--------------- QuickDiag | g3n-h@ckm@n | V3_01.06.17.1 ---------------

----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 21/06/2017 23:38:11

Updated 01/06/2017 | 06.50 (GMT) by g3n-h@ckm@n
Contact : http://www.sosvirus.net/

Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris
[Utilisateur (Administrator)] - [DESKTOP-CJSUH9G] (S-1-5-21-533811266-1534692092-1485993985-1002)

System: Microsoft Windows 10 Pro Insider Preview - - (10.0.16215) -  BuildType: Multiprocessor Free - OSLanguage: 1036 (040c)
System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True
Boot : Microsoft Windows 10 Pro Insider Preview|C:\WINDOWS|\Device\Harddisk0\Partition4
Boot : Normal boot
PC: P870KM_KM1                     - Notebook                        - IdNumber: Not Applicable   - UUID: 425BFA80-F5B1-0000-0000-000000000000
Processor : X64 - 4200 Mhz - Intel(R) Core(TM) i7-7700K CPU @ 4.20GHz
5.12 - en|US|iso8859-1 - American Megatrends Inc. - S/N: Not Applicable                  - 5.12 - ALASKA - 1072009
CoreTemp : 60 Celsius

----------| Extended


---------- | SoundDevice

NVIDIA High Definition Audio - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10DE&DEV_0083&SUBSYS_15580876&REV_1001\5&3872BDF0&0&0001
NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000
Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0899&SUBSYS_15580875&REV_1000\4&3280AA1B&0&0001

---------- | Video

NVIDIA GeForce GTX 1080 - Resolution: x - Colors: - RefreshRate: -  Bits Per Pixel - DeviceID: VideoController1 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumd.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumd.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumd.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumd.dll - PNPDeviceID: PCI\VEN_10DE&DEV_1BE0&SUBSYS_08761558&REV_A1\4&17EE2FD8&0&0009 - AdapterCompatibility: NVIDIA - RAM: -1048576
NVIDIA GeForce GTX 1080 - Resolution: 3840x2160 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController2 - Drivers: C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumdx.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumd.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumd.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumd.dll,C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumd.dll - PNPDeviceID: PCI\VEN_10DE&DEV_1BE0&SUBSYS_08761558&REV_A1\4&28CC61F8&0&0008 - AdapterCompatibility: NVIDIA - RAM: -1048576
Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 1080 - DriverVersion: 22.21.13.8233 - SpecificationVersion: 1025

---------- | Codecs

c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 84480 -  Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK
c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 30008 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 21232 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 31584 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38312 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 28672 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 -  Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\xvidvfw.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 251392 -  Manufacturer: - Status: OK

---------- | CPU

CPU #1 value:7 %
CPU #2 value:1 %
CPU #3 value:1 %
CPU #4 value:7 %
CPU #5 value:1 %
CPU #6 value:1 %
CPU #7 value:7 %
CPU #8 value:1 %
Total Overall CPU Usage value:3 %

---------- | Network

Killer E2500 Gigabit Ethernet Controller : SENT:3,390 bytes/sec / RECVD:3,390 bytes/sec
Killer E2500 Gigabit Ethernet Controller _2 : SENT:0 bytes/sec / RECVD:0 bytes/sec
VPN Client Adapter - VPN : SENT:0 bytes/sec / RECVD:0 bytes/sec
Killer Wireless-n_a_ac 1535 Wireless Network Adapter _2 : SENT:0 bytes/sec / RECVD:0 bytes/sec

Overall -> SEND Maxium:3,390 bytes/sec,  /  RECEIVE Maximum:3,390 bytes/sec

Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000
VPN Client Adapter - VPN - Ethernet 802.3 - PureVPN - Status: - PnPID : ROOT\NET\0000
Killer E2500 Gigabit Ethernet Controller - Ethernet 802.3 - Rivet Networks - Status: - PnPID : PCI\VEN_1969&DEV_E0B1&SUBSYS_08751558&REV_10\4&8FE74D0&0&00E0
Killer Wireless-n/a/ac 1535 Wireless Network Adapter #2 - Ethernet 802.3 - Qualcomm Communications Inc. - Status: - PnPID : PCI\VEN_168C&DEV_003E&SUBSYS_15351A56&REV_32\4&103032B1&0&00ED
Killer E2500 Gigabit Ethernet Controller #2 - Ethernet 802.3 - Rivet Networks - Status: - PnPID : PCI\VEN_1969&DEV_E0B1&SUBSYS_08751558&REV_10\4&C70D3A3&0&00E1
Bluetooth Device (RFCOMM Protocol TDI) - - Microsoft - Status: - PnPID : BTH\MS_RFCOMM\6&223DC3A8&0&0
Microsoft Wi-Fi Direct Virtual Adapter #5 - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&367804E0&0&13
Bluetooth Device (Personal Area Network) #3 - Ethernet 802.3 - Microsoft - Status: - PnPID : BTH\MS_BTHPAN\6&223DC3A8&0&3
WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_SSTPMINIPORT
WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_AGILEVPNMINIPORT
WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_L2TPMINIPORT
WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPTPMINIPORT
WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_PPPOEMINIPORT
WAN Miniport (IP) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIP
WAN Miniport (IPv6) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANIPV6
WAN Miniport (Network Monitor) - Ethernet 802.3 - Microsoft - Status: - PnPID : SWD\MSRRAS\MS_NDISWANBH

---------- | Memory

RAM = Total (MB) : 67025 | Free (MB) : 55553
Pagefile = Total (MB) : 76986 | Free (MB) : 57491
Virtual = Total (MB) : 4194 | Free (MB) : 3866

Physical Memory 0 : Capacity: 17179869184 - ChannelA-DIMM0 - Posit.: 1 - Manufacturer: 04CD - PartNumber: F4-2400C16-16GRS    - S/N: 00000000
Physical Memory 1 : Capacity: 17179869184 - ChannelA-DIMM1 - Posit.: 1 - Manufacturer: 04CD - PartNumber: F4-2400C16-16GRS    - S/N: 00000000
Physical Memory 2 : Capacity: 17179869184 - ChannelB-DIMM0 - Posit.: 2 - Manufacturer: 04CD - PartNumber: F4-2400C16-16GRS    - S/N: 00000000
Physical Memory 3 : Capacity: 17179869184 - ChannelB-DIMM1 - Posit.: 2 - Manufacturer: 04CD - PartNumber: F4-2400C16-16GRS    - S/N: 00000000

---------- | SID Users

Administrateur : [S-1-5-21-533811266-1534692092-1485993985-500]
DefaultAccount : [S-1-5-21-533811266-1534692092-1485993985-503]
Invité : [S-1-5-21-533811266-1534692092-1485993985-501]
Utilisateur : [S-1-5-21-533811266-1534692092-1485993985-1002]
WDAGUtilityAccount : [S-1-5-21-533811266-1534692092-1485993985-504]
Administrateurs : [S-1-5-32-544]
Administrateurs Hyper-V : [S-1-5-32-578]
Duplicateurs : [S-1-5-32-552]
IIS_IUSRS : [S-1-5-32-568]
Invités : [S-1-5-32-546]
Lecteurs des journaux d’événements : [S-1-5-32-573]
Opérateurs d'assistance de contrôle d'accès : [S-1-5-32-579]
Opérateurs de chiffrement : [S-1-5-32-569]
Opérateurs de configuration réseau : [S-1-5-32-556]
Opérateurs de sauvegarde : [S-1-5-32-551]
System Managed Accounts Group : [S-1-5-32-581]
Utilisateurs : [S-1-5-32-545]
Utilisateurs avec pouvoir : [S-1-5-32-547]
Utilisateurs de gestion à distance : [S-1-5-32-580]
Utilisateurs de l’Analyseur de performances : [S-1-5-32-558]
Utilisateurs du Bureau à distance : [S-1-5-32-555]
Utilisateurs du journal de performances : [S-1-5-32-559]
Utilisateurs du modèle COM distribué : [S-1-5-32-562]

