOWS\syswow64\wsp_fs.dll [MD5.047E77548A01E62B7135B97BCAAD8D6F] - [11/05/2022 07:04:12] - |A| - [1315664] - C:\WINDOWS\syswow64\wsp_health.dll [MD5.41541109560027BE3CA605563DBC2C59] - [11/05/2022 07:03:30] - |A| - [1831424] - C:\WINDOWS\syswow64\xpsservices.dll ---------- | Drives D: [07/05/2022 10:14:42] - |D| - (.-.) - [0] - (0.0.0.0) - D:\1 [06/05/2022 07:53:09] - |A| - (.-.) - [363] - (0.0.0.0) - D:\20220225_061106_edit1.mp4.lnk [25/02/2022 09:34:58] - |A| - (.(c) 2006-2021 Digital Wave Ltd - Free YouTube To MP3 Converter Setup .) - [78382464] - (4.3.67.211) - D:\FreeYouTubeToMP3Converter_4.3.67.211_o_d65b4d18-cf65-401e-aaaf-a3ffadc63b76.exe [25/02/2022 10:50:18] - |A| - (.Copyright by Abelssoft - HackCheck 2022 .) - [5110736] - (1.0.0.0) - D:\hckchck.exe F: [25/02/2022 09:34:58] - |N| - (.(c) 2006-2021 Digital Wave Ltd - Free YouTube To MP3 Converter Setup .) - [78382464] - (4.3.67.211) - F:\FreeYouTubeToMP3Converter_4.3.67.211_o_d65b4d18-cf65-401e-aaaf-a3ffadc63b76.exe [25/02/2022 09:34:57] - |N| - (.-.) - [3082136] - (0.0.0.0) - F:\pre-scan_V9_18.10.19.1.exe [30/04/2022 18:17:39] - |N| - (.- Registry Reviver Portable Launcher.) - [532405] - (2019.4.1.0) - F:\RegistryReviverPortable.exe [25/02/2022 09:34:57] - |N| - (.C 2005/2022 - El Desaparecido - www.SOSVirus.net - UsbFix Premium.) - [4860461] - (11.0.4.8) - F:\UsbFix_Premium.exe [25/02/2022 10:50:18] - |N| - (.Copyright by Abelssoft - HackCheck 2022 .) - [5110736] - (1.0.0.0) - F:\hckchck.exe [25/02/2022 10:50:20] - |N| - (.Copyright by Abelssoft - MalwareTerminator 2022 .) - [3626720] - (1.0.0.0) - F:\malwareterminatorsetup.exe ---------- | C: [15/09/2018 09:33:50] - |SHD| - [258] - C:\$Recycle.Bin [11/05/2022 06:06:03] - |HD| - [0] - C:\$WinREAgent [MD5.78E1CECF7FF2BED46732FCF2980BC476] - [08/10/2019 22:00:31] - |A| - (.-.) - [1024] - (0.0.0.0) - C:\.rnd [22/05/2021 11:36:00] - |D| - [1189912] - C:\AdsFix [MD5.72AC45BD245E4BB0D3A1DD24955E798F] - [24/05/2021 16:56:16] - |A| - (.-.) - [24451] - (0.0.0.0) - C:\AdsFix.txt [26/09/2019 08:05:09] - |D| - [3066298212] - C:\AMD [MD5.0F343B0931126A20F133D67C2B018A3B] - [27/04/2021 15:48:31] - |H| - (.-.) - [1024] - (0.0.0.0) - C:\AMTAG.BIN [10/10/2019 23:46:22] - |D| - [101785190] - C:\APICRYPT [07/05/2021 15:23:48] - |D| - [161963764] - C:\Ariane [29/03/2022 10:05:06] - |RASHD| - [2] - C:\autorun.inf [05/05/2022 11:44:09] - |D| - [371833591] - C:\BCUninstaller [22/02/2022 11:09:53] - |D| - [0] - C:\Boot [06/04/2021 17:41:23] - |D| - [226713115] - C:\Chrone [27/09/2019 07:52:59] - |SHD| - [25907016] - C:\Config.Msi [26/09/2019 07:46:23] - |SD| - [0] - C:\Documents and Settings [MD5.804D39749A1780921D4841C7F279F3C3] - [11/09/2020 03:57:53] - |ASH| - (.-.) - [8192] - (0.0.0.0) - C:\DumpStack.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [11/09/2020 03:57:53] - |ASH| - (.-.) - [8192] - (0.0.0.0) - C:\DumpStack.log.tmp [26/09/2019 18:01:18] - |D| - [301056] - C:\Ecalc [07/05/2021 15:33:26] - |D| - [4059358] - C:\FairCom [MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/09/2019 07:44:02] - |ASH| - (.-.) - [1472577536] - (0.0.0.0) - C:\hiberfil.sys [MD5.E87FF0DE0EAABE07EB608182750ECC81] - [25/11/2019 21:13:07] - |A| - (.-.) - [1414142] - (0.0.0.0) - C:\installassist2019q12.log [MD5.A92BC0559D969C3678F872146959390B] - [25/11/2019 21:10:26] - |A| - (.-.) - [982716] - (0.0.0.0) - C:\installlife4523prod.log [29/04/2021 11:27:52] - |D| - [3710] - C:\KPRM [26/09/2019 18:02:18] - |D| - [2785654] - C:\MozBackup [27/09/2019 06:43:37] - |RHD| - [828206174] - C:\MSOCache [06/04/2021 16:00:05] - |D| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/09/2019 07:37:32] - |ASH| - (.-.) - [3758096384] - (0.0.0.0) - C:\pagefile.sys [07/12/2019 11:14:52] - |D| - [0] - C:\PerfLogs [19/05/2021 18:22:49] - |D| - [1983425121] - C:\Pre_Scan [MD5.CCCBE7FEF6A3E894525292028F81825F] - [16/01/2022 13:06:25] - |RA| - (.-.) - [16743] - (0.0.0.0) - C:\Pre_Scan_16_01_2022_12_06_22.txt [MD5.4D8996F4C4BE83E9540041014A7DACD1] - [22/05/2021 12:28:47] - |RA| - (.-.) - [33980] - (0.0.0.0) - C:\Pre_Scan_22_05_2021_12_28_46.txt [MD5.EBE5C813BF51D1507642AD09B414FD41] - [29/03/2022 13:59:02] - |RA| - (.-.) - [21744] - (0.0.0.0) - C:\Pre_Scan_29_03_2022_13_58_54.txt [07/12/2019 11:14:52] - |D| - [15857623663] - C:\Program Files [07/12/2019 11:14:52] - |RD| - [11117652060] - C:\Program Files (x86) [07/12/2019 11:14:52] - |HD| - [7676726540] - C:\ProgramData [29/03/2022 10:08:33] - |D| - [981914] - C:\QuickDiag [MD5.6836766F584EB3C0ADBEFBE4E796300E] - [03/05/2022 10:53:16] - |A| - (.-.) - [461901] - (0.0.0.0) - C:\QuickDiag.txt [MD5.91307D6050EA1EF7380A0B190E56C36C] - [29/03/2022 12:12:09] - |RAST| - (.-.) - [880964] - (0.0.0.0) - C:\QuickDiag_29_03_2022_12_12_09.txt [26/09/2019 07:46:36] - |SHD| - [2567] - C:\Recovery [MD5.100D3D159E0B644B6BABBFA16252D3AC] - [29/03/2022 10:51:56] - |A| - (.-.) - [452500] - (0.0.0.0) - C:\Rem-VBS.log [29/03/2022 10:52:46] - |D| - [1206] - C:\Rem-VBSqt [06/04/2021 17:38:46] - |D| - [482101] - C:\SearcherBar [03/05/2022 15:59:33] - |D| - [1892] - C:\SFCFix [MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/09/2019 07:37:33] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [26/09/2019 07:37:29] - |SHD| - [0] - C:\System Volume Information [26/09/2019 08:00:48] - |D| - [0] - C:\Temps [06/04/2021 15:24:20] - |D| - [716170120] - C:\tenorshare [29/04/2021 12:19:03] - |D| - [804033] - C:\USB File Resc [07/12/2019 11:03:44] - |RD| - [134530717165] - C:\Users [06/04/2021 12:23:15] - |D| - [0] - C:\VTRoot [07/12/2019 11:03:44] - |D| - [32537898833] - C:\Windows ---------- | C:\WINDOWS [07/12/2019 16:51:10] - |D| - [802] - C:\WINDOWS\addins [MD5.3EF1F851BB4B5CBE6B801B1DBFB6932F] - [27/04/2021 15:47:31] - |A| - (.-.) - [2206256] - (0.0.0.0) - C:\WINDOWS\ampa.exe [07/12/2019 11:14:52] - |D| - [18938926] - C:\WINDOWS\appcompat [07/12/2019 11:14:52] - |D| - [9917962] - C:\WINDOWS\apppatch [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\AppReadiness [07/12/2019 11:14:52] - |RSD| - [1205674141] - C:\WINDOWS\assembly [27/09/2019 06:55:44] - |D| - [6281] - C:\WINDOWS\AutoKMS [07/12/2019 11:14:52] - |D| - [785153] - C:\WINDOWS\bcastdvr [MD5.820B97429E4153A743708B376807EE69] - [15/09/2021 13:29:16] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [81408] - (10.0.19041.1237) - C:\WINDOWS\bfsvc.exe [07/12/2019 11:14:52] - |D| - [40903704] - C:\WINDOWS\Boot [MD5.CE60406C2F931AC1C41DDFDA1FD39758] - [11/09/2020 04:44:39] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [07/12/2019 11:14:52] - |D| - [2450432] - C:\WINDOWS\Branding [07/12/2019 11:03:44] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.889505DA87C1A399D9C3B0FF004F2F01] - [20/04/2021 11:13:23] - |A| - (.-.) - [317] - (0.0.0.0) - C:\WINDOWS\cdplayer.ini [07/12/2019 11:14:52] - |D| - [37070734] - C:\WINDOWS\Containers [MD5.C6C52AF48A75DCC59644DC894D2F524E] - [07/12/2019 16:53:23] - |A| - (.-.) - [29857] - (0.0.0.0) - C:\WINDOWS\Core.xml [MD5.06CF784EA23EFB51CC54B9F24FC1619D] - [17/12/2007 11:59:00] - |A| - (.Copyright © 1997 - Application CPSGES.) - [401408] - (5.0.0.0) - C:\WINDOWS\cpgesw32.exe [MD5.6E9A04D43CC03CFD531F081231AFE5D5] - [17/12/2007 11:59:00] - |A| - (.Copyright © 1997-2004 - Services CPS WIN 32 (Version Release).) - [217088] - (5.3.0.0) - C:\WINDOWS\cpsw32.dll [MD5.F03971D3571012A5C2E3E3E6C32D7575] - [03/01/2013 11:11:00] - |A| - (.Copyright © 2003-2010 ASIP SANTE - CPS PKCS#11 WIN 32 (Version Release) AS.) - [1380352] - (1.18.0.0) - C:\WINDOWS\cps_pkcs11_w32.dll [MD5.E102A28176A3E1A9A2B01F8F994C5865] - [11/07/2017 09:09:38] - |A| - (.Copyright © 2003-2010 ASIP SANTE - Dictionnaire CPS WIN 64 (RELEASE).) - [112248] - (5.5.0.0) - C:\WINDOWS\cptabw64.dll [07/12/2019 11:14:52] - |D| - [11501377] - C:\WINDOWS\Cursors [MD5.D51EA7FE5A74E919E5DF9CD55EBFC1A7] - [19/05/2022 10:03:39] - |A| - (.-.) - [1305680] - (0.0.0.0) - C:\WINDOWS\ddmmain.exe [07/12/2019 11:14:52] - |D| - [28520506] - C:\WINDOWS\debug [MD5.A16CCD60CB85694B18DB9536F3966E8C] - [25/10/2013 19:24:00] - |A| - (.(c) 2002 by DevComponents.com, - DevComponents.DotNetBar.) - [5005312] - (11.5.0.2) - C:\WINDOWS\DevComponents.DotNetBar2.dll [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [11/09/2020 04:28:54] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [07/12/2019 11:14:52] - |D| - [4307035] - C:\WINDOWS\diagnostics [07/12/2019 11:14:52] - |D| - [1702804] - C:\WINDOWS\DiagTrack [MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [11/09/2020 04:28:54] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [MD5.B2586E271D4BBB44406CAF32FFAE1778] - [26/10/2019 12:03:55] - |A| - (.-.) - [354] - (0.0.0.0) - C:\WINDOWS\DIALER.INI [07/12/2019 16:49:55] - |D| - [0] - C:\WINDOWS\DigitalLocker [07/12/2019 11:14:52] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [07/12/2019 11:14:52] - |D| - [62504] - C:\WINDOWS\ELAMBKUP [MD5.FBCA380BC7D367750603E29662C398BB] - [25/02/2020 06:03:34] - |A| - (.Copyright (C) eMPIA Technology, Inc. 2002-2006 - BDA Monitor Application.) - [99264] - (5.7.1107.0) - C:\WINDOWS\emMONA.exe [07/12/2019 16:49:55] - |D| - [0] - C:\WINDOWS\en-US [MD5.D45BD7C7B7BF977246E9409D63435231] - [11/05/2022 07:01:44] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [5114880] - (10.0.19041.1706) - C:\WINDOWS\explorer.exe [07/12/2019 11:14:52] - |RSD| - [429712370] - C:\WINDOWS\Fonts [07/12/2019 16:49:55] - |D| - [112128] - C:\WINDOWS\fr-FR [MD5.D02B88E010E8202372F85CBEA9645BC4] - [18/12/2018 15:53:24] - |A| - (.Copyright © 1996-2014 - Client du Gestionnaire d'Acces au Lecteur WIN 32 sur NP (RELEASE).) - [187168] - (3.45.0.0) - C:\WINDOWS\galclw32.dll [MD5.A7D2DB843A6638BB7C016B92665C503D] - [04/12/2018 18:32:06] - |A| - (.Copyright © 1996-2015 - Gestion de la Configuration GALSS WIN 32 (RELEASE).) - [192800] - (3.26.0.0) - C:\WINDOWS\galinw32.dll [MD5.B9ED11531E3BFCE6B16CCAF5652EF1DE] - [14/12/2010 16:01:16] - |A| - (.-.) - [591] - (0.0.0.0) - C:\WINDOWS\galss.ini [MD5.9E3F413CDAC027D4C0AC8F7214CED0C6] - [04/12/2018 18:32:06] - |A| - (.Copyright © 1996-2015 - Gestionnaire d'Acces au Lecteur WIN 32 (RELEASE).) - [130848] - (3.45.0.0) - C:\WINDOWS\galssw32.dll [MD5.2D1E367F7531D2A42892F1860912DD26] - [18/12/2018 15:53:30] - |A| - (.Copyright © 1996-2015 - Serveur du Gestionnaire d'Acces au Lecteur WIN 32 sur NP (RELEASE).) - [200992] - (3.42.0.0) - C:\WINDOWS\galsvw32.exe [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [07/12/2019 11:14:52] - |D| - [57013276] - C:\WINDOWS\Globalization [MD5.246054AC79D37722FB1496E4A8A1E9E6] - [08/07/2015 15:17:38] - |A| - (.Copyright © 1989-2014 IMAGINE Editions - HelloDoc Config.) - [70144] - (5.60.3463.0) - C:\WINDOWS\HDConfig.exe [MD5.14846482BD078B644D549EC11770A204] - [06/11/2013 21:16:42] - |A| - (.Copyright © 2013 - HDControlPanel.) - [274432] - (1.4.32.10) - C:\WINDOWS\HDCP.exe [07/12/2019 11:14:52] - |D| - [1315831] - C:\WINDOWS\Help [MD5.7E8FAEC2E175C8B45B6D380A6A4C9503] - [11/08/2021 16:29:49] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1075712] - (10.0.19041.1151) - C:\WINDOWS\HelpPane.exe [MD5.2C8FE78D53C8CA27523A71DFD2938241] - [07/12/2019 11:09:39] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.19041.1) - C:\WINDOWS\hh.exe [07/12/2019 11:14:52] - |D| - [30327] - C:\WINDOWS\IdentityCRL [07/12/2019 11:14:52] - |D| - [28822470] - C:\WINDOWS\IME [07/12/2019 11:14:52] - |RD| - [8206405] - C:\WINDOWS\ImmersiveControlPanel [07/12/2019 11:13:02] - |D| - [81711978] - C:\WINDOWS\INF [07/12/2019 11:14:52] - |D| - [38193580] - C:\WINDOWS\InputMethod [07/12/2019 11:14:52] - |SHD| - [6310445832] - C:\WINDOWS\Installer [07/12/2019 11:14:52] - |D| - [109650] - C:\WINDOWS\L2Schemas [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\LanguageOverlayCache [19/05/2022 10:39:07] - |D| - [148028493] - C:\WINDOWS\LastGood.Tmp [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\LiveKernelReports [07/12/2019 11:14:52] - |D| - [18240969] - C:\WINDOWS\Logs [07/12/2019 11:14:52] - |RSD| - [20063519] - C:\WINDOWS\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [07/12/2019 11:08:58] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [07/12/2019 11:14:52] - |RD| - [858364000] - C:\WINDOWS\Microsoft.NET [MD5.9F78636067AE3F25D34C7DD95196F1F9] - [30/09/2009 21:50:42] - |A| - (.Copyright © 2009 - Task Scheduler Wrapper.) - [110080] - (1.4.1.0) - C:\WINDOWS\Microsoft.Win32.TaskScheduler.dll [07/12/2019 11:14:52] - |D| - [3323] - C:\WINDOWS\Migration [19/05/2022 10:06:15] - |D| - [0] - C:\WINDOWS\Minidump [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.BBE80313CF12098D3FC4D8A42E9DBB33] - [10/03/2022 22:07:04] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [201728] - (10.0.19041.1566) - C:\WINDOWS\notepad.exe [07/12/2019 16:51:57] - |D| - [199472] - C:\WINDOWS\OCR [07/12/2019 11:14:52] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [24/08/2020 16:15:39] - |DC| - [299165327] - C:\WINDOWS\Panther [MD5.6AA6994CAABC0FC12EEA897E446A2311] - [04/12/2018 18:32:06] - |A| - (.Copyright © 1996-2015 - PCSC_GALSS WIN 32 (RELEASE).) - [232224] - (3.35.0.0) - C:\WINDOWS\pcscw32.dll [07/12/2019 11:14:52] - |D| - [364862] - C:\WINDOWS\Performance [MD5.67D2CFDB80AC3B097E020425B2F43039] - [19/05/2022 11:51:22] - |A| - (.-.) - [3142] - (0.0.0.0) - C:\WINDOWS\PFRO.log [MD5.535F0C1E3D4E8F541995E62D52A474D8] - [19/08/2021 01:00:24] - |A| - (.-.) - [476] - (0.0.0.0) - C:\WINDOWS\PidVid_List [07/12/2019 11:14:52] - |D| - [1136442] - C:\WINDOWS\PLA [07/12/2019 11:14:52] - |D| - [2938562] - C:\WINDOWS\PolicyDefinitions [11/09/2020 03:58:02] - |D| - [28087787] - C:\WINDOWS\Prefetch [07/12/2019 11:14:52] - |RD| - [2234380] - C:\WINDOWS\PrintDialog [07/12/2019 11:14:52] - |D| - [6100357] - C:\WINDOWS\Provisioning [MD5.D2EBDC7A6FDE2F8AE4BB54B738889CD0] - [04/12/2018 18:32:06] - |A| - (.Copyright © 1996-2015 - Protocole Sante Social WIN 32 (RELEASE).) - [267552] - (3.39.0.0) - C:\WINDOWS\pssinw32.dll [MD5.999A30979F6195BF562068639FFC4426] - [14/01/2021 10:48:09] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [370176] - (10.0.19041.746) - C:\WINDOWS\regedit.exe [07/12/2019 11:14:52] - |D| - [1094484] - C:\WINDOWS\Registration [08/04/2021 18:11:27] - |D| - [121468472] - C:\WINDOWS\Repair [07/12/2019 11:14:52] - |D| - [25631776] - C:\WINDOWS\rescache [07/12/2019 11:14:52] - |D| - [3937219] - C:\WINDOWS\Resources [06/04/2021 15:58:05] - |D| - [0] - C:\WINDOWS\rss [MD5.26C311FD0ED37CE1B35C18B345970834] - [28/01/2002 03:56:00] - |A| - (.Copyright © 2001 IMAGINE Editions - DLL Fantôme pour HelloDOC.) - [28672] - (2.0.0.99) - C:\WINDOWS\rssmail.dll [MD5.B225166F5D13ABE11289A72088588E4D] - [25/06/2019 05:46:32] - |A| - (.Realtek All Rights Reserved - Realtek Bluetooth BTDevManager Service Application.) - [780136] - (1.1.57.1) - C:\WINDOWS\RtkBtManServ.exe [MD5.61521B5E44C611F8BE37D420C03831D7] - [19/08/2021 01:00:24] - |A| - (.-.) - [50100] - (0.0.0.0) - C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new [MD5.94E495CFAEF8E9C933BE60B85BA8D660] - [25/06/2019 05:37:40] - |A| - (.-.) - [49936] - (0.0.0.0) - C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.F534F369A0095BC6DDABFC6710B220BF] - [19/08/2021 01:00:24] - |A| - (.-.) - [50048] - (0.0.0.0) - C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new_s1 [MD5.522FEBA474B5614A397EF55FDA8B43FD] - [25/06/2019 05:37:40] - |A| - (.-.) - [49884] - (0.0.0.0) - C:\WINDOWS\rtl8723b_mp_chip_bt40_fw_asic_rom_patch_new_s1.dll [MD5.AF8E8532D78893BE23C9950C612FD97C] - [19/08/2021 01:00:24] - |A| - (.-.) - [63752] - (0.0.0.0) - C:\WINDOWS\rtl8723d_mp_chip_bt40_fw_asic_rom_patch_new [MD5.432E785ED65FD0F6DF587F6DFD4C72CB] - [25/06/2019 05:37:40] - |A| - (.-.) - [60312] - (0.0.0.0) - C:\WINDOWS\rtl8723d_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.5F7D3D8B78BCB68237A024254D1F5B56] - [19/08/2021 01:00:24] - |A| - (.-.) - [54448] - (0.0.0.0) - C:\WINDOWS\rtl8821c_mp_chip_bt40_fw_asic_rom_patch_new [MD5.7C3868D43E785E6FE02739FF84B7AFDF] - [25/06/2019 05:37:40] - |A| - (.-.) - [48404] - (0.0.0.0) - C:\WINDOWS\rtl8821c_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.888BB1429D9B43D93915941769F6CE7A] - [19/08/2021 01:00:24] - |A| - (.-.) - [50480] - (0.0.0.0) - C:\WINDOWS\rtl8822b_mp_chip_bt40_fw_asic_rom_patch_new [MD5.2EAD67C6B272CCB3B64EB069CB53312A] - [25/06/2019 05:37:40] - |A| - (.-.) - [49580] - (0.0.0.0) - C:\WINDOWS\rtl8822b_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.187FF0490D1042734ED349FEA6533EBE] - [19/08/2021 01:00:24] - |A| - (.-.) - [68264] - (0.0.0.0) - C:\WINDOWS\rtl8822c_mp_chip_bt40_fw_asic_rom_patch_new [MD5.DBF1EE40F1DD573D4D948358204E46F8] - [25/06/2019 05:37:40] - |A| - (.-.) - [54736] - (0.0.0.0) - C:\WINDOWS\rtl8822c_mp_chip_bt40_fw_asic_rom_patch_new.dll [MD5.529B857946E08E116F44291EBA9972EF] - [19/08/2021 01:00:24] - |A| - (.-.) - [68468] - (0.0.0.0) - C:\WINDOWS\rtl8852a_mp_chip_bt40_fw_asic_rom_patch_new [MD5.4FF8DA7D93D520B25A556B1352C2A737] - [19/08/2021 01:00:24] - |A| - (.-.) - [66324] - (0.0.0.0) - C:\WINDOWS\rtl8852b_mp_chip_bt40_fw_asic_rom_patch_new [MD5.2F887699ECB55E01D486700FB67E8805] - [27/09/2019 08:24:32] - |A| - (.Copyright (C) 2017 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2856800] - (1.0.7.2) - C:\WINDOWS\RtlExUpd.dll [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\SchCache [07/12/2019 11:14:52] - |D| - [126782] - C:\WINDOWS\schemas [07/12/2019 11:14:52] - |D| - [1097728] - C:\WINDOWS\security [11/09/2020 04:42:31] - |D| - [143263338] - C:\WINDOWS\ServiceProfiles [07/12/2019 11:14:52] - |D| - [4096] - C:\WINDOWS\ServiceState [07/12/2019 11:03:44] - |D| - [2542874063] - C:\WINDOWS\servicing [MD5.1EE6885AB65AF5D9AE8F82BD51551F8A] - [25/06/2019 05:46:32] - |A| - (.Realtek All Rights Reserved - Realtek Bluetooth BTDevManager Service Application.) - [726600] - (1.1.26.1) - C:\WINDOWS\SETBDE8.tmp [07/12/2019 11:18:25] - |D| - [97725] - C:\WINDOWS\Setup [07/12/2019 11:14:52] - |D| - [5526016] - C:\WINDOWS\ShellComponents [07/12/2019 11:14:52] - |D| - [19040768] - C:\WINDOWS\ShellExperiences [27/09/2019 06:43:56] - |D| - [98104] - C:\WINDOWS\SHELLNEW [07/12/2019 11:14:52] - |D| - [3070736] - C:\WINDOWS\SKB [26/09/2019 07:46:32] - |D| - [762769966] - C:\WINDOWS\SoftwareDistribution [07/12/2019 11:14:52] - |D| - [88566358] - C:\WINDOWS\Speech [07/12/2019 11:14:52] - |D| - [64508236] - C:\WINDOWS\Speech_OneCore [MD5.F5CE706339FA07B6F6D2E88A2367EACA] - [13/04/2022 17:19:17] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [136192] - (10.0.19041.1645) - C:\WINDOWS\splwow64.exe [MD5.340AB0BBB9E440FFA39F41E9C07E5280] - [03/12/2009 19:07:00] - |A| - (.Copyright © 1996-2004 - Couche d'Abstraction Systeme CPS WIN 32 (RELEASE).) - [81920] - (5.5.0.0) - C:\WINDOWS\sscasw32.dll [07/12/2019 11:14:52] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [15/09/2018 09:31:35] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [07/12/2019 11:03:44] - |D| - [7895413714] - C:\WINDOWS\System32 [07/12/2019 11:14:52] - |D| - [150385125] - C:\WINDOWS\SystemApps [07/12/2019 11:14:52] - |D| - [167697713] - C:\WINDOWS\SystemResources [15/12/2021 21:14:50] - |D| - [0] - C:\WINDOWS\SystemTemp [07/12/2019 11:14:52] - |D| - [1445835276] - C:\WINDOWS\SysWOW64 [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\TAPI [15/09/2018 09:33:51] - |D| - [1959] - C:\WINDOWS\Tasks [07/12/2019 11:14:52] - |D| - [13056] - C:\WINDOWS\Temp [19/03/2019 06:52:46] - |D| - [13787648] - C:\WINDOWS\TextInput [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\tracing [07/12/2019 11:14:52] - |D| - [112237828] - C:\WINDOWS\twain_32 [MD5.AFE119DD4E17891B227684F38AA25D4D] - [07/12/2019 11:10:00] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65024] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [MD5.84B4F61F59A421BD85D97B35D194B42B] - [26/09/2019 18:11:06] - |A| - (.Copyright © MindVision Software 1995-2000 - Uninstall application file.) - [86016] - (3.0.1.1) - C:\WINDOWS\unvise32.exe [07/12/2019 11:14:52] - |D| - [12420] - C:\WINDOWS\Vss [07/12/2019 11:14:52] - |D| - [33198] - C:\WINDOWS\WaaS [07/12/2019 11:14:52] - |D| - [16568315] - C:\WINDOWS\Web [MD5.3DC6AF1ED0088BF37C42C7A89E603F6C] - [15/09/2018 09:31:35] - |A| - (.-.) - [126] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [07/12/2019 11:09:09] - |RA| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.2CC83D93DD1DDE691158CF5E9882420B] - [19/05/2022 11:51:49] - |A| - (.-.) - [276] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.0629E6D130F226C009EA9AB329F37ACC] - [07/12/2019 11:10:00] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.19041.1) - C:\WINDOWS\winhlp32.exe [07/12/2019 11:03:44] - |D| - [9224692022] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [07/12/2019 11:10:11] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.B947CCA7F485F6C1156F4D02E8C9874F] - [07/12/2019 16:52:21] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.19041.1) - C:\WINDOWS\write.exe ---------- | C:\WINDOWS\System32\GroupPolicy [MD5.F97550E61E979DD889DE6065AFB1457B] - [22/04/2021 09:03:19] - |A| - (.-.) - [128] - (0.0.0.0) - C:\WINDOWS\System32\GroupPolicy\GPT.INI [22/04/2021 09:03:19] - |D| - [190] - C:\WINDOWS\System32\GroupPolicy\Machine [22/04/2021 09:03:19] - |D| - [0] - C:\WINDOWS\System32\GroupPolicy\User ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [25/04/2017 03:46:06] - C:\WINDOWS\Installer\11b75.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:46:36] - C:\WINDOWS\Installer\11b79.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:47:04] - C:\WINDOWS\Installer\11b7d.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:47:34] - C:\WINDOWS\Installer\11b81.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:48:04] - C:\WINDOWS\Installer\11b85.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:48:32] - C:\WINDOWS\Installer\11b89.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:49:02] - C:\WINDOWS\Installer\11b8d.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:49:30] - C:\WINDOWS\Installer\11b91.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:50:00] - C:\WINDOWS\Installer\11b95.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:50:32] - C:\WINDOWS\Installer\11b99.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:51:02] - C:\WINDOWS\Installer\11b9d.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:51:30] - C:\WINDOWS\Installer\11ba1.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:51:58] - C:\WINDOWS\Installer\11ba5.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/10/2021 14:57:31] - C:\WINDOWS\Installer\13bdc08b.msi : (Installers - Adobe) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:42:18] - C:\WINDOWS\Installer\13f40b.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:42:46] - C:\WINDOWS\Installer\13f40f.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:43:16] - C:\WINDOWS\Installer\13f413.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:43:44] - C:\WINDOWS\Installer\13f417.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:44:14] - C:\WINDOWS\Installer\13f41b.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:44:42] - C:\WINDOWS\Installer\13f41f.msi : (Catalyst Control Center next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:45:10] - C:\WINDOWS\Installer\13f423.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/04/2017 03:45:38] - C:\WINDOWS\Installer\13f427.msi : (Catalyst Control Center Next - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/05/2022 10:31:29] - C:\WINDOWS\Installer\14a0226c.msi : (iPhone Backup Extractor - Reincubate Ltd) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/05/2022 11:07:24] - C:\WINDOWS\Installer\14c526be.msi : (APFS for Windows by Paragon Software - Paragon Software GmbH) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/01/2022 23:57:16] - C:\WINDOWS\Installer\14c526d6.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/01/2016 13:09:58] - C:\WINDOWS\Installer\1c09809.msi : (Epson Event Manager - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/10/2019 17:46:21] - C:\WINDOWS\Installer\20eeea.msi : (Programme d'installation des FSV 1.40.1011 - GIE SESAM-Vitale) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/08/2020 04:06:02] - C:\WINDOWS\Installer\2c6b5832.msi : (Epson Software Updater - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/01/2020 15:53:16] - C:\WINDOWS\Installer\2c6b583b.msi : (EPSON Manuals - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/04/2016 12:20:00] - C:\WINDOWS\Installer\2c6b5840.msi : (MyEpson Portal Setup - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/12/2010 16:14:02] - C:\WINDOWS\Installer\2eefc30b.msi : (Blank Project Template - XIRING) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/06/2019 11:47:00] - C:\WINDOWS\Installer\3130c9.msi : (Composants cryptographiques CPS v5.01.06 (x64) - ASIP Santé) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/02/2019 13:42:00] - C:\WINDOWS\Installer\3130da.msi : (Programme d'installation du Galss v3.45 x64 - GIE SESAM-Vitale) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/04/2015 10:53:00] - C:\WINDOWS\Installer\3130df.msi : (Programme d'installation du MICA - GIE SESAM-Vitale) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/06/2018 09:41:40] - C:\WINDOWS\Installer\3709df2.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/09/2019 09:44:04] - C:\WINDOWS\Installer\3709df6.msi : (AMD Problem Report Wizard - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/09/2018 22:41:53] - C:\WINDOWS\Installer\3744349.msi : (Blank Project Template - Nuance Communications Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/05/2022 10:08:54] - C:\WINDOWS\Installer\3b5e9e.msi : (CCleaner Update Helper - Piriform Software) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/01/2022 02:39:47] - C:\WINDOWS\Installer\3f2d91a0.msi : (Adobe ARM Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [18/03/2019 15:24:04] - C:\WINDOWS\Installer\4775033.msi : (Programme d'installation du composant SrvSvCnam - GIE SESAM-Vitale) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/08/2020 19:33:16] - C:\WINDOWS\Installer\5007cf6.msi : (AMD WVR64 - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/07/2007 14:55:00] - C:\WINDOWS\Installer\516902.msi : (Mise à jour automatique pour HelloDOC - IMAGINE Editions) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/03/2008 19:45:56] - C:\WINDOWS\Installer\516909.msi : (Mise à jour automatique pour HelloDOC - IMAGINE Editions) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [07/05/2021 15:23:38] - C:\WINDOWS\Installer\56813bf.msi : (Blank Project Template - IMAGINE Editions) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/02/2021 10:24:00] - C:\WINDOWS\Installer\570e204.msi : (c-treeACE ADO .NET Driver11.5.1 - FairCom Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/07/2019 17:14:45] - C:\WINDOWS\Installer\5f9ed15.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/10/2013 12:33:09] - C:\WINDOWS\Installer\63dd069.msi : (Serif WebPlus X7 - Serif (Europe) Ltd) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/04/2021 18:36:56] - C:\WINDOWS\Installer\6da5b89.msi : (8GadgetPack - 8GadgetPack.net) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/04/2021 18:43:05] - C:\WINDOWS\Installer\6da5b8e.msi : (Java SE Runtime Environment 8 Update 271 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/04/2021 18:45:46] - C:\WINDOWS\Installer\6da5b99.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/03/2020 12:38:40] - C:\WINDOWS\Installer\742dc1e.msi : (Pinnacle Studio - Corel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [20/02/2019 11:22:56] - C:\WINDOWS\Installer\742dc23.msi : (Dazzle Video Capture DVC100 X64 Driver 1.08 - Pinnacle) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/03/2020 11:31:09] - C:\WINDOWS\Installer\742dc27.msi : (CorelVHS3X64 - Corel) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/03/2020 11:31:07] - C:\WINDOWS\Installer\742dc2b.msi : (DazzleBDAX64 - Corel) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/12/2019 03:53:25] - C:\WINDOWS\Installer\742dc30.msi : (Roxio MyDVD - Corel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/04/2021 12:37:57] - C:\WINDOWS\Installer\742dc3d.msi : (Pinnacle 3D Title Editor - Corel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/04/2021 12:39:14] - C:\WINDOWS\Installer\742dc42.msi : (MultiCam Capture Lite - Corel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/12/2019 17:02:18] - C:\WINDOWS\Installer\742dc47.msi : (Blank Project Template - Corel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/04/2021 10:07:20] - C:\WINDOWS\Installer\8044ae0.msi : (Acronis Drivers - Acronis) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/04/2021 10:06:49] - C:\WINDOWS\Installer\8044ae6.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/10/2018 05:07:56] - C:\WINDOWS\Installer\87b0ac.msi : (OpenOffice 4.1.6 - OpenOffice) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/05/2019 15:40:14] - C:\WINDOWS\Installer\87b0dd.msi : (Hardware Detection DriversCloud.com - Cybelsoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/09/2018 15:24:52] - C:\WINDOWS\Installer\9202ab9.msi : (Bitser - Bitser) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/09/2019 18:47:35] - C:\WINDOWS\Installer\9e131d.msi : (Java SE Runtime Environment 8 Update 221 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/08/2019 09:18:02] - C:\WINDOWS\Installer\ca66e.msi : (COMODO Secure Shopping - COMODO) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2019 12:14:18] - C:\WINDOWS\Installer\ccc980.msi : (Programme d'installation du MICA - GIE SESAM-Vitale) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/11/2014 10:32:14] - [34299904] - (.().-. - ()) - C:\WINDOWS\Installer\202fc43.msp [28/06/2011 21:27:28] - [4028928] - (.().-. - ()) - C:\WINDOWS\Installer\63aae30.msp [16/04/2021 12:28:21] - [456648] - C:\WINDOWS\Installer\{00E079D0-DF5E-4EC6-8966-518AA0AF61F4}\ARPPRODUCTICON.exe1 (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/04/2021 12:28:21] - [456648] - C:\WINDOWS\Installer\{00E079D0-DF5E-4EC6-8966-518AA0AF61F4}\AvidStudio.EX_51EFF7DE84DF4CEDA9047F37C01FB11D.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/04/2021 12:28:21] - [456648] - C:\WINDOWS\Installer\{00E079D0-DF5E-4EC6-8966-518AA0AF61F4}\AvidStudio.EX_EFB6C96D2D954E339889D6D4AF15AF58.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/04/2021 12:28:21] - [456648] - C:\WINDOWS\Installer\{00E079D0-DF5E-4EC6-8966-518AA0AF61F4}\AvidStudio.EX_F76C87AAAD994547A7F3145CD7BE6E14.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/04/2021 12:28:21] - [456648] - C:\WINDOWS\Installer\{00E079D0-DF5E-4EC6-8966-518AA0AF61F4}\NewShortcut1_35541178C0614F9F8122BD3768B9E10C.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/04/2021 12:28:21] - [456648] - C:\WINDOWS\Installer\{00E079D0-DF5E-4EC6-8966-518AA0AF61F4}\Pinnacle_Studio_Tr_E65716D807E345278635A17EE07B0EDD.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/09/2019 08:07:53] - [8306] - C:\WINDOWS\Installer\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}\ARPPRODUCTICON.exe () - () [25/11/2019 21:13:22] - [53248] - C:\WINDOWS\Installer\{07C32E05-016C-4CE7-99C9-B3981149E1C0}\ARPPRODUCTICON.exe (Copyright (c) 2018 Flexera.) - (InstallShield) [16/04/2021 12:38:30] - [120776] - C:\WINDOWS\Installer\{0A4DB5B8-8C83-458B-8D0F-603543BA50A2}\ARPPRODUCTICON.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/04/2021 12:39:51] - [112584] - C:\WINDOWS\Installer\{0E4CA68C-72C3-4B01-AE33-8854AC00D17B}\ARPPRODUCTICON.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/04/2021 12:39:51] - [112584] - C:\WINDOWS\Installer\{0E4CA68C-72C3-4B01-AE33-8854AC00D17B}\NewShortcut2_93BEBB088DA245D296BBC1DBFA4CBC0C.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/04/2021 12:39:51] - [112584] - C:\WINDOWS\Installer\{0E4CA68C-72C3-4B01-AE33-8854AC00D17B}\NewShortcut3_6904BEE39C4142BFBF152B071B331EA4.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [31/03/2022 11:48:11] - [73901] - C:\WINDOWS\Installer\{1949CB9A-926E-4FD2-A7DE-8F2F5616FC60}\_08D49E089A4314C717C063.exe () - () [31/03/2022 11:48:11] - [73901] - C:\WINDOWS\Installer\{1949CB9A-926E-4FD2-A7DE-8F2F5616FC60}\_112D608FD02CD87FDC7735.exe () - () [31/03/2022 11:48:11] - [5430] - C:\WINDOWS\Installer\{1949CB9A-926E-4FD2-A7DE-8F2F5616FC60}\_378165F2E1AEFC1576446D.exe () - () [31/03/2022 11:48:12] - [73901] - C:\WINDOWS\Installer\{1949CB9A-926E-4FD2-A7DE-8F2F5616FC60}\_400368FE78D488FF03DB86.exe () - () [31/03/2022 11:48:11] - [191397] - C:\WINDOWS\Installer\{1949CB9A-926E-4FD2-A7DE-8F2F5616FC60}\_853F67D554F05449430E7E.exe () - () [31/03/2022 11:48:11] - [5430] - C:\WINDOWS\Installer\{1949CB9A-926E-4FD2-A7DE-8F2F5616FC60}\_AAD5173D3F987966BC1FB1.exe () - () [31/03/2022 11:48:11] - [10134] - C:\WINDOWS\Installer\{1949CB9A-926E-4FD2-A7DE-8F2F5616FC60}\_CB8148AF845B6CF7ED95B0.exe () - () [31/03/2022 11:48:12] - [5430] - C:\WINDOWS\Installer\{1949CB9A-926E-4FD2-A7DE-8F2F5616FC60}\_D2966FD85A150C6B4738B0.exe () - () [31/03/2022 11:48:11] - [73901] - C:\WINDOWS\Installer\{1949CB9A-926E-4FD2-A7DE-8F2F5616FC60}\_F629BB280EF5C6DB94ABCF.exe () - () [26/09/2019 08:06:01] - [8306] - C:\WINDOWS\Installer\{1DBACFDB-5E43-7882-36BD-53526D34BD22}\ARPPRODUCTICON.exe () - () [26/09/2019 08:05:59] - [8306] - C:\WINDOWS\Installer\{20D46801-147B-30AD-7C5A-AC4560A79096}\ARPPRODUCTICON.exe () - () [26/09/2019 08:06:00] - [8306] - C:\WINDOWS\Installer\{22C39711-2747-D264-319A-1550BEEAAEC6}\ARPPRODUCTICON.exe () - () [26/09/2019 08:08:02] - [8306] - C:\WINDOWS\Installer\{24DF617A-CD23-6E6A-126B-23630D2781CE}\ARPPRODUCTICON.exe () - () [25/11/2019 21:10:44] - [53248] - C:\WINDOWS\Installer\{25C76095-E562-49FC-9F27-1CBDC41A4CBB}\ARPPRODUCTICON.exe (Copyright (c) 2018 Flexera.) - (InstallShield) [27/09/2019 12:27:42] - [53248] - C:\WINDOWS\Installer\{29964269-54CA-4B76-878A-07ACC84A7E2C}\ARPPRODUCTICON.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [27/09/2019 12:27:42] - [225280] - C:\WINDOWS\Installer\{29964269-54CA-4B76-878A-07ACC84A7E2C}\hdbackup.exe_A26FDD3C906849FEB94C8FB1A056A266.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [27/09/2019 12:27:42] - [45056] - C:\WINDOWS\Installer\{29964269-54CA-4B76-878A-07ACC84A7E2C}\HDUpdate.exe_63329AF87091466FAC917C9B21F883D7.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [27/09/2019 12:27:42] - [86016] - C:\WINDOWS\Installer\{29964269-54CA-4B76-878A-07ACC84A7E2C}\HelloDOC.exe31_11AE23CEDF9249F1AC2DD98BDC2B86D0.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [27/09/2019 12:27:42] - [86016] - C:\WINDOWS\Installer\{29964269-54CA-4B76-878A-07ACC84A7E2C}\HelloDOC.exe32_0AEF3774AD0E4B938BF648C66B283823.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [27/09/2019 12:27:42] - [86016] - C:\WINDOWS\Installer\{29964269-54CA-4B76-878A-07ACC84A7E2C}\HelloDOC.exe3_C046FBD2E3D64FB0AAA7F0FC656BA4D4.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [27/09/2019 12:27:42] - [69632] - C:\WINDOWS\Installer\{29964269-54CA-4B76-878A-07ACC84A7E2C}\HelloDoc_Mail.exe1_51F29445F9504F8AAA18CAB2F566D48E.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [27/09/2019 12:27:42] - [69632] - C:\WINDOWS\Installer\{29964269-54CA-4B76-878A-07ACC84A7E2C}\HelloDoc_Mail.exe_A3C6C1EC57334B76AD7413C30916E166.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [27/09/2019 12:27:42] - [65536] - C:\WINDOWS\Installer\{29964269-54CA-4B76-878A-07ACC84A7E2C}\Tele_Assistance.ex_48A73219B0644606A108BA57874750D1.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [27/09/2019 12:27:42] - [65536] - C:\WINDOWS\Installer\{29964269-54CA-4B76-878A-07ACC84A7E2C}\Tele_Assistance.ex_8904D6A5E445444A85FE756A7974D476.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [08/04/2021 18:19:10] - [229344] - C:\WINDOWS\Installer\{29B148CC-9035-4354-A059-2D1D1F3962C5}\ARPPRODUCTICON.exe (Copyright (c) 2018 Flexera.) - (InstallShield) [08/04/2021 18:19:10] - [229344] - C:\WINDOWS\Installer\{29B148CC-9035-4354-A059-2D1D1F3962C5}\DesktopShortcut.x6_A917BEB56199470AA6D01EBE922219E2.exe (Copyright (c) 2018 Flexera.) - (InstallShield) [08/04/2021 18:19:10] - [229344] - C:\WINDOWS\Installer\{29B148CC-9035-4354-A059-2D1D1F3962C5}\StartMenuShortcut._E65E7876976B425FBC776E69867FD415.exe (Copyright (c) 2018 Flexera.) - (InstallShield) [11/03/2022 15:13:23] - [150096] - C:\WINDOWS\Installer\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}\About_Shortcut_33EA20FB53894938BA592BCD9BB68F41.exe (Copyright (c) 2013 Flexera Software LLC.) - (InstallShield) [11/03/2022 15:13:23] - [150096] - C:\WINDOWS\Installer\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}\ARPPRODUCTICON.exe (Copyright (c) 2013 Flexera Software LLC.) - (InstallShield) [11/03/2022 15:13:23] - [51792] - C:\WINDOWS\Installer\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}\DgnSvc_Shortcut_33EA20FB53894938BA592BCD9BB68F41.exe (Copyright (c) 2013 Flexera Software LLC.) - (InstallShield) [11/03/2022 15:13:23] - [150096] - C:\WINDOWS\Installer\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}\Dragonlog_Shortcut_33EA20FB53894938BA592BCD9BB68F41.exe (Copyright (c) 2013 Flexera Software LLC.) - (InstallShield) [11/03/2022 15:13:23] - [150096] - C:\WINDOWS\Installer\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}\NatSpeakD_Shortcut_33EA20FB53894938BA592BCD9BB68F41.exe (Copyright (c) 2013 Flexera Software LLC.) - (InstallShield) [11/03/2022 15:13:23] - [150096] - C:\WINDOWS\Installer\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}\NatSpeak_Shortcut_33EA20FB53894938BA592BCD9BB68F41.exe (Copyright (c) 2013 Flexera Software LLC.) - (InstallShield) [11/03/2022 15:13:23] - [65536] - C:\WINDOWS\Installer\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}\NewShortcut1.C4D4FE07_FC74_47DD_9A30_533F27F843F1.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [11/03/2022 15:13:23] - [150096] - C:\WINDOWS\Installer\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}\Setuplog_Shortcut_33EA20FB53894938BA592BCD9BB68F41.exe (Copyright (c) 2013 Flexera Software LLC.) - (InstallShield) [11/03/2022 15:13:23] - [150096] - C:\WINDOWS\Installer\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}\SuppPack_Shortcut_33EA20FB53894938BA592BCD9BB68F41.exe (Copyright (c) 2013 Flexera Software LLC.) - (InstallShield) [11/03/2022 15:13:23] - [150096] - C:\WINDOWS\Installer\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}\Upgrade_Shortcut_33EA20FB53894938BA592BCD9BB68F41.exe (Copyright (c) 2013 Flexera Software LLC.) - (InstallShield) [11/03/2022 15:13:23] - [150096] - C:\WINDOWS\Installer\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}\W8_DNS_Shortcut_33EA20FB53894938BA592BCD9BB68F41.exe (Copyright (c) 2013 Flexera Software LLC.) - (InstallShield) [16/04/2021 12:37:04] - [327680] - C:\WINDOWS\Installer\{33FC564B-23F9-4B28-9CD0-CF3366290FA3}\ARPPRODUCTICON.exe (Copyright (c) 2015 Flexera Software LLC.) - (InstallShield) [16/04/2021 12:37:04] - [65536] - C:\WINDOWS\Installer\{33FC564B-23F9-4B28-9CD0-CF3366290FA3}\NewShortcut1.9F5DFD85_6D00_4C6C_96BC_F1E3EBD27441.exe (Copyright (c) 2015 Flexera Software LLC.) - (InstallShield) [16/04/2021 12:37:04] - [65536] - C:\WINDOWS\Installer\{33FC564B-23F9-4B28-9CD0-CF3366290FA3}\NewShortcut2.9F5DFD85_6D00_4C6C_96BC_F1E3EBD27441.exe (Copyright (c) 2015 Flexera Software LLC.) - (InstallShield) [26/09/2019 08:05:52] - [8306] - C:\WINDOWS\Installer\{36EDC500-E4C0-371C-9865-08450415C1E9}\ARPPRODUCTICON.exe () - () [26/09/2019 08:05:53] - [8306] - C:\WINDOWS\Installer\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}\ARPPRODUCTICON.exe () - () [26/09/2019 08:07:59] - [8306] - C:\WINDOWS\Installer\{4D1D5407-9B69-6422-629C-8518A26004A4}\ARPPRODUCTICON.exe () - () [02/10/2019 18:04:38] - [45056] - C:\WINDOWS\Installer\{4E44FAFE-FF5A-4987-837D-37B8EBE825DC}\ARPPRODUCTICON.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [02/10/2019 18:04:38] - [40960] - C:\WINDOWS\Installer\{4E44FAFE-FF5A-4987-837D-37B8EBE825DC}\CPGES_SanteSocial__527D05D5C76E4BE38B8D990865BF0CAB.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [02/10/2019 18:04:38] - [57344] - C:\WINDOWS\Installer\{4E44FAFE-FF5A-4987-837D-37B8EBE825DC}\NewShortcut1_3BA53EA041A6458F8B2FDF6F1254BDD2.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [02/10/2019 18:04:38] - [40960] - C:\WINDOWS\Installer\{4E44FAFE-FF5A-4987-837D-37B8EBE825DC}\NewShortcut1_E6A5FC21EDDF406A90B7C44A2E55245F.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [02/10/2019 18:04:38] - [57344] - C:\WINDOWS\Installer\{4E44FAFE-FF5A-4987-837D-37B8EBE825DC}\NewShortcut3_ADAE9E3786034F2590B83F55223548BD.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [27/09/2019 09:59:28] - [4710] - C:\WINDOWS\Installer\{669CA59D-B37A-41C2-9F83-87559A633C37}\_6FEFF9B68218417F98F549.exe () - () [27/09/2019 12:14:19] - [49152] - C:\WINDOWS\Installer\{6730838E-4F44-4ADE-B260-A0B5E696077A}\ARPPRODUCTICON.exe (Copyright (C) 2010 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [02/10/2019 18:05:11] - [49152] - C:\WINDOWS\Installer\{82AB7DB2-140E-4166-A04E-1FD805EE0A74}\ARPPRODUCTICON.exe (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield) [26/09/2019 08:08:03] - [8306] - C:\WINDOWS\Installer\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}\ARPPRODUCTICON.exe () - () [07/05/2021 15:33:26] - [29926] - C:\WINDOWS\Installer\{85AED0BA-CA7C-492C-9FBC-2104F684BC3C}\controlPanelIcon.exe () - () [27/09/2019 10:03:56] - [4710] - C:\WINDOWS\Installer\{88948210-F2B4-4448-98FD-A4BF653A5CC4}\_6FEFF9B68218417F98F549.exe () - () [16/04/2021 18:14:12] - [456640] - C:\WINDOWS\Installer\{9486ECCC-7A19-4906-8B05-CF8CE528A28D}\ARPPRODUCTICON.