--------------- QuickDiag | g3n-h@ckm@n | V3_02.04.17.1 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 11/04/2017 13:59:25 Updated 02/04/2017 | 14.30 (GMT) by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Jean-Marie (Administrator)] - [LFSULTRA-WIDEN] (S-1-5-21-1766228302-1366166313-1596766668-1001) System: Microsoft Windows 10 Famille - - (10.0.14393) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition3 Boot : SafeMode with network PC: CQ2904EF - Hewlett-Packard - IdNumber: 4CH3100VPJ - UUID: 2C238515-5AA2-7984-51F0-370493363EDB Processor : X64 - 1397 Mhz - AMD E1-1200 APU with Radeon(tm) HD Graphics 8.17 - fra - AMI - S/N: 4CH3100VPJ - 8.17 - HPQOEM - 1072009 CoreTemp : ? Celsius ----------| Extended ---------- | SoundDevice Realtek High Definition Audio - Status: Unknown - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_103C2AE3&REV_1001\4&2070A159&0&0001 HD Webcam C310 - Status: Unknown - Manufacturer: Logitech - PNPDeviceID: USB\VID_046D&PID_081B&MI_02\7&4D0A220&0&0002 ---------- | Video AMD Radeon HD 7310 Graphics - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController1 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll,aticfx32,aticfx32,aticfx32,atiumd64.dll,atidxx64.dll,atidxx64.dll,atiumdag,atidxx32,atidxx32,atiumdva,atiumd6a.cap,atitmm64.dll - PNPDeviceID: PCI\VEN_1002&DEV_9809&SUBSYS_2AE3103C&REV_00\3&11583659&0&08 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 402653184 Inegrated Video Chipset DeviceName: AMD Radeon HD 7310 Graphics - DriverVersion: 8.14.01.6463 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25352 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 87040 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\lvcod64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 175392 - Manufacturer: Logitech Inc. - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 35696 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42936 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34640 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:100 % CPU #2 value:100 % Total Overall CPU Usage value:100 % ---------- | Network Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30) - Ethernet 802.3 - Qualcomm Atheros - Status: - PnPID : PCI\VEN_1969&DEV_2062&SUBSYS_2AE3103C&REV_C1\4&186C6B44&0&00A9 Microsoft ISATAP Adapter - - - Status: - PnPID : TAP-Windows Adapter V9 - Ethernet 802.3 - TAP-Windows Provider V9 - Status: - PnPID : ROOT\NET\0000 ---------- | Memory RAM = Total (MB) : 3748 | Free (MB) : 66 Pagefile = Total (MB) : 13185 | Free (MB) : 9242 Virtual = Total (MB) : 4194 | Free (MB) : 3950 Physical Memory 0 : Capacity: 4294967296 - A1_DIMM0 - Posit.: 0 - Manufacturer: Micron - PartNumber: 8JTF51264AZ-1G6E1 - S/N: DEA02E9 ---------- | SID Users _ashbackuppb_ : [S-1-5-21-1766228302-1366166313-1596766668-1008] Administrateur : [S-1-5-21-1766228302-1366166313-1596766668-500] DefaultAccount : [S-1-5-21-1766228302-1366166313-1596766668-503] HomeGroupUser$ : [S-1-5-21-1766228302-1366166313-1596766668-1005] Invité : [S-1-5-21-1766228302-1366166313-1596766668-501] Jean-Marie : [S-1-5-21-1766228302-1366166313-1596766668-1001] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] AMD FUEL : [S-1-5-21-1766228302-1366166313-1596766668-1006] HomeUsers : [S-1-5-21-1766228302-1366166313-1596766668-1004] SQLServer2005SQLBrowserUser$LFSULTRA-WIDEN : [S-1-5-21-1766228302-1366166313-1596766668-1007] WinRMRemoteWMIUsers__ : [S-1-5-21-1766228302-1366166313-1596766668-1000] ---------- | SystemAccounts Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK ---------- | Drives A:\ -> [Network] | [] | Total : 30.02 Go | Free : 0.06 Go -> B:\ -> [Fixed] | [events 11-16 fev 2017] | Total : 465.76 Go | Free : 274.43 Go -> NTFS [USB] C:\ -> [Fixed] | [OS] | Total : 930.6 Go | Free : 701.24 Go -> NTFS [SATA] D:\ -> [Removable] | [MEMTEST86] | Total : 0.05 Go | Free : 0.05 Go -> FAT [USB] G:\ -> [Fixed] | [zalman ZM- VE350] | Total : 931.06 Go | Free : 421.36 Go -> NTFS [USB] H:\ -> [Removable] | [FRAMA SALIX] | Total : 28.78 Go | Free : 2.46 Go -> FAT32 [USB] I:\ -> [CDROM] | [Mes Fichiers] | Total : 59.37 Go | Free : 0 Go -> UDF [USB] J:\ -> [Removable] | [montre espi] | Total : 7.32 Go | Free : 0.13 Go -> FAT32 [USB] K:\ -> [Removable] | [wintobootic] | Total : 119.5 Go | Free : 106.63 Go -> NTFS [USB] L:\ -> [Removable] | [EMTECH YUMI] | Total : 57.68 Go | Free : 0.31 Go -> FAT32 [USB] M:\ -> [Removable] | [FOLD-IT SAR] | Total : 14.91 Go | Free : 0.77 Go -> FAT32 [USB] N:\ -> [Removable] | [YUMI SARDU] | Total : 14.31 Go | Free : 8.45 Go -> FAT32 [USB] O:\ -> [Removable] | [LOUVRE] | Total : 59.5 Go | Free : 58.77 Go -> exFAT [USB] R:\ -> [Fixed] | [wd MY passport 2TO] | Total : 2794.49 Go | Free : 159.57 Go -> NTFS [USB] S:\ -> [Removable] | [] | Total : 183.3 Go | Free : 2.31 Go -> exFAT [USB] U:\ -> [Removable] | [PARTED MAGI] | Total : 15 Go | Free : 0.32 Go -> FAT32 [USB] V:\ -> [Removable] | [sandisk con] | Total : 119.06 Go | Free : 15.59 Go -> exFAT [USB] W:\ -> [Removable] | [HMP KICKSTA] | Total : 57.55 Go | Free : 46.13 Go -> FAT32 [USB] Disk Usage Information [20 total Physical Disks] Physical Drive #0 [C:] : Read:1,219,255 bytes/sec, Written:800,824 bytes/sec Max Read:1,219,255 bytes/sec, Max Write:800,824 bytes/sec Physical Drive #1 [D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #2 [P:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #3 [G:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #4 [H:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #5 [R:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #6 [K:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #7 [M:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, O:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, Y:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #8 [V:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #9 [S:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, L:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, J:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, Q:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, N:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, X:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, W:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, B:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Physical Drive #1 [, U:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:1,219,255 bytes/sec, Write Maximum:800,824 bytes/sec DeviceID: \\.\PHYSICALDRIVE8 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_WIRELESS_STICK&REV_1\D0E40BF4E788&0 DeviceID: \\.\PHYSICALDRIVE10 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_&PROD_USB_DISK_3.0&REV_PMAP\070166959A11B155&0 DeviceID: \\.\PHYSICALDRIVE19 - Status: OK - USB - External hard disk media - 1 Part. - PnPID : USBSTOR\DISK&VEN_FUJITSU&PROD_MJA2500BH_G2&REV_\68300019430B&0 DeviceID: \\.\PHYSICALDRIVE9 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_WIRELESS_STICK&REV_1\D0E40BEC99E0&0 DeviceID: \\.\PHYSICALDRIVE7 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERAL&PROD_USB_FLASH_DISK&REV_1.00\05077900000000F6&0 DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC-&PROD_MULTI-CARD&REV_1.00\20071114173400000&0 DeviceID: \\.\PHYSICALDRIVE11 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_EPSON&PROD_STORAGE&REV_1.00\7&29DA1F97&0&534E4A593030303390&0 DeviceID: \\.\PHYSICALDRIVE15 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_ULTRA&REV_1.00\4C531001630616108350&0 DeviceID: \\.\PHYSICALDRIVE5 - Status: OK - USB - External hard disk media - 1 Part. - PnPID : USBSTOR\DISK&VEN_WD&PROD_MY_PASSPORT_0827&REV_1012\575831314438354450483744&0 DeviceID: \\.\PHYSICALDRIVE6 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SAMSUNG&PROD_FLASH_DRIVE_FIT&REV_1100\0363316010027335&0 DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 3 Part. - PnPID : SCSI\DISK&VEN_WDC&PROD_WD10EZEX-60ZF5A0\4&32E8E4A0&0&000000 DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - Removable Media - 2 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_ULTRA_FIT&REV_1.00\4C530001050902110312&0 DeviceID: \\.\PHYSICALDRIVE16 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENERAL&PROD_USB_FLASH_DISK&REV_1100\0340915030009803&0 DeviceID: \\.\PHYSICALDRIVE14 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_GENERIC&PROD_STORAGE_DEVICE&REV_9451\9&254CED59&0 DeviceID: \\.\PHYSICALDRIVE13 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_GENPLUS&PROD_USB-MSDC_DISK_A&REV_1.00\GENERIC_USB_MASS_STORAGE_DEVICE&0 DeviceID: \\.\PHYSICALDRIVE17 - Status: OK - USB - Removable Media - 0 Part. - PnPID : USBSTOR\DISK&VEN_MASS&PROD_STORAGE_DEVICE&REV_1.00\121220130416&0 DeviceID: \\.\PHYSICALDRIVE18 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_VERBATIM&PROD_STORE_N_GO&REV_5.00\07014791E2C22032&0 DeviceID: \\.\PHYSICALDRIVE12 - Status: OK - USB - - 0 Part. - PnPID : USBSTOR\DISK&VEN_EPSON&PROD_STORAGE&REV_1.00\7&29DA1F97&0&534E4A593030303390&1 DeviceID: \\.\PHYSICALDRIVE3 - Status: OK - USB - External hard disk media - 2 Part. - PnPID : USBSTOR\DISK&VEN_ZALMAN&PROD_ZM-VE350&REV_1060\303030303030303030303030&0 DeviceID: \\.\PHYSICALDRIVE4 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_VERBATIM&PROD_STORE_N_GO&REV_PMAP\071055D329387500&0 ---------- | Windows updates ---------- | Browsers IE : 11.0.14393.953 (© Microsoft Corporation. Tous droits réservés.) FF : 52.0.2.6291 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 57.0.2987.133 (Copyright 2016 Google Inc.) Default : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" ---------- | FlashPlayer FlashPlayer ActiveX : 25.0.0.127 ---------- | Security AS : Windows Defender Disabled FW : Emsisoft Internet Security Enabled WMI : OK WU: Windows Update Service [Manual(3)] = stopped AS: Windows Defender [Manual(3)] = stopped WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 592 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.14393.0) = C:\Windows\System32\smss.exe [16/07/2016 13:42:27] CPU Usage:0 % 740 | [Owner : Système | Parent : 728() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.14393.0) = C:\Windows\System32\csrss.exe [16/07/2016 13:42:27] CPU Usage:0 % 800 | [Owner : Système | Parent : 728() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.14393.0) = C:\Windows\System32\wininit.exe [16/07/2016 13:42:27] CPU Usage:0 % 812 | [Owner : Système | Parent : 792() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.14393.0) = C:\Windows\System32\csrss.exe [16/07/2016 13:42:27] CPU Usage:0 % 876 | [Owner : Système | Parent : 792() | 0.01 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.14393.594) = C:\Windows\System32\winlogon.exe [29/03/2017 17:00:42] CPU Usage:0 % 924 | [Owner : Système | Parent : 800(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.14393.479) = C:\Windows\System32\services.exe [29/03/2017 17:03:33] CPU Usage:0 % 932 | [Owner : Système | Parent : 800(wininit.exe) | 1.95 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.14393.187) = C:\Windows\System32\lsass.exe [11/11/2016 10:30:02] CPU Usage:0 % 1016 | [Owner : Système | Parent : 924(services.exe) | 2.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 13:42:27] CPU Usage:0 % 640 | [Owner : SERVICE RÉSEAU | Parent : 924(services.exe) | 5.07 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 13:42:27] CPU Usage:7 % 1000 | [Owner : DWM-1 | Parent : 876(winlogon.exe) | 19.94 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.14393.0) = C:\Windows\System32\dwm.exe [16/07/2016 13:42:23] CPU Usage:38 % 1060 | [Owner : SERVICE LOCAL | Parent : 924(services.exe) | 3.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 13:42:27] CPU Usage:0 % 1100 | [Owner : SERVICE LOCAL | Parent : 924(services.exe) | 1.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 13:42:27] CPU Usage:0 % 1128 | [Owner : Système | Parent : 924(services.exe) | 9.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 13:42:27] CPU Usage:0 % 1172 | [Owner : SERVICE LOCAL | Parent : 924(services.exe) | 1.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 13:42:27] CPU Usage:0 % 1180 | [Owner : SERVICE LOCAL | Parent : 924(services.exe) | 0.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 13:42:27] CPU Usage:0 % 1280 | [Owner : Système | Parent : 924(services.exe) | 0.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 13:42:27] CPU Usage:0 % 1312 | [Owner : SERVICE RÉSEAU | Parent : 924(services.exe) | 2.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 13:42:27] CPU Usage:0 % 1380 | [Owner : Système | Parent : 924(services.exe) | 0.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 13:42:27] CPU Usage:0 % 1600 | [Owner : Système | Parent : 924(services.exe) | 8.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 13:42:27] CPU Usage:0 % 1712 | [Owner : SERVICE RÉSEAU | Parent : 924(services.exe) | 0.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.14393.0) = C:\Windows\System32\svchost.exe [16/07/2016 13:42:27] CPU Usage:0 % 1968 | [Owner : Jean-Marie | Parent : 1128(svchost.exe) | 6.96 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.14393.0) = C:\Windows\System32\sihost.exe [16/07/2016 13:42:09] CPU Usage:0 % 824 | [Owner : Jean-Marie | Parent : 1468() | 0.61 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.14393.0) = C:\Windows\System32\ctfmon.exe [16/07/2016 13:42:43] CPU Usage:0 % 2184 | [Owner : Système | Parent : 924(services.exe) | 7.39 Mo] - (.Hide My IP - .) - (3.0.0.20) = C:\Program Files (x86)\Hide My IP 6\HideMyIpSrv.exe [07/04/2017 08:17:59] CPU Usage:0 % 2340 | [Owner : Jean-Marie | Parent : 1016(svchost.exe) | 3.83 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.14393.0) = C:\Windows\System32\dllhost.exe [16/07/2016 13:42:27] CPU Usage:0 % 2384 | [Owner : Jean-Marie | Parent : 1016(svchost.exe) | 3.17 Mo] - (.Microsoft Corporation - Aide et support Microsoft.) - (10.0.14393.953) = C:\Windows\HelpPane.exe [29/03/2017 17:01:42] CPU Usage:0 % 2472 | [Owner : Jean-Marie | Parent : 1016(svchost.exe) | 0.01 Mo] - (.Microsoft Corporation - InstallAgent.) - (10.0.14393.693) = C:\Windows\System32\InstallAgent.exe [29/03/2017 17:03:12] CPU Usage:0 % 2612 | [Owner : Jean-Marie | Parent : 1016(svchost.exe) | 3.18 Mo] - (.Microsoft Corporation - InstallAgentUserBroker.) - (10.0.14393.693) = C:\Windows\System32\InstallAgentUserBroker.exe [29/03/2017 17:03:13] CPU Usage:0 % 1036 | [Owner : Système | Parent : 876(winlogon.exe) | 0.01 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.14393.953) = C:\Windows\System32\fontdrvhost.exe [29/03/2017 17:00:24] CPU Usage:0 % 1528 | [Owner : Jean-Marie | Parent : 4140() | 306.7 Mo] - (.Genie9 - Zoolz.) - (2.2.4.600) = C:\Program Files\Genie9\Zoolz2\Zoolz.exe [22/03/2017 10:42:40] CPU Usage:41 % 4232 | [Owner : Jean-Marie | Parent : 4624() | 31.18 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.14393.953) = C:\Windows\explorer.exe [29/03/2017 17:00:49] CPU Usage:16 % 1120 | [Owner : Jean-Marie | Parent : 4500() | 3.16 Mo] - (.Innovative Solutions - NeoSetup Updater.) - (3.91.0.1) = C:\Program Files (x86)\Innovative Solutions\NeoSetup Updater\NeoSetup_Updater.exe [08/04/2017 09:45:22] CPU Usage:0 % 1208 | [Owner : Jean-Marie | Parent : 1016(svchost.exe) | 4.68 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.14393.953) = C:\Windows\explorer.exe [29/03/2017 17:00:49] CPU Usage:0 % 1916 | [Owner : Jean-Marie | Parent : 1016(svchost.exe) | 0.95 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.14393.0) = C:\Windows\syswow64\dllhost.exe [16/07/2016 13:42:55] CPU Usage:0 % 3988 | [Owner : Jean-Marie | Parent : 3708() | 0.03 Mo] - (.Mozilla Corporation - Firefox.) - (52.0.2.6291) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe [07/04/2017 10:42:27] CPU Usage:0 % 15944 | [Owner : Jean-Marie | Parent : 4232(explorer.exe) | 10.88 Mo] - (.Microsoft® Windows® Operating System - Task Manager.) - (1.0.0.1) = C:\Windows\System32\Taskmgr.exe [16/07/2016 13:42:14] CPU Usage:3 % 1624 | [Owner : Jean-Marie | Parent : 1208(explorer.exe) | 3.55 Mo] - (.Ashampoo GmbH & Co. KG - Ashampoo Snap 9.) - (9.0.5.0) = C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe [30/03/2017 11:33:21] CPU Usage:0 % 23012 | [Owner : Jean-Marie | Parent : 22052() | 0.03 Mo] - (.Mozilla Corporation - Firefox.) - (52.0.2.6291) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe [07/04/2017 10:42:27] CPU Usage:0 % 14984 | [Owner : Système | Parent : 924(services.exe) | 3.21 Mo] - (.Malwarebytes - Malwarebytes Service.) - (3.1.0.415) = C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [07/04/2017 10:10:24] CPU Usage:0 % 10516 | [Owner : Jean-Marie | Parent : 14984(MBAMService.exe) | 2.86 Mo] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.0.0.912) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe [07/04/2017 10:10:03] CPU Usage:0 % 13016 | [Owner : Jean-Marie | Parent : 21712() | 3.82 Mo] - (.Malwarebytes - Malwarebytes.) - (3.0.0.912) = C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe [07/04/2017 10:10:01] CPU Usage:0 % 6396 | [Owner : Jean-Marie | Parent : 4232(explorer.exe) | 3.76 Mo] - (. - ZHPCleane.) - (2017.4.10.62) = C:\Users\Jean-Marie\AppData\Roaming\ZHP\ZHPCleaner.exe [10/04/2017 18:38:25] CPU Usage:0 % 21380 | [Owner : Jean-Marie | Parent : 24648() | 3.82 Mo] - (. - .) - (2.0.0.0) = C:\Program Files\UCheck\UCheck64.exe [11/04/2017 12:29:25] CPU Usage:0 % 12108 | [Owner : Jean-Marie | Parent : 4232(explorer.exe) | 18.48 Mo] - (. - .) - (12.10.4.0) = C:\Program Files\RogueKiller\RogueKiller64.exe [11/04/2017 12:32:43] CPU Usage:0 % 18396 | [Owner : Jean-Marie | Parent : 21380(UCheck64.exe) | 0.16 Mo] - (.TeamViewer GmbH - .) - (12.1.10277.0) = C:\Users\JEAN-M~1\AppData\Local\Temp\rk_C583.tmp.exe [11/04/2017 12:35:28] CPU Usage:0 % 11860 | [Owner : Jean-Marie | Parent : 18396(rk_C583.tmp.exe) | 0.24 Mo] - (.TeamViewer - TeamViewer Remote Control Application Installer.) - (12.1.10277.0) = C:\Users\JEAN-M~1\AppData\Local\Temp\TeamViewer\TeamViewer_.exe [17/03/2017 17:23:54] CPU Usage:0 % 4284 | [Owner : Jean-Marie | Parent : 11860(TeamViewer_.exe) | 0.02 Mo] - (.TeamViewer GmbH - TeamViewer 12.) - (12.1.10277.0) = C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11/04/2017 12:36:12] CPU Usage:0 % 6128 | [Owner : Jean-Marie | Parent : 4284(TeamViewer_Service.exe) | 0.01 Mo] - (.Microsoft Corporation - Console Window Host.) - (10.0.14393.0) = C:\Windows\System32\conhost.exe [16/07/2016 13:42:23] CPU Usage:0 % 19884 | [Owner : Jean-Marie | Parent : 4232() | 125.12 Mo] - (.Mozilla Corporation - Firefox.) - (52.0.2.6291) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe [07/04/2017 10:42:27] CPU Usage:0 % 4980 | [Owner : Jean-Marie | Parent : 19884(firefox.exe) | 0.35 Mo] - (.Bitdefender - Bitdefender Password Manager Chrome and Firefox Extension Native Messaging Host.) - (21.0.24.57) = C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxcr.exe [06/04/2017 08:25:08] CPU Usage:0 % 24440 | [Owner : Jean-Marie | Parent : 4980(bdwtxcr.exe) | 0.02 Mo] - (.Microsoft Corporation - Console Window Host.) - (10.0.14393.0) = C:\Windows\System32\conhost.exe [16/07/2016 13:42:23] CPU Usage:0 % 6676 | [Owner : Jean-Marie | Parent : 19884(firefox.exe) | 224.1 Mo] - (.Mozilla Corporation - Firefox.) - (52.0.2.6291) = C:\Program Files (x86)\Mozilla Firefox\firefox.exe [07/04/2017 10:42:27] CPU Usage:0 % 5904 | [Owner : Jean-Marie | Parent : 20008() | 0.95 Mo] - (. - .) - (1.0.0.0) = C:\Users\Jean-Marie\Desktop\cadeaux musc moulue st j de conrad 17_03 & lfsu100%sf pt B 5_04\musc m jessica-j a le brulog 17 mars & lfsu100%sf part B 5 avril gifts setup_sib.exe [11/04/2017 13:25:16] CPU Usage:0 % 4948 | [Owner : Jean-Marie | Parent : 11432() | 5.47 Mo] - (.IObit - Advanced SystemCare 10.) - (10.3.0.739) = C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [11/04/2017 13:27:39] CPU Usage:0 % 7732 | [Owner : Jean-Marie | Parent : 11432() | 9.78 Mo] - (.IObit - Performance Monitor.) - (10.1.4.1364) = C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [11/04/2017 13:27:46] CPU Usage:0 % 19104 | [Owner : Jean-Marie | Parent : 4948(ASC.exe) | 1.98 Mo] - (.IObit - Advanced SystemCare 10.) - (10.0.1.3125) = C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [11/04/2017 13:27:40] CPU Usage:0 % 9540 | [Owner : Jean-Marie | Parent : 20656() | 4.18 Mo] - (.ACD Systems - acdID InTouch2.) - (5.0.10016.0) = C:\Program Files\ACD Systems\ACDSee Video Studio\acdIDInTouch2.exe [19/07/2014 17:12:52] CPU Usage:0 % 17584 | [Owner : Jean-Marie | Parent : 19884(firefox.exe) | 0.54 Mo] - (.Digital Wave Ltd - Free Studio Setup .) - (6.6.35.323) = C:\Users\Jean-Marie\Downloads\FreeStudio.exe [11/04/2017 13:38:56] CPU Usage:0 % 24000 | [Owner : Jean-Marie | Parent : 17584(FreeStudio.exe) | 3.8 Mo] - (. - Setup/Uninstall.) - (51.1052.0.0) = C:\Users\JEAN-M~1\AppData\Local\Temp\is-76KJR.tmp\FreeStudio.tmp [11/04/2017 13:39:51] CPU Usage:0 % 11308 | [Owner : LogonSessionId_0_211016825 | Parent : 1016(svchost.exe) | 6.54 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.14393.0) = C:\Windows\System32\wbem\WmiPrvSE.exe [16/07/2016 13:42:31] CPU Usage:0 % 13480 | [Owner : Jean-Marie | Parent : 9040() | 6.71 Mo] - (. - .) - (0.0.0.0) = C:\Users\JEAN-M~1\AppData\Local\Temp\~nsu.tmp\Au_.exe [11/04/2017 13:58:32] CPU Usage:0 % 7832 | [Owner : Jean-Marie | Parent : 5904(musc m jessica-j a le brulog 17 mars & lfsu100%sf part B 5 avril gifts setup_sib.exe) | 13.25 Mo] - (.SosVirus - QuickDiag.) - (2.4.17.1) = C:\Users\JEAN-M~1\AppData\Local\Temp\nsu53C7.tmp\quickdiag_3_02.04.17.1\quickdiag_3_02.04.17.1.exe [10/04/2017 15:06:44] CPU Usage:0 % 22704 | [Owner : Jean-Marie | Parent : 13428() | 47.48 Mo] - (.DVDVideoSoft Ltd. - FreeYouTubeToDVDConverter.) - (3.1.103.829) = C:\Program Files (x86)\DVDVideoSoft\Free YouTube to DVD Converter\FreeYouTubeToDVDConverter.exe [11/04/2017 13:46:04] CPU Usage:0 % 16652 | [Owner : Système | Parent : 1016(svchost.exe) | 1.16 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.14393.0) = C:\Windows\System32\wbem\WmiPrvSE.exe [16/07/2016 13:42:31] CPU Usage:0 % 16684 | [Owner : LogonSessionId_0_211165659 | Parent : 1016(svchost.exe) | 6.1 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.14393.0) = C:\Windows\syswow64\wbem\WmiPrvSE.exe [16/07/2016 13:42:56] CPU Usage:0 % ---------- | MD5 [MD5.F2D58A2E27C2CD486F8F0A123A3F34C3] - [29/03/2017 17:00:49] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4564.8 Ko] - (10.0.14393.953) : C:\WINDOWS\Explorer.exe [MD5.F4F684066175B77E0C3A000549D2922C] - [16/07/2016 13:42:36] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [227.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\cmd.exe [MD5.77DBC745D957B4F0404ABABC10696784] - [16/07/2016 13:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [17.72 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\csrss.exe [MD5.DA63852A2B0340E94D74EAF0CD444979] - [16/07/2016 13:42:27] - (.© Microsoft Corporation. - COM Surrogate.) - [20.84 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\dllhost.exe [MD5.6955067712F2F4752CA12192B08EF860] - [16/07/2016 13:42:16] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [683.48 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Kernel32.dll [MD5.6F8E95716C1A27FF2FE96D30B147F1C1] - [11/11/2016 10:30:02] - (.© Microsoft Corporation. - Local Security Authority Process.) - [56.05 Ko] - (10.0.14393.187) : C:\WINDOWS\System32\lsass.exe [MD5.7BD259FC59CF9C2AE1B979564B374CC6] - [16/07/2016 13:42:27] - (.© Microsoft Corporation. - Distributed COM Services.) - [867.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\rpcss.dll [MD5.C7645D43451C6D94D87F4D07BDE59C89] - [16/07/2016 13:42:42] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [68 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\rundll32.exe [MD5.3C69CC28665854F1AAB4B4005005FA31] - [29/03/2017 17:03:33] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [443.94 Ko] - (10.0.14393.479) : C:\WINDOWS\System32\services.exe [MD5.36F670D89040709013F6A460176767EC] - [16/07/2016 13:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [43.45 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\svchost.exe [MD5.C46EA86BF0E7C96235E9064CBAD6ED26] - [29/03/2017 17:00:30] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1426.95 Ko] - (10.0.14393.576) : C:\WINDOWS\System32\user32.dll [MD5.C1B1FFC800BE2F31EB2CF8CB40629C69] - [16/07/2016 13:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [32.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\userinit.exe [MD5.99A19C9A74E2F9820E501DCE77F84F70] - [16/07/2016 13:42:27] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [297.11 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Wininit.exe [MD5.917F081E2AB667C44F7D96DE1D16DFAE] - [29/03/2017 17:00:42] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [658 Ko] - (10.0.14393.594) : C:\WINDOWS\System32\Winlogon.exe [MD5.323AA1953ED9C01E23F740FA891FE064] - [11/11/2016 10:30:04] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [570.34 Ko] - (10.0.14393.351) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.A10F989A812B57B9695F6C305907C9C6] - [16/07/2016 13:41:53] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.84 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.65DEB05FC234BFF207379F06F0754402] - [16/07/2016 13:41:53] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [187.34 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.F8FB51B9EF6372610E9B31A1D86B62FC] - [16/07/2016 13:42:35] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.613D0137C269187FA298A157E3D14A18] - [16/07/2016 13:41:53] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [169 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.4BC21E937E9F9F408672D2C2CBE4A153] - [29/03/2017 17:01:41] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [142 Ko] - (10.0.14393.953) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.10E3515FE5DBA6656FA62C29342EC4A1] - [16/07/2016 13:41:52] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [81.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.B54B30992620C97230013A74461C8517] - [16/07/2016 13:41:54] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [111.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.F1DAECC3B3D6399875D4F10529D6A77C] - [16/07/2016 13:42:39] - (.© Microsoft Corporation. - IP Network Address Translator.) - [207.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.D559FF28B1AD9B1E15A4186E785E61F6] - [29/03/2017 17:01:39] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [439.84 Ko] - (10.0.14393.953) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.3B41B4CF8F3F7C4041AC516830561533] - [29/03/2017 17:03:24] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1153.34 Ko] - (10.0.14393.953) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.6FEBB0A847FFD5F057B9AC8889F1B9A7] - [16/07/2016 13:42:35] - (.© Microsoft Corporation. - MBT Transport driver.) - [272.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.98BBD81DC481E9D58EEB31C81EBDEFF5] - [29/03/2017 17:00:38] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2202.84 Ko] - (10.0.14393.953) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.6B81BF7853D161DB8AC62CD8B9C2DE6B] - [16/07/2016 13:41:53] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [94.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.17E565710172ED71B8531D8822E1C5D1] - [16/07/2016 13:42:39] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [102.5 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.7135785C21CA79D270D11037C43D3F19] - [16/07/2016 13:44:03] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [173 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.2011413864620317C8F931219CAF09C3] - [29/03/2017 17:03:42] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2476.84 Ko] - (10.0.14393.953) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.0B237F8A96952BF95A14865030E131F2] - [29/03/2017 17:03:09] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.84 Ko] - (10.0.14393.953) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.BF2546583BB75F01DDA60A7921DFB230] - [16/07/2016 13:42:35] - (.© Microsoft Corporation. - Volume Shadow Copy driver.) - [382.34 Ko] - (10.0.14393.0) : C:\WINDOWS\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (.C-O-M-O-D-O.-.COMODO BackUp ShellExtension.) - (2.0.0.1834) -- C:\Program Files\COMODO\COMMON\ShellExtension.dll (..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\CoreUIComponents.dll (.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.12.2.0) -- C:\WINDOWS\System32\winsqlite3.dll (..-..) - (0.0.0.0) -- (..-..) - (0.0.0.0) -- : 3720 (..-..) - (0.0.0.0) -- (..-..) - (0.0.0.0) -- (..-..) - (0.0.0.0) -- (.Bitdefender.-.BDShellExt Module.) - (21.0.24.57) -- C:\Program Files\Bitdefender\Bitdefender 2017\bdshellext.dll (.Bitdefender.-.Product Info Library.) - (21.0.24.62) -- C:\Program Files\Bitdefender\Bitdefender 2017\IServConfig.dll (.Bitdefender.-.BDShellExt Module.) - (21.0.24.54) -- C:\Program Files\Bitdefender\Bitdefender 2017\lang\fr-FR\bdshellext.txtui (.TODO: .-.TODO: .) - (1.0.0.1) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 14\WinOptimizerContextHandler64.dll (.Bitdefender.-.Bitdefender File Shredder Shell Extension.) - (21.0.24.57) -- C:\Program Files\Bitdefender\Bitdefender 2017\fshredctx.dll (.Bitdefender.-.Bitdefender File Shredder Shell Extension.) - (21.0.24.54) -- C:\Program Files\Bitdefender\Bitdefender 2017\lang\fr-FR\fshredctx.txtui (.WinZip Computing, S.L..-.WinZip Shell Extension DLL.) - (4.1.0.0) -- C:\Program Files\WinZip\wzshls64.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.40.0.0) -- C:\Program Files\WinRAR\rarext.dll (..-..) - (0.0.0.0) -- C:\Program Files\Unlocker\UnlockerCOM.dll (.IObit.-.IObitUnlockerExtension.) - (1.2.0.2) -- C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlockerExtension.dll (..-..) - (0.0.0.0) -- C:\PROGRA~1\TeraCopy\TERACO~2.DLL (.SafeIT Security Sweden AB.-.SafeIT Shell Extension library.) - (7.6.2.0) -- C:\Program Files\Common Files\Lavasoft\Dlls\SITShellExLibrary.dll (.SafeIT Security Sweden AB.-.SafeIT Language Support.) - (7.7.2.0) -- C:\Program Files\Common Files\Lavasoft\Dlls\SITLanguageShellExt.dll (.Malwarebytes.-.Malwarebytes.) - (3.0.0.16) -- C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll (.Killer{R}.-.KillCopy Shell Extension DLL.) - (1.0.0.1) -- C:\Program Files (x86)\KillSoft\KillCopy\killcopy_amd64.dll (.IObit.-.IObitUnlockerExtension.) - (1.2.0.2) -- C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMenuRight.dll (.iFunSoft.-.iFun Video Converter DLL.) - (1.0.0.1056) -- C:\Program Files (x86)\iFunSoft\iFun Video Converter\IVCSysExtension.dll (.Emsisoft Ltd.-.Emsisoft shell context menu library.) - (11.0.0.5838) -- C:\PROGRAM FILES\EMSISOFT INTERNET SECURITY\A2CONTMENU64.DLL (.Bitdefender.-.Bitdefender File Vault Shell Extension.) - (21.0.24.57) -- C:\Program Files\Bitdefender\Bitdefender 2017\bdfvsctx.dll (.Bitdefender.-.npcomm.) - (3.0.4.2) -- C:\Program Files\Bitdefender\Bitdefender 2017\npcomm.dll (.Bitdefender.-.Bitdefender File Vault Shell Extension.) - (21.0.24.54) -- C:\Program Files\Bitdefender\Bitdefender 2017\lang\fr-FR\bdfvsctx.txtui (..-..) - (1.0.0.0) -- C:\Program Files (x86)\Zemana AntiLogger\ZAMShellExt64.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.Hide My IP.-..) - (3.0.0.20) -- C:\WINDOWS\system32\HMIPCore64.dll ---------- | ZeroAccess Check [HKLM64\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM64\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM64\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM64\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM64\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up EPLTarget\P0000000000000000 - (C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILPE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-710 Series" [HKU\S-1-5-18\SOFTWARE\...\Run]) - User: AUTORITE NT\Système EPLTarget\P0000000000000001 - (C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILPE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-710 Series" [HKU\S-1-5-18\SOFTWARE\...\Run]) - User: AUTORITE NT\Système OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU COS - (C:\Program Files\COMODO\cCloud\cCloud.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\...\Run]) - User: LFSULTRA-WIDEN\Jean-Marie Advanced SystemCare 10 - ("C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\...\Run]) - User: LFSULTRA-WIDEN\Jean-Marie DriverMax_RESTART - ( [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\...\Run]) - User: LFSULTRA-WIDEN\Jean-Marie EPLTarget\P0000000000000000 - (C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILPE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-710 Series" [HKU\.DEFAULT\SOFTWARE\...\Run]) - User: .DEFAULT EPLTarget\P0000000000000001 - (C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILPE.EXE /EPT "EPLTarget\P0000000000000001" /M "XP-710 Series" [HKU\.DEFAULT\SOFTWARE\...\Run]) - User: .DEFAULT desktop_FromLFSULTRA-WIDEN - (desktop_FromLFSULTRA-WIDEN.ini [Common Startup]) - User: Public emsisoft anti-malware - ("c:\program files\emsisoft internet security\a2guard.exe" /d=60 [HKLM\SOFTWARE\...\Run]) - User: Public Zoolz Tray - ("C:\Program Files\Genie9\Zoolz2\ZoolzLauncher.exe" "C:\Program Files\Genie9\Zoolz2\Zoolz.exe" "-Delay" [HKLM\SOFTWARE\...\Run]) - User: Public [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Run] "COS"=C:\Program Files\COMODO\cCloud\cCloud.exe [29/03/2017 18:30:48] "Advanced SystemCare 10"="C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto "DriverMax_RESTART"= [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "COS"=0x0100000010F65F8A68AFD201 [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=wordpad\1 "MRUList"=a [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "Device"=EPSON5BC36F (XP-710 Series),winspool,Ne03: "IsMRUEstablished"=0 "LegacyDefaultPrinterMode"=0 [HKLM64\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM64\Software\Microsoft\Windows\CurrentVersion\Run] "emsisoft anti-malware"="c:\program files\emsisoft internet security\a2guard.exe" /d=60 "Zoolz Tray"="C:\Program Files\Genie9\Zoolz2\ZoolzLauncher.exe" "C:\Program Files\Genie9\Zoolz2\Zoolz.exe" "-Delay" [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "WindowsDefender"=0x0500000040B3668768AFD201 "emsisoft anti-malware"=0x010000001071908968AFD201 [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32] "StartCCC"=0x040000000000000000000000 "InstantBurn"=0x0100000090570A8668AFD201 "LWS"=0x01000000303EBA9068AFD201 [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=1 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 "Win32kLastWriteTime"=1D255C50DCC143C [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "LWS"=C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide "InstantBurn"=C:\PROGRA~2\CYBERL~1\INSTAN~1\Win2K\IBurn.exe [15/11/2016 11:34:22] "WindowsAutoCleaner"=C:\Program Files (x86)\AxBx\Windows AutoCleaner 2016\WindowsAutoCleaner.exe [08/04/2017 09:17:32] "COMODO Internet Security"=C:\Program Files (x86)\COMODO\COMODO Internet Security\cistray.exe [09/04/2017 23:26:05] "vdcss"="C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe" -tray "IseUI"=C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [10/04/2017 01:33:20] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "InnoSetupRegFile.0000000001"="C:\WINDOWS\is-1AFML.exe" /REG /REGSVRMODE [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows] ""=mnmsrvc "DdeSendTimeout"=0 "DesktopHeapLogging"=1 "DeviceNotSelectedTimeout"=15 "DwmInputUsesIoCompletionPort"=1 "EnableDwmInputProcessing"=7 "GDIProcessHandleQuota"=10000 "IconServiceLib"=IconCodecService.dll "LoadAppInit_DLLs"=1 "NaturalInputHandler"=Ninput.dll "ShutdownWarningDialogTimeout"=4294967295 "Spooler"=yes "ThreadUnresponsiveLogTimeout"=500 "TransmissionRetryTimeout"=90 "USERNestedWindowLimit"=50 "USERPostMessageLimit"=10000 "USERProcessHandleQuota"=10000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED} ---------- | Win.ini : ---------- | System.ini : ---------- | Config.sys : FILES=40 ---------- | Tasks List AupAvUpdate CreateExplorerShellUnelevatedTask DriverMax Notification DriverMaxWelcome DropboxUpdateTaskMachineCore DropboxUpdateTaskMachineUA EPSON XP-710 Series Invitation {68953606-62A7-4B6A-87A7-1CF73FEC7E9A} EPSON XP-710 Series Invitation {69791235-D3B3-45B7-A134-218554EE5C76} EPSON XP-710 Series Update {68953606-62A7-4B6A-87A7-1CF73FEC7E9A} EPSON XP-710 Series Update {69791235-D3B3-45B7-A134-218554EE5C76} GridinSoft Anti-Ransomware Health-Check-deep Health-Check-deep_FromLFSULTRA-WIDEN Health-Check Health-Check_FromLFSULTRA-WIDEN NeoSetup Updater NeoSetup Updater_FromLFSULTRA-WIDEN NSAutoStart NSAutoStart_FromLFSULTRA-WIDEN PC Clean Maestro Scan FirstTime PC Clean Maestro Scan FirstTime_FromLFSULTRA-WIDEN PC Clean Maestro Scan SecondTime PC Clean Maestro Scan SecondTime_FromLFSULTRA-WIDEN PC Clean Maestro Scan PC Clean Maestro Scan_FromLFSULTRA-WIDEN PC TuneUp Maestro Disk Defrag Analysis PC TuneUp Maestro Disk Defrag Analysis_FromLFSULTRA-WIDEN PC TuneUp Maestro Scan FirstTime PC TuneUp Maestro Scan FirstTime_FromLFSULTRA-WIDEN PC TuneUp Maestro Scan SecondTime PC TuneUp Maestro Scan SecondTime_FromLFSULTRA-WIDEN PC TuneUp Maestro Scan PC TuneUp Maestro Scan_FromLFSULTRA-WIDEN RunAsStdUser Task UninstallMonitor User_Feed_Synchronization-{A38B1247-39DC-4FC8-A914-1D2353EB716B} ---------- | Startings up registry ¦ Folder ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=c548466e-521a-4e53-b806-c669e03 "GlassSessionId"=1 "fDenyChildConnections"=0 [HKLM\System\CurrentControlSet\Control\Session Manager] "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "AutoChkTimeout"=5 "PendingFileRenameOperations"=\??\C:\Users\JEAN-M~1\AppData\Local\Temp\cinit.tmp\Default\CodySafe\Sounds\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\cinit.tmp\Default\CodySafe\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\cinit.tmp\Default\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\cinit.tmp\ \??\C:\Program Files (x86)\Remo File Eraser 2.0\64\is-VQ7ND.tmp !\??\C:\Program Files (x86)\Remo File Eraser 2.0\64\mfc100u.dll \??\C:\Program Files (x86)\Remo File Eraser 2.0\64\is-EIHRG.tmp !\??\C:\Program Files (x86)\Remo File Eraser 2.0\64\msvcr100.dll \??\C:\Users\JEAN-M~1\AppData\Local\Temp\nsy8CAB.tmp\Ninite AdAware Classic Start Firefox Installer\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\nsy8CAB.tmp\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\cinit.tmp\Default\CodySafe\Sounds\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\cinit.tmp\Default\CodySafe\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\cinit.tmp\Default\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\cinit.tmp\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\cinit.tmp\Default\CodySafe\Sounds\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\cinit.tmp\Default\CodySafe\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\cinit.tmp\Default\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\cinit.tmp\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\nst928.tmp\Ninite AdAware Classic Start Firefox Installer\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\nst928.tmp\ \??\C:\Program Files (x86)\Remo Drive Defrag\remodefrag.TMP !\??\C:\Program Files (x86)\Remo Drive Defrag\remodefrag.exe \??\C:\Users\JEAN-M~1\AppData\Local\Temp\_iu14D2N.tmp \??\C:\Users\JEAN-M~1\AppData\Local\Temp\nssB290.tmp\registry.dll \??\C:\Users\JEAN-M~1\AppData\Local\Temp\nssB290.tmp\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\nskD2BA.tmp\registry.dll \??\C:\Users\JEAN-M~1\AppData\Local\Temp\nskD2BA.tmp\ \??\C:\Users\JEAN-M~1\AppData\Local\Temp\nsv7A73.tmp\registry.dll \??\C:\Users\JEAN-M~1\AppData\Local\Temp\nsv7A73.tmp\ \??\C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe \??\C:\Program Files (x86)\IObit\Advanced SystemCare\ASCExtMenu_64_IObitDel_ithcbc.dll \??\C:\Users\JEAN-M~1\AppData\Local\Temp\~nsu.tmp\Au_.exe \??\C:\Users\JEAN-M~1\AppData\Local\Temp\~nsu.tmp \??\C:\Users\JEAN-M~1\AppData\Local\Temp\W7P5DEC.tmp \??\C:\Users\JEAN-M~1\AppData\Local\Temp\W7PAC8B.tmp \??\C:\WINDOWS\System32\FntCache.dat \??\C:\Users\Jean-Marie\AppData\Local\IconCache.db \??\C:\Users\Jean-Marie\AppData\Local\GDIPFONTCACHEV1.DAT \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_1280.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_16.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_1920.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_256.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_2560.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_32.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_48.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_768.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_96.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_custom_stream.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_exif.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_idx.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_sr.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\iconcache_wide_alternate.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1280.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_16.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_1920.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_256.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_2560.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_32.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_48.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_768.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_96.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_custom_stream.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_exif.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_idx.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_sr.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_wide.db \??\C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Explorer\thumbcache_wide_alternate.db "AllowProtectedRenames"=1 [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc gpsvc trustedinstaller "SystemStartOptions"= NOEXECUTE=OPTIN SAFEBOOT:NETWORK NOGUIBOOT BOOTLOGO "SystemBootDevice"=multi(0)disk(0)rdisk(5)partition(3) "FirmwareBootDevice"=multi(0)disk(0)rdisk(5)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=8 "WaitToKillServiceTimeout"=200 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [11/04/2017 13:58:42] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=932 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 ---------- | .LNK with Arguments b:\ads by checkpoint software\adsfix_donate - copie.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK b:\ads by checkpoint software\adsfix_donate.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK b:\ads by checkpoint software\envoyer rapport d'adsfix merci - copie.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxp://gen-hackman.ddns.net:8123/Report/) - Hidden: False - Status: OK b:\ads by checkpoint software\envoyer rapport d'adsfix merci.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxp://gen-hackman.ddns.net:8123/Report/) - Hidden: False - Status: OK b:\ads by checkpoint software\pre_scan_donate - copie.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK b:\ads by checkpoint software\pre_scan_donate.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK b:\ads by checkpoint software\widen-finalis\desktop\adsfix_donate.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK b:\ads by checkpoint software\widen-finalis\desktop\envoyer rapport d'adsfix merci.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxp://gen-hackman.ddns.net:8123/Report/) - Hidden: False - Status: OK b:\ads by checkpoint software\widen-finalis\desktop\pre_scan_donate.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK b:\backup desktop pc compaq lfs ultra barrow 3 widen 2 programs 15 fev 2017\autres applications\adsfix_donate.lnk - Encrypted: False - Target: C:\Program Files (x86)\Internet Explorer\iexplore.exe - Args: (hxxps://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=S3AQ8V3XRWWYN) - Hidden: False - Status: OK ---------- | AppCertDlls ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "LeftOverlapChars"=3 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "ScreenSaveActive"=1 "WallPaper"=C:\Users\Jean-Marie\AppData\Local\Microsoft\BingDesktop\themes\2017-04-09.jpg [09/04/2017 09:56:18] "UserPreferencesMask"=0x9E1E078012000000 "AutoColorization"=1 "MaxVirtualDesktopDimension"=1280 "MaxMonitorDimension"=1280 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC30100EDF7120080070000B0040000941F40CF06B1D20143003A005C00550073006500720073005C004A00650061006E002D004D0061007200690065005C0041007000700044006100740061005C004C006F00630061006C005C004D006900630072006F0073006F00660074005C00420069006E0067004400650073006B0074006F0070005C007400680065006D00650073005C0032003000310037002D00300034002D00300039002E006A007000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ImageColor"=2951664711 "ScreenSaverIsSecure"=1 "Win8DpiScaling"=0 "DpiScalingVer"=4096 "ForegroundLockTimeout"=0 "MenuShowDelay"=0 "AutoEndTasks"=1 "HungAppTimeout"=4000 "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoSimpleNetIDList"=1 "NoDriveTypeAutoRun"=221 "NolowDiskSpaceChecks"=1 [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ExplorerStartupTraceRecorded"=1 "ShellState"=0x240000003428000000000000000000000000000001000000130000000000000062000000 "UserSignedIn"=1 "SlowContextMenuEntries"=0x6078A409B011A54DAFA526D86198A780FB76020097679640FE8FC8469EF87003F33CCF0F0270030040C7A47B819ECF1199D300AA004AE8375F2A06000114020000000000C000000000000046C20D0200EE21215E0003D4118D3B4445535400005D060900 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "GlobalAssocChangedCounter"=90 "TelemetrySalt"=3 "FirstRunTelemetryComplete"=1 "AppReadinessLogonComplete"=1 "Browse For Folder Width"=347 "Browse For Folder Height"=328 "link"=0x00000000 "DesktopProcess"=1 [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "StoreAppsOnTaskbar"=1 "ServerAdminUI"=0 "Hidden"=0 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewShadow"=1 "StartMenuInit"=13 "TaskbarStateLastRun"=0xA899E45800000000 "ReindexedProfile"=1 "TaskbarSmallIcons"=0 "SeparateProcess"=1 "nonetcrawling"=1 "ListviewAlphaSelect"=0 "TaskbarAnimations"=0 "EnableBalloonTips"=1 [HKLM64\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "EnableLinkedConnections"=1 "EnableSecureUIAPath"=1 [HKLM64\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=0 "NoActiveDesktopChanges"=0 "NoRecentDocsHistory"=0 [HKLM64\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 [HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "SmartScreenEnabled"=Off "GlobalAssocChangedCounter"=84 "MultipleInvokePromptMinimum"=10000 "Max Cached Icons"=2000 [HKLM64\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "EnableLinkedConnections"=1 "EnableSecureUIAPath"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=0 "NoActiveDesktopChanges"=0 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0 "{871C5380-42A0-1069-A2EA-08002B30309D}"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=0 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=165 "Max Cached Icons"=2000 "SmartScreenEnabled"=Off [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://shell.windows.com/fileassoc/%04x/xml/redir.asp?Ext=%s ---------- | Winlogon [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=14393 "FirstLogon"=0 "PUUActive"=0x507B7A5903000500110066000FB6020084800500904E0900D10000000B001B00CCE714459D5E10009C5E10006BDE00009ECA0000EA17000000000000E8820900C6340000D0020000AC0AF875B7B2D201CC860300000000000100000000000000 "ParseAutoexec"=1 "AutoRestartShell"=1 [HKLM64\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=0 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DefaultDomainName"= "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe, "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "LastLogOffEndTimePerfCounter"=122495004535 "ShutdownFlags"=2147484711 "AutoAdminLogon"=0 "DefaultUserName"=MicrosoftAccount\jean-marie.carribon@wanadoo.fr "DisableCAD"=1 "ShutdownWithoutLogon"=0 "EnableFirstLogonAnimation"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "userinit"=userinit.exe "AutoRestartShell"=0 "allocatecdroms"=0 ---------- | Associations [HKLM64\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM64\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM64\Software\Classes\.com] ""=comfile [HKLM64\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM64\Software\Classes\.reg] ""=regfile [HKLM64\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM64\Software\Classes\.scr] ""=scrfile [HKLM64\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM64\Software\Classes\.bat] ""=batfile [HKLM64\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM64\Software\Classes\.cmd] ""=cmdfile [HKLM64\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM64\Software\Classes\.pif] ""=piffile [HKLM64\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM64\Software\Classes\.inf] ""=inffile [HKLM64\Software\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM64\Software\Classes\.url] ""=InternetShortcut [HKLM64\Software\Classes\.lnk] ""=lnkfile [HKLM64\Software\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM64\Software\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM64\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM64\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM64\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM64\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""="%SystemRoot%\system32\NOTEPAD.EXE" %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\.hta] ""=htafile "Content Type"=application/hta "PerceivedType"=text [HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command] ""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Clients\StartMenuInternet\OperaStable\Shell\open\Command] ""="C:\Users\Jean-Marie\AppData\Local\Programs\Opera\Launcher.exe" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Clients\StartMenuInternet\OperaStable\InstallInfo] "ReinstallCommand"="C:\Users\Jean-Marie\AppData\Local\Programs\Opera\Launcher.exe" --makedefaultbrowser [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Clients\StartMenuInternet\PALEMOON.EXE\Shell\open\Command] ""="C:\Program Files\Pale Moon\palemoon.exe" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Clients\StartMenuInternet\PALEMOON.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Pale Moon\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM64\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM64\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM64\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM64\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM64\Software\Clients\StartMenuInternet\PALEMOON.EXE\Shell\open\Command] ""="C:\Program Files\Pale Moon\palemoon.exe" [HKLM64\Software\Clients\StartMenuInternet\PALEMOON.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Pale Moon\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Internet Explorer\iexplore.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\PALEMOON.EXE\Shell\open\Command] ""="C:\Program Files\Pale Moon\palemoon.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\PALEMOON.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files\Pale Moon\uninstall\helper.exe" /SetAsDefaultAppGlobal ---------- | AppcompatFlags [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Users\Jean-Marie\AppData\Local\Temp\nsu3F90.tmp\DivXSetup.exe"=1 "C:/Users/Jean-Marie/Documents/tuxboot-0.8.2.exe"=1 "C:\Users\Jean-Marie\AppData\Local\Programs\Opera\Launcher.exe"=32 [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "SIGN.MEDIA=3EFFE utils\win64\syslinux64.exe"=0x534143500100000000000000070000002800000000CC03005617040001000000000000000000030673000000D5B3B31A57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000DB000000000000000100000001000000 "C:\MARMITON\MARMITON.EXE"=0x5341435001000000000000000700000028000000006001009AB2010001000000000000000000000A7120000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000006A250000000000000100000001000000 "SIGN.MEDIA=2F4BF31 Download\winzip210fr.exe"=0x534143500100000000000000070000002800000060EA9D0996C69E090100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000008000000000000000000000000000000000000000A7EFFA0E000000000200000002000000 "SIGN.MEDIA=2F4BF31 Download\adksetup.exe"=0x5341435001000000000000000700000028000000E87A1A0095901A0001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000061AC5800000000000100000001000000 "C:\Program Files\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000C0960C005DE50C0001000000010000000000000A00210000D5B3B31A57DFD1010000000000000000 "SIGN.MEDIA=E6B61694 mort du porc - otlpe and pc mover pro 10 michel\pcmover_fr_10.exe"=0x5341435001000000000000000700000028000000F0819804DD2C99040100000000000000000000067102000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000EEA70200000000000100000001000000 "SIGN.MEDIA=2F4BF31 Download\autoit-v3-setup.exe"=0x53414350010000000000000007000000280000003047BB0047F8BB000100000000000000000001060001000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000045C51A00000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo Privacy Protector\PrivacyProtector.exe"=0x5341435001000000000000000700000028000000701322005572220001000000000000000000000AF122000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000007CE50700000000000100000001000000 "C:\Program Files (x86)\EPSON Software\Print CD\PrintCD.exe"=0x5341435001000000000000000700000028000000D0EC4800A1A0490001000000000000000000000A7122000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000009CF31600000000000200000002000000 "C:\Program Files (x86)\CyberLink\AppManager\AppManager.exe"=0x534143500100000000000000070000002800000018E10300263604000100000000000000000001060001000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000054E82103000000000100000001000000 "C:\Program Files\WinZip\WINZIP64.EXE"=0x53414350010000000000000007000000280000006068BD04446BBD0401000000000000000000000A00210000D5B3B31A57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000000B99BA00000000000300000003000000 "C:\Program Files (x86)\CyberLink\Power2Go11\Trial\TrialMgr.exe"=0x5341435001000000000000000700000028000000181F0200FC21020001000000000000000000000A7120000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000C9310100000000000800000008000000 "C:\Users\Jean-Marie\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe"=0x534143500100000000000000070000002800000010A61400A6A914000100000000000000000001067122000033504C2B57DFD1010000008000000000020000002800000000000000000000000000000000000000000000000000000045F90000000000001300000013000000 "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe"=0x534143500100000000000000070000002800000050491300C18313000100000000000000000002067122000033504C2B57DFD1010000008000000000 "C:\Program Files (x86)\CyberLink\Media Suite\PS.exe"=0x534143500100000000000000070000002800000018DF0800A839090001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000067940200000000000100000001000000 "C:\Users\Jean-Marie\Documents\tuxboot-0.8.2.exe"=0x534143500100000000000000070000002800000000004E000000000001000000000000000000000A7122000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000003EC51500000000000100000001000000 "C:\Program Files (x86)\ISO to USB\isotousb.exe"=0x5341435001000000000000000700000028000000003A1E00000000000100000000000000000003067122000033504C2B57DFD101000000000000000002000000280000000000000000000040000002000000000000000000000000004C2CC600000000000100000001000000 "C:\Program Files (x86)\CyberLink\Power2Go11\Power2Go.exe"=0x53414350010000000000000007000000280000001887620038C9620001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000EF980100000000000100000001000000 "C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000E0783801622F390101000000000000000000000A0021000033504C2B57DFD1010000000100000000 "C:\Users\Jean-Marie\AppData\Local\Microsoft\OneDrive\17.3.6798.0207\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000D88003007F30040001000000000000000000000A0021000033504C2B57DFD1010000000100000000 "C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe"=0x5341435001000000000000000700000028000000F076DD0002BBDD0001000000000000000000000A0021000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000005000000000000000000000400000000000000000000000000000000045B0000000000000010000000100000000000000000000000000000000000000000000000000000091360000000000000400000000000000 "C:\Users\Jean-Marie\AppData\Roaming\ZHP\ZHPDiag3.exe"=0x53414350010000000000000007000000280000000066290061CE29000100000000000000000003060001000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000006AD6BF00000000000100000001000000 "C:\Program Files\CyberGhost 6\CyberGhost.exe"=0x534143500100000000000000070000002800000030C21200BA7B130001000000000000000000000A80210000D5B3B31A57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000012DE0200000000000100000001000000 "C:\Program Files\TeraCopy\TeraCopy.exe"=0x53414350010000000000000007000000280000007080320011AD320001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000022F1000000000000100000001000000 "C:\Program Files\FreeFileSync\FreeFileSync.exe"=0x5341435001000000000000000700000028000000A814070087A1070001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000BBA8C700000000000800000008000000 "C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe"=0x5341435001000000000000000700000028000000C0342400BB6724000100000000000000000003067102000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000005E6A1105000000000B0000000B000000 "C:\Program Files\Windows NT\Accessories\wordpad.exe"=0x534143500100000000000000070000002800000000AA440006DE440001000000010000000000000A73220000D5B3B31A57DFD1010000000000000000 "C:\Program Files\WinRAR\WinRAR.exe"=0x534143500100000000000000070000002800000090AB1700BE9B180001000000000000000000000A00210000D5B3B31A57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000084D2B800000000000A0000000A000000 "C:\Program Files (x86)\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000C0980C009A080D0001000000010000000000000A0021000033504C2B57DFD1010000000000000000 "C:\Program Files\FreeFileSync\RealTimeSync.exe"=0x5341435001000000000000000700000028000000A8C003000FDF030001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000ECF70000000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\UI6.exe"=0x534143500100000000000000070000002800000048DB5E00418C5F0001000000000000000000000A7122000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000006C850A00000000000100000001000000 "C:\Program Files\adaware\adaware antivirus\adaware antivirus\12.0.649.11190\AdAwareDesktop.exe"=0x5341435001000000000000000700000028000000D807B6007252B60001000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000F4693B05000000000300000003000000 "C:\Program Files (x86)\ZHPFix\ZHPhep.exe"=0x534143500100000000000000070000002800000000421D00000000000100000000000000000002067122000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000000CB70300000000000100000001000000 "C:\Program Files (x86)\Silent Install Builder\Sib.exe"=0x5341435001000000000000000700000028000000C8D40300B606040001000000000000000000000A8021000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000085652000000000000300000003000000 "SIGN.MEDIA=348600 UsbFix_Maintenance\UsbFix_Maintenance.exe"=0x53414350010000000000000007000000280000000086340037BE340001000000000000000000000A0021000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000C49AE400000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo Burning Studio 18\burningstudio18.exe"=0x5341435001000000000000000700000028000000581595018723950101000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000049259B00000000000200000002000000 "C:\Program Files\CyberLink\ActionDirector2\UACAgent.exe"=0x5341435001000000000000000700000028000000183F0100C279010001000000000000000000000A73220000D5B3B31A57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000DA850000000000000100000001000000 "C:\Program Files\CyberLink\ActionDirector2\OLRSubmission\OLRStateCheck.exe"=0x5341435001000000000000000700000028000000185102002515030001000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000CE4B0000000000000100000001000000 "B:\ad-aware total security v12 & cyberlink powerdvd april 2k17\ApplicationManager_v4110_rv184935_STD_APM160406-01.exe"=0x5341435001000000000000000700000028000000A0943901554B3A010100000000000000000001060001000033504C2B57DFD101000000000000000002000000280000000000000080000000000000000000000000000000000000007F777005000000000100000001000000 "B:\ad-aware total security v12 & cyberlink powerdvd april 2k17\LavasoftPrivacyToolbox.exe"=0x5341435001000000000000000700000028000000380BA7004D39A7000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000DDD10200000000000100000001000000 "B:\ad-aware total security v12 & cyberlink powerdvd april 2k17\adaware_antivirus_total_installer.exe"=0x5341435001000000000000000700000028000000B00B27008E0B280001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000025EB1500000000000100000001000000 "C:\Program Files\Lavasoft\Lavasoft Privacy Toolbox\LSPrivacyToolbox.exe"=0x534143500100000000000000070000002800000090F73D00F6E53E000100000000000000000002067122000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000000D0D1100000000000100000001000000 "C:\Program Files (x86)\VIP Video Converter\VIP_Video_Converter.exe"=0x5341435001000000000000000700000028000000002A0D000000000001000000000000000000000A8021000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000031540200000000000100000001000000 "C:\Program Files (x86)\EaseUS\Todo Backup\bin\Loader.exe"=0x5341435001000000000000000700000028000000C0CA090082370A0001000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000DFF21D00000000000100000001000000 "C:\AeroEnabler\aero.exe"=0x53414350010000000000000007000000280000000022000000000000010000000000000000000206F522000033504C2B57DFD10100000000000000000200000028000000000000008000000000000000000000000000000000000000D9E63903000000000200000002000000 "C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE"=0x5341435001000000000000000700000028000000F8DD2900CA2B2A000100000000000000000003060001000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000088060000000000000100000001000000 "C:\Program Files\IM-Magic\Partition Resizer\dm.resizer.exe"=0x534143500100000000000000070000002800000000E8C4000000000001000000000000000000000A73220000D5B3B31A57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000054F60700000000000400000004000000 "C:\Users\Jean-Marie\AppData\Local\Programs\Opera\launcher.exe"=0x5341435001000000000000000700000028000000580812009DE7120001000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000011E5C03000000000500000005000000 "C:\Program Files (x86)\CyberLink\VideoMeetingPlus\VideoMeetingPlus.exe"=0x534143500100000000000000070000002800000018FF04007074050001000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000008D11D400000000000100000001000000 "C:\Program Files (x86)\Icecream PDF Converter\pdfconverter.exe"=0x534143500100000000000000070000002800000030642E001FAD2E0001000000000000000000000A7120000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000007EE10500000000000100000001000000 "C:\Program Files\CyberLink\ActionDirector2\ACD.exe"=0x5341435001000000000000000700000028000000185B3D00BCE83D0001000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000C1940600000000000200000002000000 "C:\Users\Jean-Marie\ZHPCleaner.exe"=0x534143500100000000000000070000002800000000122A00F7D32A000100000000000000000003060001000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000016960000000000000100000001000000 "C:\Users\Jean-Marie\Desktop\Pack 6 - demande actuelle forums 5 avril & ses rapports & apps désinfection\JRT.exe"=0x5341435001000000000000000700000028000000B8E6180017AD19000100000000000000000001067102000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000AA6D2A03000000000200000002000000 "C:\Users\Jean-Marie\Desktop\Pack 6 - demande actuelle forums 5 avril & ses rapports & apps désinfection\adwcleaner_6.045.exe"=0x5341435001000000000000000700000028000000D0653E00CD043F0001000000000000000000000A0021000033504C2B57DFD101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000001EC81D03000000000200000002000000 "C:\Program Files\Unlocker\Unlocker.exe"=0x534143500100000000000000070000002800000000E801000000000001000000000000000000020673220000D5B3B31A57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000066A50700000000000100000001000000 "C:\Users\Jean-Marie\AppData\Roaming\ZHP\ZHPCleaner.exe"=0x534143500100000000000000070000002800000000182A0013282A000100000000000000000003060001000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000F92F2100000000000100000001000000 "C:\Program Files (x86)\CyberLink\Shared files\EffectExtractor.exe"=0x5341435001000000000000000700000028000000188348002107490001000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000ABB90000000000000600000006000000 "C:\Users\Jean-Marie\Desktop\Pack 6 - demande actuelle forums 5 avril & ses rapports & apps désinfection\quickdiag_2_02.11.2016.1.exe"=0x5341435001000000000000000700000028000000A81F2400B55B240001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000060151300000000000400000004000000 "C:\Program Files\Pale Moon\palemoon.exe"=0x5341435001000000000000000700000028000000682C0600172C070001000000000000000000000A00210000D5B3B31A57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000000E1B1300000000000400000004000000 "C:\Users\Jean-Marie\Desktop\Pack 6 - demande actuelle forums 5 avril & ses rapports & apps désinfection\OTH.exe"=0x534143500100000000000000070000002800000000F60300B259040001000000000000000000000A4122000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000035EFFE02000000000300000003000000 "B:\st-jacques de conrad, i a timostar & lfsu&100%sf part 5000\cadeaux muscade moulue jessica-jessica a le brulog 17 mars & lfsu100%sf pt 5000 22 mars\remo suite setup_sib.exe"=0x53414350010000000000000007000000280000006AF05C05000000000100000000000000000001060001000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000E0160400000000000100000001000000 "C:\Program Files (x86)\Remo Privacy Cleaner\rs-pcleaner.exe"=0x5341435001000000000000000700000028000000683E4B00E4FF4B0001000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000D0B80000000000000100000001000000 "C:\Users\Jean-Marie\Desktop\Pack 6 - demande actuelle forums 5 avril & ses rapports & apps désinfection\SEAF.exe"=0x5341435001000000000000000700000028000000B49C0700000000000100000000000000000000067100000033504C2B57DFD10100000000000000000200000028000000000000000008004000000000000000000000000000000000ABF2E802000000000300000003000000 "C:\Program Files\Emsisoft Internet Security\a2start.exe"=0x534143500100000000000000070000002800000030DDBA00DBDDBA0001000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000AB091205000000000300000003000000 "SIGN.MEDIA=51C17C3 Usb vaccin bundle\Usb key vaccine by viruskeeper setup.exe"=0x534143500100000000000000070000002800000048780B00F1180C000100000000000000000003060001000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000268C0600000000000100000001000000 "SIGN.MEDIA=CF3D8 Usb vaccin bundle\USBVaccine\USBVaccineSetup.exe"=0x5341435001000000000000000700000028000000D8F30C00D3B10D0001000000000000000000000A4122000033504C2B57DFD1010000000000000000 "SIGN.MEDIA=454AE8 Giveaways 6 avril\SharewareOnSale_Giveaway_Hide_My_IP_hub.exe"=0x534143500100000000000000070000002800000050A52200EB16230001000000000000000000000A7122000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000085F71600000000000200000002000000 "SIGN.MEDIA=2D3E2D8 Antiransomwares\BDAntiRansomwareSetup.exe"=0x534143500100000000000000070000002800000078E948000000000001000000000000000000000A0021000033504C2B57DFD1010000000000000000 "SIGN.MEDIA=2D3E2D8 Antiransomwares\MBARW_Setup.exe"=0x5341435001000000000000000700000028000000283042025EC842020100000000000000000002060001000033504C2B57DFD1010000000000000000 "C:\Program Files\Genie9\Zoolz2\ZoolzService.exe"=0x5341435001000000000000000700000028000000904007005707080001000000000000000000000A80210000D5B3B31A57DFD1010000000000000000020000002800000000000000000000800000000000000000000000000000000005CC0100000000000100000001000000 "C:\Program Files\Genie9\Zoolz2\GSRunAsUser.exe"=0x5341435001000000000000000700000028000000909201001597010001000000000000000000000A73220000D5B3B31A57DFD10100000000000000000200000028000000000000000000008000000000000000000000000000000000301F0000000000000100000001000000 "C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe"=0x534143500100000000000000070000002800000030A371008760720001000000000000000000000A7122000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000006E020705000000000300000003000000 "C:\Users\Jean-Marie\Desktop\Pack 6 - demande actuelle forums 5 avril & ses rapports & apps désinfection\rkill.exe"=0x5341435001000000000000000700000028000000C8FB1E00BB8D1F0001000000000000000000000A0021000033504C2B57DFD1010000000000000000020000002800000000000000000000400000000000000000000000000000000073C0FB02000000000100000001000000 "C:\Users\Jean-Marie\Desktop\Pack 6 - demande actuelle forums 5 avril & ses rapports & apps désinfection\Pre_Scan.exe"=0x5341435001000000000000000700000028000000A82F350010C4350001000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000008493EB02000000000100000001000000 "C:\Users\Jean-Marie\Desktop\Pack 6 - demande actuelle forums 5 avril & ses rapports & apps désinfection\rkill64.exe"=0x5341435001000000000000000700000028000000C8E310000A90110001000000000000000000000A00210000D5B3B31A57DFD1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000027D7E402000000000100000001000000 "C:\Program Files\RogueKiller\RogueKiller64.exe"=0x5341435001000000000000000700000028000000480E9001EAD9900101000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000F84B0B00000000000100000001000000 "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000C8E307005FB0080001000000000000000000000A0021000033504C2B57DFD1010000000100000000 "C:\Program Files (x86)\IObit\IObit Uninstaller\Uninstaler_SkipUac.exe"=0x5341435001000000000000000700000028000000208305008557060001000000000000000000000A0021000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000009F504200000000000100000001000000 "C:\Program Files\Bitdefender\Bitdefender Device Management\bdtpwiz.exe"=0x534143500100000000000000070000002800000068B31400C874150001000000000000000000000A73220000D5B3B31A57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000762D0700000000000100000001000000 "C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe"=0x5341435001000000000000000700000028000000D0A17C00B3627D0001000000000000000000000A7122000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000C0ED0900000000000100000001000000 "B:\UsbFix_Maintenance\UsbFix_Maintenance.exe"=0x53414350010000000000000007000000280000000086340037BE340001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000717F3303000000000100000001000000 "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe"=0x53414350010000000000000007000000280000002063740096B3740001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000C8368E04000000000200000002000000 "B:\anti-faux-positof pre_scan - exe installers\siinst.exe"=0x534143500100000000000000070000002800000090FC3800D40739000100000000000000000003060001000033504C2B57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000008DC04B03000000000100000001000000 "C:\Program Files (x86)\AxBx\USB Key Vaccine 2016\USBKeyVaccine.exe"=0x5341435001000000000000000700000028000000A09411004A2A120001000000000000000000000A6122000033504C2B57DFD101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000007AB81C00000000000100000001000000 "C:\Program Files (x86)\TweakBit\Anti-Malware\AntiMalware.exe"=0x5341435001000000000000000700000028000000C05B13004557140001000000000000000000000A0021000033504C2B57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000759B3105000000000100000001000000 "C:\Program Files (x86)\TweakBit\File Recovery\FileRecovery.exe"=0x5341435001000000000000000700000028000000C04316006A34170001000000000000000000000A0021000033504C2B57DFD10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000D5FB0000000000000100000001000000 "C:\Program Files\PhotoStitcher\PhotoStitcher.exe"=0x5341435001000000000000000700000028000000000627020000000001000000000000000000000A73220000D5B3B31A57DFD101000000000000000002000000280000000000000000000000000000000000000000000000000000004ACA3005000000000100000001000000 "C:\Program Files (x86)\Kotobee Author\Kotobee Author.exe"=0x534143500100000000000000070000002800000000B2A7030000000001000000000000000000000A00210000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000DBDF2200000000000100000001000000 "C:\Program Files\Genie9\Zoolz2\ZoolzLauncher.exe"=0x534143500100000000000000070000002800000090080600B13C060001000000000000000000000A80210000D5B3B31A57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000021953005000000000300000003000000 "C:\Program Files (x86)\Innovative Solutions\NeoSetup Updater\NeoSetup_Updater.exe"=0x534143500100000000000000070000002800000030D39D00395C9E0001000000000000000000000A0021000033504C2B57DFD10100000080000000000200000028000000000000000000004000000000000000000000000000000000D8093005000000000100000001000000 "R:\barrow 4 & lfs ultra & 100% sécurisé finalis part B\cadeaux récompense & 1ers giveaway lfsu100%S Finalis\zone seaf-aide forum-treesize\TreeSizePro_Portable_6.3.1.1162_32-64-bit_En.exe"=0x534143500100000000000000070000002800000037F53B01000000000100000000000000000001060001000033504C2B57DFD1010000000000000000020000002800000000000000000000000000000000000000000000000000000036C41800000000000500000005000000 "C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe"=0x534143500100000000000000070000002800000020316B00D0F46B0001000000000000000000000A0021000033504C2B57DFD1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000002C30000000000000100000001000000 "C:\Program Files\Ashampoo\Ashampoo Backup Pro 11\bin\backupClient-abpb.exe"=0x5341435001000000000000000700000028000000B0EF0400AF7B050001000000000000000000000A73220000D5B3B31A57DFD10100000000000000000200000028000000000000000000000000000000000000000000000000000000DFC70100000000000100000001000000 "C:\Program Files\Macrorit\Disk Scanner\dm.st.exe"=0x5341435001000000000000000700000028000000A0F19A00BC5D9B0001000000000000000000000A73220000D5B3B31A57DFD10100000000000000000200000028000000000000000000004000000000000000000000000000000000C7980300000000000100000001000000 "C:\Program Files\Macrorit\Data Wiper\dm.wiper.exe"=0x5341435001000000000000000700000028000000A0E7A300D244A40001000000000000000000000A73220000D5B3B31A57DFD101000000000000000002000000280000000000000000000040000000000000000000000000000000000A280000000000000100000001000000 "C:\Program Files\Macrorit\NTFS To FAT32 Converter\dm.n2f.exe"=0x5341435001000000000000000700000028000000A0F3A20048F6A20001000000000000000000000A73220000D5B3B31A57DFD1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000055980400000000000100000001000000 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{e1b385e1-1442-11e7-bca5-4c72b9f956a2}] : "R:\DTVP30_Launcher.exe" (AutoRun) ---------- | Windows [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf] ""=@SYS:DoesNotExist [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKLM64\SOFTWARE\Microsoft\Security Center] "cval"=0 [HKLM64\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=131234105982525288 [HKLM64\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "ProductType"=2 "InstallTime"=0xB08DE3ECB83CD201 "InstallLocation"=C:\Program Files\Windows Defender\ "ProductStatus"=0 "ManagedDefenderProductType"=0 "OOBEInstallTime"=0x533E7903BC3CD201 "DisableAntiSpyware"=0 "DisableAntiVirus"=0 "OneTimeSqmDataSent"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\adawareantivirusservice] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\adawareantivirusservice] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HideMyIpSRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017] : My Privacy Tools - LSP [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000017] : My Privacy Tools - LSP [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000017] : My Privacy Tools - LSP [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000017] : My Privacy Tools - LSP ---------- | Hosts # 127.0.0.1 localhost # ::1 localhost ---------- | Ping Envoi d'une requ?te 'ping' sur google.com [172.217.22.142] avec 32 octets de donn?es?: R?ponse de 172.217.22.142?: octets=32 temps=34 ms TTL=54 R?ponse de 172.217.22.142?: octets=32 temps=35 ms TTL=54 R?ponse de 172.217.22.142?: octets=32 temps=35 ms TTL=54 R?ponse de 172.217.22.142?: octets=32 temps=34 ms TTL=54 Statistiques Ping pour 172.217.22.142: Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%), Dur?e approximative des boucles en millisecondes : Minimum = 34ms, Maximum = 35ms, Moyenne = 34ms ---------- | @ [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=www.google.fr "OperationalData"=13 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C00000000000000010000000083FFFF0083FFFFFFFFFFFFFFFFFFFF240000002400000044030000A4020000 "ImageStoreRandomFolder"=81c6u2j "Start Page Redirect Cache_TIMESTAMP"=0xC2855094BE3CD201 "Start Page Redirect Cache AcceptLangs"=fr-FR "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0x0F4AB75FBCA8D201 "IE10TourShown"=1 "IE10TourShownTime"=0x0F4AB75FBCA8D201 "Start Page_TIMESTAMP"=0x346BFFE44BAAD201 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x01000000490000008DFA02ED74572683558AF8071904B37C02055A32CF9A2AF8804769817C07F3E21B5D72774B30A926F96BF372C38ED715F0DFA598277C23CAB6C1A119675A366C6DAD97C291E5CE0D8F02000000100000007663585725326233636639496F253364 "DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF10010000D400000090030000B4020000 "TabShutdownDelay"=0 "NotifyDownloadComplete"=yes "Use FormSuggest"=no "NoUpdateCheck"=0 [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "CertificateRevocation"=1 "ZonesSecurityUpgrade"=0x0F4AB75FBCA8D201 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "GlobalUserOffline"=0 "MaxConnectionsPerServer"=10 "MaxConnectionsPer1_0Server"=10 [HKLM64\Software\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=about:blank "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "DoNotTrack"=1 [HKLM64\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM64\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM64\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM64\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 "ProxyEnable"=0 "GlobalUserOffline"=0 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=about:blank "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 "ProxyEnable"=0 "GlobalUserOffline"=0 ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | Execution FileExts [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3g2] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gp2] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.3gpp] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amv] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asf] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bdmv] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.divx] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dv] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.evo] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.f4v] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flv] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdmov] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ifo] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M1V] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2p] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2t] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2ts] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.M2V] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m4v] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mov] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MP2V] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp4] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MPE] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpeg] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpg] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpls] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv2] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv4] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mts] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mxf] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogm] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ogv] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ram] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rec] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rm] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmvb] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snapdoc] "ProgID"=SNAP.DOC [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tp] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tps] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.trp] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.TS] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vob] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webm] "Application"=wmplayer.exe [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmv] "Application"=wmplayer.exe ---------- | SIOI | SEH | URLSH [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\COSDriveIconOverlay] - {5FDACB62-6B7B-4116-9403-C5E0D3852A57} -- C:\Program Files\COMODO\COMMON\ShellExtension.dll [29/03/2017 18:25:25] [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\COSSyncItemInSyncIconOverlay] - {68F287EF-DA6D-4595-AF52-90FF6CE52AFE} -- C:\Program Files\COMODO\COMMON\ShellExtension.dll [29/03/2017 18:25:25] [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\COSSyncItemModifiedIconOverlay] - {AE67D273-7253-4236-B55E-D40055B305D6} -- C:\Program Files\COMODO\COMMON\ShellExtension.dll [29/03/2017 18:25:25] [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\COSSyncItemNewIconOverlay] - {022F23E9-DA0F-4A86-A728-CAF6150C0B63} -- C:\Program Files\COMODO\COMMON\ShellExtension.dll [29/03/2017 18:25:25] [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\COSSyncItemUnsynchronizedIconOverlay] - {4D7EE7CF-E7A1-45FE-8F80-3A37574918D7} -- C:\Program Files\COMODO\COMMON\ShellExtension.dll [29/03/2017 18:25:25] [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- C:\Windows\System32\EhStorShell.dll [16/07/2016 13:42:17] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} -- [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\mozy] - {b32a6748-f273-4546-b60a-3c5adc239de5} -- C:\Program Files (x86)\MozyHome\mozyshell.dll [10/04/2017 02:23:35] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\mozy2] - {747E722C-CB46-4a9d-BDFE-192AAD5099B1} -- C:\Program Files (x86)\MozyHome\mozyshell.dll [10/04/2017 02:23:35] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\mozy3] - {EE6F5A00-7898-40f7-AB77-51FF9D6DEB20} -- C:\Program Files (x86)\MozyHome\mozyshell.dll [10/04/2017 02:23:35] ---------- | Toolbar [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "ITBar7Layout"=0x13000000000000000000000020000000100000000000000001000000000700005E01000006000000490300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030F11C209CE25C4EA73FCD197DEFA6AE0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ITBar7Height"=0 [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "KnownProvidersUpgradeTime"=0x0F4AB75FBCA8D201 "Version"=5 "UpgradeTime"=0x0F4AB75FBCA8D201 [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{9421DD08-935F-4701-A9CA-22DF90AC4EA6}"=EPTBL "{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}"=0 [HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar] "{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}"=E-Web Print "{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}"=0 [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions ---------- | SearchScopes [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?pc=COSP&ptag=D041117-A880FF2AB0987464788F&form=CONBDF&conlogo=CT3332041&q={searchTerms} : [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}] - (Google) - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | ElevationPolicy [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{003B91A6-61E3-4591-891D-01E94C8CB11E}] - (c:\Program Files\Microsoft Silverlight\5.1.50905.0\) - Silverlight.Configuration.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ec76a37-1762-46ff-9b14-765b3e6793be}] - (c:\Program Files\Microsoft Silverlight\5.1.50905.0\) - agcp.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\System32\) - CertEnrollCtrl.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\system32\IME\SHARED\) - IMEPADSV.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\System32\IME\SHARED\) - imesearch.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99555a39-07ca-4d86-97a4-749be42f4d1b}] - (C:\WINDOWS\system32\spool\DRIVERS\x64\3) - E_IPRELPE.EXE : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ce8abfb5-ed46-41ab-81e1-61b0b4903c0f}] - (C:\WINDOWS\system32\spool\DRIVERS\x64\3) - E_IARNLPE.EXE : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88}] - (C:\Program Files (x86)\DivX\DivX OVS Helper) - OVSHelperBroker.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E62A7A31-6025-408E-87F6-81AEB0DC9347}] - (C:\WINDOWS\system32\) - vsjitdebugger.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\system32\IME\SHARED\) - imedictupdateui.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{003B91A6-61E3-4591-891D-01E94C8CB11E}] - (c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\) - Silverlight.Configuration.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B3FB63-66F4-4EFC-B717-BB283B85E79B}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\) - AcroBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ec76a37-1762-46ff-9b14-765b3e6793be}] - (c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\) - agcp.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34372DD3-19BF-454f-BF23-8761F26CFFD2}] - (C:\Program Files (x86)\Epson Software\E-Web Print) - ewps.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43ABBB95-C0E9-497B-8BB9-B5FA08861705}] - (C:\Program Files (x86)\Windows Live\Mail\) - wlmail.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E2369A-75BA-41F9-8B9E-16059E5CF9A6}] - (C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\) - AdobeARM.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AC06A6F-4C88-4707-8DEC-61017CB50E1E}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader) - AcroRd32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\sysnative\IME\SHARED\) - IMEPADSV.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{886D9852-A9A8-4b88-83D4-50FC6616C21D}] - (C:\Program Files (x86)\Epson Software\E-Web Print) - ewpsbw.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E1F80F4-953F-41E7-8460-E64AE5BE4ED3}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader) - AdobeCollabSync.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\SysWOW64\IME\SHARED\) - imesearch.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C6A861C-B233-4994-AFB1-C158EE4FC578}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader) - AcroRd32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7278BD0-7970-47D6-8954-99B2343EED88}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF) - RdrCEF.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - () - dfsvc.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D133B285-8A43-4EC7-93BE-9B909C2370F5}] - (C:\Program Files (x86)\Windows Live\Messenger\) - msnmsgr.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D802E3EF-2513-4661-972E-BAD737EFBA88}] - (C:\Program Files (x86)\DivX\DivX OVS Helper) - OVSHelperBroker.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d8a5d001-3352-40db-9d1c-ed46683193b5}] - (C:\Program Files (x86)\Windows Live\Writer\) - WindowsLiveWriter.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E62A7A31-6025-408E-87F6-81AEB0DC9347}] - (C:\WINDOWS\system32\) - vsjitdebugger.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\sysnative\IME\SHARED\) - imedictupdateui.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () - : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : ---------- | Ext\Settings [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367}] : : [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}] : : C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}] : : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6}] : : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A60C1DC7-64B3-4AD9-8E67-035D11B8B2B0}] : : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE}] : : C:\PROGRA~3\iSkysoft\VIDEOC~1\WSBROW~1.DLL ---------- | Ext\Stats [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}] : : [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}] : : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2933BF90-7B36-11D2-B20E-00C04F983E60}] : : %SystemRoot%\System32\msxml3.dll [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6BF52A52-394A-11D3-B153-00C04F79FAA6}] : : %SystemRoot%\system32\wmp.dll [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}] : : C:\Windows\SysWOW64\ieframe.dll [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] : : [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A60C1DC7-64B3-4AD9-8E67-035D11B8B2B0}] : : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE}] : : C:\PROGRA~3\iSkysoft\VIDEOC~1\WSBROW~1.DLL [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D27CDB6E-AE6D-11CF-96B8-444553540000}] : : C:\Windows\SysWOW64\Macromed\Flash\Flash.ocx [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6D90F11-9C73-11D3-B32E-00C04F990BB4}] : : %SystemRoot%\System32\msxml3.dll ---------- | Browser Helper Objects [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] -> () : [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}] -> (Bitdefender Wallet) : C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [06/04/2017 08:24:55] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}] -> (Bitdefender Wallet) : C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [06/04/2017 08:24:55] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201CF130-E29C-4E5C-A73F-CD197DEFA6AE}] -> (E-Web Print) : C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [27/11/2014 11:38:00] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] -> (Programme d'aide de l'Assistant de connexion Windows Live) : C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [09/04/2017 23:18:36] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AEAF002F-E6D8-4A21-ABD3-2B309B79A6CE}] -> (iSkysoft iMedia Converter Deluxe 5.1.0) : C:\PROGRA~3\iSkysoft\VIDEOC~1\WSBROW~1.DLL [29/03/2017 18:53:24] ---------- | Chrome C:\Users\widen-finalis\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\widen-finalis\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\widen-finalis\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\widen-finalis\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\widen-finalis\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\widen-finalis\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\widen-finalis\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\widen-finalis\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx C:\Users\widen-finalis\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gannpgaobkkhmpomoijebaigcapoeebl] ---------- | Opera ---------- | Firefox [HKLM64\Software\mozilla\Firefox\Extensions] "bdwteffv20@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\ [HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions] "ISVCU@iSkysoft.com"=C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi "e-webprint@epson.com"=C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on "bdwteffv20@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\ [HKLM64\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] - (DivX VOD Helper Plug-in) : C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [HKLM64\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] - (DivX VOD Helper Plug-in) : C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll C:\Users\Jean-Marie\AppData\Roaming\Mozilla\Firefox\Profiles\biwusm5k.default\Prefs.js user_pref("browser.newtab.url", "http://www.bing.com/?pc=COSP&ptag=D041117-A880FF2AB0987464788F&form=CONMHP&conlogo=CT3332041"); user_pref("browser.search.defaultenginename", "Bing®"); user_pref("browser.search.selectedEngine", "Bing®"); user_pref("browser.startup.homepage", "http://www.bing.com/?pc=COSP&ptag=D041117-A880FF2AB0987464788F&form=CONMHP&conlogo=CT3332041"); user_pref("browser.startup.homepage_override.buildID", "20170323105023"); user_pref("browser.startup.homepage_override.mstone", "52.0.2"); user_pref("extensions.bdwteff.firstrun", true); user_pref("extensions.blocklist.pingCountTotal", 4); user_pref("extensions.blocklist.pingCountVersion", 4); user_pref("extensions.bootstrappedAddons", "{\"aushelper@mozilla.org\":{\"version\":\"2.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"deployment-checker@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\deployment-checker@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"e10srollout@mozilla.org\":{\"version\":\"1.9\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"firefox@getpocket.com\":{\"version\":\"1.0.5\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"webcompat@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack\":{\"version\":\"3.0.16\",\"type\":\"webextension\",\"descriptor\":\"C:\\\\Users\\\\Jean-Marie\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\biwusm5k.default\\\\extensions\\\\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"uBlock0@raymondhill.net\":{\"version\":\"1.11.4\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Jean-Marie\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\biwusm5k.default\\\\extensions\\\\uBlock0@raymondhill.net.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"bdwteffv20@bitdefender.com\":{\"version\":\"4.2.4\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Bitdefender\\\\Bitdefender 2017\\\\antispam32\\\\bdwteff\",\"multiprocessCompatible\":true,\"runInSafeMode\":false,\"dependencies\":[],\"hasEmbeddedWebExtension\":false}}"); user_pref("extensions.databaseSchema", 19); user_pref("extensions.e10s.rollout.blocklist", "{dc572301-7619-498c-a57d-39143191b318};support@lastpass.com;"); user_pref("extensions.e10s.rollout.hasAddon", true); user_pref("extensions.e10s.rollout.policy", "51set1"); user_pref("extensions.e10sBlockedByAddons", false); user_pref("extensions.enabledAddons", "ISVCU%40iSkysoft.com:5.1.0,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:52.0.2"); user_pref("extensions.getAddons.cache.lastUpdate", 1491831091); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20170302.01"); user_pref("extensions.lastAppVersion", "52.0.2"); user_pref("extensions.lastPlatformVersion", "52.0.2"); user_pref("extensions.pendingOperations", false); user_pref("extensions.ublock0.cloudStorage.myFiltersPane", ""); user_pref("extensions.ublock0.cloudStorage.myRulesPane", ""); user_pref("extensions.ublock0.cloudStorage.tpFiltersPane", ""); user_pref("extensions.ublock0.cloudStorage.whitelistPane", ""); user_pref("extensions.ui.dictionary.hidden", true); user_pref("extensions.ui.experiment.hidden", true); user_pref("extensions.ui.lastCategory", "addons://list/extension"); user_pref("extensions.ui.locale.hidden", true); user_pref("extensions.webextensions.uuids", "{\"jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack\":\"a9b8c1a7-f3f5-4a66-aa90-7ea7278bbf3a\"}"); user_pref("extensions.xpiState", "{\"app-profile\":{\"jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack\":{\"d\":\"C:\\\\Users\\\\Jean-Marie\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\biwusm5k.default\\\\extensions\\\\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi\",\"e\":true,\"v\":\"3.0.16\",\"st\":1491645786713},\"uBlock0@raymondhill.net\":{\"d\":\"C:\\\\Users\\\\Jean-Marie\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\biwusm5k.default\\\\extensions\\\\uBlock0@raymondhill.net.xpi\",\"e\":true,\"v\":\"1.11.4\",\"st\":1491645796922}},\"app-system-defaults\":{\"aushelper@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"e\":true,\"v\":\"2.0\",\"st\":1490351144765},\"deployment-checker@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\deployment-checker@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1490351144760},\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.9\",\"st\":1490351144762},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.5\",\"st\":1490351154697},\"webcompat@mozilla.org\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1490351144792}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":false,\"v\":\"52.0.2\",\"st\":1490351144850}},\"winreg-app-global\":{\"ISVCU@iSkysoft.com\":{\"d\":\"C:\\\\ProgramData\\\\iSkysoft\\\\Video Converter Ultimate\\\\ISVCU@iSkysoft.com_xpi\",\"e\":true,\"v\":\"5.1.0\",\"st\":1490806131591,\"mt\":1458307132000},\"e-webprint@epson.com\":{\"d\":\"C:\\\\Program Files (x86)\\\\Epson Software\\\\E-Web Print\\\\Firefox Add-on\",\"e\":false,\"v\":\"1.23.00\",\"st\":1491207975636,\"mt\":1432708226000},\"bdwteffv20@bitdefender.com\":{\"d\":\"C:\\\\Program Files\\\\Bitdefender\\\\Bitdefender 2017\\\\antispam32\\\\bdwteff\",\"e\":true,\"v\":\"4.2.4\",\"st\":1491645537999,\"mt\":1491645537999}}}"); user_pref("services.sync.prefs.sync.extensions.ublock0.cloudStorage.myFiltersPane", true); user_pref("services.sync.prefs.sync.extensions.ublock0.cloudStorage.myRulesPane", true); user_pref("services.sync.prefs.sync.extensions.ublock0.cloudStorage.tpFiltersPane", true); user_pref("services.sync.prefs.sync.extensions.ublock0.cloudStorage.whitelistPane", true); C:\Users\widen-finalis\AppData\Roaming\Mozilla\Firefox\Profiles\o54mxi5b.default\Prefs.js user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.startup.homepage_override.buildID", "20170323105023"); user_pref("browser.startup.homepage_override.mstone", "52.0.2"); user_pref("extensions.blocklist.pingCountTotal", 4); user_pref("extensions.blocklist.pingCountVersion", 4); user_pref("extensions.bootstrappedAddons", "{\"aushelper@mozilla.org\":{\"version\":\"2.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"deployment-checker@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\deployment-checker@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"firefox@getpocket.com\":{\"version\":\"1.0.5\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"webcompat@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"disable-prefetch@mozilla.org\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\widen-finalis\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\o54mxi5b.default\\\\features\\\\{dec51e4e-c83f-4894-9532-818b6e8cdf8c}\\\\disable-prefetch@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"e10srollout@mozilla.org\":{\"version\":\"1.12\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\widen-finalis\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\o54mxi5b.default\\\\features\\\\{dec51e4e-c83f-4894-9532-818b6e8cdf8c}\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false}}"); user_pref("extensions.databaseSchema", 19); user_pref("extensions.e10s.rollout.blocklist", "{dc572301-7619-498c-a57d-39143191b318};firefox@mega.co.nzsupport@lastpass.com;"); user_pref("extensions.e10s.rollout.hasAddon", false); user_pref("extensions.e10s.rollout.policy", "50allmpc"); user_pref("extensions.e10sBlockedByAddons", false); user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:52.0.2"); user_pref("extensions.getAddons.cache.lastUpdate", 1491816547); user_pref("extensions.getAddons.databaseSchema", 5); user_pref("extensions.hotfix.lastVersion", "20170302.01"); user_pref("extensions.lastAppVersion", "52.0.2"); user_pref("extensions.lastPlatformVersion", "52.0.2"); user_pref("extensions.pendingOperations", false); user_pref("extensions.systemAddonSet", "{\"schema\":1,\"directory\":\"{dec51e4e-c83f-4894-9532-818b6e8cdf8c}\",\"addons\":{\"disable-prefetch@mozilla.org\":{\"version\":\"1.0\"},\"e10srollout@mozilla.org\":{\"version\":\"1.12\"}}}"); user_pref("extensions.xpiState", "{\"app-system-defaults\":{\"aushelper@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"e\":true,\"v\":\"2.0\",\"st\":1490296975000},\"deployment-checker@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\deployment-checker@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1490296975000},\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.9\",\"st\":1490296975000},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.5\",\"st\":1490296976000},\"webcompat@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1490296975000}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"52.0.2\",\"st\":1490296975000}},\"app-system-addons\":{\"disable-prefetch@mozilla.org\":{\"d\":\"C:\\\\Users\\\\widen-finalis\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\o54mxi5b.default\\\\features\\\\{dec51e4e-c83f-4894-9532-818b6e8cdf8c}\\\\disable-prefetch@mozilla.org.xpi\",\"e\":true,\"v\":\"1.0\",\"st\":1491635163144},\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Users\\\\widen-finalis\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\o54mxi5b.default\\\\features\\\\{dec51e4e-c83f-4894-9532-818b6e8cdf8c}\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.12\",\"st\":1491635163470}}}"); [Profile0] - Name=default -> Profiles/biwusm5k.default [Profile0] - Name=default -> Profiles/o54mxi5b.default ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{f082584a-8909-4bb8-81f4-a55b0715a133}] "DhcpNameServer"=192.168.1.1 192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{f082584a-8909-4bb8-81f4-a55b0715a133}] "DhcpNameServer"=192.168.1.1 192.168.1.1 ---------- | ActiveX [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - -> [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - () - -> [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - -> [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{31699572-6286-3C1C-A03C-511D59181038}] - (.NET Framework) - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> [HKLM64\SOFTWARE\Microsoft\Active Setup\Installed Components\{FEBEF00C-046D-438D-8A88-BF94A6C9E703}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3911CF56-9EF2-39BA-846A-C27BD3CD0685}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] - (Microsoft Windows) - -> "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{71A5A636-652F-3BE0-BC14-02545E9F5EC7}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] - (.NET Framework) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> ---------- | Applications [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Classes\Applications\opera.exe] : "C:\Users\Jean-Marie\AppData\Local\Programs\Opera\Launcher.exe" "%1" [HKLM64\SOFTWARE\Classes\Applications\devenv.exe] : "C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe" "%1" [HKLM64\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM64\SOFTWARE\Classes\Applications\iClone50.exe] : C:\Program Files (x86)\Reallusion\iClone 5\Bin\iClone.exe "%1" [HKLM64\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM64\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM64\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM64\SOFTWARE\Classes\Applications\PowerDVD.exe] : "C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD.exe" "%1" [HKLM64\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" [HKLM64\SOFTWARE\Classes\Applications\uer.exe] : "C:\Users\Jean-Marie\AppData\Local\CompuClever\Ultra eBook Reader\uer.exe" "%1" [HKLM64\SOFTWARE\Classes\Applications\ufo.exe] : "C:\Users\Jean-Marie\AppData\Local\CompuClever\Ultra File Opener\ufo.exe" "%1" [HKLM64\SOFTWARE\Classes\Applications\VSLauncher.exe] : "C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe" "%1" [HKLM64\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe /LaunchPhotoViewer /v "%1" [HKLM64\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM64\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\devenv.exe] : "C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\firefox.exe] : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iClone50.exe] : C:\Program Files (x86)\Reallusion\iClone 5\Bin\iClone.exe "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\PowerDVD.exe] : "C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\uer.exe] : "C:\Users\Jean-Marie\AppData\Local\CompuClever\Ultra eBook Reader\uer.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ufo.exe] : "C:\Users\Jean-Marie\AppData\Local\CompuClever\Ultra File Opener\ufo.