---------- | SystemAccounts

Name: Tout le monde - SID: S-1-1-0 - SIDType: 5 - Status: OK
Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK
Name: CREATEUR PROPRIETAIRE - SID: S-1-3-0 - SIDType: 5 - Status: OK
Name: GROUPE CREATEUR - SID: S-1-3-1 - SIDType: 5 - Status: OK
Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK
Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK
Name: DROITS DU PROPRIÉTAIRE - SID: S-1-3-4 - SIDType: 5 - Status: OK
Name: LIGNE - SID: S-1-5-1 - SIDType: 5 - Status: OK
Name: RESEAU - SID: S-1-5-2 - SIDType: 5 - Status: OK
Name: TACHE - SID: S-1-5-3 - SIDType: 5 - Status: OK
Name: INTERACTIF - SID: S-1-5-4 - SIDType: 5 - Status: OK
Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK
Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK
Name: Proxy - SID: S-1-5-8 - SIDType: 5 - Status: OK
Name: Système - SID: S-1-5-18 - SIDType: 5 - Status: OK
Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK
Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK
Name: Utilisateurs authentifiés - SID: S-1-5-11 - SIDType: 5 - Status: OK
Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK
Name: UTILISATEUR TERMINAL SERVER - SID: S-1-5-13 - SIDType: 5 - Status: OK
Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK
Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK
Name: SERVICE LOCAL - SID: S-1-5-19 - SIDType: 5 - Status: OK
Name: SERVICE RÉSEAU - SID: S-1-5-20 - SIDType: 5 - Status: OK
Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK

---------- | Drives

C:\ -> [Fixed] | [] | Total : 930.11 Go | Free : 463.33 Go -> NTFS (SSD) [SATA]
D:\ -> [Fixed] | [Nouveau nom] | Total : 1862.89 Go | Free : 485.34 Go -> NTFS [SATA]
E:\ -> [Fixed] | [Nouveau nom] | Total : 1862.89 Go | Free : 1344.58 Go -> NTFS [SATA]

Disk Usage Information [3 total Physical Disks]

Physical Drive #0 [C:] : Read:175,070 bytes/sec, Written:0 bytes/sec Max Read:175,070 bytes/sec, Max Write:0 bytes/sec 
Physical Drive #1 [D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec 
Physical Drive #2 [E:] : Read:6,624,503 bytes/sec, Written:0 bytes/sec Max Read:6,624,503 bytes/sec, Max Write:0 bytes/sec 

Overall - Read Maximum:6,624,503 bytes/sec, Write Maximum:0 bytes/sec

DeviceID: \\.\PHYSICALDRIVE2 - Status: OK - IDE - Fixed hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_&PROD_ST2000LM007-1R81\4&19DED084&0&030000
DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 4 Part. - PnPID : SCSI\DISK&VEN_INTEL&PROD_SSDSCKKW010X6\4&19DED084&0&000000
DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - IDE - Fixed hard disk media - 1 Part. - PnPID : SCSI\DISK&VEN_&PROD_ST2000LM007-1R81\4&19DED084&0&020000

---------- | Windows updates

Test 1 : Windows Is Activated
Test 2 : Windows Is Activated
Test 3 : Possible Fixed Windows (Notification Mode)
Test 4 : Possible Fixed Windows (Notification Mode)

---------- | Browsers

IE : 11.0.16215.1000     (© Microsoft Corporation. Tous droits réservés.)
GC : 58.0.3029.110     (Copyright 2016 Google Inc.)

Default : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url ""

---------- | FlashPlayer

FlashPlayer ActiveX : 25.0.0.171

---------- | Security

AV : Bitdefender Antivirus Enabled
AS : Windows Defender Disabled
FW : Bitdefender Pare-feu Enabled
WMI : OK
WU: Windows Update Service [Manual(3)] = stopped
AS: Windows Defender [Manual(3)] = stopped
WMI: Windows Management Instrumentation [Auto(2)] = Running