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/09/2019 08:05:57] - [8306] - C:\WINDOWS\Installer\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}\ARPPRODUCTICON.exe () - () [16/04/2021 13:09:36] - [456648] - C:\WINDOWS\Installer\{9DB2AF51-CF38-4135-97D9-1327F6D9DBD4}\ARPPRODUCTICON.exe (Copyright (C) 2011 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [10/02/2020 17:20:00] - [1241296] - C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444}\icon.exe (Copyright (C) 2011) - (EProjManager Application) [26/09/2019 08:08:01] - [8306] - C:\WINDOWS\Installer\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}\ARPPRODUCTICON.exe () - () [26/09/2019 08:07:50] - [8306] - C:\WINDOWS\Installer\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}\ARPPRODUCTICON.exe () - () [07/01/2022 02:40:02] - [10134] - C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824458876}\ARPPRODUCTICON.exe () - () [04/10/2019 11:15:38] - [49152] - C:\WINDOWS\Installer\{AE83BC7B-F1EB-44E0-86E8-F5D437DD245F}\ARPPRODUCTICON.exe (Copyright (c) 2018 Flexera.) - (InstallShield) [04/10/2019 11:15:38] - [57344] - C:\WINDOWS\Installer\{AE83BC7B-F1EB-44E0-86E8-F5D437DD245F}\NewShortcut1_E4B71DEFF5B141F28534675A1C8AE474.exe (Copyright (c) 2018 Flexera.) - (InstallShield) [02/10/2019 18:05:28] - [49152] - C:\WINDOWS\Installer\{B145BF7B-F24D-4164-8422-35FAB120B776}\ARPPRODUCTICON.exe (Copyright (C) 2010 Flexera Software, Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/09/2019 08:08:05] - [8306] - C:\WINDOWS\Installer\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}\ARPPRODUCTICON.exe () - () [06/04/2022 17:40:07] - [97873] - C:\WINDOWS\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe () - () [03/05/2022 11:26:35] - [2821040] - C:\WINDOWS\Installer\{D1F92E87-D837-491F-A588-34EB2CD184D1}\ParagonAPFSforWindows.exe (Copyright (C) 2018) - (Graphic user interface for APFS for Windows by Paragon Software mounter) [26/09/2019 08:05:54] - [8306] - C:\WINDOWS\Installer\{D74218A3-C503-57EF-AC9F-2220082E7ADE}\ARPPRODUCTICON.exe () - () [26/09/2019 08:05:55] - [8306] - C:\WINDOWS\Installer\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}\ARPPRODUCTICON.exe () - () [26/09/2019 08:07:56] - [8306] - C:\WINDOWS\Installer\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}\ARPPRODUCTICON.exe () - () [27/09/2019 13:23:27] - [10134] - C:\WINDOWS\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe () - () [26/09/2019 08:07:54] - [8306] - C:\WINDOWS\Installer\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}\ARPPRODUCTICON.exe () - () [07/05/2021 15:23:50] - [53248] - C:\WINDOWS\Installer\{E79F5BD7-349E-447C-BA63-94524671A77E}\ARPPRODUCTICON.exe (Copyright (c) 2018 Flexera.) - (InstallShield) [26/09/2019 08:07:58] - [8306] - C:\WINDOWS\Installer\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}\ARPPRODUCTICON.exe () - () [26/09/2019 08:08:04] - [8306] - C:\WINDOWS\Installer\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}\ARPPRODUCTICON.exe () - () [26/09/2019 08:07:52] - [8306] - C:\WINDOWS\Installer\{ED75A775-03A7-F214-868D-497748707968}\ARPPRODUCTICON.exe () - () [16/04/2021 12:32:17] - [60552] - C:\WINDOWS\Installer\{EE008D2E-2747-413A-A4B1-1CA4078E1E7D}\ARPPRODUCTICON.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [27/09/2019 07:53:36] - [10134] - C:\WINDOWS\Installer\{EE2AFCE4-0238-4DE0-A140-1647021627C1}\ARPPRODUCTICON.exe () - () [16/04/2021 12:32:34] - [53248] - C:\WINDOWS\Installer\{F28AD4BC-AE49-4735-9E50-64212BD2083B}\ARPPRODUCTICON.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [16/04/2021 12:31:36] - [53248] - C:\WINDOWS\Installer\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}\ARPPRODUCTICON.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc.) - (InstallShield) [26/09/2019 08:07:57] - [8306] - C:\WINDOWS\Installer\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}\ARPPRODUCTICON.exe () - () ---------- | %System%\*.in* [05/08/2020 08:50:34] - [11014] - C:\WINDOWS\System32\atiacmLocalisation.ini [07/12/2019 11:09:39] - [3329] - C:\WINDOWS\System32\ieuinit.inf [11/09/2020 04:15:49] - [1770906] - C:\WINDOWS\System32\PerfStringBackup.INI [07/12/2019 11:09:05] - [60124] - C:\WINDOWS\System32\tcpmon.ini [07/12/2019 11:08:46] - [2404] - C:\WINDOWS\System32\WimBootCompress.ini [07/12/2019 11:10:00] - [3329] - C:\WINDOWS\Syswow64\ieuinit.inf [07/12/2019 11:09:22] - [2404] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\AppPatch\Custom\Custom64 [MD5.00000000000000000000000000000000] - |D| - [19/05/2022 12:03:24] - [0 Ko] - C:\WINDOWS\Temp\C95EFE2D-1BE8-431F-8865-DFF439438106-Sigs [MD5.00000000000000000000000000000000] - |D| - [19/05/2022 09:49:51] - [0 Ko] - C:\WINDOWS\Temp\CC-Updates [MD5.00000000000000000000000000000000] - |D| - [06/05/2022 02:36:48] - [0 Ko] - C:\WINDOWS\Temp\Crashpad [MD5.DF1D710E8E2AB989664608F2F0CFFD6E] - |A| - [19/05/2022 12:02:34] - (.-.) - [4.62 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log [MD5.697619A24A464B5BFD84DD4067B0266A] - |A| - [19/05/2022 12:29:14] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCopyAccelerator.log [MD5.AFAC3783F7EDB5CC51690B8E3B5FD448] - |A| - [19/05/2022 12:03:24] - (.-.) - [7.62 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpSigStub.log [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.C652A5EA6545C98CE71684018E0640E7] - |A| - [07/12/2019 11:09:00] - (.-.) - [3.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AdvancedKeySettingsNotification.png [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 11:08:44] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 11:08:45] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [07/12/2019 11:08:21] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [07/12/2019 11:08:52] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 11:08:52] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [07/12/2019 11:08:58] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [07/12/2019 11:09:45] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.A3437673F5766635A8378F67645B81C0] - |A| - [07/12/2019 11:09:37] - (.-.) - [0.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@StorageSenseToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 11:09:07] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.79166EAF65485F1432DD72B72870026B] - |A| - [07/12/2019 11:09:32] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@windows-hello-V4.1.gif [MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [07/12/2019 11:09:32] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-black.png [MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.contrast-white.png [MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 11:08:19] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WirelessDisplayToast.png [MD5.147B047B46B79A91CC34499D4F89119E] - |A| - [07/12/2019 11:09:05] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WLOGO_48x48.png [MD5.31A16C523B62500F83C82217F056A538] - |A| - [07/12/2019 11:08:39] - (.-.) - [8.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ActiveHours.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2786.8 Ko] - C:\WINDOWS\System32\AdvancedInstallers [MD5.A49C26AA0CADD994DE158F51CB7EEFBC] - |A| - [12/05/2021 05:32:22] - (.-.) - [13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\agentactivationruntimestarter.exe [MD5.DA3D5120A624F0F9E886F0FF0BDF5757] - |A| - [05/04/2021 21:06:02] - (.-.) - [117.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\altova.dll [MD5.2EDE6B8A2248CD339180EA4F07DD36A1] - |A| - [05/04/2021 21:06:10] - (.-.) - [79.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\altovaxml.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.97 Ko] - C:\WINDOWS\System32\am-et [MD5.00000000000000000000000000000000] - |D| - [19/05/2022 10:55:49] - [117.22 Ko] - C:\WINDOWS\System32\AMD [MD5.AB19F3066F3A909296F37578D38C9DF0] - |A| - [28/05/2021 21:27:56] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon AMD AVE Driver Component.) - [132.81 Ko] - (27.20.21003.8013) - C:\WINDOWS\System32\amdave64.dll [MD5.1F18E72DD2ACFFE89408280FEFCF935A] - |A| - [30/04/2021 14:53:38] - (.Copyright (C) 2020 Advanced Micro Devices, Inc. - AMD Crash Defender Service.) - [505.41 Ko] - (21.10.0.7) - C:\WINDOWS\System32\amdfendrsr.exe [MD5.DAF6FB9E66720D679701EF784BF45F95] - |A| - [28/05/2021 21:28:34] - (.-.) - [477.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdgfxinfo64.dll [MD5.2875EC2053DABD487C5DCB2FCABA057B] - |A| - [28/05/2021 21:28:36] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [70782.8 Ko] - (10.0.3240.6) - C:\WINDOWS\System32\amdhip64.dll [MD5.8CCF40F2068D03F9201F7BFA6E3E4338] - |A| - [10/09/2019 18:06:46] - (.Copyright (C) 2020 Advanced Micro Devices, Inc. - Radeon Settings: Host Service.) - [197.38 Ko] - (2.0.0.1788) - C:\WINDOWS\System32\amdihk64.dll [MD5.961B497AA76AD9997F6AAD58258B5336] - |A| - [17/07/2020 19:29:42] - (.-.) - [74.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AMDKernelEvents.man [MD5.90DA4DAAEDB1A9381F05C5758823AD5E] - |A| - [28/05/2021 21:28:46] - (.-.) - [455.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdlogum.exe [MD5.29509201629F064277B77477A5BD30B6] - |A| - [28/05/2021 21:28:50] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [918.8 Ko] - (1.0.16.0) - C:\WINDOWS\System32\amdlvr64.dll [MD5.3DA8C7CEBBB6A7A08BF8A86DF7D79814] - |A| - [23/09/2019 13:24:38] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MCL Universal Driver.) - [540.61 Ko] - (1.6.0.0) - C:\WINDOWS\System32\amdmcl64.dll [MD5.DE83DE48AD860FC4B9D220553AE30529] - |A| - [28/05/2021 21:28:18] - (.-.) - [534.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdmiracast.dll [MD5.0A55323D52365D41FA42AAC2DB148D10] - |A| - [28/05/2021 21:28:20] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [127.28 Ko] - (27.20.21003.8013) - C:\WINDOWS\System32\amdpcom64.dll [MD5.D88229611370A6183BE9218AE96ABA1C] - |A| - [28/05/2021 21:29:12] - (.Copyright (C) 2014-2021 AMD Inc. - AMD DirectX12 User Mode Driver.) - [132.31 Ko] - (8.18.10.407) - C:\WINDOWS\System32\amdxc64.dll [MD5.F8DAEE19F0D4208C59C722F3FB4F2275] - |A| - [11/05/2021 07:55:02] - (.-.) - [57778.02 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdxc64.so [MD5.83CA24EA17F1E4AF386DB61EB52AA0AB] - |A| - [28/05/2021 21:29:22] - (.-.) - [79661.81 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amd_comgr.dll [MD5.84F00A17D23CBC053A6C7EEAF57CA17F] - |A| - [28/05/2021 21:28:36] - (.Copyright (C) 2016 - AMD MJPEG MFT Component.) - [1646.19 Ko] - (27.20.21003.8013) - C:\WINDOWS\System32\amf-mft-mjpeg-decoder64.dll [MD5.C3FBB4A7E6BE38C5F5F29EC699F405A5] - |A| - [28/05/2021 21:29:28] - (.Advanced Micro Devices, Inc. Copyright (C) 2017 - Advanced Media Framework.) - [5664.81 Ko] - (1.4.20.0) - C:\WINDOWS\System32\amfrt64.dll [MD5.D0C50C113FE59C21AD59932E6B9C202F] - |A| - [27/04/2021 15:47:31] - (.-.) - [37.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ampa.sys [MD5.C0F1FF923616DEDEAA7655F7FA03FD06] - |A| - [05/04/2022 12:17:03] - (.-.) - [3117.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\APMBoot.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2894.22 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [279.5 Ko] - C:\WINDOWS\System32\ar-SA [MD5.7605725C6464C7272BF3115901DF5776] - |A| - [12/01/2022 02:01:16] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [665.5 Ko] - (3.5.1.0) - C:\WINDOWS\System32\archiveint.dll [MD5.9E9AF957090D6BC3F730AF8AD5716FE4] - |A| - [12/04/2021 19:42:05] - (.-.) - [1.68 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ASOROSet.bin [MD5.2C69E96E2DF6082A3914593DB89F9853] - |A| - [28/05/2021 21:29:30] - (.© 2004 Advanced Micro Devices, Inc. - eRecord Message Resource File.) - [68.31 Ko] - (27.20.21003.8013) - C:\WINDOWS\System32\ati2erec.dll [MD5.9ED4EC9510336794468C9013EE480516] - |A| - [28/05/2021 21:29:32] - (.Copyright (C) 2021 Advanced Micro Devices, Inc. - Radeon Software: Desktop Control Panel.) - [1499.31 Ko] - (6.14.10.2001) - C:\WINDOWS\System32\atiacm64.dll [MD5.518C9C2F0F1F9E96D7FB6FD77C3E2028] - |A| - [05/08/2020 08:50:34] - (.-.) - [10.76 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiacmLocalisation.ini [MD5.AFA7EDFCCDD255C6D4C02D49066FFE3E] - |A| - [28/05/2021 21:29:32] - (.Copyright (C) 2008-2021 Advanced Micro Devices, Inc. - ADL.) - [1707.81 Ko] - (27.20.21003.8013) - C:\WINDOWS\System32\atiadlxx.dll [MD5.265ACACEA17C65F4506DCFF1B4E2A5FB] - |A| - [11/05/2021 06:53:08] - (.-.) - [545.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiapfxx.blb [MD5.204D0F14AFBA0FF58BD566DF31E5E429] - |A| - [28/05/2021 21:29:38] - (.Copyright (C) 1998-2012 AMD Inc. - aticfxstub64.dll.) - [177.83 Ko] - (8.17.10.1690) - C:\WINDOWS\System32\aticfx64.dll [MD5.8FB3E84D323D3DDCFCDEE2973AF40C40] - |A| - [28/05/2021 21:29:40] - (.2002-2012 - Graphics DEM.) - [457.31 Ko] - (4.5.7801.1667) - C:\WINDOWS\System32\atidemgy.dll [MD5.4A3A21A63FD88B4AC02B356604126121] - |A| - [28/05/2021 21:29:42] - (.-.) - [122.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atidxx64.dll [MD5.6929F6AC055D4DF1CC4BA8772D6337AA] - |A| - [28/05/2021 21:29:46] - (.-.) - [445.31 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atieah64.exe [MD5.A238A879BDBEC4C9CCBB2D5FA6C23EF1] - |A| - [28/05/2021 21:29:46] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [801.81 Ko] - (27.20.21003.8013) - C:\WINDOWS\System32\atieclxx.exe [MD5.34781397506B07A84BC2DEBADE0E7FC4] - |A| - [28/05/2021 21:29:50] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [239.33 Ko] - (27.20.21003.8013) - C:\WINDOWS\System32\atig6txx.dll [MD5.A5342C2282ED453BD875575BF2378F2F] - |A| - [28/05/2021 21:28:50] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [127.25 Ko] - (27.20.21003.8013) - C:\WINDOWS\System32\atimpc64.dll [MD5.386C7FDE5181D04317C1CD5F954722EC] - |A| - [28/05/2021 21:29:54] - (.Copyright ? 2009 AMD - Multi-language DPPE DLL.) - [162.3 Ko] - (27.20.21003.8013) - C:\WINDOWS\System32\atimuixx.dll [MD5.753A0DAA33034BACDA1CD8ABA8D3B5CD] - |A| - [28/05/2021 21:30:04] - (.Copyright (c) 2010 Advanced Micro Devices, Inc. - Radeon spu api dll.) - [162.83 Ko] - (27.20.21003.8013) - C:\WINDOWS\System32\atisamu64.dll [MD5.EF6F76151C1ABD9BD0A2F5EE7E19028F] - |A| - [11/05/2021 08:01:28] - (.-.) - [3357.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiumd6a.cap [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [23/09/2019 12:39:56] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [23/09/2019 12:39:56] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvsvl.dat [MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [07/12/2019 11:08:07] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin [MD5.0640309911BD58259D2A031EFEE0D51D] - |A| - [05/04/2021 21:07:07] - (.Copyright (C) 1998-2020 BCGSoft Co Ltd. - BCGControlBar Professional DLL.) - [901.89 Ko] - (30.51.0.0) - C:\WINDOWS\System32\bcgcbproresfra.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [258.5 Ko] - C:\WINDOWS\System32\bg-BG [MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-black.png [MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-high.png [MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.contrast-white.png [MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothPairingSystemToastIcon.png [MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.contrast-white.png [MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\BluetoothSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5958.93 Ko] - C:\WINDOWS\System32\Boot [MD5.47A98A74B8545992B2950E1C2EC5F179] - |A| - [22/05/2020 16:23:34] - (.-.) - [0.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\branding.bmp [MD5.1BBABA457C17E69619885D7F8CED6C09] - |A| - [02/12/2020 07:56:56] - (.-.) - [12.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\brandingRSX.bmp [MD5.ED0E77B68F85A8AFD6CA7FAAB3D012E5] - |A| - [22/10/2020 05:36:48] - (.-.) - [12.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\brandingWS_RSX.bmp [MD5.3149A16CF39B9A49BD9A1EF98A1C527B] - |A| - [14/01/2021 10:43:51] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [186.5 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [60635.29 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [48545.46 Ko] - C:\WINDOWS\System32\catroot2 [MD5.E9B2C5CEE593C468AD82D31DE6687C20] - |A| - [05/04/2021 21:07:35] - (.-.) - [5145 Ko] - (0.0.0.0) - C:\WINDOWS\System32\cda_r2.dll [MD5.9617D1F5981235FC8F989A07B98CD70D] - |A| - [28/05/2021 21:30:10] - (.-.) - [338.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\clinfo.exe [MD5.B340DD232771980C38884EE99B191051] - |A| - [06/04/2021 12:18:33] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [333.23 Ko] - (1.4.50284.159) - C:\WINDOWS\System32\cmdkbdcss64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [26.38 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.47538877155EEAF6EC54EE742E28F300] - |A| - [15/01/2021 23:17:02] - (.AMD. - CoInstaller DLL.) - [1556.11 Ko] - (1.0.5.9) - C:\WINDOWS\System32\coinst_20.10.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [377.5 Ko] - C:\WINDOWS\System32\Com [MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.contrast-white.png [MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ComputerToastIcon.png [MD5.FB804C8C787CDFF3F722FED1E5D1C059] - |A| - [18/08/2021 19:18:54] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [119.36 Ko] - (1.0.0.4) - C:\WINDOWS\System32\CONEQMSAPOGUILibrary.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [516669.02 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [53.11 Ko] - C:\WINDOWS\System32\Configuration [MD5.C113EC3ABF481A1B41F99BD721B513C3] - |A| - [14/04/2021 19:38:34] - (.-.) - [225.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\containerdevicemanagement.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.34 Ko] - C:\WINDOWS\System32\ContainerSettingsProviders [MD5.A41C1754A956E37B5E7D06D5167548E7] - |A| - [11/06/2021 17:49:39] - (.-.) - [280.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\CoreMas.dll [MD5.128EC628451C3CB3DA6F9DB5346E4E54] - |A| - [29/11/2018 17:07:56] - (.Copyright © 2018 ASIP SANTE - CSP de la carte CPS3 WIN 64 (Version Release).) - [260.65 Ko] - (3.7.0.0) - C:\WINDOWS\System32\cps3_csp_w64.dll [MD5.F6BED289DCB1C051F9CCE7DC3328D391] - |A| - [29/11/2018 17:07:56] - (.Copyright © 2003-2018 ASIP SANTE - Librairie PKCS#11 de la carte CPS3 WIN 64 (Version Release).) - [942.15 Ko] - (2.11.0.0) - C:\WINDOWS\System32\cps3_pkcs11_w64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [318 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.0861DD5714AE84CAA7087957C64251B2] - |A| - [06/04/2021 12:18:33] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [443.96 Ko] - (1.4.50284.159) - C:\WINDOWS\System32\cssguard64.dll [MD5.05DE2EB0889D77D447BCA7BD597819CF] - |A| - [12/01/2022 02:01:16] - (.© 1996 - 2021 Daniel Stenberg, . - The curl executable.) - [511.5 Ko] - (7.79.1.0) - C:\WINDOWS\System32\curl.exe [MD5.4AD65DE1DDBD21EF85712DD59E455A12] - |A| - [05/04/2021 21:08:57] - (.-.) - [669 Ko] - (0.0.0.0) - C:\WINDOWS\System32\cvitale.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [321.5 Ko] - C:\WINDOWS\System32\da-DK [MD5.8BC664FEEA1F20837311BD4E39788217] - |A| - [13/04/2022 17:19:22] - (.-.) - [159 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [272.44 Ko] - C:\WINDOWS\System32\DDFs [MD5.DF6465F349C9CBDF3FCEB3F198E8FCB6] - |A| - [19/05/2022 10:03:39] - (.-.) - [34.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ddmdrv.sys [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [358.5 Ko] - C:\WINDOWS\System32\de-DE [MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 11:08:21] - (.-.) - [28.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultAccountTile.png [MD5.057C75B5735EEF2A75ABF8F6770BCA34] - |A| - [11/09/2020 04:21:39] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [07/12/2019 11:14:56] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.041A7B079E9776721847031A7CF533E1] - |A| - [07/12/2019 11:09:34] - (.-.) - [15.97 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DeliveryOptimizationMIProv.mof [MD5.59D5500F74109D59522F5A9457B8D9A2] - |A| - [07/12/2019 11:09:34] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DeliveryOptimizationMIProvUninstall.mof [MD5.B924F1A7DE5ED8331B3375A778B3FE38] - |A| - [07/12/2019 11:08:52] - (.-.) - [35.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\deploymentcsphelper.exe [MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [07/12/2019 11:08:39] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DesktopKeepOnToastImg.gif [MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [07/12/2019 11:08:43] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DetailedReading-Default.xml [MD5.6B6360B3233676711E90E8827E5BEA37] - |A| - [28/05/2021 21:30:16] - (.-.) - [481.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dgtrayicon.exe [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [886 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.037DF43BCC9F9A4DF6548FED8F4503AF] - |A| - [07/12/2019 11:08:37] - (.-.) - [82.96 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [9900.3 Ko] - C:\WINDOWS\System32\Dism [MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.contrast-white.png [MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DisplaySystemToastIcon.png [MD5.EBB51D519FE7F15ECE4131247ECEEA8F] - |A| - [11/05/2022 07:03:33] - (.-.) - [11.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DrtmAuthTxt.wim [MD5.00000000000000000000000000000000] - |DC| - [22/04/2021 10:12:21] - [649.81 Ko] - C:\WINDOWS\System32\DRVSTORE [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [161.5 Ko] - C:\WINDOWS\System32\dsc [MD5.9F3FA96F301CBE828AA9E98F13506F4A] - |A| - [10/03/2022 22:03:51] - (.-.) - [2201.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\dwmscene.dll [MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [07/12/2019 11:08:07] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin [MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [07/12/2019 11:08:07] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin [MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [07/12/2019 11:08:07] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin [MD5.7819926532F07BBA10081A65447FD203] - |A| - [05/04/2021 21:11:17] - (.-.) - [1250.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ebxml.dll [MD5.891FAD6D1ED3F47B840E0329B25E67E4] - |A| - [05/04/2021 21:11:06] - (.-.) - [1019.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ebxml3.dll [MD5.3B1900257C51B901195E3239024C16EB] - |A| - [28/05/2021 21:30:20] - (.-.) - [422.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\EEURestart.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [361.5 Ko] - C:\WINDOWS\System32\el-GR [MD5.423C4A0D694A92CED7E06335F9739E3E] - |A| - [05/08/2015 17:52:20] - (.Copyright (C) eMPIA Technology2002-2013 - WDM Streaming Video Capture.) - [96.49 Ko] - (2.416.0.0) - C:\WINDOWS\System32\emProp64.ax [MD5.1BB6D8A9ABBFA60C229B48F62D37E39F] - |A| - [25/02/2020 06:03:36] - (.Copyright (C) eMPIA Technology 2002-2012 - USB 28xx BDA Prop Page.) - [133.44 Ko] - (5.2012.303.0) - C:\WINDOWS\System32\emPRP64A.ax [MD5.82FF595FC0640E21C71879FC22C21689] - |A| - [05/08/2015 17:52:20] - (.Copyright (C) eMPIA Technology2002-2013 - USB 28xx WDM User Mode Driver.) - [20.52 Ko] - (2.416.0.0) - C:\WINDOWS\System32\emUSD64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [0 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [244 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1574.53 Ko] - C:\WINDOWS\System32\en-US [MD5.1D0A840D731A2C1F2E1FB5B8596B4C34] - |A| - [14/01/2021 10:43:47] - (.-.) - [148.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\EoAExperiences.exe [MD5.053B93AEC39E5F83B13066A4924AB307] - |A| - [10/02/2020 16:11:46] - (.Copyright (C) SEIKO EPSON CORP. 2005 - EPSON Scanner device co-installer.) - [17 Ko] - (1.3.0.1) - C:\WINDOWS\System32\esxcdev.dll [MD5.BAC5074667751F72A9CE48CDC31BAC48] - |A| - [17/07/2021 07:13:01] - (.Copyright (C) 2007 SEIKO EPSON CORP. - E_GCINST.) - [10.5 Ko] - (1.0.0.6) - C:\WINDOWS\System32\E_GCINST.DLL [MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [07/12/2019 11:08:41] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastBulldogImg.png [MD5.7F65C93283F31EB39E311DDDC00DFBA6] - |A| - [11/09/2020 04:23:09] - (.-.) - [16.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastDlpImg.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7.11 Ko] - C:\WINDOWS\System32\ff-Adlm-SN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [326 Ko] - C:\WINDOWS\System32\fi-FI [MD5.C0255F4F34F84DA441CEAC8CA4282DC3] - |A| - [11/09/2020 03:58:08] - (.-.) - [563.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [3403.5 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [279 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [46668.91 Ko] - C:\WINDOWS\System32\fr-FR [MD5.EB37DB663DC19E7C4D7F23A12DA07E99] - |A| - [15/09/2021 13:32:24] - (.-.) - [657 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FsNVSDeviceSource.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:10] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.5101D29463A6B21E0A3500FC937C4322] - |A| - [18/12/2018 15:53:28] - (.Copyright © 1996-2014 - Client du Gestionnaire d'Acces au Lecteur WIN 64 sur NP (RELEASE).) - [209.78 Ko] - (3.45.0.0) - C:\WINDOWS\System32\galclw64.dll [MD5.D0E520EDEFAD63C90E179D5696F9A055] - |A| - [04/12/2018 18:32:06] - (.Copyright © 1996-2015 - Gestion de la Configuration GALSS WIN 64 (RELEASE).) - [213.78 Ko] - (3.26.0.0) - C:\WINDOWS\System32\galinw64.dll [MD5.43169A76D35F6C4DF7D291FB76911101] - |A| - [28/05/2021 21:30:22] - (.-.) - [484.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameManager64.dll [MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.contrast-white.png [MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\GameSystemToastIcon.png [MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [07/12/2019 11:09:48] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |HD| - [15/09/2018 09:33:50] - [0.31 Ko] - C:\WINDOWS\System32\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers [MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.contrast-white.png [MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HandwritingSystemToastIcon.png [MD5.EBE7F0F181D9D3D3EC55AEAED0C49011] - |A| - [05/04/2021 21:07:22] - (.Copyright © 1989-2021 IMAGINE Editions - HDAB pour HelloDOC.) - [669.5 Ko] - (5.70.21050.1238) - C:\WINDOWS\System32\hdab.dll [MD5.C75EE74668708F1F0C0BC69E6115BC8D] - |A| - [05/04/2021 21:14:15] - (.Copyright © 1989-2021 IMAGINE Editions - HDAdministre Version MFC 32 bits.) - [500 Ko] - (5.70.21050.1233) - C:\WINDOWS\System32\hdadministre.dll [MD5.33B977BDDACDFF7D77190CCF9A503E3D] - |A| - [05/04/2021 21:06:43] - (.Copyright © 1989-2021 IMAGINE Editions - API pour HelloDoc.) - [3297.5 Ko] - (5.70.21050.1228) - C:\WINDOWS\System32\hdapi5.dll [MD5.61CEF215C61FE726B7EF50800CADC5AE] - |A| - [05/04/2021 21:06:48] - (.Copyright © 1989-2021 IMAGINE Editions - APICrypt pour HelloDoc.) - [197 Ko] - (5.70.21050.1226) - C:\WINDOWS\System32\hdapicrypt.dll [MD5.8ECAE725A0AE964A26A26B7017D5A204] - |A| - [05/04/2021 21:14:19] - (.Copyright © 1989-2021 IMAGINE Editions - Assertion pour HelloDoc.) - [776.5 Ko] - (5.70.21050.1228) - C:\WINDOWS\System32\hdassertion.dll [MD5.4902CDED5DD6E578B4DD254379C8A342] - |A| - [05/04/2021 21:07:02] - (.Copyright © 1989-2021 IMAGINE Editions - Sauvegarde pour HelloDoc.) - [960 Ko] - (5.70.21050.1248) - C:\WINDOWS\System32\hdbackup.dll [MD5.C96397AF8C5EB52DF575879F4B25DA74] - |A| - [05/04/2021 21:12:32] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion CDAr2 pour HelloDoc.) - [401 Ko] - (5.70.21050.1305) - C:\WINDOWS\System32\hdcdar2.dll [MD5.C1779246CE7AD0F92A1F09BE4BA9854F] - |A| - [05/04/2021 21:12:36] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion CERFA pour HelloDoc\0.) - [238.5 Ko] - (5.70.21050.1232) - C:\WINDOWS\System32\hdcerfa.dll [MD5.E19F618AC033E9F91AE71083E65836E9] - |A| - [05/04/2021 21:15:29] - (.Copyright © 1989-2021 IMAGINE Editions - HelloDoc Certificats.) - [1415 Ko] - (6.1.21050.1235) - C:\WINDOWS\System32\hdcertificatestore.dll [MD5.99B596C9D1BC11C19723AE1C15F145C5] - |A| - [05/04/2021 21:05:48] - (.Copyright © 1989-2021 IMAGINE Editions - Accès à CGM-Assist depuis HelloDoc.) - [245 Ko] - (5.70.21050.1256) - C:\WINDOWS\System32\hdcgmassist.dll [MD5.AB91413E91A1210838D84DCFE140D052] - |A| - [05/04/2021 21:17:32] - (.Copyright © 1989-2021 IMAGINE Editions - Module d'extension CCAM de HDCodeExplorer.) - [135.5 Ko] - (5.70.21050.1257) - C:\WINDOWS\System32\hdcodeccam.dll [MD5.A38720C1E7CA3031171006E0083233FD] - |A| - [05/04/2021 21:17:36] - (.Copyright © 1989-2021 IMAGINE Editions - Module d'extension DRC de HDCodeExplorer.) - [190 Ko] - (5.70.21050.1257) - C:\WINDOWS\System32\hdcodedrc.dll [MD5.16165191E7002C854FF1FDB556330FF0] - |A| - [05/04/2021 21:14:24] - (.Copyright © 1989-2021 IMAGINE Editions - HDCodeExplorer Version MFC 32 bits.) - [269 Ko] - (5.70.21050.1232) - C:\WINDOWS\System32\hdcodeexplorer.dll [MD5.04C852495D9A5EA47C01584EAF4B08D0] - |A| - [05/04/2021 21:14:29] - (.Copyright © 1989-2021 IMAGINE Editions - Module d'extension LPP de HDCodeExplorer.) - [51.5 Ko] - (5.70.21050.1302) - C:\WINDOWS\System32\hdcodelpp.dll [MD5.5E690BD30ED39718D586542EE2C352BB] - |A| - [05/04/2021 21:13:30] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion Sigems pour HelloDoc.) - [2173.5 Ko] - (5.70.21050.1310) - C:\WINDOWS\System32\hdcomclinic.dll [MD5.AE0F332D651AD0A59B1F43324554344D] - |A| - [05/04/2021 21:14:33] - (.Copyright © 1989-2021 IMAGINE Editions - HDCryptage pour HelloDoc.) - [17 Ko] - (5.70.21050.1253) - C:\WINDOWS\System32\hdcryptage.dll [MD5.C3C1CA689EB3E7D498CD370906264199] - |A| - [05/04/2021 21:12:08] - (.Copyright © 1989-2021 IMAGINE Editions - Extension de classes MFC.) - [3563 Ko] - (6.1.21050.1231) - C:\WINDOWS\System32\hdctrlex100b.dll [MD5.3A0F9C9E6A606CCFF7EC1174948821A4] - |A| - [05/04/2021 21:18:11] - (.Copyright © 1989-2021 IMAGINE Editions - Numéroteur pour HelloDOC.) - [152.5 Ko] - (5.70.21050.1232) - C:\WINDOWS\System32\hddial.dll [MD5.47642CEA64DE580C4A92E787F29304D2] - |A| - [05/04/2021 21:15:47] - (.Copyright © 1989-2021 IMAGINE Editions - IMAGES pour HelloDoc.) - [107 Ko] - (5.70.21050.1227) - C:\WINDOWS\System32\hddib.dll [MD5.7823DACBA706A97E4A1E54692215D1BB] - |A| - [05/04/2021 21:12:59] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion DMP pour HelloDoc.) - [3341.5 Ko] - (5.70.21050.1308) - C:\WINDOWS\System32\hddmp.dll [MD5.E0C2DACF00FF66BF36AAD7353CA92EA8] - |A| - [05/04/2021 21:13:07] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion ebXML pour HelloDoc.) - [246 Ko] - (5.70.21050.1303) - C:\WINDOWS\System32\hdebxml.dll [MD5.435A38706AAECFAD03434B2BACA268DB] - |A| - [05/04/2021 21:18:01] - (.Copyright © 1989-2021 IMAGINE Editions - Module Protocole pour Hellodoc.) - [175.5 Ko] - (5.70.21050.1301) - C:\WINDOWS\System32\hdeditform.dll [MD5.4667265CAAFC33A982B8F085CED9BE6B] - |A| - [05/04/2021 21:14:38] - (.Copyright © 1989-2021 IMAGINE Editions - HDFusion pour HelloDOC.) - [57.5 Ko] - (5.70.21050.1300) - C:\WINDOWS\System32\hdfusion.dll [MD5.B00AA571890F77DECAA8DFCD4D3D3E5A] - |A| - [05/04/2021 21:14:42] - (.Copyright © 1989-2021 IMAGINE Editions - HelloDoc Mail Version MFC TAPI 32 bits.) - [182.5 Ko] - (5.70.21050.1300) - C:\WINDOWS\System32\hdgraph.dll [MD5.015E5B9240112F0D9C023C2B6DC6104B] - |A| - [05/04/2021 21:17:56] - (.Copyright © 1989-2021 IMAGINE Editions - Module HDGrossesse pour Hellodoc.) - [805 Ko] - (5.70.21050.1301) - C:\WINDOWS\System32\hdgrossesse.dll [MD5.79596457FF32CA0AD73D958E37D0F6F2] - |A| - [05/04/2021 21:08:15] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion de la conversion HTML / PDF.) - [14.5 Ko] - (5.70.21050.1227) - C:\WINDOWS\System32\hdhtmltopdf.dll [MD5.1EBC20FD648A0221E3D2AF6902F17425] - |A| - [05/04/2021 21:14:46] - (.Copyright © 1989-2021 IMAGINE Editions - HDInfo Version MFC 32 bits.) - [472.5 Ko] - (5.70.21050.1233) - C:\WINDOWS\System32\hdinfo.dll [MD5.020014BB522412FF6036E7A864F0DD1B] - |A| - [05/04/2021 21:12:52] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion des annuaires pour HelloDoc.) - [591.5 Ko] - (5.70.21050.1233) - C:\WINDOWS\System32\hdldap.dll [MD5.973F631254E98F5D3E5D00040D893176] - |A| - [05/04/2021 21:14:51] - (.Copyright © 1989-2021 IMAGINE Editions - HDMail pour HelloDoc.) - [2675.5 Ko] - (6.1.21050.1231) - C:\WINDOWS\System32\hdmail.dll [MD5.8F7CF90DAD78F8189F643DF6285409CA] - |A| - [05/04/2021 21:17:14] - (.Copyright © 1989-2021 IMAGINE Editions - DLL Migration pour HelloDoc.) - [429 Ko] - (5.70.21050.1301) - C:\WINDOWS\System32\hdmigration.dll [MD5.94F397694D49E7B47363B728CDFCEBFA] - |A| - [05/04/2021 21:13:21] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion MMG pour HelloDoc.) - [1683.5 Ko] - (5.70.21050.1310) - C:\WINDOWS\System32\hdmmg.dll [MD5.C24C7304C3635A264681C7DBC9721A18] - |A| - [05/04/2021 21:06:27] - (.Copyright © 1989-2021 IMAGINE Editions - API Dragon NaturallySpeaking pour HelloDoc.) - [58.5 Ko] - (5.70.21050.1227) - C:\WINDOWS\System32\hdnspeak.dll [MD5.77125BD1C24E9EDA807670C2AB86C028] - |A| - [05/04/2021 21:05:41] - (.Copyright © 1989-2021 IMAGINE Editions - Bibliothèque d'outils pour HelloDoc.) - [128 Ko] - (5.70.21062.1023) - C:\WINDOWS\System32\HDOutils.dll [MD5.7A98F939E8E708589AF8B811CBC8D19F] - |A| - [05/04/2021 21:18:21] - (.Copyright © 1989-2021 IMAGINE Editions - PAINT pour HelloDoc.) - [48 Ko] - (5.70.21050.1302) - C:\WINDOWS\System32\hdpaint.dll [MD5.81D1B82E273FFAAF933408542BC0C86C] - |A| - [05/04/2021 21:18:05] - (.Copyright © 1989-2021 IMAGINE Editions - Module Pédiatrie pour Hellodoc.) - [209.5 Ko] - (5.70.21050.1256) - C:\WINDOWS\System32\hdpediatrie.dll [MD5.601CFD5D1FC4D30C9207C69683EF6B42] - |A| - [05/04/2021 21:17:42] - (.Copyright © 1989-2021 IMAGINE Editions - Module de gestion de la pharmacie.) - [1924 Ko] - (5.70.21050.1303) - C:\WINDOWS\System32\hdpharm.dll [MD5.4FCD0E27B584747BAC8BEAAC381D9299] - |A| - [05/04/2021 21:14:58] - (.Copyright © 1989-2021 IMAGINE Editions - HDPostIt Version MFC 32 bits.) - [64.5 Ko] - (5.70.21050.1259) - C:\WINDOWS\System32\hdpostit.dll [MD5.890A07F18645673175EAAFA88084486A] - |A| - [05/04/2021 21:18:50] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion des aperçus HTML.) - [423 Ko] - (5.70.21050.1307) - C:\WINDOWS\System32\hdpreviewhtml.dll [MD5.77D27E648884FB3B717A42AB4841ABD3] - |A| - [05/04/2021 21:16:33] - (.Copyright © 1989-2021 IMAGINE Editions - Import/export XML des FSE pour HelloDoc\0.) - [74 Ko] - (5.70.21050.1232) - C:\WINDOWS\System32\hdscanmodele.dll [MD5.2D57C26365EBEED1E6DD52E5D37A6F0B] - |A| - [05/04/2021 21:12:42] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion des services en ligne de l'Assurance Maladie pour HelloDoc\0.) - [1690.5 Ko] - (5.70.21050.1255) - C:\WINDOWS\System32\hdselam.dll [MD5.71C2A3D0D632FB43EAF0D36B95A708BD] - |A| - [05/04/2021 21:15:36] - (.Copyright © 1989-2021 IMAGINE Editions - HelloDoc SMIME.) - [400.5 Ko] - (6.1.21050.1259) - C:\WINDOWS\System32\hdsmime.dll [MD5.2E444FDEA0D5BF941048603D87276449] - |A| - [05/04/2021 21:20:15] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion des SMS pour HelloDoc.) - [316 Ko] - (5.70.21050.1255) - C:\WINDOWS\System32\hdsms.dll [MD5.48FA8E2190AC8B6B8092A2C46C91E6C5] - |A| - [05/04/2021 21:08:33] - (.Copyright © 1989-2021 IMAGINE Editions - Correcteur orthographique pour HelloDOC.) - [32 Ko] - (5.70.21050.1225) - C:\WINDOWS\System32\hdspell.dll [MD5.CFA89F071D2BB663A5F111809EA83EFB] - |A| - [05/04/2021 21:19:29] - (.Copyright © 1989-2021 IMAGINE Editions - Sesam-Vitale pour HelloDoc.) - [12966.5 Ko] - (5.70.21050.1241) - C:\WINDOWS\System32\hdsv.dll [MD5.240CE2530AF589CC8AE1F8352330AFC9] - |A| - [05/04/2021 21:13:35] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion Syslog pour HelloDoc.) - [59 Ko] - (5.70.21050.1305) - C:\WINDOWS\System32\hdsyslog.dll [MD5.A76D1D11F33445C6BD74F73175E34861] - |A| - [05/04/2021 21:15:04] - (.Copyright © 1989-2021 IMAGINE Editions - HDTLA pour HelloDoc TLA.) - [33.5 Ko] - (5.70.21050.1223) - C:\WINDOWS\System32\hdtla.dll [MD5.56527B6462F024B8128C2EECC5E91D07] - |A| - [05/04/2021 21:14:03] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion Uni-Medecine pour HelloDOC\0.) - [721 Ko] - (5.70.21050.1259) - C:\WINDOWS\System32\hdunimedecine.dll [MD5.955095E5E017000C2E320D97CB7BB5A2] - |A| - [05/04/2021 21:15:11] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion de la synchronisation de l'agenda pour HelloDoc\0.) - [1010.5 Ko] - (5.70.21050.1234) - C:\WINDOWS\System32\hdwsagendaweb.dll [MD5.F445EBC91BE7BA46E4C3F75900B0B6B6] - |A| - [05/04/2021 21:12:48] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion de prévention et dépistage du cancer pour HelloDoc\0.) - [78.5 Ko] - (5.70.21050.1259) - C:\WINDOWS\System32\hdwsdepist.dll [MD5.45558471141789689FFBCBEC151F308E] - |A| - [05/04/2021 21:14:07] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion WebService des formulaires pour HelloDoc.) - [124.5 Ko] - (5.70.21050.1258) - C:\WINDOWS\System32\hdwsform.dll [MD5.5269E015217B44B6A4F88A001400026A] - |A| - [05/04/2021 21:17:50] - (.Copyright © 1989-2021 IMAGINE Editions - Module de transfert des données pour Hellodoc.) - [757 Ko] - (5.70.21050.1239) - C:\WINDOWS\System32\hdxfr.dll [MD5.8F4DD463265E3CB708602E72207588B8] - |A| - [05/04/2021 21:15:15] - (.Copyright © 1989-2021 IMAGINE Editions - Module de gestion XML pour Hellodoc.) - [384 Ko] - (5.70.21050.1301) - C:\WINDOWS\System32\hdxmlex.dll [MD5.D78CF552FAA653D774D115D75A5878A7] - |A| - [05/04/2021 21:15:20] - (.-.) - [236 Ko] - (0.0.0.0) - C:\WINDOWS\System32\hdziparchive.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [256.5 Ko] - C:\WINDOWS\System32\he-IL [MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.contrast-white.png [MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadphoneSystemToastIcon.png [MD5.202A07E4526B050E22624328E64E0470] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.contrast-white.png [MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeadsetSystemToastIcon.png [MD5.A92A4857E4250FDF3EEC24EBF371EDFA] - |A| - [05/04/2021 21:15:24] - (.-.) - [245 Ko] - (0.0.0.0) - C:\WINDOWS\System32\healthcare_security_audit.dll [MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.contrast-white.png [MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HealthSystemToastIcon.png [MD5.6D2BA2902199292D57806E3C53C587BF] - |A| - [14/01/2021 10:42:40] - (.-.) - [299.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [250 Ko] - C:\WINDOWS\System32\hr-HR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [324.5 Ko] - C:\WINDOWS\System32\hu-HU [MD5.871CA2345825E86D1D2D2A2E9E475D4F] - |A| - [15/10/2020 10:34:45] - (.-.) - [44.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HvSocket.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:53:03] - [149.55 Ko] - C:\WINDOWS\System32\Hydrogen [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.947D07FA32ABB13DB520016769EB901B] - |A| - [11/06/2021 17:50:35] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [2207.5 Ko] - (64.2.0.0) - C:\WINDOWS\System32\icu.dll [MD5.A7B574704574F326B92DCEA872F1E9E1] - |A| - [15/10/2020 10:19:53] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N Forwarder DLL.) - [24.5 Ko] - (64.2.0.0) - C:\WINDOWS\System32\icuin.dll [MD5.4A85A9DEA3D47D95CEF5525586756EA6] - |A| - [15/10/2020 10:19:59] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common Forwarder DLL.) - [29 Ko] - (64.2.0.0) - C:\WINDOWS\System32\icuuc.dll [MD5.388BE35F952EC7F057CDD79E8EDF9A18] - |A| - [12/11/2020 09:39:36] - (.-.) - [193 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [26852.97 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\inetsrv [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6943 Ko] - C:\WINDOWS\System32\InputMethod [MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.contrast-white.png [MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [346 Ko] - C:\WINDOWS\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [261.84 Ko] - C:\WINDOWS\System32\ja-jp [MD5.178F25B8FD874B0A60DD6BE930770851] - |A| - [08/12/2020 21:15:24] - (.-.) - [125.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\kapp_ci.sbin [MD5.13167FBECA48836D4D3B2C9F70FB3A29] - |A| - [23/09/2019 12:40:22] - (.-.) - [118.