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\VSLauncher.exe] : "C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe /LaunchPhotoViewer /v "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | DCOMApplications Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af} Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68} Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba} Name: PhotoAcqWiaEventHandler - AppID: {00F3CDFD-5D2E-439F-8900-3F56A0C1C8BA} Name: TabTip - AppID: {01419581-4d63-4d43-ac26-6e2fc976c1f3} Name: lfsvc - AppID: {020FB939-2C8B-4DB7-9E90-9527966E38E5} Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030} Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd} Name: Microsoft SQL Server Replication Remote Merge Agent 11.0 - AppID: {042A4340-A4D7-44DD-A22E-93278FB52475} Name: DevicesFlowExperienceFlow - AppID: {046AEAD9-5A27-4D3C-8A67-F82552E0A91B} Name: IDBHO - AppID: {062C56BD-B2FF-4405-88D9-93154F27D785} Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B} Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32} Name: PhotoAcqDropTargetEventHandler - AppID: {06A2568A-CED6-4187-BB20-400B8C02BE5A} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23} Name: OOBE Bio Enrollment - AppID: {0771f7af-8de6-4bce-9528-2d4a12cb8168} Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299} Name: Retail Demo User COM Agent - AppID: {0886dae5-13ba-49d6-a6ef-d0922e502d96} Name: RtkApoApi - AppID: {08B039CA-84AA-40EA-8E9C-1D9537DC415B} Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A} Name: Proximity Sharing - AppID: {08FC06E4-C6B5-40BE-97B0-B80F943C615B} Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3} Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3} Name: QuickTimeShellExt - AppID: {0A18A436-2A7A-49F3-A488-30538A2F6323} Name: SwapAPODll - AppID: {0A21D954-674A-4C09-806E-DB4FBE8F199C} Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94} Name: NotificationController App ID - AppID: {0B789C73-D8DA-416D-B665-C1603676CEB1} Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C} Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de} Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E} Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666} Name: Shell Create Object Task Server - AppID: {133eac4f-5891-4d04-bada-d84870380a80} Name: Shell Create Object Handler - AppID: {135fd325-45b7-4c30-89f8-4386961669f0} Name: TPM Virtual Smart Card VCard Module Manager - AppID: {150F28F1-49A5-4C28-BE1A-CFA854A1D04B} Name: Remote TPM Virtual Smart Card Manager - AppID: {152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC} Name: TPM Virtual Smart Card Manager - AppID: {16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A} Name: Speech Runtime COM - AppID: {1725704B-A716-4E04-8EF6-87ED4F0A180A} Name: Immersive TPM Virtual Smart Card Manager - AppID: {19833350-BF9B-42A1-BDF0-BD1FCBE1FD31} Name: WriterBrowserExtension - AppID: {198B12CC-F591-440C-AC7A-6A730BBC436C} Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5} Name: GIDS Smart Card Simulator Manager - AppID: {1AC32B1A-E379-4CAD-B655-F978A30856EC} Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6} Name: Disc soft DT Lite bus service - AppID: {1CA3841D-15B5-4C70-9751-7A87730A1BE9} Name: MyEpson Portal Service - AppID: {1EA8AE6B-3E49-4C56-B4F6-91BC83604BEB} Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c} Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0} Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2} Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7} Name: Microsoft Software Protection Platform Admin Object (Inner) - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A717} Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526} Name: Provisioning Core - AppID: {217700E0-0000-11DF-ADB9-F4CE462D9137} Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829} Name: Dispatch - AppID: {224FC5DE-26AD-4A47-A2C3-5A50885F314C} Name: CortanaExperienceFlow - AppID: {24AC8F2B-4D4A-4C17-9607-6A4B14068F97} Name: InstallAgent - AppID: {260eb9de-5cbe-4bff-a99a-3710af55bf1e} Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF} Name: Exchange Active Sync Policies Broker - AppID: {26795871-6B8F-4115-89DD-986213012798} Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E} Name: WInRTDesktopBroker - AppID: {27550CA0-E9DE-4186-A566-37A59BB6CA69} Name: Cloud Change Wnf Monitor - AppID: {276D4FD3-C41D-465F-8CA9-A82A7762DF32} Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E} Name: WalletService - AppID: {27D6B72D-094D-445A-9ACE-8298CBA0611A} Name: AERTACap - AppID: {288E7ECC-EB53-45df-8EBD-72EAF9AFCB00} Name: InstallAgentUserBroker - AppID: {28d08f70-46eb-4f26-a6cb-54b75132e100} Name: bdelev - AppID: {28F49FF5-3CCE-44C4-919C-49C7E1D33927} Name: ImageHost - AppID: {2903EDD7-545F-4156-977A-5E730E57F253} Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78} Name: SITInstallWrapperEXECOM - AppID: {2A1E68FB-F00A-4C05-8871-EA37BA583FF4} Name: UACObject - AppID: {2A39E11E-7FDE-45b1-99C6-B9E557D3ABA1} Name: Windows Live Photo Gallery Autoplay Drop Target - AppID: {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A} Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5} Name: WinZipSmartMonitorService - AppID: {2CA75AD3-A844-4DF9-999D-CB82069C55C3} Name: DTS Package Host (32-bit) - AppID: {2CB1C2AA-A8EA-41CD-B439-25F4F4C846A9} Name: WalletService - AppID: {2EA38040-0B9C-4379-87FD-4D38BB892F37} Name: DevicesFlow - AppID: {2F93C02D-77F9-46B4-95FB-8CBB81EEB62C} Name: Immersive Shell Broker - AppID: {2FD08A73-D1F1-43EB-B888-24C2496F95FD} Name: ShellServiceHostBrokerProvider - AppID: {30AD8C8E-AE85-42FA-B9E8-7E99E3DFBFC5} Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7} Name: AuthHost - AppID: {31337EC7-5767-11CF-BEAB-00AA006C3606} Name: Immersive Shell - AppID: {316CDED5-E4AE-4B15-9113-7055D84DCC97} Name: Delivery Optimization Mgmt - AppID: {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} Name: Language Components Installer Com Handler - AppID: {33ADC7D5-BAF1-4661-9822-1FD23E63B39F} Name: wpnservice - AppID: {34E76A18-223B-4E23-BEAD-F59358CC0A90} Name: Windows Push Notification Platform - AppID: {362cc086-4d81-4824-bbb5-666d34b3197d} Name: Microsoft SQL Server Replication Logreader Agent 11.0 - AppID: {368C2E48-7E89-4970-94C9-6757E96C49AF} Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB} Name: Delivery Optimization - AppID: {379001DE-7108-4A45-8A74-6CD0A9FBEF2C} Name: Microsoft Portable Workspace Launcher - AppID: {37B73D7B-A976-43AE-97E4-BD4977B241F2} Name: CContactDb - AppID: {380689D0-AFAA-47E6-B80E-A33436FE314B} Name: StatBarU - AppID: {3B38E14E-2BC3-4f19-BC5D-77F80B610BBF} Name: LivePhotoAcqHWEventHandler - AppID: {3BD0ACD1-71CA-4475-92CC-E0AA0AAF843F} Name: CortanaMapiHelper - AppID: {3BFADDE5-09ED-42AE-8190-2E68B650CFE6} Name: WorkspacePolicyProcessor - AppID: {3C3F40BC-60EB-4567-B90C-480C87C21AC1} Name: EEL64A - AppID: {3D5781D9-B2FF-4396-8478-395412020995} Name: Microsoft.VisualStudio.ProductKeyDialog - AppID: {3DC42F2C-AD30-461E-B877-11C917E8FE20} Name: StarBurnXLib - AppID: {3DD7EA49-B5E1-4493-895D-C73562138FC0} Name: SITDiskShredCom - AppID: {3DDE8484-00B3-410A-85D8-B222EACE8D02} Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F} Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e} Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7} Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683} Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25} Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c} Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91} Name: Connected User Store - AppID: {40AFA0B6-3B2F-4654-8C3F-161DE85CF80E} Name: AERTARen - AppID: {41C98373-FE7F-4a42-B694-34CC4F979E61} Name: EntAppSvc - AppID: {42C21DF5-FB58-4102-90E9-96A213DC7CE8} Name: VSPerfControl - AppID: {42F36251-2EB6-4026-88A0-3A4A0B508046} Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775} Name: SPP External COM Object - AppID: {44831FEC-DC51-4716-A7E1-E898FDF83C85} Name: Thumbnail Extraction Host Class - AppID: {4545dea0-2dfc-4906-a728-6d986ba399a9} Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29} Name: Application Activation Manager - AppID: {45BA127D-10A8-46EA-8AB7-56EA9078943C} Name: PIFUAC - AppID: {45CB30B1-B453-488a-9E8F-CE3C2ABFAAA7} Name: Set Network Location Elevated Virtual Factory - AppID: {46B988E8-BEC2-401F-A1C5-16C694F26D3E} Name: Radio Management Service - AppID: {478B41E6-3257-4519-BDA8-E971F9843849} Name: EEG64A - AppID: {47EC1E17-F30B-430b-B9C4-DF60ED501A4B} Name: ShellServiceHost - AppID: {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077} Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF} Name: Telephony App Launcher - AppID: {49EBD8BE-1A92-4A86-A651-70AC565E0FEB} Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d} Name: IndexedDbCacheServer - AppID: {49f6e667-6658-4bd1-9de9-6af87f9faf85} Name: Virtual Factory for Languages Configuration - AppID: {4A3F2F56-454A-4CC5-9734-BB7D8141AC0A} Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17} Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C} Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC} Name: DTS Task Host (32-bit) - AppID: {4D3E4495-4A1C-4AB6-BFCB-E4056EB546D0} Name: Dispatch - AppID: {4D5F23BB-D55A-4961-9BC0-3FE728E15D9D} Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94} Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345} Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B} Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630} Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25} Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601} Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1} Name: wuapihost - AppID: {50E1C3FD-EC35-490E-9CCF-C68F9AE91919} Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5} Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B} Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B} Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C} Name: Visual Studio Just-In-Time Debugger (Internal) - AppID: {534E4CF4-3249-4842-8D65-A9BEAE0BBEAC} Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660} Name: EasyConverter - AppID: {5364FF97-FC20-49C4-87D1-EF1393AF1494} Name: LockScreenContentServer Out of Proc Helper for LockScreenContent Clients - AppID: {536AACFB-5238-4314-B4D4-5B0A2E8B968E} Name: ShareFlow - AppID: {549e57e9-b362-49d1-b679-b64d510efe4b} Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF} Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B} Name: Elevated System Settings COM Host - AppID: {57360832-5F9B-4190-8467-000D2D510212} Name: PrintNotify - AppID: {588E10FA-0618-48A1-BE2F-0AD93E899FCC} Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2} Name: PfShellExtension - AppID: {59A55EF0-525F-4276-AB62-8F7E5F230399} Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61} Name: Video Capture Wizard - AppID: {5AB7566D-F75B-4A53-9615-115B6CB1D59B} Name: WalletService - AppID: {5BC7A3A1-E905-414B-9790-E511346F5CA6} Name: Microsoft Maps Background Transfer Service - AppID: {5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309} Name: EED64A - AppID: {5C73574D-FC7B-4747-8352-143F011923A0} Name: RLVnsThumb - AppID: {5DE1C636-7241-469E-84DC-62CFE2CE5EC2} Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1} Name: Splash screen - AppID: {5EAD00DC-0E8B-497C-BDE8-B9153058CBEF} Name: User OOBE Create User Object Server - AppID: {5f7f3f7b-1177-4d4b-b1db-bc6f671b8f25} Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1} Name: PDFPrevHndlr - AppID: {6236FF8C-E747-4173-86D3-99F511B61DF3} Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D} Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327} Name: WLXQuickTimeControlHost - AppID: {631AF1F1-55E0-4190-9B1E-454D9F370AA2} Name: PenIMC2 - AppID: {63CE6D27-426A-41F9-8E51-549C1132DAE2} Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E} Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E} Name: tiledatamodelsvc - AppID: {65E2E13A-7110-4912-9F03-9A42E253D8F6} Name: Microsoft Visual Studio 2015 - AppID: {67E88D46-FF81-4E57-8C5E-F270A4F9EA1A} Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30} Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8} Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F} Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b} Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56} Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56} Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B} Name: TieringEngineService - AppID: {6DF5BCF4-22E9-446D-8763-A2C7677ECF7D} Name: AutoItX3 - AppID: {6E8109C4-F369-415D-AF9A-2AEEFF313234} Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce} Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca} Name: EditionUpgradeHelper - AppID: {6F65B602-F798-4094-8A41-A2A61961E5E8} Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5} Name: Windows Insider Service - AppID: {7006698d-2974-4091-a424-85dd0b909e23} Name: WindowsLiveWriterFilter - AppID: {7054B371-09E3-4BC8-8A61-02D7799EA98A} Name: workfolderssvc - AppID: {712cedb9-16a4-4f79-801d-7de24d8c706e} Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC} Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD} Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4} Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED} Name: PenIMC4 - AppID: {7568952A-571E-4C70-BEA9-7F9004393436} Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950} Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070} Name: SITPVC - AppID: {786401D2-A2F7-4A1E-B0C4-247015D28B3C} Name: CLMLSvc_P2G11 - AppID: {79454E97-52CD-4517-B6A1-43A1D3C5FDAC} Name: SITShellExLibrary - AppID: {79512DE8-3A0D-4DCA-801F-EE8B75A48487} Name: Dispatch - AppID: {7953C53B-4031-43ca-9AE7-033F565EFD5F} Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100} Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d} Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7} Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829} Name: Shell Create Object Local Server - AppID: {7B6EA1D5-03C2-4AE4-B21C-8D0515CC91B7} Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32} Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6} Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB} Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715} Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034} Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {7FC12E96-4CB7-4ABD-ADAA-EF7845B10629} Name: AdAwareShellExtension - AppID: {815E3070-A914-4A36-BC40-2F35AAD1C91E} Name: CFmIfsEngine host - AppID: {82D94FB3-7FE6-4797-BB72-9A886C66073B} Name: Microsoft SQL Server Integration Services 11.0 - AppID: {83B33982-693D-4824-B42E-7196AE61BB05} Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F} Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850} Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE} Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059} Name: AppReadiness Service - AppID: {88283d7c-46f4-47d5-8fc2-db0b5cf0cb54} Name: Activation Manager Shim - AppID: {8A9AE632-CB07-4A11-8872-358A2A271A24} Name: Desktop Wallpaper Factory - AppID: {8B30085D-A3E3-44e3-AE7F-B03A1340EBED} Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820} Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854} Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB} Name: Microsoft Visual Studio - AppID: {8CD2DD97-4EC1-4bc4-9359-89A3EEDD57A6} Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee} Name: TiWorker - AppID: {8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D} Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C} Name: WalletService - AppID: {8E44A57C-5638-44D3-9B83-34DF70EB57F2} Name: RdpSa - AppID: {8e7fae4d-cff0-41d3-a326-5a80470264bb} Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444} Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db} Name: Microsoft.Windows.Simulator.UtilitiesElevated AppID - AppID: {907FF85D-B346-40F6-94D8-10D908817647} Name: UACObject - AppID: {90B553F3-415D-44D8-8665-C2F78763F8F1} Name: SQLTaskConnections - AppID: {91A708A7-D12F-4B03-B8D0-DDE814119454} Name: WindowsSimulatorServiceFactory - AppID: {91F0793A-CD98-4304-BCA2-654A2786F328} Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients - AppID: {924DC564-16A6-42EB-929A-9A61FA7DA06F} Name: RtkPgExt - AppID: {92842063-1ECC-4a1a-9343-9A8E1C972E60} Name: HtmlLocalFileResolver - AppID: {93AAD2A0-036A-4B11-A078-DA8776B38139} Name: fshredctx - AppID: {96E72FCA-663F-4E6B-AF24-1FE6F03AA89A} Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60} Name: Telephony Incoming Call Toast - AppID: {990F07C7-78DC-4BD2-B145-5F791410BDDE} Name: Microsoft SQL Server Replication Remote Dist Agent 11.0 - AppID: {99434DAB-0F08-4F30-8CCF-B3E80296C907} Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7} Name: WLXAutoPlayMgr - AppID: {9B5CDBB0-6D57-4816-BD04-CA9E68DF5610} Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Name: RuntimeBroker - AppID: {9CA88EE3-ACB7-47c8-AFC4-AB702511C276} Name: PCProxy - AppID: {9DC8FA51-B596-4f77-802C-5B295919C205} Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8} Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030} Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D} Name: RtkCfg - AppID: {A11009A7-DC01-48F8-B6AA-C4613FC5CB15} Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811} Name: TrayNotify - AppID: {a2b77517-6d12-4c60-b0c6-725e971ec8fe} Name: rundll32.exe - AppID: {a2d9ca22-a492-400c-b875-78ac25c0a6f3} Name: Microsoft.Live.Folders.RichUpload.3.dll - AppID: {A40C5393-FD53-4528-95EB-0B348BC1539D} Name: Virtual Factory for Windows Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357} Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6} Name: DsmAdminApi - AppID: {A5065670-136D-4FD6-A45F-00C85B90359C} Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24} Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121} Name: Virtual Factory for MaintenanceUI - AppID: {A6BFEA43-501F-456F-A845-983D3AD7B8F0} Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F} Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50} Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D} Name: Delivery Optimization Mgmt - AppID: {AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800} Name: F12AppFrameClient Class - AppID: {AABAA6AA-5398-4C08-AE60-6321A7F05E9C} Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22} Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94} Name: Out of proc server to enable Insider Hub scenarios to be reached from inside of its appcontainer - AppID: {ac0fd47a-37f4-4502-bfee-6b317e479d41} Name: RetailDemo Service - AppID: {ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325} Name: WPN Srumon Server - AppID: {ada41b3c-c6fd-4a08-8cc1-d6efde67be7d} Name: TrayToastActivator - AppID: {AFC732E2-BA57-4B3E-A70A-71371F99B871} Name: WorkspaceBroker Class - AppID: {B06FF84E-0A77-4DD2-A919-0EABD8979DC1} Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA} Name: DockInterface COM server - AppID: {b21858c6-9711-4257-99c8-5c0084bebce1} Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492} Name: AppActivationFailedHandler - AppID: {B3AADFEA-8404-4CBE-A62E-B0B715412C9E} Name: RichVideo64 - AppID: {B58B304A-D419-4c50-BE1F-6F6CD234B7EF} Name: RContextMenu - AppID: {B5B6E648-E9F7-4CE3-987C-53FEDA97C1FA} Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C} Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599} Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2} Name: WLX Thumbnail Cache Out of Proc Server - AppID: {B8A2E14E-290D-4122-B092-1A7D86198CCE} Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D} Name: ApplicationActivationImpl - AppID: {B9305506-D05B-4C36-81C5-0E50886C1755} Name: Application Frame Host - AppID: {B9B05098-3E30-483F-87F7-027CA78DA287} Name: VideoFileToIPOD - AppID: {BA3B76C9-61F7-4419-9F79-A9E3717EFE22} Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4} Name: AcroPDF - AppID: {BBAA0E44-3862-490C-8E63-AC2D2D6EF733} Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70} Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B} Name: ewpsie_tb - AppID: {BBFE69BB-2EA4-49A6-99F3-9408974D0684} Name: Setting Sync Task Factory - AppID: {bcbb3f8c-2889-474f-8fb7-904d4a416145} Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B} Name: EditionUpgradeManagerObj - AppID: {BD54C901-076B-434E-B6C7-17C531F4AB41} Name: VM IC Heartbeat Service - AppID: {be0fc7f0-f248-4091-a123-34ca29a6901b} Name: WindowsLiveWriterApplication - AppID: {BF7C0368-EA36-475E-AA42-3F28E736FABD} Name: Shell AutoPlay Direct - AppID: {BF8841C9-378A-4CAD-B4FC-5091366CBC0D} Name: OVSHelper - AppID: {BFEDD1F7-641C-4D64-9A6A-481A5E6BEC4F} Name: ShellBrowserWindow - AppID: {c08afd90-f2a1-11d1-8455-00a0c91f3880} Name: LockAppHost Out of Proc Helper for Lock Apps - AppID: {C08B030B-E91C-479D-BEFD-02DDA7FF1BCF} Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6} Name: DataExchangeHost - AppID: {C2E9756F-8155-4EAC-9ED5-0B690169D412} Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF} Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1} Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E} Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444} Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D} Name: Acronis True Image Shell Extension Backend - AppID: {C4E69DB9-E094-483e-B922-E7ADE65FB497} Name: Xbox Live Game Saves - AppID: {C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3} Name: EntAppSvc - AppID: {C63261E4-6052-41FF-B919-496FECF4C4E5} Name: EmailClient Class - AppID: {C6E0A4C8-A933-411E-8068-406C2391665F} Name: FamilySafetyRefreshTask - AppID: {C844C79D-AED8-4DCE-AB25-4D359BED84F8} Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9} Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81} Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D} Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C} Name: editionupgradebroker - AppID: {C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125} Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F} Name: User OOBE Create Elevated Object Server - AppID: {ca8c87c1-929d-45ba-94db-ef8e6cb346ad} Name: EPTBL - AppID: {CACC252F-95A7-4741-BBE8-FB1F18C2826F} Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B} Name: PrintIsolationSessionHost - AppID: {CB363445-F453-4C1E-8EE4-BD123C5E394F} Name: UACObject - AppID: {CB43451C-E132-4866-B714-435253C98BBA} Name: ShellExtension - AppID: {CB65493D-4F92-4301-8EDB-0C93266A3B51} Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF} Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF} Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933} Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2} Name: BingDesktopUpdater - AppID: {CE41EBCF-17C0-4307-971E-03FEBCBB7D39} Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03} Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395} Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7} Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5} Name: Color Management - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937} Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652} Name: Microsoft SQL Server Replication Distribution Agent 11.0 - AppID: {D41192E9-AB13-4A23-AB3B-A5FED98306DB} Name: URLReqService - AppID: {D4859CE9-3B25-4235-8973-A74F5D9A04F2} Name: DVSiTunes - AppID: {D5FEAED3-3444-4CEA-9940-A972FB6726F1} Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30} Name: UACObject - AppID: {D8239E84-D6EC-41dc-B7EA-98CDBF472200} Name: CloudStorageWizard - AppID: {D8775A07-C529-4EA7-B307-BA7C8CBBDA03} Name: Microsoft Software Protection Platform Admin Object (outer) - AppID: {D8D4249F-A8FB-44A7-8AA0-564E8C385BD6} Name: IndexedDbBrokerServer - AppID: {dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6} Name: BrowserBrokerServer - AppID: {DD9C53BC-8441-4B94-BD0E-36E6E02A6D61} Name: Srumon Server - AppID: {ddcfd26b-feed-44cd-b71d-79487d2e5e5a} Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44} Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5} Name: LockScreen Call Broker - AppID: {DE7D3D65-5454-4EF5-9518-776739DAB39F} Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E} Name: Immersive Print Dialog Surrogate - AppID: {E15FBAC2-C276-4523-92CA-561456EBCF3E} Name: RtkAPODll - AppID: {E1D2965E-D32B-4e1c-B9F1-159ACB984258} Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212} Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB} Name: Execute Unknown - AppID: {e44e9428-bdbc-4987-a099-40dc8fd255e7} Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients (Failed Mouse In Pointer) - AppID: {E45A56CE-399C-45F0-9E6F-BFAACD3C711F} Name: COM_SRS_WOWHD2 - AppID: {E46D2660-D86E-4B0A-BB61-F0FFE9BBDEB5} Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A} Name: Visual Studio Just-In-Time Debugger - AppID: {E62A7A31-6025-408E-87F6-81AEB0DC9347} Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9} Name: Orchestrator Service - AppID: {E7299E79-75E5-47BB-A03D-6D319FB7F886} Name: TokenBroker Out Of Proc COM Server - AppID: {E73A797B-24CE-424A-AD4F-48E98B1E95B8} Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5} Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90} Name: Remove Device elevation surrogate - AppID: {E95186C7-7D80-4311-843D-0702CBC8B1E4} Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45E1-8E7D-64414AFF281A} Name: PfShellExtension - AppID: {E9F269D7-7652-41a7-9C53-008CF3B0A943} Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB} Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8} Name: Immersive Print Dialog Surrogate - AppID: {EB28E902-728E-42C4-97DC-DA89E144C744} Name: Remote Desktop Services Message Server - AppID: {EB521D7D-4095-4E61-88FB-BF25700F142A} Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A} Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A} Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58} Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147} Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7} Name: RichVideo - AppID: {EEDE56D6-82E5-4B98-B99E-D4339825E216} Name: CloudExperienceHost Broker AppID - AppID: {efe2d6d8-a81b-41e7-ae77-e5244ab80522} Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC} Name: AcroBroker - AppID: {F2383816-917A-46CC-AD2A-5013BED3800F} Name: AvailableNetworksExperienceFlow - AppID: {F2506CD7-82C2-43D9-A1D3-F85F5EFE7D09} Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7} Name: FodHelper - AppID: {F2F94BB3-595C-4509-B7EE-243FA2BDEA5B} Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801} Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A} Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248} Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717} Name: Pen Workspace Discover Broker - AppID: {F5A6ACF4-FFE0-4934-AE1D-5F960EA0AAD9} Name: UACObject - AppID: {F632543F-3A79-4cc9-AACD-07036DF9FFCD} Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8} Name: CloudExperienceHost Create System Object Server - AppID: {f7fa3149-91e7-43b7-8040-b707688ced1a} Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E} Name: WLIDFDP - AppID: {F828BB1A-2FAE-4AC4-AE6F-CAC9B529F996} Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7} Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Name: DaemonShellExtImage - AppID: {F9B84490-4C45-4737-82E5-0EA0B1CF5307} Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333} Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E} Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb} Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160} Name: Hotspot Auth Module - AppID: {FC5EEAF6-0002-11DF-ADB9-F4CE462D9137} Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9} Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00} Name: Microsoft SQL Server Replication Queuereader Agent 11.0 - AppID: {FD737704-43CB-4791-B4DB-EE8CDBC64450} Name: Proximity UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10C} Name: MP UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10D} Name: Microsoft SQL Server Replication Merge Agent 11.0 - AppID: {FDF7E044-456E-46C5-A396-807479AAFB4D} Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7} Name: EntAppSvc - AppID: {FFE1E5FE-F1F0-48C8-953E-72BA272F2744} Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{224FC5DE-26AD-4A47-A2C3-5A50885F314C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{224FC5DE-26AD-4A47-A2C3-5A50885F314C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-32-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-15-3-1024-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-32-2558976728-3115931106-1512009022-3208506203-2008579624-341828572-3950653509-2339491937" Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-15-3-1024-2558976728-3115931106-1512009022-3208506203-2008579624-341828572-3950653509-2339491937" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-32-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067" Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-15-3-1024-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067" Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-32-2558976728-3115931106-1512009022-3208506203-2008579624-341828572-3950653509-2339491937" Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-15-3-1024-2558976728-3115931106-1512009022-3208506203-2008579624-341828572-3950653509-2339491937" Win32_DCOMApplication.AppID="{28F49FF5-3CCE-44C4-919C-49C7E1D33927}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{28F49FF5-3CCE-44C4-919C-49C7E1D33927}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{2A39E11E-7FDE-45b1-99C6-B9E557D3ABA1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2A39E11E-7FDE-45b1-99C6-B9E557D3ABA1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-15-3-1024-1314380931-3989923313-3249193833-1963115619-3940350845-1282913705-2904921893-3519892189" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1212" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3DC42F2C-AD30-461E-B877-11C917E8FE20}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3DC42F2C-AD30-461E-B877-11C917E8FE20}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-80-611605672-2879557022-2206624263-4029342278-3129212340" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D5F23BB-D55A-4961-9BC0-3FE728E15D9D}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{4D5F23BB-D55A-4961-9BC0-3FE728E15D9D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-15-3-1024-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{534E4CF4-3249-4842-8D65-A9BEAE0BBEAC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{534E4CF4-3249-4842-8D65-A9BEAE0BBEAC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-3-1024-3625662137-2682091254-856171984-2868379045-3001028726-1009205972-4175949866-684286152" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1031" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-80-3028837079-3186095147-955107200-3701964851-1150726376" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{67E88D46-FF81-4E57-8C5E-F270A4F9EA1A}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{67E88D46-FF81-4E57-8C5E-F270A4F9EA1A}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{730BFCEC-E4BF-4D3A-9FBB-01DD132467A4}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546" Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7953C53B-4031-43ca-9AE7-033F565EFD5F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7953C53B-4031-43ca-9AE7-033F565EFD5F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{83B33982-693D-4824-B42E-7196AE61BB05}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{83B33982-693D-4824-B42E-7196AE61BB05}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{874E03B4-29BD-4628-A0F6-78B8B011ADA9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{874E03B4-29BD-4628-A0F6-78B8B011ADA9}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{874E03B4-29BD-4628-A0F6-78B8B011ADA9}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{874E03B4-29BD-4628-A0F6-78B8B011ADA9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-15-3-1024-1701033769-137094913-3738083205-577272984-1204217555-1180762924-3352773070-2589626690" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1210" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{90B553F3-415D-44D8-8665-C2F78763F8F1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{90B553F3-415D-44D8-8665-C2F78763F8F1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-6" Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708" Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11" Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CB43451C-E132-4866-B714-435253C98BBA}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CB43451C-E132-4866-B714-435253C98BBA}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D8239E84-D6EC-41dc-B7EA-98CDBF472200}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{D8239E84-D6EC-41dc-B7EA-98CDBF472200}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628" Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464" Win32_DCOMApplication.AppID="{dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-15-3-1024-2819154332-3691255550-2499738133-2646149002-4290075130-3069449926-721213713-3168903538" Win32_DCOMApplication.AppID="{E62A7A31-6025-408E-87F6-81AEB0DC9347}" - Win32_SID.SID="S-1-2-0" Win32_DCOMApplication.AppID="{E62A7A31-6025-408E-87F6-81AEB0DC9347}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E62A7A31-6025-408E-87F6-81AEB0DC9347}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E62A7A31-6025-408E-87F6-81AEB0DC9347}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{E62A7A31-6025-408E-87F6-81AEB0DC9347}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-32-545" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E73A797B-24CE-424A-AD4F-48E98B1E95B8}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551" Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F632543F-3A79-4cc9-AACD-07036DF9FFCD}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F632543F-3A79-4cc9-AACD-07036DF9FFCD}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-3433512109-503559027-1389316256-1766580070-2256751264" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-1260278928-804197538-2066346633-4268302704-2216462912" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-345135819-4012009209-3062012967-1747265747-3674605950" Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-951620777-1059631183-2804607755-3010024351-809615488" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20" Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-1-0" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-10" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-18" Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-32-544" ---------- | SvcHost (Whitelist) [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=Power LSM BrokerInfrastructure PlugPlay SystemEventsBroker DeviceInstall DcomLaunch "Camera"=FrameServer "smbsvcs"=lanmanserver browser [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost] "DcomLaunch"=PlugPlay DeviceInstall DcomLaunch "smbsvcs"=lanmanserver ---------- | SvcHost - Netsvcs (Whitelist) ---------- | Software [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\335erN138hUA] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\ACD Systems] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\AppDataLow] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Ashampoo] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\ASProtect] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\ATI] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\AutoIt v3] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\BCL Technologies] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\BDUSBImmunizer] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Bitdefender] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Booking.com] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\BugSplat] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Canneverbe Limited] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Caphyon] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\ChemTable Software] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Chromium] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\CineForm] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Clients] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Code Sector] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\ComodoGroup] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\CompuClever] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Corel] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\csastats] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\CyberGhost] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\CyberLink] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Cygnus Solutions] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Disc Soft] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\DivX] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\DivXNetworks] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\DMGR1.25] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\DVDVideoSoft] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\EaseUS] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\EaseXP] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\EPSON] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\EPSON Software Updater] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\FortCryptoExtension] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\giveawayoftheday.com] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\GlarySoft] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\HardDiskShieldLanguage] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\HardDiskShieldValidity] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\HideMyIP] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\HSTools] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Icecream] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Informer Technologies, Inc.] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Innovative Solutions] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\iSkysoft] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\IvoSoft] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Jam Software] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\KillSoft] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\LabPixels] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Laplink] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\LAV] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Lavasoft] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Leadertech] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Licenses] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Locky] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\LogiShrd] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Logitech] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\macrium] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Macromedia] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Malwarebytes] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Mozilla] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\mozy] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\MPC-HC] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\MT66] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\NeatMP3] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Nico Mak Computing] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Obsidium] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Opera Software] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Panda Security] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Paramount Software (UK) Ltd.] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\PCWinSoft] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Policies] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\PowerISO] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\PRO PC Cleaner] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\ProductSetup] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\PROPCCleanerLanguage] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Reallusion] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Rebit] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\RegisteredApplications] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Remo Software] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\SafeIT Security] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\SEIKO EPSON CORPORATION] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\SharewareOnSale] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Simply Super Software] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Skype] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\softorbits] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Spearit] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\StackDocklet] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Sunisoft] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\SyncEngines] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\sysinternals] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Teorex] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Tihiy] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Top Studio] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Trolltech] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\TweakBit] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\UsbFix] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\UsbFix Standard] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\UTILILAB] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Viv] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\VOS] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\WinRAR] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\WinRAR SFX] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\WinZip Computing] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\WixSharp] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Wondershare] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Wow6432Node] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\WSVCUPlugin] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\ZebHelpProcess Helper] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Zemana] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\ZHP] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\{98132F81-18BE-4722-8B1D-0A25D9AE3DA0}] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\Roaming] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM64\Software\ACD Systems] [HKLM64\Software\Acronis] [HKLM64\Software\AMD] [HKLM64\Software\Ashampoo] [HKLM64\Software\ATI] [HKLM64\Software\ATI Technologies] [HKLM64\Software\AVC3] [HKLM64\Software\Bitdefender] [HKLM64\Software\Bitdefender Agent] [HKLM64\Software\Bitdefender Device Management] [HKLM64\Software\ByteFence] [HKLM64\Software\Clients] [HKLM64\Software\Code Sector] [HKLM64\Software\CodeGear] [HKLM64\Software\ComodoGroup] [HKLM64\Software\CyberGhost] [HKLM64\Software\CyberLink] [HKLM64\Software\Disc Soft] [HKLM64\Software\DivX] [HKLM64\Software\Emsi Software GmbH] [HKLM64\Software\EPSON] [HKLM64\Software\Foolish IT] [HKLM64\Software\FortCryptoextension] [HKLM64\Software\g3n-h@ckm@n] [HKLM64\Software\Genie9] [HKLM64\Software\GridinSoft] [HKLM64\Software\HaaliMkx] [HKLM64\Software\HitmanPro] [HKLM64\Software\Ignis] [HKLM64\Software\IM Providers] [HKLM64\Software\Intel] [HKLM64\Software\jam software] [HKLM64\Software\KeyCryptSDK] [HKLM64\Software\Khronos] [HKLM64\Software\Lavasoft] [HKLM64\Software\Logitech] [HKLM64\Software\Macrium] [HKLM64\Software\Macromedia] [HKLM64\Software\MalwarebytesARW] [HKLM64\Software\Microsoft] [HKLM64\Software\Mozilla] [HKLM64\Software\mozilla.org] [HKLM64\Software\MozillaPlugins] [HKLM64\Software\Nico Mak Computing] [HKLM64\Software\NoVirusThanks] [HKLM64\Software\ODBC] [HKLM64\Software\OEM] [HKLM64\Software\Partner] [HKLM64\Software\Policies] [HKLM64\Software\QWR2YW5jZWRwY2NhcmUubmV0] [HKLM64\Software\Reallusion] [HKLM64\Software\Realtek] [HKLM64\Software\RegisteredApplications] [HKLM64\Software\Remo Software] [HKLM64\Software\SafeIT Security] [HKLM64\Software\SRS Labs] [HKLM64\Software\sysinternals] [HKLM64\Software\TAP-Windows] [HKLM64\Software\WebBar] [HKLM64\Software\WinRAR] [HKLM64\Software\Wondershare] [HKLM64\Software\WOW6432Node] [HKLM64\Software\Zemana] [HKLM64\Software\ZmnGlobalSDK] [HKLM64\Software\{AA17B746-F1EE-49bf-B5D5-D94519FF660F}] [HKLM64\Software\Microsoft\Windows\ClickNote] [HKLM64\Software\Microsoft\Windows\CurrentVersion] [HKLM64\Software\Microsoft\Windows\DWM] [HKLM64\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM64\Software\Microsoft\Windows\HTML Help] [HKLM64\Software\Microsoft\Windows\ITStorage] [HKLM64\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM64\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM64\Software\Microsoft\Windows\Shell] [HKLM64\Software\Microsoft\Windows\Tablet PC] [HKLM64\Software\Microsoft\Windows\TabletPC] [HKLM64\Software\Microsoft\Windows\Windows Error Reporting] [HKLM64\Software\Microsoft\Windows\Windows Search] [HKLM64\Software\Microsoft\Windows NT\CurrentVersion] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\Software\WOW6432Node\ACD Systems] [HKLM\Software\WOW6432Node\Acronis] [HKLM\Software\WOW6432Node\adaware] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AMD] [HKLM\Software\WOW6432Node\Ashampoo] [HKLM\Software\WOW6432Node\ATI] [HKLM\Software\WOW6432Node\ATI Technologies] [HKLM\Software\WOW6432Node\Auslogics] [HKLM\Software\WOW6432Node\AutoIt v3] [HKLM\Software\WOW6432Node\BCL Technologies] [HKLM\Software\WOW6432Node\Bitdefender] [HKLM\Software\WOW6432Node\Bitdefender Agent] [HKLM\Software\WOW6432Node\ByteFence] [HKLM\Software\WOW6432Node\Canneverbe Limited] [HKLM\Software\WOW6432Node\CodeGear] [HKLM\Software\WOW6432Node\COMODO] [HKLM\Software\WOW6432Node\CyberGhost] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\Cygnus Solutions] [HKLM\Software\WOW6432Node\DivXNetworks] [HKLM\Software\WOW6432Node\DVDVideoSoft] [HKLM\Software\WOW6432Node\EaseUS] [HKLM\Software\WOW6432Node\EaseUS Todo Backup] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\Foolish IT] [HKLM\Software\WOW6432Node\FreeFileSync] [HKLM\Software\WOW6432Node\Genie9] [HKLM\Software\WOW6432Node\GlarySoft] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\HaaliMkx] [HKLM\Software\WOW6432Node\HardDiskShieldValidity] [HKLM\Software\WOW6432Node\iFunSoft] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\Innovative Solutions] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\IObit] [HKLM\Software\WOW6432Node\iSkysoft] [HKLM\Software\WOW6432Node\iSkysoftSysMenuDATA] [HKLM\Software\WOW6432Node\jam software] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\KillSoft] [HKLM\Software\WOW6432Node\LabPixels] [HKLM\Software\WOW6432Node\Laplink] [HKLM\Software\WOW6432Node\Lavasoft] [HKLM\Software\WOW6432Node\Licenses] [HKLM\Software\WOW6432Node\logishrd] [HKLM\Software\WOW6432Node\Logitech] [HKLM\Software\WOW6432Node\macrium] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Microsoft Corporation] [HKLM\Software\WOW6432Node\MimarSinan] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\mozy] [HKLM\Software\WOW6432Node\Nico Mak Computing] [HKLM\Software\WOW6432Node\Notepad++] [HKLM\Software\WOW6432Node\NuGet] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\Panda Security] [HKLM\Software\WOW6432Node\Panda Software] [HKLM\Software\WOW6432Node\PCWinSoft] [HKLM\Software\WOW6432Node\PowerISO] [HKLM\Software\WOW6432Node\PowerProducer_Upgrade] [HKLM\Software\WOW6432Node\PreEmptive Solutions] [HKLM\Software\WOW6432Node\PRO PC Cleaner] [HKLM\Software\WOW6432Node\RapidSolution] [HKLM\Software\WOW6432Node\Reallusion] [HKLM\Software\WOW6432Node\Remo Software] [HKLM\Software\WOW6432Node\Runtime Software] [HKLM\Software\WOW6432Node\SafeIT Security] [HKLM\Software\WOW6432Node\Seiko Epson Corporation] [HKLM\Software\WOW6432Node\Simply Super Software] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\Spearit] [HKLM\Software\WOW6432Node\sysinternals] [HKLM\Software\WOW6432Node\TVInstallTemp] [HKLM\Software\WOW6432Node\TweakBit] [HKLM\Software\WOW6432Node\Ultra eBook Reader] [HKLM\Software\WOW6432Node\Ultra File Opener] [HKLM\Software\WOW6432Node\UNREAL] [HKLM\Software\WOW6432Node\Viv] [HKLM\Software\WOW6432Node\Volatile] [HKLM\Software\WOW6432Node\WafCX] [HKLM\Software\WOW6432Node\Wondershare] [HKLM\Software\WOW6432Node\WOW6432Node] [HKLM\Software\WOW6432Node\Zemana] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] ---------- | FeatureControl [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_96DPI_PIXEL] "CyberGhost.exe"="1" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "CyberGhost.exe"="0" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "Trial.exe"="8888" "OneDrive.exe"="11000" "CyberGhost.exe"="0" "burningstudio18.exe"="11001" "AppManager.exe"="8000" "softinfo.exe"="11000" "browser_assistant.exe"="9000" "ashsnap.exe"="11001" "backupClient-abpb.exe"="11001" "winwb.exe"="11000" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_CrossDomain_Fix_KB867801] "burningstudio18.exe"="1" "ashsnap.exe"="1" "backupClient-abpb.exe"="1" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_Cross_Domain_Redirect_Mitigation] "burningstudio18.exe"="1" "ashsnap.exe"="1" "backupClient-abpb.exe"="1" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_NAVIGATION_SOUNDS] "CyberGhost.exe"="1" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_CLIPCHILDREN_OPTIMIZATION] "CyberGhost.exe"="1" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "CyberGhost.exe"="1" "burningstudio18.exe"="1" "softinfo.exe"="0" "ashsnap.exe"="1" "backupClient-abpb.exe"="1" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "CyberGhost.exe"="0" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "burningstudio18.exe"="10" "ashsnap.exe"="10" "backupClient-abpb.exe"="10" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "burningstudio18.exe"="10" "ashsnap.exe"="10" "backupClient-abpb.exe"="10" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_NINPUT_LEGACYMODE] "CyberGhost.exe"="0" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION] "burningstudio18.exe"="1" "ashsnap.exe"="1" "backupClient-abpb.exe"="1" [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "HelpPane.exe"="10000" "prevhost.exe"="8000" "winzip64.exe"="8000" "sllauncher.exe"="8000" "Filmora.exe"="9999" "ACD.exe"="8000" "softinfo.exe"="11000" "seccenter.exe"="8888" "bdagent.exe"="8888" "obk.exe"="8888" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="1" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" "sllauncher.exe"="0" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_GPU_RENDERING] "softinfo.exe"="0" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "sllauncher.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="10" "sllauncher.exe"="6" "iexplore.exe"="10" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="10" "sllauncher.exe"="6" "iexplore.exe"="10" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "sllauncher.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "sllauncher.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM64\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION] "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "infopath.exe"="0" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION] "devenv.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS] "HelpPane.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG] "HelpPane.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT] "HelpPane.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT] "HelpPane.exe"="1" "PresentationHost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION] "TBConsoleUI.exe"="9999" "ByteFence.exe"="9000" "Audials.exe"="11000" "AudialsNotifier.exe"="11000" "SkypeBrowserHost.exe"="10001" "Skype.exe"="11001" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL] "*"="1" "explorer.exe"="1" "iexplore.exe"="1" "SAPfewgsrv.exe"="0" "SAPGUI.exe"="0" "SAPGuiIT.exe"="0" "SAPLgPad.exe"="0" "SAPLOGON.exe"="0" "Scale_for_R3.exe"="0" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP] "ieuser.exe"="1" "iexplore.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL] "HelpPane.exe"="1" "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK] "YahooMusicEngine.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE] "HelpPane.exe"="100000" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT] "devenv.exe"="0" "dexplore.exe"="1" "helppane.exe"="1" "PresentationHost.exe"="0" "sllauncher.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS] "msfeedssync.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS] "PresentationHost.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IFRAME_MAILTO_THRESHOLD] "devenv.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG] ""="" "msiexec.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART] "cs.exe"="1" "waol.exe"="1" "wm.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS] "iexplore.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS] "helppane.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS] "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "devenv.exe"="1" "sllauncher.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER] "explorer.exe"="4" "sllauncher.exe"="6" "iexplore.exe"="10" "SkypeBrowserHost.exe"="6" "Skype.exe"="6" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER] "explorer.exe"="2" "sllauncher.exe"="6" "iexplore.exe"="10" "SkypeBrowserHost.exe"="6" "Skype.exe"="6" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME] "mshta.exe"="1" "outlook.exe"="1" "sidebar.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN] "explorer.exe"="0" "iexplore.exe"="0" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING] "communicator.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "devenv.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD] "msimn.exe"="1" "prevhost.exe"="1" "winmail.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE] "PresentationHost.exe"="1" "sllauncher.exe"="1" "WindowsLiveWriter.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ] "HelpPane.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT] "explorer.exe"="1" "HelpPane.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION] "devenv.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND] "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE] "HelpPane.exe"="0" "prevhost.exe"="0" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG] "PresentationHost.exe"="1" "devenv.exe"="1" "sllauncher.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX] "PresentationHost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN] "msimn.exe"="1" "outlook.exe"="1" "winmail.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK] "HelpPane.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL] "excel.exe"="1" "infopath.exe"="1" "powerpnt.exe"="1" "winword.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL] "HelpPane.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE] "HelpPane.exe"="1" "devenv.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD] "msn.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS] "explorer.exe"="1" "iexplore.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER] "iexplore.exe"="1" "prevhost.exe"="1" [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION] "explorer.exe"="1" "iexplore.exe"="1" "PresentationHost.exe"="1" "prevhost.exe"="1" "wmplayer.exe"="1" "wlmail.exe"="1" ---------- | The Created last ones ¦ Modified [MD5.00000000000000000000000000000000] - [09/04/2017 12:10:27] - |D| - [7403286] - C:\Program Files (x86)\1AVCapture [MD5.00000000000000000000000000000000] - [09/04/2017 20:23:28] - |D| - [3631890] - C:\Program Files (x86)\7-Zip [MD5.00000000000000000000000000000000] - [09/04/2017 21:09:54] - |D| - [77563082] - C:\Program Files (x86)\Acer [MD5.00000000000000000000000000000000] - [09/04/2017 21:19:52] - |D| - [217269162] - C:\Program Files (x86)\Adobe [MD5.00000000000000000000000000000000] - [10/04/2017 04:05:30] - |D| - [43213482] - C:\Program Files (x86)\AoaoPhoto Digital Studio [MD5.00000000000000000000000000000000] - [09/04/2017 19:03:34] - |D| - [31824492] - C:\Program Files (x86)\Auslogics [MD5.00000000000000000000000000000000] - [08/04/2017 08:52:23] - |D| - [8845645] - C:\Program Files (x86)\AxBx [MD5.00000000000000000000000000000000] - [09/04/2017 21:27:03] - |D| - [206447056] - C:\Program Files (x86)\BackupClient [MD5.00000000000000000000000000000000] - [07/04/2017 12:06:31] - |AD| - [46778149] - C:\Program Files (x86)\Batch Picture Protector [MD5.00000000000000000000000000000000] - [11/04/2017 14:39:55] - |D| - [80461609] - C:\Program Files (x86)\Booking.com [MD5.00000000000000000000000000000000] - [09/04/2017 20:25:55] - |D| - [8076912] - C:\Program Files (x86)\CCleaner [MD5.00000000000000000000000000000000] - [08/04/2017 09:49:10] - |D| - [19784837] - C:\Program Files (x86)\CDBurnerXP [MD5.00000000000000000000000000000000] - [09/04/2017 12:17:49] - |D| - [2922805] - C:\Program Files (x86)\Codyssey [MD5.00000000000000000000000000000000] - [09/04/2017 23:19:18] - |D| - [1180725234] - C:\Program Files (x86)\Comodo [MD5.00000000000000000000000000000000] - [08/04/2017 09:05:14] - |D| - [21450637] - C:\Program Files (x86)\CompuClever [MD5.00000000000000000000000000000000] - [09/04/2017 23:53:27] - |D| - [13580794] - C:\Program Files (x86)\Copy Handler [MD5.00000000000000000000000000000000] - [11/04/2017 14:16:42] - |D| - [2820738] - C:\Program Files (x86)\Data Wipe [MD5.00000000000000000000000000000000] - [10/04/2017 00:03:01] - |D| - [795472] - C:\Program Files (x86)\DIFX [MD5.00000000000000000000000000000000] - [10/04/2017 04:35:40] - |D| - [113331980] - C:\Program Files (x86)\Digiarty [MD5.00000000000000000000000000000000] - [04/04/2017 15:26:50] - |AD| - [2349185] - C:\Program Files (x86)\DIY DataRecovery CHK-Mate [MD5.00000000000000000000000000000000] - [09/04/2017 20:27:42] - |D| - [201476117] - C:\Program Files (x86)\Dropbox [MD5.00000000000000000000000000000000] - [11/04/2017 13:32:11] - |D| - [1127981779] - C:\Program Files (x86)\DVDVideoSoft [MD5.00000000000000000000000000000000] - [10/04/2017 03:11:39] - |D| - [2243204] - C:\Program Files (x86)\EgisTec MyWinLockerSuite [MD5.00000000000000000000000000000000] - [01/04/2017 14:55:53] - |AD| - [8845158] - C:\Program Files (x86)\Enigma Virtual Box [MD5.00000000000000000000000000000000] - [09/04/2017 22:23:33] - |D| - [34090961] - C:\Program Files (x86)\FinalWire [MD5.00000000000000000000000000000000] - [02/04/2017 10:03:13] - |AD| - [473658236] - C:\Program Files (x86)\Focusky [MD5.00000000000000000000000000000000] - [03/04/2017 12:34:08] - |D| - [36398277] - C:\Program Files (x86)\Foolish IT [MD5.00000000000000000000000000000000] - [09/04/2017 20:38:21] - |D| - [179368271] - C:\Program Files (x86)\Foxit Software [MD5.00000000000000000000000000000000] - [11/04/2017 14:16:47] - |D| - [8204728] - C:\Program Files (x86)\Free Any Data Recovery [MD5.00000000000000000000000000000000] - [11/04/2017 13:36:42] - |D| - [20641460] - C:\Program Files (x86)\FreeCodecPack [MD5.00000000000000000000000000000000] - [10/04/2017 00:03:23] - |D| - [143578035] - C:\Program Files (x86)\FreeDownloadManager.ORG [MD5.00000000000000000000000000000000] - [11/04/2017 14:16:17] - |D| - [22548833] - C:\Program Files (x86)\Glarysoft [MD5.00000000000000000000000000000000] - [09/04/2017 20:58:20] - |D| - [319440665] - C:\Program Files (x86)\Google [MD5.00000000000000000000000000000000] - [09/04/2017 20:47:49] - |D| - [46002154] - C:\Program Files (x86)\GRETECH [MD5.00000000000000000000000000000000] - [10/04/2017 00:13:08] - |D| - [24331448] - C:\Program Files (x86)\Hard Disk Sentinel [MD5.00000000000000000000000000000000] - [02/04/2017 10:18:37] - |D| - [9253044] - C:\Program Files (x86)\Hard Disk Shield [MD5.00000000000000000000000000000000] - [10/04/2017 00:16:01] - |D| - [4459432] - C:\Program Files (x86)\HD Tune Pro [MD5.00000000000000000000000000000000] - [07/04/2017 08:17:56] - |AD| - [10638379] - C:\Program Files (x86)\Hide My IP 6 [MD5.00000000000000000000000000000000] - [03/04/2017 12:27:59] - |AD| - [380388624] - C:\Program Files (x86)\Icecream PDF Converter [MD5.00000000000000000000000000000000] - [01/04/2017 15:10:27] - |D| - [49257811] - C:\Program Files (x86)\iFunSoft [MD5.00000000000000000000000000000000] - [07/04/2017 12:08:53] - |D| - [80444053] - C:\Program Files (x86)\Innovative Solutions [MD5.00000000000000000000000000000000] - [10/04/2017 01:26:52] - |D| - [18852676] - C:\Program Files (x86)\Intel [MD5.00000000000000000000000000000000] - [07/04/2017 13:05:29] - |D| - [7674016] - C:\Program Files (x86)\JAM Software [MD5.00000000000000000000000000000000] - [10/04/2017 01:34:04] - |D| - [4947584] - C:\Program Files (x86)\KeyScrambler [MD5.00000000000000000000000000000000] - [07/04/2017 12:07:14] - |AD| - [127454568] - C:\Program Files (x86)\Kotobee Author [MD5.00000000000000000000000000000000] - [10/04/2017 01:36:35] - |D| - [28503157] - C:\Program Files (x86)\Laplink [MD5.00000000000000000000000000000000] - [10/04/2017 01:56:05] - |D| - [7409720] - C:\Program Files (x86)\Launch Manager [MD5.00000000000000000000000000000000] - [11/04/2017 14:22:35] - |D| - [31061276] - C:\Program Files (x86)\Lavasoft [MD5.00000000000000000000000000000000] - [10/04/2017 02:00:00] - |D| - [123553452] - C:\Program Files (x86)\Macrium [MD5.00000000000000000000000000000000] - [10/04/2017 02:17:52] - |D| - [6423243] - C:\Program Files (x86)\Microsoft Office [MD5.00000000000000000000000000000000] - [07/04/2017 10:42:08] - |AD| - [97559423] - C:\Program Files (x86)\Mozilla Firefox [MD5.00000000000000000000000000000000] - [07/04/2017 10:42:57] - |D| - [438825] - C:\Program Files (x86)\Mozilla Maintenance Service [MD5.00000000000000000000000000000000] - [08/04/2017 09:47:05] - |D| - [95538666] - C:\Program Files (x86)\Mozilla Thunderbird [MD5.00000000000000000000000000000000] - [10/04/2017 02:23:16] - |D| - [28178074] - C:\Program Files (x86)\MozyHome [MD5.00000000000000000000000000000000] - [10/04/2017 02:24:31] - |D| - [16071403] - C:\Program Files (x86)\MultiCommander [MD5.00000000000000000000000000000000] - [10/04/2017 02:32:14] - |D| - [395885423] - C:\Program Files (x86)\Music Recorder [MD5.00000000000000000000000000000000] - [10/04/2017 03:34:14] - |D| - [58997653] - C:\Program Files (x86)\NeatMP3 Pro [MD5.00000000000000000000000000000000] - [08/04/2017 09:48:55] - |D| - [7121040] - C:\Program Files (x86)\Notepad++ [MD5.00000000000000000000000000000000] - [06/04/2017 11:46:52] - |AD| - [2189091] - C:\Program Files (x86)\Panda USB Vaccine [MD5.00000000000000000000000000000000] - [09/04/2017 21:05:10] - |D| - [7670798] - C:\Program Files (x86)\PowerISO [MD5.00000000000000000000000000000000] - [11/04/2017 14:38:03] - |D| - [8469612] - C:\Program Files (x86)\PRO PC Cleaner [MD5.00000000000000000000000000000000] - [10/04/2017 03:36:57] - |D| - [10735793] - C:\Program Files (x86)\Reason [MD5.00000000000000000000000000000000] - [09/04/2017 21:06:24] - |D| - [5713552] - C:\Program Files (x86)\Recuva [MD5.00000000000000000000000000000000] - [09/04/2017 13:05:14] - |D| - [35148598] - C:\Program Files (x86)\Reg Organizer [MD5.00000000000000000000000000000000] - [04/04/2017 19:43:25] - |AD| - [23823151] - C:\Program Files (x86)\Remo Drive Defrag [MD5.00000000000000000000000000000000] - [04/04/2017 19:44:01] - |AD| - [30795253] - C:\Program Files (x86)\Remo Drive Wipe [MD5.00000000000000000000000000000000] - [04/04/2017 19:46:52] - |AD| - [48791189] - C:\Program Files (x86)\Remo File Eraser 2.0 [MD5.00000000000000000000000000000000] - [11/04/2017 14:21:26] - |D| - [31269591] - C:\Program Files (x86)\Remo Outlook Backup & Migrate [MD5.00000000000000000000000000000000] - [04/04/2017 19:44:28] - |AD| - [28966482] - C:\Program Files (x86)\Remo Privacy Cleaner [MD5.00000000000000000000000000000000] - [11/04/2017 14:25:39] - |D| - [24853078] - C:\Program Files (x86)\Remo Recover Outlook Express [MD5.00000000000000000000000000000000] - [11/04/2017 14:27:37] - |D| - [21449922] - C:\Program Files (x86)\Remo Repair PowerPoint 2.0 [MD5.00000000000000000000000000000000] - [11/04/2017 14:27:59] - |D| - [20989540] - C:\Program Files (x86)\Remo Repair RAR 2.0 [MD5.00000000000000000000000000000000] - [11/04/2017 14:30:09] - |D| - [21199315] - C:\Program Files (x86)\Remo Repair Word 2.0 [MD5.00000000000000000000000000000000] - [11/04/2017 14:30:51] - |D| - [21088682] - C:\Program Files (x86)\Remo Repair ZIP 2.0 [MD5.00000000000000000000000000000000] - [10/04/2017 03:47:29] - |D| - [82474274] - C:\Program Files (x86)\Scadarlia [MD5.00000000000000000000000000000000] - [04/04/2017 15:20:16] - |AD| - [2261315] - C:\Program Files (x86)\ShadowExplorer [MD5.00000000000000000000000000000000] - [10/04/2017 03:59:53] - |D| - [91282230] - C:\Program Files (x86)\Skype [MD5.00000000000000000000000000000000] - [10/04/2017 04:03:39] - |D| - [8129544] - C:\Program Files (x86)\Speccy [MD5.00000000000000000000000000000000] - [09/04/2017 21:07:34] - |D| - [88885532] - C:\Program Files (x86)\TeamViewer [MD5.00000000000000000000000000000000] - [11/04/2017 14:16:53] - |D| - [4385602] - C:\Program Files (x86)\Tenorshare Partition Manager [MD5.00000000000000000000000000000000] - [01/04/2017 14:54:46] - |AD| - [47081924] - C:\Program Files (x86)\The Enigma Protector [MD5.00000000000000000000000000000000] - [04/04/2017 15:21:29] - |AD| - [19542390] - C:\Program Files (x86)\Trojan Remover [MD5.00000000000000000000000000000000] - [08/04/2017 09:10:10] - |D| - [90214877] - C:\Program Files (x86)\TweakBit [MD5.00000000000000000000000000000000] - [10/04/2017 04:04:36] - |D| - [8261960] - C:\Program Files (x86)\uvnc bvba [MD5.00000000000000000000000000000000] - [01/04/2017 07:01:22] - |AD| - [73260302] - C:\Program Files (x86)\VIP Video Converter [MD5.00000000000000000000000000000000] - [11/04/2017 12:56:27] - |D| - [32319556] - C:\Program Files (x86)\VivPDF Editor [MD5.00000000000000000000000000000000] - [10/04/2017 00:29:14] - |D| - [69137709] - C:\Program Files (x86)\Windows Live [MD5.00000000000000000000000000000000] - [10/04/2017 03:36:40] - |D| - [245112] - C:\Program Files (x86)\Windows Live SkyDrive [MD5.00000000000000000000000000000000] - [11/04/2017 14:38:24] - |D| - [19777577] - C:\Program Files (x86)\WinZip Malware Protector [MD5.00000000000000000000000000000000] - [08/04/2017 09:13:50] - |D| - [242941976] - C:\Program Files (x86)\WiPS Golden 2.1 [MD5.00000000000000000000000000000000] - [01/04/2017 07:06:38] - |D| - [238886414] - C:\Program Files (x86)\WonderFox Soft [MD5.00000000000000000000000000000000] - [10/04/2017 04:54:06] - |D| - [11177497] - C:\Program Files (x86)\XnView [MD5.065919847CF1C1C0A1C5F63C488EB54B] - [10/04/2017 05:20:29] - |A| - [33] - C:\WINDOWS\0 [MD5.AC534A6E290E93F668F3E4DDC2A6162D] - [11/04/2017 13:26:51] - |A| - [66] - C:\WINDOWS\ACDSeeVideoStudio.INI [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 05:20:30] - |A| - [0] - C:\WINDOWS\Acer.tag [MD5.00000000000000000000000000000000] - [10/04/2017 05:20:30] - |D| - [0] - C:\WINDOWS\Acronis [MD5.DBD14D0DB0382DFE96D7B5007DDD5ABE] - [10/04/2017 07:50:42] - |A| - [65024] - C:\WINDOWS\bfsvc_FromLFSULTRA-WIDEN.exe [MD5.B2D8816946A324EC51B2FE0A91B8A2DA] - [10/04/2017 07:53:30] - |A| - [67584] - C:\WINDOWS\bootstat_FromLFSULTRA-WIDEN.dat [MD5.9130CCE19B5DB3D2E31F9F789263FC4A] - [04/04/2017 15:54:49] - |A| - [511328] - C:\WINDOWS\capicom.dll [MD5.6FBB766EB79F9EED3684194EEAF838DF] - [10/04/2017 07:53:47] - |A| - [11453] - C:\WINDOWS\ChangeLang_Done.tag [MD5.3A12D0855904754EB55D5A05BD301683] - [10/04/2017 07:53:49] - |A| - [10] - C:\WINDOWS\CSUP.TXT [MD5.00000000000000000000000000000000] - [10/04/2017 08:00:01] - |D| - [254527] - C:\WINDOWS\DeployWinRE2 [MD5.337F31202C81C9DC45F52600F41EF046] - [10/04/2017 08:00:23] - |A| - [14947] - C:\WINDOWS\devices.txt [MD5.3B3E3D81B9F4FAB89AC0B2769ABE17D3] - [10/04/2017 08:33:26] - |A| - [64] - C:\WINDOWS\dm_FromLFSULTRA-WIDEN.dmap [MD5.00000000000000000000000000000000] - [10/04/2017 08:33:36] - |D| - [12505585] - C:\WINDOWS\Downloaded Installations [MD5.ECA34F1D012E988A489B0DD8D5DC9459] - [10/04/2017 08:34:54] - |A| - [76444] - C:\WINDOWS\DPINST.LOG [MD5.E7CCB395344AF1C555C45E55C149A773] - [10/04/2017 08:35:02] - |A| - [361808] - C:\WINDOWS\EMCRI_E.dll [MD5.00000000000000000000000000000000] - [07/04/2017 14:59:55] - |D| - [232127244] - C:\WINDOWS\ERUNT [MD5.40D777B7A95E00593EB1568C68514493] - [10/04/2017 08:39:10] - |A| - [2616320] - C:\WINDOWS\explorer_FromLFSULTRA-WIDEN.exe [MD5.F38B53088F3200BC9B8037DBA400F0AA] - [10/04/2017 08:39:21] - |A| - [113264] - C:\WINDOWS\FixUVC.exe [MD5.F9202335BBA03A02F084FE588564BBF5] - [10/04/2017 09:14:47] - |A| - [13824] - C:\WINDOWS\fveupdate.exe [MD5.2FF3A32F01DF61836FED59D441D8B9DF] - [10/04/2017 09:26:25] - |A| - [497152] - C:\WINDOWS\HelpPane_FromLFSULTRA-WIDEN.exe [MD5.9B90B0C78671A4881D06C91941F6F379] - [10/04/2017 09:26:27] - |A| - [15360] - C:\WINDOWS\hh_FromLFSULTRA-WIDEN.exe [MD5.350B044113729EC96DA7A3CA7012E18F] - [09/04/2017 12:33:02] - |A| - [1160704] - C:\WINDOWS\is-1AFML.exe [MD5.ECF236826427803D37254B15E3033EFC] - [09/04/2017 12:33:02] - |A| - [363] - C:\WINDOWS\is-1AFML.lst [MD5.B0610572F47DD7165EF515858C48C164] - [09/04/2017 12:33:02] - |A| - [11397] - C:\WINDOWS\is-1AFML.msg [MD5.EF3024328398C07DE0BDF35B67ABEC68] - [10/04/2017 11:23:05] - |A| - [172] - C:\WINDOWS\LMv4.UNI [MD5.23AF90D2355D8C83AA4567EF1763B467] - [10/04/2017 11:33:43] - |A| - [43131] - C:\WINDOWS\mib_FromLFSULTRA-WIDEN.bin [MD5.00000000000000000000000000000000] - [04/04/2017 09:24:24] - |D| - [0] - C:\WINDOWS\Minidump [MD5.A8BF8A76DA1BDCAEFB65F2F987BCA8C5] - [10/04/2017 12:37:27] - |A| - [2572] - C:\WINDOWS\MOD01OPK04000H0001.enc [MD5.1162C16DCAF8288ADF7CB74DE472A107] - [10/04/2017 12:37:33] - |A| - [1996] - C:\WINDOWS\MOD01SET00000000MU.enc [MD5.E551DAEAF6F19A8FCFA8E0D689870CD3] - [10/04/2017 12:37:36] - |A| - [2008] - C:\WINDOWS\MOD01SET5K000G0002.enc [MD5.448CA8C1E3F648FFEF53645B511C5F74] - [10/04/2017 12:37:37] - |A| - [2476] - C:\WINDOWS\MOD01SET74FR0H0003.enc [MD5.013985963D7C6010B033A70E452292BA] - [10/04/2017 12:37:37] - |A| - [2048] - C:\WINDOWS\MOD01SET75000H0005.enc [MD5.24D9E3329D9625546EDD7EEB46B33E9A] - [10/04/2017 12:37:42] - |A| - [2168] - C:\WINDOWS\MOD01SET78000G0018.enc [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 02:24:03] - |A| - [0] - C:\WINDOWS\mozy.blk [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 02:24:01] - |A| - [0] - C:\WINDOWS\mozy.flt [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 12:37:46] - |A| - [0] - C:\WINDOWS\mozy_FromLFSULTRA-WIDEN.blk [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 12:37:48] - |A| - [0] - C:\WINDOWS\mozy_FromLFSULTRA-WIDEN.flt [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [10/04/2017 12:37:50] - |A| - [1405] - C:\WINDOWS\msdfmap.ini [MD5.00000000000000000000000000000000] - [10/04/2017 12:37:51] - |D| - [10136198] - C:\WINDOWS\NAPP_Dism_Log [MD5.D0B21C17A8FD3C4D452016AB5E640A58] - [10/04/2017 12:38:05] - |A| - [741] - C:\WINDOWS\NewDeployWinRE.cmd [MD5.D378BFFB70923139D6A4F546864AA61C] - [10/04/2017 12:38:06] - |A| - [179712] - C:\WINDOWS\notepad_FromLFSULTRA-WIDEN.exe [MD5.A5EA3AA8C2560F63BEB7D1E6485AE349] - [10/04/2017 12:38:07] - |A| - [247078] - C:\WINDOWS\ntbtlog.txt [MD5.00000000000000000000000000000000] - [10/04/2017 12:38:11] - |D| - [229807] - C:\WINDOWS\oem [MD5.00000000000000000000000000000000] - [10/04/2017 12:38:38] - |D| - [499712] - C:\WINDOWS\OEMTemp [MD5.00000000000000000000000000000000] - [10/04/2017 12:38:46] - |D| - [0] - C:\WINDOWS\Options [MD5.ACA81BF682ED2907FCEDF4A359BB8E1B] - [10/04/2017 12:39:31] - |A| - [70] - C:\WINDOWS\patch.loag [MD5.00000000000000000000000000000000] - [10/04/2017 12:39:44] - |D| - [0] - C:\WINDOWS\PCHEALTH [MD5.B3BE42CCD62BA0C789999A1201A4102B] - [07/04/2017 14:11:12] - |A| - [32140] - C:\WINDOWS\PFRO.log [MD5.84085E1A909CD14B485019946C8C1C09] - [10/04/2017 12:41:29] - |A| - [13040] - C:\WINDOWS\PFRO_FromLFSULTRA-WIDEN.log [MD5.D94E3AAACFA67F587BAAC5A97B911157] - [10/04/2017 12:41:31] - |A| - [378] - C:\WINDOWS\PidList.ini [MD5.C4929C7C4BE57AF744E315B239F61F07] - [10/04/2017 12:41:33] - |A| - [302] - C:\WINDOWS\PidList_C.ini [MD5.EADCEB89DD46DA2A5560CA2AF016A6A6] - [10/04/2017 12:42:37] - |A| - [206208] - C:\WINDOWS\PLFSetI.exe [MD5.DEA325B8099A1F8D62A0B15471BF849B] - [10/04/2017 12:42:39] - |A| - [99712] - C:\WINDOWS\PLFSetL.exe [MD5.8A4883F5E7AC37444F23279239553878] - [10/04/2017 12:46:11] - |A| - [398336] - C:\WINDOWS\regedit_FromLFSULTRA-WIDEN.exe [MD5.C8717886B101DFEF52EBC243C1706801] - [10/04/2017 12:47:10] - |A| - [1251944] - C:\WINDOWS\RtlExUpd.dll [MD5.51424C0E059FF355132B2014C67086BC] - [10/04/2017 14:15:42] - |A| - [6120] - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 14:15:42] - |A| - [0] - C:\WINDOWS\setuperr.log [MD5.0D0D3F885589CDEA678C3B17ABB70DC7] - [10/04/2017 14:15:42] - |A| - [117848] - C:\WINDOWS\SleeN1964.sys [MD5.681A54D355E577A934AB532CD997FBF8] - [10/04/2017 14:15:43] - |A| - [30080] - C:\WINDOWS\snuvcdsm.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [10/04/2017 14:17:05] - |A| - [48201] - C:\WINDOWS\Starter.xml [MD5.93C96478B0D5B27B979E0E3AB0802C77] - [10/04/2017 14:17:15] - |A| - [75184] - C:\WINDOWS\suite.vssMgr_FromLFSULTRA-WIDEN.exe [MD5.286A9EDB379DC3423A528B0864A0F111] - [10/04/2017 14:19:01] - |A| - [219] - C:\WINDOWS\system_FromLFSULTRA-WIDEN.ini [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/04/2017 18:05:00] - |A| - [94784] - C:\WINDOWS\twain.dll [MD5.163A95975E1D8819E653AA3E961371CA] - [10/04/2017 18:05:03] - |A| - [51200] - C:\WINDOWS\twain_32_FromLFSULTRA-WIDEN.dll [MD5.F36A271706EDD23C94956AFB56981184] - [10/04/2017 18:05:03] - |A| - [49680] - C:\WINDOWS\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [10/04/2017 18:05:03] - |A| - [31232] - C:\WINDOWS\twunk_32.exe [MD5.B38882E54F783A2C37946C27091DC8B4] - [10/04/2017 01:59:41] - |A| - [349776] - C:\WINDOWS\UNINSTLMv4.EXE [MD5.B38882E54F783A2C37946C27091DC8B4] - [10/04/2017 18:05:04] - |A| - [349776] - C:\WINDOWS\UNINSTLMv4_FromLFSULTRA-WIDEN.EXE [MD5.93C96478B0D5B27B979E0E3AB0802C77] - [10/04/2017 18:05:06] - |A| - [75184] - C:\WINDOWS\vssMgr_FromLFSULTRA-WIDEN.exe [MD5.F76DEE9336B452A6766717B9A6F683DB] - [11/04/2017 13:58:49] - |A| - [2648] - C:\WINDOWS\W7Patcher_x64_Uninstall.log [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [10/04/2017 18:05:09] - |A| - [749] - C:\WINDOWS\WindowsShell_FromLFSULTRA-WIDEN.Manifest [MD5.8E6F7D51A5CB299C25621C6C1AB57E84] - [10/04/2017 18:05:10] - |A| - [256192] - C:\WINDOWS\winhelp.exe [MD5.1D420D66250BCAAAED05724FB34008CF] - [10/04/2017 18:05:10] - |A| - [9728] - C:\WINDOWS\winhlp32_FromLFSULTRA-WIDEN.exe [MD5.493B0475FC8D452615E19751C4699CCA] - [10/04/2017 18:05:09] - |A| - [429] - C:\WINDOWS\win_FromLFSULTRA-WIDEN.ini [MD5.360A166B4DD11DFD897F73F5410FDEE2] - [10/04/2017 01:23:22] - |A| - [307056] - C:\WINDOWS\WLXPGSS.SCR [MD5.360A166B4DD11DFD897F73F5410FDEE2] - [11/04/2017 02:13:00] - |A| - [307056] - C:\WINDOWS\WLXPGSS_FromLFSULTRA-WIDEN.SCR [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [11/04/2017 02:13:00] - |A| - [316640] - C:\WINDOWS\WMSysPr9_FromLFSULTRA-WIDEN.prx [MD5.6E8EACC0B339365D79A2C06896865D3D] - [11/04/2017 02:13:02] - |A| - [9216] - C:\WINDOWS\write_FromLFSULTRA-WIDEN.exe [MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - [11/04/2017 02:13:02] - |A| - [20] - C:\WINDOWS\xö“ [MD5.E14135AE32D0589B4284EBC6A3BED259] - [08/04/2017 10:36:49] - |A| - [273623] - C:\WINDOWS\ZAM.krnl.trace [MD5.EEFBB2C5F309A4F4EBA50E31346B1460] - [08/04/2017 10:36:49] - |A| - [238336] - C:\WINDOWS\ZAM_Guard.krnl.trace [MD5.B317B33694BAC49D492DD3F23E374899] - [11/04/2017 02:13:02] - |A| - [707] - C:\WINDOWS\_default.pif [MD5.53469825D1D7D91269D3C7E5190E8A01] - [09/04/2017 23:51:58] - |A| - [51609600] - C:\WINDOWS\Installer\13257c2.msi [MD5.53469825D1D7D91269D3C7E5190E8A01] - [10/04/2017 10:59:46] - |A| - [51609600] - C:\WINDOWS\Installer\13257c2_FromLFSULTRA-WIDEN.msi [MD5.A418C4180BCF919F72CB7475E106D92A] - [10/04/2017 02:16:10] - |A| - [933888] - C:\WINDOWS\Installer\13c4d9.msi [MD5.A418C4180BCF919F72CB7475E106D92A] - [10/04/2017 10:59:53] - |A| - [933888] - C:\WINDOWS\Installer\13c4d9_FromLFSULTRA-WIDEN.msi [MD5.E63E80B688F3C7D8F3156569CE1DFC5E] - [10/04/2017 10:59:58] - |A| - [625152] - C:\WINDOWS\Installer\13ccf3.msi [MD5.1E6A321B81FFCE650DE6605BC9321FF6] - [10/04/2017 02:17:52] - |A| - [2376704] - C:\WINDOWS\Installer\13cd0c.msi [MD5.1E6A321B81FFCE650DE6605BC9321FF6] - [10/04/2017 11:00:10] - |A| - [2376704] - C:\WINDOWS\Installer\13cd0c_FromLFSULTRA-WIDEN.msi [MD5.57677B56DBD1D07BE20109ED5C2CD577] - [10/04/2017 11:00:25] - |A| - [1850368] - C:\WINDOWS\Installer\13cd11.msi [MD5.81D609961224F3FFDD305EEA1FC119FA] - [10/04/2017 11:00:39] - |A| - [1898496] - C:\WINDOWS\Installer\13cd16.msi [MD5.31C66D78361D982CD032421BE1C7DB3D] - [10/04/2017 01:25:14] - |A| - [961024] - C:\WINDOWS\Installer\13cd1b.msi [MD5.31C66D78361D982CD032421BE1C7DB3D] - [10/04/2017 11:00:48] - |A| - [961024] - C:\WINDOWS\Installer\13cd1b_FromLFSULTRA-WIDEN.msi [MD5.3510DE9F00CF96FA55252FFC79374C36] - [10/04/2017 11:00:58] - |A| - [925696] - C:\WINDOWS\Installer\13cd20.msi [MD5.D57069ADCBBCFDAE4A2361419BE2EFE6] - [10/04/2017 03:36:40] - |A| - [330752] - C:\WINDOWS\Installer\13cd25.msi [MD5.D57069ADCBBCFDAE4A2361419BE2EFE6] - [10/04/2017 11:01:06] - |A| - [330752] - C:\WINDOWS\Installer\13cd25_FromLFSULTRA-WIDEN.msi [MD5.2A494FADC846B6DAE0B9B606C6A4F9A8] - [09/04/2017 23:18:33] - |A| - [918016] - C:\WINDOWS\Installer\13cd2a.msi [MD5.2A494FADC846B6DAE0B9B606C6A4F9A8] - [10/04/2017 11:01:06] - |A| - [918016] - C:\WINDOWS\Installer\13cd2a_FromLFSULTRA-WIDEN.msi [MD5.73FDB48945C19F516C8A734C7E9F9A35] - [10/04/2017 01:25:17] - |A| - [740352] - C:\WINDOWS\Installer\13cd2f.msi [MD5.73FDB48945C19F516C8A734C7E9F9A35] - [10/04/2017 11:01:08] - |A| - [740352] - C:\WINDOWS\Installer\13cd2f_FromLFSULTRA-WIDEN.msi [MD5.2BDBEB19867610EA1D42E832FBDFCE5E] - [10/04/2017 11:01:09] - |A| - [240128] - C:\WINDOWS\Installer\13cd34.msi [MD5.56D1CB2F5F047FFEC4D0ED0F400112DD] - [10/04/2017 01:24:18] - |A| - [25180160] - C:\WINDOWS\Installer\13cd3a.msi [MD5.56D1CB2F5F047FFEC4D0ED0F400112DD] - [10/04/2017 11:01:11] - |A| - [25180160] - C:\WINDOWS\Installer\13cd3a_FromLFSULTRA-WIDEN.msi [MD5.AF16F92AB877D9900713408F16FD4295] - [10/04/2017 11:01:18] - |A| - [3279872] - C:\WINDOWS\Installer\13cd3f.msi [MD5.C035B887D374118F1E90A0CF3E799A7B] - [10/04/2017 01:24:18] - |A| - [15383040] - C:\WINDOWS\Installer\13cd44.msi [MD5.C035B887D374118F1E90A0CF3E799A7B] - [10/04/2017 11:01:36] - |A| - [15383040] - C:\WINDOWS\Installer\13cd44_FromLFSULTRA-WIDEN.msi [MD5.54854BAC91E616BF8F71184C05AD0355] - [10/04/2017 02:21:44] - |A| - [1819136] - C:\WINDOWS\Installer\13cd49.msi [MD5.54854BAC91E616BF8F71184C05AD0355] - [10/04/2017 11:01:59] - |A| - [1819136] - C:\WINDOWS\Installer\13cd49_FromLFSULTRA-WIDEN.msi [MD5.638ECBB737087D5C11EE99BB87FE0D3B] - [10/04/2017 04:35:17] - |A| - [1475584] - C:\WINDOWS\Installer\13cd4e.msi [MD5.638ECBB737087D5C11EE99BB87FE0D3B] - [10/04/2017 11:02:05] - |A| - [1475584] - C:\WINDOWS\Installer\13cd4e_FromLFSULTRA-WIDEN.msi [MD5.5822D0961356F5A1E648DFFE230D2CB4] - [10/04/2017 01:24:53] - |A| - [18759168] - C:\WINDOWS\Installer\13cd53.msi [MD5.5822D0961356F5A1E648DFFE230D2CB4] - [10/04/2017 11:02:11] - |A| - [18759168] - C:\WINDOWS\Installer\13cd53_FromLFSULTRA-WIDEN.msi [MD5.F121051B75169FD203D30C5A30335EFF] - [10/04/2017 01:24:02] - |A| - [6799872] - C:\WINDOWS\Installer\13cd59.msi [MD5.F121051B75169FD203D30C5A30335EFF] - [10/04/2017 11:02:19] - |A| - [6799872] - C:\WINDOWS\Installer\13cd59_FromLFSULTRA-WIDEN.msi [MD5.796AAAC87239743AC7D7A63570FEA9A4] - [10/04/2017 01:24:03] - |A| - [7321600] - C:\WINDOWS\Installer\13cd5e.msi [MD5.796AAAC87239743AC7D7A63570FEA9A4] - [10/04/2017 11:02:35] - |A| - [7321600] - C:\WINDOWS\Installer\13cd5e_FromLFSULTRA-WIDEN.msi [MD5.A65CB434A310B69BE9CECED30754007F] - [10/04/2017 02:02:48] - |A| - [41943040] - C:\WINDOWS\Installer\20566370.msi [MD5.A65CB434A310B69BE9CECED30754007F] - [10/04/2017 11:02:46] - |A| - [41943040] - C:\WINDOWS\Installer\20566370_FromLFSULTRA-WIDEN.msi [MD5.1170434D7324228BE3A258CBE60A5033] - [10/04/2017 03:59:53] - |A| - [44486656] - C:\WINDOWS\Installer\236064b.msi [MD5.1170434D7324228BE3A258CBE60A5033] - [10/04/2017 11:02:52] - |A| - [44486656] - C:\WINDOWS\Installer\236064b_FromLFSULTRA-WIDEN.msi [MD5.23B97F4BEDD554D3F629B60637AFC936] - [09/04/2017 21:46:23] - |A| - [2792960] - C:\WINDOWS\Installer\2416289.msi [MD5.23B97F4BEDD554D3F629B60637AFC936] - [10/04/2017 11:03:06] - |A| - [2792960] - C:\WINDOWS\Installer\2416289_FromLFSULTRA-WIDEN.msi [MD5.AEEED5F2BB5ED9A586D1FC293387AF32] - [10/04/2017 11:03:34] - |A| - [77639680] - C:\WINDOWS\Installer\241628a.msp [MD5.AB497D44C289DAF5BC05EA65F57B7DF8] - [10/04/2017 02:23:16] - |A| - [1736704] - C:\WINDOWS\Installer\2416293.msi [MD5.AB497D44C289DAF5BC05EA65F57B7DF8] - [10/04/2017 11:04:38] - |A| - [1736704] - C:\WINDOWS\Installer\2416293_FromLFSULTRA-WIDEN.msi [MD5.4A17F9353769A5A78126266967182591] - [10/04/2017 11:04:49] - |A| - [25600] - C:\WINDOWS\Installer\27bce3b.msi [MD5.3BE73FF030747C74C804A38BAAD60A44] - [10/04/2017 11:04:55] - |A| - [40960] - C:\WINDOWS\Installer\27bce4f.msi [MD5.3FF9ACEA77AFC124BE8454269BB7143F] - [10/04/2017 11:05:05] - |A| - [163840] - C:\WINDOWS\Installer\2a078.msi [MD5.990A236C7EBF5D46024672B9F2FB4F8E] - [09/04/2017 21:41:07] - |A| - [35278848] - C:\WINDOWS\Installer\34edd9.msi [MD5.990A236C7EBF5D46024672B9F2FB4F8E] - [10/04/2017 11:05:12] - |A| - [35278848] - C:\WINDOWS\Installer\34edd9_FromLFSULTRA-WIDEN.msi [MD5.8A9053F3E730DEE376BE8834A5CE53EB] - [09/04/2017 23:42:35] - |A| - [112336896] - C:\WINDOWS\Installer\34ede2.msi [MD5.8A9053F3E730DEE376BE8834A5CE53EB] - [10/04/2017 11:05:42] - |A| - [112336896] - C:\WINDOWS\Installer\34ede2_FromLFSULTRA-WIDEN.msi [MD5.CE58316595A1E008AD322E904B89F06A] - [10/04/2017 11:06:34] - |A| - [151552] - C:\WINDOWS\Installer\3aa29.msi [MD5.68F58371E9663E5350183599007E707E] - [10/04/2017 11:06:46] - |A| - [151552] - C:\WINDOWS\Installer\3aa43.msi [MD5.F57F2B8E2D037E7C9F8B5464537A9F93] - [10/04/2017 11:06:56] - |A| - [147456] - C:\WINDOWS\Installer\3aa5c.msi [MD5.A47C1F93384429A4CD462F1B1A70FD47] - [10/04/2017 11:07:05] - |A| - [143360] - C:\WINDOWS\Installer\3aa62.msi [MD5.C555B7BE179B1E472AE5E946BA5B3066] - [10/04/2017 11:07:14] - |A| - [12495872] - C:\WINDOWS\Installer\3c5f1.msi [MD5.8956484156E3A4DFF1DD9E365EF30C97] - [10/04/2017 11:07:40] - |A| - [3428352] - C:\WINDOWS\Installer\4550057.msi [MD5.FCE771024E39E1950EE665A5C6FE7689] - [10/04/2017 11:07:51] - |A| - [41984] - C:\WINDOWS\Installer\7ccd4.msi [MD5.F22ADBEF621426EB50E8F42BE733F53C] - [10/04/2017 11:08:03] - |A| - [7555072] - C:\WINDOWS\Installer\7ccda.msp [MD5.6E17361F8E53B47656BCF0ED90ADE095] - [10/04/2017 11:08:23] - |A| - [232960] - C:\WINDOWS\Installer\7ccdf.msi [MD5.9FD08D11364F56C4DB1EBA4C65191CEC] - [10/04/2017 03:32:52] - |A| - [58998784] - C:\WINDOWS\Installer\7cce4.msi [MD5.9FD08D11364F56C4DB1EBA4C65191CEC] - [10/04/2017 11:08:30] - |A| - [58998784] - C:\WINDOWS\Installer\7cce4_FromLFSULTRA-WIDEN.msi [MD5.B8C9111399484FBF81E5F4C7D04AB8AF] - [10/04/2017 11:09:02] - |A| - [35421984] - C:\WINDOWS\Installer\7ccea.msi [MD5.45C7EF7FF8E87EA3856AC919ABD36DC9] - [10/04/2017 11:09:30] - |A| - [11447808] - C:\WINDOWS\Installer\7cd19.msi [MD5.862598186405E18F74E20D856631A657] - [09/04/2017 22:23:15] - |A| - [29696] - C:\WINDOWS\Installer\7cd2a.msi [MD5.862598186405E18F74E20D856631A657] - [10/04/2017 11:10:26] - |A| - [29696] - C:\WINDOWS\Installer\7cd2a_FromLFSULTRA-WIDEN.msi [MD5.C714313C5B319707475D6CF852249231] - [09/04/2017 21:19:52] - |A| - [20480] - C:\WINDOWS\Installer\7cd2f.msi [MD5.C714313C5B319707475D6CF852249231] - [10/04/2017 11:10:36] - |A| - [20480] - C:\WINDOWS\Installer\7cd2f_FromLFSULTRA-WIDEN.msi [MD5.C1C23E3A09161DE34D458B256C8D1034] - [10/04/2017 01:36:35] - |A| - [22010880] - C:\WINDOWS\Installer\b82726.msi [MD5.C1C23E3A09161DE34D458B256C8D1034] - [10/04/2017 11:10:36] - |A| - [22010880] - C:\WINDOWS\Installer\b82726_FromLFSULTRA-WIDEN.msi [MD5.E3E632C282F2B368BCA82AACB80ACEAF] - [10/04/2017 11:10:50] - |A| - [143360] - C:\WINDOWS\Installer\b8272c.msi [MD5.D0A78FCAC0B92A149FE51C76371C989A] - [10/04/2017 11:10:59] - |A| - [143360] - C:\WINDOWS\Installer\b82732.msi [MD5.7E641E6A0B456271745C20C3BB8A18F9] - [10/04/2017 11:11:07] - |A| - [227328] - C:\WINDOWS\Installer\d675b6.msi [MD5.13A521D7D26D5CBD37BCD2D79E42D18C] - [10/04/2017 02:32:14] - |A| - [2852352] - C:\WINDOWS\Installer\d675bc.msi [MD5.13A521D7D26D5CBD37BCD2D79E42D18C] - [10/04/2017 11:11:10] - |A| - [2852352] - C:\WINDOWS\Installer\d675bc_FromLFSULTRA-WIDEN.msi [MD5.BBB2A3B11AE15A93E2D1A9571D212423] - [10/04/2017 11:11:15] - |A| - [45367296] - C:\WINDOWS\Installer\f352e81.msp [MD5.79AE4D699F0EB58D952305B68751BA64] - [10/04/2017 11:11:19] - |A| - [122729917] - C:\WINDOWS\Installer\pe3x86.zip [MD5.A65CB434A310B69BE9CECED30754007F] - [10/04/2017 11:11:55] - |A| - [41943040] - C:\WINDOWS\Installer\reflect_setupv6.3.1665-x86-00.msi [MD5.3EAE76A4D3B7F5EB22135311AA2C09E9] - [03/04/2017 10:25:12] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{402ED4A1-8F5B-387A-8688-997ABF58B8F2} [MD5.8D94952CC9B1F097A0F3721E12AB8C78] - [03/04/2017 10:25:48] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{6BF9F374-EC67-4808-A90C-F127DE6D989D} [MD5.3BAE853B9EF88D2E07E11C3C4EAB725B] - [01/04/2017 07:34:53] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{7BAC3F7A-B963-468E-982E-B5608A87408D} [MD5.00000000000000000000000000000000] - [10/04/2017 11:13:39] - |D| - [0] - C:\WINDOWS\Installer\{04833277-EE61-4251-9273-0CF86C0FE710} [MD5.00000000000000000000000000000000] - [10/04/2017 11:13:43] - |D| - [764030] - C:\WINDOWS\Installer\{0643B1BB-6D9E-4347-9D4B-7E3304E55774} [MD5.00000000000000000000000000000000] - [10/04/2017 11:14:00] - |D| - [0] - C:\WINDOWS\Installer\{0BC63E80-F9DE-40B2-AE07-EFAD9C82E06E} [MD5.00000000000000000000000000000000] - [09/04/2017 21:41:04] - |D| - [575868] - C:\WINDOWS\Installer\{0BFB76C9-9A5B-4C12-A2FF-9ED9640F1436} [MD5.00000000000000000000000000000000] - [10/04/2017 11:14:23] - |D| - [2075648] - C:\WINDOWS\Installer\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768} [MD5.00000000000000000000000000000000] - [10/04/2017 11:15:53] - |D| - [764030] - C:\WINDOWS\Installer\{1344ED2B-1451-41B1-A21E-F0D7126AC6F1} [MD5.00000000000000000000000000000000] - [10/04/2017 11:16:01] - |D| - [344372] - C:\WINDOWS\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA} [MD5.00000000000000000000000000000000] - [10/04/2017 11:16:30] - |D| - [0] - C:\WINDOWS\Installer\{18F14F4B-D8A9-4309-817E-3BC0B7664E53} [MD5.00000000000000000000000000000000] - [10/04/2017 11:16:32] - |D| - [0] - C:\WINDOWS\Installer\{1B932032-73EB-4E1B-99F6-1541DEFD631A} [MD5.00000000000000000000000000000000] - [10/04/2017 11:16:36] - |D| - [0] - C:\WINDOWS\Installer\{1EBC6C6F-7D31-4897-B241-DC7052F3E7A5} [MD5.00000000000000000000000000000000] - [10/04/2017 01:23:29] - |D| - [264192] - C:\WINDOWS\Installer\{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9} [MD5.00000000000000000000000000000000] - [10/04/2017 03:36:43] - |D| - [146184] - C:\WINDOWS\Installer\{205C6BDD-7B73-42DE-8505-9A093F35A238} [MD5.00000000000000000000000000000000] - [10/04/2017 11:16:54] - |D| - [764030] - C:\WINDOWS\Installer\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6} [MD5.00000000000000000000000000000000] - [10/04/2017 11:16:58] - |D| - [764030] - C:\WINDOWS\Installer\{2B19920B-4D3C-4703-AC10-C1D3540B826C} [MD5.00000000000000000000000000000000] - [10/04/2017 01:54:54] - |D| - [1105218] - C:\WINDOWS\Installer\{2B2E26CD-10BC-40EE-9101-012818950369} [MD5.00000000000000000000000000000000] - [10/04/2017 11:17:14] - |D| - [764030] - C:\WINDOWS\Installer\{32C58C6E-00CB-4AB9-B8AB-5140015BF7E2} [MD5.00000000000000000000000000000000] - [10/04/2017 11:17:16] - |D| - [0] - C:\WINDOWS\Installer\{367D1EA4-24FD-402F-AFF0-08A678D2EE28} [MD5.00000000000000000000000000000000] - [10/04/2017 11:17:17] - |D| - [0] - C:\WINDOWS\Installer\{37AD632E-994D-4944-B57D-A80852BCB96D} [MD5.00000000000000000000000000000000] - [10/04/2017 11:17:18] - |D| - [0] - C:\WINDOWS\Installer\{38F898C8-272F-455F-9BD6-71FEBA3E4AF5} [MD5.00000000000000000000000000000000] - [10/04/2017 04:03:17] - |D| - [287224] - C:\WINDOWS\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431} [MD5.00000000000000000000000000000000] - [10/04/2017 00:34:06] - |D| - [160790] - C:\WINDOWS\Installer\{445B183D-F4F1-45C8-B9DB-F11355CA657B} [MD5.00000000000000000000000000000000] - [10/04/2017 11:17:23] - |D| - [764030] - C:\WINDOWS\Installer\{44D61840-8ADD-4B39-83A9-31A9261A9AF5} [MD5.00000000000000000000000000000000] - [10/04/2017 00:33:57] - |D| - [118370] - C:\WINDOWS\Installer\{4634B21A-CC07-4396-890C-2B8168661FEA} [MD5.00000000000000000000000000000000] - [10/04/2017 11:17:28] - |D| - [0] - C:\WINDOWS\Installer\{4A2E7C9C-9066-485F-951F-CC266F89FC5C} [MD5.00000000000000000000000000000000] - [10/04/2017 11:17:28] - |D| - [0] - C:\WINDOWS\Installer\{4C5D0B6A-944A-47A6-A2F3-BCB58E05CA5D} [MD5.00000000000000000000000000000000] - [10/04/2017 11:17:29] - |D| - [0] - C:\WINDOWS\Installer\{4EAB2511-0135-48CA-A47B-CE1E6836793A} [MD5.00000000000000000000000000000000] - [10/04/2017 11:17:30] - |D| - [430998] - C:\WINDOWS\Installer\{523281E5-91DD-49F5-9D85-954148F7596A} [MD5.00000000000000000000000000000000] - [10/04/2017 11:17:39] - |D| - [764030] - C:\WINDOWS\Installer\{526BEC6C-CF3B-4ED3-B4F5-BC83126E8ECC} [MD5.00000000000000000000000000000000] - [10/04/2017 00:33:57] - |D| - [117890] - C:\WINDOWS\Installer\{5DD76286-9BE7-4894-A990-E905E91AC818} [MD5.00000000000000000000000000000000] - [10/04/2017 11:17:47] - |D| - [764030] - C:\WINDOWS\Installer\{6722E66F-5738-4607-A910-6BFAC47A71EF} [MD5.00000000000000000000000000000000] - [10/04/2017 11:17:53] - |D| - [764030] - C:\WINDOWS\Installer\{675B19A5-8739-4937-9345-4FE87071063D} [MD5.00000000000000000000000000000000] - [09/04/2017 23:31:02] - |D| - [1528060] - C:\WINDOWS\Installer\{67DA4459-33A8-4E69-9C7B-FB5CBADA60AB} [MD5.00000000000000000000000000000000] - [10/04/2017 11:18:00] - |D| - [0] - C:\WINDOWS\Installer\{68BE8BAB-5375-4C99-9116-1808F5968D40} [MD5.00000000000000000000000000000000] - [03/04/2017 10:26:18] - |D| - [1278016] - C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D} [MD5.00000000000000000000000000000000] - [10/04/2017 11:18:02] - |D| - [0] - C:\WINDOWS\Installer\{73830292-868E-4C82-9AF5-CCFE2047B6A3} [MD5.00000000000000000000000000000000] - [10/04/2017 03:13:38] - |D| - [4137984] - C:\WINDOWS\Installer\{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE} [MD5.00000000000000000000000000000000] - [10/04/2017 11:19:15] - |D| - [0] - C:\WINDOWS\Installer\{73D4C081-72C2-4C3B-A8CC-BE86DC7A503D} [MD5.00000000000000000000000000000000] - [10/04/2017 04:35:21] - |D| - [59852] - C:\WINDOWS\Installer\{76810709-A7D3-468D-9167-A1780C1E766C} [MD5.00000000000000000000000000000000] - [10/04/2017 11:19:27] - |D| - [0] - C:\WINDOWS\Installer\{7B1A9CD1-B552-4FA7-BBC1-EDDEAB8855A7} [MD5.00000000000000000000000000000000] - [01/04/2017 07:35:01] - |D| - [50659] - C:\WINDOWS\Installer\{7BAC3F7A-B963-468E-982E-B5608A87408D} [MD5.00000000000000000000000000000000] - [03/04/2017 10:22:22] - |D| - [72888] - C:\WINDOWS\Installer\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3} [MD5.00000000000000000000000000000000] - [10/04/2017 02:02:34] - |D| - [1330994] - C:\WINDOWS\Installer\{94572F25-AB01-4EF7-A1FB-60A35C984F4F} [MD5.00000000000000000000000000000000] - [10/04/2017 02:21:14] - |D| - [317120] - C:\WINDOWS\Installer\{95140000-0070-0000-0000-0000000FF1CE} [MD5.00000000000000000000000000000000] - [10/04/2017 11:20:31] - |D| - [0] - C:\WINDOWS\Installer\{A305217D-C8FC-46D3-B9E3-054B707B4E62} [MD5.00000000000000000000000000000000] - [10/04/2017 11:20:32] - |D| - [764030] - C:\WINDOWS\Installer\{A31AE1D9-3F25-4400-AAA1-F7C5BD2F4DAA} [MD5.00000000000000000000000000000000] - [09/04/2017 21:54:20] - |D| - [2506752] - C:\WINDOWS\Installer\{AC76BA86-7AD7-1033-7B44-AC0F074E4100} [MD5.00000000000000000000000000000000] - [10/04/2017 11:20:53] - |D| - [764030] - C:\WINDOWS\Installer\{ACA99CF0-1ADE-4EA6-AFC6-6303A4E91C59} [MD5.00000000000000000000000000000000] - [10/04/2017 11:20:59] - |D| - [0] - C:\WINDOWS\Installer\{B2DECE02-55B2-4D70-958A-D9207DB27D3B} [MD5.00000000000000000000000000000000] - [10/04/2017 11:21:00] - |D| - [61272] - C:\WINDOWS\Installer\{B3B487E7-6171-4376-9074-B28082CEB504} [MD5.00000000000000000000000000000000] - [10/04/2017 11:21:03] - |D| - [764030] - C:\WINDOWS\Installer\{B73C6D26-9102-4F2A-A1FB-777AE8DD08E3} [MD5.00000000000000000000000000000000] - [10/04/2017 11:21:12] - |D| - [764030] - C:\WINDOWS\Installer\{BCC0552D-76C0-4130-BFBD-49BE49ACC594} [MD5.00000000000000000000000000000000] - [10/04/2017 11:21:15] - |D| - [331264] - C:\WINDOWS\Installer\{C2695E83-CF1D-43D1-84FE-B3BEC561012A} [MD5.00000000000000000000000000000000] - [10/04/2017 11:21:39] - |D| - [0] - C:\WINDOWS\Installer\{C7C71F0C-4CC1-4B17-943C-96E5196DDA74} [MD5.00000000000000000000000000000000] - [10/04/2017 11:21:44] - |D| - [0] - C:\WINDOWS\Installer\{CC6B1BB4-4E06-4A5B-A166-B371B551324B} [MD5.00000000000000000000000000000000] - [10/04/2017 11:21:46] - |D| - [7688880] - C:\WINDOWS\Installer\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA405760} [MD5.00000000000000000000000000000000] - [09/04/2017 23:51:39] - |D| - [15666430] - C:\WINDOWS\Installer\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA413851} [MD5.00000000000000000000000000000000] - [10/04/2017 11:22:06] - |D| - [0] - C:\WINDOWS\Installer\{D6AB1F5B-FED6-49a9-9747-327BD28FB3C7} [MD5.00000000000000000000000000000000] - [10/04/2017 11:22:07] - |D| - [764030] - C:\WINDOWS\Installer\{DAC390BA-1387-4DF8-A9BC-683E81E77E86} [MD5.00000000000000000000000000000000] - [10/04/2017 11:22:10] - |D| - [0] - C:\WINDOWS\Installer\{DAE39927-6F98-4122-A3D2-AC16A5B0E52F} [MD5.00000000000000000000000000000000] - [09/04/2017 23:18:44] - |D| - [59852] - C:\WINDOWS\Installer\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7} [MD5.00000000000000000000000000000000] - [10/04/2017 02:24:05] - |D| - [65612] - C:\WINDOWS\Installer\{DE981FCC-3A54-FCC2-6566-F23C3901D7D2} [MD5.00000000000000000000000000000000] - [10/04/2017 11:22:19] - |D| - [764030] - C:\WINDOWS\Installer\{E160B991-8E1F-49F9-BD41-84A49DBBB149} [MD5.00000000000000000000000000000000] - [10/04/2017 11:22:20] - |D| - [0] - C:\WINDOWS\Installer\{EC925096-5689-4BE3-B675-D16D0394B4A0} [MD5.00000000000000000000000000000000] - [10/04/2017 11:22:22] - |D| - [0] - C:\WINDOWS\Installer\{EF478DD2-1CD0-412F-B006-06AC204385D3} [MD5.00000000000000000000000000000000] - [10/04/2017 02:22:01] - |D| - [18124] - C:\WINDOWS\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} [MD5.00000000000000000000000000000000] - [10/04/2017 11:22:26] - |D| - [815761] - C:\WINDOWS\Installer\{F1F805B8-92AC-4EEF-8CCE-4538F6EBEBA0} [MD5.00000000000000000000000000000000] - [10/04/2017 11:22:33] - |D| - [0] - C:\WINDOWS\Installer\{FD8E178D-8B4E-42DA-B434-EFF270329B1C} [MD5.C69C4A1EF5920EFBBA21E3F759427517] - [07/04/2017 15:44:13] - |A| - [250] - C:\WINDOWS\system32\debug.log [MD5.DFBDC24417B2EDE6513F5570E6CD24C8] - [01/04/2017 07:50:37] - |A| - [26304] - C:\WINDOWS\system32\fbnative.exe [MD5.94D0DF7FE76A8220F2B807F5F1ECC48E] - [08/04/2017 10:36:56] - |A| - [197832] - C:\WINDOWS\system32\FNTCACHE.DAT [MD5.1474EE82605D16B57AD43130B09AD8D0] - [07/04/2017 08:18:15] - |A| - [475136] - C:\WINDOWS\system32\HMIPCore64.dll [MD5.726D06C5F820F84BB65E673A998EF41A] - [06/04/2017 12:51:20] - |A| - [46460928] - C:\WINDOWS\system32\imageres.dll [MD5.1BD31AF098E9E4A4A48D2ECFF0A12F30] - [07/04/2017 12:07:40] - |A| - [514560] - C:\WINDOWS\system32\pdfinfo.exe [MD5.1FEFCBFFE96D2C5EE074AAE27846C30E] - [07/04/2017 12:07:40] - |A| - [552448] - C:\WINDOWS\system32\pdftotext.exe [MD5.166CDCF1CA92579C051BCA8C5C13C3FB] - [11/04/2017 14:17:32] - |A| - [12800104] - C:\WINDOWS\system32\rsror64.dll [MD5.F7BAB6656AA3851FB90D3E1699F9B946] - [11/04/2017 14:17:33] - |A| - [3884136] - C:\WINDOWS\system32\rsrorx64.dll [MD5.4E8F2BB3A5A87E75C35533723B50E685] - [04/04/2017 18:30:35] - |A| - [385] - C:\WINDOWS\system32\user_gensett.xml [MD5.F5CDFDD9F7F97D6650BABB515A1711C0] - [11/04/2017 14:38:24] - |A| - [20480] - C:\WINDOWS\system32\wsusnative64.exe [MD5.53283EB9998AC9350E14C35A880989DB] - [07/04/2017 13:48:11] - |A| - [251832] - C:\WINDOWS\system32\Drivers\04F067F1.sys [MD5.DA978AB6E0AAEA82235C943DEED3484C] - [06/04/2017 08:25:00] - |A| - [1605376] - C:\WINDOWS\system32\Drivers\avc3.sys [MD5.09A3015AEA14CF9A4ECDE1CEA6AFE0AA] - [06/04/2017 08:25:00] - |A| - [878072] - C:\WINDOWS\system32\Drivers\avckf.sys [MD5.4B190ACAE90EC79AD4D43EFCD3743DA0] - [06/04/2017 08:26:00] - |A| - [23672] - C:\WINDOWS\system32\Drivers\bdelam.sys [MD5.D8FAF7CFBC81E5E15CA7A7EC8EE1B409] - [06/04/2017 08:25:07] - |A| - [87912] - C:\WINDOWS\system32\Drivers\bdvedisk.sys [MD5.679FF716052109392D870F6A6C4A3535] - [08/04/2017 09:46:23] - |A| - [30264] - C:\WINDOWS\system32\Drivers\dtlitescsibus.sys [MD5.E23FDD696839A4790682CA66C48D3F2F] - [08/04/2017 09:46:40] - |A| - [47672] - C:\WINDOWS\system32\Drivers\dtliteusbbus.sys [MD5.C5713A2B4C9D9150041FB70C4A2ADE07] - [01/04/2017 07:57:55] - |A| - [65192] - C:\WINDOWS\system32\Drivers\EUBAKUP0.sys [MD5.5061B571167E1EE26E8D549CCDBE9CC6] - [01/04/2017 07:57:50] - |A| - [52392] - C:\WINDOWS\system32\Drivers\EUBKMON0.sys [MD5.6B133EE401475A72D252D49F8736936E] - [01/04/2017 07:57:56] - |A| - [196776] - C:\WINDOWS\system32\Drivers\EUFDDISK0.sys [MD5.6D1908A1A76860B7CEAEF2FB34214928] - [04/04/2017 16:13:29] - |A| - [212560] - C:\WINDOWS\system32\Drivers\fwndislwf64.sys [MD5.1480F5E5EB49487F8B040F4340561928] - [04/04/2017 16:13:29] - |A| - [204688] - C:\WINDOWS\system32\Drivers\fwndislwf64.sys.tmp [MD5.94203B31B0618221780611608C8875DE] - [08/04/2017 13:44:20] - |A| - [19560] - C:\WINDOWS\system32\Drivers\gsars.sys [MD5.3E0CD5BF6679CB4D709CFAD21EC326FA] - [08/04/2017 09:16:57] - |A| - [38160] - C:\WINDOWS\system32\Drivers\gsinspect.sys [MD5.F72818A52CBB5A9E8B2C9E350638A945] - [06/04/2017 15:44:47] - |A| - [182944] - C:\WINDOWS\system32\Drivers\gzflt.sys [MD5.4AB719D0CEB64ED85D30EB974A5C806E] - [06/04/2017 08:24:31] - |A| - [305120] - C:\WINDOWS\system32\Drivers\ignis.sys [MD5.F1CEA9D2626D5933162C72F0C47B496C] - [10/04/2017 10:11:08] - |A| - [77440] - C:\WINDOWS\system32\Drivers\mbae64.sys [MD5.53283EB9998AC9350E14C35A880989DB] - [07/04/2017 10:12:14] - |A| - [251832] - C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys [MD5.1AEF1D37188B06AB4C741CC145C2DC0D] - [11/04/2017 14:20:16] - |A| - [59664] - C:\WINDOWS\system32\Drivers\rsblk.sys [MD5.4778EEECB75C6FB419745BEED3530B9D] - [11/04/2017 14:20:02] - |A| - [26024] - C:\WINDOWS\system32\Drivers\rsdrvx64.sys [MD5.0D5A09B08568760AE85A801FCBC0F83D] - [11/04/2017 12:35:18] - |A| - [28272] - C:\WINDOWS\system32\Drivers\TrueSight.sys [MD5.AA129EFF64E41947F6A46388A7F5F966] - [06/04/2017 08:17:34] - |A| - [520032] - C:\WINDOWS\system32\Drivers\trufos.sys [MD5.00000000000000000000000000000000] - [10/04/2017 14:19:04] - |D| - [0] - C:\WINDOWS\syswow64\040C [MD5.0A0FEB9EB28BDE8CD835716343B03B14] - [10/04/2017 14:19:10] - |A| - [2151] - C:\WINDOWS\syswow64\12520437_FromLFSULTRA-WIDEN.cpx [MD5.D69AE057CD82D04EE7D311809ABEFB2A] - [10/04/2017 14:19:18] - |A| - [2233] - C:\WINDOWS\syswow64\12520850_FromLFSULTRA-WIDEN.cpx [MD5.77424849C3EE8FBB767C98E42E60CBEF] - [10/04/2017 14:19:22] - |A| - [9696] - C:\WINDOWS\syswow64\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.77424849C3EE8FBB767C98E42E60CBEF] - [10/04/2017 14:19:26] - |A| - [9696] - C:\WINDOWS\syswow64\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.BCD746C83332A0FE5AA44C25953A9095] - [09/04/2017 13:18:56] - |A| - [2015232] - C:\WINDOWS\syswow64\aacenclib.dll [MD5.97896EE4254176CFDD9010B5B243B89F] - [10/04/2017 14:19:33] - |A| - [131584] - C:\WINDOWS\syswow64\aaclient.dll [MD5.D0EB35A60D1E05DE9038F2B1584858CA] - [09/04/2017 13:19:07] - |A| - [356352] - C:\WINDOWS\syswow64\aac_ds_enc.ax [MD5.45C0DF404182850C21749AF7763C095F] - [10/04/2017 14:19:39] - |A| - [3727872] - C:\WINDOWS\syswow64\accessibilitycpl_FromLFSULTRA-WIDEN.dll [MD5.494E31F87662C486EF2F2048D599AC46] - [10/04/2017 14:19:51] - |A| - [39424] - C:\WINDOWS\syswow64\ACCTRES_FromLFSULTRA-WIDEN.dll [MD5.76828928A893D595EF5CA2C53B2B48C0] - [10/04/2017 14:19:56] - |A| - [7680] - C:\WINDOWS\syswow64\acledit_FromLFSULTRA-WIDEN.dll [MD5.DAB5808E0C26740577AE67878A87136E] - [10/04/2017 14:20:00] - |A| - [125440] - C:\WINDOWS\syswow64\aclui_FromLFSULTRA-WIDEN.dll [MD5.B57053CD59114D36952461EE638D3784] - [10/04/2017 14:20:08] - |A| - [45568] - C:\WINDOWS\syswow64\acppage_FromLFSULTRA-WIDEN.dll [MD5.3A9FC5D24053769ED9B710B576DEEB8A] - [10/04/2017 14:20:13] - |A| - [9216] - C:\WINDOWS\syswow64\acproxy.dll [MD5.54DEFF61C4E6AF1581DA2F236154BA4C] - [10/04/2017 14:20:27] - |A| - [537600] - C:\WINDOWS\syswow64\ActionCenterCPL_FromLFSULTRA-WIDEN.dll [MD5.9A39A2A5F443A756C568C6ED5748AFE4] - [10/04/2017 14:20:21] - |A| - [744448] - C:\WINDOWS\syswow64\ActionCenter_FromLFSULTRA-WIDEN.dll [MD5.97BAF1DE66F886D8292AED040B8CC281] - [10/04/2017 14:20:32] - |A| - [179200] - C:\WINDOWS\syswow64\ActionQueue.dll [MD5.521B748A7F9923302CA18B7E6AA2EEAE] - [10/04/2017 14:20:40] - |A| - [202752] - C:\WINDOWS\syswow64\activeds_FromLFSULTRA-WIDEN.dll [MD5.7C650F8FF31632E485FFE2D0011BD921] - [10/04/2017 14:20:46] - |A| - [111616] - C:\WINDOWS\syswow64\activeds_FromLFSULTRA-WIDEN.tlb [MD5.D2958325C1AE1AE37A83334C6229E3BC] - [10/04/2017 14:20:50] - |A| - [309760] - C:\WINDOWS\syswow64\actxprxy_FromLFSULTRA-WIDEN.dll [MD5.BDFABEDACD6F18B5EFB14B7529F3ED3E] - [10/04/2017 14:20:58] - |A| - [38912] - C:\WINDOWS\syswow64\AdapterTroubleshooter.exe [MD5.382D949AFF48B9B5FFE72FF68B7A76DF] - [10/04/2017 14:21:00] - |A| - [49664] - C:\WINDOWS\syswow64\adprovider_FromLFSULTRA-WIDEN.dll [MD5.51F5CC1E7DA3D9C664C2D0D61F315E06] - [10/04/2017 14:21:04] - |A| - [202752] - C:\WINDOWS\syswow64\adsldpc_FromLFSULTRA-WIDEN.dll [MD5.3E709F7BFA217CD3B6FC338780465E20] - [10/04/2017 14:21:02] - |A| - [186880] - C:\WINDOWS\syswow64\adsldp_FromLFSULTRA-WIDEN.dll [MD5.D73E4CF4AA1B674F522C995174900076] - [10/04/2017 14:21:05] - |A| - [77312] - C:\WINDOWS\syswow64\adsmsext_FromLFSULTRA-WIDEN.dll [MD5.B7D2873EC0487646CCDF740AF748852C] - [10/04/2017 14:21:06] - |A| - [260608] - C:\WINDOWS\syswow64\adsnt_FromLFSULTRA-WIDEN.dll [MD5.95CDF95F17CBC4038235DA5525DE8A39] - [10/04/2017 14:21:08] - |A| - [686080] - C:\WINDOWS\syswow64\adtschema_FromLFSULTRA-WIDEN.dll [MD5.8E906BEE0415C2D4689305B8406B5E07] - [10/04/2017 14:21:15] - |A| - [642560] - C:\WINDOWS\syswow64\advapi32_FromLFSULTRA-WIDEN.dll [MD5.4FE6AA4422BEC5DC3995051C670FFB26] - [10/04/2017 14:21:19] - |A| - [126464] - C:\WINDOWS\syswow64\advpack_FromLFSULTRA-WIDEN.dll [MD5.02AF9857838C25EC98BBE492271F3E27] - [10/04/2017 14:21:19] - |A| - [6656] - C:\WINDOWS\syswow64\aecache.dll [MD5.175383778EB24D98C84E624021E3AA0B] - [10/04/2017 14:21:21] - |A| - [23040] - C:\WINDOWS\syswow64\aeevts_FromLFSULTRA-WIDEN.dll [MD5.C262B132CF3790405A9AC8C5B18847A1] - [10/04/2017 14:21:21] - |A| - [302592] - C:\WINDOWS\syswow64\aeinv.dll [MD5.8B5EEFEEC1E6D1A72A06C526628AD161] - [10/04/2017 14:21:22] - |A| - [62464] - C:\WINDOWS\syswow64\aelupsvc.dll [MD5.27A81A5FEB2ACF01D406EFE153E95D4C] - [10/04/2017 14:21:24] - |A| - [321536] - C:\WINDOWS\syswow64\aepdu.dll [MD5.8B794AE6D5C7D42092804BC39A2EB8F6] - [10/04/2017 14:21:26] - |A| - [62464] - C:\WINDOWS\syswow64\aepic_FromLFSULTRA-WIDEN.dll [MD5.2CCEAF03E8AF4543171D236DF21DC29A] - [10/04/2017 14:21:27] - |A| - [175200] - C:\WINDOWS\syswow64\AERTACap.dll [MD5.6353994C972CB58EB01854C6FDFAC80D] - [10/04/2017 14:21:28] - |A| - [96160] - C:\WINDOWS\syswow64\AERTARen.dll [MD5.381761240B13B12F9630E6A169DA02DF] - [10/04/2017 14:21:29] - |A| - [26624] - C:\WINDOWS\syswow64\agrscoin.dll [MD5.BAE4A742F100D82813C046F0421F20B2] - [10/04/2017 14:21:30] - |A| - [64000] - C:\WINDOWS\syswow64\agrsmdel.exe [MD5.2A3557DD3913F8D7CC5A5703083424D8] - [10/04/2017 14:21:30] - |A| - [119808] - C:\WINDOWS\syswow64\aitagent.exe [MD5.18A54E132947CD98FEA9ACCC57F98F13] - [10/04/2017 14:21:30] - |A| - [59392] - C:\WINDOWS\syswow64\alg.exe [MD5.B2B3DAE040F6B5AE1DF52B0CD7631A18] - [10/04/2017 14:21:31] - |A| - [46592] - C:\WINDOWS\syswow64\AltTab.dll [MD5.C95E4CA911A631AB87C34D95B2FA4D22] - [10/04/2017 14:21:32] - |A| - [18432] - C:\WINDOWS\syswow64\amcompat_FromLFSULTRA-WIDEN.tlb [MD5.382BDDDE3438F9A65935ABC6B3F76D1B] - [10/04/2017 14:21:36] - |A| - [70656] - C:\WINDOWS\syswow64\amstream_FromLFSULTRA-WIDEN.dll [MD5.AB4EC6D80DE12BED0630D672E7719447] - [10/04/2017 14:21:42] - |A| - [24064] - C:\WINDOWS\syswow64\amxread.dll [MD5.8AAD333C876590293F72B315E162BCC7] - [10/04/2017 14:21:45] - |A| - [9029] - C:\WINDOWS\syswow64\ANSI.SYS [MD5.7D44EE5DBCC3A6E90EB60EDF72B66D99] - [10/04/2017 14:21:46] - |A| - [1739776] - C:\WINDOWS\syswow64\apds_FromLFSULTRA-WIDEN.dll [MD5.2288A204455C8721103D3430F7D93928] - [10/04/2017 14:21:54] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-core-console-l1-1-0.dll [MD5.7623798D173C438FF21D8E8036761FAC] - [10/04/2017 14:21:57] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-core-datetime-l1-1-0.dll [MD5.BC7FD74168014773977278676693452E] - [10/04/2017 14:22:02] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-core-debug-l1-1-0.dll [MD5.61268396CA9038F1012B856152D346F4] - [10/04/2017 14:22:06] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-core-delayload-l1-1-0.dll [MD5.413DA31E6323D7DD6E0B2C72B2B43CA4] - [10/04/2017 14:22:07] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-core-errorhandling-l1-1-0.dll [MD5.50EFCD3AC5D5B48611C0BBF593176B1B] - [10/04/2017 14:22:07] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-core-fibers-l1-1-0.dll [MD5.4E3673072AC4C853CA672FB3DDB835F2] - [10/04/2017 14:22:08] - |A| - [5120] - C:\WINDOWS\syswow64\api-ms-win-core-file-l1-1-0.dll [MD5.11A771FC68FB315AD3DDB1D73D4353ED] - [10/04/2017 14:22:08] - |A| - [11616] - C:\WINDOWS\syswow64\api-ms-win-core-file-l1-2-0.dll [MD5.57B17FD79B22FFF75F1E34B1B680383C] - [10/04/2017 14:22:09] - |A| - [11616] - C:\WINDOWS\syswow64\api-ms-win-core-file-l2-1-0.dll [MD5.4D9804D23E36D167EB14DB7216DE395F] - [10/04/2017 14:22:13] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-core-handle-l1-1-0.dll [MD5.1717EFB140D46F7CE521464394AF0F26] - [10/04/2017 14:22:14] - |A| - [3584] - C:\WINDOWS\syswow64\api-ms-win-core-heap-l1-1-0.dll [MD5.88E74AEC6409F1CF067587D21CF43A01] - [10/04/2017 14:22:14] - |A| - [3584] - C:\WINDOWS\syswow64\api-ms-win-core-interlocked-l1-1-0.dll [MD5.47BA434DF3ED736D99FFBF1528756C7D] - [10/04/2017 14:22:14] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-core-io-l1-1-0.dll [MD5.DA066F82352B8E57EB8A1148B819D05B] - [10/04/2017 14:22:15] - |A| - [3584] - C:\WINDOWS\syswow64\api-ms-win-core-libraryloader-l1-1-0.dll [MD5.C583B3B2AEFB8BCD47928FC8E50038B3] - [10/04/2017 14:22:15] - |A| - [4096] - C:\WINDOWS\syswow64\api-ms-win-core-localization-l1-1-0.dll [MD5.83D00D9303375B674E6CFC4365321C72] - [10/04/2017 14:22:16] - |A| - [14176] - C:\WINDOWS\syswow64\api-ms-win-core-localization-l1-2-0.dll [MD5.19C4989050BE7F1F2D7476E94EA2265A] - [10/04/2017 14:22:17] - |A| - [4096] - C:\WINDOWS\syswow64\api-ms-win-core-localregistry-l1-1-0.dll [MD5.68C36CDF9B0037B1C7FD1E755137608C] - [10/04/2017 14:22:17] - |A| - [3584] - C:\WINDOWS\syswow64\api-ms-win-core-memory-l1-1-0.dll [MD5.DFDD5EA65B2F46D7137D1356672932C4] - [10/04/2017 14:22:17] - |A| - [4096] - C:\WINDOWS\syswow64\api-ms-win-core-misc-l1-1-0.dll [MD5.1A7BE708558A7ECEFC8E84986355AAC5] - [10/04/2017 14:22:18] - |A| - [3584] - C:\WINDOWS\syswow64\api-ms-win-core-namedpipe-l1-1-0.dll [MD5.76BFDE3D9E6657C651EFD66208FE7C25] - [10/04/2017 14:22:18] - |A| - [3584] - C:\WINDOWS\syswow64\api-ms-win-core-processenvironment-l1-1-0.dll [MD5.0B263DD877F542B8054D898958B965E7] - [10/04/2017 14:22:18] - |A| - [4608] - C:\WINDOWS\syswow64\api-ms-win-core-processthreads-l1-1-0.dll [MD5.D34AC714C338C2D4A3D98C5A4A81313F] - [10/04/2017 14:22:19] - |A| - [12128] - C:\WINDOWS\syswow64\api-ms-win-core-processthreads-l1-1-1.dll [MD5.0DFAB5F803F24D2326624817DFE73C63] - [10/04/2017 14:22:20] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-core-profile-l1-1-0.dll [MD5.6C9972BEF7E24112B270EF301CE154BE] - [10/04/2017 14:22:20] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-core-rtlsupport-l1-1-0.dll [MD5.5A967F367E716518503B60022F912539] - [10/04/2017 14:22:21] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-core-string-l1-1-0.dll [MD5.66FFA9AA78E424F74A0112D15FEEA447] - [10/04/2017 14:22:21] - |A| - [4096] - C:\WINDOWS\syswow64\api-ms-win-core-synch-l1-1-0.dll [MD5.1D70F80D1CFDE11571054E56B45C15C2] - [10/04/2017 14:22:21] - |A| - [12128] - C:\WINDOWS\syswow64\api-ms-win-core-synch-l1-2-0.dll [MD5.C45EB299488C1EAB1DB48777E40B5556] - [10/04/2017 14:22:22] - |A| - [4096] - C:\WINDOWS\syswow64\api-ms-win-core-sysinfo-l1-1-0.dll [MD5.0D2C408B8977A0B739802FDEE9C57BE6] - [10/04/2017 14:22:22] - |A| - [4608] - C:\WINDOWS\syswow64\api-ms-win-core-threadpool-l1-1-0.dll [MD5.C6CBAACB8F1D8D1C9DA89C1E9C21925B] - [10/04/2017 14:22:22] - |A| - [11616] - C:\WINDOWS\syswow64\api-ms-win-core-timezone-l1-1-0.dll [MD5.7D8C9F72493C534F2298D49B43375A57] - [10/04/2017 14:22:23] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-core-util-l1-1-0.dll [MD5.4BF197E62A80BBAC9DCE2B6CBB330EDA] - [10/04/2017 14:22:25] - |A| - [3584] - C:\WINDOWS\syswow64\api-ms-win-core-xstate-l1-1-0.dll [MD5.A23B83F5B8522BBA92160D5C7FAA1EC6] - [10/04/2017 14:22:30] - |A| - [11616] - C:\WINDOWS\syswow64\api-ms-win-core-xstate-l2-1-0.dll [MD5.5E98B6B1D884AE801EEF41C42A080084] - [10/04/2017 14:22:36] - |A| - [12640] - C:\WINDOWS\syswow64\api-ms-win-crt-conio-l1-1-0.dll [MD5.522226C519CDD233360BF0CE80B0CEBA] - [10/04/2017 14:22:41] - |A| - [15712] - C:\WINDOWS\syswow64\api-ms-win-crt-convert-l1-1-0.dll [MD5.E37EC711D51AAF9FD8570739ED8A1AC0] - [10/04/2017 14:22:44] - |A| - [12128] - C:\WINDOWS\syswow64\api-ms-win-crt-environment-l1-1-0.dll [MD5.BCBE1BD34AA5E3E585E8A186ECE49FA0] - [10/04/2017 14:22:49] - |A| - [13664] - C:\WINDOWS\syswow64\api-ms-win-crt-filesystem-l1-1-0.dll [MD5.DB9FEFF915F895BE960E9D1D47639324] - [10/04/2017 14:22:54] - |A| - [12640] - C:\WINDOWS\syswow64\api-ms-win-crt-heap-l1-1-0.dll [MD5.B05D416F3162D1686914606E9C794997] - [10/04/2017 14:23:07] - |A| - [12128] - C:\WINDOWS\syswow64\api-ms-win-crt-locale-l1-1-0.dll [MD5.924E2F51DE0177D08AABAB725421D70C] - [10/04/2017 14:23:20] - |A| - [22368] - C:\WINDOWS\syswow64\api-ms-win-crt-math-l1-1-0.dll [MD5.74126D3BED0E43DE875B66C63C608F42] - [10/04/2017 14:23:31] - |A| - [19808] - C:\WINDOWS\syswow64\api-ms-win-crt-multibyte-l1-1-0.dll [MD5.85CF361F1388D42FEEDD3E2516D50CE7] - [10/04/2017 14:23:38] - |A| - [66400] - C:\WINDOWS\syswow64\api-ms-win-crt-private-l1-1-0.dll [MD5.386C6B538AC4F36737819B79E679132D] - [10/04/2017 14:23:40] - |A| - [12640] - C:\WINDOWS\syswow64\api-ms-win-crt-process-l1-1-0.dll [MD5.D07F2E1FF3CA24A06ADDE429A0130E50] - [10/04/2017 14:23:40] - |A| - [16224] - C:\WINDOWS\syswow64\api-ms-win-crt-runtime-l1-1-0.dll [MD5.1D96A0D2EF83C6C1176806C02F96384A] - [10/04/2017 14:23:40] - |A| - [17760] - C:\WINDOWS\syswow64\api-ms-win-crt-stdio-l1-1-0.dll [MD5.0E9D1BCE1BB8A5E25B505CE7B52CCE74] - [10/04/2017 