---------- | Running processes

444 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.16215.1000) = C:\Windows\System32\smss.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
764 | [Owner : Système | Parent : 752() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.16215.1000) = C:\Windows\System32\csrss.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
860 | [Owner : Système | Parent : 752() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.16215.1000) = C:\Windows\System32\wininit.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
868 | [Owner : Système | Parent : 852() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.16215.1000) = C:\Windows\System32\csrss.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
936 | [Owner : Système | Parent : 860(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.16215.1000) = C:\Windows\System32\services.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
956 | [Owner : Système | Parent : 860(wininit.exe) | 42.29 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.16215.1000) = C:\Windows\System32\lsass.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
100 | [Owner : Système | Parent : 852() | 23.82 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.16215.1000) = C:\Windows\System32\winlogon.exe     [04/06/2017 12:10:00]    CPU Usage:0 %
792 | [Owner : Système | Parent : 936(services.exe) | 11.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
856 | [Owner : UMFD-0 | Parent : 860(wininit.exe) | 8.34 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.16215.1000) = C:\Windows\System32\fontdrvhost.exe     [04/06/2017 12:10:00]    CPU Usage:0 %
548 | [Owner : UMFD-1 | Parent : 100(winlogon.exe) | 16.09 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.16215.1000) = C:\Windows\System32\fontdrvhost.exe     [04/06/2017 12:10:00]    CPU Usage:0 %
1048 | [Owner : Système | Parent : 936(services.exe) | 61.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1120 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 55.7 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.16215.1000) = C:\Windows\System32\WUDFHost.exe     [04/06/2017 12:10:16]    CPU Usage:0 %
1176 | [Owner : SERVICE RÉSEAU | Parent : 936(services.exe) | 23.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1220 | [Owner : Système | Parent : 936(services.exe) | 18.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1308 | [Owner : DWM-1 | Parent : 100(winlogon.exe) | 2568.47 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.16215.1000) = C:\Windows\System32\dwm.exe     [04/06/2017 12:09:55]    CPU Usage:0 %
1364 | [Owner : SERVICE RÉSEAU | Parent : 936(services.exe) | 40.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1452 | [Owner : Système | Parent : 936(services.exe) | 21.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1516 | [Owner : Système | Parent : 936(services.exe) | 15.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1576 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 26.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1660 | [Owner : Système | Parent : 936(services.exe) | 37.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1676 | [Owner : Système | Parent : 936(services.exe) | 37.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1684 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 21.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1808 | [Owner : Système | Parent : 936(services.exe) | 18.84 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1840 | [Owner : Système | Parent : 936(services.exe) | 506.37 Mo] - (.Bitdefender - Bitdefender Security Service.) - (21.0.25.92) = C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe     [02/06/2017 13:11:15]    CPU Usage:0 %
1948 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 51.59 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1284 | [Owner : Système | Parent : 936(services.exe) | 18.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1848 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 21.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
2100 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 17.53 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
2108 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 38.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
2200 | [Owner : Système | Parent : 936(services.exe) | 16.16 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
2280 | [Owner : SERVICE RÉSEAU | Parent : 936(services.exe) | 22.73 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
2316 | [Owner : Système | Parent : 936(services.exe) | 18.79 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
2340 | [Owner : SERVICE RÉSEAU | Parent : 936(services.exe) | 18.03 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
2376 | [Owner : SERVICE RÉSEAU | Parent : 936(services.exe) | 18.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
2428 | [Owner : SERVICE LOCAL | Parent : 2316(svchost.exe) | 24.18 Mo] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (10.0.16215.1000) = C:\Windows\System32\dasHost.exe     [04/06/2017 12:09:37]    CPU Usage:0 %
2508 | [Owner : Système | Parent : 936(services.exe) | 29.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
2580 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 20.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
2896 | [Owner : Système | Parent : 936(services.exe) | 24.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
2920 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 17.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
3044 | [Owner : Système | Parent : 936(services.exe) | 37.2 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe     [24/05/2017 23:12:41]    CPU Usage:0 %
1628 | [Owner : Système | Parent : 936(services.exe) | 55.6 Mo] - (.Bitdefender - Bitdefender Device Management Service.) - (21.0.25.89) = C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe     [12/06/2017 11:21:20]    CPU Usage:0 %
2544 | [Owner : Système | Parent : 3044(NVDisplay.Container.exe) | 73.31 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.2.0.0) = C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe     [24/05/2017 23:12:41]    CPU Usage:0 %
2704 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 17.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
2084 | [Owner : Système | Parent : 936(services.exe) | 14.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
3080 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 17.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
3168 | [Owner : Système | Parent : 936(services.exe) | 22.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
3220 | [Owner : Système | Parent : 936(services.exe) | 18.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
3228 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 20.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
3392 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 30.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
3492 | [Owner : Système | Parent : 936(services.exe) | 23.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
3652 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 15.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
3648 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 31.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
3740 | [Owner : Système | Parent : 936(services.exe) | 32.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
3804 | [Owner : Système | Parent : 936(services.exe) | 23.01 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
3844 | [Owner : Système | Parent : 936(services.exe) | 52.43 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.16215.1000) = C:\Windows\System32\spoolsv.exe     [04/06/2017 12:10:47]    CPU Usage:0 %
4076 | [Owner : Système | Parent : 936(services.exe) | 16.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
4084 | [Owner : Système | Parent : 936(services.exe) | 17.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
4092 | [Owner : SERVICE RÉSEAU | Parent : 936(services.exe) | 16.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
3688 | [Owner : Système | Parent : 936(services.exe) | 35.8 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
4064 | [Owner : Système | Parent : 936(services.exe) | 83.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
4104 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 62.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
4112 | [Owner : SERVICE RÉSEAU | Parent : 936(services.exe) | 32.63 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
4120 | [Owner : Système | Parent : 936(services.exe) | 74.24 Mo] - (.Apple Inc. - MobileDeviceService.) - (17.374.913.2) = C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe     [03/04/2017 08:52:02]    CPU Usage:0 %
4184 | [Owner : Système | Parent : 936(services.exe) | 16.68 Mo] - (.Apple Inc. - Bonjour Service.) - (3.1.0.1) = C:\Program Files\Bonjour\mDNSResponder.exe     [12/08/2015 17:03:42]    CPU Usage:0 %
4192 | [Owner : Système | Parent : 936(services.exe) | 31.42 Mo] - (.Windows (R) Win 7 DDK provider - Windows Setup API.) - (6.1.7600.16385) = C:\Windows\System32\AdminService.exe     [11/07/2016 10:19:50]    CPU Usage:0 %
4200 | [Owner : Système | Parent : 936(services.exe) | 47.67 Mo] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - (1.824.22.5037) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe     [25/04/2017 09:12:12]    CPU Usage:0 %
4220 | [Owner : Système | Parent : 936(services.exe) | 29.81 Mo] - (.Rivet Networks - Killer Network Service.) - (1.1.59.1701) = C:\Program Files\Killer Networking\Network Manager\KillerService.exe     [15/04/2016 09:47:18]    CPU Usage:1 %
4228 | [Owner : Système | Parent : 936(services.exe) | 9.41 Mo] - (.Insyde Software Corp. - HotKey Filter Clipboard Service.) - (1.0.0.13) = C:\Program Files (x86)\Hotkey\Driver\x64\HKClipSvc.exe     [31/08/2016 14:09:43]    CPU Usage:0 %
4240 | [Owner : Système | Parent : 936(services.exe) | 57.7 Mo] - (.Microsoft Corporation -.) - (8.0.14194.286) = C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe     [15/10/2014 18:28:42]    CPU Usage:0 %