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\kapp_si.sbin [MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.contrast-white.png [MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\KeyboardSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10192.95 Ko] - C:\WINDOWS\System32\Keywords [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [235 Ko] - C:\WINDOWS\System32\ko-KR [MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [07/12/2019 11:08:39] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LaptopPlugInToastImg.gif [MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [07/12/2019 11:08:07] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.1E21EBB9C5988A09E57EDF62879C496E] - |A| - [06/04/2021 17:41:39] - (.Copyright 1998-2020 The OpenSSL Authors. - OpenSSL library.) - [3324.5 Ko] - (1.1.1.6) - C:\WINDOWS\System32\libcrypto-1_1-x64.dll [MD5.14BE6A1C21780D85AD3F1D09283C56DA] - |A| - [12/05/2021 05:35:45] - (.-.) - [1647.5 Ko] - (3.0.2.0) - C:\WINDOWS\System32\libcrypto.dll [MD5.2AB6BFF66EAB19552DD0B0D675C882A5] - |A| - [05/04/2021 21:16:48] - (.-.) - [510.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\libgsasl-7.dll [MD5.7064DD23B79C0C8705234C8A4C3DDAE4] - |A| - [05/04/2021 21:16:56] - (.-.) - [90 Ko] - (6.4.7.0) - C:\WINDOWS\System32\libp11.dll [MD5.5D9BFADC422836ACC73D26D77F0700D4] - |A| - [06/04/2021 17:41:39] - (.Copyright 1998-2020 The OpenSSL Authors. - OpenSSL library.) - [666.5 Ko] - (1.1.1.6) - C:\WINDOWS\System32\libssl-1_1-x64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [454.91 Ko] - C:\WINDOWS\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [46866.92 Ko] - C:\WINDOWS\System32\LogFiles [MD5.00000000000000000000000000000000] - |D| - [21/08/2020 15:37:10] - [1408 Ko] - C:\WINDOWS\System32\Logs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [246.5 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [247.5 Ko] - C:\WINDOWS\System32\lv-LV [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21616.72 Ko] - C:\WINDOWS\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:52:05] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.5862A2593E3A7E4F0E9EBE9F4C7091CE] - |A| - [28/05/2021 21:30:24] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [182.3 Ko] - (27.20.21003.8013) - C:\WINDOWS\System32\mantle64.dll [MD5.1466C5A97D0AA243080EBE77EC8CC36B] - |A| - [28/05/2021 21:30:26] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [162.3 Ko] - (27.20.21003.8013) - C:\WINDOWS\System32\mantleaxl64.dll [MD5.4BFD587C99FE34EEA0E74622C798B3BE] - |A| - [15/09/2021 13:31:14] - (.-.) - [1137 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE [MD5.CCC5813D3B28548D47FA8262732B31D5] - |A| - [28/05/2021 21:30:32] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MCL Universal Driver.) - [88.3 Ko] - (27.20.21003.8013) - C:\WINDOWS\System32\mcl64.dll [MD5.CF17A39BA7D1D1E386FD0C1303642B91] - |A| - [27/04/2021 15:43:08] - (.-.) - [20.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MDA_NTDRV.sys [MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.contrast-white.png [MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediaSystemToastIcon.png [MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [07/12/2019 11:08:07] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |D| - [11/09/2020 04:42:31] - [12.39 Ko] - C:\WINDOWS\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5639.35 Ko] - C:\WINDOWS\System32\migration [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45394.47 Ko] - C:\WINDOWS\System32\migwiz [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 11:10:11] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MixedRealityRuntime.json [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 11:14:56] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\mmc.exe.config [MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.contrast-white.png [MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MouseSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [26/09/2019 08:36:55] - [0 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [15/09/2018 09:33:50] - [4212.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21.37 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.64 Ko] - C:\WINDOWS\System32\my-mm [MD5.74FDEEAC0C0C0F62F4D0D484A36DA23A] - |A| - [07/12/2019 11:08:44] - (.-.) - [30.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NarratorControlTemplates.xml [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [314.5 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [640 Ko] - C:\WINDOWS\System32\NDF [MD5.8F9CA17E87EC416F689F60FEAA3EB42B] - |A| - [26/09/2019 15:43:34] - (.-.) - [90.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [07/12/2019 11:09:48] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.0E2D5DA1C7A1A97E46172AC33AD354EC] - |A| - [07/12/2019 11:09:48] - (.-.) - [70.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nettraceex.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [338.5 Ko] - C:\WINDOWS\System32\nl-NL [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [3781.5 Ko] - C:\WINDOWS\System32\Nui [MD5.D55B689DF6269B40E170EAFBCC0C34C4] - |A| - [07/12/2019 16:53:03] - (.-.) - [20.42 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png [MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png [MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [25829.49 Ko] - C:\WINDOWS\System32\oobe [MD5.CBA0E6C59D7DEFE8B6D423B778B5AF6A] - |A| - [06/04/2021 17:41:39] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [120.59 Ko] - (6.14.357.25) - C:\WINDOWS\System32\OpenAL32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:03] - [3625 Ko] - C:\WINDOWS\System32\OpenSSH [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [3.81 Ko] - C:\WINDOWS\System32\osa-Osge-001 [MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [07/12/2019 11:08:07] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1724.83 Ko] - C:\WINDOWS\System32\PerceptionSimulation [MD5.C4CDF2D7C58A3F74CCD2F551B0C08C4D] - |A| - [07/12/2019 11:17:25] - (.-.) - [130.11 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.B6C049DAC4A04122227D768B86212126] - |A| - [07/12/2019 16:49:57] - (.-.) - [146.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [07/12/2019 11:17:25] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [07/12/2019 16:49:57] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.B1892AE012988CBA8A2D878A03DE76A9] - |A| - [07/12/2019 11:17:25] - (.-.) - [684.95 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.61D30A8525C1748DF597D01FFA068248] - |A| - [07/12/2019 16:49:57] - (.-.) - [773.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.0929C9F6879B6A428CC958E686260462] - |A| - [11/09/2020 04:15:49] - (.-.) - [1729.4 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [07/12/2019 11:08:05] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.contrast-white.png [MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PhoneSystemToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [339 Ko] - C:\WINDOWS\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [456 Ko] - C:\WINDOWS\System32\PointOfService [MD5.7700A1F5ECACFB07A92C5960448AFAB8] - |A| - [07/12/2019 11:08:28] - (.-.) - [43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\pospaymentsworker.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [420.74 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.007893E8374C766471239EB291BA8C17] - |A| - [07/12/2019 11:08:19] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [332 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [335 Ko] - C:\WINDOWS\System32\pt-PT [MD5.0236F0292F87887BBE26F280F813B163] - |A| - [22/02/2022 11:13:17] - (.-.) - [36.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\pwdrvio.sys [MD5.D619356B955EEFA642F5FF72755E8B3C] - |A| - [22/02/2022 11:13:15] - (.-.) - [12.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\pwdspio.sys [MD5.CC2BDE8319ED1C3BC60513E0A6037549] - |A| - [22/02/2022 11:13:19] - (.-.) - [3516.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\pwNative.exe [MD5.727CCC3F0E7AEE49A01FFDCBC6C1FF19] - |A| - [28/05/2021 21:30:36] - (.(c) Advanced Micro Devices, Inc. - AMD RapidFire.) - [719.31 Ko] - (2.1.0.20) - C:\WINDOWS\System32\Rapidfire64.dll [MD5.5C1847C39D247971D749BA58E83A70B4] - |A| - [28/05/2021 21:30:38] - (.(c) Advanced Micro Devices, Inc. - AMD Rapid Fire Server.) - [45.3 Ko] - (1.2.0.15) - C:\WINDOWS\System32\RapidFireServer64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.7852D37790807E55BD71A65183E0F1ED] - |A| - [07/07/2021 05:13:40] - (.-.) - [2315.5 Ko] - (1.0.2104.14003) - C:\WINDOWS\System32\rdpnano.dll [MD5.42577ED1BA5199ADD53E1186EC4E28A4] - |A| - [14/01/2021 10:41:11] - (.-.) - [72.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\rdsxvmaudio.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2.16 Ko] - C:\WINDOWS\System32\Recovery [MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.contrast-white.png [MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RemoteSystemToastIcon.png [MD5.19B5EEEC29F044451D5E8E89B1BE6F5E] - |A| - [07/12/2019 11:09:33] - (.-.) - [110.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResBParser.dll [MD5.31924C8E78CDBD81DA7905E87B185387] - |A| - [07/12/2019 11:09:54] - (.-.) - [9.35 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.5504F7F27D0AB178346D643D444A612C] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageListLowCost [MD5.85CF16AF388AE12AAE3E48A883C17A06] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.1391FB4E005C208A35E77DF6F3F055E2] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.49 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageListLowCost [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png [MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png [MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 11:08:39] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80.png [MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 11:08:39] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80_contrast-black.png [MD5.891AD355AB777A95695FC8A8A623A614] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartTonight_80_contrast-white.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.07 Ko] - C:\WINDOWS\System32\restore [MD5.B0AF09399578D5E03BE0723A9926F6EE] - |A| - [08/04/2021 18:09:11] - (.Copyright (C) 1999 - 2021 Systweak Inc., - Advanced System Optimizer - Registry Optimizer.) - [25.63 Ko] - (3.9.3700.18392) - C:\WINDOWS\System32\roboot64.exe [MD5.87C186C788F46A2CA8ABB440798191A6] - |A| - [18/08/2021 19:19:54] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [319.5 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DAA64.dll [MD5.F2B23A76A6B1E53DBFEE5F6B8C4F4402] - |A| - [18/08/2021 19:19:54] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [319.52 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DHT64.dll [MD5.1C328946F5952619A4306A1D2C431CF7] - |A| - [18/08/2021 19:20:02] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [215.14 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEED64A.dll [MD5.76153EAC8CD2E37B8EADFC77132210FE] - |A| - [18/08/2021 19:20:02] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [91.63 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEG64A.dll [MD5.1F80F3A5497C21F7B01060C7C0EB1AA8] - |A| - [18/08/2021 19:20:04] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [113.73 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEL64A.dll [MD5.CA90765465AC4713EA05FD0A30594EF6] - |A| - [18/08/2021 19:20:06] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [383.59 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEP64A.dll [MD5.8BB7F1C55F4DF7CEFF9291FDB77F780B] - |A| - [10/11/2021 17:18:34] - (.-.) - [59.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe [MD5.B551A41D00DF67D4DB9D195A725E3D20] - |A| - [05/04/2021 21:19:07] - (.-.) - [823.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\saml_schema_assertion_2_0.dll [MD5.56B23318DE09559AE0A7EA51F068AC3B] - |A| - [23/09/2019 12:40:22] - (.-.) - [150.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\samu_krnl_ci.sbin [MD5.A769B352B827590EA4CCAC16E6269E33] - |A| - [23/09/2019 12:40:22] - (.-.) - [135.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\samu_krnl_isv_ci.sbin [MD5.AD2961325270F3A34F36BB5622C62292] - |A| - [29/03/2022 10:18:40] - (.Copyright (c) 2012 GFI Software. - Boot Delete Utility.) - [46.38 Ko] - (6.0.5391.0) - C:\WINDOWS\System32\sbbd.exe [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [07/12/2019 11:10:32] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png [MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png [MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png [MD5.4AF08E2098886544DDCD0B301E15EA81] - |A| - [16/05/2017 18:06:46] - (.Copyright (C) 2008-2016 Advanced Micro Devices, Inc. - ADL.) - [1480.88 Ko] - (22.19.162.4) - C:\WINDOWS\System32\SET5B46.tmp [MD5.DAAD9169D911A633EFD3623B6B4F3714] - |A| - [10/09/2019 18:06:46] - (.Copyright (C) 2020 Advanced Micro Devices, Inc. - Radeon Settings: Host Service.) - [193.66 Ko] - (2.0.0.1788) - C:\WINDOWS\System32\SETA8CB.tmp [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [07/12/2019 11:08:41] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [78.59 Ko] - C:\WINDOWS\System32\Sgrm [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1839 Ko] - C:\WINDOWS\System32\ShellExperiences [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.7 Ko] - C:\WINDOWS\System32\si-lk [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [254.5 Ko] - C:\WINDOWS\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [251.5 Ko] - C:\WINDOWS\System32\sl-SI [MD5.3A1900E826C080D92B048129C39DF883] - |A| - [18/08/2021 19:20:42] - (.Copyright (C) 2018 DTS, Inc. - DTS Universal APO DLL.) - [1084.07 Ko] - (3.5.18.0) - C:\WINDOWS\System32\sl3apo64.dll [MD5.423AEA4FDBC0E4F78357C62D267B5844] - |A| - [18/08/2021 19:20:46] - (.Copyright (C) 2018 DTS, Inc. - DTS APO Controller DLL.) - [3364.9 Ko] - (3.5.18.0) - C:\WINDOWS\System32\slcnt64.dll [MD5.00000000000000000000000000000000] - |D| - [11/09/2020 03:58:13] - [11511.46 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [52.14 Ko] - C:\WINDOWS\System32\slmgr [MD5.3D1842AD1DF2BCE4BD9D6342129E56EC] - |A| - [18/08/2021 19:19:48] - (.TODO: (c) . - TODO: .) - [260.2 Ko] - (1.0.0.1) - C:\WINDOWS\System32\slprp64.dll [MD5.8DB1C20AF74098926B06CCA0AC09F483] - |A| - [18/08/2021 19:20:58] - (.Copyright (C) 2018 DTS, Inc. - DTS APO Technology DLL.) - [3094.05 Ko] - (3.5.18.0) - C:\WINDOWS\System32\sltech64.dll [MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [07/12/2019 11:08:07] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [15621.02 Ko] - C:\WINDOWS\System32\SMI [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png [MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png [MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png [MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.contrast-white.png [MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpeakersSystemToastIcon.png [MD5.6DB032025BD266E5A3A52259F57F9247] - |A| - [07/12/2019 11:09:51] - (.-.) - [40 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7625.3 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [12464.68 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [136034.1 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7514.58 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.63 Ko] - C:\WINDOWS\System32\sppui [MD5.A4A942C63CABAC5F7AD942E73583CD93] - |A| - [26/09/2019 08:05:06] - (.-.) - [64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\spu_storage.bin [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [253.5 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.2E400FB05ABAC8430F9C5BF1204E7509] - |A| - [18/08/2021 19:21:08] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRAPO.DLL.) - [456.13 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRAPO64.dll [MD5.89D4C643A6658F47209EDAF812786BCD] - |A| - [18/08/2021 19:21:08] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.07 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRCOM.dll [MD5.E09216805BD620E22144FBA050F5DA5B] - |A| - [18/08/2021 19:21:12] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [372.37 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRCOM64.dll [MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 11:09:54] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr-v.dat [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 11:09:54] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms-apr.dat [MD5.67894C70461ABD4EF6C116637EBB218A] - |A| - [07/12/2019 11:09:45] - (.-.) - [58.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.289B14638E37992E568B2066CEE81F39] - |A| - [18/08/2021 19:21:14] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRRPTR.DLL.) - [1401.4 Ko] - (4.0.0.59) - C:\WINDOWS\System32\SRRPTR64.dll [MD5.2BB6F532E2F93AB42361F90956842FED] - |A| - [18/08/2021 19:21:16] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [213.05 Ko] - (1.1.0.0) - C:\WINDOWS\System32\SRSHP64.dll [MD5.00000000000000000000000000000000] - |D| - [26/09/2019 07:59:35] - [2154.75 Ko] - C:\WINDOWS\System32\SRSLabs [MD5.B9D2556CA9B48C6F39588871ED3C2F86] - |A| - [18/08/2021 19:21:16] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [225.2 Ko] - (1.1.4.0) - C:\WINDOWS\System32\SRSTSH64.dll [MD5.C1262B4503DDA7FD52A2AFBA7552A657] - |A| - [18/08/2021 19:21:18] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [528.33 Ko] - (3.2.0.0) - C:\WINDOWS\System32\SRSTSX64.dll [MD5.19BE34A8976BBDA569EB15715D55EADD] - |A| - [18/08/2021 19:21:20] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [170.73 Ko] - (1.1.3.0) - C:\WINDOWS\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [41688 Ko] - C:\WINDOWS\System32\sru [MD5.862E9C75593E9BB1A90961975276F7FE] - |A| - [14/01/2021 10:41:02] - (.-.) - [444.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [320 Ko] - C:\WINDOWS\System32\sv-SE [MD5.26D2D82E2DD08761EAACF5BB5099D65B] - |A| - [15/09/2021 13:29:54] - (.-.) - [1265.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SvBannerBackground.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1418.56 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [938.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.22AAEE32AB141B2EF0AD418F21D8CEDC] - |A| - [27/06/2019 09:15:00] - (.Copyright (c) 2013 - 2019 Advanced Micro Devices, Inc. - t-base_client_api dll.) - [411.62 Ko] - (4.11.0.0) - C:\WINDOWS\System32\t-base_client_api.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [8.16 Ko] - C:\WINDOWS\System32\ta-in [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10.73 Ko] - C:\WINDOWS\System32\ta-lk [MD5.3596DC15B6F6CBBB6EC8B143CBD57F24] - |A| - [12/01/2022 02:01:16] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [53.5 Ko] - (3.5.1.0) - C:\WINDOWS\System32\tar.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [735 Ko] - C:\WINDOWS\System32\Tasks [MD5.00000000000000000000000000000000] - |D| - [19/03/2019 06:52:45] - [621.25 Ko] - C:\WINDOWS\System32\Tasks_Migrated [MD5.AE5412EA3EC05DFFD20CAD1BEE2A85A3] - |A| - [27/06/2019 09:15:00] - (.Copyright (c) 2013 - 2018 Advanced Micro Devices, Inc. - tbaseregistry dll.) - [455.62 Ko] - (4.6.1.1) - C:\WINDOWS\System32\tbaseregistry64.dll [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [07/12/2019 11:09:05] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.518F44081E6F4B3236CBF4FB17E41F9B] - |A| - [10/03/2022 22:02:55] - (.-.) - [2208 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TextInputMethodFormatter.dll [MD5.4C528AE5D512E3901BACAA5D75240381] - |A| - [13/10/2021 06:44:26] - (.-.) - [689.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TextShaping.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [240 Ko] - C:\WINDOWS\System32\th-TH [MD5.CF7677327BE3C6395B9F3333CC0F1C15] - |A| - [10/12/2020 10:50:28] - (.-.) - [1.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ThirdPartyNoticesBySHS.txt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.97 Ko] - C:\WINDOWS\System32\ti-et [MD5.25551715B57E10FAFFAAA72B07641075] - |A| - [10/03/2022 22:02:33] - (.-.) - [266.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TpmTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [308 Ko] - C:\WINDOWS\System32\tr-TR [MD5.B88B8D017386A00D7724519F475317A0] - |A| - [07/12/2019 11:08:13] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [07/12/2019 11:08:13] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [249 Ko] - C:\WINDOWS\System32\uk-UA [MD5.8CDD866E0707A71952FBA8BE899B7512] - |A| - [15/10/2020 10:16:36] - (.-.) - [63.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\umpdc.dll [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [2208.2 Ko] - C:\WINDOWS\System32\UNP [MD5.8ADD5935D83D0A425C39E369520C4095] - |A| - [07/12/2019 11:08:37] - (.-.) - [48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UsbPmApi.dll [MD5.46A6DF60907700A148D42CCF1219522E] - |A| - [07/12/2019 11:08:39] - (.-.) - [38.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\usocoreps.dll [MD5.1E630731AFDFC63DEC4074301D342E4B] - |A| - [07/12/2019 11:08:09] - (.-.) - [36.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\VhfUm.dll [MD5.A10725A4632FFFEAE250E09ADA553F94] - |A| - [14/01/2021 10:49:58] - (.-.) - [93.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\VirtualMonitorManager.dll [MD5.640B208E8B5F90734EC862F9275FA9E3] - |A| - [28/05/2021 21:30:42] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [1068.09 Ko] - (1.2.162.1) - C:\WINDOWS\System32\vulkan-1-999-0-0-0.dll [MD5.640B208E8B5F90734EC862F9275FA9E3] - |A| - [28/05/2021 21:30:42] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [1068.09 Ko] - (1.2.162.1) - C:\WINDOWS\System32\vulkan-1.dll [MD5.59D25EA717EF81D5CDC046DBEC3E22F9] - |A| - [28/05/2021 21:30:46] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1814.31 Ko] - (1.2.162.1) - C:\WINDOWS\System32\vulkaninfo-1-999-0-0-0.exe [MD5.59D25EA717EF81D5CDC046DBEC3E22F9] - |A| - [28/05/2021 21:30:46] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1814.31 Ko] - (1.2.162.1) - C:\WINDOWS\System32\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [165450.61 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [42285.98 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [07/12/2019 11:08:46] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.1D64ACF3675288CC086E6361EAC748C4] - |A| - [07/12/2019 11:08:52] - (.-.) - [144.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Win32AppSettingsProvider.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1.12 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [53493.83 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.3F376202BE6A0EC0C866D97ED2E0F16D] - |A| - [11/06/2021 17:50:33] - (.-.) - [642.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowManagementAPI.dll [MD5.5017B832CF4CD2D266432B6CFD762E2A] - |A| - [26/09/2019 18:48:48] - (.Copyright © 2020 - Java(TM) Platform SE binary.) - [187.66 Ko] - (8.0.2710.9) - C:\WINDOWS\System32\WindowsAccessBridge-64.dll [MD5.E9CA21D71E952448B75C45B2467E4DE7] - |A| - [07/12/2019 11:08:27] - (.-.) - [123 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10870.6 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |A| - [07/12/2019 11:08:41] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsSecurityIcon.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [280252 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6281.34 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [107.56 Ko] - C:\WINDOWS\System32\winrm [MD5.1B46E2E85D401A629966A8F62D9B0775] - |A| - [07/12/2019 11:08:12] - (.-.) - [9.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcatltoast.png [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [07/12/2019 11:08:12] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.EDBC0CFED36E4235765904D5528485B5] - |A| - [06/11/2014 15:02:06] - (.Copyright © 1991-2014 Serif (Europe) Ltd - WPPFilt Dynamic Link Library.) - [149.8 Ko] - (15.0.4.38) - C:\WINDOWS\System32\WPPFilt64.dll [MD5.69FEC1494F4C454E994D27CA6750832B] - |A| - [07/12/2019 11:08:49] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.53C8A36CA0BAE29BB67B1AC97D748744] - |A| - [06/04/2021 17:41:39] - (.Copyright © 2008 - OpenAL32.) - [455.59 Ko] - (2.2.0.7) - C:\WINDOWS\System32\wrap_oal.dll [MD5.5781FE6AF65A61370AB960CF22D570F4] - |A| - [05/04/2021 21:20:24] - (.-.) - [804.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xades.dll [MD5.0E24B1C431FB25EB88E8D278B7E3A239] - |A| - [05/04/2021 21:20:29] - (.-.) - [818.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xades_v111.dll [MD5.C8A7EAA0B83E05DDD11F37A833F754AC] - |A| - [07/12/2019 11:08:21] - (.-.) - [83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll [MD5.7E671D53A1E1DAE16BA8CF1D325E16A0] - |A| - [05/04/2021 21:20:33] - (.-.) - [1138 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xdsb.dll [MD5.7F4B825C0EEE8E1F8267EC2BBE4A4FBC] - |A| - [05/04/2021 21:20:37] - (.-.) - [320 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xmldsig_core_schema.dll [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.contrast-black.png [MD5.6FF92221AF9D6CDF0966C4E44C367975] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.57 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.contrast-white.png [MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\WINDOWS\System32\X_80.png [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [234.99 Ko] - C:\WINDOWS\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [204.5 Ko] - C:\WINDOWS\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\WINDOWS\SysWOW64\0409 [MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 11:09:21] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AppHelpToast.png [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 11:09:21] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 11:09:26] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 11:09:32] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 11:09:15] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@WirelessDisplayToast.png [MD5.8E21B8A06CA81F5FA1A89A220A61A94A] - |A| - [16/04/2004 17:52:00] - (.Copyright ASCOM Monetel© 1999-2001 - ACBSante.) - [196 Ko] - (1.0.2.0) - C:\WINDOWS\SysWOW64\ACBSante.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1864.83 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.E556115BD4E751178310F842E457CA22] - |A| - [10/12/2020 10:51:05] - (.-.) - [10.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe [MD5.DA3D5120A624F0F9E886F0FF0BDF5757] - |A| - [15/04/2021 13:10:00] - (.-.) - [117.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Altova.dll [MD5.2EDE6B8A2248CD339180EA4F07DD36A1] - |A| - [15/04/2021 13:10:00] - (.-.) - [79.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\AltovaXML.dll [MD5.ED3A87D04F9EC1B5F859DA3127FF5207] - |A| - [28/05/2021 21:27:52] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon AMD AVE Driver Component.) - [117.55 Ko] - (27.20.21003.8013) - C:\WINDOWS\SysWOW64\amdave32.dll [MD5.93461514FC247CD64428536DE4E5A187] - |A| - [28/05/2021 21:28:32] - (.-.) - [370.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdgfxinfo32.dll [MD5.E51F88ACBB9844D9B5C81CDE577FF11F] - |A| - [28/05/2021 21:28:40] - (.Copyright (C) 2020 Advanced Micro Devices, Inc. - Radeon Settings: Host Service.) - [165.7 Ko] - (2.0.0.1788) - C:\WINDOWS\SysWOW64\amdihk32.dll [MD5.5F09E07B20CA27A8EA23717FBA754902] - |A| - [28/05/2021 21:28:50] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [750.3 Ko] - (1.0.16.0) - C:\WINDOWS\SysWOW64\amdlvr32.dll [MD5.616A48F52D29625E06782287D071CD79] - |A| - [23/09/2019 13:24:38] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MCL Universal Driver.) - [374.61 Ko] - (1.6.0.0) - C:\WINDOWS\SysWOW64\amdmcl32.dll [MD5.3F55644855B5E9905DAF8E90ED685F04] - |A| - [28/05/2021 21:28:20] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [105.78 Ko] - (27.20.21003.8013) - C:\WINDOWS\SysWOW64\amdpcom32.dll [MD5.C8DEA92A5744FA4ED6FC92D4E854AF1B] - |A| - [28/05/2021 21:29:10] - (.Copyright (C) 2014-2021 AMD Inc. - AMD DirectX12 User Mode Driver.) - [112.8 Ko] - (8.18.10.407) - C:\WINDOWS\SysWOW64\amdxc32.dll [MD5.0000F655B66735F9868EC9242DB1EAE4] - |A| - [28/05/2021 21:29:22] - (.-.) - [65579.82 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amd_comgr32.dll [MD5.F6E6E02378515C59DAD878A164D6AB22] - |A| - [28/05/2021 21:28:34] - (.Copyright (C) 2016 - AMD MJPEG MFT Component.) - [1333.06 Ko] - (27.20.21003.8013) - C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll [MD5.0BE7F4668B04EBC5956F86172778CA42] - |A| - [28/05/2021 21:29:26] - (.Advanced Micro Devices, Inc. Copyright (C) 2017 - Advanced Media Framework.) - [5390.82 Ko] - (1.4.20.0) - C:\WINDOWS\SysWOW64\amfrt32.dll [MD5.D0C50C113FE59C21AD59932E6B9C202F] - |A| - [27/04/2021 15:48:22] - (.-.) - [37.42 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ampa.sys [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [97.5 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.DD0F04B43362A7C7660C1DF405D416F0] - |A| - [12/01/2022 02:01:27] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [563 Ko] - (3.5.1.0) - C:\WINDOWS\SysWOW64\archiveint.dll [MD5.6E5C050D42356BC40151FBC8A09250CD] - |A| - [28/05/2021 21:29:34] - (.Copyright (C) 2008-2021 Advanced Micro Devices, Inc. - ADL.) - [1300.31 Ko] - (27.20.21003.8013) - C:\WINDOWS\SysWOW64\atiadlxx.dll [MD5.6E5C050D42356BC40151FBC8A09250CD] - |A| - [28/05/2021 21:29:34] - (.Copyright (C) 2008-2021 Advanced Micro Devices, Inc. - ADL.) - [1300.31 Ko] - (27.20.21003.8013) - C:\WINDOWS\SysWOW64\atiadlxy.dll [MD5.265ACACEA17C65F4506DCFF1B4E2A5FB] - |A| - [11/05/2021 06:53:08] - (.-.) - [545.05 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atiapfxx.blb [MD5.478BB6277E0CD244E77198FCC3D9CFC4] - |A| - [28/05/2021 21:29:36] - (.Copyright (C) 1998-2012 AMD Inc. - aticfxstub32.dll.) - [154.64 Ko] - (8.17.10.1690) - C:\WINDOWS\SysWOW64\aticfx32.dll [MD5.FDA4C37EB47EC938064008DCF155B62E] - |A| - [28/05/2021 21:29:40] - (.-.) - [104.81 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atidxx32.dll [MD5.515DC90D7102C7BF093C69BB8AFBB404] - |A| - [28/05/2021 21:29:44] - (.-.) - [343.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atieah32.exe [MD5.B61395A67A666A97209A616B3C8F7886] - |A| - [28/05/2021 21:29:52] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [207.8 Ko] - (27.20.21003.8013) - C:\WINDOWS\SysWOW64\atigktxx.dll [MD5.1F05DF1FC7485B32A6C24E54EDAD6A72] - |A| - [28/05/2021 21:28:50] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [105.78 Ko] - (27.20.21003.8013) - C:\WINDOWS\SysWOW64\atimpc32.dll [MD5.AB4F568151BBC062BC23E3236A91166B] - |A| - [28/05/2021 21:30:02] - (.Copyright (c) 2010 Advanced Micro Devices, Inc. - Radeon spu api dll.) - [137.3 Ko] - (27.20.21003.8013) - C:\WINDOWS\SysWOW64\atisamu32.dll [MD5.23E18F954303B3AD5DAC0EEF8DBEFF21] - |A| - [11/05/2021 08:01:30] - (.-.) - [3390.02 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atiumdva.cap [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [23/09/2019 12:39:56] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [23/09/2019 12:39:56] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ativvsvl.dat [MD5.0640309911BD58259D2A031EFEE0D51D] - |A| - [15/04/2021 13:10:00] - (.Copyright (C) 1998-2020 BCGSoft Co Ltd. - BCGControlBar Professional DLL.) - [901.89 Ko] - (30.51.0.0) - C:\WINDOWS\SysWOW64\BCGCBProResFRA.dll [MD5.71E91D70A93579F61FCAC13CC3C57DF2] - |A| - [05/05/2008 13:59:00] - (.Copyright (C) 2001 - BCGSkinDownloader DLL.) - [300 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\BCGSkinDownloader.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [58.5 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.513FDEF8018A243076B596F487D01C82] - |A| - [23/11/2020 11:49:00] - (.-.) - [5145 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CDA_R2.dll [MD5.8CBFDA9D6623325B17EAB2B99314FF26] - |A| - [06/04/2021 12:18:33] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [256.23 Ko] - (1.4.50284.159) - C:\WINDOWS\SysWOW64\cmdkbdcss32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [316.5 Ko] - C:\WINDOWS\SysWOW64\Com [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7039.3 Ko] - C:\WINDOWS\SysWOW64\config [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [53.11 Ko] - C:\WINDOWS\SysWOW64\Configuration [MD5.6545DE4EF5217AA2FFC7FFD27725A971] - |A| - [10/12/2020 10:51:06] - (.-.) - [235 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CoreMas.dll [MD5.96FB3F2F5EA54E29D82D05758BE9FCC5] - |A| - [29/11/2018 17:07:56] - (.Copyright © 2018 ASIP SANTE - CSP de la carte CPS3 WIN 32 (Version Release).) - [217.15 Ko] - (3.7.0.0) - C:\WINDOWS\SysWOW64\cps3_csp_w32.dll [MD5.165FE301BD594288ADFA1C350E78595A] - |A| - [29/11/2018 17:07:56] - (.Copyright © 2003-2018 ASIP SANTE - Librairie PKCS#11 de la carte CPS3 WIN 32 (Version Release).) - [790.15 Ko] - (2.11.0.0) - C:\WINDOWS\SysWOW64\cps3_pkcs11_w32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [118.5 Ko] - C:\WINDOWS\SysWOW64\cs-CZ [MD5.772EFE2E9B31B4509976F0FEAD355021] - |A| - [06/04/2021 12:18:33] - (.2005-2019 COMODO. - COMODO Secure Shopping.) - [329.94 Ko] - (1.4.50284.159) - C:\WINDOWS\SysWOW64\cssguard32.dll [MD5.D0C7FB59E972E0AD1E4CBAC8D9C1ABEF] - |A| - [26/11/1996 14:22:02] - (.-.) - [240 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Ctree32.dll [MD5.A2F18DAD6F7BE95ED9FC7A37B7D94FF7] - |A| - [12/01/2022 02:01:27] - (.© 1996 - 2021 Daniel Stenberg, . - The curl executable.) - [453.5 Ko] - (7.79.1.0) - C:\WINDOWS\SysWOW64\curl.exe [MD5.2318C210624FE28873F533D2A2492796] - |A| - [15/04/2021 13:10:00] - (.-.) - [669 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\cvitale.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [119.5 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [131 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 11:09:15] - (.-.) - [28.83 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\DefaultAccountTile.png [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [188 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7608.08 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.8087BA459DDF1D186B511F1F5BDBAFE9] - |A| - [22/01/2003 11:26:07] - (.Copyright (C) DivXNetworks 2001-2003 - DivX Video for Windows Codec.) - [586 Ko] - (5.0.3.740) - C:\WINDOWS\SysWOW64\divx.dll [MD5.7904D927474AE7BFB06241E53DE3780F] - |A| - [22/01/2003 11:26:07] - (.Copyright © DivXNetworks, 2001-2003 - DivX (TM) Decoder Filter.) - [231.5 Ko] - (5.0.3.740) - C:\WINDOWS\SysWOW64\divxdec.ax [MD5.46C5021EBA54986A2BA73827B5C85CB9] - |A| - [15/04/2021 13:10:00] - (.-.) - [1250.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ebXML.dll [MD5.184D21F8416756A0DCCEAD5B784251C3] - |A| - [15/04/2021 13:10:00] - (.-.) - [1019.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ebXML3.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [131 Ko] - C:\WINDOWS\SysWOW64\el-GR [MD5.A0DCE714E886D9BEB1E952136DF7759B] - |A| - [05/08/2015 17:52:20] - (.Copyright (C) eMPIA Technology2002-2013 - WDM Streaming Video Capture.) - [88.5 Ko] - (2.416.0.0) - C:\WINDOWS\SysWOW64\emProp.ax [MD5.329242E3E67AEC654F8E0D51D87EB828] - |A| - [25/02/2020 06:03:36] - (.Copyright (C) eMPIA Technology 2002-2012 - USB 28xx BDA Prop Page.) - [128.44 Ko] - (5.2012.303.0) - C:\WINDOWS\SysWOW64\emPRPA.ax [MD5.4447B1E6B21A0A2FF8EB5A2F028CEB6F] - |A| - [05/08/2015 17:52:20] - (.Copyright (C) eMPIA Technology2002-2013 - WDM Streaming Video Capture.) - [76.5 Ko] - (2.416.0.0) - C:\WINDOWS\SysWOW64\emVFW.dll [MD5.CCD1EFDFC54A00377B41E38860394431] - |A| - [05/08/2015 17:52:20] - (.Copyright (C) eMPIA Technolgy Inc. 2002-2003 - eMPIA YUV Codec.) - [51.5 Ko] - (1.0.812.1) - C:\WINDOWS\SysWOW64\emYUV.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\WINDOWS\SysWOW64\en [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [53 Ko] - C:\WINDOWS\SysWOW64\en-GB [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [488.03 Ko] - C:\WINDOWS\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [126 Ko] - C:\WINDOWS\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [59 Ko] - C:\WINDOWS\SysWOW64\es-MX [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [53.5 Ko] - C:\WINDOWS\SysWOW64\et-EE [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [12988.15 Ko] - C:\WINDOWS\SysWOW64\F12 [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [119.5 Ko] - C:\WINDOWS\SysWOW64\fi-FI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [3150 Ko] - C:\WINDOWS\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [60.5 Ko] - C:\WINDOWS\SysWOW64\fr-CA [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [8264.81 Ko] - C:\WINDOWS\SysWOW64\fr-FR [MD5.6D7A69ECCA233ABD6AB61012E02B7149] - |A| - [28/01/2002 03:56:00] - (.Copyright © 2000 - France Telecom User Agent.) - [44 Ko] - (3.0.1.0) - C:\WINDOWS\SysWOW64\ftua.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:10] - [0 Ko] - C:\WINDOWS\SysWOW64\FxsTmp [MD5.D02B88E010E8202372F85CBEA9645BC4] - |A| - [18/12/2018 15:53:24] - (.Copyright © 1996-2014 - Client du Gestionnaire d'Acces au Lecteur WIN 32 sur NP (RELEASE).) - [182.78 Ko] - (3.45.0.0) - C:\WINDOWS\SysWOW64\galclw32.dll [MD5.A7D2DB843A6638BB7C016B92665C503D] - |A| - [04/12/2018 18:32:06] - (.Copyright © 1996-2015 - Gestion de la Configuration GALSS WIN 32 (RELEASE).) - [188.28 Ko] - (3.26.0.0) - C:\WINDOWS\SysWOW64\galinw32.dll [MD5.FF04BCCD83579DCE171E8B37C39C7C7A] - |A| - [28/05/2021 21:30:20] - (.-.) - [370.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\GameManager32.dll [MD5.B873A5ABCFBC42B1BAC9EBE8741C6162] - |A| - [07/12/2019 16:50:56] - (.Copyright (C) 2019 - Gracenote SDK component.) - [244 Ko] - (3.9.511.0) - C:\WINDOWS\SysWOW64\gnsdk_fp.dll [MD5.4509E05C87B0772DDAB4C26DAAABC672] - |A| - [14/04/2011 00:40:10] - (.© 2004-2010 Google Inc. - Google Photos Screensaver.) - [4184 Ko] - (3.8.117.43) - C:\WINDOWS\SysWOW64\GPhotos.scr [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.01 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers [MD5.30F47F80F8A2029A2D2230D5135ED782] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - HDAB pour HelloDOC.) - [669.5 Ko] - (5.70.21105.1209) - C:\WINDOWS\SysWOW64\hdab.dll [MD5.440C883D33C4F2BF8BB861BB92E9DB80] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - HDAdministre Version MFC 32 bits.) - [500.5 Ko] - (5.70.21105.1203) - C:\WINDOWS\SysWOW64\HDAdministre.dll [MD5.A67F53BEBBB40C244E245197BC386E19] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - API pour HelloDoc.) - [3298 Ko] - (5.70.21105.1159) - C:\WINDOWS\SysWOW64\HDApi5.dll [MD5.30EAB86554566D40976FA70EBF8CA7BA] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - APICrypt pour HelloDoc.) - [197 Ko] - (5.70.21105.1157) - C:\WINDOWS\SysWOW64\HDApicrypt.dll [MD5.ECB5CF3E8E46E11AD5235345AD4D436D] - |A| - [12/09/2018 17:59:00] - (.Copyright © 1989-2014 IMAGINE Editions - Gestion de lecture de carte pour HelloDoc.) - [548.5 Ko] - (5.60.10118.0) - C:\WINDOWS\SysWOW64\HDApiLec.dll [MD5.34153F4107B20C1D4AA86848626C5CD7] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Assertion pour HelloDoc.) - [776.5 Ko] - (5.70.21105.1158) - C:\WINDOWS\SysWOW64\HDAssertion.dll [MD5.005714FA9F2101A04FF7A244C9FCD51E] - |A| - [24/01/2002 18:47:00] - (.-.) - [60.88 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HDBACKUP.CHm [MD5.343A76FD008B9760079CB73946AAC633] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Sauvegarde pour HelloDoc.) - [960 Ko] - (5.70.21105.1218) - C:\WINDOWS\SysWOW64\HDBackup.dll [MD5.A9657F98E42642844A86ACE673B8872C] - |A| - [23/08/2018 14:55:00] - (.Copyright © 1989-2015 IMAGINE Editions - Calcul Identifiant National de Santé.) - [75.5 Ko] - (5.60.12165.0) - C:\WINDOWS\SysWOW64\HDCalculINS.dll [MD5.36D7B1F235DC309ED9E7B86695463E14] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion CDAr2 pour HelloDoc.) - [401 Ko] - (5.70.21105.1235) - C:\WINDOWS\SysWOW64\HDCDAR2.dll [MD5.B0509438BCEA5FE99205385AFB9E6016] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion CERFA pour HelloDoc\0.) - [238.5 Ko] - (5.70.21105.1205) - C:\WINDOWS\SysWOW64\HDCerfa.dll [MD5.ADBB5441EA478EDD97EB881F4C111704] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - HelloDoc Certificats.) - [1415 Ko] - (6.1.21105.1205) - C:\WINDOWS\SysWOW64\HDCertificateStore.dll [MD5.75357699BAA0780DC287585D7582B48D] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Accès à CGM-Assist depuis HelloDoc.) - [245 Ko] - (5.70.21105.1228) - C:\WINDOWS\SysWOW64\HDCGMAssist.dll [MD5.6E79A39987E3F5FA9071DC919745433C] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Module d'extension CCAM de HDCodeExplorer.) - [135.5 Ko] - (5.70.21105.1229) - C:\WINDOWS\SysWOW64\HDCodeCCAM.dll [MD5.4FDB70649C7ADB8A08DDA1CCADDED90D] - |A| - [06/07/2004 13:03:58] - (.