14:23:41] - |A| - [17760] - C:\WINDOWS\syswow64\api-ms-win-crt-string-l1-1-0.dll [MD5.E5DE5F75FF6739AC9AABBDD4740B22A9] - [10/04/2017 14:23:41] - |A| - [14176] - C:\WINDOWS\syswow64\api-ms-win-crt-time-l1-1-0.dll [MD5.3A2E6016FF209066F3129543660BE0B5] - [10/04/2017 14:23:41] - |A| - [12128] - C:\WINDOWS\syswow64\api-ms-win-crt-utility-l1-1-0.dll [MD5.6A13B4F3B3F575F1E24B877B9359AABA] - [10/04/2017 14:23:42] - |A| - [10752] - C:\WINDOWS\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll [MD5.49ACA548B2423F1C67898E6AC719A9A6] - [10/04/2017 14:23:42] - |A| - [3584] - C:\WINDOWS\syswow64\api-ms-win-downlevel-advapi32-l2-1-0.dll [MD5.2E33DFD10F28F86C3FC40EE123CC3904] - [10/04/2017 14:23:42] - |A| - [2560] - C:\WINDOWS\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll [MD5.1C60E09CA1C3A045BC4D367F67C915B7] - [10/04/2017 14:23:42] - |A| - [5632] - C:\WINDOWS\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll [MD5.60F4AEFA103D421EA4A40E31409B4756] - [10/04/2017 14:23:44] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-downlevel-shell32-l1-1-0.dll [MD5.6951562DC4625EEFC6EACD52AD165866] - [10/04/2017 14:23:46] - |A| - [9728] - C:\WINDOWS\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll [MD5.007863E45F25AA47A4C30D0930BBFD85] - [10/04/2017 14:23:46] - |A| - [5632] - C:\WINDOWS\syswow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll [MD5.589CBC4989F750E1DA35625AB481CF43] - [10/04/2017 14:23:49] - |A| - [4096] - C:\WINDOWS\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll [MD5.3BE0D923AA45A4DBE091C2D84F0B4FE7] - [10/04/2017 14:23:54] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-downlevel-version-l1-1-0.dll [MD5.24A1E3B3600C6D45877A627CE01DA8F2] - [10/04/2017 14:23:54] - |A| - [6144] - C:\WINDOWS\syswow64\api-ms-win-security-base-l1-1-0.dll [MD5.C38E38A59F0BAF05E7268EC8A9ACC44A] - [10/04/2017 14:23:54] - |A| - [3584] - C:\WINDOWS\syswow64\api-ms-win-security-lsalookup-l1-1-0.dll [MD5.804AD3E54AD2C11BA91C28F73ADE90DA] - [10/04/2017 14:23:55] - |A| - [3072] - C:\WINDOWS\syswow64\api-ms-win-security-sddl-l1-1-0.dll [MD5.993473C994254709A7E6DC20C9981F0D] - [10/04/2017 14:23:55] - |A| - [2560] - C:\WINDOWS\syswow64\api-ms-win-service-core-l1-1-0.dll [MD5.35215454C753D42BBD161BAF14DF7408] - [10/04/2017 14:23:56] - |A| - [2560] - C:\WINDOWS\syswow64\api-ms-win-service-management-l1-1-0.dll [MD5.4A44C3838CB7724019E18593FE97686A] - [10/04/2017 14:23:56] - |A| - [2560] - C:\WINDOWS\syswow64\api-ms-win-service-management-l2-1-0.dll [MD5.EA03D6CB2A8974DD1360861E06AF688A] - [10/04/2017 14:23:56] - |A| - [3584] - C:\WINDOWS\syswow64\api-ms-win-service-winsvc-l1-1-0.dll [MD5.6726C291D2D2DCE34DABEB5C8E736555] - [10/04/2017 14:23:56] - |A| - [15360] - C:\WINDOWS\syswow64\apilogen.dll [MD5.D53467BC936A14BCAC37607228E695E8] - [10/04/2017 14:23:56] - |A| - [221184] - C:\WINDOWS\syswow64\apircl.dll [MD5.E88699C4C98E249DD2F13B315F6A199B] - [10/04/2017 14:23:57] - |A| - [6656] - C:\WINDOWS\syswow64\apisetschema.dll [MD5.D753EEE17725526A67ACDDAA5D63EF68] - [10/04/2017 14:23:57] - |A| - [12498] - C:\WINDOWS\syswow64\append.exe [MD5.863F793D15B4026B1A5FDECA873D4D84] - [10/04/2017 14:23:58] - |A| - [295936] - C:\WINDOWS\syswow64\apphelp_FromLFSULTRA-WIDEN.dll [MD5.D99621C0735B21DCC8BC4FEF02F379EF] - [10/04/2017 14:23:58] - |A| - [29696] - C:\WINDOWS\syswow64\Apphlpdm_FromLFSULTRA-WIDEN.dll [MD5.CEAF33BDAE752B7EA0C7BE5F9D396636] - [10/04/2017 14:23:59] - |A| - [50688] - C:\WINDOWS\syswow64\appidapi_FromLFSULTRA-WIDEN.dll [MD5.34F05144005BFDC335A5D248C7E2A356] - [10/04/2017 14:23:59] - |A| - [16896] - C:\WINDOWS\syswow64\appidcertstorecheck.exe [MD5.4503CC8E7F6A6FC278732D9691511C15] - [10/04/2017 14:23:59] - |A| - [96768] - C:\WINDOWS\syswow64\appidpolicyconverter.exe [MD5.62A9C86CB6085E20DB4823E4E97826F5] - [10/04/2017 14:24:00] - |A| - [27648] - C:\WINDOWS\syswow64\appidsvc.dll [MD5.EACFDF31921F51C097629F1F3C9129B4] - [10/04/2017 14:24:00] - |A| - [47104] - C:\WINDOWS\syswow64\appinfo.dll [MD5.8EC00CCCBB3436D534FC8DA85FF943BF] - [10/04/2017 14:24:00] - |A| - [649216] - C:\WINDOWS\syswow64\appwiz_FromLFSULTRA-WIDEN.cpl [MD5.2E2C17DF779AD51A7209754685B010A1] - [10/04/2017 14:24:01] - |A| - [200192] - C:\WINDOWS\syswow64\apss.dll [MD5.3145F214183CDCF5B7CE0E52BEE0E91F] - [09/04/2017 12:10:29] - |A| - [126976] - C:\WINDOWS\syswow64\ArielColorCtrl.ocx [MD5.3145F214183CDCF5B7CE0E52BEE0E91F] - [10/04/2017 14:24:04] - |A| - [126976] - C:\WINDOWS\syswow64\ArielColorCtrl_FromLFSULTRA-WIDEN.ocx [MD5.ADC7AD3C261D2753CB7A2FE73A66C210] - [10/04/2017 14:24:04] - |A| - [20992] - C:\WINDOWS\syswow64\ARP_FromLFSULTRA-WIDEN.EXE [MD5.6FA36D98D7BB5767E1A0F8C7DCE24715] - [10/04/2017 14:24:04] - |A| - [2048] - C:\WINDOWS\syswow64\asferror_FromLFSULTRA-WIDEN.dll [MD5.05AA78AEAC9EDAFBD5865578560863E5] - [10/04/2017 14:24:05] - |A| - [28352] - C:\WINDOWS\syswow64\aspnet_counters_FromLFSULTRA-WIDEN.dll [MD5.088CF5B6380FB9002F2A4246F812225D] - [10/04/2017 14:24:05] - |A| - [67584] - C:\WINDOWS\syswow64\asycfilt_FromLFSULTRA-WIDEN.dll [MD5.3CA2BB895E204478C7A4C9BAF70970CE] - [10/04/2017 14:24:06] - |A| - [29184] - C:\WINDOWS\syswow64\AtBroker_FromLFSULTRA-WIDEN.exe [MD5.00000000000000000000000000000000] - [10/04/2017 14:24:06] - |D| - [82472] - C:\WINDOWS\syswow64\Atheros_L1e [MD5.00D2C06A552F782C1F16ACF77DB765A5] - [10/04/2017 14:24:08] - |A| - [138056] - C:\WINDOWS\syswow64\atl100_FromLFSULTRA-WIDEN.dll [MD5.315D47153122903C52051B7027988F85] - [10/04/2017 14:24:08] - |A| - [164424] - C:\WINDOWS\syswow64\atl110_FromLFSULTRA-WIDEN.dll [MD5.F10E5311E5093FA3C00FF88C54C32FCA] - [10/04/2017 14:24:08] - |A| - [70144] - C:\WINDOWS\syswow64\atl_FromLFSULTRA-WIDEN.dll [MD5.680D463893C9846CC6A1DA6012DD0FE5] - [10/04/2017 14:24:09] - |A| - [299520] - C:\WINDOWS\syswow64\atmfd_FromLFSULTRA-WIDEN.dll [MD5.400C20D6967A83EA69D6953EBB8D3FA3] - [10/04/2017 14:24:09] - |A| - [34304] - C:\WINDOWS\syswow64\atmlib_FromLFSULTRA-WIDEN.dll [MD5.459A5755AFBB1CB3E67CA4C1296599E3] - [10/04/2017 14:24:10] - |A| - [16384] - C:\WINDOWS\syswow64\attrib_FromLFSULTRA-WIDEN.exe [MD5.7BD932FFA2E9B359CB0544615973D149] - [10/04/2017 14:24:06] - |A| - [24064] - C:\WINDOWS\syswow64\at_FromLFSULTRA-WIDEN.exe [MD5.4634B0EE4098F0F2B972BDAC19A802E7] - [10/04/2017 14:24:11] - |A| - [243712] - C:\WINDOWS\syswow64\audiodev_FromLFSULTRA-WIDEN.dll [MD5.F68194F74350D4A2ADE98961E33F884C] - [10/04/2017 14:24:11] - |A| - [100864] - C:\WINDOWS\syswow64\audiodg.exe [MD5.BBA9D5A730D5E304117AD26923EBD8AA] - [10/04/2017 14:24:12] - |A| - [374784] - C:\WINDOWS\syswow64\AudioEng_FromLFSULTRA-WIDEN.dll [MD5.96F0F8F4DEE598C8D12AD9633E0CFE2A] - [10/04/2017 14:24:13] - |A| - [442880] - C:\WINDOWS\syswow64\AUDIOKSE_FromLFSULTRA-WIDEN.dll [MD5.C940F2F5C60B3727C5F18840735B229C] - [10/04/2017 14:24:20] - |A| - [195584] - C:\WINDOWS\syswow64\AudioSes_FromLFSULTRA-WIDEN.dll [MD5.CE3B4E731638D2EF62FCB419BE0D39F0] - [10/04/2017 14:24:22] - |A| - [473600] - C:\WINDOWS\syswow64\audiosrv.dll [MD5.181174302A92D87C86829F46D8ACA0D3] - [10/04/2017 14:24:23] - |A| - [123392] - C:\WINDOWS\syswow64\auditcse.dll [MD5.D860E93BA9E5B4332C87159D7EA46343] - [10/04/2017 14:24:24] - |A| - [50176] - C:\WINDOWS\syswow64\auditpol_FromLFSULTRA-WIDEN.exe [MD5.7B3A07BB31AD831C4F66B08ECEAD2209] - [10/04/2017 14:24:25] - |A| - [334336] - C:\WINDOWS\syswow64\authfwcfg_FromLFSULTRA-WIDEN.dll [MD5.81241E7723D5675AF6E27A7F0E7F3324] - [10/04/2017 14:24:25] - |A| - [297472] - C:\WINDOWS\syswow64\AuthFWGP_FromLFSULTRA-WIDEN.dll [MD5.13A1F9A72F81509658F3E0B6AC2AD994] - [10/04/2017 14:24:28] - |A| - [5066752] - C:\WINDOWS\syswow64\AuthFWSnapin_FromLFSULTRA-WIDEN.dll [MD5.85AAF0A5214E0A9A60282F12F9188937] - [10/04/2017 14:24:31] - |A| - [126976] - C:\WINDOWS\syswow64\AuthFWWizFwk_FromLFSULTRA-WIDEN.dll [MD5.28936CBC6C4459D9AB656FB894E3090E] - [10/04/2017 14:24:37] - |A| - [1795584] - C:\WINDOWS\syswow64\authui_FromLFSULTRA-WIDEN.dll [MD5.FB4EB9352B7D698E6B3C2AA2ED724DAD] - [10/04/2017 14:24:43] - |A| - [98816] - C:\WINDOWS\syswow64\authz_FromLFSULTRA-WIDEN.dll [MD5.F88A52EB62019D6A62FDD9E08034DBD8] - [10/04/2017 14:24:44] - |A| - [668160] - C:\WINDOWS\syswow64\autochk_FromLFSULTRA-WIDEN.exe [MD5.09D786401F6CA6AEB16B2811B169F944] - [10/04/2017 14:24:45] - |A| - [679424] - C:\WINDOWS\syswow64\autoconv_FromLFSULTRA-WIDEN.exe [MD5.30475F091008E24550523515A023270D] - [10/04/2017 14:24:46] - |A| - [1688] - C:\WINDOWS\syswow64\autoexec.nt [MD5.A475B7BB0CCCFD848AA26075E81D7888] - [10/04/2017 14:24:46] - |A| - [658944] - C:\WINDOWS\syswow64\autofmt_FromLFSULTRA-WIDEN.exe [MD5.DFA05B91BA331F7407F5F50EEAA9E2B2] - [10/04/2017 14:24:47] - |A| - [146944] - C:\WINDOWS\syswow64\autoplay_FromLFSULTRA-WIDEN.dll [MD5.4B1D054154B845556350480BF476617A] - [10/04/2017 14:24:48] - |A| - [119808] - C:\WINDOWS\syswow64\AuxiliaryDisplayApi.dll [MD5.29FEA7A6277E775A870682F2F7435F9F] - [10/04/2017 14:24:48] - |A| - [131072] - C:\WINDOWS\syswow64\AuxiliaryDisplayClassInstaller.dll [MD5.B8B8C7F57EE48DDB93F3D0E37F66E950] - [09/04/2017 13:18:56] - |A| - [1538396] - C:\WINDOWS\syswow64\avcenclib.dll [MD5.BCB27D39FB5F1E72CFBC8ECF57EF863D] - [09/04/2017 13:19:08] - |A| - [380928] - C:\WINDOWS\syswow64\avc_ds_enc.ax [MD5.D05D2C408BBDD201E145F1202B2F13BD] - [10/04/2017 14:24:49] - |A| - [69584] - C:\WINDOWS\syswow64\avicap.dll [MD5.E24FE90E9DE8D8AE70E59F7B01675DEF] - [10/04/2017 14:24:49] - |A| - [65024] - C:\WINDOWS\syswow64\avicap32_FromLFSULTRA-WIDEN.dll [MD5.DCEABBA22E12CC44C2E7785C0EB9C6E3] - [10/04/2017 14:24:50] - |A| - [91648] - C:\WINDOWS\syswow64\avifil32_FromLFSULTRA-WIDEN.dll [MD5.1131CC48B374FBF92EBAF0821C228ACA] - [10/04/2017 14:24:52] - |A| - [109456] - C:\WINDOWS\syswow64\avifile.dll [MD5.139D3AB6AA920C34C50CBFFB9EB7D222] - [10/04/2017 14:24:55] - |A| - [14336] - C:\WINDOWS\syswow64\avrt_FromLFSULTRA-WIDEN.dll [MD5.6E30D02AAC9CAC84F421622E3A2F6178] - [10/04/2017 14:24:55] - |A| - [88064] - C:\WINDOWS\syswow64\AxInstSv.dll [MD5.FE0479009A02EB277CB8BF5F15943766] - [10/04/2017 14:24:55] - |A| - [57856] - C:\WINDOWS\syswow64\AxInstUI.exe [MD5.6CDBAF96FFC9B41435CC462730F895A0] - [09/04/2017 12:10:29] - |A| - [638976] - C:\WINDOWS\syswow64\AxisToolBar.ocx [MD5.6CDBAF96FFC9B41435CC462730F895A0] - [10/04/2017 14:24:59] - |A| - [638976] - C:\WINDOWS\syswow64\AxisToolBar_FromLFSULTRA-WIDEN.ocx [MD5.C5B3E109B3B88B0CC420304EA7BF6B70] - [10/04/2017 14:25:01] - |A| - [41587] - C:\WINDOWS\syswow64\azman_FromLFSULTRA-WIDEN.msc [MD5.2F6C94BA73C976FAF939358D84E653E9] - [10/04/2017 14:25:03] - |A| - [762880] - C:\WINDOWS\syswow64\azroles_FromLFSULTRA-WIDEN.dll [MD5.5BAC1C3853E2D1F3F65CBB578228A268] - [10/04/2017 14:25:04] - |A| - [314368] - C:\WINDOWS\syswow64\azroleui_FromLFSULTRA-WIDEN.dll [MD5.CC0C2CF2EBD58234C45C5D0C046ABB79] - [10/04/2017 14:25:04] - |A| - [28160] - C:\WINDOWS\syswow64\AzSqlExt_FromLFSULTRA-WIDEN.dll [MD5.B47CD1B9551DA3DE9166D6DD17E6FD82] - [10/04/2017 14:25:04] - |A| - [144768] - C:\WINDOWS\syswow64\basecsp_FromLFSULTRA-WIDEN.dll [MD5.5E7C5DE85AF978495C3A9A0B720B9811] - [10/04/2017 14:25:05] - |A| - [44032] - C:\WINDOWS\syswow64\basesrv.dll [MD5.67C1B58706B47EEBA4E117AC197289E6] - [10/04/2017 14:25:05] - |A| - [740864] - C:\WINDOWS\syswow64\batmeter_FromLFSULTRA-WIDEN.dll [MD5.F6C262D0278BAA06217949639A6392C6] - [10/04/2017 14:25:06] - |A| - [101376] - C:\WINDOWS\syswow64\batt.dll [MD5.D65645E5E9858EB60C3CF06848DD328D] - [10/04/2017 14:25:07] - |A| - [146944] - C:\WINDOWS\syswow64\bcdboot.exe [MD5.9473C7BDD77A204C0BB70B467740D326] - [10/04/2017 14:25:08] - |A| - [295424] - C:\WINDOWS\syswow64\bcdedit.exe [MD5.74BB8738EF5BB086C4A9743AB5E74BF2] - [10/04/2017 14:25:08] - |A| - [55808] - C:\WINDOWS\syswow64\bcdprov.dll [MD5.6ED76824354C47C0B227ED38DEC89800] - [10/04/2017 14:25:09] - |A| - [133632] - C:\WINDOWS\syswow64\bcdsrv.dll [MD5.63F52FF6FCA2C492F4FB7EE545319FA8] - [10/04/2017 14:25:11] - |A| - [251000] - C:\WINDOWS\syswow64\bcryptprimitives_FromLFSULTRA-WIDEN.dll [MD5.FC7650224790CAE75A5E9231961FDEC5] - [10/04/2017 14:25:10] - |A| - [80384] - C:\WINDOWS\syswow64\bcrypt_FromLFSULTRA-WIDEN.dll [MD5.420D4C7B1F783A8A03197E04054B2E68] - [10/04/2017 14:25:12] - |A| - [74240] - C:\WINDOWS\syswow64\bdaplgin_FromLFSULTRA-WIDEN.ax [MD5.3A2C3C667F25E29ADE662B783D3832C9] - [10/04/2017 14:25:12] - |A| - [62464] - C:\WINDOWS\syswow64\bderepair.dll [MD5.EE1E9C3BB8228AE423DD38DB69128E71] - [10/04/2017 14:25:12] - |A| - [76800] - C:\WINDOWS\syswow64\bdesvc.dll [MD5.AFB1E208D9A15EFAF45A2CB43B84CEF5] - [10/04/2017 14:25:13] - |A| - [23040] - C:\WINDOWS\syswow64\bdeui.dll [MD5.1CE4B3F9AACB548465AA2DE74C4FCAAF] - [10/04/2017 14:25:13] - |A| - [41984] - C:\WINDOWS\syswow64\BdeUISrv.exe [MD5.5505BB132D91AB38A702F74E69ED3953] - [10/04/2017 14:25:13] - |A| - [97792] - C:\WINDOWS\syswow64\BdeUnlockWizard.exe [MD5.1E2BAC209D184BB851E1A187D8A29136] - [10/04/2017 14:25:13] - |A| - [494592] - C:\WINDOWS\syswow64\BFE.DLL [MD5.A7934B26A096F39B15960E0A56C1C8C4] - [10/04/2017 14:25:16] - |A| - [34304] - C:\WINDOWS\syswow64\bidispl_FromLFSULTRA-WIDEN.dll [MD5.E4343C7233EF714435231A85F11677D7] - [10/04/2017 14:25:16] - |A| - [428032] - C:\WINDOWS\syswow64\biocpl.dll [MD5.E59F08ED9D2A128CE436BBFC232247F6] - [10/04/2017 14:25:17] - |A| - [171520] - C:\WINDOWS\syswow64\BioCredProv_FromLFSULTRA-WIDEN.dll [MD5.84BDB1E378591D930482B896A1648C53] - [10/04/2017 14:25:17] - |A| - [28420] - C:\WINDOWS\syswow64\bios1.rom [MD5.B44C4C9CA9D4BCC8430F3276576F562B] - [10/04/2017 14:25:18] - |A| - [8191] - C:\WINDOWS\syswow64\bios4.rom [MD5.0920B14AA67A8B04ACF48FFE7C6F0927] - [10/04/2017 14:25:18] - |A| - [186368] - C:\WINDOWS\syswow64\bitsadmin_FromLFSULTRA-WIDEN.exe [MD5.F45ED8C4F9AF862CD9992849B5203C11] - [10/04/2017 14:25:19] - |A| - [39936] - C:\WINDOWS\syswow64\bitsigd.dll [MD5.0552A8684BF7566F744D5B19FF6AEC6B] - [10/04/2017 14:25:19] - |A| - [19456] - C:\WINDOWS\syswow64\bitsperf_FromLFSULTRA-WIDEN.dll [MD5.878E7E537FB94B133B4640C917E76EA7] - [10/04/2017 14:25:19] - |A| - [10752] - C:\WINDOWS\syswow64\bitsprx2.dll [MD5.27169CC385259A89C0A29A317B419FB2] - [10/04/2017 14:25:19] - |A| - [10240] - C:\WINDOWS\syswow64\bitsprx3.dll [MD5.027ABB12C83BC3239FC1ADE771282327] - [10/04/2017 14:25:19] - |A| - [9216] - C:\WINDOWS\syswow64\bitsprx4.dll [MD5.1EE8F90EAD0DB665A372B9F8EC3109C2] - [10/04/2017 14:25:19] - |A| - [18432] - C:\WINDOWS\syswow64\bitsprx5.dll [MD5.4C3235C8E7BA3198693AE67BB03D3024] - [10/04/2017 14:25:20] - |A| - [10240] - C:\WINDOWS\syswow64\bitsprx6.dll [MD5.EA2B00551F3E7B3D5F7FB730A55F8246] - [10/04/2017 14:25:20] - |A| - [743424] - C:\WINDOWS\syswow64\blackbox.dll [MD5.B243C97C4F5292CADB71E850DA7FEB1D] - [10/04/2017 14:25:21] - |A| - [52736] - C:\WINDOWS\syswow64\BlbEvents.dll [MD5.00AE4E86C2EB10E960816976A38662DC] - [10/04/2017 14:25:21] - |A| - [2048] - C:\WINDOWS\syswow64\blbres.dll [MD5.0893CBF331837A892F7E91489887ACC4] - [10/04/2017 14:25:21] - |A| - [24576] - C:\WINDOWS\syswow64\blb_ps.dll [MD5.00000000000000000000000000000000] - [10/04/2017 14:25:22] - |D| - [1018312] - C:\WINDOWS\syswow64\Boot [MD5.979498716F5918815CE012F46B09C602] - [10/04/2017 14:25:27] - |A| - [81408] - C:\WINDOWS\syswow64\bootcfg_FromLFSULTRA-WIDEN.exe [MD5.CF13841F9F2B231F0DF974425888B89A] - [10/04/2017 14:25:28] - |A| - [2217856] - C:\WINDOWS\syswow64\bootres.dll [MD5.C103516EABFA066C1301FD565AFA97CE] - [10/04/2017 14:25:30] - |A| - [2560] - C:\WINDOWS\syswow64\bootstr.dll [MD5.D5037B4C527AB5069C48C9C09A12756D] - [10/04/2017 14:25:31] - |A| - [21584] - C:\WINDOWS\syswow64\BOOTVID_FromLFSULTRA-WIDEN.DLL [MD5.22D9945B4AAE36DD59620A918F2E65F4] - [10/04/2017 14:25:24] - |A| - [3170304] - C:\WINDOWS\syswow64\boot_FromLFSULTRA-WIDEN.sdi [MD5.405E1EF8E3C88E9BCD2853382BB12430] - [10/04/2017 14:25:31] - |A| - [22984] - C:\WINDOWS\syswow64\bopomofo_FromLFSULTRA-WIDEN.uce [MD5.278EE111CB021686C7BDB45C12EAC6E2] - [10/04/2017 14:25:31] - |A| - [17408] - C:\WINDOWS\syswow64\brcoinst.dll [MD5.5AD4CEAD849EC9DF82496C27B56228AD] - [10/04/2017 14:25:31] - |A| - [24576] - C:\WINDOWS\syswow64\brdgcfg.dll [MD5.1180159EE45AD1B110F6E482F244899E] - [10/04/2017 14:25:31] - |A| - [2048] - C:\WINDOWS\syswow64\bridgeres.dll [MD5.0D66F7F2BC54C1FB105E159017FB6429] - [10/04/2017 14:25:31] - |A| - [15872] - C:\WINDOWS\syswow64\bridgeunattend.exe [MD5.72910F1DEB838E6E08A9017BFB7D4F0B] - [10/04/2017 14:25:31] - |A| - [41984] - C:\WINDOWS\syswow64\browcli_FromLFSULTRA-WIDEN.dll [MD5.3DAA727B5B0A45039B0E1C9A211B8400] - [10/04/2017 14:25:32] - |A| - [102912] - C:\WINDOWS\syswow64\browser.dll [MD5.F977BE7B8C5462087374364EAFB3C15B] - [10/04/2017 14:25:32] - |A| - [10752] - C:\WINDOWS\syswow64\browseui_FromLFSULTRA-WIDEN.dll [MD5.583B799BB61EAFA6F19E74D35AD5D731] - [10/04/2017 14:25:33] - |A| - [42496] - C:\WINDOWS\syswow64\bthci.dll [MD5.1D7986B8C5A4BA5CEEE2394C2126EE79] - [10/04/2017 14:25:33] - |A| - [27136] - C:\WINDOWS\syswow64\BthMtpContextHandler.dll [MD5.DA7B537E09234713E66E3A65E77F192E] - [10/04/2017 14:25:34] - |A| - [23552] - C:\WINDOWS\syswow64\bthpanapi.dll [MD5.D1E5E5826ECB8F87BDB0CF9E28B48465] - [10/04/2017 14:25:34] - |A| - [73728] - C:\WINDOWS\syswow64\BthpanContextHandler.dll [MD5.E3D5E244807AD655787FCD25477CC1BC] - [10/04/2017 14:25:35] - |A| - [692736] - C:\WINDOWS\syswow64\bthprops_FromLFSULTRA-WIDEN.cpl [MD5.1DF19C96EEF6C29D1C3E1A8678E07190] - [10/04/2017 14:25:35] - |A| - [64512] - C:\WINDOWS\syswow64\bthserv.dll [MD5.F6DB1B426044CE75A512A5BA58C29B5D] - [10/04/2017 14:25:36] - |A| - [35328] - C:\WINDOWS\syswow64\bthudtask_FromLFSULTRA-WIDEN.exe [MD5.C41BD5CC1D5E7E0D6A5FDA668E1ADE8B] - [10/04/2017 14:25:36] - |A| - [66560] - C:\WINDOWS\syswow64\btpanui_FromLFSULTRA-WIDEN.dll [MD5.775C41C2F2EF3DD150A7444B95E631D0] - [10/04/2017 14:25:36] - |A| - [878592] - C:\WINDOWS\syswow64\Bubbles_FromLFSULTRA-WIDEN.scr [MD5.F4A1B4D4CCFD8EEEF0259FAE58CFAE5C] - [10/04/2017 14:25:37] - |A| - [64000] - C:\WINDOWS\syswow64\BWContextHandler_FromLFSULTRA-WIDEN.dll [MD5.2868A9C46A60CB7F3EB7747A3172C6A0] - [10/04/2017 14:25:38] - |A| - [10752] - C:\WINDOWS\syswow64\BWUnpairElevated.dll [MD5.7A6986DD659B96398A11AF5173892715] - [10/04/2017 14:25:38] - |A| - [73216] - C:\WINDOWS\syswow64\cabinet_FromLFSULTRA-WIDEN.dll [MD5.41E215F560028DBAA897DEAEF8390A7A] - [10/04/2017 14:25:38] - |A| - [132608] - C:\WINDOWS\syswow64\cabview_FromLFSULTRA-WIDEN.dll [MD5.B2B69786120CA206040DC1F196F77B42] - [10/04/2017 14:25:38] - |A| - [25600] - C:\WINDOWS\syswow64\cacls_FromLFSULTRA-WIDEN.exe [MD5.60B7C0FEAD45F2066E5B805A91F4F0FC] - [10/04/2017 14:25:39] - |A| - [776192] - C:\WINDOWS\syswow64\calc_FromLFSULTRA-WIDEN.exe [MD5.8BC8BFE6BFE58FF9E4451F5D6552BB92] - [10/04/2017 14:25:40] - |A| - [48128] - C:\WINDOWS\syswow64\capiprovider_FromLFSULTRA-WIDEN.dll [MD5.EB879909EBCAFFD57B0F4E4498EB21D3] - [10/04/2017 14:25:40] - |A| - [19968] - C:\WINDOWS\syswow64\capisp_FromLFSULTRA-WIDEN.dll [MD5.40DF43CA1A8752CAA135E27DCC6645B3] - [10/04/2017 14:25:41] - |A| - [6214144] - C:\WINDOWS\syswow64\CardGames.dll [MD5.ADC378DB808E2DD81BE8AB09908E8CAD] - [10/04/2017 15:01:05] - |A| - [24064] - C:\WINDOWS\syswow64\catsrvps_FromLFSULTRA-WIDEN.dll [MD5.E25640558E3EE4FE6201A9928990BA2A] - [10/04/2017 15:01:09] - |A| - [487936] - C:\WINDOWS\syswow64\catsrvut_FromLFSULTRA-WIDEN.dll [MD5.60CE0E9D30244C2A9D430FD02F6C22DF] - [10/04/2017 15:00:56] - |A| - [449024] - C:\WINDOWS\syswow64\catsrv_FromLFSULTRA-WIDEN.dll [MD5.3FBBE458FB60D5F38EF5E19F53772088] - [10/04/2017 15:01:10] - |A| - [66560] - C:\WINDOWS\syswow64\cca_FromLFSULTRA-WIDEN.dll [MD5.CAC0B52373068BE0BF55A49D2BCD9BAF] - [10/04/2017 15:01:10] - |A| - [107520] - C:\WINDOWS\syswow64\cdd.dll [MD5.3B7C1A53047FF6ACEFD9BA6E281DEBB7] - [10/04/2017 15:01:12] - |A| - [805376] - C:\WINDOWS\syswow64\cdosys_FromLFSULTRA-WIDEN.dll [MD5.7752619457598CF057C4CC02A0867029] - [10/04/2017 15:01:13] - |A| - [55296] - C:\WINDOWS\syswow64\cero_FromLFSULTRA-WIDEN.rs [MD5.D0CA74BE380498A0111A73EB9C76CF8F] - [10/04/2017 15:01:13] - |A| - [342016] - C:\WINDOWS\syswow64\certcli_FromLFSULTRA-WIDEN.dll [MD5.6D8CACF3B1B54943EFCF420C2D667B37] - [10/04/2017 15:01:14] - |A| - [122880] - C:\WINDOWS\syswow64\certCredProvider_FromLFSULTRA-WIDEN.dll [MD5.9480D91C81B514AB05CDB9E60A407F7E] - [10/04/2017 15:01:14] - |A| - [43008] - C:\WINDOWS\syswow64\certenc_FromLFSULTRA-WIDEN.dll [MD5.016DE9029CA532E6BE11E12AD37AFC1E] - [10/04/2017 15:01:18] - |A| - [67072] - C:\WINDOWS\syswow64\CertEnrollCtrl_FromLFSULTRA-WIDEN.exe [MD5.4288F3DFCB9A27F7354421F57C5B16FC] - [10/04/2017 15:01:22] - |A| - [271872] - C:\WINDOWS\syswow64\CertEnrollUI_FromLFSULTRA-WIDEN.dll [MD5.29BC473072568C072EC8B176498DE996] - [10/04/2017 15:01:14] - |A| - [1334272] - C:\WINDOWS\syswow64\CertEnroll_FromLFSULTRA-WIDEN.dll [MD5.34BEF0783E17E760BE6DBEFB888A94B8] - [10/04/2017 15:01:26] - |A| - [1555456] - C:\WINDOWS\syswow64\certmgr_FromLFSULTRA-WIDEN.dll [MD5.4C7390A1FF613FBBF59141CA0BE8AE89] - [10/04/2017 15:01:28] - |A| - [63070] - C:\WINDOWS\syswow64\certmgr_FromLFSULTRA-WIDEN.msc [MD5.44F5C1CF70AC8F7239F3B3667E58697A] - [10/04/2017 15:01:30] - |A| - [65024] - C:\WINDOWS\syswow64\CertPolEng_FromLFSULTRA-WIDEN.dll [MD5.319C6B309773D063541D01DF8AC6F55F] - [10/04/2017 15:01:33] - |A| - [67584] - C:\WINDOWS\syswow64\certprop.dll [MD5.F5074313A069B36B9CAEB986EFE1741C] - [10/04/2017 15:01:40] - |A| - [263168] - C:\WINDOWS\syswow64\certreq_FromLFSULTRA-WIDEN.exe [MD5.7B973145F7E1B59330CA4DD1F86B3D55] - [10/04/2017 15:01:50] - |A| - [889856] - C:\WINDOWS\syswow64\certutil_FromLFSULTRA-WIDEN.exe [MD5.6E91F67335D57DDFFE798C815444B0E3] - [10/04/2017 15:01:57] - |A| - [210432] - C:\WINDOWS\syswow64\cewmdm_FromLFSULTRA-WIDEN.dll [MD5.E62361D6D7EB8488ED0B0B0C19DF5718] - [10/04/2017 15:02:06] - |A| - [48640] - C:\WINDOWS\syswow64\cfgbkend_FromLFSULTRA-WIDEN.dll [MD5.3FFAEA12666E565FF51BF2FCA674F543] - [10/04/2017 15:02:20] - |A| - [145920] - C:\WINDOWS\syswow64\cfgmgr32_FromLFSULTRA-WIDEN.dll [MD5.BF72AC090BD6E4F2C59C17C35578F337] - [10/04/2017 15:02:25] - |A| - [125952] - C:\WINDOWS\syswow64\chajei.ime [MD5.9EA3783672D21817B9DF1061B54C3B3C] - [10/04/2017 15:02:31] - |A| - [155136] - C:\WINDOWS\syswow64\charmap_FromLFSULTRA-WIDEN.exe [MD5.4436B1A16BDC58D2B3A5263F042C09B3] - [10/04/2017 15:02:36] - |A| - [11776] - C:\WINDOWS\syswow64\chcp_FromLFSULTRA-WIDEN.com [MD5.A01E18A156825557A24A643A2547AA8C] - [10/04/2017 15:02:36] - |A| - [16384] - C:\WINDOWS\syswow64\chkdsk_FromLFSULTRA-WIDEN.exe [MD5.C3F8DE185A0D1D3EB779A8D45CEDA2C2] - [10/04/2017 15:02:40] - |A| - [16896] - C:\WINDOWS\syswow64\chkntfs_FromLFSULTRA-WIDEN.exe [MD5.8BEA138187A90F22A214CFF2B2F78ECE] - [10/04/2017 15:02:41] - |A| - [18432] - C:\WINDOWS\syswow64\chkwudrv.dll [MD5.11DDFBF834BB2C6F4D23297D80EE9E45] - [10/04/2017 15:02:44] - |A| - [29696] - C:\WINDOWS\syswow64\choice_FromLFSULTRA-WIDEN.exe [MD5.65C2F2A191905DA1BAADA9804E4C2C3C] - [10/04/2017 15:02:47] - |A| - [1672192] - C:\WINDOWS\syswow64\chsbrkr.dll [MD5.FB798295E0483218BE8B4F6F17B5CDFE] - [10/04/2017 15:02:53] - |A| - [6103040] - C:\WINDOWS\syswow64\chtbrkr.dll [MD5.DD6619BC9F7A25B6AA2430253A1E8E6C] - [10/04/2017 15:03:03] - |A| - [10752] - C:\WINDOWS\syswow64\CHxReadingStringIME_FromLFSULTRA-WIDEN.dll [MD5.1319CD4619E96B156911CA3897563EBC] - [10/04/2017 15:03:04] - |A| - [690680] - C:\WINDOWS\syswow64\ci.dll [MD5.E5F76BE6C98E8B63B1044F9E335D80B7] - [10/04/2017 15:03:05] - |A| - [172544] - C:\WINDOWS\syswow64\cic_FromLFSULTRA-WIDEN.dll [MD5.47065028CAF4C50DAAFF79BB07CC0271] - [10/04/2017 15:03:05] - |A| - [125952] - C:\WINDOWS\syswow64\cintlgnt.ime [MD5.1FC18829957031C023734ADA7FDA5AEE] - [10/04/2017 15:03:06] - |A| - [37376] - C:\WINDOWS\syswow64\cipher_FromLFSULTRA-WIDEN.exe [MD5.9950723FDE26F0BE260714C5AD419549] - [10/04/2017 15:03:06] - |A| - [7680] - C:\WINDOWS\syswow64\CIRCoInst.dll [MD5.FF5688D309347F2720911D8796912834] - [10/04/2017 15:03:07] - |A| - [522240] - C:\WINDOWS\syswow64\clbcatq_FromLFSULTRA-WIDEN.dll [MD5.53DA0477158774940C7FB45AC70645AA] - [10/04/2017 15:03:07] - |A| - [13824] - C:\WINDOWS\syswow64\clb_FromLFSULTRA-WIDEN.dll [MD5.500CA0B50ED17BD76F60085F97885AD1] - [10/04/2017 15:03:08] - |A| - [212480] - C:\WINDOWS\syswow64\cleanmgr_FromLFSULTRA-WIDEN.exe [MD5.635181E0E9BBF16871BF5380D71DB02D] - [10/04/2017 15:03:08] - |A| - [249408] - C:\WINDOWS\syswow64\clfs.sys [MD5.101E6F52CD5FC1DB44210DFD1FE4B92A] - [10/04/2017 15:03:09] - |A| - [58880] - C:\WINDOWS\syswow64\clfsw32_FromLFSULTRA-WIDEN.dll [MD5.DFDCEC74CF3A75F2736A51B56D6104A3] - [10/04/2017 15:03:10] - |A| - [86016] - C:\WINDOWS\syswow64\cliconfg_FromLFSULTRA-WIDEN.dll [MD5.A864C416E467FFA3DEAE4EFACF58F9D7] - [10/04/2017 15:03:10] - |A| - [45056] - C:\WINDOWS\syswow64\cliconfg_FromLFSULTRA-WIDEN.exe [MD5.FE8E9FBA4409553BA84FE498FB6DDCD8] - [10/04/2017 15:03:11] - |A| - [40960] - C:\WINDOWS\syswow64\cliconfg_FromLFSULTRA-WIDEN.rll [MD5.04EBDDCC3A90B6512AEF4AA2EEE36624] - [10/04/2017 15:03:11] - |A| - [26112] - C:\WINDOWS\syswow64\clip_FromLFSULTRA-WIDEN.exe [MD5.AE9898D5600A232CD8AE3298692162E5] - [10/04/2017 15:03:11] - |A| - [230912] - C:\WINDOWS\syswow64\clusapi_FromLFSULTRA-WIDEN.dll [MD5.49A5321CC2C12CE536E01264A5CB816C] - [10/04/2017 15:03:12] - |A| - [36864] - C:\WINDOWS\syswow64\cmcfg32_FromLFSULTRA-WIDEN.dll [MD5.6106430CF5813518920D5F0029C43329] - [09/04/2017 23:26:54] - |A| - [44008] - C:\WINDOWS\syswow64\cmdcsr.dll [MD5.6106430CF5813518920D5F0029C43329] - [10/04/2017 15:03:12] - |A| - [44008] - C:\WINDOWS\syswow64\cmdcsr_FromLFSULTRA-WIDEN.dll [MD5.F644BD21BDF08DFE7C5CA49C52F9BA3C] - [10/04/2017 15:03:12] - |A| - [484352] - C:\WINDOWS\syswow64\cmdial32_FromLFSULTRA-WIDEN.dll [MD5.A0AB432A744C854DB59390257B78588A] - [10/04/2017 15:03:13] - |A| - [263352] - C:\WINDOWS\syswow64\cmdkbdcss32.dll [MD5.512A60F62B89F43ABE9D42B3302B96DE] - [10/04/2017 15:03:14] - |A| - [13824] - C:\WINDOWS\syswow64\cmdkey_FromLFSULTRA-WIDEN.exe [MD5.DBB45A0839719312F248351E3FB9A0AE] - [10/04/2017 15:03:14] - |A| - [72704] - C:\WINDOWS\syswow64\cmdl32_FromLFSULTRA-WIDEN.exe [MD5.C40C4216C450E8B9D28C26EA0C3BD467] - [09/04/2017 23:30:59] - |A| - [194752] - C:\WINDOWS\syswow64\cmdshim32.dll [MD5.C40C4216C450E8B9D28C26EA0C3BD467] - [10/04/2017 15:03:14] - |A| - [194752] - C:\WINDOWS\syswow64\cmdshim32_FromLFSULTRA-WIDEN.dll [MD5.09A0A5B78A8DD3B9D3E80DE9F48D43AD] - [09/04/2017 23:30:59] - |A| - [363200] - C:\WINDOWS\syswow64\cmdvrt32.dll [MD5.09A0A5B78A8DD3B9D3E80DE9F48D43AD] - [10/04/2017 15:03:14] - |A| - [363200] - C:\WINDOWS\syswow64\cmdvrt32_FromLFSULTRA-WIDEN.dll [MD5.AD7B9C14083B52BC532FBA5948342B98] - [10/04/2017 15:03:12] - |A| - [302592] - C:\WINDOWS\syswow64\cmd_FromLFSULTRA-WIDEN.exe [MD5.37BF4B3FAE41A654FE8B1530D0DC167B] - [10/04/2017 15:03:15] - |A| - [64512] - C:\WINDOWS\syswow64\cmicryptinstall.dll [MD5.24360655DCED036DCE54E9720D91133F] - [10/04/2017 15:03:15] - |A| - [68608] - C:\WINDOWS\syswow64\cmifw_FromLFSULTRA-WIDEN.dll [MD5.DDE36F3E75F0ABABFEF1B88E91C3FD2E] - [10/04/2017 15:03:15] - |A| - [304640] - C:\WINDOWS\syswow64\cmipnpinstall.dll [MD5.AB297FF86D67850CD75FDCDCEACFF633] - [10/04/2017 15:03:16] - |A| - [34304] - C:\WINDOWS\syswow64\cmlua_FromLFSULTRA-WIDEN.dll [MD5.EA7BAAB0792C846DE451001FAE0FBD5F] - [10/04/2017 15:03:16] - |A| - [43008] - C:\WINDOWS\syswow64\cmmon32_FromLFSULTRA-WIDEN.exe [MD5.5A6B1769E64D94855C0DCB0B0A9ABD6E] - [10/04/2017 15:03:16] - |A| - [26112] - C:\WINDOWS\syswow64\cmpbk32_FromLFSULTRA-WIDEN.dll [MD5.8721529E346E6AD80C2DA7C8C36BCB37] - [10/04/2017 15:03:17] - |A| - [15360] - C:\WINDOWS\syswow64\cmstplua_FromLFSULTRA-WIDEN.dll [MD5.00263CA2071DC9A6EE577EB356B0D1D9] - [10/04/2017 15:03:17] - |A| - [84992] - C:\WINDOWS\syswow64\cmstp_FromLFSULTRA-WIDEN.exe [MD5.879C99433CB7F3147BE4D58E01D53221] - [10/04/2017 15:03:17] - |A| - [47104] - C:\WINDOWS\syswow64\cmutil_FromLFSULTRA-WIDEN.dll [MD5.50BA656134F78AF64E4DD3C8B6FEFD7E] - [10/04/2017 15:03:17] - |A| - [12288] - C:\WINDOWS\syswow64\cngaudit.dll [MD5.15081FEDE24A4485B9F736D241CFAFFF] - [10/04/2017 15:03:18] - |A| - [51200] - C:\WINDOWS\syswow64\cngprovider_FromLFSULTRA-WIDEN.dll [MD5.190B06B700C09F57A506056605EB0B90] - [10/04/2017 15:03:18] - |A| - [32768] - C:\WINDOWS\syswow64\cnvfat_FromLFSULTRA-WIDEN.dll [MD5.41CE7975CAD7BCF92538D2C452239523] - [10/04/2017 15:03:18] - |A| - [40960] - C:\WINDOWS\syswow64\cob-au_FromLFSULTRA-WIDEN.rs [MD5.00000000000000000000000000000000] - [10/04/2017 15:03:18] - |D| - [4588233] - C:\WINDOWS\syswow64\CodeIntegrity [MD5.9BAAD7CF55A038C67D485964A155411E] - [10/04/2017 15:03:24] - |A| - [20480] - C:\WINDOWS\syswow64\cofire.exe [MD5.CA95870DBD7AAA96CB3AEAD0D1B4EDD1] - [10/04/2017 15:03:24] - |A| - [27136] - C:\WINDOWS\syswow64\cofiredm.dll [MD5.59AD4CE0F251F5673B43A3C94C18A82C] - [10/04/2017 15:03:24] - |A| - [63488] - C:\WINDOWS\syswow64\colbact_FromLFSULTRA-WIDEN.dll [MD5.7134D178836DCEE68573A29667B76947] - [10/04/2017 15:03:24] - |A| - [83968] - C:\WINDOWS\syswow64\collab.cpl [MD5.EDB8F80672DBF24C6C522A29F5854F14] - [10/04/2017 15:03:24] - |A| - [153600] - C:\WINDOWS\syswow64\COLORCNV_FromLFSULTRA-WIDEN.DLL [MD5.031183B7923637CBB3E99CBBE5E821CA] - [10/04/2017 15:03:25] - |A| - [86016] - C:\WINDOWS\syswow64\colorcpl_FromLFSULTRA-WIDEN.exe [MD5.0F6E4656BD4938F0FEE3B3EBA1524965] - [10/04/2017 15:03:25] - |A| - [606208] - C:\WINDOWS\syswow64\colorui_FromLFSULTRA-WIDEN.dll [MD5.1E98D239010C9500CC9CC738100F5578] - [10/04/2017 15:03:28] - |A| - [7168] - C:\WINDOWS\syswow64\comcat_FromLFSULTRA-WIDEN.dll [MD5.58788565442368B0615DDAF1D452B843] - [10/04/2017 15:03:28] - |A| - [530432] - C:\WINDOWS\syswow64\comctl32_FromLFSULTRA-WIDEN.dll [MD5.D1DE1EAFDE97BE41CF6585027FF3E732] - [10/04/2017 15:03:29] - |A| - [485888] - C:\WINDOWS\syswow64\comdlg32_FromLFSULTRA-WIDEN.dll [MD5.AC27746CE65F3A7A1329BEBA7A64E08F] - [10/04/2017 15:03:30] - |A| - [124118] - C:\WINDOWS\syswow64\comexp_FromLFSULTRA-WIDEN.msc [MD5.01B656374912D7CCF7465A3893F18982] - [10/04/2017 15:03:30] - |A| - [10544] - C:\WINDOWS\syswow64\COMM.drv [MD5.BA597F9A4BB90F038266CE1A3C3BE3FB] - [10/04/2017 15:03:31] - |A| - [50648] - C:\WINDOWS\syswow64\COMMAND.COM [MD5.FF924F8AD691F25E5772B6E1A635831A] - [10/04/2017 15:03:31] - |A| - [32816] - C:\WINDOWS\syswow64\COMMDLG.DLL [MD5.D0B42A077320D2AB2D2A80BCBCAE02CB] - [10/04/2017 15:03:31] - |A| - [18432] - C:\WINDOWS\syswow64\compact_FromLFSULTRA-WIDEN.exe [MD5.023A7565F6A6FB90FA666BABAB598853] - [10/04/2017 15:03:31] - |A| - [147968] - C:\WINDOWS\syswow64\CompMgmtLauncher.exe [MD5.F04C119C159670C9271623454BEC3254] - [10/04/2017 15:03:31] - |A| - [113256] - C:\WINDOWS\syswow64\compmgmt_FromLFSULTRA-WIDEN.msc [MD5.CD91F7B8E44CF4FC5E61359FBC5118C6] - [10/04/2017 15:03:32] - |A| - [27792] - C:\WINDOWS\syswow64\compobj_FromLFSULTRA-WIDEN.dll [MD5.765A886E3E0557E5A66D95BCFBD0F3AC] - [10/04/2017 15:03:32] - |A| - [276480] - C:\WINDOWS\syswow64\compstui_FromLFSULTRA-WIDEN.dll [MD5.7620C8CEB498649D489F6DFF8FA411CB] - [10/04/2017 15:03:32] - |A| - [36352] - C:\WINDOWS\syswow64\ComputerDefaults_FromLFSULTRA-WIDEN.exe [MD5.B852A7A81A85AB0668069C85509D88E0] - [10/04/2017 15:03:31] - |A| - [20480] - C:\WINDOWS\syswow64\comp_FromLFSULTRA-WIDEN.exe [MD5.176925005506AFE8CDC5CD18C1870C94] - [10/04/2017 15:03:32] - |A| - [89088] - C:\WINDOWS\syswow64\comrepl_FromLFSULTRA-WIDEN.dll [MD5.808D8A8B2A3074002852BC856D419576] - [10/04/2017 15:03:32] - |A| - [1297408] - C:\WINDOWS\syswow64\comres_FromLFSULTRA-WIDEN.dll [MD5.8A5E80D2550938DE2B66346B9E24CEB7] - [10/04/2017 15:03:34] - |A| - [220160] - C:\WINDOWS\syswow64\comsnap_FromLFSULTRA-WIDEN.dll [MD5.ED12110CD5BFE686F645E145A7DD28C5] - [10/04/2017 15:03:34] - |A| - [1242112] - C:\WINDOWS\syswow64\comsvcs_FromLFSULTRA-WIDEN.dll [MD5.40E947F18137A41D36858CDAB4BFC1B3] - [10/04/2017 15:03:36] - |A| - [584704] - C:\WINDOWS\syswow64\comuid_FromLFSULTRA-WIDEN.dll [MD5.6695E0A6AF50AC52403B448F0F4C677C] - [10/04/2017 15:03:37] - |A| - [245056] - C:\WINDOWS\syswow64\concrt140_FromLFSULTRA-WIDEN.dll [MD5.01C47C2ECED034EF6F8C1552A97CFF00] - [10/04/2017 15:05:38] - |A| - [2577] - C:\WINDOWS\syswow64\config.nt [MD5.4D6A7C6733437FB02B9A8BD5B3124A2A] - [10/04/2017 15:05:38] - |A| - [271360] - C:\WINDOWS\syswow64\conhost.exe [MD5.5FC2D30C05487B480C2A154D5D281BA0] - [10/04/2017 15:05:39] - |A| - [1344512] - C:\WINDOWS\syswow64\connect_FromLFSULTRA-WIDEN.dll [MD5.B0BC447C758FF055D53FC6831FDB0344] - [10/04/2017 15:05:40] - |A| - [101720] - C:\WINDOWS\syswow64\consent.exe [MD5.12118DA04F2E4BC739CE8A6AB24338EA] - [10/04/2017 15:05:41] - |A| - [73216] - C:\WINDOWS\syswow64\console_FromLFSULTRA-WIDEN.dll [MD5.9130377F87A2153FEAB900A00EA1EBFF] - [10/04/2017 15:05:41] - |A| - [113152] - C:\WINDOWS\syswow64\control_FromLFSULTRA-WIDEN.exe [MD5.FA5C490197C97EC58CF751F8CE6439D3] - [10/04/2017 15:05:41] - |A| - [17408] - C:\WINDOWS\syswow64\convert_FromLFSULTRA-WIDEN.exe [MD5.D9C9253D47DFE78CCB1051E95D0B40A9] - [10/04/2017 15:05:41] - |A| - [66048] - C:\WINDOWS\syswow64\correngine.dll [MD5.0FE9F16075C9ACB941C957B7C649176E] - [10/04/2017 15:05:42] - |A| - [27097] - C:\WINDOWS\syswow64\country.sys [MD5.3F37385824263575518137EB6D60C90B] - [10/04/2017 15:05:42] - |A| - [642048] - C:\WINDOWS\syswow64\CPFilters_FromLFSULTRA-WIDEN.dll [MD5.2A49D72DC3627DA7E90FD6673549E5F4] - [10/04/2017 15:05:42] - |A| - [17408] - C:\WINDOWS\syswow64\credssp_FromLFSULTRA-WIDEN.dll [MD5.108C2CFA5527458C096A699929ECBD80] - [10/04/2017 15:05:44] - |A| - [168960] - C:\WINDOWS\syswow64\credui_FromLFSULTRA-WIDEN.dll [MD5.15CF85C3D904A7D8650164B0B831A318] - [10/04/2017 15:05:44] - |A| - [28160] - C:\WINDOWS\syswow64\credwiz_FromLFSULTRA-WIDEN.exe [MD5.FCC8F25A5F5A4D6BD57D917DB7A00D78] - [10/04/2017 15:05:44] - |A| - [149019] - C:\WINDOWS\syswow64\crtdll_FromLFSULTRA-WIDEN.dll [MD5.454E292861A4EF1D72F43F42BBAF6917] - [10/04/2017 15:05:44] - |A| - [1154048] - C:\WINDOWS\syswow64\crypt32_FromLFSULTRA-WIDEN.dll [MD5.67BCCAF06AD5F12DC7599AC02A2C40E7] - [10/04/2017 15:05:46] - |A| - [36352] - C:\WINDOWS\syswow64\cryptbase_FromLFSULTRA-WIDEN.dll [MD5.1AF22468786A58B11F6601ADEADC162A] - [10/04/2017 15:05:46] - |A| - [24576] - C:\WINDOWS\syswow64\cryptdlg_FromLFSULTRA-WIDEN.dll [MD5.1128637CAD49A8E3C8B5FA5D0A061525] - [10/04/2017 15:05:47] - |A| - [58880] - C:\WINDOWS\syswow64\cryptdll_FromLFSULTRA-WIDEN.dll [MD5.8FF9D8945CFECE70F93C36FF48AEA4DA] - [10/04/2017 15:05:47] - |A| - [55296] - C:\WINDOWS\syswow64\cryptext_FromLFSULTRA-WIDEN.dll [MD5.04D16553664796613FE98D441A0C35D7] - [10/04/2017 15:05:48] - |A| - [103424] - C:\WINDOWS\syswow64\cryptnet_FromLFSULTRA-WIDEN.dll [MD5.7321F18D1F820612ED0E9F2D4B578A7E] - [10/04/2017 15:05:48] - |A| - [78848] - C:\WINDOWS\syswow64\cryptsp_FromLFSULTRA-WIDEN.dll [MD5.A585BEBF7D054BD9618EDA0922D5484A] - [10/04/2017 15:05:48] - |A| - [136192] - C:\WINDOWS\syswow64\cryptsvc.dll [MD5.28CA821606669BB9215CE010767720FA] - [10/04/2017 15:05:49] - |A| - [1003520] - C:\WINDOWS\syswow64\cryptui_FromLFSULTRA-WIDEN.dll [MD5.F1607316F19C813D7928788243637144] - [10/04/2017 15:05:50] - |A| - [85504] - C:\WINDOWS\syswow64\cryptxml_FromLFSULTRA-WIDEN.dll [MD5.465BEA35F7ED4A4A57686DEA7EA10F47] - [10/04/2017 15:05:52] - |A| - [34816] - C:\WINDOWS\syswow64\cscapi_FromLFSULTRA-WIDEN.dll [MD5.57A51217581614DE07F30E34D6BB4993] - [10/04/2017 15:05:53] - |A| - [23040] - C:\WINDOWS\syswow64\cscdll_FromLFSULTRA-WIDEN.dll [MD5.F36B7461FECDCF763FDEFA3A3352CD45] - [10/04/2017 15:05:54] - |A| - [126976] - C:\WINDOWS\syswow64\cscript_FromLFSULTRA-WIDEN.exe [MD5.6EC618588447B82EA8D88719EE46F725] - [10/04/2017 15:05:54] - |A| - [43520] - C:\WINDOWS\syswow64\csrr_FromLFSULTRA-WIDEN.rs [MD5.DF1E9416227F20679A67D144BB0AC5A9] - [10/04/2017 15:05:54] - |A| - [38912] - C:\WINDOWS\syswow64\csrsrv.dll [MD5.342271F6142E7C70805B8A81E1BA5F5C] - [10/04/2017 15:05:54] - |A| - [6144] - C:\WINDOWS\syswow64\csrss.exe [MD5.332F1F851FE2E705E400B1DD6F21BE6B] - [10/04/2017 15:05:54] - |A| - [47616] - C:\WINDOWS\syswow64\csrstub.exe [MD5.DF94FB32E764775A6DDB17A63904B01A] - [10/04/2017 15:05:55] - |A| - [41376] - C:\WINDOWS\syswow64\csscsr32.dll [MD5.F8EA18CCC8C7AA793D6F724C4FCBA2A5] - [10/04/2017 15:05:55] - |A| - [338560] - C:\WINDOWS\syswow64\cssguard32.dll [MD5.01B8B690C6F6AFD4686B880C29F93060] - [10/04/2017 15:05:55] - |A| - [53248] - C:\WINDOWS\syswow64\CSVer.dll [MD5.4A3CDCEF8ED41B221F3DBEF5792FB52D] - [10/04/2017 15:05:55] - |A| - [8704] - C:\WINDOWS\syswow64\ctfmon_FromLFSULTRA-WIDEN.exe [MD5.2DA48F2C163AB854A7D1041F1209DB8F] - [10/04/2017 15:05:56] - |A| - [27136] - C:\WINDOWS\syswow64\ctl3d32_FromLFSULTRA-WIDEN.dll [MD5.637D88E7A1BEDC4457C80DBC8BA9F135] - [10/04/2017 15:05:56] - |A| - [27200] - C:\WINDOWS\syswow64\ctl3dv2.dll [MD5.E618A5A79958B099B90D0BDC4818FBA1] - [10/04/2017 15:05:57] - |A| - [36352] - C:\WINDOWS\syswow64\cttunesvr_FromLFSULTRA-WIDEN.exe [MD5.BB98F9994916D9562776789B7A9E4F7D] - [10/04/2017 15:05:56] - |A| - [309248] - C:\WINDOWS\syswow64\cttune_FromLFSULTRA-WIDEN.exe [MD5.0D143112394173967A3647096F74E743] - [10/04/2017 15:05:57] - |A| - [66082] - C:\WINDOWS\syswow64\C_037_FromLFSULTRA-WIDEN.NLS [MD5.A716B23BA6632B7F0DABB5B8AC078F27] - [10/04/2017 15:05:57] - |A| - [66082] - C:\WINDOWS\syswow64\C_10000_FromLFSULTRA-WIDEN.NLS [MD5.157A2706E78D7B581642F6F787EC37E5] - [10/04/2017 15:05:58] - |A| - [162850] - C:\WINDOWS\syswow64\C_10001_FromLFSULTRA-WIDEN.NLS [MD5.05C0B7F8FA403E6DA75671685A58A940] - [10/04/2017 15:05:59] - |A| - [195618] - C:\WINDOWS\syswow64\C_10002_FromLFSULTRA-WIDEN.NLS [MD5.1855E6398A2E937E47809FD8B83647E4] - [10/04/2017 15:06:00] - |A| - [177698] - C:\WINDOWS\syswow64\C_10003_FromLFSULTRA-WIDEN.NLS [MD5.1DBBCC1B712C2674BDF29A05A5DD366E] - [10/04/2017 15:06:01] - |A| - [66082] - C:\WINDOWS\syswow64\C_10004_FromLFSULTRA-WIDEN.NLS [MD5.72233F1A1D788A84D4687A258CC97CBF] - [10/04/2017 15:06:01] - |A| - [66082] - C:\WINDOWS\syswow64\C_10005_FromLFSULTRA-WIDEN.NLS [MD5.0A206B5CACD3CA70D2044DA691304765] - [10/04/2017 15:06:01] - |A| - [66082] - C:\WINDOWS\syswow64\C_10006_FromLFSULTRA-WIDEN.NLS [MD5.AF4A866226BD04ACF06135088D75BB63] - [10/04/2017 15:06:02] - |A| - [66082] - C:\WINDOWS\syswow64\C_10007_FromLFSULTRA-WIDEN.NLS [MD5.23C1E8F026FB81824388E8EC457CF75E] - [10/04/2017 15:06:02] - |A| - [173602] - C:\WINDOWS\syswow64\C_10008_FromLFSULTRA-WIDEN.NLS [MD5.6F8A509550FE8C92D07EE0143BF29BA1] - [10/04/2017 15:06:02] - |A| - [66082] - C:\WINDOWS\syswow64\C_10010_FromLFSULTRA-WIDEN.NLS [MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - [10/04/2017 15:06:02] - |A| - [66082] - C:\WINDOWS\syswow64\C_10017_FromLFSULTRA-WIDEN.NLS [MD5.F3C139AD492C4F73353057442E6995CE] - [10/04/2017 15:06:02] - |A| - [66082] - C:\WINDOWS\syswow64\C_10021_FromLFSULTRA-WIDEN.NLS [MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - [10/04/2017 15:06:02] - |A| - [66082] - C:\WINDOWS\syswow64\C_10029_FromLFSULTRA-WIDEN.NLS [MD5.29B5AF5B12D955C316821F277C5B4D7D] - [10/04/2017 15:06:03] - |A| - [66082] - C:\WINDOWS\syswow64\C_10079_FromLFSULTRA-WIDEN.NLS [MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - [10/04/2017 15:06:03] - |A| - [66082] - C:\WINDOWS\syswow64\C_10081_FromLFSULTRA-WIDEN.NLS [MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - [10/04/2017 15:06:04] - |A| - [66082] - C:\WINDOWS\syswow64\C_10082_FromLFSULTRA-WIDEN.NLS [MD5.71E7F8B0F28585439E95B3D3B296984B] - [10/04/2017 15:06:04] - |A| - [66082] - C:\WINDOWS\syswow64\C_1026_FromLFSULTRA-WIDEN.NLS [MD5.7CB90B3604A45355218E6A20BD7B7A0B] - [10/04/2017 15:06:04] - |A| - [66082] - C:\WINDOWS\syswow64\C_1047_FromLFSULTRA-WIDEN.NLS [MD5.27E1CBE7F0DF21CA0892D16FD1961F29] - [10/04/2017 15:06:04] - |A| - [66082] - C:\WINDOWS\syswow64\C_1140_FromLFSULTRA-WIDEN.NLS [MD5.F0C0509A9A633332B99F009D1DAA7612] - [10/04/2017 15:06:04] - |A| - [66082] - C:\WINDOWS\syswow64\C_1141_FromLFSULTRA-WIDEN.NLS [MD5.69316F1B309BA5AC371EFD09267BD670] - [10/04/2017 15:06:04] - |A| - [66082] - C:\WINDOWS\syswow64\C_1142_FromLFSULTRA-WIDEN.NLS [MD5.3EA8E21340AF59C80CB35A6A53FE52D7] - [10/04/2017 15:06:05] - |A| - [66082] - C:\WINDOWS\syswow64\C_1143_FromLFSULTRA-WIDEN.NLS [MD5.FD2D28063FB4FD12BC6EF18A6D10769E] - [10/04/2017 15:06:05] - |A| - [66082] - C:\WINDOWS\syswow64\C_1144_FromLFSULTRA-WIDEN.NLS [MD5.123B711FF0BF69B4462C279D342380AF] - [10/04/2017 15:06:05] - |A| - [66082] - C:\WINDOWS\syswow64\C_1145_FromLFSULTRA-WIDEN.NLS [MD5.D288777605A2F4E12A9C6E360CE44987] - [10/04/2017 15:06:05] - |A| - [66082] - C:\WINDOWS\syswow64\C_1146_FromLFSULTRA-WIDEN.NLS [MD5.7623492F4FCB5E317578F897A7476E16] - [10/04/2017 15:06:06] - |A| - [66082] - C:\WINDOWS\syswow64\C_1147_FromLFSULTRA-WIDEN.NLS [MD5.32CA3320D8C8F37770764BDFF1C2FE15] - [10/04/2017 15:06:06] - |A| - [66082] - C:\WINDOWS\syswow64\C_1148_FromLFSULTRA-WIDEN.NLS [MD5.484A1C398A16DD464E8468046526985C] - [10/04/2017 15:06:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1149_FromLFSULTRA-WIDEN.NLS [MD5.2E0B152ED60DE2431DFC0C436363385E] - [10/04/2017 15:06:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1250.NLS [MD5.0E91B896B81CF0B7DF62C824224B891A] - [10/04/2017 15:06:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1251.NLS [MD5.ACB769EC498FB62316EAB45ADB680F22] - [10/04/2017 15:06:08] - |A| - [66082] - C:\WINDOWS\syswow64\C_1252_FromLFSULTRA-WIDEN.NLS [MD5.E1858EDF032363E84922CDB91E75797A] - [10/04/2017 15:06:08] - |A| - [66082] - C:\WINDOWS\syswow64\C_1253.NLS [MD5.808CCC573F51DC7AB3D5151A2D2AF1BF] - [10/04/2017 15:06:08] - |A| - [66082] - C:\WINDOWS\syswow64\C_1254.NLS [MD5.C386BDB1A653A4390313AE192EFF2732] - [10/04/2017 15:06:08] - |A| - [66082] - C:\WINDOWS\syswow64\C_1255.NLS [MD5.6F42B3E7ED97C9EAC38615B907F08721] - [10/04/2017 15:06:09] - |A| - [66082] - C:\WINDOWS\syswow64\C_1256.NLS [MD5.AF381A5B093736A3A28EFDC1BB4F5FCB] - [10/04/2017 15:06:09] - |A| - [66082] - C:\WINDOWS\syswow64\C_1257.NLS [MD5.43B0D0C38C885CCF742740FFC1F00535] - [10/04/2017 15:06:10] - |A| - [66082] - C:\WINDOWS\syswow64\C_1258.NLS [MD5.A337491EA01F4BE0779A981CB7ACB999] - [10/04/2017 15:06:10] - |A| - [189986] - C:\WINDOWS\syswow64\C_1361.NLS [MD5.AAB0740BCBDCE107E0BABEE466905EB4] - [10/04/2017 15:06:10] - |A| - [180258] - C:\WINDOWS\syswow64\C_20000.NLS [MD5.48699E0B2F0B56E132D8200BA23E7176] - [10/04/2017 15:06:10] - |A| - [186402] - C:\WINDOWS\syswow64\C_20001.NLS [MD5.A5D79E78E4412AC3C79DED42CD95C3EA] - [10/04/2017 15:06:10] - |A| - [173602] - C:\WINDOWS\syswow64\C_20002.NLS [MD5.971E382CB790C07536F380C172848C92] - [10/04/2017 15:06:11] - |A| - [185378] - C:\WINDOWS\syswow64\C_20003.NLS [MD5.A47DBDBAEA690F4713185EBB5790BBFF] - [10/04/2017 15:06:11] - |A| - [180258] - C:\WINDOWS\syswow64\C_20004.NLS [MD5.9C78D8BC06315FE97936167F5063F924] - [10/04/2017 15:06:11] - |A| - [187938] - C:\WINDOWS\syswow64\C_20005.NLS [MD5.1F55C295A71290992C95CF1F41CDB0E4] - [10/04/2017 15:06:11] - |A| - [66082] - C:\WINDOWS\syswow64\C_20105_FromLFSULTRA-WIDEN.NLS [MD5.00E11B5E8C252190DEC893FD84D3B06D] - [10/04/2017 15:06:12] - |A| - [66082] - C:\WINDOWS\syswow64\C_20106_FromLFSULTRA-WIDEN.NLS [MD5.EB7AD61171B280F1CA90CF3AC0F43717] - [10/04/2017 15:06:12] - |A| - [66082] - C:\WINDOWS\syswow64\C_20107_FromLFSULTRA-WIDEN.NLS [MD5.C8FBDF3805D2F229DE3CA2EF5A248CCC] - [10/04/2017 15:06:13] - |A| - [66082] - C:\WINDOWS\syswow64\C_20108_FromLFSULTRA-WIDEN.NLS [MD5.6CB26848BCDAA361B6EE21264FB362C3] - [10/04/2017 15:06:13] - |A| - [66082] - C:\WINDOWS\syswow64\C_20127.NLS [MD5.7D07126E0ED768C04B245A43AF2F94ED] - [10/04/2017 15:06:13] - |A| - [139810] - C:\WINDOWS\syswow64\C_20261.NLS [MD5.BA660D994876755C9E90871B919BB5EC] - [10/04/2017 15:06:13] - |A| - [66082] - C:\WINDOWS\syswow64\C_20269_FromLFSULTRA-WIDEN.NLS [MD5.947813F75A56A20EF65DC9E479EBEA4D] - [10/04/2017 15:06:13] - |A| - [66082] - C:\WINDOWS\syswow64\C_20273_FromLFSULTRA-WIDEN.NLS [MD5.947B06BC793BFF9A4808C8CF57B0E273] - [10/04/2017 15:06:13] - |A| - [66082] - C:\WINDOWS\syswow64\C_20277_FromLFSULTRA-WIDEN.NLS [MD5.AF4F8AEC071515D6FC6E8203A0DBF655] - [10/04/2017 15:06:14] - |A| - [66082] - C:\WINDOWS\syswow64\C_20278_FromLFSULTRA-WIDEN.NLS [MD5.2AB1DF9DFBD49E343AF5D5FA7D17024E] - [10/04/2017 15:06:14] - |A| - [66082] - C:\WINDOWS\syswow64\C_20280_FromLFSULTRA-WIDEN.NLS [MD5.E37E1766C1D7C21C5EFAD0F20D923039] - [10/04/2017 15:06:14] - |A| - [66082] - C:\WINDOWS\syswow64\C_20284_FromLFSULTRA-WIDEN.NLS [MD5.BCD8AC4CE06E227A2FBA81862B5F0D42] - [10/04/2017 15:06:14] - |A| - [66082] - C:\WINDOWS\syswow64\C_20285_FromLFSULTRA-WIDEN.NLS [MD5.B2B3B6A63D9A1837673A2B2C44455A20] - [10/04/2017 15:06:15] - |A| - [66082] - C:\WINDOWS\syswow64\C_20290_FromLFSULTRA-WIDEN.NLS [MD5.C3581190325F812CB7F5F928E722F132] - [10/04/2017 15:06:15] - |A| - [66082] - C:\WINDOWS\syswow64\C_20297_FromLFSULTRA-WIDEN.NLS [MD5.4FEA99284FA34D8E69C8D865D9426D2B] - [10/04/2017 15:06:16] - |A| - [66082] - C:\WINDOWS\syswow64\C_20420_FromLFSULTRA-WIDEN.NLS [MD5.E3AAE11859C598FB936017816567FD96] - [10/04/2017 15:06:16] - |A| - [66082] - C:\WINDOWS\syswow64\C_20423_FromLFSULTRA-WIDEN.NLS [MD5.3A0FA5F25C5FF909766347627B446511] - [10/04/2017 15:06:16] - |A| - [66082] - C:\WINDOWS\syswow64\C_20424_FromLFSULTRA-WIDEN.NLS [MD5.E27DCCEEFABD04FC7D81BE65B233C653] - [10/04/2017 15:06:17] - |A| - [66082] - C:\WINDOWS\syswow64\C_20833_FromLFSULTRA-WIDEN.NLS [MD5.A124CAA7470CCF0354A57AB30808293F] - [10/04/2017 15:06:17] - |A| - [66082] - C:\WINDOWS\syswow64\C_20838_FromLFSULTRA-WIDEN.NLS [MD5.DD7F9900C070890C59417B5271581ED3] - [10/04/2017 15:06:18] - |A| - [66082] - C:\WINDOWS\syswow64\C_20866.NLS [MD5.61FBE3736279973CBA71EE0CDEAAAA6C] - [10/04/2017 15:06:18] - |A| - [66082] - C:\WINDOWS\syswow64\C_20871_FromLFSULTRA-WIDEN.NLS [MD5.8464E9CAB0DA3F209320D782631DD5A2] - [10/04/2017 15:06:18] - |A| - [66082] - C:\WINDOWS\syswow64\C_20880_FromLFSULTRA-WIDEN.NLS [MD5.1ADCE2879B486ACB126750EF18B2E658] - [10/04/2017 15:06:18] - |A| - [66082] - C:\WINDOWS\syswow64\C_20905_FromLFSULTRA-WIDEN.NLS [MD5.E4642396D2098F65C7E88C0AC1EE7379] - [10/04/2017 15:06:18] - |A| - [66082] - C:\WINDOWS\syswow64\C_20924_FromLFSULTRA-WIDEN.NLS [MD5.3FEF4EEFC8827A03B19124575B17205E] - [10/04/2017 15:06:18] - |A| - [180770] - C:\WINDOWS\syswow64\C_20932.NLS [MD5.32919D0DA9A834E8197203C4858ABCF6] - [10/04/2017 15:06:19] - |A| - [173602] - C:\WINDOWS\syswow64\C_20936.NLS [MD5.232094E602642181A5A508975665D11B] - [10/04/2017 15:06:20] - |A| - [177698] - C:\WINDOWS\syswow64\C_20949.NLS [MD5.85D74656F26B33F21B5129252B1578D0] - [10/04/2017 15:06:20] - |A| - [66082] - C:\WINDOWS\syswow64\C_21025_FromLFSULTRA-WIDEN.NLS [MD5.07CD5D103AEB4AD2B624EE1ADBFAA456] - [10/04/2017 15:06:20] - |A| - [66082] - C:\WINDOWS\syswow64\C_21027_FromLFSULTRA-WIDEN.NLS [MD5.41034D46626ECC2CC635FD884E878D6D] - [10/04/2017 15:06:21] - |A| - [66082] - C:\WINDOWS\syswow64\C_21866.NLS [MD5.E45ECA3F540E09C039710EF00219A61B] - [10/04/2017 15:06:21] - |A| - [66082] - C:\WINDOWS\syswow64\C_28591.NLS [MD5.0F8F998263E4C090C9C9B31D84C41654] - [10/04/2017 15:06:21] - |A| - [66082] - C:\WINDOWS\syswow64\C_28592.NLS [MD5.082453B28A3F457FFF330DBDDB32FF45] - [10/04/2017 15:06:21] - |A| - [66082] - C:\WINDOWS\syswow64\C_28593.NLS [MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - [10/04/2017 15:06:21] - |A| - [66082] - C:\WINDOWS\syswow64\C_28594.NLS [MD5.E22D1B9AC7854C0A654E4C4232074E49] - [10/04/2017 15:06:21] - |A| - [66082] - C:\WINDOWS\syswow64\C_28595.NLS [MD5.4D4C7CED88E5621F21A4911A44CADACC] - [10/04/2017 15:06:22] - |A| - [66082] - C:\WINDOWS\syswow64\C_28596.NLS [MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - [10/04/2017 15:06:22] - |A| - [66082] - C:\WINDOWS\syswow64\C_28597.NLS [MD5.BDD5D78F5DB2204A9247C53861357FAF] - [10/04/2017 15:06:22] - |A| - [66082] - C:\WINDOWS\syswow64\C_28598.NLS [MD5.C37A21EE1ADFDC13FC707D97073148ED] - [10/04/2017 15:06:23] - |A| - [66082] - C:\WINDOWS\syswow64\C_28599.NLS [MD5.35448F3A71EBBECF8E997FAD3A99327D] - [10/04/2017 15:06:23] - |A| - [66082] - C:\WINDOWS\syswow64\c_28603.nls [MD5.DA11C0F72C41A6B3CA24FB83E52D7043] - [10/04/2017 15:06:23] - |A| - [66082] - C:\WINDOWS\syswow64\C_28605.NLS [MD5.0BD539284D746E022BDA27C1F85A525A] - [10/04/2017 15:06:23] - |A| - [66594] - C:\WINDOWS\syswow64\C_437_FromLFSULTRA-WIDEN.NLS [MD5.90F5232D99D17AA1BBA3CE2228CF1B2A] - [10/04/2017 15:06:23] - |A| - [66082] - C:\WINDOWS\syswow64\C_500_FromLFSULTRA-WIDEN.NLS [MD5.77F127766D758EB2C6451E221A0C7F7D] - [10/04/2017 15:06:23] - |A| - [66082] - C:\WINDOWS\syswow64\C_708.NLS [MD5.C050215D8D21DF5658E94187973FB89C] - [10/04/2017 15:06:23] - |A| - [66594] - C:\WINDOWS\syswow64\C_720.NLS [MD5.BAC7072B365F9648CA318154BA7E03EC] - [10/04/2017 15:06:24] - |A| - [66594] - C:\WINDOWS\syswow64\C_737.NLS [MD5.0E61D6CD6391CE9BF007BAF0DC905320] - [10/04/2017 15:06:24] - |A| - [66594] - C:\WINDOWS\syswow64\C_775.NLS [MD5.CAAF621DC0936CCAC5106EA62F350E80] - [10/04/2017 15:06:24] - |A| - [66594] - C:\WINDOWS\syswow64\C_850.NLS [MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - [10/04/2017 15:06:25] - |A| - [66594] - C:\WINDOWS\syswow64\C_852.NLS [MD5.3E969213F35127D83DAB48FF1283E8E4] - [10/04/2017 15:06:25] - |A| - [66594] - C:\WINDOWS\syswow64\C_855.NLS [MD5.A8764750B22B528D85A691A52CB21856] - [10/04/2017 15:06:25] - |A| - [66594] - C:\WINDOWS\syswow64\C_857.NLS [MD5.42518F84AA761C84B4F5F366C6E424F1] - [10/04/2017 15:06:26] - |A| - [66594] - C:\WINDOWS\syswow64\C_858.NLS [MD5.B124A84735113A699F0413F1D6875975] - [10/04/2017 15:06:26] - |A| - [66594] - C:\WINDOWS\syswow64\C_860.NLS [MD5.DDE3D4D8C117B5A67F7898DA547F0E4E] - [10/04/2017 15:06:26] - |A| - [66594] - C:\WINDOWS\syswow64\C_861.NLS [MD5.A99203A3397A9DB352C5D8DFBDA230A8] - [10/04/2017 15:06:27] - |A| - [66594] - C:\WINDOWS\syswow64\C_862.NLS [MD5.0220888BDD435156DE91C5D390FE0166] - [10/04/2017 15:06:27] - |A| - [66594] - C:\WINDOWS\syswow64\C_863.NLS [MD5.C58563DF50115E935BC811FFBCE1FC89] - [10/04/2017 15:06:28] - |A| - [66594] - C:\WINDOWS\syswow64\C_864.NLS [MD5.4091021638E2591CFAED8E1CF9D54E1F] - [10/04/2017 15:06:29] - |A| - [66594] - C:\WINDOWS\syswow64\C_865.NLS [MD5.5CD475CA7B87844DE1E0483B536F9AAE] - [10/04/2017 15:06:29] - |A| - [66594] - C:\WINDOWS\syswow64\C_866.NLS [MD5.780C444EB16B65E6DE96F794A732DA12] - [10/04/2017 15:06:29] - |A| - [66594] - C:\WINDOWS\syswow64\C_869.NLS [MD5.48841546AC3B8698C93991E99851F0CF] - [10/04/2017 15:06:30] - |A| - [66082] - C:\WINDOWS\syswow64\C_870_FromLFSULTRA-WIDEN.NLS [MD5.7A0EE54F89FFE0F038660BA580FB4440] - [10/04/2017 15:06:30] - |A| - [66594] - C:\WINDOWS\syswow64\C_874.NLS [MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - [10/04/2017 15:06:30] - |A| - [66082] - C:\WINDOWS\syswow64\C_875_FromLFSULTRA-WIDEN.NLS [MD5.DFFAFA40198800BA2933977F67B956C2] - [10/04/2017 15:06:30] - |A| - [162850] - C:\WINDOWS\syswow64\C_932.NLS [MD5.17028718996FCBCEEE59F38F2D944281] - [10/04/2017 15:06:31] - |A| - [196642] - C:\WINDOWS\syswow64\C_936.NLS [MD5.D2558C26CDBF05740348451DB6A5B955] - [10/04/2017 15:06:31] - |A| - [196642] - C:\WINDOWS\syswow64\C_949.NLS [MD5.8557D3EDA30586685DAD701ABA69D0DD] - [10/04/2017 15:06:32] - |A| - [196642] - C:\WINDOWS\syswow64\C_950.NLS [MD5.F6CD87EC296FC11A1B8000098DADF184] - [10/04/2017 15:06:32] - |A| - [221696] - C:\WINDOWS\syswow64\C_G18030_FromLFSULTRA-WIDEN.DLL [MD5.B4A9937728BF788A18606004F1C83237] - [10/04/2017 15:06:32] - |A| - [10240] - C:\WINDOWS\syswow64\C_IS2022_FromLFSULTRA-WIDEN.DLL [MD5.035074DAEB2333A248FD9C6B88AD16CD] - [10/04/2017 15:06:33] - |A| - [11264] - C:\WINDOWS\syswow64\C_ISCII_FromLFSULTRA-WIDEN.DLL [MD5.9FF8F684BACF326082E5562F7C104A79] - [10/04/2017 15:06:33] - |A| - [3419136] - C:\WINDOWS\syswow64\d2d1_FromLFSULTRA-WIDEN.dll [MD5.FB3F036EF6A467F7AF46C821FF5D198D] - [10/04/2017 15:06:38] - |A| - [220160] - C:\WINDOWS\syswow64\d3d10core_FromLFSULTRA-WIDEN.dll [MD5.4FF3EC04CD47DD62181894B71B004E40] - [10/04/2017 15:06:38] - |A| - [604160] - C:\WINDOWS\syswow64\d3d10level9_FromLFSULTRA-WIDEN.dll [MD5.965CFC7687F0D188F215DC142FC8F6A1] - [10/04/2017 15:06:40] - |A| - [1987584] - C:\WINDOWS\syswow64\d3d10warp_FromLFSULTRA-WIDEN.dll [MD5.D4212AB475A3B25EC4DF574536C3EDC5] - [10/04/2017 15:06:42] - |A| - [249856] - C:\WINDOWS\syswow64\d3d10_1core_FromLFSULTRA-WIDEN.dll [MD5.3C1936A12C62254F914A01BBC6A8DC69] - [10/04/2017 15:06:40] - |A| - [161792] - C:\WINDOWS\syswow64\d3d10_1_FromLFSULTRA-WIDEN.dll [MD5.8504944851DF6175CC489A8F3328459E] - [10/04/2017 15:06:35] - |A| - [1080832] - C:\WINDOWS\syswow64\d3d10_FromLFSULTRA-WIDEN.dll [MD5.6DE66FE7C526637E74CD066461C7C871] - [10/04/2017 15:06:43] - |A| - [1505280] - C:\WINDOWS\syswow64\d3d11_FromLFSULTRA-WIDEN.dll [MD5.77B1471A490B53B24EFE136F09F76550] - [10/04/2017 15:06:46] - |A| - [11264] - C:\WINDOWS\syswow64\d3d8thk_FromLFSULTRA-WIDEN.dll [MD5.241A1900C52DCBA38B20A4F3671444E0] - [10/04/2017 15:06:44] - |A| - [1036800] - C:\WINDOWS\syswow64\d3d8_FromLFSULTRA-WIDEN.dll [MD5.6EF5F3F18413C367195F06E503AB86A6] - [10/04/2017 15:06:47] - |A| - [1828352] - C:\WINDOWS\syswow64\d3d9_FromLFSULTRA-WIDEN.dll [MD5.1C9B45E87528B8BB8CFA884EA0099A85] - [10/04/2017 15:06:49] - |A| - [2106216] - C:\WINDOWS\syswow64\D3DCompiler_43_FromLFSULTRA-WIDEN.dll [MD5.83EBA442F07AAB8D6375D2EEC945C46C] - [10/04/2017 15:06:49] - |A| - [1868128] - C:\WINDOWS\syswow64\d3dcsx_43.dll [MD5.523214677C1D31D7991632C6D11E6B42] - [10/04/2017 15:06:53] - |A| - [817664] - C:\WINDOWS\syswow64\d3dim700_FromLFSULTRA-WIDEN.dll [MD5.CCD63927AECB2275CC3B8F1B3AD58D6F] - [10/04/2017 15:06:53] - |A| - [386048] - C:\WINDOWS\syswow64\d3dim_FromLFSULTRA-WIDEN.dll [MD5.4B1A0BE7FFF6620F739F938A9B694DD1] - [10/04/2017 15:06:54] - |A| - [593920] - C:\WINDOWS\syswow64\d3dramp_FromLFSULTRA-WIDEN.dll [MD5.91B4AAD4412BB223B466F3DFB43E86DA] - [10/04/2017 15:06:55] - |A| - [452440] - C:\WINDOWS\syswow64\d3dx10_40.dll [MD5.20C835843FCEC4DEDFCD7BFFA3B91641] - [10/04/2017 15:06:56] - |A| - [470880] - C:\WINDOWS\syswow64\d3dx10_43.dll [MD5.8E0BB968FF41D80E5F2C747C04DB79AE] - [10/04/2017 15:06:57] - |A| - [248672] - C:\WINDOWS\syswow64\d3dx11_43.dll [MD5.26AF232140C88B42D92A88F2198EDF6A] - [10/04/2017 15:06:57] - |A| - [3426072] - C:\WINDOWS\syswow64\d3dx9_32.dll [MD5.86E39E9161C3D930D93822F1563C280D] - [10/04/2017 15:06:58] - |A| - [1998168] - C:\WINDOWS\syswow64\D3DX9_43_FromLFSULTRA-WIDEN.dll [MD5.CC141C1856652F08539A9B4F0CAC5898] - [10/04/2017 15:07:04] - |A| - [53760] - C:\WINDOWS\syswow64\d3dxof_FromLFSULTRA-WIDEN.dll [MD5.4CB2EDE07C819C12A27FA31D68091147] - [10/04/2017 15:07:08] - |A| - [17408] - C:\WINDOWS\syswow64\dataclen_FromLFSULTRA-WIDEN.dll [MD5.284B59D7B56FC76C80E622AB856B1FAB] - [10/04/2017 15:07:08] - |A| - [80384] - C:\WINDOWS\syswow64\davclnt_FromLFSULTRA-WIDEN.dll [MD5.179BECE8D1A4C488DDB7191FF9BE3FB0] - [10/04/2017 15:07:09] - |A| - [19456] - C:\WINDOWS\syswow64\davhlpr_FromLFSULTRA-WIDEN.dll [MD5.8E8C92DD50F6B34907813AFDC0C8F7DD] - [10/04/2017 15:07:09] - |A| - [2522624] - C:\WINDOWS\syswow64\dbgeng_FromLFSULTRA-WIDEN.dll [MD5.53223B673A3FA2F9A4D1C31C8D3F6CD8] - [10/04/2017 15:07:10] - |A| - [854016] - C:\WINDOWS\syswow64\dbghelp_FromLFSULTRA-WIDEN.dll [MD5.8BCB9193C2FBCEDAF548A05A4514F6A4] - [10/04/2017 15:07:12] - |A| - [135168] - C:\WINDOWS\syswow64\dbnetlib_FromLFSULTRA-WIDEN.dll [MD5.D4958A2160EDCDE5AF3D14CA750F663C] - [10/04/2017 15:07:12] - |A| - [32768] - C:\WINDOWS\syswow64\dbnmpntw_FromLFSULTRA-WIDEN.dll [MD5.224BD8EAA4223DF8241CA2A9B195B0E4] - [10/04/2017 15:07:12] - |A| - [42288] - C:\WINDOWS\syswow64\DbxSvc.exe [MD5.12E8D1D2F8C3C7DF6E2C8ED37217B5DE] - [10/04/2017 15:07:13] - |A| - [868352] - C:\WINDOWS\syswow64\dccw_FromLFSULTRA-WIDEN.exe [MD5.520AEC6C64AF2CFD74B469DB98611D4A] - [10/04/2017 15:07:14] - |A| - [10240] - C:\WINDOWS\syswow64\dciman32_FromLFSULTRA-WIDEN.dll [MD5.7F3D01A6F054E0330BC798739AEF0297] - [10/04/2017 15:07:14] - |A| - [8704] - C:\WINDOWS\syswow64\dcomcnfg_FromLFSULTRA-WIDEN.exe [MD5.31183B5DFF81053C8D10F7D15EA418F8] - [10/04/2017 15:07:14] - |A| - [15360] - C:\WINDOWS\syswow64\DDACLSys_FromLFSULTRA-WIDEN.dll [MD5.CC91779ED74FAE851CD3EA7541DDE488] - [10/04/2017 15:07:14] - |A| - [39424] - C:\WINDOWS\syswow64\DDEML.DLL [MD5.7FE2248DE77813CE850053ED0CE8A474] - [10/04/2017 15:07:15] - |A| - [36864] - C:\WINDOWS\syswow64\ddodiag_FromLFSULTRA-WIDEN.exe [MD5.8F40B3A4EC0B64AB7133E7532BA7E5BF] - [10/04/2017 15:07:15] - |A| - [10752] - C:\WINDOWS\syswow64\DDOIProxy_FromLFSULTRA-WIDEN.dll [MD5.BB4DC55D083AF56DF6FC10EB10559B46] - [10/04/2017 15:07:15] - |A| - [6278656] - C:\WINDOWS\syswow64\DDORes_FromLFSULTRA-WIDEN.dll [MD5.BAB9EF9A340113666F678AA2474904B6] - [10/04/2017 15:07:22] - |A| - [30208] - C:\WINDOWS\syswow64\ddrawex_FromLFSULTRA-WIDEN.dll [MD5.198552AEFECA69D646867EC8D792DE95] - [10/04/2017 15:07:17] - |A| - [531968] - C:\WINDOWS\syswow64\ddraw_FromLFSULTRA-WIDEN.dll [MD5.C17AFA0AAD78C621F818DD6729572C48] - [10/04/2017 15:07:25] - |A| - [20634] - C:\WINDOWS\syswow64\debug.exe [MD5.73CB55D2E8099D24FD077C990FFE3DDB] - [10/04/2017 15:07:25] - |A| - [220672] - C:\WINDOWS\syswow64\defaultlocationcpl.dll [MD5.9E759EDDE1E45A4E55752CD2ED321F89] - [10/04/2017 15:07:26] - |A| - [176128] - C:\WINDOWS\syswow64\Defrag.exe [MD5.F163DD2E8355B46D7F77F8F0E3F27FEF] - [10/04/2017 15:07:26] - |A| - [11264] - C:\WINDOWS\syswow64\defragproxy.dll [MD5.8D6E10A2D9A5EED59562D9B82CF804E1] - [10/04/2017 15:07:27] - |A| - [218624] - C:\WINDOWS\syswow64\defragsvc.dll [MD5.AFE021069BADB2CA3F8108FE174FCB4F] - [10/04/2017 15:07:27] - |A| - [47616] - C:\WINDOWS\syswow64\deskadp_FromLFSULTRA-WIDEN.dll [MD5.9CC9C17916E66A5649A30E046B055C72] - [10/04/2017 15:07:27] - |A| - [45568] - C:\WINDOWS\syswow64\deskmon_FromLFSULTRA-WIDEN.dll [MD5.3DBC0EA1E042F3970E054A4E3EA2A179] - [10/04/2017 15:07:27] - |A| - [39936] - C:\WINDOWS\syswow64\deskperf.dll [MD5.079B8AEB4A55BF8493BD1EC70285D920] - [10/04/2017 15:07:27] - |A| - [73] - C:\WINDOWS\syswow64\desktop.ini [MD5.079D12BFED9E3E03D02A44BAF8FFA3A9] - [10/04/2017 15:07:27] - |A| - [128000] - C:\WINDOWS\syswow64\desk_FromLFSULTRA-WIDEN.cpl [MD5.66EB4C814BF7BD76CF7CBC7F562234BA] - [10/04/2017 15:07:28] - |A| - [67584] - C:\WINDOWS\syswow64\devenum_FromLFSULTRA-WIDEN.dll [MD5.2A39F32E0067CBF221611FE1FA8C6D8F] - [10/04/2017 15:07:28] - |A| - [484864] - C:\WINDOWS\syswow64\DeviceCenter_FromLFSULTRA-WIDEN.dll [MD5.41DF87CC97CD4727E5FE266C6C06E10D] - [10/04/2017 15:07:28] - |A| - [86528] - C:\WINDOWS\syswow64\DeviceDisplayObjectProvider.exe [MD5.7CC8E6E16456A87A3AAF137E3905AF79] - [10/04/2017 15:07:29] - |A| - [17408] - C:\WINDOWS\syswow64\DeviceDisplayStatusManager_FromLFSULTRA-WIDEN.dll [MD5.1F52BB56B2699D9DB96309938A7A7798] - [10/04/2017 15:07:29] - |A| - [26112] - C:\WINDOWS\syswow64\DeviceEject.exe [MD5.3ABB6DE28866E1329E06A04EFD7B1F47] - [10/04/2017 15:07:30] - |A| - [24576] - C:\WINDOWS\syswow64\DeviceMetadataParsers.dll [MD5.5DC6DBFC22911C58FD2C9208A9756021] - [10/04/2017 15:07:30] - |A| - [211456] - C:\WINDOWS\syswow64\DevicePairingFolder_FromLFSULTRA-WIDEN.dll [MD5.FDA6F7205D1AF287CF62D1CEFC34CF19] - [10/04/2017 15:07:31] - |A| - [79360] - C:\WINDOWS\syswow64\DevicePairingHandler.dll [MD5.17EC0CA61708A160E3687B1301E572BE] - [10/04/2017 15:07:32] - |A| - [55296] - C:\WINDOWS\syswow64\DevicePairingProxy_FromLFSULTRA-WIDEN.dll [MD5.C0389D256F976044ADF570F0DF908953] - [10/04/2017 15:07:32] - |A| - [71168] - C:\WINDOWS\syswow64\DevicePairingWizard_FromLFSULTRA-WIDEN.exe [MD5.DA58862AF13E97C413D9487B96F62F40] - [10/04/2017 15:07:30] - |A| - [181248] - C:\WINDOWS\syswow64\DevicePairing_FromLFSULTRA-WIDEN.dll [MD5.E25A3768313F0F0C61EC5DB6BEAFC1BB] - [10/04/2017 15:07:32] - |A| - [91648] - C:\WINDOWS\syswow64\DeviceProperties_FromLFSULTRA-WIDEN.exe [MD5.7ACC264046EC028AA1F3FD36554810D6] - [10/04/2017 15:07:32] - |A| - [9728] - C:\WINDOWS\syswow64\DeviceUxRes_FromLFSULTRA-WIDEN.dll [MD5.DDB99F7FE6C9875A2B0696AA06ED0223] - [10/04/2017 15:07:32] - |A| - [145640] - C:\WINDOWS\syswow64\devmgmt_FromLFSULTRA-WIDEN.msc [MD5.F5F9CB23EDBF2C77AAE5A2A2FC4FC333] - [10/04/2017 15:07:32] - |A| - [410624] - C:\WINDOWS\syswow64\devmgr_FromLFSULTRA-WIDEN.dll [MD5.CC4ED8BEA78B0DCA6F217E014C3291A7] - [10/04/2017 15:07:33] - |A| - [64512] - C:\WINDOWS\syswow64\devobj_FromLFSULTRA-WIDEN.dll [MD5.FD07F21E0A19C27ED4E1EEC2B07452B3] - [10/04/2017 15:07:33] - |A| - [44544] - C:\WINDOWS\syswow64\devrtl_FromLFSULTRA-WIDEN.dll [MD5.FB036244DBD2FADC225AD8650886B641] - [10/04/2017 15:07:33] - |A| - [586752] - C:\WINDOWS\syswow64\dfrgui_FromLFSULTRA-WIDEN.exe [MD5.7AA994D0757EF3FDB4F3F7656E1E4D60] - [10/04/2017 15:07:34] - |A| - [43008] - C:\WINDOWS\syswow64\dfscli_FromLFSULTRA-WIDEN.dll [MD5.8580484193CE0A0788830FBAB97CF13B] - [10/04/2017 15:07:35] - |A| - [1131664] - C:\WINDOWS\syswow64\dfshim_FromLFSULTRA-WIDEN.dll [MD5.04973C82D4BE968EBD3554D059325C8B] - [10/04/2017 15:07:36] - |A| - [54272] - C:\WINDOWS\syswow64\DfsShlEx_FromLFSULTRA-WIDEN.dll [MD5.394ADE82B91F6458C060C522D7C3520C] - [10/04/2017 15:07:36] - |A| - [11264] - C:\WINDOWS\syswow64\dhcpcmonitor_FromLFSULTRA-WIDEN.dll [MD5.EF71BA5DF59034962B0C62314A71351A] - [10/04/2017 15:07:37] - |A| - [193536] - C:\WINDOWS\syswow64\dhcpcore6_FromLFSULTRA-WIDEN.dll [MD5.E9E01EB683C132F7FA27CD607B8A2B63] - [10/04/2017 15:07:36] - |A| - [254464] - C:\WINDOWS\syswow64\dhcpcore_FromLFSULTRA-WIDEN.dll [MD5.81F6C1AE23B1C493D9E996C3103915D7] - [10/04/2017 15:07:38] - |A| - [44032] - C:\WINDOWS\syswow64\dhcpcsvc6_FromLFSULTRA-WIDEN.dll [MD5.9A85ABCE0FDD1AF8E79E731EB0B679F3] - [10/04/2017 15:07:37] - |A| - [61952] - C:\WINDOWS\syswow64\dhcpcsvc_FromLFSULTRA-WIDEN.dll [MD5.2765B91A9EE086C20B451E80D2709CC9] - [10/04/2017 15:07:38] - |A| - [81920] - C:\WINDOWS\syswow64\DHCPQEC.DLL [MD5.74A317A07AF6ABAA25AEEE25709232D3] - [10/04/2017 15:07:39] - |A| - [79360] - C:\WINDOWS\syswow64\dhcpsapi_FromLFSULTRA-WIDEN.dll [MD5.3E158EB9DC295CA3EF8D1F1EF57ABEDD] - [10/04/2017 15:07:39] - |A| - [1188864] - C:\WINDOWS\syswow64\DiagCpl.dll [MD5.ECF036299AA554B5E0455262857B39D0] - [10/04/2017 15:07:40] - |A| - [863744] - C:\WINDOWS\syswow64\diagperf.dll [MD5.0A3386E3CF9C5D089D695AC5A35F4C6F] - [10/04/2017 15:07:41] - |A| - [937984] - C:\WINDOWS\syswow64\diagtrack.dll [MD5.E60C429021A5DD744A339C035E24F644] - [10/04/2017 15:07:43] - |A| - [31744] - C:\WINDOWS\syswow64\dialer_FromLFSULTRA-WIDEN.exe [MD5.E63C228D06F656951116F49F970C472A] - [10/04/2017 15:07:43] - |A| - [94720] - C:\WINDOWS\syswow64\diantz.exe [MD5.070C5B9D3006602A07757179D9B56F5D] - [10/04/2017 15:07:44] - |A| - [315904] - C:\WINDOWS\syswow64\difxapi_FromLFSULTRA-WIDEN.dll [MD5.C5C867CD7EFAC60D5021223E374DEEC5] - [10/04/2017 15:07:45] - |A| - [33792] - C:\WINDOWS\syswow64\dimsjob_FromLFSULTRA-WIDEN.dll [MD5.EE456A30B0F30D6ADE305886DA3DA5B1] - [10/04/2017 15:07:45] - |A| - [36864] - C:\WINDOWS\syswow64\dimsroam_FromLFSULTRA-WIDEN.dll [MD5.8C1BEE0EDA8D1C01D1C8C61F2C6A9F7B] - [10/04/2017 15:07:45] - |A| - [8192] - C:\WINDOWS\syswow64\dinotify.exe [MD5.5E08AC958BE05247FF1539E0D1CE7905] - [10/04/2017 15:07:46] - |A| - [145408] - C:\WINDOWS\syswow64\dinput8_FromLFSULTRA-WIDEN.dll [MD5.D2BBC72E0CDF8639C8274EDB395C9103] - [10/04/2017 15:07:46] - |A| - [136704] - C:\WINDOWS\syswow64\dinput_FromLFSULTRA-WIDEN.dll [MD5.5B14AC797149B7D353490AC36F17EC5B] - [10/04/2017 15:07:47] - |A| - [13824] - C:\WINDOWS\syswow64\diskcomp.com [MD5.8D475192609B4C28916A394D264C9ACA] - [10/04/2017 15:07:47] - |A| - [11264] - C:\WINDOWS\syswow64\diskcopy.com [MD5.A60B101ED732BE90499EB7002B60A243] - [10/04/2017 15:07:47] - |A| - [1502720] - C:\WINDOWS\syswow64\diskcopy.dll [MD5.3972B8D1A036CD4389655E3414C9570F] - [10/04/2017 15:07:49] - |A| - [47679] - C:\WINDOWS\syswow64\diskmgmt_FromLFSULTRA-WIDEN.msc [MD5.2C60338287CB0AEC009D0B48CEA864D2] - [10/04/2017 15:07:49] - |A| - [133632] - C:\WINDOWS\syswow64\diskpart_FromLFSULTRA-WIDEN.exe [MD5.FB224B0A63B8F58E91FE8A314AD295AD] - [10/04/2017 15:07:49] - |A| - [17408] - C:\WINDOWS\syswow64\diskperf_FromLFSULTRA-WIDEN.exe [MD5.BF1EAD0561F37CEA65F76DD276F90E04] - [10/04/2017 15:07:49] - |A| - [276480] - C:\WINDOWS\syswow64\diskraid_FromLFSULTRA-WIDEN.exe [MD5.4087F52A17EB28592A7DC0D8440A980E] - [10/04/2017 15:08:01] - |A| - [202752] - C:\WINDOWS\syswow64\Dism_FromLFSULTRA-WIDEN.exe [MD5.4627D4C6D3BB999B123793C3A2709F86] - [10/04/2017 15:08:01] - |A| - [42496] - C:\WINDOWS\syswow64\dispci.dll [MD5.CF6EB320CA4B80C9B0ADA1F7E14036D1] - [10/04/2017 15:08:01] - |A| - [131072] - C:\WINDOWS\syswow64\dispdiag.exe [MD5.19779242217D7403577C34AFD95C8626] - [10/04/2017 15:08:02] - |A| - [15360] - C:\WINDOWS\syswow64\dispex_FromLFSULTRA-WIDEN.dll [MD5.BA4E1A60BD20CA7978C76D79F19E37F0] - [10/04/2017 15:08:04] - |A| - [522752] - C:\WINDOWS\syswow64\DisplaySwitch_FromLFSULTRA-WIDEN.exe [MD5.14558D849EC14160AC3DACD8AC36E10A] - [10/04/2017 15:08:02] - |A| - [1040384] - C:\WINDOWS\syswow64\Display_FromLFSULTRA-WIDEN.dll [MD5.27828AAA24AA46F11036954ADE355C1C] - [10/04/2017 15:08:05] - |A| - [15360] - C:\WINDOWS\syswow64\djctq_FromLFSULTRA-WIDEN.rs [MD5.F9724B48380FE80D75A3C16280A5D78F] - [10/04/2017 15:08:05] - |A| - [59904] - C:\WINDOWS\syswow64\djoin.exe [MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - [10/04/2017 15:08:05] - |A| - [7168] - C:\WINDOWS\syswow64\dllhost_FromLFSULTRA-WIDEN.exe [MD5.0F498E1E332F1C1FBF32B558805ED0D5] - [10/04/2017 15:08:05] - |A| - [7168] - C:\WINDOWS\syswow64\dllhst3g_FromLFSULTRA-WIDEN.exe [MD5.B0E490CAF714FEB957E12B326696A3EE] - [10/04/2017 15:08:06] - |A| - [30720] - C:\WINDOWS\syswow64\dmband_FromLFSULTRA-WIDEN.dll [MD5.8BDEA597EDE65570E72252301610F666] - [10/04/2017 15:08:06] - |A| - [63488] - C:\WINDOWS\syswow64\dmcompos_FromLFSULTRA-WIDEN.dll [MD5.E71A33F4EA997289069208249C3CF15F] - [10/04/2017 15:08:06] - |A| - [395776] - C:\WINDOWS\syswow64\dmdlgs_FromLFSULTRA-WIDEN.dll [MD5.1D48DBACD33C041A8D3C9D5FCB7EA8E6] - [10/04/2017 15:08:07] - |A| - [199680] - C:\WINDOWS\syswow64\dmdskmgr_FromLFSULTRA-WIDEN.dll [MD5.F26DB065016FB3FABCDEAE1841D31D86] - [10/04/2017 15:08:08] - |A| - [2048] - C:\WINDOWS\syswow64\dmdskres2_FromLFSULTRA-WIDEN.dll [MD5.6A4A016248204AF42E8F2B0208AD0B73] - [10/04/2017 15:08:08] - |A| - [372224] - C:\WINDOWS\syswow64\dmdskres_FromLFSULTRA-WIDEN.dll [MD5.810E72F975AE308FC496FF5F8EF98872] - [10/04/2017 15:08:08] - |A| - [179712] - C:\WINDOWS\syswow64\dmime_FromLFSULTRA-WIDEN.dll [MD5.33F4F907B1C55ABCEB37E1A47FBBF39E] - [10/04/2017 15:08:08] - |A| - [23040] - C:\WINDOWS\syswow64\dmintf_FromLFSULTRA-WIDEN.dll [MD5.EF4FC9AD831EE60A5B5AA1DF08E01A87] - [10/04/2017 15:08:09] - |A| - [38400] - C:\WINDOWS\syswow64\dmloader_FromLFSULTRA-WIDEN.dll [MD5.EB7B4563D6D20FC663F15FE8581D0BF2] - [10/04/2017 15:08:09] - |A| - [42496] - C:\WINDOWS\syswow64\dmocx_FromLFSULTRA-WIDEN.dll [MD5.7A118DAC82AACB01A52C5C7A17796038] - [10/04/2017 15:08:09] - |A| - [111616] - C:\WINDOWS\syswow64\dmrc.dll [MD5.4496FA9DFE561D58FD291CC130F81DC8] - [10/04/2017 15:08:09] - |A| - [86016] - C:\WINDOWS\syswow64\dmscript_FromLFSULTRA-WIDEN.dll [MD5.1D483BD38C8383D0ED774DEE43D8F4A3] - [10/04/2017 15:08:10] - |A| - [105984] - C:\WINDOWS\syswow64\dmstyle_FromLFSULTRA-WIDEN.dll [MD5.B94F5D15D0E93B6A1406E0EFF49CF3D7] - [10/04/2017 15:08:10] - |A| - [105472] - C:\WINDOWS\syswow64\dmsynth_FromLFSULTRA-WIDEN.dll [MD5.5005CC3B8A158BEBCADB06940E5292B4] - [10/04/2017 15:08:10] - |A| - [101376] - C:\WINDOWS\syswow64\dmusic_FromLFSULTRA-WIDEN.dll [MD5.D25B4E59A0D37A972C1B1D4A48E82C41] - [10/04/2017 15:08:10] - |A| - [19968] - C:\WINDOWS\syswow64\dmutil_FromLFSULTRA-WIDEN.dll [MD5.600455FB4DBC7FECA06F1434707E8754] - [10/04/2017 15:08:11] - |A| - [145920] - C:\WINDOWS\syswow64\dmvdsitf_FromLFSULTRA-WIDEN.dll [MD5.9785BD1F2842E31C0E996735FD8A64D6] - [10/04/2017 15:08:11] - |A| - [110080] - C:\WINDOWS\syswow64\dmview_FromLFSULTRA-WIDEN.ocx [MD5.59DF156711A76BCB993253EC6C9BBF41] - [10/04/2017 15:08:11] - |A| - [270336] - C:\WINDOWS\syswow64\dnsapi_FromLFSULTRA-WIDEN.dll [MD5.AD61F7AFE913B2642650504DF283AA63] - [10/04/2017 15:08:11] - |A| - [28672] - C:\WINDOWS\syswow64\dnscacheugc.exe [MD5.7DC1FABD139B6AE5743C5DF75EEC5958] - [10/04/2017 15:08:12] - |A| - [109056] - C:\WINDOWS\syswow64\dnscmmc_FromLFSULTRA-WIDEN.dll [MD5.100103C6535C66265267F5EEA5F5846E] - [10/04/2017 15:08:12] - |A| - [6656] - C:\WINDOWS\syswow64\dnsext.dll [MD5.8D26E72450B68DDDA591B8828C4D05E1] - [10/04/2017 15:08:12] - |A| - [80384] - C:\WINDOWS\syswow64\dnshc.dll [MD5.2FE30D71919C51131405797620E0A714] - [10/04/2017 15:08:13] - |A| - [132608] - C:\WINDOWS\syswow64\dnsrslvr.dll [MD5.70832B7253093E9896B49F276BEBA63B] - [10/04/2017 15:08:13] - |A| - [37376] - C:\WINDOWS\syswow64\docprop_FromLFSULTRA-WIDEN.dll [MD5.5B2FA87B0A186E04A2972193DB584FC7] - [10/04/2017 15:08:13] - |A| - [51200] - C:\WINDOWS\syswow64\DocumentPerformanceEvents.dll [MD5.766551B156F14FA8AEA9260E24F87F78] - [10/04/2017 15:08:13] - |A| - [15872] - C:\WINDOWS\syswow64\doskey_FromLFSULTRA-WIDEN.exe [MD5.03783D0840B2C54D7665248425C74417] - [10/04/2017 15:08:13] - |A| - [53600] - C:\WINDOWS\syswow64\dosx.exe [MD5.04B88428A872390D235BE52D38A9D4EF] - [10/04/2017 15:08:14] - |A| - [91136] - C:\WINDOWS\syswow64\dot3api_FromLFSULTRA-WIDEN.dll [MD5.B06B2FEC249F48C4E7F628B689859AC7] - [10/04/2017 15:08:14] - |A| - [82432] - C:\WINDOWS\syswow64\dot3cfg_FromLFSULTRA-WIDEN.dll [MD5.B05537D790DD533BF6695B8C85E98E8B] - [10/04/2017 15:08:15] - |A| - [47104] - C:\WINDOWS\syswow64\dot3dlg_FromLFSULTRA-WIDEN.dll [MD5.4A139DDC4FF1CFD8582B5F4686E3FD14] - [10/04/2017 15:08:15] - |A| - [74752] - C:\WINDOWS\syswow64\dot3gpclnt_FromLFSULTRA-WIDEN.dll [MD5.EC5D8D6F83C31FE4385A263D3B933912] - [10/04/2017 15:08:15] - |A| - [265728] - C:\WINDOWS\syswow64\dot3gpui_FromLFSULTRA-WIDEN.dll [MD5.3EF520A077AFA7ACC076FB3E0FE42FF5] - [10/04/2017 15:08:16] - |A| - [55296] - C:\WINDOWS\syswow64\dot3hc_FromLFSULTRA-WIDEN.dll [MD5.0CE0812F2BDFED908FB1066AD4B868C7] - [10/04/2017 15:08:17] - |A| - [115200] - C:\WINDOWS\syswow64\dot3msm_FromLFSULTRA-WIDEN.dll [MD5.366BA8FB4B7BB7435E3B9EACB3843F67] - [10/04/2017 15:08:17] - |A| - [214016] - C:\WINDOWS\syswow64\dot3svc.dll [MD5.8FBE98499ADC541C63BB10B722DA00D4] - [10/04/2017 15:08:17] - |A| - [333824] - C:\WINDOWS\syswow64\dot3ui_FromLFSULTRA-WIDEN.dll [MD5.99EE3107F860C98CA71F1B547F18BE6F] - [10/04/2017 15:08:18] - |A| - [72192] - C:\WINDOWS\syswow64\dpapimig_FromLFSULTRA-WIDEN.exe [MD5.D111292AF25E2B80D3AD80DEA5010B3E] - [10/04/2017 15:08:18] - |A| - [47616] - C:\WINDOWS\syswow64\dpapiprovider_FromLFSULTRA-WIDEN.dll [MD5.8C9DA2E414E713D3DAFF1F18223AE11B] - [10/04/2017 15:08:18] - |A| - [76800] - C:\WINDOWS\syswow64\DpiScaling_FromLFSULTRA-WIDEN.exe [MD5.A144A621978F9F605AC322E80DE47D1F] - [10/04/2017 15:08:19] - |A| - [29184] - C:\WINDOWS\syswow64\dplaysvr_FromLFSULTRA-WIDEN.exe [MD5.19DFABF1712CA77C34EBD92A893E9B2E] - [10/04/2017 15:08:20] - |A| - [213504] - C:\WINDOWS\syswow64\dplayx_FromLFSULTRA-WIDEN.dll [MD5.4A3DA4015EFF80B348E7793E0BBEF0A8] - [10/04/2017 15:08:21] - |A| - [23040] - C:\WINDOWS\syswow64\dpmodemx_FromLFSULTRA-WIDEN.dll [MD5.D667E487B72FEB7FFEAD869ECC0467CF] - [10/04/2017 15:08:21] - |A| - [2560] - C:\WINDOWS\syswow64\dpnaddr_FromLFSULTRA-WIDEN.dll [MD5.53122070884A334A51339AB082400FB7] - [10/04/2017 15:08:21] - |A| - [57344] - C:\WINDOWS\syswow64\dpnathlp_FromLFSULTRA-WIDEN.dll [MD5.B608555AF553A2B9E957075BA0626D28] - [10/04/2017 15:08:21] - |A| - [376832] - C:\WINDOWS\syswow64\dpnet_FromLFSULTRA-WIDEN.dll [MD5.4C7A7F2923C112DACE2301AFEC729751] - [10/04/2017 15:08:22] - |A| - [7168] - C:\WINDOWS\syswow64\dpnhpast_FromLFSULTRA-WIDEN.dll [MD5.FFAC9F8CF117C5C478BDD3635BD04637] - [10/04/2017 15:08:22] - |A| - [7168] - C:\WINDOWS\syswow64\dpnhupnp_FromLFSULTRA-WIDEN.dll [MD5.6E5AC43AD95B18322DEBD7BC1E609788] - [10/04/2017 15:08:22] - |A| - [2560] - C:\WINDOWS\syswow64\dpnlobby_FromLFSULTRA-WIDEN.dll [MD5.4DFB1D5CBCF69C909E9B9103EB822E06] - [10/04/2017 15:08:22] - |A| - [33280] - C:\WINDOWS\syswow64\dpnsvr_FromLFSULTRA-WIDEN.exe [MD5.8EC04CA86F1D68DA9E11952EB85973D6] - [10/04/2017 15:08:22] - |A| - [144384] - C:\WINDOWS\syswow64\dps.dll [MD5.9E376BD460915510B9A7E12849CAE85E] - [10/04/2017 15:08:23] - |A| - [44032] - C:\WINDOWS\syswow64\dpwsockx_FromLFSULTRA-WIDEN.dll [MD5.0C0DF0F05BAEA320FA301F34E256E08B] - [10/04/2017 15:08:23] - |A| - [257024] - C:\WINDOWS\syswow64\dpx_FromLFSULTRA-WIDEN.dll [MD5.5D1CFD8CF86F05BB27926C9A6893B635] - [10/04/2017 15:08:23] - |A| - [66048] - C:\WINDOWS\syswow64\driverquery_FromLFSULTRA-WIDEN.exe [MD5.2708C75F1A7FA45403383C7E43A82A81] - [10/04/2017 16:54:54] - |A| - [402944] - C:\WINDOWS\syswow64\drmmgrtn.dll [MD5.47D052D9EE1FD3BA2A55D13F61E3EF24] - [10/04/2017 16:54:55] - |A| - [986624] - C:\WINDOWS\syswow64\drmv2clt.dll [MD5.D6692338B985D4A0CA52B828314D897D] - [10/04/2017 16:54:57] - |A| - [18944] - C:\WINDOWS\syswow64\drprov_FromLFSULTRA-WIDEN.dll [MD5.76BB2CEDF9BB9B6C9FF268A4A68C8D99] - [10/04/2017 16:54:58] - |A| - [58880] - C:\WINDOWS\syswow64\drtprov_FromLFSULTRA-WIDEN.dll [MD5.AA3B91B70E79BCE70AD3B190789B9574] - [10/04/2017 16:54:58] - |A| - [43008] - C:\WINDOWS\syswow64\drttransport_FromLFSULTRA-WIDEN.dll [MD5.EE29FCC244C8033E2F748D863DCBF378] - [10/04/2017 16:54:58] - |A| - [225280] - C:\WINDOWS\syswow64\drt_FromLFSULTRA-WIDEN.dll [MD5.44DAF0A410AB80E7CAB7C12EDE5FFB34] - [10/04/2017 16:54:59] - |A| - [252928] - C:\WINDOWS\syswow64\drvinst.exe [MD5.00000000000000000000000000000000] - [10/04/2017 16:55:00] - |D| - [57936] - C:\WINDOWS\syswow64\DRVSTORE [MD5.ED04627EF998D04182C00ECD211FACBD] - [10/04/2017 16:55:02] - |A| - [323072] - C:\WINDOWS\syswow64\drvstore_FromLFSULTRA-WIDEN.dll [MD5.789F63C7978AD84A2214D3AA3BF0F609] - [10/04/2017 16:55:02] - |A| - [28112] - C:\WINDOWS\syswow64\DRWATSON.EXE [MD5.06D51EF74C4B9CE28B39F2D22D2A8608] - [10/04/2017 16:55:02] - |A| - [4656] - C:\WINDOWS\syswow64\ds16gt.dLL [MD5.1297AE2F1C3A7C1CFEC27B4DE37F2436] - [10/04/2017 16:55:02] - |A| - [20480] - C:\WINDOWS\syswow64\ds32gt.dll [MD5.6D666983C638F5E507C4A11AED1291CC] - [10/04/2017 16:55:04] - |A| - [30208] - C:\WINDOWS\syswow64\dsauth_FromLFSULTRA-WIDEN.dll [MD5.0C651CFB9FA9507949EDF3E1CDE54C7E] - [10/04/2017 16:55:05] - |A| - [173568] - C:\WINDOWS\syswow64\dsdmo_FromLFSULTRA-WIDEN.dll [MD5.C9FB8C3D650EF8BD76865EC20A19A5BC] - [10/04/2017 16:55:07] - |A| - [252928] - C:\WINDOWS\syswow64\DShowRdpFilter.dll [MD5.7E5EEECD068A1508C3CE5D83BF5C50E0] - [10/04/2017 16:55:08] - |A| - [87040] - C:\WINDOWS\syswow64\dskquota_FromLFSULTRA-WIDEN.dll [MD5.97D7CC94EEA6EBB6B928EA3DD91A2A0C] - [10/04/2017 16:55:08] - |A| - [196608] - C:\WINDOWS\syswow64\dskquoui_FromLFSULTRA-WIDEN.dll [MD5.0E85C11F8850D524B02181C6E02BA9AE] - [10/04/2017 16:55:08] - |A| - [453632] - C:\WINDOWS\syswow64\dsound_FromLFSULTRA-WIDEN.dll [MD5.559C2D2B139FD521AB86029373CE4C47] - [10/04/2017 16:55:09] - |A| - [148992] - C:\WINDOWS\syswow64\dsprop_FromLFSULTRA-WIDEN.dll [MD5.B108B28138B93EC4822E165B82E41C7A] - [10/04/2017 16:55:10] - |A| - [395776] - C:\WINDOWS\syswow64\dsquery_FromLFSULTRA-WIDEN.dll [MD5.2F040CF0613A6D64DCBBA9EE81F5A5AE] - [10/04/2017 16:55:11] - |A| - [22016] - C:\WINDOWS\syswow64\dsrole_FromLFSULTRA-WIDEN.dll [MD5.8C6F56F4CDDE6A1FD01F4FCF2773298E] - [10/04/2017 16:55:11] - |A| - [215943] - C:\WINDOWS\syswow64\dssec_FromLFSULTRA-WIDEN.dat [MD5.7FAEB58D3AEA4C0A6764060A08C67579] - [10/04/2017 16:55:12] - |A| - [44032] - C:\WINDOWS\syswow64\dssec_FromLFSULTRA-WIDEN.dll [MD5.99B9343280AF6A4C0F27CF2E28E94BBF] - [10/04/2017 16:55:12] - |A| - [156728] - C:\WINDOWS\syswow64\dssenh_FromLFSULTRA-WIDEN.dll [MD5.583409031CBE6447750A99E7F460B08F] - [09/04/2017 12:10:29] - |A| - [53248] - C:\WINDOWS\syswow64\DSTimeStamp.ax [MD5.583409031CBE6447750A99E7F460B08F] - [10/04/2017 16:55:13] - |A| - [53248] - C:\WINDOWS\syswow64\DSTimeStamp_FromLFSULTRA-WIDEN.ax [MD5.918379B6C94AA59F567E06FB4E0E5E1B] - [10/04/2017 16:55:13] - |A| - [685056] - C:\WINDOWS\syswow64\dsuiext_FromLFSULTRA-WIDEN.dll [MD5.31A254EA7EACFB3A7ABAFB178C3C8EFD] - [10/04/2017 16:55:14] - |A| - [20992] - C:\WINDOWS\syswow64\dswave_FromLFSULTRA-WIDEN.dll [MD5.BC9A5C226CE65F93489A786A5F996588] - [09/04/2017 13:19:08] - |A| - [327680] - C:\WINDOWS\syswow64\ds_file_writer.ax [MD5.5F4C4B46DD00B78A659CC7525C68170A] - [10/04/2017 16:55:15] - |A| - [448272] - C:\WINDOWS\syswow64\DTSBassEnhancementDLL.dll [MD5.DE670B6CB4DAD658C0BBC86AA9477502] - [10/04/2017 16:55:16] - |A| - [900368] - C:\WINDOWS\syswow64\DTSBoostDLL.dll [MD5.268F909E2CEAE82AD253BDCD73435481] - [10/04/2017 16:55:17] - |A| - [235280] - C:\WINDOWS\syswow64\DTSGainCompensatorDLL.dll [MD5.06AB693CFF68B721C967EA7EE8DA73C8] - [10/04/2017 16:55:17] - |A| - [104672] - C:\WINDOWS\syswow64\DTSGFXAPO.dll [MD5.164C41BE4DF3F897FEDC7FCBFDFC26C2] - [10/04/2017 16:55:17] - |A| - [104160] - C:\WINDOWS\syswow64\DTSGFXAPONS.dll [MD5.0795AAF84172C2E3B605CCB3A6E91D4A] - [10/04/2017 16:55:17] - |A| - [32256] - C:\WINDOWS\syswow64\dtsh_FromLFSULTRA-WIDEN.dll [MD5.4F1D6008CFC07D84076F24EB2124E52F] - [10/04/2017 16:55:18] - |A| - [104672] - C:\WINDOWS\syswow64\DTSLFXAPO.dll [MD5.9B198E9F236995C74D662D3E2E80299C] - [10/04/2017 16:55:18] - |A| - [223504] - C:\WINDOWS\syswow64\DTSLimiterDLL.dll [MD5.0F3BEC10F7103C8EBE0C9754C70B972C] - [10/04/2017 16:55:18] - |A| - [290064] - C:\WINDOWS\syswow64\DTSNeoPCDLL.dll [MD5.DC565FFF648FC8EDCE7A5128D28DB877] - [10/04/2017 16:55:19] - |A| - [961296] - C:\WINDOWS\syswow64\DTSS2HeadphoneDLL.dll [MD5.04B4D84321F8F4C425009D130B302127] - [10/04/2017 16:55:21] - |A| - [1131280] - C:\WINDOWS\syswow64\DTSS2SpeakerDLL.dll [MD5.CF13F5CBCEB854DE21436872D56D0C1B] - [10/04/2017 16:55:26] - |A| - [427792] - C:\WINDOWS\syswow64\DTSSymmetryDLL.dll [MD5.A3BECF1E4504044A9BF79C62BF9F6179] - [10/04/2017 16:55:26] - |A| - [405776] - C:\WINDOWS\syswow64\DTSVoiceClarityDLL.dll [MD5.EE06B85BC69F18826302348A2AD089E0] - [10/04/2017 16:55:28] - |A| - [717824] - C:\WINDOWS\syswow64\dui70_FromLFSULTRA-WIDEN.dll [MD5.6E1F8165C365D35C8E3C045AF0CDD481] - [10/04/2017 16:55:32] - |A| - [181248] - C:\WINDOWS\syswow64\duser_FromLFSULTRA-WIDEN.dll [MD5.B2F75222E51D1E896951787AE9DE8BB6] - [10/04/2017 16:55:33] - |A| - [9728] - C:\WINDOWS\syswow64\dvdplay_FromLFSULTRA-WIDEN.exe [MD5.EC91F1EEE687A252BC737679D683B05B] - [10/04/2017 16:55:35] - |A| - [21504] - C:\WINDOWS\syswow64\dvdupgrd.exe [MD5.A13F28AC30EDCEEF74E7F0FE06724FBB] - [10/04/2017 16:55:35] - |A| - [92672] - C:\WINDOWS\syswow64\dwm.exe [MD5.52213D271F6804AAA44F57AEFD2B778A] - [10/04/2017 16:55:35] - |A| - [67584] - C:\WINDOWS\syswow64\dwmapi_FromLFSULTRA-WIDEN.dll [MD5.A691D4B4B4167F56A717C421F9CF58C7] - [10/04/2017 16:55:35] - |A| - [1372160] - C:\WINDOWS\syswow64\dwmcore_FromLFSULTRA-WIDEN.dll [MD5.754AFC50022C95DA7C86B7020DB78136] - [10/04/2017 16:55:37] - |A| - [97280] - C:\WINDOWS\syswow64\dwmredir.dll [MD5.CE21524C53E9671A7108B28FB9B4E474] - [10/04/2017 16:55:37] - |A| - [1251328] - C:\WINDOWS\syswow64\DWrite_FromLFSULTRA-WIDEN.dll [MD5.5DF543E0F1EE5D50EE1865263AA61246] - [10/04/2017 16:55:39] - |A| - [130048] - C:\WINDOWS\syswow64\DWWIN_FromLFSULTRA-WIDEN.EXE [MD5.69C85737F4CA5634E7A19B818579D176] - [10/04/2017 16:55:40] - |A| - [210432] - C:\WINDOWS\syswow64\dxdiagn_FromLFSULTRA-WIDEN.dll [MD5.42BD9F1FA0A5DAC38A5BE56C0E8BEA8B] - [10/04/2017 16:55:39] - |A| - [264704] - C:\WINDOWS\syswow64\dxdiag_FromLFSULTRA-WIDEN.exe [MD5.D4F264FE23F8953D840904418220C15E] - [10/04/2017 16:55:42] - |A| - [293376] - C:\WINDOWS\syswow64\dxgi_FromLFSULTRA-WIDEN.dll [MD5.1AD13A1281BAC6D90B1512A6FFCBB78C] - [10/04/2017 16:55:42] - |A| - [4096] - C:\WINDOWS\syswow64\dxmasf_FromLFSULTRA-WIDEN.dll [MD5.ADDB05C93272A62606599B24730BD645] - [10/04/2017 16:55:47] - |A| - [399872] - C:\WINDOWS\syswow64\DXP.dll [MD5.A4AF1D7A11D280A85B3A54DB60F3994D] - [10/04/2017 16:55:49] - |A| - [16896] - C:\WINDOWS\syswow64\dxpps.dll [MD5.E570CC96463A5E480E2807B032E7F52E] - [10/04/2017 16:55:51] - |A| - [208384] - C:\WINDOWS\syswow64\Dxpserver.exe [MD5.1078F4A06BE5DACDC8429215ADAE8104] - [10/04/2017 16:55:53] - |A| - [630784] - C:\WINDOWS\syswow64\DXPTaskRingtone.dll [MD5.ABA2AAA6F31EE934A76C87B537515EC6] - [10/04/2017 16:55:56] - |A| - [1400320] - C:\WINDOWS\syswow64\DxpTaskSync_FromLFSULTRA-WIDEN.dll [MD5.17B0852D8202A872C3E6D01B518B6A4E] - [10/04/2017 16:55:58] - |A| - [418304] - C:\WINDOWS\syswow64\dxtmsft_FromLFSULTRA-WIDEN.dll [MD5.F26680AF396F89F7ABFDA1D1D6B62011] - [10/04/2017 16:55:59] - |A| - [285696] - C:\WINDOWS\syswow64\dxtrans_FromLFSULTRA-WIDEN.dll [MD5.1F27643C4C626457FCE8F047AE1CD7E1] - [10/04/2017 16:56:00] - |A| - [88064] - C:\WINDOWS\syswow64\dxva2_FromLFSULTRA-WIDEN.dll [MD5.1FEA416DD2EF4D65A5AF0E4AF1DB510E] - [10/04/2017 16:56:00] - |A| - [10240] - C:\WINDOWS\syswow64\Eap3Host.exe [MD5.9B9EF57993ECC02CE7469F3F3AC3CE10] - [10/04/2017 16:56:02] - |A| - [242176] - C:\WINDOWS\syswow64\eapp3hst_FromLFSULTRA-WIDEN.dll [MD5.5A5FEDDF02588B8F9FE4A95E5E7EAE97] - [10/04/2017 16:56:04] - |A| - [183296] - C:\WINDOWS\syswow64\eappcfg_FromLFSULTRA-WIDEN.dll [MD5.6DB7ECBA34165ACB99A1A3C7F739E757] - [10/04/2017 16:56:05] - |A| - [94208] - C:\WINDOWS\syswow64\eappgnui_FromLFSULTRA-WIDEN.dll [MD5.9A892B3439884C62B04718F0303A49E9] - [10/04/2017 16:56:05] - |A| - [222208] - C:\WINDOWS\syswow64\eapphost_FromLFSULTRA-WIDEN.dll [MD5.666E57B6B51824D1D235F80A3DD70A13] - [10/04/2017 16:56:06] - |A| - [56320] - C:\WINDOWS\syswow64\eappprxy_FromLFSULTRA-WIDEN.dll [MD5.9FA14FFC9150B48C5D582DCF6A79D6F2] - [10/04/2017 16:56:06] - |A| - [72704] - C:\WINDOWS\syswow64\EAPQEC.DLL [MD5.8600142FA91C1B96367D3300AD0F3F3A] - [10/04/2017 16:56:07] - |A| - [98304] - C:\WINDOWS\syswow64\eapsvc.dll [MD5.F6E368E10B600836DD349FF937B183A2] - [10/04/2017 16:56:08] - |A| - [69886] - C:\WINDOWS\syswow64\edit.com [MD5.8AA8DCC96FA0492E3B5D415537FAB8FE] - [10/04/2017 16:56:08] - |A| - [10790] - C:\WINDOWS\syswow64\EDIT.HLP [MD5.B7A0AA49CBB604B2C3A42A49C36D8A4F] - [10/04/2017 16:56:09] - |A| - [12642] - C:\WINDOWS\syswow64\edlin.exe [MD5.52A58DC1BFAF31BB2022F0DE2E656D41] - [10/04/2017 16:56:09] - |A| - [82944] - C:\WINDOWS\syswow64\efsadu_FromLFSULTRA-WIDEN.dll [MD5.3F6D9269E7B3A754B1C2F8533DC7F318] - [10/04/2017 16:56:09] - |A| - [205312] - C:\WINDOWS\syswow64\efscore.dll [MD5.91F434FF6606ED9BDC6A05D651B69553] - [10/04/2017 16:56:09] - |A| - [40448] - C:\WINDOWS\syswow64\efslsaext.dll [MD5.00A99DA54C14969A899ED316D16E9A9E] - [10/04/2017 16:56:10] - |A| - [26624] - C:\WINDOWS\syswow64\efssvc.dll [MD5.BCB88EED0CD8632A6167427D8032C39C] - [10/04/2017 16:56:12] - |A| - [12288] - C:\WINDOWS\syswow64\efsui_FromLFSULTRA-WIDEN.exe [MD5.359C3AC547AA1D24EED35BE3AB3759DC] - [10/04/2017 16:56:12] - |A| - [24576] - C:\WINDOWS\syswow64\efsutil_FromLFSULTRA-WIDEN.dll [MD5.52E91EAC2F3175B1A5B0150382B6D771] - [10/04/2017 16:56:13] - |A| - [127213] - C:\WINDOWS\syswow64\ega.cpi [MD5.1060D60CCA69A8136A87DBE3C8F4A467] - [10/04/2017 16:56:13] - |A| - [128512] - C:\WINDOWS\syswow64\EhStorAPI_FromLFSULTRA-WIDEN.dll [MD5.70F20FB785E3726AA9215FBF843E6D9A] - [10/04/2017 16:56:13] - |A| - [130560] - C:\WINDOWS\syswow64\EhStorAuthn_FromLFSULTRA-WIDEN.exe [MD5.CD25BABB1D8ABFF9FD77D6938C368DA9] - [10/04/2017 16:56:14] - |A| - [105472] - C:\WINDOWS\syswow64\EhStorPwdMgr_FromLFSULTRA-WIDEN.dll [MD5.846D0E4DB261CFAF363902E41498E961] - [10/04/2017 16:56:15] - |A| - [189952] - C:\WINDOWS\syswow64\EhStorShell.dll [MD5.9BC1E3EB2495ABB8D2CFD7A92A46E1CD] - [10/04/2017 16:56:24] - |A| - [97176] - C:\WINDOWS\syswow64\ElbyCDIO.dll [MD5.F189CC7F7C13A42480D9B58504156C28] - [10/04/2017 16:56:26] - |A| - [134040] - C:\WINDOWS\syswow64\ElbyVCD.dll [MD5.8444A7364D6877922049E99BF4B78C5C] - [10/04/2017 16:56:28] - |A| - [38912] - C:\WINDOWS\syswow64\ELSCore_FromLFSULTRA-WIDEN.dll [MD5.AD27563BC16AB1EAACAE3033E99C2F78] - [10/04/2017 16:56:31] - |A| - [194048] - C:\WINDOWS\syswow64\elshyph_FromLFSULTRA-WIDEN.dll [MD5.02A2ED8497F437EA200DF3ACED255AFE] - [10/04/2017 16:56:31] - |A| - [551424] - C:\WINDOWS\syswow64\elslad_FromLFSULTRA-WIDEN.dll [MD5.7B3FD36359DE5D2EE49D213CCAD13427] - [10/04/2017 16:56:34] - |A| - [22528] - C:\WINDOWS\syswow64\elsTrans_FromLFSULTRA-WIDEN.dll [MD5.0CF5D6137E51550142DE42BC046EA16E] - [10/04/2017 16:56:26] - |A| - [179200] - C:\WINDOWS\syswow64\els_FromLFSULTRA-WIDEN.dll [MD5.F33A58B7A0E85786AE60E53D4C48C654] - [10/04/2017 16:57:08] - |A| - [20992] - C:\WINDOWS\syswow64\encapi_FromLFSULTRA-WIDEN.dll [MD5.6AF4B613D9EAC33034D2B5776B89394D] - [10/04/2017 16:57:13] - |A| - [535040] - C:\WINDOWS\syswow64\EncDec_FromLFSULTRA-WIDEN.dll [MD5.2CE0A436E739A576A5E4FDA962A5B479] - [10/04/2017 16:57:18] - |A| - [274944] - C:\WINDOWS\syswow64\EncDump_FromLFSULTRA-WIDEN.dll [MD5.BF68AEC3653911A2FAA32639DA3CC0FA] - [10/04/2017 16:57:21] - |A| - [183808] - C:\WINDOWS\syswow64\energy.dll [MD5.3F70C3C67E2D10CDCFCBCF62384AB893] - [10/04/2017 16:57:21] - |A| - [301056] - C:\WINDOWS\syswow64\EOSNotify.exe [MD5.77ABA9399978025CD733DAB538BCAA76] - [10/04/2017 16:57:21] - |A| - [66048] - C:\WINDOWS\syswow64\eqossnap_FromLFSULTRA-WIDEN.dll [MD5.8C9179609935F84202028849112D355A] - [10/04/2017 16:57:40] - |A| - [38912] - C:\WINDOWS\syswow64\esentprf_FromLFSULTRA-WIDEN.dll [MD5.D2DB315B866148D6AAA9E0B3AB31B011] - [10/04/2017 16:57:42] - |A| - [123392] - C:\WINDOWS\syswow64\esentutl_FromLFSULTRA-WIDEN.exe [MD5.256503028879103E9741A276FA24D65D] - [10/04/2017 16:57:40] - |A| - [1698816] - C:\WINDOWS\syswow64\esent_FromLFSULTRA-WIDEN.dll [MD5.DDD1C4AB9A9DAE6D4092C4C95E714650] - [10/04/2017 16:57:43] - |A| - [51712] - C:\WINDOWS\syswow64\esrb_FromLFSULTRA-WIDEN.rs [MD5.F6916EFC29D9953D5D0DF06882AE8E16] - [10/04/2017 16:57:39] - |A| - [271360] - C:\WINDOWS\syswow64\es_FromLFSULTRA-WIDEN.dll [MD5.866CF41319D532FD787DB8BF9BBBB129] - [10/04/2017 16:57:54] - |A| - [4543880] - C:\WINDOWS\syswow64\ETDUI.cpl [MD5.2A77F15B14F45AFAF541812426B9D776] - [01/04/2017 07:58:23] - |A| - [32] - C:\WINDOWS\syswow64\Eu(12-20161212).OD [MD5.050A774CF85E04EE4387515994B8455D] - [10/04/2017 16:57:56] - |A| - [288256] - C:\WINDOWS\syswow64\eudcedit_FromLFSULTRA-WIDEN.exe [MD5.BD0848635A7FF8CD3B24323B7B10FE77] - [10/04/2017 16:57:59] - |A| - [16896] - C:\WINDOWS\syswow64\eventcls_FromLFSULTRA-WIDEN.dll [MD5.F4B36BF2BAD783478FCBE9C1F9620C9E] - [10/04/2017 16:58:00] - |A| - [35328] - C:\WINDOWS\syswow64\eventcreate_FromLFSULTRA-WIDEN.exe [MD5.00000000000000000000000000000000] - [10/04/2017 16:58:01] - |D| - [157184] - C:\WINDOWS\syswow64\EventProviders [MD5.0A05D6A4DE27C77D924F89635987FDA9] - [10/04/2017 16:59:25] - |A| - [17935] - C:\WINDOWS\syswow64\EventViewer_EventDetails_FromLFSULTRA-WIDEN.xsl [MD5.91415D7EB992B77410145DD5FE453D25] - [10/04/2017 16:59:25] - |A| - [79872] - C:\WINDOWS\syswow64\eventvwr_FromLFSULTRA-WIDEN.exe [MD5.9BDCCC1A87CCA27ADEACE8144F385165] - [10/04/2017 16:59:25] - |A| - [145127] - C:\WINDOWS\syswow64\eventvwr_FromLFSULTRA-WIDEN.msc [MD5.65EED8B27B02573948434B583DACFB39] - [10/04/2017 16:59:25] - |A| - [489984] - C:\WINDOWS\syswow64\evr_FromLFSULTRA-WIDEN.dll [MD5.683626544E81387771ED55E1A0F2047B] - [10/04/2017 16:59:26] - |A| - [8424] - C:\WINDOWS\syswow64\exe2bin.exe [MD5.659CED6D7BDA047BCC6048384231DB9F] - [10/04/2017 16:59:26] - |A| - [53248] - C:\WINDOWS\syswow64\expand_FromLFSULTRA-WIDEN.exe [MD5.5CB2886338C82E388F68557E2745200F] - [10/04/2017 16:59:26] - |A| - [1498624] - C:\WINDOWS\syswow64\ExplorerFrame_FromLFSULTRA-WIDEN.dll [MD5.EFF10B20A6F094BC75385791C526546D] - [10/04/2017 16:59:27] - |A| - [380957] - C:\WINDOWS\syswow64\expsrv_FromLFSULTRA-WIDEN.dll [MD5.4D306ED01994EDF577B98FD59BF269C0] - [10/04/2017 16:59:28] - |A| - [53248] - C:\WINDOWS\syswow64\extrac32_FromLFSULTRA-WIDEN.exe [MD5.24157DB2CA700E67457DCE58586E6F05] - [10/04/2017 16:59:28] - |A| - [7168] - C:\WINDOWS\syswow64\f3ahvoas_FromLFSULTRA-WIDEN.dll [MD5.68062C0ECE86AB7801B5B47FDC855A06] - [10/04/2017 16:59:28] - |A| - [882] - C:\WINDOWS\syswow64\fastopen.exe [MD5.1E8D06AAE74FED674C1156B3FEA911C2] - [10/04/2017 16:59:28] - |A| - [320512] - C:\WINDOWS\syswow64\Faultrep_FromLFSULTRA-WIDEN.dll [MD5.DEB9AA27507C858A965C287C11F3ACE3] - [10/04/2017 16:59:29] - |A| - [19968] - C:\WINDOWS\syswow64\fc_FromLFSULTRA-WIDEN.exe [MD5.D3FCA4A510A292F13E9EFD89CEFC55D4] - [10/04/2017 16:59:29] - |A| - [9728] - C:\WINDOWS\syswow64\fdBthProxy_FromLFSULTRA-WIDEN.dll [MD5.0D86A12C82264C1D449934EECD34866C] - [10/04/2017 16:59:29] - |A| - [98304] - C:\WINDOWS\syswow64\fdBth_FromLFSULTRA-WIDEN.dll [MD5.6F241D9C35D157A376003CDEF2E26CAE] - [10/04/2017 16:59:30] - |A| - [59904] - C:\WINDOWS\syswow64\fdeploy_FromLFSULTRA-WIDEN.dll [MD5.B70B2E022318E7EF942EEAC7126E6972] - [10/04/2017 16:59:29] - |A| - [124416] - C:\WINDOWS\syswow64\fde_FromLFSULTRA-WIDEN.dll [MD5.F3222C893BD2F5821A0179E5C71E88FB] - [10/04/2017 16:59:30] - |A| - [12800] - C:\WINDOWS\syswow64\fdPHost.dll [MD5.F34CFADA6C48DAA41B996D24C7D8D3CA] - [10/04/2017 16:59:30] - |A| - [41984] - C:\WINDOWS\syswow64\fdPnp_FromLFSULTRA-WIDEN.dll [MD5.6FF0EBF511292EA864E7A6CFA831FC57] - [10/04/2017 16:59:31] - |A| - [248832] - C:\WINDOWS\syswow64\fdprint_FromLFSULTRA-WIDEN.dll [MD5.3FF0FA0A81910617739644A06D06D016] - [10/04/2017 16:59:31] - |A| - [27136] - C:\WINDOWS\syswow64\fdProxy_FromLFSULTRA-WIDEN.dll [MD5.7DBE8CBFE79EFBDEB98C9FB08D3A9A5B] - [10/04/2017 16:59:31] - |A| - [28160] - C:\WINDOWS\syswow64\FDResPub.dll [MD5.674611721264013DB169EC12AFC9C3B6] - [10/04/2017 16:59:32] - |A| - [76800] - C:\WINDOWS\syswow64\fdSSDP_FromLFSULTRA-WIDEN.dll [MD5.516BEB000047F7647F265BC8A71D8C19] - [10/04/2017 16:59:32] - |A| - [81920] - C:\WINDOWS\syswow64\fdWCN_FromLFSULTRA-WIDEN.dll [MD5.9EEEAB29FAD8EF06DE605748F5895252] - [10/04/2017 16:59:33] - |A| - [24576] - C:\WINDOWS\syswow64\fdWNet_FromLFSULTRA-WIDEN.dll [MD5.DE6F4B7E62FDE776F3DE8E5FB5A05C48] - [10/04/2017 16:59:33] - |A| - [107008] - C:\WINDOWS\syswow64\fdWSD_FromLFSULTRA-WIDEN.dll [MD5.A2631C4465BBCE72B7E371DFB924A9D3] - [10/04/2017 16:59:33] - |A| - [35328] - C:\WINDOWS\syswow64\feclient_FromLFSULTRA-WIDEN.dll [MD5.2EACB2BBF309CF4E86D5A8C9554D8B6C] - [09/04/2017 12:10:27] - |A| - [20480] - C:\WINDOWS\syswow64\FileDemultiplexorMP.dll [MD5.2EACB2BBF309CF4E86D5A8C9554D8B6C] - [10/04/2017 16:59:37] - |A| - [20480] - C:\WINDOWS\syswow64\FileDemultiplexorMP_FromLFSULTRA-WIDEN.dll [MD5.A3E23DD82AA7963D9F7D184BEEEE5448] - [10/04/2017 16:59:37] - |A| - [444416] - C:\WINDOWS\syswow64\filemgmt_FromLFSULTRA-WIDEN.dll [MD5.E83DD6F6BBA2D6D16A6E69EE56FB7EB6] - [10/04/2017 16:59:38] - |A| - [58368] - C:\WINDOWS\syswow64\findnetprinters_FromLFSULTRA-WIDEN.dll [MD5.18F02C555FBC9885DF9DB77754D6BB9B] - [10/04/2017 16:59:38] - |A| - [62976] - C:\WINDOWS\syswow64\findstr_FromLFSULTRA-WIDEN.exe [MD5.5816034B0B629756163B80838853B730] - [10/04/2017 16:59:38] - |A| - [13824] - C:\WINDOWS\syswow64\find_FromLFSULTRA-WIDEN.exe [MD5.EEC4E983BADE61121F4FB56F347D9B6B] - [10/04/2017 16:59:39] - |A| - [10240] - C:\WINDOWS\syswow64\finger_FromLFSULTRA-WIDEN.exe [MD5.371F3248198FC6732D14F110495F25F6] - [10/04/2017 16:59:39] - |A| - [4608] - C:\WINDOWS\syswow64\Firewall.cpl [MD5.3F50200237961034FACE602373838980] - [10/04/2017 16:59:39] - |A| - [462848] - C:\WINDOWS\syswow64\FirewallAPI_FromLFSULTRA-WIDEN.dll [MD5.84897874906481E0B3F4045DAD90D69F] - [10/04/2017 16:59:40] - |A| - [856576] - C:\WINDOWS\syswow64\FirewallControlPanel_FromLFSULTRA-WIDEN.dll [MD5.4489D5077C5D2396E3A94D652ADAE1CA] - [10/04/2017 16:59:40] - |A| - [14336] - C:\WINDOWS\syswow64\fixmapi_FromLFSULTRA-WIDEN.exe [MD5.EC65263DF80DE0F351B4967E301ACFA6] - [10/04/2017 16:59:41] - |A| - [802904] - C:\WINDOWS\syswow64\FlashPlayerApp_FromLFSULTRA-WIDEN.exe [MD5.D42B702E3FF8175DA9F4EFAE36356BD8] - [10/04/2017 16:59:41] - |A| - [144472] - C:\WINDOWS\syswow64\FlashPlayerCPLApp_FromLFSULTRA-WIDEN.cpl [MD5.1EBE9524683C7C4EED8B8BC93FB6FBCC] - [10/04/2017 16:59:42] - |A| - [14848] - C:\WINDOWS\syswow64\fltLib_FromLFSULTRA-WIDEN.dll [MD5.94F61D2746FCCBDA0D3447077C654F3D] - [10/04/2017 16:59:42] - |A| - [18944] - C:\WINDOWS\syswow64\fltMC_FromLFSULTRA-WIDEN.exe [MD5.C31B1A6A5C61E9AABA2B6428F044DC53] - [10/04/2017 16:59:43] - |A| - [299424] - C:\WINDOWS\syswow64\FMAPO.dll [MD5.9F45C57EEAC06B6B54B2A25FD756EDD5] - [10/04/2017 16:59:43] - |A| - [23552] - C:\WINDOWS\syswow64\fmifs_FromLFSULTRA-WIDEN.dll [MD5.737AFC772243C75E6AD17A7A8E8E23F9] - [10/04/2017 16:59:44] - |A| - [93696] - C:\WINDOWS\syswow64\fms_FromLFSULTRA-WIDEN.dll [MD5.38B0E065EE0F17BD60757497F82CAB1F] - [10/04/2017 16:59:45] - |A| - [269352] - C:\WINDOWS\syswow64\FNTCACHE.DAT [MD5.37DE123FE4276D8EC7F3C5B10C236238] - [10/04/2017 16:59:45] - |A| - [909824] - C:\WINDOWS\syswow64\FntCache.dll [MD5.69C81451DCE63069A036FBF646A86996] - [10/04/2017 16:59:46] - |A| - [828928] - C:\WINDOWS\syswow64\fontext_FromLFSULTRA-WIDEN.dll [MD5.7983F3481E89B96074FAE9AFCC24079C] - [10/04/2017 16:59:47] - |A| - [70656] - C:\WINDOWS\syswow64\fontsub_FromLFSULTRA-WIDEN.dll [MD5.2649E3127C3081B227FAE1BFD1507502] - [10/04/2017 16:59:48] - |A| - [104448] - C:\WINDOWS\syswow64\fontview_FromLFSULTRA-WIDEN.exe [MD5.831F24F91D96C301529BE0C96FB352B9] - [10/04/2017 16:59:48] - |A| - [43008] - C:\WINDOWS\syswow64\forfiles_FromLFSULTRA-WIDEN.exe [MD5.6D2F3D25402B3A3981E884C59C7D4720] - [10/04/2017 16:59:49] - |A| - [35840] - C:\WINDOWS\syswow64\format_FromLFSULTRA-WIDEN.com [MD5.A704E750245D5D4EE4A23E99A00F27D5] - [10/04/2017 16:59:49] - |A| - [46592] - C:\WINDOWS\syswow64\fpb_FromLFSULTRA-WIDEN.rs [MD5.8126CB6DEA909054E4ECA1F0D55B7579] - [10/04/2017 16:59:50] - |A| - [98304] - C:\WINDOWS\syswow64\fphc_FromLFSULTRA-WIDEN.dll [MD5.229A6606904638C5A4A3CBC5FEF1DCDC] - [10/04/2017 17:16:05] - |A| - [11776] - C:\WINDOWS\syswow64\framebuf.dll [MD5.D0481FB85BEEDD30A0884BE327880F80] - [10/04/2017 17:16:08] - |A| - [206336] - C:\WINDOWS\syswow64\framedynos_FromLFSULTRA-WIDEN.dll [MD5.E362FAA5E232D9A326F42D8F78AEA2D8] - [10/04/2017 17:16:08] - |A| - [202752] - C:\WINDOWS\syswow64\framedyn_FromLFSULTRA-WIDEN.dll [MD5.97AED7FC6C2B38F34CA1A3C10D2F5A60] - [10/04/2017 17:16:09] - |A| - [144909] - C:\WINDOWS\syswow64\fsmgmt_FromLFSULTRA-WIDEN.msc [MD5.0A6173561A8F993CD005F6B52B04F4DD] - [10/04/2017 17:16:11] - |A| - [73728] - C:\WINDOWS\syswow64\fsutil_FromLFSULTRA-WIDEN.exe [MD5.47BB23927747B934C6690F86C33E3C16] - [10/04/2017 17:16:11] - |A| - [179712] - C:\WINDOWS\syswow64\fthsvc.dll [MD5.9996103F8A650BDB3586C9AAE1101912] - [10/04/2017 17:16:14] - |A| - [42496] - C:\WINDOWS\syswow64\ftp_FromLFSULTRA-WIDEN.exe [MD5.89D90579E5FB1469CB0464F6512E42B7] - [10/04/2017 17:16:16] - |A| - [167424] - C:\WINDOWS\syswow64\fundisc_FromLFSULTRA-WIDEN.dll [MD5.6B83397B551BA65E2B28F7AD17DE1F9C] - [10/04/2017 17:16:16] - |A| - [355456] - C:\WINDOWS\syswow64\fveapi.dll [MD5.0036298766DB8C93D72F03AE7C1337BF] - [10/04/2017 17:16:18] - |A| - [97792] - C:\WINDOWS\syswow64\fveapibase.dll [MD5.C87F28A34B3840F4B40011D170B1A159] - [10/04/2017 17:16:19] - |A| - [16896] - C:\WINDOWS\syswow64\fvecerts.dll [MD5.052B00B43EE014E048E4D3FF9B925B3E] - [10/04/2017 17:16:20] - |A| - [115712] - C:\WINDOWS\syswow64\fvenotify.exe [MD5.0BC652C8F0CC8E022C12F8D33B69001E] - [10/04/2017 17:16:26] - |A| - [104960] - C:\WINDOWS\syswow64\fveprompt.exe [MD5.24352E2E8502FCF27F2976D73DC894FC] - [10/04/2017 17:16:31] - |A| - [183296] - C:\WINDOWS\syswow64\fveRecover.dll [MD5.9FD6496B6D91C8BE2A10BD55EAE2D5F2] - [10/04/2017 17:16:36] - |A| - [113152] - C:\WINDOWS\syswow64\fveui.dll [MD5.E30C5F23B28D8BFD02E0E6AE79AC83A4] - [10/04/2017 17:16:36] - |A| - [57856] - C:\WINDOWS\syswow64\fwcfg_FromLFSULTRA-WIDEN.dll [MD5.F0D0E883EBBDC7615DC9EDEA0FFB2817] - [10/04/2017 17:16:36] - |A| - [216576] - C:\WINDOWS\syswow64\FWPUCLNT_FromLFSULTRA-WIDEN.DLL [MD5.DB603D3FD090C66F9709EF6493C26BA3] - [10/04/2017 17:16:38] - |A| - [44032] - C:\WINDOWS\syswow64\FwRemoteSvr_FromLFSULTRA-WIDEN.dll [MD5.942E57152F1CD0533644AB30EF1A4728] - [10/04/2017 17:16:39] - |A| - [227328] - C:\WINDOWS\syswow64\FXSAPI_FromLFSULTRA-WIDEN.dll [MD5.4732AE40B1A9DDB9769F69177AB06528] - [10/04/2017 17:16:39] - |A| - [472576] - C:\WINDOWS\syswow64\FXSCOMEX_FromLFSULTRA-WIDEN.dll [MD5.7AC8CD1CCA84E40B95AF5EE14ED60E6B] - [10/04/2017 17:16:40] - |A| - [709120] - C:\WINDOWS\syswow64\FXSCOMPOSE.dll [MD5.BCAF5F491BA0220B8C480E9EE46F7DB6] - [10/04/2017 17:16:41] - |A| - [34816] - C:\WINDOWS\syswow64\FXSCOMPOSERES.dll [MD5.2AE14C258AA95FE5CD1BD1CA8ACB1E88] - [10/04/2017 17:16:39] - |A| - [78336] - C:\WINDOWS\syswow64\FXSCOM_FromLFSULTRA-WIDEN.dll [MD5.C245EBD6B1A5FB6E6BBE2A635032490F] - [10/04/2017 17:16:41] - |A| - [191488] - C:\WINDOWS\syswow64\FXSCOVER.exe [MD5.42ED0AFF912C7B87F3A8E5F7716B3641] - [10/04/2017 17:16:41] - |A| - [7680] - C:\WINDOWS\syswow64\FXSEVENT.dll [MD5.2943A430B6EC39E98038F7CFA35680D7] - [10/04/2017 17:16:42] - |A| - [40448] - C:\WINDOWS\syswow64\FXSEXT32_FromLFSULTRA-WIDEN.dll [MD5.126F8331BD023178C7F0EF2F5EDE16B3] - [10/04/2017 17:16:42] - |A| - [39424] - C:\WINDOWS\syswow64\FXSMON.dll [MD5.C4096CA42199428B3D63DC206C197F0E] - [10/04/2017 17:16:43] - |A| - [925184] - C:\WINDOWS\syswow64\FXSRESM_FromLFSULTRA-WIDEN.dll [MD5.68607061AFC4B87E71558D26B2C331C3] - [10/04/2017 17:16:44] - |A| - [67072] - C:\WINDOWS\syswow64\FXSROUTE.dll [MD5.C2D6A4475B87651D5909E364439FDA52] - [10/04/2017 17:16:45] - |A| - [848384] - C:\WINDOWS\syswow64\FXSST.dll [MD5.967EA5B213E9984CBE270205DF37755B] - [10/04/2017 17:16:46] - |A| - [523264] - C:\WINDOWS\syswow64\FXSSVC.exe [MD5.D924B8C8C39DD92051FFC5004162E50B] - [10/04/2017 17:16:46] - |A| - [216064] - C:\WINDOWS\syswow64\FXST30.dll [MD5.6468512559971A92A66E2AA08AC8BA61] - [10/04/2017 17:16:47] - |A| - [430080] - C:\WINDOWS\syswow64\FXSTIFF.dll [MD5.2582260ECD7EA4146CC58D53E37C6CDC] - [10/04/2017 17:16:48] - |A| - [19968] - C:\WINDOWS\syswow64\FXSUNATD.exe [MD5.FD39C514C42DD3EB6B8E3B87233047EE] - [10/04/2017 17:16:48] - |A| - [175104] - C:\WINDOWS\syswow64\FXSUTILITY.dll [MD5.26D2532B8E63B0B3526AF869815A7D90] - [10/04/2017 17:16:48] - |A| - [457216] - C:\WINDOWS\syswow64\FXSXP32_FromLFSULTRA-WIDEN.dll [MD5.E84735F79C272FCEC320A6BED2861475] - [10/04/2017 17:16:49] - |A| - [45568] - C:\WINDOWS\syswow64\g711codc_FromLFSULTRA-WIDEN.ax [MD5.36F4710C9E022F556EAA505A2BF24675] - [10/04/2017 17:16:49] - |A| - [50176] - C:\WINDOWS\syswow64\gacinstall.dll [MD5.F01EA0997DBC8E7EEA367FF7B866AB34] - [10/04/2017 17:16:52] - |A| - [4240384] - C:\WINDOWS\syswow64\GameUXLegacyGDFs_FromLFSULTRA-WIDEN.dll [MD5.64E211E0FDFCE4D186DF58BB7D0503BC] - [10/04/2017 17:16:50] - |A| - [2576384] - C:\WINDOWS\syswow64\gameux_FromLFSULTRA-WIDEN.dll [MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - [10/04/2017 17:16:55] - |A| - [40552] - C:\WINDOWS\syswow64\gatherNetworkInfo.vbs [MD5.4FDED87068052EEB9B72A97FDBC141DB] - [10/04/2017 17:16:57] - |A| - [24006] - C:\WINDOWS\syswow64\gb2312_FromLFSULTRA-WIDEN.uce [MD5.0A7E4545551B64C9B78B9EC27D8650AD] - [10/04/2017 17:16:57] - |A| - [120832] - C:\WINDOWS\syswow64\gcdef_FromLFSULTRA-WIDEN.dll [MD5.80E15C136F95800C9172E610AA96D9C2] - [10/04/2017 17:16:58] - |A| - [24576] - C:\WINDOWS\syswow64\GDI.EXE [MD5.E87F5393F7D8CE2FACC4DFF703531392] - [10/04/2017 17:16:58] - |A| - [304640] - C:\WINDOWS\syswow64\gdi32_FromLFSULTRA-WIDEN.dll [MD5.1E4ED2A9CD2BE20D9A640A80E9A185C5] - [10/04/2017 17:16:59] - |A| - [58736] - C:\WINDOWS\syswow64\GDIPFONTCACHEV1.DAT [MD5.D0AAAE16BA162DD89D646887F1539855] - [10/04/2017 17:16:59] - |A| - [1700352] - C:\WINDOWS\syswow64\gdiplus_FromLFSULTRA-WIDEN.dll [MD5.F75FB741A2401C76B7AA144F87497AA9] - [10/04/2017 17:17:01] - |A| - [65024] - C:\WINDOWS\syswow64\getmac_FromLFSULTRA-WIDEN.exe [MD5.D5146D1EC366FCDEAFB313833FCC4484] - [10/04/2017 17:17:01] - |A| - [10240] - C:\WINDOWS\syswow64\GettingStarted.exe [MD5.5059EC46228E7255B9AA9ACDE9D85C2A] - [10/04/2017 17:17:01] - |A| - [7680] - C:\WINDOWS\syswow64\getuname_FromLFSULTRA-WIDEN.dll [MD5.11CC082552A4AEE9871B5AF89729D848] - [10/04/2017 17:17:01] - |A| - [138088] - C:\WINDOWS\syswow64\Gfxres.ar-SA.resources [MD5.F199DAD26596A6084C44C9801F71CC31] - [10/04/2017 17:17:02] - |A| - [116944] - C:\WINDOWS\syswow64\Gfxres.cs-CZ.resources [MD5.0471ECBD53E43A2ACFBB845A08FEF8C9] - [10/04/2017 17:17:02] - |A| - [112445] - C:\WINDOWS\syswow64\Gfxres.da-DK.resources [MD5.CB3AE8568F85F22E5558BF40A1063DBE] - [10/04/2017 17:17:03] - |A| - [120882] - C:\WINDOWS\syswow64\Gfxres.de-DE.resources [MD5.A5E6C173DF1CC3606F81DC3C1246ED8F] - [10/04/2017 17:17:03] - |A| - [176490] - C:\WINDOWS\syswow64\Gfxres.el-GR.resources [MD5.A966BD9DB72E40F673DF0470284C5C72] - [10/04/2017 17:17:04] - |A| - [108405] - C:\WINDOWS\syswow64\Gfxres.en-US.resources [MD5.46F5D8F17E72BD8310FB670F71528DBC] - [10/04/2017 17:17:04] - |A| - [121132] - C:\WINDOWS\syswow64\Gfxres.es-ES.resources [MD5.A9C794BEB7EE77CAB6C98375E979B6D4] - [10/04/2017 17:17:04] - |A| - [116868] - C:\WINDOWS\syswow64\Gfxres.fi-FI.resources [MD5.B6D1B07002AF7BEE68145C7345E8707E] - [10/04/2017 17:17:05] - |A| - [118949] - C:\WINDOWS\syswow64\Gfxres.fr-FR.resources [MD5.1D15D27609AFF2C7CAEAE8D701E74F9A] - [10/04/2017 17:17:05] - |A| - [131904] - C:\WINDOWS\syswow64\Gfxres.he-IL.resources [MD5.55DBF4CFAC3549BA7733E0EE025589FB] - [10/04/2017 17:17:05] - |A| - [117737] - C:\WINDOWS\syswow64\Gfxres.hu-HU.resources [MD5.7A5BA2BAB91DF0C1602AF4A00C0B4612] - [10/04/2017 17:17:05] - |A| - [123747] - C:\WINDOWS\syswow64\Gfxres.it-IT.resources [MD5.31D92C318AB7D91311766F62B7D8E8F7] - [10/04/2017 17:17:06] - |A| - [134602] - C:\WINDOWS\syswow64\Gfxres.ja-JP.resources [MD5.BE8E4AE53971FA0145B2189924203ECA] - [10/04/2017 17:17:06] - |A| - [121451] - C:\WINDOWS\syswow64\Gfxres.ko-KR.resources [MD5.11FB500A509594C0E003FF85674B8EA2] - [10/04/2017 17:17:06] - |A| - [113040] - C:\WINDOWS\syswow64\Gfxres.nb-NO.resources [MD5.A739A50062BE232912AB60F10E19660A] - [10/04/2017 17:17:07] - |A| - [117762] - C:\WINDOWS\syswow64\Gfxres.nl-NL.resources [MD5.54AB3D614D6A42780555D2E2C62C69E3] - [10/04/2017 17:17:07] - |A| - [116629] - C:\WINDOWS\syswow64\Gfxres.pl-PL.resources [MD5.E75CED9295449E4832BA75027545799D] - [10/04/2017 17:17:08] - |A| - [118569] - C:\WINDOWS\syswow64\Gfxres.pt-BR.resources [MD5.C0A4D8BC3BCA1E032AF8CA7076004F03] - [10/04/2017 17:17:08] - |A| - [117229] - C:\WINDOWS\syswow64\Gfxres.pt-PT.resources [MD5.3915E935F2D1D69795609742353F83FF] - [10/04/2017 17:17:08] - |A| - [163560] - C:\WINDOWS\syswow64\Gfxres.ru-RU.resources [MD5.7D8ACC3BBFD31CCF4D54DEC6A14C7E5E] - [10/04/2017 17:17:08] - |A| - [116230] - C:\WINDOWS\syswow64\Gfxres.sk-SK.resources [MD5.2F48BF3A4C85390D783BF8CE53D5C338] - [10/04/2017 17:17:08] - |A| - [112529] - C:\WINDOWS\syswow64\Gfxres.sl-SI.resources [MD5.DC2A5446DB650963CD77415550DFB972] - [10/04/2017 17:17:09] - |A| - [117527] - C:\WINDOWS\syswow64\Gfxres.sv-SE.resources [MD5.14D16733E9BFE9FCDA114F821D666E3E] - [10/04/2017 17:17:09] - |A| - [187765] - C:\WINDOWS\syswow64\Gfxres.th-TH.resources [MD5.FCBA6230AAF141D21B1F170A6C40740A] - [10/04/2017 17:17:09] - |A| - [119326] - C:\WINDOWS\syswow64\Gfxres.tr-TR.resources [MD5.1FB5A3F6EF2C80D0377F539CF592C8A6] - [10/04/2017 17:17:09] - |A| - [101113] - C:\WINDOWS\syswow64\Gfxres.zh-CN.resources [MD5.5F8736A7478CB5D6DBCBA81E7A5D1ED9] - [10/04/2017 17:17:09] - |A| - [102229] - C:\WINDOWS\syswow64\Gfxres.zh-TW.resources [MD5.9F5EB5371CD1B7147299DF585751C467] - [10/04/2017 17:17:10] - |A| - [119808] - C:\WINDOWS\syswow64\gfxSrvc.dll [MD5.EE91AF5E56929C18208DD3BD926A01ED] - [10/04/2017 17:17:10] - |A| - [3126808] - C:\WINDOWS\syswow64\GfxUI.exe [MD5.FFB49EE58EF3E271AA25F847D3299047] - [10/04/2017 17:17:11] - |A| - [151] - C:\WINDOWS\syswow64\GfxUI.exe.config [MD5.CD30B45534037E7E19A4F0393479BB25] - [10/04/2017 17:17:13] - |A| - [315392] - C:\WINDOWS\syswow64\glmf32_FromLFSULTRA-WIDEN.dll [MD5.DE3897365B04C4DA1CF8FF725577C082] - [10/04/2017 17:17:14] - |A| - [130048] - C:\WINDOWS\syswow64\glu32_FromLFSULTRA-WIDEN.dll [MD5.1097F3035BAF46CED8B332B3564C5108] - [10/04/2017 17:17:14] - |A| - [79872] - C:\WINDOWS\syswow64\gpapi_FromLFSULTRA-WIDEN.dll [MD5.F4CB9FF6AA4F0D3FBE707BE54BB05768] - [10/04/2017 17:17:14] - |A| - [951808] - C:\WINDOWS\syswow64\gpedit_FromLFSULTRA-WIDEN.dll [MD5.C65076670A5F08BE91BBDB5066C949BD] - [10/04/2017 17:17:14] - |A| - [33792] - C:\WINDOWS\syswow64\gpprnext_FromLFSULTRA-WIDEN.dll [MD5.E32AC8B1091F300A580DA58576934DD7] - [10/04/2017 17:17:14] - |A| - [128000] - C:\WINDOWS\syswow64\gpresult_FromLFSULTRA-WIDEN.exe [MD5.E897EAF5ED6BA41E081060C9B447A673] - [10/04/2017 17:17:15] - |A| - [593408] - C:\WINDOWS\syswow64\gpsvc.dll [MD5.BE331669F6FBDDD153AB4F0BDAC165CA] - [10/04/2017 17:17:16] - |A| - [18944] - C:\WINDOWS\syswow64\gptext_FromLFSULTRA-WIDEN.dll [MD5.37A4FA8BFAC3778EE35C1362FB1A6175] - [10/04/2017 17:17:16] - |A| - [16896] - C:\WINDOWS\syswow64\gpupdate_FromLFSULTRA-WIDEN.exe [MD5.A84EF6BA5248BC34683DDC5495563254] - [10/04/2017 17:17:16] - |A| - [58880] - C:\WINDOWS\syswow64\graftabl.com [MD5.6E4E7884E6489AC4F5E6DAB176A73E52] - [10/04/2017 17:17:17] - |A| - [19694] - C:\WINDOWS\syswow64\GRAPHICS.COM [MD5.BC33AA625D6B807F718627386DF78426] - [10/04/2017 17:17:17] - |A| - [21232] - C:\WINDOWS\syswow64\graphics.pro [MD5.A067A19A91C2AA0198F9BD01A5CEF5C6] - [10/04/2017 17:17:17] - |A| - [21504] - C:\WINDOWS\syswow64\grb_FromLFSULTRA-WIDEN.rs [MD5.29CEF91880AFE6193528AC27B5589F99] - [10/04/2017 17:17:17] - |A| - [55808] - C:\WINDOWS\syswow64\Groupinghc.dll [MD5.67517491E2367098334372E0C167F515] - [10/04/2017 17:17:17] - |A| - [16384] - C:\WINDOWS\syswow64\grpconv_FromLFSULTRA-WIDEN.exe [MD5.38A1DCB87B5B81618EDFF3072399594E] - [09/04/2017 23:30:57] - |A| - [732368] - C:\WINDOWS\syswow64\guard32.dll [MD5.38A1DCB87B5B81618EDFF3072399594E] - [10/04/2017 17:17:17] - |A| - [732368] - C:\WINDOWS\syswow64\guard32_FromLFSULTRA-WIDEN.dll [MD5.1BF0D4727FDB437D513CFF8A9359C050] - [10/04/2017 17:17:18] - |A| - [194432] - C:\WINDOWS\syswow64\hal.dll [MD5.0A2DFF70EB5210C4F7D4954A317E9B04] - [10/04/2017 17:17:18] - |A| - [137088] - C:\WINDOWS\syswow64\halacpi.dll [MD5.1BF0D4727FDB437D513CFF8A9359C050] - [10/04/2017 17:17:19] - |A| - [194432] - C:\WINDOWS\syswow64\halmacpi.dll [MD5.CFE599FA85D52F82327FA8C549AD9296] - [10/04/2017 17:17:19] - |A| - [66560] - C:\WINDOWS\syswow64\hbaapi_FromLFSULTRA-WIDEN.dll [MD5.4C9CDC18F0416BFCB5A26856874F799C] - [10/04/2017 17:17:19] - |A| - [94208] - C:\WINDOWS\syswow64\hccutils.dll [MD5.57CE9D8350B1DD76EEC596C423C3C0BC] - [10/04/2017 17:17:20] - |A| - [26112] - C:\WINDOWS\syswow64\hcproviders_FromLFSULTRA-WIDEN.dll [MD5.C8026CE76E291E555A4A1F8B9D056A22] - [10/04/2017 17:17:20] - |A| - [234496] - C:\WINDOWS\syswow64\hdwwiz_FromLFSULTRA-WIDEN.cpl [MD5.536020876C0980D49094E7EBB94A00AA] - [10/04/2017 17:17:20] - |A| - [64512] - C:\WINDOWS\syswow64\hdwwiz_FromLFSULTRA-WIDEN.exe [MD5.6F6759407B843B99E0367036632EC798] - [10/04/2017 17:17:21] - |A| - [55808] - C:\WINDOWS\syswow64\HelpPaneProxy_FromLFSULTRA-WIDEN.dll [MD5.0F488C73AA50C2FC1361F19E8FC19926] - [10/04/2017 17:17:21] - |A| - [8704] - C:\WINDOWS\syswow64\help_FromLFSULTRA-WIDEN.exe [MD5.C7952D0A4C43A965A1741916BB134751] - [10/04/2017 17:17:21] - |A| - [312832] - C:\WINDOWS\syswow64\hgcpl_FromLFSULTRA-WIDEN.dll [MD5.F059EB4C9C256F62F196EAA439E28F74] - [10/04/2017 17:17:21] - |A| - [155136] - C:\WINDOWS\syswow64\hgprint.dll [MD5.BB50B21FEE2A6F3E5FC92B330ECCF050] - [10/04/2017 17:17:22] - |A| - [523776] - C:\WINDOWS\syswow64\hhctrl_FromLFSULTRA-WIDEN.ocx [MD5.7279E44FB67D3C619C1E1EB6C8E0E9FB] - [10/04/2017 17:17:22] - |A| - [43008] - C:\WINDOWS\syswow64\hhsetup_FromLFSULTRA-WIDEN.dll [MD5.370A293BBA0EA615553EEAE7598CCEE0] - [10/04/2017 17:17:23] - |A| - [3680] - C:\WINDOWS\syswow64\HideMyIpSRVOff.ini [MD5.E2F6CC0D191361EE94FEA3957653F531] - [10/04/2017 17:17:24] - |A| - [30720] - C:\WINDOWS\syswow64\hidphone_FromLFSULTRA-WIDEN.tsp [MD5.2BC6F6A1992B3A77F5F41432CA6B3B6B] - [10/04/2017 17:17:24] - |A| - [49152] - C:\WINDOWS\syswow64\hidserv_FromLFSULTRA-WIDEN.dll [MD5.63DF770DF74ACB370EF5A16727069AAF] - [10/04/2017 17:17:22] - |A| - [22016] - C:\WINDOWS\syswow64\hid_FromLFSULTRA-WIDEN.dll [MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - [10/04/2017 17:17:24] - |A| - [4768] - C:\WINDOWS\syswow64\HIMEM.SYS [MD5.2359813ED1CAEE5AD6DB3DB80430C441] - [10/04/2017 17:17:24] - |A| - [175640] - C:\WINDOWS\syswow64\hkcmd.exe [MD5.565A30B70BE8A9B171839003F2D69683] - [10/04/2017 17:17:25] - |A| - [84992] - C:\WINDOWS\syswow64\hlink_FromLFSULTRA-WIDEN.dll [MD5.6F4976E485DE966519BFD124557DDCE7] - [07/04/2017 08:18:13] - |A| - [364032] - C:\WINDOWS\syswow64\HMIPCore.dll [MD5.6F4976E485DE966519BFD124557DDCE7] - [10/04/2017 17:17:25] - |A| - [364032] - C:\WINDOWS\syswow64\HMIPCore_FromLFSULTRA-WIDEN.dll [MD5.6383C60EC0133B14F5705F96369421B2] - [10/04/2017 17:17:25] - |A| - [288256] - C:\WINDOWS\syswow64\hnetcfg_FromLFSULTRA-WIDEN.dll [MD5.1AB8579D3CBCCCC1612D9B8615C68AB9] - [10/04/2017 17:17:26] - |A| - [14848] - C:\WINDOWS\syswow64\hnetmon_FromLFSULTRA-WIDEN.dll [MD5.B3A44F80F5B23C1F698398F5D49FFFA6] - [10/04/2017 17:17:26] - |A| - [8704] - C:\WINDOWS\syswow64\HOSTNAME_FromLFSULTRA-WIDEN.EXE [MD5.7C5628C7445A7435DBD184C4215D3C33] - [10/04/2017 17:17:26] - |A| - [56320] - C:\WINDOWS\syswow64\hotplug.dll [MD5.EF853EA2A6A7BD891CCF31B0C2915352] - [10/04/2017 17:17:27] - |A| - [341504] - C:\WINDOWS\syswow64\html_FromLFSULTRA-WIDEN.iec [MD5.8CD1DEE212E52B9C22E66DBA44991D32] - [10/04/2017 17:17:27] - |A| - [34816] - C:\WINDOWS\syswow64\httpapi_FromLFSULTRA-WIDEN.dll [MD5.E5A866F7D2CE89B5CECCC1787DE78F95] - [10/04/2017 17:17:28] - |A| - [33792] - C:\WINDOWS\syswow64\htui_FromLFSULTRA-WIDEN.dll [MD5.19DDAB9182C54C03ABC979FDCAE7D2DE] - [10/04/2017 17:17:31] - |A| - [197632] - C:\WINDOWS\syswow64\iac25_32_FromLFSULTRA-WIDEN.ax [MD5.00000000000000000000000000000000] - [10/04/2017 17:17:31] - |D| - [5489] - C:\WINDOWS\syswow64\ias [MD5.EB9B8B2C75FFC489F57E16794FD41215] - [10/04/2017 17:17:32] - |A| - [78848] - C:\WINDOWS\syswow64\iasacct_FromLFSULTRA-WIDEN.dll [MD5.9937B83819E32E8B0AF9197E7E1FAA12] - [10/04/2017 17:17:33] - |A| - [59392] - C:\WINDOWS\syswow64\iasads_FromLFSULTRA-WIDEN.dll [MD5.68B9974BC33109C914DC48057378A460] - [10/04/2017 17:17:32] - |A| - [49664] - C:\WINDOWS\syswow64\iasdatastore_FromLFSULTRA-WIDEN.dll [MD5.1FC03F444F56CBCD7BF59D1F569E9553] - [10/04/2017 17:17:33] - |A| - [81408] - C:\WINDOWS\syswow64\iashlpr_FromLFSULTRA-WIDEN.dll [MD5.D6D029E7D20FD37CB0FEC13A647ECE04] - [10/04/2017 17:17:33] - |A| - [485376] - C:\WINDOWS\syswow64\IasMigPlugin_FromLFSULTRA-WIDEN.dll [MD5.685EB50ED22DE5BF8BDAFA991669AC06] - [10/04/2017 17:17:34] - |A| - [157696] - C:\WINDOWS\syswow64\iasnap_FromLFSULTRA-WIDEN.dll [MD5.8FA5660BADD09F59B4D965B4CA33C7DE] - [10/04/2017 17:17:35] - |A| - [34304] - C:\WINDOWS\syswow64\iaspolcy_FromLFSULTRA-WIDEN.dll [MD5.186147C89867B66CB02667D4037C7550] - [10/04/2017 17:17:35] - |A| - [172032] - C:\WINDOWS\syswow64\iasrad_FromLFSULTRA-WIDEN.dll [MD5.4EA584FCC419E66E9ADCEEAE0B0A7301] - [10/04/2017 17:17:36] - |A| - [122880] - C:\WINDOWS\syswow64\iasrecst_FromLFSULTRA-WIDEN.dll [MD5.93858F87D159DC6E164D018A0531E879] - [10/04/2017 17:17:37] - |A| - [191488] - C:\WINDOWS\syswow64\iassam_FromLFSULTRA-WIDEN.dll [MD5.413EF75B686DB3EEBEE849C25859FBB4] - [10/04/2017 17:17:37] - |A| - [322560] - C:\WINDOWS\syswow64\iassdo_FromLFSULTRA-WIDEN.dll [MD5.F215EB1ECC4E185E5850E7E1118B5D24] - [10/04/2017 17:17:38] - |A| - [77824] - C:\WINDOWS\syswow64\iassvcs_FromLFSULTRA-WIDEN.dll [MD5.A1E91B5B5273573FC132B683E550B5E6] - [10/04/2017 17:17:32] - |A| - [19456] - C:\WINDOWS\syswow64\ias_FromLFSULTRA-WIDEN.dll [MD5.326A5BDD4F299EA8B4843BB78F06A6B8] - [10/04/2017 17:17:38] - |A| - [15872] - C:\WINDOWS\syswow64\icaapi.dll [MD5.1542A92D5C6F7E1E80613F3466C9CE7F] - [10/04/2017 17:17:41] - |A| - [27136] - C:\WINDOWS\syswow64\icacls_FromLFSULTRA-WIDEN.exe [MD5.8D466B36076BCD7997838C0DDB69764C] - [10/04/2017 17:17:41] - |A| - [619672] - C:\WINDOWS\syswow64\icardagt.exe [MD5.4F032F1FDEFEA5EC8EEA3562643B5EE8] - [10/04/2017 17:17:43] - |A| - [69120] - C:\WINDOWS\syswow64\icardie.dll [MD5.370FC4421ADE62FC89AC93B345570388] - [10/04/2017 17:17:44] - |A| - [8856] - C:\WINDOWS\syswow64\icardres.dll [MD5.1DE21EC4A2232FF4F5298ADCAE7B3690] - [10/04/2017 17:17:44] - |A| - [82944] - C:\WINDOWS\syswow64\iccvid_FromLFSULTRA-WIDEN.dll [MD5.BE97C0B0432693E62D8BB5776AA45155] - [10/04/2017 17:17:45] - |A| - [89088] - C:\WINDOWS\syswow64\icfupgd.dll [MD5.816B681CC308FAA128EDCB90643DCED7] - [10/04/2017 17:17:46] - |A| - [215040] - C:\WINDOWS\syswow64\icm32_FromLFSULTRA-WIDEN.dll [MD5.533631FE7DB9FF2A1D456A3D15A2DD46] - [10/04/2017 17:17:47] - |A| - [3072] - C:\WINDOWS\syswow64\icmp_FromLFSULTRA-WIDEN.dll [MD5.0096686EB2ACDB36184F49A10652E5FE] - [10/04/2017 17:17:48] - |A| - [21504] - C:\WINDOWS\syswow64\icmui_FromLFSULTRA-WIDEN.dll [MD5.523CF74A52C9A1762DA8B83AEE734498] - [10/04/2017 17:17:48] - |A| - [9728] - C:\WINDOWS\syswow64\IconCodecService_FromLFSULTRA-WIDEN.dll [MD5.ECD81B99477AB4A93D7838EB40B870D0] - [10/04/2017 17:17:48] - |A| - [8798] - C:\WINDOWS\syswow64\icrav03.rat [MD5.24AE65C07A691029A942E062F9E7179A] - [10/04/2017 17:17:48] - |A| - [143360] - C:\WINDOWS\syswow64\icsigd_FromLFSULTRA-WIDEN.dll [MD5.575730D2B1055866800F7CBCA3973B15] - [10/04/2017 17:17:48] - |A| - [14336] - C:\WINDOWS\syswow64\icsunattend_FromLFSULTRA-WIDEN.exe [MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - [10/04/2017 17:17:52] - |A| - [60458] - C:\WINDOWS\syswow64\ideograf_FromLFSULTRA-WIDEN.uce [MD5.9DC23ACF360AEA7DF55AD7A8D3FBF4E6] - [10/04/2017 17:17:52] - |A| - [148480] - C:\WINDOWS\syswow64\IdListen.dll [MD5.D534F0C1E8B79AD05100BC6A17522AF8] - [10/04/2017 17:17:54] - |A| - [33792] - C:\WINDOWS\syswow64\idndl_FromLFSULTRA-WIDEN.dll [MD5.0B31464B7B2D616BD5F7036673588EC1] - [10/04/2017 17:17:54] - |A| - [45056] - C:\WINDOWS\syswow64\IDStore_FromLFSULTRA-WIDEN.dll [MD5.ABE3B4B605499D726C27ACB6F756BC11] - [10/04/2017 17:17:54] - |A| - [685568] - C:\WINDOWS\syswow64\ie4uinit.exe [MD5.F7B6E341F4B1947BEC0E14EEBE3C627E] - [10/04/2017 17:17:55] - |A| - [111616] - C:\WINDOWS\syswow64\IEAdvpack_FromLFSULTRA-WIDEN.dll [MD5.C17139EAF939964142C7A1AEEE02DC81] - [10/04/2017 17:17:57] - |A| - [616104] - C:\WINDOWS\syswow64\ieapfltr.dat [MD5.B6D8148C1C697A7BF04EE0FE82408B6A] - [10/04/2017 17:17:58] - |A| - [710144] - C:\WINDOWS\syswow64\ieapfltr_FromLFSULTRA-WIDEN.dll [MD5.AD2726E4A53EC118D88CCA40260E1AE0] - [10/04/2017 17:17:59] - |A| - [342728] - C:\WINDOWS\syswow64\iedkcs32_FromLFSULTRA-WIDEN.dll [MD5.C842601A18BA4D9058E7C0EFA5683513] - [10/04/2017 17:18:00] - |A| - [102912] - C:\WINDOWS\syswow64\ieetwcollector.exe [MD5.AD392013A39DE951627EE402002E800C] - [10/04/2017 17:18:00] - |A| - [4096] - C:\WINDOWS\syswow64\ieetwcollectorres.dll [MD5.8C3A03295F56D1FFB51D9D05DA42B12D] - [10/04/2017 17:18:00] - |A| - [47616] - C:\WINDOWS\syswow64\ieetwproxystub.dll [MD5.DB254D50B4527C2821C537E0587B44E8] - [10/04/2017 17:18:01] - |A| - [12829696] - C:\WINDOWS\syswow64\ieframe_FromLFSULTRA-WIDEN.dll [MD5.1AFBAA54BDF637F69B8E02A5578286B0] - [10/04/2017 17:18:05] - |A| - [116736] - C:\WINDOWS\syswow64\iepeers_FromLFSULTRA-WIDEN.dll [MD5.81C1182A9EE7AC4D21187811DE66A7D0] - [10/04/2017 17:18:25] - |A| - [30720] - C:\WINDOWS\syswow64\iernonce_FromLFSULTRA-WIDEN.dll [MD5.927E38A35E4DFC4E294BD130BAA6F759] - [10/04/2017 17:18:26] - |A| - [2278912] - C:\WINDOWS\syswow64\iertutil_FromLFSULTRA-WIDEN.dll [MD5.5C06EE62F06E990E9521EA80B8D4D4B8] - [10/04/2017 17:18:34] - |A| - [62464] - C:\WINDOWS\syswow64\iesetup_FromLFSULTRA-WIDEN.dll [MD5.83F49FD1BC0A999B006D564C540C7258] - [10/04/2017 17:18:40] - |A| - [86016] - C:\WINDOWS\syswow64\iesysprep_FromLFSULTRA-WIDEN.dll [MD5.2CBD6D22499EB13A2666F62EF33D00E2] - [10/04/2017 17:18:48] - |A| - [16303] - C:\WINDOWS\syswow64\ieuinit_FromLFSULTRA-WIDEN.inf [MD5.1A628C1F5470F0AF21E37E425026F27A] - [10/04/2017 17:18:43] - |A| - [478208] - C:\WINDOWS\syswow64\ieui_FromLFSULTRA-WIDEN.dll [MD5.E21AE910DF0C5CB7D46D8FA17A4567DE] - [10/04/2017 17:18:52] - |A| - [115712] - C:\WINDOWS\syswow64\ieUnatt_FromLFSULTRA-WIDEN.exe [MD5.9A33FDDD687A836A1FD478B43C5A95FD] - [10/04/2017 17:18:57] - |A| - [151552] - C:\WINDOWS\syswow64\iexpress_FromLFSULTRA-WIDEN.exe [MD5.019C500DBD380CBAFE5417DE8CD267F2] - [10/04/2017 17:19:03] - |A| - [20992] - C:\WINDOWS\syswow64\ifmon_FromLFSULTRA-WIDEN.dll [MD5.29171FB4362145DBA5E740683707B3F2] - [10/04/2017 17:19:08] - |A| - [8704] - C:\WINDOWS\syswow64\ifsutilx_FromLFSULTRA-WIDEN.dll [MD5.82A9C6ADDCC4D392293AF15C09192DEC] - [10/04/2017 17:19:07] - |A| - [148992] - C:\WINDOWS\syswow64\ifsutil_FromLFSULTRA-WIDEN.dll [MD5.941EAC1ACE8CF45EB8CA248B5E11E575] - [10/04/2017 17:19:09] - |A| - [2686976] - C:\WINDOWS\syswow64\ig4dev32.dll [MD5.54A0DB1E7380F90FFDD062233C89150A] - [10/04/2017 17:19:14] - |A| - [4104192] - C:\WINDOWS\syswow64\ig4icd32.dll [MD5.4616C279F3F387B51BCE2CECFDB00E72] - [10/04/2017 17:19:14] - |A| - [2551808] - C:\WINDOWS\syswow64\igd10umd32.dll [MD5.33EC006599A29ECB12D58FEEB4F82456] - [10/04/2017 17:19:29] - |A| - [67072] - C:\WINDOWS\syswow64\igdDiag.dll [MD5.4AF7F24B827BC3B174865D4AE0BBBF08] - [10/04/2017 17:19:37] - |A| - [3829760] - C:\WINDOWS\syswow64\igdumd32.dll [MD5.E540716132CBE9D72D2D205BB9D09EF7] - [10/04/2017 17:19:52] - |A| - [536576] - C:\WINDOWS\syswow64\igdumdx32.dll [MD5.5471C96B03A9240ECA410C429D627DED] - [10/04/2017 17:19:55] - |A| - [672792] - C:\WINDOWS\syswow64\igfxcfg.exe [MD5.1A3D8978E92A1844986F19F74B4A53CE] - [10/04/2017 17:19:57] - |A| - [155648] - C:\WINDOWS\syswow64\igfxCoIn_v2117.dll [MD5.43E8A8F27B42539D44B2A3659870F29D] - [10/04/2017 17:19:57] - |A| - [119808] - C:\WINDOWS\syswow64\igfxcpl.cpl [MD5.F1E0195A39CBA413D9C9D9E01C49A1D7] - [10/04/2017 17:20:01] - |A| - [226304] - C:\WINDOWS\syswow64\igfxdev.dll [MD5.75F924127CCBC1437FC827EA4AC479D8] - [10/04/2017 17:20:04] - |A| - [4096] - C:\WINDOWS\syswow64\IGFXDEVLib.dll [MD5.313339652B2E5BC9727B9B538A253905] - [10/04/2017 17:20:10] - |A| - [130560] - C:\WINDOWS\syswow64\igfxdo.dll [MD5.2C945DC03C48B3D008D662029C557609] - [10/04/2017 17:20:10] - |A| - [23552] - C:\WINDOWS\syswow64\igfxexps.dll [MD5.960128ABC1E966991F963BD15BFD3F77] - [10/04/2017 17:20:12] - |A| - [178200] - C:\WINDOWS\syswow64\igfxext.exe [MD5.A08B27F8C09C3AB247B95BB501CF9776] - [10/04/2017 17:20:14] - |A| - [166936] - C:\WINDOWS\syswow64\igfxpers.exe [MD5.09106941374CBAFDDCA9EA59AF39E5B0] - [10/04/2017 17:20:14] - |A| - [200704] - C:\WINDOWS\syswow64\igfxpph.dll [MD5.B50E4C2575896ED6312E02C59167BBBF] - [10/04/2017 17:20:17] - |A| - [282624] - C:\WINDOWS\syswow64\igfxrara.lrc [MD5.63994A00AF3EBA4ADC09782AAD072200] - [10/04/2017 17:20:18] - |A| - [279552] - C:\WINDOWS\syswow64\igfxrchs.lrc [MD5.1B7B73CADDA631076DBAF78B7B247B08] - [10/04/2017 17:20:19] - |A| - [279552] - C:\WINDOWS\syswow64\igfxrcht.lrc [MD5.24597BF92C1F95707AE2B8836663F455] - [10/04/2017 17:20:19] - |A| - [283648] - C:\WINDOWS\syswow64\igfxrcsy.lrc [MD5.6E8E8B749F4CE22FC1C5EF1EF291E572] - [10/04/2017 17:20:21] - |A| - [283136] - C:\WINDOWS\syswow64\igfxrdan.lrc [MD5.2FF3F5BB9D9C94CE420A4F3A55D83D82] - [10/04/2017 17:20:22] - |A| - [284160] - C:\WINDOWS\syswow64\igfxrdeu.lrc [MD5.BCDDBEB750611884B63E2ABF6D7B5D1D] - [10/04/2017 17:20:24] - |A| - [284672] - C:\WINDOWS\syswow64\igfxrell.lrc [MD5.EF1B49BCD9092F99CC312DCF5253E1C4] - [10/04/2017 17:20:25] - |A| - [283136] - C:\WINDOWS\syswow64\igfxrenu.lrc [MD5.9487CDE88E939C58CD98DD0F1F681578] - [10/04/2017 17:20:27] - |A| - [284672] - C:\WINDOWS\syswow64\igfxresn.lrc [MD5.405533A6BFBF4C6ECCB949EEA85F1C3A] - [10/04/2017 17:20:28] - |A| - [303104] - C:\WINDOWS\syswow64\igfxresp.lrc [MD5.5FC1F4708CB18D50E803E1E784EEC801] - [10/04/2017 17:20:31] - |A| - [9030656] - C:\WINDOWS\syswow64\igfxress.dll [MD5.32DE73637D8094E24949B810083AF8AE] - [10/04/2017 17:20:40] - |A| - [283648] - C:\WINDOWS\syswow64\igfxrfin.lrc [MD5.BFC6585410B91AB5606AE9DEF346C68E] - [10/04/2017 17:20:47] - |A| - [284672] - C:\WINDOWS\syswow64\igfxrfra.lrc [MD5.8F63C0224E602EE2EB357AF86ECC54E5] - [10/04/2017 17:20:49] - |A| - [282624] - C:\WINDOWS\syswow64\igfxrheb.lrc [MD5.972665401707D15E94369D7319DF6A38] - [10/04/2017 17:20:51] - |A| - [283648] - C:\WINDOWS\syswow64\igfxrhun.lrc [MD5.185C0BC86DD829BDB52819DA23C6C391] - [10/04/2017 17:20:53] - |A| - [284160] - C:\WINDOWS\syswow64\igfxrita.lrc [MD5.89E2F418C8A9020B7B1A4FE2BE4802FE] - [10/04/2017 17:20:55] - |A| - [280576] - C:\WINDOWS\syswow64\igfxrjpn.lrc [MD5.7E8DDCFE15C20FA1A6383C886894FAA4] - [10/04/2017 17:20:55] - |A| - [280576] - C:\WINDOWS\syswow64\igfxrkor.lrc [MD5.4ECE52F6151CB0D294E9F138F06C8506] - [10/04/2017 17:20:58] - |A| - [283648] - C:\WINDOWS\syswow64\igfxrnld.lrc [MD5.8F47A4BF8C8F7F7ED53B693286B6A3E7] - [10/04/2017 17:20:57] - |A| - [283648] - C:\WINDOWS\syswow64\igfxrnor.lrc [MD5.1DE6CA3013EAB45D0090EC2878C3D86C] - [10/04/2017 17:20:59] - |A| - [284160] - C:\WINDOWS\syswow64\igfxrplk.lrc [MD5.8242DE3A1CA8E461409CE57FA0FC4A73] - [10/04/2017 17:20:59] - |A| - [283648] - C:\WINDOWS\syswow64\igfxrptb.lrc [MD5.C04EDDB529BAE021D28F29FFD905C325] - [10/04/2017 17:21:00] - |A| - [284160] - C:\WINDOWS\syswow64\igfxrptg.lrc [MD5.5541CE4D6B14A45EB24D0EEB792A33AE] - [10/04/2017 17:21:01] - |A| - [284160] - C:\WINDOWS\syswow64\igfxrrus.lrc [MD5.BE02F29DDED0505F5945A9598AEC048A] - [10/04/2017 17:21:01] - |A| - [284160] - C:\WINDOWS\syswow64\igfxrsky.lrc [MD5.9A1CC57BDAB22641C9A8099274A58245] - [10/04/2017 17:21:02] - |A| - [283648] - C:\WINDOWS\syswow64\igfxrslv.lrc [MD5.8D4F52C364DD3373C263E800065E0E86] - [10/04/2017 17:21:02] - |A| - [283648] - C:\WINDOWS\syswow64\igfxrsve.lrc [MD5.2E0DC6046151531BB489D6B748FC020B] - [10/04/2017 17:21:04] - |A| - [283136] - C:\WINDOWS\syswow64\igfxrtha.lrc [MD5.522528AD4ECA6DBF781264DD800C16B0] - [10/04/2017 17:21:06] - |A| - [283648] - C:\WINDOWS\syswow64\igfxrtrk.lrc [MD5.4EFC9549BC90616BD195FE2537A1DD53] - [10/04/2017 17:21:06] - |A| - [56832] - C:\WINDOWS\syswow64\igfxsrvc.dll [MD5.BECA64122EC5396998F2C214901E3298] - [10/04/2017 17:21:08] - |A| - [268312] - C:\WINDOWS\syswow64\igfxsrvc.exe [MD5.B38A89A14ED2E7BE2B9CE0B00685DA61] - [10/04/2017 17:21:11] - |A| - [260096] - C:\WINDOWS\syswow64\igfxTMM.dll [MD5.6E3B1A8C2687BD7F7EF5E0E2BC52FD9A] - [10/04/2017 17:21:12] - |A| - [141848] - C:\WINDOWS\syswow64\igfxtray.exe [MD5.27AA0D90A116890006551994D3545845] - [10/04/2017 17:21:12] - |A| - [2050952] - C:\WINDOWS\syswow64\igkrng400.bin [MD5.99AF886F548DFA1AEC9868A8BF0F74FC] - [10/04/2017 17:21:14] - |A| - [1921265] - C:\WINDOWS\syswow64\iglhxa32.cpa [MD5.7FEF5563D091D8A44B96DD4EBE0350AA] - [10/04/2017 17:21:17] - |A| - [1090] - C:\WINDOWS\syswow64\iglhxa32.vp [MD5.A16E966DEBE65033E703CA9514753E11] - [10/04/2017 17:21:17] - |A| - [60226] - C:\WINDOWS\syswow64\iglhxc32.vp [MD5.251D22DE1DF611739E4D0C7BAB2E80D6] - [10/04/2017 17:21:19] - |A| - [60254] - C:\WINDOWS\syswow64\iglhxg32.vp [MD5.CB4DCAF11675F52D39035BCEE14ABA77] - [10/04/2017 17:21:20] - |A| - [60015] - C:\WINDOWS\syswow64\iglhxo32.vp [MD5.F45F544E709CAF63EA81B80E097A2877] - [10/04/2017 17:21:20] - |A| - [39308] - C:\WINDOWS\syswow64\iglhxs32.vp [MD5.63D2B014282D833076FF39F8BCB2CDCB] - [10/04/2017 17:21:22] - |A| - [1006104] - C:\WINDOWS\syswow64\igxpun.exe [MD5.B9C54120F46392100478F58F374E5709] - [10/04/2017 17:21:25] - |A| - [679424] - C:\WINDOWS\syswow64\IKEEXT.DLL [MD5.74B63C6989C65218D8A6B2437C8C58DB] - [10/04/2017 17:21:26] - |A| - [649624] - C:\WINDOWS\syswow64\im-fre.exe [MD5.C2A12B061F591E093E3FD99D75811398] - [10/04/2017 17:21:27] - |A| - [17920] - C:\WINDOWS\syswow64\imaadp32_FromLFSULTRA-WIDEN.acm [MD5.B2DB6ABA2E292235749B80A9C3DFA867] - [10/04/2017 17:21:28] - |A| - [159232] - C:\WINDOWS\syswow64\imagehlp_FromLFSULTRA-WIDEN.dll [MD5.C04EF4E898A5CF52DE924D72A4BFB920] - [06/04/2017 13:05:03] - |A| - [46460928] - C:\WINDOWS\syswow64\imageres.dll [MD5.1519FA89B5CC7B12014AECBD96C93D68] - [10/04/2017 17:21:28] - |A| - [66887168] - C:\WINDOWS\syswow64\imageres_FromLFSULTRA-WIDEN.dll [MD5.558EB49400FB208C508DD9EFC7CCDF02] - [10/04/2017 17:21:31] - |A| - [705536] - C:\WINDOWS\syswow64\imagesp1_FromLFSULTRA-WIDEN.dll [MD5.7A82634C75F5CD12EFCF43897A2E28CE] - [10/04/2017 17:21:51] - |A| - [732160] - C:\WINDOWS\syswow64\imapi2fs_FromLFSULTRA-WIDEN.dll [MD5.2D11BC8B460957E62E4420373A0D8BDA] - [10/04/2017 17:21:47] - |A| - [392192] - C:\WINDOWS\syswow64\imapi2_FromLFSULTRA-WIDEN.dll [MD5.55D9803FD821C293D97614C39E6603D4] - [10/04/2017 17:21:38] - |A| - [109056] - C:\WINDOWS\syswow64\imapi_FromLFSULTRA-WIDEN.dll [MD5.6EB0B7301E00F717BD68A742D1391FAF] - [10/04/2017 17:24:17] - |A| - [36352] - C:\WINDOWS\syswow64\imgutil_FromLFSULTRA-WIDEN.dll [MD5.AC32AF909111561893E42E8EC89C5532] - [10/04/2017 17:24:19] - |A| - [1027584] - C:\WINDOWS\syswow64\IMJP10.IME [MD5.0F082700EE3082C58CD2F2E1F96E9E81] - [10/04/2017 17:24:21] - |A| - [701440] - C:\WINDOWS\syswow64\IMJP10K.DLL [MD5.41EE23F636C6E9BDE5E8C09454CBEEFD] - [10/04/2017 17:24:22] - |A| - [430080] - C:\WINDOWS\syswow64\imkr80.ime [MD5.4A8E2F20809CC161107FAA94F6CF2685] - [10/04/2017 17:24:24] - |A| - [118272] - C:\WINDOWS\syswow64\imm32_FromLFSULTRA-WIDEN.dll [MD5.85439A5872E044ABBCDD289D62CDC78E] - [10/04/2017 17:24:27] - |A| - [741888] - C:\WINDOWS\syswow64\inetcomm_FromLFSULTRA-WIDEN.dll [MD5.4ABEEF30EA5B9F4718312DCB60B6C9BC] - [10/04/2017 17:24:30] - |A| - [2052608] - C:\WINDOWS\syswow64\inetcpl_FromLFSULTRA-WIDEN.cpl [MD5.BF7DDBE14FA4B68AAB6A3C78EF5C96B8] - [10/04/2017 17:24:30] - |A| - [52736] - C:\WINDOWS\syswow64\inetmib1_FromLFSULTRA-WIDEN.dll [MD5.41DD70DF48DBE81D14F22FBD87EAC992] - [10/04/2017 17:24:34] - |A| - [84480] - C:\WINDOWS\syswow64\INETRES_FromLFSULTRA-WIDEN.dll [MD5.C48DF234AE4338374D729C2D2B6171C8] - [10/04/2017 17:24:36] - |A| - [9216] - C:\WINDOWS\syswow64\InfDefaultInstall_FromLFSULTRA-WIDEN.exe [MD5.AF6655214DEBB2C8446DE843A02AAEBA] - [10/04/2017 17:24:36] - |A| - [99480] - C:\WINDOWS\syswow64\infocardapi.dll [MD5.AE43D7E988E9AE9919831BDAA421E07C] - [10/04/2017 17:24:38] - |A| - [34120] - C:\WINDOWS\syswow64\infocardcpl.cpl [MD5.8BE4B6BF8F9C50E3FA0001393043F4F9] - [10/04/2017 17:24:38] - |A| - [216064] - C:\WINDOWS\syswow64\InkEd_FromLFSULTRA-WIDEN.dll [MD5.9B9A0802B4E34CC4D9DB04AB6ABFA8AE] - [10/04/2017 17:24:39] - |A| - [202240] - C:\WINDOWS\syswow64\input_FromLFSULTRA-WIDEN.dll [MD5.EC7038154490E50ACD405A022F51B204] - [10/04/2017 17:24:41] - |A| - [83456] - C:\WINDOWS\syswow64\inseng_FromLFSULTRA-WIDEN.dll [MD5.0FE24BD8E67F3A6757A5D193A7A9B287] - [10/04/2017 17:24:42] - |A| - [345088] - C:\WINDOWS\syswow64\intl_FromLFSULTRA-WIDEN.cpl [MD5.CC105EE2A139A631175571452968D637] - [10/04/2017 17:24:44] - |A| - [2048] - C:\WINDOWS\syswow64\iologmsg_FromLFSULTRA-WIDEN.dll [MD5.ACB364B9075A45C0736E5C47BE5CAE19] - [10/04/2017 17:24:46] - |A| - [78848] - C:\WINDOWS\syswow64\IPBusEnum.dll [MD5.19A388114F8234E09DC176138DDC6B54] - [10/04/2017 17:24:47] - |A| - [10752] - C:\WINDOWS\syswow64\IPBusEnumProxy.dll [MD5.CABB20E171770FF64614A54C1F31C033] - [10/04/2017 17:24:49] - |A| - [27136] - C:\WINDOWS\syswow64\ipconfig_FromLFSULTRA-WIDEN.exe [MD5.A90DC9ABD65DB1A8902F361103029952] - [10/04/2017 17:24:49] - |A| - [103936] - C:\WINDOWS\syswow64\IPHLPAPI_FromLFSULTRA-WIDEN.DLL [MD5.4D65A07B795D6674312F879D09AA7663] - [10/04/2017 17:24:49] - |A| - [499712] - C:\WINDOWS\syswow64\iphlpsvc.dll [MD5.D1A079A0DE2EA524513B6930C24527A2] - [10/04/2017 17:24:50] - |A| - [300544] - C:\WINDOWS\syswow64\ipnathlp.dll [MD5.7852E03BB44413B0B4C987040C1D0AD8] - [10/04/2017 17:24:50] - |A| - [2560] - C:\WINDOWS\syswow64\iprop_FromLFSULTRA-WIDEN.dll [MD5.0788224D8CC9823539A07B7187D04D5D] - [10/04/2017 17:24:50] - |A| - [8192] - C:\WINDOWS\syswow64\iprtprio_FromLFSULTRA-WIDEN.dll [MD5.D8B2F66671C13C4C2F22FE3A588945F8] - [10/04/2017 17:24:50] - |A| - [271360] - C:\WINDOWS\syswow64\iprtrmgr_FromLFSULTRA-WIDEN.dll [MD5.A286EAC32B5DA339D63AE99714BDEDB0] - [10/04/2017 17:24:54] - |A| - [757760] - C:\WINDOWS\syswow64\ipsecsnp_FromLFSULTRA-WIDEN.dll [MD5.53946B69BA0836BD95B03759530C81EC] - [10/04/2017 17:25:11] - |A| - [350208] - C:\WINDOWS\syswow64\IPSECSVC.DLL [MD5.B1603F0A972B94927B8EF5F04DF11855] - [10/04/2017 17:25:29] - |A| - [400896] - C:\WINDOWS\syswow64\ipsmsnap_FromLFSULTRA-WIDEN.dll [MD5.0838C5A83A31B78E9BA817C3DB17A91C] - [10/04/2017 17:25:41] - |A| - [197632] - C:\WINDOWS\syswow64\ir32_32_FromLFSULTRA-WIDEN.dll [MD5.1B1E50E990D8671C513A49E0897DFAAE] - [10/04/2017 17:25:50] - |A| - [839680] - C:\WINDOWS\syswow64\ir41_32_FromLFSULTRA-WIDEN.ax [MD5.90A6203B989248BE4E06315075C68F93] - [10/04/2017 17:25:57] - |A| - [120320] - C:\WINDOWS\syswow64\ir41_qcx_FromLFSULTRA-WIDEN.dll [MD5.90A6203B989248BE4E06315075C68F93] - [10/04/2017 17:25:56] - |A| - [120320] - C:\WINDOWS\syswow64\ir41_qc_FromLFSULTRA-WIDEN.dll [MD5.A60801C2A6FF5777399D82072FE97F62] - [10/04/2017 17:26:00] - |A| - [746496] - C:\WINDOWS\syswow64\ir50_32_FromLFSULTRA-WIDEN.dll [MD5.3A5CBB95EAE17C3C346AC66FA30FB305] - [10/04/2017 17:26:04] - |A| - [200192] - C:\WINDOWS\syswow64\ir50_qcx_FromLFSULTRA-WIDEN.dll [MD5.3A5CBB95EAE17C3C346AC66FA30FB305] - [10/04/2017 17:26:00] - |A| - [200192] - C:\WINDOWS\syswow64\ir50_qc_FromLFSULTRA-WIDEN.dll [MD5.46A8FC809656FA192FBB2A260EECE9F9] - [10/04/2017 17:26:04] - |A| - [15360] - C:\WINDOWS\syswow64\irclass_FromLFSULTRA-WIDEN.dll [MD5.CB015E1950219A72646870A6B90888E3] - [10/04/2017 17:26:05] - |A| - [166912] - C:\WINDOWS\syswow64\irftp.exe [MD5.4220D2F03D5C4226D0A1AA4B84025E45] - [10/04/2017 17:26:05] - |A| - [19968] - C:\WINDOWS\syswow64\irmon.dll [MD5.BC5525C19F79B6099B085D0C00C4EF46] - [10/04/2017 17:26:05] - |A| - [418816] - C:\WINDOWS\syswow64\irprops_FromLFSULTRA-WIDEN.cpl [MD5.4542DED3177F52CF075565987885EB0D] - [10/04/2017 17:26:06] - |A| - [144896] - C:\WINDOWS\syswow64\iscsicli_FromLFSULTRA-WIDEN.exe [MD5.F945ADCEF203E6104AEC8EC9C337CFD0] - [10/04/2017 17:26:06] - |A| - [218624] - C:\WINDOWS\syswow64\iscsicpl_FromLFSULTRA-WIDEN.dll [MD5.6435B29D2018CFAD173BD50AE8F8D5DD] - [10/04/2017 17:26:06] - |A| - [120320] - C:\WINDOWS\syswow64\iscsicpl_FromLFSULTRA-WIDEN.exe [MD5.BB5B4BA716D145B2ADF241052EDAB983] - [10/04/2017 17:26:07] - |A| - [50688] - C:\WINDOWS\syswow64\iscsidsc_FromLFSULTRA-WIDEN.dll [MD5.D324162CDD908ADE76BEDA48E52B49E7] - [10/04/2017 17:26:07] - |A| - [8192] - C:\WINDOWS\syswow64\iscsied_FromLFSULTRA-WIDEN.dll [MD5.90F7D9E6B6F27E1A707D4A297F077828] - [10/04/2017 17:26:07] - |A| - [114688] - C:\WINDOWS\syswow64\iscsiexe.dll [MD5.74A5F67505C349FC8EB1B1D94DBA552D] - [10/04/2017 17:26:07] - |A| - [16384] - C:\WINDOWS\syswow64\iscsilog.dll [MD5.98F657555DD1C1A30362927DF8FBB266] - [10/04/2017 17:26:08] - |A| - [28672] - C:\WINDOWS\syswow64\iscsium_FromLFSULTRA-WIDEN.dll [MD5.6AEAC1A61FDE90D4FC5BF37E2BC61A47] - [10/04/2017 17:26:08] - |A| - [66048] - C:\WINDOWS\syswow64\iscsiwmi_FromLFSULTRA-WIDEN.dll [MD5.ACAA3955AEF5BE4B3A1035566A34CD7D] - [10/04/2017 17:26:08] - |A| - [236792] - C:\WINDOWS\syswow64\iseguard32.dll [MD5.3FE9A20ECA67745948FD536F8A9E00D9] - [10/04/2017 17:26:08] - |A| - [86528] - C:\WINDOWS\syswow64\isoburn_FromLFSULTRA-WIDEN.exe [MD5.100733DAEA508929EDDF1A3A3B7324CE] - [10/04/2017 17:26:11] - |A| - [158720] - C:\WINDOWS\syswow64\itircl_FromLFSULTRA-WIDEN.dll [MD5.B5400D93D472B565FF254DCD38B43C42] - [10/04/2017 17:26:12] - |A| - [142848] - C:\WINDOWS\syswow64\itss_FromLFSULTRA-WIDEN.dll [MD5.0DF538E4703218C5FEC14D31C65086B3] - [10/04/2017 17:26:12] - |A| - [146944] - C:\WINDOWS\syswow64\ivfsrc_FromLFSULTRA-WIDEN.ax [MD5.55663BED58AEDDE8ADE37A582CD8380C] - [10/04/2017 17:26:13] - |A| - [50176] - C:\WINDOWS\syswow64\iyuv_32_FromLFSULTRA-WIDEN.dll [MD5.185490A6C3BEDAC5EF547314F68AB07B] - [10/04/2017 17:26:16] - |A| - [60416] - C:\WINDOWS\syswow64\JavaScriptCollectionAgent_FromLFSULTRA-WIDEN.dll [MD5.1C0362308B40911B9069CB979CB73394] - [10/04/2017 17:26:16] - |A| - [138240] - C:\WINDOWS\syswow64\joy_FromLFSULTRA-WIDEN.cpl [MD5.7DBCBB1647B7CD71E2039C1B50A12717] - [10/04/2017 17:26:19] - |A| - [620032] - C:\WINDOWS\syswow64\jscript9diag_FromLFSULTRA-WIDEN.dll [MD5.3FD7E6DB5D81FE400DB4D81D278596E6] - [10/04/2017 17:26:19] - |A| - [4305920] - C:\WINDOWS\syswow64\jscript9_FromLFSULTRA-WIDEN.dll [MD5.C27C8CACEBC712BE2AD791715E9734EC] - [10/04/2017 17:26:17] - |A| - [664064] - C:\WINDOWS\syswow64\jscript_FromLFSULTRA-WIDEN.dll [MD5.9B8701A380CEE1B05D651B4ED4048C8F] - [10/04/2017 17:26:24] - |A| - [645120] - C:\WINDOWS\syswow64\jsIntl.dll [MD5.C93AE4D14AEF5169791B35D97AE7C9FC] - [10/04/2017 17:26:26] - |A| - [47104] - C:\WINDOWS\syswow64\jsproxy_FromLFSULTRA-WIDEN.dll [MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - [10/04/2017 17:26:26] - |A| - [6948] - C:\WINDOWS\syswow64\kanji_1_FromLFSULTRA-WIDEN.uce [MD5.529BBD63519BBD654EF328454019693F] - [10/04/2017 17:26:26] - |A| - [8484] - C:\WINDOWS\syswow64\kanji_2_FromLFSULTRA-WIDEN.uce [MD5.4D7E256377A5E934EA1820B2CEA79131] - [10/04/2017 17:26:27] - |A| - [14710] - C:\WINDOWS\syswow64\KB16.COM [MD5.DD3FF89581AB8085A16492FF978B57D3] - [10/04/2017 17:26:27] - |A| - [6144] - C:\WINDOWS\syswow64\kbd101a_FromLFSULTRA-WIDEN.dll [MD5.A61112EEA4DEF3890BD7695D2747E657] - [10/04/2017 17:26:27] - |A| - [6144] - C:\WINDOWS\syswow64\kbd101b_FromLFSULTRA-WIDEN.dll [MD5.83A79F33A78B0D7A027E440D17F57B2A] - [10/04/2017 17:26:28] - |A| - [6144] - C:\WINDOWS\syswow64\kbd101c_FromLFSULTRA-WIDEN.dll [MD5.D49A95ECCEE04851FB8F91CFD6D4DCBE] - [10/04/2017 17:26:27] - |A| - [6656] - C:\WINDOWS\syswow64\kbd101_FromLFSULTRA-WIDEN.dll [MD5.7F6FE4C1924BF874385D38176C2EA724] - [10/04/2017 17:26:28] - |A| - [6144] - C:\WINDOWS\syswow64\kbd103_FromLFSULTRA-WIDEN.dll [MD5.ECE6076E4765B3AD15130003A135057C] - [10/04/2017 17:26:28] - |A| - [6656] - C:\WINDOWS\syswow64\kbd106n_FromLFSULTRA-WIDEN.dll [MD5.81000441A334EA65E387B0D81720830D] - [10/04/2017 17:26:28] - |A| - [6656] - C:\WINDOWS\syswow64\kbd106_FromLFSULTRA-WIDEN.dll [MD5.EAC38077AF3E51D7451AA0E3A3E2C894] - [10/04/2017 17:26:29] - |A| - [6144] - C:\WINDOWS\syswow64\KBDA1_FromLFSULTRA-WIDEN.DLL [MD5.A607B1AE79D410D435F7D4DCC0E7FFDF] - [10/04/2017 17:26:29] - |A| - [5632] - C:\WINDOWS\syswow64\KBDA2_FromLFSULTRA-WIDEN.DLL [MD5.D0ECC8F4FD13C9DFF5222FBBACFA4A58] - [10/04/2017 17:26:29] - |A| - [6144] - C:\WINDOWS\syswow64\KBDA3_FromLFSULTRA-WIDEN.DLL [MD5.F8C56E205553674F1DA934138C1F9F7A] - [10/04/2017 17:26:29] - |A| - [6656] - C:\WINDOWS\syswow64\KBDAL_FromLFSULTRA-WIDEN.DLL [MD5.A4A6EC0F50798E58D97883ECEE2CB2AB] - [10/04/2017 17:26:29] - |A| - [5632] - C:\WINDOWS\syswow64\KBDARME_FromLFSULTRA-WIDEN.DLL [MD5.233ECE891EE408C33737D6047BA7C0EE] - [10/04/2017 17:26:29] - |A| - [5632] - C:\WINDOWS\syswow64\KBDARMW_FromLFSULTRA-WIDEN.DLL [MD5.E69CE79029C65FF1C6B3D4024EFFCE98] - [10/04/2017 17:26:30] - |A| - [6656] - C:\WINDOWS\syswow64\kbdax2_FromLFSULTRA-WIDEN.dll [MD5.E03EC3DC02739DBA4873046D9504794F] - [10/04/2017 17:26:30] - |A| - [6144] - C:\WINDOWS\syswow64\KBDAZEL_FromLFSULTRA-WIDEN.DLL [MD5.2DF1010B298E4D638B0D5C54A8793B17] - [10/04/2017 17:26:30] - |A| - [6144] - C:\WINDOWS\syswow64\KBDAZE_FromLFSULTRA-WIDEN.DLL [MD5.C42D1CE706C54875A6A4BBAD0429288C] - [10/04/2017 17:26:31] - |A| - [6144] - C:\WINDOWS\syswow64\KBDBASH_FromLFSULTRA-WIDEN.DLL [MD5.3C0A50DAB4E9EAB7D97169F34A04AFD1] - [10/04/2017 17:26:32] - |A| - [6656] - C:\WINDOWS\syswow64\KBDBENE_FromLFSULTRA-WIDEN.DLL [MD5.91E64F190053B47F34F77F5ECFA1F456] - [10/04/2017 17:26:31] - |A| - [6144] - C:\WINDOWS\syswow64\KBDBE_FromLFSULTRA-WIDEN.DLL [MD5.50E13311A22405C261C87382D2E38AE7] - [10/04/2017 17:26:33] - |A| - [6144] - C:\WINDOWS\syswow64\KBDBGPH1_FromLFSULTRA-WIDEN.DLL [MD5.97054913D3519F8D145653846C7C54D6] - [10/04/2017 17:26:32] - |A| - [6144] - C:\WINDOWS\syswow64\KBDBGPH_FromLFSULTRA-WIDEN.DLL [MD5.F7685641849668C3BA1AD735A4869016] - [10/04/2017 17:26:33] - |A| - [6144] - C:\WINDOWS\syswow64\KBDBHC_FromLFSULTRA-WIDEN.DLL [MD5.BD5B1737FDE2FF7AD036FADE1CAC4D0D] - [10/04/2017 17:26:34] - |A| - [6144] - C:\WINDOWS\syswow64\KBDBLR_FromLFSULTRA-WIDEN.DLL [MD5.01243B248736C331ECA6873A59033131] - [10/04/2017 17:26:34] - |A| - [6144] - C:\WINDOWS\syswow64\KBDBR_FromLFSULTRA-WIDEN.DLL [MD5.E2F6200309179812F1EC40245F988C15] - [10/04/2017 17:26:34] - |A| - [6144] - C:\WINDOWS\syswow64\KBDBULG_FromLFSULTRA-WIDEN.DLL [MD5.25944C0C5F256C521049CEC37F3D6CC1] - [10/04/2017 17:26:34] - |A| - [6144] - C:\WINDOWS\syswow64\KBDBU_FromLFSULTRA-WIDEN.DLL [MD5.2B3F56905EF9B49DE7053C8960243510] - [10/04/2017 17:26:35] - |A| - [7680] - C:\WINDOWS\syswow64\KBDCAN_FromLFSULTRA-WIDEN.DLL [MD5.93315CD9B8FFF43C809227B5191EC411] - [10/04/2017 17:26:34] - |A| - [6656] - C:\WINDOWS\syswow64\KBDCA_FromLFSULTRA-WIDEN.DLL [MD5.01EA11A3F3C8230EB1AAB964BBBBF172] - [10/04/2017 17:26:35] - |A| - [7168] - C:\WINDOWS\syswow64\KBDCR_FromLFSULTRA-WIDEN.DLL [MD5.DD3524C9B0EC264BF74B4C5A84891D76] - [10/04/2017 17:26:36] - |A| - [7168] - C:\WINDOWS\syswow64\KBDCZ1_FromLFSULTRA-WIDEN.DLL [MD5.287945480CCA6ED725151E6198215660] - [10/04/2017 17:26:36] - |A| - [7168] - C:\WINDOWS\syswow64\KBDCZ2_FromLFSULTRA-WIDEN.DLL [MD5.12937641E5EDE8C7438C510892B4C87A] - [10/04/2017 17:26:35] - |A| - [7168] - C:\WINDOWS\syswow64\KBDCZ_FromLFSULTRA-WIDEN.DLL [MD5.F391041879AF659A1EEE36FC7FE17BC6] - [10/04/2017 17:26:36] - |A| - [6144] - C:\WINDOWS\syswow64\KBDDA_FromLFSULTRA-WIDEN.DLL [MD5.62E73C5DAD2819F360C6F5623C8C7709] - [10/04/2017 17:26:36] - |A| - [6144] - C:\WINDOWS\syswow64\KBDDIV1_FromLFSULTRA-WIDEN.DLL [MD5.428DFEA659CFF428B180F8D66FEC5E6A] - [10/04/2017 17:26:37] - |A| - [6144] - C:\WINDOWS\syswow64\KBDDIV2_FromLFSULTRA-WIDEN.DLL [MD5.B53F675F153C13D5B6D7491E8F80EA35] - [10/04/2017 17:26:37] - |A| - [5632] - C:\WINDOWS\syswow64\KBDDV_FromLFSULTRA-WIDEN.DLL [MD5.FCEC0300A88170D8ED7E4FAEE1EE5086] - [10/04/2017 17:26:37] - |A| - [6144] - C:\WINDOWS\syswow64\KBDEST_FromLFSULTRA-WIDEN.DLL [MD5.96EC2740CEE290C5E27A9C07DAAE85C3] - [10/04/2017 17:26:37] - |A| - [6656] - C:\WINDOWS\syswow64\KBDES_FromLFSULTRA-WIDEN.DLL [MD5.AB566C918137E00BBCE72242D588B42B] - [10/04/2017 17:26:38] - |A| - [5632] - C:\WINDOWS\syswow64\KBDFA_FromLFSULTRA-WIDEN.DLL [MD5.EEFF608DAC43D54477AD13F43FB2DB8D] - [10/04/2017 17:26:38] - |A| - [6656] - C:\WINDOWS\syswow64\KBDFC_FromLFSULTRA-WIDEN.DLL [MD5.71C70FD0685B69F24EC5C26BF5E123A5] - [10/04/2017 17:26:40] - |A| - [7168] - C:\WINDOWS\syswow64\KBDFI1_FromLFSULTRA-WIDEN.DLL [MD5.1B25D7AC35B063C83958F3EE3229A237] - [10/04/2017 17:26:38] - |A| - [6144] - C:\WINDOWS\syswow64\KBDFI_FromLFSULTRA-WIDEN.DLL [MD5.31AEFAA81A78400D7D7C105BC97A967D] - [10/04/2017 17:26:40] - |A| - [6144] - C:\WINDOWS\syswow64\KBDFO_FromLFSULTRA-WIDEN.DLL [MD5.44496D13ECA356728E1CD71A5473DA4D] - [10/04/2017 17:26:40] - |A| - [6144] - C:\WINDOWS\syswow64\KBDFR_FromLFSULTRA-WIDEN.DLL [MD5.2CCE948EFAD50034231E838B2764D28D] - [10/04/2017 17:26:40] - |A| - [5632] - C:\WINDOWS\syswow64\KBDGAE_FromLFSULTRA-WIDEN.DLL [MD5.DF5587553EEFD2DFD9C4DDBB1BF505A6] - [10/04/2017 17:26:40] - |A| - [6144] - C:\WINDOWS\syswow64\kbdgeoer_FromLFSULTRA-WIDEN.dll [MD5.314FEC284021E19E6B82B43ADD12DE76] - [10/04/2017 17:26:41] - |A| - [6144] - C:\WINDOWS\syswow64\kbdgeoqw_FromLFSULTRA-WIDEN.dll [MD5.0CCB0C66DCD24A742CFBC06CD49EBD0D] - [10/04/2017 17:26:40] - |A| - [5632] - C:\WINDOWS\syswow64\KBDGEO_FromLFSULTRA-WIDEN.DLL [MD5.86EA2C61BCEC344195AE33B995CAB9C3] - [10/04/2017 17:26:41] - |A| - [6656] - C:\WINDOWS\syswow64\KBDGKL_FromLFSULTRA-WIDEN.DLL [MD5.93132CE66FC74818B4FD32E13C24C4BB] - [10/04/2017 17:26:42] - |A| - [6656] - C:\WINDOWS\syswow64\KBDGR1_FromLFSULTRA-WIDEN.DLL [MD5.FD4F3E70FB062E22CDEAD09DFFC6EC7C] - [10/04/2017 17:26:42] - |A| - [7168] - C:\WINDOWS\syswow64\KBDGRLND_FromLFSULTRA-WIDEN.DLL [MD5.5313BDD62EB1AE967A85ED1A78F8C077] - [10/04/2017 17:26:41] - |A| - [6144] - C:\WINDOWS\syswow64\KBDGR_FromLFSULTRA-WIDEN.DLL [MD5.A284CE9B82D248BF5B1B0C317272BD28] - [10/04/2017 17:26:42] - |A| - [5632] - C:\WINDOWS\syswow64\KBDHAU_FromLFSULTRA-WIDEN.DLL [MD5.D0C2D94C6B60EF13307AC8F67269D523] - [10/04/2017 17:26:42] - |A| - [6656] - C:\WINDOWS\syswow64\KBDHE220_FromLFSULTRA-WIDEN.DLL [MD5.B13E2738751E772E86B183CB8F4FFD96] - [10/04/2017 17:26:42] - |A| - [6144] - C:\WINDOWS\syswow64\KBDHE319_FromLFSULTRA-WIDEN.DLL [MD5.3B0BC032C6DCDC9CBC483B08174137D5] - [10/04/2017 17:26:42] - |A| - [5632] - C:\WINDOWS\syswow64\KBDHEB_FromLFSULTRA-WIDEN.DLL [MD5.4308D756B44E96123C04D6C386B877E7] - [10/04/2017 17:26:43] - |A| - [6656] - C:\WINDOWS\syswow64\KBDHELA2_FromLFSULTRA-WIDEN.DLL [MD5.C6D0B7A2F6EC41EC7AA0F3E7927D8536] - [10/04/2017 17:26:44] - |A| - [6656] - C:\WINDOWS\syswow64\KBDHELA3_FromLFSULTRA-WIDEN.DLL [MD5.EEED2D45A7920857A8C9F73F850537D2] - [10/04/2017 17:26:44] - |A| - [8704] - C:\WINDOWS\syswow64\KBDHEPT_FromLFSULTRA-WIDEN.DLL [MD5.F227F1902B393B36B1577693C9E65D30] - [10/04/2017 17:26:42] - |A| - [5632] - C:\WINDOWS\syswow64\KBDHE_FromLFSULTRA-WIDEN.DLL [MD5.35B08519A3281479521E7812310AA42E] - [10/04/2017 17:26:45] - |A| - [6144] - C:\WINDOWS\syswow64\KBDHU1_FromLFSULTRA-WIDEN.DLL [MD5.CA98A80FEE580BA9C98F83AC919BE024] - [10/04/2017 17:26:45] - |A| - [6656] - C:\WINDOWS\syswow64\KBDHU_FromLFSULTRA-WIDEN.DLL [MD5.264A0B2DA77EAA5428FB21A8E5812D07] - [10/04/2017 17:26:45] - |A| - [7168] - C:\WINDOWS\syswow64\kbdibm02_FromLFSULTRA-WIDEN.dll [MD5.06E087022DCE92731D51802269E40B43] - [10/04/2017 17:26:46] - |A| - [6656] - C:\WINDOWS\syswow64\KBDIBO_FromLFSULTRA-WIDEN.DLL [MD5.CE22487DEB1828CDA78C51942AEC73BB] - [10/04/2017 17:26:46] - |A| - [6144] - C:\WINDOWS\syswow64\KBDIC_FromLFSULTRA-WIDEN.DLL [MD5.CD24A98DFE082C7780BC78C9706AF9EC] - [10/04/2017 17:26:46] - |A| - [6144] - C:\WINDOWS\syswow64\KBDINASA_FromLFSULTRA-WIDEN.DLL [MD5.3755A3E03B8CE393F6A51B4A7DD876C6] - [10/04/2017 17:26:46] - |A| - [6144] - C:\WINDOWS\syswow64\KBDINBE1_FromLFSULTRA-WIDEN.DLL [MD5.75E138961CE934196B63BAC653190D98] - [10/04/2017 17:26:46] - |A| - [6144] - C:\WINDOWS\syswow64\KBDINBE2_FromLFSULTRA-WIDEN.DLL [MD5.D3BFA17457E5EAB5B7DABEDA21961183] - [10/04/2017 17:26:46] - |A| - [6656] - C:\WINDOWS\syswow64\KBDINBEN_FromLFSULTRA-WIDEN.DLL [MD5.566AC74A97F867335BD3BC44F74F8668] - [10/04/2017 17:26:47] - |A| - [6144] - C:\WINDOWS\syswow64\KBDINDEV_FromLFSULTRA-WIDEN.DLL [MD5.F831807B031523A31B0AEA3D724CF746] - [10/04/2017 17:26:47] - |A| - [6144] - C:\WINDOWS\syswow64\KBDINGUJ_FromLFSULTRA-WIDEN.DLL [MD5.E615582BCA38987368E5598BD114A6BC] - [10/04/2017 17:26:47] - |A| - [6144] - C:\WINDOWS\syswow64\KBDINHIN_FromLFSULTRA-WIDEN.DLL [MD5.911DA311FF63B6F91D2BD05EFED9756A] - [10/04/2017 17:26:48] - |A| - [6144] - C:\WINDOWS\syswow64\KBDINKAN_FromLFSULTRA-WIDEN.DLL [MD5.C80A975AA8934718BF1C2A6A3164A235] - [10/04/2017 17:26:48] - |A| - [6656] - C:\WINDOWS\syswow64\KBDINMAL_FromLFSULTRA-WIDEN.DLL [MD5.A92149941A0D6A0A14AC116245E1E08F] - [10/04/2017 17:26:49] - |A| - [6144] - C:\WINDOWS\syswow64\KBDINMAR_FromLFSULTRA-WIDEN.DLL [MD5.F533E1EA22FB9B1426010D285BFDD7D4] - [10/04/2017 17:26:49] - |A| - [6144] - C:\WINDOWS\syswow64\KBDINORI_FromLFSULTRA-WIDEN.DLL [MD5.18795F138C529065287CF5B372B52FFF] - [10/04/2017 17:26:49] - |A| - [6144] - C:\WINDOWS\syswow64\KBDINPUN_FromLFSULTRA-WIDEN.DLL [MD5.05477A526F6EAF10952DC63FFCED6609] - [10/04/2017 17:26:50] - |A| - [6144] - C:\WINDOWS\syswow64\KBDINTAM_FromLFSULTRA-WIDEN.DLL [MD5.11DB22E2FBAC2854DAA7541B16E11F41] - [10/04/2017 17:26:50] - |A| - [6144] - C:\WINDOWS\syswow64\KBDINTEL_FromLFSULTRA-WIDEN.DLL [MD5.BC1D6D38314080C7A0FFC945021736ED] - [10/04/2017 17:26:50] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINUK2_FromLFSULTRA-WIDEN.DLL [MD5.6FC4B8E6E058A717EA680D07CC186BCE] - [10/04/2017 17:26:50] - |A| - [5632] - C:\WINDOWS\syswow64\KBDIR_FromLFSULTRA-WIDEN.DLL [MD5.FAA3666233444B1A8845EC42281AAFD3] - [10/04/2017 17:26:51] - |A| - [6144] - C:\WINDOWS\syswow64\KBDIT142_FromLFSULTRA-WIDEN.DLL [MD5.F961BF9DCFC714D70F7400A90F3523CD] - [10/04/2017 17:26:51] - |A| - [5632] - C:\WINDOWS\syswow64\KBDIT_FromLFSULTRA-WIDEN.DLL [MD5.1BF907FC4EA840572F070A0F6B18638A] - [10/04/2017 17:26:51] - |A| - [6656] - C:\WINDOWS\syswow64\KBDIULAT_FromLFSULTRA-WIDEN.DLL [MD5.758EB50805FBCF354E87DD003C489AF1] - [10/04/2017 17:26:51] - |A| - [10752] - C:\WINDOWS\syswow64\KBDJPN_FromLFSULTRA-WIDEN.DLL [MD5.1BB49377E5D7B1DEEC7A235D81E45D25] - [10/04/2017 17:26:51] - |A| - [6144] - C:\WINDOWS\syswow64\KBDKAZ_FromLFSULTRA-WIDEN.DLL [MD5.AB38FB213A44689468CA28A60E73F05F] - [10/04/2017 17:26:51] - |A| - [6144] - C:\WINDOWS\syswow64\KBDKHMR_FromLFSULTRA-WIDEN.DLL [MD5.05E150201D9F2C95E727DD92C2486781] - [10/04/2017 17:26:52] - |A| - [10240] - C:\WINDOWS\syswow64\KBDKOR_FromLFSULTRA-WIDEN.DLL [MD5.58D6CD028B67A54F03DF04D3F8ED3C84] - [10/04/2017 17:26:52] - |A| - [5632] - C:\WINDOWS\syswow64\KBDKYR_FromLFSULTRA-WIDEN.DLL [MD5.3A922E93453517C2DE9F47926C5CC09A] - [10/04/2017 17:26:53] - |A| - [6144] - C:\WINDOWS\syswow64\KBDLAO_FromLFSULTRA-WIDEN.DLL [MD5.434360D1A892782BE03300D2531B9615] - [10/04/2017 17:26:52] - |A| - [6656] - C:\WINDOWS\syswow64\KBDLA_FromLFSULTRA-WIDEN.DLL [MD5.8711853E43B65F5CA1CCD48980BC6A22] - [10/04/2017 17:26:54] - |A| - [7168] - C:\WINDOWS\syswow64\kbdlk41a_FromLFSULTRA-WIDEN.dll [MD5.0DEDC0314F3EB8C0253A88D72A73E019] - [10/04/2017 17:26:54] - |A| - [6144] - C:\WINDOWS\syswow64\KBDLT1_FromLFSULTRA-WIDEN.DLL [MD5.FEFEF9B3179DB5AB3BF2305B927D31CD] - [10/04/2017 17:26:55] - |A| - [6144] - C:\WINDOWS\syswow64\KBDLT2_FromLFSULTRA-WIDEN.DLL [MD5.A449FEEEFFB98D8F91FC03DBB3AF6DA6] - [10/04/2017 17:26:54] - |A| - [5632] - C:\WINDOWS\syswow64\KBDLT_FromLFSULTRA-WIDEN.DLL [MD5.58DD1E7A51B54E09ABF83AA85CC6CD1A] - [10/04/2017 17:26:55] - |A| - [6656] - C:\WINDOWS\syswow64\KBDLV1_FromLFSULTRA-WIDEN.DLL [MD5.7A1EE27577656A40C9A1DFB9466C7292] - [10/04/2017 17:26:55] - |A| - [6144] - C:\WINDOWS\syswow64\KBDLV_FromLFSULTRA-WIDEN.DLL [MD5.036C6C736F3822DB4EAAEB1A056A1EC2] - [10/04/2017 17:26:55] - |A| - [6144] - C:\WINDOWS\syswow64\KBDMACST_FromLFSULTRA-WIDEN.DLL [MD5.BD9A67226F95658F74D3268689639B8D] - [10/04/2017 17:26:55] - |A| - [6144] - C:\WINDOWS\syswow64\KBDMAC_FromLFSULTRA-WIDEN.DLL [MD5.3174AA5D2A5BCDF4DB378FC0C24B08A9] - [10/04/2017 17:26:55] - |A| - [6144] - C:\WINDOWS\syswow64\KBDMAORI_FromLFSULTRA-WIDEN.DLL [MD5.F18149C3649C5CAA606331666D8F7F46] - [10/04/2017 17:26:55] - |A| - [6144] - C:\WINDOWS\syswow64\KBDMLT47_FromLFSULTRA-WIDEN.DLL [MD5.C22863F7E2176515A1B325F48CF6D0D9] - [10/04/2017 17:26:55] - |A| - [6144] - C:\WINDOWS\syswow64\KBDMLT48_FromLFSULTRA-WIDEN.DLL [MD5.236D5C4CA74C3E649451AD96F8FFFF43] - [10/04/2017 17:26:56] - |A| - [6144] - C:\WINDOWS\syswow64\KBDMONMO_FromLFSULTRA-WIDEN.DLL [MD5.48DC9C2926AAE98D9E3FE14570180246] - [10/04/2017 17:26:56] - |A| - [6144] - C:\WINDOWS\syswow64\KBDMON_FromLFSULTRA-WIDEN.DLL [MD5.AC1AFCCED7C3D2469AEDB3EBEEA3D776] - [10/04/2017 17:26:56] - |A| - [7168] - C:\WINDOWS\syswow64\kbdnec95_FromLFSULTRA-WIDEN.dll [MD5.A97C21704C348C8D409F83B856579136] - [10/04/2017 17:26:56] - |A| - [9216] - C:\WINDOWS\syswow64\kbdnecat_FromLFSULTRA-WIDEN.dll [MD5.47A414F6EF30BBBB183EDF1C42A761E2] - [10/04/2017 17:26:56] - |A| - [7680] - C:\WINDOWS\syswow64\kbdnecnt_FromLFSULTRA-WIDEN.dll [MD5.14D2BF82B593C23B2A3A14BADFB1FB97] - [10/04/2017 17:26:56] - |A| - [7168] - C:\WINDOWS\syswow64\kbdnec_FromLFSULTRA-WIDEN.dll [MD5.B566E8F3EB5953722E11D113285E0ACB] - [10/04/2017 17:26:56] - |A| - [6656] - C:\WINDOWS\syswow64\KBDNEPR_FromLFSULTRA-WIDEN.DLL [MD5.9F794D728D63513D8649EE6DC8BAEDCB] - [10/04/2017 17:26:56] - |A| - [6144] - C:\WINDOWS\syswow64\KBDNE_FromLFSULTRA-WIDEN.DLL [MD5.D0B2A947949F889B5014C5E63392C59E] - [10/04/2017 17:26:57] - |A| - [7168] - C:\WINDOWS\syswow64\KBDNO1_FromLFSULTRA-WIDEN.DLL [MD5.4E725FE742206824BEB08DD0E9D452FA] - [10/04/2017 17:26:56] - |A| - [6144] - C:\WINDOWS\syswow64\KBDNO_FromLFSULTRA-WIDEN.DLL [MD5.44EF56355F221E1D0CE4DBF126C2D84B] - [10/04/2017 17:26:57] - |A| - [7168] - C:\WINDOWS\syswow64\KBDNSO_FromLFSULTRA-WIDEN.DLL [MD5.42F06EE1DB6509E5B18A862C8ED313D7] - [10/04/2017 17:26:57] - |A| - [6144] - C:\WINDOWS\syswow64\KBDPASH_FromLFSULTRA-WIDEN.DLL [MD5.C857C08D2C94B5E3E801895A37B91981] - [10/04/2017 17:26:57] - |A| - [6144] - C:\WINDOWS\syswow64\KBDPL1_FromLFSULTRA-WIDEN.DLL [MD5.A32DFD02B72403CE0F9A7BB3CF7CB8AA] - [10/04/2017 17:26:57] - |A| - [6656] - C:\WINDOWS\syswow64\KBDPL_FromLFSULTRA-WIDEN.DLL [MD5.A02691FF3AA0763CF4E312DF56A7AC50] - [10/04/2017 17:26:57] - |A| - [6656] - C:\WINDOWS\syswow64\KBDPO_FromLFSULTRA-WIDEN.DLL [MD5.B485872BC86D8EB0415D8B3A73A19FBD] - [10/04/2017 17:26:58] - |A| - [7680] - C:\WINDOWS\syswow64\KBDROPR_FromLFSULTRA-WIDEN.DLL [MD5.B660B4CF0A824F428058C094182AE539] - [10/04/2017 17:26:58] - |A| - [7680] - C:\WINDOWS\syswow64\KBDROST_FromLFSULTRA-WIDEN.DLL [MD5.DB12186DF68BF5511D4EDD03AC7D3159] - [10/04/2017 17:26:57] - |A| - [7168] - C:\WINDOWS\syswow64\KBDRO_FromLFSULTRA-WIDEN.DLL [MD5.C403CA0AA9FABFF5A62956A78D2AAE98] - [10/04/2017 17:26:59] - |A| - [6144] - C:\WINDOWS\syswow64\KBDRU1_FromLFSULTRA-WIDEN.DLL [MD5.E915A4D3E8FD76A3105363745306E271] - [10/04/2017 17:26:58] - |A| - [5632] - C:\WINDOWS\syswow64\KBDRU_FromLFSULTRA-WIDEN.DLL [MD5.9CA1705E2EBFE63F2E92628415934960] - [10/04/2017 17:26:59] - |A| - [6656] - C:\WINDOWS\syswow64\KBDSF_FromLFSULTRA-WIDEN.DLL [MD5.CDD67E0C0E3205CD00F5CD56E4DC9104] - [10/04/2017 17:26:59] - |A| - [7168] - C:\WINDOWS\syswow64\KBDSG_FromLFSULTRA-WIDEN.DLL [MD5.CA5CB4A0A037939048000D55F6F48B02] - [10/04/2017 17:26:59] - |A| - [7168] - C:\WINDOWS\syswow64\KBDSL1_FromLFSULTRA-WIDEN.DLL [MD5.AA397127C003D5BCD6DC5AFF4C7C4E91] - [10/04/2017 17:26:59] - |A| - [6656] - C:\WINDOWS\syswow64\KBDSL_FromLFSULTRA-WIDEN.DLL [MD5.5D9B7D2358C019670BC1E0A580080F59] - [10/04/2017 17:27:00] - |A| - [7680] - C:\WINDOWS\syswow64\KBDSMSFI_FromLFSULTRA-WIDEN.DLL [MD5.37060ABC4AC3E32D0B4975F744F2967F] - [10/04/2017 17:27:00] - |A| - [7680] - C:\WINDOWS\syswow64\KBDSMSNO_FromLFSULTRA-WIDEN.DLL [MD5.7E87BAD2FC0E3F94E65F4693F6F68F2A] - [10/04/2017 17:27:00] - |A| - [5632] - C:\WINDOWS\syswow64\KBDSN1_FromLFSULTRA-WIDEN.DLL [MD5.E98872BD90A42A7E73E9C50E01F91729] - [10/04/2017 17:27:00] - |A| - [7168] - C:\WINDOWS\syswow64\KBDSOREX_FromLFSULTRA-WIDEN.DLL [MD5.94CFF9EFCA07CC1CA0A5954F91A78BC7] - [10/04/2017 17:27:00] - |A| - [6656] - C:\WINDOWS\syswow64\KBDSORS1_FromLFSULTRA-WIDEN.DLL [MD5.24A731A5099458E799CBA221FF3EBA98] - [10/04/2017 17:27:00] - |A| - [7168] - C:\WINDOWS\syswow64\KBDSORST_FromLFSULTRA-WIDEN.DLL [MD5.26BEA4D6A8F7703F878D4ADB7B55162E] - [10/04/2017 17:27:00] - |A| - [6144] - C:\WINDOWS\syswow64\KBDSP_FromLFSULTRA-WIDEN.DLL [MD5.9BC0A23884AE7BCCCBC4DADE4AAF6233] - [10/04/2017 17:27:01] - |A| - [6656] - C:\WINDOWS\syswow64\KBDSW09_FromLFSULTRA-WIDEN.DLL [MD5.8DF9C4FFC13A201CA534E9FD7797695B] - [10/04/2017 17:27:01] - |A| - [6144] - C:\WINDOWS\syswow64\KBDSW_FromLFSULTRA-WIDEN.DLL [MD5.A1895F76D301791886846B044E1AA403] - [10/04/2017 17:27:01] - |A| - [6144] - C:\WINDOWS\syswow64\KBDSYR1_FromLFSULTRA-WIDEN.DLL [MD5.93A41C0300A0754A16C0E696AE9BF18F] - [10/04/2017 17:27:01] - |A| - [6144] - C:\WINDOWS\syswow64\KBDSYR2_FromLFSULTRA-WIDEN.DLL [MD5.566925A00B8F439D6155F023E9494DEB] - [10/04/2017 17:27:01] - |A| - [6144] - C:\WINDOWS\syswow64\KBDTAJIK_FromLFSULTRA-WIDEN.DLL [MD5.B8D7831A03E4E54853B5EEE3557286E6] - [10/04/2017 17:27:02] - |A| - [6144] - C:\WINDOWS\syswow64\KBDTAT_FromLFSULTRA-WIDEN.DLL [MD5.59EFC72E715BF350762EDE337BE698E0] - [10/04/2017 17:27:02] - |A| - [6144] - C:\WINDOWS\syswow64\KBDTH0_FromLFSULTRA-WIDEN.DLL [MD5.950111F6B7DB4F53A4144F3EC24A39B4] - [10/04/2017 17:27:02] - |A| - [6144] - C:\WINDOWS\syswow64\KBDTH1_FromLFSULTRA-WIDEN.DLL [MD5.A8ACA01AC18FD295CE14C87B8D862E20] - [10/04/2017 17:27:02] - |A| - [6144] - C:\WINDOWS\syswow64\KBDTH2_FromLFSULTRA-WIDEN.DLL [MD5.341AA786F05917CC89F36563EBC3B86E] - [10/04/2017 17:27:02] - |A| - [6144] - C:\WINDOWS\syswow64\KBDTH3_FromLFSULTRA-WIDEN.DLL [MD5.45D012946730D9E28FC7193DFEF95F2A] - [10/04/2017 17:27:02] - |A| - [6656] - C:\WINDOWS\syswow64\KBDTIPRC_FromLFSULTRA-WIDEN.DLL [MD5.E097726A556E584EE8CEF98FCD848033] - [10/04/2017 17:27:03] - |A| - [6656] - C:\WINDOWS\syswow64\KBDTUF_FromLFSULTRA-WIDEN.DLL [MD5.F7BAA05246D68845641DF85D2D4B77AA] - [10/04/2017 17:27:04] - |A| - [6656] - C:\WINDOWS\syswow64\KBDTUQ_FromLFSULTRA-WIDEN.DLL [MD5.BDEB4A838DA1E2D9C9631298FA3D58C5] - [10/04/2017 17:27:05] - |A| - [6144] - C:\WINDOWS\syswow64\KBDTURME_FromLFSULTRA-WIDEN.DLL [MD5.86B58589C695702E05395D4E34D9D39D] - [10/04/2017 17:27:05] - |A| - [6144] - C:\WINDOWS\syswow64\KBDUGHR1_FromLFSULTRA-WIDEN.DLL [MD5.2C366F07C684476E4BC138207A50BEC4] - [10/04/2017 17:27:05] - |A| - [6144] - C:\WINDOWS\syswow64\KBDUGHR_FromLFSULTRA-WIDEN.DLL [MD5.B75E305F88A7755B824D96C78B573EB2] - [10/04/2017 17:27:06] - |A| - [7168] - C:\WINDOWS\syswow64\KBDUKX_FromLFSULTRA-WIDEN.DLL [MD5.AB0DDD50695906570E81F21D3481D4A9] - [10/04/2017 17:27:06] - |A| - [6144] - C:\WINDOWS\syswow64\KBDUK_FromLFSULTRA-WIDEN.DLL [MD5.64660661307185B010D26807698E35C6] - [10/04/2017 17:27:06] - |A| - [6144] - C:\WINDOWS\syswow64\KBDUR1_FromLFSULTRA-WIDEN.DLL [MD5.C9B1251FF5FD88939179E741111B8A3F] - [10/04/2017 17:27:06] - |A| - [5632] - C:\WINDOWS\syswow64\KBDURDU_FromLFSULTRA-WIDEN.DLL [MD5.DF936865E0F51D82F2BFCB2BDCD8A3FA] - [10/04/2017 17:27:06] - |A| - [5632] - C:\WINDOWS\syswow64\KBDUR_FromLFSULTRA-WIDEN.DLL [MD5.1B70AA7997A25AC46FE988659049DAC5] - [10/04/2017 17:27:08] - |A| - [6144] - C:\WINDOWS\syswow64\KBDUSA_FromLFSULTRA-WIDEN.DLL [MD5.72ED475B12BDD8BF8042BC0BC0B3306D] - [10/04/2017 17:27:08] - |A| - [6144] - C:\WINDOWS\syswow64\KBDUSL_FromLFSULTRA-WIDEN.DLL [MD5.CD38127A7AE80C885F90D91C3EDE61C9] - [10/04/2017 17:27:09] - |A| - [6144] - C:\WINDOWS\syswow64\KBDUSR_FromLFSULTRA-WIDEN.DLL [MD5.C25F054900BD3CC5C333E7B0FA75DA91] - [10/04/2017 17:27:16] - |A| - [6656] - C:\WINDOWS\syswow64\KBDUSX_FromLFSULTRA-WIDEN.DLL [MD5.357B990A4249D7F7485B230C0CC8825A] - [10/04/2017 17:27:08] - |A| - [6144] - C:\WINDOWS\syswow64\KBDUS_FromLFSULTRA-WIDEN.DLL [MD5.066765AC6BD4A684215AB80304D88B4C] - [10/04/2017 17:27:20] - |A| - [6144] - C:\WINDOWS\syswow64\KBDUZB_FromLFSULTRA-WIDEN.DLL [MD5.1016BF30F041D497D6B608C71F44E772] - [10/04/2017 17:27:24] - |A| - [6144] - C:\WINDOWS\syswow64\KBDVNTC_FromLFSULTRA-WIDEN.DLL [MD5.D45DE7B2EA2E62024C1E4BA6F4D31173] - [10/04/2017 17:27:27] - |A| - [6144] - C:\WINDOWS\syswow64\KBDWOL_FromLFSULTRA-WIDEN.DLL [MD5.591A3473D71841D0EC48441AACBDA116] - [10/04/2017 17:27:31] - |A| - [6144] - C:\WINDOWS\syswow64\KBDYAK_FromLFSULTRA-WIDEN.DLL [MD5.C4C2AEBB2461026CC68C77EEBCE77F70] - [10/04/2017 17:27:31] - |A| - [6144] - C:\WINDOWS\syswow64\KBDYBA_FromLFSULTRA-WIDEN.DLL [MD5.BE0D1DC82DF2E1731B56132B2BC2A9D6] - [10/04/2017 17:27:31] - |A| - [6144] - C:\WINDOWS\syswow64\KBDYCC_FromLFSULTRA-WIDEN.DLL [MD5.25BCFC5999C709BE086FEC850482F7CF] - [10/04/2017 17:27:32] - |A| - [7680] - C:\WINDOWS\syswow64\KBDYCL_FromLFSULTRA-WIDEN.DLL [MD5.5ACD11DF2AA5F3E3F30F785589B70347] - [10/04/2017 17:27:32] - |A| - [6656] - C:\WINDOWS\syswow64\kc_FromLFSULTRA-WIDEN.exe [MD5.52757C3A084485211A711E93A84396B6] - [10/04/2017 17:27:32] - |A| - [16960] - C:\WINDOWS\syswow64\kd1394.dll [MD5.C8C436ACCF484F153E687B65031D17C4] - [10/04/2017 17:27:32] - |A| - [15952] - C:\WINDOWS\syswow64\kdcom.dll [MD5.4AC22D822DDE442BD2E0B3C89508F316] - [10/04/2017 17:27:33] - |A| - [17488] - C:\WINDOWS\syswow64\kdusb.dll [MD5.024D25AC7C7A17868A85786D54FADA1F] - [10/04/2017 17:27:33] - |A| - [553472] - C:\WINDOWS\syswow64\kerberos_FromLFSULTRA-WIDEN.dll [MD5.2362B7281A39807F1AA3550333A194BC] - [10/04/2017 17:27:33] - |A| - [872448] - C:\WINDOWS\syswow64\kernel32_FromLFSULTRA-WIDEN.dll [MD5.CBB1432687339103EB093C71ACB9DE20] - [10/04/2017 17:27:35] - |A| - [293888] - C:\WINDOWS\syswow64\KernelBase_FromLFSULTRA-WIDEN.dll [MD5.45B6088D503046438C0DD7961B028148] - [10/04/2017 17:27:35] - |A| - [15872] - C:\WINDOWS\syswow64\kernelceip.dll [MD5.492090267B9608C62B956CD29BE3AFB7] - [10/04/2017 17:27:35] - |A| - [42809] - C:\WINDOWS\syswow64\KEY01.SYS [MD5.ED4BF709AAD8B665075DE06A0945B030] - [10/04/2017 17:27:36] - |A| - [2000] - C:\WINDOWS\syswow64\keyboard.drv [MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - [10/04/2017 17:27:36] - |A| - [42537] - C:\WINDOWS\syswow64\KEYBOARD.SYS [MD5.AF75DBA674E55221B7A055B0A4345F16] - [10/04/2017 17:27:36] - |A| - [19456] - C:\WINDOWS\syswow64\keyiso_FromLFSULTRA-WIDEN.dll [MD5.FB496A899B79A7D5FA7F52D967E1C7C2] - [10/04/2017 17:27:36] - |A| - [158720] - C:\WINDOWS\syswow64\keymgr_FromLFSULTRA-WIDEN.dll [MD5.6315AB54B0156C7B5B1B6E499601C171] - [10/04/2017 17:27:36] - |A| - [1185792] - C:\WINDOWS\syswow64\killcopy_FromLFSULTRA-WIDEN.exe [MD5.780FC3437DE020653469C68F34CAA873] - [10/04/2017 17:27:37] - |A| - [32768] - C:\WINDOWS\syswow64\klist.exe [MD5.F3FB146CDBDD26FCD0CF7941C547BEE4] - [10/04/2017 17:27:38] - |A| - [38912] - C:\WINDOWS\syswow64\kmddsp_FromLFSULTRA-WIDEN.tsp [MD5.196B4E3F4CCCC24AF836CE58FACBB699] - [10/04/2017 17:27:38] - |A| - [71168] - C:\WINDOWS\syswow64\KMSVC.DLL [MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - [10/04/2017 17:27:42] - |A| - [12876] - C:\WINDOWS\syswow64\korean_FromLFSULTRA-WIDEN.uce [MD5.4D835F31269D000F68AB10471E404461] - [10/04/2017 17:27:42] - |A| - [145408] - C:\WINDOWS\syswow64\korwbrkr.dll [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - [10/04/2017 17:27:42] - |A| - [11967524] - C:\WINDOWS\syswow64\korwbrkr.lex [MD5.2F6B026C02CAAD3768FEEB6172A1C037] - [10/04/2017 17:27:42] - |A| - [92320] - C:\WINDOWS\syswow64\krnl386.exe [MD5.5DC048F51EC0F34E9DAEACEBCCDC9517] - [10/04/2017 17:27:45] - |A| - [37376] - C:\WINDOWS\syswow64\ksetup.exe [MD5.BE2D4165A6845FEE05CBD36D8B41E518] - [10/04/2017 17:27:50] - |A| - [193536] - C:\WINDOWS\syswow64\ksproxy_FromLFSULTRA-WIDEN.ax [MD5.E783DE1447EC0EED7B768BB69705D8E3] - [10/04/2017 17:27:53] - |A| - [84480] - C:\WINDOWS\syswow64\kstvtune_FromLFSULTRA-WIDEN.ax [MD5.A4C85F362EBB7815676F1CD9CFC5BA59] - [10/04/2017 17:27:55] - |A| - [4608] - C:\WINDOWS\syswow64\ksuser_FromLFSULTRA-WIDEN.dll [MD5.630A31F277349109299E590856A4B004] - [10/04/2017 17:27:55] - |A| - [107008] - C:\WINDOWS\syswow64\Kswdmcap_FromLFSULTRA-WIDEN.ax [MD5.3D97D200A1449F3995E88BEA8F7D0C81] - [10/04/2017 17:27:55] - |A| - [48640] - C:\WINDOWS\syswow64\ksxbar_FromLFSULTRA-WIDEN.ax [MD5.1FD7BB79F33DE1DF79E2F23061AE4C98] - [10/04/2017 17:27:56] - |A| - [14848] - C:\WINDOWS\syswow64\ktmutil_FromLFSULTRA-WIDEN.exe [MD5.38B13C0DF479DBA23ECFA815159BA86E] - [10/04/2017 17:27:56] - |A| - [20480] - C:\WINDOWS\syswow64\ktmw32_FromLFSULTRA-WIDEN.dll [MD5.C1585EAA67C37A05BF6F93726FAFC069] - [10/04/2017 17:27:57] - |A| - [57344] - C:\WINDOWS\syswow64\l2gpstore_FromLFSULTRA-WIDEN.dll [MD5.F607FEC4722DDCBD94A133278D787095] - [10/04/2017 17:27:57] - |A| - [54272] - C:\WINDOWS\syswow64\l2nacp_FromLFSULTRA-WIDEN.dll [MD5.F4E13E8FC9D1CE7623DDD120F9EB8AD1] - [10/04/2017 17:27:57] - |A| - [180224] - C:\WINDOWS\syswow64\L2SecHC_FromLFSULTRA-WIDEN.dll [MD5.1C7F1C3EA5894995E6C563E9AE9F029F] - [10/04/2017 17:27:57] - |A| - [64000] - C:\WINDOWS\syswow64\l3codeca_FromLFSULTRA-WIDEN.acm [MD5.F2394835BB47EFA3F8C0EE705AF87CD8] - [10/04/2017 17:27:58] - |A| - [220672] - C:\WINDOWS\syswow64\l3codecp_FromLFSULTRA-WIDEN.acm [MD5.83C646F35D5DF095A3243EEEB02774A6] - [10/04/2017 17:27:58] - |A| - [14336] - C:\WINDOWS\syswow64\label_FromLFSULTRA-WIDEN.exe [MD5.31E807C474DED41DFA5DCA956BBAAA53] - [09/04/2017 12:10:29] - |A| - [261120] - C:\WINDOWS\syswow64\lame.ax [MD5.31E807C474DED41DFA5DCA956BBAAA53] - [10/04/2017 17:27:58] - |A| - [261120] - C:\WINDOWS\syswow64\lame_FromLFSULTRA-WIDEN.ax [MD5.00000000000000000000000000000000] - [10/04/2017 17:27:58] - |D| - [86016] - C:\WINDOWS\syswow64\Lang [MD5.89ED8AC378CA817B8774D4CB5E63F975] - [10/04/2017 17:27:59] - |A| - [26624] - C:\WINDOWS\syswow64\LangCleanupSysprepAction.dll [MD5.774D60CB0AD198F493CEFC9057755A05] - [10/04/2017 17:28:01] - |A| - [221600] - C:\WINDOWS\syswow64\lanman.drv [MD5.54D02FB176CB56496F2E9B6810DECB16] - [10/04/2017 17:28:01] - |A| - [9728] - C:\WINDOWS\syswow64\LAPRXY_FromLFSULTRA-WIDEN.DLL [MD5.531FE5A2634D87A078017259F21D9736] - [10/04/2017 17:28:01] - |A| - [211938] - C:\WINDOWS\syswow64\lcphrase_FromLFSULTRA-WIDEN.tbl [MD5.D3C85593F8C4576FCF9B42AC48CA4368] - [10/04/2017 17:28:02] - |A| - [24114] - C:\WINDOWS\syswow64\lcptr_FromLFSULTRA-WIDEN.tbl [MD5.4FCD4D80B89E5E3FE274A423F221293A] - [10/04/2017 17:28:02] - |A| - [49008] - C:\WINDOWS\syswow64\license_FromLFSULTRA-WIDEN.rtf [MD5.AB3B2CA52AFB695AFCDD2620A21E5B21] - [10/04/2017 17:28:03] - |A| - [24576] - C:\WINDOWS\syswow64\licmgr10_FromLFSULTRA-WIDEN.dll [MD5.5987EA8A82C53359BCD2C29D6588583E] - [10/04/2017 17:28:03] - |A| - [22016] - C:\WINDOWS\syswow64\linkinfo_FromLFSULTRA-WIDEN.dll [MD5.6658F4404DE03D75FE3BA09F7ABA6A30] - [10/04/2017 17:28:03] - |A| - [194560] - C:\WINDOWS\syswow64\ListSvc.dll [MD5.3274B3623E85E622045F836F1A2ECE44] - [10/04/2017 17:28:04] - |A| - [31744] - C:\WINDOWS\syswow64\lltdapi.dll [MD5.276678C13E3F01E9EC32ED7E56B4FEA0] - [10/04/2017 17:28:04] - |A| - [2048] - C:\WINDOWS\syswow64\lltdres.dll [MD5.5700673E13A2117FA3B9020C852C01E2] - [10/04/2017 17:28:04] - |A| - [189952] - C:\WINDOWS\syswow64\lltdsvc.dll [MD5.55CA01BA19D0006C8F2639B6C045E08B] - [10/04/2017 17:28:04] - |A| - [18432] - C:\WINDOWS\syswow64\lmhsvc.dll [MD5.536460507B20AE0F03D7BEE8111028CF] - [10/04/2017 17:28:05] - |A| - [1131] - C:\WINDOWS\syswow64\LOADFIX.COM [MD5.529879612A7FAE235914E3AA6A9A669C] - [10/04/2017 17:28:05] - |A| - [115712] - C:\WINDOWS\syswow64\loadperf_FromLFSULTRA-WIDEN.dll [MD5.1153AC6E133AA849853DFD407B086B80] - [10/04/2017 17:28:05] - |A| - [420064] - C:\WINDOWS\syswow64\locale_FromLFSULTRA-WIDEN.nls [MD5.573EF199073CE66169B4A8166EB8581B] - [10/04/2017 17:28:06] - |A| - [429056] - C:\WINDOWS\syswow64\localsec_FromLFSULTRA-WIDEN.dll [MD5.12C4E95F468A5FD3FBB8166E27ED4D53] - [10/04/2017 17:28:07] - |A| - [768512] - C:\WINDOWS\syswow64\localspl.dll [MD5.E76D8A17D45B09963EFB24DD0AE40D9E] - [10/04/2017 17:28:08] - |A| - [13824] - C:\WINDOWS\syswow64\localui.dll [MD5.27FC75229EEE367D4C0E643C108A90FA] - [10/04/2017 17:28:08] - |A| - [226816] - C:\WINDOWS\syswow64\LocationApi_FromLFSULTRA-WIDEN.dll [MD5.6E51234733DEC1E25F2FC3245AEA3D7C] - [10/04/2017 17:28:09] - |A| - [89600] - C:\WINDOWS\syswow64\LocationNotifications.exe [MD5.EA63CC5BCAE1631C6DA5ACE9299BABB6] - [10/04/2017 17:28:10] - |A| - [2727] - C:\WINDOWS\syswow64\locationnotificationsview.xml [MD5.94D36C0E44677DD26981D2BFEEF2A29D] - [10/04/2017 17:28:10] - |A| - [9216] - C:\WINDOWS\syswow64\Locator.exe [MD5.F2CBD2D08679F0B1FB029E7F57A7A65B] - [10/04/2017 17:28:10] - |A| - [42496] - C:\WINDOWS\syswow64\lodctr_FromLFSULTRA-WIDEN.exe [MD5.EA7D55E6964AA852BC7AE6F1C3349A55] - [10/04/2017 17:28:12] - |A| - [95232] - C:\WINDOWS\syswow64\logagent_FromLFSULTRA-WIDEN.exe [MD5.73F4F5BEFEF51EF2452541B84B291465] - [10/04/2017 17:29:03] - |A| - [69632] - C:\WINDOWS\syswow64\loghours_FromLFSULTRA-WIDEN.dll [MD5.3B5DA649BF7B7D07510C06DE0AEEB4EB] - [10/04/2017 17:29:03] - |A| - [82944] - C:\WINDOWS\syswow64\logman_FromLFSULTRA-WIDEN.exe [MD5.8EA53101FF2B15BDFF934B62A8FB326D] - [10/04/2017 17:29:04] - |A| - [127488] - C:\WINDOWS\syswow64\logoncli_FromLFSULTRA-WIDEN.dll [MD5.3EF0D8AB08385AAB5802E773511A2E6A] - [10/04/2017 17:29:04] - |A| - [10752] - C:\WINDOWS\syswow64\LogonUI.exe [MD5.A3901CD2E276484003C2944F78BEB80E] - [10/04/2017 17:29:05] - |A| - [477696] - C:\WINDOWS\syswow64\lpksetup.exe [MD5.61E6487189D68BD8D6D68A4CD4290846] - [10/04/2017 17:29:05] - |A| - [6144] - C:\WINDOWS\syswow64\lpksetupproxyserv.dll [MD5.60AA427E651E0D97A6666AF6D7391549] - [10/04/2017 17:29:04] - |A| - [26624] - C:\WINDOWS\syswow64\lpk_FromLFSULTRA-WIDEN.dll [MD5.8C74DBDF501E081CC56BFE41FA8B17AE] - [10/04/2017 17:29:05] - |A| - [61952] - C:\WINDOWS\syswow64\lpremove.exe [MD5.B27D3CCFD716DD0E6CDBFB6CE0087003] - [10/04/2017 17:29:06] - |A| - [1060864] - C:\WINDOWS\syswow64\lsasrv.dll [MD5.7884C1EDF5BD21749C206E8C4B5DB409] - [10/04/2017 17:29:07] - |A| - [22016] - C:\WINDOWS\syswow64\lsass.exe [MD5.8AEA9A37C1A3565A204D37C5E72AB791] - [10/04/2017 17:29:07] - |A| - [267776] - C:\WINDOWS\syswow64\lsm.exe [MD5.A29E036A5A3B37C7530F3EA1CF385129] - [10/04/2017 17:29:08] - |A| - [21504] - C:\WINDOWS\syswow64\lsmproxy_FromLFSULTRA-WIDEN.dll [MD5.C2DF5544931944AE00C59A0B3080EBFE] - [10/04/2017 17:29:10] - |A| - [41984] - C:\WINDOWS\syswow64\luainstall_FromLFSULTRA-WIDEN.dll [MD5.3279476E39DE235B426D69CFE8DEBF55] - [10/04/2017 17:29:10] - |A| - [144998] - C:\WINDOWS\syswow64\lusrmgr_FromLFSULTRA-WIDEN.msc [MD5.5C99F92B3C4CFCDF928258C2E838D000] - [10/04/2017 17:29:12] - |A| - [2560] - C:\WINDOWS\syswow64\lz32_FromLFSULTRA-WIDEN.dll [MD5.C7F038338BF55DE73B57C1FC7B23671A] - [10/04/2017 17:29:12] - |A| - [9936] - C:\WINDOWS\syswow64\lzexpand.dll [MD5.6FA389BCA661879EADAFE55B01BE5552] - [10/04/2017 17:29:12] - |A| - [9958] - C:\WINDOWS\syswow64\l_intl_FromLFSULTRA-WIDEN.nls [MD5.F3F571288CDE445881102E385BF3471F] - [10/04/2017 17:29:52] - |A| - [40448] - C:\WINDOWS\syswow64\Magnification_FromLFSULTRA-WIDEN.dll [MD5.E62BF5A49D8023F2384AB7F31031535B] - [10/04/2017 17:29:56] - |A| - [629760] - C:\WINDOWS\syswow64\Magnify_FromLFSULTRA-WIDEN.exe [MD5.BA2B249CD7C8CE15E1A8D69ECAEE5FA3] - [10/04/2017 17:30:00] - |A| - [516096] - C:\WINDOWS\syswow64\main_FromLFSULTRA-WIDEN.cpl [MD5.CEA119C323082026583901452B14C30E] - [10/04/2017 17:30:00] - |A| - [98816] - C:\WINDOWS\syswow64\makecab_FromLFSULTRA-WIDEN.exe [MD5.457C561BA80E02F1230DD0B87DA770A9] - [10/04/2017 17:30:02] - |A| - [61952] - C:\WINDOWS\syswow64\manage-bde.exe [MD5.7A495CA1402C2F9F5D035092AD808669] - [10/04/2017 17:30:02] - |A| - [874] - C:\WINDOWS\syswow64\manage-bde.wsf [MD5.00000000000000000000000000000000] - [10/04/2017 17:30:03] - |D| - [2077710] - C:\WINDOWS\syswow64\manifeststore [MD5.2BB34CC2D6DF7194F46C6508589EF8FD] - [10/04/2017 17:30:07] - |A| - [76800] - C:\WINDOWS\syswow64\mapi32_FromLFSULTRA-WIDEN.dll [MD5.2BB34CC2D6DF7194F46C6508589EF8FD] - [10/04/2017 17:30:07] - |A| - [76800] - C:\WINDOWS\syswow64\mapistub_FromLFSULTRA-WIDEN.dll [MD5.98071B6EE16AA76DABFF377A5DC69C86] - [10/04/2017 17:30:07] - |A| - [535] - C:\WINDOWS\syswow64\mapisvc.inf [MD5.84AB243EBB8839C268BA45975BD6558C] - [10/04/2017 17:30:07] - |A| - [132368] - C:\WINDOWS\syswow64\MaxxAudioAPO.dll [MD5.08DC72FF7E209B748936ADA6124362B8] - [10/04/2017 17:30:08] - |A| - [232792] - C:\WINDOWS\syswow64\MaxxAudioAPO20.dll [MD5.33CCA4B2289AA5F8753387A8BF18816B] - [10/04/2017 17:30:08] - |A| - [252928] - C:\WINDOWS\syswow64\MaxxAudioAPO30.dll [MD5.F678031A1EF7C96DB09AE9F0DDB7F88E] - [10/04/2017 17:30:09] - |A| - [1938704] - C:\WINDOWS\syswow64\MaxxAudioEQ.dll [MD5.DB2C8187A8397EF8CC08B411C509E80C] - [10/04/2017 17:30:09] - |A| - [1327104] - C:\WINDOWS\syswow64\MaxxAudioRealtek.dll [MD5.6C75723CB2309D23A3A16EF9F45B2F49] - [10/04/2017 17:30:13] - |A| - [252760] - C:\WINDOWS\syswow64\MaxxVolumeSDAPO.dll [MD5.5232D090B7540F90E9BF6DDC2EBB5CA2] - [10/04/2017 17:30:14] - |A| - [220672] - C:\WINDOWS\syswow64\mcbuilder_FromLFSULTRA-WIDEN.exe [MD5.477B711EBF491226FA40301290F66BAC] - [10/04/2017 17:30:14] - |A| - [312168] - C:\WINDOWS\syswow64\MCEWMDRMNDBootstrap.dll [MD5.174BD475D798303DF480416F4BEDB58E] - [10/04/2017 17:30:14] - |A| - [73376] - C:\WINDOWS\syswow64\mciavi.drv [MD5.451E47CF063A37D105A1D2111FD4C4E5] - [10/04/2017 17:30:15] - |A| - [84480] - C:\WINDOWS\syswow64\mciavi32_FromLFSULTRA-WIDEN.dll [MD5.1FCDA65915E15A4410AC7912F1F93E03] - [10/04/2017 17:30:15] - |A| - [38912] - C:\WINDOWS\syswow64\mcicda_FromLFSULTRA-WIDEN.dll [MD5.AA5F3F417DF0F470D67A7862451EA8E1] - [10/04/2017 17:30:15] - |A| - [36352] - C:\WINDOWS\syswow64\mciqtz32_FromLFSULTRA-WIDEN.dll [MD5.26C7F2EFBC94964CDE27EBE9CB5395A3] - [10/04/2017 17:30:15] - |A| - [25264] - C:\WINDOWS\syswow64\mciseq.drv [MD5.BF3DF375EBD26BC0F70F06512A5153D1] - [10/04/2017 17:30:15] - |A| - [23552] - C:\WINDOWS\syswow64\mciseq_FromLFSULTRA-WIDEN.dll [MD5.E05EE7069DE3CCD5B984CFF5AC82858F] - [10/04/2017 17:30:16] - |A| - [28160] - C:\WINDOWS\syswow64\mciwave.drv [MD5.8530794A804123062F38251EB9A41B50] - [10/04/2017 17:30:15] - |A| - [23040] - C:\WINDOWS\syswow64\mciwave_FromLFSULTRA-WIDEN.dll [MD5.BBA1A5B86134F496B926DDAF247DB871] - [10/04/2017 17:30:16] - |A| - [93696] - C:\WINDOWS\syswow64\mctadmin.exe [MD5.C769A93C4FF7FE0E39DED35C649A0AEE] - [10/04/2017 17:30:16] - |A| - [2048] - C:\WINDOWS\syswow64\mctres.dll [MD5.EBCB31CB206A67ECE2207764FD612EC1] - [10/04/2017 17:30:17] - |A| - [31824] - C:\WINDOWS\syswow64\mcupdate_AuthenticAMD.dll [MD5.82FA3C4C5752C7F630FA39005B2FC8C8] - [10/04/2017 17:30:17] - |A| - [520064] - C:\WINDOWS\syswow64\mcupdate_GenuineIntel.dll [MD5.A4B5A34EE451B5C501D5C90633D89BB0] - [10/04/2017 17:30:18] - |A| - [145408] - C:\WINDOWS\syswow64\McxDriv.dll [MD5.B28A051A70CFDEAC6EAC78CF476D9877] - [10/04/2017 17:30:19] - |A| - [44032] - C:\WINDOWS\syswow64\MDA_NTDRV.sys [MD5.A205B7A5D8E4AE6E8DE7B313C7FC3FA4] - [10/04/2017 17:30:19] - |A| - [205824] - C:\WINDOWS\syswow64\mdminst_FromLFSULTRA-WIDEN.dll [MD5.D5D229FB5E5A4443F42D6397564EF9C5] - [10/04/2017 17:30:19] - |A| - [88064] - C:\WINDOWS\syswow64\MdRes.exe [MD5.4D05BDE56A7116B744B04192173A0122] - [10/04/2017 17:30:20] - |A| - [132608] - C:\WINDOWS\syswow64\MdSched.exe [MD5.3206ADC4D06BB764C9A4936C8E22708C] - [10/04/2017 17:30:20] - |A| - [266752] - C:\WINDOWS\syswow64\MediaMetadataHandler.dll [MD5.390762963E6B4C861E5E0CA5A3E56E40] - [10/04/2017 17:30:21] - |A| - [39274] - C:\WINDOWS\syswow64\mem.exe [MD5.9E83F1355EE0A57FD9B648FFF4A1BE6C] - [10/04/2017 17:30:21] - |A| - [15872] - C:\WINDOWS\syswow64\memdiag.dll [MD5.015FB318794CD78AD24E65177DBF057C] - [10/04/2017 17:30:23] - |A| - [41984] - C:\WINDOWS\syswow64\mf3216_FromLFSULTRA-WIDEN.dll [MD5.E4F3F23D1150DCF2A74844BE58E4DA4F] - [10/04/2017 17:30:25] - |A| - [92672] - C:\WINDOWS\syswow64\mfAACEnc_FromLFSULTRA-WIDEN.dll [MD5.F7E75862299194C1B9103F7742EA7B25] - [10/04/2017 17:30:27] - |A| - [36176] - C:\WINDOWS\syswow64\mfc100chs_FromLFSULTRA-WIDEN.dll [MD5.8280A96D8B44ABBFE8A22F19EAF9EC0D] - [10/04/2017 17:30:30] - |A| - [36176] - C:\WINDOWS\syswow64\mfc100cht_FromLFSULTRA-WIDEN.dll [MD5.4AF4B6E8A4D185B75122773562D25975] - [10/04/2017 17:30:31] - |A| - [64336] - C:\WINDOWS\syswow64\mfc100deu_FromLFSULTRA-WIDEN.dll [MD5.F908FE45F8FE9E0D4CBE65F9FF5DF6DA] - [10/04/2017 17:30:32] - |A| - [55120] - C:\WINDOWS\syswow64\mfc100enu_FromLFSULTRA-WIDEN.dll [MD5.9328256796EFAD2AC9632FD9A76EED95] - [10/04/2017 17:30:32] - |A| - [63824] - C:\WINDOWS\syswow64\mfc100esn_FromLFSULTRA-WIDEN.dll [MD5.ECAF994DBDDE7409A4C2270CDA8177A6] - [10/04/2017 17:30:32] - |A| - [64336] - C:\WINDOWS\syswow64\mfc100fra_FromLFSULTRA-WIDEN.dll [MD5.D460F47453E2E186A981E1EB0DC7F6C9] - [10/04/2017 17:30:32] - |A| - [62288] - C:\WINDOWS\syswow64\mfc100ita_FromLFSULTRA-WIDEN.dll [MD5.BF7B39A609B1C84A888158BBE6CADC3B] - [10/04/2017 17:30:33] - |A| - [43856] - C:\WINDOWS\syswow64\mfc100jpn_FromLFSULTRA-WIDEN.dll [MD5.17F28E88C2006EB6447FB31F25D7D937] - [10/04/2017 17:30:33] - |A| - [43344] - C:\WINDOWS\syswow64\mfc100kor_FromLFSULTRA-WIDEN.dll [MD5.E25790E6E0612B621C8EA80206036672] - [10/04/2017 17:30:33] - |A| - [60752] - C:\WINDOWS\syswow64\mfc100rus_FromLFSULTRA-WIDEN.dll [MD5.F32077DF74EFD435A1DCDF415E189DF1] - [10/04/2017 17:30:33] - |A| - [4422992] - C:\WINDOWS\syswow64\mfc100u_FromLFSULTRA-WIDEN.dll [MD5.A807596CB3CB377A1A687C9734D67A37] - [10/04/2017 17:30:25] - |A| - [4397384] - C:\WINDOWS\syswow64\mfc100_FromLFSULTRA-WIDEN.dll [MD5.25DA02155472AA28F83B643304B5CCFB] - [10/04/2017 17:30:41] - |A| - [46160] - C:\WINDOWS\syswow64\mfc110chs_FromLFSULTRA-WIDEN.dll [MD5.02E7D3D61F01ADEDBB539064708C68B1] - [10/04/2017 17:30:44] - |A| - [46160] - C:\WINDOWS\syswow64\mfc110cht_FromLFSULTRA-WIDEN.dll [MD5.74228936B1444740FCE4F037F8244983] - [10/04/2017 17:30:44] - |A| - [74832] - C:\WINDOWS\syswow64\mfc110deu_FromLFSULTRA-WIDEN.dll [MD5.57A9E201F60DCDE8D5D2EE2679E57C06] - [10/04/2017 17:30:44] - |A| - [65104] - C:\WINDOWS\syswow64\mfc110enu_FromLFSULTRA-WIDEN.dll [MD5.F90EDEF2727DD8CA9B3F8C589C9B0CBE] - [10/04/2017 17:30:44] - |A| - [73808] - C:\WINDOWS\syswow64\mfc110esn_FromLFSULTRA-WIDEN.dll [MD5.CB18433E9782C6E255A54C5A83CA5E12] - [10/04/2017 17:30:45] - |A| - [74832] - C:\WINDOWS\syswow64\mfc110fra_FromLFSULTRA-WIDEN.dll [MD5.1546C92AA0B2772613D2E31BB13AA550] - [10/04/2017 17:30:45] - |A| - [72784] - C:\WINDOWS\syswow64\mfc110ita_FromLFSULTRA-WIDEN.dll [MD5.80FF1C7795BABF6AA5956BA502DE68A8] - [10/04/2017 17:30:45] - |A| - [53840] - C:\WINDOWS\syswow64\mfc110jpn_FromLFSULTRA-WIDEN.dll [MD5.4296447CC8B48A308958F8104C62D57F] - [10/04/2017 17:30:46] - |A| - [53328] - C:\WINDOWS\syswow64\mfc110kor_FromLFSULTRA-WIDEN.dll [MD5.FAE18FFAD74E6C55C905F1A630D49A98] - [10/04/2017 17:30:47] - |A| - [70736] - C:\WINDOWS\syswow64\mfc110rus_FromLFSULTRA-WIDEN.dll [MD5.B8DE851298E99A005BFD34AA906B3FE8] - [10/04/2017 17:30:47] - |A| - [4456520] - C:\WINDOWS\syswow64\mfc110u_FromLFSULTRA-WIDEN.dll [MD5.19D292B0D8D417C90440B41AEFD8A38E] - [10/04/2017 17:30:37] - |A| - [4421192] - C:\WINDOWS\syswow64\mfc110_FromLFSULTRA-WIDEN.dll [MD5.1D343669E50F2CF53901C0B1A85D67F8] - [10/04/2017 17:30:55] - |A| - [46248] - C:\WINDOWS\syswow64\mfc120chs_FromLFSULTRA-WIDEN.dll [MD5.928EF91C2BCC8F82725CDB1A5ED711D9] - [10/04/2017 17:30:58] - |A| - [46248] - C:\WINDOWS\syswow64\mfc120cht_FromLFSULTRA-WIDEN.dll [MD5.B82A4BA3EBAEBD8810F2304C0535DA4C] - [10/04/2017 17:30:58] - |A| - [74920] - C:\WINDOWS\syswow64\mfc120deu_FromLFSULTRA-WIDEN.dll [MD5.BC61781863211ABBC7C15248CCFAF9A0] - [10/04/2017 17:30:58] - |A| - [65192] - C:\WINDOWS\syswow64\mfc120enu_FromLFSULTRA-WIDEN.dll [MD5.0F79E653D7F5180678E457CE39813F0E] - [10/04/2017 17:30:59] - |A| - [73896] - C:\WINDOWS\syswow64\mfc120esn_FromLFSULTRA-WIDEN.dll [MD5.F09B21C8959133053E94A4AF14D6B46F] - [10/04/2017 17:30:59] - |A| - [74920] - C:\WINDOWS\syswow64\mfc120fra_FromLFSULTRA-WIDEN.dll [MD5.FFA0B900C2C0401D902465591E165E16] - [10/04/2017 17:31:00] - |A| - [72872] - C:\WINDOWS\syswow64\mfc120ita_FromLFSULTRA-WIDEN.dll [MD5.4BA51DA48F1BA2222664017724251775] - [10/04/2017 17:31:00] - |A| - [53928] - C:\WINDOWS\syswow64\mfc120jpn_FromLFSULTRA-WIDEN.dll [MD5.6201122886A4557A3E97647F95FB34AC] - [10/04/2017 17:31:02] - |A| - [53416] - C:\WINDOWS\syswow64\mfc120kor_FromLFSULTRA-WIDEN.dll [MD5.DFB441CA61002365F2DB2EF8769455E4] - [10/04/2017 17:31:03] - |A| - [70824] - C:\WINDOWS\syswow64\mfc120rus_FromLFSULTRA-WIDEN.dll [MD5.F4F2A4C459DD3AA22DD3984D13B15746] - [10/04/2017 17:31:05] - |A| - [4449952] - C:\WINDOWS\syswow64\mfc120u_FromLFSULTRA-WIDEN.dll [MD5.DF9A5545501A2442CA54C73C6F4DE827] - [10/04/2017 17:30:51] - |A| - [4424344] - C:\WINDOWS\syswow64\mfc120_FromLFSULTRA-WIDEN.dll [MD5.7C180DF04710051709E50DF9B65FC0B4] - [10/04/2017 17:31:14] - |A| - [46760] - C:\WINDOWS\syswow64\mfc140chs_FromLFSULTRA-WIDEN.dll [MD5.A50FC43CD6481C77EE236B66ED384122] - [10/04/2017 17:31:16] - |A| - [46760] - C:\WINDOWS\syswow64\mfc140cht_FromLFSULTRA-WIDEN.dll [MD5.EAC4A9F56E46D7D27325B59AAFF7D4CE] - [10/04/2017 17:31:16] - |A| - [75432] - C:\WINDOWS\syswow64\mfc140deu_FromLFSULTRA-WIDEN.dll [MD5.1250A3C3A3D6220B206CCD229B09F639] - [10/04/2017 17:31:17] - |A| - [65704] - C:\WINDOWS\syswow64\mfc140enu_FromLFSULTRA-WIDEN.dll [MD5.1A1CF3F570E6E48C3D4812134DCB553C] - [10/04/2017 17:31:17] - |A| - [74408] - C:\WINDOWS\syswow64\mfc140esn_FromLFSULTRA-WIDEN.dll [MD5.BF4CEC67D022BD500B2CA550FECD7913] - [10/04/2017 17:31:18] - |A| - [75432] - C:\WINDOWS\syswow64\mfc140fra_FromLFSULTRA-WIDEN.dll [MD5.7D006CAFD0E62A6B7BE6C7A31DC243B8] - [10/04/2017 17:31:19] - |A| - [73384] - C:\WINDOWS\syswow64\mfc140ita_FromLFSULTRA-WIDEN.dll [MD5.3D0B7EC5B5BF5BF5C8B6ED8D14230F0F] - [10/04/2017 17:31:22] - |A| - [54952] - C:\WINDOWS\syswow64\mfc140jpn_FromLFSULTRA-WIDEN.dll [MD5.BCD8809B7AC761CAC283148C2A824766] - [10/04/2017 17:31:23] - |A| - [53928] - C:\WINDOWS\syswow64\mfc140kor_FromLFSULTRA-WIDEN.dll [MD5.26A7F2585FD3CFFD4EADEAC9D921A3A6] - [10/04/2017 17:31:24] - |A| - [71336] - C:\WINDOWS\syswow64\mfc140rus_FromLFSULTRA-WIDEN.dll [MD5.EC85D7A09109D1F52F165CFBA6DB8B33] - [10/04/2017 17:31:25] - |A| - [4444320] - C:\WINDOWS\syswow64\mfc140u_FromLFSULTRA-WIDEN.dll [MD5.D9969B471D9AD4448A8AB615478F9225] - [10/04/2017 17:31:11] - |A| - [4379800] - C:\WINDOWS\syswow64\mfc140_FromLFSULTRA-WIDEN.dll [MD5.AB9EB3745B03AE67AB241A82338DEA7B] - [10/04/2017 17:31:31] - |A| - [954288] - C:\WINDOWS\syswow64\mfc40u_FromLFSULTRA-WIDEN.dll [MD5.2A6C1373D88B6D5933383B9F5C034CB9] - [10/04/2017 17:31:27] - |A| - [954752] - C:\WINDOWS\syswow64\mfc40_FromLFSULTRA-WIDEN.dll [MD5.24CAEDCD73B5B0E22226283B7B2468C7] - [10/04/2017 17:31:32] - |A| - [1164288] - C:\WINDOWS\syswow64\mfc42u_FromLFSULTRA-WIDEN.dll [MD5.DC6612A9EE015A36BA2A27BC9CC12537] - [10/04/2017 17:31:32] - |A| - [1137664] - C:\WINDOWS\syswow64\mfc42_FromLFSULTRA-WIDEN.dll [MD5.1FD3F9722119BDF7B8CFF0ECD1E84EA6] - [10/04/2017 17:31:34] - |A| - [1060864] - C:\WINDOWS\syswow64\mfc71_FromLFSULTRA-WIDEN.dll [MD5.0B6C9E162B102F7B819E61A80257CA92] - [10/04/2017 17:31:36] - |A| - [81744] - C:\WINDOWS\syswow64\mfcm100u_FromLFSULTRA-WIDEN.dll [MD5.DFAE4207CE3F2B3B88DABC6A7C73C450] - [10/04/2017 17:31:36] - |A| - [81744] - C:\WINDOWS\syswow64\mfcm100_FromLFSULTRA-WIDEN.dll [MD5.E5831770A7C72E03260B7F36817953E9] - [10/04/2017 17:31:38] - |A| - [83024] - C:\WINDOWS\syswow64\mfcm110u_FromLFSULTRA-WIDEN.dll [MD5.C3ACB76BF6151814CB0FDFF91BBA4360] - [10/04/2017 17:31:38] - |A| - [83016] - C:\WINDOWS\syswow64\mfcm110_FromLFSULTRA-WIDEN.dll [MD5.AB8766067BB26D7AB4061B0E4FC7D2C0] - [10/04/2017 17:31:40] - |A| - [83104] - C:\WINDOWS\syswow64\mfcm120u_FromLFSULTRA-WIDEN.dll [MD5.832CC047743469082FAE5E3CC830CD8C] - [10/04/2017 17:31:40] - |A| - [83104] - C:\WINDOWS\syswow64\mfcm120_FromLFSULTRA-WIDEN.dll [MD5.88E717E7B237A1E0DC22B012B18BFAF6] - [10/04/2017 17:31:41] - |A| - [94880] - C:\WINDOWS\syswow64\mfcm140u_FromLFSULTRA-WIDEN.dll [MD5.37F4819F907D5B5ED5F32030D8D2BF42] - [10/04/2017 17:31:41] - |A| - [94880] - C:\WINDOWS\syswow64\mfcm140_FromLFSULTRA-WIDEN.dll [MD5.8C80EA0385219822BCE27485F4108444] - [10/04/2017 17:31:42] - |A| - [25600] - C:\WINDOWS\syswow64\mfcsubs_FromLFSULTRA-WIDEN.dll [MD5.71D5EBEFC617B84E1136F3F0E07A88F5] - [10/04/2017 17:31:43] - |A| - [296448] - C:\WINDOWS\syswow64\mfds_FromLFSULTRA-WIDEN.dll [MD5.D94BB9A6B5EB41F4A81581C234038305] - [10/04/2017 17:31:43] - |A| - [140288] - C:\WINDOWS\syswow64\mfdvdec_FromLFSULTRA-WIDEN.dll [MD5.FEB2B13697D1C482D84FB626A0F1F73A] - [10/04/2017 17:31:46] - |A| - [2048] - C:\WINDOWS\syswow64\mferror_FromLFSULTRA-WIDEN.dll [MD5.0A277C42CBF52C2AF2BAA10B89F2A9AD] - [10/04/2017 17:31:50] - |A| - [238288] - C:\WINDOWS\syswow64\mfevtps.exe [MD5.9F56DB5686C2A1CEE4A07A0DC3A8AEC8] - [10/04/2017 17:31:57] - |A| - [281088] - C:\WINDOWS\syswow64\mfh264enc_FromLFSULTRA-WIDEN.dll [MD5.552EF4DE4E8DADC1C1B3EB9AAB16844C] - [10/04/2017 17:31:58] - |A| - [77312] - C:\WINDOWS\syswow64\mfmjpegdec_FromLFSULTRA-WIDEN.dll [MD5.5342DCCA8EA8ED193ACAAD14A5046982] - [10/04/2017 17:32:01] - |A| - [354816] - C:\WINDOWS\syswow64\mfplat_FromLFSULTRA-WIDEN.dll [MD5.9204A9C716B7B4AA451010DEDB0BB5BE] - [10/04/2017 17:32:02] - |A| - [176128] - C:\WINDOWS\syswow64\MFPlay_FromLFSULTRA-WIDEN.dll [MD5.BBE4D9B89B3FBC97C0F381C2F9C4ADEF] - [10/04/2017 17:32:04] - |A| - [23040] - C:\WINDOWS\syswow64\mfpmp_FromLFSULTRA-WIDEN.exe [MD5.41BAC1A440EAA15AD4CC15B0C7870AB0] - [10/04/2017 17:32:05] - |A| - [103424] - C:\WINDOWS\syswow64\mfps_FromLFSULTRA-WIDEN.dll [MD5.BFEBB6F76A0988A38260870C61A6D1B7] - [10/04/2017 17:32:06] - |A| - [196608] - C:\WINDOWS\syswow64\mfreadwrite_FromLFSULTRA-WIDEN.dll [MD5.4FBCDC326769C31CB283981A51C867F3] - [10/04/2017 17:32:07] - |A| - [53248] - C:\WINDOWS\syswow64\mfvdsp_FromLFSULTRA-WIDEN.dll [MD5.92BBFF13DE00F30DABC03CFF59D8678E] - [10/04/2017 17:32:07] - |A| - [609280] - C:\WINDOWS\syswow64\MFWMAAEC_FromLFSULTRA-WIDEN.DLL [MD5.B049A75BD074FC465D2BCE2BF5B15D75] - [10/04/2017 17:30:21] - |A| - [3209728] - C:\WINDOWS\syswow64\mf_FromLFSULTRA-WIDEN.dll [MD5.BA54A966F873B043FDFCDA0B77937855] - [10/04/2017 17:32:08] - |A| - [18944] - C:\WINDOWS\syswow64\mgmtapi_FromLFSULTRA-WIDEN.dll [MD5.00000000000000000000000000000000] - [10/04/2017 17:32:09] - |D| - [3792] - C:\WINDOWS\syswow64\Microsoft [MD5.9CA4A129C540FF72B3E4D98DE6935056] - [10/04/2017 17:32:23] - |A| - [6144] - C:\WINDOWS\syswow64\microsoft-windows-hal-events.dll [MD5.8B0B4C5927A333A05513791758350DC4] - [10/04/2017 17:32:24] - |A| - [51712] - C:\WINDOWS\syswow64\microsoft-windows-kernel-power-events.dll [MD5.1F5497D7D3D79C7BF0AB0C8B4C5BFE6E] - [10/04/2017 17:32:24] - |A| - [25088] - C:\WINDOWS\syswow64\microsoft-windows-kernel-processor-power-events.dll [MD5.5A12C364AD1D4FCC0AD0E56DBBC34462] - [10/04/2017 17:32:24] - |A| - [16896] - C:\WINDOWS\syswow64\midimap_FromLFSULTRA-WIDEN.dll [MD5.F4687BCD29BA7D958DD942DB0624D5A2] - [10/04/2017 17:32:24] - |A| - [91728] - C:\WINDOWS\syswow64\MigAutoPlay.exe [MD5.6EC16BBD14906A59EA8A9A3F71B7F9AD] - [10/04/2017 17:32:25] - |A| - [101888] - C:\WINDOWS\syswow64\migisol_FromLFSULTRA-WIDEN.dll [MD5.B72F77DA5A69F5626696182E17B503BA] - [10/04/2017 17:32:55] - |A| - [181760] - C:\WINDOWS\syswow64\miguiresource_FromLFSULTRA-WIDEN.dll [MD5.B81E879AE660F9D244FC20EC8A26783E] - [10/04/2017 17:35:35] - |A| - [42496] - C:\WINDOWS\syswow64\mimefilt_FromLFSULTRA-WIDEN.dll [MD5.ED434A3EBE29070A7E0138C42482EB93] - [10/04/2017 17:35:39] - |A| - [673088] - C:\WINDOWS\syswow64\mlang_FromLFSULTRA-WIDEN.dat [MD5.8EE6BDE1D572677AA35707C52C585F75] - [10/04/2017 17:35:41] - |A| - [177664] - C:\WINDOWS\syswow64\mlang_FromLFSULTRA-WIDEN.dll [MD5.00D7AB9A8E5C9A84CFCA19AD9E583E6F] - [10/04/2017 17:35:44] - |A| - [304128] - C:\WINDOWS\syswow64\mmcbase_FromLFSULTRA-WIDEN.dll [MD5.D9611EE805F511CC73CC7CEF68F083D4] - [10/04/2017 17:35:45] - |A| - [12800] - C:\WINDOWS\syswow64\mmcico_FromLFSULTRA-WIDEN.dll [MD5.E8259546E2FDC563840A3D5FEBB98B39] - [10/04/2017 17:35:45] - |A| - [70656] - C:\WINDOWS\syswow64\mmci_FromLFSULTRA-WIDEN.dll [MD5.653CF8E759C4B13C5507B70BD383F158] - [10/04/2017 17:35:45] - |A| - [2151936] - C:\WINDOWS\syswow64\mmcndmgr_FromLFSULTRA-WIDEN.dll [MD5.F2BA9C2046E690F83AB1F8E22BFFDB8A] - [10/04/2017 17:35:46] - |A| - [128512] - C:\WINDOWS\syswow64\mmcshext_FromLFSULTRA-WIDEN.dll [MD5.146B6F43A673379A3C670E86D89BE5EA] - [10/04/2017 17:35:48] - |A| - [49664] - C:\WINDOWS\syswow64\mmcss.dll [MD5.6AAF3BECE2C3D17091BCEF37C5A82AC0] - [10/04/2017 17:35:42] - |A| - [1401344] - C:\WINDOWS\syswow64\mmc_FromLFSULTRA-WIDEN.exe [MD5.243974EC02F7AE49E4179C54624143AB] - [10/04/2017 17:35:48] - |A| - [213504] - C:\WINDOWS\syswow64\MMDevAPI_FromLFSULTRA-WIDEN.dll [MD5.79DE9216B4800813CC3EFA8048F7B038] - [10/04/2017 17:35:49] - |A| - [9053696] - C:\WINDOWS\syswow64\mmres_FromLFSULTRA-WIDEN.dll [MD5.F71B2CD664E53E6525AB636DB91320F6] - [10/04/2017 17:35:54] - |A| - [68992] - C:\WINDOWS\syswow64\MMSYSTEM.DLL [MD5.53E054880ADBB856ECE6EB10EDBB8A32] - [10/04/2017 17:35:50] - |A| - [905216] - C:\WINDOWS\syswow64\mmsys_FromLFSULTRA-WIDEN.cpl [MD5.AAB73D4BF9CFED0DCDD00A11133751C6] - [10/04/2017 17:35:58] - |A| - [1152] - C:\WINDOWS\syswow64\mmtask.tsk [MD5.CCA67BD391CFC9F036323B2522887A6A] - [10/04/2017 17:36:00] - |A| - [101376] - C:\WINDOWS\syswow64\mobsync_FromLFSULTRA-WIDEN.exe [MD5.4EAF682E27490A3D45C0EBB6537EE6A8] - [10/04/2017 17:36:01] - |A| - [288768] - C:\WINDOWS\syswow64\modemui_FromLFSULTRA-WIDEN.dll [MD5.F015208F1F8473BA2E4BC229E0D38EFD] - [10/04/2017 17:36:01] - |A| - [25088] - C:\WINDOWS\syswow64\mode_FromLFSULTRA-WIDEN.com [MD5.38C9323AE3E572707CDED20B2D8B2131] - [10/04/2017 17:36:02] - |A| - [17408] - C:\WINDOWS\syswow64\montr_ci.dll [MD5.D337FBEC548E46BD32DAEC5F67D0BE47] - [10/04/2017 17:36:02] - |A| - [20992] - C:\WINDOWS\syswow64\more_FromLFSULTRA-WIDEN.com [MD5.31BCC27E1CFFAC7850FD3ED6F80BB2B9] - [10/04/2017 17:36:02] - |A| - [184832] - C:\WINDOWS\syswow64\moricons_FromLFSULTRA-WIDEN.dll [MD5.0FDAF52EC37BC155D53EAB9AF51C60E1] - [10/04/2017 17:36:03] - |A| - [13312] - C:\WINDOWS\syswow64\mountvol_FromLFSULTRA-WIDEN.exe [MD5.7D29780AC88BB7292CDCFF71BA67433D] - [10/04/2017 17:36:03] - |A| - [2032] - C:\WINDOWS\syswow64\mouse.drv [MD5.5DCE986C8D7E91B455FB3D57BF955A2A] - [10/04/2017 17:36:03] - |A| - [79872] - C:\WINDOWS\syswow64\MP3DMOD_FromLFSULTRA-WIDEN.DLL [MD5.0697FF546D6D70AE7F77EF6398004153] - [10/04/2017 17:36:04] - |A| - [241152] - C:\WINDOWS\syswow64\MP43DECD_FromLFSULTRA-WIDEN.DLL [MD5.908A5A4561DFBF2062A4189C69FA4878] - [09/04/2017 13:18:56] - |A| - [634880] - C:\WINDOWS\syswow64\mp4muxlib.dll [MD5.8A2A7AA90CBA77DD44FBAE713B4B3877] - [10/04/2017 17:36:04] - |A| - [415744] - C:\WINDOWS\syswow64\MP4SDECD_FromLFSULTRA-WIDEN.DLL [MD5.AC674F2A4B89112098462B8E071B4171] - [09/04/2017 13:18:55] - |A| - [331776] - C:\WINDOWS\syswow64\mp4_ds_mux.ax [MD5.E9AEF26AEEBFAAB901FAB3D93677DF98] - [10/04/2017 17:36:05] - |A| - [72704] - C:\WINDOWS\syswow64\Mpeg2Data_FromLFSULTRA-WIDEN.ax [MD5.FE064158FE5B98B5C542ACAA619DFFEA] - [09/04/2017 13:19:08] - |A| - [8608] - C:\WINDOWS\syswow64\mpeg4ax.cat [MD5.FE064158FE5B98B5C542ACAA619DFFEA] - [10/04/2017 17:36:05] - |A| - [8608] - C:\WINDOWS\syswow64\mpeg4ax_FromLFSULTRA-WIDEN.cat [MD5.246560C5B7995489F25BF9175F2B6380] - [10/04/2017 17:36:05] - |A| - [199680] - C:\WINDOWS\syswow64\mpg2splt_FromLFSULTRA-WIDEN.ax [MD5.AF91E5DB83377132D9F885FD8467D1C8] - [09/04/2017 12:10:29] - |A| - [420240] - C:\WINDOWS\syswow64\mpg4c32.dll [MD5.AF91E5DB83377132D9F885FD8467D1C8] - [10/04/2017 17:36:06] - |A| - [420240] - C:\WINDOWS\syswow64\mpg4c32_FromLFSULTRA-WIDEN.dll [MD5.A7FAA81D1622D6AF4467A81B42D30DBE] - [10/04/2017 17:36:07] - |A| - [241152] - C:\WINDOWS\syswow64\MPG4DECD_FromLFSULTRA-WIDEN.DLL [MD5.A5161175F60C17ABA9A1DDA2A161EE86] - [09/04/2017 12:10:28] - |A| - [264528] - C:\WINDOWS\syswow64\MPG4DS32.AX [MD5.A5161175F60C17ABA9A1DDA2A161EE86] - [10/04/2017 17:36:07] - |A| - [264528] - C:\WINDOWS\syswow64\MPG4DS32_FromLFSULTRA-WIDEN.AX [MD5.F35314802B20CE37AF5F700A252812DD] - [10/04/2017 17:36:07] - |A| - [13824] - C:\WINDOWS\syswow64\mpnotify.exe [MD5.D4191EFAB91E00FC09257AA5EBAF503B] - [10/04/2017 17:36:08] - |A| - [158720] - C:\WINDOWS\syswow64\mprapi_FromLFSULTRA-WIDEN.dll [MD5.D56D2F498713BD66F50763D5285F4F38] - [10/04/2017 17:36:08] - |A| - [268800] - C:\WINDOWS\syswow64\mprddm_FromLFSULTRA-WIDEN.dll [MD5.7B5E1419717FAC363A31CC302895217A] - [10/04/2017 17:36:09] - |A| - [75264] - C:\WINDOWS\syswow64\mprdim_FromLFSULTRA-WIDEN.dll [MD5.9A7B54D57594233EEB17892BAD309970] - [10/04/2017 17:36:09] - |A| - [104960] - C:\WINDOWS\syswow64\mprmsg_FromLFSULTRA-WIDEN.dll [MD5.B9A8CBCFCD3EC9D2EA4740AF347BF108] - [10/04/2017 17:36:07] - |A| - [64000] - C:\WINDOWS\syswow64\mpr_FromLFSULTRA-WIDEN.dll [MD5.57C7C194B31AAA8BF47E04D7962A47A6] - [10/04/2017 17:36:09] - |A| - [407720] - C:\WINDOWS\syswow64\MpSigStub.exe [MD5.9835584E999D25004E1EE8E5F3E3B881] - [10/04/2017 17:36:09] - |A| - [566272] - C:\WINDOWS\syswow64\MPSSVC.dll [MD5.BB035D7C8CCA6D6BCEFFEC0CBA462B0F] - [10/04/2017 17:36:10] - |A| - [11264] - C:\WINDOWS\syswow64\MRINFO_FromLFSULTRA-WIDEN.EXE [MD5.9B59770C431CA42E6BEDD483D1A36A7F] - [10/04/2017 17:36:11] - |A| - [121344] - C:\WINDOWS\syswow64\msaatext_FromLFSULTRA-WIDEN.dll [MD5.DC190EB70C5C15BB087F893D6E77E5C6] - [10/04/2017 17:36:11] - |A| - [226304] - C:\WINDOWS\syswow64\MSAC3ENC_FromLFSULTRA-WIDEN.DLL [MD5.8EE0B6EDCD5FE63BDEEEB82351B110EE] - [10/04/2017 17:36:11] - |A| - [61168] - C:\WINDOWS\syswow64\msacm.dll [MD5.85683DF1F917E4D7F6BE1A04986BF1C8] - [10/04/2017 17:36:11] - |A| - [72192] - C:\WINDOWS\syswow64\msacm32_FromLFSULTRA-WIDEN.dll [MD5.07393A09C46083588E751B63B03C8301] - [10/04/2017 17:36:12] - |A| - [20992] - C:\WINDOWS\syswow64\msacm32_FromLFSULTRA-WIDEN.drv [MD5.8EE566982477BC5886FE622CEBEE9C86] - [10/04/2017 17:36:12] - |A| - [18432] - C:\WINDOWS\syswow64\msadp32_FromLFSULTRA-WIDEN.acm [MD5.0DDA6BAAAA33E21203F6FE633D2F5AE0] - [10/04/2017 17:36:12] - |A| - [2560] - C:\WINDOWS\syswow64\msafd_FromLFSULTRA-WIDEN.dll [MD5.938F39B50BAFE13D6F58C7790682C010] - [10/04/2017 17:36:12] - |A| - [34304] - C:\WINDOWS\syswow64\msasn1_FromLFSULTRA-WIDEN.dll [MD5.2F193DB7F01692DAD429B9AD8DC17F2F] - [09/04/2017 13:19:08] - |A| - [8587] - C:\WINDOWS\syswow64\msaudio.cat [MD5.2F193DB7F01692DAD429B9AD8DC17F2F] - [10/04/2017 17:36:13] - |A| - [8587] - C:\WINDOWS\syswow64\msaudio_FromLFSULTRA-WIDEN.cat [MD5.5BF47EDE7A7D9143E5CB299FEB0173A2] - [10/04/2017 17:36:13] - |A| - [146432] - C:\WINDOWS\syswow64\msaudite_FromLFSULTRA-WIDEN.dll [MD5.8727CFCFA5BAAA7041270BC755B3C560] - [10/04/2017 17:36:14] - |A| - [219648] - C:\WINDOWS\syswow64\mscandui_FromLFSULTRA-WIDEN.dll [MD5.61DC2C38CEC0B2DF22B09F1A6E0B00DD] - [10/04/2017 17:36:14] - |A| - [10240] - C:\WINDOWS\syswow64\mscat32_FromLFSULTRA-WIDEN.dll [MD5.52C7505D68C3CE8496EC8DC17D8FF75A] - [10/04/2017 17:36:14] - |A| - [718] - C:\WINDOWS\syswow64\mscdexnt.exe [MD5.C04E8D0509505AB8D8C5623E94458831] - [10/04/2017 17:36:14] - |A| - [152576] - C:\WINDOWS\syswow64\msclmd_FromLFSULTRA-WIDEN.dll [MD5.7F8678C59F188528D60104E697C2361E] - [10/04/2017 17:36:15] - |A| - [481792] - C:\WINDOWS\syswow64\mscms_FromLFSULTRA-WIDEN.dll [MD5.D7EEF2C46A9880F21BE01511024B53AB] - [09/04/2017 12:10:28] - |A| - [1069376] - C:\WINDOWS\syswow64\MSCOMCTL.ocx [MD5.D7EEF2C46A9880F21BE01511024B53AB] - [10/04/2017 17:36:15] - |A| - [1069376] - C:\WINDOWS\syswow64\MSCOMCTL_FromLFSULTRA-WIDEN.ocx [MD5.A00075951E38A73FE2F9D8384311710A] - [10/04/2017 17:36:17] - |A| - [233984] - C:\WINDOWS\syswow64\msconfig.exe [MD5.D83947A58613E9091B4C9CC0F1546A8D] - [10/04/2017 17:36:17] - |A| - [297808] - C:\WINDOWS\syswow64\mscoree_FromLFSULTRA-WIDEN.dll [MD5.A139A5E6B34F136405B030EA04595A20] - [10/04/2017 17:36:18] - |A| - [156824] - C:\WINDOWS\syswow64\mscorier_FromLFSULTRA-WIDEN.dll [MD5.D5D5BBF6AA45D820BAA0BD1303B8AAF6] - [10/04/2017 17:36:18] - |A| - [81560] - C:\WINDOWS\syswow64\mscories_FromLFSULTRA-WIDEN.dll [MD5.F77B44BDA8F7FDAC72CC255DF7930799] - [10/04/2017 17:36:19] - |A| - [8192] - C:\WINDOWS\syswow64\mscpx32r_FromLFSULTRA-WIDEN.dLL [MD5.5ADDA7C0929B4C8FBC06DCB5E447B21F] - [10/04/2017 17:36:19] - |A| - [28672] - C:\WINDOWS\syswow64\mscpxl32_FromLFSULTRA-WIDEN.dLL [MD5.D13334E016522588C508B195073DDE4A] - [10/04/2017 17:36:20] - |A| - [7168] - C:\WINDOWS\syswow64\msctfime_FromLFSULTRA-WIDEN.ime [MD5.B43687C534A49700BF4B3C9898763752] - [10/04/2017 17:36:20] - |A| - [19968] - C:\WINDOWS\syswow64\MsCtfMonitor_FromLFSULTRA-WIDEN.dll [MD5.8688411BE3FCB8A11D471AA2689B3E4F] - [10/04/2017 17:36:20] - |A| - [81920] - C:\WINDOWS\syswow64\msctfp_FromLFSULTRA-WIDEN.dll [MD5.45FB05F743E626D9E239E52602CEA041] - [10/04/2017 17:36:21] - |A| - [85504] - C:\WINDOWS\syswow64\msctfui_FromLFSULTRA-WIDEN.dll [MD5.C9618BC9B2B0FD7C1138D8774795A79B] - [10/04/2017 17:36:19] - |A| - [828928] - C:\WINDOWS\syswow64\msctf_FromLFSULTRA-WIDEN.dll [MD5.BC86E0EBCF82329462CC6A5AB6EF4964] - [10/04/2017 17:36:21] - |A| - [163840] - C:\WINDOWS\syswow64\msdadiag_FromLFSULTRA-WIDEN.dll [MD5.A99C4D1B5E7E794EC5779CF14F431932] - [10/04/2017 17:36:21] - |A| - [126976] - C:\WINDOWS\syswow64\msdart_FromLFSULTRA-WIDEN.dll [MD5.85FA3C2DCA1E1006560B2399036FDA5C] - [10/04/2017 17:36:22] - |A| - [8192] - C:\WINDOWS\syswow64\msdatsrc_FromLFSULTRA-WIDEN.tlb [MD5.739E51268B4BB79AB4F9E55F0018D0BC] - [10/04/2017 17:36:22] - |A| - [305152] - C:\WINDOWS\syswow64\msdelta_FromLFSULTRA-WIDEN.dll [MD5.7069AAB8536F29ED7323140973A2894B] - [10/04/2017 17:36:22] - |A| - [30720] - C:\WINDOWS\syswow64\msdmo_FromLFSULTRA-WIDEN.dll [MD5.7FA485555BF802FE3DB5598004DBDFAC] - [10/04/2017 17:36:22] - |A| - [390144] - C:\WINDOWS\syswow64\msdrm_FromLFSULTRA-WIDEN.dll [MD5.E1BCE74A3BD9902B72599C0192A07E27] - [10/04/2017 17:36:29] - |A| - [134144] - C:\WINDOWS\syswow64\msdtc.exe [MD5.89A7B9CC98D0D80C6F31B91C0A310FCD] - [10/04/2017 17:36:30] - |A| - [308736] - C:\WINDOWS\syswow64\msdtckrm.dll [MD5.BFFA7BB606C109D682C5DD1CFF511A78] - [10/04/2017 17:36:30] - |A| - [96768] - C:\WINDOWS\syswow64\msdtclog.dll [MD5.19B8C44BC54C7859E57E0EC1312D5B92] - [10/04/2017 17:36:30] - |A| - [578560] - C:\WINDOWS\syswow64\msdtcprx_FromLFSULTRA-WIDEN.dll [MD5.C43580971DE309516BAFC30DE736C147] - [10/04/2017 17:36:31] - |A| - [1066496] - C:\WINDOWS\syswow64\msdtctm.dll [MD5.E991956ACE9E57BFB9F8BB077D11B34E] - [10/04/2017 17:36:32] - |A| - [237568] - C:\WINDOWS\syswow64\msdtcuiu_FromLFSULTRA-WIDEN.dll [MD5.C10605723EADB779A485C8BCF22A8077] - [10/04/2017 17:36:32] - |A| - [21504] - C:\WINDOWS\syswow64\msdtcVSp1res_FromLFSULTRA-WIDEN.dll [MD5.F67A64C46DE10425045AF682802F5BA6] - [10/04/2017 17:36:23] - |A| - [983040] - C:\WINDOWS\syswow64\msdt_FromLFSULTRA-WIDEN.exe [MD5.2883942DF154A6CEBDB75B42C0093CF3] - [10/04/2017 17:36:33] - |A| - [59904] - C:\WINDOWS\syswow64\MSDvbNP_FromLFSULTRA-WIDEN.ax [MD5.1AD13A1281BAC6D90B1512A6FFCBB78C] - [10/04/2017 17:36:33] - |A| - [4096] - C:\WINDOWS\syswow64\msdxm_FromLFSULTRA-WIDEN.ocx [MD5.37DF13BD22F8E27D1A28033B10C35974] - [10/04/2017 17:36:33] - |A| - [43520] - C:\WINDOWS\syswow64\msdxm_FromLFSULTRA-WIDEN.tlb [MD5.A9F291081D0AC6E56AE89D724CA089EA] - [10/04/2017 17:36:34] - |A| - [409600] - C:\WINDOWS\syswow64\msexch40_FromLFSULTRA-WIDEN.dll [MD5.F70178765A539DD21528D69F7C233492] - [10/04/2017 17:36:34] - |A| - [339968] - C:\WINDOWS\syswow64\msexcl40_FromLFSULTRA-WIDEN.dll [MD5.55969AADF0210A614700F89B48976F68] - [10/04/2017 17:36:35] - |A| - [43008] - C:\WINDOWS\syswow64\msfeedsbs_FromLFSULTRA-WIDEN.dll [MD5.53FC62C51CB18C9100A7DFAF2D2A6C47] - [10/04/2017 17:36:36] - |A| - [12800] - C:\WINDOWS\syswow64\msfeedssync_FromLFSULTRA-WIDEN.exe [MD5.2DED8A99E45053C42DD21D6937D3960C] - [10/04/2017 17:36:35] - |A| - [689152] - C:\WINDOWS\syswow64\msfeeds_FromLFSULTRA-WIDEN.dll [MD5.3A16EA01FCFAAB40882DB5BFEE632322] - [10/04/2017 17:36:36] - |A| - [592384] - C:\WINDOWS\syswow64\msftedit_FromLFSULTRA-WIDEN.dll [MD5.BF3D6F7D929E018703BE2D4556DD679A] - [10/04/2017 17:36:37] - |A| - [12288] - C:\WINDOWS\syswow64\msg711_FromLFSULTRA-WIDEN.acm [MD5.AE796D3FD1C69CE62BB6AFACDFB950AA] - [10/04/2017 17:36:37] - |A| - [23552] - C:\WINDOWS\syswow64\msgsm32_FromLFSULTRA-WIDEN.acm [MD5.EC751A9D4C9BCA0488A0875C7802F5E5] - [09/04/2017 12:10:28] - |A| - [440352] - C:\WINDOWS\syswow64\MSHFLXGD.OCX [MD5.EC751A9D4C9BCA0488A0875C7802F5E5] - [10/04/2017 17:36:38] - |A| - [440352] - C:\WINDOWS\syswow64\MSHFLXGD_FromLFSULTRA-WIDEN.OCX [MD5.ABDFC692D9FE43E2BA8FE6CB5A8CB95A] - [10/04/2017 17:36:39] - |A| - [13312] - C:\WINDOWS\syswow64\mshta_FromLFSULTRA-WIDEN.exe [MD5.9F6066005D8B8620598085C7499E9B70] - [10/04/2017 17:36:49] - |A| - [64000] - C:\WINDOWS\syswow64\MshtmlDac_FromLFSULTRA-WIDEN.dll [MD5.6B7210618D7E2CE0404ECF748701253A] - [10/04/2017 17:36:51] - |A| - [76288] - C:\WINDOWS\syswow64\mshtmled_FromLFSULTRA-WIDEN.dll [MD5.AE6A2C5ECD3E96556E22F12816842F60] - [10/04/2017 17:36:55] - |A| - [48640] - C:\WINDOWS\syswow64\mshtmler_FromLFSULTRA-WIDEN.dll [MD5.85E21CCF38166E0D6DE2E42D9D3823BD] - [10/04/2017 17:36:58] - |A| - [1155072] - C:\WINDOWS\syswow64\mshtmlmedia.dll [MD5.975421AC32F9F6E27A58F75DAB4B5871] - [10/04/2017 17:36:39] - |A| - [19607040] - C:\WINDOWS\syswow64\mshtml_FromLFSULTRA-WIDEN.dll [MD5.8C8B8C78C0CCD5D36ABCB115B0B581E1] - [10/04/2017 17:36:40] - |A| - [2724864] - C:\WINDOWS\syswow64\mshtml_FromLFSULTRA-WIDEN.tlb [MD5.A35F6D6432D7B81944354DF2D3C02FC1] - [10/04/2017 17:37:03] - |A| - [35328] - C:\WINDOWS\syswow64\MsiCofire.dll [MD5.1FC31851613B25060A5815D6935310A9] - [10/04/2017 17:37:05] - |A| - [479232] - C:\WINDOWS\syswow64\msidcrl30.dll [MD5.FA849121BF8384BC9F9F93710616B134] - [10/04/2017 17:37:05] - |A| - [53248] - C:\WINDOWS\syswow64\msident_FromLFSULTRA-WIDEN.dll [MD5.81600E2E27ED61427AAD865B9BCDDB9D] - [10/04/2017 17:37:06] - |A| - [7680] - C:\WINDOWS\syswow64\msidle_FromLFSULTRA-WIDEN.dll [MD5.711D2C461C3A45EF4F16A738ED839485] - [10/04/2017 17:37:06] - |A| - [4608] - C:\WINDOWS\syswow64\msidntld_FromLFSULTRA-WIDEN.dll [MD5.067ADF4DFA75CE40ADE163A5933E8953] - [10/04/2017 17:37:06] - |A| - [301568] - C:\WINDOWS\syswow64\msieftp_FromLFSULTRA-WIDEN.dll [MD5.EEE470F2A771FC0B543BDEEF74FCECA0] - [10/04/2017 17:37:07] - |A| - [73216] - C:\WINDOWS\syswow64\msiexec_FromLFSULTRA-WIDEN.exe [MD5.DFEC71402D544893908744E4863DC969] - [10/04/2017 17:37:07] - |A| - [337408] - C:\WINDOWS\syswow64\msihnd_FromLFSULTRA-WIDEN.dll [MD5.F1278B3514EA6FA9BC39B20D26139AAC] - [10/04/2017 17:37:07] - |A| - [15872] - C:\WINDOWS\syswow64\msiltcfg_FromLFSULTRA-WIDEN.dll [MD5.18AB2E5A40064ED5F7791AC5946A90F3] - [10/04/2017 17:37:08] - |A| - [4608] - C:\WINDOWS\syswow64\msimg32_FromLFSULTRA-WIDEN.dll [MD5.1F59B386F652A0484A3CC0B680B1132B] - [10/04/2017 17:37:08] - |A| - [25088] - C:\WINDOWS\syswow64\msimsg_FromLFSULTRA-WIDEN.dll [MD5.1D1EAA16D193C6A2D45981ED3914D22A] - [10/04/2017 17:37:08] - |A| - [31232] - C:\WINDOWS\syswow64\msimtf_FromLFSULTRA-WIDEN.dll [MD5.5F2122888583347C9B81724CF169EFC6] - [10/04/2017 17:37:09] - |A| - [303104] - C:\WINDOWS\syswow64\msinfo32_FromLFSULTRA-WIDEN.exe [MD5.C5413BC4F10CEB4C3070BBF04D324117] - [10/04/2017 17:37:09] - |A| - [20480] - C:\WINDOWS\syswow64\msisip_FromLFSULTRA-WIDEN.dll [MD5.0CE4D3BD306DA6D1F6F233C403F5B667] - [10/04/2017 17:37:02] - |A| - [2341376] - C:\WINDOWS\syswow64\msi_FromLFSULTRA-WIDEN.dll [MD5.C9380B96A0D51B8109D19D13467ADA0B] - [10/04/2017 17:37:10] - |A| - [1589248] - C:\WINDOWS\syswow64\msjet40_FromLFSULTRA-WIDEN.dll [MD5.5A72F87F75A5EA7B46DC3AD87302FE00] - [10/04/2017 17:37:12] - |A| - [364544] - C:\WINDOWS\syswow64\msjetoledb40_FromLFSULTRA-WIDEN.dll [MD5.0219B6F2329F4C1BC24580C83D0F3645] - [10/04/2017 17:37:12] - |A| - [24576] - C:\WINDOWS\syswow64\msjint40_FromLFSULTRA-WIDEN.dll [MD5.870285A6C2429CFC47FF95DA49313664] - [10/04/2017 17:37:13] - |A| - [61440] - C:\WINDOWS\syswow64\msjter40_FromLFSULTRA-WIDEN.dll [MD5.F774DB03213C2014363DE8D22DD6BBEF] - [10/04/2017 17:37:13] - |A| - [290816] - C:\WINDOWS\syswow64\msjtes40_FromLFSULTRA-WIDEN.dll [MD5.298FDE634538B62CEEEC266D8773B21A] - [10/04/2017 17:37:14] - |A| - [182272] - C:\WINDOWS\syswow64\msls31_FromLFSULTRA-WIDEN.dll [MD5.C5B187A54FFBEB11BAE458E096D0CCB0] - [10/04/2017 17:37:15] - |A| - [241664] - C:\WINDOWS\syswow64\msltus40_FromLFSULTRA-WIDEN.dll [MD5.6028D7929DFC6F7465E08EDC1388F79A] - [10/04/2017 17:37:15] - |A| - [10752] - C:\WINDOWS\syswow64\msmmsp.dll [MD5.3CC0EF43C256D0A28C908F36AD06963D] - [10/04/2017 17:37:16] - |A| - [970240] - C:\WINDOWS\syswow64\msmpeg2adec_FromLFSULTRA-WIDEN.dll [MD5.EDCAA72A69E36517F1493F09B8A834F7] - [10/04/2017 17:37:17] - |A| - [829952] - C:\WINDOWS\syswow64\MSMPEG2ENC_FromLFSULTRA-WIDEN.DLL [MD5.600A65F922CCDCBB2D11467914241556] - [10/04/2017 17:37:18] - |A| - [2284544] - C:\WINDOWS\syswow64\msmpeg2vdec_FromLFSULTRA-WIDEN.dll [MD5.CB9EF09B4BF03F8DE663B3F55D61A8E9] - [10/04/2017 17:37:19] - |A| - [265216] - C:\WINDOWS\syswow64\msnetobj.dll [MD5.6E79D0D90AB03DC45AFACA52A6699963] - [10/04/2017 17:37:21] - |A| - [204288] - C:\WINDOWS\syswow64\MSNP_FromLFSULTRA-WIDEN.ax [MD5.BD8774545A855B6559FD70E609830685] - [10/04/2017 17:37:22] - |A| - [60416] - C:\WINDOWS\syswow64\msobjs_FromLFSULTRA-WIDEN.dll [MD5.6707E0DAC75C45BB543B9A783068B9CF] - [10/04/2017 17:37:23] - |A| - [206336] - C:\WINDOWS\syswow64\msoeacct_FromLFSULTRA-WIDEN.dll [MD5.B7592E80772071D66336B3EC9B82101D] - [10/04/2017 17:37:23] - |A| - [86528] - C:\WINDOWS\syswow64\msoert2_FromLFSULTRA-WIDEN.dll [MD5.D5E083F31515AB77C347295E24C9288C] - [10/04/2017 17:37:23] - |A| - [8192] - C:\WINDOWS\syswow64\msorc32r_FromLFSULTRA-WIDEN.dll [MD5.1682569FCB2BD576B7F8BCC5506BAF24] - [10/04/2017 17:37:23] - |A| - [176128] - C:\WINDOWS\syswow64\msorcl32_FromLFSULTRA-WIDEN.dll [MD5.E97295DE2A9FDE547FEAB4FE41DF16CA] - [10/04/2017 17:37:23] - |A| - [6376960] - C:\WINDOWS\syswow64\mspaint_FromLFSULTRA-WIDEN.exe [MD5.387A8A473ECC5BA02CF453277C1F3274] - [10/04/2017 17:37:25] - |A| - [35328] - C:\WINDOWS\syswow64\mspatcha_FromLFSULTRA-WIDEN.dll [MD5.604FE3513AFDAD1C93FD82C2AF433912] - [10/04/2017 17:37:29] - |A| - [368640] - C:\WINDOWS\syswow64\mspbde40_FromLFSULTRA-WIDEN.dll [MD5.DDED5846237D9DDCB322129D5625F4C9] - [10/04/2017 17:37:29] - |A| - [44032] - C:\WINDOWS\syswow64\msports_FromLFSULTRA-WIDEN.dll [MD5.C90878913DF3DC504790282043DB5F4C] - [10/04/2017 17:37:31] - |A| - [2048] - C:\WINDOWS\syswow64\msprivs.dll [MD5.0E7045B64AFC3D5AB106B3335A1AF13D] - [10/04/2017 17:37:31] - |A| - [102912] - C:\WINDOWS\syswow64\msrahc.dll [MD5.D26C234A090FAD76770D2DED97D7356D] - [10/04/2017 17:37:32] - |A| - [7168] - C:\WINDOWS\syswow64\MsraLegacy_FromLFSULTRA-WIDEN.tlb [MD5.FB5C9234E4BF6BDAF4A954763A4582BA] - [10/04/2017 17:37:33] - |A| - [168960] - C:\WINDOWS\syswow64\msrating_FromLFSULTRA-WIDEN.dll [MD5.4AC5B4A0B8D22185C09EE5584BF1CFB5] - [10/04/2017 17:37:31] - |A| - [536576] - C:\WINDOWS\syswow64\msra_FromLFSULTRA-WIDEN.exe [MD5.30252BE7BBFA69485CD65203C6085C35] - [10/04/2017 17:37:33] - |A| - [319488] - C:\WINDOWS\syswow64\msrd2x40_FromLFSULTRA-WIDEN.dll [MD5.31E8356FFA4271A89C66E7DE2261BE76] - [10/04/2017 17:37:33] - |A| - [344064] - C:\WINDOWS\syswow64\msrd3x40_FromLFSULTRA-WIDEN.dll [MD5.84EF5B7DCA59B4331A91819570278F16] - [10/04/2017 17:37:34] - |A| - [159232] - C:\WINDOWS\syswow64\msrdc_FromLFSULTRA-WIDEN.dll [MD5.46D5CD50E96168344110A161F60BDD67] - [10/04/2017 17:37:34] - |A| - [44544] - C:\WINDOWS\syswow64\MsRdpWebAccess_FromLFSULTRA-WIDEN.dll [MD5.0A7DF27E21283D4106F5E1A04914F9C9] - [10/04/2017 17:37:35] - |A| - [643072] - C:\WINDOWS\syswow64\msrepl40_FromLFSULTRA-WIDEN.dll [MD5.04FAE971A77E76B3F4EF44053AEE0905] - [10/04/2017 17:37:35] - |A| - [13312] - C:\WINDOWS\syswow64\msrle32_FromLFSULTRA-WIDEN.dll [MD5.2DC6285EC4F902BE08E7C5FA6D3FD017] - [10/04/2017 17:37:36] - |A| - [59392] - C:\WINDOWS\syswow64\msscntrs_FromLFSULTRA-WIDEN.dll [MD5.510B493DF0DD669E60879B6B19E9B949] - [10/04/2017 17:37:36] - |A| - [504320] - C:\WINDOWS\syswow64\msscp.dll [MD5.6DF3EA6FB1D0521127377F454081ABEA] - [10/04/2017 17:37:36] - |A| - [95232] - C:\WINDOWS\syswow64\msscript_FromLFSULTRA-WIDEN.ocx [MD5.04C20DBC09884A27F65EBD721B42F073] - [10/04/2017 17:37:37] - |A| - [171520] - C:\WINDOWS\syswow64\mssha.dll [MD5.4636DC1F87D78F2600CB6D0CBE10668F] - [10/04/2017 17:37:38] - |A| - [268800] - C:\WINDOWS\syswow64\msshavmsg.dll [MD5.A5D237B8673025B052C0E6FDB6A883E8] - [10/04/2017 17:37:38] - |A| - [10240] - C:\WINDOWS\syswow64\msshooks.dll [MD5.FA579B5272957DAF6CFD0E10EEFBF5AC] - [10/04/2017 17:37:38] - |A| - [39424] - C:\WINDOWS\syswow64\mssign32_FromLFSULTRA-WIDEN.dll [MD5.DB950C45BCFBACFEFCF07B2BA9870A63] - [10/04/2017 17:37:38] - |A| - [7680] - C:\WINDOWS\syswow64\mssip32_FromLFSULTRA-WIDEN.dll [MD5.D53519D8BB92559350125447991DCFA8] - [10/04/2017 17:37:39] - |A| - [104448] - C:\WINDOWS\syswow64\mssitlb_FromLFSULTRA-WIDEN.dll [MD5.C611C6ED5ECFE4608BA79472DFE3D49C] - [10/04/2017 17:37:39] - |A| - [646144] - C:\WINDOWS\syswow64\MsSpellCheckingFacility.exe [MD5.5BDF8B0B9A3EADE3A2A6F2ED8D44E36D] - [10/04/2017 17:37:41] - |A| - [197120] - C:\WINDOWS\syswow64\mssphtb_FromLFSULTRA-WIDEN.dll [MD5.DB67C7C62038BDE813CB6486581A7611] - [10/04/2017 17:37:40] - |A| - [337408] - C:\WINDOWS\syswow64\mssph_FromLFSULTRA-WIDEN.dll [MD5.1CBF15FDB0310345A68972EB5C5B948F] - [10/04/2017 17:37:41] - |A| - [35328] - C:\WINDOWS\syswow64\mssprxy_FromLFSULTRA-WIDEN.dll [MD5.0241CB16136B9A4939CA0395768AE286] - [10/04/2017 17:37:41] - |A| - [1401344] - C:\WINDOWS\syswow64\mssrch_FromLFSULTRA-WIDEN.dll [MD5.987323F0247D023AD1AE52195540ECE0] - [10/04/2017 17:37:43] - |A| - [666624] - C:\WINDOWS\syswow64\mssvp_FromLFSULTRA-WIDEN.dll [MD5.7430934549463F8F5C92E9A2A04E2A7C] - [10/04/2017 17:37:44] - |A| - [17408] - C:\WINDOWS\syswow64\msswch.dll [MD5.C5A99A4C0DC9F0F5A95BA0C83D30A549] - [10/04/2017 17:37:44] - |A| - [209920] - C:\WINDOWS\syswow64\mstask_FromLFSULTRA-WIDEN.dll [MD5.22171191CF98360916A87337956FE084] - [10/04/2017 17:37:45] - |A| - [282624] - C:\WINDOWS\syswow64\mstext40_FromLFSULTRA-WIDEN.dll [MD5.3ABACF6D4EBEA5EF3014FEFA1D8FF5F8] - [10/04/2017 17:37:47] - |A| - [3221504] - C:\WINDOWS\syswow64\mstscax_FromLFSULTRA-WIDEN.dll [MD5.0DBD0B4D4766CADEB8C30242A0611395] - [10/04/2017 17:37:46] - |A| - [1051136] - C:\WINDOWS\syswow64\mstsc_FromLFSULTRA-WIDEN.exe [MD5.56CEED370508F69A1BA04939BD1BADDA] - [10/04/2017 17:37:50] - |A| - [167936] - C:\WINDOWS\syswow64\msutb_FromLFSULTRA-WIDEN.dll [MD5.986235D261FEADC0825CC4287CA2FD61] - [10/04/2017 17:37:50] - |A| - [259584] - C:\WINDOWS\syswow64\msv1_0_FromLFSULTRA-WIDEN.dll [MD5.5343A19C618BC515CEB1695586C6C137] - [10/04/2017 17:37:51] - |A| - [1386496] - C:\WINDOWS\syswow64\msvbvm60_FromLFSULTRA-WIDEN.dll [MD5.126B75D50756FE204283D418AE1A66DF] - [10/04/2017 17:37:52] - |A| - [59904] - C:\WINDOWS\syswow64\msvcirt_FromLFSULTRA-WIDEN.dll [MD5.BC83108B18756547013ED443B8CDB31B] - [10/04/2017 17:37:52] - |A| - [421200] - C:\WINDOWS\syswow64\msvcp100_FromLFSULTRA-WIDEN.dll [MD5.9C37D2E8FB26039D2329A5623D3B26D6] - [10/04/2017 02:12:47] - |A| - [18088] - C:\WINDOWS\syswow64\msvcp110_clr0400.dll [MD5.9C37D2E8FB26039D2329A5623D3B26D6] - [10/04/2017 17:37:54] - |A| - [18088] - C:\WINDOWS\syswow64\msvcp110_clr0400_FromLFSULTRA-WIDEN.dll [MD5.3E29914113EC4B968BA5EB1F6D194A0A] - [10/04/2017 17:37:53] - |A| - [535008] - C:\WINDOWS\syswow64\msvcp110_FromLFSULTRA-WIDEN.dll [MD5.9639A310EBD8A0364C2BCA59C462EF84] - [10/04/2017 17:37:55] - |A| - [536768] - C:\WINDOWS\syswow64\msvcp120_clr0400_FromLFSULTRA-WIDEN.dll [MD5.FD5CABBE52272BD76007B68186EBAF00] - [10/04/2017 17:37:54] - |A| - [455328] - C:\WINDOWS\syswow64\msvcp120_FromLFSULTRA-WIDEN.dll [MD5.54628F77144E17530A8B8882D1789C90] - [10/04/2017 17:37:57] - |A| - [443192] - C:\WINDOWS\syswow64\msvcp140_FromLFSULTRA-WIDEN.dll [MD5.46A6BA9274D075A2C30025C4E96D875A] - [10/04/2017 17:37:57] - |A| - [406528] - C:\WINDOWS\syswow64\msvcp60_FromLFSULTRA-WIDEN.dll [MD5.9C37D2E8FB26039D2329A5623D3B26D6] - [10/04/2017 17:37:58] - |A| - [18088] - C:\WINDOWS\syswow64\msvcr100_clr0400_FromLFSULTRA-WIDEN.dll [MD5.0E37FBFA79D349D672456923EC5FBBE3] - [10/04/2017 17:37:58] - |A| - [773968] - C:\WINDOWS\syswow64\msvcr100_FromLFSULTRA-WIDEN.dll [MD5.9C37D2E8FB26039D2329A5623D3B26D6] - [10/04/2017 02:12:48] - |A| - [18088] - C:\WINDOWS\syswow64\msvcr110_clr0400.dll [MD5.9C37D2E8FB26039D2329A5623D3B26D6] - [10/04/2017 17:38:00] - |A| - [18088] - C:\WINDOWS\syswow64\msvcr110_clr0400_FromLFSULTRA-WIDEN.dll [MD5.4BA25D2CBE1587A841DCFB8C8C4A6EA6] - [10/04/2017 17:37:59] - |A| - [875472] - C:\WINDOWS\syswow64\msvcr110_FromLFSULTRA-WIDEN.dll [MD5.30011B5A020F32F6F27C3C78D8D7B641] - [10/04/2017 17:38:00] - |A| - [875712] - C:\WINDOWS\syswow64\msvcr120_clr0400_FromLFSULTRA-WIDEN.dll [MD5.034CCADC1C073E4216E9466B720F9849] - [10/04/2017 17:38:00] - |A| - [970912] - C:\WINDOWS\syswow64\msvcr120_FromLFSULTRA-WIDEN.dll [MD5.9972A6ED4F2388DBFA8E0A96F6F3FDF1] - [10/04/2017 17:38:02] - |A| - [344064] - C:\WINDOWS\syswow64\msvcr70.dll [MD5.CA2F560921B7B8BE1CF555A5A18D54C3] - [10/04/2017 17:38:03] - |A| - [348160] - C:\WINDOWS\syswow64\msvcr71_FromLFSULTRA-WIDEN.dll [MD5.CDBE9690CF2B8409FACAD94FAC9479C9] - [09/04/2017 13:18:55] - |A| - [653136] - C:\WINDOWS\syswow64\msvcr90.dll [MD5.B458EB36499704E09EEA90A92C73A0A0] - [10/04/2017 17:38:04] - |A| - [253952] - C:\WINDOWS\syswow64\msvcrt20_FromLFSULTRA-WIDEN.dll [MD5.8D436C1ACA9AD91EAF0B007877D03797] - [10/04/2017 17:38:05] - |A| - [60928] - C:\WINDOWS\syswow64\msvcrt40_FromLFSULTRA-WIDEN.dll [MD5.9DC80A8AAAAAC397BDAB3C67165A824E] - [10/04/2017 17:38:03] - |A| - [690688] - C:\WINDOWS\syswow64\msvcrt_FromLFSULTRA-WIDEN.dll [MD5.C335EC1182AC10B188705554E0BC1186] - [10/04/2017 17:38:05] - |A| - [120320] - C:\WINDOWS\syswow64\msvfw32_FromLFSULTRA-WIDEN.dll [MD5.45DC6C69CE5759666EC758BAD657B040] - [10/04/2017 17:38:05] - |A| - [31744] - C:\WINDOWS\syswow64\msvidc32_FromLFSULTRA-WIDEN.dll [MD5.59D16C3D5CC0D573256A01783ED5CCB4] - [10/04/2017 17:38:07] - |A| - [2291712] - C:\WINDOWS\syswow64\MSVidCtl_FromLFSULTRA-WIDEN.dll [MD5.AD060CFCE701410D7FA4B3461AB83EF5] - [10/04/2017 17:38:07] - |A| - [126912] - C:\WINDOWS\syswow64\msvideo.dll [MD5.DC8D14CF8C064E7A8D0D4FE2659E964E] - [10/04/2017 17:38:10] - |A| - [856064] - C:\WINDOWS\syswow64\mswdat10_FromLFSULTRA-WIDEN.dll [MD5.7637083803C413B4FCFF04B2C5583B0B] - [10/04/2017 17:38:11] - |A| - [296960] - C:\WINDOWS\syswow64\mswmdm_FromLFSULTRA-WIDEN.dll [MD5.A88241C2A519AFD2C99A40000F9113E6] - [10/04/2017 17:38:12] - |A| - [231424] - C:\WINDOWS\syswow64\mswsock_FromLFSULTRA-WIDEN.dll [MD5.1F55C7C1E338047DC5E329011A781FB3] - [10/04/2017 17:38:12] - |A| - [618496] - C:\WINDOWS\syswow64\mswstr10_FromLFSULTRA-WIDEN.dll [MD5.C55584B828FE0AC65EA2AF3BD53598BD] - [10/04/2017 17:38:12] - |A| - [454656] - C:\WINDOWS\syswow64\msxbde40_FromLFSULTRA-WIDEN.dll [MD5.D25FCA441C69C3E6E78DE1BBCBF97BBC] - [10/04/2017 17:38:15] - |A| - [2048] - C:\WINDOWS\syswow64\msxml3r_FromLFSULTRA-WIDEN.dll [MD5.8007E4C5C9B40FB30F816F6E74284DF1] - [10/04/2017 17:38:14] - |A| - [1240576] - C:\WINDOWS\syswow64\msxml3_FromLFSULTRA-WIDEN.dll [MD5.127EE7F36CEA127ECCA55BECBC230398] - [10/04/2017 17:38:17] - |A| - [2048] - C:\WINDOWS\syswow64\msxml6r_FromLFSULTRA-WIDEN.dll [MD5.121E2E789BE080EB86DA71F95B611DF2] - [10/04/2017 17:38:16] - |A| - [1390592] - C:\WINDOWS\syswow64\msxml6_FromLFSULTRA-WIDEN.dll [MD5.D30117DB43F48C4DBA9B41C08156A339] - [10/04/2017 17:38:17] - |A| - [22528] - C:\WINDOWS\syswow64\msyuv_FromLFSULTRA-WIDEN.dll [MD5.85F2B30BA390452AE0786A63CE3BC0C6] - [10/04/2017 17:38:18] - |A| - [125440] - C:\WINDOWS\syswow64\mtstocom_FromLFSULTRA-WIDEN.exe [MD5.8483DD8F87DBE86AAB55BBF95C207061] - [10/04/2017 17:38:18] - |A| - [320512] - C:\WINDOWS\syswow64\mtxclu_FromLFSULTRA-WIDEN.dll [MD5.C584CC5A25F9622D44424DD83146D0D9] - [10/04/2017 17:38:19] - |A| - [22528] - C:\WINDOWS\syswow64\mtxdm_FromLFSULTRA-WIDEN.dll [MD5.CB4F15EC934BD2C11DF20FEFFF490BDE] - [10/04/2017 17:38:19] - |A| - [6656] - C:\WINDOWS\syswow64\mtxex_FromLFSULTRA-WIDEN.dll [MD5.2CA39F667C7360CB7CA5021472CF2E41] - [10/04/2017 17:38:19] - |A| - [27648] - C:\WINDOWS\syswow64\mtxlegih_FromLFSULTRA-WIDEN.dll [MD5.C8D06454D122EE572A117CB2BD198E2E] - [10/04/2017 17:38:19] - |A| - [114176] - C:\WINDOWS\syswow64\mtxoci_FromLFSULTRA-WIDEN.dll [MD5.5F8B3561CD7024C0F488A2E43434AE22] - [10/04/2017 17:38:20] - |A| - [13312] - C:\WINDOWS\syswow64\muifontsetup_FromLFSULTRA-WIDEN.dll [MD5.AC9B43B6B87F18222AAEF6AFAD552B3E] - [10/04/2017 17:38:21] - |A| - [10240] - C:\WINDOWS\syswow64\MUILanguageCleanup.dll [MD5.7BD10646253ED4F6FD361279181362E7] - [10/04/2017 17:38:21] - |A| - [70656] - C:\WINDOWS\syswow64\MuiUnattend_FromLFSULTRA-WIDEN.exe [MD5.C2EF686098DDABD5851E6BCA2F8620C2] - [10/04/2017 17:38:22] - |A| - [53248] - C:\WINDOWS\syswow64\MultiDigiMon.exe [MD5.0BBDB0F5A25A2FE0502F44CA7D04AB61] - [10/04/2017 17:38:22] - |A| - [229888] - C:\WINDOWS\syswow64\mycomput_FromLFSULTRA-WIDEN.dll [MD5.50BB4FBC720D23497EEB5C9DAC497405] - [10/04/2017 17:38:23] - |A| - [136192] - C:\WINDOWS\syswow64\mydocs_FromLFSULTRA-WIDEN.dll [MD5.D15880276D208AF03521B8F922C1F3B5] - [10/04/2017 17:38:23] - |A| - [221184] - C:\WINDOWS\syswow64\Mystify_FromLFSULTRA-WIDEN.scr [MD5.6579C0CE76E8D6A6A664475D7237F7E3] - [10/04/2017 17:38:23] - |A| - [63411] - C:\WINDOWS\syswow64\NAPCLCFG.MSC [MD5.93C4029DABC19166076BE347283AB969] - [10/04/2017 17:38:24] - |A| - [46080] - C:\WINDOWS\syswow64\NAPCRYPT_FromLFSULTRA-WIDEN.DLL [MD5.9E122E5CD1BB79CF8F0BCEAC947B81C0] - [10/04/2017 17:38:24] - |A| - [68096] - C:\WINDOWS\syswow64\napdsnap.dll [MD5.E9CFC1884D1E579E82073103827FA62B] - [10/04/2017 17:38:24] - |A| - [107008] - C:\WINDOWS\syswow64\NAPHLPR.DLL [MD5.0B7E85364CB878E2AD531DB7B601A9E5] - [10/04/2017 17:38:24] - |A| - [52224] - C:\WINDOWS\syswow64\NapiNSP_FromLFSULTRA-WIDEN.dll [MD5.929759E0775E6D00B4B2F4A08042439F] - [10/04/2017 17:38:25] - |A| - [38912] - C:\WINDOWS\syswow64\napipsec.dll [MD5.B074D5CB2ED9BA71D54B754D89655FA8] - [10/04/2017 17:38:25] - |A| - [158208] - C:\WINDOWS\syswow64\NAPMONTR.DLL [MD5.4AF92E1821D96E4178732FC04D8FD69C] - [10/04/2017 17:38:25] - |A| - [279552] - C:\WINDOWS\syswow64\NAPSTAT.EXE [MD5.95DE3CF54E0A360EED766DBDDF152F0D] - [10/04/2017 17:38:26] - |A| - [1077248] - C:\WINDOWS\syswow64\Narrator.exe [MD5.B503CA3E7460F68AF5CDF23DD7B6362C] - [10/04/2017 17:38:26] - |A| - [13312] - C:\WINDOWS\syswow64\NativeHooks.dll [MD5.8B57A1AD493653BB57F281FE75DD175B] - [10/04/2017 17:38:28] - |A| - [801280] - C:\WINDOWS\syswow64\NaturalLanguage6_FromLFSULTRA-WIDEN.dll [MD5.EC6667C0686A8399FA12AA60FCA3524B] - [10/04/2017 17:38:32] - |A| - [15360] - C:\WINDOWS\syswow64\nbtstat.exe [MD5.5EF8494B08DA187E27A9A07546783C98] - [10/04/2017 17:38:32] - |A| - [19968] - C:\WINDOWS\syswow64\NcdProp_FromLFSULTRA-WIDEN.dll [MD5.45D9F6CD2469CDB6A640DD4BD2B01471] - [10/04/2017 17:38:33] - |A| - [78848] - C:\WINDOWS\syswow64\nci_FromLFSULTRA-WIDEN.dll [MD5.A4CC7227A452C4909F9499D91B184364] - [10/04/2017 17:38:33] - |A| - [49152] - C:\WINDOWS\syswow64\ncobjapi_FromLFSULTRA-WIDEN.dll [MD5.ECE6892B5A336C24AFF77A06B0792B01] - [10/04/2017 17:38:34] - |A| - [100352] - C:\WINDOWS\syswow64\ncpa_FromLFSULTRA-WIDEN.cpl [MD5.33CDDA42E768A997827CC480EC13DAD5] - [10/04/2017 17:38:35] - |A| - [60928] - C:\WINDOWS\syswow64\ncryptui.dll [MD5.B01C6902EBFDC171D4AC3B55B695F017] - [10/04/2017 17:38:34] - |A| - [223232] - C:\WINDOWS\syswow64\ncrypt_FromLFSULTRA-WIDEN.dll [MD5.140D9F911182357626165EA0BEB98C4F] - [10/04/2017 17:38:35] - |A| - [156672] - C:\WINDOWS\syswow64\ncsi.dll [MD5.86572181EB7F155A437AB5A228958278] - [10/04/2017 17:38:35] - |A| - [75264] - C:\WINDOWS\syswow64\ndadmin_FromLFSULTRA-WIDEN.exe [MD5.B895C1F724F9BE2F0C93A949314FD0B4] - [10/04/2017 17:38:35] - |A| - [8192] - C:\WINDOWS\syswow64\nddeapi_FromLFSULTRA-WIDEN.dll [MD5.CC6301055E753EB22AA77A1C00FCDD39] - [10/04/2017 17:38:35] - |A| - [200192] - C:\WINDOWS\syswow64\ndfapi_FromLFSULTRA-WIDEN.dll [MD5.3D2C126424666944EFF0A3C5D15CBFFA] - [10/04/2017 17:38:35] - |A| - [29696] - C:\WINDOWS\syswow64\ndfetw_FromLFSULTRA-WIDEN.dll [MD5.86166DAA04A6C154826508304CC6D4AC] - [10/04/2017 17:38:36] - |A| - [565] - C:\WINDOWS\syswow64\NdfEventView_FromLFSULTRA-WIDEN.xml [MD5.FFA41043B3AC524585E36CBCA2032253] - [10/04/2017 17:38:37] - |A| - [94720] - C:\WINDOWS\syswow64\ndfhcdiscovery_FromLFSULTRA-WIDEN.dll [MD5.F7FE730CE31B54145DEE1F1482BCCDD7] - [10/04/2017 17:38:37] - |A| - [41984] - C:\WINDOWS\syswow64\ndiscapCfg.dll [MD5.BF517D3316953B137183DD0067FD0546] - [10/04/2017 17:38:38] - |A| - [71168] - C:\WINDOWS\syswow64\ndishc_FromLFSULTRA-WIDEN.dll [MD5.DF9A738DF53AF5C3BEA11C4F4F064469] - [10/04/2017 17:38:38] - |A| - [12288] - C:\WINDOWS\syswow64\ndproxystub_FromLFSULTRA-WIDEN.dll [MD5.AA11A26692E0DB2996CAEFE9EC61F61F] - [10/04/2017 17:38:38] - |A| - [50688] - C:\WINDOWS\syswow64\ndptsp.tsp [MD5.6DCFAEC6D1334AA6CDF8961DB4633CBF] - [10/04/2017 17:38:39] - |A| - [93696] - C:\WINDOWS\syswow64\negoexts_FromLFSULTRA-WIDEN.dll [MD5.2041012726EF7C95ED51C15C56545A7F] - [10/04/2017 17:38:39] - |A| - [142336] - C:\WINDOWS\syswow64\net1_FromLFSULTRA-WIDEN.exe [MD5.D8F01AB82D5699A6A278651777D00B67] - [10/04/2017 17:38:39] - |A| - [108464] - C:\WINDOWS\syswow64\netapi.dll [MD5.2FCA0D2C59A855C54BAFA22AA329DF0F] - [10/04/2017 17:38:40] - |A| - [57344] - C:\WINDOWS\syswow64\netapi32_FromLFSULTRA-WIDEN.dll [MD5.807B6562009E5858C93E1C0F435C0382] - [10/04/2017 17:38:40] - |A| - [14336] - C:\WINDOWS\syswow64\netbios_FromLFSULTRA-WIDEN.dll [MD5.895962CB2049447EFD2DBE61DEDE596A] - [10/04/2017 17:38:40] - |A| - [26624] - C:\WINDOWS\syswow64\netbtugc_FromLFSULTRA-WIDEN.exe [MD5.5ABBEF3B5984C29BD9D7CB1C7F35B323] - [10/04/2017 17:38:41] - |A| - [1644032] - C:\WINDOWS\syswow64\netcenter_FromLFSULTRA-WIDEN.dll [MD5.71C39495C1BC7C3979B4CFAF59B1265B] - [10/04/2017 17:38:42] - |A| - [25600] - C:\WINDOWS\syswow64\netcfg.exe [MD5.1FF7E4F548C7C372C804938F0D5B36AE] - [10/04/2017 17:38:43] - |A| - [406528] - C:\WINDOWS\syswow64\netcfgx_FromLFSULTRA-WIDEN.dll [MD5.CC84E67F8E7FA340175FF1CF1A852E32] - [10/04/2017 17:38:43] - |A| - [175104] - C:\WINDOWS\syswow64\netcorehc_FromLFSULTRA-WIDEN.dll [MD5.C6FA3CBF5C6BD7B9BCB63441C6D67EA7] - [10/04/2017 17:38:44] - |A| - [225792] - C:\WINDOWS\syswow64\netdiagfx_FromLFSULTRA-WIDEN.dll [MD5.C7AE262FC7A2AFA9F4192A44466AC5DC] - [10/04/2017 17:38:44] - |A| - [18944] - C:\WINDOWS\syswow64\netevent_FromLFSULTRA-WIDEN.dll [MD5.C02F50BBC064689FE3FCD89348C884EB] - [10/04/2017 17:38:45] - |A| - [49488] - C:\WINDOWS\syswow64\netfxperf_FromLFSULTRA-WIDEN.dll [MD5.6C4B067364ED6503D6D62737A78E930E] - [10/04/2017 17:38:45] - |A| - [2048] - C:\WINDOWS\syswow64\neth_FromLFSULTRA-WIDEN.dll [MD5.67BCB4490E9C7307E39C150CC09BEF9A] - [10/04/2017 17:38:45] - |A| - [117248] - C:\WINDOWS\syswow64\netid_FromLFSULTRA-WIDEN.dll [MD5.38CACBEB75E3F85CBF7E65522DFDA1B0] - [10/04/2017 17:38:45] - |A| - [166400] - C:\WINDOWS\syswow64\netiohlp_FromLFSULTRA-WIDEN.dll [MD5.D4496F4DC6B90F6915CEB1DB20B44C07] - [10/04/2017 17:38:46] - |A| - [25600] - C:\WINDOWS\syswow64\netiougc_FromLFSULTRA-WIDEN.exe [MD5.E343CABBD8D600ABAF3F11625D33B3D0] - [10/04/2017 17:38:46] - |A| - [161792] - C:\WINDOWS\syswow64\netjoin_FromLFSULTRA-WIDEN.dll [MD5.C1809B9907ADEDAF16F50C894100883B] - [10/04/2017 17:38:46] - |A| - [563712] - C:\WINDOWS\syswow64\netlogon_FromLFSULTRA-WIDEN.dll [MD5.7CCCFCA7510684768DA22092D1FA4DB2] - [10/04/2017 17:38:47] - |A| - [280576] - C:\WINDOWS\syswow64\netman.dll [MD5.E4B72E71EC37A59FE574A998A0C0EB9B] - [10/04/2017 17:38:48] - |A| - [2048] - C:\WINDOWS\syswow64\netmsg_FromLFSULTRA-WIDEN.dll [MD5.E62AA52713617C1F402829EBF79653AB] - [10/04/2017 17:38:48] - |A| - [175616] - C:\WINDOWS\syswow64\netplwiz_FromLFSULTRA-WIDEN.dll [MD5.C07C229CA118FC4F3C43B5B8DD27EBA0] - [10/04/2017 17:38:48] - |A| - [26112] - C:\WINDOWS\syswow64\Netplwiz_FromLFSULTRA-WIDEN.exe [MD5.1FDA175324FAC331DC41B076103E7123] - [10/04/2017 17:38:49] - |A| - [481792] - C:\WINDOWS\syswow64\netprof.dll [MD5.8C338238C16777A802D6A9211EB2BA50] - [10/04/2017 17:38:49] - |A| - [360448] - C:\WINDOWS\syswow64\netprofm_FromLFSULTRA-WIDEN.dll [MD5.EAB975DB4C2805927FE5BD047D05C9AA] - [10/04/2017 17:38:50] - |A| - [2494464] - C:\WINDOWS\syswow64\netshell_FromLFSULTRA-WIDEN.dll [MD5.784A50A6A09C25F011C3143DDD68E729] - [10/04/2017 17:38:50] - |A| - [96256] - C:\WINDOWS\syswow64\netsh_FromLFSULTRA-WIDEN.exe [MD5.32297BB17E6EC700D0FC869F9ACAF561] - [10/04/2017 17:38:51] - |A| - [27136] - C:\WINDOWS\syswow64\NETSTAT_FromLFSULTRA-WIDEN.EXE [MD5.7EFDA98AC1A9C8F5875246BA0B7C4144] - [10/04/2017 