4260 | [Owner : Système | Parent : 936(services.exe) | 60.53 Mo] - (.Microsoft Corporation - Microsoft Office Click-to-Run (SxS).) - (16.0.8201.2102) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe     [05/02/2016 18:15:20]    CPU Usage:0 %
4268 | [Owner : Système | Parent : 936(services.exe) | 28.29 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.4.2206.1309) = C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe     [24/09/2016 00:03:49]    CPU Usage:0 %
4368 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 6.86 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
4376 | [Owner : Système | Parent : 936(services.exe) | 14.58 Mo] - (.- DedicarzService.) - (1.4.10.1418) = C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe     [15/09/2014 11:01:40]    CPU Usage:0 %
4388 | [Owner : SERVICE RÉSEAU | Parent : 936(services.exe) | 17.49 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.4.2206.1309) = C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe     [21/12/2016 15:28:30]    CPU Usage:0 %
4396 | [Owner : Système | Parent : 936(services.exe) | 13.12 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
4488 | [Owner : Système | Parent : 936(services.exe) | 16.37 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
4508 | [Owner : Système | Parent : 936(services.exe) | 5.96 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
4516 | [Owner : Système | Parent : 936(services.exe) | 21.05 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
4540 | [Owner : Système | Parent : 936(services.exe) | 22.68 Mo] - (.CLEVO CO. - HotkeyService.) - (1.4.5.66) = C:\Program Files (x86)\Hotkey\HotkeyService.exe     [31/08/2016 14:09:29]    CPU Usage:0 %
4592 | [Owner : Système | Parent : 936(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.12.16215.1000) = C:\Windows\System32\SecurityHealthService.exe     [04/06/2017 12:10:50]    CPU Usage:0 %
4628 | [Owner : Système | Parent : 936(services.exe) | 9.79 Mo] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - (19.3.4.66) = C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe     [25/01/2017 22:21:44]    CPU Usage:0 %
4636 | [Owner : Système | Parent : 936(services.exe) | 18.07 Mo] - (.Bitdefender - Bitdefender Update Service.) - (21.0.25.76) = C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe     [02/06/2017 13:11:15]    CPU Usage:0 %
4648 | [Owner : Système | Parent : 936(services.exe) | 8.11 Mo] - (.Microsoft Corporation - SQL Server VSS Writer - 64 Bit.) - (2014.120.2000.8) = C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe     [21/02/2014 05:25:30]    CPU Usage:0 %
4656 | [Owner : Système | Parent : 936(services.exe) | 25.22 Mo] - (.Razer Inc. - RzWizardService.) - (1.0.6.1000) = C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe     [23/03/2016 04:50:54]    CPU Usage:0 %
4672 | [Owner : Système | Parent : 936(services.exe) | ?????] - (.Bitdefender - Bitdefender ASMI Protected Service.) - (1.0.1.37) = C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe     [02/06/2017 13:11:15]    CPU Usage:0 %
4708 | [Owner : Système | Parent : 936(services.exe) | 16.73 Mo] - (.Bitdefender - Bitdefender Agent.) - (21.0.24.40) = C:\Program Files\Bitdefender Agent\ProductAgentService.exe     [02/06/2017 12:03:18]    CPU Usage:0 %
4856 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 17.88 Mo] - (.Electronic Arts - OriginWebHelperService.) - (10.4.12.59996) = C:\Program Files (x86)\Origin\OriginWebHelperService.exe     [25/09/2016 22:06:32]    CPU Usage:0 %
4908 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 6.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
5068 | [Owner : Système | Parent : 936(services.exe) | 12.29 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
5076 | [Owner : Système | Parent : 936(services.exe) | 14.38 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
5988 | [Owner : Système | Parent : 936(services.exe) | 8.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
6132 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 9.26 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
6156 | [Owner : Système | Parent : 1048(svchost.exe) | 10.66 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.16215.1000) = C:\Windows\System32\dllhost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
6872 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 24.14 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
6948 | [Owner : SERVICE RÉSEAU | Parent : 1048(svchost.exe) | 19.27 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.16215.1000) = C:\Windows\System32\wbem\WmiPrvSE.exe     [04/06/2017 12:10:42]    CPU Usage:0 %
7332 | [Owner : Système | Parent : 936(services.exe) | 16.02 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
5000 | [Owner : Utilisateur | Parent : 4628(SynTPEnhService.exe) | 23.96 Mo] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) - (19.3.4.66) = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe     [25/01/2017 22:21:42]    CPU Usage:0 %
5676 | [Owner : Utilisateur | Parent : 4268(nvcontainer.exe) | 45.76 Mo] - (.NVIDIA Corporation - NVIDIA Container.) - (1.4.2206.1309) = C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe     [24/09/2016 00:03:49]    CPU Usage:0 %
6320 | [Owner : Utilisateur | Parent : 1808(svchost.exe) | 36.39 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.16215.1000) = C:\Windows\System32\sihost.exe     [04/06/2017 12:09:25]    CPU Usage:0 %
7040 | [Owner : Utilisateur | Parent : 936(services.exe) | 21.91 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
8168 | [Owner : Utilisateur | Parent : 936(services.exe) | 32.57 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1216 | [Owner : Utilisateur | Parent : 1660(svchost.exe) | 18.81 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.16215.1000) = C:\Windows\System32\taskhostw.exe     [04/06/2017 12:10:35]    CPU Usage:0 %
8224 | [Owner : Système | Parent : 936(services.exe) | 17.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
8520 | [Owner : Système | Parent : 936(services.exe) | 8.67 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
8672 | [Owner : Système | Parent : 936(services.exe) | 6.72 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
8740 | [Owner : Utilisateur | Parent : 8680() | 162.28 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.16215.1000) = C:\Windows\explorer.exe     [04/06/2017 12:10:49]    CPU Usage:0 %
8952 | [Owner : Utilisateur | Parent : 3540() | 4.86 Mo] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) - (19.3.4.66) = C:\Program Files\Synaptics\SynTP\SynTPHelper.exe     [25/01/2017 22:21:48]    CPU Usage:0 %
8972 | [Owner : Système | Parent : 936(services.exe) | 11.24 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
9192 | [Owner : Système | Parent : 936(services.exe) | 22.78 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
8276 | [Owner : Utilisateur | Parent : 1048(svchost.exe) | 107.49 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.16215.1000) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe     [04/06/2017 12:09:09]    CPU Usage:0 %
9436 | [Owner : Système | Parent : 936(services.exe) | 50.28 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.16215.1000) = C:\Windows\System32\SearchIndexer.exe     [04/06/2017 12:09:29]    CPU Usage:0 %
9576 | [Owner : Utilisateur | Parent : 1048(svchost.exe) | 196.65 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.16215.1000) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe     [04/06/2017 12:11:32]    CPU Usage:0 %
9596 | [Owner : Utilisateur | Parent : 1048(svchost.exe) | 26.24 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16215.1000) = C:\Windows\System32\RuntimeBroker.exe     [04/06/2017 12:09:24]    CPU Usage:0 %
9936 | [Owner : Utilisateur | Parent : 1048(svchost.exe) | 22.02 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16215.1000) = C:\Windows\System32\RuntimeBroker.exe     [04/06/2017 12:09:24]    CPU Usage:0 %
880 | [Owner : Utilisateur | Parent : 1048(svchost.exe) | 38.78 Mo] - (.Microsoft Corporation - SmartScreen.) - (10.0.16215.1000) = C:\Windows\System32\smartscreen.exe     [04/06/2017 12:09:25]    CPU Usage:0 %
1892 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 13.57 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
6012 | [Owner : Utilisateur | Parent : 2544(NVDisplay.Container.exe) | 14.74 Mo] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.8233) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe     [24/05/2017 23:12:45]    CPU Usage:0 %
1304 | [Owner : Utilisateur | Parent : 936(services.exe) | 24.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
11684 | [Owner : Utilisateur | Parent : 8740(explorer.exe) | 11.32 Mo] - (.Microsoft Corporation - Windows Defender notification icon.) - (4.12.16215.1000) = C:\Program Files\Windows Defender\MSASCuiL.exe     [04/06/2017 12:08:57]    CPU Usage:0 %
11312 | [Owner : Utilisateur | Parent : 8740(explorer.exe) | 21.78 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.1057) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe     [12/01/2017 08:22:34]    CPU Usage:0 %
6008 | [Owner : Utilisateur | Parent : 8740(explorer.exe) | 14.92 Mo] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) - (10.0.16215.1000) = C:\Windows\System32\rundll32.exe     [04/06/2017 12:10:32]    CPU Usage:0 %
12116 | [Owner : Utilisateur | Parent : 1048(svchost.exe) | 6.66 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.16215.1000) = C:\Windows\System32\SettingSyncHost.exe     [04/06/2017 12:09:21]    CPU Usage:0 %
10408 | [Owner : Utilisateur | Parent : 8740(explorer.exe) | 17.68 Mo] - (.Apple Inc. - iTunesHelper.) - (12.6.1.25) = C:\Program Files\iTunes\iTunesHelper.exe     [09/05/2017 04:02:44]    CPU Usage:0 %
10452 | [Owner : Utilisateur | Parent : 8740(explorer.exe) | 62.99 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (17.3.6816.313) = C:\Users\Utilisateur\AppData\Local\Microsoft\OneDrive\OneDrive.exe     [31/08/2016 13:26:29]    CPU Usage:0 %
10360 | [Owner : Utilisateur | Parent : 8740(explorer.exe) | 166.06 Mo] - (.Valve Corporation - Steam Client Bootstrapper.) - (4.0.6.0) = C:\Program Files (x86)\Steam\Steam.exe     [23/07/2016 01:36:30]    CPU Usage:2 %