-.) - [241.1 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HDCodeDRC.chm [MD5.CFF0EDA3014CE319CB77BD1179AECED9] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Module d'extension DRC de HDCodeExplorer.) - [190 Ko] - (5.70.21105.1228) - C:\WINDOWS\SysWOW64\HDCodeDRC.dll [MD5.F88DFB316F337D483DCEF0277AD1F3BD] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - HDCodeExplorer Version MFC 32 bits.) - [269 Ko] - (5.70.21105.1205) - C:\WINDOWS\SysWOW64\HDCodeExplorer.dll [MD5.DDB842E17AE024727419923791D13E74] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Module d'extension LPP de HDCodeExplorer.) - [51.5 Ko] - (5.70.21105.1232) - C:\WINDOWS\SysWOW64\HDCodeLPP.dll [MD5.E5C8B71864812362DED19756EF19C56A] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion Sigems pour HelloDoc.) - [2173.5 Ko] - (5.70.21105.1240) - C:\WINDOWS\SysWOW64\HDComClinic.dll [MD5.31C053BFA49C017AA1DDC65F96AF2F2E] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - HDCryptage pour HelloDoc.) - [17 Ko] - (5.70.21105.1224) - C:\WINDOWS\SysWOW64\HDCryptage.dll [MD5.68D81E6285F9503C801DF13A87C15B3F] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Extension de classes MFC.) - [5146.5 Ko] - (6.1.21105.1201) - C:\WINDOWS\SysWOW64\HDCtrlEx100b.dll [MD5.0378C5FC63A1D53422B7CC56FEFC9894] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Numéroteur pour HelloDOC.) - [152.5 Ko] - (5.70.21105.1203) - C:\WINDOWS\SysWOW64\HDDial.dll [MD5.DDBABF63DBCEA1C7032FABE97731AB45] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - IMAGES pour HelloDoc.) - [107 Ko] - (5.70.21105.1157) - C:\WINDOWS\SysWOW64\HDDib.dll [MD5.6669123BE73E623AB6C64208EE54483C] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion DMP pour HelloDoc.) - [3342 Ko] - (5.70.21105.1238) - C:\WINDOWS\SysWOW64\HDDMP.dll [MD5.5DF7D194FCA385AB7F5DE8B7F81C73C3] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion ebXML pour HelloDoc.) - [246 Ko] - (5.70.21105.1232) - C:\WINDOWS\SysWOW64\HDebXML.dll [MD5.78DC3AC2E6D4F65677BFE775BEAD78DD] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Module Protocole pour Hellodoc.) - [175.5 Ko] - (5.70.21105.1232) - C:\WINDOWS\SysWOW64\HDEditForm.dll [MD5.108DC4F009C04E2386EF87CF6F352940] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - HDFusion pour HelloDOC.) - [75 Ko] - (5.70.21105.1231) - C:\WINDOWS\SysWOW64\HDFusion.dll [MD5.EC1C2DB45D01B2AF3F1146C122D44827] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - HelloDoc Mail Version MFC TAPI 32 bits.) - [182.5 Ko] - (5.70.21105.1231) - C:\WINDOWS\SysWOW64\HDGraph.dll [MD5.5A48488D821098568D41F7B6DDD5645C] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Module HDGrossesse pour Hellodoc.) - [805 Ko] - (5.70.21105.1234) - C:\WINDOWS\SysWOW64\HDGrossesse.dll [MD5.20E2C06E96DAD23C8E93877491D16CCA] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion de la conversion HTML / PDF.) - [14.5 Ko] - (5.70.21105.1158) - C:\WINDOWS\SysWOW64\HDHtmlToPdf.dll [MD5.83FF6F1195019660D63573C3020E3B7E] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - HDInfo Version MFC 32 bits.) - [471 Ko] - (5.70.21105.1204) - C:\WINDOWS\SysWOW64\HDInfo.dll [MD5.3D777D853FCBB53613567FFB9E93098A] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion des annuaires pour HelloDoc.) - [591.5 Ko] - (5.70.21105.1208) - C:\WINDOWS\SysWOW64\HDLdap.dll [MD5.46C174A098BCFA9DE8648927EF1DC479] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - HDMail pour HelloDoc.) - [2675.5 Ko] - (6.1.21105.1202) - C:\WINDOWS\SysWOW64\HDMail.dll [MD5.CA63441A99757E3BEDD59C762A70228F] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - DLL Migration pour HelloDoc.) - [429 Ko] - (5.70.21105.1233) - C:\WINDOWS\SysWOW64\HDMigration.dll [MD5.2543C9E6ED75DCBB972704D2ED0E2579] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion MMG pour HelloDoc.) - [1686 Ko] - (5.70.21105.1240) - C:\WINDOWS\SysWOW64\HDMMG.dll [MD5.BF6CA2E73EE240EA1F1E7DFAE06E976D] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - API Dragon NaturallySpeaking pour HelloDoc.) - [58.5 Ko] - (5.70.21105.1157) - C:\WINDOWS\SysWOW64\HDNSpeak.dll [MD5.13E2A59E1CF2100E76453D8C2FAF967E] - |A| - [08/07/2015 14:55:20] - (.Copyright © 1989-2014 IMAGINE Editions - Interface Omnipage pour HelloDOC.) - [19 Ko] - (5.60.4679.0) - C:\WINDOWS\SysWOW64\hdocraware.dll [MD5.5CF5B02E7B7E51BED9EFA141B3BAF921] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Bibliothèque d'outils pour HelloDoc.) - [128 Ko] - (5.70.21105.1158) - C:\WINDOWS\SysWOW64\HDOutils.dll [MD5.6590A568AFE491E40B2C7FBFD551B73E] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - PAINT pour HelloDoc.) - [48 Ko] - (5.70.21105.1233) - C:\WINDOWS\SysWOW64\HDPaint.dll [MD5.6229B2654334BA0B6D486DDF5CEA49F5] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Module Pédiatrie pour Hellodoc.) - [209.5 Ko] - (5.70.21105.1228) - C:\WINDOWS\SysWOW64\HDPediatrie.dll [MD5.7EF6C61BBD5D083FA4B032D5936FC3DE] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Module de gestion de la pharmacie.) - [1924 Ko] - (5.70.21105.1233) - C:\WINDOWS\SysWOW64\HDPharm.dll [MD5.B5F19107EB8F8CFB0F7455EE0EE25813] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - HDPostIt Version MFC 32 bits.) - [64.5 Ko] - (5.70.21105.1231) - C:\WINDOWS\SysWOW64\HDPostit.dll [MD5.A14985CBB061EDB1BFDB7171BD5D271F] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion des aperçus HTML.) - [423 Ko] - (5.70.21105.1237) - C:\WINDOWS\SysWOW64\HDPreviewHtml.dll [MD5.BC7011A1313111CE598CA40F2D0BB38E] - |A| - [11/10/2011 10:15:00] - (.Copyright © 1989-2011 IMAGINE Editions - Gestion ebXML pour HelloDOC.) - [98.5 Ko] - (5.60.1112.0) - C:\WINDOWS\SysWOW64\HDSanteos.dll [MD5.21CA3D2302DDFDE4CB6017E0333D8BC4] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Import/export XML des FSE pour HelloDoc\0.) - [74 Ko] - (5.70.21105.1205) - C:\WINDOWS\SysWOW64\HDScanModele.dll [MD5.27630184976429E0E8468E6ECCB692F7] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion des services en ligne de l'Assurance Maladie pour HelloDoc\0.) - [1690.5 Ko] - (5.70.21105.1227) - C:\WINDOWS\SysWOW64\HDSELAM.dll [MD5.35F0F554A6CABE63B636825902F16ED4] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - HelloDoc SMIME.) - [400.5 Ko] - (6.1.21105.1231) - C:\WINDOWS\SysWOW64\HDSMime.dll [MD5.3D4BB48322EAD3D2B7BE1125D249D886] - |A| - [15/04/2021 13:10:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion des SMS pour HelloDoc.) - [316 Ko] - (5.70.21105.1226) - C:\WINDOWS\SysWOW64\HDSms.dll [MD5.87EB1EF1CFC8FB280775211F3000C1AE] - |A| - [15/04/2021 13:11:00] - (.Copyright © 1989-2021 IMAGINE Editions - Correcteur orthographique pour HelloDOC.) - [32 Ko] - (5.70.21105.1156) - C:\WINDOWS\SysWOW64\HDSpell.dll [MD5.83C18E23E167289A44E2D6AB676055B1] - |A| - [15/04/2021 13:11:00] - (.Copyright © 1989-2021 IMAGINE Editions - Sesam-Vitale pour HelloDoc.) - [14121.5 Ko] - (5.70.21105.1212) - C:\WINDOWS\SysWOW64\HDSV.dll [MD5.BC1B64AF3FF59D31CED6266FE1E40543] - |A| - [15/04/2021 13:11:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion Syslog pour HelloDoc.) - [59 Ko] - (5.70.21105.1236) - C:\WINDOWS\SysWOW64\HDSyslog.dll [MD5.48D69451E681A73B1FA9678BEBE20E5C] - |A| - [15/04/2021 13:11:00] - (.Copyright © 1989-2021 IMAGINE Editions - HDTLA pour HelloDoc TLA.) - [33.5 Ko] - (5.70.21105.1154) - C:\WINDOWS\SysWOW64\HDTLA.dll [MD5.1B49DB4A1A47BF6B38CFBB80534DB936] - |A| - [15/04/2021 13:11:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion Uni-Medecine pour HelloDOC\0.) - [721 Ko] - (5.70.21105.1230) - C:\WINDOWS\SysWOW64\HDUniMedecine.dll [MD5.D58D8B96EC04653CC166C4C7065731BC] - |A| - [15/04/2021 13:11:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion de la synchronisation de l'agenda pour HelloDoc\0.) - [1010.5 Ko] - (5.70.21105.1209) - C:\WINDOWS\SysWOW64\HDWSAgendaWeb.dll [MD5.15026539F86AB95AD8D45259B18FFA74] - |A| - [15/04/2021 13:11:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion de prévention et dépistage du cancer pour HelloDoc\0.) - [78.5 Ko] - (5.70.21105.1230) - C:\WINDOWS\SysWOW64\HDWSDepist.dll [MD5.11260279F5C71A8EE64EE8D6F62DCDB1] - |A| - [15/04/2021 13:11:00] - (.Copyright © 1989-2021 IMAGINE Editions - Gestion WebService des formulaires pour HelloDoc.) - [124.5 Ko] - (5.70.21105.1229) - C:\WINDOWS\SysWOW64\HDWSForm.dll [MD5.B6DC23CEA6578D9ADCCFCF6693F28FE7] - |A| - [15/04/2021 13:11:00] - (.Copyright © 1989-2021 IMAGINE Editions - Module de transfert des données pour Hellodoc.) - [760 Ko] - (5.70.21105.1211) - C:\WINDOWS\SysWOW64\HDXfr.dll [MD5.1A6A73DD1AA15E01DEB6E79B03EEFACB] - |A| - [15/04/2021 13:11:00] - (.Copyright © 1989-2021 IMAGINE Editions - Module de gestion XML pour Hellodoc.) - [384 Ko] - (5.70.21105.1232) - C:\WINDOWS\SysWOW64\HDXmlEx.dll [MD5.498160B5552341530B4298A03F4C8A01] - |A| - [15/04/2021 13:11:00] - (.-.) - [236 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HDZipArchive.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [93 Ko] - C:\WINDOWS\SysWOW64\he-IL [MD5.38BC5940D26DEAACA366560471444189] - |A| - [15/04/2021 13:11:00] - (.-.) - [245 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\healthcare_security_audit.dll [MD5.DF0C9C776F8367E213210FB256AC30EC] - |A| - [14/01/2021 10:46:04] - (.-.) - [230 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [55.5 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [123 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.8226A1A91F01432A0CB10CAABF1B9C6D] - |A| - [11/06/2021 17:52:14] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [1820.5 Ko] - (64.2.0.0) - C:\WINDOWS\SysWOW64\icu.dll [MD5.FB475B41189AACF1C607C1E9DC0EBB0B] - |RA| - [07/12/2019 11:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N Forwarder DLL.) - [24 Ko] - (64.2.0.0) - C:\WINDOWS\SysWOW64\icuin.dll [MD5.B17445D0DF2C22C924899B5DF8E84475] - |RA| - [07/12/2019 11:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common Forwarder DLL.) - [28.5 Ko] - (64.2.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21636.25 Ko] - C:\WINDOWS\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [215 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [125 Ko] - C:\WINDOWS\SysWOW64\it-IT [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [89 Ko] - C:\WINDOWS\SysWOW64\ja-JP [MD5.6472A27E893D9DC7D3AD395727196568] - |A| - [03/08/2011 12:55:50] - (.Copyright © 2011 - Librairie Lire Compteur Carte.) - [46 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\lcc.dll [MD5.F83EB0649F8E81EC1DF43BEDC31A9F32] - |A| - [29/11/2001 03:56:00] - (.Copyright © LEAD Technologies, Inc. 1997 - LEADTOOLS® DLL for Win32.) - [33 Ko] - (9.0.0.0) - C:\WINDOWS\SysWOW64\lfbmp90n.dll [MD5.49AB2E77A63B361347B51F06789DA63E] - |A| - [29/11/2001 03:56:00] - (.Copyright © LEAD Technologies, Inc. 1997 - LEADTOOLS® DLL for Win32.) - [230 Ko] - (9.0.0.0) - C:\WINDOWS\SysWOW64\lfcmp90n.dll [MD5.A6D6B6E35BA5736CA52846526DD2AD68] - |A| - [15/01/1998 08:07:00] - (.Copyright © LEAD Technologies, Inc. 1997 - LEADTOOLS® DLL for Win32.) - [63 Ko] - (9.0.0.0) - C:\WINDOWS\SysWOW64\lffax90n.dll [MD5.04BF198912B160856438A7A169E00CEC] - |A| - [29/11/2001 03:56:00] - (.Copyright © LEAD Technologies, Inc. 1997 - LEADTOOLS® DLL for Win32.) - [39 Ko] - (9.0.0.0) - C:\WINDOWS\SysWOW64\lfgif90n.dll [MD5.477A88540D02E508379D71164B3E1338] - |A| - [28/01/2002 03:56:00] - (.Copyright © LEAD Technologies, Inc. 1997 - LEADTOOLS® DLL for Win32.) - [26 Ko] - (9.0.0.0) - C:\WINDOWS\SysWOW64\lfpcd90n.dll [MD5.0397304B3C4C2736232062E0A7D4A885] - |A| - [29/11/2001 03:56:00] - (.Copyright © LEAD Technologies, Inc. 1997 - LEADTOOLS® DLL for Win32.) - [115.5 Ko] - (9.0.0.0) - C:\WINDOWS\SysWOW64\lftif90n.dll [MD5.57859AF377AC5F6864E204389B04EE33] - |A| - [27/09/2019 12:21:16] - (.-.) - [26 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\libcharset-1.dll [MD5.BD8A1A84554D33B20E2E0DB68D9B7802] - |A| - [06/04/2021 17:41:38] - (.Copyright 1998-2020 The OpenSSL Authors. - OpenSSL library.) - [2458 Ko] - (1.1.1.6) - C:\WINDOWS\SysWOW64\libcrypto-1_1.dll [MD5.5EADBAD7213B7D2053D9B399E2C5649D] - |A| - [01/04/2011 15:06:42] - (.© 1996 - 2009 Daniel Stenberg, . - libcurl Shared Library.) - [214 Ko] - (7.20.0.0) - C:\WINDOWS\SysWOW64\libcurl.dll [MD5.8C7F9F7040D518D323732DE6FABE934E] - |A| - [27/09/2019 12:21:16] - (.Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. - OpenSSL Shared Library.) - [1247 Ko] - (1.0.2.21) - C:\WINDOWS\SysWOW64\libeay32.dll [MD5.C4B4409F186DA70FCF2BCC60D5F05489] - |A| - [17/07/2014 13:28:52] - (.-.) - [42 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\libgcc_s_dw2-1.dll [MD5.2AB6BFF66EAB19552DD0B0D675C882A5] - |A| - [23/11/2020 11:50:00] - (.-.) - [510.19 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\libgsasl-7.dll [MD5.279D94DB09D6AFD4CEBB8485AAA523DF] - |A| - [27/09/2019 12:21:16] - (.Copyright (C) 1999-2007 - LGPLed libiconv for Windows NT/2000/XP/Vista and Windows 95/98/ME.) - [901 Ko] - (1.13.1.0) - C:\WINDOWS\SysWOW64\libiconv-2.dll [MD5.E137CB9CF5FF2F9DBDEAC4F336EE0508] - |A| - [27/09/2019 12:21:16] - (.-.) - [24.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\libltdl-3.dll [MD5.78BEBD5BD9FAD5A6DDEF8FDFA142DF89] - |A| - [19/12/2004 06:20:48] - (.© 2004 Free Software Foundation - LibTool: generic library support script.) - [71.5 Ko] - (1.5.8.1814) - C:\WINDOWS\SysWOW64\libltdl3.dll [MD5.D95ABF1F7C0E8C5C5CCFCEB272A2ECBE] - |A| - [27/09/2019 12:21:16] - (.-.) - [915 Ko] - (3.0.0.0) - C:\WINDOWS\SysWOW64\libopensc-3.dll [MD5.F1AB7079B7C27A7BF9366C0EF572A167] - |A| - [27/09/2019 12:21:17] - (.-.) - [22 Ko] - (3.2.0.0) - C:\WINDOWS\SysWOW64\libp11-1.dll [MD5.7064DD23B79C0C8705234C8A4C3DDAE4] - |A| - [15/04/2021 13:12:00] - (.-.) - [90 Ko] - (6.4.7.0) - C:\WINDOWS\SysWOW64\libp11.dll [MD5.F81EB2DB0483D754610A8F2E72C1F60D] - |A| - [06/04/2021 17:41:38] - (.Copyright 1998-2020 The OpenSSL Authors. - OpenSSL library.) - [518.5 Ko] - (1.1.1.6) - C:\WINDOWS\SysWOW64\libssl-1_1.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [454.91 Ko] - C:\WINDOWS\SysWOW64\Licenses [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\LogFiles [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [56.5 Ko] - C:\WINDOWS\SysWOW64\lt-LT [MD5.58647E2AA516F14C273F7A716C7A679C] - |A| - [29/11/2001 03:56:00] - (.Copyright © LEAD Technologies, Inc. 1991-1998 - LEADTOOLS® DLL for Win32.) - [215 Ko] - (9.0.0.0) - C:\WINDOWS\SysWOW64\ltdis90n.dll [MD5.F3D26536D273E8DF57DF0E4B71F2EF23] - |A| - [29/11/2001 03:56:00] - (.Copyright © LEAD Technologies, Inc. 1991-1998 - LEADTOOLS® DLL for Win32.) - [199 Ko] - (9.0.0.0) - C:\WINDOWS\SysWOW64\ltdlg90n.dll [MD5.1ED98C5310F935AF59CC64C1A14575E5] - |A| - [29/11/2001 03:56:00] - (.Copyright © LEAD Technologies, Inc. 1997 - LEADTOOLS® DLL for Win32.) - [143 Ko] - (9.0.0.0) - C:\WINDOWS\SysWOW64\ltefx90n.dll [MD5.675C5A33D2573AF4D940C78ED752E429] - |A| - [29/11/2001 03:56:00] - (.Copyright © LEAD Technologies, Inc. 1991-1998 - LEADTOOLS® DLL for Win32.) - [96 Ko] - (9.0.0.0) - C:\WINDOWS\SysWOW64\ltfil90n.dll [MD5.3113CD6F8642C22D8B56DAD8928B57CF] - |A| - [29/11/2001 03:56:00] - (.Copyright © LEAD Technologies, Inc. 1997 - LEADTOOLS® DLL for Win32.) - [105.5 Ko] - (9.0.0.0) - C:\WINDOWS\SysWOW64\ltimg90n.dll [MD5.921FBBD325D5357B33AE10F5CC0D00CE] - |A| - [29/11/2001 03:56:00] - (.Copyright © LEAD Technologies, Inc. 1991-1998 - LEADTOOLS® DLL for Win32.) - [273 Ko] - (9.0.0.0) - C:\WINDOWS\SysWOW64\ltkrn90n.dll [MD5.F614227035FE5A1BFBC7A80F26C4DFAC] - |A| - [29/11/2001 03:56:00] - (.Copyright © LEAD Technologies, Inc. 1991-1998 - LEADTOOLS® DLL for Win32.) - [34.5 Ko] - (9.0.0.0) - C:\WINDOWS\SysWOW64\lttwn90n.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [56 Ko] - C:\WINDOWS\SysWOW64\lv-LV [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [17111.74 Ko] - C:\WINDOWS\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:52:05] - [32.68 Ko] - C:\WINDOWS\SysWOW64\MailContactsCalendarSync [MD5.E2F8387C7DB6C02E5BE504C0C1FB8537] - |A| - [28/01/2002 03:56:00] - (.Copyright © 2000 - France Telecom User Agent.) - [108 Ko] - (3.0.1.0) - C:\WINDOWS\SysWOW64\mailkrnl.dll [MD5.A22B0BD835BBAB7D445C8FD0453F4621] - |A| - [28/05/2021 21:30:22] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [152.8 Ko] - (27.20.21003.8013) - C:\WINDOWS\SysWOW64\mantle32.dll [MD5.44E7E647B34E53D295FA840C5E45614E] - |A| - [28/05/2021 21:30:26] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [138.8 Ko] - (27.20.21003.8013) - C:\WINDOWS\SysWOW64\mantleaxl32.dll [MD5.534B1722E20CA4D195A1D1050E82DA6B] - |A| - [28/05/2021 21:30:30] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MCL Universal Driver.) - [73.3 Ko] - (27.20.21003.8013) - C:\WINDOWS\SysWOW64\mcl32.dll [MD5.ACCA0B7D6525662B838E42EBB4AD8C88] - |A| - [04/07/2008 17:02:00] - (.-.) - [60 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\md5h.dll [MD5.BA66DA2D1F556C8C2F9ECA4406A30909] - |A| - [02/10/2019 18:41:42] - (.-.) - [0.48 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mgcLog4c.log [MD5.D2DE9D6B9B0BA17D0A0AC75A973848BD] - |A| - [06/04/2021 16:23:50] - (.-.) - [0.42 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Microsoft.VC80.CRT.manifest [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2850.1 Ko] - C:\WINDOWS\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [816.8 Ko] - C:\WINDOWS\SysWOW64\migwiz [MD5.288FF92FA0429070EFAB66CAB129081B] - |A| - [17/07/2014 13:28:52] - (.-.) - [22.87 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mingwm10.dll [MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 11:10:14] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\MixedRealityRuntime.json [MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 11:15:00] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mmc.exe.config [MD5.48E80AF8383E7DCAA68EA44BCD6C1502] - |A| - [27/09/2019 12:27:42] - (.-.) - [1.01 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Modifier l'installation HelloDoc.lnk [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [52.28 Ko] - C:\WINDOWS\SysWOW64\Msdtc [MD5.DF252F37880142ED5574C2BE4DADF5A7] - |A| - [06/04/2021 17:41:39] - (.-.) - [206 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msvcrt10.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21.37 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [116 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [122 Ko] - C:\WINDOWS\SysWOW64\nl-NL [MD5.EB28DA7D156B633505F336095E4279B2] - |A| - [06/07/2007 09:29:28] - (.Copyright © 1994-2007, Toulouse, France - NLSAPI.DLL.) - [348 Ko] - (1.7.0.78) - C:\WINDOWS\SysWOW64\NLS_FR.dll [MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui [MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [07/12/2019 11:10:14] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\OneDrive.ico [MD5.556F6B9B75BA5190C68F02A4928AB991] - |A| - [27/09/2019 12:21:16] - (.-.) - [131.5 Ko] - (3.0.0.0) - C:\WINDOWS\SysWOW64\onepin-opensc-pkcs11.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [764.83 Ko] - C:\WINDOWS\SysWOW64\oobe [MD5.663A319D105E14548DBA4C72201876B1] - |A| - [06/04/2021 17:41:39] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [106.59 Ko] - (6.14.357.25) - C:\WINDOWS\SysWOW64\OpenAL32.dll [MD5.4F01121949C21FDB1711BAAC8F8DA09F] - |A| - [27/09/2019 12:21:16] - (.-.) - [131.5 Ko] - (3.0.0.0) - C:\WINDOWS\SysWOW64\opensc-pkcs11.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [79.5 Ko] - C:\WINDOWS\SysWOW64\PerceptionSimulation [MD5.0074F995B80A5CD1D4A45BFD096EEDBA] - |A| - [27/09/2019 12:21:16] - (.-.) - [46.5 Ko] - (3.0.0.0) - C:\WINDOWS\SysWOW64\pkcs11-spy.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [124 Ko] - C:\WINDOWS\SysWOW64\pl-PL [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [420.74 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.D2A96B401F8D07C06E42E177A462EED5] - |A| - [08/01/2014 05:37:06] - (.Copyright (C) 2008-2010 - Video-Codec by proDAD.) - [494.45 Ko] - (1.0.14.0) - C:\WINDOWS\SysWOW64\prodad-codec.dll [MD5.F0F2922A9779B4A31B41DC9FF88E66A9] - |A| - [22/03/2010 11:31:46] - (.Copyright (C) 2006 - PSPGRU.) - [392.5 Ko] - (14.0.230.20) - C:\WINDOWS\SysWOW64\PSPGRU.acm [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [122 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [123 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.6BDFCED9E4CC2AFF98BD0399B354F8AA] - |A| - [28/05/2021 21:30:34] - (.(c) Advanced Micro Devices, Inc. - AMD RapidFire.) - [606.31 Ko] - (2.1.0.20) - C:\WINDOWS\SysWOW64\Rapidfire.dll [MD5.23B1334A833C438B3FF6412DE218F1F7] - |A| - [28/05/2021 21:30:36] - (.(c) Advanced Micro Devices, Inc. - AMD Rapid Fire Server.) - [42.3 Ko] - (1.2.0.15) - C:\WINDOWS\SysWOW64\RapidFireServer.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast [MD5.7663FFB0B227E9D6441AF1607697CE22] - |A| - [08/05/1998 22:18:00] - (.-.) - [107 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\RCMD32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.82 Ko] - C:\WINDOWS\SysWOW64\Recovery [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\restore [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57.5 Ko] - C:\WINDOWS\SysWOW64\ro-RO [MD5.D63CFDC99E89FD40E90381D6D1DF49C9] - |A| - [09/01/2001 17:06:00] - (.Copyright © 2000 - S400IP.) - [116 Ko] - (1.1.3.0) - C:\WINDOWS\SysWOW64\S400IP.dll [MD5.227223972015390637C93A7C787A52D9] - |A| - [29/01/2001 11:22:00] - (.Copyright © 2000 - S400IP.) - [112 Ko] - (1.1.3.0) - C:\WINDOWS\SysWOW64\S400IP_C.dll [MD5.59C59267A46E392CB1D95E8FEDCBAD22] - |A| - [15/04/2021 13:12:00] - (.-.) - [823.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\saml_schema_assertion_2_0.dll [MD5.84D139EAC6F1DE1BA2F817D182FA37F4] - |A| - [10/09/2019 18:06:46] - (.Copyright (C) 2019 Advanced Micro Devices, Inc. - AMD DVR.) - [143.01 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\SET6726.tmp [MD5.89D4C643A6658F47209EDAF812786BCD] - |A| - [18/08/2021 19:21:08] - (.Copyright (c) 2006-2012 Synopsys, Inc. All Rights Reserved - SRCOM.DLL.) - [333.07 Ko] - (4.0.0.59) - C:\WINDOWS\SysWOW64\SRCOM.dll [MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 11:10:05] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr-v.dat [MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 11:10:05] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\srms-apr.dat [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.BDC53957962AFBEBE6A25EF941C261B3] - |A| - [14/01/2021 10:45:25] - (.-.) - [323 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll [MD5.B9CAFAB9D39548DDA98C9013C2450863] - |A| - [27/09/2019 12:21:16] - (.Copyright © 1998-2005 The OpenSSL Project. Copyright © 1995-1998 Eric A. Young, Tim J. Hudson. - OpenSSL Shared Library.) - [270.5 Ko] - (1.0.2.21) - C:\WINDOWS\SysWOW64\ssleay32.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [117 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.68174190A2807DCF7A10354BE1720EB8] - |A| - [27/06/2019 09:15:00] - (.Copyright (c) 2013 - 2019 Advanced Micro Devices, Inc. - t-base_client_api dll.) - [325.12 Ko] - (4.11.0.0) - C:\WINDOWS\SysWOW64\t-base_client_api.dll [MD5.D7128869A4759CCBDC5D4BC55A40D4CC] - |A| - [12/01/2022 02:01:27] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [43.5 Ko] - (3.5.1.0) - C:\WINDOWS\SysWOW64\tar.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.00954CD4FB94B078205DBF118803BF37] - |A| - [27/06/2019 09:15:00] - (.Copyright (c) 2013 - 2018 Advanced Micro Devices, Inc. - tbaseregistry dll.) - [359.61 Ko] - (4.6.1.1) - C:\WINDOWS\SysWOW64\tbaseregistry32.dll [MD5.1D2D564BC91E46A54533B8ABBEF460DD] - |A| - [15/09/2021 13:31:21] - (.-.) - [1302.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll [MD5.4C58C812BB19C065CB0ED7FC8FBBAC12] - |A| - [13/10/2021 06:46:04] - (.-.) - [597.62 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\TextShaping.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [50.5 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.CE4E73FA1555E59A16BEE1DFF1EE353A] - |A| - [10/03/2022 22:04:34] - (.-.) - [218.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\TpmTool.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [115 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.A88B20DABDA28A87D3C9FFA453ED2205] - |A| - [10/02/2020 16:38:20] - (.(C) 1993-2009 TWAIN Working Group. - TWAIN 32 Source Manager (Image Acquisition Interface).) - [144.02 Ko] - (2.1.4.0) - C:\WINDOWS\SysWOW64\twaindsm.dll [MD5.0CBC9A33A206237F0D19D717BE9F8A77] - |A| - [29/11/2001 03:56:00] - (.Copyright © 1999 - France Telecom User Agent.) - [72.5 Ko] - (2.0.0.0) - C:\WINDOWS\SysWOW64\txttopgf.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57 Ko] - C:\WINDOWS\SysWOW64\uk-UA [MD5.7E0273A51BDD51DFB58F905C8F501061] - |A| - [15/10/2020 10:31:09] - (.-.) - [46.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\umpdc.dll [MD5.9EF7AE8158493266AF61706A70EDFB44] - |A| - [02/10/2019 18:34:35] - (.-.) - [1578 Ko] - (3.12.0.0) - C:\WINDOWS\SysWOW64\VIPSS.scr [MD5.D4738118CD74A47F50FB9AC2B9B1A452] - |A| - [28/05/2021 21:30:40] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [924.7 Ko] - (1.2.162.1) - C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll [MD5.D4738118CD74A47F50FB9AC2B9B1A452] - |A| - [28/05/2021 21:30:40] - (.Copyright (C) 2015-2020 - Vulkan Loader.) - [924.7 Ko] - (1.2.162.1) - C:\WINDOWS\SysWOW64\vulkan-1.dll [MD5.7CAB0E11EE407084DBEF0108BEDC52AE] - |A| - [28/05/2021 21:30:44] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1404.83 Ko] - (1.2.162.1) - C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe [MD5.7CAB0E11EE407084DBEF0108BEDC52AE] - |A| - [28/05/2021 21:30:44] - (.Copyright (C) 2015-2020 - Vulkan Info.) - [1404.83 Ko] - (1.2.162.1) - C:\WINDOWS\SysWOW64\vulkaninfo.exe [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [15763.06 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.A22B636328327A4EA6F6AB3F48A5B5B1] - |A| - [11/06/2021 17:52:13] - (.-.) - [457.46 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowManagementAPI.dll [MD5.BEDEDB102316C696D36F0D4331E1C2AE] - |A| - [07/12/2019 11:09:17] - (.-.) - [104.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [9346.87 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6281.07 Ko] - C:\WINDOWS\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [107.56 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.62E77775E7D3E12FE6D4701459F7C2A2] - |A| - [17/07/2014 13:28:54] - (.-.) - [29597.5 Ko] - (0.11.0.0) - C:\WINDOWS\SysWOW64\wkhtmltox.dll [MD5.DB08CF76449D2EB521DFB71A58DAF62D] - |A| - [06/04/2021 17:41:39] - (.Copyright © 2008 - OpenAL32.) - [434.59 Ko] - (2.2.0.7) - C:\WINDOWS\SysWOW64\wrap_oal.dll [MD5.F4DF77958C99A87DF70E37055F0A24BB] - |A| - [15/04/2021 13:12:00] - (.-.) - [804.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xades.dll [MD5.BC55BB0DCA5AC617A234D6D0095B80B1] - |A| - [15/04/2021 13:12:00] - (.-.) - [818.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\XAdES_v111.dll [MD5.664344E84AE066F6E53C7499E43C291A] - |A| - [17/07/2014 13:29:50] - (.Copyright © Apache Software Foundation 1999-2004. Subject to licensing terms - Dynamic Link Library for Xalan-C++ Version 1.10.0.) - [2376 Ko] - (1.10.0.0) - C:\WINDOWS\SysWOW64\Xalan-C_1_10.dll [MD5.89ABA5471C3230C48BF79AA08A14AF2A] - |A| - [17/07/2014 13:29:50] - (.-.) - [36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\XalanMessages_1_10.dll [MD5.7A015A6F199516A06C5AFB56FEE7AC51] - |A| - [07/12/2019 11:09:17] - (.-.) - [59 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll [MD5.E6C546EF8EE5C6E38760834760B408E4] - |A| - [15/04/2021 13:12:00] - (.-.) - [1138 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xdsb.dll [MD5.1676619353A62C489DD91451057392E6] - |A| - [17/07/2014 13:30:00] - (.Copyright © Apache Software Foundation 2000 subject to licensing terms - Shared Library for Xerces-C Version 2.7.0.) - [2308 Ko] - (2.7.0.0) - C:\WINDOWS\SysWOW64\xerces-c_2_7.dll [MD5.4CF94D3E7C240C7DE8779F58F52811B3] - |A| - [15/04/2021 13:12:00] - (.-.) - [320 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xmldsig_core_schema.dll [MD5.9CE575AF67C13E038CCE31FFB79EE1AC] - |A| - [24/09/2018 17:24:08] - (.-.) - [6.35 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xpsplog.cat [MD5.2807CBABA428E02CFAE1328317CD2F29] - |A| - [22/03/2010 11:31:18] - (.Copyright (c) Philips Austria GmbH - Speech Processing, 2008 - LOG is a logging library.) - [112.5 Ko] - (2.7.230.20) - C:\WINDOWS\SysWOW64\XPSPLOG.dll [MD5.00000000000000000000000000000000] - |D| - [11/09/2020 04:00:23] - [10.16 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.798B3CEEC1BCA054DA7BC6345289742C] - |A| - [30/11/2005 12:13:00] - (.Copyright © 2002-2005 The Apache Software Foundation - xsec_1D.) - [440 Ko] - (0.1.2.0) - C:\WINDOWS\SysWOW64\xsec_1_2_0.dll [MD5.03F2A506BA6D622E2924BE0407A74D88] - |A| - [17/07/2014 13:29:42] - (.Copyright © 2002-2009 The Apache Software Foundation - XML Security C++ Library.) - [566.5 Ko] - (1.5.1.0) - C:\WINDOWS\SysWOW64\xsec_1_5.dll [MD5.0328C40A04FD587A08A20B94F938C435] - |A| - [26/09/2019 18:10:27] - (.-.) - [76 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xvid.ax [MD5.4550F0B0220F0F29913A0379363F67DF] - |A| - [26/09/2019 18:10:27] - (.-.) - [748 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xvidcore.dll [MD5.00084DD7A6EB6D0C1DFD15C6E03997B5] - |A| - [26/09/2019 18:10:27] - (.-.) - [176 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xvidvfw.dll [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [82 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [82 Ko] - C:\WINDOWS\SysWOW64\zh-TW [MD5.1F0684F124C28905BD3B2FC7076896F1] - |A| - [27/09/2019 12:21:16] - (.(C) 1995-2006 Jean-loup Gailly & Mark Adler - zlib data compression library.) - [101 Ko] - (1.2.5.0) - C:\WINDOWS\SysWOW64\zlib1.dll ---------- | [Jean Marie CARRIBON] [06/04/2021 15:28:21] - |D| - [2420] - C:\Users\Jean Marie CARRIBON\.android [06/04/2021 17:38:41] - |D| - [56] - C:\Users\Jean Marie CARRIBON\.cache [26/09/2019 07:56:03] - |RD| - [41083606734] - C:\Users\Jean Marie CARRIBON\3D Objects [11/09/2020 04:01:08] - |HD| - [4206975250] - C:\Users\Jean Marie CARRIBON\AppData [11/09/2020 04:01:08] - |SHD| - [0] - C:\Users\Jean Marie CARRIBON\Application Data [26/09/2019 07:56:03] - |RD| - [412] - C:\Users\Jean Marie CARRIBON\Contacts [11/09/2020 04:01:09] - |SHD| - [0] - C:\Users\Jean Marie CARRIBON\Cookies [26/09/2019 07:55:22] - |RD| - [11974578] - C:\Users\Jean Marie CARRIBON\Desktop [26/09/2019 07:55:22] - |RD| - [43446212154] - C:\Users\Jean Marie CARRIBON\Documents [26/09/2019 07:55:22] - |RD| - [21910242789] - C:\Users\Jean Marie CARRIBON\Downloads [26/09/2019 07:55:22] - |RD| - [690] - C:\Users\Jean Marie CARRIBON\Favorites [26/09/2019 07:55:22] - |RD| - [2117] - C:\Users\Jean Marie CARRIBON\Links [11/09/2020 04:01:09] - |SHD| - [0] - C:\Users\Jean Marie CARRIBON\Local Settings [11/09/2020 04:01:09] - |SHD| - [0] - C:\Users\Jean Marie CARRIBON\Menu Démarrer [11/09/2020 04:01:08] - |SHD| - [0] - C:\Users\Jean Marie CARRIBON\Mes documents [26/09/2019 07:56:50] - |HD| - [2639465] - C:\Users\Jean Marie CARRIBON\MicrosoftEdgeBackups [11/09/2020 04:01:09] - |SHD| - [0] - C:\Users\Jean Marie CARRIBON\Modèles [26/09/2019 07:55:22] - |RD| - [136711184] - C:\Users\Jean Marie CARRIBON\Music [11/09/2020 04:01:08] - |AH| - [5242880] - C:\Users\Jean Marie CARRIBON\NTUSER.bak [11/09/2020 04:01:08] - |A| - [6291456] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT [11/09/2020 04:01:08] - |A| - [6291456] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT.bak [11/09/2020 04:01:09] - |ASH| - [1587200] - C:\Users\Jean Marie CARRIBON\ntuser.dat.LOG1 [11/09/2020 04:01:09] - |ASH| - [1310720] - C:\Users\Jean Marie CARRIBON\ntuser.dat.LOG2 [20/04/2021 20:45:32] - |ASH| - [8192] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT.sav.LOG1 [20/04/2021 20:45:32] - |ASH| - [0] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT.sav.LOG2 [04/05/2022 20:10:48] - |ASH| - [65536] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{2b379299-cbd5-11ec-a127-806e6f6e6963}.TM.blf [04/05/2022 20:10:48] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{2b379299-cbd5-11ec-a127-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [04/05/2022 20:10:48] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{2b379299-cbd5-11ec-a127-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [21/04/2022 16:44:43] - |ASH| - [65536] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{392a2085-c181-11ec-a11b-806e6f6e6963}.TM.blf [21/04/2022 16:44:43] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{392a2085-c181-11ec-a11b-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [21/04/2022 16:44:43] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{392a2085-c181-11ec-a11b-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [29/03/2022 17:12:06] - |ASH| - [65536] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{41c3a091-af72-11ec-a110-806e6f6e6963}.TM.blf [29/03/2022 17:12:06] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{41c3a091-af72-11ec-a110-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [29/03/2022 17:12:06] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{41c3a091-af72-11ec-a110-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [22/02/2022 13:01:04] - |ASH| - [65536] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{630a537a-93ce-11ec-a10a-806e6f6e6963}.TM.blf [22/02/2022 13:01:04] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{630a537a-93ce-11ec-a10a-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [22/02/2022 13:01:04] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{630a537a-93ce-11ec-a10a-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [20/04/2021 20:47:21] - |ASH| - [65536] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{6f436850-a208-11eb-a0da-806e6f6e6963}.TM.blf [20/04/2021 20:47:21] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{6f436850-a208-11eb-a0da-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [20/04/2021 20:47:21] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{6f436850-a208-11eb-a0da-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [26/05/2021 11:58:10] - |ASH| - [65536] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{8e6fb872-be08-11eb-a0e5-806e6f6e6963}.TM.blf [26/05/2021 11:58:10] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{8e6fb872-be08-11eb-a0e5-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [26/05/2021 11:58:10] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{8e6fb872-be08-11eb-a0e5-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [11/09/2020 04:01:09] - |ASH| - [65536] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{93bb8b32-f3da-11ea-a09e-8ad16d91cf84}.TM.blf [11/09/2020 04:01:09] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{93bb8b32-f3da-11ea-a09e-8ad16d91cf84}.TMContainer00000000000000000001.regtrans-ms [11/09/2020 04:01:09] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{93bb8b32-f3da-11ea-a09e-8ad16d91cf84}.TMContainer00000000000000000002.regtrans-ms [19/05/2022 11:51:46] - |ASH| - [65536] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{e83f0e45-d758-11ec-a12c-806e6f6e6963}.TM.blf [19/05/2022 11:51:46] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{e83f0e45-d758-11ec-a12c-806e6f6e6963}.TMContainer00000000000000000001.regtrans-ms [19/05/2022 11:51:46] - |ASH| - [524288] - C:\Users\Jean Marie CARRIBON\NTUSER.DAT{e83f0e45-d758-11ec-a12c-806e6f6e6963}.TMContainer00000000000000000002.regtrans-ms [11/09/2020 04:30:46] - |SH| - [20] - C:\Users\Jean Marie CARRIBON\ntuser.ini [06/04/2021 14:56:29] - |ASH| - [53248] - C:\Users\Jean Marie CARRIBON\NTUSER.tmp.LOG1 [06/04/2021 14:56:29] - |ASH| - [0] - C:\Users\Jean Marie CARRIBON\NTUSER.tmp.LOG2 [26/09/2019 08:00:58] - |RAD| - [5367380878] - C:\Users\Jean Marie CARRIBON\OneDrive [26/09/2019 07:55:22] - |RD| - [4755172742] - C:\Users\Jean Marie CARRIBON\Pictures [11/09/2020 04:01:09] - |SHD| - [0] - C:\Users\Jean Marie CARRIBON\Recent [05/05/2022 12:07:59] - |RD| - [190] - C:\Users\Jean Marie CARRIBON\Recorded Calls [26/09/2019 07:55:22] - |RD| - [282] - C:\Users\Jean Marie CARRIBON\Saved Games [26/09/2019 07:56:03] - |RD| - [1879] - C:\Users\Jean Marie CARRIBON\Searches [11/09/2020 04:01:09] - |SHD| - [0] - C:\Users\Jean Marie CARRIBON\SendTo [21/01/2022 19:06:35] - |A| - [8793] - C:\Users\Jean Marie CARRIBON\Sti_Trace.log [24/04/2021 17:50:01] - |D| - [0] - C:\Users\Jean Marie CARRIBON\temp [26/09/2019 07:55:22] - |RD| - [3363] - C:\Users\Jean Marie CARRIBON\Videos [11/09/2020 04:01:08] - |SHD| - [0] - C:\Users\Jean Marie CARRIBON\Voisinage d'impression [11/09/2020 04:01:08] - |SHD| - [0] - C:\Users\Jean Marie CARRIBON\Voisinage réseau [11/09/2020 04:01:08] - |D| - [2486638853] - C:\Users\Jean Marie CARRIBON\AppData\Local [26/09/2019 07:55:23] - |D| - [26988867] - C:\Users\Jean Marie CARRIBON\AppData\LocalLow [11/09/2020 04:01:08] - |HD| - [1693347823] - C:\Users\Jean Marie CARRIBON\AppData\Roaming [26/09/2019 18:40:56] - |D| - [3851390] - C:\Users\Jean Marie CARRIBON\AppData\Local\Adobe [26/09/2019 08:07:14] - |D| - [9499567] - C:\Users\Jean Marie CARRIBON\AppData\Local\AMD [11/09/2020 04:01:09] - |SHD| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Local\Application Data [04/10/2019 11:14:09] - |D| - [121546551] - C:\Users\Jean Marie CARRIBON\AppData\Local\Apps [27/09/2019 07:44:50] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Local\ATI [31/03/2022 11:49:46] - |D| - [861] - C:\Users\Jean Marie CARRIBON\AppData\Local\Bazwise [27/09/2019 08:02:49] - |D| - [316043] - C:\Users\Jean Marie CARRIBON\AppData\Local\cache [08/04/2021 18:30:27] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Local\Canvas GFX [17/05/2022 10:12:28] - |D| - [295954165] - C:\Users\Jean Marie CARRIBON\AppData\Local\CCleaner Browser [07/05/2021 15:36:26] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Local\CEF [26/09/2019 18:34:04] - |D| - [118] - C:\Users\Jean Marie CARRIBON\AppData\Local\Clipboarder [26/09/2019 08:10:31] - |D| - [23289860] - C:\Users\Jean Marie CARRIBON\AppData\Local\Comms [26/09/2019 07:55:57] - |D| - [2458683] - C:\Users\Jean Marie CARRIBON\AppData\Local\ConnectedDevicesPlatform [24/04/2021 17:47:05] - |D| - [1276] - C:\Users\Jean Marie CARRIBON\AppData\Local\Corel [06/04/2021 15:24:47] - |D| - [45378108] - C:\Users\Jean Marie CARRIBON\AppData\Local\CrashDumps [08/04/2021 10:44:47] - |D| - [24468] - C:\Users\Jean Marie CARRIBON\AppData\Local\CrashRpt [07/04/2021 08:25:40] - |D| - [632970] - C:\Users\Jean Marie CARRIBON\AppData\Local\CyberLink [27/09/2019 15:46:52] - |D| - [467836] - C:\Users\Jean Marie CARRIBON\AppData\Local\D3DSCache [08/04/2021 13:03:31] - |A| - [7168] - C:\Users\Jean Marie CARRIBON\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [18/05/2021 16:48:46] - |D| - [7157759] - C:\Users\Jean Marie CARRIBON\AppData\Local\DemoCreator [02/10/2019 10:15:25] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Local\Diagnostics [08/04/2021 18:08:32] - |D| - [279391744] - C:\Users\Jean Marie CARRIBON\AppData\Local\Downloaded Installations [27/07/2020 13:04:55] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Local\ElevatedDiagnostics [26/09/2019 18:11:46] - |D| - [157423188] - C:\Users\Jean Marie CARRIBON\AppData\Local\Google [11/09/2020 04:01:09] - |SHD| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Local\Historique [12/09/2020 02:05:13] - |AH| - [106672] - C:\Users\Jean Marie CARRIBON\AppData\Local\IconCache.db [28/01/2021 21:42:15] - |D| - [160529] - C:\Users\Jean Marie CARRIBON\AppData\Local\IMAGINE Editions [27/09/2019 10:06:13] - |D| - [573] - C:\Users\Jean Marie CARRIBON\AppData\Local\IMAGINE_Editions [18/05/2021 13:06:08] - |D| - [194402792] - C:\Users\Jean Marie CARRIBON\AppData\Local\Incomedia [11/09/2020 04:01:08] - |D| - [555926320] - C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft [27/09/2019 06:43:51] - |D| - [145900] - C:\Users\Jean Marie CARRIBON\AppData\Local\Microsoft Help [26/09/2019 07:56:38] - |D| - [67532] - C:\Users\Jean Marie CARRIBON\AppData\Local\MicrosoftEdge [26/09/2019 18:36:07] - |D| - [86980244] - C:\Users\Jean Marie CARRIBON\AppData\Local\Mozilla [03/05/2022 10:50:15] - |D| - [1348480] - C:\Users\Jean Marie CARRIBON\AppData\Local\niemiro [06/04/2021 15:58:48] - |D| - [76000] - C:\Users\Jean Marie CARRIBON\AppData\Local\OneDrive [06/04/2021 17:43:35] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Local\Opera Software [26/09/2019 07:56:00] - |D| - [238717418] - C:\Users\Jean Marie CARRIBON\AppData\Local\Packages [24/04/2021 17:49:34] - |D| - [12439] - C:\Users\Jean Marie CARRIBON\AppData\Local\Pinnacle [16/04/2021 12:31:05] - |D| - [31968295] - C:\Users\Jean Marie CARRIBON\AppData\Local\Pinnacle_Studio_Dazzle [26/09/2019 08:02:05] - |D| - [3573] - C:\Users\Jean Marie CARRIBON\AppData\Local\PlaceholderTileLogoFolder [07/04/2021 08:26:56] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Local\Power2Go11 [06/04/2022 17:44:33] - |D| - [40960] - C:\Users\Jean Marie CARRIBON\AppData\Local\Power2Go13 [26/09/2019 18:38:09] - |D| - [423657171] - C:\Users\Jean Marie CARRIBON\AppData\Local\Programs [26/09/2019 07:56:24] - |D| - [913] - C:\Users\Jean Marie CARRIBON\AppData\Local\Publishers [27/09/2019 07:39:03] - |D| - [1085839] - C:\Users\Jean Marie CARRIBON\AppData\Local\RadeonInstaller [27/09/2019 08:02:36] - |D| - [461216] - C:\Users\Jean Marie CARRIBON\AppData\Local\RadeonSettings [31/12/2021 14:18:44] - |D| - [7513] - C:\Users\Jean Marie CARRIBON\AppData\Local\Rufus [27/09/2019 10:02:02] - |D| - [1160203] - C:\Users\Jean Marie CARRIBON\AppData\Local\santesocial [26/09/2019 18:32:05] - |D| - [711] - C:\Users\Jean Marie CARRIBON\AppData\Local\Sidebar7 [04/12/2021 20:56:57] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Local\SolidDocuments [11/10/2019 11:36:40] - |D| - [1880] - C:\Users\Jean Marie CARRIBON\AppData\Local\speech [11/09/2020 04:01:08] - |D| - [163840] - C:\Users\Jean Marie CARRIBON\AppData\Local\Temp [11/09/2020 04:01:09] - |SHD| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Local\Temporary Internet Files [22/02/2022 12:28:36] - |D| - [426596] - C:\Users\Jean Marie