17:38:54] - |A| - [542720] - C:\WINDOWS\syswow64\nettrace.dll [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - [10/04/2017 17:38:54] - |A| - [21812] - C:\WINDOWS\syswow64\NetTrace.PLA.Diagnostics.xml [MD5.20B3934DB73EABA2B49B7177873CB81F] - [10/04/2017 17:38:55] - |A| - [22528] - C:\WINDOWS\syswow64\netutils_FromLFSULTRA-WIDEN.dll [MD5.8902A26DE72BDFFEBDEF83B16A2D4AEF] - [10/04/2017 17:38:55] - |A| - [675840] - C:\WINDOWS\syswow64\NETw5c32.dll [MD5.66B0D0B1859CA82A7CA1344D581D02E8] - [10/04/2017 17:38:56] - |A| - [2756608] - C:\WINDOWS\syswow64\NETw5r32.dll [MD5.3D57FFBAD3ED16B63DE3879BAB0FB56F] - [10/04/2017 17:38:57] - |A| - [1661440] - C:\WINDOWS\syswow64\networkexplorer_FromLFSULTRA-WIDEN.dll [MD5.145642B84939D50AFDA2D6163406CCED] - [10/04/2017 17:39:01] - |A| - [40960] - C:\WINDOWS\syswow64\networkitemfactory_FromLFSULTRA-WIDEN.dll [MD5.EA72CAE0FFA2D86522888320ADE6B33E] - [10/04/2017 17:39:06] - |A| - [2130944] - C:\WINDOWS\syswow64\networkmap.dll [MD5.B9A4DAC2192FD78CDA097BFA79F6E7B2] - [10/04/2017 17:38:39] - |A| - [46080] - C:\WINDOWS\syswow64\net_FromLFSULTRA-WIDEN.exe [MD5.A6154A954F08E99D27CEA4D3B9563172] - [10/04/2017 17:39:09] - |A| - [313856] - C:\WINDOWS\syswow64\newdev_FromLFSULTRA-WIDEN.dll [MD5.38926BA136342B3F6A750098195B29A1] - [10/04/2017 17:39:09] - |A| - [76800] - C:\WINDOWS\syswow64\newdev_FromLFSULTRA-WIDEN.exe [MD5.50E0DD0A5B8D8BC353578F2F73926697] - [10/04/2017 17:39:16] - |A| - [52224] - C:\WINDOWS\syswow64\nlaapi_FromLFSULTRA-WIDEN.dll [MD5.127303C0E71F7926FB3EB9F8850A0DD6] - [10/04/2017 17:39:17] - |A| - [102400] - C:\WINDOWS\syswow64\nlahc.dll [MD5.F115C5CD29E512F18BD7138A094B77E5] - [10/04/2017 17:39:19] - |A| - [242688] - C:\WINDOWS\syswow64\nlasvc.dll [MD5.E96BC9A8B03B20E7BC6CD8A97D7C1C6B] - [10/04/2017 17:39:20] - |A| - [134144] - C:\WINDOWS\syswow64\nlhtml_FromLFSULTRA-WIDEN.dll [MD5.931602A130506DA6CF35F0872A5B32DD] - [10/04/2017 17:39:20] - |A| - [156672] - C:\WINDOWS\syswow64\nlmgp_FromLFSULTRA-WIDEN.dll [MD5.03A82E3CC477A5A5CE82FBA332106DA2] - [10/04/2017 17:39:20] - |A| - [11264] - C:\WINDOWS\syswow64\nlmsprep_FromLFSULTRA-WIDEN.dll [MD5.D35F4DFF5D7B3D6503CF9888B833C801] - [10/04/2017 17:39:21] - |A| - [69120] - C:\WINDOWS\syswow64\nlsbres_FromLFSULTRA-WIDEN.dll [MD5.28CAAA8B3DAC4604B6871F311C6B9F49] - [10/04/2017 17:39:21] - |A| - [1537536] - C:\WINDOWS\syswow64\NlsData0000_FromLFSULTRA-WIDEN.dll [MD5.4C3D247687C878B14BD8D1168D6F1602] - [10/04/2017 17:39:23] - |A| - [2609664] - C:\WINDOWS\syswow64\NlsData0001.dll [MD5.D8BFBE7A53778696ED382EDA4910AC9F] - [10/04/2017 17:39:25] - |A| - [1977856] - C:\WINDOWS\syswow64\NlsData0002.dll [MD5.0BDF121EBD33DA510BD82051C795E199] - [10/04/2017 17:39:29] - |A| - [1977856] - C:\WINDOWS\syswow64\NlsData0003.dll [MD5.6F778263DEB34EDA9EA7156FF3ABB26B] - [10/04/2017 17:39:29] - |A| - [2255360] - C:\WINDOWS\syswow64\NlsData0007.dll [MD5.2992932C1AB1D29A1A4A9E8CB8530CBF] - [10/04/2017 17:39:29] - |A| - [4888576] - C:\WINDOWS\syswow64\NlsData0009.dll [MD5.CCCD41DB1BFEF9FE46E4AEBBCA7699B4] - [10/04/2017 17:39:37] - |A| - [10240512] - C:\WINDOWS\syswow64\NlsData000a.dll [MD5.61B33014F2D2A4F9553F6EF64FB82E31] - [10/04/2017 17:39:40] - |A| - [2654208] - C:\WINDOWS\syswow64\NlsData000c_FromLFSULTRA-WIDEN.dll [MD5.E7887A403E9CB9C71E970AA64040A2D7] - [10/04/2017 17:39:51] - |A| - [2353152] - C:\WINDOWS\syswow64\NlsData000d.dll [MD5.07E5504F46DB3DFF9FF6C73DD9398ED1] - [10/04/2017 17:39:54] - |A| - [1977856] - C:\WINDOWS\syswow64\NlsData000f.dll [MD5.D8F67CCCCF4DE5EBD0E1F79121AFA79E] - [10/04/2017 17:39:57] - |A| - [4507648] - C:\WINDOWS\syswow64\NlsData0010.dll [MD5.07ACE62C3C619013CEBAE109515C49B3] - [10/04/2017 17:40:00] - |A| - [2670592] - C:\WINDOWS\syswow64\NlsData0011.dll [MD5.8133EA1A6258D0F536EC51BE0A67855A] - [10/04/2017 17:40:04] - |A| - [3476480] - C:\WINDOWS\syswow64\NlsData0013.dll [MD5.A79FFFBA93697FB09584F11BD09AB636] - [10/04/2017 17:40:07] - |A| - [1977856] - C:\WINDOWS\syswow64\NlsData0018.dll [MD5.96878AD07B7BF5DB66ED67620F474F01] - [10/04/2017 17:40:09] - |A| - [4509696] - C:\WINDOWS\syswow64\NlsData0019.dll [MD5.28C53E0F0BBC13EA7ACE9150E23A2B35] - [10/04/2017 17:40:13] - |A| - [1977856] - C:\WINDOWS\syswow64\NlsData001a.dll [MD5.6687AF3B9617379577FFA53B84F562FC] - [10/04/2017 17:40:18] - |A| - [1977856] - C:\WINDOWS\syswow64\NlsData001b.dll [MD5.D0E2272A41640708F630258101E96E15] - [10/04/2017 17:40:19] - |A| - [4507648] - C:\WINDOWS\syswow64\NlsData001d.dll [MD5.3FC356BF40925D37A30941EF9C8B9F06] - [10/04/2017 17:40:24] - |A| - [3116544] - C:\WINDOWS\syswow64\NlsData0020.dll [MD5.816FA57475CE5032E063BF69BFCD4C85] - [10/04/2017 17:40:27] - |A| - [1811968] - C:\WINDOWS\syswow64\NlsData0021.dll [MD5.196F496F8757A469B6ABAABFC063C6A4] - [10/04/2017 17:40:31] - |A| - [1811968] - C:\WINDOWS\syswow64\NlsData0022.dll [MD5.5CD609F834007221D6C5F52BACB3AFB9] - [10/04/2017 17:40:32] - |A| - [1977856] - C:\WINDOWS\syswow64\NlsData0024.dll [MD5.07BA983D1111FB9C7ECF0B3B36EA9CAD] - [10/04/2017 17:40:34] - |A| - [1977856] - C:\WINDOWS\syswow64\NlsData0026.dll [MD5.917F27908F54CD8DF1BA8EEDE9C1937F] - [10/04/2017 17:40:35] - |A| - [1979392] - C:\WINDOWS\syswow64\NlsData0027.dll [MD5.A4D7E12EDCA8BDA7EECEE69BB8D32353] - [10/04/2017 17:40:39] - |A| - [1811968] - C:\WINDOWS\syswow64\NlsData002a.dll [MD5.C3E4D001D26F867E723C30ED378B42BE] - [10/04/2017 17:40:40] - |A| - [3116544] - C:\WINDOWS\syswow64\NlsData0039.dll [MD5.0491BE9358A7620737D3994F39AFF3B0] - [10/04/2017 17:40:40] - |A| - [1811968] - C:\WINDOWS\syswow64\NlsData003e.dll [MD5.E9BAFFA7646010D8235297C730777F1A] - [10/04/2017 17:40:46] - |A| - [3116544] - C:\WINDOWS\syswow64\NlsData0045.dll [MD5.97E5EBE51A63B0177B5F54DBC02548F1] - [10/04/2017 17:40:47] - |A| - [3116544] - C:\WINDOWS\syswow64\NlsData0046.dll [MD5.F461BB0F43BA2C7F7F0BBCC0387E33DE] - [10/04/2017 17:40:49] - |A| - [3116544] - C:\WINDOWS\syswow64\NlsData0047.dll [MD5.179B99C505807B3478BA87D506B9A789] - [10/04/2017 17:40:55] - |A| - [3116544] - C:\WINDOWS\syswow64\NlsData0049.dll [MD5.606EAA5645B3A82252388203876C70EC] - [10/04/2017 17:40:56] - |A| - [3116544] - C:\WINDOWS\syswow64\NlsData004a.dll [MD5.37138F99134F694432916191CC77E7F0] - [10/04/2017 17:41:00] - |A| - [3116544] - C:\WINDOWS\syswow64\NlsData004b.dll [MD5.A2E4D00AE53D5DBC32407E961CB2BA54] - [10/04/2017 17:41:03] - |A| - [3116544] - C:\WINDOWS\syswow64\NlsData004c.dll [MD5.93E2B24DB34474495FCECFD07A2E4F74] - [10/04/2017 17:41:08] - |A| - [3116544] - C:\WINDOWS\syswow64\NlsData004e.dll [MD5.5D262E030A4D8110130340E9FFBA1A51] - [10/04/2017 17:41:08] - |A| - [4507648] - C:\WINDOWS\syswow64\NlsData0414.dll [MD5.420DB712B24607220C11FC08A9F9371C] - [10/04/2017 17:41:11] - |A| - [4507648] - C:\WINDOWS\syswow64\NlsData0416.dll [MD5.76CFDB52D5013CB3E4ADD9FFBF0523F2] - [10/04/2017 17:41:18] - |A| - [4507648] - C:\WINDOWS\syswow64\NlsData0816.dll [MD5.5E8772FE022B032B6F4AA6EBDB862950] - [10/04/2017 17:41:27] - |A| - [1977856] - C:\WINDOWS\syswow64\NlsData081a.dll [MD5.D91426520FDD0BCD0D27E92526C08D18] - [10/04/2017 17:41:27] - |A| - [1977856] - C:\WINDOWS\syswow64\NlsData0c1a.dll [MD5.D458B563613E898EE7C627359AF5973D] - [10/04/2017 17:41:29] - |A| - [26112] - C:\WINDOWS\syswow64\Nlsdl_FromLFSULTRA-WIDEN.dll [MD5.5E835121A3899CFA37E285E0CA2B4E7D] - [10/04/2017 17:41:31] - |A| - [7052] - C:\WINDOWS\syswow64\nlsfunc.exe [MD5.78E11D9006139A7FB638F0BDA9179D27] - [10/04/2017 17:41:31] - |A| - [11722752] - C:\WINDOWS\syswow64\NlsLexicons0001.dll [MD5.67C1B06EDB4D3F5CF2296EAF38275540] - [10/04/2017 17:41:31] - |A| - [4164096] - C:\WINDOWS\syswow64\NlsLexicons0002.dll [MD5.E08BD8A403E169971B499E59203B0FB8] - [10/04/2017 17:41:40] - |A| - [1452544] - C:\WINDOWS\syswow64\NlsLexicons0003.dll [MD5.5E09C2AB22939CB7A637B7F1C5AE7D4F] - [10/04/2017 17:41:43] - |A| - [12038656] - C:\WINDOWS\syswow64\NlsLexicons0007.dll [MD5.C8CB301BF896C7C556BBE963FADF5BB6] - [10/04/2017 17:41:49] - |A| - [2628608] - C:\WINDOWS\syswow64\NlsLexicons0009.dll [MD5.3DF31EF7B0FCE66CDC89737C72D82C25] - [10/04/2017 17:41:58] - |A| - [9892864] - C:\WINDOWS\syswow64\NlsLexicons000a.dll [MD5.AC7D0114246661B1E29A0939039157C5] - [10/04/2017 17:42:02] - |A| - [6237696] - C:\WINDOWS\syswow64\NlsLexicons000c_FromLFSULTRA-WIDEN.dll [MD5.AF16DAFC064E2E8A67AE17F8991E2386] - [10/04/2017 17:42:09] - |A| - [1722368] - C:\WINDOWS\syswow64\NlsLexicons000d.dll [MD5.B98CA8FB31309879139108FF3065ED14] - [10/04/2017 17:42:17] - |A| - [5654528] - C:\WINDOWS\syswow64\NlsLexicons000f.dll [MD5.8EA11B7DF3200D72D10FB7D33F750EF4] - [10/04/2017 17:42:18] - |A| - [4175872] - C:\WINDOWS\syswow64\NlsLexicons0010.dll [MD5.298175F3ED5B66025F7914B2AD44EFB1] - [10/04/2017 17:42:25] - |A| - [2466816] - C:\WINDOWS\syswow64\NlsLexicons0011.dll [MD5.1AB5B6EC4981D49A0D04DEE0E1085BEC] - [10/04/2017 17:42:28] - |A| - [4981248] - C:\WINDOWS\syswow64\NlsLexicons0013.dll [MD5.A4308D8E2B90C3365B124AD2448ED1A2] - [10/04/2017 17:42:31] - |A| - [3331072] - C:\WINDOWS\syswow64\NlsLexicons0018.dll [MD5.EAA30F4C4ED4BE28574E4815D152309B] - [10/04/2017 17:42:32] - |A| - [6781440] - C:\WINDOWS\syswow64\NlsLexicons0019.dll [MD5.6A60563AAE7F396B81273876D269C2FE] - [10/04/2017 17:42:42] - |A| - [6014976] - C:\WINDOWS\syswow64\NlsLexicons001a.dll [MD5.88DEA9BB0501708383A45B16173E3F95] - [10/04/2017 17:42:46] - |A| - [6585856] - C:\WINDOWS\syswow64\NlsLexicons001b.dll [MD5.7AD593A3BF85A6CCB279374C16C83054] - [10/04/2017 17:42:48] - |A| - [6346240] - C:\WINDOWS\syswow64\NlsLexicons001d.dll [MD5.727C11DF890A50B80D859BCBD75EB021] - [10/04/2017 17:42:58] - |A| - [1236992] - C:\WINDOWS\syswow64\NlsLexicons0020.dll [MD5.5003ADEC6FF342D5C0BBAB94B76FE5E0] - [10/04/2017 17:43:03] - |A| - [2136064] - C:\WINDOWS\syswow64\NlsLexicons0021.dll [MD5.D6C97E02894BE5722CB147692A50C667] - [10/04/2017 17:43:03] - |A| - [5499904] - C:\WINDOWS\syswow64\NlsLexicons0022.dll [MD5.32D130A48BC722CFB51E6DF24BF6FDD8] - [10/04/2017 17:43:08] - |A| - [7964672] - C:\WINDOWS\syswow64\NlsLexicons0024.dll [MD5.3AC6B492C7AE10D56C110DA6A96A356C] - [10/04/2017 17:43:12] - |A| - [5791232] - C:\WINDOWS\syswow64\NlsLexicons0026.dll [MD5.F334F0D5F2DA3563F8A364988A8539DE] - [10/04/2017 17:43:15] - |A| - [6224896] - C:\WINDOWS\syswow64\NlsLexicons0027.dll [MD5.F02C8DC1DB4B4E35202A28B0E2F8AE3D] - [10/04/2017 17:43:27] - |A| - [4096] - C:\WINDOWS\syswow64\NlsLexicons002a.dll [MD5.64D0A542625E94B149F61DBB648999EA] - [10/04/2017 17:43:27] - |A| - [1782272] - C:\WINDOWS\syswow64\NlsLexicons0039.dll [MD5.45AA072DE1B00F32023B7BC8F4BABD3A] - [10/04/2017 17:43:27] - |A| - [4045824] - C:\WINDOWS\syswow64\NlsLexicons003e.dll [MD5.DD17D883A491BC880DB38F397442C3A2] - [10/04/2017 17:43:30] - |A| - [1793536] - C:\WINDOWS\syswow64\NlsLexicons0045.dll [MD5.66A093F523D861FB10B5EE794F9F9B95] - [10/04/2017 17:43:35] - |A| - [1808896] - C:\WINDOWS\syswow64\NlsLexicons0046.dll [MD5.A9A8D5FAE2D9122C92159C5865E6D34A] - [10/04/2017 17:43:36] - |A| - [1411072] - C:\WINDOWS\syswow64\NlsLexicons0047.dll [MD5.037BE1ED9FC68C248770B584A24F9A5C] - [10/04/2017 17:43:39] - |A| - [1558016] - C:\WINDOWS\syswow64\NlsLexicons0049.dll [MD5.C28C71AEBFEC58611F2087ED6D0113BA] - [10/04/2017 17:43:42] - |A| - [3419136] - C:\WINDOWS\syswow64\NlsLexicons004a.dll [MD5.E650DD9AF103BC357D8B763B04AB105A] - [10/04/2017 17:43:49] - |A| - [1702912] - C:\WINDOWS\syswow64\NlsLexicons004b.dll [MD5.3B17466E767A0451DAFAD1DD9F73861F] - [10/04/2017 17:43:51] - |A| - [4093440] - C:\WINDOWS\syswow64\NlsLexicons004c.dll [MD5.42C9198E630F62A76E4DE0EF3DE82C97] - [10/04/2017 17:43:53] - |A| - [1972736] - C:\WINDOWS\syswow64\NlsLexicons004e.dll [MD5.9F93707D3236C7D925720B2A7ABB314F] - [10/04/2017 17:43:58] - |A| - [4616192] - C:\WINDOWS\syswow64\NlsLexicons0414.dll [MD5.859F28C52BDF512B6F14DB7F41D4B2BE] - [10/04/2017 17:43:59] - |A| - [5090816] - C:\WINDOWS\syswow64\NlsLexicons0416.dll [MD5.3498198A8B94AF32512D4470C0F037A0] - [10/04/2017 17:44:02] - |A| - [5031936] - C:\WINDOWS\syswow64\NlsLexicons0816.dll [MD5.8AB2EA7F80DB23D1A2A784D91BEFB812] - [10/04/2017 17:44:11] - |A| - [7042560] - C:\WINDOWS\syswow64\NlsLexicons081a.dll [MD5.AD5CD3D48A08EF83EF4AD312F6317F20] - [10/04/2017 17:44:15] - |A| - [6917120] - C:\WINDOWS\syswow64\NlsLexicons0c1a.dll [MD5.7F944F023A25F78D66E6113CFFB91E88] - [10/04/2017 17:44:22] - |A| - [5071872] - C:\WINDOWS\syswow64\NlsModels0011.dll [MD5.E178A1BD78441E08ACA10F6AF4B88F6E] - [10/04/2017 17:44:30] - |A| - [327168] - C:\WINDOWS\syswow64\nltest.exe [MD5.5A34DB0802A96719F9DC08DFC7F356D1] - [10/04/2017 17:44:31] - |A| - [1696] - C:\WINDOWS\syswow64\NOISE.CHS [MD5.6C114885CC2C983BA24F9A4EDE9A48FA] - [10/04/2017 17:44:31] - |A| - [1696] - C:\WINDOWS\syswow64\NOISE.CHT [MD5.C04D36BBEF5B9BAA8D8DA0B57F22BE20] - [10/04/2017 17:44:32] - |A| - [2060] - C:\WINDOWS\syswow64\noise.jpn [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - [10/04/2017 17:44:32] - |A| - [1486] - C:\WINDOWS\syswow64\noise.kor [MD5.BDD9B70A185CA6DEFEAA59BB55B70644] - [10/04/2017 17:44:32] - |A| - [697] - C:\WINDOWS\syswow64\NOISE.THA [MD5.DE78E0C57BC478D47CC2F470B68E1A45] - [10/04/2017 17:44:32] - |A| - [741] - C:\WINDOWS\syswow64\NOISE_FromLFSULTRA-WIDEN.DAT [MD5.9C278785347BCC991F8EA2999D90F58D] - [10/04/2017 17:44:32] - |A| - [2048] - C:\WINDOWS\syswow64\normaliz_FromLFSULTRA-WIDEN.dll [MD5.DA5748A89E22A3932387E65694B25BBB] - [10/04/2017 17:44:33] - |A| - [59342] - C:\WINDOWS\syswow64\normidna.nls [MD5.AB0188447CFA74E646C9AECA1C232430] - [10/04/2017 17:44:33] - |A| - [47076] - C:\WINDOWS\syswow64\normnfc.nls [MD5.A9BD54B9FDE1A660DFDBECC9E94A8E22] - [10/04/2017 17:44:35] - |A| - [40566] - C:\WINDOWS\syswow64\normnfd.nls [MD5.A52F03C8DF33DCDFCC6C44E947EBA685] - [10/04/2017 17:44:35] - |A| - [67808] - C:\WINDOWS\syswow64\normnfkc.nls [MD5.4D8620E00DD771B58534A00218C60A58] - [10/04/2017 17:44:35] - |A| - [61718] - C:\WINDOWS\syswow64\normnfkd.nls [MD5.D378BFFB70923139D6A4F546864AA61C] - [10/04/2017 17:44:36] - |A| - [179712] - C:\WINDOWS\syswow64\notepad_FromLFSULTRA-WIDEN.exe [MD5.15E298B5EC5B89C5994A59863969D9FF] - [10/04/2017 17:44:36] - |A| - [16896] - C:\WINDOWS\syswow64\npmproxy_FromLFSULTRA-WIDEN.dll [MD5.D2A937964199F647B1C3BC435712E5D9] - [10/04/2017 17:44:37] - |A| - [11776] - C:\WINDOWS\syswow64\nrpsrv.dll [MD5.7EBC7D72BDD0A0A847E00F43F350EF22] - [10/04/2017 17:44:37] - |A| - [27136] - C:\WINDOWS\syswow64\nshhttp_FromLFSULTRA-WIDEN.dll [MD5.404B123E9460395E3A7338B12C681B92] - [10/04/2017 17:44:37] - |A| - [346112] - C:\WINDOWS\syswow64\nshipsec_FromLFSULTRA-WIDEN.dll [MD5.CE2A48CD0D2B39FB77FA4797C6434E71] - [10/04/2017 17:44:39] - |A| - [656896] - C:\WINDOWS\syswow64\nshwfp_FromLFSULTRA-WIDEN.dll [MD5.BA387E955E890C8A88306D9B8D06BF17] - [10/04/2017 17:44:39] - |A| - [19456] - C:\WINDOWS\syswow64\nsisvc.dll [MD5.6377051C63D5552A311935C67E9FDFDC] - [10/04/2017 17:44:39] - |A| - [8704] - C:\WINDOWS\syswow64\nsi_FromLFSULTRA-WIDEN.dll [MD5.5E3830EE3282A53920E00784FEC44CFD] - [10/04/2017 17:44:40] - |A| - [98304] - C:\WINDOWS\syswow64\nslookup_FromLFSULTRA-WIDEN.exe [MD5.B0A6357D7FAD7B37BB6DC68A8FAD1D82] - [10/04/2017 17:44:40] - |A| - [1310232] - C:\WINDOWS\syswow64\ntdll_FromLFSULTRA-WIDEN.dll [MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - [10/04/2017 17:44:41] - |A| - [27866] - C:\WINDOWS\syswow64\NTDOS.SYS [MD5.CF9ED169FF86D935E47999E82359E898] - [10/04/2017 17:44:42] - |A| - [29146] - C:\WINDOWS\syswow64\NTDOS404.SYS [MD5.03B945AC0481CD8BB161C3569D8ED1C3] - [10/04/2017 17:44:42] - |A| - [29370] - C:\WINDOWS\syswow64\NTDOS411.SYS [MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - [10/04/2017 17:44:43] - |A| - [29274] - C:\WINDOWS\syswow64\NTDOS412.SYS [MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - [10/04/2017 17:44:43] - |A| - [29146] - C:\WINDOWS\syswow64\NTDOS804.SYS [MD5.E3E811471DE781900FF21C1FD84E941E] - [10/04/2017 17:44:43] - |A| - [90112] - C:\WINDOWS\syswow64\ntdsapi_FromLFSULTRA-WIDEN.dll [MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - [10/04/2017 17:44:44] - |A| - [33952] - C:\WINDOWS\syswow64\NTIO.SYS [MD5.A98EBD4C2DF983665BF2D1AF49949974] - [10/04/2017 17:44:44] - |A| - [34672] - C:\WINDOWS\syswow64\NTIO404.SYS [MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - [10/04/2017 17:44:44] - |A| - [35776] - C:\WINDOWS\syswow64\NTIO411.SYS [MD5.3E64D681B776CC57BDC38A46D881F85B] - [10/04/2017 17:44:45] - |A| - [35536] - C:\WINDOWS\syswow64\NTIO412.SYS [MD5.D86B6435729231C171432B4E77801BDB] - [10/04/2017 17:44:45] - |A| - [34672] - C:\WINDOWS\syswow64\NTIO804.SYS [MD5.8D8374FD723FEB2800305A8A66CD1ABA] - [10/04/2017 17:44:45] - |A| - [3993536] - C:\WINDOWS\syswow64\ntkrnlpa.exe [MD5.D7B7159BC8374E87D8C45A30377A3440] - [10/04/2017 17:44:47] - |A| - [69120] - C:\WINDOWS\syswow64\ntlanman_FromLFSULTRA-WIDEN.dll [MD5.6122AE5F1D523ED9E5C94EFCCCE099DF] - [10/04/2017 17:44:49] - |A| - [15872] - C:\WINDOWS\syswow64\ntlanui2_FromLFSULTRA-WIDEN.dll [MD5.3FD15B4611D9BDA3F8013548C0ECAECA] - [10/04/2017 17:44:49] - |A| - [121856] - C:\WINDOWS\syswow64\ntmarta_FromLFSULTRA-WIDEN.dll [MD5.A9AE21C45FBF6CE1E6B5C5FEBB38004C] - [10/04/2017 17:44:50] - |A| - [3938752] - C:\WINDOWS\syswow64\ntoskrnl.exe [MD5.89F5770AD1E9D9CEF93D00303135EC33] - [10/04/2017 17:44:52] - |A| - [297472] - C:\WINDOWS\syswow64\ntprint_FromLFSULTRA-WIDEN.dll [MD5.06F4DF2958B69716E9066B215D8E78B2] - [10/04/2017 17:44:54] - |A| - [61952] - C:\WINDOWS\syswow64\ntprint_FromLFSULTRA-WIDEN.exe [MD5.03F3B770DFBED6131653CEDA8CA780F0] - [10/04/2017 17:44:54] - |A| - [442880] - C:\WINDOWS\syswow64\ntshrui_FromLFSULTRA-WIDEN.dll [MD5.66F516A78C1D220FE0F429DF5EF0DE5D] - [10/04/2017 17:44:55] - |A| - [526848] - C:\WINDOWS\syswow64\ntvdm.exe [MD5.2476608083BAAFEEC6EF1B0D0AC6CCFC] - [10/04/2017 17:44:56] - |A| - [14848] - C:\WINDOWS\syswow64\ntvdmd.dll [MD5.257F3A8BC69468D7BDD812EC13A9E6F7] - [10/04/2017 17:44:56] - |A| - [537600] - C:\WINDOWS\syswow64\objsel_FromLFSULTRA-WIDEN.dll [MD5.1200D9C7DB0ADC1B8143A0A9921BF7DA] - [10/04/2017 17:44:57] - |A| - [127488] - C:\WINDOWS\syswow64\occache_FromLFSULTRA-WIDEN.dll [MD5.1274A7FD37E2DA781282CEE1D2131374] - [10/04/2017 17:44:57] - |A| - [174592] - C:\WINDOWS\syswow64\ocsetapi_FromLFSULTRA-WIDEN.dll [MD5.B4D3BDF863B81BF84658396666CF7200] - [10/04/2017 17:44:58] - |A| - [197632] - C:\WINDOWS\syswow64\ocsetup.exe [MD5.7FDC88E8511D8D53ED25CE1B814B917E] - [10/04/2017 17:44:59] - |A| - [26224] - C:\WINDOWS\syswow64\odbc16gt.dll [MD5.CB985D1C5648FF2214D48A64CCA862B5] - [10/04/2017 17:45:00] - |A| - [24576] - C:\WINDOWS\syswow64\odbc32gt.dll [MD5.7D34AF98A706230CC2DEDFE0CABF87AB] - [10/04/2017 17:44:59] - |A| - [573440] - C:\WINDOWS\syswow64\odbc32_FromLFSULTRA-WIDEN.dll [MD5.76B5A48D429D29F69485BD314B9866A6] - [10/04/2017 17:45:01] - |A| - [86016] - C:\WINDOWS\syswow64\odbcad32_FromLFSULTRA-WIDEN.exe [MD5.0D165AA413563A0A5CAEB2A211B18C96] - [10/04/2017 17:45:02] - |A| - [49152] - C:\WINDOWS\syswow64\odbcbcp_FromLFSULTRA-WIDEN.dll [MD5.6E2C504C11A2D0B3820EDAF66E6DF06B] - [10/04/2017 17:45:02] - |A| - [40960] - C:\WINDOWS\syswow64\odbcconf_FromLFSULTRA-WIDEN.dll [MD5.4F2049E214B45091914E2C0F3409EA98] - [10/04/2017 17:45:02] - |A| - [32768] - C:\WINDOWS\syswow64\odbcconf_FromLFSULTRA-WIDEN.exe [MD5.CE8AC7BCA89A2789235669DAEB1E0A5B] - [10/04/2017 17:45:02] - |A| - [4453] - C:\WINDOWS\syswow64\odbcconf_FromLFSULTRA-WIDEN.rsp [MD5.66ABBF38123D3113BB55EBAFCF37AB92] - [10/04/2017 17:45:03] - |A| - [122880] - C:\WINDOWS\syswow64\odbccp32_FromLFSULTRA-WIDEN.dll [MD5.534BF06B2DEE965A1389A9312545AE03] - [10/04/2017 17:45:03] - |A| - [81920] - C:\WINDOWS\syswow64\odbccr32_FromLFSULTRA-WIDEN.dll [MD5.E2D83DAA6A229CFDAF129189A9245889] - [10/04/2017 17:45:03] - |A| - [86016] - C:\WINDOWS\syswow64\odbccu32_FromLFSULTRA-WIDEN.dll [MD5.ABA457BFC7EC0B5E130B2F1E0F549DFF] - [10/04/2017 17:45:03] - |A| - [229376] - C:\WINDOWS\syswow64\odbcint_FromLFSULTRA-WIDEN.dll [MD5.03F86B6A95728E83364B67FCA192DFE9] - [10/04/2017 17:45:04] - |A| - [24576] - C:\WINDOWS\syswow64\odbcji32_FromLFSULTRA-WIDEN.dll [MD5.3FDB77D0BBEEB36AE35077ABC0BF80EC] - [10/04/2017 17:45:04] - |A| - [319488] - C:\WINDOWS\syswow64\odbcjt32_FromLFSULTRA-WIDEN.dll [MD5.EF37EDC20412A01DDD9A42E8D939A5A3] - [10/04/2017 17:45:05] - |A| - [163840] - C:\WINDOWS\syswow64\odbctrac_FromLFSULTRA-WIDEN.dll [MD5.74F6B38CA5A43A588C2A5F01E2FD77A2] - [10/04/2017 17:45:05] - |A| - [20480] - C:\WINDOWS\syswow64\oddbse32_FromLFSULTRA-WIDEN.dll [MD5.DDD2F0AEB60B592A7B086D3B240CEFFF] - [10/04/2017 17:45:05] - |A| - [20480] - C:\WINDOWS\syswow64\odexl32_FromLFSULTRA-WIDEN.dll [MD5.07181B17E1CC320FC482B362381B9289] - [10/04/2017 17:45:06] - |A| - [20480] - C:\WINDOWS\syswow64\odfox32_FromLFSULTRA-WIDEN.dll [MD5.E4EFD57EC7F397BC026036E53680D067] - [10/04/2017 17:45:06] - |A| - [20480] - C:\WINDOWS\syswow64\odpdx32_FromLFSULTRA-WIDEN.dll [MD5.6FD2A53F066802E34654E622659DF4BC] - [10/04/2017 17:45:07] - |A| - [20480] - C:\WINDOWS\syswow64\odtext32_FromLFSULTRA-WIDEN.dll [MD5.00000000000000000000000000000000] - [10/04/2017 17:45:07] - |D| - [1502011] - C:\WINDOWS\syswow64\OEM [MD5.B4C794930640F5D12D4AC03C7945B882] - [10/04/2017 17:45:37] - |A| - [59392] - C:\WINDOWS\syswow64\oemdspif.dll [MD5.954AD7BE8D3E69BE52A4DE969128E41A] - [10/04/2017 17:45:37] - |A| - [341] - C:\WINDOWS\syswow64\oem_Get_OS_Language.log [MD5.315111B5C7D1DE03D005F85C704FD1BF] - [10/04/2017 17:45:38] - |A| - [204800] - C:\WINDOWS\syswow64\offfilt_FromLFSULTRA-WIDEN.dll [MD5.ED59143843560B5EDB543C2A48CB9E4B] - [10/04/2017 17:45:38] - |A| - [45568] - C:\WINDOWS\syswow64\oflc-nz_FromLFSULTRA-WIDEN.rs [MD5.CBC69A055EF410CBD65593E4808B6DB4] - [10/04/2017 17:45:38] - |A| - [23552] - C:\WINDOWS\syswow64\oflc.rs [MD5.EA76124C4A3772D6E28C206EBD502762] - [10/04/2017 17:45:38] - |A| - [1106944] - C:\WINDOWS\syswow64\ogldrv.dll [MD5.EB38BE7D7CF9EC15442A9D24CB39A2AC] - [10/04/2017 17:45:40] - |A| - [169520] - C:\WINDOWS\syswow64\ole2disp_FromLFSULTRA-WIDEN.dll [MD5.32CFCC848A57F87638E31E8735515F80] - [10/04/2017 17:45:40] - |A| - [153008] - C:\WINDOWS\syswow64\ole2nls_FromLFSULTRA-WIDEN.dll [MD5.87D4F4D78074C0CAC0EAC88ABCF87F7A] - [10/04/2017 17:45:39] - |A| - [42592] - C:\WINDOWS\syswow64\ole2_FromLFSULTRA-WIDEN.dll [MD5.928CF7268086631F54C3D8E17238C6DD] - [10/04/2017 17:45:40] - |A| - [1414144] - C:\WINDOWS\syswow64\ole32_FromLFSULTRA-WIDEN.dll [MD5.7BD82EC8C664C636DCAFC7F0EE11CE3B] - [10/04/2017 17:45:42] - |A| - [9216] - C:\WINDOWS\syswow64\oleacchooks_FromLFSULTRA-WIDEN.dll [MD5.90FB1802D488FFA9029854A77D4F3F27] - [10/04/2017 17:45:43] - |A| - [4096] - C:\WINDOWS\syswow64\oleaccrc_FromLFSULTRA-WIDEN.dll [MD5.CBD010BFBED9657C3813400AAD03CF8A] - [10/04/2017 17:45:42] - |A| - [233472] - C:\WINDOWS\syswow64\oleacc_FromLFSULTRA-WIDEN.dll [MD5.028D74F61952756C9DFFF7969162BB39] - [10/04/2017 17:45:43] - |A| - [571904] - C:\WINDOWS\syswow64\oleaut32_FromLFSULTRA-WIDEN.dll [MD5.D475029D732983ED962A8FF61688C912] - [10/04/2017 17:45:43] - |A| - [82944] - C:\WINDOWS\syswow64\olecli.dll [MD5.79129D660A9C5606146757F88CEDC81C] - [10/04/2017 17:45:44] - |A| - [80384] - C:\WINDOWS\syswow64\olecli32_FromLFSULTRA-WIDEN.dll [MD5.936F728E04ACCF3F38801CFFCF1E3F40] - [10/04/2017 17:45:44] - |A| - [103424] - C:\WINDOWS\syswow64\oledlg_FromLFSULTRA-WIDEN.dll [MD5.153480DBE57BAF0E23D747E98627DB37] - [10/04/2017 17:45:44] - |A| - [107008] - C:\WINDOWS\syswow64\oleprn_FromLFSULTRA-WIDEN.dll [MD5.703FFD301AB900B047337C5D40FD6F96] - [10/04/2017 17:45:45] - |A| - [90112] - C:\WINDOWS\syswow64\olepro32_FromLFSULTRA-WIDEN.dll [MD5.370E6FB6F6FF1B3DAC7F1182AC493BB6] - [10/04/2017 17:45:45] - |A| - [25600] - C:\WINDOWS\syswow64\oleres.dll [MD5.16BF834A84A7DC0D24EDC8E924C90637] - [10/04/2017 17:45:45] - |A| - [24064] - C:\WINDOWS\syswow64\OLESVR.DLL [MD5.7E5AF4B9CF49E402CFCF720781E6D925] - [10/04/2017 17:45:45] - |A| - [28672] - C:\WINDOWS\syswow64\olesvr32_FromLFSULTRA-WIDEN.dll [MD5.B21B85E60DA18D7D338599D95D4CB211] - [10/04/2017 17:45:45] - |A| - [77824] - C:\WINDOWS\syswow64\olethk32_FromLFSULTRA-WIDEN.dll [MD5.A77E0E5B15E6956C19E7269566ABE6C7] - [10/04/2017 17:45:46] - |A| - [1111552] - C:\WINDOWS\syswow64\onexui_FromLFSULTRA-WIDEN.dll [MD5.F748F53FE09D21D8ECBB6421E6792024] - [10/04/2017 17:45:46] - |A| - [199168] - C:\WINDOWS\syswow64\onex_FromLFSULTRA-WIDEN.dll [MD5.4A6554C141450D2B6AA6DE17A298AEDA] - [10/04/2017 17:45:47] - |A| - [218112] - C:\WINDOWS\syswow64\OnLineIDCpl.dll [MD5.2901049544FDF863362FABA2363EB647] - [10/04/2017 17:45:48] - |A| - [843] - C:\WINDOWS\syswow64\onlinesetup.cmd [MD5.468D6989581E6AEA75DE74D4B3722CC3] - [10/04/2017 17:47:02] - |A| - [859648] - C:\WINDOWS\syswow64\OobeFldr_FromLFSULTRA-WIDEN.dll [MD5.00000000000000000000000000000000] - [10/04/2017 17:47:02] - |D| - [28] - C:\WINDOWS\syswow64\oodag [MD5.37485CC09B7E6E70093A4DF62B3CC744] - [10/04/2017 17:47:04] - |A| - [1160192] - C:\WINDOWS\syswow64\OpcServices_FromLFSULTRA-WIDEN.dll [MD5.F9CA7CEEED11F43B63B4A71CA602D092] - [10/04/2017 17:47:05] - |A| - [62464] - C:\WINDOWS\syswow64\openfiles_FromLFSULTRA-WIDEN.exe [MD5.D1BBE227367ED791D5FCF08E132D2956] - [10/04/2017 17:47:08] - |A| - [791552] - C:\WINDOWS\syswow64\opengl32_FromLFSULTRA-WIDEN.dll [MD5.C8F0D6E8DE5F07F449AB5E82AA902C43] - [10/04/2017 17:47:08] - |A| - [97280] - C:\WINDOWS\syswow64\OptionalFeatures.exe [MD5.4160FCCC8F8DE0A7A1C507A55936BAC5] - [10/04/2017 17:47:09] - |A| - [19456] - C:\WINDOWS\syswow64\osbaseln_FromLFSULTRA-WIDEN.dll [MD5.C6A991D7DF17EBD8DE4739CD1F283133] - [10/04/2017 17:47:09] - |A| - [646144] - C:\WINDOWS\syswow64\osk_FromLFSULTRA-WIDEN.exe [MD5.314F7171E006A445511026362E49C7C6] - [10/04/2017 17:47:10] - |A| - [6656] - C:\WINDOWS\syswow64\osuninst_FromLFSULTRA-WIDEN.dll [MD5.1B0EC94520CAB89A9CE1B2DA405166AF] - [10/04/2017 17:47:11] - |A| - [412672] - C:\WINDOWS\syswow64\p2pcollab.dll [MD5.1372E8E8FD066002131E3D509275E697] - [10/04/2017 17:47:11] - |A| - [334848] - C:\WINDOWS\syswow64\P2PGraph_FromLFSULTRA-WIDEN.dll [MD5.32DEE5D6B7E38027723972192CEEDE88] - [10/04/2017 17:47:11] - |A| - [152064] - C:\WINDOWS\syswow64\p2phost.exe [MD5.0AA8C5587D3487146051CECEF87EB522] - [10/04/2017 17:47:13] - |A| - [136704] - C:\WINDOWS\syswow64\p2pnetsh_FromLFSULTRA-WIDEN.dll [MD5.59C3DDD501E39E006DAC31BF55150D91] - [10/04/2017 17:47:13] - |A| - [327680] - C:\WINDOWS\syswow64\p2psvc.dll [MD5.08DF1B8C9C0754A7069E80A986373F52] - [10/04/2017 17:47:10] - |A| - [217088] - C:\WINDOWS\syswow64\P2P_FromLFSULTRA-WIDEN.dll [MD5.0F39AC3274312EFFD03928291E8BA7CA] - [10/04/2017 17:47:15] - |A| - [67584] - C:\WINDOWS\syswow64\packager_FromLFSULTRA-WIDEN.dll [MD5.71D7580B439B08E28B5FCB0AA1DB6713] - [10/04/2017 17:47:15] - |A| - [10752] - C:\WINDOWS\syswow64\panmap_FromLFSULTRA-WIDEN.dll [MD5.ED8F284FE9CC1AD44B139DD304271C45] - [10/04/2017 17:47:15] - |A| - [13312] - C:\WINDOWS\syswow64\PATHPING_FromLFSULTRA-WIDEN.EXE [MD5.14486EB6AF542F2BD3239F7FC3E713F7] - [10/04/2017 17:47:15] - |A| - [44032] - C:\WINDOWS\syswow64\pautoenr_FromLFSULTRA-WIDEN.dll [MD5.43B18040C01F0A03EBFF6ACC3D72FD8A] - [10/04/2017 17:47:16] - |A| - [28160] - C:\WINDOWS\syswow64\pcadm.dll [MD5.74FBFE9456D4F9BFACBCBE5E0926D63E] - [10/04/2017 17:47:16] - |A| - [8704] - C:\WINDOWS\syswow64\pcaevts.dll [MD5.AAA6E08650E7707E3FF9102BCAEC4727] - [10/04/2017 17:47:16] - |A| - [8192] - C:\WINDOWS\syswow64\pcalua.exe [MD5.358AB7956D3160000726574083DFC8A6] - [10/04/2017 17:47:16] - |A| - [154624] - C:\WINDOWS\syswow64\pcasvc.dll [MD5.BBD117267323C3CBB901036E22AE5C17] - [10/04/2017 17:47:16] - |A| - [87040] - C:\WINDOWS\syswow64\pcaui_FromLFSULTRA-WIDEN.dll [MD5.A30C8918D376072F51C8BD99A9C30328] - [10/04/2017 17:47:17] - |A| - [15872] - C:\WINDOWS\syswow64\pcaui_FromLFSULTRA-WIDEN.exe [MD5.5F4C484F8EF79E90F1AA34CC92D1D267] - [10/04/2017 17:47:17] - |A| - [9728] - C:\WINDOWS\syswow64\pcawrk.exe [MD5.A029A434A3035429628CA35102FFB907] - [10/04/2017 17:47:17] - |A| - [114] - C:\WINDOWS\syswow64\pcl_FromLFSULTRA-WIDEN.sep [MD5.05F9F372CFDCD42ADD75BB4D2399170F] - [09/04/2017 13:18:57] - |A| - [28672] - C:\WINDOWS\syswow64\PCWinSoftPBar.ocx [MD5.DD37302FE8108C0FE817E1E39E73591E] - [10/04/2017 17:47:17] - |A| - [12288] - C:\WINDOWS\syswow64\pcwrun.exe [MD5.5893EBDCE371174AC89ECD7731DD6D77] - [10/04/2017 17:47:18] - |A| - [33280] - C:\WINDOWS\syswow64\pcwum_FromLFSULTRA-WIDEN.dll [MD5.3074E95FB2DB5B1A39234CA4CCFB8E10] - [10/04/2017 17:47:18] - |A| - [17920] - C:\WINDOWS\syswow64\pcwutl.dll [MD5.7B47059ADEA2983C073562DD40F3FD73] - [10/04/2017 17:47:19] - |A| - [46592] - C:\WINDOWS\syswow64\pdhui_FromLFSULTRA-WIDEN.dll [MD5.487F44B08EFEAF5AD087878357B9403D] - [10/04/2017 17:47:18] - |A| - [236544] - C:\WINDOWS\syswow64\pdh_FromLFSULTRA-WIDEN.dll [MD5.72035C97983745E742D71E9A8EF70BBB] - [10/04/2017 17:47:19] - |A| - [20480] - C:\WINDOWS\syswow64\pegi-fi.rs [MD5.4F5C56DBF076D5BBB1D22B37BF281396] - [10/04/2017 17:47:19] - |A| - [20480] - C:\WINDOWS\syswow64\pegi-pt_FromLFSULTRA-WIDEN.rs [MD5.9B7D7F4D1F79E8B7D727BE94B1630D59] - [10/04/2017 17:47:19] - |A| - [44544] - C:\WINDOWS\syswow64\pegibbfc.rs [MD5.5109C45498BC709C8A7E016D5FFCCAC2] - [10/04/2017 17:47:19] - |A| - [20480] - C:\WINDOWS\syswow64\pegi_FromLFSULTRA-WIDEN.rs [MD5.E8591978F78248294CA3459B0266AA13] - [10/04/2017 17:47:20] - |A| - [121596] - C:\WINDOWS\syswow64\perfc009.dat [MD5.E6000FC19085367E67C02FA2744C06B6] - [10/04/2017 17:47:20] - |A| - [149646] - C:\WINDOWS\syswow64\perfc00C.dat [MD5.013CB5286ABB32259349AD858087068C] - [10/04/2017 17:47:20] - |A| - [600576] - C:\WINDOWS\syswow64\PerfCenterCPL.dll [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - [10/04/2017 17:47:21] - |A| - [116288] - C:\WINDOWS\syswow64\PerfCenterCpl.ico [MD5.EDD2AD141DEBD425D74A52A4D7BE6AC4] - [10/04/2017 17:47:21] - |A| - [39424] - C:\WINDOWS\syswow64\perfctrs_FromLFSULTRA-WIDEN.dll [MD5.7AAA3E23CE4C7845B112F7A79B110E60] - [10/04/2017 17:47:22] - |A| - [31548] - C:\WINDOWS\syswow64\perfd009.dat [MD5.07BA000B2E67565BDF112C35171865A5] - [10/04/2017 17:47:22] - |A| - [38160] - C:\WINDOWS\syswow64\perfd00C.dat [MD5.B92E9318F7E4AEF633B8EC3A873565AF] - [10/04/2017 17:47:22] - |A| - [31232] - C:\WINDOWS\syswow64\perfdisk_FromLFSULTRA-WIDEN.dll [MD5.A8CAD937C6C273C16C7091B8F38E19FF] - [10/04/2017 17:47:22] - |A| - [653724] - C:\WINDOWS\syswow64\perfh009.dat [MD5.B4020750821308EF579C801C22F20947] - [10/04/2017 17:47:23] - |A| - [747154] - C:\WINDOWS\syswow64\perfh00C.dat [MD5.F9A8F04D57346B7673305CFC1575FF6E] - [10/04/2017 17:47:24] - |A| - [291294] - C:\WINDOWS\syswow64\perfi009.dat [MD5.04F6C9757DB75FF27C427E5B31DDB289] - [10/04/2017 17:47:25] - |A| - [344522] - C:\WINDOWS\syswow64\perfi00C.dat [MD5.DC661CF87F2501A8B8D9628C006AA3BD] - [10/04/2017 17:47:26] - |A| - [157184] - C:\WINDOWS\syswow64\perfmon_FromLFSULTRA-WIDEN.exe [MD5.9BE46DD971FBA66D84567679D3D414EC] - [10/04/2017 17:47:26] - |A| - [145519] - C:\WINDOWS\syswow64\perfmon_FromLFSULTRA-WIDEN.msc [MD5.1ACC2484F3F111D577ABE4FFB1CAF2A5] - [10/04/2017 17:47:26] - |A| - [20992] - C:\WINDOWS\syswow64\perfnet_FromLFSULTRA-WIDEN.dll [MD5.6FA41E0C86EF049A12C05CA4BBA8F9AF] - [10/04/2017 17:47:26] - |A| - [28672] - C:\WINDOWS\syswow64\perfos_FromLFSULTRA-WIDEN.dll [MD5.752F8E96BAB993517838315508FB82CB] - [10/04/2017 17:47:27] - |A| - [35328] - C:\WINDOWS\syswow64\perfproc_FromLFSULTRA-WIDEN.dll [MD5.9FA0BA56FF6901E12EBB96CAE5F45CAA] - [10/04/2017 17:47:27] - |A| - [1667292] - C:\WINDOWS\syswow64\PerfStringBackup_FromLFSULTRA-WIDEN.INI [MD5.7E82616BEE76BF5EAA5B30F681414E21] - [10/04/2017 17:47:28] - |A| - [578048] - C:\WINDOWS\syswow64\perftrack.dll [MD5.FB1BA42D1A1440E99C6B8667E141CFB1] - [10/04/2017 17:47:30] - |A| - [17408] - C:\WINDOWS\syswow64\perfts_FromLFSULTRA-WIDEN.dll [MD5.C2226797AA14ED24DDE3187CC55AB9FD] - [10/04/2017 17:47:30] - |A| - [125952] - C:\WINDOWS\syswow64\phon.ime [MD5.347AAE83C7C7B787CED89544532AA47D] - [10/04/2017 17:47:31] - |A| - [316928] - C:\WINDOWS\syswow64\PhotoMetadataHandler_FromLFSULTRA-WIDEN.dll [MD5.0BA4982FE2C21D3D4A68B81FB25474D7] - [10/04/2017 17:47:31] - |A| - [413696] - C:\WINDOWS\syswow64\PhotoScreensaver_FromLFSULTRA-WIDEN.scr [MD5.59079D4288FF7175758E838A489DD992] - [10/04/2017 17:47:32] - |A| - [295424] - C:\WINDOWS\syswow64\photowiz_FromLFSULTRA-WIDEN.dll [MD5.A073A5345F285A34B6F7C7372F4A8A1C] - [10/04/2017 17:47:32] - |A| - [1234944] - C:\WINDOWS\syswow64\pidgenx_FromLFSULTRA-WIDEN.dll [MD5.1411B6558C191DEC9BCCADC197B948F1] - [10/04/2017 17:47:32] - |A| - [36352] - C:\WINDOWS\syswow64\pid_FromLFSULTRA-WIDEN.dll [MD5.E56C4703D0D9B476EF6195AD22C2ACC0] - [10/04/2017 17:47:34] - |A| - [35328] - C:\WINDOWS\syswow64\pifmgr_FromLFSULTRA-WIDEN.dll [MD5.6242E3D67787CCBF4E06AD2982853144] - [10/04/2017 17:47:34] - |A| - [15360] - C:\WINDOWS\syswow64\PING_FromLFSULTRA-WIDEN.EXE [MD5.3F4AA6FDE0998227796A53BD08599550] - [10/04/2017 17:47:34] - |A| - [90112] - C:\WINDOWS\syswow64\pintlgnt.ime [MD5.C06A8EB439D3451DF15828FF1CB7D0F8] - [10/04/2017 17:47:35] - |A| - [209920] - C:\WINDOWS\syswow64\PkgMgr_FromLFSULTRA-WIDEN.exe [MD5.37CC990D4E2CDFAE12AC47F6B620FC13] - [10/04/2017 17:47:36] - |A| - [186880] - C:\WINDOWS\syswow64\pku2u_FromLFSULTRA-WIDEN.dll [MD5.40FACD434CFE38101687CCA3D01B5C1B] - [10/04/2017 17:47:42] - |A| - [7680] - C:\WINDOWS\syswow64\plasrv.exe [MD5.F58516E2DC0D963EF70D6BFC21FD82C4] - [10/04/2017 17:47:42] - |A| - [77312] - C:\WINDOWS\syswow64\PlaySndSrv_FromLFSULTRA-WIDEN.dll [MD5.414BBA67A3DED1D28437EB66AEB8A720] - [10/04/2017 17:47:40] - |A| - [1508864] - C:\WINDOWS\syswow64\pla_FromLFSULTRA-WIDEN.dll [MD5.BC949EA893A9384070C31F083CCEFD26] - [10/04/2017 17:47:42] - |A| - [3] - C:\WINDOWS\syswow64\PLD_Framework.cmd [MD5.57F8A50513E43AAF6A7B23389E389BBC] - [10/04/2017 17:47:42] - |A| - [46592] - C:\WINDOWS\syswow64\pmspl.dll [MD5.4BCC7EB5F20840DA67943BD86AE95735] - [10/04/2017 17:47:43] - |A| - [56832] - C:\WINDOWS\syswow64\pngfilt_FromLFSULTRA-WIDEN.dll [MD5.3D6F22551D422F97AACB0BB927E4C846] - [10/04/2017 17:47:43] - |A| - [1750528] - C:\WINDOWS\syswow64\pnidui.dll [MD5.7B69E7666DB85DDE15BC8BFA126D918E] - [10/04/2017 17:47:45] - |A| - [74752] - C:\WINDOWS\syswow64\pnpsetup.dll [MD5.F8E882C10AF4C29E378D1E28D4817CB1] - [10/04/2017 17:47:46] - |A| - [10752] - C:\WINDOWS\syswow64\pnpts.dll [MD5.6D1B06AA4A2C7E25AAF806F67CEC75FA] - [10/04/2017 17:47:46] - |A| - [379904] - C:\WINDOWS\syswow64\pnpui.dll [MD5.A557563260FD041F6CFA5C296918104E] - [10/04/2017 17:47:46] - |A| - [61440] - C:\WINDOWS\syswow64\PnPUnattend.exe [MD5.CD295D076FFA61A666761B4D94A135FF] - [10/04/2017 17:47:46] - |A| - [34304] - C:\WINDOWS\syswow64\PnPutil.exe [MD5.068E5D83AE83030BE8B2358671636267] - [10/04/2017 17:47:47] - |A| - [83456] - C:\WINDOWS\syswow64\PNPXAssoc.dll [MD5.E482FE4BDA8C5E4B18541348ECEFAAE8] - [10/04/2017 17:47:47] - |A| - [53248] - C:\WINDOWS\syswow64\PNPXAssocPrx.dll [MD5.63FF8572611249931EB16BB8EED6AFC8] - [10/04/2017 17:47:48] - |A| - [20480] - C:\WINDOWS\syswow64\pnrpauto.dll [MD5.A60CD36E3F96A545917E1A622B258EB0] - [10/04/2017 17:47:48] - |A| - [57856] - C:\WINDOWS\syswow64\Pnrphc.dll [MD5.5CF640EDDB1E40A5AB1BB743BCDEC610] - [10/04/2017 17:47:48] - |A| - [65024] - C:\WINDOWS\syswow64\pnrpnsp_FromLFSULTRA-WIDEN.dll [MD5.82A8521DDC60710C3D3D3E7325209BEC] - [10/04/2017 17:47:49] - |A| - [269824] - C:\WINDOWS\syswow64\pnrpsvc.dll [MD5.0E6DCD164732580CC1E57276252F49CF] - [10/04/2017 17:47:49] - |A| - [273920] - C:\WINDOWS\syswow64\polstore_FromLFSULTRA-WIDEN.dll [MD5.81FCF3B7A0C63AB9C3EC37DF01C642B0] - [10/04/2017 17:47:50] - |A| - [123904] - C:\WINDOWS\syswow64\poqexec_FromLFSULTRA-WIDEN.exe [MD5.E98278865E8DABA21CFE5FE4BE34210A] - [10/04/2017 17:47:50] - |A| - [547840] - C:\WINDOWS\syswow64\PortableDeviceApi_FromLFSULTRA-WIDEN.dll [MD5.81490FDAE27F0082E5CC2DC78DCA96FA] - [10/04/2017 17:47:51] - |A| - [110080] - C:\WINDOWS\syswow64\PortableDeviceClassExtension_FromLFSULTRA-WIDEN.dll [MD5.C693E642ACFBDD76433AF6BE3C3EEE6F] - [10/04/2017 17:47:51] - |A| - [60928] - C:\WINDOWS\syswow64\PortableDeviceConnectApi_FromLFSULTRA-WIDEN.dll [MD5.F7CF764F8155492EB50E4505A6DA8D87] - [10/04/2017 17:47:52] - |A| - [427520] - C:\WINDOWS\syswow64\PortableDeviceStatus_FromLFSULTRA-WIDEN.dll [MD5.9D67B55896F679CD6C0FC7EAD0F4BDEA] - [10/04/2017 17:47:52] - |A| - [183296] - C:\WINDOWS\syswow64\PortableDeviceSyncProvider_FromLFSULTRA-WIDEN.dll [MD5.ADB45A977BD9E45790CA496DB84BA148] - [10/04/2017 17:47:53] - |A| - [159744] - C:\WINDOWS\syswow64\PortableDeviceTypes_FromLFSULTRA-WIDEN.dll [MD5.D121BB3A50CDCDE8CE7B62D3EB62A852] - [10/04/2017 17:47:53] - |A| - [138240] - C:\WINDOWS\syswow64\PortableDeviceWiaCompat_FromLFSULTRA-WIDEN.dll [MD5.B724C9557C85B374745DBC67FFAF37A1] - [10/04/2017 17:47:53] - |A| - [196608] - C:\WINDOWS\syswow64\PortableDeviceWMDRM.dll [MD5.2B389C1AC7186C32DC695E28E5ECEA32] - [10/04/2017 17:47:54] - |A| - [22528] - C:\WINDOWS\syswow64\pots_FromLFSULTRA-WIDEN.dll [MD5.D8868258E3F26B40ECB8E945C2DA8BD9] - [10/04/2017 17:47:54] - |A| - [142336] - C:\WINDOWS\syswow64\powercfg_FromLFSULTRA-WIDEN.cpl [MD5.98E7E971AB21A6EDD2323C0FB37B9A0F] - [10/04/2017 17:47:54] - |A| - [59392] - C:\WINDOWS\syswow64\powercfg_FromLFSULTRA-WIDEN.exe [MD5.3925944734DFC5D2253F3DC5923F797D] - [10/04/2017 17:47:55] - |A| - [441856] - C:\WINDOWS\syswow64\powercpl_FromLFSULTRA-WIDEN.dll [MD5.08DFDBD2FD4EA951DC46B1C7661ED35A] - [10/04/2017 17:47:56] - |A| - [145408] - C:\WINDOWS\syswow64\powrprof_FromLFSULTRA-WIDEN.dll [MD5.4FA66A573E9A45D05AD5A25B1E76A35D] - [10/04/2017 17:47:56] - |A| - [103120] - C:\WINDOWS\syswow64\PresentationCFFRasterizerNative_v0300_FromLFSULTRA-WIDEN.dll [MD5.A2AEEAB451AD341070F9B8F8E1A2EC28] - [10/04/2017 17:47:57] - |A| - [99176] - C:\WINDOWS\syswow64\PresentationHostProxy_FromLFSULTRA-WIDEN.dll [MD5.6A08F1C87BBF6197F5DAD95CF41E5175] - [10/04/2017 17:47:57] - |A| - [295264] - C:\WINDOWS\syswow64\PresentationHost_FromLFSULTRA-WIDEN.exe [MD5.80739D6157FDF84E444C659AC3B0E41E] - [10/04/2017 17:47:57] - |A| - [778096] - C:\WINDOWS\syswow64\PresentationNative_v0300_FromLFSULTRA-WIDEN.dll [MD5.E81591FCC19409E11F9A913728746391] - [10/04/2017 17:47:58] - |A| - [31232] - C:\WINDOWS\syswow64\prevhost_FromLFSULTRA-WIDEN.exe [MD5.8D3660716273DC65E7AF8F35830FE3F4] - [10/04/2017 17:47:59] - |A| - [17408] - C:\WINDOWS\syswow64\prflbmsg_FromLFSULTRA-WIDEN.dll [MD5.7DF79C77C79FA04DFF150857E53F02A6] - [10/04/2017 17:47:59] - |A| - [25088] - C:\WINDOWS\syswow64\printfilterpipelineprxy.dll [MD5.57CA8BEFC6F5AC166CC7160D7792D7C2] - [10/04/2017 17:48:00] - |A| - [448000] - C:\WINDOWS\syswow64\printfilterpipelinesvc.exe [MD5.640A476C8867AEAAD8FF9F59A61AFE2F] - [10/04/2017 17:48:06] - |A| - [17408] - C:\WINDOWS\syswow64\PrintIsolationHost.exe [MD5.03CF941D031F30272D3063E5A4D686F5] - [10/04/2017 17:48:06] - |A| - [32768] - C:\WINDOWS\syswow64\PrintIsolationProxy.dll [MD5.9DF9B31EAC1669F244C02B61F10D123A] - [10/04/2017 17:48:07] - |A| - [932352] - C:\WINDOWS\syswow64\printui_FromLFSULTRA-WIDEN.dll [MD5.AC73CF03EBC8B6C8F2D9B72190F907B3] - [10/04/2017 17:48:09] - |A| - [60928] - C:\WINDOWS\syswow64\printui_FromLFSULTRA-WIDEN.exe [MD5.FF09F17C0D285CCD601ED1F04D96E7AF] - [10/04/2017 17:47:59] - |A| - [13824] - C:\WINDOWS\syswow64\print_FromLFSULTRA-WIDEN.exe [MD5.50AF423CC8915B0010F0A96BF78672E9] - [10/04/2017 17:48:09] - |A| - [116736] - C:\WINDOWS\syswow64\prncache_FromLFSULTRA-WIDEN.dll [MD5.C8333F1F77A1B2E25F2202E892CAF634] - [10/04/2017 17:48:09] - |A| - [395264] - C:\WINDOWS\syswow64\prnfldr_FromLFSULTRA-WIDEN.dll [MD5.617FFBBB59D5FEB3B1F8552C2E7C1AAE] - [10/04/2017 17:48:09] - |A| - [175616] - C:\WINDOWS\syswow64\prnntfy_FromLFSULTRA-WIDEN.dll [MD5.0FC7E6C8DFB1052F121638485A675761] - [10/04/2017 17:48:10] - |A| - [120320] - C:\WINDOWS\syswow64\prntvpt_FromLFSULTRA-WIDEN.dll [MD5.29DA8A4707BDBB956FC5C913CA6DD2B4] - [10/04/2017 17:48:10] - |A| - [8704] - C:\WINDOWS\syswow64\procinst.dll [MD5.C733D233B623B7FFCE5031E4B756EE26] - [10/04/2017 17:48:10] - |A| - [31744] - C:\WINDOWS\syswow64\profapi_FromLFSULTRA-WIDEN.dll [MD5.00000000000000000000000000000000] - [09/04/2017 12:10:37] - |D| - [0] - C:\WINDOWS\syswow64\Profiles [MD5.5831FC32006FB68B4014B16837CE4A95] - [10/04/2017 17:48:10] - |A| - [28672] - C:\WINDOWS\syswow64\profprov.dll [MD5.FD9692A3D31E021207D3C2A9DDDC2BE3] - [10/04/2017 17:48:11] - |A| - [164864] - C:\WINDOWS\syswow64\profsvc.dll [MD5.12C45E3CB6D65F73209549E2D02ECA7A] - [10/04/2017 17:48:12] - |A| - [988160] - C:\WINDOWS\syswow64\propsys_FromLFSULTRA-WIDEN.dll [MD5.2E77BAB79F078654782F83F0A0AEFE31] - [10/04/2017 17:48:13] - |A| - [28672] - C:\WINDOWS\syswow64\proquota_FromLFSULTRA-WIDEN.exe [MD5.DBC02D918FFF1CAD628ACBE0C0EAA8E8] - [10/04/2017 17:48:13] - |A| - [165376] - C:\WINDOWS\syswow64\provsvc_FromLFSULTRA-WIDEN.dll [MD5.23D76DEC4772EFE07DC6E0848FFFC959] - [10/04/2017 17:48:14] - |A| - [189952] - C:\WINDOWS\syswow64\provthrd_FromLFSULTRA-WIDEN.dll [MD5.A543AC1F7138376D778D630A35FCBC4C] - [10/04/2017 17:48:14] - |A| - [6144] - C:\WINDOWS\syswow64\psapi_FromLFSULTRA-WIDEN.dll [MD5.274992D0945889A6B56D0E1BD4288A6E] - [10/04/2017 17:48:14] - |A| - [50688] - C:\WINDOWS\syswow64\psbase.dll [MD5.C09741B9886EF0D15EC3B1443352FB62] - [10/04/2017 17:48:15] - |A| - [51] - C:\WINDOWS\syswow64\pscript_FromLFSULTRA-WIDEN.sep [MD5.D93A937A2A9D2CBC06B3A615A197011F] - [10/04/2017 17:48:15] - |A| - [52816] - C:\WINDOWS\syswow64\PSHED_FromLFSULTRA-WIDEN.DLL [MD5.E9CFD3682AB6379E62C7175B07865152] - [10/04/2017 17:48:15] - |A| - [465408] - C:\WINDOWS\syswow64\psisdecd_FromLFSULTRA-WIDEN.dll [MD5.71EAF975B87917ADCB26886482F6FB5B] - [10/04/2017 17:48:16] - |A| - [75776] - C:\WINDOWS\syswow64\psisrndr_FromLFSULTRA-WIDEN.ax [MD5.A8D0ADF0D8C660B8108AB30B925BBD41] - [10/04/2017 17:48:16] - |A| - [696320] - C:\WINDOWS\syswow64\psr_FromLFSULTRA-WIDEN.exe [MD5.B9ADA43CB3FFAF6669D34F432AA44A0F] - [10/04/2017 17:48:16] - |A| - [42496] - C:\WINDOWS\syswow64\pstorec_FromLFSULTRA-WIDEN.dll [MD5.0A3CCB2C4F603D99F34D742FC9544B97] - [10/04/2017 17:48:17] - |A| - [23552] - C:\WINDOWS\syswow64\pstorsvc.dll [MD5.6EEEB6C90D19918A927CF0028BB5C535] - [10/04/2017 17:48:25] - |A| - [169472] - C:\WINDOWS\syswow64\puiapi_FromLFSULTRA-WIDEN.dll [MD5.909C11946AC04EA54A98C97792DC3C18] - [10/04/2017 17:48:25] - |A| - [324608] - C:\WINDOWS\syswow64\puiobj_FromLFSULTRA-WIDEN.dll [MD5.70F8E1B574CCAAB84D3806031F549AE5] - [10/04/2017 17:48:26] - |A| - [41984] - C:\WINDOWS\syswow64\pwrshplugin_FromLFSULTRA-WIDEN.dll [MD5.02530B0B7E048DD5AC8D52DAEACAEB2B] - [10/04/2017 17:48:26] - |A| - [171520] - C:\WINDOWS\syswow64\QAGENT.DLL [MD5.61D57A5D7C6D9AFE10E77DAE6E1B445E] - [10/04/2017 17:48:27] - |A| - [330240] - C:\WINDOWS\syswow64\QAGENTRT.DLL [MD5.5CF623B21998B8F1D081D55910A0BDA7] - [10/04/2017 17:48:27] - |A| - [206848] - C:\WINDOWS\syswow64\qasf_FromLFSULTRA-WIDEN.dll [MD5.CC5BF60E9D3F181C0B62AC91AD8634B8] - [10/04/2017 17:48:28] - |A| - [190976] - C:\WINDOWS\syswow64\qcap_FromLFSULTRA-WIDEN.dll [MD5.925AE681543B4E666E172B5BD7E45B32] - [10/04/2017 17:48:28] - |A| - [71680] - C:\WINDOWS\syswow64\QCLIPROV.DLL [MD5.78E7D511C9FB80ADC9A1DD22CCF66C0E] - [10/04/2017 17:48:29] - |A| - [519680] - C:\WINDOWS\syswow64\qdvd_FromLFSULTRA-WIDEN.dll [MD5.92DF43A9CDD39C67F2B2D2F98799E086] - [10/04/2017 17:48:29] - |A| - [283136] - C:\WINDOWS\syswow64\qdv_FromLFSULTRA-WIDEN.dll [MD5.BBCD95BC468665A596D7ED2D6233A34E] - [10/04/2017 17:48:30] - |A| - [509952] - C:\WINDOWS\syswow64\qedit_FromLFSULTRA-WIDEN.dll [MD5.7AE161045E92A48137AD3DC9F83A9C03] - [10/04/2017 17:48:30] - |A| - [733184] - C:\WINDOWS\syswow64\qedwipes_FromLFSULTRA-WIDEN.dll [MD5.6213E4FD36A6B5DFFF3CB411DB1CB567] - [10/04/2017 17:48:31] - |A| - [125952] - C:\WINDOWS\syswow64\qintlgnt.ime [MD5.E585445D5021971FAE10393F0F1C3961] - [10/04/2017 17:48:32] - |A| - [585728] - C:\WINDOWS\syswow64\qmgr.dll [MD5.85B45B4B285B159ACDB355FC8C1E8925] - [10/04/2017 17:48:33] - |A| - [21504] - C:\WINDOWS\syswow64\qmgrprxy.dll [MD5.34391196FE00480C9ADBFBE215B6B28C] - [10/04/2017 17:48:33] - |A| - [167936] - C:\WINDOWS\syswow64\QSHVHOST.DLL [MD5.F65D14471F76F9C91315352932408939] - [10/04/2017 17:48:34] - |A| - [99328] - C:\WINDOWS\syswow64\QSVRMGMT.DLL [MD5.89FBB1C25E02767572AB1F136EE8CD04] - [10/04/2017 17:48:35] - |A| - [1329664] - C:\WINDOWS\syswow64\quartz_FromLFSULTRA-WIDEN.dll [MD5.63B282FB2550893724647A359BA2323F] - [10/04/2017 17:48:35] - |A| - [1363456] - C:\WINDOWS\syswow64\Query_FromLFSULTRA-WIDEN.dll [MD5.8EEE7755321580735BDD8A403DB1C31B] - [10/04/2017 17:48:38] - |A| - [125952] - C:\WINDOWS\syswow64\quick.ime [MD5.BD626EF05967D14C772B8096292731A3] - [10/04/2017 17:48:39] - |A| - [80896] - C:\WINDOWS\syswow64\QUTIL.DLL [MD5.31AC809E7707EB580B2BDB760390765A] - [10/04/2017 17:48:39] - |A| - [210944] - C:\WINDOWS\syswow64\qwave_FromLFSULTRA-WIDEN.dll [MD5.198366199A9F342EF87978D79308B49F] - [10/04/2017 17:48:40] - |A| - [1115136] - C:\WINDOWS\syswow64\RacEngn_FromLFSULTRA-WIDEN.dll [MD5.AB4CDA9CA0A4879BAD8DFF0E5B859901] - [10/04/2017 17:48:41] - |A| - [111616] - C:\WINDOWS\syswow64\racpldlg_FromLFSULTRA-WIDEN.dll [MD5.C236A8735A48B165A2A7724357DBE332] - [10/04/2017 17:48:41] - |A| - [105559] - C:\WINDOWS\syswow64\RacRules.xml [MD5.7FFD52D73352806969D424EF327D10A7] - [10/04/2017 17:48:42] - |A| - [85504] - C:\WINDOWS\syswow64\radardt_FromLFSULTRA-WIDEN.dll [MD5.B0D9BAF2B3AB3A83C00AD4873D744DEA] - [10/04/2017 17:48:42] - |A| - [62976] - C:\WINDOWS\syswow64\radarrs_FromLFSULTRA-WIDEN.dll [MD5.ED6EE83D61EBC683C2CD8E899EA6FEBE] - [10/04/2017 17:48:44] - |A| - [11776] - C:\WINDOWS\syswow64\rasadhlp_FromLFSULTRA-WIDEN.dll [MD5.839F96DBAAFD3353E0B248A5E0BD2A51] - [10/04/2017 17:48:44] - |A| - [325120] - C:\WINDOWS\syswow64\rasapi32_FromLFSULTRA-WIDEN.dll [MD5.A60F1839849C0C00739787FD5EC03F13] - [10/04/2017 17:48:44] - |A| - [90624] - C:\WINDOWS\syswow64\rasauto.dll [MD5.E226F100ACC597A6C5DA43784B16AA69] - [10/04/2017 17:48:45] - |A| - [16896] - C:\WINDOWS\syswow64\rasautou_FromLFSULTRA-WIDEN.exe [MD5.761A3A4038C1FD4F5795427907C28484] - [10/04/2017 17:48:45] - |A| - [81408] - C:\WINDOWS\syswow64\rascfg.dll [MD5.207CF171B1C6B8AE50C1FBF87363EEBC] - [10/04/2017 17:48:45] - |A| - [318976] - C:\WINDOWS\syswow64\raschap_FromLFSULTRA-WIDEN.dll [MD5.3A77C18665A4C8428768CE186A5BC1EF] - [10/04/2017 17:48:46] - |A| - [1820] - C:\WINDOWS\syswow64\rasctrnm_FromLFSULTRA-WIDEN.h [MD5.6E608664EBEEAB5A03BA32324016695B] - [10/04/2017 17:48:46] - |A| - [15360] - C:\WINDOWS\syswow64\rasctrs_FromLFSULTRA-WIDEN.dll [MD5.911E5C3C4909CAA9B28BF1549F99D7CE] - [10/04/2017 17:48:46] - |A| - [61952] - C:\WINDOWS\syswow64\rasdiag_FromLFSULTRA-WIDEN.dll [MD5.7D4A47FF413D90E109A74A7E15FF1E64] - [10/04/2017 17:48:46] - |A| - [73216] - C:\WINDOWS\syswow64\rasdial_FromLFSULTRA-WIDEN.exe [MD5.D39DA70FEA6BD713682F70635587DA9E] - [10/04/2017 17:48:47] - |A| - [772608] - C:\WINDOWS\syswow64\rasdlg_FromLFSULTRA-WIDEN.dll [MD5.0842FB9AC27460E2B0107F6B3A872FD5] - [10/04/2017 17:48:48] - |A| - [101888] - C:\WINDOWS\syswow64\raserver_FromLFSULTRA-WIDEN.exe [MD5.EB1EF79F82CAE9FB0E874716B310ED2D] - [10/04/2017 17:48:49] - |A| - [761856] - C:\WINDOWS\syswow64\rasgcw_FromLFSULTRA-WIDEN.dll [MD5.CB9E04DC05EACF5B9A36CA276D475006] - [10/04/2017 17:48:50] - |A| - [286208] - C:\WINDOWS\syswow64\rasmans.dll [MD5.FFA7172354B9256DBB2CDD75F16F33FE] - [10/04/2017 17:48:50] - |A| - [76800] - C:\WINDOWS\syswow64\rasman_FromLFSULTRA-WIDEN.dll [MD5.A9D9A661020B7CE1B6F7E15F3E90FDAD] - [10/04/2017 17:48:51] - |A| - [45056] - C:\WINDOWS\syswow64\rasmbmgr.dll [MD5.27F3D44B29E14658EDE13D7D044E7420] - [10/04/2017 17:48:51] - |A| - [845824] - C:\WINDOWS\syswow64\RASMM.dll [MD5.156537B623F9D9569658F96E53F35513] - [10/04/2017 17:48:51] - |A| - [179200] - C:\WINDOWS\syswow64\rasmontr_FromLFSULTRA-WIDEN.dll [MD5.2C6ABCE8D7B3FCB307500D31175197B7] - [10/04/2017 17:48:53] - |A| - [33280] - C:\WINDOWS\syswow64\rasmxs.dll [MD5.1121ABF1D1192B72A1272F6B32160301] - [10/04/2017 17:48:53] - |A| - [50176] - C:\WINDOWS\syswow64\rasphone_FromLFSULTRA-WIDEN.exe [MD5.FFE4BEC5C187C426A17AE76A773063A6] - [10/04/2017 17:48:53] - |A| - [385024] - C:\WINDOWS\syswow64\rasplap_FromLFSULTRA-WIDEN.dll [MD5.67F9B5C7E215B48F9256757E9CC09A7B] - [10/04/2017 17:48:54] - |A| - [176640] - C:\WINDOWS\syswow64\rasppp_FromLFSULTRA-WIDEN.dll [MD5.D0EF3AA037AFA342606FB5FD2FADA004] - [10/04/2017 17:48:54] - |A| - [22528] - C:\WINDOWS\syswow64\rasser.dll [MD5.B2E1E4A16EDD02396F451F915FA3CBFA] - [10/04/2017 17:48:54] - |A| - [69632] - C:\WINDOWS\syswow64\rastapi_FromLFSULTRA-WIDEN.dll [MD5.6944501ED659F2C835F8DD16182C9330] - [10/04/2017 17:48:55] - |A| - [372224] - C:\WINDOWS\syswow64\rastls_FromLFSULTRA-WIDEN.dll [MD5.3D2C65D8434F77B1559D7F048E24A26D] - [10/04/2017 17:48:55] - |A| - [374888] - C:\WINDOWS\syswow64\RCoRes.dat [MD5.03A88560EF6B5F746A9AC5BA1C0A36C7] - [10/04/2017 17:48:56] - |A| - [8704] - C:\WINDOWS\syswow64\rdpcfgex.dll [MD5.B4203FC65D4C0D7A0B7A02AFD13472BB] - [10/04/2017 17:48:57] - |A| - [130048] - C:\WINDOWS\syswow64\rdpcorekmts.dll [MD5.86F34E7288DA428E38E2D8C7E806A871] - [10/04/2017 17:48:56] - |A| - [826880] - C:\WINDOWS\syswow64\rdpcore_FromLFSULTRA-WIDEN.dll [MD5.D0C94D78DC8652153F020F5B6ACED36F] - [10/04/2017 17:48:58] - |A| - [52224] - C:\WINDOWS\syswow64\rdpd3d.dll [MD5.8371F19E329B6CD650A6A9E9BF41EB2D] - [10/04/2017 17:48:58] - |A| - [213504] - C:\WINDOWS\syswow64\rdpdd.dll [MD5.0435045377BF76438CE5BF385995C699] - [10/04/2017 17:48:59] - |A| - [121856] - C:\WINDOWS\syswow64\RDPENCDD.dll [MD5.9D30A820EAB9C146BB59557CA0236875] - [10/04/2017 17:48:59] - |A| - [186368] - C:\WINDOWS\syswow64\rdpencom_FromLFSULTRA-WIDEN.dll [MD5.46A8664B446B5ED10DBDEF8B6DE7F648] - [10/04/2017 17:48:59] - |A| - [26624] - C:\WINDOWS\syswow64\RDPREFDD.dll [MD5.6C796F88B7D9BF52A45757E2C837185A] - [10/04/2017 17:48:59] - |A| - [21504] - C:\WINDOWS\syswow64\rdprefdrvapi.dll [MD5.954AAF2028CD907B7F7ED40FFFD9D27F] - [10/04/2017 17:48:59] - |A| - [58880] - C:\WINDOWS\syswow64\rdpwsx.dll [MD5.DFF0ED00406647782761E8824A5F38F5] - [10/04/2017 17:49:00] - |A| - [36352] - C:\WINDOWS\syswow64\rdrleakdiag_FromLFSULTRA-WIDEN.exe [MD5.A5661C9330E5FCFCDD53EB03D5F04822] - [10/04/2017 17:49:00] - |A| - [8192] - C:\WINDOWS\syswow64\rdrmemptylst.exe [MD5.2BF84985DE59544A0460BB33F804DA3A] - [10/04/2017 17:49:00] - |A| - [22016] - C:\WINDOWS\syswow64\ReAgentc_FromLFSULTRA-WIDEN.exe [MD5.3CC04CB09FAFAD87942437FDDEE11EE3] - [10/04/2017 17:49:00] - |A| - [247808] - C:\WINDOWS\syswow64\ReAgent_FromLFSULTRA-WIDEN.dll [MD5.7635B6502882E4B1713F049FD8FD2EA4] - [10/04/2017 17:49:01] - |A| - [210432] - C:\WINDOWS\syswow64\recdisc.exe [MD5.2DAF758E7C15886DD2424F77F488759A] - [10/04/2017 17:49:02] - |A| - [135680] - C:\WINDOWS\syswow64\recovery.dll [MD5.01C74B25911C3054F4C37C7389528CE5] - [10/04/2017 17:49:01] - |A| - [11776] - C:\WINDOWS\syswow64\recover_FromLFSULTRA-WIDEN.exe [MD5.BBB40CA86B88918864D16CFAC9D4ABA4] - [10/04/2017 17:49:02] - |A| - [2842] - C:\WINDOWS\syswow64\redir.exe [MD5.2607A85B6466C0110EA8ABB9D8CC83FC] - [10/04/2017 17:49:03] - |A| - [72192] - C:\WINDOWS\syswow64\regapi_FromLFSULTRA-WIDEN.dll [MD5.9249A6C6949CB68A3CD1C4889372F65D] - [10/04/2017 17:49:03] - |A| - [41472] - C:\WINDOWS\syswow64\RegCtrl_FromLFSULTRA-WIDEN.dll [MD5.DCF8B58C2876B73D8D616307A259D9F9] - [10/04/2017 17:49:03] - |A| - [9216] - C:\WINDOWS\syswow64\regedt32_FromLFSULTRA-WIDEN.exe [MD5.D94EB5FC150B4F7B6166C0A897EBBF8F] - [10/04/2017 17:49:03] - |A| - [13312] - C:\WINDOWS\syswow64\regidle.dll [MD5.6F2BFAD61CF27546E9A08228BA5C87AD] - [10/04/2017 17:49:03] - |A| - [44032] - C:\WINDOWS\syswow64\regini_FromLFSULTRA-WIDEN.exe [MD5.C1A6E565B2782C09BC40AD749B46D9ED] - [10/04/2017 17:49:04] - |A| - [71680] - C:\WINDOWS\syswow64\RegisterIEPKEYs.exe [MD5.CB9A8683F4EF2BF99E123D79950D7935] - [10/04/2017 17:49:04] - |A| - [112640] - C:\WINDOWS\syswow64\regsvc.dll [MD5.432BE6CF7311062633459EEF6B242FB5] - [10/04/2017 17:49:04] - |A| - [14848] - C:\WINDOWS\syswow64\regsvr32_FromLFSULTRA-WIDEN.exe [MD5.D69A9ABBB0D795F21995C2F48C1EB560] - [10/04/2017 17:49:02] - |A| - [62464] - C:\WINDOWS\syswow64\reg_FromLFSULTRA-WIDEN.exe [MD5.082ED4A73761682F897EA1D7F4529F69] - [10/04/2017 17:49:04] - |A| - [61440] - C:\WINDOWS\syswow64\rekeywiz_FromLFSULTRA-WIDEN.exe [MD5.3E6731BF36A7D6C62D09671B427B6B67] - [10/04/2017 17:49:05] - |A| - [37888] - C:\WINDOWS\syswow64\relog_FromLFSULTRA-WIDEN.exe [MD5.87095E9BA2A172685897F1D4AFE35E91] - [10/04/2017 17:49:05] - |A| - [182784] - C:\WINDOWS\syswow64\RelPost.exe [MD5.292F2FA57EB9B773DA1C15AFCC4A4F90] - [10/04/2017 17:49:05] - |A| - [146944] - C:\WINDOWS\syswow64\remotepg_FromLFSULTRA-WIDEN.dll [MD5.3D3223FD14BE218534D06241565F4C84] - [10/04/2017 17:49:06] - |A| - [82432] - C:\WINDOWS\syswow64\remotesp_FromLFSULTRA-WIDEN.tsp [MD5.DB9C6972D8C05CD97848C77330C60A4E] - [10/04/2017 17:49:06] - |A| - [6144] - C:\WINDOWS\syswow64\rendezvousSession_FromLFSULTRA-WIDEN.tlb [MD5.CA1870CDB1052F33B05E338F2B326A3D] - [10/04/2017 17:49:06] - |A| - [57344] - C:\WINDOWS\syswow64\repair-bde.exe [MD5.3913E98FD8CF3919F3810D60DF156AD9] - [10/04/2017 17:49:06] - |A| - [16896] - C:\WINDOWS\syswow64\replace_FromLFSULTRA-WIDEN.exe [MD5.D6A767B747F4D58EBDAAD1925DC863FA] - [10/04/2017 17:49:06] - |A| - [206848] - C:\WINDOWS\syswow64\RESAMPLEDMO_FromLFSULTRA-WIDEN.DLL [MD5.C991D8304158D7D278E27BEF876CB4EC] - [10/04/2017 17:49:07] - |A| - [103424] - C:\WINDOWS\syswow64\resmon_FromLFSULTRA-WIDEN.exe [MD5.3F75A221A01F68D6CE67FE99A868BD8F] - [10/04/2017 17:49:08] - |A| - [176] - C:\WINDOWS\syswow64\RestartManagerUninstall_FromLFSULTRA-WIDEN.mof [MD5.43E7D0AB6A8564F5BF375FBF0934FAD1] - [10/04/2017 17:49:07] - |A| - [714] - C:\WINDOWS\syswow64\RestartManager_FromLFSULTRA-WIDEN.mof [MD5.A6CD9184A8EB856B5FB16718BED0E0C3] - [10/04/2017 17:49:08] - |A| - [13896] - C:\WINDOWS\syswow64\results.xml [MD5.2AF094C822BD6094F14A8E85FB51D52A] - [10/04/2017 17:49:09] - |A| - [71168] - C:\WINDOWS\syswow64\resutils_FromLFSULTRA-WIDEN.dll [MD5.8A1B5BFB4FAB862B3B1A6A9FB6E45718] - [10/04/2017 17:49:09] - |A| - [147968] - C:\WINDOWS\syswow64\rgb9rast_FromLFSULTRA-WIDEN.dll [MD5.831319977C168FFCF4E9ABB83A992F80] - [10/04/2017 17:49:09] - |A| - [220672] - C:\WINDOWS\syswow64\Ribbons_FromLFSULTRA-WIDEN.scr [MD5.102CF6879887BBE846A00C459E6D4ABC] - [10/04/2017 17:49:10] - |A| - [473600] - C:\WINDOWS\syswow64\riched20_FromLFSULTRA-WIDEN.dll [MD5.B5506B451BFE7148ECA7056BDA2970BD] - [10/04/2017 17:49:11] - |A| - [8704] - C:\WINDOWS\syswow64\riched32_FromLFSULTRA-WIDEN.dll [MD5.6142C5540C8D2764D59CBC11AF4A5900] - [10/04/2017 17:49:11] - |A| - [572416] - C:\WINDOWS\syswow64\RMActivate_FromLFSULTRA-WIDEN.exe [MD5.E01D2AC63453534DB8AD1EA97DEE9C3A] - [10/04/2017 17:49:12] - |A| - [594944] - C:\WINDOWS\syswow64\RMActivate_isv_FromLFSULTRA-WIDEN.exe [MD5.08D323750350A8A29611D1004C0CF319] - [10/04/2017 17:49:13] - |A| - [510976] - C:\WINDOWS\syswow64\RMActivate_ssp_FromLFSULTRA-WIDEN.exe [MD5.0F5FEF37588AF457E02125674F171A4F] - [10/04/2017 17:49:15] - |A| - [508928] - C:\WINDOWS\syswow64\RMActivate_ssp_isv_FromLFSULTRA-WIDEN.exe [MD5.4449282EAEA488F5AFFEB5EC000D26F5] - [10/04/2017 17:49:16] - |A| - [14848] - C:\WINDOWS\syswow64\RmClient_FromLFSULTRA-WIDEN.exe [MD5.D1D39DEBBE05B9E50C5AEB3DED2DD295] - [10/04/2017 17:49:16] - |A| - [2560] - C:\WINDOWS\syswow64\rnr20_FromLFSULTRA-WIDEN.dll [MD5.39B9273CA01364E115B464416CFB729B] - [10/04/2017 17:49:18] - |A| - [98816] - C:\WINDOWS\syswow64\Robocopy_FromLFSULTRA-WIDEN.exe [MD5.44DFCCE3E204A251B4929716E82F3054] - [10/04/2017 17:49:19] - |A| - [17920] - C:\WINDOWS\syswow64\ROUTE_FromLFSULTRA-WIDEN.EXE [MD5.DFAC006A189D2CC302F53DFDEE3D74D3] - [10/04/2017 17:49:19] - |A| - [293584] - C:\WINDOWS\syswow64\RP3DAA32.dll [MD5.655DDC227B11790127A8CBFA7E9CF700] - [10/04/2017 17:49:20] - |A| - [293584] - C:\WINDOWS\syswow64\RP3DHT32.dll [MD5.0EB5C0BA891A6EFE27DA312D8C623E96] - [10/04/2017 17:49:20] - |A| - [8192] - C:\WINDOWS\syswow64\RpcDiag.dll [MD5.78D072F35BC45D9E4E1B61895C152234] - [10/04/2017 17:49:21] - |A| - [43520] - C:\WINDOWS\syswow64\RpcEpMap.dll [MD5.A2718532AFF3B0F9C73D3034A1511F50] - [10/04/2017 17:49:21] - |A| - [139264] - C:\WINDOWS\syswow64\rpchttp_FromLFSULTRA-WIDEN.dll [MD5.FC2FB49A523C7AEA46805D69C3DF01D7] - [10/04/2017 17:49:21] - |A| - [44544] - C:\WINDOWS\syswow64\RPCNDFP.dll [MD5.2ED30BA450FBA5D11F38A2D98179EBC9] - [10/04/2017 17:49:21] - |A| - [7680] - C:\WINDOWS\syswow64\RpcNs4_FromLFSULTRA-WIDEN.dll [MD5.17F6993D2DD8B1196DB25FDC2ECB87E2] - [10/04/2017 17:49:22] - |A| - [27648] - C:\WINDOWS\syswow64\rpcnsh_FromLFSULTRA-WIDEN.dll [MD5.2A5955CF45DA270672C90E3CC4C11F9F] - [10/04/2017 17:49:22] - |A| - [34816] - C:\WINDOWS\syswow64\RpcPing_FromLFSULTRA-WIDEN.exe [MD5.3933AC2270ED7E71EDB48C0F57258A64] - [10/04/2017 17:49:22] - |A| - [654336] - C:\WINDOWS\syswow64\rpcrt4_FromLFSULTRA-WIDEN.dll [MD5.5997D769CDB108390DCFAEBF442BF816] - [10/04/2017 17:49:23] - |A| - [46080] - C:\WINDOWS\syswow64\RpcRtRemote_FromLFSULTRA-WIDEN.dll [MD5.7660F01D3B38ACA1747E397D21D790AF] - [10/04/2017 17:49:24] - |A| - [376832] - C:\WINDOWS\syswow64\rpcss.dll [MD5.936E6F6F76136BC73B13D25A254BC84B] - [10/04/2017 17:49:25] - |A| - [50176] - C:\WINDOWS\syswow64\rrinstaller_FromLFSULTRA-WIDEN.exe [MD5.ED8EC63F7522DF4852147C84EC62C36A] - [10/04/2017 17:49:25] - |A| - [242936] - C:\WINDOWS\syswow64\rsaenh_FromLFSULTRA-WIDEN.dll [MD5.5E615146CA28574DA378ABFDFC73B4CA] - [10/04/2017 17:49:26] - |A| - [43008] - C:\WINDOWS\syswow64\rshx32_FromLFSULTRA-WIDEN.dll [MD5.F5C5B3A75783BEFF7257EABA026783CA] - [11/04/2017 14:17:44] - |A| - [7963240] - C:\WINDOWS\syswow64\rsror32.dll [MD5.3FE1177C731A499D875FFD2555C0EED1] - [11/04/2017 14:17:54] - |A| - [2451048] - C:\WINDOWS\syswow64\rsrorx32.dll [MD5.B29280AA00BC34FEECDC0426B11B9DAC] - [10/04/2017 17:49:26] - |A| - [152064] - C:\WINDOWS\syswow64\RstrtMgr_FromLFSULTRA-WIDEN.dll [MD5.57789541C7DE874DB963C0C16E46ECD8] - [10/04/2017 17:49:26] - |A| - [262656] - C:\WINDOWS\syswow64\rstrui.exe [MD5.573A6934D4BC8FB8F19AB6E47EBB9128] - [10/04/2017 17:49:29] - |A| - [168648] - C:\WINDOWS\syswow64\RTEED32A.dll [MD5.B747DDAA11333F1EABB35E2AE2E877C9] - [10/04/2017 17:49:29] - |A| - [62664] - C:\WINDOWS\syswow64\RTEEG32A.dll [MD5.52999C60386C123BDD6C93D73BEF37CD] - [10/04/2017 17:49:29] - |A| - [76488] - C:\WINDOWS\syswow64\RTEEL32A.dll [MD5.6285E76879D717C3C978A794130DADE8] - [10/04/2017 17:49:29] - |A| - [357576] - C:\WINDOWS\syswow64\RTEEP32A.dll [MD5.65AADD5B679C3DAC408802A75E6B0280] - [10/04/2017 17:49:30] - |A| - [36864] - C:\WINDOWS\syswow64\rtffilt_FromLFSULTRA-WIDEN.dll [MD5.43430E2AEDAA3296D2ED798966D61A9A] - [10/04/2017 17:49:30] - |A| - [3604584] - C:\WINDOWS\syswow64\RtkAPO.dll [MD5.EF0F3BA96F0B0FD0856E9FCED0922B3D] - [10/04/2017 17:49:32] - |A| - [367208] - C:\WINDOWS\syswow64\RtkApoApi.dll [MD5.AC9FEB705DEDD7B73296C771A7ED529B] - [10/04/2017 17:49:35] - |A| - [65640] - C:\WINDOWS\syswow64\RtkCoInst.dll [MD5.DAC675CC41C1C5631333A8D20009399C] - [10/04/2017 17:49:35] - |A| - [1833064] - C:\WINDOWS\syswow64\RtkPgExt.dll [MD5.30FEC724ED3D65A8CFCF8C686BBAEE42] - [10/04/2017 17:49:37] - |A| - [115200] - C:\WINDOWS\syswow64\rtm_FromLFSULTRA-WIDEN.dll [MD5.F9495E566E90F63393C2377B34094A6F] - [10/04/2017 17:49:37] - |A| - [1084008] - C:\WINDOWS\syswow64\RTSndMgr.cpl [MD5.0915C4DB6DBC3BB9E11B7ECBBE4B7159] - [10/04/2017 17:49:38] - |A| - [37376] - C:\WINDOWS\syswow64\rtutils_FromLFSULTRA-WIDEN.dll [MD5.56B5D6BC06CDB731ABED4711CA0A66D9] - [10/04/2017 17:49:42] - |A| - [17408] - C:\WINDOWS\syswow64\runas_FromLFSULTRA-WIDEN.exe [MD5.51138BEEA3E2C21EC44D0932C71762A8] - [10/04/2017 17:49:42] - |A| - [44544] - C:\WINDOWS\syswow64\rundll32_FromLFSULTRA-WIDEN.exe [MD5.DC9949AFD42077D135900F96ABDC6307] - [10/04/2017 17:49:42] - |A| - [57856] - C:\WINDOWS\syswow64\RunLegacyCPLElevated_FromLFSULTRA-WIDEN.exe [MD5.D44741F65A1D71F65814A12CF6E2400A] - [10/04/2017 17:49:42] - |A| - [50688] - C:\WINDOWS\syswow64\runonce_FromLFSULTRA-WIDEN.exe [MD5.68ECCA523ED760AAFC03C5D587569859] - [10/04/2017 17:49:42] - |A| - [51200] - C:\WINDOWS\syswow64\samcli_FromLFSULTRA-WIDEN.dll [MD5.C30A3E5DEEEBA22E782AC54C5AF5F352] - [10/04/2017 17:49:42] - |A| - [60928] - C:\WINDOWS\syswow64\samlib_FromLFSULTRA-WIDEN.dll [MD5.2465A837EF42E7DAF691F962A552F47F] - [10/04/2017 17:49:43] - |A| - [2048] - C:\WINDOWS\syswow64\SampleRes.dll [MD5.245F4691314F42D4D1BC06442F0B2086] - [10/04/2017 17:49:43] - |A| - [551424] - C:\WINDOWS\syswow64\samsrv.dll [MD5.969D1F85151E0156D51A664E59A50213] - [10/04/2017 17:49:44] - |A| - [8704] - C:\WINDOWS\syswow64\sas_FromLFSULTRA-WIDEN.dll [MD5.D8F3FD1DC9BF4599BC49C8752435A5D4] - [10/04/2017 17:49:45] - |A| - [153600] - C:\WINDOWS\syswow64\sbeio_FromLFSULTRA-WIDEN.dll [MD5.A5A301C82734DF7CC88F45AAA6568713] - [10/04/2017 17:49:46] - |A| - [65536] - C:\WINDOWS\syswow64\sberes_FromLFSULTRA-WIDEN.dll [MD5.4D05D7A79E970398D8C687712E65A9B0] - [10/04/2017 17:49:44] - |A| - [850944] - C:\WINDOWS\syswow64\sbe_FromLFSULTRA-WIDEN.dll [MD5.E764DBD7299DE3058B8272D2A354EC68] - [10/04/2017 17:49:46] - |A| - [12288] - C:\WINDOWS\syswow64\sbunattend.exe [MD5.3E63222185341DCB8EEEDB8E2761EE6F] - [10/04/2017 17:49:47] - |A| - [246272] - C:\WINDOWS\syswow64\scansetting_FromLFSULTRA-WIDEN.dll [MD5.8D30CECF80EEC603AC021DB0E02C01A4] - [10/04/2017 17:49:47] - |A| - [66048] - C:\WINDOWS\syswow64\SCardDlg_FromLFSULTRA-WIDEN.dll [MD5.8FC518FFE9519C2631D37515A68009C4] - [10/04/2017 17:49:47] - |A| - [132608] - C:\WINDOWS\syswow64\SCardSvr.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - [10/04/2017 17:49:47] - |A| - [10429] - C:\WINDOWS\syswow64\ScavengeSpace.xml [MD5.732488BDBE0FC1B6D1AC9DD1D6CDE282] - [10/04/2017 17:49:48] - |A| - [136704] - C:\WINDOWS\syswow64\scavengeui.dll [MD5.64615069F13DA2F0876E72200F40C97D] - [10/04/2017 17:49:48] - |A| - [63488] - C:\WINDOWS\syswow64\sccls.dll [MD5.8124944EC89D6A1815E4E53F5B96AAF4] - [10/04/2017 17:49:48] - |A| - [175616] - C:\WINDOWS\syswow64\scecli_FromLFSULTRA-WIDEN.dll [MD5.B3BC38B886CA53C92D52EF724A9F0D45] - [10/04/2017 17:49:48] - |A| - [308224] - C:\WINDOWS\syswow64\scesrv_FromLFSULTRA-WIDEN.dll [MD5.3369D021265E369D57317D61FA86DD79] - [10/04/2017 17:49:49] - |A| - [51200] - C:\WINDOWS\syswow64\scext.dll [MD5.D2CB5AE05C05A22428D0D241B1B93615] - [10/04/2017 17:49:49] - |A| - [251392] - C:\WINDOWS\syswow64\schannel_FromLFSULTRA-WIDEN.dll [MD5.A42E7748BE906434C5FD17161D168C20] - [10/04/2017 17:49:49] - |A| - [17408] - C:\WINDOWS\syswow64\schedcli_FromLFSULTRA-WIDEN.dll [MD5.A04BB13F8A72F8B6E8B4071723E4E336] - [10/04/2017 17:49:50] - |A| - [750592] - C:\WINDOWS\syswow64\schedsvc.dll [MD5.2003E9B15E1C502B146DAD2E383AC1E3] - [10/04/2017 17:49:51] - |A| - [179712] - C:\WINDOWS\syswow64\schtasks_FromLFSULTRA-WIDEN.exe [MD5.A89C220131985820D6B0E90073102482] - [10/04/2017 17:49:51] - |A| - [180224] - C:\WINDOWS\syswow64\scksp_FromLFSULTRA-WIDEN.dll [MD5.78C1AE0F93A592CBEB86F0987A49E6CF] - [10/04/2017 17:49:52] - |A| - [57856] - C:\WINDOWS\syswow64\scripto_FromLFSULTRA-WIDEN.dll [MD5.B83F08CE1BDD80C69E7BDAFFC4C070C9] - [10/04/2017 17:49:52] - |A| - [10240] - C:\WINDOWS\syswow64\scrnsave_FromLFSULTRA-WIDEN.scr [MD5.2D542FEEEE1644365BCE3327E91A5798] - [10/04/2017 17:49:52] - |A| - [173568] - C:\WINDOWS\syswow64\scrobj_FromLFSULTRA-WIDEN.dll [MD5.69A1D7C29CFF256BECBD4E39E2159636] - [10/04/2017 17:49:52] - |A| - [163840] - C:\WINDOWS\syswow64\scrrun_FromLFSULTRA-WIDEN.dll [MD5.D2F7A0ADC2EE0F65AB1F19D2E00C16B8] - [10/04/2017 17:49:46] - |A| - [37376] - C:\WINDOWS\syswow64\sc_FromLFSULTRA-WIDEN.exe [MD5.C9F0F30C032EC5F8EA3ABDB90FCB3416] - [10/04/2017 17:49:53] - |A| - [46592] - C:\WINDOWS\syswow64\sdautoplay.dll [MD5.7B87B7798FAD9DD3D3F1DF38A62EBD15] - [10/04/2017 17:49:53] - |A| - [20992] - C:\WINDOWS\syswow64\sdbinst_FromLFSULTRA-WIDEN.exe [MD5.8A2AC5FAF2A06455EE5A96A57302CEEE] - [10/04/2017 17:49:53] - |A| - [40960] - C:\WINDOWS\syswow64\sdchange_FromLFSULTRA-WIDEN.exe [MD5.5EFDBEAECD69E250E5BA4A2950203CD4] - [10/04/2017 17:49:53] - |A| - [1131008] - C:\WINDOWS\syswow64\sdclt.exe [MD5.E24BB41C4EFC309A14709FC127A3B847] - [10/04/2017 17:49:54] - |A| - [750080] - C:\WINDOWS\syswow64\sdcpl.dll [MD5.3B28814B74E898750A139FA4CBDFDCF7] - [10/04/2017 17:49:56] - |A| - [907776] - C:\WINDOWS\syswow64\sdengin2.dll [MD5.047A1A25BC35EC99CE724DC6CAC94CC9] - [10/04/2017 17:49:57] - |A| - [32768] - C:\WINDOWS\syswow64\sdhcinst.dll [MD5.B45934FDAEB1710CEC3D8F797FD481CA] - [10/04/2017 17:49:57] - |A| - [178176] - C:\WINDOWS\syswow64\sdiageng_FromLFSULTRA-WIDEN.dll [MD5.15F07E50407139AA93D3FB6E612D2F74] - [10/04/2017 17:49:58] - |A| - [21504] - C:\WINDOWS\syswow64\sdiagnhost_FromLFSULTRA-WIDEN.exe [MD5.E22CF2157EA7D798CA5CFA6A30A5D9FA] - [10/04/2017 17:49:59] - |A| - [240128] - C:\WINDOWS\syswow64\sdiagprv_FromLFSULTRA-WIDEN.dll [MD5.C81E72D82FD4B1290ECB6077369EB0A0] - [10/04/2017 17:49:59] - |A| - [45056] - C:\WINDOWS\syswow64\sdiagschd.dll [MD5.CECF1CDF63F27C05BDABB62B63770B12] - [10/04/2017 17:49:59] - |A| - [358400] - C:\WINDOWS\syswow64\sdohlp_FromLFSULTRA-WIDEN.dll [MD5.08236C4BCE5EDD0A0318A438AF28E0F7] - [10/04/2017 17:50:00] - |A| - [125952] - C:\WINDOWS\syswow64\sdrsvc.dll [MD5.E939EC58FA576A52FF2712F0497A78CB] - [10/04/2017 17:50:00] - |A| - [102912] - C:\WINDOWS\syswow64\sdshext.dll [MD5.A6CD6B3F71E13E2E45B727FB8A47EA87] - [10/04/2017 17:50:00] - |A| - [86528] - C:\WINDOWS\syswow64\SearchFilterHost_FromLFSULTRA-WIDEN.exe [MD5.6581B52E133CC6D00661C58968C7E212] - [10/04/2017 17:50:00] - |A| - [646144] - C:\WINDOWS\syswow64\SearchFolder_FromLFSULTRA-WIDEN.dll [MD5.236F286E103FD44BD85FDD93097FD5DD] - [10/04/2017 17:50:01] - |A| - [427520] - C:\WINDOWS\syswow64\SearchIndexer_FromLFSULTRA-WIDEN.exe [MD5.E1AC89F6C5252057E6062843E36A6701] - [10/04/2017 17:50:02] - |A| - [164352] - C:\WINDOWS\syswow64\SearchProtocolHost_FromLFSULTRA-WIDEN.exe [MD5.468759A7F9C5F4F211091EDF88F70755] - [10/04/2017 17:50:02] - |A| - [35328] - C:\WINDOWS\syswow64\SecEdit_FromLFSULTRA-WIDEN.exe [MD5.65A5E27C2217D606E212B6088CCD6104] - [10/04/2017 17:50:02] - |A| - [92160] - C:\WINDOWS\syswow64\sechost_FromLFSULTRA-WIDEN.dll [MD5.4297F5D9BE5F4B5B11A44A7A6AA12FB7] - [10/04/2017 17:50:03] - |A| - [14848] - C:\WINDOWS\syswow64\secinit_FromLFSULTRA-WIDEN.exe [MD5.A59B3A4442C52060CC7A85293AA3546F] - [10/04/2017 17:50:03] - |A| - [21504] - C:\WINDOWS\syswow64\seclogon.dll [MD5.12A9F24DC9F465DA79AC2272D829A81E] - [10/04/2017 17:50:04] - |A| - [428032] - C:\WINDOWS\syswow64\secproc_FromLFSULTRA-WIDEN.dll [MD5.BBCE3E9E74C7CEA47FA4115B360AC2C6] - [10/04/2017 17:50:04] - |A| - [423936] - C:\WINDOWS\syswow64\secproc_isv_FromLFSULTRA-WIDEN.dll [MD5.58712A48D31B40EBCB35B47205F87771] - [10/04/2017 17:50:05] - |A| - [87040] - C:\WINDOWS\syswow64\secproc_ssp_FromLFSULTRA-WIDEN.dll [MD5.9158DBE2F8483434FC72F320690C9DB8] - [10/04/2017 17:50:05] - |A| - [87040] - C:\WINDOWS\syswow64\secproc_ssp_isv_FromLFSULTRA-WIDEN.dll [MD5.973475BA1F197D8AA7B9DC10046C80BA] - [10/04/2017 17:50:06] - |A| - [22016] - C:\WINDOWS\syswow64\secur32_FromLFSULTRA-WIDEN.dll [MD5.4F6E72B34ED3DC53DCC5E8708E60B61F] - [10/04/2017 17:50:06] - |A| - [4608] - C:\WINDOWS\syswow64\security_FromLFSULTRA-WIDEN.dll [MD5.726DFDB9E283B0CB78D87DDD7469BAF3] - [10/04/2017 17:50:06] - |A| - [65536] - C:\WINDOWS\syswow64\sendmail_FromLFSULTRA-WIDEN.dll [MD5.DCB7FCDCC97F87360F75D77425B81737] - [10/04/2017 17:50:06] - |A| - [49664] - C:\WINDOWS\syswow64\Sens.dll [MD5.6F8E3B7B70E1BBA871212940C1FBDF60] - [10/04/2017 17:50:07] - |A| - [10752] - C:\WINDOWS\syswow64\SensApi_FromLFSULTRA-WIDEN.dll [MD5.536A02B5196CA2B27BF0E56F862F4675] - [10/04/2017 17:50:07] - |A| - [15360] - C:\WINDOWS\syswow64\serialui_FromLFSULTRA-WIDEN.dll [MD5.0780A42DBD7D9969F9BF4A19AA4285B5] - [10/04/2017 17:50:07] - |A| - [259072] - C:\WINDOWS\syswow64\services.exe [MD5.7A1D35F59468B8118AF5B8E21DF78AE2] - [10/04/2017 17:50:07] - |A| - [92745] - C:\WINDOWS\syswow64\services_FromLFSULTRA-WIDEN.msc [MD5.9E28BD26A9CE33CA2BFF4A42A8772423] - [10/04/2017 17:50:08] - |A| - [18432] - C:\WINDOWS\syswow64\serwvdrv_FromLFSULTRA-WIDEN.dll [MD5.4AE380F39A0032EAB7DD953030B26D28] - [10/04/2017 17:50:08] - |A| - [113664] - C:\WINDOWS\syswow64\SessEnv_FromLFSULTRA-WIDEN.dll [MD5.F1F2AD1C3A9BEF7AC914FDA714BC7879] - [10/04/2017 17:50:08] - |A| - [50176] - C:\WINDOWS\syswow64\setbcdlocale.dll [MD5.8C545F6F1BA83C15B8B02EE4AA62FF11] - [10/04/2017 17:50:09] - |A| - [270336] - C:\WINDOWS\syswow64\sethc_FromLFSULTRA-WIDEN.exe [MD5.887055A3C8DD6C87D200D11EAFDBD45B] - [10/04/2017 17:50:09] - |A| - [74240] - C:\WINDOWS\syswow64\SetIEInstalledDate.exe [MD5.AB9E59F5B2C7B0DC08698FD4264F9DA9] - [10/04/2017 17:50:10] - |A| - [31744] - C:\WINDOWS\syswow64\setspn.exe [MD5.10FB16B50AFFDA6D44588F3C445DC273] - [10/04/2017 17:50:14] - |A| - [1667584] - C:\WINDOWS\syswow64\setupapi_FromLFSULTRA-WIDEN.dll [MD5.1BE1A0487946F64AF5D2946AD1ECD596] - [10/04/2017 17:50:15] - |A| - [103936] - C:\WINDOWS\syswow64\setupcl.exe [MD5.3F5A4F3A11EAA28DCD5C85C06C09D853] - [10/04/2017 17:50:16] - |A| - [115712] - C:\WINDOWS\syswow64\setupcln_FromLFSULTRA-WIDEN.dll [MD5.5655D2E4822E1512B9152AD90B9E2151] - [10/04/2017 17:50:16] - |A| - [5120] - C:\WINDOWS\syswow64\setupetw.dll [MD5.938E34AC05EC75EF8474BD2649DC9739] - [10/04/2017 17:50:16] - |A| - [17920] - C:\WINDOWS\syswow64\setupSNK.exe [MD5.824E84AC88AC9F82D772960657E094D1] - [10/04/2017 17:50:17] - |A| - [113152] - C:\WINDOWS\syswow64\setupugc_FromLFSULTRA-WIDEN.exe [MD5.AD7B906FC883959E56E210B2B077CA00] - [10/04/2017 17:50:17] - |A| - [11753] - C:\WINDOWS\syswow64\setver.exe [MD5.C9A6121252634AA4D4618981DE929BBB] - [10/04/2017 17:50:17] - |A| - [46080] - C:\WINDOWS\syswow64\setx_FromLFSULTRA-WIDEN.exe [MD5.FDED64DC18429175D4DD9BB8D92C334C] - [10/04/2017 17:50:17] - |A| - [68944] - C:\WINDOWS\syswow64\SFAPO.dll [MD5.FDDC4D6EC3B2BD3B5A04C22881305621] - [10/04/2017 17:50:18] - |A| - [74064] - C:\WINDOWS\syswow64\SFCOM.dll [MD5.40CAEEE0EAF1B8569F7C8DF6420F2CB9] - [10/04/2017 17:50:17] - |A| - [2560] - C:\WINDOWS\syswow64\sfc_FromLFSULTRA-WIDEN.dll [MD5.CDFB49D4628F3822B2335C7A35BF69CD] - [10/04/2017 17:50:17] - |A| - [35328] - C:\WINDOWS\syswow64\sfc_FromLFSULTRA-WIDEN.exe [MD5.84799328D87B3091A3BDD251E1AD31F9] - [10/04/2017 17:50:18] - |A| - [40960] - C:\WINDOWS\syswow64\sfc_os_FromLFSULTRA-WIDEN.dll [MD5.1BE0D5882B4812A0DC0A8137A350AF67] - [10/04/2017 17:50:18] - |A| - [214352] - C:\WINDOWS\syswow64\SFNHK.dll [MD5.F14A9B1778376D0B1788E402AC1F831A] - [10/04/2017 17:50:18] - |A| - [108032] - C:\WINDOWS\syswow64\shacct_FromLFSULTRA-WIDEN.dll [MD5.68062C0ECE86AB7801B5B47FDC855A06] - [10/04/2017 17:50:19] - |A| - [882] - C:\WINDOWS\syswow64\share.exe [MD5.B7A7EFA6DBB68401CFAB1C4252FD3257] - [10/04/2017 17:50:19] - |A| - [316416] - C:\WINDOWS\syswow64\sharemediacpl.dll [MD5.2C4A87CA8C00E98EFDCFA2E8EC9A3503] - [10/04/2017 17:50:20] - |A| - [180224] - C:\WINDOWS\syswow64\shdocvw_FromLFSULTRA-WIDEN.dll [MD5.DC8A8C47542EDD026AD8F4AC3D6C2292] - [10/04/2017 17:50:20] - |A| - [5120] - C:\WINDOWS\syswow64\SHELL.DLL [MD5.F811B932E3DBA308014F8C870F752F16] - [10/04/2017 17:50:20] - |A| - [12875776] - C:\WINDOWS\syswow64\shell32_FromLFSULTRA-WIDEN.dll [MD5.826E90596690131DC17D5B97CB9675F4] - [10/04/2017 17:50:21] - |A| - [514048] - C:\WINDOWS\syswow64\shellstyle_FromLFSULTRA-WIDEN.dll [MD5.539C49CEBB3C50957AC8A09D95ECD880] - [10/04/2017 17:50:27] - |A| - [7168] - C:\WINDOWS\syswow64\shfolder_FromLFSULTRA-WIDEN.dll [MD5.CFD8B8537036CF35F6254192997A4D8E] - [10/04/2017 17:50:30] - |A| - [20992] - C:\WINDOWS\syswow64\shgina_FromLFSULTRA-WIDEN.dll [MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - [10/04/2017 17:50:34] - |A| - [16740] - C:\WINDOWS\syswow64\ShiftJIS_FromLFSULTRA-WIDEN.uce [MD5.B2CB7BE1300E7B0EF4E31A674A2617A1] - [10/04/2017 17:50:34] - |A| - [5120] - C:\WINDOWS\syswow64\shimeng_FromLFSULTRA-WIDEN.dll [MD5.FAA05DD44E5DF264AEBE3F03BA4211BB] - [10/04/2017 17:50:35] - |A| - [35840] - C:\WINDOWS\syswow64\shimgvw_FromLFSULTRA-WIDEN.dll [MD5.8CC3C111D653E96F3EA1590891491D71] - [10/04/2017 17:50:35] - |A| - [350208] - C:\WINDOWS\syswow64\shlwapi_FromLFSULTRA-WIDEN.dll [MD5.D9FCB69502C4631BDFA0A207FB038894] - [10/04/2017 17:50:36] - |A| - [14336] - C:\WINDOWS\syswow64\shpafact_FromLFSULTRA-WIDEN.dll [MD5.365114BB31BB58E49D1AE7D6BA281336] - [10/04/2017 17:50:36] - |A| - [391680] - C:\WINDOWS\syswow64\shrpubw_FromLFSULTRA-WIDEN.exe [MD5.5E6E37DC2EFE39EC146271E22A16844F] - [10/04/2017 17:50:37] - |A| - [111104] - C:\WINDOWS\syswow64\shsetup_FromLFSULTRA-WIDEN.dll [MD5.414DA952A35BF5D50192E28263B40577] - [10/04/2017 17:50:37] - |A| - [328192] - C:\WINDOWS\syswow64\shsvcs_FromLFSULTRA-WIDEN.dll [MD5.0A8E209F3C1D1FB6889465D1019CC5BF] - [10/04/2017 17:50:38] - |A| - [10752] - C:\WINDOWS\syswow64\shunimpl_FromLFSULTRA-WIDEN.dll [MD5.61739432482891F2DC5745CCA0A67028] - [10/04/2017 17:50:39] - |A| - [30720] - C:\WINDOWS\syswow64\shutdown_FromLFSULTRA-WIDEN.exe [MD5.E9B7D9BBD3E78E7DD053A5108B7649AC] - [10/04/2017 17:50:39] - |A| - [428544] - C:\WINDOWS\syswow64\shwebsvc_FromLFSULTRA-WIDEN.dll [MD5.5CC39F0091D2CEBF629C36741557168E] - [10/04/2017 17:50:40] - |A| - [41984] - C:\WINDOWS\syswow64\signdrv_FromLFSULTRA-WIDEN.dll [MD5.E631F2B309A8F99EFB2578328BD0A749] - [10/04/2017 17:50:40] - |A| - [67584] - C:\WINDOWS\syswow64\sigverif.exe [MD5.DFE3EFAA5A30964C9F572CFC0B4F6136] - [10/04/2017 17:50:40] - |A| - [12288] - C:\WINDOWS\syswow64\simpdata_FromLFSULTRA-WIDEN.tlb [MD5.D79524DFBC24FA484DF5C277447D2F7F] - [10/04/2017 00:33:59] - |A| - [48464] - C:\WINDOWS\syswow64\sirenacm.dll [MD5.D79524DFBC24FA484DF5C277447D2F7F] - [10/04/2017 17:50:41] - |A| - [48464] - C:\WINDOWS\syswow64\sirenacm_FromLFSULTRA-WIDEN.dll [MD5.F44CCA639625EC735667BD8B8E523A33] - [10/04/2017 17:50:41] - |A| - [19456] - C:\WINDOWS\syswow64\sisbkup.dll [MD5.0B4F5F5982E277F39CA6E1548F6B0D53] - [10/04/2017 17:50:43] - |A| - [16384] - C:\WINDOWS\syswow64\slcext_FromLFSULTRA-WIDEN.dll [MD5.8B74CEC6980D4816B0037AE9A27E538F] - [10/04/2017 17:50:43] - |A| - [27136] - C:\WINDOWS\syswow64\slc_FromLFSULTRA-WIDEN.dll [MD5.38482A5013D8AB40DF0FB15EAE022C57] - [10/04/2017 17:50:44] - |A| - [113629] - C:\WINDOWS\syswow64\slmgr_FromLFSULTRA-WIDEN.vbs [MD5.D861EB4D6719D6738270E6A376B87F18] - [10/04/2017 17:50:44] - |A| - [325632] - C:\WINDOWS\syswow64\slui.exe [MD5.19F75D71E4256F5113D64CE2BB66B838] - [10/04/2017 17:50:45] - |A| - [14336] - C:\WINDOWS\syswow64\slwga_FromLFSULTRA-WIDEN.dll [MD5.05BF975CA428E04B462FB90841B37C95] - [10/04/2017 17:50:45] - |A| - [152064] - C:\WINDOWS\syswow64\SmartcardCredentialProvider_FromLFSULTRA-WIDEN.dll [MD5.95B4230D7F993D4716FC4F3CA120FEB6] - [10/04/2017 17:50:46] - |A| - [84992] - C:\WINDOWS\syswow64\SMBHelperClass_FromLFSULTRA-WIDEN.dll [MD5.39C3CDE5BFA5D95661712258EDFE5F17] - [10/04/2017 17:51:00] - |A| - [697344] - C:\WINDOWS\syswow64\SmiEngine.dll [MD5.1B30E9AF06CD2D24A8E781907D5CBEEE] - [10/04/2017 17:51:00] - |A| - [69632] - C:\WINDOWS\syswow64\smss.exe [MD5.2CFA4569350B7F84F815E9EC34E85766] - [10/04/2017 17:51:01] - |A| - [220160] - C:\WINDOWS\syswow64\SndVolSSO_FromLFSULTRA-WIDEN.dll [MD5.2305BFF2966D73694972FD7531BC5BAA] - [10/04/2017 17:51:01] - |A| - [314368] - C:\WINDOWS\syswow64\SndVol_FromLFSULTRA-WIDEN.exe [MD5.1220595CABA75AB91A6B3FA3B89483CC] - [10/04/2017 17:51:01] - |A| - [22528] - C:\WINDOWS\syswow64\snmpapi_FromLFSULTRA-WIDEN.dll [MD5.6A984831644ECA1A33FFEAE4126F4F37] - [10/04/2017 17:51:02] - |A| - [12800] - C:\WINDOWS\syswow64\snmptrap.exe [MD5.E105496A1A00A847BC2F9913F1DA94A1] - [10/04/2017 17:51:02] - |A| - [214400] - C:\WINDOWS\syswow64\Snpropwp.dll [MD5.68406207E9400E608AF366DD019D9487] - [09/04/2017 13:18:56] - |A| - [36864] - C:\WINDOWS\syswow64\Sof2FFTPrj.ocx [MD5.68406207E9400E608AF366DD019D9487] - [10/04/2017 17:51:02] - |A| - [36864] - C:\WINDOWS\syswow64\Sof2FFTPrj_FromLFSULTRA-WIDEN.ocx [MD5.D2EA52640F467EF6E457D5BCB8C562D1] - [10/04/2017 17:51:02] - |A| - [126464] - C:\WINDOWS\syswow64\softkbd_FromLFSULTRA-WIDEN.dll [MD5.A1C9A937EB528A6C969801E0EE89960C] - [10/04/2017 17:51:03] - |A| - [8704] - C:\WINDOWS\syswow64\softpub_FromLFSULTRA-WIDEN.dll [MD5.9E81CD18F45702A9D3D34EDF295C2FB1] - [10/04/2017 17:51:03] - |A| - [38400] - C:\WINDOWS\syswow64\SortServer2003Compat_FromLFSULTRA-WIDEN.dll [MD5.8C0854D2BBAE8E1B5F447B94CDD878F1] - [10/04/2017 17:51:03] - |A| - [54784] - C:\WINDOWS\syswow64\SortWindows6Compat_FromLFSULTRA-WIDEN.dll [MD5.0297BC851D4C2187E80466362E0D5FA8] - [10/04/2017 17:51:03] - |A| - [19968] - C:\WINDOWS\syswow64\sort_FromLFSULTRA-WIDEN.exe [MD5.028A1F74926DC3DF2D9629EDC9AEBAFB] - [10/04/2017 17:51:04] - |A| - [1744] - C:\WINDOWS\syswow64\sound.drv [MD5.2A40F6AD59D3E598ECDAA6CAB90360A4] - [10/04/2017 17:51:04] - |A| - [125952] - C:\WINDOWS\syswow64\SoundRecorder.exe [MD5.BC080CEA43CB990F28B049742706581F] - [10/04/2017 17:51:05] - |A| - [61952] - C:\WINDOWS\syswow64\spbcd_FromLFSULTRA-WIDEN.dll [MD5.C74D61FCA22F36791105D7878AF73572] - [10/04/2017 17:51:05] - |A| - [8280] - C:\WINDOWS\syswow64\spcinstrumentation.man [MD5.F824F6F7ABF480C7FF2897B1CF6050DE] - [10/04/2017 17:51:05] - |A| - [12288] - C:\WINDOWS\syswow64\spcmsg.dll [MD5.3B40165A039BFDCF1CF8AE822B438547] - [09/04/2017 13:18:56] - |A| - [28672] - C:\WINDOWS\syswow64\SpecBarPrj.ocx [MD5.3B40165A039BFDCF1CF8AE822B438547] - [10/04/2017 17:51:05] - |A| - [28672] - C:\WINDOWS\syswow64\SpecBarPrj_FromLFSULTRA-WIDEN.ocx [MD5.48AD92AFC0FF5363D03DC0AB08D6E1AD] - [10/04/2017 17:51:11] - |A| - [190464] - C:\WINDOWS\syswow64\sperror.dll [MD5.4B9E4CE667DF26ADA061AA81E9AA841D] - [10/04/2017 17:51:11] - |A| - [81920] - C:\WINDOWS\syswow64\spfileq_FromLFSULTRA-WIDEN.dll [MD5.4BDBBE5E4208022DD794F7EEEB0F7366] - [10/04/2017 17:51:12] - |A| - [75776] - C:\WINDOWS\syswow64\SPInf_FromLFSULTRA-WIDEN.dll [MD5.23E9DCEE1D2BBA23EA5B50F76F633A0A] - [10/04/2017 17:51:12] - |A| - [456192] - C:\WINDOWS\syswow64\spinstall.exe [MD5.D109520C6C3368F19BC98A55756E27E8] - [10/04/2017 17:51:14] - |A| - [8192] - C:\WINDOWS\syswow64\spnet_FromLFSULTRA-WIDEN.dll [MD5.629181C26A78EB66B0B4E774E5AC2882] - [10/04/2017 17:52:46] - |A| - [45056] - C:\WINDOWS\syswow64\spoolss.dll [MD5.866A43013535DC8587C258E43579C764] - [10/04/2017 17:52:46] - |A| - [317440] - C:\WINDOWS\syswow64\spoolsv.exe [MD5.3C519BC7767F41F1C88DB0395F31A817] - [10/04/2017 17:52:47] - |A| - [19968] - C:\WINDOWS\syswow64\spopk_FromLFSULTRA-WIDEN.dll [MD5.4DB3E8859035511C131C27BE57A37F1E] - [10/04/2017 17:53:18] - |A| - [389632] - C:\WINDOWS\syswow64\sppcc.dll [MD5.7A3AFE50417B94910A6DAE1D07DF6E3A] - [10/04/2017 17:53:19] - |A| - [1111552] - C:\WINDOWS\syswow64\sppcext_FromLFSULTRA-WIDEN.dll [MD5.E3AE23569749DE12D45BA3B489A036AE] - [10/04/2017 17:53:20] - |A| - [193536] - C:\WINDOWS\syswow64\sppcomapi.dll [MD5.74563DB8DC5CA963F77161EE82CAE92A] - [10/04/2017 17:53:20] - |A| - [345088] - C:\WINDOWS\syswow64\sppcommdlg.dll [MD5.8E4B58E12B3FA65ED1462846906E0B59] - [10/04/2017 17:53:18] - |A| - [121344] - C:\WINDOWS\syswow64\sppc_FromLFSULTRA-WIDEN.dll [MD5.5A220C5CFC74AB3C2517D1F1B670D5D3] - [10/04/2017 17:53:21] - |A| - [100864] - C:\WINDOWS\syswow64\sppinst_FromLFSULTRA-WIDEN.dll [MD5.55CDE81B9FD8E234C4E00E4EEE919406] - [10/04/2017 17:53:21] - |A| - [115712] - C:\WINDOWS\syswow64\sppnp.dll [MD5.421D9645B72CD341ECDBB0FCE06C97DE] - [10/04/2017 17:53:22] - |A| - [974336] - C:\WINDOWS\syswow64\sppobjs.dll [MD5.CF87A1DE791347E75B98885214CED2B8] - [10/04/2017 17:53:23] - |A| - [3179520] - C:\WINDOWS\syswow64\sppsvc.exe [MD5.B0180B20B065D89232A78A40FE56EAA6] - [10/04/2017 17:53:27] - |A| - [53760] - C:\WINDOWS\syswow64\sppuinotify.dll [MD5.3A11396EAC2414012155AB14E5C1E332] - [10/04/2017 17:53:28] - |A| - [412160] - C:\WINDOWS\syswow64\sppwinob.dll [MD5.5F5BB7C391D0E98338BF64B19C81F1FF] - [10/04/2017 17:53:28] - |A| - [118784] - C:\WINDOWS\syswow64\sppwmi_FromLFSULTRA-WIDEN.dll [MD5.971A36C4827AD1AE2A54E6407478921A] - [10/04/2017 17:53:18] - |A| - [172544] - C:\WINDOWS\syswow64\spp_FromLFSULTRA-WIDEN.dll [MD5.00000000000000000000000000000000] - [10/04/2017 17:53:29] - |D| - [1739776] - C:\WINDOWS\syswow64\SPReview [MD5.D0804290B30C58652724344365C89D12] - [10/04/2017 17:53:53] - |A| - [280576] - C:\WINDOWS\syswow64\spreview.exe [MD5.BD4F482296D8F74AEAB49676B67FAFD9] - [10/04/2017 17:53:53] - |A| - [11264] - C:\WINDOWS\syswow64\spwinsat_FromLFSULTRA-WIDEN.dll [MD5.1EB40CEBF58C2983497A77442B99B2D0] - [10/04/2017 17:53:54] - |A| - [352768] - C:\WINDOWS\syswow64\spwizeng_FromLFSULTRA-WIDEN.dll [MD5.D2A826E6ADD8620DFE981E9533D4C332] - [10/04/2017 17:53:54] - |A| - [8338432] - C:\WINDOWS\syswow64\spwizimg_FromLFSULTRA-WIDEN.dll [MD5.3F0BB313E64983FF701D43C930530AC7] - [10/04/2017 17:53:58] - |A| - [7680] - C:\WINDOWS\syswow64\spwizres_FromLFSULTRA-WIDEN.dll [MD5.283E4E276D023DC20E7C9F8DFB4A3204] - [10/04/2017 17:54:02] - |A| - [253952] - C:\WINDOWS\syswow64\spwizui.dll [MD5.0A4A970D997125C7E8A06D72C20369FB] - [10/04/2017 17:54:06] - |A| - [8192] - C:\WINDOWS\syswow64\spwmp_FromLFSULTRA-WIDEN.dll [MD5.B6C756FA661C5EB7B3547E60647F87A7] - [10/04/2017 17:54:06] - |A| - [151552] - C:\WINDOWS\syswow64\sqlceoledb30.dll [MD5.60236C8C3B8C2D8B9A59326890533EB8] - [10/04/2017 17:54:06] - |A| - [605184] - C:\WINDOWS\syswow64\sqlceqp30.dll [MD5.13CDD3FF0961A2EC6D9829A1640DD6DC] - [10/04/2017 17:54:07] - |A| - [309760] - C:\WINDOWS\syswow64\sqlcese30.dll [MD5.4470B0943469C4AF5B114E420DCB1AEF] - [10/04/2017 17:54:08] - |A| - [778240] - C:\WINDOWS\syswow64\sqlsrv32_FromLFSULTRA-WIDEN.dll [MD5.FF2EF2ED43C4079F962627BC38418B37] - [10/04/2017 17:54:08] - |A| - [106496] - C:\WINDOWS\syswow64\sqlsrv32_FromLFSULTRA-WIDEN.rll [MD5.549D1CB099C1CEE6AD3DF69AD3587B70] - [10/04/2017 17:54:09] - |A| - [180800] - C:\WINDOWS\syswow64\sqlunirl_FromLFSULTRA-WIDEN.dll [MD5.BC78E20B97E301EAE36D685357A1A650] - [10/04/2017 17:54:09] - |A| - [24603] - C:\WINDOWS\syswow64\sqlwid_FromLFSULTRA-WIDEN.dll [MD5.350427E625989ABB1CC40A664FBF2FE7] - [10/04/2017 17:54:09] - |A| - [49179] - C:\WINDOWS\syswow64\sqlwoa_FromLFSULTRA-WIDEN.dll [MD5.CE292C4C10B8DB6070F262EA2733F0DC] - [10/04/2017 17:54:10] - |A| - [189952] - C:\WINDOWS\syswow64\sqmapi_FromLFSULTRA-WIDEN.dll [MD5.674B0C0F6A448EB185CAAB9C51D44032] - [10/04/2017 17:54:13] - |A| - [301568] - C:\WINDOWS\syswow64\srchadmin_FromLFSULTRA-WIDEN.dll [MD5.2A7DDF3441564E2615A88A840ECC19ED] - [10/04/2017 17:54:13] - |A| - [43008] - C:\WINDOWS\syswow64\srclient_FromLFSULTRA-WIDEN.dll [MD5.C83E90F04C41003A9712C1106DEA135F] - [10/04/2017 17:54:14] - |A| - [400896] - C:\WINDOWS\syswow64\srcore.dll [MD5.89370EEE7ADD53E05DF47F9F9D2B4EE8] - [10/04/2017 17:54:14] - |A| - [14848] - C:\WINDOWS\syswow64\srdelayed_FromLFSULTRA-WIDEN.exe [MD5.147465842B4883A14BD04F8521638793] - [10/04/2017 17:54:15] - |A| - [73216] - C:\WINDOWS\syswow64\srhelper.dll [MD5.E2864DF592832883151A8D5500A7EAAA] - [10/04/2017 17:54:15] - |A| - [257024] - C:\WINDOWS\syswow64\srrstr.dll [MD5.272BF8E5DBDAF0614CC367A25EA3B256] - [10/04/2017 17:54:15] - |A| - [173296] - C:\WINDOWS\syswow64\SRSHP360.dll [MD5.029F36DE21AFBDD2865CC657E252EBA7] - [10/04/2017 17:54:15] - |A| - [185584] - C:\WINDOWS\syswow64\SRSTSHD.dll [MD5.8C83CED38F8CAC3E8D5A953C03BCF4B4] - [10/04/2017 17:54:16] - |A| - [345328] - C:\WINDOWS\syswow64\SRSTSXT.dll [MD5.A258F7B2B84E88118369B0B2196CC257] - [10/04/2017 17:54:17] - |A| - [140528] - C:\WINDOWS\syswow64\SRSWOW.dll [MD5.5CCDCD40E732D54E0F7451AC66AC1C87] - [10/04/2017 17:54:18] - |A| - [90112] - C:\WINDOWS\syswow64\srvcli_FromLFSULTRA-WIDEN.dll [MD5.D64AF876D53ECA3668BB97B51B4E70AB] - [10/04/2017 17:54:18] - |A| - [168960] - C:\WINDOWS\syswow64\srvsvc.dll [MD5.861F17D94C9ACA2C02BB80990521C778] - [10/04/2017 17:54:19] - |A| - [23040] - C:\WINDOWS\syswow64\srwmi.dll [MD5.89E783711AF91AF09E1EF30EF3107446] - [10/04/2017 17:54:19] - |A| - [9728] - C:\WINDOWS\syswow64\sscore_FromLFSULTRA-WIDEN.dll [MD5.28E2231BD34A39C854BDF3923AB2FF86] - [10/04/2017 17:54:19] - |A| - [39936] - C:\WINDOWS\syswow64\ssdpapi_FromLFSULTRA-WIDEN.dll [MD5.D887C9FD02AC9FA880F6E5027A43E118] - [10/04/2017 17:54:19] - |A| - [162816] - C:\WINDOWS\syswow64\ssdpsrv.dll [MD5.1C4F26459373D7CCAF9E2D1605F67CBF] - [10/04/2017 17:54:19] - |A| - [99840] - C:\WINDOWS\syswow64\sspicli_FromLFSULTRA-WIDEN.dll [MD5.F17545953888D2979F253ED19CE5C4C5] - [10/04/2017 17:54:20] - |A| - [15872] - C:\WINDOWS\syswow64\sspisrv.dll [MD5.3C1A916DDAA2E99BC359C6E63DF1F9D6] - [10/04/2017 17:54:20] - |A| - [110080] - C:\WINDOWS\syswow64\SSShim_FromLFSULTRA-WIDEN.dll [MD5.AD6DB3F85D329ABA90EAF7B2D8A2EEA9] - [10/04/2017 17:54:20] - |A| - [293888] - C:\WINDOWS\syswow64\ssText3d_FromLFSULTRA-WIDEN.scr [MD5.D318F23BE45D5E3A107469EB64815B50] - [10/04/2017 17:54:21] - |A| - [90112] - C:\WINDOWS\syswow64\sstpsvc.dll [MD5.B667EA585530856CA7F7D4152863C8DE] - [09/04/2017 12:10:28] - |A| - [416768] - C:\WINDOWS\syswow64\StatBarU.ocx [MD5.B667EA585530856CA7F7D4152863C8DE] - [10/04/2017 17:54:22] - |A| - [416768] - C:\WINDOWS\syswow64\StatBarU_FromLFSULTRA-WIDEN.ocx [MD5.32F06A6B69E56BC9FB4308B29B5C9A0E] - [10/04/2017 17:54:22] - |A| - [65024] - C:\WINDOWS\syswow64\stclient_FromLFSULTRA-WIDEN.dll [MD5.89F4D0DD6606A2FE15931E6888DBBC8D] - [10/04/2017 17:54:23] - |A| - [16896] - C:\WINDOWS\syswow64\stdole2_FromLFSULTRA-WIDEN.tlb [MD5.7430A0EC3EF934AE7C4D6807D36ECEBA] - [10/04/2017 17:54:23] - |A| - [7168] - C:\WINDOWS\syswow64\stdole32_FromLFSULTRA-WIDEN.tlb [MD5.843ED534E2F15F733F4A468FD9CF0CD1] - [10/04/2017 17:54:23] - |A| - [122368] - C:\WINDOWS\syswow64\sti_ci.dll [MD5.F2A24E4AEC0F8D5DBAB10CB87A8EFED2] - [10/04/2017 17:54:23] - |A| - [199680] - C:\WINDOWS\syswow64\sti_FromLFSULTRA-WIDEN.dll [MD5.912649A1B3F9E6ACB3899FBDABA2ED5F] - [10/04/2017 17:54:24] - |A| - [228352] - C:\WINDOWS\syswow64\stobject_FromLFSULTRA-WIDEN.dll [MD5.C1D8C5D36ADACF8F8068776E047D8486] - [10/04/2017 17:54:24] - |A| - [62464] - C:\WINDOWS\syswow64\StorageContextHandler_FromLFSULTRA-WIDEN.dll [MD5.5C8CDB104C31D1624EDBEEF75C1506CF] - [10/04/2017 17:54:24] - |A| - [4208] - C:\WINDOWS\syswow64\storage_FromLFSULTRA-WIDEN.dll [MD5.42FA5E7136A3CBB68AAA61E92D4739CE] - [10/04/2017 17:54:25] - |A| - [60928] - C:\WINDOWS\syswow64\Storprop_FromLFSULTRA-WIDEN.dll [MD5.05DA001CD0CC9994C867E668A3282D29] - [10/04/2017 17:54:25] - |A| - [22096] - C:\WINDOWS\syswow64\streamci.dll [MD5.6A1E8DEB746912DF47CF651E138401D7] - [10/04/2017 17:54:25] - |A| - [363520] - C:\WINDOWS\syswow64\StructuredQuery_FromLFSULTRA-WIDEN.dll [MD5.30F5568679A54042F99CA9EC1102EBCD] - [10/04/2017 17:54:25] - |A| - [93702] - C:\WINDOWS\syswow64\SubRange_FromLFSULTRA-WIDEN.uce [MD5.8EBCF8644B924F9B642AC8CA2FE63406] - [10/04/2017 17:54:26] - |A| - [13824] - C:\WINDOWS\syswow64\subst_FromLFSULTRA-WIDEN.exe [MD5.F1E9A22C1D4F5D3AC7BA555D4E95329C] - [10/04/2017 17:54:26] - |A| - [755200] - C:\WINDOWS\syswow64\sud_FromLFSULTRA-WIDEN.dll [MD5.54A47F6B5E09A77E61649109C6A08866] - [10/04/2017 17:54:29] - |A| - [20992] - C:\WINDOWS\syswow64\svchost_FromLFSULTRA-WIDEN.exe [MD5.A28BD92DF340E57B024BA433165D34D7] - [10/04/2017 17:54:29] - |A| - [313856] - C:\WINDOWS\syswow64\swprv.dll [MD5.DD7596A0BC60AFFCCEB07E64F876FB59] - [10/04/2017 17:54:29] - |A| - [31744] - C:\WINDOWS\syswow64\sxproxy_FromLFSULTRA-WIDEN.dll [MD5.9BF7BDBD1EC69D44EA8D9BE222FC93BB] - [10/04/2017 17:54:30] - |A| - [19456] - C:\WINDOWS\syswow64\sxshared_FromLFSULTRA-WIDEN.dll [MD5.364455805E64882844EE9ACB72522830] - [10/04/2017 17:54:30] - |A| - [24576] - C:\WINDOWS\syswow64\sxssrv.dll [MD5.BBED6A14692C48279F88B3127206A1BA] - [10/04/2017 17:54:31] - |A| - [22016] - C:\WINDOWS\syswow64\sxsstore_FromLFSULTRA-WIDEN.dll [MD5.5E153D9C44E6E235423F69D9575B836D] - [10/04/2017 17:54:31] - |A| - [27136] - C:\WINDOWS\syswow64\sxstrace_FromLFSULTRA-WIDEN.exe [MD5.919001D2BB17DF06CA3F8AC16AD039F6] - [10/04/2017 17:54:30] - |A| - [380416] - C:\WINDOWS\syswow64\sxs_FromLFSULTRA-WIDEN.dll [MD5.2DDEA2C345DA5BC589EFD398F220DB0E] - [10/04/2017 17:54:31] - |A| - [2146304] - C:\WINDOWS\syswow64\SyncCenter_FromLFSULTRA-WIDEN.dll [MD5.D23E615E0969AECC1134E372B0B295D1] - [10/04/2017 17:54:32] - |A| - [78336] - C:\WINDOWS\syswow64\synceng_FromLFSULTRA-WIDEN.dll [MD5.82BFF322826256F89433E520FFE62CB0] - [10/04/2017 17:54:34] - |A| - [9728] - C:\WINDOWS\syswow64\SyncHostps_FromLFSULTRA-WIDEN.dll [MD5.0AFE8EB0646B22CF4BD2E272EC49681C] - [10/04/2017 17:54:34] - |A| - [38912] - C:\WINDOWS\syswow64\SyncHost_FromLFSULTRA-WIDEN.exe [MD5.4A5DDCADAF5D4DD0BBD82570F4859FBE] - [10/04/2017 17:54:36] - |A| - [15360] - C:\WINDOWS\syswow64\SyncInfrastructureps_FromLFSULTRA-WIDEN.dll [MD5.469E61ED4C5E018E1D0B130ACE65D85F] - [10/04/2017 17:54:35] - |A| - [323072] - C:\WINDOWS\syswow64\SyncInfrastructure_FromLFSULTRA-WIDEN.dll [MD5.856CFFCD835528136367BB1A8FE1DB87] - [10/04/2017 17:54:36] - |A| - [55296] - C:\WINDOWS\syswow64\Syncreg_FromLFSULTRA-WIDEN.dll [MD5.20A20A911CD79A6F6839167149A05668] - [10/04/2017 17:54:36] - |A| - [159232] - C:\WINDOWS\syswow64\syncui_FromLFSULTRA-WIDEN.dll [MD5.73869A8A7AF77801387A36CF9B9B5886] - [10/04/2017 17:54:36] - |A| - [198144] - C:\WINDOWS\syswow64\sysclass.dll [MD5.BEFF01C9F044BA2AD7F5FB837972FC90] - [10/04/2017 17:54:37] - |A| - [326656] - C:\WINDOWS\syswow64\sysdm_FromLFSULTRA-WIDEN.cpl [MD5.283CAD5E151AE7C73D7F733D527D774E] - [10/04/2017 17:54:37] - |A| - [18896] - C:\WINDOWS\syswow64\sysedit.exe [MD5.08D48E8CF6072114C656026457D02C15] - [10/04/2017 17:54:38] - |A| - [338944] - C:\WINDOWS\syswow64\SysFxUI.dll [MD5.DF3F24F1A6BB661593E8E2EA6F7A786A] - [10/04/2017 17:54:39] - |A| - [28672] - C:\WINDOWS\syswow64\syskey_FromLFSULTRA-WIDEN.exe [MD5.36650D618CA34C9D357DFD3D89B2C56F] - [10/04/2017 17:54:39] - |A| - [1159168] - C:\WINDOWS\syswow64\sysmain.dll [MD5.E82CEFE0D2F98651D556E2437163486B] - [10/04/2017 17:54:40] - |A| - [389632] - C:\WINDOWS\syswow64\sysmon_FromLFSULTRA-WIDEN.ocx [MD5.BA51FFE170C5B3AE8EC4F5BD2581A29E] - [10/04/2017 17:54:41] - |A| - [16896] - C:\WINDOWS\syswow64\sysntfy.dll [MD5.74943B60374CB5F9C6F9907F8BD2F79A] - [10/04/2017 17:54:45] - |A| - [3214] - C:\WINDOWS\syswow64\sysprint_FromLFSULTRA-WIDEN.sep [MD5.9E1F3509104FCEB377A58A16E8243D39] - [10/04/2017 17:54:46] - |A| - [3577] - C:\WINDOWS\syswow64\sysprtj_FromLFSULTRA-WIDEN.sep [MD5.56D80B7E622338AF0F93B25A85D97188] - [10/04/2017 17:54:46] - |A| - [14848] - C:\WINDOWS\syswow64\syssetup_FromLFSULTRA-WIDEN.dll [MD5.4A00D59AE6D75BDFC2C8E5182C4B1376] - [10/04/2017 17:54:46] - |A| - [3360] - C:\WINDOWS\syswow64\system.drv [MD5.4AC64014668BB2B4834A66B73406AB63] - [10/04/2017 17:54:46] - |A| - [410624] - C:\WINDOWS\syswow64\systemcpl_FromLFSULTRA-WIDEN.dll [MD5.258B2ED54FC7F74E2FDCCE5861549C1A] - [10/04/2017 17:54:47] - |A| - [75776] - C:\WINDOWS\syswow64\systeminfo_FromLFSULTRA-WIDEN.exe [MD5.976D873B005E11C5F61CAE5EFCB955A1] - [10/04/2017 17:54:47] - |A| - [81920] - C:\WINDOWS\syswow64\SystemPropertiesAdvanced_FromLFSULTRA-WIDEN.exe [MD5.A1DD060EA542D1B53F1F145D5F0325A0] - [10/04/2017 17:54:48] - |A| - [81920] - C:\WINDOWS\syswow64\SystemPropertiesComputerName_FromLFSULTRA-WIDEN.exe [MD5.8F1323D58A47EA912E6F954920EDE85D] - [10/04/2017 17:54:48] - |A| - [81920] - C:\WINDOWS\syswow64\SystemPropertiesDataExecutionPrevention_FromLFSULTRA-WIDEN.exe [MD5.BB1E4126282097BCDEB1419E26E453BC] - [10/04/2017 17:54:49] - |A| - [81920] - C:\WINDOWS\syswow64\SystemPropertiesHardware_FromLFSULTRA-WIDEN.exe [MD5.1969A81CA0CFAF3DC732C89B38854997] - [10/04/2017 17:54:49] - |A| - [81920] - C:\WINDOWS\syswow64\SystemPropertiesPerformance_FromLFSULTRA-WIDEN.exe [MD5.637C76FBF5249B75C3E3BA08FFDABF5C] - [10/04/2017 17:54:49] - |A| - [81920] - C:\WINDOWS\syswow64\SystemPropertiesProtection_FromLFSULTRA-WIDEN.exe [MD5.AE8D597C94F84FDDFE80747B941615CC] - [10/04/2017 17:54:50] - |A| - [81920] - C:\WINDOWS\syswow64\SystemPropertiesRemote_FromLFSULTRA-WIDEN.exe [MD5.B8CBB46B42570D373C9933FBDF25EBCE] - [10/04/2017 17:54:50] - |A| - [146852] - C:\WINDOWS\syswow64\systemsf.ebd [MD5.DF6923839C6A8F776F0DA704C5F4CEA5] - [10/04/2017 17:54:55] - |A| - [8192] - C:\WINDOWS\syswow64\systray_FromLFSULTRA-WIDEN.exe [MD5.6B140B1382F1FE04BA57B196AEB19725] - [10/04/2017 17:54:56] - |A| - [109056] - C:\WINDOWS\syswow64\t2embed_FromLFSULTRA-WIDEN.dll [MD5.C09013692D28D8A75B479D4E7789FB54] - [10/04/2017 17:54:56] - |A| - [95232] - C:\WINDOWS\syswow64\Tabbtn.dll [MD5.6BC6D8ECDEBE5DF9C9281E592127F2FD] - [10/04/2017 17:54:57] - |A| - [53248] - C:\WINDOWS\syswow64\TabbtnEx.dll [MD5.44D647692BEFABB34EA46B34048C0F03] - [10/04/2017 17:54:57] - |A| - [74240] - C:\WINDOWS\syswow64\tabcal.exe [MD5.D304A5C08E733D694455DC770B86E069] - [10/04/2017 17:54:57] - |A| - [600576] - C:\WINDOWS\syswow64\TabletPC.cpl [MD5.763FECDC3D30C815FE72DD57936C6CD1] - [10/04/2017 17:54:58] - |A| - [73216] - C:\WINDOWS\syswow64\TabSvc.dll [MD5.8007508CEF6A5B10C24F7971DAF00F09] - [10/04/2017 17:54:59] - |A| - [51200] - C:\WINDOWS\syswow64\takeown_FromLFSULTRA-WIDEN.exe [MD5.77B9BDFFCE874766FE145C5CFD7AAC59] - [10/04/2017 17:54:59] - |A| - [19216] - C:\WINDOWS\syswow64\tapi.dll [MD5.BA32509D9B340162327B341013DE6522] - [10/04/2017 17:54:59] - |A| - [192000] - C:\WINDOWS\syswow64\tapi32_FromLFSULTRA-WIDEN.dll [MD5.A39DC816437CEC8F8D9B62890277A7D5] - [10/04/2017 17:54:59] - |A| - [855552] - C:\WINDOWS\syswow64\tapi3_FromLFSULTRA-WIDEN.dll [MD5.753240B54CE50DDB29AE123FDEE9B60C] - [10/04/2017 17:55:01] - |A| - [28672] - C:\WINDOWS\syswow64\tapilua.dll [MD5.1D4BB2EC5E201D30886A1DE658C55B52] - [10/04/2017 17:55:01] - |A| - [100864] - C:\WINDOWS\syswow64\TapiMigPlugin_FromLFSULTRA-WIDEN.dll [MD5.5BBD1F824741AA1FDA9A9DFD3A9D5416] - [10/04/2017 17:55:01] - |A| - [8704] - C:\WINDOWS\syswow64\tapiperf_FromLFSULTRA-WIDEN.dll [MD5.613BF4820361543956909043A265C6AC] - [10/04/2017 17:55:01] - |A| - [242176] - C:\WINDOWS\syswow64\tapisrv_FromLFSULTRA-WIDEN.dll [MD5.4776DBFB1AB6D0A1C5DF1B95BE5E9AB8] - [10/04/2017 17:55:02] - |A| - [9216] - C:\WINDOWS\syswow64\TapiSysprep_FromLFSULTRA-WIDEN.dll [MD5.175CC44827DF138B99F96E3E6A5F6DC5] - [10/04/2017 17:55:02] - |A| - [108544] - C:\WINDOWS\syswow64\tapiui_FromLFSULTRA-WIDEN.dll [MD5.FBD07354E3ECD632BBC9B49DA0067FC5] - [10/04/2017 17:55:03] - |A| - [11264] - C:\WINDOWS\syswow64\TapiUnattend_FromLFSULTRA-WIDEN.exe [MD5.7717A57C01812C3714BA25B96C36BF39] - [10/04/2017 17:55:03] - |A| - [233472] - C:\WINDOWS\syswow64\taskbarcpl.dll [MD5.1C3E8371377E988B683797A132EFFE1B] - [10/04/2017 17:55:04] - |A| - [305152] - C:\WINDOWS\syswow64\taskcomp_FromLFSULTRA-WIDEN.dll [MD5.4F2659160AFCCA990305816946F69407] - [10/04/2017 17:55:04] - |A| - [192000] - C:\WINDOWS\syswow64\taskeng.exe [MD5.72E953215CADE1A726C04AAFDF6B463D] - [10/04/2017 17:55:04] - |A| - [49152] - C:\WINDOWS\syswow64\taskhost.exe [MD5.94BDCAFBD584C979B385ADEE14B08AB4] - [10/04/2017 17:55:05] - |A| - [77824] - C:\WINDOWS\syswow64\taskkill_FromLFSULTRA-WIDEN.exe [MD5.A9A00E71E3DD67B029FC904FE3BB61DA] - [10/04/2017 17:55:05] - |A| - [80896] - C:\WINDOWS\syswow64\tasklist_FromLFSULTRA-WIDEN.exe [MD5.545BF7EAA24A9E062857D0742EC0B28A] - [10/04/2017 17:55:05] - |A| - [227328] - C:\WINDOWS\syswow64\taskmgr_FromLFSULTRA-WIDEN.exe [MD5.E1EF320CBB1A6623DF040D5539DDA8F4] - [10/04/2017 17:55:33] - |A| - [36864] - C:\WINDOWS\syswow64\TaskSchdPS_FromLFSULTRA-WIDEN.dll [MD5.544EFF88AC6C85DF5A4D6F18DFE08CFC] - [10/04/2017 17:55:32] - |A| - [505856] - C:\WINDOWS\syswow64\taskschd_FromLFSULTRA-WIDEN.dll [MD5.AB2A58839814D2EA5EE621B5DBF944FF] - [10/04/2017 17:55:32] - |A| - [145059] - C:\WINDOWS\syswow64\taskschd_FromLFSULTRA-WIDEN.msc [MD5.C2E392F3CE66FE21ADB7CA1158790BAA] - [10/04/2017 17:55:33] - |A| - [15360] - C:\WINDOWS\syswow64\tbs_FromLFSULTRA-WIDEN.dll [MD5.1B8F10A30E63B329FC316B88E804878E] - [10/04/2017 17:55:34] - |A| - [13824] - C:\WINDOWS\syswow64\tcmsetup_FromLFSULTRA-WIDEN.exe [MD5.C059C6B7518A9D6DE3616A3143392FE6] - [10/04/2017 17:55:34] - |A| - [1041] - C:\WINDOWS\syswow64\tcpbidi_FromLFSULTRA-WIDEN.xml [MD5.CAFC0B884E5590B5E80D84F592388B3D] - [10/04/2017 17:55:34] - |A| - [181760] - C:\WINDOWS\syswow64\tcpipcfg_FromLFSULTRA-WIDEN.dll [MD5.03F364F70669D6CCDFBB648C735A1CC1] - [10/04/2017 17:55:35] - |A| - [31232] - C:\WINDOWS\syswow64\tcpmib_FromLFSULTRA-WIDEN.dll [MD5.B390C1D825C7687493BEDE237C6C2F25] - [10/04/2017 17:55:35] - |A| - [148992] - C:\WINDOWS\syswow64\tcpmon.dll [MD5.47F22CAD4A16BB40153555D631546B94] - [10/04/2017 17:55:35] - |A| - [60124] - C:\WINDOWS\syswow64\tcpmon.ini [MD5.4AA222561FEACF1DD52813D46180FD52] - [10/04/2017 17:55:37] - |A| - [61440] - C:\WINDOWS\syswow64\tcpmonui_FromLFSULTRA-WIDEN.dll [MD5.F5AAA8CDDA25B6387AF590D676D25BAD] - [10/04/2017 17:55:37] - |A| - [9216] - C:\WINDOWS\syswow64\TCPSVCS_FromLFSULTRA-WIDEN.EXE [MD5.9E170B0AF156B478BD2B1FD6A2250C9E] - [10/04/2017 17:55:37] - |A| - [62464] - C:\WINDOWS\syswow64\tdc_FromLFSULTRA-WIDEN.ocx [MD5.0E1490FB24DF3386AF80F66107A8515C] - [10/04/2017 17:55:38] - |A| - [635392] - C:\WINDOWS\syswow64\tdh_FromLFSULTRA-WIDEN.dll [MD5.0386FF59D0F5C1CDE453A3780353069F] - [10/04/2017 17:55:39] - |A| - [106496] - C:\WINDOWS\syswow64\telephon_FromLFSULTRA-WIDEN.cpl [MD5.9FC4D46F7BCAD9EE8517171195917776] - [10/04/2017 17:55:39] - |A| - [352768] - C:\WINDOWS\syswow64\termmgr_FromLFSULTRA-WIDEN.dll [MD5.FCFD4F50419B4BC72E80066DA10D2E54] - [10/04/2017 17:55:40] - |A| - [523776] - C:\WINDOWS\syswow64\termsrv.dll [MD5.9B745F137DB5F8E3AE4997CCE0D1DD4F] - [10/04/2017 17:55:42] - |A| - [313856] - C:\WINDOWS\syswow64\thawbrkr.dll [MD5.64B628C5258625129288F2D0C75268DA] - [10/04/2017 17:55:42] - |A| - [2157568] - C:\WINDOWS\syswow64\themecpl_FromLFSULTRA-WIDEN.dll [MD5.42FB6AFD6B79D9FE07381609172E7CA4] - [10/04/2017 17:55:43] - |A| - [37376] - C:\WINDOWS\syswow64\themeservice.dll [MD5.5992A9DF57FD5E6960FDCC2DB69867F7] - [10/04/2017 17:55:45] - |A| - [2755072] - C:\WINDOWS\syswow64\themeui_FromLFSULTRA-WIDEN.dll [MD5.672D7C5080ACB003343006405DA2E621] - [10/04/2017 17:55:47] - |A| - [82944] - C:\WINDOWS\syswow64\thumbcache_FromLFSULTRA-WIDEN.dll [MD5.6D21D0A95286DCD09E354B612F592EB7] - [10/04/2017 17:55:49] - |A| - [1988] - C:\WINDOWS\syswow64\ticrf.rat [MD5.6876F3FFD70E179C379C30F0B2C66FD7] - [10/04/2017 17:55:50] - |A| - [8192] - C:\WINDOWS\syswow64\TimeDateMUICallback_FromLFSULTRA-WIDEN.dll [MD5.83C9840CF87A0CA55526327801716D27] - [10/04/2017 17:55:49] - |A| - [478720] - C:\WINDOWS\syswow64\timedate_FromLFSULTRA-WIDEN.cpl [MD5.419A5EF8D76693048E4D6F79A5C875AE] - [10/04/2017 17:55:50] - |A| - [27136] - C:\WINDOWS\syswow64\timeout_FromLFSULTRA-WIDEN.exe [MD5.9E7425234ADDEDABC7BF7ADDAFD72FD9] - [10/04/2017 17:55:50] - |A| - [4048] - C:\WINDOWS\syswow64\TIMER.DRV [MD5.277E5C2F010CF557B1E02F8A0FEAABB7] - [10/04/2017 17:55:51] - |A| - [126976] - C:\WINDOWS\syswow64\tintlgnt.ime [MD5.E460AFD3A201408919ADB05977095E8D] - [10/04/2017 17:55:51] - |A| - [69632] - C:\WINDOWS\syswow64\tlscsp_FromLFSULTRA-WIDEN.dll [MD5.C86363C599E5D6836C21A3A3FD21C388] - [10/04/2017 17:55:51] - |A| - [13888] - C:\WINDOWS\syswow64\TOOLHELP.DLL [MD5.0D43857D81CBDF4FC3536D8472F35303] - [09/04/2017 13:18:56] - |A| - [73728] - C:\WINDOWS\syswow64\TOverlay.ax [MD5.0D43857D81CBDF4FC3536D8472F35303] - [10/04/2017 17:55:51] - |A| - [73728] - C:\WINDOWS\syswow64\TOverlay_FromLFSULTRA-WIDEN.ax [MD5.120A486B8DE74CDB57B7897B53FAB2D4] - [10/04/2017 17:55:52] - |A| - [40960] - C:\WINDOWS\syswow64\tpmcompc_FromLFSULTRA-WIDEN.dll [MD5.A64B09CA11E2953E506922907E12AE36] - [10/04/2017 17:55:53] - |A| - [94720] - C:\WINDOWS\syswow64\TpmInit_FromLFSULTRA-WIDEN.exe [MD5.9359341F78E00134B527814B4868ECD5] - [10/04/2017 17:55:52] - |A| - [144862] - C:\WINDOWS\syswow64\tpm_FromLFSULTRA-WIDEN.msc [MD5.465DBF63A5049E4DB4BC5C12FFE781CB] - [10/04/2017 17:55:53] - |A| - [1549312] - C:\WINDOWS\syswow64\tquery_FromLFSULTRA-WIDEN.dll [MD5.3C1BE79C3CE6EB378108B11D94CA1072] - [10/04/2017 17:55:59] - |A| - [364544] - C:\WINDOWS\syswow64\tracerpt_FromLFSULTRA-WIDEN.exe [MD5.F2E76C84BD0211103113A0BC4A835A7D] - [10/04/2017 17:56:00] - |A| - [12288] - C:\WINDOWS\syswow64\TRACERT_FromLFSULTRA-WIDEN.EXE [MD5.5E56E7CF5E0BFED9001539EFDD7D7999] - [10/04/2017 17:56:00] - |A| - [33280] - C:\WINDOWS\syswow64\traffic_FromLFSULTRA-WIDEN.dll [MD5.543324F86787BFA31AABBAA7A91D08D0] - [10/04/2017 17:56:01] - |A| - [21504] - C:\WINDOWS\syswow64\TRAPI.dll [MD5.EE3B6D847B0644D5A2A1D23A3D37B3EE] - [10/04/2017 17:56:01] - |A| - [16384] - C:\WINDOWS\syswow64\tree_FromLFSULTRA-WIDEN.com [MD5.4792C0378DB99A9BC2AE2DE6CFFF0C3A] - [10/04/2017 17:56:01] - |A| - [77312] - C:\WINDOWS\syswow64\trkwks.dll [MD5.665AAD05AEE9E37A7A9BAEDCAC775989] - [10/04/2017 17:56:01] - |A| - [12288] - C:\WINDOWS\syswow64\tsbyuv_FromLFSULTRA-WIDEN.dll [MD5.659E04E74135927CA6D7BC5E75C84417] - [10/04/2017 17:56:01] - |A| - [13312] - C:\WINDOWS\syswow64\TSChannel.dll [MD5.7C76B61A5E1EF5D1FA554CF134100F18] - [10/04/2017 17:56:02] - |A| - [14848] - C:\WINDOWS\syswow64\tsddd.dll [MD5.2A6BFDEDF2C57923E78F970BB15D7E7D] - [10/04/2017 17:56:02] - |A| - [36864] - C:\WINDOWS\syswow64\tsgqec_FromLFSULTRA-WIDEN.dll [MD5.8DCB990113DEF9255445B17D7F6DA64A] - [10/04/2017 17:56:02] - |A| - [270848] - C:\WINDOWS\syswow64\tsmf_FromLFSULTRA-WIDEN.dll [MD5.D12750DF9F955B9C8FB18C9B26BC8FA8] - [10/04/2017 17:56:02] - |A| - [65536] - C:\WINDOWS\syswow64\TSpkg_FromLFSULTRA-WIDEN.dll [MD5.9487A585A6A2DBDD127F3B8C7302631B] - [10/04/2017 17:56:02] - |A| - [38912] - C:\WINDOWS\syswow64\TSTheme_FromLFSULTRA-WIDEN.exe [MD5.1D3198205747685AAC2EED0B3BCD38C3] - [10/04/2017 17:56:03] - |A| - [33280] - C:\WINDOWS\syswow64\TsUsbGDCoInstaller.dll [MD5.B292EBE345B14B66E17E5F36CEF7209C] - [10/04/2017 17:56:03] - |A| - [7680] - C:\WINDOWS\syswow64\TsUsbRedirectionGroupPolicyControl.exe [MD5.B78AF77C0F1627969DAB04E17870618C] - [10/04/2017 17:56:03] - |A| - [11776] - C:\WINDOWS\syswow64\TsUsbRedirectionGroupPolicyExtension.dll [MD5.306EB846F88E58C7E763946DE95952E3] - [10/04/2017 17:56:03] - |A| - [46592] - C:\WINDOWS\syswow64\TSWbPrxy.exe [MD5.A8DDB7ACB122FC36FF0D7C9B3099A380] - [10/04/2017 17:56:04] - |A| - [793600] - C:\WINDOWS\syswow64\TSWorkspace_FromLFSULTRA-WIDEN.dll [MD5.28A8B99DE70F376B18709E6B07D6A352] - [10/04/2017 17:56:04] - |A| - [35480] - C:\WINDOWS\syswow64\TsWpfWrp_FromLFSULTRA-WIDEN.exe [MD5.B4CDDAFF4D69B0E9EDBF5751DB5A5193] - [10/04/2017 17:56:07] - |A| - [29696] - C:\WINDOWS\syswow64\tvratings_FromLFSULTRA-WIDEN.dll [MD5.C9708C9F3DBA3DBFB1D2FEE1E9DABAD0] - [10/04/2017 17:56:08] - |A| - [146432] - C:\WINDOWS\syswow64\twext_FromLFSULTRA-WIDEN.dll [MD5.E5676CEB224008296B6BDC7F0AB859C0] - [10/04/2017 17:56:08] - |A| - [90624] - C:\WINDOWS\syswow64\txflog_FromLFSULTRA-WIDEN.dll [MD5.14DD8D99318F239BA318CA491D746F84] - [10/04/2017 17:56:08] - |A| - [10752] - C:\WINDOWS\syswow64\txfw32_FromLFSULTRA-WIDEN.dll [MD5.7161255DFA81E67B66B746D2504D2F2B] - [10/04/2017 17:56:08] - |A| - [177856] - C:\WINDOWS\syswow64\typelib_FromLFSULTRA-WIDEN.dll [MD5.629AD3FDA168D82D459164044A29F9BB] - [10/04/2017 17:56:09] - |A| - [40448] - C:\WINDOWS\syswow64\typeperf_FromLFSULTRA-WIDEN.exe [MD5.48C566013F2B20F0BABCAD98079EEC05] - [10/04/2017 17:56:09] - |A| - [2048] - C:\WINDOWS\syswow64\tzres_FromLFSULTRA-WIDEN.dll [MD5.8DDD47810EE260744BEAA82EFA2DB9BB] - [10/04/2017 17:56:09] - |A| - [47616] - C:\WINDOWS\syswow64\tzutil_FromLFSULTRA-WIDEN.exe [MD5.B804EAA9E037580F96C22537C2ECB62A] - [10/04/2017 17:56:09] - |A| - [171520] - C:\WINDOWS\syswow64\ubpm.dll [MD5.10A084557C1E91319A0ABF578D12D1C5] - [10/04/2017 17:56:10] - |A| - [48128] - C:\WINDOWS\syswow64\ucmhc_FromLFSULTRA-WIDEN.dll [MD5.3DF1D7DA8C1493A5A00C0474323FEF20] - [10/04/2017 17:56:10] - |A| - [922432] - C:\WINDOWS\syswow64\ucrtbase_FromLFSULTRA-WIDEN.dll [MD5.3C7179C5025C6EA614B6061800ADA622] - [10/04/2017 17:56:11] - |A| - [47104] - C:\WINDOWS\syswow64\ucsvc.exe [MD5.230EA9ABBC3432CDE388F4891E76E867] - [10/04/2017 17:56:11] - |A| - [45056] - C:\WINDOWS\syswow64\udhisapi_FromLFSULTRA-WIDEN.dll [MD5.432EA9855BB4091172B72EA44B9627D7] - [10/04/2017 17:56:12] - |A| - [68096] - C:\WINDOWS\syswow64\uexfat_FromLFSULTRA-WIDEN.dll [MD5.038AF566D975352F9A6C026735A4A5E8] - [10/04/2017 17:56:12] - |A| - [95232] - C:\WINDOWS\syswow64\ufat_FromLFSULTRA-WIDEN.dll [MD5.8344FD4FCE927880AA1AA7681D4927E5] - [10/04/2017 17:56:12] - |A| - [35840] - C:\WINDOWS\syswow64\UI0Detect.exe [MD5.8B285BDAB7735FDFB18E6F7122923B77] - [10/04/2017 17:56:13] - |A| - [187392] - C:\WINDOWS\syswow64\UIAnimation_FromLFSULTRA-WIDEN.dll [MD5.FD049C25A168D3DE310D9207B7B6367B] - [10/04/2017 17:56:13] - |A| - [561664] - C:\WINDOWS\syswow64\UIAutomationCore_FromLFSULTRA-WIDEN.dll [MD5.935F591BCAAAA6E25A56AF38634FA239] - [10/04/2017 17:56:14] - |A| - [35328] - C:\WINDOWS\syswow64\uicom_FromLFSULTRA-WIDEN.dll [MD5.D7335424B6DD7463B75973D2ECD02857] - [10/04/2017 17:56:14] - |A| - [2969600] - C:\WINDOWS\syswow64\UIHub.dll [MD5.86B9E27CDB040DE1C981BEC2A56326A7] - [10/04/2017 17:56:20] - |A| - [1164800] - C:\WINDOWS\syswow64\UIRibbonRes_FromLFSULTRA-WIDEN.dll [MD5.B85B0267A743607052263447E6091E8C] - [10/04/2017 17:56:17] - |A| - [2983424] - C:\WINDOWS\syswow64\UIRibbon_FromLFSULTRA-WIDEN.dll [MD5.F93C84B307573327779AE0DA41115957] - [10/04/2017 17:56:23] - |A| - [108544] - C:\WINDOWS\syswow64\ulib_FromLFSULTRA-WIDEN.dll [MD5.D33E95C0A2754061233B58DC41F8094C] - [10/04/2017 17:56:24] - |A| - [50688] - C:\WINDOWS\syswow64\umb.dll [MD5.B768E2C9CE41B12F7C7688E7D2F5164C] - [10/04/2017 17:56:24] - |A| - [17920] - C:\WINDOWS\syswow64\umdmxfrm_FromLFSULTRA-WIDEN.dll [MD5.92DC6E68D2C856C5C2F21AE9E22112B8] - [10/04/2017 17:56:24] - |A| - [293376] - C:\WINDOWS\syswow64\umpnpmgr.dll [MD5.F87D30E72E03D579A5199CCB3831D6EA] - [10/04/2017 17:56:24] - |A| - [119808] - C:\WINDOWS\syswow64\umpo.dll [MD5.2653282D9DC9DB635E03780C02B053D8] - [10/04/2017 17:56:24] - |A| - [21504] - C:\WINDOWS\syswow64\umstartup.etl [MD5.132EEA9C6FEE5A7CE43264BF2614F4B7] - [10/04/2017 17:56:25] - |A| - [9216] - C:\WINDOWS\syswow64\umstartup000.etl [MD5.E98A08E70C15D6371AFEEB802227228D] - [10/04/2017 17:56:25] - |A| - [202240] - C:\WINDOWS\syswow64\unattend.dll [MD5.53CA6BF58658815FCB472205291DD953] - [10/04/2017 17:56:26] - |A| - [59392] - C:\WINDOWS\syswow64\unimdmat_FromLFSULTRA-WIDEN.dll [MD5.377F0C1DDBFA6A43CB7E7568BC0ECED0] - [10/04/2017 17:56:25] - |A| - [281088] - C:\WINDOWS\syswow64\unimdm_FromLFSULTRA-WIDEN.tsp [MD5.E675DE8CF57D8814218733B3DAE896D7] - [10/04/2017 17:56:26] - |A| - [16896] - C:\WINDOWS\syswow64\uniplat_FromLFSULTRA-WIDEN.dll [MD5.2C098921217204301D76BF3BD5D953BB] - [10/04/2017 17:56:26] - |A| - [34304] - C:\WINDOWS\syswow64\unlodctr_FromLFSULTRA-WIDEN.exe [MD5.7CA00998C1AAF913AC089E29DB746037] - [10/04/2017 17:56:26] - |A| - [278528] - C:\WINDOWS\syswow64\unregmp2_FromLFSULTRA-WIDEN.exe [MD5.82E7ECE9096EEACB2EAC5644FE19A6F2] - [10/04/2017 17:56:27] - |A| - [346624] - C:\WINDOWS\syswow64\untfs_FromLFSULTRA-WIDEN.dll [MD5.033B88A23C417F3415BC4C9F6D49FDDF] - [10/04/2017 17:56:28] - |A| - [23552] - C:\WINDOWS\syswow64\upnpcont_FromLFSULTRA-WIDEN.exe [MD5.833FBB672460EFCE8011D262175FAD33] - [10/04/2017 17:56:28] - |A| - [266752] - C:\WINDOWS\syswow64\upnphost_FromLFSULTRA-WIDEN.dll [MD5.954EA9B34F155C844B11F4047A8F6F89] - [10/04/2017 17:56:27] - |A| - [206848] - C:\WINDOWS\syswow64\upnp_FromLFSULTRA-WIDEN.dll [MD5.23C91391F93F7282B684ADAFE1C4F29C] - [10/04/2017 17:56:29] - |A| - [23040] - C:\WINDOWS\syswow64\ureg_FromLFSULTRA-WIDEN.dll [MD5.53E9614ADFA6A40A452BA014CEF6F261] - [10/04/2017 17:56:29] - |A| - [1309696] - C:\WINDOWS\syswow64\urlmon_FromLFSULTRA-WIDEN.dll [MD5.CFCE4EFF1D6D909EE2EA3AFCB8F1E677] - [10/04/2017 17:56:29] - |A| - [233472] - C:\WINDOWS\syswow64\url_FromLFSULTRA-WIDEN.dll [MD5.3E1EBF74DD93287B7DC1C681B09E3639] - [10/04/2017 17:56:31] - |A| - [23552] - C:\WINDOWS\syswow64\usbceip_FromLFSULTRA-WIDEN.dll [MD5.923CDD30092DB73EC4A0EBCDDD16C686] - [10/04/2017 17:56:31] - |A| - [34304] - C:\WINDOWS\syswow64\usbmon.dll [MD5.109007869CB95CBD9B92FDF35B96D7B5] - [10/04/2017 17:56:32] - |A| - [11264] - C:\WINDOWS\syswow64\usbperf_FromLFSULTRA-WIDEN.dll [MD5.5DD061F86D6733C4B5D417693F8F1C2C] - [10/04/2017 17:56:32] - |A| - [80896] - C:\WINDOWS\syswow64\usbui_FromLFSULTRA-WIDEN.dll [MD5.94BAA9A70041899993D0078C039FE5CC] - [09/04/2017 12:10:29] - |A| - [188416] - C:\WINDOWS\syswow64\UScreenCapture.ax [MD5.94BAA9A70041899993D0078C039FE5CC] - [10/04/2017 17:56:32] - |A| - [188416] - C:\WINDOWS\syswow64\UScreenCapture_FromLFSULTRA-WIDEN.ax [MD5.F1DD3ACAEE5E6B4BBC69BC6DF75CEF66] - [10/04/2017 17:56:33] - |A| - [811520] - C:\WINDOWS\syswow64\user32_FromLFSULTRA-WIDEN.dll [MD5.ACA1F50844E08F3F5178E8FF3F21FBC2] - [10/04/2017 17:56:34] - |A| - [78848] - C:\WINDOWS\syswow64\UserAccountControlSettings_FromLFSULTRA-WIDEN.dll [MD5.2A17B460F062592DE04637966776C4EE] - [10/04/2017 17:56:34] - |A| - [192512] - C:\WINDOWS\syswow64\UserAccountControlSettings_FromLFSULTRA-WIDEN.exe [MD5.D83841B6EE406B58461ACE8A6308AA2D] - [10/04/2017 17:56:35] - |A| - [600064] - C:\WINDOWS\syswow64\usercpl_FromLFSULTRA-WIDEN.dll [MD5.D15618A0FF8DBC2C5BF3726BACC75A0B] - [10/04/2017 17:56:36] - |A| - [81920] - C:\WINDOWS\syswow64\userenv_FromLFSULTRA-WIDEN.dll [MD5.61AC3EFDFACFDD3F0F11DD4FD4044223] - [10/04/2017 17:56:36] - |A| - [26624] - C:\WINDOWS\syswow64\userinit_FromLFSULTRA-WIDEN.exe [MD5.C2520B98C8658C73C138F9B26E203322] - [10/04/2017 