7180 | [Owner : Système | Parent : 936(services.exe) | 9.26 Mo] - (.Apple Inc. - iPodService Module (64-bit).) - (12.6.1.25) = C:\Program Files\iPod\bin\iPodService.exe     [09/05/2017 04:02:44]    CPU Usage:0 %
11952 | [Owner : Utilisateur | Parent : 10360(Steam.exe) | 67.02 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.0.6.0) = C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe     [14/12/2016 00:35:04]    CPU Usage:0 %
12264 | [Owner : Système | Parent : 936(services.exe) | 17.09 Mo] - (.Valve Corporation - Steam Client Service.) - (4.0.6.0) = C:\Program Files (x86)\Common Files\Steam\SteamService.exe     [31/08/2016 19:29:13]    CPU Usage:0 %
11396 | [Owner : Utilisateur | Parent : 8740(explorer.exe) | 48.58 Mo] - (.Rivet Networks - Killer Network Manager.) - (1.1.59.1701) = C:\Program Files\Killer Networking\Network Manager\NetworkManager.exe     [15/04/2016 09:46:46]    CPU Usage:0 %
2060 | [Owner : Utilisateur | Parent : 11384() | 32.56 Mo] - (.Creative Technology Ltd - Sound Blaster Control Panel.) - (1.0.18.0) = C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB5\Sound Blaster X-Fi MB5\SBXFIMB5.exe     [31/08/2016 14:45:25]    CPU Usage:0 %
12412 | [Owner : Système | Parent : 1048(svchost.exe) | 14.54 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.16215.1000) = C:\Windows\System32\wbem\WmiPrvSE.exe     [04/06/2017 12:10:42]    CPU Usage:0 %
12600 | [Owner : Utilisateur | Parent : 11436() | 70.49 Mo] - (.GOG.com - GOG Galaxy.) - (1.2.10.31) = C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe     [19/06/2017 20:45:27]    CPU Usage:0 %
12852 | [Owner : Utilisateur | Parent : 12796() | 15.93 Mo] - (.GOG.com - GalaxyCommunicationService.) - (1.2.10.1) = C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe     [19/06/2017 20:45:28]    CPU Usage:0 %
12996 | [Owner : Utilisateur | Parent : 12600(GalaxyClient.exe) | 57.73 Mo] - (.GOG.com - GalaxyClient Helper Application.) - (1.2.10.31) = C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe     [19/06/2017 20:45:27]    CPU Usage:3 %
13188 | [Owner : Utilisateur | Parent : 12600(GalaxyClient.exe) | 347.44 Mo] - (.GOG.com - GalaxyClient Helper Application.) - (1.2.10.31) = C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe     [19/06/2017 20:45:27]    CPU Usage:2 %
13204 | [Owner : Utilisateur | Parent : 12600(GalaxyClient.exe) | 76.31 Mo] - (.GOG.com - GOG Galaxy Notifications Renderer.) - (1.2.10.31) = C:\Program Files (x86)\GOG Galaxy\GOG Galaxy Notifications Renderer.exe     [19/06/2017 20:45:27]    CPU Usage:0 %
10208 | [Owner : Utilisateur | Parent : 12600(GalaxyClient.exe) | 62.34 Mo] - (.GOG.com - GalaxyClient Helper Application.) - (1.2.10.31) = C:\Program Files (x86)\GOG Galaxy\GalaxyClient Helper.exe     [19/06/2017 20:45:27]    CPU Usage:0 %
776 | [Owner : Utilisateur | Parent : 10604() | 24.43 Mo] - (.CLEVO CO. - ComboKeyTray.) - (1.0.0.8) = C:\Program Files (x86)\Hotkey\ComboKeyTray.exe     [31/08/2016 14:09:28]    CPU Usage:0 %
13320 | [Owner : Système | Parent : 936(services.exe) | 100.99 Mo] - (.Intel(R) Corporation - XtuService.) - (6.0.2.10) = C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe     [01/12/2015 17:14:30]    CPU Usage:0 %
13948 | [Owner : Utilisateur | Parent : 1660(svchost.exe) | 12.05 Mo] - (.Bitdefender - Bitdefender agent.) - (21.0.25.76) = C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe     [02/06/2017 13:11:03]    CPU Usage:0 %
9896 | [Owner : Utilisateur | Parent : 11380() | 37.82 Mo] - (.Intel Corporation - IAStorIcon.) - (14.8.0.1042) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe     [04/11/2015 11:28:22]    CPU Usage:0 %
3272 | [Owner : SERVICE RÉSEAU | Parent : 936(services.exe) | 47.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
4144 | [Owner : Système | Parent : 936(services.exe) | 6.69 Mo] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (11.0.6.1194) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe     [25/05/2016 22:54:10]    CPU Usage:0 %
4208 | [Owner : Système | Parent : 936(services.exe) | 12.04 Mo] - (.Intel Corporation - Intel(R) Local Management Service.) - (11.0.6.1194) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe     [25/05/2016 22:52:56]    CPU Usage:0 %
5252 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 10.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
10852 | [Owner : Utilisateur | Parent : 13596() | 4.09 Mo] - (.Node.js - NVIDIA Web Helper Service.) - (6.9.5.0) = C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe     [24/09/2016 00:03:52]    CPU Usage:0 %
10888 | [Owner : Utilisateur | Parent : 10852(NVIDIA Web Helper.exe) | 0.6 Mo] - (.Microsoft Corporation - Console Window Host.) - (10.0.16215.1000) = C:\Windows\System32\conhost.exe     [04/06/2017 12:10:00]    CPU Usage:0 %
11548 | [Owner : Système | Parent : 936(services.exe) | 15.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
1696 | [Owner : Utilisateur | Parent : 8740(explorer.exe) | 495.82 Mo] - (.Mozilla Corporation - Firefox.) - (54.0.0.6368) = C:\Program Files\Mozilla Firefox\firefox.exe     [20/06/2017 10:23:05]    CPU Usage:0 %
3424 | [Owner : Utilisateur | Parent : 1696(firefox.exe) | 100.58 Mo] - (.Mozilla Corporation - Firefox.) - (54.0.0.6368) = C:\Program Files\Mozilla Firefox\firefox.exe     [20/06/2017 10:23:05]    CPU Usage:0 %
8156 | [Owner : Utilisateur | Parent : 1696(firefox.exe) | 631.13 Mo] - (.Mozilla Corporation - Firefox.) - (54.0.0.6368) = C:\Program Files\Mozilla Firefox\firefox.exe     [20/06/2017 10:23:05]    CPU Usage:0 %
2592 | [Owner : Utilisateur | Parent : 1048(svchost.exe) | 40.46 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.16215.1000) = C:\Windows\System32\ApplicationFrameHost.exe     [04/06/2017 12:09:37]    CPU Usage:0 %
13340 | [Owner : Utilisateur | Parent : 1048(svchost.exe) | 68.02 Mo] - (.Microsoft Corporation - Store.) - (11705.1001.21.0) = C:\Program Files\WindowsApps\Microsoft.WindowsStore_11705.1001.21.0_x64__8wekyb3d8bbwe\WinStore.App.exe     [17/06/2017 11:24:50]    CPU Usage:0 %
9560 | [Owner : Utilisateur | Parent : 1048(svchost.exe) | 25.45 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16215.1000) = C:\Windows\System32\RuntimeBroker.exe     [04/06/2017 12:09:24]    CPU Usage:0 %
2912 | [Owner : Utilisateur | Parent : 1048(svchost.exe) | 42.35 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.16215.1000) = C:\Windows\System32\RuntimeBroker.exe     [04/06/2017 12:09:24]    CPU Usage:0 %
13780 | [Owner : Utilisateur | Parent : 1048(svchost.exe) | 10.88 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.16215.1000) = C:\Windows\System32\dllhost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
8732 | [Owner : Utilisateur | Parent : 11952(steamwebhelper.exe) | 38.04 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (4.0.6.0) = C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe     [14/12/2016 00:35:04]    CPU Usage:0 %
2888 | [Owner : SERVICE LOCAL | Parent : 936(services.exe) | 7.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
11652 | [Owner : Utilisateur | Parent : 8520(svchost.exe) | 15.7 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.16215.1000) = C:\Windows\System32\ctfmon.exe     [04/06/2017 12:10:36]    CPU Usage:0 %
1508 | [Owner : Utilisateur | Parent : 10328() | 25.69 Mo] - (.Piriform Ltd - CCleaner.) - (5.31.0.6105) = C:\Program Files\CCleaner\CCleaner64.exe     [13/06/2017 16:08:50]    CPU Usage:0 %
5788 | [Owner : Utilisateur | Parent : 8456() | 8.03 Mo] - (.Bitdefender - Bitdefender Wallet Agent.) - (21.0.25.76) = C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe     [02/06/2017 13:11:06]    CPU Usage:0 %
14992 | [Owner : Utilisateur | Parent : 1048(svchost.exe) | 42.21 Mo] - (.Microsoft Corporation - WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe.) - (10.0.16215.1000) = C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe     [04/06/2017 12:09:47]    CPU Usage:0 %
15332 | [Owner : Système | Parent : 936(services.exe) | 448.47 Mo] - (.Malwarebytes - Malwarebytes Service.) - (3.1.0.479) = C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe     [21/06/2017 16:17:49]    CPU Usage:0 %
15220 | [Owner : Utilisateur | Parent : 15332(MBAMService.exe) | 33.78 Mo] - (.Malwarebytes - Malwarebytes Tray Application.) - (3.0.0.1068) = C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe     [21/06/2017 16:17:48]    CPU Usage:0 %
7692 | [Owner : Utilisateur | Parent : 1660(svchost.exe) | 17.29 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.16215.1000) = C:\Windows\System32\taskhostw.exe     [04/06/2017 12:10:35]    CPU Usage:0 %
1072 | [Owner : Système | Parent : 936(services.exe) | 11.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
13696 | [Owner : Système | Parent : 936(services.exe) | 13.21 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
5380 | [Owner : Système | Parent : 936(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
5420 | [Owner : Système | Parent : 8972(svchost.exe) | 14.83 Mo] - (.Microsoft Corporation - Microsoft Compatibility Telemetry.) - (10.0.16215.1000) = C:\Windows\System32\CompatTelRunner.exe     [04/06/2017 12:09:47]    CPU Usage:5 %
14552 | [Owner : Système | Parent : 5420(CompatTelRunner.exe) | 8 Mo] - (.Microsoft Corporation - Console Window Host.) - (10.0.16215.1000) = C:\Windows\System32\conhost.exe     [04/06/2017 12:10:00]    CPU Usage:0 %
2856 | [Owner : Système | Parent : 936(services.exe) | 6.35 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
6736 | [Owner : SERVICE LOCAL | Parent : 3392(svchost.exe) | 18.56 Mo] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.16215.1000) = C:\Windows\System32\audiodg.exe     [04/06/2017 12:09:21]    CPU Usage:0 %
2700 | [Owner : Système | Parent : 936(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.16215.1000) = C:\Windows\System32\svchost.exe     [04/06/2017 12:09:57]    CPU Usage:0 %
4016 | [Owner : Utilisateur | Parent : 8740(explorer.exe) | 39.65 Mo] - (.SosVirus - QuickDiag.) - (1.6.17.1) = C:\Users\Utilisateur\Desktop\QuickDiag.exe     [20/06/2017 09:33:35]    CPU Usage:0 %
15156 | [Owner : SERVICE RÉSEAU | Parent : 1048(svchost.exe) | 10.78 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.16215.1000) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe     [04/06/2017 12:11:26]    CPU Usage:0 %