CARRIBON\AppData\Local\ToolKitMain [31/12/2021 13:33:04] - |D| - [45592] - C:\Users\Jean Marie CARRIBON\AppData\Local\TransMac [05/05/2022 12:02:05] - |D| - [698724] - C:\Users\Jean Marie CARRIBON\AppData\Local\unali-57124093 [05/05/2022 12:03:36] - |D| - [698334] - C:\Users\Jean Marie CARRIBON\AppData\Local\unali-57215796 [05/05/2022 12:03:41] - |D| - [698334] - C:\Users\Jean Marie CARRIBON\AppData\Local\unali-57220093 [26/09/2019 07:56:00] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Local\VirtualStore [18/05/2021 16:36:29] - |D| - [82] - C:\Users\Jean Marie CARRIBON\AppData\Local\Wondershare [25/05/2021 14:27:18] - |D| - [172423] - C:\Users\Jean Marie CARRIBON\AppData\Local\ZHP [27/09/2019 15:41:35] - |D| - [26427020] - C:\Users\Jean Marie CARRIBON\AppData\LocalLow\Adobe [27/09/2019 07:47:22] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\LocalLow\AMD [16/04/2021 12:00:58] - |D| - [331] - C:\Users\Jean Marie CARRIBON\AppData\LocalLow\IObit [26/09/2019 07:56:00] - |SD| - [524703] - C:\Users\Jean Marie CARRIBON\AppData\LocalLow\Microsoft [26/09/2019 18:36:10] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\LocalLow\Mozilla [26/09/2019 18:47:35] - |D| - [36813] - C:\Users\Jean Marie CARRIBON\AppData\LocalLow\Sun [22/04/2021 10:16:18] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Acronis [29/03/2022 10:18:32] - |D| - [5150] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Ad-Aware Antivirus [26/09/2019 07:56:00] - |D| - [4633375] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Adobe [11/10/2019 11:42:50] - |A| - [624] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\All CPU MeterV3_Settings.ini [05/04/2022 12:20:17] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\AmazingPartitionManager [07/04/2021 09:17:20] - |D| - [169202] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\AnyDesk [03/05/2022 10:36:45] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Apple Computer [27/09/2019 07:44:50] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\ATI [07/05/2021 15:35:46] - |D| - [18275] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Axilog [26/09/2019 18:39:22] - |D| - [1713] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Canneverbe Limited [08/04/2021 18:30:24] - |D| - [4124411] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Canvas GFX [05/04/2021 21:26:25] - |D| - [70656] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\CGMAssist [16/04/2021 12:39:44] - |D| - [62208134] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Corel [31/03/2022 10:45:09] - |D| - [24754287] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\CyberLink [24/04/2021 17:47:41] - |A| - [188] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\DESKTOP-NA2IIKJ.MTBF.txt [06/04/2021 17:29:24] - |D| - [1414117941] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\DRPSu [10/02/2020 16:40:56] - |D| - [356967] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Epson [11/03/2022 15:19:52] - |D| - [502] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\FLEXnet [17/05/2022 11:01:18] - |D| - [24334903] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\FreeFileSync [16/04/2021 12:03:31] - |D| - [6744477] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\iFun [17/10/2019 18:42:39] - |D| - [4237581] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\IMAGINE Editions [10/02/2020 16:38:31] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\InstallShield [16/04/2021 12:00:14] - |D| - [351330] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\IObit [06/04/2022 17:47:14] - |D| - [164746] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\iTop Screenshot [27/09/2019 15:40:47] - |D| - [2477276] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\LibreOffice [26/09/2019 18:46:39] - |D| - [416] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Macromedia [11/09/2020 04:01:08] - |SD| - [9605465] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft [26/09/2019 18:36:09] - |D| - [55483774] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Mozilla [11/03/2022 16:36:52] - |D| - [29979] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Nuance [27/09/2019 15:37:33] - |D| - [12483764] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\OpenOffice [06/04/2021 17:42:02] - |D| - [9260664] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Opera Software [17/05/2022 11:44:07] - |D| - [4663] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\PC Cleaner [22/02/2022 11:11:25] - |D| - [195] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\QtProject [03/05/2022 10:32:07] - |D| - [38117195] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Reincubate [24/04/2021 17:47:13] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Roxio [11/03/2022 18:37:09] - |A| - [1115] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\SAS7_000.DAT [18/05/2021 13:27:01] - |D| - [2861951] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Serif [16/07/2020 23:00:14] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Skype [08/04/2021 10:45:06] - |D| - [7047059] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\snaptron [26/09/2019 18:49:11] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Sun [16/04/2021 12:10:51] - |D| - [512] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\SYSSU [08/04/2021 18:10:00] - |D| - [1111117] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Systweak [27/09/2019 10:07:07] - |D| - [337380] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\TeamViewer [27/09/2019 15:47:33] - |D| - [85987] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\vlc [26/09/2019 18:27:10] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\WinRAR [17/05/2022 11:59:04] - |D| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\WinThruster [19/05/2022 11:47:15] - |D| - [207] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Wise Auto Shutdown [22/04/2021 11:23:18] - |D| - [8144642] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\ZHP [26/09/2019 07:56:03] - |SH| - [174] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [11/09/2020 04:01:09] - |SD| - [0] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [26/09/2019 07:55:22] - |RD| - [55847] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [11/09/2020 04:01:08] - |RD| - [3888] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [11/09/2020 04:01:08] - |RD| - [1704] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [26/09/2019 07:56:04] - |RD| - [174] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [11/09/2020 04:01:08] - |SH| - [264] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [20/04/2021 10:55:33] - |D| - [4689] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP MP3 Converter [06/04/2021 13:01:32] - |A| - [2419] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [27/04/2021 15:43:00] - |D| - [3200] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macrorit NTFS To FAT32 Converter [11/09/2020 04:01:08] - |D| - [170] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [06/04/2021 17:42:42] - |A| - [1563] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk [11/09/2020 04:01:08] - |A| - [2489] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [26/09/2019 18:20:58] - |SD| - [8050] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.6 [06/04/2022 18:43:58] - |D| - [1743] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\QEMU [03/05/2022 10:32:06] - |D| - [3018] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate [04/10/2019 11:15:26] - |D| - [290] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Santé Social [26/09/2019 07:56:04] - |RD| - [174] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [11/09/2020 04:01:08] - |RD| - [4913] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [31/12/2021 13:33:04] - |D| - [5806] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TransMac [11/09/2020 04:01:08] - |D| - [7844] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [26/09/2019 18:08:54] - |D| - [3449] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [26/09/2019 07:56:04] - |SH| - [174] - C:\Users\Jean Marie CARRIBON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [Public] [26/09/2019 07:56:03] - |RHD| - [196] - C:\Users\Public\AccountPictures [07/04/2021 08:24:45] - |D| - [5720] - C:\Users\Public\CyberLink [15/09/2018 09:33:50] - |RHD| - [97498] - C:\Users\Public\Desktop [07/12/2019 11:14:54] - |ASH| - [174] - C:\Users\Public\desktop.ini [15/09/2018 09:33:50] - |RD| - [5787055006] - C:\Users\Public\Documents [15/09/2018 09:33:50] - |RD| - [174] - C:\Users\Public\Downloads [07/12/2019 11:14:52] - |RHD| - [1135] - C:\Users\Public\Libraries [15/09/2018 09:33:50] - |RD| - [7259717] - C:\Users\Public\Music [15/09/2018 09:33:50] - |RD| - [14440458] - C:\Users\Public\Pictures [04/10/2019 11:15:40] - |D| - [69] - C:\Users\Public\santesocial [15/09/2018 09:33:50] - |RD| - [99379364] - C:\Users\Public\Videos ---------- | [TEMP] [12/04/2021 01:15:02] - |HD| - [31486] - C:\Users\TEMP\AppData [12/04/2021 01:15:02] - |D| - [31486] - C:\Users\TEMP\AppData\Local [12/04/2021 01:15:55] - |D| - [31486] - C:\Users\TEMP\AppData\Local\Google ---------- | [TEMP.DESKTOP-NA2IIKJ] [12/04/2021 11:50:39] - |HD| - [31189] - C:\Users\TEMP.DESKTOP-NA2IIKJ\AppData [12/04/2021 11:50:40] - |D| - [31189] - C:\Users\TEMP.DESKTOP-NA2IIKJ\AppData\Local [12/04/2021 11:50:59] - |D| - [31189] - C:\Users\TEMP.DESKTOP-NA2IIKJ\AppData\Local\Google ---------- | C:\ProgramData [22/04/2021 10:07:21] - |D| - [333212799] - C:\ProgramData\Acronis [22/04/2021 10:10:58] - |D| - [0] - C:\ProgramData\Acronis Mobile Backup Data [03/06/2021 10:29:38] - |D| - [139254334] - C:\ProgramData\ADiag [26/09/2019 18:42:52] - |D| - [802] - C:\ProgramData\Adobe [27/09/2019 07:42:09] - |D| - [0] - C:\ProgramData\AMD [27/04/2021 15:48:19] - |D| - [51] - C:\ProgramData\AomeiBR [22/04/2021 10:13:01] - |D| - [5414400] - C:\ProgramData\Apple [11/09/2020 04:30:13] - |SHD| - [0] - C:\ProgramData\Application Data [27/09/2019 07:44:50] - |D| - [0] - C:\ProgramData\ATI [31/03/2022 11:48:09] - |D| - [1682] - C:\ProgramData\Bitser [26/09/2019 07:46:23] - |SHD| - [0] - C:\ProgramData\Bureau [26/09/2019 18:39:31] - |D| - [0] - C:\ProgramData\Canneverbe Limited [17/05/2022 10:12:28] - |D| - [0] - C:\ProgramData\CCleaner Browser [27/09/2019 10:03:05] - |D| - [34119] - C:\ProgramData\Cleyris [06/04/2021 20:46:18] - |D| - [235] - C:\ProgramData\CLSK [16/04/2021 11:32:12] - |D| - [16696919] - C:\ProgramData\Corel [16/04/2021 11:55:57] - |HD| - [2890140] - C:\ProgramData\CyberLink [05/04/2021 20:59:48] - |D| - [8192] - C:\ProgramData\database [11/09/2020 04:30:13] - |SHD| - [0] - C:\ProgramData\Documents [26/09/2019 18:37:46] - |D| - [2091895] - C:\ProgramData\DriversCloud.com [10/02/2020 16:34:03] - |D| - [16911468] - C:\ProgramData\Epson [11/03/2022 15:08:39] - |D| - [5323828] - C:\ProgramData\FLEXnet [20/04/2021 10:55:36] - |D| - [10671] - C:\ProgramData\FreeRIP MP3 Converter [26/09/2019 18:27:40] - |D| - [19] - C:\ProgramData\Hagel Technologies [16/04/2021 12:04:01] - |D| - [296] - C:\ProgramData\iFun [16/04/2021 12:06:56] - |D| - [888817] - C:\ProgramData\install_backup [06/04/2021 20:46:18] - |D| - [1209607] - C:\ProgramData\install_clap [16/04/2021 12:00:20] - |D| - [36291901] - C:\ProgramData\IObit [06/04/2022 17:47:14] - |D| - [672] - C:\ProgramData\iTop [11/03/2022 15:08:39] - |D| - [2358624] - C:\ProgramData\Macrovision [26/09/2019 07:46:23] - |SHD| - [0] - C:\ProgramData\Menu Démarrer [07/12/2019 11:14:52] - |SD| - [1540089275] - C:\ProgramData\Microsoft [27/09/2019 06:43:49] - |D| - [10750] - C:\ProgramData\Microsoft Help [11/09/2020 04:35:00] - |D| - [25] - C:\ProgramData\Microsoft OneDrive [06/04/2021 16:28:29] - |A| - [16] - C:\ProgramData\mntemp [26/09/2019 07:46:23] - |SHD| - [0] - C:\ProgramData\Modèles [26/09/2019 18:35:58] - |D| - [21135396] - C:\ProgramData\Mozilla [09/02/2022 17:56:04] - |D| - [38125483] - C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 [16/04/2021 12:35:06] - |D| - [253394696] - C:\ProgramData\MyDVD [22/04/2021 09:03:19] - |RASH| - [290] - C:\ProgramData\ntuser.pol [11/03/2022 15:08:39] - |D| - [4780561397] - C:\ProgramData\Nuance [26/09/2019 18:48:03] - |D| - [82551925] - C:\ProgramData\Oracle [26/09/2019 08:05:41] - |D| - [147564642] - C:\ProgramData\Package Cache [26/09/2019 08:10:14] - |D| - [139264] - C:\ProgramData\Packages [03/05/2022 11:26:28] - |D| - [23] - C:\ProgramData\Paragon [17/05/2022 11:44:08] - |D| - [12290] - C:\ProgramData\PC Cleaner [16/04/2021 11:32:12] - |D| - [973416] - C:\ProgramData\Pinnacle [16/04/2021 11:29:14] - |D| - [51385064] - C:\ProgramData\Pinnacle Log Files [19/05/2022 10:23:54] - |D| - [405631] - C:\ProgramData\Piriform [16/04/2021 12:02:19] - |D| - [607] - C:\ProgramData\ProductData [12/04/2021 01:16:33] - |D| - [13] - C:\ProgramData\Propagation [26/09/2019 08:05:59] - |D| - [2307992] - C:\ProgramData\Realtek [07/12/2019 11:14:52] - |D| - [1001] - C:\ProgramData\regid.1991-06.com.microsoft [16/04/2021 12:35:07] - |D| - [235923] - C:\ProgramData\Roxio [16/04/2021 12:32:59] - |D| - [5185474] - C:\ProgramData\Roxio Log Files [27/09/2019 12:14:14] - |D| - [30281422] - C:\ProgramData\santesocial [07/12/2019 11:14:52] - |D| - [0] - C:\ProgramData\SoftwareDistribution [11/09/2020 04:37:41] - |D| - [0] - C:\ProgramData\ssh [08/04/2021 18:15:14] - |D| - [8352] - C:\ProgramData\SystemAcCrux [25/05/2021 14:01:28] - |D| - [0] - C:\ProgramData\Systweak [07/04/2021 10:06:48] - |AD| - [42280] - C:\ProgramData\Temp [03/05/2022 15:06:23] - |D| - [42901701] - C:\ProgramData\Ultra Adware Killer [16/04/2021 11:29:13] - |D| - [294] - C:\ProgramData\UniqueId [07/12/2019 11:14:52] - |D| - [12349440] - C:\ProgramData\USOPrivate [07/12/2019 11:14:52] - |D| - [13066240] - C:\ProgramData\USOShared [07/12/2019 16:53:03] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices [17/05/2022 11:59:01] - |D| - [4575] - C:\ProgramData\WinThruster [06/04/2021 16:19:17] - |D| - [14390102] - C:\ProgramData\Wondershare [18/05/2021 16:34:13] - |D| - [80193677] - C:\ProgramData\Wondershare DemoCreator [03/06/2021 10:28:01] - |D| - [23164] - C:\ProgramData\YaraEditor ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [07/12/2019 11:14:54] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [26/09/2019 07:46:23] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [07/12/2019 11:14:52] - |RD| - [336004] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [11/03/2022 15:13:24] - |A| - [1941] - C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk [26/09/2019 18:08:54] - |A| - [1126] - C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [27/04/2021 18:40:29] - |D| - [3025] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack [07/12/2019 11:14:52] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [07/12/2019 11:14:52] - |RD| - [14467] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [22/04/2021 10:10:15] - |D| - [21030] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis [22/04/2021 10:10:15] - |A| - [1312] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis True Image.lnk [07/12/2019 11:14:52] - |RD| - [22956] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [26/11/2021 12:04:43] - |A| - [2059] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk [08/04/2021 18:08:51] - |D| - [34425] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer 3 [27/09/2019 07:53:39] - |D| - [3016] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard [15/01/2021 23:23:04] - |D| - [2111] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Software [19/05/2022 10:03:40] - |D| - [2657] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI Partition Assistant [03/05/2022 11:26:36] - |D| - [2651] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APFS for Windows by Paragon Software [18/05/2021 12:33:07] - |D| - [5195] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applications Serif [31/03/2022 11:48:12] - |D| - [10436] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitser [08/04/2021 18:19:10] - |D| - [2133] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canvas GFX [26/09/2019 18:40:37] - |D| - [989] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [17/05/2022 10:12:04] - |A| - [2411] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk [26/09/2019 18:39:22] - |A| - [1204] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [05/04/2021 20:59:51] - |A| - [1184] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CGMHub.lnk [06/04/2021 17:44:18] - |D| - [2791] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chrone Browser [06/04/2022 17:37:14] - |A| - [2365] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Desktop Burning Gadget 13.lnk [06/04/2022 17:37:14] - |A| - [2323] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink ISO Viewer 13.lnk [06/04/2022 17:40:19] - |A| - [1432] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink LabelPrint2.lnk [31/03/2022 10:43:38] - |A| - [1319] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Notification Center.lnk [06/04/2022 17:37:13] - |A| - [2304] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 13.lnk [31/03/2022 10:43:15] - |A| - [2051] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 365.lnk [06/04/2022 17:37:14] - |A| - [2344] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Virtual Drive 13.lnk [06/04/2022 17:41:39] - |A| - [2316] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink WaveEditor 2.lnk [07/12/2019 11:14:54] - |SH| - [1612] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [26/09/2019 18:11:01] - |D| - [6772] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX [26/09/2019 18:37:46] - |D| - [3000] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com [11/09/2020 04:09:03] - |A| - [2044] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control.lnk [26/09/2019 18:27:37] - |D| - [2106] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter [10/02/2020 16:11:46] - |D| - [3407] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [10/02/2020 16:40:46] - |D| - [4691] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software [07/04/2021 17:34:00] - |A| - [1060] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Everything.lnk [07/05/2021 15:33:26] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FairCom [26/09/2019 18:36:02] - |A| - [991] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk [17/05/2022 11:01:15] - |A| - [1015] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk [08/11/2019 22:52:58] - |A| - [2325] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [16/04/2021 12:03:42] - |D| - [2699] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iFun Screen Recorder [31/12/2021 13:53:19] - |D| - [2389] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer [27/09/2019 12:27:42] - |D| - [20394] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IMAGINE Editions [03/05/2022 10:47:46] - |D| - [1865] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMazing [07/12/2019 11:10:31] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [06/04/2021 17:00:18] - |D| - [3097] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMyFone [06/04/2021 17:00:20] - |A| - [1420] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMyFone Fixppo for Android.lnk [16/04/2021 12:01:06] - |D| - [2786] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Software Updater [22/02/2022 11:49:34] - |D| - [2185] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO to USB [06/04/2022 17:47:28] - |D| - [2483] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTop Screenshot [26/09/2019 18:48:47] - |D| - [6710] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [07/12/2019 11:14:52] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [23/06/2020 00:52:50] - |A| - [2468] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk [27/09/2019 06:47:41] - |D| - [24756] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office [22/02/2022 11:08:22] - |D| - [2239] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12 [22/02/2022 11:10:14] - |D| - [2132] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool ShadowMaker [16/04/2021 12:39:51] - |D| - [2212] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiCam Capture Lite [17/05/2022 11:44:02] - |D| - [1344] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner [17/05/2022 12:02:14] - |D| - [718] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Optimizer Pro [26/09/2019 18:11:48] - |D| - [3458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 [16/04/2021 12:28:22] - |D| - [8391] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio for Dazzle [17/05/2022 11:01:15] - |A| - [985] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealTimeSync.lnk [02/10/2019 18:04:38] - |D| - [6247] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Santé Social [06/04/2021 17:38:46] - |D| - [3203] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearcherBar [18/05/2021 12:33:08] - |A| - [2483] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif WebPlus X7.lnk [07/12/2019 11:14:52] - |RD| - [4144] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [07/12/2019 11:14:52] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [26/09/2019 18:06:58] - |D| - [7368] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [18/05/2021 13:10:51] - |D| - [2954] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WebSite X5 v2021.2 - Go [07/12/2019 16:52:28] - |RD| - [2800] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [26/09/2019 18:08:54] - |D| - [3395] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [03/05/2022 15:17:06] - |D| - [1625] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinThruster [19/05/2022 11:47:08] - |D| - [1337] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Auto Shutdown [06/04/2021 16:26:33] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare [26/09/2019 18:10:27] - |D| - [18597] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [07/12/2019 11:14:54] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [02/10/2019 18:04:38] - |A| - [2032] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Démarrage du CCM.lnk [19/05/2022 13:19:46] - |A| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt [06/02/2022 14:01:42] - |A| - [1938] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\V3S Reconnexion.lnk ---------- | C:\Program Files (x86) [22/04/2021 10:09:26] - |D| - [606498481] - C:\Program Files (x86)\Acronis [26/09/2019 18:43:46] - |D| - [166948368] - C:\Program Files (x86)\Adobe [08/04/2021 18:08:31] - |D| - [62328932] - C:\Program Files (x86)\Advanced System Optimizer 3 [19/05/2022 10:03:15] - |D| - [149889286] - C:\Program Files (x86)\AOMEI Partition Assistant [31/03/2022 11:48:09] - |D| - [5089409] - C:\Program Files (x86)\Bitser [22/04/2021 10:13:01] - |D| - [631739] - C:\Program Files (x86)\Bonjour [17/05/2022 10:08:56] - |D| - [693635215] - C:\Program Files (x86)\CCleaner Browser [26/09/2019 18:39:20] - |D| - [13649715] - C:\Program Files (x86)\CDBurnerXP [05/04/2021 20:59:48] - |D| - [24899733] - C:\Program Files (x86)\CGM [27/09/2019 10:03:04] - |D| - [15984047] - C:\Program Files (x86)\Cleyris [07/12/2019 11:14:52] - |D| - [657732992] - C:\Program Files (x86)\Common Files [16/04/2021 12:32:16] - |D| - [4741377] - C:\Program Files (x86)\Corel [31/03/2022 10:42:30] - |D| - [612408730] - C:\Program Files (x86)\CyberLink [07/12/2019 11:14:54] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [26/09/2019 18:10:53] - |D| - [82834] - C:\Program Files (x86)\DivX [05/04/2021 20:59:27] - |D| - [79230246] - C:\Program Files (x86)\dotnet [26/09/2019 18:27:37] - |D| - [2475465] - C:\Program Files (x86)\DU Meter [10/02/2020 16:11:41] - |D| - [105830808] - C:\Program Files (x86)\epson [10/02/2020 16:40:46] - |D| - [115209006] - C:\Program Files (x86)\Epson Software [20/04/2021 10:55:30] - |D| - [6097023] - C:\Program Files (x86)\FreeRIP [26/09/2019 18:11:35] - |D| - [662146522] - C:\Program Files (x86)\Google [16/04/2021 12:03:18] - |D| - [135504737] - C:\Program Files (x86)\iFun [31/12/2021 13:53:15] - |D| - [46359230] - C:\Program Files (x86)\ImageWriter [27/09/2019 09:59:27] - |D| - [4010761575] - C:\Program Files (x86)\IMAGINE Editions [06/04/2021 17:00:02] - |D| - [130597905] - C:\Program Files (x86)\iMyFone [06/04/2021 16:58:56] - |D| - [13092] - C:\Program Files (x86)\imyfone_down [27/09/2019 08:17:31] - |HD| - [76916758] - C:\Program Files (x86)\InstallShield Installation Information [07/12/2019 11:14:52] - |D| - [1996375] - C:\Program Files (x86)\Internet Explorer [16/04/2021 12:00:58] - |D| - [61642955] - C:\Program Files (x86)\IObit [22/02/2022 11:49:33] - |D| - [5525673] - C:\Program Files (x86)\ISO to USB [06/04/2022 17:47:24] - |D| - [41253095] - C:\Program Files (x86)\iTop Screenshot [06/04/2021 15:57:12] - |D| - [1167872] - C:\Program Files (x86)\Late-Snow [26/09/2019 18:25:14] - |D| - [0] - C:\Program Files (x86)\LibreOffice [23/06/2020 00:52:13] - |D| - [964294431] - C:\Program Files (x86)\Microsoft [27/09/2019 06:43:56] - |D| - [39769547] - C:\Program Files (x86)\Microsoft Analysis Services [27/09/2019 06:43:51] - |D| - [13902140] - C:\Program Files (x86)\Microsoft Office [27/09/2019 13:23:27] - |D| - [979309] - C:\Program Files (x86)\Microsoft WSE [07/12/2019 11:14:52] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [26/09/2019 18:36:01] - |D| - [367362] - C:\Program Files (x86)\Mozilla Maintenance Service [11/09/2020 04:00:21] - |D| - [25757] - C:\Program Files (x86)\MSBuild [07/04/2021 08:23:21] - |D| - [16127157] - C:\Program Files (x86)\NSIS Uninstall Information [11/03/2022 15:08:38] - |D| - [850838185] - C:\Program Files (x86)\Nuance [26/09/2019 18:20:25] - |D| - [331074822] - C:\Program Files (x86)\OpenOffice 4 [27/09/2019 12:21:16] - |D| - [2069440] - C:\Program Files (x86)\OpenSC [03/05/2022 11:26:27] - |D| - [26239931] - C:\Program Files (x86)\Paragon Software [16/04/2021 12:31:36] - |D| - [978178] - C:\Program Files (x86)\Pinnacle [27/09/2019 08:17:29] - |D| - [30694408] - C:\Program Files (x86)\Realtek [11/09/2020 04:00:21] - |D| - [38479105] - C:\Program Files (x86)\Reference Assemblies [27/09/2019 12:14:19] - |D| - [31023732] - C:\Program Files (x86)\santesocial [27/09/2019 08:20:57] - |D| - [0] - C:\Program Files (x86)\Temp [06/04/2021 15:22:10] - |D| - [0] - C:\Program Files (x86)\Tenorshare [31/12/2021 13:33:03] - |D| - [3096963] - C:\Program Files (x86)\TransMac [29/03/2022 10:04:12] - |D| - [9063500] - C:\Program Files (x86)\UsbFix [26/09/2019 18:06:48] - |D| - [189045408] - C:\Program Files (x86)\VideoLAN [07/12/2019 11:14:52] - |D| - [1823008] - C:\Program Files (x86)\Windows Defender [07/12/2019 11:14:52] - |D| - [625664] - C:\Program Files (x86)\Windows Mail [07/12/2019 16:53:03] - |D| - [3237786] - C:\Program Files (x86)\Windows Media Player [07/12/2019 16:53:03] - |D| - [40232] - C:\Program Files (x86)\Windows Multimedia Platform [07/12/2019 11:14:52] - |D| - [6058840] - C:\Program Files (x86)\Windows NT [07/12/2019 16:53:03] - |D| - [5261760] - C:\Program Files (x86)\Windows Photo Viewer [07/12/2019 16:53:03] - |D| - [40232] - C:\Program Files (x86)\Windows Portable Devices [07/12/2019 11:14:52] - |SD| - [29492908] - C:\Program Files (x86)\Windows Sidebar [07/12/2019 11:14:52] - |D| - [2250695] - C:\Program Files (x86)\WindowsPowerShell [26/09/2019 18:08:44] - |D| - [3647129] - C:\Program Files (x86)\WinRAR [19/05/2022 11:47:06] - |D| - [10647672] - C:\Program Files (x86)\Wise [18/05/2021 16:34:13] - |D| - [0] - C:\Program Files (x86)\Wondershare [06/02/2022 14:01:42] - |D| - [266240] - C:\Program Files (x86)\XIRING [26/09/2019 18:10:27] - |D| - [765151] - C:\Program Files (x86)\Xvid ---------- | C:\Program Files [22/04/2021 10:12:20] - |D| - [14595712] - C:\Program Files\Acronis [26/11/2021 12:03:25] - |D| - [760824349] - C:\Program Files\Adobe [26/09/2019 08:04:55] - |D| - [837511923] - C:\Program Files\AMD [22/04/2021 10:13:01] - |D| - [615066] - C:\Program Files\Bonjour [08/04/2021 18:16:35] - |D| - [512803023] - C:\Program Files\Canvas GFX [26/09/2019 18:40:34] - |D| - [655060228] - C:\Program Files\CCleaner [07/12/2019 11:14:52] - |D| - [1055868830] - C:\Program Files\Common Files [16/04/2021 12:38:14] - |D| - [220031853] - C:\Program Files\Corel [31/03/2022 10:39:11] - |D| - [1292015817] - C:\Program Files\CyberLink [07/12/2019 11:14:54] - |ASH| - [174] - C:\Program Files\desktop.ini [03/05/2022 10:45:29] - |D| - [319607203] - C:\Program Files\DigiDNA [05/04/2021 20:59:10] - |D| - [88845544] - C:\Program Files\dotnet [26/09/2019 18:37:46] - |D| - [19760115] - C:\Program Files\DriversCloud.com [07/04/2021 17:33:57] - |D| - [63949345] - C:\Program Files\Everything [26/09/2019 07:46:23] - |SHD| - [0] - C:\Program Files\Fichiers communs [17/05/2022 11:01:10] - |D| - [53493308] - C:\Program Files\FreeFileSync [07/12/2019 11:14:52] - |D| - [2676842] - C:\Program Files\Internet Explorer [26/09/2019 18:47:58] - |D| - [426818802] - C:\Program Files\Java [27/04/2021 15:42:57] - |D| - [16075745] - C:\Program Files\Macrorit [27/09/2019 06:43:56] - |D| - [66182091] - C:\Program Files\Microsoft Analysis Services [27/09/2019 06:43:49] - |D| - [727576013] - C:\Program Files\Microsoft Office [21/08/2020 15:37:09] - |D| - [1918104] - C:\Program Files\Microsoft Update Health Tools [22/02/2022 11:08:16] - |D| - [82139894] - C:\Program Files\MiniTool Partition Wizard 12 [22/02/2022 11:09:56] - |D| - [234946421] - C:\Program Files\MiniTool ShadowMaker [07/12/2019 11:14:52] - |D| - [0] - C:\Program Files\ModifiableWindowsApps [17/05/2022 13:56:43] - |D| - [220247241] - C:\Program Files\Mozilla Firefox [11/09/2020 04:00:20] - |D| - [25757] - C:\Program Files\MSBuild [16/04/2021 11:48:00] - |D| - [2379005560] - C:\Program Files\Pinnacle [16/04/2021 12:35:06] - |D| - [132923601] - C:\Program Files\Pinnacle Studio for Dazzle [06/04/2022 18:41:44] - |D| - [1134534523] - C:\Program Files\qemu [27/09/2019 08:26:55] - |D| - [68854006] - C:\Program Files\Realtek [11/09/2020 04:00:20] - |D| - [36883625] - C:\Program Files\Reference Assemblies [02/10/2019 18:04:37] - |D| - [2292930] - C:\Program Files\santesocial [18/05/2021 12:32:00] - |D| - [505254145] - C:\Program Files\Serif [26/09/2019 07:38:34] - |HD| - [0] - C:\Program Files\Uninstall Information [30/05/2020 03:19:20] - |D| - [16252928] - C:\Program Files\UNP [18/05/2021 13:09:57] - |D| - [255742622] - C:\Program Files\WebSite X5 v2021.2 - Go [07/12/2019 11:14:52] - |D| - [13854462] - C:\Program Files\Windows Defender [07/12/2019 11:14:52] - |D| - [639488] - C:\Program Files\Windows Mail [07/12/2019 16:53:03] - |D| - [4601278] - C:\Program Files\Windows Media Player [07/12/2019 16:53:03] - |D| - [48536] - C:\Program Files\Windows Multimedia Platform [07/12/2019 11:14:52] - |D| - [6403928] - C:\Program Files\Windows NT [07/12/2019 16:53:03] - |D| - [6179784] - C:\Program Files\Windows Photo Viewer [07/12/2019 16:53:03] - |D| - [48528] - C:\Program Files\Windows Portable Devices [07/12/2019 11:14:52] - |D| - [112213] - C:\Program Files\Windows Security [07/12/2019 11:14:52] - |SD| - [7120162] - C:\Program Files\Windows Sidebar [07/12/2019 11:14:52] - |HD| - [3610735961] - C:\Program Files\WindowsApps [07/12/2019 11:14:52] - |D| - [2545983] - C:\Program Files\WindowsPowerShell ---------- | C:\Program Files (x86)\Common Files [22/04/2021 10:09:25] - |D| - [480854520] - C:\Program Files (x86)\Common Files\Acronis [26/09/2019 18:43:46] - |D| - [3192608] - C:\Program Files (x86)\Common Files\Adobe [07/04/2021 08:23:16] - |D| - [132792] - C:\Program Files (x86)\Common Files\CyberLink [11/03/2022 15:08:39] - |D| - [1193648] - C:\Program Files (x86)\Common Files\InstallShield [16/04/2021 12:01:25] - |D| - [0] - C:\Program Files (x86)\Common Files\IObit [11/03/2022 15:13:05] - |D| - [1512625] - C:\Program Files (x86)\Common Files\IVA [26/09/2019 18:49:24] - |D| - [2223976] - C:\Program Files (x86)\Common Files\Java [07/12/2019 11:14:52] - |D| - [127863840] - C:\Program Files (x86)\Common Files\Microsoft Shared [18/05/2021 12:32:56] - |D| - [651776] - C:\Program Files (x86)\Common Files\MSSoap [11/03/2022 15:12:30] - |D| - [28224654] - C:\Program Files (x86)\Common Files\Nuance [27/04/2021 18:44:45] - |D| - [2013168] - C:\Program Files (x86)\Common Files\Oracle [16/04/2021 11:48:00] - |D| - [0] - C:\Program Files (x86)\Common Files\Pegasus Imaging [07/12/2019 11:14:52] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [07/12/2019 11:14:52] - |D| - [9866683] - C:\Program Files (x86)\Common Files\System ---------- | C:\Program Files\Common files [22/04/2021 10:12:20] - |D| - [706560] - C:\Program Files\Common files\Acronis [26/11/2021 12:01:38] - |D| - [786729514] - C:\Program Files\Common files\Adobe [26/09/2019 08:04:54] - |D| - [3996576] - C:\Program Files\Common files\ATI Technologies [27/09/2019 06:47:22] - |D| - [99136] - C:\Program Files\Common files\DESIGNER [10/02/2020 16:36:43] - |D| - [152152] - C:\Program Files\Common files\EPSON [07/12/2019 11:14:52] - |D| - [253118963] - C:\Program Files\Common files\microsoft shared [07/12/2019 11:14:52] - |D| - [2702] - C:\Program Files\Common files\Services [07/12/2019 11:14:52] - |D| - [11063227] - C:\Program Files\Common files\System ---------- | Tasks [MD5.0A9DCAEB679B50C8A9F402CD073D101F] - [18/05/2021 12:32:16] - |A| - [1002] - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [MD5.3EDF68DB1A111CBD3F3302C8DD4DC66E] - [17/07/2021 07:14:30] - |A| - [951] - C:\WINDOWS\Tasks\EPSON WF-2760 Series Update {D8589CE5-9676-43FF-8170-F51862EEFBBA}.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [11/09/2020 04:29:46] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.442E611A8F6BA4C07E9349E64374ED7E] - [11/09/2020 04:29:45] - |A| - [4562] - C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task : C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [MD5.9549EF19D927213C7646514A1476AECE] - [18/05/2021 12:32:16] - |A| - [3978] - C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater : C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.00000000000000000000000000000000] - [28/05/2021 16:59:41] - |D| - [2652] - C:\WINDOWS\System32\Tasks\Agent Activation Runtime [MD5.447124E19D30E35D1778D2A0F4482410] - [17/05/2022 09:13:11] - |A| - [3140] - C:\WINDOWS\System32\Tasks\AMDLinkUpdate : C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [MD5.E8F3488BBAA42EE37B69297841A2D312] - [03/05/2022 11:27:19] - |A| - [2706] - C:\WINDOWS\System32\Tasks\APFS GUI : C:\Program Files (x86)\Paragon Software\APFS for Windows\APFS for Windows by Paragon Software.exe [MD5.525B944C454C2177EF5213AA84A56E3A] - [03/05/2022 11:27:28] - |A| - [2834] - C:\WINDOWS\System32\Tasks\APFS Updater : C:\Program Files (x86)\Paragon Software\APFS for Windows\Updater.exe [MD5.F1E38AEAC98CF6C6686551C190075E17] - [08/04/2021 18:11:23] - |A| - [3172] - C:\WINDOWS\System32\Tasks\ASO-AutoCheckUpdate7Days : C:\Program Files (x86)\Advanced System Optimizer 3\CheckUpdate.exe [MD5.67743653760F28962AA9F780FF024529] - [17/05/2022 10:12:01] - |A| - [3842] - C:\WINDOWS\System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) : C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [MD5.AE3C2E602BD96F53F7A645AE181927B9] - [17/05/2022 10:12:01] - |A| - [3258] - C:\WINDOWS\System32\Tasks\CCleaner Browser Heartbeat Task (Logon) : C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [MD5.D750BDDC88BBE24FBC2FD2AC9CA091FA] - [11/09/2020 04:29:45] - |A| - [3936] - C:\WINDOWS\System32\Tasks\CCleaner Update : C:\Program Files\CCleaner\CCUpdate.exe [MD5.FD1478E0F6443512C3E123A3CC1326B4] - [19/08/2021 05:48:31] - |A| - [2960] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC - Jean Marie CARRIBON : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.8E0BCDDDA0155624F12E97CA48D71CE3] - [17/05/2022 10:09:21] - |A| - [3520] - C:\WINDOWS\System32\Tasks\CCleanerUpdateTaskMachineCore : C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [MD5.1810814D35E901E1D16FF5AA171D33AB] - [17/05/2022 10:09:21] - |A| - [3644] - C:\WINDOWS\System32\Tasks\CCleanerUpdateTaskMachineUA : C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [MD5.D41D8CD98F00B204E9800998ECF8427E] - [07/04/2021 10:08:27] - |A| - [0] - C:\WINDOWS\System32\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82} : C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [MD5.05B98FAAD20F74DE788C8F7F1FB700C7] - [31/03/2022 10:43:38] - |A| - [2742] - C:\WINDOWS\System32\Tasks\CLToast : "C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe" [MD5.046DFC82DC212875FDCA0FE45AF63606] - [31/03/2022 10:43:38] - |A| - [2568] - C:\WINDOWS\System32\Tasks\CLToastRun : "C:\Program Files (x86)\CyberLink\Shared files\CLToast.exe" [MD5.B139654DE5A214C405B66F7311B82E83] - [17/07/2021 07:14:30] - |A| - [4150] - C:\WINDOWS\System32\Tasks\EPSON WF-2760 Series Update {D8589CE5-9676-43FF-8170-F51862EEFBBA} : C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE [MD5.918694C3C7ECD0F14E4F3BD49CE77B2E] - [11/09/2020 04:29:45] - |A| - [3466] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.2786E349E769D2217041FC811A0BA913] - [11/09/2020 04:29:45] - |A| - [3590] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.509DD316A737C9E513B6662835D82091] - [01/06/2021 11:07:54] - |A| - [3222] - C:\WINDOWS\System32\Tasks\iFun Screen Recorder SkipUAC (Jean Marie CARRIBON) : "C:\Program Files (x86)\iFun\iFun Screen Recorder\IScrRec.exe" [MD5.EAEC362E08C3C9E698FC5A1318F286D8] - [06/04/2022 17:47:37] - |A| - [2652] - C:\WINDOWS\System32\Tasks\iTop Screenshot SkipUAC (Jean Marie CARRIBON) : "C:\Program Files (x86)\iTop Screenshot\iScrShot.exe" [MD5.15927263C32533D4C35FF98C12CEFC30] - [06/04/2022 17:47:37] - |A| - [2706] - C:\WINDOWS\System32\Tasks\iTop Screenshot Startup : "C:\Program Files (x86)\iTop Screenshot\iScrShot.exe" [MD5.118D607188534C77C963B966245FE4E8] - [06/04/2022 17:47:37] - |A| - [2794] - C:\WINDOWS\System32\Tasks\iTop Screenshot Update : "C:\Program Files (x86)\iTop Screenshot\AutoUpdate.exe" [MD5.00000000000000000000000000000000] - [07/12/2019 11:14:52] - |D| - [625220] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.B6754CCB89E51673560786DE1BA5B5D5] - [11/09/2020 04:29:46] - |A| - [3566] - C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore : C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [MD5.98DAFECD8D38BA7C4E949D95148B14F8] - [11/09/2020 04:29:46] - |A| - [3690] - C:\WINDOWS\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA : C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [MD5.AF1359BA4F881330A2FCD761E787AEB6] - [22/02/2022 11:08:26] - |A| - [2524] - C:\WINDOWS\System32\Tasks\MiniToolPartitionWizard : C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [MD5.15541C0125A7176DD944B35D7ADECC71] - [11/09/2020 04:29:46] - |A| - [2392] - C:\WINDOWS\System32\Tasks\ModifyLinkUpdate : "C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe" [MD5.00000000000000000000000000000000] - [11/10/2021 14:26:15] - |D| - [8576] - C:\WINDOWS\System32\Tasks\Mozilla [MD5.00000000000000000000000000000000] - [11/09/2020 04:29:46] - |D| - [3776] - C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform [MD5.EAFA4087EF56FBCCE52A4B0F385C6376] - [06/02/2022 13:28:46] - |A| - [3592] - C:\WINDOWS\System32\Tasks\OneDrive Reporting Task-S-1-5-21-2982999039-1405869219-2042017926-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.25565BAEAA8E6310869E2621454BC939] - [11/09/2020 04:29:46] - |A| - [3408] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2982999039-1405869219-2042017926-1001 : %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe [MD5.F03F0901E1B11B8C4FD8CE490AFF5690] - [06/04/2021 17:42:53] - |A| - [4348] - C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1617723761 : C:\Users\Jean Marie CARRIBON\AppData\Local\Programs\Opera\launcher.exe [MD5.662E4AD72B191D69AC58075DD883D1D2] - [17/05/2022 11:44:32] - |A| - [3152] - C:\WINDOWS\System32\Tasks\PC Cleaner automatic scan and notifications : "D:\PC Cleaner\PCCNotifications.exe" [MD5.7AE8991E47326A886FB3BAEF4FAF850C] - [31/03/2022 10:43:30] - |A| - [3288] - C:\WINDOWS\System32\Tasks\PowerDirectorStyleAgent : C:\Program Files (x86)\CyberLink\Shared files\PDStyleAgent\PDStyleAgent.exe [MD5.6D40E7E9836C420C9840EF8FC16F010B] - [11/09/2020 04:29:46] - |A| - [3194] - C:\WINDOWS\System32\Tasks\RTKCPL : "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" [MD5.CBBBA436FD7E7E752C0807FCD7B36640] - [15/01/2021 23:23:06] - |A| - [3080] - C:\WINDOWS\System32\Tasks\StartDVR : "C:\Program Files\AMD\CNext\CNext\RSServCmd.exe" [MD5.B50F8B705073C4F1AE2B0A6DC36DD921] - [29/03/2022 10:04:25] - |A| - [3296] - C:\WINDOWS\System32\Tasks\UsbFix Monitor : "C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe" [MD5.EF8E965B0381C56711A5A69835E986F6] - [17/05/2022 11:59:12] - |A| - [3442] - C:\WINDOWS\System32\Tasks\WinThruster automatic scan and notifications : "D:\Axthon\WinThruster\WTNotifications.exe" [MD5.00000000000000000000000000000000] - [07/12/2019 11:14:52] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "WiFiDirect-KM-Driver-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-In-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "WiFiDirect-KM-Driver-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver| "DeliveryOptimization-TCP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "WirelessDisplay-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Infra-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100| "{79E05C30-858B-4490-9EE5-A7E2D3B68DA6}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox Game Bar Plugin|Desc=Xbox Game Bar Plugin|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game Bar Plugin|Platform=2:6:2|Platform2=GTEQ| "{849CDFE3-5D89-4823-97C5-22053D29B9D0}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{C57817CD-B8BC-453C-AFEC-B5743385E61A}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=2968|App=C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe|Name=EEventManager Application|EmbedCtxt=EEventManager.exe - Push Scan Discovery|Edge=TRUE|Defer=App| "{6F4FA339-AB9D-4F9E-84ED-4E0AE42A19E0}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "{E12E67AC-5CA8-43AA-8B34-339F627EF272}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ| "UDP Query User{468910DD-186C-49EE-8349-F4F73EF02BC0}C:\users\jean marie carribon\documents\imagine editions\hellodoc\hellodoc acces vidal.