17:56:32] - |A| - [47840] - C:\WINDOWS\syswow64\USER_FromLFSULTRA-WIDEN.EXE [MD5.9EDCFA23CC081E38C86CA309D0F7E3DC] - [10/04/2017 17:56:36] - |A| - [30720] - C:\WINDOWS\syswow64\usk_FromLFSULTRA-WIDEN.rs [MD5.3553707B119AD5AAF1F31BFF5517A093] - [10/04/2017 17:56:36] - |A| - [627712] - C:\WINDOWS\syswow64\usp10_FromLFSULTRA-WIDEN.dll [MD5.B17EB4DDA3D59A5E6ECDF422A6EADEED] - [10/04/2017 17:56:37] - |A| - [41984] - C:\WINDOWS\syswow64\UtcResources.dll [MD5.D25958B2A71EF488959272878EF934BE] - [10/04/2017 17:56:37] - |A| - [31744] - C:\WINDOWS\syswow64\utildll_FromLFSULTRA-WIDEN.dll [MD5.7B9602D3475967F149C1A2C3E2B75A79] - [10/04/2017 17:56:38] - |A| - [1397248] - C:\WINDOWS\syswow64\Utilman_FromLFSULTRA-WIDEN.exe [MD5.8AFFFDA081CFF3057391FEDBBB483601] - [09/04/2017 12:17:58] - |A| - [45056] - C:\WINDOWS\syswow64\UTSCSI.EXE [MD5.D40AD61692EF9E4CE714D6390F8BBEA6] - [10/04/2017 17:56:39] - |A| - [135680] - C:\WINDOWS\syswow64\uudf_FromLFSULTRA-WIDEN.dll [MD5.A12829E9974F57E9B5DBFEA7C93190F6] - [10/04/2017 17:56:39] - |A| - [20992] - C:\WINDOWS\syswow64\UXInit_FromLFSULTRA-WIDEN.dll [MD5.5A849289169716720D30909946936449] - [10/04/2017 17:56:40] - |A| - [2560] - C:\WINDOWS\syswow64\uxlibres_FromLFSULTRA-WIDEN.dll [MD5.FD4C4F9EC7D6D23E282F9375B4029AE5] - [10/04/2017 17:56:40] - |A| - [118784] - C:\WINDOWS\syswow64\uxlib_FromLFSULTRA-WIDEN.dll [MD5.081E6E1C91AEC36758902A9F727CD23C] - [10/04/2017 17:56:40] - |A| - [29696] - C:\WINDOWS\syswow64\uxsms.dll [MD5.63BFDF555DA2075A77D677829C3CCCD0] - [10/04/2017 17:56:40] - |A| - [249856] - C:\WINDOWS\syswow64\uxtheme_FromLFSULTRA-WIDEN.dll [MD5.86491AD7BC0964089CD4E703E65D45DB] - [10/04/2017 17:56:40] - |A| - [18832] - C:\WINDOWS\syswow64\v7vga.rom [MD5.370349F79315D4DB86CD992CACEFEE61] - [10/04/2017 17:56:41] - |A| - [638976] - C:\WINDOWS\syswow64\VAN_FromLFSULTRA-WIDEN.dll [MD5.36B8D5903CEEF0AA42A1EE002BD27FF1] - [10/04/2017 17:56:43] - |A| - [36352] - C:\WINDOWS\syswow64\vaultcli_FromLFSULTRA-WIDEN.dll [MD5.5A88BD5EAAE341F5B51FD940B2A1DC43] - [10/04/2017 17:56:43] - |A| - [23040] - C:\WINDOWS\syswow64\VaultCmd.exe [MD5.65BF13016A3C22775F3E17591AE5268A] - [10/04/2017 17:56:43] - |A| - [70144] - C:\WINDOWS\syswow64\VaultCredProvider.dll [MD5.6FEC7B9A76B41D9AC67615A3040017F5] - [10/04/2017 17:56:43] - |A| - [196096] - C:\WINDOWS\syswow64\vaultsvc.dll [MD5.691873E25DA6DFFD4A0EDC8A7B413E9B] - [10/04/2017 17:56:44] - |A| - [37376] - C:\WINDOWS\syswow64\VaultSysUi.exe [MD5.669E18322F05A14356E8F6DA16D15DA0] - [10/04/2017 17:56:42] - |A| - [933376] - C:\WINDOWS\syswow64\Vault_FromLFSULTRA-WIDEN.dll [MD5.73D1680C94C1B57F6D8E49B2AE8122ED] - [10/04/2017 17:56:44] - |A| - [30749] - C:\WINDOWS\syswow64\vbajet32_FromLFSULTRA-WIDEN.dll [MD5.4D6262D5CFFA7D932126D2B85C373F87] - [10/04/2017 17:56:45] - |A| - [153600] - C:\WINDOWS\syswow64\VBICodec_FromLFSULTRA-WIDEN.ax [MD5.373A87DBFD387DDC54375F547834FBBD] - [10/04/2017 17:56:45] - |A| - [33792] - C:\WINDOWS\syswow64\vbisurf_FromLFSULTRA-WIDEN.ax [MD5.96837E5864777688477AF6DE2332C06D] - [10/04/2017 17:56:45] - |A| - [503808] - C:\WINDOWS\syswow64\vbscript_FromLFSULTRA-WIDEN.dll [MD5.4B95A23D6BE311A655D12BA17EAB42C6] - [10/04/2017 17:56:46] - |A| - [320976] - C:\WINDOWS\syswow64\vcamp110_FromLFSULTRA-WIDEN.dll [MD5.3BCA5A693F9F772FC8F92A61E45320FC] - [10/04/2017 17:56:46] - |A| - [339616] - C:\WINDOWS\syswow64\vcamp120_FromLFSULTRA-WIDEN.dll [MD5.93EA0D37ADCD0C11F7E29C15CEE40EDC] - [10/04/2017 17:56:47] - |A| - [405160] - C:\WINDOWS\syswow64\vcamp140_FromLFSULTRA-WIDEN.dll [MD5.C5C2295981EEDEFF9924889A7F084CC2] - [10/04/2017 17:56:48] - |A| - [252400] - C:\WINDOWS\syswow64\vccorlib110_FromLFSULTRA-WIDEN.dll [MD5.69837E50C50561A083A72A5F8EA1F6A2] - [10/04/2017 17:56:48] - |A| - [247984] - C:\WINDOWS\syswow64\vccorlib120_FromLFSULTRA-WIDEN.dll [MD5.B39264CA191796BC810F005B5F8A003D] - [10/04/2017 17:56:49] - |A| - [271024] - C:\WINDOWS\syswow64\vccorlib140_FromLFSULTRA-WIDEN.dll [MD5.A7E63D69F1D55A3662907ECD48B345CA] - [10/04/2017 17:56:50] - |A| - [51024] - C:\WINDOWS\syswow64\vcomp100_FromLFSULTRA-WIDEN.dll [MD5.77B1B6B9D8EAD7033F7958D6161107EF] - [10/04/2017 17:56:50] - |A| - [125904] - C:\WINDOWS\syswow64\vcomp110_FromLFSULTRA-WIDEN.dll [MD5.27BC360D67F269A61BB052E10C9FCEEB] - [10/04/2017 17:56:51] - |A| - [119456] - C:\WINDOWS\syswow64\vcomp120_FromLFSULTRA-WIDEN.dll [MD5.60BBDA70D913181D91C934D59A7C50F3] - [10/04/2017 17:56:51] - |A| - [162976] - C:\WINDOWS\syswow64\vcomp140_FromLFSULTRA-WIDEN.dll [MD5.607B9EEF0C8173D1E8E75947AEED6A13] - [10/04/2017 17:56:51] - |A| - [85840] - C:\WINDOWS\syswow64\vcruntime140_FromLFSULTRA-WIDEN.dll [MD5.8E79090CB0987CA102E845341E052537] - [10/04/2017 17:56:51] - |A| - [16896] - C:\WINDOWS\syswow64\vdmdbg_FromLFSULTRA-WIDEN.dll [MD5.EC5BFD7B7269B60AE30A103105C71C1A] - [10/04/2017 17:56:52] - |A| - [19456] - C:\WINDOWS\syswow64\vdmredir.dll [MD5.C3CD30495687C2A2F66A65CA6FD89BE9] - [10/04/2017 17:56:52] - |A| - [453632] - C:\WINDOWS\syswow64\vds.exe [MD5.CF3CD3F466D84C9E2F66490D9578A563] - [10/04/2017 17:56:52] - |A| - [160256] - C:\WINDOWS\syswow64\vdsbas.dll [MD5.86C55E0945D95DE26807C41F9B5C8E21] - [10/04/2017 17:56:53] - |A| - [518144] - C:\WINDOWS\syswow64\vdsdyn.dll [MD5.A2551668C78CEA4089D71A0A3B36FC0C] - [10/04/2017 17:56:54] - |A| - [19968] - C:\WINDOWS\syswow64\vdsldr.exe [MD5.33BEE4A0B2DC34F4A6D01210F7507508] - [10/04/2017 17:56:54] - |A| - [151040] - C:\WINDOWS\syswow64\vdsutil.dll [MD5.99C9BF23B144F96B975A1B4371B90744] - [10/04/2017 17:56:54] - |A| - [47616] - C:\WINDOWS\syswow64\vdsvd.dll [MD5.F509B44D94DB9C832CA26297BE0CC04D] - [10/04/2017 17:56:55] - |A| - [44544] - C:\WINDOWS\syswow64\vds_ps_FromLFSULTRA-WIDEN.dll [MD5.D022D32A7BCB0B54C34BD687AC00564C] - [10/04/2017 17:56:55] - |A| - [9008] - C:\WINDOWS\syswow64\ver.dll [MD5.42B2A7CBD7838214EECE6B6455C34BC6] - [10/04/2017 17:56:56] - |A| - [10752] - C:\WINDOWS\syswow64\verclsid_FromLFSULTRA-WIDEN.exe [MD5.F5A90C233A48C6175C6F2EB59677CE61] - [10/04/2017 17:56:57] - |A| - [103424] - C:\WINDOWS\syswow64\verifier.exe [MD5.FAF44FF8DD84BAA8E615C9B33C1D3432] - [10/04/2017 17:56:56] - |A| - [341504] - C:\WINDOWS\syswow64\verifier_FromLFSULTRA-WIDEN.dll [MD5.702254574E7E52052DE39408457B7149] - [10/04/2017 17:56:57] - |A| - [21504] - C:\WINDOWS\syswow64\version_FromLFSULTRA-WIDEN.dll [MD5.15BD0F8D507546F512EE5D73C3721FA8] - [10/04/2017 17:56:57] - |A| - [20535] - C:\WINDOWS\syswow64\vfpodbc.dll [MD5.24498D084FAA7A459C91066EC241E1CE] - [10/04/2017 17:56:58] - |A| - [56832] - C:\WINDOWS\syswow64\vfwwdm32_FromLFSULTRA-WIDEN.dll [MD5.FFF84D51E1EA6CE3E8AC74D17C0D4889] - [10/04/2017 17:56:58] - |A| - [10752] - C:\WINDOWS\syswow64\vga.dll [MD5.9C86BBB80450AF95B6A4EA8EBDA93D76] - [10/04/2017 17:56:58] - |A| - [2176] - C:\WINDOWS\syswow64\vga.drv [MD5.B11BCD430977E5FBCB3A5804C675C5A0] - [10/04/2017 17:57:00] - |A| - [56320] - C:\WINDOWS\syswow64\vga256.dll [MD5.7FFE091344E7939B3BAD6E8ADAD617B3] - [10/04/2017 17:57:00] - |A| - [21504] - C:\WINDOWS\syswow64\vga64k.dll [MD5.4DDACA8A66B95ABA02812FF3C13DE198] - [10/04/2017 17:57:00] - |A| - [23040] - C:\WINDOWS\syswow64\vidcap_FromLFSULTRA-WIDEN.ax [MD5.24D74CF313DC62C65EEA4726AE2EB3F8] - [10/04/2017 17:57:00] - |A| - [154112] - C:\WINDOWS\syswow64\VIDRESZR_FromLFSULTRA-WIDEN.DLL [MD5.88C170086371CC5716010AF223F6F780] - [10/04/2017 17:57:00] - |A| - [17408] - C:\WINDOWS\syswow64\virtdisk_FromLFSULTRA-WIDEN.dll [MD5.80B562B5B59ED850C328DD75F964F3D8] - [10/04/2017 17:57:00] - |A| - [242176] - C:\WINDOWS\syswow64\vpnike.dll [MD5.5845B1C54380FB980F68024B3A8B1E66] - [10/04/2017 17:57:01] - |A| - [25600] - C:\WINDOWS\syswow64\vpnikeapi_FromLFSULTRA-WIDEN.dll [MD5.6E248A3D528EDE43994457CF417BD665] - [10/04/2017 17:57:01] - |A| - [115200] - C:\WINDOWS\syswow64\vssadmin_FromLFSULTRA-WIDEN.exe [MD5.13337A3FB17F2242487FD45488ED0485] - [10/04/2017 17:57:01] - |A| - [1128448] - C:\WINDOWS\syswow64\vssapi_FromLFSULTRA-WIDEN.dll [MD5.B940289C83121046BD6A60ACC6028593] - [10/04/2017 17:57:02] - |A| - [56320] - C:\WINDOWS\syswow64\vsstrace_FromLFSULTRA-WIDEN.dll [MD5.209A3B1901B83AEB8527ED211CCE9E4C] - [10/04/2017 17:57:03] - |A| - [1025536] - C:\WINDOWS\syswow64\VSSVC.exe [MD5.5A8BF4E8810541C23F4067536FB48CA3] - [10/04/2017 17:57:05] - |A| - [26112] - C:\WINDOWS\syswow64\vss_ps_FromLFSULTRA-WIDEN.dll [MD5.55187FD710E27D5095D10A472C8BAF1C] - [10/04/2017 17:57:05] - |A| - [288768] - C:\WINDOWS\syswow64\w32time.dll [MD5.96FE583424174CF7926250ED16C4EA01] - [10/04/2017 17:57:06] - |A| - [66048] - C:\WINDOWS\syswow64\w32tm_FromLFSULTRA-WIDEN.exe [MD5.DE518E5D4636A00A3247CB92EA61E114] - [10/04/2017 17:57:06] - |A| - [26624] - C:\WINDOWS\syswow64\w32topl_FromLFSULTRA-WIDEN.dll [MD5.D470F5965D18DB06AD0E00891E870945] - [10/04/2017 17:57:06] - |A| - [58880] - C:\WINDOWS\syswow64\WABSyncProvider_FromLFSULTRA-WIDEN.dll [MD5.C8F9103E3E91DD788224DA15906ACD46] - [10/04/2017 17:57:06] - |A| - [34304] - C:\WINDOWS\syswow64\waitfor_FromLFSULTRA-WIDEN.exe [MD5.F07C5D2CB67D7044E5E12EC2D2460D6F] - [09/04/2017 13:19:08] - |A| - [40960] - C:\WINDOWS\syswow64\wavdest.ax [MD5.3379984F13BDC0F26783E3E0C678ED5C] - [10/04/2017 17:57:07] - |A| - [46592] - C:\WINDOWS\syswow64\WavDest.dll [MD5.F07C5D2CB67D7044E5E12EC2D2460D6F] - [10/04/2017 17:57:07] - |A| - [40960] - C:\WINDOWS\syswow64\wavdest_FromLFSULTRA-WIDEN.ax [MD5.2097D9A13CDB88213612E3E8479185F5] - [10/04/2017 17:57:07] - |A| - [222208] - C:\WINDOWS\syswow64\wavemsp_FromLFSULTRA-WIDEN.dll [MD5.10B04CCF552C649EA93CCA00B857912A] - [10/04/2017 17:57:07] - |A| - [1738072] - C:\WINDOWS\syswow64\WavesGUILib.dll [MD5.CE1E84AA03EE50362D3C69382DCFA294] - [10/04/2017 17:57:09] - |A| - [1783056] - C:\WINDOWS\syswow64\WavesLib.dll [MD5.EAB630E7E6A7FC248870A2FCDC098B98] - [10/04/2017 17:57:11] - |A| - [224768] - C:\WINDOWS\syswow64\wbadmin.exe [MD5.704314FD398C81D5F342CAA5DF7B7F21] - [10/04/2017 17:59:21] - |A| - [363008] - C:\WINDOWS\syswow64\wbemcomn_FromLFSULTRA-WIDEN.dll [MD5.691E3285E53DCA558E1A84667F13E15A] - [10/04/2017 17:59:22] - |A| - [1203200] - C:\WINDOWS\syswow64\wbengine.exe [MD5.9614B5D29DC76AC3C29F6D2D3AA70E67] - [10/04/2017 17:59:23] - |A| - [151552] - C:\WINDOWS\syswow64\wbiosrvc.dll [MD5.C7D5B4171C77DD0B26C5571E7777C355] - [10/04/2017 17:59:25] - |A| - [86528] - C:\WINDOWS\syswow64\WcnApi_FromLFSULTRA-WIDEN.dll [MD5.34EEE0DFAADB4F691D6D5308A51315DC] - [10/04/2017 17:59:25] - |A| - [276992] - C:\WINDOWS\syswow64\wcncsvc.dll [MD5.1A29F44FA31E7761A92536F9C6C8CBA1] - [10/04/2017 17:59:25] - |A| - [20480] - C:\WINDOWS\syswow64\WcnEapAuthProxy.dll [MD5.25D8CB47B680C6760DE1FD35C1FAAE22] - [10/04/2017 17:59:26] - |A| - [20992] - C:\WINDOWS\syswow64\WcnEapPeerProxy.dll [MD5.F0CC6D2A5354B78BABE21A43C50F683C] - [10/04/2017 17:59:26] - |A| - [30208] - C:\WINDOWS\syswow64\WcnNetsh.dll [MD5.E2026094533807E3A666B6EC89D18684] - [10/04/2017 17:59:26] - |A| - [994816] - C:\WINDOWS\syswow64\wcnwiz_FromLFSULTRA-WIDEN.dll [MD5.5D930B6357A6D2AF4D7653BDABBF352F] - [10/04/2017 17:59:27] - |A| - [32768] - C:\WINDOWS\syswow64\WcsPlugInService.dll [MD5.8BCF1DCE05F4494C8891F33EEA450D0A] - [10/04/2017 17:59:28] - |A| - [1227776] - C:\WINDOWS\syswow64\wdc_FromLFSULTRA-WIDEN.dll [MD5.3569FCD18C655D9BEDECBB861D248A5B] - [10/04/2017 17:59:29] - |A| - [1470712] - C:\WINDOWS\syswow64\WdfCoInstaller01009.dll [MD5.2F0BC1FC6142DCB31C7D9804962A7011] - [10/04/2017 17:59:31] - |A| - [9728] - C:\WINDOWS\syswow64\Wdfres.dll [MD5.00000000000000000000000000000000] - [10/04/2017 17:59:31] - |D| - [23012797] - C:\WINDOWS\syswow64\wdi [MD5.F0016853FA3F38F55FD868FF74C0359B] - [10/04/2017 18:00:15] - |A| - [31744] - C:\WINDOWS\syswow64\wdiasqmmodule.dll [MD5.FE2F52304F3B5BD8281350DC69E13063] - [10/04/2017 18:00:15] - |A| - [171520] - C:\WINDOWS\syswow64\wdigest_FromLFSULTRA-WIDEN.dll [MD5.46EF9DC96265FD0B423DB72E7C38C2A5] - [10/04/2017 18:00:14] - |A| - [76288] - C:\WINDOWS\syswow64\wdi_FromLFSULTRA-WIDEN.dll [MD5.D205C24A9D069049FE2DF2A1B38726A7] - [10/04/2017 18:00:15] - |A| - [172032] - C:\WINDOWS\syswow64\wdmaud_FromLFSULTRA-WIDEN.drv [MD5.A399514D3B28C9A3453A486BBAAFF1C7] - [10/04/2017 18:00:15] - |A| - [189952] - C:\WINDOWS\syswow64\wdscore_FromLFSULTRA-WIDEN.dll [MD5.BDDF10F9D8E179323BC1B49603809EB0] - [10/04/2017 18:00:16] - |A| - [610] - C:\WINDOWS\syswow64\WdsUnattendTemplate.xml [MD5.03B3541AE6986602CF9CB5B3AD169C33] - [10/04/2017 18:00:16] - |A| - [208384] - C:\WINDOWS\syswow64\webcheck_FromLFSULTRA-WIDEN.dll [MD5.A9D880F97530D5B8FEE278923349929D] - [10/04/2017 18:00:16] - |A| - [204800] - C:\WINDOWS\syswow64\WebClnt_FromLFSULTRA-WIDEN.dll [MD5.FB19FC5951A88F3C523E35C2C98D23C0] - [10/04/2017 18:00:17] - |A| - [314880] - C:\WINDOWS\syswow64\webio_FromLFSULTRA-WIDEN.dll [MD5.DB846EECA70EE9D2E2FF31147C57B0F4] - [10/04/2017 18:00:18] - |A| - [782336] - C:\WINDOWS\syswow64\webservices_FromLFSULTRA-WIDEN.dll [MD5.88766CACCDC00AF7A701A758B9BFAED7] - [10/04/2017 18:00:16] - |A| - [4096] - C:\WINDOWS\syswow64\WEB_FromLFSULTRA-WIDEN.rs [MD5.E3596CA12087D5A4314E55CB9F5D9633] - [10/04/2017 18:00:19] - |A| - [58368] - C:\WINDOWS\syswow64\wecapi_FromLFSULTRA-WIDEN.dll [MD5.760F0AFE937A77CFF27153206534F275] - [10/04/2017 18:00:19] - |A| - [147968] - C:\WINDOWS\syswow64\wecsvc.dll [MD5.46D81B03B46C0849941BECCB54FB3138] - [10/04/2017 18:00:20] - |A| - [80384] - C:\WINDOWS\syswow64\wecutil_FromLFSULTRA-WIDEN.exe [MD5.1869BD251211FB6275067372A45682D6] - [10/04/2017 18:00:21] - |A| - [1063936] - C:\WINDOWS\syswow64\werconcpl.dll [MD5.AC804569BB2364FB6017370258A4091B] - [10/04/2017 18:00:22] - |A| - [61440] - C:\WINDOWS\syswow64\wercplsupport.dll [MD5.B8402DBE3D30D2F9C78D715E29E8B522] - [10/04/2017 18:00:23] - |A| - [28672] - C:\WINDOWS\syswow64\werdiagcontroller_FromLFSULTRA-WIDEN.dll [MD5.4DAD175C07B982A1518FE64FDBB7071A] - [10/04/2017 18:00:24] - |A| - [28672] - C:\WINDOWS\syswow64\WerFaultSecure_FromLFSULTRA-WIDEN.exe [MD5.5FEAB868CAEDBBD1B7A145CA8261E4AA] - [10/04/2017 18:00:23] - |A| - [360448] - C:\WINDOWS\syswow64\WerFault_FromLFSULTRA-WIDEN.exe [MD5.C9905EA4C326DAB778B9297BA5BD1889] - [10/04/2017 18:00:24] - |A| - [53760] - C:\WINDOWS\syswow64\wermgr_FromLFSULTRA-WIDEN.exe [MD5.08E420D873E4FD85241EE2421B02C4A4] - [10/04/2017 18:00:24] - |A| - [65024] - C:\WINDOWS\syswow64\wersvc.dll [MD5.BB3C7E48088D37417EB37F1A9E3D2449] - [10/04/2017 18:00:24] - |A| - [160256] - C:\WINDOWS\syswow64\werui_FromLFSULTRA-WIDEN.dll [MD5.4F8CCD3E7D9F17A7C60FA0AE2466CACF] - [10/04/2017 18:00:21] - |A| - [381440] - C:\WINDOWS\syswow64\wer_FromLFSULTRA-WIDEN.dll [MD5.82C089EA2A3EEFADF3588EA71E8BDADA] - [10/04/2017 18:00:24] - |A| - [262144] - C:\WINDOWS\syswow64\wevtapi_FromLFSULTRA-WIDEN.dll [MD5.A9907BA5DF28EF36A1902C074221C106] - [10/04/2017 18:00:25] - |A| - [83456] - C:\WINDOWS\syswow64\wevtfwd_FromLFSULTRA-WIDEN.dll [MD5.241E015DD809CFB23242F890B1FC575B] - [10/04/2017 18:00:25] - |A| - [1086976] - C:\WINDOWS\syswow64\wevtsvc.dll [MD5.81538B795F922B8DA6FD897EFB04B5EE] - [10/04/2017 18:00:26] - |A| - [175616] - C:\WINDOWS\syswow64\wevtutil_FromLFSULTRA-WIDEN.exe [MD5.6A92CEC8532056791C6832B2725D170D] - [10/04/2017 18:00:26] - |A| - [139264] - C:\WINDOWS\syswow64\wextract_FromLFSULTRA-WIDEN.exe [MD5.019C372B1A9DA73A22D0D35A4D40F5C9] - [10/04/2017 18:00:27] - |A| - [18944] - C:\WINDOWS\syswow64\wfapigp_FromLFSULTRA-WIDEN.dll [MD5.964E2607DE7EBC7CEAD952169BF749BC] - [10/04/2017 18:00:28] - |A| - [66048] - C:\WINDOWS\syswow64\WfHC_FromLFSULTRA-WIDEN.dll [MD5.00000000000000000000000000000000] - [10/04/2017 18:00:28] - |D| - [0] - C:\WINDOWS\syswow64\wfp [MD5.33B0A618BA5F44E67757C561D0A935C1] - [10/04/2017 18:00:28] - |A| - [802304] - C:\WINDOWS\syswow64\WFS.exe [MD5.E49EF627A75C0BAD02180C97AC527C33] - [10/04/2017 18:00:28] - |A| - [669184] - C:\WINDOWS\syswow64\WFSR.dll [MD5.19006F183E6B5CBB5C078CDA84208C3A] - [10/04/2017 18:00:30] - |A| - [12704] - C:\WINDOWS\syswow64\WFWNET.DRV [MD5.9ED84D86676B79DFC7A9DD1B537E1883] - [10/04/2017 18:00:27] - |A| - [115091] - C:\WINDOWS\syswow64\WF_FromLFSULTRA-WIDEN.msc [MD5.D0EDCE3DA1F055E5534FEE1C2A9BDA59] - [10/04/2017 18:00:30] - |A| - [32768] - C:\WINDOWS\syswow64\whealogr.dll [MD5.F5C2AE9DF21186EE1A6EFF568985BBAC] - [10/04/2017 18:00:30] - |A| - [35328] - C:\WINDOWS\syswow64\where_FromLFSULTRA-WIDEN.exe [MD5.DAECDFA364992F1D26705887E1A3C93F] - [10/04/2017 18:00:30] - |A| - [14848] - C:\WINDOWS\syswow64\whhelper_FromLFSULTRA-WIDEN.dll [MD5.0EBF71E33EF09CA65D9683AFA999C473] - [10/04/2017 18:00:30] - |A| - [43008] - C:\WINDOWS\syswow64\whoami_FromLFSULTRA-WIDEN.exe [MD5.9A4988F8F374388255F52DE5BD8A1B31] - [10/04/2017 18:00:31] - |A| - [88576] - C:\WINDOWS\syswow64\wiaacmgr_FromLFSULTRA-WIDEN.exe [MD5.AA16807C8C956BA493B7D697D25CEB18] - [10/04/2017 18:00:31] - |A| - [544256] - C:\WINDOWS\syswow64\wiaaut_FromLFSULTRA-WIDEN.dll [MD5.4D7B1415719FFCC700118318D86FD7EC] - [10/04/2017 18:00:31] - |A| - [416768] - C:\WINDOWS\syswow64\wiadefui_FromLFSULTRA-WIDEN.dll [MD5.80279007CAB3549A5999348BD0C23732] - [10/04/2017 18:00:32] - |A| - [113664] - C:\WINDOWS\syswow64\wiadss_FromLFSULTRA-WIDEN.dll [MD5.E2D56AE1D40E3725084054CD8E9CFBB1] - [10/04/2017 18:00:32] - |A| - [33280] - C:\WINDOWS\syswow64\wiarpc.dll [MD5.E95A2CF170C2EB5F769FDDD63F40470B] - [10/04/2017 18:00:32] - |A| - [87552] - C:\WINDOWS\syswow64\wiascanprofiles_FromLFSULTRA-WIDEN.dll [MD5.E1FB3706030FB4578A0D72C2FC3689E4] - [10/04/2017 18:00:32] - |A| - [463360] - C:\WINDOWS\syswow64\wiaservc.dll [MD5.AF7A23E8DB9D8F491ECD50ED5F738B36] - [10/04/2017 18:00:33] - |A| - [444928] - C:\WINDOWS\syswow64\wiashext_FromLFSULTRA-WIDEN.dll [MD5.B087F2B901570F6EF62F6C2E01A480F3] - [10/04/2017 18:00:34] - |A| - [12800] - C:\WINDOWS\syswow64\wiatrace_FromLFSULTRA-WIDEN.dll [MD5.AF2E7640E72F005DDB86158E1F8BA1FC] - [10/04/2017 18:00:34] - |A| - [109568] - C:\WINDOWS\syswow64\wiavideo.dll [MD5.51331D29F13FDA16832DC5EE8FF9B781] - [10/04/2017 18:00:34] - |A| - [9216] - C:\WINDOWS\syswow64\WIFEMAN.DLL [MD5.861A80C7DCA93A95327463D7F8C9CE64] - [10/04/2017 18:00:34] - |A| - [406528] - C:\WINDOWS\syswow64\wimgapi_FromLFSULTRA-WIDEN.dll [MD5.F6FD7F8147A591317E57D9008C8C7541] - [10/04/2017 18:00:34] - |A| - [327680] - C:\WINDOWS\syswow64\wimserv.exe [MD5.9DB8E7776F8BB7804FDF5AFEE864E60E] - [10/04/2017 18:00:36] - |A| - [6656] - C:\WINDOWS\syswow64\win.com [MD5.A22126F58B07E937D10F96A506E40107] - [10/04/2017 18:00:36] - |A| - [2384384] - C:\WINDOWS\syswow64\win32k_FromLFSULTRA-WIDEN.sys [MD5.536E06B5A05C6E39C8748E3941FB083D] - [10/04/2017 18:00:38] - |A| - [492032] - C:\WINDOWS\syswow64\win32spl.dll [MD5.C980C971AD4FF3CA5CEFDEF40932D3A1] - [10/04/2017 18:00:39] - |A| - [13312] - C:\WINDOWS\syswow64\win87em.dll [MD5.00000000000000000000000000000000] - [10/04/2017 18:00:39] - |D| - [0] - C:\WINDOWS\syswow64\WinBioDatabase [MD5.00000000000000000000000000000000] - [10/04/2017 18:00:39] - |D| - [72704] - C:\WINDOWS\syswow64\WinBioPlugIns [MD5.3FAD263CE1E2A6FFF40D00043B2275E3] - [10/04/2017 18:00:39] - |A| - [57856] - C:\WINDOWS\syswow64\winbio_FromLFSULTRA-WIDEN.dll [MD5.326C7F76A29897A892AA7726E91C1C67] - [10/04/2017 18:00:42] - |A| - [12800] - C:\WINDOWS\syswow64\winbrand_FromLFSULTRA-WIDEN.dll [MD5.90DD6AE4D30FC132864400BB18AD232F] - [10/04/2017 18:00:42] - |A| - [35328] - C:\WINDOWS\syswow64\wincredprovider_FromLFSULTRA-WIDEN.dll [MD5.2750A80FC1D8F45A3BC14E0CAC7E619F] - [10/04/2017 18:00:42] - |A| - [257536] - C:\WINDOWS\syswow64\WindowsAnytimeUpgrade.exe [MD5.1C20F53017D9ADBE40B6826FE81FF47C] - [10/04/2017 18:00:43] - |A| - [292864] - C:\WINDOWS\syswow64\WindowsAnytimeUpgradeResults.exe [MD5.90766F3987AA34BC5D6EAE8A38C1F533] - [10/04/2017 18:00:44] - |A| - [376832] - C:\WINDOWS\syswow64\WindowsAnytimeUpgradeui.exe [MD5.62A6EB5771580CAE445804389F3F7432] - [10/04/2017 18:00:45] - |A| - [207872] - C:\WINDOWS\syswow64\WindowsCodecsExt_FromLFSULTRA-WIDEN.dll [MD5.3BCECD87AB4E6743BFB45B352AD1A529] - [10/04/2017 18:00:45] - |A| - [1230336] - C:\WINDOWS\syswow64\WindowsCodecs_FromLFSULTRA-WIDEN.dll [MD5.39C2D311FD5B80EC58C3618A1D994291] - [10/04/2017 18:01:23] - |A| - [82944] - C:\WINDOWS\syswow64\winethc.dll [MD5.00000000000000000000000000000000] - [10/04/2017 18:01:24] - |D| - [4968448] - C:\WINDOWS\syswow64\winevt [MD5.ED805F7E2E42063BE90B69E8A77669CD] - [10/04/2017 18:01:51] - |A| - [27648] - C:\WINDOWS\syswow64\WinFax_FromLFSULTRA-WIDEN.dll [MD5.EAD314F2142162AE4DE91355580F6607] - [10/04/2017 18:01:51] - |A| - [351744] - C:\WINDOWS\syswow64\winhttp_FromLFSULTRA-WIDEN.dll [MD5.E4EB138060BAE0DBAB1A3B71A3141FE7] - [10/04/2017 18:01:52] - |A| - [1950720] - C:\WINDOWS\syswow64\wininet_FromLFSULTRA-WIDEN.dll [MD5.B5C5DCAD3899512020D135600129D665] - [10/04/2017 18:01:52] - |A| - [96256] - C:\WINDOWS\syswow64\wininit.exe [MD5.1392FC9D1961FBC67F7D0A9B18DF85A4] - [10/04/2017 18:01:56] - |A| - [70144] - C:\WINDOWS\syswow64\winipsec_FromLFSULTRA-WIDEN.dll [MD5.E1068D2D6D4D3465E7C0CB4B2F08F9F5] - [10/04/2017 18:01:56] - |A| - [508904] - C:\WINDOWS\syswow64\winload.exe [MD5.52449FD429D6053B78AE564DEF303870] - [10/04/2017 18:01:56] - |A| - [304128] - C:\WINDOWS\syswow64\winlogon.exe [MD5.D5AEFAD57C08349A4393D987DF7C715D] - [10/04/2017 18:01:57] - |A| - [194048] - C:\WINDOWS\syswow64\winmm_FromLFSULTRA-WIDEN.dll [MD5.37F4D55260E037EE9862D0AF93348755] - [10/04/2017 18:01:58] - |A| - [5120] - C:\WINDOWS\syswow64\WINNLS.DLL [MD5.CFF35B879D1618D42C86644C717BA947] - [10/04/2017 18:01:58] - |A| - [16896] - C:\WINDOWS\syswow64\winnsi_FromLFSULTRA-WIDEN.dll [MD5.D921984A32D169528FF68856FDF7C89E] - [10/04/2017 18:01:58] - |A| - [2080] - C:\WINDOWS\syswow64\WINOLDAP.MOD [MD5.16F9DE9F9D122DBE0B6E7F28AFE3EE04] - [10/04/2017 18:01:58] - |A| - [442720] - C:\WINDOWS\syswow64\winresume.exe [MD5.33C138E3A498083EF8792EAC3FD707BA] - [10/04/2017 18:02:00] - |A| - [35] - C:\WINDOWS\syswow64\winrm_FromLFSULTRA-WIDEN.cmd [MD5.5B49271AEC5D5A221E91C7B4F3BC2F4C] - [10/04/2017 18:02:00] - |A| - [201034] - C:\WINDOWS\syswow64\winrm_FromLFSULTRA-WIDEN.vbs [MD5.5DF5D8CFD9B9573FA3B2C89D9061A240] - [10/04/2017 18:02:00] - |A| - [20992] - C:\WINDOWS\syswow64\winrnr_FromLFSULTRA-WIDEN.dll [MD5.29ABA16A9FE21867DED8F766501E4D6B] - [10/04/2017 18:02:00] - |A| - [240128] - C:\WINDOWS\syswow64\winrscmd_FromLFSULTRA-WIDEN.dll [MD5.2CEFF13ACE25A40BD8D97654944297CD] - [10/04/2017 18:02:01] - |A| - [20480] - C:\WINDOWS\syswow64\winrshost_FromLFSULTRA-WIDEN.exe [MD5.970A50FF47DAB1C0FFD59518ED5FF972] - [10/04/2017 18:02:02] - |A| - [1536] - C:\WINDOWS\syswow64\winrsmgr_FromLFSULTRA-WIDEN.dll [MD5.9926C16640F9D2806FE3BB1968259454] - [10/04/2017 18:02:02] - |A| - [10752] - C:\WINDOWS\syswow64\winrssrv_FromLFSULTRA-WIDEN.dll [MD5.36D3707084624DD5B391495BB3F133AF] - [10/04/2017 18:02:00] - |A| - [39936] - C:\WINDOWS\syswow64\winrs_FromLFSULTRA-WIDEN.exe [MD5.886B0EAA3B0FE76B3204E687C8DA6F66] - [10/04/2017 18:02:02] - |A| - [3367424] - C:\WINDOWS\syswow64\WinSAT.exe [MD5.81C0FA250EF6DC1C6B3FA2BCE81D6C2E] - [10/04/2017 18:02:04] - |A| - [335872] - C:\WINDOWS\syswow64\WinSATAPI_FromLFSULTRA-WIDEN.dll [MD5.9419ABF3163B6F0E3AD3DD2B381C879F] - [10/04/2017 18:02:06] - |A| - [134656] - C:\WINDOWS\syswow64\WinSCard_FromLFSULTRA-WIDEN.dll [MD5.DA756BA453C706A3DE7C93213E9621AA] - [10/04/2017 18:02:07] - |A| - [11264] - C:\WINDOWS\syswow64\winshfhc_FromLFSULTRA-WIDEN.dll [MD5.68485C5EF0E2EFCEBF21BBB1042B823B] - [10/04/2017 18:02:07] - |A| - [2864] - C:\WINDOWS\syswow64\WINSOCK.DLL [MD5.C4B408F57837EB3196A3BD12C2DF33F4] - [10/04/2017 18:02:07] - |A| - [68608] - C:\WINDOWS\syswow64\winsockhc_FromLFSULTRA-WIDEN.dll [MD5.63F707D29CCF28A1F0D098EF44782F1A] - [10/04/2017 18:02:08] - |A| - [2112] - C:\WINDOWS\syswow64\WINSPOOL.EXE [MD5.9E4B0E7472B4CEBA9E17F440B8CB0AB8] - [10/04/2017 18:02:08] - |A| - [320000] - C:\WINDOWS\syswow64\winspool_FromLFSULTRA-WIDEN.drv [MD5.92514E0192BC42C2209C722C74E35766] - [10/04/2017 18:02:09] - |A| - [16896] - C:\WINDOWS\syswow64\WINSRPC_FromLFSULTRA-WIDEN.DLL [MD5.C2E10DD5F72368909C516B24A02CFF12] - [10/04/2017 18:02:08] - |A| - [169984] - C:\WINDOWS\syswow64\winsrv.dll [MD5.FD67683FBA9B2C4BB551780BD8846F64] - [10/04/2017 18:02:09] - |A| - [157696] - C:\WINDOWS\syswow64\winsta_FromLFSULTRA-WIDEN.dll [MD5.03A9592348CB19E50E61580702DEFFB4] - [10/04/2017 18:02:09] - |A| - [173056] - C:\WINDOWS\syswow64\WinSyncMetastore_FromLFSULTRA-WIDEN.dll [MD5.6776BEB73C5A6BFAFA9405AB7F30B53B] - [10/04/2017 18:02:10] - |A| - [116736] - C:\WINDOWS\syswow64\WinSyncProviders_FromLFSULTRA-WIDEN.dll [MD5.7A01C8261FDFDFE3C21001897619A371] - [10/04/2017 18:02:09] - |A| - [296960] - C:\WINDOWS\syswow64\WinSync_FromLFSULTRA-WIDEN.dll [MD5.A7D79E9F660340AB20CD73F12910985F] - [10/04/2017 18:02:11] - |A| - [172544] - C:\WINDOWS\syswow64\wintrust_FromLFSULTRA-WIDEN.dll [MD5.843D21A20736016E5613E4B51EA60D46] - [10/04/2017 18:02:11] - |A| - [16896] - C:\WINDOWS\syswow64\winusb_FromLFSULTRA-WIDEN.dll [MD5.B26800E6727D579BA9232D70091A8C94] - [10/04/2017 18:02:11] - |A| - [79872] - C:\WINDOWS\syswow64\winver_FromLFSULTRA-WIDEN.exe [MD5.F74737E0EF87295E82EBD0A4B040539A] - [10/04/2017 18:02:12] - |A| - [334336] - C:\WINDOWS\syswow64\wisptis.exe [MD5.E5A4A1326A02F8E7B59E6C3270CE7202] - [10/04/2017 18:02:13] - |A| - [47104] - C:\WINDOWS\syswow64\wkscli_FromLFSULTRA-WIDEN.dll [MD5.6FE596F2DC97F7E1CA292F376C33D3CB] - [10/04/2017 18:02:13] - |A| - [223232] - C:\WINDOWS\syswow64\wksprt.exe [MD5.4EE8FFA94992AAAA804028AEF94696D8] - [10/04/2017 18:02:14] - |A| - [12800] - C:\WINDOWS\syswow64\wksprtPS_FromLFSULTRA-WIDEN.dll [MD5.58405E4F68BA8E4057C6E914F326ABA2] - [10/04/2017 18:02:14] - |A| - [84480] - C:\WINDOWS\syswow64\wkssvc.dll [MD5.B010CF886420EE29C2C276646721D255] - [10/04/2017 18:02:15] - |A| - [81408] - C:\WINDOWS\syswow64\wlanapi_FromLFSULTRA-WIDEN.dll [MD5.79DDDDE43595F9D2B65E37C8B3316955] - [10/04/2017 18:02:15] - |A| - [177152] - C:\WINDOWS\syswow64\wlancfg_FromLFSULTRA-WIDEN.dll [MD5.47FC6F0D7C1DF9D38D85B1CD3452A19D] - [10/04/2017 18:02:15] - |A| - [669696] - C:\WINDOWS\syswow64\WLanConn_FromLFSULTRA-WIDEN.dll [MD5.BEF5F00BE60D5C233AF498DCCAE6690D] - [10/04/2017 18:02:16] - |A| - [505856] - C:\WINDOWS\syswow64\wlandlg_FromLFSULTRA-WIDEN.dll [MD5.6F44F5C0BC6B210FE5F5A1C8D899AD0A] - [10/04/2017 18:02:18] - |A| - [77312] - C:\WINDOWS\syswow64\wlanext_FromLFSULTRA-WIDEN.exe [MD5.F99A4D145C862CBAD61B409C0AB0CD65] - [10/04/2017 18:02:18] - |A| - [411648] - C:\WINDOWS\syswow64\wlangpui_FromLFSULTRA-WIDEN.dll [MD5.72CAD432DFC01F5051C00B9640101DBA] - [10/04/2017 18:02:19] - |A| - [158208] - C:\WINDOWS\syswow64\WLanHC.dll [MD5.8063046AA70B97CA9985672B8848FB2E] - [10/04/2017 18:02:19] - |A| - [84480] - C:\WINDOWS\syswow64\wlanhlp_FromLFSULTRA-WIDEN.dll [MD5.9E6AF823733C70E207D9FB6731A63B3D] - [10/04/2017 18:02:19] - |A| - [16896] - C:\WINDOWS\syswow64\wlaninst.dll [MD5.4B8441782918424827F2937CFB669136] - [10/04/2017 18:02:20] - |A| - [748544] - C:\WINDOWS\syswow64\WlanMM_FromLFSULTRA-WIDEN.dll [MD5.3C9035085141162416A0DD34DBF3F3C1] - [10/04/2017 18:02:21] - |A| - [428032] - C:\WINDOWS\syswow64\wlanmsm.dll [MD5.CC88EF08712C08C5F5FE74A395BA25AC] - [10/04/2017 18:02:21] - |A| - [1326592] - C:\WINDOWS\syswow64\wlanpref_FromLFSULTRA-WIDEN.dll [MD5.20C06A50DFC097E134BC6FA8444CA9BC] - [10/04/2017 18:02:22] - |A| - [392192] - C:\WINDOWS\syswow64\wlansec.dll [MD5.16935C98FF639D185086A3529B1F2067] - [10/04/2017 18:02:24] - |A| - [829440] - C:\WINDOWS\syswow64\wlansvc.dll [MD5.A882CD13F68656CFD657E6639D3D3E17] - [10/04/2017 18:02:26] - |A| - [410112] - C:\WINDOWS\syswow64\wlanui_FromLFSULTRA-WIDEN.dll [MD5.1D6A771D1D702AE07919DB52C889A249] - [10/04/2017 18:02:26] - |A| - [8192] - C:\WINDOWS\syswow64\wlanutil_FromLFSULTRA-WIDEN.dll [MD5.A8BB45F9ECAD993461E0FEF8E2A99152] - [10/04/2017 18:02:26] - |A| - [269824] - C:\WINDOWS\syswow64\Wldap32_FromLFSULTRA-WIDEN.dll [MD5.749F9795F01C35EEBE100A87D82B9681] - [10/04/2017 18:02:26] - |A| - [118784] - C:\WINDOWS\syswow64\wlgpclnt_FromLFSULTRA-WIDEN.dll [MD5.70C03927E730B2DBDDFCC2F2206B8247] - [10/04/2017 18:02:26] - |A| - [40448] - C:\WINDOWS\syswow64\wlrmdr.exe [MD5.633C2C060CF857099F6C4F8D75C952B1] - [10/04/2017 18:02:27] - |A| - [8704] - C:\WINDOWS\syswow64\WlS0WndH_FromLFSULTRA-WIDEN.dll [MD5.7368176B23E9BE5D23ED9BFE1D58AC0C] - [10/04/2017 18:02:28] - |A| - [902144] - C:\WINDOWS\syswow64\WMADMOD_FromLFSULTRA-WIDEN.DLL [MD5.A0448DC7978E550FE64B9A984522B963] - [10/04/2017 18:02:29] - |A| - [815616] - C:\WINDOWS\syswow64\WMADMOE_FromLFSULTRA-WIDEN.DLL [MD5.39EAE20638E7F13674D9988907CEF6F7] - [10/04/2017 18:02:30] - |A| - [1202688] - C:\WINDOWS\syswow64\WMALFXGFXDSP.dll [MD5.A7DD56261518373F70F23079EB3CD0A2] - [10/04/2017 18:02:32] - |A| - [237568] - C:\WINDOWS\syswow64\WMASF_FromLFSULTRA-WIDEN.DLL [MD5.CC12F4AD167D4BBC2EEDC953C1DC1515] - [10/04/2017 18:02:33] - |A| - [53760] - C:\WINDOWS\syswow64\wmcodecdspps_FromLFSULTRA-WIDEN.dll [MD5.26B393159E13AD792C1308963F836007] - [10/04/2017 18:02:33] - |A| - [31744] - C:\WINDOWS\syswow64\wmdmlog_FromLFSULTRA-WIDEN.dll [MD5.BBA74A73540558ED2216F6DDD0DA0943] - [10/04/2017 18:02:34] - |A| - [36864] - C:\WINDOWS\syswow64\wmdmps_FromLFSULTRA-WIDEN.dll [MD5.5CF15474FFDB5005E54958DF6EDD97AB] - [10/04/2017 18:02:34] - |A| - [507392] - C:\WINDOWS\syswow64\wmdrmdev.dll [MD5.41A2EEB3FC7C4677787C612478DBD69A] - [10/04/2017 18:02:34] - |A| - [436736] - C:\WINDOWS\syswow64\wmdrmnet.dll [MD5.394117608EB031E622D4812E67746F09] - [10/04/2017 18:02:35] - |A| - [616960] - C:\WINDOWS\syswow64\wmdrmsdk_FromLFSULTRA-WIDEN.dll [MD5.E97200FC01710AD660F7B6F8B5A515A9] - [09/04/2017 12:10:31] - |A| - [1554944] - C:\WINDOWS\syswow64\WMEncEng.dll [MD5.E97200FC01710AD660F7B6F8B5A515A9] - [10/04/2017 18:02:36] - |A| - [1554944] - C:\WINDOWS\syswow64\WMEncEng_FromLFSULTRA-WIDEN.dll [MD5.9CBCC832AD33A438264917DA39BE6CFD] - [10/04/2017 18:02:38] - |A| - [2048] - C:\WINDOWS\syswow64\wmerror_FromLFSULTRA-WIDEN.dll [MD5.978C0FD73FCC8D110423C0D2043A844F] - [09/04/2017 12:10:31] - |A| - [170496] - C:\WINDOWS\syswow64\wmesrcwp.dll [MD5.978C0FD73FCC8D110423C0D2043A844F] - [10/04/2017 18:02:38] - |A| - [170496] - C:\WINDOWS\syswow64\wmesrcwp_FromLFSULTRA-WIDEN.dll [MD5.201583C185178201FB7C04C89ABA0E91] - [09/04/2017 12:10:31] - |A| - [929280] - C:\WINDOWS\syswow64\wmex.dll [MD5.B06AEAC8EBE09DF3D1BC1D30AC968894] - [09/04/2017 12:10:31] - |A| - [469504] - C:\WINDOWS\syswow64\WMexfmwp.dll [MD5.B06AEAC8EBE09DF3D1BC1D30AC968894] - [10/04/2017 18:02:40] - |A| - [469504] - C:\WINDOWS\syswow64\WMexfmwp_FromLFSULTRA-WIDEN.dll [MD5.5C192CCF02C16059C7AD7400E275C16A] - [09/04/2017 12:10:31] - |A| - [242176] - C:\WINDOWS\syswow64\WMEXres.dll [MD5.5C192CCF02C16059C7AD7400E275C16A] - [10/04/2017 18:02:41] - |A| - [242176] - C:\WINDOWS\syswow64\WMEXres_FromLFSULTRA-WIDEN.dll [MD5.201583C185178201FB7C04C89ABA0E91] - [10/04/2017 18:02:39] - |A| - [929280] - C:\WINDOWS\syswow64\wmex_FromLFSULTRA-WIDEN.dll [MD5.6ADA78F0E4BE07CF7C5500778DE8FB7D] - [10/04/2017 18:02:42] - |A| - [351232] - C:\WINDOWS\syswow64\wmicmiplugin.dll [MD5.D03C77D06DE89A3D0553D8E6A989E26C] - [10/04/2017 18:02:42] - |A| - [155136] - C:\WINDOWS\syswow64\wmidx_FromLFSULTRA-WIDEN.dll [MD5.E0ADDCE97EE521C9AC4F53EE17A05BD5] - [10/04/2017 18:02:42] - |A| - [144673] - C:\WINDOWS\syswow64\WmiMgmt.msc [MD5.16763AA2184593A49BC394915963759F] - [10/04/2017 18:02:43] - |A| - [23040] - C:\WINDOWS\syswow64\wmiprop_FromLFSULTRA-WIDEN.dll [MD5.907281ED4AD35D41B29FFDC211EBAD80] - [10/04/2017 18:02:41] - |A| - [5120] - C:\WINDOWS\syswow64\wmi_FromLFSULTRA-WIDEN.dll [MD5.12C1BBE5B01F554DC2FA3225131E2D2B] - [10/04/2017 18:02:43] - |A| - [1003008] - C:\WINDOWS\syswow64\WMNetMgr_FromLFSULTRA-WIDEN.dll [MD5.94AF2DD44BF81299E11F7FB8CC34EE3F] - [10/04/2017 18:02:45] - |A| - [22528] - C:\WINDOWS\syswow64\wmpcm.dll [MD5.2184E66487D06BFCFC68B894C7AF8D53] - [10/04/2017 18:02:51] - |A| - [170496] - C:\WINDOWS\syswow64\WmpDui_FromLFSULTRA-WIDEN.dll [MD5.F645EF77ED0735B927E9804E28855E17] - [10/04/2017 18:02:56] - |A| - [299520] - C:\WINDOWS\syswow64\wmpdxm_FromLFSULTRA-WIDEN.dll [MD5.3B91EA6DC3AE6088C880AB9073A833C2] - [10/04/2017 18:02:58] - |A| - [352256] - C:\WINDOWS\syswow64\wmpeffects_FromLFSULTRA-WIDEN.dll [MD5.80C5342074711F098A00F71FFF262B3B] - [10/04/2017 18:02:58] - |A| - [1624064] - C:\WINDOWS\syswow64\WMPEncEn.dll [MD5.545F1BAAADD0BF1F4FE4586293FCA07D] - [10/04/2017 18:03:01] - |A| - [417792] - C:\WINDOWS\syswow64\WMPhoto_FromLFSULTRA-WIDEN.dll [MD5.0FBC74AA20FE0AE6884279F893169C60] - [10/04/2017 18:03:01] - |A| - [12625408] - C:\WINDOWS\syswow64\wmploc_FromLFSULTRA-WIDEN.DLL [MD5.B25C60E9ED641AFF18198CBF6C288DB8] - [10/04/2017 18:03:04] - |A| - [740352] - C:\WINDOWS\syswow64\wmpmde_FromLFSULTRA-WIDEN.dll [MD5.3F2B83695E5BF11930C16AF50E991F96] - [10/04/2017 18:03:09] - |A| - [144384] - C:\WINDOWS\syswow64\wmpps_FromLFSULTRA-WIDEN.dll [MD5.E9C7D94D71857409BF741F1B7561D0E6] - [10/04/2017 18:03:13] - |A| - [105472] - C:\WINDOWS\syswow64\wmpshell_FromLFSULTRA-WIDEN.dll [MD5.B86FB49A715157C49E2C7205E1817012] - [10/04/2017 18:03:16] - |A| - [182272] - C:\WINDOWS\syswow64\wmpsrcwp.dll [MD5.1957D49A9613FAAD1C73B508CCE02AA5] - [10/04/2017 18:02:44] - |A| - [11410432] - C:\WINDOWS\syswow64\wmp_FromLFSULTRA-WIDEN.dll [MD5.D412B1B72C5AB020218E9A047D90CA05] - [10/04/2017 18:03:18] - |A| - [11264] - C:\WINDOWS\syswow64\wmsgapi_FromLFSULTRA-WIDEN.dll [MD5.62851F0D13AD06F0042C8109E680421F] - [10/04/2017 18:03:18] - |A| - [739328] - C:\WINDOWS\syswow64\WMSPDMOD_FromLFSULTRA-WIDEN.DLL [MD5.6B1BB70E72B573EBDF1235B77DF5706D] - [10/04/2017 18:03:19] - |A| - [1325056] - C:\WINDOWS\syswow64\WMSPDMOE_FromLFSULTRA-WIDEN.DLL [MD5.0F416E23DD2EB4DEBE70608020CFD283] - [10/04/2017 18:03:21] - |A| - [2504192] - C:\WINDOWS\syswow64\WMVCORE_FromLFSULTRA-WIDEN.DLL [MD5.D1450810490EB170A182C4AC915CB87C] - [10/04/2017 18:03:22] - |A| - [1620992] - C:\WINDOWS\syswow64\WMVDECOD_FromLFSULTRA-WIDEN.DLL [MD5.529FD067D9A60876469E4CBE1AED72E8] - [10/04/2017 18:03:25] - |A| - [144896] - C:\WINDOWS\syswow64\wmvdspa_FromLFSULTRA-WIDEN.dll [MD5.FEAEA5182DB9072EBD493466F8608EB8] - [10/04/2017 18:03:25] - |A| - [1568768] - C:\WINDOWS\syswow64\WMVENCOD_FromLFSULTRA-WIDEN.DLL [MD5.96FF617934E6A87AA810719D1D911DA9] - [10/04/2017 18:03:26] - |A| - [541184] - C:\WINDOWS\syswow64\WMVSDECD_FromLFSULTRA-WIDEN.DLL [MD5.2C838797F2F6138EF36C8964487775B9] - [10/04/2017 18:03:28] - |A| - [358400] - C:\WINDOWS\syswow64\WMVSENCD_FromLFSULTRA-WIDEN.DLL [MD5.71C9DDA9ED939361C1CA2CE21EA84DBF] - [10/04/2017 18:03:28] - |A| - [665088] - C:\WINDOWS\syswow64\WMVXENCD_FromLFSULTRA-WIDEN.DLL [MD5.0C8247724AF880A1EAB538885B58F7E0] - [10/04/2017 18:03:29] - |A| - [282112] - C:\WINDOWS\syswow64\wow32_FromLFSULTRA-WIDEN.dll [MD5.186D762610633E21A1F55EFF15D458B4] - [10/04/2017 18:03:30] - |A| - [2864] - C:\WINDOWS\syswow64\WOWDEB.EXE [MD5.EAA2E8631395435976C402FF68BEF283] - [10/04/2017 18:03:31] - |A| - [8960] - C:\WINDOWS\syswow64\WOWEXEC.EXE [MD5.931F6FC6390D20912B1BA39CC2C307F3] - [10/04/2017 18:03:32] - |A| - [128512] - C:\WINDOWS\syswow64\wpcao.dll [MD5.BFDC1FE9B277779E3263B0B2A9DC3E0D] - [10/04/2017 18:03:32] - |A| - [766464] - C:\WINDOWS\syswow64\wpccpl.dll [MD5.08A05ECBF424C635A9FB2400B898AB17] - [10/04/2017 18:03:33] - |A| - [15872] - C:\WINDOWS\syswow64\wpcmig.dll [MD5.A2F0EC770A92F2B3F9DE6D518E11409C] - [10/04/2017 18:03:33] - |A| - [10752] - C:\WINDOWS\syswow64\wpcsvc.dll [MD5.D5ECF4A4817DA7D4A4502AD937B94084] - [10/04/2017 18:03:33] - |A| - [179200] - C:\WINDOWS\syswow64\wpcumi.dll [MD5.43C9CF6825CEA58F1815B7C3DBBB385C] - [10/04/2017 18:03:31] - |A| - [308736] - C:\WINDOWS\syswow64\Wpc_FromLFSULTRA-WIDEN.dll [MD5.AA53356D60AF47EACC85BC617A4F3F66] - [10/04/2017 18:03:33] - |A| - [85504] - C:\WINDOWS\syswow64\wpdbusenum.dll [MD5.CA66C2F1DDACA8A4E682917A9B833E86] - [10/04/2017 18:03:37] - |A| - [30208] - C:\WINDOWS\syswow64\WPDShextAutoplay_FromLFSULTRA-WIDEN.exe [MD5.181F69BC9C406B7FB5C0ADE8031630AC] - [10/04/2017 18:03:34] - |A| - [2311168] - C:\WINDOWS\syswow64\wpdshext_FromLFSULTRA-WIDEN.dll [MD5.735263DA17BF5BAF9CCD483843BF9D5A] - [10/04/2017 18:03:37] - |A| - [105984] - C:\WINDOWS\syswow64\WPDShServiceObj_FromLFSULTRA-WIDEN.dll [MD5.7DF45A1E1A4AAFDEEFF2CA8F8200F37B] - [10/04/2017 18:03:37] - |A| - [350720] - C:\WINDOWS\syswow64\WPDSp_FromLFSULTRA-WIDEN.dll [MD5.CA63BC9F834A42DAA8375FAC76B5CE83] - [10/04/2017 18:03:38] - |A| - [198144] - C:\WINDOWS\syswow64\wpdwcn.dll [MD5.297848A1D7D03A5735CEDF91F82ACFAB] - [10/04/2017 18:03:38] - |A| - [577024] - C:\WINDOWS\syswow64\wpd_ci.dll [MD5.6E8EACC0B339365D79A2C06896865D3D] - [10/04/2017 18:03:39] - |A| - [9216] - C:\WINDOWS\syswow64\write_FromLFSULTRA-WIDEN.exe [MD5.808AABDF9337312195CAFF76D1804786] - [10/04/2017 18:03:39] - |A| - [4608] - C:\WINDOWS\syswow64\ws2help_FromLFSULTRA-WIDEN.dll [MD5.59EA5753EBDAE42CF92FD5B6E7AE4D53] - [10/04/2017 18:03:40] - |A| - [206336] - C:\WINDOWS\syswow64\ws2_32_FromLFSULTRA-WIDEN.dll [MD5.A8CDF3768604FF95B54669E20053D569] - [10/04/2017 18:03:40] - |A| - [51712] - C:\WINDOWS\syswow64\wscapi_FromLFSULTRA-WIDEN.dll [MD5.F175E53C7C3B25A9029A131FB578B155] - [10/04/2017 18:03:41] - |A| - [95744] - C:\WINDOWS\syswow64\wscinterop_FromLFSULTRA-WIDEN.dll [MD5.8258362DDB18B644A82D8B5061AD9426] - [10/04/2017 18:03:41] - |A| - [18944] - C:\WINDOWS\syswow64\wscisvif_FromLFSULTRA-WIDEN.dll [MD5.183407E0351554E5883CB380E3D8F2F3] - [10/04/2017 18:03:41] - |A| - [56832] - C:\WINDOWS\syswow64\wscmisetup.dll [MD5.7DF186D86CF8C571A12AAB788C777F84] - [10/04/2017 18:03:41] - |A| - [9728] - C:\WINDOWS\syswow64\wscproxystub_FromLFSULTRA-WIDEN.dll [MD5.D1AB72DB2BEDD2F255D35DA3DA0D4B16] - [10/04/2017 18:03:41] - |A| - [141824] - C:\WINDOWS\syswow64\wscript_FromLFSULTRA-WIDEN.exe [MD5.6F5D49EFE0E7164E03AE773A3FE25340] - [10/04/2017 18:03:42] - |A| - [73728] - C:\WINDOWS\syswow64\wscsvc.dll [MD5.7FD5532C142DB6C9CC47AA4DCF71FDEC] - [10/04/2017 18:03:42] - |A| - [1140736] - C:\WINDOWS\syswow64\wscui_FromLFSULTRA-WIDEN.cpl [MD5.73F6C5223F7E9B5780DD4A6C30FCF569] - [10/04/2017 18:03:43] - |A| - [458752] - C:\WINDOWS\syswow64\WSDApi_FromLFSULTRA-WIDEN.dll [MD5.AAF7BEB63E2CC499834B608A85A55E4E] - [10/04/2017 18:03:44] - |A| - [21504] - C:\WINDOWS\syswow64\wsdchngr_FromLFSULTRA-WIDEN.dll [MD5.A8EB761DE499242BECF153B2B34F020E] - [10/04/2017 18:03:44] - |A| - [185344] - C:\WINDOWS\syswow64\WSDMon.dll [MD5.C7E6603831EC6EE46284D301BCFBF0F7] - [10/04/2017 18:03:45] - |A| - [57856] - C:\WINDOWS\syswow64\WSDPrintProxy.DLL [MD5.7451CD328A8FECAEB026FA695C76B1B5] - [10/04/2017 18:03:45] - |A| - [55808] - C:\WINDOWS\syswow64\WSDScanProxy.dll [MD5.CA75367CE419922291A11227E32FBA0C] - [10/04/2017 18:03:45] - |A| - [1294336] - C:\WINDOWS\syswow64\wsecedit_FromLFSULTRA-WIDEN.dll [MD5.C7900299C6B41196043A5A6E59DB2532] - [10/04/2017 18:03:47] - |A| - [27136] - C:\WINDOWS\syswow64\wsepno.dll [MD5.AC122407B29378FF9646F03404AC7C54] - [10/04/2017 18:03:47] - |A| - [36352] - C:\WINDOWS\syswow64\wshbth_FromLFSULTRA-WIDEN.dll [MD5.76E06421A566251FFDE2F21248D76686] - [10/04/2017 18:03:48] - |A| - [25600] - C:\WINDOWS\syswow64\wshcon_FromLFSULTRA-WIDEN.dll [MD5.5B90BB3171504C9DAF3C5CB44B203CA7] - [10/04/2017 18:03:48] - |A| - [15360] - C:\WINDOWS\syswow64\wshelper_FromLFSULTRA-WIDEN.dll [MD5.E8F6851E4600CD3674422487EE240941] - [10/04/2017 18:03:48] - |A| - [80896] - C:\WINDOWS\syswow64\wshext_FromLFSULTRA-WIDEN.dll [MD5.73E8667A19FEEDD856DF2695E9E511D4] - [10/04/2017 18:03:48] - |A| - [10752] - C:\WINDOWS\syswow64\wship6_FromLFSULTRA-WIDEN.dll [MD5.21CE1E98A17FD46BE371719DFD046958] - [10/04/2017 18:03:48] - |A| - [11264] - C:\WINDOWS\syswow64\wshirda_FromLFSULTRA-WIDEN.dll [MD5.78DE417B7921DACA072059E6BF410FC7] - [10/04/2017 18:03:48] - |A| - [10752] - C:\WINDOWS\syswow64\wshnetbs.dll [MD5.B5D4429FBBF86A05AC2E3A247E32E97F] - [10/04/2017 18:03:49] - |A| - [122368] - C:\WINDOWS\syswow64\wshom_FromLFSULTRA-WIDEN.ocx [MD5.81F08948A0F1475894C99D4D19A158A8] - [10/04/2017 18:03:49] - |A| - [13824] - C:\WINDOWS\syswow64\wshqos_FromLFSULTRA-WIDEN.dll [MD5.EB11947B250AD259755939A2DE349FBB] - [10/04/2017 18:03:49] - |A| - [14848] - C:\WINDOWS\syswow64\wshrm_FromLFSULTRA-WIDEN.dll [MD5.EE5C8E27C37B79CB54A2FCEEED2DC262] - [10/04/2017 18:03:49] - |A| - [9216] - C:\WINDOWS\syswow64\WSHTCPIP_FromLFSULTRA-WIDEN.DLL [MD5.3C436603213561E2E7DD3D4459DBB7D4] - [10/04/2017 18:03:50] - |A| - [4675] - C:\WINDOWS\syswow64\wsmanconfig_schema_FromLFSULTRA-WIDEN.xml [MD5.4C61EA0D3BE4623EC040C4BE3E05AB26] - [10/04/2017 18:03:50] - |A| - [198144] - C:\WINDOWS\syswow64\WSManHTTPConfig_FromLFSULTRA-WIDEN.exe [MD5.C756368733412D7978D5580AD657172F] - [10/04/2017 18:03:50] - |A| - [248832] - C:\WINDOWS\syswow64\WSManMigrationPlugin_FromLFSULTRA-WIDEN.dll [MD5.AE674929F4D9A33FE4549BCCBDEE632D] - [10/04/2017 18:03:51] - |A| - [145920] - C:\WINDOWS\syswow64\WsmAuto_FromLFSULTRA-WIDEN.dll [MD5.8DF28EE7D598015B721731C4A4272B8D] - [10/04/2017 18:03:52] - |A| - [10752] - C:\WINDOWS\syswow64\wsmplpxy_FromLFSULTRA-WIDEN.dll [MD5.7923BD4C45291BE19DB81D93049AAE68] - [10/04/2017 18:03:52] - |A| - [12288] - C:\WINDOWS\syswow64\wsmprovhost_FromLFSULTRA-WIDEN.exe [MD5.D6CBFA113B69C491DE370E85EBAC80E9] - [10/04/2017 18:03:52] - |A| - [1559] - C:\WINDOWS\syswow64\WsmPty_FromLFSULTRA-WIDEN.xsl [MD5.0DF34F7EF3BD18DC00C3E03E6E1CA315] - [10/04/2017 18:03:52] - |A| - [54272] - C:\WINDOWS\syswow64\WsmRes_FromLFSULTRA-WIDEN.dll [MD5.1B91CD34EA3A90AB6A4EF0550174F4CC] - [10/04/2017 18:03:53] - |A| - [1175040] - C:\WINDOWS\syswow64\WsmSvc_FromLFSULTRA-WIDEN.dll [MD5.B2EDF82825D979928AE07CBE9C7A2160] - [10/04/2017 18:03:54] - |A| - [2426] - C:\WINDOWS\syswow64\WsmTxt_FromLFSULTRA-WIDEN.xsl [MD5.BE0B200F4D1C985C13ACED8A5E30D4AC] - [10/04/2017 18:03:55] - |A| - [213504] - C:\WINDOWS\syswow64\WsmWmiPl_FromLFSULTRA-WIDEN.dll [MD5.6357E2B68753A1F5CF4A68A25C4FD14A] - [10/04/2017 18:03:55] - |A| - [51712] - C:\WINDOWS\syswow64\wsnmp32_FromLFSULTRA-WIDEN.dll [MD5.DF13A51A5C591887D2EC6AE64CEED0FA] - [10/04/2017 18:03:55] - |A| - [15360] - C:\WINDOWS\syswow64\wsock32_FromLFSULTRA-WIDEN.dll [MD5.22DE9DFF5565B00F230EAC0C635DAEB7] - [10/04/2017 18:03:55] - |A| - [254976] - C:\WINDOWS\syswow64\wsqmcons.exe [MD5.A912933C92B9C4C70E9039C0B597AE4E] - [10/04/2017 18:03:56] - |A| - [68608] - C:\WINDOWS\syswow64\WSTPager_FromLFSULTRA-WIDEN.ax [MD5.6A6B2EE4565A178035BE2A4FF6F2C968] - [10/04/2017 18:03:56] - |A| - [40448] - C:\WINDOWS\syswow64\wtsapi32_FromLFSULTRA-WIDEN.dll [MD5.867148EBF47E7E7E7B21C07B4A981929] - [10/04/2017 18:03:57] - |A| - [581600] - C:\WINDOWS\syswow64\wuapi_FromLFSULTRA-WIDEN.dll [MD5.F419D738BD2AE58D9DF2F9FEB5F43842] - [10/04/2017 18:03:57] - |A| - [33792] - C:\WINDOWS\syswow64\wuapp.exe [MD5.072678E0D68E9C3A7960328671134C7B] - [10/04/2017 18:03:58] - |A| - [54240] - C:\WINDOWS\syswow64\wuauclt.exe [MD5.D9B0134913E5EF007AF82A418C503322] - [10/04/2017 18:03:58] - |A| - [1973728] - C:\WINDOWS\syswow64\wuaueng.dll [MD5.EC6E2DB67695966DF22CF5EBEFC1D305] - [10/04/2017 18:04:01] - |A| - [2425856] - C:\WINDOWS\syswow64\wucltux.dll [MD5.D689B2C2E69156D954C24810F4081C1E] - [10/04/2017 18:04:02] - |A| - [38912] - C:\WINDOWS\syswow64\WUDFCoinstaller.dll [MD5.980B6A5F92B8DB235C4A26728C2BE732] - [10/04/2017 18:04:04] - |A| - [196608] - C:\WINDOWS\syswow64\WUDFHost.exe [MD5.D5CF1536137026ACDED95BF6CBF849F6] - [10/04/2017 18:04:04] - |A| - [172032] - C:\WINDOWS\syswow64\WUDFPlatform.dll [MD5.FE47B7BC8EA320C2D9B5E5BF6E303765] - [10/04/2017 18:04:04] - |A| - [73216] - C:\WINDOWS\syswow64\WUDFSvc.dll [MD5.A36F7A256E65D858A7039DB00ADEEBDD] - [10/04/2017 18:04:05] - |A| - [613888] - C:\WINDOWS\syswow64\WUDFx.dll [MD5.372218B80DEF827063049EBEE76B7501] - [10/04/2017 18:04:05] - |A| - [92672] - C:\WINDOWS\syswow64\wudriver_FromLFSULTRA-WIDEN.dll [MD5.459E257F8915D44B23ACB46211FD45D0] - [10/04/2017 18:04:06] - |A| - [45536] - C:\WINDOWS\syswow64\wups2.dll [MD5.255F0417EC31C71585824269522EC8E9] - [10/04/2017 18:04:06] - |A| - [36320] - C:\WINDOWS\syswow64\wups_FromLFSULTRA-WIDEN.dll [MD5.8CBD6FDACDCC0ED48BAF607226D6D0C9] - [10/04/2017 18:04:06] - |A| - [314880] - C:\WINDOWS\syswow64\wusa_FromLFSULTRA-WIDEN.exe [MD5.5AA2CAD923E9E647276A61387E83DDD0] - [10/04/2017 18:04:06] - |A| - [179656] - C:\WINDOWS\syswow64\wuwebv.dll [MD5.0BD483CECD8DAC86E04347589ADC71EE] - [10/04/2017 18:04:07] - |A| - [444928] - C:\WINDOWS\syswow64\wvc_FromLFSULTRA-WIDEN.dll [MD5.0FBF76AD1E6D764FC7A5F676FF67A91A] - [10/04/2017 18:04:07] - |A| - [163328] - C:\WINDOWS\syswow64\Wwanadvui.dll [MD5.C02AA67276FEE0C15CC4D6D616BDE95E] - [10/04/2017 18:04:08] - |A| - [284672] - C:\WINDOWS\syswow64\WWanAPI_FromLFSULTRA-WIDEN.dll [MD5.7C78056A767E0D59E8298A42E0B8D111] - [10/04/2017 18:04:08] - |A| - [42496] - C:\WINDOWS\syswow64\wwancfg.dll [MD5.8A31F7A5A29EA3564493BC5EF8E78032] - [10/04/2017 18:04:08] - |A| - [196608] - C:\WINDOWS\syswow64\wwanconn.dll [MD5.D810BD9B86F6A898B90DA43C775F189E] - [10/04/2017 18:04:08] - |A| - [56320] - C:\WINDOWS\syswow64\WWanHC.dll [MD5.5B6EF0861BB5AC0EC347548E85C24A1D] - [10/04/2017 18:04:09] - |A| - [13312] - C:\WINDOWS\syswow64\wwaninst.dll [MD5.F405B990E4C5BFC89E2CA19C6901529B] - [10/04/2017 18:04:09] - |A| - [674304] - C:\WINDOWS\syswow64\wwanmm.dll [MD5.5F3FF2A2D21F6FFE157959560F43F565] - [10/04/2017 18:04:09] - |A| - [39424] - C:\WINDOWS\syswow64\Wwanpref.dll [MD5.E43C34EEFE6D87B3B96FD5C90A0B305E] - [10/04/2017 18:04:09] - |A| - [40960] - C:\WINDOWS\syswow64\wwanprotdim.dll [MD5.FF2D745B560F7C71B31F30F4D49F73D2] - [10/04/2017 18:04:10] - |A| - [185856] - C:\WINDOWS\syswow64\wwansvc.dll [MD5.F2ED6D00921CA138289E5E0CCB9ABF87] - [10/04/2017 18:04:10] - |A| - [27648] - C:\WINDOWS\syswow64\wwapi_FromLFSULTRA-WIDEN.dll [MD5.169DE412F151DFCD2D6328C75C4D8B48] - [10/04/2017 18:04:10] - |A| - [80896] - C:\WINDOWS\syswow64\wzcdlg.dll [MD5.361D273773994ED11A6F1E51BBB4277E] - [10/04/2017 18:04:11] - |A| - [36864] - C:\WINDOWS\syswow64\xcopy_FromLFSULTRA-WIDEN.exe [MD5.79186F76982318D9C438323219464208] - [10/04/2017 18:04:11] - |A| - [25600] - C:\WINDOWS\syswow64\XInput9_1_0_FromLFSULTRA-WIDEN.dll [MD5.DC72ADE29F40EEFD38E35ED8A4D1F8F1] - [10/04/2017 18:04:12] - |A| - [54784] - C:\WINDOWS\syswow64\xmlfilter_FromLFSULTRA-WIDEN.dll [MD5.7BF5EA753D4CC056B9462A02AC51B160] - [10/04/2017 18:04:12] - |A| - [180224] - C:\WINDOWS\syswow64\xmllite_FromLFSULTRA-WIDEN.dll [MD5.84785AC06DE6734B4881C839367FE319] - [10/04/2017 18:04:12] - |A| - [17920] - C:\WINDOWS\syswow64\xmlprovi_FromLFSULTRA-WIDEN.dll [MD5.9D6AA2ADD3F704134EE89C1E58BDFD1B] - [10/04/2017 18:04:12] - |A| - [47616] - C:\WINDOWS\syswow64\xolehlp_FromLFSULTRA-WIDEN.dll [MD5.7B8DA800BEBB55C17DFD6A1FB420BDE6] - [10/04/2017 18:04:12] - |A| - [601600] - C:\WINDOWS\syswow64\XpsFilt_FromLFSULTRA-WIDEN.dll [MD5.C7A730AFB80B11F93EFC81B1D6F920D7] - [10/04/2017 18:04:13] - |A| - [364544] - C:\WINDOWS\syswow64\XpsGdiConverter_FromLFSULTRA-WIDEN.dll [MD5.6A7B5A3EFCCDB53DA41CF6838056990F] - [10/04/2017 18:04:14] - |A| - [1158144] - C:\WINDOWS\syswow64\XpsPrint_FromLFSULTRA-WIDEN.dll [MD5.8A244E6F8004A421359812C3FC55AE1B] - [10/04/2017 18:04:15] - |A| - [135168] - C:\WINDOWS\syswow64\XpsRasterService_FromLFSULTRA-WIDEN.dll [MD5.59B7280D73906B43B13B273A1F9CC3DD] - [10/04/2017 18:04:15] - |A| - [3405312] - C:\WINDOWS\syswow64\xpsrchvw_FromLFSULTRA-WIDEN.exe [MD5.9D6B8FC71167D22849424084F0F3D9E9] - [10/04/2017 18:04:17] - |A| - [76060] - C:\WINDOWS\syswow64\xpsrchvw_FromLFSULTRA-WIDEN.xml [MD5.9C8E9CAAF237E8CD8BEBDE700AAFF9E0] - [10/04/2017 18:04:20] - |A| - [1712640] - C:\WINDOWS\syswow64\xpsservices_FromLFSULTRA-WIDEN.dll [MD5.45847160399DD9927B95B013B9F10599] - [10/04/2017 18:04:21] - |A| - [443904] - C:\WINDOWS\syswow64\XPSSHHDR_FromLFSULTRA-WIDEN.dll [MD5.D66F3B06D57E245B29F089A3DB516154] - [10/04/2017 18:04:21] - |A| - [930816] - C:\WINDOWS\syswow64\xpssvcs.dll [MD5.93A690B9DCDE48B64DE7A87AAC2CC9BC] - [10/04/2017 18:04:26] - |A| - [354816] - C:\WINDOWS\syswow64\xwizards_FromLFSULTRA-WIDEN.dll [MD5.CFB89001DDE4224FB10C47E3DB3F5956] - [10/04/2017 18:04:25] - |A| - [4041] - C:\WINDOWS\syswow64\xwizard_FromLFSULTRA-WIDEN.dtd [MD5.DB8ED9104D6DCB78D3D78EC3E44C1309] - [10/04/2017 18:04:25] - |A| - [41472] - C:\WINDOWS\syswow64\xwizard_FromLFSULTRA-WIDEN.exe [MD5.24B914FA98F6FBD9290A140712B774BF] - [10/04/2017 18:04:26] - |A| - [85504] - C:\WINDOWS\syswow64\xwreg_FromLFSULTRA-WIDEN.dll [MD5.CC3755148498C0A44F57A88BF2ABDCD7] - [10/04/2017 18:04:26] - |A| - [158208] - C:\WINDOWS\syswow64\xwtpdui_FromLFSULTRA-WIDEN.dll [MD5.A822D432C919E1C015B8E43C191B018D] - [10/04/2017 18:04:27] - |A| - [107520] - C:\WINDOWS\syswow64\xwtpw32_FromLFSULTRA-WIDEN.dll [MD5.A2F0B6A45EF5B68173AAA2A39690904E] - [10/04/2017 18:04:39] - |A| - [327680] - C:\WINDOWS\syswow64\zipfldr_FromLFSULTRA-WIDEN.dll [MD5.4965107D112666D3835308A831A29274] - [04/04/2017 15:20:01] - |A| - [53248] - C:\WINDOWS\syswow64\zlib.dll [MD5.4965107D112666D3835308A831A29274] - [10/04/2017 18:04:39] - |A| - [53248] - C:\WINDOWS\syswow64\zlib_FromLFSULTRA-WIDEN.dll [MD5.9EB793EAD1E4CC68022D7E60C4656481] - [10/04/2017 15:08:24] - |A| - [8] - C:\WINDOWS\syswow64\Drivers\1025_ACER_ACER_AOD255.MRK [MD5.FBCE2F43185104AE8BF4D32571B19203] - [10/04/2017 15:08:24] - |A| - [54784] - C:\WINDOWS\syswow64\Drivers\1394bus.sys [MD5.1B133875B8AA8AC48969BD3458AFE9F5] - [10/04/2017 15:08:24] - |A| - [164864] - C:\WINDOWS\syswow64\Drivers\1394ohci.sys [MD5.CEA80C80BED809AA0DA6FEBC04733349] - [10/04/2017 15:08:24] - |A| - [274304] - C:\WINDOWS\syswow64\Drivers\acpi.sys [MD5.1EFBC664ABFF416D1D07DB115DCB264F] - [10/04/2017 15:08:24] - |A| - [10240] - C:\WINDOWS\syswow64\Drivers\acpipmi.sys [MD5.21E785EBD7DC90A06391141AAC7892FB] - [10/04/2017 15:08:25] - |A| - [422976] - C:\WINDOWS\syswow64\Drivers\adp94xx.sys [MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - [10/04/2017 15:08:25] - |A| - [297552] - C:\WINDOWS\syswow64\Drivers\adpahci.sys [MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - [10/04/2017 15:08:25] - |A| - [146512] - C:\WINDOWS\syswow64\Drivers\adpu320.sys [MD5.F81BB7E487EDCEAB630A7EE66CF23913] - [10/04/2017 15:08:26] - |A| - [338944] - C:\WINDOWS\syswow64\Drivers\afd.sys [MD5.57EC4AEF73660166074D8F7F31C0D4FD] - [10/04/2017 15:08:26] - |A| - [49152] - C:\WINDOWS\syswow64\Drivers\agilevpn.sys [MD5.507812C3054C21CEF746B6EE3D04DD6E] - [10/04/2017 15:08:28] - |A| - [53312] - C:\WINDOWS\syswow64\Drivers\AGP440.sys [MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - [10/04/2017 15:08:28] - |A| - [14400] - C:\WINDOWS\syswow64\Drivers\aliide.sys [MD5.3C6600A0696E90A463771C7422E23AB5] - [10/04/2017 15:08:28] - |A| - [53312] - C:\WINDOWS\syswow64\Drivers\AMDAGP.SYS [MD5.CD5914170297126B6266860198D1D4F0] - [10/04/2017 15:08:29] - |A| - [14912] - C:\WINDOWS\syswow64\Drivers\amdide.sys [MD5.00DDA200D71BAC534BF56A9DB5DFD666] - [10/04/2017 15:08:29] - |A| - [55296] - C:\WINDOWS\syswow64\Drivers\amdk8.sys [MD5.3CBF30F5370FDA40DD3E87DF38EA53B6] - [10/04/2017 15:08:29] - |A| - [52736] - C:\WINDOWS\syswow64\Drivers\amdppm.sys [MD5.E7F4D42D8076EC60E21715CD11743A0D] - [10/04/2017 15:08:29] - |A| - [80256] - C:\WINDOWS\syswow64\Drivers\amdsata.sys [MD5.EA43AF0C423FF267355F74E7A53BDABA] - [10/04/2017 15:08:29] - |A| - [159312] - C:\WINDOWS\syswow64\Drivers\amdsbs.sys [MD5.146459D2B08BFDCBFA856D9947043C81] - [10/04/2017 15:08:30] - |A| - [22400] - C:\WINDOWS\syswow64\Drivers\amdxata.sys [MD5.AEA177F783E20150ACE5383EE368DA19] - [10/04/2017 15:08:30] - |A| - [50176] - C:\WINDOWS\syswow64\Drivers\appid.sys [MD5.2932004F49677BD84DBC72EDB754FFB3] - [10/04/2017 15:08:30] - |A| - [76368] - C:\WINDOWS\syswow64\Drivers\arc.sys [MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - [10/04/2017 15:08:30] - |A| - [86608] - C:\WINDOWS\syswow64\Drivers\arcsas.sys [MD5.ADD2ADE1C2B285AB8378D2DAAF991481] - [10/04/2017 15:08:31] - |A| - [17920] - C:\WINDOWS\syswow64\Drivers\asyncmac.sys [MD5.338C86357871C167A96AB976519BF59E] - [10/04/2017 15:08:31] - |A| - [21584] - C:\WINDOWS\syswow64\Drivers\atapi.sys [MD5.DDCE686D76C2B4DB435A3AF5BD0E691D] - [10/04/2017 15:08:32] - |A| - [133056] - C:\WINDOWS\syswow64\Drivers\ataport.sys [MD5.BD8869EB9CDE6BBE4508D869929869EE] - [10/04/2017 15:08:32] - |A| - [229888] - C:\WINDOWS\syswow64\Drivers\b57nd60x.sys [MD5.2B8EE031FD700AB942EBE60665440E83] - [10/04/2017 15:08:32] - |A| - [25168] - C:\WINDOWS\syswow64\Drivers\battc.sys [MD5.505506526A9D467307B3C393DEDAF858] - [10/04/2017 15:08:32] - |A| - [6144] - C:\WINDOWS\syswow64\Drivers\beep.sys [MD5.2287078ED48FCFC477B05B20CF38F36F] - [10/04/2017 15:08:32] - |A| - [35328] - C:\WINDOWS\syswow64\Drivers\blbdrive.sys [MD5.FCAFAEF6798D7B51FF029F99A9898961] - [10/04/2017 15:08:33] - |A| - [69632] - C:\WINDOWS\syswow64\Drivers\bowser.sys [MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - [10/04/2017 15:08:33] - |A| - [13568] - C:\WINDOWS\syswow64\Drivers\BrFiltLo.sys [MD5.56801AD62213A41F6497F96DEE83755A] - [10/04/2017 15:08:33] - |A| - [5248] - C:\WINDOWS\syswow64\Drivers\BrFiltUp.sys [MD5.77361D72A04F18809D0EFB6CCEB74D4B] - [10/04/2017 15:08:33] - |A| - [78336] - C:\WINDOWS\syswow64\Drivers\bridge.sys [MD5.845B8CE732E67F3B4133164868C666EA] - [10/04/2017 15:08:33] - |A| - [272128] - C:\WINDOWS\syswow64\Drivers\BrSerId.sys [MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - [10/04/2017 15:08:33] - |A| - [62336] - C:\WINDOWS\syswow64\Drivers\BrSerWdm.sys [MD5.BD456606156BA17E60A04E18016AE54B] - [10/04/2017 15:08:34] - |A| - [12160] - C:\WINDOWS\syswow64\Drivers\BrUsbMdm.sys [MD5.AF72ED54503F717A43268B3CC5FAEC2E] - [10/04/2017 15:08:34] - |A| - [11904] - C:\WINDOWS\syswow64\Drivers\BrUsbSer.sys [MD5.ED3DF7C56CE0084EB2034432FC56565A] - [10/04/2017 15:08:34] - |A| - [56320] - C:\WINDOWS\syswow64\Drivers\bthmodem.sys [MD5.1A231ABEC60FD316EC54C66715543CEC] - [10/04/2017 15:08:34] - |A| - [430080] - C:\WINDOWS\syswow64\Drivers\bxvbdx.sys [MD5.77EA11B065E0A8AB902D78145CA51E10] - [10/04/2017 15:08:35] - |A| - [70656] - C:\WINDOWS\syswow64\Drivers\cdfs.sys [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - [10/04/2017 15:08:35] - |A| - [108544] - C:\WINDOWS\syswow64\Drivers\cdrom.sys [MD5.3FE3FE94A34DF6FB06E6418D0F6A0060] - [10/04/2017 15:08:36] - |A| - [37888] - C:\WINDOWS\syswow64\Drivers\circlass.sys [MD5.A6388A5ABF92C7927C085DB0A958125F] - [10/04/2017 15:08:36] - |A| - [140864] - C:\WINDOWS\syswow64\Drivers\Classpnp.sys [MD5.DEA805815E587DAD1DD2C502220B5616] - [10/04/2017 15:08:37] - |A| - [14080] - C:\WINDOWS\syswow64\Drivers\CmBatt.sys [MD5.2970D03C1954668522C18BEE30DE57CC] - [10/04/2017 15:08:38] - |A| - [95976] - C:\WINDOWS\syswow64\Drivers\cmdcss.sys [MD5.7C0F8DC6E8EB324643634E021758B510] - [09/04/2017 23:30:16] - |A| - [27504] - C:\WINDOWS\syswow64\Drivers\cmderd.sys [MD5.7C0F8DC6E8EB324643634E021758B510] - [10/04/2017 15:08:38] - |A| - [27504] - C:\WINDOWS\syswow64\Drivers\cmderd_FromLFSULTRA-WIDEN.sys [MD5.CC1BA54B4232B70D7AEE29EFF67937BC] - [09/04/2017 23:30:04] - |A| - [662864] - C:\WINDOWS\syswow64\Drivers\cmdguard.sys [MD5.CC1BA54B4232B70D7AEE29EFF67937BC] - [10/04/2017 15:08:38] - |A| - [662864] - C:\WINDOWS\syswow64\Drivers\cmdguard_FromLFSULTRA-WIDEN.sys [MD5.4095A5A3D914D1A6FAFAAEA8110231BF] - [09/04/2017 23:30:09] - |A| - [53344] - C:\WINDOWS\syswow64\Drivers\cmdhlp.sys [MD5.4095A5A3D914D1A6FAFAAEA8110231BF] - [10/04/2017 15:08:39] - |A| - [53344] - C:\WINDOWS\syswow64\Drivers\cmdhlp_FromLFSULTRA-WIDEN.sys [MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - [10/04/2017 15:08:39] - |A| - [15952] - C:\WINDOWS\syswow64\Drivers\cmdide.sys [MD5.780FFC005741C9316576086155E55F56] - [10/04/2017 15:08:40] - |A| - [371920] - C:\WINDOWS\syswow64\Drivers\cng.sys [MD5.A6023D3823C37043986713F118A89BEE] - [10/04/2017 15:08:40] - |A| - [19024] - C:\WINDOWS\syswow64\Drivers\compbatt.sys [MD5.CBE8C58A8579CFE5FCCF809E6F114E89] - [10/04/2017 15:08:40] - |A| - [31232] - C:\WINDOWS\syswow64\Drivers\CompositeBus.sys [MD5.B7EFEF22FF426EC4158A177CB3B558D3] - [10/04/2017 15:08:40] - |A| - [35408] - C:\WINDOWS\syswow64\Drivers\crashdmp.sys [MD5.2C4EBCFC84A9B44F209DFF6C6E6C61D1] - [10/04/2017 15:08:41] - |A| - [22096] - C:\WINDOWS\syswow64\Drivers\crcdisk.sys [MD5.74DB93E45529FF89369999C5DD6CFEE1] - [10/04/2017 15:08:41] - |A| - [35432] - C:\WINDOWS\syswow64\Drivers\dbx-canary.sys [MD5.74DB93E45529FF89369999C5DD6CFEE1] - [10/04/2017 15:08:41] - |A| - [35432] - C:\WINDOWS\syswow64\Drivers\dbx-dev.sys [MD5.74DB93E45529FF89369999C5DD6CFEE1] - [10/04/2017 15:08:41] - |A| - [35432] - C:\WINDOWS\syswow64\Drivers\dbx-stable.sys [MD5.F024449C97EC1E464AAFFDA18593DB88] - [10/04/2017 15:08:41] - |A| - [78336] - C:\WINDOWS\syswow64\Drivers\dfsc.sys [MD5.1A050B0274BFB3890703D490F330C0DA] - [10/04/2017 15:08:42] - |A| - [32256] - C:\WINDOWS\syswow64\Drivers\discache.sys [MD5.B7B470F163002A0D0E381EE45834BF6B] - [10/04/2017 15:08:42] - |A| - [57280] - C:\WINDOWS\syswow64\Drivers\disk.sys [MD5.81773BE2B369F54EDE42AE62B59BB895] - [10/04/2017 15:08:42] - |A| - [27008] - C:\WINDOWS\syswow64\Drivers\Diskdump.sys [MD5.8B30250D573A8F6B4BD23195160D8707] - [10/04/2017 15:08:42] - |A| - [70720] - C:\WINDOWS\syswow64\Drivers\djsvs.sys [MD5.4FD1D4E7977CD39CF7E0981424FC7E40] - [10/04/2017 15:08:42] - |A| - [48960] - C:\WINDOWS\syswow64\Drivers\DPFilter.sys [MD5.53F70F2B5ED939C0013D625F6444F5C7] - [10/04/2017 15:08:43] - |A| - [81408] - C:\WINDOWS\syswow64\Drivers\drmk.sys [MD5.A3F684B866A7D89AE396276CE7AFD416] - [10/04/2017 15:08:43] - |A| - [5120] - C:\WINDOWS\syswow64\Drivers\drmkaud.sys [MD5.8A32FF671D452D36CC7421171B78F939] - [10/04/2017 15:08:43] - |A| - [26168] - C:\WINDOWS\syswow64\Drivers\dtlitescsibus.sys [MD5.0098B71A5D28FEAF321B4AC4549765D9] - [10/04/2017 15:08:44] - |A| - [40504] - C:\WINDOWS\syswow64\Drivers\dtliteusbbus.sys [MD5.827CB1B4643BA99BD5E75732447D3B58] - [10/04/2017 15:08:44] - |A| - [26168] - C:\WINDOWS\syswow64\Drivers\dtultrascsibus.sys [MD5.5EF653C5F3010993630F098CFB28AB5A] - [10/04/2017 15:08:44] - |A| - [40504] - C:\WINDOWS\syswow64\Drivers\dtultrausbbus.sys [MD5.5428227D4730EBDFC842E9FB593F8C8A] - [10/04/2017 15:08:44] - |A| - [26704] - C:\WINDOWS\syswow64\Drivers\Dumpata.sys [MD5.62A63EF2F3053B461CB327E4D69AAA74] - [10/04/2017 15:08:44] - |A| - [55584] - C:\WINDOWS\syswow64\Drivers\dumpfve.sys [MD5.5FCD3320AAE71506B43F9E12E4E72172] - [10/04/2017 15:08:45] - |A| - [13312] - C:\WINDOWS\syswow64\Drivers\dxapi.sys [MD5.1B6242B20CB56F85A158E67F09EE84FE] - [10/04/2017 15:08:45] - |A| - [76288] - C:\WINDOWS\syswow64\Drivers\dxg.sys [MD5.4B21D102E49E9D44C478D6766A7FCBE5] - [10/04/2017 15:08:45] - |A| - [730344] - C:\WINDOWS\syswow64\Drivers\dxgkrnl.sys [MD5.2201679A6CBD50141AF5C79C6F2CFA0D] - [10/04/2017 15:08:46] - |A| - [218856] - C:\WINDOWS\syswow64\Drivers\dxgmms1.sys [MD5.72753D5CC94A90F5CFC6C00ECC47163F] - [10/04/2017 15:08:47] - |A| - [30616] - C:\WINDOWS\syswow64\Drivers\ElbyCDIO.sys [MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - [10/04/2017 15:08:47] - |A| - [453712] - C:\WINDOWS\syswow64\Drivers\elxstor.sys [MD5.8FC3208352DD3912C94367A206AB3F11] - [10/04/2017 15:08:47] - |A| - [7168] - C:\WINDOWS\syswow64\Drivers\errdev.sys [MD5.7C87DF14552A5E0270DBD906BAFF85FB] - [10/04/2017 15:08:49] - |A| - [109960] - C:\WINDOWS\syswow64\Drivers\ETD.sys [MD5.4FAB8DFAF156E048AD514EABD268AB3A] - [10/04/2017 15:08:50] - |A| - [82768] - C:\WINDOWS\syswow64\Drivers\EUCR6SK.sys [MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - [10/04/2017 15:08:51] - |A| - [3100160] - C:\WINDOWS\syswow64\Drivers\evbdx.sys [MD5.2DC9108D74081149CC8B651D3A26207F] - [10/04/2017 15:08:52] - |A| - [142336] - C:\WINDOWS\syswow64\Drivers\exfat.sys [MD5.22B1C4B100A807393989414C208366A0] - [10/04/2017 15:08:54] - |A| - [97208] - C:\WINDOWS\syswow64\Drivers\farflt.sys [MD5.7E0AB74553476622FB6AE36F73D97D35] - [10/04/2017 15:08:54] - |A| - [148480] - C:\WINDOWS\syswow64\Drivers\fastfat.sys [MD5.E817A017F82DF2A1F8CFDBDA29388B29] - [10/04/2017 15:08:55] - |A| - [25088] - C:\WINDOWS\syswow64\Drivers\fdc.sys [MD5.6CF00369C97F3CF563BE99BE983D13D8] - [10/04/2017 15:08:55] - |A| - [58448] - C:\WINDOWS\syswow64\Drivers\fileinfo.sys [MD5.42C51DC94C91DA21CB9196EB64C45DB9] - [10/04/2017 15:08:56] - |A| - [28160] - C:\WINDOWS\syswow64\Drivers\filetrace.sys [MD5.87907AA70CB3C56600F1C2FB8841579B] - [10/04/2017 15:08:56] - |A| - [19968] - C:\WINDOWS\syswow64\Drivers\flpydisk.sys [MD5.7520EC808E0C35E0EE6F841294316653] - [10/04/2017 15:08:56] - |A| - [198208] - C:\WINDOWS\syswow64\Drivers\fltMgr.sys [MD5.D3CEEE9BFE81504D422C764075EBAB76] - [10/04/2017 15:08:57] - |A| - [139096] - C:\WINDOWS\syswow64\Drivers\fltsrv.sys [MD5.1A16B57943853E598CFF37FE2B8CBF1D] - [10/04/2017 15:09:53] - |A| - [46160] - C:\WINDOWS\syswow64\Drivers\fsdepends.sys [MD5.7DAE5EBCC80E45D3253F4923DC424D05] - [10/04/2017 15:09:53] - |A| - [19824] - C:\WINDOWS\syswow64\Drivers\fs_rec.sys [MD5.8A73E79089B282100B9393B644CB853B] - [10/04/2017 15:09:53] - |A| - [194800] - C:\WINDOWS\syswow64\Drivers\fvevol.sys [MD5.886D6B68399227C420CCEBD223220B11] - [10/04/2017 15:09:53] - |A| - [3060] - C:\WINDOWS\syswow64\Drivers\fvstore.dat [MD5.9395E5EDB5811006F68E0F1FFA47A444] - [10/04/2017 15:09:54] - |A| - [187624] - C:\WINDOWS\syswow64\Drivers\FWPKCLNT.SYS [MD5.65EE0C7A58B65E74AE05637418153938] - [10/04/2017 15:09:54] - |A| - [57936] - C:\WINDOWS\syswow64\Drivers\GAGP30KX.SYS [MD5.7111BFA692A22E4B3C07F1E6C6FF6F72] - [10/04/2017 15:09:57] - |A| - [646] - C:\WINDOWS\syswow64\Drivers\gmreadme_FromLFSULTRA-WIDEN.txt [MD5.7F29903CB8F5590D52DB0C9F97049A25] - [10/04/2017 15:09:54] - |A| - [3440660] - C:\WINDOWS\syswow64\Drivers\gm_FromLFSULTRA-WIDEN.dls [MD5.B653E03B1479ADCF69D164BB6DD65562] - [10/04/2017 15:09:58] - |A| - [29968] - C:\WINDOWS\syswow64\Drivers\gsars.sys [MD5.07DE3E7A109069B56059BF910FB55CF6] - [10/04/2017 15:09:59] - |A| - [33552] - C:\WINDOWS\syswow64\Drivers\gsinspect.sys [MD5.C44E3C2BAB6837DB337DDEE7544736DB] - [10/04/2017 15:09:59] - |A| - [26624] - C:\WINDOWS\syswow64\Drivers\hcw85cir.sys [MD5.9036377B8A6C15DC2EEC53E489D159B5] - [10/04/2017 15:10:00] - |A| - [108544] - C:\WINDOWS\syswow64\Drivers\hdaudbus.sys [MD5.A5EF29D5315111C80A5C1ABAD14C8972] - [10/04/2017 15:10:00] - |A| - [304128] - C:\WINDOWS\syswow64\Drivers\HdAudio.sys [MD5.1D58A7F3E11A9731D0EAAAA8405ACC36] - [10/04/2017 15:10:00] - |A| - [21504] - C:\WINDOWS\syswow64\Drivers\hidbatt.sys [MD5.89448F40E6DF260C206A193A4683BA78] - [10/04/2017 15:10:01] - |A| - [91136] - C:\WINDOWS\syswow64\Drivers\hidbth.sys [MD5.931A1DF1520ABC6E84BA4A75E6957025] - [10/04/2017 15:10:01] - |A| - [55808] - C:\WINDOWS\syswow64\Drivers\hidclass.sys [MD5.CF50B4CF4A4F229B9F3C08351F99CA5E] - [10/04/2017 15:10:01] - |A| - [37888] - C:\WINDOWS\syswow64\Drivers\hidir.sys [MD5.6C26122F1931D4D7810240F32DDCE890] - [10/04/2017 15:10:01] - |A| - [25728] - C:\WINDOWS\syswow64\Drivers\hidparse.sys [MD5.10C19F8290891AF023EAEC0832E1EB4D] - [10/04/2017 15:10:01] - |A| - [24064] - C:\WINDOWS\syswow64\Drivers\hidusb.sys [MD5.295FDC419039090EB8B49FFDBB374549] - [10/04/2017 15:10:02] - |A| - [67152] - C:\WINDOWS\syswow64\Drivers\HpSAMD.sys [MD5.487569E5DA56A5A432FF8AF6D3599CF9] - [10/04/2017 15:10:02] - |A| - [514560] - C:\WINDOWS\syswow64\Drivers\http.sys [MD5.0C4E035C7F105F1299258C90886C64C5] - [10/04/2017 15:10:03] - |A| - [14208] - C:\WINDOWS\syswow64\Drivers\hwpolicy.sys [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - [10/04/2017 15:10:03] - |A| - [80896] - C:\WINDOWS\syswow64\Drivers\i8042prt.sys [MD5.287FD6BE9A9938F103789CE0267B7980] - [10/04/2017 15:10:03] - |A| - [471360] - C:\WINDOWS\syswow64\Drivers\iaStor.sys [MD5.A3CAE5D281DB4CFF7CFF8233507EE5AD] - [10/04/2017 15:10:04] - |A| - [332160] - C:\WINDOWS\syswow64\Drivers\iaStorV.sys [MD5.D5CDA185E7B0DB78A8534A3517BCBA73] - [10/04/2017 15:10:05] - |A| - [4806656] - C:\WINDOWS\syswow64\Drivers\igdkmd32.sys [MD5.4173FF5708F3236CF25195FECD742915] - [10/04/2017 15:10:08] - |A| - [41040] - C:\WINDOWS\syswow64\Drivers\iirsp.sys [MD5.9BC1FFC1308542DA3A03BD94231EFE84] - [09/04/2017 23:30:14] - |A| - [104816] - C:\WINDOWS\syswow64\Drivers\inspect.sys [MD5.9BC1FFC1308542DA3A03BD94231EFE84] - [10/04/2017 15:10:10] - |A| - [104816] - C:\WINDOWS\syswow64\Drivers\inspect_FromLFSULTRA-WIDEN.sys [MD5.A0F12F2C9BA6C72F3987CE780E77C130] - [10/04/2017 15:10:11] - |A| - [15424] - C:\WINDOWS\syswow64\Drivers\intelide.sys [MD5.3B514D27BFC4ACCB4037BC6685F766E0] - [10/04/2017 15:10:11] - |A| - [53760] - C:\WINDOWS\syswow64\Drivers\intelppm.sys [MD5.709D1761D3B19A932FF0238EA6D50200] - [10/04/2017 15:10:11] - |A| - [58880] - C:\WINDOWS\syswow64\Drivers\ipfltdrv.sys [MD5.4BD7134618C1D2A27466A099062547BF] - [10/04/2017 15:10:11] - |A| - [65536] - C:\WINDOWS\syswow64\Drivers\IPMIDrv.sys [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - [10/04/2017 15:10:12] - |A| - [101888] - C:\WINDOWS\syswow64\Drivers\ipnat.sys [MD5.9F7E491FB0BA0F9E370163834FC1FE31] - [10/04/2017 15:10:12] - |A| - [96768] - C:\WINDOWS\syswow64\Drivers\irda.sys [MD5.42996CFF20A3084A56017B7902307E9F] - [10/04/2017 15:10:12] - |A| - [13824] - C:\WINDOWS\syswow64\Drivers\irenum.sys [MD5.1F32BB6B38F62F7DF1A7AB7292638A35] - [10/04/2017 15:10:12] - |A| - [46656] - C:\WINDOWS\syswow64\Drivers\isapnp.sys [MD5.048C878140F1DA2C560820EBFB541EB8] - [10/04/2017 15:10:12] - |A| - [40952] - C:\WINDOWS\syswow64\Drivers\isedrv.sys [MD5.ADEF52CA1AEAE82B50DF86B56413107E] - [10/04/2017 15:10:13] - |A| - [42576] - C:\WINDOWS\syswow64\Drivers\kbdclass.sys [MD5.9E3CED91863E6EE98C24794D05E27A71] - [10/04/2017 15:10:13] - |A| - [28160] - C:\WINDOWS\syswow64\Drivers\kbdhid.sys [MD5.71A8EC3404DDC816584F6EC3CAFF8DB0] - [10/04/2017 15:10:13] - |A| - [211536] - C:\WINDOWS\syswow64\Drivers\keyscrambler.sys [MD5.5DCEF0C32BE0F33277326586FA503689] - [10/04/2017 15:10:13] - |A| - [190976] - C:\WINDOWS\syswow64\Drivers\ks.sys [MD5.0C51E9B34F3521806C78325E511E93EF] - [10/04/2017 15:10:14] - |A| - [67520] - C:\WINDOWS\syswow64\Drivers\ksecdd.sys [MD5.CC5B7CF2D08FDDAF1112FE2785F33FAC] - [10/04/2017 15:10:14] - |A| - [138176] - C:\WINDOWS\syswow64\Drivers\ksecpkg.sys [MD5.06AA1EFB526C743145AD820BD4909A94] - [10/04/2017 15:10:14] - |A| - [104648] - C:\WINDOWS\syswow64\Drivers\L1C60x86.sys [MD5.1A91EAAD2D73758140B3B7B6AD736573] - [10/04/2017 15:10:14] - |A| - [68208] - C:\WINDOWS\syswow64\Drivers\L1C62x86.sys [MD5.F7611EC07349979DA9B0AE1F18CCC7A6] - [10/04/2017 15:10:15] - |A| - [48128] - C:\WINDOWS\syswow64\Drivers\lltdio.sys [MD5.EB119A53CCF2ACC000AC71B065B78FEF] - [10/04/2017 15:10:15] - |A| - [95824] - C:\WINDOWS\syswow64\Drivers\lsi_fc.sys [MD5.8ADE1C877256A22E49B75D1CC9161F9C] - [10/04/2017 15:10:15] - |A| - [89168] - C:\WINDOWS\syswow64\Drivers\lsi_sas.sys [MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - [10/04/2017 15:10:15] - |A| - [54864] - C:\WINDOWS\syswow64\Drivers\lsi_sas2.sys [MD5.0A036C7D7CAB643A7F07135AC47E0524] - [10/04/2017 15:10:15] - |A| - [96848] - C:\WINDOWS\syswow64\Drivers\lsi_scsi.sys [MD5.6703E366CC18D3B6E534F5CF7DF39CEE] - [10/04/2017 15:10:16] - |A| - [86528] - C:\WINDOWS\syswow64\Drivers\luafv.sys [MD5.01C7A30DDBF297E060517261210307E2] - [10/04/2017 15:10:16] - |A| - [202176] - C:\WINDOWS\syswow64\Drivers\MB3SwissArmy.sys [MD5.4D6E409B7A0441206127BDA32D4652E9] - [10/04/2017 15:10:16] - |A| - [59904] - C:\WINDOWS\syswow64\Drivers\mbae.sys [MD5.D9351F554ED0784764DB0564186906AE] - [10/04/2017 15:10:16] - |A| - [39360] - C:\WINDOWS\syswow64\Drivers\mbam.sys [MD5.EBEE7C1D4A0DBCCE5449252F2F2DDCB4] - [10/04/2017 15:10:16] - |A| - [152512] - C:\WINDOWS\syswow64\Drivers\MBAMChameleon.sys [MD5.56E4DE5761F5313CCD82A89815FFA716] - [10/04/2017 15:10:17] - |A| - [220088] - C:\WINDOWS\syswow64\Drivers\MBAMSwissArmy.sys [MD5.EF08D2EBE3EABBA43CC57EEE001027B6] - [10/04/2017 15:10:18] - |A| - [18432] - C:\WINDOWS\syswow64\Drivers\mcd.sys [MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - [10/04/2017 15:10:18] - |A| - [30800] - C:\WINDOWS\syswow64\Drivers\megasas.sys [MD5.DCBAB2920C75F390CAF1D29F675D03D6] - [10/04/2017 15:10:18] - |A| - [235584] - C:\WINDOWS\syswow64\Drivers\MegaSR.sys [MD5.19D2D9C507D0E7A577807303FE96501B] - [10/04/2017 15:10:18] - |A| - [648552] - C:\WINDOWS\syswow64\Drivers\mfehidk.sys [MD5.6EA4C5591F7EEE370EF4E93ECDD4EFAE] - [10/04/2017 15:10:19] - |A| - [91840] - C:\WINDOWS\syswow64\Drivers\mferkdet.sys [MD5.F7FAD28EBE88DACFC54C082CB62E64E4] - [10/04/2017 15:10:19] - |A| - [2072] - C:\WINDOWS\syswow64\Drivers\MOD01SET0500Z8004R.enc [MD5.F001861E5700EE84E2D4E52C712F4964] - [10/04/2017 15:10:20] - |A| - [31744] - C:\WINDOWS\syswow64\Drivers\modem.sys [MD5.79D10964DE86B292320E9DFE02282A23] - [10/04/2017 15:10:20] - |A| - [23552] - C:\WINDOWS\syswow64\Drivers\monitor.sys [MD5.FB18CC1D4C2E716B6B903B0AC0CC0609] - [10/04/2017 15:10:20] - |A| - [41552] - C:\WINDOWS\syswow64\Drivers\mouclass.sys [MD5.2C388D2CD01C9042596CF3C8F3C7B24D] - [10/04/2017 15:10:20] - |A| - [26112] - C:\WINDOWS\syswow64\Drivers\mouhid.sys [MD5.FC8771F45ECCCFD89684E38842539B9B] - [10/04/2017 15:10:20] - |A| - [78208] - C:\WINDOWS\syswow64\Drivers\mountmgr.sys [MD5.8CD9F96C759BAE13ED3AFE321A2CBF84] - [10/04/2017 15:10:20] - |A| - [55520] - C:\WINDOWS\syswow64\Drivers\mozy.sys [MD5.2D699FB6E89CE0D8DA14ECC03B3EDFE0] - [10/04/2017 15:10:21] - |A| - [130432] - C:\WINDOWS\syswow64\Drivers\mpio.sys [MD5.AD2723A7B53DD1AACAE6AD8C0BFBF4D0] - [10/04/2017 15:10:22] - |A| - [60416] - C:\WINDOWS\syswow64\Drivers\mpsdrv.sys [MD5.CEB46AB7C01C9F825F8CC6BABC18166A] - [10/04/2017 15:10:22] - |A| - [115712] - C:\WINDOWS\syswow64\Drivers\mrxdav.sys [MD5.E900BD16B9EE8F09609D7FBE2027B376] - [10/04/2017 15:10:25] - |A| - [124416] - C:\WINDOWS\syswow64\Drivers\mrxsmb.sys [MD5.34F71B69DD2875AF07C4DDF19563C457] - [10/04/2017 15:10:25] - |A| - [225792] - C:\WINDOWS\syswow64\Drivers\mrxsmb10.sys [MD5.14063258261AA807DAADC9233422A5E5] - [10/04/2017 15:10:26] - |A| - [98304] - C:\WINDOWS\syswow64\Drivers\mrxsmb20.sys [MD5.012C5F4E9349E711E11E0F19A8589F0A] - [10/04/2017 15:10:26] - |A| - [28032] - C:\WINDOWS\syswow64\Drivers\msahci.sys [MD5.55055F8AD8BE27A64C831322A780A228] - [10/04/2017 15:10:26] - |A| - [116096] - C:\WINDOWS\syswow64\Drivers\msdsm.sys [MD5.DAEFB28E3AF5A76ABCC2C3078C07327F] - [10/04/2017 15:10:26] - |A| - [22528] - C:\WINDOWS\syswow64\Drivers\msfs.sys [MD5.933222B19FF3E7EA5F65517EA1F7D57E] - [10/04/2017 15:10:27] - |A| - [3] - C:\WINDOWS\syswow64\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [MD5.933222B19FF3E7EA5F65517EA1F7D57E] - [10/04/2017 15:10:27] - |A| - [3] - C:\WINDOWS\syswow64\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 15:10:28] - |A| - [0] - C:\WINDOWS\syswow64\Drivers\Msft_Kernel_avchv_01009.Wdf [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 15:10:28] - |A| - [0] - C:\WINDOWS\syswow64\Drivers\Msft_User_WpdFs_01_09_00.Wdf [MD5.3E1E5767043C5AF9367F0056295E9F84] - [10/04/2017 15:10:28] - |A| - [4096] - C:\WINDOWS\syswow64\Drivers\mshidkmdf.sys [MD5.0A4E5757AE09FA9622E3158CC1AEF114] - [10/04/2017 15:10:28] - |A| - [13888] - C:\WINDOWS\syswow64\Drivers\msisadrv.sys [MD5.CB7A9ABB12B8415BCE5D74994C7BA3AE] - [10/04/2017 15:10:29] - |A| - [233344] - C:\WINDOWS\syswow64\Drivers\msiscsi.sys [MD5.8C0860D6366AAFFB6C5BB9DF9448E631] - [10/04/2017 15:10:29] - |A| - [8320] - C:\WINDOWS\syswow64\Drivers\mskssrv.sys [MD5.3EA8B949F963562CEDBB549EAC0C11CE] - [10/04/2017 15:10:29] - |A| - [5888] - C:\WINDOWS\syswow64\Drivers\mspclock.sys [MD5.F456E973590D663B1073E9C463B40932] - [10/04/2017 15:10:29] - |A| - [5504] - C:\WINDOWS\syswow64\Drivers\mspqm.sys [MD5.0E008FC4819D238C51D7C93E7B41E560] - [10/04/2017 15:10:29] - |A| - [162896] - C:\WINDOWS\syswow64\Drivers\msrpc.sys [MD5.FC6B9FF600CC585EA38B12589BD4E246] - [10/04/2017 15:10:30] - |A| - [28240] - C:\WINDOWS\syswow64\Drivers\mssmbios.sys [MD5.B42C6B921F61A6E55159B8BE6CD54A36] - [10/04/2017 15:10:30] - |A| - [6144] - C:\WINDOWS\syswow64\Drivers\mstee.sys [MD5.33599130F44E1F34631CEA241DE8AC84] - [10/04/2017 15:10:30] - |A| - [12288] - C:\WINDOWS\syswow64\Drivers\MTConfig.sys [MD5.159FAD02F64E6381758C990F753BCC80] - [10/04/2017 15:10:31] - |A| - [49728] - C:\WINDOWS\syswow64\Drivers\mup.sys [MD5.47EDF3E9AF296D7836A50179AC0F3749] - [10/04/2017 15:10:31] - |A| - [63264] - C:\WINDOWS\syswow64\Drivers\mwac.sys [MD5.CB47C414E083CA6E50E634B148F28F64] - [10/04/2017 15:10:31] - |A| - [18992] - C:\WINDOWS\syswow64\Drivers\mwlPSDFilter.sys [MD5.647B953019559BFF07536F5C6121F333] - [10/04/2017 15:10:31] - |A| - [16432] - C:\WINDOWS\syswow64\Drivers\mwlPSDNserv.sys [MD5.5A236A36DB8687D1E64DC81C03EAABE1] - [10/04/2017 15:10:31] - |A| - [60976] - C:\WINDOWS\syswow64\Drivers\mwlPSDVDisk.sys [MD5.E7C54812A2AAF43316EB6930C1FFA108] - [10/04/2017 15:10:31] - |A| - [712576] - C:\WINDOWS\syswow64\Drivers\ndis.sys [MD5.0E1787AA6C9191D3D319E8BAFE86F80C] - [10/04/2017 15:10:32] - |A| - [27136] - C:\WINDOWS\syswow64\Drivers\ndiscap.sys [MD5.E4A8AEC125A2E43A9E32AFEEA7C9C888] - [10/04/2017 15:10:32] - |A| - [20992] - C:\WINDOWS\syswow64\Drivers\ndistapi.sys [MD5.D8A65DAFB3EB41CBB622745676FCD072] - [10/04/2017 15:10:32] - |A| - [46080] - C:\WINDOWS\syswow64\Drivers\ndisuio.sys [MD5.38FBE267E7E6983311179230FACB1017] - [10/04/2017 15:10:33] - |A| - [118784] - C:\WINDOWS\syswow64\Drivers\ndiswan.sys [MD5.A4BDC541E69674FBFF1A8FF00BE913F2] - [10/04/2017 15:10:33] - |A| - [48640] - C:\WINDOWS\syswow64\Drivers\ndproxy.sys [MD5.80B275B1CE3B0E79909DB7B39AF74D51] - [10/04/2017 15:10:33] - |A| - [36352] - C:\WINDOWS\syswow64\Drivers\netbios.sys [MD5.A00996C9BFEF29A93B9F21DBE1DC502D] - [10/04/2017 15:10:33] - |A| - [188928] - C:\WINDOWS\syswow64\Drivers\netbt.sys [MD5.349D0A5C6E769C06FF3D7D1DA5497570] - [10/04/2017 15:10:34] - |A| - [240872] - C:\WINDOWS\syswow64\Drivers\netio.sys [MD5.A520AED8926AD6185031B9B18F55397E] - [10/04/2017 15:10:34] - |A| - [6766080] - C:\WINDOWS\syswow64\Drivers\NETw5s32.sys [MD5.56A2C2494FB29F0F158FD8D866F966BF] - [10/04/2017 15:10:35] - |A| - [10384656] - C:\WINDOWS\syswow64\Drivers\NETwsn00.sys [MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - [10/04/2017 15:10:46] - |A| - [44624] - C:\WINDOWS\syswow64\Drivers\nfrd960.sys [MD5.1DB262A9F8C087E8153D89BEF3D2235F] - [10/04/2017 15:10:49] - |A| - [35328] - C:\WINDOWS\syswow64\Drivers\npfs.sys [MD5.E9A0A4D07E53D8FEA2BB8387A3293C58] - [10/04/2017 15:10:51] - |A| - [16896] - C:\WINDOWS\syswow64\Drivers\nsiproxy.sys [MD5.978E7A2E4BF4E8E70D0776EF0D9E97FB] - [10/04/2017 15:10:51] - |A| - [1212352] - C:\WINDOWS\syswow64\Drivers\ntfs.sys [MD5.F9756A98D69098DCA8945D62858A812C] - [10/04/2017 15:10:53] - |A| - [4608] - C:\WINDOWS\syswow64\Drivers\null.sys [MD5.AF2EEC9580C1D32FB7EAF105D9784061] - [10/04/2017 15:10:53] - |A| - [117120] - C:\WINDOWS\syswow64\Drivers\nvraid.sys [MD5.9283C58EBAA2618F93482EB5DABCEC82] - [10/04/2017 15:10:54] - |A| - [143744] - C:\WINDOWS\syswow64\Drivers\nvstor.sys [MD5.5A0983915F02BAE73267CC2A041F717D] - [10/04/2017 15:10:54] - |A| - [105024] - C:\WINDOWS\syswow64\Drivers\NV_AGP.SYS [MD5.26384429FCD85D83746F63E798AB1480] - [10/04/2017 15:10:54] - |A| - [267264] - C:\WINDOWS\syswow64\Drivers\nwifi.sys [MD5.08A70A1F2CDDE9BB49B885CB817A66EB] - [10/04/2017 15:10:55] - |A| - [62464] - C:\WINDOWS\syswow64\Drivers\ohci1394.sys [MD5.6270CCAE2A86DE6D146529FE55B3246A] - [10/04/2017 15:10:55] - |A| - [104448] - C:\WINDOWS\syswow64\Drivers\pacer.sys [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - [10/04/2017 15:10:55] - |A| - [79360] - C:\WINDOWS\syswow64\Drivers\parport.sys [MD5.3F34A1B4C5F6475F320C275E63AFCE9B] - [10/04/2017 15:10:55] - |A| - [56176] - C:\WINDOWS\syswow64\Drivers\partmgr.sys [MD5.EB0A59F29C19B86479D36B35983DAADC] - [10/04/2017 15:10:55] - |A| - [8704] - C:\WINDOWS\syswow64\Drivers\parvdm.sys [MD5.673E55C3498EB970088E812EA820AA8F] - [10/04/2017 15:10:56] - |A| - [153984] - C:\WINDOWS\syswow64\Drivers\pci.sys [MD5.AFE86F419014DB4E5593F69FFE26CE0A] - [10/04/2017 15:10:56] - |A| - [12368] - C:\WINDOWS\syswow64\Drivers\pciide.sys [MD5.EDE040D666FF81BF1978D0F19F799E7A] - [10/04/2017 15:10:56] - |A| - [42560] - C:\WINDOWS\syswow64\Drivers\pciidex.sys [MD5.F396431B31693E71E8A80687EF523506] - [10/04/2017 15:10:56] - |A| - [180288] - C:\WINDOWS\syswow64\Drivers\pcmcia.sys [MD5.250F6B43D2B613172035C6747AEEB19F] - [10/04/2017 15:10:57] - |A| - [43088] - C:\WINDOWS\syswow64\Drivers\pcw.sys [MD5.9E0104BA49F4E6973749A02BF41344ED] - [10/04/2017 15:10:57] - |A| - [586752] - C:\WINDOWS\syswow64\Drivers\PEAuth.sys [MD5.1F3096B1725382912803B6027AF4B94A] - [10/04/2017 15:10:58] - |A| - [177152] - C:\WINDOWS\syswow64\Drivers\portcls.sys [MD5.85B1E3A0C7585BC4AAE6899EC6FCF011] - [10/04/2017 15:10:58] - |A| - [52224] - C:\WINDOWS\syswow64\Drivers\processr.sys [MD5.577D0C03A1530BEE25F375370B694CF0] - [10/04/2017 02:00:00] - |A| - [156048] - C:\WINDOWS\syswow64\Drivers\psmounterex.sys [MD5.577D0C03A1530BEE25F375370B694CF0] - [10/04/2017 15:10:59] - |A| - [156048] - C:\WINDOWS\syswow64\Drivers\psmounterex_FromLFSULTRA-WIDEN.sys [MD5.B10BC6BCF6CBFA1D1879488CAA3EC026] - [10/04/2017 02:00:07] - |A| - [16016] - C:\WINDOWS\syswow64\Drivers\pssnap.sys [MD5.B10BC6BCF6CBFA1D1879488CAA3EC026] - [10/04/2017 15:10:59] - |A| - [16016] - C:\WINDOWS\syswow64\Drivers\pssnap_FromLFSULTRA-WIDEN.sys [MD5.270039D72E4DF5EDDAE2753FF5123521] - [10/04/2017 02:00:04] - |A| - [11728] - C:\WINDOWS\syswow64\Drivers\PSVolAcc.sys [MD5.270039D72E4DF5EDDAE2753FF5123521] - [10/04/2017 15:11:00] - |A| - [11728] - C:\WINDOWS\syswow64\Drivers\PSVolAcc_FromLFSULTRA-WIDEN.sys [MD5.AB95ECF1F6659A60DDC166D8315B0751] - [10/04/2017 15:11:00] - |A| - [1383488] - C:\WINDOWS\syswow64\Drivers\ql2300.sys [MD5.B4DD51DD25182244B86737DC51AF2270] - [10/04/2017 15:11:02] - |A| - [106064] - C:\WINDOWS\syswow64\Drivers\ql40xx.sys [MD5.584078CA1B95CA72DF2A27C336F9719D] - [10/04/2017 15:11:02] - |A| - [31744] - C:\WINDOWS\syswow64\Drivers\qwavedrv.sys [MD5.30A81B53C766D0133BB86D234E5556AB] - [10/04/2017 15:11:02] - |A| - [11776] - C:\WINDOWS\syswow64\Drivers\rasacd.sys [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - [10/04/2017 15:11:03] - |A| - [78848] - C:\WINDOWS\syswow64\Drivers\rasl2tp.sys [MD5.0FE8B15916307A6AC12BFB6A63E45507] - [10/04/2017 15:11:04] - |A| - [77824] - C:\WINDOWS\syswow64\Drivers\raspppoe.sys [MD5.631E3E205AD6D86F2AED6A4A8E69F2DB] - [10/04/2017 15:11:04] - |A| - [73728] - C:\WINDOWS\syswow64\Drivers\raspptp.sys [MD5.44101F495A83EA6401D886E7FD70096B] - [10/04/2017 15:11:04] - |A| - [75264] - C:\WINDOWS\syswow64\Drivers\rassstp.sys [MD5.D528BC58A489409BA40334EBF96A311B] - [10/04/2017 15:11:05] - |A| - [242688] - C:\WINDOWS\syswow64\Drivers\rdbss.sys [MD5.0D8F05481CB76E70E1DA06EE9F0DA9DF] - [10/04/2017 15:11:05] - |A| - [18944] - C:\WINDOWS\syswow64\Drivers\rdpbus.sys [MD5.23DAE03F29D253AE74C44F99E515F9A1] - [10/04/2017 15:11:06] - |A| - [6656] - C:\WINDOWS\syswow64\Drivers\RDPCDD.sys [MD5.5A53CA1598DD4156D44196D200C94B8A] - [10/04/2017 15:11:06] - |A| - [6656] - C:\WINDOWS\syswow64\Drivers\RDPENCDD.sys [MD5.44B0A53CD4F27D50ED461DAE0C0B4E1F] - [10/04/2017 15:11:06] - |A| - [7168] - C:\WINDOWS\syswow64\Drivers\RDPREFMP.sys [MD5.CD9214A6AE17D188D17C3CF8CB9CC693] - [10/04/2017 15:11:06] - |A| - [184320] - C:\WINDOWS\syswow64\Drivers\rdpwd.sys [MD5.518395321DC96FE2C9F0E96AC743B656] - [10/04/2017 15:11:07] - |A| - [173440] - C:\WINDOWS\syswow64\Drivers\rdyboost.sys [MD5.AFA8CCAFC4A0983B09AC386E643F8F81] - [10/04/2017 15:11:09] - |A| - [117760] - C:\WINDOWS\syswow64\Drivers\rmcast.sys [MD5.7400CFAB5CF36F2294E80B3F3BDA3EBC] - [10/04/2017 15:11:10] - |A| - [33280] - C:\WINDOWS\syswow64\Drivers\RNDISMP.sys [MD5.564297827D213F52C7A3A2FF749568CA] - [10/04/2017 15:11:11] - |A| - [8192] - C:\WINDOWS\syswow64\Drivers\rootmdm.sys [MD5.B8EAC99B14772BDC36CA963AED109FA2] - [10/04/2017 15:11:12] - |A| - [22312] - C:\WINDOWS\syswow64\Drivers\rsdrv.sys [MD5.032B0D36AD92B582D869879F5AF5B928] - [10/04/2017 15:11:13] - |A| - [60928] - C:\WINDOWS\syswow64\Drivers\rspndr.sys [MD5.4E84A165644886CC5333335C289B33D0] - [10/04/2017 15:11:14] - |A| - [247560] - C:\WINDOWS\syswow64\Drivers\RTConvEQ.dat [MD5.EBCA7473A23120CAE4066BEB3835D48F] - [10/04/2017 15:11:16] - |A| - [520] - C:\WINDOWS\syswow64\Drivers\RTEQEX0.dat [MD5.FCA6883B690E3722B6A60ADA972A831A] - [10/04/2017 15:11:18] - |A| - [520] - C:\WINDOWS\syswow64\Drivers\RTEQEX1.dat [MD5.57B8D47F171677E88563A42924D64D3D] - [10/04/2017 15:11:18] - |A| - [520] - C:\WINDOWS\syswow64\Drivers\RTEQEX2.dat [MD5.530A9FEB236FF8DD1BC941A7F08E6561] - [10/04/2017 15:11:19] - |A| - [520] - C:\WINDOWS\syswow64\Drivers\RTEQEX3.dat [MD5.C104D162A7AC593908FCE05456300619] - [10/04/2017 15:11:22] - |A| - [176] - C:\WINDOWS\syswow64\Drivers\RTHDAEQ1.dat [MD5.DAE054749540938A0889AA40E0D5594A] - [10/04/2017 15:11:25] - |A| - [1448] - C:\WINDOWS\syswow64\Drivers\RtHdatEx.dat [MD5.869E75BED29CE4448CA0E2C3E25ECEFC] - [10/04/2017 15:11:41] - |A| - [24] - C:\WINDOWS\syswow64\Drivers\rtkhdaud.dat [MD5.8C92829CCAE93139B90C46389FBEF4CF] - [10/04/2017 15:11:43] - |A| - [3158120] - C:\WINDOWS\syswow64\Drivers\RTKVHDA.sys [MD5.1C1F7A2AB2A785305F94528D1EA31098] - [10/04/2017 15:11:46] - |A| - [37468] - C:\WINDOWS\syswow64\Drivers\RtPCEE3.DAT [MD5.05D860DA1040F111503AC416CCEF2BCA] - [10/04/2017 15:11:48] - |A| - [85376] - C:\WINDOWS\syswow64\Drivers\sbp2port.sys [MD5.3A7A6695EFC90E7A43C7216FC0658166] - [10/04/2017 15:11:51] - |A| - [123968] - C:\WINDOWS\syswow64\Drivers\scdemu.sys [MD5.0693B5EC673E34DC147E195779A4DCF6] - [10/04/2017 15:11:53] - |A| - [26624] - C:\WINDOWS\syswow64\Drivers\scfilter.sys [MD5.099972E1FAF4950D3994FBAB9DD21253] - [10/04/2017 15:11:54] - |A| - [140160] - C:\WINDOWS\syswow64\Drivers\scsiport.sys [MD5.90A3935D05B494A5A39D37E71F09A677] - [10/04/2017 15:11:55] - |A| - [20480] - C:\WINDOWS\syswow64\Drivers\secdrv.sys [MD5.9AD8B8B515E3DF6ACD4212EF465DE2D1] - [10/04/2017 15:11:58] - |A| - [17920] - C:\WINDOWS\syswow64\Drivers\serenum.sys [MD5.5FB7FCEA0490D821F26F39CC5EA3D1E2] - [10/04/2017 15:11:59] - |A| - [83456] - C:\WINDOWS\syswow64\Drivers\serial.sys [MD5.79BFFB520327FF916A582DFEA17AA813] - [10/04/2017 15:12:00] - |A| - [19968] - C:\WINDOWS\syswow64\Drivers\sermouse.sys [MD5.9F976E1EB233DF46FCE808D9DEA3EB9C] - [10/04/2017 15:12:01] - |A| - [11264] - C:\WINDOWS\syswow64\Drivers\sffdisk.sys [MD5.932A68EE27833CFD57C1639D375F2731] - [10/04/2017 15:12:03] - |A| - [12288] - C:\WINDOWS\syswow64\Drivers\sffp_mmc.sys [MD5.6D4CCAEDC018F1CF52866BBBAA235982] - [10/04/2017 15:12:03] - |A| - [12800] - C:\WINDOWS\syswow64\Drivers\sffp_sd.sys [MD5.756539F6A3F749BF9F7D9F7BE8FC56D7] - [10/04/2017 15:12:03] - |A| - [1474832] - C:\WINDOWS\syswow64\Drivers\sfi.dat [MD5.DB96666CC8312EBC45032F30B007A547] - [10/04/2017 15:12:07] - |A| - [13824] - C:\WINDOWS\syswow64\Drivers\sfloppy.sys [MD5.2565CAC0DC9FE0371BDCE60832582B2E] - [10/04/2017 15:12:07] - |A| - [52304] - C:\WINDOWS\syswow64\Drivers\SISAGP.SYS [MD5.A9F0486851BECB6DDA1D89D381E71055] - [10/04/2017 15:12:08] - |A| - [40016] - C:\WINDOWS\syswow64\Drivers\sisraid2.sys [MD5.3727097B55738E2F554972C3BE5BC1AA] - [10/04/2017 15:12:10] - |A| - [77888] - C:\WINDOWS\syswow64\Drivers\sisraid4.sys [MD5.56BD034721A65983AA6382CD6B3B33D0] - [10/04/2017 15:12:10] - |A| - [99928] - C:\WINDOWS\syswow64\Drivers\SleeN19.sys [MD5.3E21C083B8A01CB70BA1F09303010FCE] - [10/04/2017 15:12:11] - |A| - [71168] - C:\WINDOWS\syswow64\Drivers\smb.sys [MD5.2E467E6CA8E0A140C08011844C0D3936] - [10/04/2017 15:12:17] - |A| - [17408] - C:\WINDOWS\syswow64\Drivers\smclib.sys [MD5.5D9D177CF16256E49F669563C15B37E9] - [10/04/2017 15:12:24] - |A| - [271704] - C:\WINDOWS\syswow64\Drivers\snapman.sys [MD5.E4AAA7D0313861688CBFAF30F9BBAA51] - [10/04/2017 15:12:26] - |A| - [34048] - C:\WINDOWS\syswow64\Drivers\sncduvc.sys [MD5.FA8A150623ED0E99B8E4F5CC3D57968B] - [10/04/2017 15:12:28] - |A| - [1766784] - C:\WINDOWS\syswow64\Drivers\snp2uvc.sys [MD5.95CF1AE7527FB70F7816563CBC09D942] - [10/04/2017 15:12:33] - |A| - [17472] - C:\WINDOWS\syswow64\Drivers\spldr.sys [MD5.D16D818E9930A6E5B4F6476DD0998D1A] - [10/04/2017 15:12:37] - |A| - [405504] - C:\WINDOWS\syswow64\Drivers\spsys.sys [MD5.D86EA722F3337AA3F0253B6E359E6796] - [10/04/2017 15:12:42] - |A| - [310784] - C:\WINDOWS\syswow64\Drivers\srv.sys [MD5.1931823AC05967E5F79B791E9FFC2398] - [10/04/2017 15:12:45] - |A| - [313856] - C:\WINDOWS\syswow64\Drivers\srv2.sys [MD5.50A2FC7B0408F15B77E056076BBB6252] - [10/04/2017 15:12:46] - |A| - [116224] - C:\WINDOWS\syswow64\Drivers\srvnet.sys [MD5.DB32D325C192B801DF274BFD12A7E72B] - [10/04/2017 15:12:46] - |A| - [21072] - C:\WINDOWS\syswow64\Drivers\stexstor.sys [MD5.B40CCEC755DC3FBAE95E568C7849405E] - [10/04/2017 15:12:46] - |A| - [148864] - C:\WINDOWS\syswow64\Drivers\storport.sys [MD5.45B44FC9E5AC0DB02B19D515EE809DE5] - [10/04/2017 15:12:47] - |A| - [53632] - C:\WINDOWS\syswow64\Drivers\stream.sys [MD5.E58C78A848ADD9610A4DB6D214AF5224] - [10/04/2017 15:12:47] - |A| - [12240] - C:\WINDOWS\syswow64\Drivers\swenum.sys [MD5.949C35BF4AE6C110A924AB5E2175DDA7] - [10/04/2017 15:12:47] - |A| - [24576] - C:\WINDOWS\syswow64\Drivers\tape.sys [MD5.C7E41209132B9CF084CCEA8593F61328] - [10/04/2017 15:12:48] - |A| - [1309928] - C:\WINDOWS\syswow64\Drivers\tcpip.sys [MD5.A4BF8BE9D1F7D563C7868AC7B2561545] - [10/04/2017 15:12:49] - |A| - [35840] - C:\WINDOWS\syswow64\Drivers\tcpipreg.sys [MD5.2F885864D5BC8A16C86BEE595969A48A] - [10/04/2017 15:12:50] - |A| - [21504] - C:\WINDOWS\syswow64\Drivers\tdi.sys [MD5.1CB91B2BD8F6DD367DFC2EF26FD751B2] - [10/04/2017 15:12:50] - |A| - [18432] - C:\WINDOWS\syswow64\Drivers\tdpipe.sys [MD5.2C2C5AFE7EE4F620D69C23C0617651A8] - [10/04/2017 15:12:50] - |A| - [24576] - C:\WINDOWS\syswow64\Drivers\tdtcp.sys [MD5.B459575348C20E8121D6039DA063C704] - [10/04/2017 15:12:50] - |A| - [74752] - C:\WINDOWS\syswow64\Drivers\tdx.sys [MD5.04DBF4B01EA4BF25A9A3E84AFFAC9B20] - [10/04/2017 15:12:51] - |A| - [53120] - C:\WINDOWS\syswow64\Drivers\termdd.sys [MD5.E7294F1807024457049C69FA522283DE] - [10/04/2017 15:12:51] - |A| - [802648] - C:\WINDOWS\syswow64\Drivers\tib.sys [MD5.A5F87EDA0FCD8879BEEEB9ABB0C40F1F] - [10/04/2017 15:12:52] - |A| - [166232] - C:\WINDOWS\syswow64\Drivers\tib_mounter.sys [MD5.6C5139E4283249518F7743D7043775B3] - [10/04/2017 15:12:52] - |A| - [31232] - C:\WINDOWS\syswow64\Drivers\tssecsrv.sys [MD5.FD1D6C73E6333BE727CBCC6054247654] - [10/04/2017 15:12:52] - |A| - [52224] - C:\WINDOWS\syswow64\Drivers\TsUsbFlt.sys [MD5.B2FA25D9B17A68BB93D58B0556E8C90D] - [10/04/2017 15:12:53] - |A| - [108544] - C:\WINDOWS\syswow64\Drivers\tunnel.sys [MD5.750FBCB269F4D7DD2E420C56B795DB6D] - [10/04/2017 15:12:53] - |A| - [55888] - C:\WINDOWS\syswow64\Drivers\UAGP35.SYS [MD5.EE43346C7E4B5E63E54F927BABBB32FF] - [10/04/2017 15:12:53] - |A| - [246784] - C:\WINDOWS\syswow64\Drivers\udfs.sys [MD5.44E8048ACE47BEFBFDC2E9BE4CBC8880] - [10/04/2017 15:12:53] - |A| - [57424] - C:\WINDOWS\syswow64\Drivers\ULIAGPKX.SYS [MD5.D295BED4B898F0FD999FCFA9B32B071B] - [10/04/2017 15:12:53] - |A| - [39936] - C:\WINDOWS\syswow64\Drivers\umbus.sys [MD5.7550AD0C6998BA1CB4843E920EE0FEAC] - [10/04/2017 15:12:55] - |A| - [8192] - C:\WINDOWS\syswow64\Drivers\umpass.sys [MD5.B71DA871254D96D0349639D03E4C1CC1] - [10/04/2017 15:12:55] - |A| - [15872] - C:\WINDOWS\syswow64\Drivers\usb8023.sys [MD5.FD82D2B38C465A55C527E339BA1201B1] - [10/04/2017 15:12:55] - |A| - [25856] - C:\WINDOWS\syswow64\Drivers\USBCAMD.sys [MD5.E071E5BE621FEC4590117C488A78AE32] - [10/04/2017 15:12:55] - |A| - [25856] - C:\WINDOWS\syswow64\Drivers\USBCAMD2.sys [MD5.0803FBA9FE829D61AE26EC0BCC910C46] - [10/04/2017 15:12:56] - |A| - [76288] - C:\WINDOWS\syswow64\Drivers\usbccgp.sys [MD5.2352AB5F9F8F097BF9D41D5A4718A041] - [10/04/2017 15:12:56] - |A| - [86016] - C:\WINDOWS\syswow64\Drivers\usbcir.sys [MD5.74F805AB12EB0E3E49E469F19FF02640] - [10/04/2017 15:12:57] - |A| - [6016] - C:\WINDOWS\syswow64\Drivers\usbd.sys [MD5.D40855F89B69305140BBD7E9A3BA2DA6] - [10/04/2017 15:12:57] - |A| - [43520] - C:\WINDOWS\syswow64\Drivers\usbehci.sys [MD5.EDF2DF71C4F1E13A6AC75F5224DE655A] - [10/04/2017 15:12:57] - |A| - [258560] - C:\WINDOWS\syswow64\Drivers\usbhub.sys [MD5.9828C8D14CC2676421778F0DE638CF97] - [10/04/2017 15:12:57] - |A| - [20480] - C:\WINDOWS\syswow64\Drivers\usbohci.sys [MD5.EC2C5AF37B76D7B58C642CB74423DB7A] - [10/04/2017 15:12:58] - |A| - [284672] - C:\WINDOWS\syswow64\Drivers\usbport.sys [MD5.797D862FE0875E75C7CC4C1AD7B30252] - [10/04/2017 15:12:58] - |A| - [19968] - C:\WINDOWS\syswow64\Drivers\usbprint.sys [MD5.1A078C3FE1C1F9C8561CD600C69AD300] - [10/04/2017 15:12:58] - |A| - [26112] - C:\WINDOWS\syswow64\Drivers\usbrpm.sys [MD5.BF63EBFC6979FEFB2BC03DF7989A0C1A] - [10/04/2017 15:12:58] - |A| - [76288] - C:\WINDOWS\syswow64\Drivers\USBSTOR.SYS [MD5.800AABFD625EEFF899F7E5496BDE37AB] - [10/04/2017 15:12:59] - |A| - [24064] - C:\WINDOWS\syswow64\Drivers\usbuhci.sys [MD5.DE014425522610BEDCA3821BB8C0F1D5] - [10/04/2017 15:12:59] - |A| - [146816] - C:\WINDOWS\syswow64\Drivers\usbvideo.sys [MD5.6BEE3F8B3A08179BA475AA6043CAB30D] - [10/04/2017 15:13:01] - |A| - [36352] - C:\WINDOWS\syswow64\Drivers\VClone.sys [MD5.A059C4C3EDB09E07D21A8E5C0AABD3CB] - [10/04/2017 15:13:01] - |A| - [32832] - C:\WINDOWS\syswow64\Drivers\vdrvroot.sys [MD5.8E38096AD5C8570A6F1570A61E251561] - [10/04/2017 15:13:02] - |A| - [25088] - C:\WINDOWS\syswow64\Drivers\vga.sys [MD5.17C408214EA61696CEC9C66E388B14F3] - [10/04/2017 15:13:02] - |A| - [26112] - C:\WINDOWS\syswow64\Drivers\vgapnp.sys [MD5.5461686CCA2FDA57B024547733AB42E3] - [10/04/2017 15:13:02] - |A| - [160128] - C:\WINDOWS\syswow64\Drivers\vhdmp.sys [MD5.C829317A37B4BEA8F39735D4B076E923] - [10/04/2017 15:13:03] - |A| - [53328] - C:\WINDOWS\syswow64\Drivers\VIAAGP.SYS [MD5.E02F079A6AA107F06B16549C6E5C7B74] - [10/04/2017 15:13:03] - |A| - [52736] - C:\WINDOWS\syswow64\Drivers\viac7.sys [MD5.E43574F6A56A0EE11809B48C09E4FD3C] - [10/04/2017 15:13:03] - |A| - [16976] - C:\WINDOWS\syswow64\Drivers\viaide.sys [MD5.15C126D1B55814B9E5CAB10A9C1F4C67] - [10/04/2017 15:13:04] - |A| - [111616] - C:\WINDOWS\syswow64\Drivers\videoprt.sys [MD5.4C63E00F2F4B5F86AB48A58CD990F212] - [10/04/2017 15:13:04] - |A| - [53120] - C:\WINDOWS\syswow64\Drivers\volmgr.sys [MD5.B5BB72067DDDDBBFB04B2F89FF8C3C87] - [10/04/2017 15:13:05] - |A| - [297040] - C:\WINDOWS\syswow64\Drivers\volmgrx.sys [MD5.F497F67932C6FA693D7DE2780631CFE7] - [10/04/2017 15:13:06] - |A| - [245632] - C:\WINDOWS\syswow64\Drivers\volsnap.sys [MD5.5E780F0D2298236D65177A127B140C68] - [10/04/2017 15:13:07] - |A| - [171352] - C:\WINDOWS\syswow64\Drivers\volume_tracker.sys [MD5.9DFA0CC2F8855A04816729651175B631] - [10/04/2017 15:13:08] - |A| - [141904] - C:\WINDOWS\syswow64\Drivers\vsmraid.sys [MD5.90567B1E658001E79D7C8BBD3DDE5AA6] - [10/04/2017 15:13:08] - |A| - [19968] - C:\WINDOWS\syswow64\Drivers\vwifibus.sys [MD5.7090D3436EEB4E7DA3373090A23448F7] - [10/04/2017 15:13:08] - |A| - [48128] - C:\WINDOWS\syswow64\Drivers\vwififlt.sys [MD5.A3F04CBEA6C2A10E6CB01F8B47611882] - [10/04/2017 15:13:08] - |A| - [14336] - C:\WINDOWS\syswow64\Drivers\vwifimp.sys [MD5.DE3721E89C653AA281428C8A69745D90] - [10/04/2017 15:13:10] - |A| - [21632] - C:\WINDOWS\syswow64\Drivers\wacompen.sys [MD5.3C3C78515F5AB448B022BDF5B8FFDD2E] - [10/04/2017 15:13:10] - |A| - [63488] - C:\WINDOWS\syswow64\Drivers\wanarp.sys [MD5.CB45A417C8EF7BA6BAC67EDCDDED8700] - [10/04/2017 15:13:10] - |A| - [35328] - C:\WINDOWS\syswow64\Drivers\watchdog.sys [MD5.1112A9BADACB47B7C0BB0392E3158DFF] - [10/04/2017 15:13:14] - |A| - [19024] - C:\WINDOWS\syswow64\Drivers\wd.sys [MD5.5A833408ACFEADB92C7BEB2E7DB6B9BF] - [10/04/2017 15:13:14] - |A| - [20256] - C:\WINDOWS\syswow64\Drivers\wdcsam.sys [MD5.25944D2CC49E0A6C581D02A74B7D6645] - [10/04/2017 15:13:15] - |A| - [527064] - C:\WINDOWS\syswow64\Drivers\Wdf01000.sys [MD5.48704647CD2E9DAA2EB81BDE6D029EDB] - [10/04/2017 15:13:16] - |A| - [47720] - C:\WINDOWS\syswow64\Drivers\WdfLdr.sys [MD5.8B9A943F3B53861F2BFAF6C186168F79] - [10/04/2017 15:13:16] - |A| - [9728] - C:\WINDOWS\syswow64\Drivers\wfplwf.sys [MD5.5CF95B35E59E2A38023836FFF31BE64C] - [10/04/2017 15:13:18] - |A| - [19008] - C:\WINDOWS\syswow64\Drivers\wimmount.sys [MD5.0217679B8FCA58714C3BF2726D2CA84E] - [10/04/2017 15:13:18] - |A| - [11264] - C:\WINDOWS\syswow64\Drivers\wmiacpi.sys [MD5.9A5B1059FE015DB5269FBB25ACBF841D] - [10/04/2017 15:13:20] - |A| - [14912] - C:\WINDOWS\syswow64\Drivers\wmilib.sys [MD5.6DB3276587B853BF886B69528FDB048C] - [10/04/2017 15:13:20] - |A| - [16384] - C:\WINDOWS\syswow64\Drivers\ws2ifsl.sys [MD5.06E6F32C8D0A3F66D956F57B43A2E070] - [10/04/2017 15:13:20] - |A| - [66560] - C:\WINDOWS\syswow64\Drivers\WUDFPf.sys [MD5.867C301E8B790040AE9CF6486E8041DF] - [10/04/2017 15:13:21] - |A| - [155136] - C:\WINDOWS\syswow64\Drivers\WUDFRd.sys ---------- | Drives A: [08/02/2017 02:00:00] - |A| - (.© 2016 Sophos Limited - SophosClean.) - [10640704] - (3.7.14.264) - A:\SophosClean.exe [26/01/2017 02:00:00] - |A| - (. - .) - [1836] - (0.0.0.0) - A:\a2settings.ini B: [25/03/2017 12:19:42] - |A| - (. - .) - [2475] - (0.0.0.0) - B:\Silent Install Builder.lnk [10/11/2016 21:48:56] - |A| - (.Malwarebytes - AdwCleaner is a free Adware/PUP removal tool..) - [3910208] - (6.0.3.0) - B:\adwcleaner_6.030.exe [23/02/2017 19:08:25] - |A| - (.Copyright (C) 2014 - DTVaultPrivacy MFC Application.) - [1173840] - (3.0.0.6) - B:\DTVP30_Launcher.exe [10/11/2016 22:20:03] - |A| - (. - Junkware Removal Tool.) - [1631928] - (8.0.9.0) - B:\JRT.exe [20/03/2017 09:26:53] - |A| - (. - .) - [926278321] - (1.0.0.0) - B:\lfs u 100% s fin pt 5000_sib.exe [25/03/2017 13:30:08] - |A| - (. - .) - [259584] - (1.0.5.0) - B:\OTH.exe [25/03/2017 15:13:05] - |A| - (. - .) - [602112] - (3.2.69.0) - B:\OTL.exe [11/11/2016 13:17:20] - |A| - (.Copyright (C) 2013-2015 SosVirus Software - Pre_Scan.) - [3485608] - (2.11.2016.1) - B:\Pre_Scan.exe [10/11/2016 20:19:10] - |A| - (.Copyright (C) 2013-2016 SosVirus Software - QuickDiag.) - [2367400] - (2.11.2016.1) - B:\quickdiag_2_02.11.2016.1.exe [04/04/2017 15:53:18] - |A| - (. - Software Informer Setup .) - [3734672] - (0.0.0.0) - B:\siinst.exe [14/02/2010 00:18:58] - |A| - (.Codyssey.com - StartCodySafe - Starter for CodySafe portable environment.) - [182756] - (0.2.0.3) - B:\StartCodySafe.exe [10/11/2016 22:04:11] - |A| - (.Nicolas Coolman - ZHPCleane.) - [2488832] - (2016.11.8.191) - B:\ZHPCleaner.exe [10/11/2016 22:41:19] - |A| - (.Nicolas Coolman - ZHPDiag.) - [2442240] - (2016.11.8.213) - B:\ZHPDiag3.exe D: [06/04/2017 11:57:35] - |H| - (. - .) - [16] - (0.0.0.0) - D:\AUTORUN.INF G: [01/01/2017 16:51:50] - |A| - (.© Microsoft Corporation. All rights reserved. - Boot Manager.) - [651096] - (6.3.9600.17031) - G:\bootmgr.exe [26/02/2017 19:31:59] - |A| - (. - .) - [292161608] - (0.0.0.0) - G:\EmsisoftEmergencyKit.exe [18/01/2017 02:43:14] - |A| - (.Copyright (C) 2013-2017 SosVirus Software - Pre_Scan.) - [3486632] - (5.1.17.2) - G:\pre-scan_7_05.01.17.2.exe [18/01/2017 02:43:18] - |A| - (.Copyright (C) 2013-2017 SosVirus Software - Pre_Scan.) - [3487144] - (10.1.17.1) - G:\pre-scan_7_10.01.17.1.exe [18/01/2017 02:44:58] - |A| - (.Copyright (c) KsL Software and Published by RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - [7210336] - (10.0.0.2267) - G:\RegistryFirstAid_AQFR(2).exe [18/01/2017 02:45:04] - |A| - (.Copyright (c) KsL Software and Published by RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - [7210336] - (10.0.0.2267) - G:\RegistryFirstAid_AQFR.exe [01/01/2017 20:22:31] - |A| - (.(C) 2003-2016 Emsisoft Ltd - Emsisoft Commandline Starter.) - [468184] - (12.0.0.6971) - G:\start commandline scanner.exe [01/01/2017 20:22:31] - |A| - (.(C) 2003-2016 Emsisoft Ltd - Emsisoft Emergency Kit Starter.) - [470800] - (12.0.0.6971) - G:\start emergency kit scanner.exe [02/04/2017 23:04:20] - |A| - (.2017 Rare Ideas, LLC - Start PortableApps.com.) - [1428736] - (14.4.1.0) - G:\Start.exe [26/02/2017 19:49:28] - |A| - (. - .) - [6190] - (0.0.0.0) - G:\a2settings.ini [27/02/2017 07:22:30] - |A| - (. - .) - [64] - (0.0.0.0) - G:\a2whitelist.ini [01/01/2017 16:31:45] - |A| - (. - .) - [1095] - (0.0.0.0) - G:\PecmdExt.ini H: [24/03/2017 10:37:12] - |H| - (. - .) - [16] - (0.0.0.0) - H:\AUTORUN.INF I: [14/03/2017 20:54:52] - |R| - (. - .) - [734003200] - (0.0.0.0) - I:\la vraie lfsu100%sf part 3000 pt 2 pour bluray.part01.exe J: [11/04/2017 08:38:33] - |A| - (. - .) - [552] - (0.0.0.0) - J:\COMODO TrustConnect (VPN).lnk [11/04/2017 08:54:57] - |A| - (. - .) - [2212] - (0.0.0.0) - J:\Advanced SystemCare 10.lnk [11/04/2017 08:55:02] - |A| - (. - .) - [2060] - (0.0.0.0) - J:\Comodo Dragon.lnk [11/04/2017 08:55:07] - |A| - (. - .) - [1228] - (0.0.0.0) - J:\COMODO Internet Security.lnk [11/04/2017 08:55:12] - |A| - (. - .) - [1244] - (0.0.0.0) - J:\EaseUS Todo PCTrans.lnk [11/04/2017 08:55:17] - |A| - (. - .) - [2203] - (0.0.0.0) - J:\Google Chrome.lnk [11/04/2017 08:55:22] - |A| - (. - .) - [1109] - (0.0.0.0) - J:\Mozilla Firefox.lnk [23/03/2017 22:37:48] - |H| - (. - .) - [16] - (0.0.0.0) - J:\AUTORUN.INF K: [14/02/2010 00:18:58] - |A| - (.Codyssey.com - StartCodySafe - Starter for CodySafe portable environment.) - [182756] - (0.2.0.3) - K:\StartCodySafe.exe L: [10/01/2017 14:17:11] - |A| - (.Copyright (C) 2013-2017 SosVirus Software - Pre_Scan.) - [3487144] - (10.1.17.1) - L:\pre-scan_7_10.01.17.1.exe [04/01/2017 15:44:11] - |N| - (.Copyright (c) KsL Software and Published by RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - [7210336] - (10.0.0.2267) - L:\RegistryFirstAid_AQFR(2).exe [04/01/2017 15:44:11] - |N| - (.Copyright (c) KsL Software and Published by RoseCitySoftware - Registry First Aid, the easy powerful registry maintenance p.) - [7210336] - (10.0.0.2267) - L:\RegistryFirstAid_AQFR.exe [06/01/2017 22:05:18] - |N| - (.Copyright © 2010 - XBoot.) - [5902848] - (1.0.4214.29841) - L:\xbootvs1.0beta14.exe [06/01/2017 22:05:19] - |N| - (.Copyright (C) 2013-2017 SosVirus Software - Pre_Scan.) - [3486632] - (5.1.17.2) - L:\pre-scan_7_05.01.17.2.exe [08/01/2017 10:41:18] - |H| - (. - .) - [16] - (0.0.0.0) - L:\AUTORUN.INF M: [13/12/2024 12:50:15] - |A| - (. - .) - [552] - (0.0.0.0) - M:\COMODO TrustConnect (VPN).lnk [11/12/2024 12:42:22] - |A| - (.Copyright (c) 1999-2015 Igor Pavlov - 7z Plugin.) - [1062912] - (15.14.0.0) - M:\7z.dll [11/12/2024 12:42:22] - |A| - (.Copyright (c) 1999-2015 Igor Pavlov - 7-Zip Shell Extension.) - [49664] - (15.14.0.0) - M:\7-zip.dll [29/03/2025 02:38:48] - |A| - (. - .) - [2111096] - (9.0.28.0) - M:\NPSWF32.dll [13/12/2024 04:53:53] - |A| - (.(C) 2003-2016 Emsisoft Ltd - Emsisoft Commandline Starter.) - [468184] - (12.0.0.6971) - M:\start commandline scanner.exe [13/12/2024 04:53:53] - |A| - (.(C) 2003-2016 Emsisoft Ltd - Emsisoft Emergency Kit Starter.) - [470800] - (12.0.0.6971) - M:\start emergency kit scanner.exe [11/12/2024 12:42:22] - |A| - (.Copyright (c) 1999-2015 Igor Pavlov - 7-Zip Console.) - [265728] - (15.14.0.0) - M:\7z.exe [12/12/2024 10:47:14] - |A| - (.SARDU pro s.r.l. - SARDU MultiBoot Creator.) - [1654272] - (3.1.1.0) - M:\sardu_3.exe [13/12/2024 12:56:39] - |A| - (.© BleepingComputer.com. All rights reserved. - Terminates malware processes so that you can run your normal security programs..) - [2030536] - (2.8.4.0) - M:\rkill.exe [24/03/2017 10:39:59] - |H| - (. - .) - [16] - (0.0.0.0) - M:\AUTORUN.INF [13/12/2024 13:19:22] - |A| - (. - .) - [64] - (0.0.0.0) - M:\a2whitelist.ini [13/12/2024 13:19:22] - |A| - (. - .) - [6260] - (0.0.0.0) - M:\a2settings.ini N: [14/02/2010 00:18:58] - |A| - (.Codyssey.com - StartCodySafe - Starter for CodySafe portable environment.) - [182756] - (0.2.0.3) - N:\StartCodySafe.exe [23/03/2017 22:37:43] - |H| - (. - .) - [16] - (0.0.0.0) - N:\AUTORUN.INF O: R: [22/01/2017 09:50:46] - |A| - (. - .) - [574] - (0.0.0.0) - R:\COMODO TrustConnect (VPN).lnk [21/02/2016 19:04:14] - |A| - (.Copyright (c) Rocket Division Software, StarBurn Software 2001-2015. All rights reserved. - StarBurn CD/DVD/Blu-Ray/HD-DVD Burning, Grabbing and Mastering Toolkit for Windows 95/98/Me/NT/2000/XP/2003/Vista/Longhorn/7/8/2010.) - [3235200] - (15.5.1.4144) - R:\StarBurn.dll [10/11/2016 21:48:56] - |A| - (.Malwarebytes - AdwCleaner is a free Adware/PUP removal tool..) - [3910208] - (6.0.3.0) - R:\adwcleaner_6.030.exe [30/04/2016 20:13:58] - |A| - (.©2016 BitTorrent, Inc. All Rights Reserved. - BitTorrent.) - [1963528] - (7.9.6.42179) - R:\BitTorrent (1).exe [30/04/2016 20:17:08] - |RA| - (.©2016 BitTorrent, Inc. All Rights Reserved. - BitTorrent.) - [1963528] - (7.9.6.42179) - R:\BitTorrent(btkey,https^3A^2F^2Futp.st^2FjSAg97W0).exe [04/03/2017 10:57:32] - |A| - (.©1999-2015 Jonathan Bennett & AutoIt Team - Farbar Recovery Scan Tool.) - [2423808] - (5.3.2017.0) - R:\FRST64.exe [25/02/2015 15:22:15] - |A| - (.ENC Security Systems BV - SanDisk SecureAccessV3.) - [16024600] - (6.0.9.0) - R:\RunSanDiskSecureAccess_Win.exe [22/01/2017 09:15:29] - |A| - (.© 2016 Sophos Limited - SophosClean.) - [11619360] - (3.7.13.262) - R:\SophosClean_x64.exe [14/02/2010 00:18:58] - |A| - (.Codyssey.com - StartCodySafe - Starter for CodySafe portable environment.) - [182756] - (0.2.0.3) - R:\StartCodySafe.exe [16/12/2016 18:26:35] - |A| - (. - .) - [89589712] - (0.0.0.0) - R:\VideoMeetingPlus_1.0.1711.0_Beta_VMX160226-03.exe [10/11/2016 22:04:11] - |A| - (.Nicolas Coolman - ZHPCleane.) - [2488832] - (2016.11.8.191) - R:\ZHPCleaner.exe [10/11/2016 22:41:19] - |A| - (.Nicolas Coolman - ZHPDiag.) - [2442240] - (2016.11.8.213) - R:\ZHPDiag3.exe [09/12/2016 16:18:19] - |A| - (. - .) - [149] - (0.0.0.0) - R:\autorun (1).inf [24/05/2016 07:32:13] - |A| - (. - .) - [5774] - (0.0.0.0) - R:\a2settings.ini [24/05/2016 09:34:30] - |A| - (. - .) - [64] - (0.0.0.0) - R:\a2whitelist.ini [18/04/2026 19:29:05] - |A| - (. - .) - [2054] - (0.0.0.0) - R:\Framakey.ini [09/08/2016 16:00:26] - |A| - (. - .) - [44] - (0.0.0.0) - R:\language.ini [11/07/2016 09:24:15] - |A| - (. - .) - [0] - (0.0.0.0) - R:\LogAnalyZer.ini [25/02/2017 07:34:32] - |A| - (. - .) - [2069] - (0.0.0.0) - R:\rk_config.ini S: [17/03/2017 07:37:09] - |A| - (. - .) - [2475] - (0.0.0.0) - S:\Silent Install Builder.lnk [24/02/2017 06:25:04] - |A| - (.Copyright (C) 2004-2017 SHIROUZU Hiroaki All rights reserved. - Shell Extension for FastCopy.) - [155136] - (3.2.7.0) - S:\FastEx64.dll [24/02/2017 06:25:04] - |A| - (.Copyright (C) 2004-2017 SHIROUZU Hiroaki All rights reserved. - Shell Extension for FastCopy.) - [128000] - (3.2.7.0) - S:\FastExt1.dll [01/03/2017 08:46:38] - |A| - (.Pierre13 - Nettoyage des fichiers temporaires.) - [1352704] - (2.3.0.7) - S:\SFT.EXE [01/03/2017 08:46:18] - |A| - (.© pdfforge GmbH. All rights reserved. - PDF Architect Installer.) - [9968704] - (5.0.21.32007) - S:\PDF_Architect_5_Installer.exe [01/03/2017 08:46:28] - |A| - (.Copyright (C) 2009 Secure By Design Inc - Ninite.) - [422480] - (0.1.1.1123) - S:\Ninite AdAware Air Classic Start Dropbox Firefox Installer.exe [01/03/2017 08:46:39] - |A| - (.Copyright © 2008-2016 Auslogics Labs Pty Ltd - TweakBit File Recovery Installation File .) - [7130824] - (7.0.0.1) - S:\file-recovery-setup.exe [01/03/2017 08:46:43] - |A| - (. - Vimeo Download Setup .) - [2268120] - (1.0.5.0) - S:\VimeoDownload_2.1.30.1215_o.exe [14/02/2017 20:28:26] - |A| - (.Copyright(c) 2004-2017 - PowerISO Setup.) - [3962104] - (6.8.0.0) - S:\PowerISO6-x64.exe [14/02/2017 20:28:28] - |A| - (. - Software Informer Setup .) - [3734672] - (0.0.0.0) - S:\siinst.exe [14/02/2017 20:43:48] - |A| - (. - .) - [2278304] - (0.0.0.0) - S:\winrar-x64-540fr.exe [14/02/2017 20:28:16] - |A| - (. - .) - [45387584] - (4.42.0.0) - S:\firefox_setup_52.0b2.exe [01/03/2017 08:52:11] - |A| - (.Copyright © 1998-2016 KC Softwares - KC Softwares AudioGrail Setup .) - [2006728] - (7.9.0.209) - S:\Setup.exe [13/03/2017 14:01:29] - |A| - (. - .) - [4698669056] - (0.0.0.0) - S:\la vraie lfsu100%sf part 3000 le 11 mars 2017 à 15h35.part1.exe [17/03/2017 07:54:46] - |A| - (.Nicolas Coolman - ZHPDiag.) - [2442240] - (2016.11.8.213) - S:\ZHPDiag3.exe [17/03/2017 08:01:12] - |A| - (.Malwarebytes - AdwCleaner is a free Adware/PUP removal tool..) - [3910208] - (6.0.3.0) - S:\adwcleaner_6.030.exe [17/03/2017 08:01:13] - |A| - (. - Junkware Removal Tool.) - [1631928] - (8.0.9.0) - S:\JRT.exe [17/03/2017 08:01:13] - |A| - (.Copyright (C) 2013-2015 SosVirus Software - Pre_Scan.) - [3485608] - (2.11.2016.1) - S:\Pre_Scan.exe [17/03/2017 08:01:13] - |A| - (.Copyright (C) 2013-2016 SosVirus Software - QuickDiag.) - [2367400] - (2.11.2016.1) - S:\quickdiag_2_02.11.2016.1.exe [17/03/2017 08:01:14] - |A| - (.Nicolas Coolman - ZHPCleane.) - [2488832] - (2016.11.8.191) - S:\ZHPCleaner.exe [01/03/2017 08:52:12] - |A| - (. - .) - [2069] - (0.0.0.0) - S:\rk_config.ini U: [27/11/2016 17:14:03] - |H| - (. - .) - [16] - (0.0.0.0) - U:\AUTORUN.INF V: [30/12/2016 18:46:46] - |A| - (. - .) - [2497] - (0.0.0.0) - V:\O&O Defrag.lnk [01/01/2017 15:17:08] - |A| - (.Nicolas Coolman - ZHPDiag.) - [2624000] - (2016.12.30.255) - V:\ZHPDiag3.exe [01/01/2017 15:17:09] - |A| - (.Copyright (C) 2013-2016 SosVirus Software - QuickDiag.) - [2388904] - (4.12.2016.1) - V:\quickdiag_2_04.12.2016.1.exe [01/01/2017 15:17:09] - |A| - (.© 2008/2010 C_XX - SEAF.) - [498868] - (1.0.1.0) - V:\SEAF.exe [01/01/2017 15:17:10] - |A| - (.Copyright (C) 2013-2016 SosVirus Software - AdsFix.) - [6459816] - (30.12.2016.1) - V:\adsfix_3_30.12.2016.1.exe [01/01/2017 15:27:18] - |A| - (.(C) 2003-2016 Emsisoft Ltd - Emsisoft Commandline Starter.) - [468184] - (12.0.0.6971) - V:\start commandline scanner.exe [01/01/2017 15:27:18] - |A| - (.(C) 2003-2016 Emsisoft Ltd - Emsisoft Emergency Kit Starter.) - [470800] - (12.0.0.6971) - V:\start emergency kit scanner.exe [29/12/2016 21:12:05] - |A| - (. - .) - [64] - (0.0.0.0) - V:\a2whitelist.ini [29/12/2016 14:31:41] - |A| - (. - .) - [6226] - (0.0.0.0) - V:\a2settings.ini [01/01/2017 15:17:10] - |SH| - (. - .) - [104] - (0.0.0.0) - V:\desktop.ini W: [10/08/2016 15:27:08] - |A| - (.© 2006-2016 SurfRight, a Sophos company - HitmanPro 3.7.) - [11438608] - (3.7.14.265) - W:\HitmanPro_x64.exe [10/08/2016 15:27:08] - |A| - (.