---------- | MD5

[MD5.7F5C3EE402F6C22FB4BD40BD71091BE0] - [04/06/2017 12:10:49] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3786 Ko] - (10.0.16215.1000) : C:\WINDOWS\Explorer.exe
[MD5.A5502DA709163B6B3FFFDDE183A41ADD] - [04/06/2017 12:09:37] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [267 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\cmd.exe
[MD5.F939C28FD276FDF02F844838181C4629] - [04/06/2017 12:09:57] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [13.2 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\csrss.exe
[MD5.CC8F16966F69F945F434339850D91315] - [04/06/2017 12:09:57] - (.© Microsoft Corporation. - COM Surrogate.) - [16.33 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\dllhost.exe
[MD5.29A93A442E657B505048D4CCA79A6FC9] - [04/06/2017 12:10:42] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [681.49 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Kernel32.dll
[MD5.7613A511A58B2D8F0E634705D5999220] - [04/06/2017 12:09:57] - (.© Microsoft Corporation. - Local Security Authority Process.) - [52.54 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\lsass.exe
[MD5.AC6185BAC91818052F0C5F0CC91C6FD9] - [04/06/2017 12:09:55] - (.© Microsoft Corporation. - Distributed COM Services.) - [1057.5 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\rpcss.dll
[MD5.6F87DEF67E559863467F8CC5C390A4B3] - [04/06/2017 12:10:32] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [69.5 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\rundll32.exe
[MD5.E872B7C333CB3366D439DA21D93D26EE] - [04/06/2017 12:09:57] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [597.27 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\services.exe
[MD5.AB032D75B4526A7906D3FACEE35A69B6] - [04/06/2017 12:09:57] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [48.51 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\svchost.exe
[MD5.7321E151821E7F5988A9F83774833848] - [04/06/2017 12:09:34] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1581.84 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\user32.dll
[MD5.0791D91F6E34EAF90622605B72508E82] - [04/06/2017 12:09:57] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [31.5 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\userinit.exe
[MD5.3508D0582E9B971D822C5A8F9A99F5B6] - [04/06/2017 12:09:57] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [343.55 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Wininit.exe
[MD5.E694907E0C017F2583934C21987969ED] - [04/06/2017 12:10:00] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [696 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Winlogon.exe
[MD5.2238F699FB593A1DCFB2356893E6BBFB] - [04/06/2017 12:09:55] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [591.83 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\afd.sys
[MD5.4A11A15D6DB5DD12A33FAC4C239CB003] - [04/06/2017 12:08:35] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.83 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\atapi.sys
[MD5.1B7B2BA9BAE6DC09C09EB4CB6E2626B7] - [04/06/2017 12:08:35] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [186.33 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\ataport.sys
[MD5.E175537788607AD057EA49313A8F4461] - [04/06/2017 12:09:58] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [91 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\cdfs.sys
[MD5.4E3427D37F1F5EF8B42DA89C2DE1AA8F] - [04/06/2017 12:08:33] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [156 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\cdrom.sys
[MD5.1ED29C46AD6D0F47C38692FAA2543BA2] - [04/06/2017 12:10:00] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [145.5 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\dfsc.sys
[MD5.89CBF3476595A90A42F946E52C92B20B] - [04/06/2017 12:08:28] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [84 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\hdaudbus.sys
[MD5.8F5F73DCE1C2C07A842383300A1A5F60] - [04/06/2017 12:08:46] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [113 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\i8042prt.sys
[MD5.F1C151DC347E0C6385FE774264454260] - [04/06/2017 12:09:34] - (.© Microsoft Corporation. - IP Network Address Translator.) - [209.5 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\ipnat.sys
[MD5.9EBFA5867BD056F6A05B03B67EDBD07E] - [04/06/2017 12:10:00] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [457.83 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\mrxsmb.sys
[MD5.46589A7D84021FAB9507D3F0CC86811A] - [04/06/2017 12:09:55] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1214.83 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\ndis.sys
[MD5.B1C5786AF9649C257C71393610868006] - [04/06/2017 12:10:27] - (.© Microsoft Corporation. - MBT Transport driver.) - [299 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\netbt.sys
[MD5.CC5FEC7E3978B06C82079DE849E0B747] - [04/06/2017 12:09:58] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2255.33 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\ntfs.sys
[MD5.5893B11541EDE1DEA5796F16F6279210] - [04/06/2017 12:08:35] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [96.5 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\parport.sys
[MD5.C19B766AED33C686B468EA9B3C59FC6C] - [04/06/2017 12:10:32] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [104 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\rasl2tp.sys
[MD5.E9E2D002EA6703F28F3655BE89486DB8] - [04/06/2017 12:11:37] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [181 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\rdpdr.sys
[MD5.8C47E9355BA8C42DEB032A82066391C8] - [04/06/2017 12:09:57] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2639.33 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\tcpip.sys
[MD5.69CAC3FB4BD818367995894B33CE5D35] - [04/06/2017 12:09:57] - (.© Microsoft Corporation. - TDI Translation Driver.) - [113.33 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\tdx.sys
[MD5.4238A38D8A5E59AB4525EFF2EAE6DE17] - [04/06/2017 12:10:42] - (.© Microsoft Corporation. - Volume Shadow Copy driver.) - [399.33 Ko] - (10.0.16215.1000) : C:\WINDOWS\System32\Drivers\volsnap.sys

---------- | Locked Applications


---------- | Explorer.exe component call (Microsoft Files Whitelisted)

(.BitDefender S.R.L. Bucharest, ROMANIA.-.BitDefender Active Virus Control Usermode Filtering Library.) - (3.13.17607.6533) -- C:\Program Files\Bitdefender\Bitdefender 2017\Active Virus Control\Avc3_00129_008\avcuf64.dll
(..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\inputhost.dll
(.NVIDIA Corporation.-.NVIDIA Driver Loader, Version 382.33.) - (22.21.13.8233) -- C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvldumdx.dll
(.NVIDIA Corporation.-.NVIDIA D3D10 Driver, Version 382.33.) - (22.21.13.8233) -- C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvwgf2umx_cfg.dll
(.NVIDIA Corporation.-.NVIDIA Capture Server Proxy.) - (3.6.0.74) -- C:\WINDOWS\system32\nvspcap64.dll
(.Bitdefender.-.Product Info Library.) - (21.0.25.92) -- C:\Program Files\Bitdefender\Bitdefender 2017\IServConfig.dll
(.Bitdefender.-.Bitdefender File Shredder Shell Extension.) - (21.0.25.92) -- C:\Program Files\Bitdefender\Bitdefender 2017\lang\fr-FR\fshredctx.txtui
(.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 382.33.) - (22.21.13.8233) -- C:\WINDOWS\system32\nvapi64.dll
(.BitDefender.-.FileVault API.) - (13.1.1.4) -- C:\Program Files\Bitdefender\Bitdefender 2017\bdvedapi.dll
(..-.fzshellext Dynamic Link Library.) - (3.22.2.2) -- C:\Program Files\FileZilla FTP Client\fzshellext_64.dll

---------- | Svchost.exe component call (Microsoft Files Whitelisted)

(.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.18.0.0) -- C:\WINDOWS\System32\winsqlite3.dll

---------- | ZeroAccess Check

[HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll
[HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll
[HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll

---------- | Startings up

OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL
OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU
OneDrive - ("C:\Users\Utilisateur\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\...\Run]) - User: DESKTOP-CJSUH9G\Utilisateur
Steam - ("C:\Program Files (x86)\Steam\steam.exe" -silent [HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\...\Run]) - User: DESKTOP-CJSUH9G\Utilisateur
GalaxyClient - (C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart [HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\...\Run]) - User: DESKTOP-CJSUH9G\Utilisateur
CCleaner Monitoring - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\...\Run]) - User: DESKTOP-CJSUH9G\Utilisateur
Killer Network Manager - (C:\PROGRA~1\KILLER~1\NETWOR~1\NETWOR~1.EXE -minimize [Common Startup]) - User: Public
NewShortcut1 - (C:\PROGRA~2\Hotkey\HkeyTray.exe  [Common Startup]) - User: Public
SecurityHealth - (%ProgramFiles%\Windows Defender\MSASCuiL.exe [HKLM\SOFTWARE\...\Run]) - User: Public
RTHDVCPL - ("C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s [HKLM\SOFTWARE\...\Run]) - User: Public
IAStorIcon - ("C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [HKLM\SOFTWARE\...\Run]) - User: Public
ShadowPlay - ("C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart [HKLM\SOFTWARE\...\Run]) - User: Public
MBCfg64 - (C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\MBCfg64.dll,RunDLLEntry MBCfg64 [HKLM\SOFTWARE\...\Run]) - User: Public
iTunesHelper - ("C:\Program Files\iTunes\iTunesHelper.exe" [HKLM\SOFTWARE\...\Run]) - User: Public
Malwarebytes TrayApp - (C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [HKLM\SOFTWARE\...\Run]) - User: Public

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=9   

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Utilisateur\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background   
"Steam"="C:\Program Files (x86)\Steam\steam.exe" -silent   
"GalaxyClient"=C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart   
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR   

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"OneDrive"=0x020000000000000000000000   
"Steam"=0x020000000000000000000000   
"GalaxyClient"=   

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"Device"=HP ENVY 4500 Series Class Driver,winspool,Ne02:   
"IsMRUEstablished"=1   
"LegacyDefaultPrinterMode"=0   

[HKLM\Software\Microsoft\Command Processor]
"CompletionChar"=64   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=64   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=%ProgramFiles%\Windows Defender\MSASCuiL.exe   
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s   
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60   
"ShadowPlay"="C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart   
"MBCfg64"=C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\MBCfg64.dll,RunDLLEntry MBCfg64   
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"   
"Malwarebytes TrayApp"=C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe   [21/06/2017 16:17:48]