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\jean marie carribon\documents\imagine editions\hellodoc\hellodoc acces vidal.exe|Name=hellodoc acces vidal.exe|Desc=hellodoc acces vidal.exe|Defer=User| "TCP Query User{E91C61AE-7537-4929-A9B0-3B366DB3D406}C:\users\jean marie carribon\documents\imagine editions\hellodoc\hellodoc acces vidal.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\jean marie carribon\documents\imagine editions\hellodoc\hellodoc acces vidal.exe|Name=hellodoc acces vidal.exe|Desc=hellodoc acces vidal.exe|Defer=User| "UDP Query User{7EED0097-E129-4931-9AAF-4240CDA4724E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe|Name=Visual Basic Command Line Compiler|Desc=Visual Basic Command Line Compiler|Defer=User| "TCP Query User{07FE523B-A2D3-4655-93B9-FD5D06033FA9}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe|Name=Visual Basic Command Line Compiler|Desc=Visual Basic Command Line Compiler|Defer=User| "{FED86FEA-53A7-4085-B7D2-C635F72D2507}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud| "{0E1BD0C4-1F8B-48E8-B72B-61C98F4B4B9C}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\DriversCloud.exe|Name=DriversCloud| "{52B653CE-1692-4CCF-AA0C-1E3DA4932697}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ| "{9EECBE11-BCC3-408D-A44F-34867337C929}"=v2.29|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ| "{28EE025E-16C5-4516-9614-8CA12E4BC958}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{EBD86E4E-9788-4C45-8944-814D9722A5F5}C:\program files (x86)\comodo\dragon\dragon.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\comodo\dragon\dragon.exe|Name=Comodo Dragon|Desc=Comodo Dragon|Defer=User| "UDP Query User{091C9DA2-EB43-4C10-BB15-35D989F1119C}C:\program files (x86)\comodo\dragon\dragon.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\comodo\dragon\dragon.exe|Name=Comodo Dragon|Desc=Comodo Dragon|Defer=User| "{A4B6A420-C4C4-4E8B-BC7F-14843DC4F283}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Pinnacle\Studio for Dazzle\programs\RM.exe|Name=Render Manager| "{1D1DADE0-8B59-4656-8A2D-97C748A15C26}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Pinnacle\Studio for Dazzle\programs\RM.exe|Name=Render Manager| "{35B23154-D694-49B3-B0C5-425707AE29E3}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Pinnacle\Studio for Dazzle\programs\NGStudio.exe|Name=NGStudio| "{A9C55351-1C2E-4E6B-95C7-1688BA7D31F8}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Pinnacle\Studio for Dazzle\programs\NGStudio.exe|Name=NGStudio| "{DF7CEBC9-3574-48C8-8971-1C292C3A490A}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Pinnacle\Studio for Dazzle\programs\UMI.exe|Name=umi| "{56FFF318-E978-4BC3-AF37-68A50EE12AF5}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Pinnacle\Studio for Dazzle\programs\UMI.exe|Name=umi| "{14563876-4944-48F4-97AB-B5ED5DDDA1DD}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe|Name=Acronis Sync Agent Service|Desc=Acronis Sync Agent Service| "{E5FFD668-29E1-494A-AFB6-F63810FE6551}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe|Name=Acronis Managed Machine Service Mini|Desc=Acronis Managed Machine Service Mini| "{3CE7B890-4FA0-4C71-A3C2-11C684E3EFD2}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe|Name=Acronis True Image 2021|Desc=Acronis True Image 2021| "{140C68D7-2665-4EB0-8509-CE7256B94150}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe|Name=TrueImageMonitor.exe|Desc=TrueImageMonitor.exe| "{1CBF55F4-9356-4886-942E-E8F918B61073}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe|Name=TrueImageTools.exe|Desc=TrueImageTools.exe| "{5AE8A1B6-D825-4787-A0D6-144C7A0B7E67}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe|Name=TrueImageHomeService.exe|Desc=TrueImageHomeService.exe| "{C5C33C03-24F1-43BA-8280-A187EA172F88}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe|Name=Acronis Media Builder|Desc=Acronis Media Builder| "{528DA8CD-0A71-45F0-BA84-32C9AE583A19}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe|Name=Acronis System Report|Desc=Acronis System Report| "{86252C4A-C1BC-4656-B37E-406E7FFA3C53}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe|Name=Acronis Drive|Desc=Acronis Drive| "{1B08E697-47A5-4866-A876-56BE339FAF3E}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe|Name=Acronis Mobile Backup Server|Desc=Acronis Mobile Backup Server| "{BCF144AB-59D1-4E5A-BB0C-D3546388A1A3}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe|Name=Acronis Mobile Backup Status Server|Desc=Acronis Mobile Backup Status Server| "{4A835134-37F2-435B-80F7-044D8636733C}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe|Name=ga_service.exe|Desc=ga_service.exe| "{1D74F8B7-8A54-46A0-9E0A-A5B6C1106A7D}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\TrueImageHome\LicenseActivator.exe|Name=LicenseActivator.exe|Desc=LicenseActivator.exe| "{A37361C3-FD55-40B6-8D1E-7B09047D9A77}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Common Files\Acronis\Home\report_sender.exe|Name=report_sender.exe|Desc=report_sender.exe| "{64156A24-FEF9-4D48-8543-33D0EFFB69DE}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\Agent\bin\bckp_amgr.exe|Name=Acronis Alert Manager|Desc=Acronis Alert Manager| "{C0DFA5EA-6E17-4536-8A12-A21F7624450A}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\Agent\bin\task-manager.exe|Name=Acronis Task Manager|Desc=Acronis Task Manager| "{96091ECA-1E39-413A-AA6E-C62317B4BD11}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe|Name=Acronis Active Protection (TM) Service|Desc=Acronis Active Protection (TM) Service| "{74D499B4-E4BB-46F2-8E32-5A3FAEBEC532}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Acronis\Agent\aakore.exe|Name=Acronis Agent Core Service|Desc=Acronis Agent Core Service| "{8AA8D114-A787-44BA-85D3-272C65C03394}"=v2.30|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\Acronis\CyberProtect\cyber-protect-service.exe|Name=Acronis Cyber Protection Service|Desc=Acronis Cyber Protection Service| "TCP Query User{19845D14-4B33-4B74-8471-B19CEEFD00F8}C:\program files (x86)\imagine editions\technique\tele-assistance.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\imagine editions\technique\tele-assistance.exe|Name=AnyDesk|Desc=AnyDesk|Defer=User| "UDP Query User{61421737-9C31-4B27-966F-C7D56F91E553}C:\program files (x86)\imagine editions\technique\tele-assistance.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\imagine editions\technique\tele-assistance.exe|Name=AnyDesk|Desc=AnyDesk|Defer=User| "{05F278B6-A58E-41CE-87AD-76A06CF7EFA1}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=NcsiUwpApp|Desc=NcsiUwpApp|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-138780814-3997110584-2874353029-2041838810-3659441231-3169655024-3643974355|EmbedCtxt=NcsiUwpApp|Platform=2:6:2|Platform2=GTEQ| "{466E05E7-BF66-4617-855C-CF6B42454AB2}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Edge|Desc=Microsoft Edge|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=Microsoft Edge|Platform=2:6:2|Platform2=GTEQ| "{614A41C0-1161-4338-9EC7-34E9C94BEBB7}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Edge|Desc=Microsoft Edge|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=Microsoft Edge|Platform=2:6:2|Platform2=GTEQ| "{174CF41E-2453-4108-B89B-54463B1F07D1}"=v2.0|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe|Name=Apowersoft Phone Manager|Edge=FALSE| "{5E5A73C1-600F-413C-AEE5-940C27E30441}"=v2.0|Action=Allow|Active=TRUE|Dir=Out|App=C:\Program Files\Apowersoft\Apowersoft Phone Manager\iOS Recorder.exe|Name=Apowersoft Phone Manager|Edge=FALSE| "{0FCC0930-A1E4-48E1-8505-61ADB85F4A63}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{2D3A9685-0C06-4A62-A44C-7147C470738F}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{EE15B238-D9C6-4265-9F12-9776308F1E08}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Cortana|Desc=Cortana|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-1880626798-2296700190-2192216202-2581987570-949377748-777141861-2889999867|EmbedCtxt=Cortana|Platform=2:6:2|Platform2=GTEQ| "{33704035-FE1C-476A-B27D-C1890D8B02FF}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Cortana|Desc=Cortana|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-1880626798-2296700190-2192216202-2581987570-949377748-777141861-2889999867|EmbedCtxt=Cortana|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{53B20AED-025B-49DF-887E-4DBD6233227C}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar|Desc=Xbox Game Bar|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox Game Bar|Platform=2:6:2|Platform2=GTEQ| "{18A429D6-571A-41D7-9EEE-4D2CC81E71AD}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar|Desc=Xbox Game Bar|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox Game Bar|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{CBB2FC16-2D71-4D3D-BD1A-0697B1BA2E7F}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Store|Desc=Microsoft Store|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=Microsoft Store|Platform=2:6:2|Platform2=GTEQ| "{793A8254-48F5-4923-8BA8-478D5DF51A90}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Store|Desc=Microsoft Store|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=Microsoft Store|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{823A32A9-6909-46AE-B3A1-ADF158C76BD8}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{1CB7C596-2D14-4644-A432-B00575915C2F}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{D9A2DB8D-0C00-4B1E-884C-E197EB6A5FF4}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{CAA31436-7755-4BBB-ABE2-83B38CCFBE2B}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{1A0AEB5E-B656-4D71-BD77-6980D7BB0242}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Users\Jean Marie CARRIBON\Downloads\UltraAdwareKiller.exe|Name=Ultra Adware Killer| "{5675795E-F21B-42C7-A10D-04CD64692036}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Users\Jean Marie CARRIBON\Downloads\UltraAdwareKiller.exe|Name=Ultra Adware Killer| "{F5E717A7-415F-4CAD-868C-D51E8AD43F98}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=BreeZip|Desc=BreeZip|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-2635230112-2006864107-4193911689-3097429540-2290974523-668175308-1509375274|EmbedCtxt=BreeZip|Platform=2:6:2|Platform2=GTEQ| "{21B168F6-E8B2-420F-A4DE-A86AEE35A753}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe|Name=Microsoft Edge (mDNS-In)|Desc=Règle de trafic entrant pour Microsoft Edge pour autoriser le trafic mDNS.|EmbedCtxt=Microsoft Edge| "{78ACBBCC-5186-47DB-AD97-F026ED868757}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{944181C2-A6E0-42A9-B629-48761EAD544D}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{FA11A6E4-FF78-4F1A-8737-F810A90CDCD6}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{453EB57C-7441-4325-8DA8-27BC7B261000}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{D1949B06-3D30-4B85-BDF1-6650D654F4A3}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{D0124B3F-B4DD-498A-ADDB-BA4AC18DADAE}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{78DFEE07-3BF5-4E29-8A66-FEA17598B60F}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{69D2819F-9E0D-4060-B188-DF6160B8CB6E}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.185.895.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}| "{A365B368-6E53-454A-BB6B-720EA0A4F4BA}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Spotify Music|Desc=Spotify Music|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-557819504-3144503769-3460048582-2468406004-2969798954-3397036932-4166026031|EmbedCtxt=Spotify Music|Platform=2:6:2|Platform2=GTEQ| "{F83A3735-EEB0-4C9F-B334-C918BC7B0FC8}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Candy Crush Friends|Desc=Candy Crush Friends|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-2434645666-2532177092-3042203602-619713399-428220933-2149260498-1813168567|EmbedCtxt=Candy Crush Friends|Platform=2:6:2|Platform2=GTEQ| "{2CBDD8DA-FAE0-4345-83B0-B76DACBBFAB9}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Candy Crush Friends|Desc=Candy Crush Friends|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-2434645666-2532177092-3042203602-619713399-428220933-2149260498-1813168567|EmbedCtxt=Candy Crush Friends|Platform=2:6:2|Platform2=GTEQ| "{CC68ACBB-123A-45EB-9AC7-A0F19AED9D3D}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{629218B7-280D-4105-A9D5-336B2B40E886}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe|Name=CCleaner Browser (mDNS-In)|Desc=Règle de trafic entrant pour CCleaner Browser autorisant le trafic mDNS|EmbedCtxt=CCleaner Browser| "{1EB68D8D-4879-448D-8BD7-FF08B27372CF}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Candy Crush Saga|Desc=Candy Crush Saga|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-2599857031-3789198952-3515498744-3120614410-3826243417-3816649221-455961092|EmbedCtxt=Candy Crush Saga|Platform=2:6:2|Platform2=GTEQ| "{E1038209-442D-45E8-92E1-D6239B13A94C}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Candy Crush Saga|Desc=Candy Crush Saga|LUOwn=S-1-5-21-2982999039-1405869219-2042017926-1001|AppPkgId=S-1-15-2-2599857031-3789198952-3515498744-3120614410-3826243417-3816649221-455961092|EmbedCtxt=Candy Crush Saga|Platform=2:6:2|Platform2=GTEQ| "{D651B006-552A-46B9-998E-53A9D1D45343}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\MiniTool ShadowMaker\AgentService.exe|Name=AgentService.exe| "{1425E82B-82C0-4EF6-8C2D-5E960415E4F8}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\MiniTool ShadowMaker\AgentService.exe|Name=AgentService.exe| ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760f-a5c8-4bfe-b314-d56a7b44a362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2e1803ee-f6bb-4028-8445-faa12ac4e894}] : (ngscan) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @c_media.inf,%ClassDesc%;Sound, video and game controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs) [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6fae73b7-b735-4b50-a0da-0dc2484b1f1a}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7a91aa44-e4f6-4b0a-b296-735d3b823500}] : (file_protector) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81c87465-de07-4efc-9d93-61e891d52fd2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a3e32dba-ba89-4f17-8386-2d0127fbd4cc}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras [HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f01a9d53-3ff6-48d2-9f97-c8a7004be10c}] : (ComputeAccelerator) [] -> @c_computeaccelerator.inf,%ClassDesc%;Compute accelerators [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters [HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [29/03/2022 10:18:40] - (5.0.5003.0) - (GFI Software - GFI Boot Time Operations Driver) - C:\WINDOWS\system32\drivers\gfibto.sys [22/04/2021 10:10:55] - (2.0.0.10037) - (Acronis International GmbH - File tracker minifilter driver) - C:\WINDOWS\system32\DRIVERS\file_tracker.sys [22/04/2021 10:10:26] - (1.3.0.3380) - (Acronis International GmbH - Acronis Storage Filter Management Driver) - C:\WINDOWS\system32\DRIVERS\fltsrv.sys [22/04/2021 10:10:33] - (1.1.0.10015) - (Acronis International GmbH - Acronis Volume Tracker Driver) - C:\WINDOWS\system32\DRIVERS\volume_tracker.sys [22/04/2021 10:10:27] - (4.7.0.4040) - (Acronis International GmbH - Acronis Snapshot API) - C:\WINDOWS\system32\DRIVERS\snapman.sys [22/02/2022 11:13:17] - (0.0.0.0) - ( -) - C:\WINDOWS\system32\pwdrvio.sys [22/04/2021 10:12:21] - (1.25.0.1455) - (Acronis International GmbH - Acronis NG Antimalware Driver (release.win8.x64)) - C:\WINDOWS\system32\DRIVERS\ngscan.sys [11/05/2022 07:02:02] - (0.0.0.0) - ( -) - C:\WINDOWS\System32\Drivers\CimFS.SYS [06/04/2021 12:18:34] - (1.3.48618.136) - (COMODO - COMODO Secure Shopping Driver) - C:\WINDOWS\system32\drivers\cmdcss.sys [06/04/2022 17:36:42] - (2.0.0.5213) - (CyberLink - CyberLink Virtual CDROM Bus Enumerator) - C:\WINDOWS\System32\drivers\CLVirtualBus01.sys [27/09/2019 08:17:31] - (10.0.16299.31241) - (Realsil Semiconductor Corporation - RTS USB READER Driver) - C:\WINDOWS\system32\Drivers\RtsUer.sys [22/04/2021 10:11:00] - (3.18.0.10048) - (Acronis International GmbH - Acronis File Protector) - C:\WINDOWS\system32\DRIVERS\file_protector.sys [22/04/2021 10:10:32] - (2.0.0.10017) - (Acronis International GmbH - Acronis Virtual File) - C:\WINDOWS\system32\DRIVERS\virtual_file.sys [03/05/2022 11:27:53] - (10.0.10011.16384) - (Windows (R) Win 7 DDK provider - Dokan Filesystem Driver) - C:\WINDOWS\system32\DRIVERS\dokan.sys [22/04/2021 10:12:48] - (3.1.9.53) - (Bitdefender - BDDCI filter driver) - C:\WINDOWS\system32\DRIVERS\bddci.sys [22/04/2021 10:10:22] - (6.1.0.10028) - (Acronis International GmbH - Acronis TIB Mounter Driver) - C:\WINDOWS\system32\DRIVERS\tib_mounter.sys ---------- | LoadOrderGroup Name: System Reserved - DriverEnabled: True - GroupOrder: 1 - Status: OK Name: EMS - DriverEnabled: True - GroupOrder: 2 - Status: OK Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 3 - Status: OK Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 4 - Status: OK Name: System Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK Name: SCSI miniport - DriverEnabled: True - GroupOrder: 6 - Status: OK Name: Port - DriverEnabled: True - GroupOrder: 7 - Status: OK Name: Primary Disk - DriverEnabled: True - GroupOrder: 8 - Status: OK Name: SCSI Class - DriverEnabled: True - GroupOrder: 9 - Status: OK Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 10 - Status: OK Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 11 - Status: OK Name: FSFilter System - DriverEnabled: True - GroupOrder: 12 - Status: OK Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 13 - Status: OK Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 14 - Status: OK Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 15 - Status: OK Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 16 - Status: OK Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 17 - Status: OK Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 18 - Status: OK Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 19 - Status: OK Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 20 - Status: OK Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 21 - Status: OK Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 22 - Status: OK Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 23 - Status: OK Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 24 - Status: OK Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 25 - Status: OK Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 26 - Status: OK Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 27 - Status: OK Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 28 - Status: OK Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 29 - Status: OK Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 30 - Status: OK Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 31 - Status: OK Name: FSFilter Top - DriverEnabled: True - GroupOrder: 32 - Status: OK Name: Filter - DriverEnabled: True - GroupOrder: 33 - Status: OK Name: Boot File System - DriverEnabled: True - GroupOrder: 34 - Status: OK Name: Base - DriverEnabled: True - GroupOrder: 35 - Status: OK Name: Pointer Port - DriverEnabled: True - GroupOrder: 36 - Status: OK Name: Keyboard Port - DriverEnabled: True - GroupOrder: 37 - Status: OK Name: Pointer Class - DriverEnabled: True - GroupOrder: 38 - Status: OK Name: Keyboard Class - DriverEnabled: True - GroupOrder: 39 - Status: OK Name: Video Init - DriverEnabled: True - GroupOrder: 40 - Status: OK Name: Video - DriverEnabled: True - GroupOrder: 41 - Status: OK Name: Video Save - DriverEnabled: True - GroupOrder: 42 - Status: OK Name: File System - DriverEnabled: True - GroupOrder: 43 - Status: OK Name: Streams Drivers - DriverEnabled: True - GroupOrder: 44 - Status: OK Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 45 - Status: OK Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 46 - Status: OK Name: Event Log - DriverEnabled: True - GroupOrder: 47 - Status: OK Name: PerceptionGroup - DriverEnabled: True - GroupOrder: 48 - Status: OK Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 49 - Status: OK Name: AudioGroup - DriverEnabled: True - GroupOrder: 50 - Status: OK Name: UIGroup - DriverEnabled: True - GroupOrder: 51 - Status: OK Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 52 - Status: OK Name: PlugPlay - DriverEnabled: True - GroupOrder: 53 - Status: OK Name: Cryptography - DriverEnabled: True - GroupOrder: 54 - Status: OK Name: PNP_TDI - DriverEnabled: True - GroupOrder: 55 - Status: OK Name: NDIS - DriverEnabled: True - GroupOrder: 56 - Status: OK Name: TDI - DriverEnabled: True - GroupOrder: 57 - Status: OK Name: iSCSI - DriverEnabled: True - GroupOrder: 58 - Status: OK Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 63 - Status: OK Name: NetworkProvider - DriverEnabled: True - GroupOrder: 64 - Status: OK Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 65 - Status: OK Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 66 - Status: OK Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 67 - Status: OK Name: Extended Base - DriverEnabled: True - GroupOrder: 68 - Status: OK Name: PCI Configuration - DriverEnabled: True - GroupOrder: 69 - Status: OK Name: MS Transactions - DriverEnabled: True - GroupOrder: 70 - Status: OK Name: Core - DriverEnabled: False - GroupOrder: 71 - Status: OK Name: AcronisAR - DriverEnabled: False - GroupOrder: 72 - Status: OK Name: Network - DriverEnabled: False - GroupOrder: 73 - Status: OK Name: PNP Filter - DriverEnabled: False - GroupOrder: 74 - Status: OK Name: Early-Launch - DriverEnabled: False - GroupOrder: 75 - Status: OK Name: System - DriverEnabled: False - GroupOrder: 76 - Status: OK Name: Core Security Extensions - DriverEnabled: False - GroupOrder: 77 - Status: OK Name: NetworkService - DriverEnabled: False - GroupOrder: 78 - Status: OK Name: Hyper-V Parsers - DriverEnabled: False - GroupOrder: 79 - Status: OK Name: LocalService - DriverEnabled: False - GroupOrder: 80 - Status: OK ---------- | LoadOrderGroupServiceDependencies LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs" ---------- | LoadOrderGroupServiceMembers LoadOrderGroup.Name="AcronisAR" - Service.Name="AcronisActiveProtectionService" LoadOrderGroup.Name="Event log" - Service.Name="AMD Crash Defender Service" LoadOrderGroup.Name="Event log" - Service.Name="AMD External Events Utility" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc" LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder" LoadOrderGroup.Name="AudioGroup" - Service.Name="Audiosrv" LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="BrokerInfrastructure" LoadOrderGroup.Name="NetworkProvider" - Service.Name="Browser" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch" LoadOrderGroup.Name="PlugPlay" - Service.Name="DeviceInstall" LoadOrderGroup.Name="TDI" - Service.Name="Dhcp" LoadOrderGroup.Name="TDI" - Service.Name="Dnscache" LoadOrderGroup.Name="TDI" - Service.Name="dot3svc" LoadOrderGroup.Name="TDI" - Service.Name="DusmSvc" LoadOrderGroup.Name="Event Log" - Service.Name="EventLog" LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc" LoadOrderGroup.Name="TDI" - Service.Name="icssvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation" LoadOrderGroup.Name="TDI" - Service.Name="lmhosts" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="LSM" LoadOrderGroup.Name="NetworkService" - Service.Name="MapsBroker" LoadOrderGroup.Name="NetworkProvider" - Service.Name="mpssvc" LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI" LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcCtnrSvc" LoadOrderGroup.Name="Cryptography" - Service.Name="NgcSvc" LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay" LoadOrderGroup.Name="Plugplay" - Service.Name="Power" LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper" LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs" LoadOrderGroup.Name="PlugPlay" - Service.Name="RtkAudioService" LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr" LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS" LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection" LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler" LoadOrderGroup.Name="profsvc_group" - Service.Name="SysMain" LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes" LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller" LoadOrderGroup.Name="AudioGroup" - Service.Name="VacSvc" LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc" LoadOrderGroup.Name="TDI" - Service.Name="Wcmsvc" LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient" LoadOrderGroup.Name="TDI" - Service.Name="WlanSvc" LoadOrderGroup.Name="TDI" - Service.Name="wlpasvc" LoadOrderGroup.Name="LocalService" - Service.Name="workfolderssvc" LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="3ware" LoadOrderGroup.Name="Core" - SystemDriver.Name="ACPI" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AcpiDev" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="acpiex" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="acpitime" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Acx01000" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ADP80XX" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="afunix" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="amdgpio2" LoadOrderGroup.Name="Base" - SystemDriver.Name="amdi2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8" LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdag" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="amdkmpfd" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM" LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="amdpsp" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsbs" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="b06bdrv" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicDisplay" LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicRender" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn2" LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="bindflt" LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthHFEnum" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BthMini" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="BthPan" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHPORT" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHUSB" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="bttflt" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs" LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="cht4iscsi" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="cht4vbd" LoadOrderGroup.Name="File system" - SystemDriver.Name="CimFS" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass" LoadOrderGroup.Name="FSFilter HSM" - SystemDriver.Name="CldFlt" LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CLVirtualBus01" LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="cmdboot" LoadOrderGroup.Name="Primary Disk" - SystemDriver.Name="cmderd" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="cmdGuard" LoadOrderGroup.Name="Core" - SystemDriver.Name="CNG" LoadOrderGroup.Name="Base" - SystemDriver.Name="cnghwassist" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus" LoadOrderGroup.Name="Base" - SystemDriver.Name="condrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="Dfsc" LoadOrderGroup.Name="Base" - SystemDriver.Name="dg_ssudbus" LoadOrderGroup.Name="File System" - SystemDriver.Name="Dokan" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="ebdrv" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorClass" LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorTcgDrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat" LoadOrderGroup.Name="FSFilter Encryption" - SystemDriver.Name="FileCrypt" LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace" LoadOrderGroup.Name="FSFilter System Recovery" - SystemDriver.Name="file_protector" LoadOrderGroup.Name="FSFilter Continuous Backup" - SystemDriver.Name="file_tracker" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr" LoadOrderGroup.Name="Filter" - SystemDriver.Name="fltsrv" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="FsDepends" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol" LoadOrderGroup.Name="Base" - SystemDriver.Name="genericusbfn" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="gfibto" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="GPIOClx0101" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidi2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidinterrupt" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidspi" LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hvservice" LoadOrderGroup.Name="System" - SystemDriver.Name="HwNClx0101" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hyperkbd" LoadOrderGroup.Name="Video" - SystemDriver.Name="HyperVideo" LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt" LoadOrderGroup.Name="Base" - SystemDriver.Name="iai2c" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2_BXT_P" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2_CNL" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2_GLK" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C_BXT_P" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C_CNL" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C_GLK" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSSi_GPIO" LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSSi_I2C" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAVC" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="ibbus" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="IHCFltPmt" LoadOrderGroup.Name="Base" - SystemDriver.Name="IndirectKmd" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="intelpep" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelpmax" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="iorate" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ItSas35i" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="kdnic" LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD" LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS3i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SSS" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv" LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbhost" LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbip" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas35i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasr" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="mlx4_bus" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr" LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb" LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsBridge" LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="msgpiowin32" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidkmdf" LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidumdf" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsLldp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM" LoadOrderGroup.Name="Network" - SystemDriver.Name="MsQuic" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig" LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="mvumis" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ndfltr" LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisTapi" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="ndiswanlegacy" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ndproxy" LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="netvsc" LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="ngelam" LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="ngscan" LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="Ntfs" LoadOrderGroup.Name="Base" - SystemDriver.Name="Null" LoadOrderGroup.Name="Primary Disk" - SystemDriver.Name="nvdimm" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor" LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia" LoadOrderGroup.Name="System Reserved" - SystemDriver.Name="pcw" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pdc" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas2i" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas3i" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="portcfg" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched" LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd" LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFS" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFSv1" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="RFCOMM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="rhproxy" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rt640x64" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="RtkBtFilter" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="RTWlanE02" LoadOrderGroup.Name="Video" - SystemDriver.Name="s3cap" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="sdbus" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum" LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial" LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SmartSAMD" LoadOrderGroup.Name="Hyper-V Parsers" - SystemDriver.Name="spaceparser" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="spaceport" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="SpatialGraphFilter" LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2" LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="storahci" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="storflt" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stornvme" LoadOrderGroup.Name="FSFilter Quota Management" - SystemDriver.Name="storqosflt" LoadOrderGroup.Name="Base" - SystemDriver.Name="storvsc" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="swenum" LoadOrderGroup.Name="Video Init" - SystemDriver.Name="Synth3dVsc" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="Telemetry" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="terminpt" LoadOrderGroup.Name="Filter" - SystemDriver.Name="tib" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="tnd" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="TPM" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="TsUsbGD" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmCx0101" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmTcpciCx0101" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmUcsiCx0101" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Ucx01000" LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="Ufx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UfxChipidea" LoadOrderGroup.Name="Base" - SystemDriver.Name="ufxsynopsys" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsChipidea" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UrsCx01000" LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsSynopsys" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub" LoadOrderGroup.Name="Base" - SystemDriver.Name="USBHUB3" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci" LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbscan" LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci" LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="VerifierExt" LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp" LoadOrderGroup.Name="Base" - SystemDriver.Name="vhf" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Vid" LoadOrderGroup.Name="Filter" - SystemDriver.Name="virtual_file" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vmbus" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="VMBusHID" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="volume_tracker" LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vpci" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid" LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="VSTXRAID" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwififlt" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwifimp" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarp" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarpv6" LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="wcifs" LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="wcnfs" LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="WdBoot" LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000" LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="WdFilter" LoadOrderGroup.Name="base" - SystemDriver.Name="WdmCompanionFilter" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="WFPLWFS" LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="WIMMount" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRT" LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRTProxy" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinMad" LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinVerbs" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi" LoadOrderGroup.Name="FSFilter Compression" - SystemDriver.Name="Wof" LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="WpdUpFltr" LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl" LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WSDPrintDevice" LoadOrderGroup.Name="Base" - SystemDriver.Name="WSDScan" LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf" LoadOrderGroup.Name="base" - SystemDriver.Name="WUDFRd" LoadOrderGroup.Name="NDIS" - SystemDriver.Name="xboxgip" LoadOrderGroup.Name="Base" - SystemDriver.Name="xinputhid" ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - amdkmpfd (@oem14.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter) -> System32\drivers\amdkmpfd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - amdpsp (@oem24.inf,%amdpsp.SVCDESC%;AMD PSP Service) -> System32\drivers\amdpsp.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - disk (@disk.inf,%disk_ServiceDesc%;Pilote de disque) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - file_tracker (Acronis File Tracker Driver) -> system32\DRIVERS\file_tracker.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fltsrv (Acronis Storage Filter Management) -> system32\DRIVERS\fltsrv.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - gfibto (gfibto) -> system32\drivers\gfibto.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorAVC (@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorAVC.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - ItSas35i () -> System32\drivers\ItSas35i.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasas35i () -> System32\drivers\megasas35i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - ngelam (NgElam) -> system32\drivers\ngelam.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvdimm (@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver) -> System32\drivers\nvdimm.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - pmem (@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver) -> System32\drivers\pmem.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - pwdrvio (pwdrvio) -> system32\pwdrvio.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - SgrmAgent (@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001) -> system32\drivers\SgrmAgent.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - SmartSAMD () -> System32\drivers\SmartSAMD.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - snapman (Acronis Snapshots Manager) -> system32\DRIVERS\snapman.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - Telemetry (@intelta.inf,%Telemetry.SVCDESC%;Intel(R) Telemetry Service) -> System32\drivers\IntelTA.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - volume_tracker (Acronis Volume Tracker) -> system32\DRIVERS\volume_tracker.sys - AcceptPause: False - AcceptStop: True S0 - [Kernel Driver] - vpci (@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus) -> System32\drivers\vpci.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False S0 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\wd\WdBoot.sys - AcceptPause: False - AcceptStop: False R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\wd\WdFilter.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - afunix (afunix) -> \SystemRoot\system32\drivers\afunix.