© 2006-2016 SurfRight, a Sophos company - HitmanPro 3.7.) - [11005320] - (3.7.15.281) - W:\HitmanPro.exe [10/10/2016 10:35:14] - |N| - (.ResetBrowser - Comment Supprimer ? - ResetBrowser.) - [1622528] - (0.1.1.6) - W:\ResetBrowser.exe [20/03/2017 08:26:53] - |A| - (. - .) - [926278321] - (1.0.0.0) - W:\lfs u 100% s fin pt 5000_sib.exe [14/02/2010 00:18:58] - |A| - (.Codyssey.com - StartCodySafe - Starter for CodySafe portable environment.) - [182756] - (0.2.0.3) - W:\StartCodySafe.exe [20/03/2017 13:10:05] - |H| - (. - .) - [16] - (0.0.0.0) - W:\AUTORUN.INF ---------- | C: [10/11/2016 16:26:48] - |D| - [250590] - C:\$GetCurrent [07/04/2017 14:31:50] - |SHD| - [645] - C:\$RECYCLE.BIN [01/04/2017 15:19:50] - |D| - [766068] - C:\AeroEnabler [10/11/2016 20:17:35] - |D| - [126954006] - C:\AMD [MD5.D9EBEC6668A6092FCBD1713C347AA5E0] - [10/04/2017 04:58:02] - |A| - (. - .) - [24] - (0.0.0.0) - C:\autoexec.bat [10/04/2017 04:58:09] - |D| - [2135935021] - C:\Backup [MD5.5668508EF002D8BEB78791DECE8AB0DD] - [04/04/2017 16:09:13] - |A| - (. - .) - [4877] - (0.0.0.0) - C:\bdlog.txt [30/03/2017 10:46:19] - |D| - [7294580] - C:\Black-Glass ThemePack [03/04/2017 15:56:32] - |D| - [583667] - C:\Blank Caption [10/04/2017 04:58:09] - |D| - [86054683] - C:\book [02/08/2012 04:02:18] - |SHD| - [203485870] - C:\Boot [MD5.21BF183C15AFE62A8D1137BB9007B2A3] - [26/07/2012 10:18:43] - |RASH| - (. - .) - [398156] - (0.0.0.0) - C:\bootmgr [MD5.D6AE2D5521DD93AEBC90D411D099FA36] - [10/04/2017 04:58:02] - |A| - (. - .) - [383562] - (0.0.0.0) - C:\bootmgr_FromLFSULTRA-WIDEN [MD5.93B885ADFE0DA089CDF634904FD59F71] - [26/07/2012 10:18:43] - |ASH| - (. - .) - [1] - (0.0.0.0) - C:\BOOTNXT [MD5.117A26124A6997CB68A7984E2EA6ECCE] - [10/04/2017 04:58:02] - |A| - (. - .) - [8192] - (0.0.0.0) - C:\BOOTSECT.BAK [MD5.FA3BEA08D21F96468B4CBBDDE74F538F] - [10/04/2017 04:58:03] - |A| - (. - .) - [3224] - (0.0.0.0) - C:\bootsqm.dat [06/04/2017 11:48:55] - |D| - [6297946] - C:\Chromium ThemePack [10/04/2017 04:58:09] - |D| - [4036822] - C:\CodySafe [10/11/2016 16:47:21] - |SHD| - [881296] - C:\Config.Msi [MD5.ED4FC5980BD8B1AD869FF725C7776338] - [10/04/2017 04:58:03] - |A| - (. - .) - [10] - (0.0.0.0) - C:\config.sys [MD5.7EA7A67CCD676209E8D87FE49D2AC8C6] - [07/04/2017 14:59:41] - |A| - (. - .) - [1014] - (0.0.0.0) - C:\DelFix.txt [MD5.ACA1FD5675E1A522C015D968A136C74B] - [10/04/2017 04:58:04] - |A| - (. - .) - [815] - (0.0.0.0) - C:\DelFix_FromLFSULTRA-WIDEN.txt [10/04/2017 04:58:09] - |D| - [674] - C:\Documents [26/07/2012 09:22:08] - |SD| - [0] - C:\Documents and Settings [MD5.EB36F91E5918B40C3C0B8BF4F8196166] - [05/04/2017 11:18:27] - |A| - (. - .) - [1828] - (0.0.0.0) - C:\EamClean.log [01/04/2017 16:17:40] - |D| - [10195] - C:\Ease of Access Themes [10/04/2017 04:58:09] - |D| - [1478656] - C:\ESD [10/04/2017 04:58:09] - |D| - [0] - C:\EverySync [MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/11/2016 09:59:23] - |ASH| - (. - .) - [1535000576] - (0.0.0.0) - C:\hiberfil.sys [07/01/2013 13:49:41] - |RSD| - [4053232] - C:\hp [04/04/2017 15:28:47] - |D| - [0] - C:\IconPack [10/04/2017 04:58:09] - |D| - [0] - C:\Intel [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 04:58:04] - |A| - (. - .) - [0] - (0.0.0.0) - C:\IO.SYS [01/04/2017 16:47:00] - |D| - [386577] - C:\Maps [11/11/2016 18:27:25] - |D| - [920894] - C:\MARMITON [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 04:58:04] - |A| - (. - .) - [0] - (0.0.0.0) - C:\MSDOS.SYS [10/04/2017 04:58:10] - |D| - [2596602727] - C:\OEM [15/11/2016 22:45:19] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [05/03/2013 09:30:46] - |RAS| - (. - .) - [0] - (0.0.0.0) - C:\OS [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/11/2016 15:45:31] - |ASH| - (. - .) - [9663676416] - (0.0.0.0) - C:\pagefile.sys [12/11/2016 09:22:34] - |D| - [0] - C:\PerfLogs [10/04/2017 04:58:10] - |D| - [9172639] - C:\PortableApps [12/11/2016 08:57:26] - |D| - [20882954243] - C:\Program Files [12/11/2016 08:57:26] - |RD| - [27306622751] - C:\Program Files (x86) [12/11/2016 09:22:34] - |HD| - [19740246182] - C:\ProgramData [11/04/2017 13:58:52] - |D| - [262051] - C:\QuickDiag [MD5.9FE315C2112F80991D616703F0923668] - [11/04/2017 13:59:25] - |A| - (. - .) - [834338] - (0.0.0.0) - C:\QuickDiag.txt [10/11/2016 18:05:55] - |SHD| - [260723575] - C:\Recovery [MD5.E87E641E875A89F9D2A5CC1F70FB9D5B] - [14/11/2016 10:38:16] - |A| - (. - .) - [415102] - (0.0.0.0) - C:\Reflect_Install.log [MD5.4E0E6588697C22A5D2E6C9F2F699EE4D] - [10/04/2017 04:58:04] - |A| - (. - .) - [301898] - (0.0.0.0) - C:\Reflect_Install_FromLFSULTRA-WIDEN.log [03/04/2017 14:40:44] - |D| - [93884724] - C:\ResBuilder [MD5.70A86849D2637DC3D597351A2F62834A] - [10/04/2017 04:58:04] - |A| - (. - .) - [2089] - (0.0.0.0) - C:\RHDSetup.log [03/04/2017 14:44:21] - |D| - [2488161] - C:\RibbonDisabler [30/03/2017 08:40:32] - |D| - [0] - C:\Sauvegarde Personnelle [10/04/2017 04:58:11] - |D| - [0] - C:\SauvegardePersonnelle [30/03/2017 10:45:35] - |D| - [175376892] - C:\SkinPack [MD5.7FEA5C981C720D6A89CE65D95AE13E38] - [10/04/2017 04:58:04] - |A| - (.Codyssey.com - StartCodySafe - Starter for CodySafe portable environment.) - [182756] - (0.2.0.3) - C:\StartCodySafe.exe [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/11/2016 15:45:31] - |ASH| - (. - .) - [268435456] - (0.0.0.0) - C:\swapfile.sys [02/08/2012 05:15:28] - |AD| - [1021173952] - C:\SWSETUP [10/11/2016 15:45:30] - |SHD| - [0] - C:\System Volume Information [01/08/2012 11:57:15] - |RASD| - [38369529] - C:\SYSTEM.SAV [01/04/2017 17:13:21] - |D| - [5578890] - C:\Themes [12/11/2016 08:57:26] - |RD| - [189756762450] - C:\Users [01/04/2017 15:19:53] - |D| - [1897834] - C:\UXThemePatcher [04/04/2017 15:28:50] - |D| - [6460212] - C:\Vineyard ThemePack [10/04/2017 04:58:11] - |D| - [0] - C:\VTRoot [06/04/2017 12:42:52] - |HD| - [24770560] - C:\W7P_Backups [12/11/2016 08:57:26] - |D| - [40562688486] - C:\Windows [03/04/2017 14:37:57] - |D| - [6907151] - C:\Windows10 ThemePack [10/11/2016 16:25:37] - |D| - [16222733] - C:\Windows10Upgrade [MD5.991259543A881986BC79AB5911A1C3F3] - [16/08/2016 15:10:36] - |A| - (.Copyright (c) 2016 WinZip International LLC. All Rights Reserved. - WinZip Driver Updater installer.) - [12116952] - (5.12.0.10) - C:\WZDUSetup_with_WZSM_5.12.0.10.exe [10/04/2017 04:58:05] - |D| - [2603616823] - C:\X_Drive [10/04/2017 04:58:13] - |D| - [258] - C:\Z_Drive ---------- | C:\WINDOWS [MD5.065919847CF1C1C0A1C5F63C488EB54B] - [10/04/2017 05:20:29] - |A| - (. - .) - [33] - (0.0.0.0) - C:\WINDOWS\0 [MD5.AC534A6E290E93F668F3E4DDC2A6162D] - [11/04/2017 13:26:51] - |A| - (. - .) - [66] - (0.0.0.0) - C:\WINDOWS\ACDSeeVideoStudio.INI [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 05:20:30] - |A| - (. - .) - [0] - (0.0.0.0) - C:\WINDOWS\Acer.tag [10/04/2017 05:20:30] - |D| - [0] - C:\WINDOWS\Acronis [12/11/2016 09:22:34] - |D| - [1604] - C:\WINDOWS\addins [12/11/2016 09:22:34] - |D| - [50570596] - C:\WINDOWS\appcompat [12/11/2016 09:22:34] - |D| - [22389434] - C:\WINDOWS\AppPatch [12/11/2016 09:22:34] - |D| - [0] - C:\WINDOWS\AppReadiness [12/11/2016 09:22:34] - |RSD| - [2781461461] - C:\WINDOWS\assembly [MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/11/2016 09:50:32] - |A| - (. - .) - [0] - (0.0.0.0) - C:\WINDOWS\ativpsrm.bin [12/11/2016 09:22:34] - |D| - [325008] - C:\WINDOWS\bcastdvr [MD5.7B465E25ADF5D6DBCE9DCAE3C6545405] - [16/07/2016 13:42:16] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [61440] - (10.0.14393.0) - C:\WINDOWS\bfsvc.exe [MD5.DBD14D0DB0382DFE96D7B5007DDD5ABE] - [10/04/2017 07:50:42] - |A| - (.© Microsoft Corporation. All rights reserved. - Boot File Servicing Utility.) - [65024] - (6.1.7601.17514) - C:\WINDOWS\bfsvc_FromLFSULTRA-WIDEN.exe [12/11/2016 09:22:34] - |D| - [38115959] - C:\WINDOWS\Boot [MD5.C873B45D3E952F0CEFF75C63A762BE08] - [12/11/2016 09:47:22] - |A| - (. - .) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [MD5.B2D8816946A324EC51B2FE0A91B8A2DA] - [10/04/2017 07:53:30] - |A| - (. - .) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat_FromLFSULTRA-WIDEN.dat [12/11/2016 09:22:34] - |D| - [6948888] - C:\WINDOWS\Branding [MD5.9130CCE19B5DB3D2E31F9F789263FC4A] - [04/04/2017 15:54:49] - |A| - (.Copyright (c) 1999-2006 Microsoft Corporation - CAPICOM Module.) - [511328] - (2.1.0.2) - C:\WINDOWS\capicom.dll [12/11/2016 09:01:06] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.6FBB766EB79F9EED3684194EEAF838DF] - [10/04/2017 07:53:47] - |A| - (. - .) - [11453] - (0.0.0.0) - C:\WINDOWS\ChangeLang_Done.tag [MD5.3A12D0855904754EB55D5A05BD301683] - [10/04/2017 07:53:49] - |A| - (. - .) - [10] - (0.0.0.0) - C:\WINDOWS\CSUP.TXT [12/11/2016 09:22:34] - |D| - [11208904] - C:\WINDOWS\Cursors [12/11/2016 09:22:34] - |D| - [1220696] - C:\WINDOWS\debug [10/04/2017 08:00:01] - |D| - [254527] - C:\WINDOWS\DeployWinRE2 [MD5.337F31202C81C9DC45F52600F41EF046] - [10/04/2017 08:00:23] - |A| - (. - .) - [14947] - (0.0.0.0) - C:\WINDOWS\devices.txt [12/11/2016 09:22:34] - |D| - [4543876] - C:\WINDOWS\diagnostics [12/11/2016 09:33:07] - |D| - [0] - C:\WINDOWS\DigitalLocker [MD5.AE1DA8E3C96DB523C5ED854718E7D4E4] - [31/03/2017 07:58:28] - |A| - (. - .) - [544] - (0.0.0.0) - C:\WINDOWS\dm.dmap [MD5.3B3E3D81B9F4FAB89AC0B2769ABE17D3] - [10/04/2017 08:33:26] - |A| - (. - .) - [64] - (0.0.0.0) - C:\WINDOWS\dm_FromLFSULTRA-WIDEN.dmap [10/04/2017 08:33:36] - |D| - [12505585] - C:\WINDOWS\Downloaded Installations [12/11/2016 09:22:34] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [MD5.ECA34F1D012E988A489B0DD8D5DC9459] - [10/04/2017 08:34:54] - |A| - (. - .) - [76444] - (0.0.0.0) - C:\WINDOWS\DPINST.LOG [12/11/2016 09:22:34] - |D| - [67728] - C:\WINDOWS\ELAMBKUP [MD5.E7CCB395344AF1C555C45E55C149A773] - [10/04/2017 08:35:02] - |A| - (.Copyright (C) 2004 - EMCRI DLL.) - [361808] - (1.0.0.3) - C:\WINDOWS\EMCRI_E.dll [12/11/2016 09:33:07] - |D| - [0] - C:\WINDOWS\en-US [07/04/2017 14:59:55] - |D| - [232127244] - C:\WINDOWS\ERUNT [MD5.F2D58A2E27C2CD486F8F0A123A3F34C3] - [29/03/2017 17:00:49] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4674360] - (10.0.14393.953) - C:\WINDOWS\explorer.exe [MD5.40D777B7A95E00593EB1568C68514493] - [10/04/2017 08:39:10] - |A| - (.© Microsoft Corporation. All rights reserved. - Windows Explorer.) - [2616320] - (6.1.7601.17514) - C:\WINDOWS\explorer_FromLFSULTRA-WIDEN.exe [MD5.F38B53088F3200BC9B8037DBA400F0AA] - [10/04/2017 08:39:21] - |A| - (. - .) - [113264] - (0.0.0.0) - C:\WINDOWS\FixUVC.exe [12/11/2016 09:22:34] - |RSD| - [715943799] - C:\WINDOWS\Fonts [12/11/2016 09:33:07] - |D| - [264704] - C:\WINDOWS\fr-FR [MD5.F9202335BBA03A02F084FE588564BBF5] - [10/04/2017 09:14:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de chiffrement de lecteur BitLocker.) - [13824] - (6.1.7600.16385) - C:\WINDOWS\fveupdate.exe [12/11/2016 09:22:34] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter [12/11/2016 09:22:34] - |D| - [99946859] - C:\WINDOWS\Globalization [12/11/2016 09:22:34] - |D| - [40496837] - C:\WINDOWS\Help [MD5.F9B5CE3730DA0C1ADEF0EEE202AEBD58] - [29/03/2017 17:01:42] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [975872] - (10.0.14393.953) - C:\WINDOWS\HelpPane.exe [MD5.2FF3A32F01DF61836FED59D441D8B9DF] - [10/04/2017 09:26:25] - |A| - (.© Microsoft Corporation. All rights reserved. - Microsoft Help and Support.) - [497152] - (6.1.7600.16385) - C:\WINDOWS\HelpPane_FromLFSULTRA-WIDEN.exe [MD5.52AFE6DE5E463B7A08C184B1EB49DD6A] - [16/07/2016 13:42:21] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.14393.0) - C:\WINDOWS\hh.exe [MD5.9B90B0C78671A4881D06C91941F6F379] - [10/04/2017 09:26:27] - |A| - (.© Microsoft Corporation. All rights reserved. - Microsoft® HTML Help Executable.) - [15360] - (6.1.7600.16385) - C:\WINDOWS\hh_FromLFSULTRA-WIDEN.exe [MD5.BEBD4E8C491E403C9FA58419D3032B39] - [31/03/2017 11:09:21] - |RASH| - (. - .) - [151] - (0.0.0.0) - C:\WINDOWS\ICMET50.BIN [12/11/2016 09:22:34] - |D| - [316737172] - C:\WINDOWS\IME [12/11/2016 09:22:34] - |RD| - [6842480] - C:\WINDOWS\ImmersiveControlPanel [MD5.EC901F2A5CE0FCA27AC9DC9E8B47E450] - [31/03/2017 07:57:42] - |A| - (. - .) - [528] - (0.0.0.0) - C:\WINDOWS\impr.lkeys [12/11/2016 09:18:20] - |D| - [210676364] - C:\WINDOWS\INF [12/11/2016 09:43:53] - |D| - [890572940] - C:\WINDOWS\InfusedApps [12/11/2016 09:22:35] - |D| - [36285422] - C:\WINDOWS\InputMethod [12/11/2016 09:22:35] - |SHD| - [4344039939] - C:\WINDOWS\Installer [MD5.350B044113729EC96DA7A3CA7012E18F] - [09/04/2017 12:33:02] - |A| - (. - Setup/Uninstall.) - [1160704] - (51.52.0.0) - C:\WINDOWS\is-1AFML.exe [MD5.ECF236826427803D37254B15E3033EFC] - [09/04/2017 12:33:02] - |A| - (. - .) - [363] - (0.0.0.0) - C:\WINDOWS\is-1AFML.lst [MD5.B0610572F47DD7165EF515858C48C164] - [09/04/2017 12:33:02] - |A| - (. - .) - [11397] - (0.0.0.0) - C:\WINDOWS\is-1AFML.msg [12/11/2016 09:22:35] - |D| - [137778] - C:\WINDOWS\L2Schemas [12/11/2016 09:22:35] - |D| - [0] - C:\WINDOWS\LiveKernelReports [MD5.EF3024328398C07DE0BDF35B67ABEC68] - [10/04/2017 11:23:05] - |A| - (. - .) - [172] - (0.0.0.0) - C:\WINDOWS\LMv4.UNI [12/11/2016 09:22:35] - |D| - [75158277] - C:\WINDOWS\Logs [12/11/2016 09:22:35] - |RSD| - [33643256] - C:\WINDOWS\Media [MD5.23AF90D2355D8C83AA4567EF1763B467] - [16/07/2016 13:42:12] - |A| - (. - .) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [MD5.23AF90D2355D8C83AA4567EF1763B467] - [10/04/2017 11:33:43] - |A| - (. - .) - [43131] - (0.0.0.0) - C:\WINDOWS\mib_FromLFSULTRA-WIDEN.bin [12/11/2016 09:22:34] - |RD| - [1344858773] - C:\WINDOWS\Microsoft.NET [12/11/2016 09:22:35] - |D| - [4059] - C:\WINDOWS\Migration [04/04/2017 09:24:24] - |D| - [0] - C:\WINDOWS\Minidump [12/11/2016 09:22:35] - |RD| - [484593] - C:\WINDOWS\MiracastView [MD5.A8BF8A76DA1BDCAEFB65F2F987BCA8C5] - [10/04/2017 12:37:27] - |A| - (. - .) - [2572] - (0.0.0.0) - C:\WINDOWS\MOD01OPK04000H0001.enc [MD5.1162C16DCAF8288ADF7CB74DE472A107] - [10/04/2017 12:37:33] - |A| - (. - .) - [1996] - (0.0.0.0) - C:\WINDOWS\MOD01SET00000000MU.enc [MD5.E551DAEAF6F19A8FCFA8E0D689870CD3] - [10/04/2017 12:37:36] - |A| - (. - .) - [2008] - (0.0.0.0) - C:\WINDOWS\MOD01SET5K000G0002.enc [MD5.448CA8C1E3F648FFEF53645B511C5F74] - [10/04/2017 12:37:37] - |A| - (. - .) - [2476] - (0.0.0.0) - C:\WINDOWS\MOD01SET74FR0H0003.enc [MD5.013985963D7C6010B033A70E452292BA] - [10/04/2017 12:37:37] - |A| - (. - .) - [2048] - (0.0.0.0) - C:\WINDOWS\MOD01SET75000H0005.enc [MD5.24D9E3329D9625546EDD7EEB46B33E9A] - [10/04/2017 12:37:42] - |A| - (. - .) - [2168] - (0.0.0.0) - C:\WINDOWS\MOD01SET78000G0018.enc [12/11/2016 09:22:35] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 02:24:03] - |A| - (. - .) - [0] - (0.0.0.0) - C:\WINDOWS\mozy.blk [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 02:24:01] - |A| - (. - .) - [0] - (0.0.0.0) - C:\WINDOWS\mozy.flt [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 12:37:46] - |A| - (. - .) - [0] - (0.0.0.0) - C:\WINDOWS\mozy_FromLFSULTRA-WIDEN.blk [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 12:37:48] - |A| - (. - .) - [0] - (0.0.0.0) - C:\WINDOWS\mozy_FromLFSULTRA-WIDEN.flt [MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [10/04/2017 12:37:50] - |A| - (. - .) - [1405] - (0.0.0.0) - C:\WINDOWS\msdfmap.ini [10/04/2017 12:37:51] - |D| - [10136198] - C:\WINDOWS\NAPP_Dism_Log [MD5.D0B21C17A8FD3C4D452016AB5E640A58] - [10/04/2017 12:38:05] - |A| - (. - .) - [741] - (0.0.0.0) - C:\WINDOWS\NewDeployWinRE.cmd [MD5.3B508CAE5DEBCBA928B5BC355517E2E6] - [16/07/2016 13:43:51] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [243200] - (10.0.14393.0) - C:\WINDOWS\notepad.exe [MD5.D378BFFB70923139D6A4F546864AA61C] - [10/04/2017 12:38:06] - |A| - (.© Microsoft Corporation. All rights reserved. - Notepad.) - [179712] - (6.1.7600.16385) - C:\WINDOWS\notepad_FromLFSULTRA-WIDEN.exe [MD5.A5EA3AA8C2560F63BEB7D1E6485AE349] - [10/04/2017 12:38:07] - |A| - (. - .) - [247078] - (0.0.0.0) - C:\WINDOWS\ntbtlog.txt [12/11/2016 09:35:00] - |D| - [199472] - C:\WINDOWS\OCR [10/04/2017 12:38:11] - |D| - [229807] - C:\WINDOWS\oem [10/04/2017 12:38:38] - |D| - [499712] - C:\WINDOWS\OEMTemp [12/11/2016 09:22:35] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [10/04/2017 12:38:46] - |D| - [0] - C:\WINDOWS\Options [12/11/2016 09:43:26] - |DC| - [1455272] - C:\WINDOWS\Panther [MD5.ACA81BF682ED2907FCEDF4A359BB8E1B] - [10/04/2017 12:39:31] - |A| - (. - .) - [70] - (0.0.0.0) - C:\WINDOWS\patch.loag [10/04/2017 12:39:44] - |D| - [0] - C:\WINDOWS\PCHEALTH [12/11/2016 09:22:35] - |D| - [91435186] - C:\WINDOWS\Performance [MD5.B3BE42CCD62BA0C789999A1201A4102B] - [07/04/2017 14:11:12] - |A| - (. - .) - [32140] - (0.0.0.0) - C:\WINDOWS\PFRO.log [MD5.84085E1A909CD14B485019946C8C1C09] - [10/04/2017 12:41:29] - |A| - (. - .) - [13040] - (0.0.0.0) - C:\WINDOWS\PFRO_FromLFSULTRA-WIDEN.log [MD5.D94E3AAACFA67F587BAAC5A97B911157] - [10/04/2017 12:41:31] - |A| - (. - .) - [378] - (0.0.0.0) - C:\WINDOWS\PidList.ini [MD5.C4929C7C4BE57AF744E315B239F61F07] - [10/04/2017 12:41:33] - |A| - (. - .) - [302] - (0.0.0.0) - C:\WINDOWS\PidList_C.ini [12/11/2016 09:22:35] - |D| - [2268457] - C:\WINDOWS\PLA [MD5.EADCEB89DD46DA2A5560CA2AF016A6A6] - [10/04/2017 12:42:37] - |A| - (.Copyright (C) 2007 - DefaultSettingEXE MFC Application.) - [206208] - (1.1.0.1) - C:\WINDOWS\PLFSetI.exe [MD5.DEA325B8099A1F8D62A0B15471BF849B] - [10/04/2017 12:42:39] - |A| - (.Copyright (C) 2010 - DefaultSettingEXE.) - [99712] - (1.0.5.0) - C:\WINDOWS\PLFSetL.exe [12/11/2016 09:22:35] - |D| - [5509386] - C:\WINDOWS\PolicyDefinitions [12/11/2016 09:22:35] - |D| - [74599963] - C:\WINDOWS\prefetch [12/11/2016 09:22:35] - |RD| - [2037042] - C:\WINDOWS\PrintDialog [12/11/2016 09:22:35] - |D| - [1415119] - C:\WINDOWS\Provisioning [MD5.BF5D30514FEA913E25CCC9E546257088] - [29/03/2017 16:59:58] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [320512] - (10.0.14393.953) - C:\WINDOWS\regedit.exe [MD5.8A4883F5E7AC37444F23279239553878] - [10/04/2017 12:46:11] - |A| - (.© Microsoft Corporation. All rights reserved. - Registry Editor.) - [398336] - (6.1.7600.16385) - C:\WINDOWS\regedit_FromLFSULTRA-WIDEN.exe [12/11/2016 09:22:35] - |D| - [44132] - C:\WINDOWS\Registration [12/11/2016 09:22:35] - |D| - [7195043] - C:\WINDOWS\Resources [MD5.C8717886B101DFEF52EBC243C1706801] - [10/04/2017 12:47:10] - |A| - (.Copyright (C) 2010 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [1251944] - (1.0.2.4) - C:\WINDOWS\RtlExUpd.dll [12/11/2016 09:22:35] - |D| - [0] - C:\WINDOWS\SchCache [12/11/2016 09:22:35] - |D| - [143733] - C:\WINDOWS\schemas [12/11/2016 09:22:35] - |D| - [8808422] - C:\WINDOWS\security [12/11/2016 09:42:23] - |D| - [59365839] - C:\WINDOWS\ServiceProfiles [12/11/2016 08:57:26] - |D| - [164449595] - C:\WINDOWS\servicing [12/11/2016 09:39:37] - |D| - [499] - C:\WINDOWS\Setup [MD5.51424C0E059FF355132B2014C67086BC] - [10/04/2017 14:15:42] - |A| - (. - .) - [6120] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [10/04/2017 14:15:42] - |A| - (. - .) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [12/11/2016 09:22:35] - |D| - [31190016] - C:\WINDOWS\ShellExperiences [12/11/2016 16:30:14] - |D| - [5151] - C:\WINDOWS\ShellNew [12/11/2016 09:22:35] - |D| - [3070736] - C:\WINDOWS\SKB [MD5.0D0D3F885589CDEA678C3B17ABB70DC7] - [10/04/2017 14:15:42] - |A| - (.Copyright (C) 1998-2014 - ArchiCrypt Live Engine.) - [117848] - (19.1.1.0) - C:\WINDOWS\SleeN1964.sys [MD5.681A54D355E577A934AB532CD997FBF8] - [10/04/2017 14:15:43] - |A| - (.Copyright (C) 2007 - DisplaySettingMonitor MFC Application.) - [30080] - (1.0.4.0) - C:\WINDOWS\snuvcdsm.exe [12/11/2016 10:01:33] - |D| - [185423472] - C:\WINDOWS\SoftwareDistribution [12/11/2016 09:22:35] - |D| - [86037697] - C:\WINDOWS\Speech [12/11/2016 09:22:35] - |D| - [53541356] - C:\WINDOWS\Speech_OneCore [MD5.BCDB205132974EC3AB6F5C01DD93489B] - [11/11/2016 10:32:06] - |A| - (.© Microsoft Corporation. All rights reserved. - Print driver host for applications.) - [130560] - (10.0.14393.351) - C:\WINDOWS\splwow64.exe [MD5.9060C3C745E7B2D8E1A81DD061021546] - [10/04/2017 14:17:05] - |A| - (. - .) - [48201] - (0.0.0.0) - C:\WINDOWS\Starter.xml [MD5.3135B6A59B0BDAD940AF864F9917E4E2] - [29/12/2016 10:21:02] - |A| - (. - .) - [97784] - (0.0.0.0) - C:\WINDOWS\suite.vssMgr.exe [MD5.93C96478B0D5B27B979E0E3AB0802C77] - [10/04/2017 14:17:15] - |A| - (. - .) - [75184] - (0.0.0.0) - C:\WINDOWS\suite.vssMgr_FromLFSULTRA-WIDEN.exe [12/11/2016 14:22:54] - |D| - [11776] - C:\WINDOWS\symbols [12/11/2016 09:22:35] - |D| - [731419] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [12/11/2016 09:22:43] - |A| - (. - .) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [12/11/2016 08:57:26] - |D| - [5332975793] - C:\WINDOWS\System32 [12/11/2016 09:22:36] - |D| - [144065268] - C:\WINDOWS\SystemApps [12/11/2016 09:22:36] - |D| - [17540925] - C:\WINDOWS\SystemResources [MD5.286A9EDB379DC3423A528B0864A0F111] - [10/04/2017 14:19:01] - |A| - (. - .) - [219] - (0.0.0.0) - C:\WINDOWS\system_FromLFSULTRA-WIDEN.ini [12/11/2016 09:22:36] - |D| - [3146764570] - C:\WINDOWS\syswow64 [12/11/2016 09:22:36] - |D| - [15] - C:\WINDOWS\TAPI [12/11/2016 09:22:36] - |D| - [20532] - C:\WINDOWS\Tasks [12/11/2016 09:22:36] - |D| - [16097816] - C:\WINDOWS\Temp [12/11/2016 09:22:36] - |D| - [0] - C:\WINDOWS\tracing [MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/04/2017 18:05:00] - |A| - (. - Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\WINDOWS\twain.dll [12/11/2016 09:22:36] - |D| - [43089484] - C:\WINDOWS\twain_32 [MD5.21F91141B4796108A50733B14850CDF2] - [16/07/2016 13:43:52] - |A| - (. - Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [66560] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [MD5.163A95975E1D8819E653AA3E961371CA] - [10/04/2017 18:05:03] - |A| - (. - Twain_32 Source Manager (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\WINDOWS\twain_32_FromLFSULTRA-WIDEN.dll [MD5.F36A271706EDD23C94956AFB56981184] - [10/04/2017 18:05:03] - |A| - (. - Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\WINDOWS\twunk_16.exe [MD5.0BD6E68F3EA0DD62CD86283D86895381] - [10/04/2017 18:05:03] - |A| - (. - Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\WINDOWS\twunk_32.exe [MD5.B38882E54F783A2C37946C27091DC8B4] - [10/04/2017 01:59:41] - |A| - (.(C) 2000-2009 Dritek System Inc. - Uninstall Application.) - [349776] - (2.1.2.2017) - C:\WINDOWS\UNINSTLMv4.EXE [MD5.B38882E54F783A2C37946C27091DC8B4] - [10/04/2017 18:05:04] - |A| - (.(C) 2000-2009 Dritek System Inc. - Uninstall Application.) - [349776] - (2.1.2.2017) - C:\WINDOWS\UNINSTLMv4_FromLFSULTRA-WIDEN.EXE [MD5.5D5FC880C46C1F08D72464250C8B0D70] - [01/03/2015 00:22:50] - |A| - (.Copyright (c) 2014 - Unsigned Themes service executable.) - [22184] - (0.2.4.1) - C:\WINDOWS\unsignedthemes.exe [12/11/2016 09:22:36] - |D| - [24840] - C:\WINDOWS\Vss [MD5.3135B6A59B0BDAD940AF864F9917E4E2] - [29/12/2016 10:21:02] - |A| - (. - .) - [97784] - (0.0.0.0) - C:\WINDOWS\vssMgr.exe [MD5.93C96478B0D5B27B979E0E3AB0802C77] - [10/04/2017 18:05:06] - |A| - (. - .) - [75184] - (0.0.0.0) - C:\WINDOWS\vssMgr_FromLFSULTRA-WIDEN.exe [MD5.F76DEE9336B452A6766717B9A6F683DB] - [11/04/2017 13:58:49] - |A| - (. - .) - [2648] - (0.0.0.0) - C:\WINDOWS\W7Patcher_x64_Uninstall.log [12/11/2016 09:22:36] - |D| - [17159967] - C:\WINDOWS\Web [MD5.1B9608C0D1318D3AA74AEBB390B5070C] - [12/11/2016 09:22:43] - |A| - (. - .) - [118] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [16/07/2016 13:42:32] - |RAH| - (. - .) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [10/04/2017 18:05:09] - |A| - (. - .) - [749] - (0.0.0.0) - C:\WINDOWS\WindowsShell_FromLFSULTRA-WIDEN.Manifest [MD5.038356387332650843BCB352BB89A101] - [12/11/2016 10:01:34] - |A| - (. - .) - [275] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.8E6F7D51A5CB299C25621C6C1AB57E84] - [10/04/2017 18:05:10] - |A| - (.Copyright © Microsoft Corp. 1991-1992 - Windows Help Engine application file.) - [256192] - (3.10.0.425) - C:\WINDOWS\winhelp.exe [MD5.9328E170E5407D9DDE7EB1E208A2CBB4] - [16/07/2016 13:42:48] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [10240] - (10.0.14393.0) - C:\WINDOWS\winhlp32.exe [MD5.1D420D66250BCAAAED05724FB34008CF] - [10/04/2017 18:05:10] - |A| - (.© Microsoft Corporation. All rights reserved. - Windows Winhlp32 Stub.) - [9728] - (6.1.7600.16385) - C:\WINDOWS\winhlp32_FromLFSULTRA-WIDEN.exe [12/11/2016 08:57:26] - |D| - [19759079922] - C:\WINDOWS\WinSxS [MD5.493B0475FC8D452615E19751C4699CCA] - [10/04/2017 18:05:09] - |A| - (. - .) - [429] - (0.0.0.0) - C:\WINDOWS\win_FromLFSULTRA-WIDEN.ini [MD5.F1D3FF8443297732862DF21DC4E57262] - [29/03/2017 17:35:53] - |ASH| - (. - .) - [4] - (0.0.0.0) - C:\WINDOWS\wisefs.dat [MD5.F4941703C64913D81FC16439BABF85E1] - [29/03/2017 17:35:53] - |A| - (.WiseCleaner.com - Wise Folder Hider.) - [43440] - (2.0.2.205) - C:\WINDOWS\WiseFs64.sys [MD5.360A166B4DD11DFD897F73F5410FDEE2] - [10/04/2017 01:23:22] - |A| - (.© 2008 Microsoft Corporation. Tous droits réservés. - Écran de veille photos Windows Live.) - [307056] - (14.0.8117.416) - C:\WINDOWS\WLXPGSS.SCR [MD5.360A166B4DD11DFD897F73F5410FDEE2] - [11/04/2017 02:13:00] - |A| - (.© 2008 Microsoft Corporation. Tous droits réservés. - Écran de veille photos Windows Live.) - [307056] - (14.0.8117.416) - C:\WINDOWS\WLXPGSS_FromLFSULTRA-WIDEN.SCR [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [16/07/2016 13:43:08] - |A| - (. - .) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [11/04/2017 02:13:00] - |A| - (. - .) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9_FromLFSULTRA-WIDEN.prx [MD5.E87C6A38E61A712C48025A6AD54C1113] - [16/07/2016 13:42:39] - |A| - (.© Microsoft Corporation. All rights reserved. - Windows Write.) - [11264] - (10.0.14393.0) - C:\WINDOWS\write.exe [MD5.6E8EACC0B339365D79A2C06896865D3D] - [11/04/2017 02:13:02] - |A| - (.© Microsoft Corporation. All rights reserved. - Windows Write.) - [9216] - (6.1.7600.16385) - C:\WINDOWS\write_FromLFSULTRA-WIDEN.exe [MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - [11/04/2017 02:13:02] - |A| - (. - .) - [20] - (0.0.0.0) - C:\WINDOWS\xö“ [MD5.E14135AE32D0589B4284EBC6A3BED259] - [08/04/2017 10:36:49] - |A| - (. - .) - [273623] - (0.0.0.0) - C:\WINDOWS\ZAM.krnl.trace [MD5.EEFBB2C5F309A4F4EBA50E31346B1460] - [08/04/2017 10:36:49] - |A| - (. - .) - [238336] - (0.0.0.0) - C:\WINDOWS\ZAM_Guard.krnl.trace [MD5.B317B33694BAC49D492DD3F23E374899] - [11/04/2017 02:13:02] - |A| - (. - .) - [707] - (0.0.0.0) - C:\WINDOWS\_default.pif ---------- | Systemroot\System [10/04/2017 14:17:20] - |A| - [69584] - C:\WINDOWS\System\avicap.dll (Copyright © Microsoft Corp. 1992-1994) - (AVI Capture DLL) [10/04/2017 14:17:30] - |A| - [109456] - C:\WINDOWS\System\avifile.dll (Copyright © Microsoft Corp. 1991-2000) - (Microsoft AVI File support library) [10/04/2017 14:17:33] - |A| - [32816] - C:\WINDOWS\System\COMMDLG.DLL (Copyright © Microsoft Corp. 1981-1996) - (Common Dialogs libraries) [10/04/2017 14:17:39] - |A| - [2000] - C:\WINDOWS\System\keyboard.drv (Copyright © Microsoft Corp. 1981-1996) - (WOW Keyboard Driver Module) [10/04/2017 14:17:44] - |A| - [9936] - C:\WINDOWS\System\lzexpand.dll (Copyright © Microsoft Corp. 1989-1992) - (Windows file expansion library) [10/04/2017 14:17:44] - |A| - [73376] - C:\WINDOWS\System\mciavi.drv (Copyright © Microsoft Corp. 1992-1994) - (MCI driver for AVI) [10/04/2017 14:17:44] - |A| - [25264] - C:\WINDOWS\System\mciseq.drv (Copyright © Microsoft Corp. 1991) - (MCI driver for MIDI sequencer) [10/04/2017 14:17:45] - |A| - [28160] - C:\WINDOWS\System\mciwave.drv (Copyright © Microsoft Corp. 1991) - (MCI driver for waveform audio) [10/04/2017 14:17:45] - |A| - [68992] - C:\WINDOWS\System\MMSYSTEM.DLL (Copyright © Microsoft Corp. 1981-1996) - (System APIs for Multimedia) [10/04/2017 14:17:46] - |A| - [1152] - C:\WINDOWS\System\mmtask.tsk (Copyright © Microsoft Corp. 1981-1996) - (Multimedia background task support module) [10/04/2017 14:17:46] - |A| - [2032] - C:\WINDOWS\System\mouse.drv (Copyright © Microsoft Corp. 1981-1996) - (WOW MOUSE Driver Module) [10/04/2017 14:17:46] - |A| - [126912] - C:\WINDOWS\System\msvideo.dll (Copyright © Microsoft Corp. 1992-1994) - (Microsoft Video for Windows DLL) [10/04/2017 14:17:53] - |A| - [82944] - C:\WINDOWS\System\olecli.dll (Copyright © Microsoft Corp. 1991-1993) - (Object Linking and Embedding Client Library) [10/04/2017 14:17:56] - |A| - [24064] - C:\WINDOWS\System\OLESVR.DLL (Copyright © Microsoft Corp. 1991-1996) - (Object Linking and Embedding Server Library) [10/04/2017 14:18:06] - |A| - [5120] - C:\WINDOWS\System\SHELL.DLL (Copyright © Microsoft Corp. 1981-1996) - (Windows Shell library) [10/04/2017 14:18:10] - |A| - [1744] - C:\WINDOWS\System\sound.drv (Copyright © Microsoft Corp. 1981-1996) - (WOW SOUND Driver Module) [10/04/2017 14:18:15] - |A| - [5532] - C:\WINDOWS\System\stdole.tlb (Copyright © Microsoft Corp. 1993-1995) - (OLE 2.1 16/32 Interoperability Type Library) [10/04/2017 14:18:22] - |A| - [3360] - C:\WINDOWS\System\system.drv (Copyright © Microsoft Corp. 1981-1996) - (Windows System Driver core component) [10/04/2017 14:18:30] - |A| - [4048] - C:\WINDOWS\System\TIMER.DRV (Copyright © Microsoft Corp. 1981-1996) - (Timer driver for PC compatibles) [10/04/2017 14:18:34] - |A| - [9008] - C:\WINDOWS\System\ver.dll (Copyright © Microsoft Corp. 1991) - (Version Checking and File Installation Libraries) [10/04/2017 14:18:41] - |A| - [2176] - C:\WINDOWS\System\vga.drv (Copyright © Microsoft Corp. 1981-1996) - (WOW Display Driver Module) [10/04/2017 14:18:45] - |A| - [12704] - C:\WINDOWS\System\WFWNET.DRV (Copyright © Microsoft Corp. 1981-1996) - (Windows for Workgroups network driver) ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [09/04/2017 23:51:58] - C:\WINDOWS\Installer\13257c2.msi : (COMODO Secure Shopping - COMODO) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 10:59:46] - C:\WINDOWS\Installer\13257c2_FromLFSULTRA-WIDEN.msi : (COMODO Secure Shopping - COMODO) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 10:59:58] - C:\WINDOWS\Installer\13ccf3.msi : (MSI Database - Insyde) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [15/11/2016 22:53:00] - C:\WINDOWS\Installer\1bd715.msi : (Rebit Pro - Rebit, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 02:02:48] - C:\WINDOWS\Installer\20566370.msi : (Paramount Software (UK) Ltd - Paramount Software (UK) Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:02:46] - C:\WINDOWS\Installer\20566370_FromLFSULTRA-WIDEN.msi : (Paramount Software (UK) Ltd - Paramount Software (UK) Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 03:59:53] - C:\WINDOWS\Installer\236064b.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:02:52] - C:\WINDOWS\Installer\236064b_FromLFSULTRA-WIDEN.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/04/2017 21:46:23] - C:\WINDOWS\Installer\2416289.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:03:06] - C:\WINDOWS\Installer\2416289_FromLFSULTRA-WIDEN.msi : ( - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 02:23:16] - C:\WINDOWS\Installer\2416293.msi : (MozyHome - Mozy, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:04:38] - C:\WINDOWS\Installer\2416293_FromLFSULTRA-WIDEN.msi : (MozyHome - Mozy, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:04:49] - C:\WINDOWS\Installer\27bce3b.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:04:55] - C:\WINDOWS\Installer\27bce4f.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/03/2015 00:23:12] - C:\WINDOWS\Installer\30a05da.msi : (UxStyle - The Within Network, LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/03/2017 11:11:38] - C:\WINDOWS\Installer\32a7b19.msi : (Silent Install Builder - APREL Tehnologija d.o.o.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/10/2016 00:00:00] - C:\WINDOWS\Installer\3415cec.msi : ( - ) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/05/2015 08:45:36] - C:\WINDOWS\Installer\3415cfb.msi : (Epson E-Web Print - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/04/2017 21:41:07] - C:\WINDOWS\Installer\34edd9.msi : (Acronis Backup Agent - Acronis) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:05:12] - C:\WINDOWS\Installer\34edd9_FromLFSULTRA-WIDEN.msi : (Acronis Backup Agent - Acronis) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2016 20:57:14] - C:\WINDOWS\Installer\38dda8.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2016 21:10:27] - C:\WINDOWS\Installer\38ddac.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/07/2011 20:36:38] - C:\WINDOWS\Installer\38ddb3.msi : ( - DivX, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2016 21:30:13] - C:\WINDOWS\Installer\38ddb7.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/06/2016 21:33:02] - C:\WINDOWS\Installer\38ddbb.msi : (Blank Project Template - CyberLink Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:07:14] - C:\WINDOWS\Installer\3c5f1.msi : (eSobi - esobi Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:07:40] - C:\WINDOWS\Installer\4550057.msi : (Silent Install Builder - APREL Tehnologija d.o.o.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/05/2016 14:59:07] - C:\WINDOWS\Installer\4ed4f0e.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [31/03/2017 19:43:37] - C:\WINDOWS\Installer\4ed4f15.msi : (Lavasoft Privacy Toolbox - Lavasoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:24] - C:\WINDOWS\Installer\646d7.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/11/2014 10:49:56] - C:\WINDOWS\Installer\646df.msi : (Branding - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:16] - C:\WINDOWS\Installer\646e7.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:22] - C:\WINDOWS\Installer\646ef.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:30] - C:\WINDOWS\Installer\646f7.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:36] - C:\WINDOWS\Installer\646ff.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:44] - C:\WINDOWS\Installer\64707.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:52] - C:\WINDOWS\Installer\6470f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:00] - C:\WINDOWS\Installer\64717.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:06] - C:\WINDOWS\Installer\6471f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:16] - C:\WINDOWS\Installer\64727.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:22] - C:\WINDOWS\Installer\6472f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:30] - C:\WINDOWS\Installer\64737.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:38] - C:\WINDOWS\Installer\6473f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:46] - C:\WINDOWS\Installer\64747.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:04:54] - C:\WINDOWS\Installer\6474f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:02] - C:\WINDOWS\Installer\64757.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:10] - C:\WINDOWS\Installer\6475f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:18] - C:\WINDOWS\Installer\64767.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:26] - C:\WINDOWS\Installer\6476f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:34] - C:\WINDOWS\Installer\64777.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:42] - C:\WINDOWS\Installer\6477f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:50] - C:\WINDOWS\Installer\64787.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:05:58] - C:\WINDOWS\Installer\6478f.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:06] - C:\WINDOWS\Installer\64797.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:06:40] - C:\WINDOWS\Installer\6479f.msi : (Catalyst Control Center Utility 64 - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:07:30] - C:\WINDOWS\Installer\647a7.msi : (AMD Fuel - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/08/2015 20:03:12] - C:\WINDOWS\Installer\647af.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/01/2016 13:09:58] - C:\WINDOWS\Installer\729c084.msi : (Epson Event Manager - Seiko Epson Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/04/2016 13:20:00] - C:\WINDOWS\Installer\729c08c.msi : (MyEpson Portal Setup - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/10/2016 22:00:00] - C:\WINDOWS\Installer\72bd7b.msi : (WinZip Compression Utility - Copyright (c) 1991-2016 VAPC (Lux) S.a.r.L. All rights reserved.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [16/11/2016 04:44:00] - C:\WINDOWS\Installer\786047c.msi : (Epson Software Updater - SEIKO EPSON CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 03:32:52] - C:\WINDOWS\Installer\7cce4.msi : (MyWinLocker Suite - Egis Technology Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:08:30] - C:\WINDOWS\Installer\7cce4_FromLFSULTRA-WIDEN.msi : (MyWinLocker Suite - Egis Technology Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:09:02] - C:\WINDOWS\Installer\7ccea.msi : (MyWinLocker - Egis Technology Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:09:30] - C:\WINDOWS\Installer\7cd19.msi : (Blank Project Template - Egis Technology Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/04/2017 22:23:15] - C:\WINDOWS\Installer\7cd2a.msi : (Adobe AIR Installer - Adobe Systems Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:10:26] - C:\WINDOWS\Installer\7cd2a_FromLFSULTRA-WIDEN.msi : (Adobe AIR Installer - Adobe Systems Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/04/2017 21:19:52] - C:\WINDOWS\Installer\7cd2f.msi : (Acrobat.com - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:10:36] - C:\WINDOWS\Installer\7cd2f_FromLFSULTRA-WIDEN.msi : (Acrobat.com - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/11/2016 10:38:13] - C:\WINDOWS\Installer\a71bffd.msi : (Paramount Software (UK) Ltd - Paramount Software (UK) Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 01:36:35] - C:\WINDOWS\Installer\b82726.msi : (Laplink PCmover Express - Laplink Software, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:10:36] - C:\WINDOWS\Installer\b82726_FromLFSULTRA-WIDEN.msi : (Laplink PCmover Express - Laplink Software, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/03/2017 19:42:18] - C:\WINDOWS\Installer\c3b4f.msi : (Blank Project Template - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/03/2017 19:59:35] - C:\WINDOWS\Installer\c3b56.msi : (AntimalwareEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/03/2017 20:00:32] - C:\WINDOWS\Installer\c3b5d.msi : (FirewallEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/03/2017 20:01:00] - C:\WINDOWS\Installer\c3b64.msi : (ProxyEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/03/2017 20:01:20] - C:\WINDOWS\Installer\c3b6b.msi : (OnlineThreatsEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/03/2017 20:01:25] - C:\WINDOWS\Installer\c3b72.msi : (AntispamEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/03/2017 20:01:32] - C:\WINDOWS\Installer\c3b79.msi : (AvcEngine - adaware) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 01:34:20] - C:\WINDOWS\Installer\c525d4c.msi : (LWS Help_main - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:18] - C:\WINDOWS\Installer\c525d54.msi : (LWS Webcam Software - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:16] - C:\WINDOWS\Installer\c525d5c.msi : (CameraHelperMsi - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [26/10/2012 19:55:20] - C:\WINDOWS\Installer\c525d6c.msi : (Logitech eReg 1.12 merge module-to-MSI converter - Logitech, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [24/07/2012 00:15:18] - C:\WINDOWS\Installer\c525d74.msi : (LWS Facebook - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 00:19:08] - C:\WINDOWS\Installer\c525d7c.msi : (LWS Gallery - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/09/2012 01:36:58] - C:\WINDOWS\Installer\c6d966a.msi : (LWS Launcher - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:12] - C:\WINDOWS\Installer\c6d9672.msi : (LWS Motion Detection - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/09/2012 09:41:22] - C:\WINDOWS\Installer\c6d967a.msi : (LWS Pictures And Video - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/07/2011 04:51:16] - C:\WINDOWS\Installer\c6d9682.msi : (LWS Twitter - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/06/2011 05:26:48] - C:\WINDOWS\Installer\c6d968a.msi : (LWS WLM Plugin - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2011 00:14:28] - C:\WINDOWS\Installer\c6d9692.msi : (LWS YouTube Plugin - Logitech) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 02:32:14] - C:\WINDOWS\Installer\d675bc.msi : (Music Recorder - Audials AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:11:10] - C:\WINDOWS\Installer\d675bc_FromLFSULTRA-WIDEN.msi : (Music Recorder - Audials AG) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/06/2016 05:44:30] - C:\WINDOWS\Installer\e89933.msi : (PreEmptive Solutions provides analytics, obfuscation, tamper defense, and shelf life. - PreEmptive Solutions LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [21/06/2016 05:44:08] - C:\WINDOWS\Installer\e8993b.msi : (Les services d'instrumentation post-build PreEmptive Solutions offrent des fonctions d'obfuscation, de protection contre la falsification, de durée de conservation et d'exécution. - PreEmptive Solutions LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/06/2015 04:09:05] - C:\WINDOWS\Installer\e89943.msi : (PreEmptive Analytics Visual Studio Components - PreEmptive Solutions) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/06/2015 04:11:26] - C:\WINDOWS\Installer\e8994b.msi : (PreEmptive Analytics Client French Language Pack - PreEmptive Solutions) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [14/11/2016 10:37:53] - C:\WINDOWS\Installer\reflect_setupv6.2.1549-x64-00.msi : (Paramount Software (UK) Ltd - Paramount Software (UK) Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/04/2017 11:11:55] - C:\WINDOWS\Installer\reflect_setupv6.3.1665-x86-00.msi : (Paramount Software (UK) Ltd - Paramount Software (UK) Ltd.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/11/2016 09:52:56] - [88102] - C:\WINDOWS\Installer\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}\ARPPRODUCTICON.exe () - () [30/03/2017 19:59:53] - [59352] - C:\WINDOWS\Installer\{06D33B93-9458-4E28-BDEA-F5ECB2C3C30E}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC. All Rights Reserved.) - (InstallShield) [12/11/2016 09:52:34] - [88102] - C:\WINDOWS\Installer\{07326A3E-02B3-1078-25D7-B8666BA8FE15}\ARPPRODUCTICON.exe () - () [12/11/2016 09:52:18] - [88102] - C:\WINDOWS\Installer\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}\ARPPRODUCTICON.exe () - () [09/04/2017 21:41:04] - [287934] - C:\WINDOWS\Installer\{0BFB76C9-9A5B-4C12-A2FF-9ED9640F1436}\_4ae13d6c.exe () - () [10/04/2017 11:14:12] - [287934] - C:\WINDOWS\Installer\{0BFB76C9-9A5B-4C12-A2FF-9ED9640F1436}\_4ae13d6c_FromLFSULTRA-WIDEN.exe () - () [10/04/2017 11:15:52] - [327680] - C:\WINDOWS\Installer\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}\ARPPRODUCTICON.exe (Copyright (C) 2008 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.) - (InstallShield) [12/11/2016 09:52:05] - [10134] - C:\WINDOWS\Installer\{11087D24-567D-7D88-69C6-D7A08B5F4C47}\ARPPRODUCTICON.exe () - () [10/04/2017 11:16:05] - [86836] - C:\WINDOWS\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\ARPPRODUCTICON.exe () - () [10/04/2017 11:16:14] - [126976] - C:\WINDOWS\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\esobi_app_15D967B5A4BE42AE9E8464CD062B25AA.exe (Copyright (C) 2006 Macrovision Corporation) - (InstallShield) [10/04/2017 11:16:18] - [126976] - C:\WINDOWS\Installer\{15D967B5-A4BE-42AE-9E84-64CD062B25AA}\esobi_app_desktop_15D967B5A4BE42AE9E8464CD062B25AA.exe (Copyright (C) 2006 Macrovision Corporation) - (InstallShield) [12/11/2016 09:52:08] - [88102] - C:\WINDOWS\Installer\{1AD99E77-37CC-744E-39CA-67F6FD34565A}\ARPPRODUCTICON.exe () - () [12/11/2016 09:52:16] - [88102] - C:\WINDOWS\Installer\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}\ARPPRODUCTICON.exe () - () [12/11/2016 09:52:20] - [88102] - C:\WINDOWS\Installer\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}\ARPPRODUCTICON.exe () - () [10/04/2017 01:23:29] - [132096] - C:\WINDOWS\Installer\{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}\WLXPhotoGalleryIcon.exe (© 2009 Microsoft Corporation. All rights reserved.) - (Windows Live Photo Gallery) [10/04/2017 11:16:37] - [132096] - C:\WINDOWS\Installer\{1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}\WLXPhotoGalleryIcon_FromLFSULTRA-WIDEN.exe (© 2009 Microsoft Corporation. All rights reserved.) - (Windows Live Photo Gallery) [12/11/2016 09:52:46] - [88102] - C:\WINDOWS\Installer\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}\ARPPRODUCTICON.exe () - () [30/03/2017 20:01:23] - [59352] - C:\WINDOWS\Installer\{26F31E12-3722-45FD-903B-49012286BB4C}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC. All Rights Reserved.) - (InstallShield) [10/04/2017 01:54:54] - [134817] - C:\WINDOWS\Installer\{2B2E26CD-10BC-40EE-9101-012818950369}\ARPPRODUCTICON.exe () - () [10/04/2017 11:17:03] - [134817] - C:\WINDOWS\Installer\{2B2E26CD-10BC-40EE-9101-012818950369}\ARPPRODUCTICON_FromLFSULTRA-WIDEN.exe () - () [10/04/2017 01:54:56] - [176128] - C:\WINDOWS\Installer\{2B2E26CD-10BC-40EE-9101-012818950369}\FR_DskTp_ShrtCt_6242ECAD76714BAA83F0791073A22A60.exe (Copyright (C) 2006 Macrovision Corporation) - (InstallShield) [10/04/2017 11:17:05] - [176128] - C:\WINDOWS\Installer\{2B2E26CD-10BC-40EE-9101-012818950369}\FR_DskTp_ShrtCt_6242ECAD76714BAA83F0791073A22A60_FromLFSULTRA-WIDEN.exe (Copyright (C) 2006 Macrovision Corporation) - (InstallShield) [10/04/2017 01:54:57] - [176128] - C:\WINDOWS\Installer\{2B2E26CD-10BC-40EE-9101-012818950369}\FR_PCm_Mnu_ShrtCt_6242ECAD76714BAA83F0791073A22A60.exe (Copyright (C) 2006 Macrovision Corporation) - (InstallShield) [10/04/2017 11:17:09] - [176128] - C:\WINDOWS\Installer\{2B2E26CD-10BC-40EE-9101-012818950369}\FR_PCm_Mnu_ShrtCt_6242ECAD76714BAA83F0791073A22A60_FromLFSULTRA-WIDEN.exe (Copyright (C) 2006 Macrovision Corporation) - (InstallShield) [10/04/2017 01:54:59] - [65536] - C:\WINDOWS\Installer\{2B2E26CD-10BC-40EE-9101-012818950369}\Fr_StartUpThis_Shr_6242ECAD76714BAA83F0791073A22A60.exe (Copyright (C) 2006 Macrovision Corporation) - (InstallShield) [10/04/2017 11:17:09] - [65536] - C:\WINDOWS\Installer\{2B2E26CD-10BC-40EE-9101-012818950369}\Fr_StartUpThis_Shr_6242ECAD76714BAA83F0791073A22A60_FromLFSULTRA-WIDEN.exe (Copyright (C) 2006 Macrovision Corporation) - (InstallShield) [12/11/2016 09:52:21] - [88102] - C:\WINDOWS\Installer\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}\ARPPRODUCTICON.exe () - () [12/11/2016 09:52:17] - [88102] - C:\WINDOWS\Installer\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}\ARPPRODUCTICON.exe () - () [12/11/2016 09:52:53] - [88102] - C:\WINDOWS\Installer\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}\ARPPRODUCTICON.exe () - () [10/04/2017 04:03:17] - [143612] - C:\WINDOWS\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon.exe () - () [10/04/2017 11:17:18] - [143612] - C:\WINDOWS\Installer\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}\SkypeIcon_FromLFSULTRA-WIDEN.exe () - () [30/03/2017 20:01:42] - [59352] - C:\WINDOWS\Installer\{3E5BEF30-3962-4B47-AECA-937B6CBB0A68}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC. All Rights Reserved.) - (InstallShield) [10/04/2017 00:34:06] - [80395] - C:\WINDOWS\Installer\{445B183D-F4F1-45C8-B9DB-F11355CA657B}\MsblIco.Exe () - () [10/04/2017 11:17:20] - [80395] - C:\WINDOWS\Installer\{445B183D-F4F1-45C8-B9DB-F11355CA657B}\MsblIco_FromLFSULTRA-WIDEN.Exe () - () [10/04/2017 11:17:31] - [172032] - C:\WINDOWS\Installer\{523281E5-91DD-49F5-9D85-954148F7596A}\AndroidManager.exe_EDE5AF10CF5B4DA1B61C039E5CAD3FA5.exe (Copyright (C) 2007 Macrovision Corporation) - (InstallShield) [10/04/2017 11:17:32] - [172032] - C:\WINDOWS\Installer\{523281E5-91DD-49F5-9D85-954148F7596A}\AndroidManager.exe_F8F646A2401140B3B12F09FEE59D8357.exe (Copyright (C) 2007 Macrovision Corporation) - (InstallShield) [10/04/2017 11:17:37] - [10134] - C:\WINDOWS\Installer\{523281E5-91DD-49F5-9D85-954148F7596A}\ARPPRODUCTICON.exe () - () [10/04/2017 00:33:57] - [58945] - C:\WINDOWS\Installer\{5DD76286-9BE7-4894-A990-E905E91AC818}\wlmail.exe () - () [10/04/2017 11:17:44] - [58945] - C:\WINDOWS\Installer\{5DD76286-9BE7-4894-A990-E905E91AC818}\wlmail_FromLFSULTRA-WIDEN.exe () - () [12/11/2016 09:52:03] - [88102] - C:\WINDOWS\Installer\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}\ARPPRODUCTICON.exe () - () [03/04/2017 10:26:18] - [1278016] - C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D}\icon.exe (Copyright (C) SEIKO EPSON CORPORATION 2010-2013. All rights reserved.) - (E-Web Print Preview) [12/11/2016 09:52:13] - [88102] - C:\WINDOWS\Installer\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}\ARPPRODUCTICON.exe () - () [10/04/2017 03:13:38] - [327680] - C:\WINDOWS\Installer\{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}\ARPPRODUCTICON.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.) - (InstallShield) [10/04/2017 11:19:09] - [327680] - C:\WINDOWS\Installer\{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}\ARPPRODUCTICON_FromLFSULTRA-WIDEN.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.) - (InstallShield) [12/11/2016 09:52:54] - [88102] - C:\WINDOWS\Installer\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}\ARPPRODUCTICON.exe () - () [30/03/2017 20:01:28] - [59352] - C:\WINDOWS\Installer\{7DE129E5-BB4A-4517-A6CD-C69EEB346781}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC. All Rights Reserved.) - (InstallShield) [30/03/2017 20:01:09] - [59352] - C:\WINDOWS\Installer\{7F7C8AE0-961B-4AED-B99A-D9BE29C0F24C}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC. All Rights Reserved.) - (InstallShield) [12/11/2016 09:52:23] - [88102] - C:\WINDOWS\Installer\{82CA1714-13EA-F419-91FE-12834424745E}\ARPPRODUCTICON.exe () - () [12/11/2016 09:52:51] - [88102] - C:\WINDOWS\Installer\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}\ARPPRODUCTICON.exe () - () [15/11/2016 11:43:46] - [291445] - C:\WINDOWS\Installer\{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}\ARPPRODUCTICON.exe () - () [12/11/2016 09:52:48] - [88102] - C:\WINDOWS\Installer\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}\ARPPRODUCTICON.exe () - () [10/04/2017 02:02:39] - [43646] - C:\WINDOWS\Installer\{94572F25-AB01-4EF7-A1FB-60A35C984F4F}\ImgToVHD.exe () - () [10/04/2017 11:19:43] - [43646] - C:\WINDOWS\Installer\{94572F25-AB01-4EF7-A1FB-60A35C984F4F}\ImgToVHD_FromLFSULTRA-WIDEN.exe () - () [10/04/2017 02:02:45] - [19942] - C:\WINDOWS\Installer\{94572F25-AB01-4EF7-A1FB-60A35C984F4F}\xReflect.exe () - () [10/04/2017 11:20:19] - [19942] - C:\WINDOWS\Installer\{94572F25-AB01-4EF7-A1FB-60A35C984F4F}\xReflect_FromLFSULTRA-WIDEN.exe () - () [12/11/2016 15:39:44] - [216358] - C:\WINDOWS\Installer\{94E1227C-08A9-4962-B388-1F05D89AEA75}\MSDeployIcon.exe () - () [13/11/2016 19:25:35] - [1241296] - C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444}\icon.exe (Copyright (C) 2011) - (EProjManager Application) [12/11/2016 09:52:40] - [88102] - C:\WINDOWS\Installer\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}\ARPPRODUCTICON.exe () - () [12/11/2016 09:52:49] - [88102] - C:\WINDOWS\Installer\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}\ARPPRODUCTICON.exe () - () [30/03/2017 20:00:42] - [59352] - C:\WINDOWS\Installer\{AAF4B2C1-2E27-46EF-9B9E-2B2130F056F3}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC. All Rights Reserved.) - (InstallShield) [15/11/2016 11:55:14] - [75223] - C:\WINDOWS\Installer\{ADD5DB49-72CF-11D8-9D75-000129760D75}\ARPPRODUCTICON.exe () - () [12/11/2016 09:53:11] - [88102] - C:\WINDOWS\Installer\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}\ARPPRODUCTICON.exe () - () [10/04/2017 11:21:00] - [61272] - C:\WINDOWS\Installer\{B3B487E7-6171-4376-9074-B28082CEB504}\IconWlc.exe (Copyright © 2008 Microsoft Corporation. All rights reserved.) - (start phone dialer through Messenger) [29/03/2017 18:20:18] - [22435552] - C:\WINDOWS\Installer\{B79E9FF2-D932-4FD5-BCAF-4DE6F2FBE521}\uninstall.exe (? 2008-2010 COMODO Security Solutions, Inc. All rights reserved.) - (COMODO BackUp setup) [12/11/2016 09:52:45] - [88102] - C:\WINDOWS\Installer\{B839153C-D4D2-F89C-5033-0A160C62706B}\ARPPRODUCTICON.exe () - () [30/03/2017 19:48:22] - [358360] - C:\WINDOWS\Installer\{BECD7155-DC57-4F89-B1A8-A90B033C6209}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC. All Rights Reserved.) - (InstallShield) [12/11/2016 09:52:31] - [88102] - C:\WINDOWS\Installer\{C1EA3764-1138-AE27-AD63-549BAD99BA15}\ARPPRODUCTICON.exe () - () [10/04/2017 11:21:25] - [327680] - C:\WINDOWS\Installer\{C2695E83-CF1D-43D1-84FE-B3BEC561012A}\ARPPRODUCTICON.exe (Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.) - (InstallShield) [12/11/2016 09:52:10] - [88102] - C:\WINDOWS\Installer\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}\ARPPRODUCTICON.exe () - () [15/11/2016 11:37:07] - [97873] - C:\WINDOWS\Installer\{C59C179C-668D-49A9-B6EA-0121CCFC1243}\ARPPRODUCTICON.exe () - () [12/11/2016 09:52:37] - [88102] - C:\WINDOWS\Installer\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}\ARPPRODUCTICON.exe () - () [12/11/2016 12:05:44] - [429568] - C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B}\IconCD95F66111.exe () - () [12/11/2016 12:05:44] - [230400] - C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B}\IconCD95F66112.exe () - () [12/11/2016 12:05:44] - [316928] - C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B}\IconCD95F66114.exe () - () [12/11/2016 12:05:45] - [374272] - C:\WINDOWS\Installer\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410B}\IconCD95F66117.exe () - () [29/03/2017 18:29:10] - [13840920] - C:\WINDOWS\Installer\{CF6C1B06-4F86-4C41-BD21-9E40500006B5}\uninstall.exe (? 2008-2010 COMODO Security Solutions, Inc. All rights reserved.) - (cCloud setup) [31/03/2017 19:42:08] - [212024] - C:\WINDOWS\Installer\{D25D3E15-CABD-420c-B62C-70C1C5EE63FD}\ARPPRODUCTICON.exe () - () [30/03/2017 20:03:36] - [358360] - C:\WINDOWS\Installer\{D7BF2029-EB2D-4523-AFA0-95CE605E696E}\ARPPRODUCTICON.exe (Copyright (c) 2012 Flexera Software LLC. All Rights Reserved.) - (InstallShield) [30/03/2017 20:03:36] - [358360] - C:\WINDOWS\Installer\{D7BF2029-EB2D-4523-AFA0-95CE605E696E}\NewShortcut1_9D26517437AB43F988CAFF4AC3CA05DE.exe (Copyright (c) 2012 Flexera Software LLC. All Rights Reserved.) - (InstallShield) [30/03/2017 20:03:36] - [358360] - C:\WINDOWS\Installer\{D7BF2029-EB2D-4523-AFA0-95CE605E696E}\NewShortcut6_46B5678CC4A24F4AA166FBA0D99B16EE.exe (Copyright (c) 2012 Flexera Software LLC. All Rights Reserved.) - (InstallShield) [15/11/2016 11:56:44] - [82613] - C:\WINDOWS\Installer\{E3D04529-6EDB-11D8-A372-0050BAE317E1}\ARPPRODUCTICON.exe () - () [12/11/2016 09:52:59] - [4846] - C:\WINDOWS\Installer\{E7366CA8-7179-77AE-E712-BA18D70A0A07}\ARPPRODUCTICON.exe () - () [12/11/2016 09:52:42] - [88102] - C:\WINDOWS\Installer\{E817E580-6318-AFC8-2102-322C73117EC4}\ARPPRODUCTICON.exe () - () [14/11/2016 10:40:17] - [43646] - C:\WINDOWS\Installer\{F11B4FAA-198D-441F-85E4-7EED9E2D823B}\ImgToVHD.exe () - () [14/11/2016 10:40:17] - [19942] - C:\WINDOWS\Installer\{F11B4FAA-198D-441F-85E4-7EED9E2D823B}\xReflect.exe () - () [10/04/2017 11:22:27] - [201341] - C:\WINDOWS\Installer\{F1F805B8-92AC-4EEF-8CCE-4538F6EBEBA0}\AudialsOne_installer.exe () - () [10/04/2017 11:22:28] - [223524] - C:\WINDOWS\Installer\{F1F805B8-92AC-4EEF-8CCE-4538F6EBEBA0}\ext.exe () - () [10/04/2017 11:22:29] - [196067] - C:\WINDOWS\Installer\{F1F805B8-92AC-4EEF-8CCE-4538F6EBEBA0}\ext_1.exe () - () [10/04/2017 11:22:30] - [194829] - C:\WINDOWS\Installer\{F1F805B8-92AC-4EEF-8CCE-4538F6EBEBA0}\ext_2.exe () - () [12/11/2016 09:52:14] - [88102] - C:\WINDOWS\Installer\{F77474EE-EB6C-C87B-88AF-3310C848E068}\ARPPRODUCTICON.exe () - () [12/11/2016 09:52:11] - [88102] - C:\WINDOWS\Installer\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}\ARPPRODUCTICON.exe () - () ---------- | %System%\*.in* [16/07/2016 13:43:08] - [3458] - C:\WINDOWS\System32\ieuinit.inf [26/10/2012 17:42:24] - [29494] - C:\WINDOWS\System32\lvcoin64.ini [12/11/2016 10:04:08] - [2613076] - C:\WINDOWS\System32\PerfStringBackup.INI [16/07/2016 13:42:39] - [60124] - C:\WINDOWS\System32\tcpmon.ini [16/07/2016 13:42:11] - [2307] - C:\WINDOWS\System32\WimBootCompress.ini [10/04/2017 15:07:27] - [73] - C:\WINDOWS\Syswow64\desktop.ini [10/04/2017 17:17:23] - [3680] - C:\WINDOWS\Syswow64\HideMyIpSRVOff.ini [16/07/2016 13:43:59] - [3458] - C:\WINDOWS\Syswow64\ieuinit.inf [10/04/2017 17:18:48] - [16303] - C:\WINDOWS\Syswow64\ieuinit_FromLFSULTRA-WIDEN.inf [10/04/2017 17:30:07] - [535] - C:\WINDOWS\Syswow64\mapisvc.inf [12/11/2016 13:28:29] - [2260840] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [10/04/2017 17:47:27] - [1667292] - C:\WINDOWS\Syswow64\PerfStringBackup_FromLFSULTRA-WIDEN.INI [10/04/2017 17:55:35] - [60124] - C:\WINDOWS\Syswow64\tcpmon.ini [16/07/2016 13:42:43] - [2307] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:34] - [1.36 Ko] - C:\WINDOWS\AppPatch\Custom\Custom64 [MD5.5168D79177585FF036B6B44D9E3B875F] - |A| - [12/11/2016 16:14:01] - (. - .) - [1.36 Ko] - (0.0.0.0) - C:\WINDOWS\AppPatch\Custom\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb [MD5.B7C476BBE4F001F4F33C04D9ABC33DC8] - |A| - [16/07/2016 13:42:17] - (. - .) - [14.52 Ko] - (0.0.0.0) - C:\WINDOWS\AppPatch\AppPatch64\pcamain.sdb [MD5.8BE31B88D8523648580AFAFB92B78A30] - |A| - [29/03/2017 17:01:12] - (. - .) - [540.84 Ko] - (0.0.0.0) - C:\WINDOWS\AppPatch\AppPatch64\sysmain.sdb [MD5.00000000000000000000000000000000] - |D| - [11/04/2017 16:45:29] - [0 Ko] - C:\WINDOWS\Temp\b92d7637-3e71-4a32-a77d-37f6cfebeaf2 [MD5.12EAA39EB3D883E7170B56397907E09E] - |A| - [09/04/2017 11:39:14] - (. - .) - [0.04 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\bdec.bytes [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 18:04:45] - [5.48 Ko] - C:\WINDOWS\Temp\Comodo LogsFolder [MD5.00000000000000000000000000000000] - |D| - [08/04/2017 10:37:26] - [24.97 Ko] - C:\WINDOWS\Temp\ComodoLogsFolder [MD5.626559B7A676EE23EFB822BE0AA7EC27] - |A| - [09/04/2017 10:51:08] - (. - .) - [12.42 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\comodo_update_version.ini [MD5.16BC17CEB385EEB9DF038F2C3DFD0C0A] - |A| - [10/04/2017 18:04:46] - (.Copyright (c) 2009-2017, Comodo Security Solutions, Inc. - Comodo Dragon.) - [14844 Ko] - (55.0.2883.59) - C:\WINDOWS\Temp\dragon_setup.exe [MD5.43521136AFE82172257B61F29C52B221] - |A| - [10/04/2017 18:04:48] - (. - .) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\dragon_version.inf [MD5.00000000000000000000000000000000] - |D| - [11/04/2017 16:47:45] - [0 Ko] - C:\WINDOWS\Temp\e819df4a-6f7c-4952-902e-0fc17d9c9c38 [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 18:04:49] - [0 Ko] - C:\WINDOWS\Temp\Fichiers Internet temporaires [MD5.35CC8995213E46B61F541E4A08610127] - |A| - [08/04/2017 09:15:10] - (. - .) - [2.54 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\HideMyIpSRV.log [MD5.84612B32A014C3E89DC533E9EC94CBEE] - |A| - [08/04/2017 09:14:57] - (. - .) - [1.93 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\HideMyIpSRVr.log [MD5.F3B25701FE362EC84616A93A45CE9998] - |A| - [09/04/2017 13:20:31] - (. - .) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\RegistryOptimization.log [MD5.00000000000000000000000000000000] - |D| - [09/04/2017 05:29:07] - [0 Ko] - C:\WINDOWS\Temp\tmp0000063d [MD5.00000000000000000000000000000000] - |D| - [08/04/2017 18:33:15] - [0 Ko] - C:\WINDOWS\Temp\tmp00001042 [MD5.00000000000000000000000000000000] - |D| - [08/04/2017 08:17:34] - [0 Ko] - C:\WINDOWS\Temp\tmp00003908 [MD5.00000000000000000000000000000000] - |D| - [08/04/2017 22:43:12] - [828 Ko] - C:\WINDOWS\Temp\tmp00004f90 [MD5.00000000000000000000000000000000] - |D| - [08/04/2017 06:26:45] - [0 Ko] - C:\WINDOWS\Temp\tmp00006437 [MD5.00000000000000000000000000000000] - |D| - [08/04/2017 20:24:22] - [0 Ko] - C:\WINDOWS\Temp\tmp0000654d [MD5.00000000000000000000000000000000] - |D| - [09/04/2017 10:20:45] - [0 Ko] - C:\WINDOWS\Temp\tmp00006572 [MD5.00000000000000000000000000000000] - |D| - [07/04/2017 16:46:05] - [0 Ko] - C:\WINDOWS\Temp\twFC42.tmp [MD5.515F11CA87D311C6FEF0F11CADE418D3] - |A| - [08/04/2017 05:02:53] - (. - .) - [0.49 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_7986b67a-ab7b-4f5b-8fcb-330f8184fe9d.log [MD5.C8012C1421C22CC8ECE55718D85E1C8D] - |A| - [09/04/2017 05:08:38] - (. - .) - [0.49 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_ec7c19af-2338-4f45-ad9b-40f38f483a20.log [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:08] - [0 Ko] - C:\WINDOWS\System32\0409 [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 11:45:55] - [410.05 Ko] - C:\WINDOWS\System32\1033 [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 11:11:16] - [29.19 Ko] - C:\WINDOWS\System32\1036 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [16/07/2016 13:42:35] - (. - .) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png [MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [16/07/2016 13:42:05] - (. - .) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [16/07/2016 13:42:38] - (. - .) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png [MD5.373CF57FF3DAAEEB629F90CE7226B30D] - |A| - [16/07/2016 13:42:41] - (. - .) - [0.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png [MD5.46DACDA5036EBECEDF08427407E3017C] - |A| - [16/07/2016 13:42:40] - (. - .) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [16/07/2016 13:42:38] - (. - .) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png [MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [16/07/2016 13:42:38] - (. - .) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WiFiNotificationIcon.png [MD5.58B6CB6A8528BA1B267CFAE325E6B834] - |A| - [16/07/2016 13:42:23] - (. - .) - [20.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [3176.34 Ko] - C:\WINDOWS\System32\AdvancedInstallers [MD5.4B10D8998C824DD84AD597F9E058F6F0] - |A| - [30/07/2015 22:58:04] - (. - .) - [171.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amde31a.dat [MD5.C7628FE6341B7919D2F62DB9057DB4FC] - |A| - [21/10/2015 03:14:42] - (. - .) - [208.48 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdgfxinfo64.dll [MD5.AF1928F5E15921A29877C2E18626F80E] - |A| - [21/10/2015 03:14:42] - (. - .) - [139.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdhdl64.dll [MD5.DDEB20626133878B0CE79CCE29B031B9] - |A| - [23/07/2015 12:52:32] - (. - .) - [814.26 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdicdxx.dat [MD5.82CAB4EAF1E1CBA85AE5DEBB4C068EE2] - |A| - [21/10/2015 03:14:42] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [616.48 Ko] - (1.0.3.8) - C:\WINDOWS\System32\amdlvr64.dll [MD5.C366C5A2EE8F1F586691E4511AB56040] - |A| - [21/10/2015 03:14:42] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [6529.48 Ko] - (9.1.10.83) - C:\WINDOWS\System32\amdmantle64.dll [MD5.3960C946E67311C9831550AEDC649C3A] - |A| - [21/10/2015 03:14:54] - (. - .) - [460.27 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdmiracast.dll [MD5.4CA9A0DF33972919623BBFF8FBD1A501] - |A| - [21/10/2015 03:14:42] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [57.98 Ko] - (1.6.0.0) - C:\WINDOWS\System32\amdmmcl6.dll [MD5.7BA9A6BBF176D945D7B201865897E158] - |A| - [21/10/2015 03:14:46] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD COMPILER OpenCL 1.1 Compiler.) - [26898.98 Ko] - (0.8.0.0) - C:\WINDOWS\System32\amdocl12cl64.dll [MD5.AFF92249DA8E62FF8C6D2B89977D3245] - |A| - [21/10/2015 03:14:48] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [46673.98 Ko] - (10.0.1800.11) - C:\WINDOWS\System32\amdocl64.dll [MD5.8305AA2FEBE5CAD45AB8D208C17DA930] - |A| - [21/10/2015 03:14:44] - (. - .) - [1168 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdocl_as64.exe [MD5.187EB6A72565FAAF01AAE0CDD63DE56F] - |A| - [21/10/2015 03:14:44] - (. - .) - [1045.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\amdocl_ld64.exe [MD5.2B79CD2445F85D54959702583ECBCC04] - |A| - [21/10/2015 03:14:54] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [85.94 Ko] - (8.14.10.23) - C:\WINDOWS\System32\amdpcom64.dll [MD5.1E53DBCFBA49AB327BF00CC7E0759B6C] - |A| - [29/03/2017 17:04:14] - (. - .) - [437.78 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ApnDatabase.xml [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [0 Ko] - C:\WINDOWS\System32\AppLocker [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [2473.21 Ko] - C:\WINDOWS\System32\appraiser [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [272 Ko] - C:\WINDOWS\System32\ar-SA [MD5.28DF09388444100467873AC906FD6CB2] - |A| - [21/10/2015 03:14:44] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [1226.98 Ko] - (7.15.20.1301) - C:\WINDOWS\System32\atiadlxx.dll [MD5.53650482B8E621276DC55E50C9FB2FEE] - |A| - [22/08/2015 02:53:34] - (. - .) - [646.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiapfxx.blb [MD5.CC2470CA903EA355A24F05520D79BDB8] - |A| - [21/10/2015 03:14:44] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [366.98 Ko] - (6.14.10.1001) - C:\WINDOWS\System32\atiapfxx.exe [MD5.279066332FA267076E3BEE81C4297F87] - |A| - [21/10/2015 03:14:44] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [62.98 Ko] - (6.14.10.1848) - C:\WINDOWS\System32\aticalcl64.dll [MD5.3A0F17C7C8E37DCEAE1DA76B7D761702] - |A| - [21/10/2015 03:14:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [15356.98 Ko] - (6.14.10.1848) - C:\WINDOWS\System32\aticaldd64.dll [MD5.D22A08EE217DE15B6A41AE518B4F4FBE] - |A| - [21/10/2015 03:14:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [69.48 Ko] - (6.14.10.1848) - C:\WINDOWS\System32\aticalrt64.dll [MD5.BE92AD0155D4A23D0073AF51BE808B29] - |A| - [21/10/2015 03:14:54] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx64.dll.) - [1445.13 Ko] - (8.17.10.1404) - C:\WINDOWS\System32\aticfx64.dll [MD5.B565601728AF96EEFCF7E9CDE3CDD2BE] - |A| - [21/10/2015 03:14:46] - (.2002-2012 - Graphics DEM.) - [440.48 Ko] - (4.5.5711.37472) - C:\WINDOWS\System32\atidemgy.dll [MD5.8700278344BED8D4A3A5AC2875359584] - |A| - [21/10/2015 03:14:56] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx64.dll.) - [11804.69 Ko] - (8.17.10.625) - C:\WINDOWS\System32\atidxx64.dll [MD5.69F82C40A189962A65F6D5A02DF8599F] - |A| - [21/10/2015 03:14:46] - (. - .) - [164.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atieah64.exe [MD5.B96BD9F5B2B0CD6549EE59FD242A6D56] - |A| - [21/10/2015 03:14:46] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [667.48 Ko] - (6.14.11.1199) - C:\WINDOWS\System32\atieclxx.exe [MD5.521248FA26458669BAAE6AB7DB21F3AC] - |A| - [21/10/2015 03:14:46] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [249.48 Ko] - (6.14.11.1199) - C:\WINDOWS\System32\atiesrxx.exe [MD5.E4F96DFF0501430BF7C6E90841A7282D] - |A| - [21/10/2015 03:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [81.98 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atig6pxx.dll [MD5.86F2AE002AF9222F34937823B98753C2] - |A| - [21/10/2015 03:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [161.48 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atig6txx.dll [MD5.0C3156664885AF41100B63853EBCE037] - |A| - [21/10/2015 03:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [76.48 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atiglpxx.dll [MD5.079EFFD5BECB418FE6596229B28D7324] - |A| - [06/11/2014 11:53:26] - (. - .) - [720.13 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiicdxx.dat [MD5.FE4E7138E51DA7EF01E51F28128A7F53] - |A| - [21/10/2015 03:14:54] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [85.94 Ko] - (8.14.10.23) - C:\WINDOWS\System32\atimpc64.dll [MD5.C84C24F13663EF5A59C1E598A350C8C3] - |A| - [21/10/2015 03:14:46] - (.Copyright ? 2009 AMD - Multi-language DPPE DLL.) - [37.48 Ko] - (6.14.10.1002) - C:\WINDOWS\System32\atimuixx.dll [MD5.7D9CCB5DD8837D6AC954956A5812112C] - |A| - [21/10/2015 03:14:48] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [30054.98 Ko] - (6.14.10.13399) - C:\WINDOWS\System32\atio6axx.dll [MD5.0E89795F721B2BC02D0A12C470750DF6] - |A| - [21/10/2015 03:14:46] - (.Copyright (C) 2008 - ATIODCLI Application.) - [58.48 Ko] - (1.0.0.1) - C:\WINDOWS\System32\ATIODCLI.exe [MD5.C7A506822BE45CD42415710979CDAE7F] - |A| - [21/10/2015 03:14:46] - (.Copyright (C) 2008 - ATIODE Application.) - [333.48 Ko] - (1.0.0.1) - C:\WINDOWS\System32\ATIODE.exe [MD5.3FE40633FC3BC5AE41EACDA0E1BA72FE] - |A| - [21/10/2015 03:14:46] - (.Copy Right © 2012 Advanced Micro Devices, Inc - TMM Clone Control Module.) - [194.98 Ko] - (6.14.11.25) - C:\WINDOWS\System32\atitmm64.dll [MD5.067CED045532C58B46E6527BCE3CB47F] - |A| - [21/10/2015 03:14:54] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [127.02 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atiu9p64.dll [MD5.AC6970C74B7457B291BB2C0035AA7DAE] - |A| - [21/10/2015 03:14:56] - (.Copyright (C) 1998-2011 AMD Inc. - atiumd64.dll.) - [8657.15 Ko] - (9.14.10.1128) - C:\WINDOWS\System32\atiumd64.dll [MD5.486D6985E7B7826DBBEAE12755851027] - |A| - [22/08/2015 02:55:34] - (. - .) - [3357.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\atiumd6a.cap [MD5.0A9CA09952D768F768D2903F984102DC] - |A| - [21/10/2015 03:14:56] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [8771.91 Ko] - (8.14.10.513) - C:\WINDOWS\System32\atiumd6a.dll [MD5.AE81C76C930DD6875E5D9C6BEA2F0966] - |A| - [21/10/2015 03:14:56] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [158.43 Ko] - (8.14.1.6463) - C:\WINDOWS\System32\atiuxp64.dll [MD5.EFA5E3D55F1CC185BC690B7D79D015A9] - |A| - [24/07/2015 22:44:06] - (. - .) - [98.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativce02.dat [MD5.B974290EEE645249EE212FF62DD0824A] - |A| - [30/07/2015 23:00:06] - (. - .) - [173.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativce03.dat [MD5.5EBC73A78E5903E7CE6F6B25E4A6BE8F] - |A| - [29/05/2015 02:00:42] - (. - .) - [228.93 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_cik.dat [MD5.C55D2CBC17AAE1FBAC9135E7C31A4D31] - |A| - [29/05/2015 01:58:32] - (. - .) - [227.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_cik_nd.dat [MD5.0770A5AB5218E6D3134A7A7239B9A216] - |A| - [29/05/2015 02:21:32] - (. - .) - [249.81 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_cz_nd.dat [MD5.A81F68A0D3387A06182EFA3880D3F0BD] - |A| - [29/05/2015 02:17:24] - (. - .) - [245 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_FJ.dat [MD5.7EE8F6853798F7A900DB15F3054A0277] - |A| - [29/05/2015 02:15:12] - (. - .) - [243.25 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_FJ_nd.dat [MD5.11355CAC5334C8999211C09CAAE194EF] - |A| - [29/05/2015 02:10:58] - (. - .) - [315.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_vi.dat [MD5.3544D6AF6E0C9783C2CF6FA9CE42D520] - |A| - [29/05/2015 02:08:18] - (. - .) - [313.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvaxy_vi_nd.dat [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [22/08/2015 02:54:10] - (. - .) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [22/08/2015 02:54:10] - (. - .) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ativvsvl.dat [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [247.5 Ko] - C:\WINDOWS\System32\bg-BG [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [4474.05 Ko] - C:\WINDOWS\System32\Boot [MD5.31ABC8C02F1CCE0DA39550D763384184] - |A| - [16/07/2016 13:42:12] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [91.5 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [0.93 Ko] - C:\WINDOWS\System32\Bthprops [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 08:57:26] - [137937.94 Ko] - C:\WINDOWS\System32\CatRoot [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [63681.3 Ko] - C:\WINDOWS\System32\catroot2 [MD5.F18E1F295EBB5FDD7E6D93571113E5A8] - |A| - [29/03/2017 18:01:47] - (.Copyright © 2001-2015 GoPro Inc. - CineForm DirectShow Decoder.) - [1221 Ko] - (9.2.1.690) - C:\WINDOWS\System32\CFDecode64.ax [MD5.F2D598B11C294EE360FDA0D3E81DA7EC] - |A| - [21/10/2015 03:14:48] - (. - .) - [237.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\clinfo.exe [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [2123.5 Ko] - C:\WINDOWS\System32\CodeIntegrity [MD5.A0E91D21C945781D03EA0BA1C95F821E] - |A| - [21/10/2015 03:14:48] - (.AMD. - CoInstaller DLL.) - [853.98 Ko] - (1.0.5.9) - C:\WINDOWS\System32\coinst_15.20.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [360 Ko] - C:\WINDOWS\System32\Com [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 08:57:26] - [559877.7 Ko] - C:\WINDOWS\System32\config [MD5.00000000000000000000000000000000] - |SD| - [12/11/2016 09:22:35] - [51.22 Ko] - C:\WINDOWS\System32\Configuration [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [292.5 Ko] - C:\WINDOWS\System32\cs-CZ [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [288.5 Ko] - C:\WINDOWS\System32\da-DK [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [177.63 Ko] - C:\WINDOWS\System32\DDFs [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [324.5 Ko] - C:\WINDOWS\System32\de-DE [MD5.C69C4A1EF5920EFBBA21E3F759427517] - |A| - [07/04/2017 15:44:13] - (. - .) - [0.24 Ko] - (0.0.0.0) - C:\WINDOWS\System32\debug.log [MD5.306B90493D00011EB635E161C6C024B8] - |A| - [16/07/2016 13:42:22] - (. - .) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin [MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [12/11/2016 09:22:51] - (. - .) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json [MD5.B227DF8720C51EE0A80CB23CCCEF1EC6] - |A| - [26/10/2012 17:42:24] - (. - .) - [328.35 Ko] - (13.80.853.0) - C:\WINDOWS\System32\DevManagerCore.dll [MD5.2322AC4F74D5033E8AF0EBD85DFC677B] - |A| - [30/03/2017 11:37:01] - (.Copyright (C) 2005-2009, mst software GmbH. - mst Defrag SDK Boot.) - [33.5 Ko] - (3.6.0.6165) - C:\WINDOWS\System32\DfSdkBt.exe [MD5.00000000000000000000000000000000] - |SD| - [12/11/2016 09:22:35] - [642 Ko] - C:\WINDOWS\System32\DiagSvcs [MD5.8B5F7B8C2EFE38CA571FBE24658DF11F] - |A| - [16/07/2016 13:42:36] - (. - .) - [90.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [7611.09 Ko] - C:\WINDOWS\System32\Dism [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [1116.16 Ko] - C:\WINDOWS\System32\downlevel [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:21:28] - [115328.91 Ko] - C:\WINDOWS\System32\drivers [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 08:57:26] - [1489692.04 Ko] - C:\WINDOWS\System32\DriverStore [MD5.00000000000000000000000000000000] - |DC| - [15/11/2016 11:34:26] - [418.36 Ko] - C:\WINDOWS\System32\DRVSTORE [MD5.00000000000000000000000000000000] - |SD| - [12/11/2016 09:22:35] - [158 Ko] - C:\WINDOWS\System32\dsc [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [320.5 Ko] - C:\WINDOWS\System32\el-GR [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:10] - [0 Ko] - C:\WINDOWS\System32\en [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [236 Ko] - C:\WINDOWS\System32\en-GB [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [2193.1 Ko] - C:\WINDOWS\System32\en-US [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [313.5 Ko] - C:\WINDOWS\System32\es-ES [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [257.5 Ko] - C:\WINDOWS\System32\es-MX [MD5.BAC5074667751F72A9CE48CDC31BAC48] - |A| - [10/11/2016 19:36:30] - (.Copyright (C) 2007 SEIKO EPSON CORP. - E_GCINST.) - [10.5 Ko] - (1.0.0.6) - C:\WINDOWS\System32\E_GCINST.DLL [MD5.8159960E8BA20F1C4A4EBCF0DAEC60E5] - |A| - [10/11/2016 19:36:28] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2010. All rights reserved. - ECBTEGB AMD64.) - [82 Ko] - (3.3.0.0) - C:\WINDOWS\System32\E_ID4BLPE.DLL [MD5.2E21840342850A8A7F28D28D6DD3A1CD] - |A| - [10/11/2016 19:36:28] - (.Copyright (C) SEIKO EPSON CORPORATION 2005-2013. All rights reserved. - EPSON Bi-directional Monitor AMD64.) - [175.5 Ko] - (4.4.0.0) - C:\WINDOWS\System32\E_ILMBLPE.DLL [MD5.00000000000000000000000000000000] - |SD| - [12/11/2016 09:22:35] - [25882.16 Ko] - C:\WINDOWS\System32\F12 [MD5.DFBDC24417B2EDE6513F5570E6CD24C8] - |A| - [01/04/2017 07:50:37] - (.Copyright (C) 2005-2011 CHENGDU YIWO Tech Development Co., Ltd. All rights reserved. - EaseUS Todo Backup Application.) - [25.69 Ko] - (3.0.0.1) - C:\WINDOWS\System32\fbnative.exe [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [292.5 Ko] - C:\WINDOWS\System32\fi-FI [MD5.94D0DF7FE76A8220F2B807F5F1ECC48E] - |A| - [08/04/2017 10:36:56] - (. - .) - [193.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:10] - [3393.5 Ko] - C:\WINDOWS\System32\fr [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [264 Ko] - C:\WINDOWS\System32\fr-CA [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [44131.75 Ko] - C:\WINDOWS\System32\fr-FR [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [0 Ko] - C:\WINDOWS\System32\FxsTmp [MD5.D07F2281427BD098356EE74B6CB26B86] - |A| - [16/07/2016 13:42:12] - (. - .) - [89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [259.5 Ko] - C:\WINDOWS\System32\he-IL [MD5.1474EE82605D16B57AD43130B09AD8D0] - |A| - [07/04/2017 08:18:15] - (. - .) - [464 Ko] - (3.0.0.20) - C:\WINDOWS\System32\HMIPCore64.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [241.5 Ko] - C:\WINDOWS\System32\hr-HR [MD5.77071BF934BEF16D5F02E31624258A91] - |A| - [21/10/2015 03:14:48] - (. - .) - [108.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\hsa-thunk64.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [296 Ko] - C:\WINDOWS\System32\hu-HU [MD5.2A571B7728F23E83A800527879105180] - |A| - [16/07/2016 13:42:04] - (. - .) - [44.17 Ko] - (0.0.0.0) - C:\WINDOWS\System32\hypervisor.mof [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [5.36 Ko] - C:\WINDOWS\System32\ias [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [36.27 Ko] - C:\WINDOWS\System32\icsxml [MD5.8898B09A8D08E138F238224648DF0739] - |A| - [16/07/2016 13:42:35] - (. - .) - [170.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll [MD5.E71B9E802BA7AD874126E3B17D864B60] - |A| - [28/02/2017 04:41:44] - (. - .) - [696.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\im-fre.exe [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [25924.17 Ko] - C:\WINDOWS\System32\IME [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [0 Ko] - C:\WINDOWS\System32\inetsrv [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [4803 Ko] - C:\WINDOWS\System32\InputMethod [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [0 Ko] - C:\WINDOWS\System32\Ipmi [MD5.5EA855B4A875E08AD93FF901B5D9E275] - |A| - [16/07/2016 13:42:09] - (. - .) - [226 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ism32k.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [318.5 Ko] - C:\WINDOWS\System32\it-IT [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [231.5 Ko] - C:\WINDOWS\System32\ja-jp [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [229 Ko] - C:\WINDOWS\System32\ko-KR [MD5.050BC9351A3386458B696F8BCA78B27B] - |A| - [16/07/2016 13:42:22] - (. - .) - [145.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [73.41 Ko] - C:\WINDOWS\System32\Licenses [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [12217.56 Ko] - C:\WINDOWS\System32\LogFiles [MD5.B65E8E52916A527F88486875EE291AA8] - |A| - [26/10/2012 17:42:22] - (. - .) - [10663.85 Ko] - (13.80.853.0) - C:\WINDOWS\System32\LogiDPP.dll [MD5.24764C249F769991079F6D4B14B822AF] - |A| - [26/10/2012 17:42:22] - (. - .) - [100.85 Ko] - (13.80.853.0) - C:\WINDOWS\System32\LogiDPPApp.exe [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [237 Ko] - C:\WINDOWS\System32\lt-LT [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [238.5 Ko] - C:\WINDOWS\System32\lv-LV [MD5.4D4248F6D008D86D5575EE5B154971AE] - |A| - [26/10/2012 17:42:22] - (.(c) 1996-2012 Logitech. All rights reserved. - Logitech Co-Installer.) - [256.28 Ko] - (13.80.853.0) - C:\WINDOWS\System32\lvco1380853.dll [MD5.FF510CF2A7FA73192E7DB06D7C311799] - |A| - [26/10/2012 17:42:24] - (.(c) 1996-2012 Logitech. All rights reserved. - Video Codec.) - [171.28 Ko] - (13.80.853.0) - C:\WINDOWS\System32\lvcod64.dll [MD5.1A8AE8A66B6C289046276453768EF270] - |A| - [26/10/2012 17:42:24] - (. - .) - [28.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\lvcoin64.ini [MD5.928D6BFECF5C5E79C77912FE63B8A90C] - |A| - [12/11/2016 09:51:59] - (. - .) - [45.07 Ko] - (0.0.0.0) - C:\WINDOWS\System32\lvcoinst.log [MD5.B4CD287DFAA6578AC763A3800F0C2DC8] - |A| - [26/10/2012 17:42:24] - (.(c) 1996-2012 Logitech. All rights reserved. - Logitech Camera Property Pages.) - [750.28 Ko] - (13.80.853.0) - C:\WINDOWS\System32\LVUI64.dll [MD5.CCFDDF84B42198B0AAD27D11ACFD254E] - |A| - [26/10/2012 17:42:22] - (.(c) 1996-2012 Logitech. All rights reserved. - Logitech Camera Property Pages.) - [547.28 Ko] - (13.80.853.0) - C:\WINDOWS\System32\LVUIRC64.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [29878.74 Ko] - C:\WINDOWS\System32\Macromed [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync [MD5.D3F4E00C322EDA78873848BE75ACC8A4] - |A| - [21/10/2015 03:14:48] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [132.98 Ko] - (9.1.10.83) - C:\WINDOWS\System32\mantle64.dll [MD5.EA33454E28EE1F3CA432DA87203DA24F] - |A| - [21/10/2015 03:14:48] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [100.98 Ko] - (9.1.10.83) - C:\WINDOWS\System32\mantleaxl64.dll [MD5.CF17A39BA7D1D1E386FD0C1303642B91] - |A| - [25/02/2013 11:10:02] - (. - .) - [20.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MDA_NTDRV.sys [MD5.BC74BDA8DC53F722C2CA686071600AE2] - |A| - [16/07/2016 13:42:22] - (. - .) - [107.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:42:23] - [6.01 Ko] - C:\WINDOWS\System32\Microsoft [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [5313.62 Ko] - C:\WINDOWS\System32\migration [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [47559.48 Ko] - C:\WINDOWS\System32\migwiz [MD5.00000000000000000000000000000000] - |D| - [29/03/2017 18:55:18] - [43.88 Ko] - C:\WINDOWS\System32\MpEngineStore [MD5.00000000000000000000000000000000] - |D| - [13/11/2016 22:44:33] - [0 Ko] - C:\WINDOWS\System32\MRT [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [4148.28 Ko] - C:\WINDOWS\System32\MsDtc [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [19.15 Ko] - C:\WINDOWS\System32\MUI [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [283.5 Ko] - C:\WINDOWS\System32\nb-NO [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [0 Ko] - C:\WINDOWS\System32\NDF [MD5.C8E414C812D2379646927182D8F431D9] - |A| - [28/03/2017 04:54:30] - (. - .) - [696.91 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ndw-fre.exe [MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [16/07/2016 13:42:12] - (. - .) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [51 Ko] - C:\WINDOWS\System32\networklist [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [303.5 Ko] - C:\WINDOWS\System32\nl-NL [MD5.2B33295524023305B8759DDD9C3C0A09] - |A| - [16/02/2017 04:52:02] - (. - .) - [695.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\npe-fre.exe [MD5.00000000000000000000000000000000] - |SD| - [12/11/2016 09:22:35] - [16570.66 Ko] - C:\WINDOWS\System32\Nui [MD5.F54598052A618ADC0231853D870A22BE] - |A| - [12/11/2016 09:22:54] - (. - .) - [15.06 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml [MD5.2901049544FDF863362FABA2363EB647] - |A| - [16/07/2016 13:42:11] - (. - .) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [12668.62 Ko] - C:\WINDOWS\System32\oobe [MD5.42D2360079B1DF3230024AE920737367] - |A| - [16/07/2016 13:42:22] - (. - .) - [45.81 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin [MD5.1BD31AF098E9E4A4A48D2ECFF0A12F30] - |A| - [07/04/2017 12:07:40] - (.© 2003 Glyph & Cog, LLC - Xpdf: utilities for PDF documents.) - [502.5 Ko] - (2.3.1382.39045) - C:\WINDOWS\System32\pdfinfo.exe [MD5.1FEFCBFFE96D2C5EE074AAE27846C30E] - |A| - [07/04/2017 12:07:40] - (.© 2003 Glyph & Cog, LLC - Xpdf: utilities for PDF documents.) - [539.5 Ko] - (2.3.1382.39045) - C:\WINDOWS\System32\pdftotext.exe [MD5.F3D5EA2416A554EEE03946B012D3711A] - |A| - [12/11/2016 09:27:38] - (. - .) - [238.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat [MD5.FD510E696D0755E70AF275ECB7E785B4] - |A| - [12/11/2016 09:33:50] - (. - .) - [266.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat [MD5.32BC2E0CC95E2DCEE25B15BFB82D07B8] - |A| - [12/11/2016 09:27:38] - (. - .) - [32.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat [MD5.AA180E09E4990FF71FBEAC8C4455CF47] - |A| - [12/11/2016 09:33:50] - (. - .) - [39.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat [MD5.094FBF0405E985D9635FB0251F3DE77F] - |A| - [12/11/2016 09:27:38] - (. - .) - [895.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat [MD5.7B7F9034928362ADCE567EFB98491461] - |A| - [12/11/2016 09:33:50] - (. - .) - [1140.23 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat [MD5.7A0394C9D0BA79C55AE6C3097F8AAB5B] - |A| - [12/11/2016 10:04:08] - (. - .) - [2551.83 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [301.5 Ko] - C:\WINDOWS\System32\pl-PL [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [560 Ko] - C:\WINDOWS\System32\PointOfService [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:13] - [420.42 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [0 Ko] - C:\WINDOWS\System32\ProximityToast [MD5.007893E8374C766471239EB291BA8C17] - |A| - [16/07/2016 13:42:31] - (. - .) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [303.5 Ko] - C:\WINDOWS\System32\pt-BR [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [299 Ko] - C:\WINDOWS\System32\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [23.75 Ko] - C:\WINDOWS\System32\ras [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [0 Ko] - C:\WINDOWS\System32\RasToast [MD5.692DC6EF573FFCDD9DFB55D1C783DB93] - |A| - [16/07/2016 13:42:04] - (. - .) - [0.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\removehypervisor.mof [MD5.C6CA43573C21CA6392F57F238C8391FC] - |A| - [26/10/2012 17:42:22] - (. - .) - [39.45 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Repository.reg [MD5.D67CDB8D2584AAC165A77488C5A7A987] - |A| - [16/07/2016 13:42:37] - (. - .) - [8.92 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList [MD5.4FE9CE56EFA89779D81B988698D2454C] - |A| - [16/07/2016 13:42:37] - (. - .) - [8.4 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [0.07 Ko] - C:\WINDOWS\System32\restore [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [243.5 Ko] - C:\WINDOWS\System32\ro-RO [MD5.E9D4A333DF15D06C68AC4BFB9B6581CB] - |A| - [16/07/2012 11:46:28] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DAA64.dll [MD5.B6FE01558CC03F3866C9AD0ED19261D8] - |A| - [16/07/2012 11:46:32] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DHT64.dll [MD5.166CDCF1CA92579C051BCA8C5C13C3FB] - |A| - [11/04/2017 14:17:32] - (.Copyright (c) 2000 - 2015 Advanced Messaging Systems LLC - Outlook Redemption COM library.) - [12500.1 Ko] - (5.10.0.4312) - C:\WINDOWS\System32\rsror64.dll [MD5.F7BAB6656AA3851FB90D3E1699F9B946] - |A| - [11/04/2017 14:17:33] - (.Copyright (c) 2000 - 2015 Advanced Messaging Systems LLC - Outlook Redemption COM library.) - [3793.1 Ko] - (5.10.0.4312) - C:\WINDOWS\System32\rsrorx64.dll [MD5.A6286A6C7A1BBFCBA17AA54384A21D1C] - |A| - [16/07/2012 11:46:47] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [199.34 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEED64A.dll [MD5.6F4CD493196100EEF349D7132CECAFD9] - |A| - [16/07/2012 11:46:49] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [76.84 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEG64A.dll [MD5.ECAEC5FBBBEF8612AF0A866AFA5F7EF2] - |A| - [16/07/2012 11:46:52] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [98.84 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEL64A.dll [MD5.D0D0D82B7366E691275E433CD34F89B2] - |A| - [16/07/2012 11:46:55] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [366.34 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEP64A.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [16/07/2016 13:43:50] - (. - .) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [6.92 Ko] - C:\WINDOWS\System32\SecureBootUpdates [MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [16/07/2016 13:42:34] - (. - .) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [245 Ko] - C:\WINDOWS\System32\sk-SK [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [240.5 Ko] - C:\WINDOWS\System32\sl-SI [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:45:54] - [13828.41 Ko] - C:\WINDOWS\System32\SleepStudy [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:13] - [52.14 Ko] - C:\WINDOWS\System32\slmgr [MD5.1C6F12AA3D178A0A953E8005B3CD4CDE] - |A| - [16/07/2016 13:42:22] - (. - .) - [68.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 08:57:26] - [12993.02 Ko] - C:\WINDOWS\System32\SMI [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [7600.34 Ko] - C:\WINDOWS\System32\Speech [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [7900.14 Ko] - C:\WINDOWS\System32\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [169861.5 Ko] - C:\WINDOWS\System32\spool [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [5605.85 Ko] - C:\WINDOWS\System32\spp [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [31.88 Ko] - C:\WINDOWS\System32\sppui [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [243.5 Ko] - C:\WINDOWS\System32\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [244 Ko] - C:\WINDOWS\System32\sr-Latn-RS [MD5.C1AA14DBA23EB5AE5044727DF182FE5C] - |A| - [16/07/2016 13:42:16] - (. - .) - [54.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat [MD5.018D3D2478754AA411DE6DA6DE5F8F21] - |A| - [16/07/2012 11:49:35] - (.Copyright 2002 SRS Labs, Inc. All Rights Reserved. - TruSurroundXT Module.) - [506.73 Ko] - (3.2.0.0) - C:\WINDOWS\System32\SRSTSX64.dll [MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - |A| - [16/07/2012 11:49:38] - (.(c) 2006 SRS Labs, Inc. All rights reserved. - WOW HD COM object for Windows.) - [152.23 Ko] - (1.1.3.0) - C:\WINDOWS\System32\SRSWOW64.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [6488 Ko] - C:\WINDOWS\System32\sru [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [289 Ko] - C:\WINDOWS\System32\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:34] - [1623.05 Ko] - C:\WINDOWS\System32\Sysprep [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [913.28 Ko] - C:\WINDOWS\System32\SystemResetPlatform [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [552.79 Ko] - C:\WINDOWS\System32\Tasks [MD5.D602CA245CC6774A0981B607F0675609] - |A| - [16/07/2016 13:42:39] - (. - .) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [227.5 Ko] - C:\WINDOWS\System32\th-TH [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [285 Ko] - C:\WINDOWS\System32\tr-TR [MD5.C8F2952DAE3971614DBD0C509F35BE93] - |A| - [16/07/2016 13:42:38] - (. - .) - [10.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt [MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [16/07/2016 13:42:38] - (. - .) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [240 Ko] - C:\WINDOWS\System32\uk-UA [MD5.4E8F2BB3A5A87E75C35533723B50E685] - |A| - [04/04/2017 18:30:35] - (. - .) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\user_gensett.xml [MD5.E7482D1D449217C8641762F5C38E157C] - |A| - [16/07/2016 13:42:12] - (. - .) - [9.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\VpnSohDesktop.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [89298.84 Ko] - C:\WINDOWS\System32\wbem [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:13] - [0 Ko] - C:\WINDOWS\System32\WCN [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [113737.61 Ko] - C:\WINDOWS\System32\WDI [MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [16/07/2016 13:42:11] - (. - .) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [1.1 Ko] - C:\WINDOWS\System32\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [42585.77 Ko] - C:\WINDOWS\System32\WinBioPlugIns [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:35] - [8369.08 Ko] - C:\WINDOWS\System32\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [138396 Ko] - C:\WINDOWS\System32\winevt [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [4228.5 Ko] - C:\WINDOWS\System32\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:13] - [107.53 Ko] - C:\WINDOWS\System32\winrm [MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [16/07/2016 13:42:35] - (. - .) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png [MD5.B6B479B04C64AF5EF36C24EBDF278302] - |A| - [16/07/2016 13:42:27] - (. - .) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml [MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [11/04/2017 14:38:24] - (. - .) - [20 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wsusnative64.exe [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [204.5 Ko] - C:\WINDOWS\System32\zh-CN [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [199 Ko] - C:\WINDOWS\System32\zh-HK [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [199 Ko] - C:\WINDOWS\System32\zh-TW [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:14] - [0 Ko] - C:\WINDOWS\SysWOW64\0409 [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 14:19:04] - [0 Ko] - C:\WINDOWS\SysWOW64\040C [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 11:45:54] - [328.34 Ko] - C:\WINDOWS\SysWOW64\1033 [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 14:36:58] - [113.39 Ko] - C:\WINDOWS\SysWOW64\1036 [MD5.0A0FEB9EB28BDE8CD835716343B03B14] - |A| - [10/04/2017 14:19:10] - (. - .) - [2.1 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\12520437_FromLFSULTRA-WIDEN.cpx [MD5.D69AE057CD82D04EE7D311809ABEFB2A] - |A| - [10/04/2017 14:19:18] - (. - .) - [2.18 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\12520850_FromLFSULTRA-WIDEN.cpx [MD5.77424849C3EE8FBB767C98E42E60CBEF] - |A| - [10/04/2017 14:19:22] - (. - .) - [9.47 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [MD5.77424849C3EE8FBB767C98E42E60CBEF] - |A| - [10/04/2017 14:19:26] - (. - .) - [9.47 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [16/07/2016 13:43:00] - (. - .) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png [MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [16/07/2016 13:43:02] - (. - .) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png [MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [16/07/2016 13:43:02] - (. - .) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png [MD5.BCD746C83332A0FE5AA44C25953A9095] - |A| - [09/04/2017 13:18:56] - (. - .) - [1968 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\aacenclib.dll [MD5.D0EB35A60D1E05DE9038F2B1584858CA] - |A| - [09/04/2017 13:19:07] - (. - .) - [348 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\aac_ds_enc.ax [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [2141.84 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers [MD5.7D4761FD5A02353C9BD70C1F5B15AA4F] - |A| - [21/10/2015 03:14:42] - (. - .) - [193.98 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdgfxinfo32.dll [MD5.F12467373381C72FAE9CA7C08ED6C919] - |A| - [21/10/2015 03:14:42] - (. - .) - [128.98 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdhdl32.dll [MD5.87882BCCDF63B74B675ECCE6B6609DC2] - |A| - [21/10/2015 03:14:42] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [511.98 Ko] - (1.0.3.8) - C:\WINDOWS\SysWOW64\amdlvr32.dll [MD5.8F2144D05F41DD27308548B5D9D19101] - |A| - [21/10/2015 03:14:42] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [5093.98 Ko] - (9.1.10.83) - C:\WINDOWS\SysWOW64\amdmantle32.dll [MD5.F9F99EA40AF48C716C2E823F2B6FD2D8] - |A| - [21/10/2015 03:14:42] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [46.98 Ko] - (1.6.0.0) - C:\WINDOWS\SysWOW64\amdmmcl.dll [MD5.E30B1D883DC886016C38FDEE6755CCC6] - |A| - [21/10/2015 03:14:46] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [38790.48 Ko] - (10.0.1800.11) - C:\WINDOWS\SysWOW64\amdocl.dll [MD5.5F0F6073A243FC8C4C190E3F06D1247E] - |A| - [21/10/2015 03:14:46] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD COMPILER OpenCL 1.1 Compiler.) - [21803.98 Ko] - (0.8.0.0) - C:\WINDOWS\SysWOW64\amdocl12cl.dll [MD5.40A2E4C2933EB5DE99C06F00A9E2C589] - |A| - [21/10/2015 03:14:44] - (. - .) - [980.49 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdocl_as32.exe [MD5.985589A3C4BB14ED23A15D9477475F7B] - |A| - [21/10/2015 03:14:42] - (. - .) - [788.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\amdocl_ld32.exe [MD5.170EA2F4A32130BBF7EABD2D94B235AE] - |A| - [21/10/2015 03:14:54] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [79.26 Ko] - (8.14.10.23) - C:\WINDOWS\SysWOW64\amdpcom32.dll [MD5.8AAD333C876590293F72B315E162BCC7] - |A| - [10/04/2017 14:21:45] - (. - .) - [8.82 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ANSI.SYS [MD5.D753EEE17725526A67ACDDAA5D63EF68] - |A| - [10/04/2017 14:23:57] - (. - .) - [12.21 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\append.exe [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [451.5 Ko] - C:\WINDOWS\SysWOW64\ar-SA [MD5.3145F214183CDCF5B7CE0E52BEE0E91F] - |A| - [09/04/2017 12:10:29] - (.(c) Ariel Systems, 2000 - .) - [124 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\ArielColorCtrl.ocx [MD5.3145F214183CDCF5B7CE0E52BEE0E91F] - |A| - [10/04/2017 14:24:04] - (.(c) Ariel Systems, 2000 - .) - [124 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\ArielColorCtrl_FromLFSULTRA-WIDEN.ocx [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 14:24:06] - [80.54 Ko] - C:\WINDOWS\SysWOW64\Atheros_L1e [MD5.546E937838E7D9FD945D6505529F2209] - |A| - [21/10/2015 03:14:44] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [913.48 Ko] - (7.15.20.1301) - C:\WINDOWS\SysWOW64\atiadlxx.dll [MD5.546E937838E7D9FD945D6505529F2209] - |A| - [21/10/2015 03:14:44] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [913.48 Ko] - (7.15.20.1301) - C:\WINDOWS\SysWOW64\atiadlxy.dll [MD5.53650482B8E621276DC55E50C9FB2FEE] - |A| - [22/08/2015 02:53:34] - (. - .) - [646.87 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atiapfxx.blb [MD5.4A8BC73F07C13E602B573BE723BFB360] - |A| - [21/10/2015 03:14:44] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [56.48 Ko] - (6.14.10.1848) - C:\WINDOWS\SysWOW64\aticalcl.dll [MD5.64E261847856C53DE5A3007682707290] - |A| - [21/10/2015 03:14:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [13975.48 Ko] - (6.14.10.1848) - C:\WINDOWS\SysWOW64\aticaldd.dll [MD5.F1E925DE8ECC7BE99BCC380BBA3F477E] - |A| - [21/10/2015 03:14:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [59.48 Ko] - (6.14.10.1848) - C:\WINDOWS\SysWOW64\aticalrt.dll [MD5.DCE2F09D2DF45938DB476B287D6F560B] - |A| - [21/10/2015 03:14:54] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx32.dll.) - [1194.88 Ko] - (8.17.10.1404) - C:\WINDOWS\SysWOW64\aticfx32.dll [MD5.194B36603ED7BB93290F4A3C73B94764] - |A| - [21/10/2015 03:14:56] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx32.dll.) - [9971.7 Ko] - (8.17.10.625) - C:\WINDOWS\SysWOW64\atidxx32.dll [MD5.B84EF06D0D8192F33EE5BC12B2BA3702] - |A| - [21/10/2015 03:14:46] - (. - .) - [148.98 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atieah32.exe [MD5.B728F7B42DA61395F43C86BDDE5196E5] - |A| - [21/10/2015 03:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [146.98 Ko] - (8.14.1.6463) - C:\WINDOWS\SysWOW64\atigktxx.dll [MD5.0C3156664885AF41100B63853EBCE037] - |A| - [21/10/2015 03:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [76.48 Ko] - (8.14.1.6463) - C:\WINDOWS\SysWOW64\atiglpxx.dll [MD5.B344A7D717211B7DF53E369FC58290DF] - |A| - [21/10/2015 03:14:54] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [79.26 Ko] - (8.14.10.23) - C:\WINDOWS\SysWOW64\atimpc32.dll [MD5.6557A2BB671495C8F7E127FCD23FAF3E] - |A| - [21/10/2015 03:14:48] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [24726.98 Ko] - (6.14.10.13399) - C:\WINDOWS\SysWOW64\atioglxx.dll [MD5.E183E40B75E742A6E597A922168C2405] - |A| - [21/10/2015 03:14:56] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [109.73 Ko] - (8.14.1.6463) - C:\WINDOWS\SysWOW64\atiu9pag.dll [MD5.E638384DCD47CEA8F0DF2B6BAFB11F57] - |A| - [21/10/2015 03:14:56] - (.Copyright (C) 1998-2011 AMD Inc. - atiumdag.dll.) - [7307.19 Ko] - (9.14.10.1128) - C:\WINDOWS\SysWOW64\atiumdag.dll [MD5.A98DA23A524803615B083CFCED1CE362] - |A| - [22/08/2015 02:50:46] - (. - .) - [3390.02 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\atiumdva.cap [MD5.34438A391DADBD03940AF0760E2932CB] - |A| - [21/10/2015 03:14:56] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [7821.64 Ko] - (8.14.10.513) - C:\WINDOWS\SysWOW64\atiumdva.dll [MD5.C62336798199A3705424A6708445DD11] - |A| - [21/10/2015 03:14:56] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [139.7 Ko] - (8.14.1.6463) - C:\WINDOWS\SysWOW64\atiuxpag.dll [MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [22/08/2015 02:54:10] - (. - .) - [153.46 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ativvsva.dat [MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [22/08/2015 02:54:10] - (. - .) - [200.15 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ativvsvl.dat [MD5.30475F091008E24550523515A023270D] - |A| - [10/04/2017 14:24:46] - (. - .) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\autoexec.nt [MD5.B8B8C7F57EE48DDB93F3D0E37F66E950] - |A| - [09/04/2017 13:18:56] - (. - .) - [1502.34 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\avcenclib.dll [MD5.BCB27D39FB5F1E72CFBC8ECF57EF863D] - |A| - [09/04/2017 13:19:08] - (. - .) - [372 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\avc_ds_enc.ax [MD5.6CDBAF96FFC9B41435CC462730F895A0] - |A| - [09/04/2017 12:10:29] - (. - .) - [624 Ko] - (2.0.0.755) - C:\WINDOWS\SysWOW64\AxisToolBar.ocx [MD5.6CDBAF96FFC9B41435CC462730F895A0] - |A| - [10/04/2017 14:24:59] - (. - .) - [624 Ko] - (2.0.0.755) - C:\WINDOWS\SysWOW64\AxisToolBar_FromLFSULTRA-WIDEN.ocx [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [395 Ko] - C:\WINDOWS\SysWOW64\bg-BG [MD5.84BDB1E378591D930482B896A1648C53] - |A| - [10/04/2017 14:25:17] - (. - .) - [27.75 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\bios1.rom [MD5.B44C4C9CA9D4BCC8430F3276576F562B] - |A| - [10/04/2017 14:25:18] - (. - .) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\bios4.rom [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 14:25:22] - [994.45 Ko] - C:\WINDOWS\SysWOW64\Boot [MD5.22D9945B4AAE36DD59620A918F2E65F4] - |A| - [10/04/2017 14:25:24] - (. - .) - [3096 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\boot_FromLFSULTRA-WIDEN.sdi [MD5.405E1EF8E3C88E9BCD2853382BB12430] - |A| - [10/04/2017 14:25:31] - (. - .) - [22.45 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\bopomofo_FromLFSULTRA-WIDEN.uce [MD5.278EE111CB021686C7BDB45C12EAC6E2] - |A| - [10/04/2017 14:25:31] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother Multi Function CoInstaller.) - [17 Ko] - (1.0.0.20) - C:\WINDOWS\SysWOW64\brcoinst.dll [MD5.D1E5E5826ECB8F87BDB0CF9E28B48465] - |A| - [10/04/2017 14:25:34] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [72 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\BthpanContextHandler.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [0.93 Ko] - C:\WINDOWS\SysWOW64\Bthprops [MD5.F4A1B4D4CCFD8EEEF0259FAE58CFAE5C] - |A| - [10/04/2017 14:25:37] - (.Copyright (C) 2008 - ContextH Application.) - [62.5 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\BWContextHandler_FromLFSULTRA-WIDEN.dll [MD5.40DF43CA1A8752CAA135E27DCC6645B3] - |A| - [10/04/2017 14:25:41] - (.Copyright (C) 2006 - CardGames Resources.) - [6068.5 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\CardGames.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot [MD5.F4388164B235BA23EB40EF4B272759EC] - |A| - [12/11/2016 09:53:40] - (. - .) - [60.47 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\CCCInstall_201611120853408059.log [MD5.6106430CF5813518920D5F0029C43329] - |A| - [09/04/2017 23:26:54] - (.2005-2017 COMODO. All rights reserved. - COMODO Internet Security.) - [42.98 Ko] - (10.0.1.6209) - C:\WINDOWS\SysWOW64\cmdcsr.dll [MD5.6106430CF5813518920D5F0029C43329] - |A| - [10/04/2017 15:03:12] - (.2005-2017 COMODO. All rights reserved. - COMODO Internet Security.) - [42.98 Ko] - (10.0.1.6209) - C:\WINDOWS\SysWOW64\cmdcsr_FromLFSULTRA-WIDEN.dll [MD5.A0AB432A744C854DB59390257B78588A] - |A| - [10/04/2017 15:03:13] - (.2005-2017 COMODO. All rights reserved. - COMODO Secure Shopping.) - [257.18 Ko] - (1.1.20635.97) - C:\WINDOWS\SysWOW64\cmdkbdcss32.dll [MD5.C40C4216C450E8B9D28C26EA0C3BD467] - |A| - [09/04/2017 23:30:59] - (.2005-2017 COMODO. All rights reserved. - COMODO Internet Security.) - [190.19 Ko] - (10.0.1.6209) - C:\WINDOWS\SysWOW64\cmdshim32.dll [MD5.C40C4216C450E8B9D28C26EA0C3BD467] - |A| - [10/04/2017 15:03:14] - (.2005-2017 COMODO. All rights reserved. - COMODO Internet Security.) - [190.19 Ko] - (10.0.1.6209) - C:\WINDOWS\SysWOW64\cmdshim32_FromLFSULTRA-WIDEN.dll [MD5.09A0A5B78A8DD3B9D3E80DE9F48D43AD] - |A| - [09/04/2017 23:30:59] - (.2005-2017 COMODO. All rights reserved. - COMODO Internet Security.) - [354.69 Ko] - (10.0.1.6209) - C:\WINDOWS\SysWOW64\cmdvrt32.dll [MD5.09A0A5B78A8DD3B9D3E80DE9F48D43AD] - |A| - [10/04/2017 15:03:14] - (.2005-2017 COMODO. All rights reserved. - COMODO Internet Security.) - [354.69 Ko] - (10.0.1.6209) - C:\WINDOWS\SysWOW64\cmdvrt32_FromLFSULTRA-WIDEN.dll [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 15:03:18] - [4480.7 Ko] - C:\WINDOWS\SysWOW64\CodeIntegrity [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [620.5 Ko] - C:\WINDOWS\SysWOW64\Com [MD5.BA597F9A4BB90F038266CE1A3C3BE3FB] - |A| - [10/04/2017 15:03:31] - (. - .) - [49.46 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\COMMAND.COM [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [78380.59 Ko] - C:\WINDOWS\SysWOW64\config [MD5.01C47C2ECED034EF6F8C1552A97CFF00] - |A| - [10/04/2017 15:05:38] - (. - .) - [2.52 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\config.nt [MD5.00000000000000000000000000000000] - |SD| - [12/11/2016 09:22:36] - [51.22 Ko] - C:\WINDOWS\SysWOW64\Configuration [MD5.0FE9F16075C9ACB941C957B7C649176E] - |A| - [10/04/2017 15:05:42] - (. - .) - [26.46 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\country.sys [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [699.5 Ko] - C:\WINDOWS\SysWOW64\cs-CZ [MD5.DF94FB32E764775A6DDB17A63904B01A] - |A| - [10/04/2017 15:05:55] - (.2005-2017 COMODO. All rights reserved. - COMODO Secure Shopping.) - [40.41 Ko] - (1.1.20635.97) - C:\WINDOWS\SysWOW64\csscsr32.dll [MD5.F8EA18CCC8C7AA793D6F724C4FCBA2A5] - |A| - [10/04/2017 15:05:55] - (.2005-2017 COMODO. All rights reserved. - COMODO Secure Shopping.) - [330.63 Ko] - (1.1.20635.97) - C:\WINDOWS\SysWOW64\cssguard32.dll [MD5.01B8B690C6F6AFD4686B880C29F93060] - |A| - [10/04/2017 15:05:55] - (.Copyright 2008 - CSVer.) - [52 Ko] - (9.1.1.1025) - C:\WINDOWS\SysWOW64\CSVer.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [692 Ko] - C:\WINDOWS\SysWOW64\da-DK [MD5.224BD8EAA4223DF8241CA2A9B195B0E4] - |A| - [10/04/2017 15:07:12] - (.Dropbox, Inc. - Dropbox Service.) - [41.3 Ko] - (1.0.22.0) - C:\WINDOWS\SysWOW64\DbxSvc.exe [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [756 Ko] - C:\WINDOWS\SysWOW64\de-DE [MD5.C17AFA0AAD78C621F818DD6729572C48] - |A| - [10/04/2017 15:07:25] - (. - .) - [20.15 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\debug.exe [MD5.079B8AEB4A55BF8493BD1EC70285D920] - |A| - [10/04/2017 15:07:27] - (. - .) - [0.07 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\desktop.ini [MD5.B227DF8720C51EE0A80CB23CCCEF1EC6] - |A| - [26/10/2012 17:42:24] - (. - .) - [328.35 Ko] - (13.80.853.0) - C:\WINDOWS\SysWOW64\DevManagerCore.dll [MD5.00000000000000000000000000000000] - |SD| - [12/11/2016 09:22:36] - [19 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [10171.55 Ko] - C:\WINDOWS\SysWOW64\Dism [MD5.F42E95BFB193754E9148DB6434D2E88E] - |A| - [19/02/2010 21:27:36] - (.Copyright © 2000-2009 DivX, Inc. All rights reserved. - DivX.) - [703.5 Ko] - (6.9.2.26) - C:\WINDOWS\SysWOW64\DivX.dll [MD5.8A917DFB8115382CE129F1F140F268A9] - |A| - [23/03/2013 03:09:28] - (.© Copyright 2000 - 2009 DivX, Inc. - DivX Control Panel.) - [346.34 Ko] - (1.2.0.25) - C:\WINDOWS\SysWOW64\DivXControlPanelApplet.cpl [MD5.A266D3E430E9FF97E9D659E5F087EF99] - |A| - [19/02/2010 21:27:16] - (.Copyright © 2001-2008 DivX, Inc. All rights reserved. - DivX.) - [836 Ko] - (6.9.2.26) - C:\WINDOWS\SysWOW64\divx_xx07.dll [MD5.0DADCB1C15AB04A655F7B386FE625B35] - |A| - [19/02/2010 21:27:16] - (.Copyright © 2001-2008 DivX, Inc. All rights reserved. - DivX.) - [828 Ko] - (6.9.2.26) - C:\WINDOWS\SysWOW64\divx_xx0a.dll [MD5.725C556795DFC534660E784F9324515C] - |A| - [19/02/2010 21:27:16] - (.Copyright © 2001-2008 DivX, Inc. All rights reserved. - DivX.) - [836 Ko] - (6.9.2.26) - C:\WINDOWS\SysWOW64\divx_xx0c.dll [MD5.E1F94DFDC350BB8CE14655F5DB567149] - |A| - [19/02/2010 21:27:16] - (.Copyright ? 2001-2008 DivX, Inc. All rights reserved. - DivX.) - [820 Ko] - (6.9.2.26) - C:\WINDOWS\SysWOW64\divx_xx11.dll [MD5.AD8E4393EAD5A8A71378BEEE95C59FDA] - |A| - [19/02/2010 21:27:16] - (.Copyright © 2001-2008 DivX, Inc. All rights reserved. - DivX.) - [824 Ko] - (6.9.2.26) - C:\WINDOWS\SysWOW64\divx_xx16.dll [MD5.03783D0840B2C54D7665248425C74417] - |A| - [10/04/2017 15:08:13] - (. - .) - [52.34 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\dosx.exe [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [1068.16 Ko] - C:\WINDOWS\SysWOW64\downlevel [MD5.90C7F5E71EEFE13F762CFE7B42C7157A] - |A| - [21/10/2011 01:26:22] - (.Copyright © 2005-2006 - dpl100.) - [92 Ko] - (1.3.0.25) - C:\WINDOWS\SysWOW64\dpl100.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [73739.56 Ko] - C:\WINDOWS\SysWOW64\drivers [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [0 Ko] - C:\WINDOWS\SysWOW64\DriverStore [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 16:55:00] - [56.58 Ko] - C:\WINDOWS\SysWOW64\DRVSTORE [MD5.8C6F56F4CDDE6A1FD01F4FCF2773298E] - |A| - [10/04/2017 16:55:11] - (. - .) - [210.88 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\dssec_FromLFSULTRA-WIDEN.dat [MD5.583409031CBE6447750A99E7F460B08F] - |A| - [09/04/2017 12:10:29] - (.Copyright © 2001-2004 DeskShare - Overlay Filter of WebCam Monitor 3.x.) - [52 Ko] - (3.4.0.0) - C:\WINDOWS\SysWOW64\DSTimeStamp.ax [MD5.583409031CBE6447750A99E7F460B08F] - |A| - [10/04/2017 16:55:13] - (.Copyright © 2001-2004 DeskShare - Overlay Filter of WebCam Monitor 3.x.) - [52 Ko] - (3.4.0.0) - C:\WINDOWS\SysWOW64\DSTimeStamp_FromLFSULTRA-WIDEN.ax [MD5.BC9A5C226CE65F93489A786A5F996588] - |A| - [09/04/2017 13:19:08] - (. - .) - [320 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ds_file_writer.ax [MD5.5F4C4B46DD00B78A659CC7525C68170A] - |A| - [10/04/2017 16:55:15] - (.(c) DTS. All rights reserved. - DTS Bass Enhancement COM DLL.) - [437.77 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\DTSBassEnhancementDLL.dll [MD5.DE670B6CB4DAD658C0BBC86AA9477502] - |A| - [10/04/2017 16:55:16] - (.(c) DTS. All rights reserved. - DTS Boost COM DLL.) - [879.27 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\DTSBoostDLL.dll [MD5.268F909E2CEAE82AD253BDCD73435481] - |A| - [10/04/2017 16:55:17] - (.