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"Malwarebytes TrayApp"=0x040000000000000000000000   
"SecurityHealth"=0x060000000000000000000000   
"RTHDVCPL"=0x060000000000000000000000   
"IAStorIcon"=0x020000000000000000000000   
"iTunesHelper"=0x020000000000000000000000   
"ShadowPlay"=0x020000000000000000000000   
"MBCfg64"=0x020000000000000000000000   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]
"RzWizard"=0x040000000000000000000000   
"UpdReg"=0x020000000000000000000000   
"Sound Blaster X-Fi MB5"=0x020000000000000000000000   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
""=mnmsrvc   
"AppInit_DLLs"=   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"DeviceNotSelectedTimeout"=15   
"DwmInputUsesIoCompletionPort"=1   
"EnableDwmInputProcessing"=7   
"EnableMitInputProcessing"=7   
"GDIProcessHandleQuota"=10000   
"IconServiceLib"=IconCodecService.dll   
"LoadAppInit_DLLs"=0   
"NaturalInputHandler"=Ninput.dll   
"ShutdownWarningDialogTimeout"=4294967295   
"Spooler"=yes   
"ThreadUnresponsiveLogTimeout"=500   
"TransmissionRetryTimeout"=90   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   
"Win32kLastWriteTime"=1D2DD1AAC04B7D0   

[HKLM\Software\WOW6432Node\Microsoft\Command Processor]
"CompletionChar"=64   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=64   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdReg"=C:\WINDOWS\UpdReg.EXE   [31/08/2016 14:46:01]
"Sound Blaster X-Fi MB5"="C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB5\Sound Blaster X-Fi MB5\SBXFIMB5.exe" /r   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
""=mnmsrvc   
"AppInit_DLLs"=   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"DeviceNotSelectedTimeout"=15   
"DwmInputUsesIoCompletionPort"=1   
"EnableDwmInputProcessing"=7   
"EnableMitInputProcessing"=7   
"GDIProcessHandleQuota"=10000   
"IconServiceLib"=IconCodecService.dll   
"LoadAppInit_DLLs"=0   
"NaturalInputHandler"=Ninput.dll   
"ShutdownWarningDialogTimeout"=4294967295   
"Spooler"=yes   
"ThreadUnresponsiveLogTimeout"=500   
"TransmissionRetryTimeout"=90   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED}   


---------- | Win.ini : 



---------- | System.ini : 



---------- | Tasks List

Adobe Acrobat Update Task
Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
CCleanerSkipUAC
GoogleUpdateTaskMachineCore
GoogleUpdateTaskMachineUA
Intel PTT EK Recertification
NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
OneDrive Standalone Update Task v2

---------- | Startings up registry ¦ Folder


---------- | Other keys


[HKLM\System\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll   

[HKLM\System\CurrentControlSet\Control\Terminal Server]
"AllowRemoteRPC"=0   
"DelayConMgrTimeout"=0   
"DeleteTempDirsOnExit"=1   
"fDenyTSConnections"=1   
"fSingleSessionPerUser"=1   
"NotificationTimeOut"=0   
"PerSessionTempDir"=0   
"ProductVersion"=5.1   
"RCDependentServices"=CertPropSvc
SessionEnv   
"SnapshotMonitors"=1   
"StartRCM"=0   
"TSUserEnabled"=0   
"RailShowallNotifyIcons"=1   
"RDPVGCInstalled"=1   
"fDenyChildConnections"=0   
"InstanceID"=57dfe90a-236c-4287-a0d9-8edd28e   
"GlassSessionId"=1   

[HKLM\System\CurrentControlSet\Control\Session Manager]
"AutoChkTimeout"=8   
"BootExecute"=autocheck autochk *   
"BootShell"=%SystemRoot%\system32\bootim.exe   
"CriticalSectionTimeout"=2592000   
"ExcludeFromKnownDlls"=   
"GlobalFlag"=0   
"HeapDeCommitFreeBlockThreshold"=0   
"HeapDeCommitTotalFreeThreshold"=0   
"HeapSegmentCommit"=0   
"HeapSegmentReserve"=0   
"InitConsoleFlags"=0   
"NumberOfInitialSessions"=2   
"ObjectDirectories"=\Windows
\RPC Control   
"ProcessorControl"=2   
"ProtectionMode"=1   
"ResourceTimeoutCount"=648000   
"RunLevelExecute"=WinInit
ServiceControlManager   
"RunLevelValidate"=ServiceControlManager   
"SETUPEXECUTE"=   
"AutoChkSkipSystemPartition"=0   
"PendingFileRenameOperations"=\??\C:\Users\UTILIS~1\AppData\Local\Temp\nsp431B.tmp\p\syschk.dll

\??\C:\Users\UTILIS~1\AppData\Local\Temp\nsp431B.tmp\p\

\??\C:\Users\UTILIS~1\AppData\Local\Temp\nsp431B.tmp\ui\pfUI.dll

\??\C:\Users\UTILIS~1\AppData\Local\Temp\nsp431B.tmp\ui\res\Montserrat-Regular.otf

\??\C:\Users\UTILIS~1\AppData\Local\Temp\nsp431B.tmp\ui\res\

\??\C:\Users\UTILIS~1\AppData\Local\Temp\nsp431B.tmp\ui\

\??\C:\Users\UTILIS~1\AppData\Local\Temp\nsp431B.tmp\
   

[HKLM\System\CurrentControlSet\Control]
"BootDriverFlags"=28   
"CurrentUser"=USERNAME   
"EarlyStartServices"=RpcSs
Power
BrokerInfrastructure
SystemEventsBroker
DcomLaunch
RpcEpMapper
LSM
AppIdSvc   
"PreshutdownOrder"=UsoSvc
DeviceInstall
gpsvc
trustedinstaller   
"SvcHostSplitThresholdInKB"=3670016   
"WaitToKillServiceTimeout"=200   
"SystemStartOptions"= FLIGHTSIGNING  NOEXECUTE=OPTIN  NOVGA   
"SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(4)   
"FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(2)   
"LastBootSucceeded"=1   
"LastBootShutdown"=1   
"DirtyShutdownCount"=2   

[HKLM\System\CurrentControlSet\Control\lsa]
"auditbasedirectories"=0   
"auditbaseobjects"=0   
"Bounds"=0x0030000000200000   
"crashonauditfail"=0   
"LimitBlankPasswordUse"=1   
"NoLmHash"=1   
"Security Packages"=""   [31/08/2016 13:25:02]
"Notification Packages"=scecli   
"Authentication Packages"=msv1_0   
"disabledomaincreds"=0   
"everyoneincludesanonymous"=0   
"forceguest"=0   
"fullprivilegeauditing"=0x80   
"LsaPid"=956   
"ProductType"=6   
"restrictanonymous"=0   
"restrictanonymoussam"=1   
"SamConnectedAccountsExist"=1   
"SecureBoot"=1   


---------- | .LNK with Arguments


---------- | AppCertDlls


---------- | Dnsapi.dll

C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts
C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts

---------- | Policies | Registry

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Control Panel\Desktop]
"ActiveWndTrackTimeout"=0   
"BlockSendInputResets"=0   
"CaretTimeout"=5000   
"CaretWidth"=1   
"ClickLockTime"=1200   
"CoolSwitchColumns"=7   
"CoolSwitchRows"=3   
"CursorBlinkRate"=530   
"DockMoving"=1   
"DragFromMaximize"=1   
"DragFullWindows"=1   
"DragHeight"=4   
"DragWidth"=4   
"FocusBorderHeight"=1   
"FocusBorderWidth"=1   
"FontSmoothing"=2   
"FontSmoothingGamma"=0   
"FontSmoothingOrientation"=1   
"FontSmoothingType"=2   
"ForegroundFlashCount"=7   
"ForegroundLockTimeout"=200000   
"LeftOverlapChars"=3   
"MenuShowDelay"=400   
"MouseWheelRouting"=2   
"PaintDesktopVersion"=0   
"Pattern"=0   
"RightOverlapChars"=3   
"ScreenSaveActive"=1   
"SnapSizing"=1   
"TileWallpaper"=0   
"WallPaper"=C:\WINDOWS\web\wallpaper\theme1\img13.jpg   [04/06/2017 12:09:08]
"WallpaperOriginX"=0   
"WallpaperOriginY"=0   
"WallpaperStyle"=10   
"WheelScrollChars"=3   
"WheelScrollLines"=3   
"WindowArrangementActive"=1   
"Win8DpiScaling"=0   
"DpiScalingVer"=4096   
"UserPreferencesMask"=0x9E1E078012000000   
"MaxVirtualDesktopDimension"=3840   
"MaxMonitorDimension"=3840   
"TranscodedImageCount"=1   
"LastUpdated"=4294967295   
"TranscodedImageCache"=0x7AC30100047E1300000F0000B004000015682B9B1ADDD20143003A005C00570049004E0044004F00570053005C007700650062005C00770061006C006C00700061007000650072005C007400680065006D00650031005C0069006D006700310033002E006A007000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   
"Pattern Upgrade"=TRUE   
"PreferredUILanguages"=fr-FR   
"WaitToKillAppTimeout"=200   