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\BasicRender.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - CimFS () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - cmdcss (COMODO Secure Shopping) -> \SystemRoot\system32\drivers\cmdcss.sys - AcceptPause: False - AcceptStop: True S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NdisCap (@%SystemRoot%\System32\drivers\ndiscap.sys,-5000) -> System32\drivers\ndiscap.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - ngscan (ngscan) -> system32\DRIVERS\ngscan.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - Vid () -> \SystemRoot\System32\drivers\Vid.sys - AcceptPause: False - AcceptStop: True R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - BdDci (BdDci Service) -> \SystemRoot\system32\DRIVERS\bddci.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - bindflt (@%systemroot%\system32\drivers\bindflt.sys,-100) -> \SystemRoot\system32\drivers\bindflt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - Dokan (Dokan File System Driver) -> system32\DRIVERS\dokan.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - file_protector (Acronis File Protector Driver) -> system32\DRIVERS\file_protector.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - tib_mounter (Acronis TIB Mounter) -> \SystemRoot\system32\DRIVERS\tib_mounter.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - virtual_file (Acronis Virtual File Driver) -> system32\DRIVERS\virtual_file.sys - AcceptPause: False - AcceptStop: True R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - 1394ohci (@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\1394ohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AcpiDev (@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver) -> \SystemRoot\System32\drivers\AcpiDev.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - acpipagr (@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver) -> \SystemRoot\System32\drivers\acpipagr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AcpiPmi (@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver) -> \SystemRoot\System32\drivers\acpipmi.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - acpitime (@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver) -> \SystemRoot\System32\drivers\acpitime.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Acx01000 (@%SystemRoot%\system32\drivers\Acx01000.sys,-1000) -> system32\drivers\Acx01000.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - amdfendr (@oem36.inf,%AMDFENDR_svcdesc%;AMD Crash Defender Driver) -> \SystemRoot\system32\DRIVERS\amdfendr.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - amdgpio2 (@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver) -> \SystemRoot\System32\drivers\amdgpio2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - amdi2c (@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service) -> \SystemRoot\System32\drivers\amdi2c.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AmdK8 (@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver) -> \SystemRoot\System32\drivers\amdk8.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - amdkmdag () -> \SystemRoot\System32\DriverStore\FileRepository\u0366969.inf_amd64_425e4ca908447c57\B367342\amdkmdag.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - AmdPPM (@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver) -> \SystemRoot\System32\drivers\amdppm.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - AMDXE (@oem35.inf,%AMDXE.SVCDESC%;AMD Link Controller Emulation) -> \SystemRoot\System32\drivers\amdxe.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ampa (ampa) -> \??\C:\WINDOWS\system32\ampa.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AppID (@%systemroot%\system32\srpapi.dll,-100) -> system32\drivers\appid.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AppleLowerFilter (@oem10.inf,%AppleLowerFilterDisplayName%;Apple Lower Filter Driver) -> \SystemRoot\System32\drivers\AppleLowerFilter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - applockerfltr (@%systemroot%\system32\srpapi.dll,-102) -> system32\drivers\applockerfltr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - AsyncMac (@%systemroot%\system32\mprmsg.dll,-32000) -> \SystemRoot\System32\drivers\asyncmac.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - AtiHDAudioService (@oem32.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service) -> \SystemRoot\system32\drivers\AtihdWT6.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - bcmfn2 (@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service) -> \SystemRoot\System32\drivers\bcmfn2.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - bowser (@%systemroot%\system32\wkssvc.dll,-2001) -> system32\DRIVERS\bowser.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BthA2dp (@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver) -> \SystemRoot\System32\drivers\BthA2dp.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BthEnum (@bth.inf,%BthEnum.SVCDESC%;Service d’énumérateur Bluetooth) -> \SystemRoot\System32\drivers\BthEnum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BthHFEnum (@microsoft_bluetooth_hfp.inf,%BTHHFENUM_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Profile driver) -> \SystemRoot\System32\drivers\bthhfenum.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BthLEEnum (@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver) -> \SystemRoot\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - BthMini (@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver) -> \SystemRoot\System32\drivers\BTHMINI.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - BTHMODEM (@mdmbtmdm.inf,%BthModem.DisplayName%;Bluetooth Modem Communications Driver) -> \SystemRoot\System32\drivers\bthmodem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - BthPan (@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network)) -> \SystemRoot\System32\drivers\bthpan.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - BTHPORT (@bth.inf,%BTHPORT.SvcDesc%;Pilote de port Bluetooth) -> \SystemRoot\System32\drivers\BTHport.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - BTHUSB (@bth.inf,%BTHUSB.SvcDesc%;Pilote USB radio Bluetooth) -> \SystemRoot\System32\drivers\BTHUSB.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - buttonconverter (@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices) -> \SystemRoot\System32\drivers\buttonconverter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - CAD (@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver) -> \SystemRoot\System32\drivers\CAD.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - cht4vbd (@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver) -> \SystemRoot\System32\drivers\cht4vx64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - circlass (@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices) -> \SystemRoot\System32\drivers\circlass.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CLVirtualBus01 (@oem31.inf,%CLVirtualBus01.SVCDESC%;CyberLink Virtual CDROM Bus Enumerator) -> \SystemRoot\System32\drivers\CLVirtualBus01.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - CmBatt (@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver) -> \SystemRoot\System32\drivers\CmBatt.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - CompositeBus (@compositebus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver) -> \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - condrv (Console Driver) -> System32\drivers\condrv.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - DCamUSBEMPIA (@oem15.inf,%USB2800.DeviceDesc%;USB 2800 Video) -> \SystemRoot\system32\DRIVERS\emDevice64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ddmdrv (ddmdrv) -> \??\C:\WINDOWS\system32\ddmdrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - dg_ssudbus (@oem28.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)) -> \SystemRoot\system32\DRIVERS\ssudbus2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - dmvsc () -> \SystemRoot\System32\drivers\dmvsc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - drmkaud (@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers) -> \SystemRoot\System32\drivers\drmkaud.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - emAudio (@oem25.inf,%emAudio.DeviceDesc%;Dazzle Video Capture USB Audio Device) -> \SystemRoot\system32\drivers\emAudio64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ErrDev (@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver) -> \SystemRoot\System32\drivers\errdev.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - exfat (exFAT File System Driver) -> (?) - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - fastfat (FAT12/16/32 File System Driver) -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - fdc (@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver) -> \SystemRoot\System32\drivers\fdc.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - FiltUSBEMPIA (@oem15.inf,%emLower.DeviceDesc%;USB Device Lower Filter) -> \SystemRoot\system32\DRIVERS\emFilter64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - flpydisk (@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver) -> \SystemRoot\System32\drivers\flpydisk.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - gencounter (@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter) -> \SystemRoot\System32\drivers\vmgencounter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - genericusbfn (@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class) -> \SystemRoot\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - GPIOClx0101 (Microsoft GPIO Class Extension Driver) -> System32\Drivers\msgpioclx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HdAudAddService (@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Function Driver for High Definition Audio Service) -> \SystemRoot\System32\drivers\HdAudio.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HDAudBus (@hdaudbus.inf,%HDAudBus.SVCDESC%;Pilote de bus UAA Microsoft pour High Definition Audio) -> \SystemRoot\System32\drivers\HDAudBus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - HidBatt (@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver) -> \SystemRoot\System32\drivers\HidBatt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidBth (@hidbth.inf,%HIDBTH.SvcDesc%;Miniport IHM Microsoft Bluetooth) -> \SystemRoot\System32\drivers\hidbth.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hidi2c (@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver) -> \SystemRoot\System32\drivers\hidi2c.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hidinterrupt (@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts) -> \SystemRoot\System32\drivers\hidinterrupt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HidIr (@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver) -> \SystemRoot\System32\drivers\hidir.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hidspi (@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver) -> \SystemRoot\System32\drivers\hidspi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - HidUsb (@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver) -> \SystemRoot\System32\drivers\hidusb.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - hvservice (@%SystemRoot%\system32\drivers\hvservice.sys,-16) -> system32\drivers\hvservice.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HwNClx0101 (Microsoft Hardware Notifications Class Extension Driver) -> System32\Drivers\mshwnclx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - hyperkbd () -> \SystemRoot\System32\drivers\hyperkbd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - HyperVideo () -> \SystemRoot\System32\drivers\HyperVideo.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - i8042prt (@keyboard.inf,%i8042prt.SvcDesc%;i8042 Keyboard and PS/2 Mouse Port Driver) -> \SystemRoot\System32\drivers\i8042prt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iagpio (@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iagpio.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iai2c (@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller) -> \SystemRoot\System32\drivers\iai2c.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_GPIO2 (@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_GPIO2_BXT_P (@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_GPIO2_CNL (@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_CNL.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_GPIO2_GLK (@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_GLK.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_I2C (@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_I2C_BXT_P (@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C_BXT_P.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_I2C_CNL (@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C_CNL.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSS2i_I2C_GLK (@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C_GLK.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSSi_GPIO (@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iaLPSSi_I2C (@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_I2C.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ibbus (@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver)) -> \SystemRoot\System32\drivers\ibbus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IHCFltPmt (@oem5.inf,%IHCFltPmt.SvcDesc%;IHC Pmt frame manager) -> \SystemRoot\system32\DRIVERS\IHCFltPmt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IndirectKmd (@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100) -> \SystemRoot\System32\drivers\IndirectKmd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - IntcAzAudAddService (Service for Realtek HD Audio (WDM)) -> \SystemRoot\system32\drivers\RTKVHD64.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - intelpmax (@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver) -> \SystemRoot\System32\drivers\intelpmax.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - intelppm (@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver) -> \SystemRoot\System32\drivers\intelppm.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IpFilterDriver (@%systemroot%\system32\mprmsg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPMIDRV () -> \SystemRoot\System32\drivers\IPMIDrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - IPT () -> \SystemRoot\System32\drivers\ipt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - iScsiPrt (@iscsi.inf,%iScsiPortName%;iScsiPort Driver) -> \SystemRoot\System32\drivers\msiscsi.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - kbdclass (@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver) -> \SystemRoot\System32\drivers\kbdclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kbdhid (@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver) -> \SystemRoot\System32\drivers\kbdhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - kdnic (@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20)) -> \SystemRoot\System32\drivers\kdnic.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - mausbhost (@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver) -> \SystemRoot\System32\drivers\mausbhost.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mausbip (@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver) -> \SystemRoot\System32\drivers\mausbip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MbbCx (MBB Network Adapter Class Extension) -> system32\drivers\MbbCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MDA_NTDRV (MDA_NTDRV) -> \??\C:\WINDOWS\system32\MDA_NTDRV.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Microsoft_Bluetooth_AvrcpTransport (@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver) -> \SystemRoot\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mlx4_bus (@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator) -> \SystemRoot\System32\drivers\mlx4_bus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Modem () -> system32\drivers\modem.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - monitor (@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service) -> \SystemRoot\System32\drivers\monitor.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouclass (@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver) -> \SystemRoot\System32\drivers\mouclass.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mouhid (@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver) -> \SystemRoot\System32\drivers\mouhid.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - mpsdrv (@%SystemRoot%\system32\drivers\mpsdrv.sys,-23092) -> System32\drivers\mpsdrv.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - MsBridge (@%SystemRoot%\system32\bridgeres.dll,-1) -> System32\drivers\bridge.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - msgpiowin32 (@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator) -> \SystemRoot\System32\drivers\msgpiowin32.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mshidkmdf (@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100) -> \SystemRoot\System32\drivers\mshidkmdf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - mshidumdf (@%SystemRoot%\system32\drivers\mshidumdf.sys,-100) -> \SystemRoot\System32\drivers\mshidumdf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSKSSRV (@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy) -> \SystemRoot\System32\drivers\MSKSSRV.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPCLOCK (@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy) -> \SystemRoot\System32\drivers\MSPCLOCK.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSPQM (@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy) -> \SystemRoot\System32\drivers\MSPQM.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - MsQuic (@%SystemRoot%\system32\drivers\msquic.sys,-1) -> system32\drivers\msquic.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - MsRPC () -> (?) - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MSTEE (@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter) -> \SystemRoot\System32\drivers\MSTEE.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - MTConfig (@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver) -> \SystemRoot\System32\drivers\MTConfig.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - NativeWifiP (@%SystemRoot%\System32\drivers\nwifi.sys,-101) -> system32\DRIVERS\nwifi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ndfltr (@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service) -> \SystemRoot\System32\drivers\ndfltr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NdisImPlatform (@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501) -> System32\drivers\NdisImPlatform.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - NdisTapi (@%systemroot%\system32\mprmsg.dll,-32001) -> System32\DRIVERS\ndistapi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - Ndisuio (NDIS Usermode I/O Protocol) -> system32\drivers\ndisuio.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NdisVirtualBus (@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200) -> \SystemRoot\System32\drivers\NdisVirtualBus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - NdisWan (@%systemroot%\system32\mprmsg.dll,-32002) -> \SystemRoot\System32\drivers\ndiswan.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ndiswanlegacy (@%systemroot%\system32\mprmsg.dll,-32014) -> System32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - NDKPing (NDKPing Driver) -> system32\drivers\NDKPing.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - ndproxy (@%SystemRoot%\system32\drivers\ndproxy.sys,-6000) -> System32\DRIVERS\NDProxy.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - NetAdapterCx (Network Adapter Wdf Class Extension Library) -> system32\drivers\NetAdapterCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - netvsc () -> \SystemRoot\System32\drivers\netvsc.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - Ntfs () -> (?) - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Parport (@msports.inf,%Parport.SVCDESC%;Parallel port driver) -> \SystemRoot\System32\drivers\parport.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - PktMon (Packet Monitor Driver) -> system32\drivers\PktMon.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - PNPMEM (@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver) -> \SystemRoot\System32\drivers\pnpmem.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - portcfg () -> \SystemRoot\System32\drivers\portcfg.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - PptpMiniport (@%systemroot%\system32\mprmsg.dll,-32006) -> \SystemRoot\System32\drivers\raspptp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Processor (@cpu.inf,%Processor.SvcDesc%;Processor Driver) -> \SystemRoot\System32\drivers\processr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - pwdspio (pwdspio) -> \??\C:\WINDOWS\system32\pwdspio.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RasAgileVpn (@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2)) -> \SystemRoot\System32\drivers\AgileVpn.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - Rasl2tp (@%systemroot%\system32\mprmsg.dll,-32005) -> \SystemRoot\System32\drivers\rasl2tp.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RasPppoe (@%systemroot%\system32\mprmsg.dll,-32007) -> System32\DRIVERS\raspppoe.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> \SystemRoot\System32\drivers\rassstp.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - rdpbus (@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver) -> \SystemRoot\System32\drivers\rdpbus.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - RDPDR (@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100) -> System32\drivers\rdpdr.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - ReFS () -> (?) - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - ReFSv1 () -> (?) - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - RFCOMM (@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI)) -> \SystemRoot\System32\drivers\rfcomm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - rhproxy (@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver) -> \SystemRoot\System32\drivers\rhproxy.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - rt640x64 (@oem20.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver) -> \SystemRoot\System32\drivers\rt640x64.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RtkBtFilter (@oem33.inf,%BtFilt.SvcDesc%;Realtek Bluetooth Filter Driver) -> \SystemRoot\System32\drivers\RtkBtfilter.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RTSUER (@oem13.inf,%RtsUER%;Realtek USB Card Reader - UER) -> \SystemRoot\system32\Drivers\RtsUer.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - RTWlanE02 (@oem17.inf,%RTWlanE.DeviceDesc.DispName%;Realtek Wireless LAN 802.11n PCI-E Network Adapter) -> \SystemRoot\System32\drivers\rtwlane02.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - s3cap () -> \SystemRoot\System32\drivers\vms3cap.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ScanUSBEMPIA (@oem15.inf,%USBscan.DeviceDesc%;USB Still Image Capture Device) -> \SystemRoot\system32\DRIVERS\emScan64.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdbus () -> \SystemRoot\System32\drivers\sdbus.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SDFRd (@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector) -> \SystemRoot\System32\drivers\SDFRd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sdstor (@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver) -> \SystemRoot\System32\drivers\sdstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SerCx (Serial UART Support Library) -> system32\drivers\SerCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SerCx2 (Serial UART Support Library) -> system32\drivers\SerCx2.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serenum (@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver) -> \SystemRoot\System32\drivers\serenum.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Serial (@msports.inf,%Serial.SVCDESC%;Serial port driver) -> \SystemRoot\System32\drivers\serial.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sermouse (@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver) -> \SystemRoot\System32\drivers\sermouse.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - sfloppy (@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive) -> \SystemRoot\System32\drivers\sfloppy.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - spaceparser (@%systemroot%\system32\drivers\spaceparser.sys,-1001) -> system32\drivers\spaceparser.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SpatialGraphFilter (Holographic Spatial Graph Filter) -> System32\drivers\SpatialGraphFilter.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - SpbCx (Simple Peripheral Bus Support Library) -> system32\drivers\SpbCx.sys - AcceptPause: False - AcceptStop: False R3 - [File System Driver] - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys - AcceptPause: False - AcceptStop: True R3 - [File System Driver] - srvnet () -> System32\DRIVERS\srvnet.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - ssudmdm (@oem30.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)) -> \SystemRoot\system32\DRIVERS\ssudmdm.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - swenum (@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver) -> \SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Synth3dVsc () -> \SystemRoot\System32\drivers\Synth3dVsc.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - Tcpip6 (@todo.dll,-100;Microsoft IPv6 Protocol Driver) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - terminpt (@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver) -> \SystemRoot\System32\drivers\terminpt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - tib (Acronis TIB Manager) -> \SystemRoot\system32\DRIVERS\tib.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - tnd (Acronis Try&Decide filter) -> \SystemRoot\system32\DRIVERS\tnd.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - TPM (@tpm.inf,%TPM%;TPM) -> \SystemRoot\System32\drivers\tpm.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - TsUsbFlt (@%SystemRoot%\system32\drivers\tsusbflt.sys,-1000) -> system32\drivers\tsusbflt.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - TsUsbGD (@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device) -> \SystemRoot\System32\drivers\TsUsbGD.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - tunnel (@%SystemRoot%\System32\drivers\tunnel.sys,-500) -> System32\drivers\tunnel.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UASPStor (@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver) -> \SystemRoot\System32\drivers\uaspstor.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmCx0101 (USB Connector Manager KMDF Class Extension) -> System32\Drivers\UcmCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmTcpciCx0101 (UCM-TCPCI KMDF Class Extension) -> System32\Drivers\UcmTcpciCx.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmUcsiAcpiClient (@UcmUcsiAcpiClient.inf,%UcmUcsiAcpiClient.ServiceName%;UCM-UCSI ACPI Client) -> \SystemRoot\System32\drivers\UcmUcsiAcpiClient.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UcmUcsiCx0101 (UCM-UCSI KMDF Class Extension) -> System32\Drivers\UcmUcsiCx.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - Ucx01000 (USB Host Support Library) -> system32\drivers\ucx01000.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UdeCx (USB Device Emulation Support Library) -> system32\drivers\udecx.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - UEFI (@uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver) -> \SystemRoot\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - Ufx01000 (USB Function Class Extension) -> system32\drivers\ufx01000.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UfxChipidea (@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller) -> \SystemRoot\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - ufxsynopsys (@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller) -> \SystemRoot\System32\drivers\ufxsynopsys.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - umbus (@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver) -> \SystemRoot\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - UmPass (@umpass.inf,%UmPass.SVCDESC%;Pilote Microsoft UMPass) -> \SystemRoot\System32\drivers\umpass.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - UrsChipidea (@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver) -> \SystemRoot\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsCx01000 (USB Role-Switch Support Library) -> system32\drivers\urscx01000.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - UrsSynopsys (@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver) -> \SystemRoot\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - USB28xxBGA (@oem27.inf,%USB28285.DeviceDesc%;Roxio Video Capture USB) -> \SystemRoot\system32\DRIVERS\emBDA64A.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - USB28xxOEM (@oem27.inf,%OEM.DeviceDesc%;USB 28xx OEM Filter) -> \SystemRoot\system32\DRIVERS\emOEM64A.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbaudio (@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM)) -> \SystemRoot\system32\drivers\usbaudio.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbaudio2 (@usbaudio2.inf,%usbaudio2.SVCDESC%;USB Audio 2.0 Service) -> \SystemRoot\System32\drivers\usbaudio2.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbccgp (@usb.inf,%GenericParent.SvcDesc%;Pilote parent générique USB Microsoft) -> \SystemRoot\System32\drivers\usbccgp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbcir (@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR)) -> \SystemRoot\System32\drivers\usbcir.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - usbehci (@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbehci.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - usbhub (@usbport.inf,%ROOTHUB.SvcDesc%;Pilote de concentrateur standard USB Microsoft) -> \SystemRoot\System32\drivers\usbhub.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - USBHUB3 (@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub) -> \SystemRoot\System32\drivers\UsbHub3.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbohci (@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbohci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbprint (@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class) -> \SystemRoot\System32\drivers\usbprint.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbscan (@sti.inf,%usbscan.SvcDesc%;Pilote de scanneur USB) -> \SystemRoot\system32\DRIVERS\usbscan.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbser (@usbser.inf,%UsbSerial.DriverDesc%;Pilote série USB Microsoft) -> \SystemRoot\System32\drivers\usbser.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBSTOR (@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver) -> \SystemRoot\System32\drivers\USBSTOR.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - usbuhci (@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbuhci.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - usbvideo (@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM)) -> \SystemRoot\System32\Drivers\usbvideo.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - USBXHCI (@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\USBXHCI.SYS - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - vhdmp () -> \SystemRoot\System32\drivers\vhdmp.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vhf (@hidvhf.inf,%VhfService%;Virtual HID Framework (VHF) Driver) -> \SystemRoot\System32\drivers\vhf.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - VirtualRender () -> \SystemRoot\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - VMBusHID () -> \SystemRoot\System32\drivers\VMBusHID.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - vmgid (@wvmgid.inf,%VmGid.SVCDESC%;Microsoft Hyper-V Guest Infrastructure Driver) -> \SystemRoot\System32\drivers\vmgid.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - vwifimp (@%SystemRoot%\System32\drivers\vwifimp.sys,-261) -> \SystemRoot\System32\drivers\vwifimp.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WacomPen (@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver) -> \SystemRoot\System32\drivers\wacompen.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - wanarpv6 (@%systemroot%\system32\mprmsg.dll,-32012) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: False S3 - [File System Driver] - wcnfs (@%systemroot%\system32\drivers\wcnfs.sys,-100) -> \SystemRoot\system32\drivers\wcnfs.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - wdiwifi (WDI Driver Framework) -> system32\DRIVERS\wdiwifi.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WdmCompanionFilter (@%SystemRoot%\system32\drivers\WdmCompanionFilter.sys,-1000) -> system32\drivers\WdmCompanionFilter.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WdNisDrv (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370) -> system32\drivers\wd\WdNisDrv.sys - AcceptPause: False - AcceptStop: True S3 - [File System Driver] - WIMMount (@%SystemRoot%\system32\drivers\wimmount.sys,-101) -> system32\drivers\wimmount.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinMad (@mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service) -> \SystemRoot\System32\drivers\winmad.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinNat (@%SystemRoot%\system32\drivers\winnat.sys,-10001) -> system32\drivers\winnat.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WINUSB (@winusb.inf,%WINUSB_SvcName%;WinUsb Driver) -> \SystemRoot\System32\drivers\WinUSB.SYS - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WinVerbs (@mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service) -> \SystemRoot\System32\drivers\winverbs.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WmiAcpi (@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI) -> \SystemRoot\System32\drivers\wmiacpi.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WpdUpFltr (@%systemroot%\System32\drivers\WpdUpFltr.sys,-100) -> System32\drivers\WpdUpFltr.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - WSDPrintDevice (@wsdprint.inf,%WSDPrintDevice.SVCDESC%;WSD Print Support) -> \SystemRoot\System32\drivers\WSDPrint.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WSDScan (@sti.inf,%WSDScan.SvcDesc%;Prise en charge de la numérisation WSD) -> \SystemRoot\system32\DRIVERS\WSDScan.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys - AcceptPause: False - AcceptStop: False R3 - [Kernel Driver] - WUDFRd (@%SystemRoot%\system32\drivers\WudfRd.sys,-1000) -> \SystemRoot\System32\drivers\WUDFRd.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WUDFWpdFs (@wpdfs.inf,%WPDFS_SvcName%;Pilote du système de fichiers WPD) -> \SystemRoot\System32\drivers\WUDFRd.sys - AcceptPause: False - AcceptStop: True R3 - [Kernel Driver] - WUDFWpdMtp () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: True S3 - [Kernel Driver] - xboxgip (@xboxgip.inf,%XBOXGIP_Desc%;Xbox Game Input Protocol Driver) -> \SystemRoot\System32\drivers\xboxgip.sys - AcceptPause: False - AcceptStop: False S3 - [Kernel Driver] - xinputhid (@xinputhid.inf,%xinputhid.SvcDesc%;XINPUT HID Filter Driver) -> \SystemRoot\System32\drivers\xinputhid.sys - AcceptPause: False - AcceptStop: False R4 - [File System Driver] - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys - AcceptPause: False - AcceptStop: True S4 - [Kernel Driver] - cnghwassist (@%SystemRoot%\system32\drivers\cnghwassist.sys,-100) -> System32\DRIVERS\cnghwassist.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - hvcrash () -> \SystemRoot\System32\drivers\hvcrash.sys - AcceptPause: False - AcceptStop: False S4 - [File System Driver] - udfs (udfs) -> system32\DRIVERS\udfs.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - VerifierExt (@%SystemRoot%\System32\drivers\VerifierExt.sys,-1000) -> System32\drivers\VerifierExt.sys - AcceptPause: False - AcceptStop: False S4 - [Kernel Driver] - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: False ---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted) ---------- | Uninstall (Whitelist) [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\iMazing_is1] : (iMazing 2.14.8.0.-.DigiDNA) -> "C:\Program Files\DigiDNA\iMazing\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\PC Optimizer Pro] : (PC Optimizer Pro.-.Xportsoft Technologies) -> F:\PC Optimizer Pro\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}] : (Catalyst Control Center Next Localization KO.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0A4DB5B8-8C83-458B-8D0F-603543BA50A2}] : (Pinnacle 3D Title Editor.-.Corel Corporation) -> MsiExec.exe /I{0A4DB5B8-8C83-458B-8D0F-603543BA50A2} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0E4CA68C-72C3-4B01-AE33-8854AC00D17B}] : (MultiCam Capture Lite.-.Corel Corporation) -> MsiExec.exe /I{0E4CA68C-72C3-4B01-AE33-8854AC00D17B} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1DBACFDB-5E43-7882-36BD-53526D34BD22}] : (Catalyst Control Center Next Localization HU.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{20D46801-147B-30AD-7C5A-AC4560A79096}] : (Catalyst Control Center Next Localization FI.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{22C39711-2747-D264-319A-1550BEEAAEC6}] : (Catalyst Control Center Next Localization FR.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{24DF617A-CD23-6E6A-126B-23630D2781CE}] : (Catalyst Control Center Next Localization TH.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180221F0}] : (Java 8 Update 221 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180221F0} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F64180271F0}] : (Java 8 Update 271 (64-bit).-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F64180271F0} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{33FC564B-23F9-4B28-9CD0-CF3366290FA3}] : (Dazzle MyDVD.-.Nom de votre société) -> MsiExec.exe /I{33FC564B-23F9-4B28-9CD0-CF3366290FA3} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{36EDC500-E4C0-371C-9865-08450415C1E9}] : (Catalyst Control Center Next Localization CS.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}] : (Catalyst Control Center Next Localization DA.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4D1D5407-9B69-6422-629C-8518A26004A4}] : (Catalyst Control Center Next Localization RU.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4E44FAFE-FF5A-4987-837D-37B8EBE825DC}] : (Composants Cryptographiques CPS v5.1.6 (x64).-.ASIP Santé) -> MsiExec.exe /I{4E44FAFE-FF5A-4987-837D-37B8EBE825DC} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{7C36ADC0-5219-4D31-90D1-4211321481EF}] : (Acronis Drivers.-.Acronis) -> MsiExec.exe /X{7C36ADC0-5219-4D31-90D1-4211321481EF} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{82AB7DB2-140E-4166-A04E-1FD805EE0A74}] : (GALSS v3.45 x64.-.GIE SESAM-Vitale) -> MsiExec.exe /X{82AB7DB2-140E-4166-A04E-1FD805EE0A74} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}] : (Catalyst Control Center Next Localization TR.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8622E11A-5734-45AB-BD57-CFCA2C69A13E}] : (AMD WVR64.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{8C7451C7-6D39-4DF6-9441-B4C593AF020C}] : (DriversCloud.com (64 bits).-.Cybelsoft) -> MsiExec.exe /X{8C7451C7-6D39-4DF6-9441-B4C593AF020C} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}] : (Catalyst Control Center Next Localization ES.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9A263B2B-6A1E-430C-BA3E-72EBEAC8D371}] : (AMD Settings.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9D9A22A4-C382-4340-9843-AB8C54FC9D49}] : (COMODO Antivirus.-.COMODO Security Solutions Inc.) -> MsiExec.exe /I{9D9A22A4-C382-4340-9843-AB8C54FC9D49} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9DB2AF51-CF38-4135-97D9-1327F6D9DBD4}] : (Pinnacle Hollywood FX Volumes 1-3.-.Corel Corporation) -> MsiExec.exe /X{9DB2AF51-CF38-4135-97D9-1327F6D9DBD4} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A2BB2930-CB8B-418E-9786-47D322330E6F}] : (AMD Problem Report Wizard.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /X{A2BB2930-CB8B-418E-9786-47D322330E6F} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}] : (Catalyst Control Center Next Localization SV.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}] : (Catalyst Control Center Next Localization IT.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-1036-1033-7760-BC15014EA700}] : (Adobe Acrobat DC (64-bit).-.Adobe) -> MsiExec.exe /I{AC76BA86-1036-1033-7760-BC15014EA700} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}] : (Catalyst Control Center Next Localization CHT.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D5819A10-C18A-40F3-841B-5BFA7618485A}] : (Pinnacle Studio - Standard Content Pack.-.Corel Corporation) -> MsiExec.exe /I{D5819A10-C18A-40F3-841B-5BFA7618485A} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D74218A3-C503-57EF-AC9F-2220082E7ADE}] : (Catalyst Control Center Next Localization DE.