(c) DTS. All rights reserved. - DTS Gain Compensator COM DLL.) - [229.77 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\DTSGainCompensatorDLL.dll [MD5.06AB693CFF68B721C967EA7EE8DA73C8] - |A| - [10/04/2017 16:55:17] - (.(c) DTS. All rights reserved. - DTS GFX APO.) - [102.22 Ko] - (1.0.0.2) - C:\WINDOWS\SysWOW64\DTSGFXAPO.dll [MD5.164C41BE4DF3F897FEDC7FCBFDFC26C2] - |A| - [10/04/2017 16:55:17] - (.(c) DTS. All rights reserved. - DTS GFX APO.) - [101.72 Ko] - (1.0.0.2) - C:\WINDOWS\SysWOW64\DTSGFXAPONS.dll [MD5.4F1D6008CFC07D84076F24EB2124E52F] - |A| - [10/04/2017 16:55:18] - (.(c) DTS. All rights reserved. - DTS LFX APO.) - [102.22 Ko] - (1.0.0.2) - C:\WINDOWS\SysWOW64\DTSLFXAPO.dll [MD5.9B198E9F236995C74D662D3E2E80299C] - |A| - [10/04/2017 16:55:18] - (.(c) DTS. All rights reserved. - DTS Limiter COM DLL.) - [218.27 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\DTSLimiterDLL.dll [MD5.0F3BEC10F7103C8EBE0C9754C70B972C] - |A| - [10/04/2017 16:55:18] - (.(c) DTS. All rights reserved. - DTS NEO:PC COM DLL.) - [283.27 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\DTSNeoPCDLL.dll [MD5.DC565FFF648FC8EDCE7A5128D28DB877] - |A| - [10/04/2017 16:55:19] - (.(c) DTS. All rights reserved. - DTS Surround Sensation Headphone COM DLL.) - [938.77 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\DTSS2HeadphoneDLL.dll [MD5.04B4D84321F8F4C425009D130B302127] - |A| - [10/04/2017 16:55:21] - (.(c) DTS. All rights reserved. - DTS Surround Sensation Speaker COM DLL.) - [1104.77 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\DTSS2SpeakerDLL.dll [MD5.CF13F5CBCEB854DE21436872D56D0C1B] - |A| - [10/04/2017 16:55:26] - (.(c) DTS. All rights reserved. - DTS Symmetry COM DLL.) - [417.77 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\DTSSymmetryDLL.dll [MD5.A3BECF1E4504044A9BF79C62BF9F6179] - |A| - [10/04/2017 16:55:26] - (.(c) DTS. All rights reserved. - DTS Voice Clarity COM DLL.) - [396.27 Ko] - (1.0.0.1) - C:\WINDOWS\SysWOW64\DTSVoiceClarityDLL.dll [MD5.F6E368E10B600836DD349FF937B183A2] - |A| - [10/04/2017 16:56:08] - (. - .) - [68.25 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\edit.com [MD5.8AA8DCC96FA0492E3B5D415537FAB8FE] - |A| - [10/04/2017 16:56:08] - (. - .) - [10.54 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EDIT.HLP [MD5.B7A0AA49CBB604B2C3A42A49C36D8A4F] - |A| - [10/04/2017 16:56:09] - (. - .) - [12.35 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\edlin.exe [MD5.52E91EAC2F3175B1A5B0150382B6D771] - |A| - [10/04/2017 16:56:13] - (. - .) - [124.23 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ega.cpi [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [750 Ko] - C:\WINDOWS\SysWOW64\el-GR [MD5.9BC1E3EB2495ABB8D2CFD7A92A46E1CD] - |A| - [10/04/2017 16:56:24] - (.Copyright © 2000 - 2014 Elaborate Bytes AG - ElbyCDIO DLL.) - [94.9 Ko] - (6.1.8.1) - C:\WINDOWS\SysWOW64\ElbyCDIO.dll [MD5.F189CC7F7C13A42480D9B58504156C28] - |A| - [10/04/2017 16:56:26] - (.Copyright © 2002 - 2015 Elaborate Bytes AG - VirtualCloneDrive.) - [130.9 Ko] - (5.5.2.0) - C:\WINDOWS\SysWOW64\ElbyVCD.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:14] - [0 Ko] - C:\WINDOWS\SysWOW64\en [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [213 Ko] - C:\WINDOWS\SysWOW64\en-GB [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [4409.43 Ko] - C:\WINDOWS\SysWOW64\en-US [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [735.5 Ko] - C:\WINDOWS\SysWOW64\es-ES [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [231.5 Ko] - C:\WINDOWS\SysWOW64\es-MX [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [369.5 Ko] - C:\WINDOWS\SysWOW64\et-EE [MD5.2A77F15B14F45AFAF541812426B9D776] - |A| - [01/04/2017 07:58:23] - (. - .) - [0.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Eu(12-20161212).OD [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 16:58:01] - [153.5 Ko] - C:\WINDOWS\SysWOW64\EventProviders [MD5.0A05D6A4DE27C77D924F89635987FDA9] - |A| - [10/04/2017 16:59:25] - (. - .) - [17.51 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\EventViewer_EventDetails_FromLFSULTRA-WIDEN.xsl [MD5.683626544E81387771ED55E1A0F2047B] - |A| - [10/04/2017 16:59:26] - (. - .) - [8.23 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\exe2bin.exe [MD5.00000000000000000000000000000000] - |SD| - [12/11/2016 09:22:36] - [21671.66 Ko] - C:\WINDOWS\SysWOW64\F12 [MD5.68062C0ECE86AB7801B5B47FDC855A06] - |A| - [10/04/2017 16:59:28] - (. - .) - [0.86 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\fastopen.exe [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [697.5 Ko] - C:\WINDOWS\SysWOW64\fi-FI [MD5.2EACB2BBF309CF4E86D5A8C9554D8B6C] - |A| - [09/04/2017 12:10:27] - (. - .) - [20 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\FileDemultiplexorMP.dll [MD5.2EACB2BBF309CF4E86D5A8C9554D8B6C] - |A| - [10/04/2017 16:59:37] - (. - .) - [20 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\FileDemultiplexorMP_FromLFSULTRA-WIDEN.dll [MD5.38B0E065EE0F17BD60757497F82CAB1F] - |A| - [10/04/2017 16:59:45] - (. - .) - [263.04 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\FNTCACHE.DAT [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:14] - [4980 Ko] - C:\WINDOWS\SysWOW64\fr [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [237 Ko] - C:\WINDOWS\SysWOW64\fr-CA [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [78042.29 Ko] - C:\WINDOWS\SysWOW64\fr-FR [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [0 Ko] - C:\WINDOWS\SysWOW64\FxsTmp [MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |A| - [10/04/2017 17:16:55] - (. - .) - [39.6 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\gatherNetworkInfo.vbs [MD5.4FDED87068052EEB9B72A97FDBC141DB] - |A| - [10/04/2017 17:16:57] - (. - .) - [23.44 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\gb2312_FromLFSULTRA-WIDEN.uce [MD5.1E4ED2A9CD2BE20D9A640A80E9A185C5] - |A| - [10/04/2017 17:16:59] - (. - .) - [57.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\GDIPFONTCACHEV1.DAT [MD5.11CC082552A4AEE9871B5AF89729D848] - |A| - [10/04/2017 17:17:01] - (. - .) - [134.85 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.ar-SA.resources [MD5.F199DAD26596A6084C44C9801F71CC31] - |A| - [10/04/2017 17:17:02] - (. - .) - [114.2 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.cs-CZ.resources [MD5.0471ECBD53E43A2ACFBB845A08FEF8C9] - |A| - [10/04/2017 17:17:02] - (. - .) - [109.81 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.da-DK.resources [MD5.CB3AE8568F85F22E5558BF40A1063DBE] - |A| - [10/04/2017 17:17:03] - (. - .) - [118.05 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.de-DE.resources [MD5.A5E6C173DF1CC3606F81DC3C1246ED8F] - |A| - [10/04/2017 17:17:03] - (. - .) - [172.35 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.el-GR.resources [MD5.A966BD9DB72E40F673DF0470284C5C72] - |A| - [10/04/2017 17:17:04] - (. - .) - [105.86 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.en-US.resources [MD5.46F5D8F17E72BD8310FB670F71528DBC] - |A| - [10/04/2017 17:17:04] - (. - .) - [118.29 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.es-ES.resources [MD5.A9C794BEB7EE77CAB6C98375E979B6D4] - |A| - [10/04/2017 17:17:04] - (. - .) - [114.13 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.fi-FI.resources [MD5.B6D1B07002AF7BEE68145C7345E8707E] - |A| - [10/04/2017 17:17:05] - (. - .) - [116.16 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.fr-FR.resources [MD5.1D15D27609AFF2C7CAEAE8D701E74F9A] - |A| - [10/04/2017 17:17:05] - (. - .) - [128.81 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.he-IL.resources [MD5.55DBF4CFAC3549BA7733E0EE025589FB] - |A| - [10/04/2017 17:17:05] - (. - .) - [114.98 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.hu-HU.resources [MD5.7A5BA2BAB91DF0C1602AF4A00C0B4612] - |A| - [10/04/2017 17:17:05] - (. - .) - [120.85 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.it-IT.resources [MD5.31D92C318AB7D91311766F62B7D8E8F7] - |A| - [10/04/2017 17:17:06] - (. - .) - [131.45 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.ja-JP.resources [MD5.BE8E4AE53971FA0145B2189924203ECA] - |A| - [10/04/2017 17:17:06] - (. - .) - [118.6 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.ko-KR.resources [MD5.11FB500A509594C0E003FF85674B8EA2] - |A| - [10/04/2017 17:17:06] - (. - .) - [110.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.nb-NO.resources [MD5.A739A50062BE232912AB60F10E19660A] - |A| - [10/04/2017 17:17:07] - (. - .) - [115 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.nl-NL.resources [MD5.54AB3D614D6A42780555D2E2C62C69E3] - |A| - [10/04/2017 17:17:07] - (. - .) - [113.9 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.pl-PL.resources [MD5.E75CED9295449E4832BA75027545799D] - |A| - [10/04/2017 17:17:08] - (. - .) - [115.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.pt-BR.resources [MD5.C0A4D8BC3BCA1E032AF8CA7076004F03] - |A| - [10/04/2017 17:17:08] - (. - .) - [114.48 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.pt-PT.resources [MD5.3915E935F2D1D69795609742353F83FF] - |A| - [10/04/2017 17:17:08] - (. - .) - [159.73 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.ru-RU.resources [MD5.7D8ACC3BBFD31CCF4D54DEC6A14C7E5E] - |A| - [10/04/2017 17:17:08] - (. - .) - [113.51 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.sk-SK.resources [MD5.2F48BF3A4C85390D783BF8CE53D5C338] - |A| - [10/04/2017 17:17:08] - (. - .) - [109.89 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.sl-SI.resources [MD5.DC2A5446DB650963CD77415550DFB972] - |A| - [10/04/2017 17:17:09] - (. - .) - [114.77 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.sv-SE.resources [MD5.14D16733E9BFE9FCDA114F821D666E3E] - |A| - [10/04/2017 17:17:09] - (. - .) - [183.36 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.th-TH.resources [MD5.FCBA6230AAF141D21B1F170A6C40740A] - |A| - [10/04/2017 17:17:09] - (. - .) - [116.53 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.tr-TR.resources [MD5.1FB5A3F6EF2C80D0377F539CF592C8A6] - |A| - [10/04/2017 17:17:09] - (. - .) - [98.74 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.zh-CN.resources [MD5.5F8736A7478CB5D6DBCBA81E7A5D1ED9] - |A| - [10/04/2017 17:17:09] - (. - .) - [99.83 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gfxres.zh-TW.resources [MD5.FFB49EE58EF3E271AA25F847D3299047] - |A| - [10/04/2017 17:17:11] - (. - .) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\GfxUI.exe.config [MD5.6E4E7884E6489AC4F5E6DAB176A73E52] - |A| - [10/04/2017 17:17:17] - (. - .) - [19.23 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\GRAPHICS.COM [MD5.BC33AA625D6B807F718627386DF78426] - |A| - [10/04/2017 17:17:17] - (. - .) - [20.73 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\graphics.pro [MD5.38A1DCB87B5B81618EDFF3072399594E] - |A| - [09/04/2017 23:30:57] - (.2005-2017 COMODO. All rights reserved. - COMODO Internet Security.) - [715.2 Ko] - (10.0.1.6209) - C:\WINDOWS\SysWOW64\guard32.dll [MD5.38A1DCB87B5B81618EDFF3072399594E] - |A| - [10/04/2017 17:17:17] - (.2005-2017 COMODO. All rights reserved. - COMODO Internet Security.) - [715.2 Ko] - (10.0.1.6209) - C:\WINDOWS\SysWOW64\guard32_FromLFSULTRA-WIDEN.dll [MD5.370A293BBA0EA615553EEAE7598CCEE0] - |A| - [10/04/2017 17:17:23] - (. - .) - [3.59 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HideMyIpSRVOff.ini [MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - |A| - [10/04/2017 17:17:24] - (. - .) - [4.66 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HIMEM.SYS [MD5.6F4976E485DE966519BFD124557DDCE7] - |A| - [07/04/2017 08:18:13] - (. - .) - [355.5 Ko] - (3.0.0.20) - C:\WINDOWS\SysWOW64\HMIPCore.dll [MD5.6F4976E485DE966519BFD124557DDCE7] - |A| - [10/04/2017 17:17:25] - (. - .) - [355.5 Ko] - (3.0.0.20) - C:\WINDOWS\SysWOW64\HMIPCore_FromLFSULTRA-WIDEN.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [385 Ko] - C:\WINDOWS\SysWOW64\hr-HR [MD5.506C5BE8B184615F7F35A85C00A16E76] - |A| - [21/10/2015 03:14:48] - (. - .) - [108.48 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\hsa-thunk.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [705 Ko] - C:\WINDOWS\SysWOW64\hu-HU [MD5.1DE21EC4A2232FF4F5298ADCAE7B3690] - |A| - [10/04/2017 17:17:44] - (.Copyright © 1992-1995 Radius Inc., All Rights Reserved - Cinepak® Codec.) - [81 Ko] - (1.10.0.13) - C:\WINDOWS\SysWOW64\iccvid_FromLFSULTRA-WIDEN.dll [MD5.816B681CC308FAA128EDCB90643DCED7] - |A| - [10/04/2017 17:17:46] - (.Copyright ©1995-1997 Heidelberger Druckmaschinen AG - Microsoft Color Management Module (CMM).) - [210 Ko] - (6.1.7600.16385) - C:\WINDOWS\SysWOW64\icm32_FromLFSULTRA-WIDEN.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml [MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - |A| - [10/04/2017 17:17:52] - (. - .) - [59.04 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ideograf_FromLFSULTRA-WIDEN.uce [MD5.2CBD6D22499EB13A2666F62EF33D00E2] - |A| - [10/04/2017 17:18:48] - (. - .) - [15.92 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ieuinit_FromLFSULTRA-WIDEN.inf [MD5.1A3D8978E92A1844986F19F74B4A53CE] - |A| - [10/04/2017 17:19:57] - (.Copyright (C) 2009 - Intel® Graphics Media Accelerator Driver Coinstaller.) - [152 Ko] - (1.1.17.0) - C:\WINDOWS\SysWOW64\igfxCoIn_v2117.dll [MD5.75F924127CCBC1437FC827EA4AC479D8] - |A| - [10/04/2017 17:20:04] - (. - .) - [4 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\IGFXDEVLib.dll [MD5.27AA0D90A116890006551994D3545845] - |A| - [10/04/2017 17:21:12] - (. - .) - [2002.88 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\igkrng400.bin [MD5.99AF886F548DFA1AEC9868A8BF0F74FC] - |A| - [10/04/2017 17:21:14] - (. - .) - [1876.24 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\iglhxa32.cpa [MD5.7FEF5563D091D8A44B96DD4EBE0350AA] - |A| - [10/04/2017 17:21:17] - (. - .) - [1.06 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\iglhxa32.vp [MD5.A16E966DEBE65033E703CA9514753E11] - |A| - [10/04/2017 17:21:17] - (. - .) - [58.81 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\iglhxc32.vp [MD5.251D22DE1DF611739E4D0C7BAB2E80D6] - |A| - [10/04/2017 17:21:19] - (. - .) - [58.84 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\iglhxg32.vp [MD5.CB4DCAF11675F52D39035BCEE14ABA77] - |A| - [10/04/2017 17:21:20] - (. - .) - [58.61 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\iglhxo32.vp [MD5.F45F544E709CAF63EA81B80E097A2877] - |A| - [10/04/2017 17:21:20] - (. - .) - [38.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\iglhxs32.vp [MD5.63D2B014282D833076FF39F8BCB2CDCB] - |A| - [10/04/2017 17:21:22] - (.Copyright © 2010 - Intel® Graphics Media Accelerator Driver installer.) - [982.52 Ko] - (1.1.36.0) - C:\WINDOWS\SysWOW64\igxpun.exe [MD5.74B63C6989C65218D8A6B2437C8C58DB] - |A| - [10/04/2017 17:21:26] - (. - .) - [634.4 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\im-fre.exe [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [55479.61 Ko] - C:\WINDOWS\SysWOW64\IME [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [0 Ko] - C:\WINDOWS\SysWOW64\inetsrv [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [201 Ko] - C:\WINDOWS\SysWOW64\InputMethod [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi [MD5.0838C5A83A31B78E9BA817C3DB17A91C] - |A| - [10/04/2017 17:25:41] - (. - .) - [193 Ko] - (3.24.15.3) - C:\WINDOWS\SysWOW64\ir32_32_FromLFSULTRA-WIDEN.dll [MD5.CADC1F6669EC3F9143A33D1342C2410E] - |A| - [29/03/2017 18:24:40] - (. - .) - [209.5 Ko] - (1.0.0.110) - C:\WINDOWS\SysWOW64\ISCM32.dll [MD5.ED5D4435EC628F9EBB6AEC8A1D3FA41D] - |A| - [29/03/2017 18:24:41] - (. - .) - [704.36 Ko] - (1.0.0.2) - C:\WINDOWS\SysWOW64\ISCM64.dll [MD5.ACAA3955AEF5BE4B3A1035566A34CD7D] - |A| - [10/04/2017 17:26:08] - (.2005-2016 COMODO. All rights reserved. - Internet Security Essentials.) - [231.24 Ko] - (1.1.20283.43) - C:\WINDOWS\SysWOW64\iseguard32.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [745 Ko] - C:\WINDOWS\SysWOW64\it-IT [MD5.0DF538E4703218C5FEC14D31C65086B3] - |A| - [10/04/2017 17:26:12] - (.Copyright © 1997 - Intel Indeo® video IVF Source Filter 5.10.) - [143.5 Ko] - (5.10.2.51) - C:\WINDOWS\SysWOW64\ivfsrc_FromLFSULTRA-WIDEN.ax [MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - |A| - [10/04/2017 17:26:26] - (. - .) - [6.79 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\kanji_1_FromLFSULTRA-WIDEN.uce [MD5.529BBD63519BBD654EF328454019693F] - |A| - [10/04/2017 17:26:26] - (. - .) - [8.29 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\kanji_2_FromLFSULTRA-WIDEN.uce [MD5.4D7E256377A5E934EA1820B2CEA79131] - |A| - [10/04/2017 17:26:27] - (. - .) - [14.37 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\KB16.COM [MD5.5ACD11DF2AA5F3E3F30F785589B70347] - |A| - [13/11/2005 20:07:12] - (. - .) - [6.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\kc.exe [MD5.5ACD11DF2AA5F3E3F30F785589B70347] - |A| - [10/04/2017 17:27:32] - (. - .) - [6.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\kc_FromLFSULTRA-WIDEN.exe [MD5.492090267B9608C62B956CD29BE3AFB7] - |A| - [10/04/2017 17:27:35] - (. - .) - [41.81 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\KEY01.SYS [MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - |A| - [10/04/2017 17:27:36] - (. - .) - [41.54 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\KEYBOARD.SYS [MD5.6315AB54B0156C7B5B1B6E499601C171] - |A| - [29/10/2006 17:36:54] - (.Killer{R} - .) - [1158 Ko] - (2.8.4.0) - C:\WINDOWS\SysWOW64\killcopy.exe [MD5.6315AB54B0156C7B5B1B6E499601C171] - |A| - [10/04/2017 17:27:36] - (.Killer{R} - .) - [1158 Ko] - (2.8.4.0) - C:\WINDOWS\SysWOW64\killcopy_FromLFSULTRA-WIDEN.exe [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [572.5 Ko] - C:\WINDOWS\SysWOW64\ko-KR [MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - |A| - [10/04/2017 17:27:42] - (. - .) - [12.57 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\korean_FromLFSULTRA-WIDEN.uce [MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [10/04/2017 17:27:42] - (. - .) - [11687.04 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\korwbrkr.lex [MD5.1C7F1C3EA5894995E6C563E9AE9F029F] - |A| - [10/04/2017 17:27:57] - (.Copyright © 1996-1999 Fraunhofer Institut Integrierte Schaltungen IIS - MPEG Layer-3 Audio Codec for MSACM.) - [62.5 Ko] - (1.9.0.401) - C:\WINDOWS\SysWOW64\l3codeca_FromLFSULTRA-WIDEN.acm [MD5.F2394835BB47EFA3F8C0EE705AF87CD8] - |A| - [10/04/2017 17:27:58] - (.Copyright © 2004 Fraunhofer IIS - MPEG Audio Layer-3 Codec for MSACM.) - [215.5 Ko] - (3.4.0.0) - C:\WINDOWS\SysWOW64\l3codecp_FromLFSULTRA-WIDEN.acm [MD5.31E807C474DED41DFA5DCA956BBAAA53] - |A| - [09/04/2017 12:10:29] - (.Copyright © 2005 Elecard Ltd. - LAME Audio Encoder.) - [255 Ko] - (1.0.61.24875) - C:\WINDOWS\SysWOW64\lame.ax [MD5.31E807C474DED41DFA5DCA956BBAAA53] - |A| - [10/04/2017 17:27:58] - (.Copyright © 2005 Elecard Ltd. - LAME Audio Encoder.) - [255 Ko] - (1.0.61.24875) - C:\WINDOWS\SysWOW64\lame_FromLFSULTRA-WIDEN.ax [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 17:27:58] - [84 Ko] - C:\WINDOWS\SysWOW64\Lang [MD5.531FE5A2634D87A078017259F21D9736] - |A| - [10/04/2017 17:28:01] - (. - .) - [206.97 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\lcphrase_FromLFSULTRA-WIDEN.tbl [MD5.D3C85593F8C4576FCF9B42AC48CA4368] - |A| - [10/04/2017 17:28:02] - (. - .) - [23.55 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\lcptr_FromLFSULTRA-WIDEN.tbl [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [73.41 Ko] - C:\WINDOWS\SysWOW64\Licenses [MD5.4FCD4D80B89E5E3FE274A423F221293A] - |A| - [10/04/2017 17:28:02] - (. - .) - [47.86 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\license_FromLFSULTRA-WIDEN.rtf [MD5.536460507B20AE0F03D7BEE8111028CF] - |A| - [10/04/2017 17:28:05] - (. - .) - [1.1 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\LOADFIX.COM [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [0 Ko] - C:\WINDOWS\SysWOW64\LogFiles [MD5.B65E8E52916A527F88486875EE291AA8] - |A| - [26/10/2012 17:42:22] - (. - .) - [10663.85 Ko] - (13.80.853.0) - C:\WINDOWS\SysWOW64\LogiDPP.dll [MD5.24764C249F769991079F6D4B14B822AF] - |A| - [26/10/2012 17:42:22] - (. - .) - [100.85 Ko] - (13.80.853.0) - C:\WINDOWS\SysWOW64\LogiDPPApp.exe [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [378.5 Ko] - C:\WINDOWS\SysWOW64\lt-LT [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [380.5 Ko] - C:\WINDOWS\SysWOW64\lv-LV [MD5.BDC67729D0A4940C525654FF869C5289] - |A| - [26/10/2012 17:42:22] - (.(c) 1996-2012 Logitech. All rights reserved. - Video Codec.) - [297.85 Ko] - (13.80.853.0) - C:\WINDOWS\SysWOW64\lvcodec2.dll [MD5.E8C604C7E16CE90C0D4564EC06B118E8] - |A| - [26/10/2012 17:42:22] - (.(c) 1996-2012 Logitech. All rights reserved. - Logitech Camera Property Pages.) - [529.85 Ko] - (13.80.853.0) - C:\WINDOWS\SysWOW64\LVUI2.dll [MD5.F13DA78D0873B2025556D65DB5E3210D] - |A| - [26/10/2012 17:42:24] - (.(c) 1996-2012 Logitech. All rights reserved. - Logitech Camera Property Pages.) - [525.85 Ko] - (13.80.853.0) - C:\WINDOWS\SysWOW64\LVUI2RC.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [66074.16 Ko] - C:\WINDOWS\SysWOW64\Macromed [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [32.68 Ko] - C:\WINDOWS\SysWOW64\MailContactsCalendarSync [MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [10/04/2017 17:30:02] - (. - .) - [0.85 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\manage-bde.wsf [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 17:30:03] - [2029.01 Ko] - C:\WINDOWS\SysWOW64\manifeststore [MD5.39CE334A6E1CBED62462A0CCCC080A5C] - |A| - [21/10/2015 03:14:48] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [119.48 Ko] - (9.1.10.83) - C:\WINDOWS\SysWOW64\mantle32.dll [MD5.890CD0E80FA4CA7728FF49E372D789F2] - |A| - [21/10/2015 03:14:48] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [94.48 Ko] - (9.1.10.83) - C:\WINDOWS\SysWOW64\mantleaxl32.dll [MD5.98071B6EE16AA76DABFF377A5DC69C86] - |A| - [10/04/2017 17:30:07] - (. - .) - [0.52 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mapisvc.inf [MD5.84AB243EBB8839C268BA45975BD6558C] - |A| - [10/04/2017 17:30:07] - (.© Waves Audio Ltd. All rights reserved. - MaxxAudio APO.) - [129.27 Ko] - (1.2.2.0) - C:\WINDOWS\SysWOW64\MaxxAudioAPO.dll [MD5.08DC72FF7E209B748936ADA6124362B8] - |A| - [10/04/2017 17:30:08] - (.© Waves Audio Ltd. All rights reserved. - MaxxAudio APO.) - [227.34 Ko] - (2.2.8.0) - C:\WINDOWS\SysWOW64\MaxxAudioAPO20.dll [MD5.33CCA4B2289AA5F8753387A8BF18816B] - |A| - [10/04/2017 17:30:08] - (.© Waves Audio Ltd. All rights reserved. - MaxxAudio APO.) - [247 Ko] - (3.2.0.2) - C:\WINDOWS\SysWOW64\MaxxAudioAPO30.dll [MD5.F678031A1EF7C96DB09AE9F0DDB7F88E] - |A| - [10/04/2017 17:30:09] - (.Copyright © 1996-2007 - .) - [1893.27 Ko] - (5.9.7.0) - C:\WINDOWS\SysWOW64\MaxxAudioEQ.dll [MD5.DB2C8187A8397EF8CC08B411C509E80C] - |A| - [10/04/2017 17:30:09] - (.Copyright © 1996-2008 - .) - [1296 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\MaxxAudioRealtek.dll [MD5.6C75723CB2309D23A3A16EF9F45B2F49] - |A| - [10/04/2017 17:30:13] - (.© Waves Audio Ltd. All rights reserved. - MaxxVolumeSD APO.) - [246.84 Ko] - (3.1.0.0) - C:\WINDOWS\SysWOW64\MaxxVolumeSDAPO.dll [MD5.B28A051A70CFDEAC6EAC78CF476D9877] - |A| - [10/04/2017 17:30:19] - (. - .) - [43 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\MDA_NTDRV.sys [MD5.390762963E6B4C861E5E0CA5A3E56E40] - |A| - [10/04/2017 17:30:21] - (. - .) - [38.35 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mem.exe [MD5.0A277C42CBF52C2AF2BAA10B89F2A9AD] - |A| - [10/04/2017 17:31:50] - (.Copyright© 1995-2015 McAfee, Inc. All Rights Reserved. - McAfee Process Validation Service.) - [232.7 Ko] - (15.4.0.543) - C:\WINDOWS\SysWOW64\mfevtps.exe [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 17:32:09] - [3.7 Ko] - C:\WINDOWS\SysWOW64\Microsoft [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [6508.39 Ko] - C:\WINDOWS\SysWOW64\migration [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [33517.05 Ko] - C:\WINDOWS\SysWOW64\migwiz [MD5.ED434A3EBE29070A7E0138C42482EB93] - |A| - [10/04/2017 17:35:39] - (. - .) - [657.31 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mlang_FromLFSULTRA-WIDEN.dat [MD5.908A5A4561DFBF2062A4189C69FA4878] - |A| - [09/04/2017 13:18:56] - (. - .) - [620 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mp4muxlib.dll [MD5.AC674F2A4B89112098462B8E071B4171] - |A| - [09/04/2017 13:18:55] - (. - .) - [324 Ko] - (9.0.0.0) - C:\WINDOWS\SysWOW64\mp4_ds_mux.ax [MD5.FE064158FE5B98B5C542ACAA619DFFEA] - |A| - [09/04/2017 13:19:08] - (. - .) - [8.41 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mpeg4ax.cat [MD5.FE064158FE5B98B5C542ACAA619DFFEA] - |A| - [10/04/2017 17:36:05] - (. - .) - [8.41 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mpeg4ax_FromLFSULTRA-WIDEN.cat [MD5.2F193DB7F01692DAD429B9AD8DC17F2F] - |A| - [09/04/2017 13:19:08] - (. - .) - [8.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msaudio.cat [MD5.2F193DB7F01692DAD429B9AD8DC17F2F] - |A| - [10/04/2017 17:36:13] - (. - .) - [8.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\msaudio_FromLFSULTRA-WIDEN.cat [MD5.52C7505D68C3CE8496EC8DC17D8FF75A] - |A| - [10/04/2017 17:36:14] - (. - .) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\mscdexnt.exe [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [4200.57 Ko] - C:\WINDOWS\SysWOW64\MsDtc [MD5.5A72F87F75A5EA7B46DC3AD87302FE00] - |A| - [10/04/2017 17:37:12] - (. - .) - [356 Ko] - (4.0.9756.0) - C:\WINDOWS\SysWOW64\msjetoledb40_FromLFSULTRA-WIDEN.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [43.63 Ko] - C:\WINDOWS\SysWOW64\MUI [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [683 Ko] - C:\WINDOWS\SysWOW64\nb-NO [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF [MD5.86166DAA04A6C154826508304CC6D4AC] - |A| - [10/04/2017 17:38:36] - (. - .) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\NdfEventView_FromLFSULTRA-WIDEN.xml [MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [10/04/2017 17:38:54] - (. - .) - [21.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\NetTrace.PLA.Diagnostics.xml [MD5.5E835121A3899CFA37E285E0CA2B4E7D] - |A| - [10/04/2017 17:41:31] - (. - .) - [6.89 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\nlsfunc.exe [MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [10/04/2017 17:44:32] - (. - .) - [1.45 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\noise.kor [MD5.DE78E0C57BC478D47CC2F470B68E1A45] - |A| - [10/04/2017 17:44:32] - (. - .) - [0.72 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\NOISE_FromLFSULTRA-WIDEN.DAT [MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - |A| - [10/04/2017 17:44:41] - (. - .) - [27.21 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\NTDOS.SYS [MD5.CF9ED169FF86D935E47999E82359E898] - |A| - [10/04/2017 17:44:42] - (. - .) - [28.46 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\NTDOS404.SYS [MD5.03B945AC0481CD8BB161C3569D8ED1C3] - |A| - [10/04/2017 17:44:42] - (. - .) - [28.68 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\NTDOS411.SYS [MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - |A| - [10/04/2017 17:44:43] - (. - .) - [28.59 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\NTDOS412.SYS [MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - |A| - [10/04/2017 17:44:43] - (. - .) - [28.46 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\NTDOS804.SYS [MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - |A| - [10/04/2017 17:44:44] - (. - .) - [33.16 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\NTIO.SYS [MD5.A98EBD4C2DF983665BF2D1AF49949974] - |A| - [10/04/2017 17:44:44] - (. - .) - [33.86 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\NTIO404.SYS [MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - |A| - [10/04/2017 17:44:44] - (. - .) - [34.94 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\NTIO411.SYS [MD5.3E64D681B776CC57BDC38A46D881F85B] - |A| - [10/04/2017 17:44:45] - (. - .) - [34.7 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\NTIO412.SYS [MD5.D86B6435729231C171432B4E77801BDB] - |A| - [10/04/2017 17:44:45] - (. - .) - [33.86 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\NTIO804.SYS [MD5.00000000000000000000000000000000] - |SD| - [12/11/2016 09:22:36] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui [MD5.CE8AC7BCA89A2789235669DAEB1E0A5B] - |A| - [10/04/2017 17:45:02] - (. - .) - [4.35 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\odbcconf_FromLFSULTRA-WIDEN.rsp [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 17:45:07] - [1466.81 Ko] - C:\WINDOWS\SysWOW64\OEM [MD5.954AD7BE8D3E69BE52A4DE969128E41A] - |A| - [10/04/2017 17:45:37] - (. - .) - [0.33 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\oem_Get_OS_Language.log [MD5.2901049544FDF863362FABA2363EB647] - |A| - [10/04/2017 17:45:48] - (. - .) - [0.82 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\onlinesetup.cmd [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [19098.47 Ko] - C:\WINDOWS\SysWOW64\oobe [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 17:47:02] - [0.03 Ko] - C:\WINDOWS\SysWOW64\oodag [MD5.A029A434A3035429628CA35102FFB907] - |A| - [10/04/2017 17:47:17] - (. - .) - [0.11 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\pcl_FromLFSULTRA-WIDEN.sep [MD5.05F9F372CFDCD42ADD75BB4D2399170F] - |A| - [09/04/2017 13:18:57] - (. - .) - [28 Ko] - (1.0.0.63) - C:\WINDOWS\SysWOW64\PCWinSoftPBar.ocx [MD5.E8591978F78248294CA3459B0266AA13] - |A| - [10/04/2017 17:47:20] - (. - .) - [118.75 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\perfc009.dat [MD5.E6000FC19085367E67C02FA2744C06B6] - |A| - [10/04/2017 17:47:20] - (. - .) - [146.14 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\perfc00C.dat [MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/04/2017 17:47:21] - (. - .) - [113.56 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PerfCenterCpl.ico [MD5.7AAA3E23CE4C7845B112F7A79B110E60] - |A| - [10/04/2017 17:47:22] - (. - .) - [30.81 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\perfd009.dat [MD5.07BA000B2E67565BDF112C35171865A5] - |A| - [10/04/2017 17:47:22] - (. - .) - [37.27 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\perfd00C.dat [MD5.A8CAD937C6C273C16C7091B8F38E19FF] - |A| - [10/04/2017 17:47:22] - (. - .) - [638.4 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\perfh009.dat [MD5.B4020750821308EF579C801C22F20947] - |A| - [10/04/2017 17:47:23] - (. - .) - [729.64 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\perfh00C.dat [MD5.CAF17B2FBEA9E57A9D138ED31B7F4697] - |A| - [12/11/2016 13:28:29] - (. - .) - [2207.85 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PerfStringBackup.INI [MD5.9FA0BA56FF6901E12EBB96CAE5F45CAA] - |A| - [10/04/2017 17:47:27] - (. - .) - [1628.21 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PerfStringBackup_FromLFSULTRA-WIDEN.INI [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [714.5 Ko] - C:\WINDOWS\SysWOW64\pl-PL [MD5.BC949EA893A9384070C31F083CCEFD26] - |A| - [10/04/2017 17:47:42] - (. - .) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PLD_Framework.cmd [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:16] - [840.83 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts [MD5.00000000000000000000000000000000] - |D| - [09/04/2017 12:10:37] - [0 Ko] - C:\WINDOWS\SysWOW64\Profiles [MD5.C09741B9886EF0D15EC3B1443352FB62] - |A| - [10/04/2017 17:48:15] - (. - .) - [0.05 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\pscript_FromLFSULTRA-WIDEN.sep [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [714.5 Ko] - C:\WINDOWS\SysWOW64\pt-BR [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [712 Ko] - C:\WINDOWS\SysWOW64\pt-PT [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [47.49 Ko] - C:\WINDOWS\SysWOW64\ras [MD5.3A77C18665A4C8428768CE186A5BC1EF] - |A| - [10/04/2017 17:48:46] - (. - .) - [1.78 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\rasctrnm_FromLFSULTRA-WIDEN.h [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast [MD5.BBB40CA86B88918864D16CFAC9D4ABA4] - |A| - [10/04/2017 17:49:02] - (. - .) - [2.78 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\redir.exe [MD5.3F75A221A01F68D6CE67FE99A868BD8F] - |A| - [10/04/2017 17:49:08] - (. - .) - [0.17 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\RestartManagerUninstall_FromLFSULTRA-WIDEN.mof [MD5.43E7D0AB6A8564F5BF375FBF0934FAD1] - |A| - [10/04/2017 17:49:07] - (. - .) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\RestartManager_FromLFSULTRA-WIDEN.mof [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [0.07 Ko] - C:\WINDOWS\SysWOW64\restore [MD5.A6CD9184A8EB856B5FB16718BED0E0C3] - |A| - [10/04/2017 17:49:08] - (. - .) - [13.57 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\results.xml [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [387.5 Ko] - C:\WINDOWS\SysWOW64\ro-RO [MD5.39B9273CA01364E115B464416CFB729B] - |A| - [10/04/2017 17:49:18] - (.Copyright ¬ 1995-2004 - robocopy.) - [96.5 Ko] - (5.1.10.1027) - C:\WINDOWS\SysWOW64\Robocopy_FromLFSULTRA-WIDEN.exe [MD5.DFAC006A189D2CC302F53DFDEE3D74D3] - |A| - [10/04/2017 17:49:19] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x86.) - [286.7 Ko] - (6.0.6001.18) - C:\WINDOWS\SysWOW64\RP3DAA32.dll [MD5.655DDC227B11790127A8CBFA7E9CF700] - |A| - [10/04/2017 17:49:20] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x86.) - [286.7 Ko] - (6.0.6001.18) - C:\WINDOWS\SysWOW64\RP3DHT32.dll [MD5.F5C5B3A75783BEFF7257EABA026783CA] - |A| - [11/04/2017 14:17:44] - (.Copyright (c) 2000 - 2015 Advanced Messaging Systems LLC - Outlook Redemption COM library.) - [7776.6 Ko] - (5.10.0.4312) - C:\WINDOWS\SysWOW64\rsror32.dll [MD5.3FE1177C731A499D875FFD2555C0EED1] - |A| - [11/04/2017 14:17:54] - (.Copyright (c) 2000 - 2015 Advanced Messaging Systems LLC - Outlook Redemption COM library.) - [2393.6 Ko] - (5.10.0.4312) - C:\WINDOWS\SysWOW64\rsrorx32.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:50:40] - [2731.61 Ko] - C:\WINDOWS\SysWOW64\RTCOM [MD5.573A6934D4BC8FB8F19AB6E47EBB9128] - |A| - [10/04/2017 17:49:29] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x86.) - [164.7 Ko] - (6.1.6001.33) - C:\WINDOWS\SysWOW64\RTEED32A.dll [MD5.B747DDAA11333F1EABB35E2AE2E877C9] - |A| - [10/04/2017 17:49:29] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x86.) - [61.2 Ko] - (6.1.6001.33) - C:\WINDOWS\SysWOW64\RTEEG32A.dll [MD5.52999C60386C123BDD6C93D73BEF37CD] - |A| - [10/04/2017 17:49:29] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x86.) - [74.7 Ko] - (6.1.6001.33) - C:\WINDOWS\SysWOW64\RTEEL32A.dll [MD5.6285E76879D717C3C978A794130DADE8] - |A| - [10/04/2017 17:49:29] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x86.) - [349.2 Ko] - (6.1.6001.33) - C:\WINDOWS\SysWOW64\RTEEP32A.dll [MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [10/04/2017 17:49:47] - (. - .) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ScavengeSpace.xml [MD5.AD7B906FC883959E56E210B2B077CA00] - |A| - [10/04/2017 17:50:17] - (. - .) - [11.48 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\setver.exe [MD5.68062C0ECE86AB7801B5B47FDC855A06] - |A| - [10/04/2017 17:50:19] - (. - .) - [0.86 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\share.exe [MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - |A| - [10/04/2017 17:50:34] - (. - .) - [16.35 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ShiftJIS_FromLFSULTRA-WIDEN.uce [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [388.5 Ko] - C:\WINDOWS\SysWOW64\sk-SK [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [381.5 Ko] - C:\WINDOWS\SysWOW64\sl-SI [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:16] - [94.81 Ko] - C:\WINDOWS\SysWOW64\slmgr [MD5.38482A5013D8AB40DF0FB15EAE022C57] - |A| - [10/04/2017 17:50:44] - (. - .) - [110.97 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\slmgr_FromLFSULTRA-WIDEN.vbs [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [9858.02 Ko] - C:\WINDOWS\SysWOW64\SMI [MD5.E105496A1A00A847BC2F9913F1DA94A1] - |A| - [10/04/2017 17:51:02] - (.Copyright 2010 - Sonix Property Wrapper.) - [209.38 Ko] - (1.0.1.0) - C:\WINDOWS\SysWOW64\Snpropwp.dll [MD5.68406207E9400E608AF366DD019D9487] - |A| - [09/04/2017 13:18:56] - (. - .) - [36 Ko] - (1.0.0.153) - C:\WINDOWS\SysWOW64\Sof2FFTPrj.ocx [MD5.68406207E9400E608AF366DD019D9487] - |A| - [10/04/2017 17:51:02] - (. - .) - [36 Ko] - (1.0.0.153) - C:\WINDOWS\SysWOW64\Sof2FFTPrj_FromLFSULTRA-WIDEN.ocx [MD5.C74D61FCA22F36791105D7878AF73572] - |A| - [10/04/2017 17:51:05] - (. - .) - [8.09 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\spcinstrumentation.man [MD5.3B40165A039BFDCF1CF8AE822B438547] - |A| - [09/04/2017 13:18:56] - (. - .) - [28 Ko] - (1.0.0.30) - C:\WINDOWS\SysWOW64\SpecBarPrj.ocx [MD5.3B40165A039BFDCF1CF8AE822B438547] - |A| - [10/04/2017 17:51:05] - (. - .) - [28 Ko] - (1.0.0.30) - C:\WINDOWS\SysWOW64\SpecBarPrj_FromLFSULTRA-WIDEN.ocx [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [4202.34 Ko] - C:\WINDOWS\SysWOW64\Speech [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [6272.84 Ko] - C:\WINDOWS\SysWOW64\Speech_OneCore [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [3035.49 Ko] - C:\WINDOWS\SysWOW64\spp [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [62.07 Ko] - C:\WINDOWS\SysWOW64\sppui [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 17:53:29] - [1699 Ko] - C:\WINDOWS\SysWOW64\SPReview [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [393 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-CS [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [219.5 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-RS [MD5.272BF8E5DBDAF0614CC367A25EA3B256] - |A| - [10/04/2017 17:54:15] - (.(c) 2007 SRS Labs, Inc. All rights reserved. - COM object implementing SRS Headphone 360.) - [169.23 Ko] - (1.1.0.0) - C:\WINDOWS\SysWOW64\SRSHP360.dll [MD5.029F36DE21AFBDD2865CC657E252EBA7] - |A| - [10/04/2017 17:54:15] - (.Copyright (c) 2006 SRS Labs, Inc.. All rights reserved. - TruSurround HD and HD4 COM object for Windows.) - [181.23 Ko] - (1.1.4.0) - C:\WINDOWS\SysWOW64\SRSTSHD.dll [MD5.8C83CED38F8CAC3E8D5A953C03BCF4B4] - |A| - [10/04/2017 17:54:16] - (.Copyright 2002 SRS Labs, Inc. All Rights Reserved. - TruSurroundXT Module.) - [337.23 Ko] - (3.2.0.0) - C:\WINDOWS\SysWOW64\SRSTSXT.dll [MD5.A258F7B2B84E88118369B0B2196CC257] - |A| - [10/04/2017 17:54:17] - (.(c) 2006 SRS Labs, Inc. All rights reserved. - WOW HD COM object for Windows.) - [137.23 Ko] - (1.1.3.0) - C:\WINDOWS\SysWOW64\SRSWOW.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [0 Ko] - C:\WINDOWS\SysWOW64\sru [MD5.B667EA585530856CA7F7D4152863C8DE] - |A| - [09/04/2017 12:10:28] - (.Copyright (C) 2005-2012 Timo "TimoSoft" Kunze - StatusBar ActiveX Control (Unicode).) - [407 Ko] - (1.3.2.126) - C:\WINDOWS\SysWOW64\StatBarU.ocx [MD5.B667EA585530856CA7F7D4152863C8DE] - |A| - [10/04/2017 17:54:22] - (.Copyright (C) 2005-2012 Timo "TimoSoft" Kunze - StatusBar ActiveX Control (Unicode).) - [407 Ko] - (1.3.2.126) - C:\WINDOWS\SysWOW64\StatBarU_FromLFSULTRA-WIDEN.ocx [MD5.30F5568679A54042F99CA9EC1102EBCD] - |A| - [10/04/2017 17:54:25] - (. - .) - [91.51 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\SubRange_FromLFSULTRA-WIDEN.uce [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [692 Ko] - C:\WINDOWS\SysWOW64\sv-SE [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:16] - [343.3 Ko] - C:\WINDOWS\SysWOW64\sysprep [MD5.74943B60374CB5F9C6F9907F8BD2F79A] - |A| - [10/04/2017 17:54:45] - (. - .) - [3.14 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\sysprint_FromLFSULTRA-WIDEN.sep [MD5.9E1F3509104FCEB377A58A16E8243D39] - |A| - [10/04/2017 17:54:46] - (. - .) - [3.49 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\sysprtj_FromLFSULTRA-WIDEN.sep [MD5.B8CBB46B42570D373C9933FBDF25EBCE] - |A| - [10/04/2017 17:54:50] - (. - .) - [143.41 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\systemsf.ebd [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [266.05 Ko] - C:\WINDOWS\SysWOW64\Tasks [MD5.C059C6B7518A9D6DE3616A3143392FE6] - |A| - [10/04/2017 17:55:34] - (. - .) - [1.02 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\tcpbidi_FromLFSULTRA-WIDEN.xml [MD5.47F22CAD4A16BB40153555D631546B94] - |A| - [10/04/2017 17:55:35] - (. - .) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\tcpmon.ini [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [362 Ko] - C:\WINDOWS\SysWOW64\th-TH [MD5.0D43857D81CBDF4FC3536D8472F35303] - |A| - [09/04/2017 13:18:56] - (.Copyright © 2010 - 1AVCapture .) - [72 Ko] - (1.9.9.10) - C:\WINDOWS\SysWOW64\TOverlay.ax [MD5.0D43857D81CBDF4FC3536D8472F35303] - |A| - [10/04/2017 17:55:51] - (.Copyright © 2010 - 1AVCapture .) - [72 Ko] - (1.9.9.10) - C:\WINDOWS\SysWOW64\TOverlay_FromLFSULTRA-WIDEN.ax [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [685.5 Ko] - C:\WINDOWS\SysWOW64\tr-TR [MD5.2653282D9DC9DB635E03780C02B053D8] - |A| - [10/04/2017 17:56:24] - (. - .) - [21 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\umstartup.etl [MD5.132EEA9C6FEE5A7CE43264BF2614F4B7] - |A| - [10/04/2017 17:56:25] - (. - .) - [9 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\umstartup000.etl [MD5.94BAA9A70041899993D0078C039FE5CC] - |A| - [09/04/2017 12:10:29] - (.Copyright (C) 2003-2004 by Unreal Streaming Technologies Group - DirectShow media source..) - [184 Ko] - (5.0.0.160) - C:\WINDOWS\SysWOW64\UScreenCapture.ax [MD5.94BAA9A70041899993D0078C039FE5CC] - |A| - [10/04/2017 17:56:32] - (.Copyright (C) 2003-2004 by Unreal Streaming Technologies Group - DirectShow media source..) - [184 Ko] - (5.0.0.160) - C:\WINDOWS\SysWOW64\UScreenCapture_FromLFSULTRA-WIDEN.ax [MD5.8AFFFDA081CFF3057391FEDBBB483601] - |A| - [09/04/2017 12:17:58] - (.Copyright @. All rights reserved. - UTSCSI Application.) - [44 Ko] - (1.0.0.2) - C:\WINDOWS\SysWOW64\UTSCSI.EXE [MD5.86491AD7BC0964089CD4E703E65D45DB] - |A| - [10/04/2017 17:56:40] - (. - .) - [18.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\v7vga.rom [MD5.15BD0F8D507546F512EE5D73C3721FA8] - |A| - [10/04/2017 17:56:57] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\WINDOWS\SysWOW64\vfpodbc.dll [MD5.F07C5D2CB67D7044E5E12EC2D2460D6F] - |A| - [09/04/2017 13:19:08] - (. - .) - [40 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\wavdest.ax [MD5.F07C5D2CB67D7044E5E12EC2D2460D6F] - |A| - [10/04/2017 17:57:07] - (. - .) - [40 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\wavdest_FromLFSULTRA-WIDEN.ax [MD5.10B04CCF552C649EA93CCA00B857912A] - |A| - [10/04/2017 17:57:07] - (.Copyright © 1996-2007 - General Library for Plug-Ins.) - [1697.34 Ko] - (1.0.0.0) - C:\WINDOWS\SysWOW64\WavesGUILib.dll [MD5.CE1E84AA03EE50362D3C69382DCFA294] - |A| - [10/04/2017 17:57:09] - (.Copyright © 1996-2007 - General Library for Plug-Ins.) - [1741.27 Ko] - (5.9.7.0) - C:\WINDOWS\SysWOW64\WavesLib.dll [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [38634.17 Ko] - C:\WINDOWS\SysWOW64\wbem [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:16] - [47.61 Ko] - C:\WINDOWS\SysWOW64\WCN [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 17:59:31] - [22473.43 Ko] - C:\WINDOWS\SysWOW64\wdi [MD5.BDDF10F9D8E179323BC1B49603809EB0] - |A| - [10/04/2017 18:00:16] - (. - .) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WdsUnattendTemplate.xml [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 18:00:28] - [0 Ko] - C:\WINDOWS\SysWOW64\wfp [MD5.C980C971AD4FF3CA5CEFDEF40932D3A1] - |A| - [10/04/2017 18:00:39] - (. - .) - [13 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\win87em.dll [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 18:00:39] - [0 Ko] - C:\WINDOWS\SysWOW64\WinBioDatabase [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 18:00:39] - [71 Ko] - C:\WINDOWS\SysWOW64\WinBioPlugIns [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [16530.83 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell [MD5.00000000000000000000000000000000] - |D| - [10/04/2017 18:01:24] - [4852 Ko] - C:\WINDOWS\SysWOW64\winevt [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [4228.5 Ko] - C:\WINDOWS\SysWOW64\WinMetadata [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:33:16] - [213.79 Ko] - C:\WINDOWS\SysWOW64\winrm [MD5.33C138E3A498083EF8792EAC3FD707BA] - |A| - [10/04/2017 18:02:00] - (. - .) - [0.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\winrm_FromLFSULTRA-WIDEN.cmd [MD5.5B49271AEC5D5A221E91C7B4F3BC2F4C] - |A| - [10/04/2017 18:02:00] - (. - .) - [196.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\winrm_FromLFSULTRA-WIDEN.vbs [MD5.3C436603213561E2E7DD3D4459DBB7D4] - |A| - [10/04/2017 18:03:50] - (. - .) - [4.57 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\wsmanconfig_schema_FromLFSULTRA-WIDEN.xml [MD5.D6CBFA113B69C491DE370E85EBAC80E9] - |A| - [10/04/2017 18:03:52] - (. - .) - [1.52 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WsmPty_FromLFSULTRA-WIDEN.xsl [MD5.B2EDF82825D979928AE07CBE9C7A2160] - |A| - [10/04/2017 18:03:54] - (. - .) - [2.37 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WsmTxt_FromLFSULTRA-WIDEN.xsl [MD5.9D6B8FC71167D22849424084F0F3D9E9] - |A| - [10/04/2017 18:04:17] - (. - .) - [74.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xpsrchvw_FromLFSULTRA-WIDEN.xml [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:35:01] - [20.31 Ko] - C:\WINDOWS\SysWOW64\XPSViewer [MD5.CFB89001DDE4224FB10C47E3DB3F5956] - |A| - [10/04/2017 18:04:25] - (. - .) - [3.95 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xwizard_FromLFSULTRA-WIDEN.dtd [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [527 Ko] - C:\WINDOWS\SysWOW64\zh-CN [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [443.5 Ko] - C:\WINDOWS\SysWOW64\zh-HK [MD5.00000000000000000000000000000000] - |D| - [12/11/2016 09:22:36] - [522 Ko] - C:\WINDOWS\SysWOW64\zh-TW [MD5.4965107D112666D3835308A831A29274] - |A| - [04/04/2017 15:20:01] - (.(C) 1995-2002 Jean-loup Gailly & Mark Adler - zlib data compression library.) - [52 Ko] - (1.1.4.0) - C:\WINDOWS\SysWOW64\zlib.dll [MD5.4965107D112666D3835308A831A29274] - |A| - [10/04/2017 18:04:39] - (.(C) 1995-2002 Jean-loup Gailly & Mark Adler - zlib data compression library.) - [52 Ko] - (1.1.4.0) - C:\WINDOWS\SysWOW64\zlib_FromLFSULTRA-WIDEN.dll ---------- | Shell Folders [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead "AppData"=C:\Users\Jean-Marie\AppData\Roaming [12/11/2016 09:57:55] "Local AppData"=C:\Users\Jean-Marie\AppData\Local [12/11/2016 09:57:56] "{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Libraries [12/11/2016 10:02:24] "My Video"=C:\Users\Jean-Marie\Videos [10/11/2016 15:52:02] "My Pictures"=C:\Users\Jean-Marie\Pictures [10/11/2016 15:52:02] "Desktop"=C:\Users\Jean-Marie\Desktop [10/11/2016 15:52:04] "History"=C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\History [12/11/2016 09:57:56] "NetHood"=C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Network Shortcuts [12/11/2016 09:57:55] "{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\Jean-Marie\Contacts [10/11/2016 15:54:29] "{00BCFC5A-ED94-4E48-96A1-3F6217F21990}"=C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\RoamingTiles [12/11/2016 10:09:10] "Cookies"=C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\INetCookies [12/11/2016 09:57:56] "Favorites"=C:\Users\Jean-Marie\Favorites [10/11/2016 15:52:02] "SendTo"=C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\SendTo [12/11/2016 09:57:55] "Start Menu"=C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu [12/11/2016 09:57:55] "My Music"=C:\Users\Jean-Marie\Music [10/11/2016 15:52:02] "Programs"=C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [12/11/2016 09:57:55] "Recent"=C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Recent [12/11/2016 09:57:55] "CD Burning"=C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\Burn\Burn [12/11/2016 10:14:10] "PrintHood"=C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [12/11/2016 09:57:55] "{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\Jean-Marie\Searches [12/11/2016 10:09:10] "{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\Jean-Marie\Downloads [10/11/2016 15:52:02] "{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\Jean-Marie\AppData\LocalLow [10/11/2016 15:52:15] "Startup"=C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [12/11/2016 10:09:10] "Administrative Tools"=C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [12/11/2016 10:09:10] "Personal"=C:\Users\Jean-Marie\Documents [10/11/2016 15:52:02] "{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\Jean-Marie\Links [10/11/2016 15:52:02] "Cache"=C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\INetCache [12/11/2016 09:57:56] "Templates"=C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Templates [12/11/2016 09:57:55] "{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\Jean-Marie\Saved Games [10/11/2016 15:52:02] "Fonts"=C:\WINDOWS\Fonts [12/11/2016 09:22:34] [HKU\S-1-5-21-1766228302-1366166313-1596766668-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "AppData"=%USERPROFILE%\AppData\Roaming "Desktop"=%USERPROFILE%\Desktop "Favorites"=%USERPROFILE%\Favorites "History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History "Local AppData"=%USERPROFILE%\AppData\Local "My Music"=%USERPROFILE%\Music "My Pictures"=%USERPROFILE%\Pictures "My Video"=%USERPROFILE%\Videos "NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts "Personal"=%USERPROFILE%\Documents "PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts "Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs "Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent "SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo "Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu "Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup "Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates "{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads "Cache"=C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\INetCache [12/11/2016 09:57:56] "Cookies"=C:\Users\Jean-Marie\AppData\Local\Microsoft\Windows\INetCookies [12/11/2016 09:57:56] [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [12/11/2016 09:22:34] "Common AppData"=C:\ProgramData [12/11/2016 09:22:34] "Common Desktop"=C:\Users\Public\Desktop [26/07/2012 10:12:59] "Common Documents"=C:\Users\Public\Documents [26/07/2012 10:12:59] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [12/11/2016 09:22:34] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [12/11/2016 09:22:34] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [12/11/2016 09:22:34] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [26/07/2012 10:12:59] "CommonMusic"=C:\Users\Public\Music [26/07/2012 10:12:59] "CommonPictures"=C:\Users\Public\Pictures [26/07/2012 10:12:59] "CommonVideo"=C:\Users\Public\Videos [26/07/2012 10:12:59] "OEM Links"=C:\ProgramData\OEM\Links [HKLM64\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders] "Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [12/11/2016 09:22:34] "Common AppData"=C:\ProgramData [12/11/2016 09:22:34] "Common Desktop"=C:\Users\Public\Desktop [26/07/2012 10:12:59] "Common Documents"=C:\Users\Public\Documents [26/07/2012 10:12:59] "Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [12/11/2016 09:22:34] "Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [12/11/2016 09:22:34] "Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [12/11/2016 09:22:34] "Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [26/07/2012 10:12:59] "CommonMusic"=C:\Users\Public\Music [26/07/2012 10:12:59] "CommonPictures"=C:\Users\Public\Pictures [26/07/2012 10:12:59] "CommonVideo"=C:\Users\Public\Videos [26/07/2012 10:12:59] "OEM Links"=C:\ProgramData\OEM\Links [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders] "Common AppData"=%ProgramData% "Common Desktop"=%PUBLIC%\Desktop "Common Documents"=%PUBLIC%\Documents "Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs "Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu "Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup "Common Templates"=%ProgramData%\Microsoft\Windows\Templates "CommonMusic"=%PUBLIC%\Music "CommonPictures"=%PUBLIC%\Pictures "CommonVideo"=%PUBLIC%\Videos "{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads ---------- | [Acronis Agent User] [10/04/2017 05:12:31] - |D| - [5294543] - C:\Users\Acronis Agent User\AppData\Local [10/04/2017 05:20:22] - |D| - [0] - C:\Users\Acronis Agent User\AppData\LocalLow [10/04/2017 05:20:27] - |D| - [19394] - C:\Users\Acronis Agent User\AppData\Roaming [10/04/2017 05:12:31] - |D| - [0] - C:\Users\Acronis Agent User\AppData\Local\Application Data [10/04/2017 05:12:43] - |D| - [0] - C:\Users\Acronis Agent User\AppData\Local\Historique [10/04/2017 05:12:57] - |D| - [5292724] - C:\Users\Acronis Agent User\AppData\Local\Microsoft [10/04/2017 05:19:57] - |D| - [1819] - C:\Users\Acronis Agent User\AppData\Local\Temp [10/04/2017 05:20:01] - |D| - [0] - C:\Users\Acronis Agent User\AppData\Local\Temporary Internet Files [10/04/2017 05:20:27] - |D| - [19394] - C:\Users\Acronis Agent User\AppData\Roaming\Microsoft [10/04/2017 05:20:56] - |D| - [0] - C:\Users\Acronis Agent User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [10/04/2017 05:21:00] - |D| - [2292] - C:\Users\Acronis Agent User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [10/04/2017 05:21:00] - |D| - [1974] - C:\Users\Acronis Agent User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [10/04/2017 05:21:41] - |D| - [318] - C:\Users\Acronis Agent User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance ---------- | [Jean-Marie] [12/11/2016 09:57:56] - |D| - [2752209829] - C:\Users\Jean-Marie\AppData\Local [10/11/2016 15:52:15] - |D| - [8490056] - C:\Users\Jean-Marie\AppData\LocalLow [12/11/2016 09:57:55] - |D| - [1335725605] - C:\Users\Jean-Marie\AppData\Roaming [11/04/2017 13:26:51] - |D| - [440000] - C:\Users\Jean-Marie\AppData\Local\ACD Systems [30/03/2017 20:32:53] - |D| - [688496] - C:\Users\Jean-Marie\AppData\Local\AdAwareDesktop [30/03/2017 16:42:28] - |D| - [688496] - C:\Users\Jean-Marie\AppData\Local\AdAwareUpdater [11/04/2017 12:33:31] - |D| - [345] - C:\Users\Jean-Marie\AppData\Local\Adobe [12/11/2016 10:15:07] - |D| - [98760] - C:\Users\Jean-Marie\AppData\Local\AMD [12/11/2016 16:27:22] - |D| - [1953204] - C:\Users\Jean-Marie\AppData\Local\Apowersoft [12/11/2016 09:57:56] - |SHD| - [28778472719] - C:\Users\Jean-Marie\AppData\Local\Application Data [30/03/2017 11:15:00] - |D| - [381620] - C:\Users\Jean-Marie\AppData\Local\ashampoo [08/04/2017 12:42:02] - |D| - [3288] - C:\Users\Jean-Marie\AppData\Local\Ashampoo Backup PB [12/11/2016 10:14:29] - |D| - [66104] - C:\Users\Jean-Marie\AppData\Local\ATI [09/04/2017 13:05:07] - |D| - [714] - C:\Users\Jean-Marie\AppData\Local\ChemTable Software [12/11/2016 10:51:55] - |D| - [19423236] - C:\Users\Jean-Marie\AppData\Local\Comms [08/04/2017 09:05:17] - |D| - [37775777] - C:\Users\Jean-Marie\AppData\Local\CompuClever [12/11/2016 10:08:51] - |D| - [421736] - C:\Users\Jean-Marie\AppData\Local\ConnectedDevicesPlatform [01/04/2017 10:58:25] - |D| - [12072718] - C:\Users\Jean-Marie\AppData\Local\CrashDumps [07/04/2017 14:33:01] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\CrashRpt [29/03/2017 18:12:07] - |D| - [100145] - C:\Users\Jean-Marie\AppData\Local\CyberGhost [14/11/2016 19:14:54] - |D| - [1503400] - C:\Users\Jean-Marie\AppData\Local\CyberLink [12/11/2016 11:52:06] - |D| - [63295488] - C:\Users\Jean-Marie\AppData\Local\Downloaded Installations [08/04/2017 09:05:05] - |D| - [2836618] - C:\Users\Jean-Marie\AppData\Local\DownloadFileOpener [12/11/2016 09:57:56] - |SHD| - [130] - C:\Users\Jean-Marie\AppData\Local\Historique [03/04/2017 16:29:57] - |D| - [456] - C:\Users\Jean-Marie\AppData\Local\Icecream [07/04/2017 12:09:00] - |D| - [420194792] - C:\Users\Jean-Marie\AppData\Local\Innovative Solutions [29/03/2017 18:51:39] - |D| - [82] - C:\Users\Jean-Marie\AppData\Local\iSkysoft [07/04/2017 12:07:52] - |D| - [5616311] - C:\Users\Jean-Marie\AppData\Local\Kotobee Author [02/04/2017 10:18:56] - |D| - [586] - C:\Users\Jean-Marie\AppData\Local\LabPixels [09/04/2017 13:09:11] - |D| - [4768] - C:\Users\Jean-Marie\AppData\Local\Lavasoft [14/11/2016 20:17:30] - |D| - [2914129] - C:\Users\Jean-Marie\AppData\Local\Logitech® Webcam Software [12/11/2016 09:57:56] - |D| - [425962837] - C:\Users\Jean-Marie\AppData\Local\Microsoft [12/11/2016 10:25:42] - |D| - [82095] - C:\Users\Jean-Marie\AppData\Local\MicrosoftEdge [12/11/2016 14:05:55] - |D| - [22783159] - C:\Users\Jean-Marie\AppData\Local\Moonchild Productions [12/11/2016 10:29:20] - |D| - [364156008] - C:\Users\Jean-Marie\AppData\Local\Mozilla [01/04/2017 15:36:55] - |D| - [213475073] - C:\Users\Jean-Marie\AppData\Local\Opera Software [12/11/2016 10:09:01] - |D| - [84858262] - C:\Users\Jean-Marie\AppData\Local\Packages [15/11/2016 10:50:51] - |D| - [40960] - C:\Users\Jean-Marie\AppData\Local\Power2Go11 [12/11/2016 16:27:11] - |D| - [177586248] - C:\Users\Jean-Marie\AppData\Local\Programs [11/04/2017 14:47:06] - |D| - [583] - C:\Users\Jean-Marie\AppData\Local\PRO_PC_Cleaner [12/11/2016 10:11:36] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\Publishers [12/11/2016 09:57:56] - |D| - [770226599] - C:\Users\Jean-Marie\AppData\Local\Temp [12/11/2016 09:57:56] - |SHD| - [81196257] - C:\Users\Jean-Marie\AppData\Local\Temporary Internet Files [12/11/2016 10:08:57] - |D| - [15622144] - C:\Users\Jean-Marie\AppData\Local\TileDataLayer [30/03/2017 12:13:41] - |D| - [0] - C:\Users\Jean-Marie\AppData\Local\Top Studio [12/11/2016 10:09:05] - |D| - [6064] - C:\Users\Jean-Marie\AppData\Local\VirtualStore [11/04/2017 14:28:44] - |D| - [4830] - C:\Users\Jean-Marie\AppData\Local\WebBar [12/11/2016 12:05:34] - |D| - [46183754] - C:\Users\Jean-Marie\AppData\Local\WinZip [29/03/2017 18:24:46] - |D| - [82] - C:\Users\Jean-Marie\AppData\Local\Wondershare [14/11/2016 10:04:35] - |D| - [63404047] - C:\Users\Jean-Marie\AppData\Local\Zemana [02/04/2017 08:54:16] - |D| - [162640] - C:\Users\Jean-Marie\AppData\Local\ZHP [30/03/2017 13:48:38] - |D| - [463] - C:\Users\Jean-Marie\AppData\LocalLow\IObit [10/11/2016 15:52:30] - |SD| - [8489593] - C:\Users\Jean-Marie\AppData\LocalLow\Microsoft [07/04/2017 12:14:35] - |D| - [0] - C:\Users\Jean-Marie\AppData\LocalLow\Mozilla [30/03/2017 20:33:20] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\adaware [12/11/2016 10:09:01] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Adobe [12/11/2016 16:27:31] - |D| - [678] - C:\Users\Jean-Marie\AppData\Roaming\Apowersoft [31/03/2017 14:07:14] - |D| - [22134] - C:\Users\Jean-Marie\AppData\Roaming\Ashampoo [12/11/2016 10:14:29] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\ATI [08/04/2017 09:49:17] - |D| - [29] - C:\Users\Jean-Marie\AppData\Roaming\Canneverbe Limited [09/04/2017 13:05:37] - |D| - [89815] - C:\Users\Jean-Marie\AppData\Roaming\ChemTable Software [02/04/2017 10:07:25] - |D| - [51684281] - C:\Users\Jean-Marie\AppData\Roaming\com.wonderidea.focusky.en [08/04/2017 09:05:13] - |D| - [36621] - C:\Users\Jean-Marie\AppData\Roaming\CompuClever [15/11/2016 10:52:05] - |D| - [1229596] - C:\Users\Jean-Marie\AppData\Roaming\CyberLink [08/04/2017 09:46:22] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\DAEMON Tools Lite [14/11/2016 10:27:11] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\DAEMON Tools Pro [08/04/2017 09:05:06] - |D| - [27] - C:\Users\Jean-Marie\AppData\Roaming\DownloadFileOpener [11/04/2017 13:29:21] - |D| - [1688677] - C:\Users\Jean-Marie\AppData\Roaming\DVDVideoSoft [13/11/2016 19:26:19] - |D| - [6777] - C:\Users\Jean-Marie\AppData\Roaming\Epson [29/03/2017 18:28:23] - |D| - [893] - C:\Users\Jean-Marie\AppData\Roaming\FastCopy [11/04/2017 13:36:33] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Fortcryptoextension [30/03/2017 07:54:02] - |D| - [110329] - C:\Users\Jean-Marie\AppData\Roaming\FreeFileSync [06/04/2017 12:30:48] - |D| - [93103147] - C:\Users\Jean-Marie\AppData\Roaming\Genie9 [07/04/2017 12:09:14] - |D| - [87094875] - C:\Users\Jean-Marie\AppData\Roaming\Innovative Solutions [30/03/2017 13:43:40] - |D| - [748728] - C:\Users\Jean-Marie\AppData\Roaming\IObit [29/03/2017 18:58:09] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\iSkysoft iMedia Converter Deluxe [07/04/2017 13:05:36] - |D| - [306063] - C:\Users\Jean-Marie\AppData\Roaming\JAM Software [07/04/2017 08:11:29] - |D| - [14080] - C:\Users\Jean-Marie\AppData\Roaming\Lavasoft [14/11/2016 19:39:48] - |D| - [345] - C:\Users\Jean-Marie\AppData\Roaming\Leadertech [13/11/2016 20:28:03] - |D| - [497] - C:\Users\Jean-Marie\AppData\Roaming\Macromedia [12/11/2016 09:57:55] - |SD| - [3412043] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft [12/11/2016 11:46:14] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Modules [12/11/2016 14:05:55] - |D| - [17030102] - C:\Users\Jean-Marie\AppData\Roaming\Moonchild Productions [12/11/2016 10:29:20] - |D| - [42340858] - C:\Users\Jean-Marie\AppData\Roaming\Mozilla [08/04/2017 09:48:55] - |D| - [2022225] - C:\Users\Jean-Marie\AppData\Roaming\Notepad++ [29/03/2017 21:51:39] - |HD| - [576] - C:\Users\Jean-Marie\AppData\Roaming\Obsidium [01/04/2017 15:35:52] - |D| - [22236338] - C:\Users\Jean-Marie\AppData\Roaming\Opera Software [11/04/2017 14:46:32] - |D| - [128618419] - C:\Users\Jean-Marie\AppData\Roaming\Pluto TV [11/04/2017 14:48:18] - |D| - [313] - C:\Users\Jean-Marie\AppData\Roaming\PRO PC Cleaner [04/04/2017 15:38:33] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\QuickScan [04/04/2017 19:43:37] - |D| - [98943085] - C:\Users\Jean-Marie\AppData\Roaming\Remo [11/04/2017 14:23:57] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Remo MORE [30/03/2017 10:46:08] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\ScreenShot [04/04/2017 15:26:35] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\Simply Super Software [12/11/2016 10:32:54] - |D| - [77] - C:\Users\Jean-Marie\AppData\Roaming\Skype [07/04/2017 17:02:06] - |D| - [22136513] - C:\Users\Jean-Marie\AppData\Roaming\Software Informer [11/04/2017 12:36:31] - |D| - [460] - C:\Users\Jean-Marie\AppData\Roaming\TeamViewer [29/03/2017 21:51:37] - |D| - [119915366] - C:\Users\Jean-Marie\AppData\Roaming\TeraCopy [12/11/2016 11:46:04] - |AD| - [5124669] - C:\Users\Jean-Marie\AppData\Roaming\UsbFix [01/04/2017 07:06:34] - |D| - [32] - C:\Users\Jean-Marie\AppData\Roaming\Video_Converter [11/04/2017 12:57:03] - |D| - [216] - C:\Users\Jean-Marie\AppData\Roaming\Viv [01/04/2017 15:13:23] - |D| - [28016412] - C:\Users\Jean-Marie\AppData\Roaming\VOS [30/03/2017 10:42:56] - |D| - [12] - C:\Users\Jean-Marie\AppData\Roaming\WinRAR [29/03/2017 17:35:25] - |D| - [225] - C:\Users\Jean-Marie\AppData\Roaming\Wise Folder Hider [12/11/2016 12:17:58] - |D| - [613435087] - C:\Users\Jean-Marie\AppData\Roaming\ZHP [29/03/2017 19:01:34] - |D| - [0] - C:\Users\Jean-Marie\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A} [12/11/2016 10:09:10] - |ASH| - [174] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [09/04/2017 20:58:14] - |A| - [1254] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk [12/11/2016 09:57:56] - |SHD| - [120696] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [12/11/2016 09:57:55] - |RD| - [120696] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [12/11/2016 09:57:55] - |RD| - [3888] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [12/11/2016 09:57:55] - |RD| - [2931] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [12/11/2016 10:09:10] - |RD| - [174] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [10/04/2017 04:17:07] - |D| - [4546] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AoaoPhoto Digital Studio [08/04/2017 09:05:14] - |D| - [5374] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CompuClever [29/03/2017 18:16:32] - |A| - [2077] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberGhost 6.lnk [11/04/2017 14:16:42] - |D| - [4319] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Wipe [12/11/2016 10:09:10] - |ASH| - [174] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [08/04/2017 09:05:06] - |D| - [1209] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DownloadFileOpener [29/03/2017 18:28:21] - |A| - [1070] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FastCopy.lnk [11/04/2017 13:29:06] - |D| - [2061] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fort - File encryption for Windows [11/04/2017 14:16:47] - |D| - [3539] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Any Data Recovery [09/04/2017 12:17:50] - |D| - [3867] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freeraser [02/04/2017 10:18:44] - |D| - [2106] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hard Disk Shield [31/03/2017 07:56:59] - |D| - [3128] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IM-Magic Partition Resizer Professional [29/03/2017 18:32:11] - |D| - [6022] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KillCopy [03/04/2017 21:16:53] - |D| - [2972] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macrorit Data Wiper Free [03/04/2017 21:03:16] - |D| - [3166] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macrorit Disk Partition Expert Free [03/04/2017 21:16:55] - |D| - [2831] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macrorit Disk Scanner Free [03/04/2017 21:08:29] - |D| - [3066] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macrorit NTFS To FAT32 Converter [01/04/2017 20:28:04] - |D| - [3284] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Macrorit Partition Extender Free [12/11/2016 09:57:55] - |D| - [170] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [12/11/2016 10:31:58] - |A| - [2428] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [01/04/2017 15:35:02] - |A| - [1453] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera.lnk [11/04/2017 14:49:09] - |D| - [1876] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pluto TV [14/11/2016 08:54:58] - |D| - [10233] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegSeeker [12/11/2016 10:09:10] - |RD| - [174] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [29/03/2017 19:08:49] - |D| - [2051] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Supercopier [12/11/2016 09:57:55] - |RD| - [5318] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [11/04/2017 14:16:56] - |D| - [5166] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tenorshare Partition Manager [29/03/2017 21:45:00] - |D| - [1706] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultracopier [29/03/2017 22:05:31] - |D| - [3254] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [12/11/2016 09:57:55] - |RD| - [7238] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [30/03/2017 10:41:58] - |D| - [4401] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [01/04/2017 07:06:45] - |D| - [13424] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft [12/11/2016 10:09:10] - |ASH| - [174] - C:\Users\Jean-Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [MSSQL$ADK] [12/11/2016 09:57:53] - |D| - [2364099] - C:\Users\MSSQL$ADK\AppData\Local [11/11/2016 10:12:03] - |D| - [0] - C:\Users\MSSQL$ADK\AppData\LocalLow [12/11/2016 09:57:53] - |D| - [27069] - C:\Users\MSSQL$ADK\AppData\Roaming [12/11/2016 09:57:54] - |SHD| - [28266081] - C:\Users\MSSQL$ADK\AppData\Local\Application Data [12/11/2016 09:57:54] - |SHD| - [0] - C:\Users\MSSQL$ADK\AppData\Local\Historique [12/11/2016 09:57:53] - |D| - [2364099] - C:\Users\MSSQL$ADK\AppData\Local\Microsoft [12/11/2016 09:57:53] - |D| - [0] - C:\Users\MSSQL$ADK\AppData\Local\Temp [12/11/2016 09:57:54] - |SHD| - [0] - C:\Users\MSSQL$ADK\AppData\Local\Temporary Internet Files [12/11/2016 09:57:53] - |SD| - [27069] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft [12/11/2016 09:57:54] - |SHD| - [18100] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [12/11/2016 09:57:53] - |D| - [18100] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [12/11/2016 09:57:53] - |RD| - [3888] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [12/11/2016 09:57:53] - |RD| - [1486] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [12/11/2016 09:57:53] - |D| - [170] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [12/11/2016 09:57:53] - |RD| - [5318] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [12/11/2016 09:57:53] - |RD| - [7238] - C:\Users\MSSQL$ADK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell ---------- | [Public] ---------- | [widen-finalis] [10/04/2017 12:40:07] - |D| - [714448096] - C:\Users\widen-finalis\AppData\Local [10/04/2017 13:51:39] - |D| - [98509] - C:\Users\widen-finalis\AppData\LocalLow [10/04/2017 13:52:04] - |D| - [822581392] - C:\Users\widen-finalis\AppData\Roaming [10/04/2017 12:40:07] - |D| - [121622] - C:\Users\widen-finalis\AppData\Local\Adobe [10/04/2017 12:41:00] - |D| - [0] - C:\Users\widen-finalis\AppData\Local\Application Data [10/04/2017 12:41:00] - |D| - [366364] - C:\Users\widen-finalis\AppData\Local\ashampoo [10/04/2017 12:41:18] - |D| - [0] - C:\Users\widen-finalis\AppData\Local\CEF [10/04/2017 12:41:27] - |D| - [67] - C:\Users\widen-finalis\AppData\Local\ChemTable Software [10/04/2017 12:41:42] - |D| - [40] - C:\Users\widen-finalis\AppData\Local\Chromium [10/04/2017 12:41:48] - |D| - [75303585] - C:\Users\widen-finalis\AppData\Local\Comodo [10/04/2017 12:56:35] - |D| - [37775777] - C:\Users\widen-finalis\AppData\Local\CompuClever [10/04/2017 12:59:23] - |D| - [9515685] - C:\Users\widen-finalis\AppData\Local\Copy Handler [10/04/2017 12:59:45] - |D| - [14548320] - C:\Users\widen-finalis\AppData\Local\CrashDumps [10/04/2017 13:00:01] - |D| - [0] - C:\Users\widen-finalis\AppData\Local\Diagnostics [10/04/2017 13:00:02] - |D| - [5888] - C:\Users\widen-finalis\AppData\Local\Disc_Soft_Ltd [10/04/2017 13:00:04] - |D| - [0] - C:\Users\widen-finalis\AppData\Local\Downloaded Installations [10/04/2017 13:00:05] - |D| - [2836618] - C:\Users\widen-finalis\AppData\Local\DownloadFileOpener [10/04/2017 13:00:09] - |D| - [16994622] - C:\Users\widen-finalis\AppData\Local\Dropbox [10/04/2017 13:00:45] - |D| - [188] - C:\Users\widen-finalis\AppData\Local\EgisTec IPS [10/04/2017 13:00:46] - |D| - [250914] - C:\Users\widen-finalis\AppData\Local\ElevatedDiagnostics [10/04/2017 13:00:49] - |D| - [112640] - C:\Users\widen-finalis\AppData\Local\Free Download Manager [10/04/2017 13:00:53] - |D| - [70404606] - C:\Users\widen-finalis\AppData\Local\Google [10/04/2017 13:25:55] - |D| - [0] - C:\Users\widen-finalis\AppData\Local\Historique [10/04/2017 13:25:57] - |D| - [278233953] - C:\Users\widen-finalis\AppData\Local\Innovative Solutions [10/04/2017 13:37:11] - |D| - [15302256] - C:\Users\widen-finalis\AppData\Local\Kotobee Author [10/04/2017 13:39:50] - |D| - [18598222] - C:\Users\widen-finalis\AppData\Local\Microsoft [10/04/2017 13:41:36] - |D| - [78910977] - C:\Users\widen-finalis\AppData\Local\Mozilla [10/04/2017 13:44:09] - |D| - [369] - C:\Users\widen-finalis\AppData\Local\O&O [10/04/2017 13:44:09] - |D| - [0] - C:\Users\widen-finalis\AppData\Local\Programs [10/04/2017 13:44:10] - |D| - [7954227] - C:\Users\widen-finalis\AppData\Local\RapidSolution [10/04/2017 13:44:36] - |D| - [87046405] - C:\Users\widen-finalis\AppData\Local\Temp [10/04/2017 13:51:27] - |D| - [0] - C:\Users\widen-finalis\AppData\Local\Temporary Internet Files [10/04/2017 13:51:28] - |D| - [2265] - C:\Users\widen-finalis\AppData\Local\VirtualStore [10/04/2017 13:51:29] - |D| - [82] - C:\Users\widen-finalis\AppData\Local\Wondershare [10/04/2017 13:51:30] - |D| - [162404] - C:\Users\widen-finalis\AppData\Local\ZHP [10/04/2017 13:51:39] - |D| - [376] - C:\Users\widen-finalis\AppData\LocalLow\IObit [10/04/2017 13:51:41] - |D| - [98133] - C:\Users\widen-finalis\AppData\LocalLow\Microsoft [10/04/2017 13:52:03] - |D| - [0] - C:\Users\widen-finalis\AppData\LocalLow\Mozilla [10/04/2017 13:52:04] - |D| - [162165] - C:\Users\widen-finalis\AppData\Roaming\Adobe [10/04/2017 13:52:07] - |D| - [123] - C:\Users\widen-finalis\AppData\Roaming\Ashampoo [10/04/2017 13:52:08] - |D| - [29] - C:\Users\widen-finalis\AppData\Roaming\Canneverbe Limited [10/04/2017 13:52:09] - |D| - [89629] - C:\Users\widen-finalis\AppData\Roaming\ChemTable Software [10/04/2017 13:52:11] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Comodo [10/04/2017 13:52:11] - |D| - [36603] - C:\Users\widen-finalis\AppData\Roaming\CompuClever [10/04/2017 13:52:22] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\DAEMON Tools Lite [10/04/2017 13:52:22] - |D| - [23528] - C:\Users\widen-finalis\AppData\Roaming\Digiarty [10/04/2017 13:52:24] - |D| - [27] - C:\Users\widen-finalis\AppData\Roaming\DownloadFileOpener [10/04/2017 13:52:25] - |D| - [294732] - C:\Users\widen-finalis\AppData\Roaming\Dropbox [10/04/2017 13:52:26] - |D| - [384] - C:\Users\widen-finalis\AppData\Roaming\EASEUS [10/04/2017 13:52:26] - |D| - [8419623] - C:\Users\widen-finalis\AppData\Roaming\eufsc [10/04/2017 13:52:41] - |D| - [12] - C:\Users\widen-finalis\AppData\Roaming\Foxit AgentInformation [10/04/2017 13:52:41] - |D| - [522577] - C:\Users\widen-finalis\AppData\Roaming\Foxit Software [10/04/2017 13:53:15] - |D| - [17095] - C:\Users\widen-finalis\AppData\Roaming\Genie9 [10/04/2017 13:53:24] - |D| - [1017] - C:\Users\widen-finalis\AppData\Roaming\GRETECH [10/04/2017 13:53:28] - |D| - [979] - C:\Users\widen-finalis\AppData\Roaming\Hard Disk Sentinel [10/04/2017 13:53:33] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Identities [10/04/2017 13:53:34] - |D| - [662157252] - C:\Users\widen-finalis\AppData\Roaming\Innovative Solutions [10/04/2017 14:06:25] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Intel Corporation [10/04/2017 14:06:36] - |D| - [5561905] - C:\Users\widen-finalis\AppData\Roaming\IObit [10/04/2017 14:08:40] - |D| - [294612] - C:\Users\widen-finalis\AppData\Roaming\JAM Software [10/04/2017 14:08:43] - |D| - [673] - C:\Users\widen-finalis\AppData\Roaming\Macromedia [10/04/2017 14:08:46] - |D| - [1639981] - C:\Users\widen-finalis\AppData\Roaming\Microsoft [10/04/2017 14:14:14] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Modules [10/04/2017 14:14:14] - |D| - [24378012] - C:\Users\widen-finalis\AppData\Roaming\Mozilla [10/04/2017 14:15:50] - |D| - [2022225] - C:\Users\widen-finalis\AppData\Roaming\Notepad++ [10/04/2017 14:16:08] - |D| - [576] - C:\Users\widen-finalis\AppData\Roaming\Obsidium [10/04/2017 14:16:08] - |D| - [112] - C:\Users\widen-finalis\AppData\Roaming\QFX Software [10/04/2017 14:16:11] - |D| - [3072] - C:\Users\widen-finalis\AppData\Roaming\Remo [10/04/2017 14:16:14] - |D| - [446188] - C:\Users\widen-finalis\AppData\Roaming\Scadarlia [10/04/2017 14:16:24] - |D| - [3361749] - C:\Users\widen-finalis\AppData\Roaming\Skype [10/04/2017 14:17:44] - |D| - [10906485] - C:\Users\widen-finalis\AppData\Roaming\Software Informer [10/04/2017 14:22:16] - |D| - [1231090] - C:\Users\widen-finalis\AppData\Roaming\Steganos [10/04/2017 14:22:23] - |D| - [60096288] - C:\Users\widen-finalis\AppData\Roaming\Steganos Updates [10/04/2017 14:22:34] - |D| - [568] - C:\Users\widen-finalis\AppData\Roaming\TeamViewer [10/04/2017 14:22:44] - |D| - [15978685] - C:\Users\widen-finalis\AppData\Roaming\TeraCopy [10/04/2017 14:23:42] - |D| - [12640103] - C:\Users\widen-finalis\AppData\Roaming\UsbFix [10/04/2017 14:25:56] - |D| - [12293293] - C:\Users\widen-finalis\AppData\Roaming\ZHP [10/04/2017 14:13:50] - |A| - [174] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [10/04/2017 14:13:51] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [10/04/2017 14:13:52] - |D| - [3124] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [10/04/2017 14:13:52] - |D| - [2120] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [10/04/2017 14:14:02] - |D| - [174] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [10/04/2017 14:14:03] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AoaoPhoto Digital Studio [10/04/2017 14:14:03] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CompuClever [10/04/2017 14:14:04] - |A| - [338] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [10/04/2017 14:14:04] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DownloadFileOpener [10/04/2017 14:14:04] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freeraser [10/04/2017 14:14:05] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IM-Magic Partition Resizer Free [10/04/2017 14:14:06] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\KillCopy [10/04/2017 14:14:06] - |D| - [318] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [10/04/2017 14:14:07] - |D| - [174] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [10/04/2017 14:14:07] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Supercopier [10/04/2017 14:14:08] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ultracopier [10/04/2017 14:14:09] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker [10/04/2017 14:14:10] - |D| - [0] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft [10/04/2017 14:14:07] - |A| - [174] - C:\Users\widen-finalis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | [_ashbackuppb_] [08/04/2017 12:27:57] - |D| - [1287421] - C:\Users\_ashbackuppb_\AppData\Local [08/04/2017 12:28:04] - |D| - [0] - C:\Users\_ashbackuppb_\AppData\LocalLow [08/04/2017 12:27:56] - |D| - [27274] - C:\Users\_ashbackuppb_\AppData\Roaming [08/04/2017 12:28:04] - |SHD| - [14204598] - C:\Users\_ashbackuppb_\AppData\Local\Application Data [08/04/2017 12:28:04] - |SHD| - [0] - C:\Users\_ashbackuppb_\AppData\Local\Historique [08/04/2017 12:27:57] - |D| - [1241974] - C:\Users\_ashbackuppb_\AppData\Local\Microsoft [08/04/2017 12:27:57] - |D| - [45447] - C:\Users\_ashbackuppb_\AppData\Local\Temp [08/04/2017 12:28:04] - |SHD| - [128] - C:\Users\_ashbackuppb_\AppData\Local\Temporary Internet Files [08/04/2017 12:27:56] - |SD| - [27274] - C:\Users\_ashbackuppb_\AppData\Roaming\Microsoft [08/04/2017 12:28:03] - |SHD| - [18100] - C:\Users\_ashbackuppb_\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [08/04/2017 12:27:56] - |D| - [18100] - C:\Users\_ashbackuppb_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [08/04/2017 12:27:56] - |RD| - [3888] - C:\Users\_ashbackuppb_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [08/04/2017 12:27:56] - |RD| - [1486] - C:\Users\_ashbackuppb_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [08/04/2017 12:27:56] - |D| - [170] - C:\Users\_ashbackuppb_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [08/04/2017 12:27:56] - |RD| - [5318] - C:\Users\_ashbackuppb_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [08/04/2017 12:27:56] - |RD| - [7238] - C:\Users\_ashbackuppb_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell ---------- | C:\ProgramData [09/04/2017 12:10:32] - |D| - [150992] - C:\ProgramData\1AVCapture [10/04/2017 05:01:23] - |D| - [128946] - C:\ProgramData\Acer [09/04/2017 21:26:34] - |D| - [8551366] - C:\ProgramData\Acronis [30/03/2017 16:32:10] - |D| - [394317780] - C:\ProgramData\adaware [10/04/2017 05:25:05] - |D| - [519351298] - C:\ProgramData\Adobe [11/04/2017 17:27:49] - |A| - [21284] - C:\ProgramData\agent.uninstall.1491924327.bdinstall.bin [07/04/2017 17:10:08] - |A| - [29426] - C:\ProgramData\agent.update.1491577773.bdinstall.bin [12/11/2016 09:53:00] - |D| - [152] - C:\ProgramData\AMD [12/11/2016 10:06:06] - |SHD| - [199905542286] - C:\ProgramData\Application Data [31/03/2017 11:18:47] - |D| - [93556] - C:\ProgramData\AprelTech [14/11/2016 08:09:16] - |D| - [1730608] - C:\ProgramData\Ashampoo [08/04/2017 12:27:47] - |D| - [28186] - C:\ProgramData\Ashampoo Backup PB [12/11/2016 10:14:29] - |D| - [186] - C:\ProgramData\ATI [09/04/2017 19:04:02] - |D| - [9382] - C:\ProgramData\Auslogics [04/04/2017 15:54:57] - |D| - [161989] - C:\ProgramData\BDLogging [12/11/2016 10:06:06] - |SHD| - [9991] - C:\ProgramData\Bureau [09/04/2017 13:05:19] - |D| - [1500] - C:\ProgramData\Chemtable Software [06/04/2017 09:13:18] - |A| - [477755] - C:\ProgramData\cl.1491459399.bdinstall.bin [11/04/2017 17:39:32] - |A| - [480] - C:\ProgramData\cl.1491925131.10464.bin [11/04/2017 17:38:51] - |A| - [89545] - C:\ProgramData\cl.1491925131.17672.bin [11/04/2017 17:39:17] - |A| - [462] - C:\ProgramData\cl.1491925131.4676.bin [15/11/2016 11:29:55] - |D| - [879] - C:\ProgramData\CLSK [12/11/2016 09:22:34] - |D| - [0] - C:\ProgramData\Comms [10/04/2017 01:33:20] - |D| - [34799994] - C:\ProgramData\Comodo [10/04/2017 05:34:56] - |D| - [1298801364] - C:\ProgramData\Comodo Downloader [08/04/2017 09:05:14] - |D| - [2517192] - C:\ProgramData\CompuClever [12/11/2016 10:21:20] - |D| - [1343119] - C:\ProgramData\CyberLink [08/04/2017 09:45:42] - |D| - [4792] - C:\ProgramData\DAEMON Tools Lite [14/11/2016 10:26:06] - |D| - [2348] - C:\ProgramData\DAEMON Tools Pro [15/11/2016 10:51:07] - |D| - [0] - C:\ProgramData\dbg [10/04/2017 05:54:29] - |D| - [0] - C:\ProgramData\Desktop [15/11/2016 11:52:05] - |D| - [4139835] - C:\ProgramData\DivX [06/04/2017 09:14:56] - |A| - [56916] - C:\ProgramData\dm.1491462831.bdinstall.bin [11/04/2017 17:34:06] - |A| - [35555] - C:\ProgramData\dm.uninstall.1491924766.bdinstall.bin [12/11/2016 10:06:06] - |SHD| - [1430746551] - C:\ProgramData\Documents [10/04/2017 05:54:31] - |D| - [898340] - C:\ProgramData\Dropbox [10/04/2017 05:55:27] - |D| - [286560] - C:\ProgramData\EgisTec IPS [04/04/2017 18:38:07] - |D| - [24806] - C:\ProgramData\Emsisoft [12/11/2016 09:51:38] - |D| - [10889532] - C:\ProgramData\EPSON [10/04/2017 05:56:20] - |D| - [840] - C:\ProgramData\eSobi [10/04/2017 05:56:24] - |D| - [0] - C:\ProgramData\Favoris [10/04/2017 05:56:25] - |D| - [0] - C:\ProgramData\Favorites [04/04/2017 15:20:06] - |D| - [6126403] - C:\ProgramData\Foolish IT [10/04/2017 05:56:53] - |D| - [58] - C:\ProgramData\Foxit ContentPlatform [10/04/2017 05:56:56] - |D| - [28672] - C:\ProgramData\Foxit Software [10/04/2017 05:57:02] - |A| - [131984] - C:\ProgramData\FullRemove.exe [10/04/2017 06:55:21] - |A| - [131984] - C:\ProgramData\FullRemove_FromLFSULTRA-WIDEN.exe [10/04/2017 05:57:04] - |D| - [10240] - C:\ProgramData\GRETECH [02/04/2017 10:19:42] - |D| - [324] - C:\ProgramData\Hard Disk Shield [06/04/2017 17:03:29] - |D| - [0] - C:\ProgramData\HitmanPro [01/04/2017 07:15:27] - |D| - [4113] - C:\ProgramData\Informer Technologies, Inc [08/04/2017 09:45:30] - |D| - [22283780] - C:\ProgramData\Innovative Solutions [12/11/2016 10:23:59] - |D| - [3311892] - C:\ProgramData\install_backup [12/11/2016 10:23:59] - |D| - [1595391] - C:\ProgramData\install_clap [29/03/2017 22:05:29] - |D| - [315743] - C:\ProgramData\IObit [29/03/2017 18:15:48] - |D| - [4506797] - C:\ProgramData\iSkysoft [29/03/2017 18:19:08] - |D| - [5587] - C:\ProgramData\iSkysoft iMedia Converter Deluxe [10/04/2017 09:31:29] - |D| - [8010254] - C:\ProgramData\Laplink [09/04/2017 13:09:09] - |D| - [9960] - C:\ProgramData\Lavasoft [14/11/2016 19:55:53] - |D| - [269] - C:\ProgramData\LogiShrd [14/11/2016 10:31:20] - |D| - [548756213] - C:\ProgramData\Macrium [07/04/2017 10:10:00] - |D| - [167216587] - C:\ProgramData\Malwarebytes [10/04/2017 09:38:11] - |D| - [0] - C:\ProgramData\McAfee [12/11/2016 10:06:06] - |SHD| - [675865] - C:\ProgramData\Menu Démarrer [12/11/2016 09:22:34] - |SD| - [5917876778] - C:\ProgramData\Microsoft [12/11/2016 17:25:09] - |D| - [0] - C:\ProgramData\Microsoft DNX [12/11/2016 10:14:22] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [12/11/2016 10:06:06] - |SHD| - [0] - C:\ProgramData\Modèles [10/04/2017 10:26:25] - |D| - [40129536] - C:\ProgramData\Nero [11/04/2017 14:38:33] - |D| - [247900760] - C:\ProgramData\Nico Mak Computing [08/04/2017 09:12:14] - |A| - [8192] - C:\ProgramData\NTUSER.dat [08/04/2017 09:12:14] - |ASH| - [8192] - C:\ProgramData\NTUSER.dat.LOG1 [08/04/2017 09:12:14] - |ASH| - [0] - C:\ProgramData\NTUSER.dat.LOG2 [08/04/2017 09:12:14] - |ASH| - [65536] - C:\ProgramData\NTUSER.dat{f231423c-1c24-11e7-bcb6-4c72b9f956a2}.TM.blf [08/04/2017 09:12:14] - |ASH| - [524288] - C:\ProgramData\NTUSER.dat{f231423c-1c24-11e7-bcb6-4c72b9f956a2}.TMContainer00000000000000000001.regtrans-ms [08/04/2017 09:12:14] - |ASH| - [524288] - C:\ProgramData\NTUSER.dat{f231423c-1c24-11e7-bcb6-4c72b9f956a2}.TMContainer00000000000000000002.regtrans-ms [15/11/2016 22:22:13] - |RASH| - [8] - C:\ProgramData\ntuser.pol [12/11/2016 15:44:11] - |D| - [468] - C:\ProgramData\NuGet [10/04/2017 10:26:47] - |D| - [1472] - C:\ProgramData\oem [10/04/2017 10:26:51] - |D| - [67882528] - C:\ProgramData\OO Software [12/11/2016 09:51:34] - |D| - [6060337227] - C:\ProgramData\Package Cache [06/04/2017 11:51:20] - |D| - [3102] - C:\ProgramData\Panda Security [15/11/2016 12:03:44] - |D| - [36] - C:\ProgramData\PDVD [12/11/2016 17:59:51] - |D| - [3906573] - C:\ProgramData\PreEmptive Solutions [07/04/2017 07:53:54] - |D| - [1650] - C:\ProgramData\ProductData [10/04/2017 10:28:13] - |D| - [208] - C:\ProgramData\QFX Software [10/04/2017 10:28:14] - |D| - [35374718] - C:\ProgramData\RapidSolution [31/03/2017 10:49:56] - |D| - [0] - C:\ProgramData\Reallusion [15/11/2016 22:52:53] - |D| - [102642166] - C:\ProgramData\Rebit [15/11/2016 23:03:25] - |D| - [8681] - C:\ProgramData\Rebit 5 [12/11/2016 09:22:34] - |D| - [2082] - C:\ProgramData\regid.1991-06.com.microsoft [07/04/2017 10:04:18] - |D| - [64947] - C:\ProgramData\RogueKiller [10/04/2017 10:32:24] - |D| - [0] - C:\ProgramData\Shared Space [04/04/2017 15:21:29] - |D| - [290322674] - C:\ProgramData\Simply Super Software [10/04/2017 10:36:02] - |D| - [0] - C:\ProgramData\Skype [12/11/2016 09:22:34] - |D| - [0] - C:\ProgramData\SoftwareDistribution [13/11/2016 19:35:40] - |D| - [645] - C:\ProgramData\Sony Corporation [10/04/2017 10:36:04] - |D| - [0] - C:\ProgramData\Start Menu [12/11/2016 10:23:59] - |D| - [17583089] - C:\ProgramData\SUPPORTDIR [14/11/2016 08:20:03] - |AD| - [2293692] - C:\ProgramData\Temp [10/04/2017 10:36:11] - |D| - [0] - C:\ProgramData\Templates [08/04/2017 09:10:26] - |D| - [22708] - C:\ProgramData\TweakBit [30/03/2017 10:14:23] - |D| - [2222] - C:\ProgramData\UCheck [13/11/2016 19:36:35] - |D| - [4680] - C:\ProgramData\UDL [12/11/2016 12:06:19] - |D| - [294] - C:\ProgramData\UniqueId [12/11/2016 09:22:34] - |D| - [4286] - C:\ProgramData\USOPrivate [12/11/2016 09:47:57] - |D| - [1662976] - C:\ProgramData\USOShared [12/11/2016 12:05:13] - |AD| - [8327] - C:\ProgramData\WinZip [29/03/2017 18:31:09] - |D| - [0] - C:\ProgramData\Wondershare [29/03/2017 18:00:47] - |D| - [3916218826] - C:\ProgramData\Wondershare Video Editor [31/03/2017 19:44:29] - |HDC| - [9570075] - C:\ProgramData\{2EF7C166-C279-4C1C-B71E-A6B22E3D37C1} [30/03/2017 13:48:26] - |D| - [0] - C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A} ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [12/11/2016 09:22:43] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [10/04/2017 10:15:28] - |A| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop_FromLFSULTRA-WIDEN.ini [12/11/2016 12:05:45] - |A| - [2200] - C:\ProgramData\Microsoft\Windows\Start Menu\Notifications de Mises à jour.lnk [12/11/2016 12:05:45] - |A| - [2161] - C:\ProgramData\Microsoft\Windows\Start Menu\Outils d’arrière-plan WinZip.lnk [12/11/2016 10:06:06] - |SHD| - [667028] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [12/11/2016 09:22:34] - |RD| - [667028] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs [29/03/2017 19:30:11] - |A| - [1727] - C:\ProgramData\Microsoft\Windows\Start Menu\TeraCopy.lnk [12/11/2016 12:05:45] - |A| - [2133] - C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [09/04/2017 12:10:32] - |D| - [6622] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1AVCapture [09/04/2017 20:25:49] - |D| - [1991] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [12/11/2016 09:22:34] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [12/11/2016 09:22:34] - |RD| - [17805] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [11/04/2017 13:26:40] - |D| - [1131] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems [09/04/2017 21:16:45] - |D| - [9086] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer [09/04/2017 21:10:26] - |D| - [2256] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye webcam [10/04/2017 10:19:48] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GameZone [10/04/2017 10:20:10] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem [09/04/2017 22:22:19] - |A| - [2222] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk [30/03/2017 20:03:21] - |D| - [2600] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\adaware [12/11/2016 09:22:34] - |RD| - [22162] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [08/04/2017 10:06:52] - |D| - [7427] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare [08/04/2017 09:49:42] - |D| - [3099] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO [08/04/2017 09:49:42] - |A| - [1634] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced Uninstaller PRO 12.lnk [01/04/2017 15:20:00] - |D| - [2070] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeroEnabler [12/11/2016 09:53:12] - |D| - [4373] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center [04/04/2017 15:20:10] - |D| - [2443] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anti-Locky [14/11/2016 08:11:06] - |D| - [16563] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo [09/04/2017 19:03:44] - |D| - [3015] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics [12/11/2016 16:30:11] - |D| - [15863] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3 [07/04/2017 12:06:38] - |D| - [3705] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Batch Picture Protector [06/04/2017 11:45:52] - |D| - [1211] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BDAntiRansomware [12/11/2016 13:55:14] - |D| - [1608] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Bureau [30/03/2017 10:46:47] - |D| - [1606] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black-Glass ThemePack [04/04/2017 05:06:40] - |D| - [1409] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blank Caption [12/11/2016 15:06:45] - |A| - [1500] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk [11/04/2017 14:40:16] - |D| - [1140] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.com [11/04/2017 14:48:27] - |D| - [1076] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware [09/04/2017 20:27:21] - |D| - [1264] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [08/04/2017 09:49:17] - |A| - [1182] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [06/04/2017 11:53:50] - |D| - [1579] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chromium ThemePack [29/03/2017 18:20:20] - |D| - [15109] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO [09/04/2017 23:54:24] - |D| - [3487] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copy Handler [03/04/2017 12:34:27] - |D| - [2597] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CryptoPrevent [29/03/2017 18:05:51] - |D| - [2844] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 6 [31/03/2017 18:27:59] - |A| - [2067] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink ActionDirector 2 (64-bit).lnk [14/11/2016 10:52:18] - |D| - [2143] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Advisor [31/03/2017 19:42:53] - |RD| - [1637] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Application Manager [12/11/2016 11:38:40] - |A| - [2341] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Desktop Burning Gadget 11.lnk [12/11/2016 11:38:41] - |A| - [2299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink ISO Viewer 11.lnk [15/11/2016 11:34:51] - |RD| - [23398] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite [12/11/2016 11:38:39] - |A| - [2280] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power2Go 11.lnk [11/04/2017 15:19:28] - |A| - [2377] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 17.lnk [14/11/2016 11:02:28] - |A| - [2490] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PresenterLink+.lnk [14/11/2016 11:16:18] - |A| - [2418] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink VideoMeeting+.lnk [12/11/2016 11:38:42] - |A| - [2320] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Virtual Drive 11.lnk [08/04/2017 09:46:22] - |D| - [916] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [12/11/2016 09:22:43] - |ASH| - [2092] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [10/04/2017 10:23:00] - |A| - [886] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop_FromLFSULTRA-WIDEN.ini [10/04/2017 04:47:01] - |D| - [2972] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty [15/11/2016 11:53:05] - |D| - [4903] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus [04/04/2017 15:26:50] - |D| - [8307] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DIY DataRecovery CHK-Mate [07/04/2017 12:08:59] - |D| - [4118] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax [09/04/2017 20:38:11] - |D| - [1321] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox [11/04/2017 13:33:06] - |D| - [11999] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft [10/04/2017 00:02:55] - |D| - [2761] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS EverySync 3.0 [01/04/2017 07:57:47] - |D| - [4078] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup 10.0 [09/04/2017 19:36:06] - |D| - [2901] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans [10/04/2017 10:23:22] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec [10/04/2017 10:23:28] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes [01/04/2017 14:56:00] - |D| - [3655] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enigma Virtual Box [13/11/2016 19:26:51] - |D| - [3212] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [13/11/2016 18:59:18] - |D| - [7080] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software [10/04/2017 10:23:29] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSobi v2 [09/04/2017 22:25:33] - |D| - [3852] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire [02/04/2017 10:06:52] - |D| - [2985] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusky [09/04/2017 20:47:36] - |D| - [4485] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader [04/04/2017 15:23:45] - |D| - [1163] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis [10/04/2017 00:12:59] - |D| - [2883] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager [30/03/2017 07:50:24] - |A| - [1001] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileSync.lnk [10/04/2017 10:23:34] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freeraser [10/04/2017 10:23:36] - |D| - [1728] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [11/04/2017 14:16:38] - |D| - [1455] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glarysoft [09/04/2017 20:58:14] - |D| - [4047] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player [09/04/2017 21:05:05] - |A| - [2251] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [04/04/2017 15:21:12] - |D| - [935] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Anti-Ransomware [10/04/2017 00:15:52] - |D| - [5540] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel [10/04/2017 00:16:17] - |D| - [6897] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro [07/04/2017 08:18:04] - |D| - [4521] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide My IP 6 [03/04/2017 13:29:42] - |D| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream PDF Converter [31/03/2017 10:50:26] - |D| - [11069] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iClone 5 [01/04/2017 15:10:47] - |D| - [1369] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iFun Video Converter [16/07/2016 13:43:50] - |AS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [10/04/2017 01:33:04] - |D| - [1637] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [30/03/2017 13:52:44] - |D| - [2724] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller [29/03/2017 22:05:27] - |D| - [2574] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Unlocker [29/03/2017 18:48:51] - |D| - [1215] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iSkysoft [15/11/2016 18:24:12] - |D| - [2273] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO to USB [10/04/2017 01:34:34] - |D| - [4913] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeyScrambler [10/04/2017 10:24:05] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KillCopy [07/04/2017 12:07:40] - |D| - [2430] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kotobee Author [10/04/2017 01:38:27] - |D| - [2314] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Laplink PCmover Express [31/03/2017 19:43:50] - |D| - [9127] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft [14/11/2016 19:26:01] - |D| - [1733] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [14/11/2016 10:40:18] - |D| - [2150] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium [12/11/2016 09:22:34] - |D| - [776] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [07/04/2017 10:11:13] - |D| - [3824] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes [12/11/2016 15:24:14] - |D| - [1775] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression [10/04/2017 02:21:28] - |A| - [2110] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk [15/11/2016 10:47:33] - |D| - [2340] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [12/11/2016 13:23:20] - |D| - [1475] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 [12/11/2016 13:19:26] - |D| - [4934] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2012 [29/03/2017 18:47:36] - |D| - [1124] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniCopier [16/07/2016 13:42:22] - |AS| - [2219] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk [07/04/2017 10:43:03] - |A| - [1142] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [08/04/2017 09:48:15] - |A| - [1296] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [10/04/2017 02:24:24] - |D| - [3138] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozyHome [11/04/2017 16:14:56] - |D| - [1022] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC [10/04/2017 02:27:17] - |D| - [6313] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MultiCommander [10/04/2017 03:11:01] - |A| - [2328] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Recorder.lnk [10/04/2017 03:36:36] - |D| - [1116] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeatMP3 Pro [08/04/2017 09:45:24] - |D| - [2838] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSetup Updater [29/03/2017 21:47:26] - |D| - [2283] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NiceCopier [08/04/2017 09:49:01] - |D| - [1112] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [29/03/2017 22:50:35] - |D| - [1104] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NoVirusThanks [12/11/2016 13:59:03] - |A| - [968] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pale Moon.lnk [06/04/2017 11:47:02] - |D| - [2527] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security [11/04/2017 13:58:38] - |D| - [4544] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock [04/04/2017 15:24:01] - |D| - [1873] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoStitcher [09/04/2017 21:06:20] - |D| - [7919] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO [16/07/2016 13:43:50] - |AS| - [2199] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk [30/03/2017 07:50:24] - |A| - [971] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealTimeSync.lnk [10/04/2017 03:47:25] - |D| - [1313] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reason Core Security [15/11/2016 22:58:31] - |D| - [1153] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rebit Pro [09/04/2017 21:07:29] - |D| - [4044] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva [09/04/2017 13:05:18] - |D| - [3886] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reg Organizer [11/04/2017 14:17:55] - |D| - [3784] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Convert OST to PST [04/04/2017 19:43:33] - |D| - [4676] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Drive Defrag [04/04/2017 19:44:08] - |D| - [4630] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Drive Wipe [04/04/2017 19:47:02] - |D| - [4802] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo File Eraser 2.0 [11/04/2017 14:20:51] - |D| - [3098] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo MORE [11/04/2017 14:21:34] - |D| - [5150] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Outlook Backup & Migrate [04/04/2017 19:44:44] - |D| - [4770] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Privacy Cleaner [04/04/2017 19:45:23] - |D| - [3876] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover for Android [04/04/2017 19:46:01] - |D| - [3856] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover FREE Edition [11/04/2017 14:25:50] - |D| - [5021] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover Outlook Express [11/04/2017 14:27:14] - |D| - [3728] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair MOV [11/04/2017 14:25:26] - |D| - [3848] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Outlook [PST] [11/04/2017 14:27:42] - |D| - [5024] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair PowerPoint [11/04/2017 14:28:04] - |D| - [4509] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair RAR [04/04/2017 19:46:27] - |D| - [3774] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Registry [11/04/2017 14:30:30] - |D| - [4832] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair Word [11/04/2017 14:30:56] - |D| - [4485] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Repair ZIP [03/04/2017 15:10:52] - |D| - [1993] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ResBuilder [03/04/2017 14:52:14] - |D| - [1428] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RibbonDisabler [30/03/2017 10:37:50] - |D| - [883] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller [29/03/2017 22:47:24] - |D| - [1213] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Runtime Software [10/04/2017 03:50:45] - |D| - [1112] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scadarlia [30/03/2017 10:46:18] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScreenShot [06/04/2017 12:31:10] - |D| - [969] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Securely File Shredder [04/04/2017 15:20:26] - |D| - [2230] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShadowExplorer [31/03/2017 11:16:24] - |D| - [2493] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silent Install Builder [10/04/2017 03:59:39] - |D| - [2118] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkinPack [10/04/2017 04:03:24] - |D| - [2092] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [01/04/2017 07:14:54] - |D| - [1808] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer [11/04/2017 14:16:39] - |A| - [1376] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Update Pro.lnk [10/04/2017 04:04:32] - |D| - [1232] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy [12/11/2016 09:22:34] - |RD| - [514] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [10/04/2017 10:25:21] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steganos Privacy Suite 18 [12/11/2016 09:22:34] - |RD| - [2670] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [09/04/2017 21:09:52] - |A| - [1122] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk [10/04/2017 10:25:23] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy [01/04/2017 14:55:48] - |D| - [7188] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Enigma Protector [30/03/2017 12:13:27] - |D| - [2795] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Top Studio [07/04/2017 13:07:26] - |D| - [11718] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize [07/04/2017 13:05:31] - |D| - [4008] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Free [04/04/2017 15:22:03] - |D| - [3684] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover [08/04/2017 09:10:14] - |D| - [4711] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit [30/03/2017 10:14:17] - |D| - [817] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck [10/04/2017 04:05:12] - |D| - [8859] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraVNC [06/04/2017 11:35:17] - |D| - [2627] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Key Vaccine 2016 [01/04/2017 17:14:14] - |D| - [1428] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UXThemePatcher [04/04/2017 15:29:06] - |D| - [1549] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vineyard ThemePack [01/04/2017 07:03:14] - |D| - [2682] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VIP Video Converter [12/11/2016 14:26:25] - |D| - [7395] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015 [12/11/2016 11:44:52] - |A| - [1509] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk [11/04/2017 12:56:33] - |D| - [2401] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VivPDF Editor [06/04/2017 12:32:07] - |D| - [2767] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows AutoCleaner 2016 [12/11/2016 12:51:10] - |D| - [23993] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits [10/04/2017 01:25:29] - |D| - [5879] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [03/04/2017 14:41:12] - |D| - [1523] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows10 ThemePack [30/03/2017 10:41:59] - |D| - [4329] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [06/04/2017 13:47:40] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip [12/11/2016 12:05:01] - |D| - [2145] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 21.0 [11/04/2017 14:38:35] - |D| - [3894] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector [29/03/2017 17:34:58] - |D| - [1301] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Folder Hider [29/03/2017 17:31:59] - |D| - [1270] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise JetSearch [14/11/2016 09:05:44] - |D| - [1344] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Memory Optimizer [14/11/2016 09:05:17] - |D| - [1324] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Video Downloader [29/03/2017 18:22:13] - |D| - [7002] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare [10/04/2017 04:57:50] - |D| - [3115] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView [29/03/2017 09:16:45] - |D| - [1170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger [08/04/2017 09:12:27] - |D| - [2653] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoolz ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [12/11/2016 09:22:43] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [10/04/2017 10:25:18] - |A| - [340] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop_FromLFSULTRA-WIDEN.ini ---------- | C:\Program Files (x86) [09/04/2017 12:10:27] - |D| - [7403286] - C:\Program Files (x86)\1AVCapture [09/04/2017 20:23:28] - |D| - [3631890] - C:\Program Files (x86)\7-Zip [09/04/2017 21:09:54] - |D| - [77563082] - C:\Program Files (x86)\Acer [09/04/2017 21:19:52] - |D| - [217269162] - C:\Program Files (x86)\Adobe [10/04/2017 04:05:30] - |D| - [43213482] - C:\Program Files (x86)\AoaoPhoto Digital Studio [12/11/2016 20:50:18] - |D| - [6219076] - C:\Program Files (x86)\AppInsights [14/11/2016 08:08:16] - |D| - [1393692539] - C:\Program Files (x86)\Ashampoo [12/11/2016 09:52:02] - |AD| - [106367910] - C:\Program Files (x86)\ATI Technologies [09/04/2017 19:03:34] - |D| - [31824492] - C:\Program Files (x86)\Auslogics [12/11/2016 16:28:00] - |D| - [30538491] - C:\Program Files (x86)\AutoIt3 [08/04/2017 08:52:23] - |D| - [8845645] - C:\Program Files (x86)\AxBx [09/04/2017 21:27:03] - |D| - [206447056] - C:\Program Files (x86)\BackupClient [07/04/2017 12:06:31] - |AD| - [46778149] - C:\Program Files (x86)\Batch Picture Protector [11/04/2017 14:39:55] - |D| - [80461609] - C:\Program Files (x86)\Booking.com [09/04/2017 20:25:55] - |D| - [8076912] - C:\Program Files (x86)\CCleaner [08/04/2017 09:49:10] - |D| - [19784837] - C:\Program Files (x86)\CDBurnerXP [09/04/2017 12:17:49] - |D| - [2922805] - C:\Program Files (x86)\Codyssey [12/11/2016 08:57:26] - |D| - [749728904] - C:\Program Files (x86)\Common Files [09/04/2017 23:19:18] - |D| - [1180725234] - C:\Program Files (x86)\Comodo [08/04/2017 09:05:14] - |D| - [21417149] - C:\Program Files (x86)\CompuClever [09/04/2017 23:53:27] - |D| - [13580794] - C:\Program Files (x86)\Copy Handler