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}] : (Catalyst Control Center Next Localization EL.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DDC54AEA-0ED0-4F2F-9C3C-7C382D80B5FB}] : (Serif WebPlus X7.-.Serif (Europe) Ltd) -> MsiExec.exe /I{DDC54AEA-0ED0-4F2F-9C3C-7C382D80B5FB} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}] : (Catalyst Control Center Next Localization NO.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}] : (Catalyst Control Center Next Localization NL.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}] : (Catalyst Control Center Next Localization BR.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}] : (Catalyst Control Center Next Localization CHS.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{ED75A775-03A7-F214-868D-497748707968}] : (Catalyst Control Center Next Localization JA.-.Advanced Micro Devices, Inc.) -> ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{EE2AFCE4-0238-4DE0-A140-1647021627C1}] : (Branding64.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{EE2AFCE4-0238-4DE0-A140-1647021627C1} ----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}] : (Catalyst Control Center Next Localization PL.-.Advanced Micro Devices, Inc.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EPSON PC-FAX Driver 2] : (Epson PC-FAX Driver.-.Seiko Epson Corporation) -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\EFXIJRMV.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FreeFileSync_is1] : (FreeFileSync.-.FreeFileSync.org) -> "C:\Program Files\FreeFileSync\Uninstall\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\iFun Screen Recorder_is1] : (iFun Screen Recorder.-.IObit) -> "C:\Program Files (x86)\iFun\iFun Screen Recorder\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IObit Software Updater_is1] : (IObit Software Updater.-.IObit) -> "C:\Program Files (x86)\IObit\Software Updater\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\iTop Screenshot_is1] : (iTop Screenshot.-.iTop Inc.) -> "C:\Program Files (x86)\iTop Screenshot\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\macrorit_mn2f] : (Macrorit NTFS To FAT32 Converter 2019.-.Bada Technology Co., Ltd.) -> C:\Program Files\Macrorit\NTFS To FAT32 Converter\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Microsoft Edge Update] : (Microsoft Edge Update.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MT-75D7C412-925B-4AD0-90DC-5E4FEE22EAE1_is1] : (MiniTool ShadowMaker PW Edition.-.MiniTool Software Limited) -> "C:\Program Files\MiniTool ShadowMaker\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MyEpson Portal] : (MyEpson Portal.-.SEIKO EPSON Corporation) -> MsiExec.exe /I{3361D415-BA35-4143-B301-661991BA6219} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PC Cleaner_is1] : (PC Cleaner v8.3.0.12.-.PC Helpsoft) -> "D:\PC Cleaner\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinThruster_is1] : (WinThruster v7.5.0.1.-.Solvusoft) -> "D:\Axthon\WinThruster\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Wise Auto Shutdown_is1] : (Wise Auto Shutdown 2.0.1.-.WiseCleaner.com, Inc.) -> "C:\Program Files (x86)\Wise\Wise Auto Shutdown\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{02CD493A-3CE1-4663-94F8-2044DF7B8244}] : (FSV 1.40.1011.-.GIE SESAM-Vitale) -> MsiExec.exe /X{02CD493A-3CE1-4663-94F8-2044DF7B8244} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07C32E05-016C-4CE7-99C9-B3981149E1C0}] : (CGM Assist.-.IMAGINE Editions) -> MsiExec.exe /I{07C32E05-016C-4CE7-99C9-B3981149E1C0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1949CB9A-926E-4FD2-A7DE-8F2F5616FC60}] : (Bitser.-.Bazwise) -> MsiExec.exe /I{1949CB9A-926E-4FD2-A7DE-8F2F5616FC60} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{25C76095-E562-49FC-9F27-1CBDC41A4CBB}] : (CGM LIFE Client.-.IMAGINE Editions) -> MsiExec.exe /I{25C76095-E562-49FC-9F27-1CBDC41A4CBB} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}] : (Epson Software Updater.-.Seiko Epson Corporation) -> MsiExec.exe /X{28C66F35-69BF-4376-BC80-4D5F4808FF3C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{29964269-54CA-4B76-878A-07ACC84A7E2C}] : (HelloDoc.-.IMAGINE Editions) -> MsiExec.exe /I{29964269-54CA-4B76-878A-07ACC84A7E2C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2C6DC07C-5D68-4E32-B6C6-EF5F24DA9FDF}] : (8GadgetPack.-.8GadgetPack.net) -> MsiExec.exe /X{2C6DC07C-5D68-4E32-B6C6-EF5F24DA9FDF} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3361D415-BA35-4143-B301-661991BA6219}] : (MyEpson Portal.-.SEIKO EPSON CORPORATION) -> MsiExec.exe /I{3361D415-BA35-4143-B301-661991BA6219} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}] : (Dragon.-.Nuance Communications Inc.) -> MsiExec.exe /I{33EA20FB-5389-4938-BA59-2BCD9BB68F41} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{35366900-4C69-4383-96E2-34005A700F5A}_is1] : (CGMHub version 1.1.1.3.-.CGM Solutions) -> "C:\Program Files (x86)\CGM\CGMHub\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{501451DE-5808-4599-B544-8BD0915B6B24}_is1] : (FreeRIP MP3 Converter 5.7.1.5.-.GreenTree Applications SRL) -> "C:\Program Files (x86)\FreeRIP\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{50D70A8D-0503-4AA6-97EF-09849E9FB520}] : (OpenOffice 4.1.6.-.Apache Software Foundation) -> MsiExec.exe /I{50D70A8D-0503-4AA6-97EF-09849E9FB520} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5E7C3CA2-E433-403B-A2FE-E07353AD8E64}] : (.-.) -> ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{61C37457-E06C-4EC1-B097-DBFD65E8467F}] : (iPhone Backup Extractor.-.Reincubate Ltd) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{669CA59D-B37A-41C2-9F83-87559A633C37}] : (HDUpdate.-.IMAGINE Editions) -> MsiExec.exe /I{669CA59D-B37A-41C2-9F83-87559A633C37} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6730838E-4F44-4ADE-B260-A0B5E696077A}] : (mica.-.GIE SESAM-Vitale) -> MsiExec.exe /X{6730838E-4F44-4ADE-B260-A0B5E696077A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6D8671DF-8D8F-4407-B74C-7C2657863D96}}_is1] : (VIP 3.12.-.(c) Intermedix) -> "c:\Ariane\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7A348D3C-74AA-409E-ADA6-93DE110D55B4}] : (V3S Reconnexion.-.XIRING) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}] : (Manuels EPSON.-.Seiko Epson Corporation) -> MsiExec.exe /I{84CECC1B-21EF-41B1-9A91-3E724E5D99D3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{85AED0BA-CA7C-492C-9FBC-2104F684BC3C}] : (c-treeACE ADO .NET Driver11.5.1.-.FairCom Corporation) -> MsiExec.exe /I{85AED0BA-CA7C-492C-9FBC-2104F684BC3C} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{88948210-F2B4-4448-98FD-A4BF653A5CC4}] : (HDDependance.-.IMAGINE Editions) -> MsiExec.exe /I{88948210-F2B4-4448-98FD-A4BF653A5CC4} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9486ECCC-7A19-4906-8B05-CF8CE528A28D}] : (Pinnacle Premium Pack Volumes 1-2.-.Corel Corporation) -> MsiExec.exe /X{9486ECCC-7A19-4906-8B05-CF8CE528A28D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9F205E94-9E42-4486-A92A-DF3F6CB85444}] : (Epson Event Manager.-.Seiko Epson Corporation) -> MsiExec.exe /X{9F205E94-9E42-4486-A92A-DF3F6CB85444} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824458876}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824458876} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AE83BC7B-F1EB-44E0-86E8-F5D437DD245F}] : (Composant SrvSvCnam 3.40.-.GIE SESAM-Vitale) -> MsiExec.exe /X{AE83BC7B-F1EB-44E0-86E8-F5D437DD245F} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B145BF7B-F24D-4164-8422-35FAB120B776}] : (mica.-.GIE SESAM-Vitale) -> MsiExec.exe /X{B145BF7B-F24D-4164-8422-35FAB120B776} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BDD73EB0-0485-4B79-93EC-CF2EAEFF3BAB}_is1] : (OpenSC.-.OpenSC project) -> "C:\Program Files (x86)\OpenSC\unins000.exe" ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA478445}] : (COMODO Secure Shopping.-.COMODO) -> MsiExec.exe /X{D15DF9B0-3A98-4BEF-B7D5-FC3AEA478445} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D1F92E87-D837-491F-A588-34EB2CD184D1}] : (APFS for Windows by Paragon Software.-.Paragon Software GmbH) -> MsiExec.exe /X{D1F92E87-D837-491F-A588-34EB2CD184D1} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93}] : (CCleaner Update Helper.-.Piriform Software) -> MsiExec.exe /I{E4EAC0E2-A80B-479F-BA45-DCDA595C9A93} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E79F5BD7-349E-447C-BA63-94524671A77E}] : (Ariane.-.IMAGINE Editions) -> MsiExec.exe /I{E79F5BD7-349E-447C-BA63-94524671A77E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EE008D2E-2747-413A-A4B1-1CA4078E1E7D}] : (Roxio VHS Capture Driver.-.Corel) -> MsiExec.exe /X{EE008D2E-2747-413A-A4B1-1CA4078E1E7D} ----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0A1A9E1-CD4B-4504-836F-1946F5815ECB}] : (Acronis True Image.-.Acronis) -> MsiExec.exe /X{F0A1A9E1-CD4B-4504-836F-1946F5815ECB} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F28AD4BC-AE49-4735-9E50-64212BD2083B}] : (DazzleBDAX64.-.Corel) -> MsiExec.exe /X{F28AD4BC-AE49-4735-9E50-64212BD2083B} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}] : (Dazzle Video Capture DVC100 X64 Driver 1.08.-.Pinnacle) -> MsiExec.exe /X{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA} ---------- | Ports ---------- | Microsoft Specifications CheckID: SetupControllerFiles0{90140000-0011-0000-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: OSetupController0{90140000-0011-0000-1000-0000000FF1CE} - CLICK2RUN -> OSetupController CheckID: SetupControllerFiles0{90140000-00A1-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-0043-0000-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-0043-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-0044-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-0015-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-0016-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-0018-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-0019-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-001A-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-00BA-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-001B-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-002C-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-006E-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: OSetupControllerIntl_10360{90140000-006E-040C-1000-0000000FF1CE} - CLICK2RUN -> OSetupControllerIntl_1036 CheckID: SetupControllerFiles0{90140000-001F-0401-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-001F-0413-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-001F-0407-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-001F-0409-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-001F-0C0A-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: SetupControllerFiles0{90140000-001F-040C-1000-0000000FF1CE} - CLICK2RUN -> SetupControllerFiles CheckID: fr_FR0{AC76BA86-1036-1033-7760-BC15014EA700} - ENABLE_fr_FR="0" -> fr_FR CheckID: fr_FR100{AC76BA86-1036-1033-7760-BC15014EA700} - ENABLE_fr_FR="1" -> fr_FR CheckID: fr_FR102{AC76BA86-1036-1033-7760-BC15014EA700} - ENABLE_fr_FR="2" -> fr_FR CheckID: AcroHelp_Professional0{AC76BA86-1036-1033-7760-BC15014EA700} - DISABLE_HELP="YES" -> AcroHelp_Professional CheckID: AcrobatBrowserIntegration0{AC76BA86-1036-1033-7760-BC15014EA700} - DISABLE_BROWSER_INTEGRATION="YES" -> AcrobatBrowserIntegration CheckID: AcrobatPDFIntegration0{AC76BA86-1036-1033-7760-BC15014EA700} - SETUP_PDF_INTEGRATION="NO" -> AcrobatPDFIntegration CheckID: ThumbnailPreviewHandler1{AC76BA86-1036-1033-7760-BC15014EA700} - ADD_THUMBNAILPREVIEW="YES" -> ThumbnailPreviewHandler CheckID: dokanlib.x640{D1F92E87-D837-491F-A588-34EB2CD184D1} - Not VersionNT64 -> dokanlib.x64 CheckID: dokandrv.x640{D1F92E87-D837-491F-A588-34EB2CD184D1} - Not VersionNT64 -> dokandrv.x64 CheckID: EMVIDEO0{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA} - VersionNT < 500 -> EMVIDEO CheckID: EMAUDIO_x86_x640{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA} - VersionNT < 500 -> EMAUDIO_x86_x64 ---------- | CLSID (Whitelist) [HKCR\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}] - (.-.) - C:\WINDOWS\SysWow64\xvid.ax [26/09/2019 18:10:27] [HKCR\CLSID\{008E91AA-A905-4206-A0FE-D4177E1C7BB1}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.35.422\psmachine.dll [HKCR\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}] - (.-.) - C:\Program Files (x86)\Acronis\TrueImageHome\tishell_25_8_39216.dll [23/03/2021 22:13:30] [HKCR\CLSID\{0288C4DF-C38D-4B9F-BC61-7A629F19FDD9}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.137.93\psmachine.dll [HKCR\CLSID\{043B13A3-C479-48AF-9E98-E9F08A411670}] - (.-.) - C:\Windows\SysWOW64\UpdateDeploymentProvider.dll [HKCR\CLSID\{09F4E6FE-F1D3-4E5C-B4CF-25D9C378961D}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.155.77\psmachine.dll [HKCR\CLSID\{0CE63743-3E8B-463F-90D8-0274D20FCEBB}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.36.122\psmachine.dll [HKCR\CLSID\{1273567F-5FEE-46B1-8895-BD3AD61A58EE}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.129.31\psmachine.dll [HKCR\CLSID\{14BE1FB6-7B58-4724-BCF7-4389C7770F07}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.135.41\psmachine.dll [HKCR\CLSID\{15FD01A3-6E5D-4ECD-9EBD-1813CB3887A1}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{179F3D56-1B0B-42B2-A962-59B7EF59FE1B}] - (.-.) - C:\Windows\SysWOW64\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll [15/09/2021 13:31:39] [HKCR\CLSID\{181A38F4-6CE6-4edc-8DB0-6E5631963A1E}] - (.-.) - C:\Windows\SysWOW64\LocationFramework.dll [HKCR\CLSID\{1965FEA3-3896-438B-B789-F5981797E7E7}] - (.-.) - C:\Windows\SysWOW64\MapsBtSvcProxy.dll [HKCR\CLSID\{1AE69EA6-CA63-4105-A21E-9164F1729F75}] - (.(c) 2020 Piriform Software - CCleaner Browser psmachine.) - C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\psmachine.dll [17/05/2022 10:09:10] [HKCR\CLSID\{1CEBDE3E-6B91-484A-AF48-5E4F4ED6B1E1}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{206FA6D0-A493-41FA-943D-3F655088F7B9}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{25A51000-0023-11E4-A88B-7845C437B8B9}] - (.-.) - C:\Program Files\Pinnacle\Studio for Dazzle\programs\RCom32.dll [12/03/2020 17:24:36] [HKCR\CLSID\{25a51001-0023-11e4-a88b-7845c437b8b9}] - (.-.) - C:\Program Files\Pinnacle\Studio for Dazzle\programs\RCom32.dll [12/03/2020 17:24:36] [HKCR\CLSID\{25a51002-0023-11e4-a88b-7845c437b8b9}] - (.-.) - C:\Program Files\Pinnacle\Studio for Dazzle\programs\RCom32.dll [12/03/2020 17:24:36] [HKCR\CLSID\{25a51003-0023-11e4-a88b-7845c437b8b9}] - (.-.) - C:\Program Files\Pinnacle\Studio for Dazzle\programs\RCom32.dll [12/03/2020 17:24:36] [HKCR\CLSID\{26A28DD1-D23A-43a0-A495-F1C3F75C49E2}] - (.-.) - C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy.dll [23/03/2021 23:07:00] [HKCR\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}] - (.-.) - "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\X86\MpOav.dll" [HKCR\CLSID\{28E08968-59C8-4A77-BEBA-12C9394AE077}] - (.(c) 2020 Piriform Software - CCleaner Browser.) - C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\npCCleanerBrowserUpdate3.dll [17/05/2022 10:09:16] [HKCR\CLSID\{2C5F9B72-7148-4D97-BFC9-68A0E076BEBD}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{2FE8F810-B2A5-11d0-A787-0000F803ABFC}] - (.-.) - C:\WINDOWS\system32\dplayx.dll [HKCR\CLSID\{32E226FC-F4EB-4588-900E-B46F3223557E}] - (.-.) - C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy.dll [23/03/2021 23:07:00] [HKCR\CLSID\{34A19196-274E-4D75-9D30-D7A45A0A4178}] - (.-.) - %ProgramFiles(x86)%\Windows Sidebar\wlsrvc.dll [HKCR\CLSID\{363BE3C0-DDD4-4B21-BC6D-7E9DF8CE19CB}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{3F052B8E-512B-419D-9E06-9B9ADDC7118C}] - (.-.) - C:\Windows\SysWOW64\MapsCSP.dll [HKCR\CLSID\{4062C116-0270-11D3-8BCB-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{4108FA85-3586-11D3-8BD7-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{4516EC43-8F20-11D0-9B6D-0000C0781BC3}] - (.-.) - C:\WINDOWS\system32\d3dxof.dll [HKCR\CLSID\{48F61E71-E203-4B69-AE20-3F222B5BEC89}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.133.5\psmachine.dll [HKCR\CLSID\{4EC3C18E-7203-41E7-990D-A72B57E286A9}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.36.72\psmachine.dll [HKCR\CLSID\{4EE17959-931E-49E4-A2C6-977ECF3628F3}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{513C6D01-E4A3-4F34-9BD9-3D83C35A3498}] - (.(c) 2020 Piriform Software - CCleaner Browser.) - C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\npCCleanerBrowserUpdate3.dll [17/05/2022 10:09:16] [HKCR\CLSID\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{59B4762A-A6A9-43BF-A4E3-1BC20DA752D8}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.135.29\psmachine.dll [HKCR\CLSID\{5C9ED313-4AE5-4768-9461-3166C5763F1D}] - (.-.) - C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy.dll [23/03/2021 23:07:00] [HKCR\CLSID\{5D74FD4B-4EFB-4586-8022-8637BBE40970}] - (.-.) - C:\Program Files (x86)\Acronis\TrueImageHome\tishell_25_8_39216.dll [23/03/2021 22:13:30] [HKCR\CLSID\{5D9F720A-82CE-47FB-8030-C52154BF5C29}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.36.92\psmachine.dll [HKCR\CLSID\{5DE7918B-BFD7-4C1E-B4E0-B16D0A3EA76B}] - (.-.) - C:\Windows\SysWOW64\AuthHostProxy.dll [HKCR\CLSID\{5EB699B3-9296-41BA-9258-DE70F03B7D6C}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{60D519E9-E1A3-45f9-9E31-75EF449F6A82}] - (.-.) - C:\Program Files (x86)\Acronis\TrueImageHome\tishell_25_8_39216.dll [23/03/2021 22:13:30] [HKCR\CLSID\{640167b4-59b0-47a6-b335-a6b3c0695aea}] - (.-.) - C:\WINDOWS\system32\audiodev.dll [HKCR\CLSID\{64697678-0000-0010-8000-00AA00389B71}] - (.-.) - C:\WINDOWS\SysWow64\xvid.ax [26/09/2019 18:10:27] [HKCR\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC}] - (.-.) - %ProgramFiles(x86)%\Windows Sidebar\sbdrop.dll [HKCR\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}] - (.-.) - C:\Program Files (x86)\Acronis\TrueImageHome\tishell_25_8_39216.dll [23/03/2021 22:13:30] [HKCR\CLSID\{79BA9E00-B6EE-11D1-86BE-00C04FBF8FEF}] - (.-.) - C:\WINDOWS\System32\dmband.dll [HKCR\CLSID\{7BFF24D0-B222-4369-9DBF-E456A4D72FFA}] - (.-.) - C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy.dll [23/03/2021 23:07:00] [HKCR\CLSID\{7E53D66F-70CE-41CD-97AF-ECB4FC7D0670}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.36.82\psmachine.dll [HKCR\CLSID\{810B5013-E88D-11D2-8BC1-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{8685C4A9-D0E4-444C-87A0-D9FB858235A7}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{882BC1E4-C79E-475D-8CC7-CC8D112FDB17}] - (.-.) - C:\Windows\SysWOW64\RMSRoamingSecurity.dll [HKCR\CLSID\{8989A1DC-DA44-4fc5-A3A2-8025BC9CFA14}] - (.-.) - C:\Program Files (x86)\Acronis\TrueImageHome\tishell_25_8_39216.dll [23/03/2021 22:13:30] [HKCR\CLSID\{8ECD4EAD-0970-47E2-A035-7147F68FA986}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.36.102\psmachine.dll [HKCR\CLSID\{9252D922-D666-478A-9770-7C0C63BC2692}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.45\psmachine.dll [HKCR\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}] - (.-.) - C:\Program Files (x86)\Acronis\TrueImageHome\tishell_25_8_39216.dll [23/03/2021 22:13:30] [HKCR\CLSID\{943FD346-D23E-42F3-8859-67F05CE92021}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.36.32\psmachine.dll [HKCR\CLSID\{95BD18C1-D7FB-4BD3-839A-1C37C90131B1}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{994B3B2F-2880-4318-A583-15C38A01F571}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{9BD1F370-1212-4794-AA9B-9EBD575091D5}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.155.85\psmachine.dll [HKCR\CLSID\{9D48CE47-9E1C-4D41-B480-260563C0B724}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.47\psmachine.dll [HKCR\CLSID\{9EE20F7D-20A3-4E75-BC6D-204304AB6C8B}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.127.15\psmachine.dll [HKCR\CLSID\{9F2D4924-C5F4-43B6-A4AB-C4161C4C2879}] - (.-.) - C:\Program Files\COMODO\COMODO Internet Security\cmdcom32.dll [HKCR\CLSID\{A020FAD9-D661-4857-AA43-E6A86FF1163E}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{A3628BD7-EF71-41AA-BBE8-085658F5DF61}] - (.(c) 2020 Piriform Software - CCleaner Browser psmachine.) - C:\Program Files (x86)\CCleaner Browser\Update\1.8.1208.2\psmachine.dll [17/05/2022 10:09:10] [HKCR\CLSID\{A3ADC43E-56D9-4EC1-ADDA-49C5B9069B07}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.36.112\psmachine.dll [HKCR\CLSID\{A533BCB1-6D33-41FC-8C3B-63223FCCE9D2}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.147.37\psmachine.dll [HKCR\CLSID\{A6098E79-9C50-4F87-8973-5FB4532C93D8}] - (.-.) - %windir%\system32\btpanui.dll [HKCR\CLSID\{A7BF901B-31F0-4653-90B0-533D1E05772E}] - (.-.) - C:\Program Files (x86)\Acronis\TrueImageHome\tishell_25_8_39216.dll [23/03/2021 22:13:30] [HKCR\CLSID\{A82536D7-C8E6-4CEF-AA66-11E97EDDFC6D}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{A861C6E2-FCFC-11D2-8BC9-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{AD181A86-8540-4EAA-A3D5-68FD744F9A89}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.35.342\psmachine.dll [HKCR\CLSID\{B1F03611-7CE3-4686-A817-D58A88DC8501}] - (.-.) - C:\Program Files\Pinnacle\Shared Files\SoundStage\Plugins\ScoreFitterPS.dll [12/03/2020 17:32:22] [HKCR\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}] - (.-.) - C:\Program Files (x86)\WinRAR\rarext.dll [26/09/2019 18:08:45] [HKCR\CLSID\{B4A02D72-2A34-41DB-B37F-05DFDB27E933}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.53\psmachine.dll [HKCR\CLSID\{B4BBC560-45F3-46F6-A253-AB6A13C4CE75}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.57\psmachine.dll [HKCR\CLSID\{B532B342-0E34-448B-9EDF-1D55C04041F8}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.151.27\psmachine.dll [HKCR\CLSID\{C05D20C2-15E5-4567-95C7-1546EF9C52F3}] - (.-.) - C:\Windows\SysWOW64\windows.applicationmodel.conversationalagent.proxystub.dll [07/12/2019 11:09:11] [HKCR\CLSID\{C3EA5C5C-31DF-437F-95E2-BCE4B2E83EE9}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.36.52\psmachine.dll [HKCR\CLSID\{C539A15A-3AF9-4c92-B771-50CB78F5C751}] - (.-.) - C:\Program Files (x86)\Acronis\TrueImageHome\tishell_25_8_39216.dll [23/03/2021 22:13:30] [HKCR\CLSID\{C539A15B-3AF9-4c92-B771-50CB78F5C751}] - (.-.) - C:\Program Files (x86)\Acronis\TrueImageHome\tishell_25_8_39216.dll [23/03/2021 22:13:30] [HKCR\CLSID\{C539A15C-3AF9-4c92-B771-50CB78F5C751}] - (.-.) - C:\Program Files (x86)\Acronis\TrueImageHome\tishell32_25_8_39216.dll [23/03/2021 22:51:32] [HKCR\CLSID\{C5621364-87CC-4731-8947-929CAE75323E}] - (.-.) - %windir%\system32\F12\msdbg2.dll [HKCR\CLSID\{C64501F6-E6E6-451f-A150-25D0839BC510}] - (.-.) - C:\Windows\SysWOW64\speech\engines\tts\MSTTSEngine.dll [10/03/2022 22:04:34] [HKCR\CLSID\{C70EB77F-EFD4-4678-A27B-BF1648F30D04}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{CDAEB70C-E686-4299-93EB-7D63D77B7F63}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{CFBF07CB-F962-4D92-9CA0-6A84148B1AAE}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.137.99\psmachine.dll [HKCR\CLSID\{D1EB6D20-8923-11d0-9D97-00A0C90A43CB}] - (.-.) - C:\WINDOWS\system32\dplayx.dll [HKCR\CLSID\{D2AC2894-B39B-11D1-8704-00600893B1BD}] - (.-.) - C:\WINDOWS\System32\dmband.dll [HKCR\CLSID\{D3075F87-A7BD-4231-9F6A-60C5E07374A7}] - (.-.) - %windir%\system32\acppage.dll [HKCR\CLSID\{D6FCA954-F7AE-4EAC-8783-85F5E4ABD840}] - (.-.) - %windir%\system32\F12\pdmproxy100.dll [HKCR\CLSID\{D8E090A5-4149-467D-8103-BFB8F51E8BCB}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{DA63DCB5-6ABC-45FE-933C-8FDE834DE2C8}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.135.49\psmachine.dll [HKCR\CLSID\{DACE006F-9846-4D70-A0BE-6EF90FA99392}] - (.-.) - C:\Windows\SysWOW64\windows.applicationmodel.conversationalagent.internal.proxystub.dll [07/12/2019 11:09:11] [HKCR\CLSID\{DE0C8422-0096-4240-9A06-FF4D7611EF04}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.35.442\psmachine.dll [HKCR\CLSID\{E816B022-B276-4CA0-B42A-E3EF8927EFD2}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.157.61\psmachine.dll [HKCR\CLSID\{E8B54CDF-0B5C-48A9-BE4A-347CF70D8BBE}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.153.55\psmachine.dll [HKCR\CLSID\{e8cc4cbe-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll [HKCR\CLSID\{e8cc4cbf-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll [HKCR\CLSID\{E9957D25-7EB7-42C8-AD32-06AF7776A788}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.35.452\psmachine.dll [HKCR\CLSID\{EBF2320A-2502-11D3-8BD1-00600893B1B6}] - (.-.) - C:\WINDOWS\System32\dmscript.dll [HKCR\CLSID\{F061FB61-2FE6-4BFF-ACF7-5FC2271CCEA9}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.139.59\psmachine.dll [HKCR\CLSID\{FA6C507D-A9AF-4385-86C0-80115F0AE20B}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll [HKCR\CLSID\{fdb00e52-a214-4aa1-8fba-4357bb0072ec}] - (.-.) - %windir%\system32\amsi.dll ---------- | Installer [HKCR\Installer\Products\005CDE630C4EC1738956805440511C9E] : Catalyst Control Center Next Localization CS -> C:\Windows\Installer\{36EDC500-E4C0-371C-9865-08450415C1E9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\012849884B2F844489DF4AFB56A3C54C] : HDDependance -> C:\WINDOWS\Installer\{88948210-F2B4-4448-98FD-A4BF653A5CC4}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\0392BB2AB8BCE8147968743D2233E0F6] : AMD Problem Report Wizard [HKCR\Installer\Products\0B9FD51D89A3FEB47B5DCFA3AE744854] : COMODO Secure Shopping -> C:\WINDOWS\Installer\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA478445}\icon.ico [HKCR\Installer\Products\0D970E00E5FD6CE4986615A80AFA164F] : Pinnacle Studio for Dazzle -> C:\WINDOWS\Installer\{00E079D0-DF5E-4EC6-8966-518AA0AF61F4}\ARPPRODUCTICON.exe1 [HKCR\Installer\Products\10864D02B741DA03C7A5CA54067A0969] : Catalyst Control Center Next Localization FI -> C:\Windows\Installer\{20D46801-147B-30AD-7C5A-AC4560A79096}\ARPPRODUCTICON.exe [HKCR\Installer\Products\11793C227472462D13A95105EBAEEA6C] : Catalyst Control Center Next Localization FR -> C:\Windows\Installer\{22C39711-2747-D264-319A-1550BEEAAEC6}\ARPPRODUCTICON.exe [HKCR\Installer\Products\15FA2BD983FC5314799D31726F9DBD4D] : Pinnacle Hollywood FX Volumes 1-3 -> C:\WINDOWS\Installer\{9DB2AF51-CF38-4135-97D9-1327F6D9DBD4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1F44C6BE87F001EFCB3609AB05BAC09E] : Catalyst Control Center Next Localization CHS -> C:\Windows\Installer\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\20A1AA7EC5756C41BFFEB46E4DA6B547] : Catalyst Control Center Next Localization BR -> C:\Windows\Installer\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2BD7BA28E04166140AE4F18D50EEA047] : GALSS v3.45 x64 -> c:\WINDOWS\Installer\{82AB7DB2-140E-4166-A04E-1FD805EE0A74}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2E0CAE4EB08AF974AB54CDAD95C5A939] : CCleaner Update Helper [HKCR\Installer\Products\3A81247D305CFE75CAF9220280E2A7ED] : Catalyst Control Center Next Localization DE -> C:\Windows\Installer\{D74218A3-C503-57EF-AC9F-2220082E7ADE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\49E502F924E968449AA2FDF3C68B4544] : Epson Event Manager -> C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444}\icon.exe [HKCR\Installer\Products\4A22A9D9283C04348934BAC845CFD994] : COMODO Antivirus [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468120120F] : Java 8 Update 221 (64-bit) -> C:\Program Files\Java\jre1.8.0_221\\bin\javaws.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468120170F] : Java 8 Update 271 (64-bit) -> C:\Program Files\Java\jre1.8.0_271\\bin\javaws.exe [HKCR\Installer\Products\4EA42A62D9304AC4784BF2468130330F] : Java 8 Update 333 (64-bit) -> C:\Program Files\Java\jre1.8.0_333\\bin\javaws.exe [HKCR\Installer\Products\4ECFA2EE83200ED41A0461742061721C] : Branding64 -> C:\WINDOWS\Installer\{EE2AFCE4-0238-4DE0-A140-1647021627C1}\ARPPRODUCTICON.exe [HKCR\Installer\Products\50E23C70C6107EC4999C3B8911941E0C] : CGM Assist -> C:\WINDOWS\Installer\{07C32E05-016C-4CE7-99C9-B3981149E1C0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\514D163353AB34143B10669119AB2691] : MyEpson Portal [HKCR\Installer\Products\53F66C82FB966734CB08D4F58480FFC3] : Epson Software Updater -> C:\WINDOWS\Installer\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}\icon.ico [HKCR\Installer\Products\577A57DE7A30412F68D8947784079786] : Catalyst Control Center Next Localization JA -> C:\Windows\Installer\{ED75A775-03A7-F214-868D-497748707968}\ARPPRODUCTICON.exe [HKCR\Installer\Products\59067C52265ECF94F972C1DB4CA1C4BB] : CGM LIFE Client -> C:\WINDOWS\Installer\{25C76095-E562-49FC-9F27-1CBDC41A4CBB}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA408033019195008142548867] : Adobe Refresh Manager -> C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824458876}\ARPPRODUCTICON.exe [HKCR\Installer\Products\68AB67CA630133017706CB5110E47A00] : Adobe Acrobat DC (64-bit) -> C:\WINDOWS\Installer\{AC76BA86-1036-1033-7760-BC15014EA700}\_SC_Acrobat.ico [HKCR\Installer\Products\7045D1D496B9224626C958812A06404A] : Catalyst Control Center Next Localization RU -> C:\Windows\Installer\{4D1D5407-9B69-6422-629C-8518A26004A4}\ARPPRODUCTICON.exe [HKCR\Installer\Products\78E29F1D738DF1945A8843BEC21D481D] : APFS for Windows by Paragon Software -> C:\WINDOWS\Installer\{D1F92E87-D837-491F-A588-34EB2CD184D1}\APFS4Win.ico [HKCR\Installer\Products\7C1547C893D66FD449144B5C39FA20C0] : DriversCloud.com (64 bits) -> C:\WINDOWS\Installer\{8C7451C7-6D39-4DF6-9441-B4C593AF020C}\maconfico [HKCR\Installer\Products\8B57D62B7BAFB8F667F7AB9F5783D319] : Catalyst Control Center Next Localization CHT -> C:\Windows\Installer\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8B5BD4A038C8B854D8F0065334AB052A] : Pinnacle 3D Title Editor -> C:\WINDOWS\Installer\{0A4DB5B8-8C83-458B-8D0F-603543BA50A2}\ARPPRODUCTICON.exe [HKCR\Installer\Products\8BFDDD6597F70844985D521E5FA22BF8] : Bonjour -> C:\WINDOWS\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\Bonjour.ico [HKCR\Installer\Products\8DFDDD3824DA9F274E1F4565DF3B409C] : Catalyst Control Center Next Localization TR -> C:\Windows\Installer\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}\ARPPRODUCTICON.exe [HKCR\Installer\Products\96246992AC4567B478A870CA8CA4E7C2] : HelloDoc -> C:\WINDOWS\Installer\{29964269-54CA-4B76-878A-07ACC84A7E2C}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9BE9B4BF2B8624C4C8836BF5F85E5AAC] : Dazzle Video Capture DVC100 X64 Driver 1.08 -> C:\WINDOWS\Installer\{FB4B9EB9-68B2-4C42-8C38-B65F8FE5A5CA}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A11E22684375BA54DB75FCACC2961AE3] : AMD WVR64 [HKCR\Installer\Products\A716FD4232DCA6E621B63236D07218EC] : Catalyst Control Center Next Localization TH -> C:\Windows\Installer\{24DF617A-CD23-6E6A-126B-23630D2781CE}\ARPPRODUCTICON.exe [HKCR\Installer\Products\A9BC9491E6292DF47AEDF8F26561CF06] : Bitser -> C:\WINDOWS\Installer\{1949CB9A-926E-4FD2-A7DE-8F2F5616FC60}\_F629BB280EF5C6DB94ABCF.exe [HKCR\Installer\Products\AB0DEA58C7ACC294F9CB12406F48CBC3] : c-treeACE ADO .NET Driver11.5.1 -> c:\WINDOWS\Installer\{85AED0BA-CA7C-492C-9FBC-2104F684BC3C}\controlPanelIcon.exe [HKCR\Installer\Products\B1CCEC48FE121B14A919E327E4D5993D] : Manuels EPSON -> C:\WINDOWS\Installer\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}\EPSMICO.ICO [HKCR\Installer\Products\B2B362A9E1A6C034ABE327BEAE8C3D17] : AMD Settings [HKCR\Installer\Products\B465CF339F3282B4C90DFC336692F03A] : Dazzle MyDVD -> C:\WINDOWS\Installer\{33FC564B-23F9-4B28-9CD0-CF3366290FA3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B521F949CC6AE5A5EE7EA45C30501CAF] : Catalyst Control Center Next Localization ES -> C:\Windows\Installer\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B7CB38EABE1F0E44688E5F4D73DD42F5] : Composant SrvSvCnam 3.40 -> C:\WINDOWS\Installer\{AE83BC7B-F1EB-44E0-86E8-F5D437DD245F}\ARPPRODUCTICON.exe [HKCR\Installer\Products\B7FB541BD42F4614482253AF1B027B67] : mica -> c:\WINDOWS\Installer\{B145BF7B-F24D-4164-8422-35FAB120B776}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BAB9738A9A953A0CB8CC8425AE046329] : Catalyst Control Center Next Localization SV -> C:\Windows\Installer\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BDFCABD134E5288763DB3525D643DB22] : Catalyst Control Center Next Localization HU -> C:\Windows\Installer\{1DBACFDB-5E43-7882-36BD-53526D34BD22}\ARPPRODUCTICON.exe [HKCR\Installer\Products\BF02AE3398358394AB95B2DCB96BF814] : Dragon -> C:\WINDOWS\Installer\{33EA20FB-5389-4938-BA59-2BCD9BB68F41}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C3D843A7AA47E904DA6A39ED11D0554B] : V3S Reconnexion [HKCR\Installer\Products\C5DBFB7036F28286B1164BA14411F3B3] : Catalyst Control Center Next Localization KO -> C:\Windows\Installer\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C86AC4E03C2710B4EA338845CA001DB7] : MultiCam Capture Lite -> C:\WINDOWS\Installer\{0E4CA68C-72C3-4B01-AE33-8854AC00D17B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\C971C95CD8669A946BAE1012CCCF2134] : LabelPrint -> C:\WINDOWS\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CAD9DAFD8674BB8CE4E0259306A5B9AE] : Catalyst Control Center Next Localization NO -> C:\Windows\Installer\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CB4DA82F94EA5374E9054612B22D80B3] : DazzleBDAX64 -> C:\WINDOWS\Installer\{F28AD4BC-AE49-4735-9E50-64212BD2083B}\ARPPRODUCTICON.exe [HKCR\Installer\Products\CC67F423DD8D78D47BD74DFAE5A17A3B] : [HKCR\Installer\Products\CCCE684991A76094B850FCC85E822AD8] : Pinnacle Premium Pack Volumes 1-2 -> C:\WINDOWS\Installer\{9486ECCC-7A19-4906-8B05-CF8CE528A28D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\D95AC966A73B2C14F9387855A936C373] : HDUpdate -> C:\WINDOWS\Installer\{669CA59D-B37A-41C2-9F83-87559A633C37}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\DF7BF2C4DF98C5AB85A583113F62DA43] : Catalyst Control Center Next Localization DA -> C:\Windows\Installer\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E2D800EE7472A3144A1BC14A70E8E1D7] : Roxio VHS Capture Driver -> C:\WINDOWS\Installer\{EE008D2E-2747-413A-A4B1-1CA4078E1E7D}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E3D8306E78D57FD8D650EB57233C7EE3] : Catalyst Control Center Next Localization NL -> C:\Windows\Installer\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E63140093D874A6498C34C3ED8782134] : 8GadgetPack -> C:\WINDOWS\Installer\{9004136E-78D3-46A4-893C-C4E38D871243}\ProductIcon [HKCR\Installer\Products\E838037644F4EDA42B060A5B6E6970A7] : mica -> C:\WINDOWS\Installer\{6730838E-4F44-4ADE-B260-A0B5E696077A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\EFAF44E4A5FF789438D7738BBE8E52CD] : Composants Cryptographiques CPS v5.1.6 (x64) -> c:\WINDOWS\Installer\{4E44FAFE-FF5A-4987-837D-37B8EBE825DC}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F1DBFBFF061B911AC7345848AFE26556] : Catalyst Control Center Next Localization PL -> C:\Windows\Installer\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}\ARPPRODUCTICON.exe [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\FB4CF19ACE1CACDA971D4F0F76F1D106] : Catalyst Control Center Next Localization IT -> C:\Windows\Installer\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}\ARPPRODUCTICON.exe [HKCR\Installer\Products\FCF334AD1A095A91567ADF8FD24E28D6] : Catalyst Control Center Next Localization EL -> C:\Windows\Installer\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}\ARPPRODUCTICON.exe ---------- | ADS Detected : C:\ProgramData\Temp:0FF263E8 ---------- | Drives ---------- | MBR 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0xc000027b Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x1aa0 Heure de début de l’application défaillante : 0x01d86b74f241fa8b Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : a1ed2213-ce9e-471d-a672-80654cb20093 Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Erreur du service de cliché instantané des volumes : erreur inattendue DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy2 - 00000000000002AC,0x00530194,0000000000000000,0,0000023AF0D0ED90,4096,[0]). hr = 0x800701b1, Un périphérique qui n’existe pas a été spécifié. . Opération : Interroger des clichés instantanés ------------ Les services de chiffrement ont échoué lors du traitement de l’appel OnIdentity() dans l’objet System Writer. Details: AddLegacyDriverFiles: Unable to back up image of binary Protocole LLDP (Link Layer Discovery Protocol) Microsoft. System Error: Accès refusé. . ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80070005 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x1d84 Heure de début de l’application défaillante : 0x01d86b70ac6c2c20 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : e721debd-bee2-42c0-a6e8-113739e56749 Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80070005 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x2284 Heure de début de l’application défaillante : 0x01d86b6fe324ff53 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 2cf43ad7-82be-4a1f-8e27-48ce709b656d Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80070005 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x1ccc Heure de début de l’application défaillante : 0x01d86b6fde213808 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 85a11379-36ef-4705-b1c7-def342a03017 Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80070005 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x2340 Heure de début de l’application défaillante : 0x01d86b6fd97116a1 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 42ee998a-15c3-4a36-a85c-ca280aa112f5 Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80070005 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x1c7c Heure de début de l’application défaillante : 0x01d86b6fd46c0a89 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 06a54833-4b87-4cb7-a5b8-bc87572eb88d Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80070005 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x19ec Heure de début de l’application défaillante : 0x01d86b6fce52c3ba Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : bbafb074-9c74-4000-a69d-68ffcf51a84a Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80070005 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x2238 Heure de début de l’application défaillante : 0x01d86b6a25114469 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : e812420f-d063-4b93-99e9-9042ceafaf77 Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80070005 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x1f24 Heure de début de l’application défaillante : 0x01d86b69c166a13d Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 7f3dd4ed-dcca-4e9d-8975-7fe97502c7f2 Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80070005 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x23d0 Heure de début de l’application défaillante : 0x01d86b69bcebb94a Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : fb3799d1-5737-42f1-afa2-97a6202de0b1 Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80070005 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x2380 Heure de début de l’application défaillante : 0x01d86b69b8501c58 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : d2ffe181-1629-47b9-9706-903260d733b4 Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80070005 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x1ae8 Heure de début de l’application défaillante : 0x01d86b69b3b9a64c Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 6b49348c-24d7-4313-a81b-963332d4ef14 Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80070005 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x19b4 Heure de début de l’application défaillante : 0x01d86b69aeff0951 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : ea5ca348-effe-4d4d-ad76-fa11448635df Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80070005 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x1924 Heure de début de l’application défaillante : 0x01d86b69979e2f9b Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : bd0ce782-daf9-4843-bbed-c0b99be36b21 Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80070005 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x2070 Heure de début de l’application défaillante : 0x01d86b69843775b7 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 96da5bba-5d3a-46b1-8d30-5d13710a6f5f Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ Nom de l’application défaillante SearchApp.exe, version : 10.0.19041.1682, horodatage : 0xaf111162 Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1706, horodatage : 0x458acb5b Code d’exception : 0x80040154 Décalage d’erreur : 0x000000000010fa32 ID du processus défaillant : 0x1584 Heure de début de l’application défaillante : 0x01d86b6698255967 Chemin d’accès de l’application défaillante : C:\WINDOWS\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe Chemin d’accès du module défaillant: C:\WINDOWS\System32\KERNELBASE.dll ID de rapport : 22e0f363-368a-4322-9a9b-f06b49c049ee Nom complet du package défaillant : Microsoft.Windows.Search_1.14.4.19041_neutral_neutral_cw5n1h2txyewy ID de l’application relative au package défaillant : CortanaUI ------------ ----------( EOF)---------- - 8862 | 15:18:32