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0   

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ShellState"=0x240000003428000000000000000000000000000001000000130000000000000062000000   
"ExplorerStartupTraceRecorded"=1   
"UserSignedIn"=1   
"SIDUpdatedOnLibraries"=1   
"LocalKnownFoldersMigrated"=1   
"TelemetrySalt"=0   
"GlobalAssocChangedCounter"=46   
"FirstRunTelemetryComplete"=1   
"AppReadinessLogonComplete"=1   
"SlowContextMenuEntries"=0xBD0E0C47735D584D9CEDE91E22E23282380100000114020000000000C000000000000046AA0300007D6453D607D6F64DA5B848D2BA195F7B23020000DD85E44C95C3C446A9297B771D8A5655AB080000F5C1969EFA0E4843946015D6802C70AAAD050000   
"ScreenshotIndex"=119   

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_SearchFiles"=2   
"ServerAdminUI"=0   
"Hidden"=1   
"ShowCompColor"=1   
"HideFileExt"=0   
"DontPrettyPath"=0   
"ShowInfoTip"=1   
"HideIcons"=0   
"MapNetDrvBtn"=0   
"WebView"=1   
"Filter"=0   
"ShowSuperHidden"=0   
"SeparateProcess"=0   
"AutoCheckSelect"=0   
"IconsOnly"=0   
"ShowTypeOverlay"=1   
"ShowStatusBar"=1   
"ListviewAlphaSelect"=1   
"ListviewShadow"=1   
"TaskbarAnimations"=1   
"StoreAppsOnTaskbar"=1   
"EnableStartMenu"=1   
"StartMenuInit"=13   
"ReindexedProfile"=1   
"TaskbarSizeMove"=1   
"DisablePreviewDesktop"=1   
"TaskbarGlomLevel"=0   
"TaskbarStateLastRun"=0x34A04A5900000000   
"ShellViewReentered"=1   
"Start_TrackProgs"=0   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"DSCAutomationHostEnabled"=2   
"EnableCursorSuppression"=1   
"EnableFullTrustStartupTasks"=2   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableUwpStartupTasks"=2   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=1   
"SupportFullTrustStartupTasks"=1   
"SupportUwpStartupTasks"=1   
"ValidateAdminCodeSignatures"=0   
"undockwithoutlogon"=1   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"ForceActiveDesktopOn"=0   
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"NoRecentDocsHistory"=0   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=1   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"Id"=2   
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"ValueName"=Hidden   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ActiveSetupDisabled"=0   
"ActiveSetupTaskOverride"=1   
"AsyncRunOnce"=1   
"AsyncUpdatePCSettings"=1   
"DisableAppInstallsOnFirstLogon"=1   
"DisableResolveStoreCategories"=1   
"DisableUpgradeCleanup"=1   
"EarlyAppResolverStart"=1   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"FSIASleepTimeInMs"=60000   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"IconUnderline"=2   
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"MachineOobeUpdates"=1   
"NoWaitOnRoamingPayloads"=1   
"TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd}   
"AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD}   
"SmartScreenEnabled"=RequireAdmin   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_TrackDocs"=1   
"TaskbarSizeMove"=0   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"DSCAutomationHostEnabled"=2   
"EnableCursorSuppression"=1   
"EnableFullTrustStartupTasks"=2   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableUwpStartupTasks"=2   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=1   
"SupportFullTrustStartupTasks"=1   
"SupportUwpStartupTasks"=1   
"ValidateAdminCodeSignatures"=0   
"undockwithoutlogon"=1   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"ForceActiveDesktopOn"=0   
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"NoRecentDocsHistory"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=1   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"Id"=2   
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"ValueName"=Hidden   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer]
"ActiveSetupDisabled"=0   
"ActiveSetupTaskOverride"=1   
"AsyncRunOnce"=1   
"AsyncUpdatePCSettings"=1   
"DisableAppInstallsOnFirstLogon"=1   
"DisableResolveStoreCategories"=1   
"DisableUpgradeCleanup"=1   
"EarlyAppResolverStart"=1   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"FSIASleepTimeInMs"=60000   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"IconUnderline"=2   
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"MachineOobeUpdates"=1   
"NoWaitOnRoamingPayloads"=1   
"TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd}   
"AccessDeniedDialog"={100B4FC8-74C1-470F-B1B7-DD7B6BAE79BD}   
"GlobalAssocChangedCounter"=3   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_TrackDocs"=1   
"TaskbarSizeMove"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   


---------- | Winlogon 

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders   
"PUUActive"=0x1F6C5250070001000F0040004FFC0400B3760500B3760500D1000000010009008F44D80A42CF09003D9E070034D0020000350100CB370000A70000006A6C07007A110000B502000026E3C77FD6EAD201C7212200000000000100000000000000   
"BuildNumber"=16215   
"FirstLogon"=0   
"DP"=0xD000E805180001000F0000001F6C5250000000000000000026E3C77FD6EAD20126E3C77FD6EAD201000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F8051010041310100820021698004803D7DD80000102889184052C4381C806410C9819628008E86506D86EB403A60A844A028E80C13DB01221009007210040038B4CE090A00E63D0240091024B541A130301007340C0A780085046062115101105208640148002C200C01CC359E8414404439E25096030041C924656030428D1242804A283F4B000010404040671438240084A2749AC4A518345422200148920055392162123040694009A608089A106000251F10AE32214686980612A42D40020CA20602E0812128487788188438021222188012A32010180060B92A485220040120882808200004A0004021000805022A20002048129C2002689108240D900018003D441728008022427440C02808424680404A202A1120007544284806400A0B00023140A0510082098A288220C444480C010008490816C049100820268C0261109A29210E3544912002174008092410227220410EC8528164212840058268C84464123005880487920002490D3000FA0A803310A0431D82209330917300022E0C14024F7E00002558B165310E200007008021C040402088413021234285540784840188000D00421010004801102120544630401CB6100034002080A8924691CC020491A1C2050412054448A60050C6000E1038222D2240A450000002984881E0334510C2E029608143010411C403A811A62051841968804001128C49102000017842BA3800809905A9290A440008A607500C1B138258420002781CF6822050CD31110059862525C2A112410A22002C84950A0461282006985402283740010008042004440A623380022023824A40400480200400080421018620001A3E21443100000D082068B0808E1300025D04820E580021B1850C832283021900296390846244508800808904002806014A000C148A035110200700044642834BC100011801610098912413B00A2120B46D000134385983B50A02005104204021400068080C4810826420300A822C08804200A0068C0022078230000335430043A8008B4C100A9088922043290E0D482891446232C02013910068602B163818921006E8080049F006014001282000022028111680C0440A18A400700319080028A15489502A04212210333120096410464464453932029008A10011129868A44044350031CA12483805030C30752521916165801803044145104A046131322502D010B91164505808C22342485B481108415A280010033176845C0200C20C8D0E11283C01087C9A4A008005D033104605110925402028201841065B1A1014D882202649A90342D0001008008F407002008948460700101E5054190106884FE5520A702041080718E280004312035C082889164204227107248042810613060201A8256908800707202C52D09101001604216AC110002990BA0C009C0319100C400322905258703CD00080153202024204013A026023018888080649000501040A222204A05430C000860008085244110108429446C02C821F09007E8982140011CC0821078002C00200203400C0000B80476842888110000020000330204444546201200221721229E41039114402408230226AB1F000203A85252488101501780332A4A01920EDCD00800031591920040A2213820840C829400101700373B42C424860010C0043ACB14404040110C68AA0031704082038841779100A81425809101786D0240C13A020009030615280D06434B280100401BA0000552100101C1225040241002040098F51521286018130CE0852202B5EA0504640130227140008090239432120142E0100118340000100C0235008820F0218040010AD01206252500244621000087A800002D60064032AF4021004080524F88C320013680A44043B764420080581800608542300155038720806C884200483A910802075040350882050033104A90006188C223300802821780611B0241921000040A4801920600E0041442A4000000000   
"ParseAutoexec"=1   

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"AutoRestartShell"=1   
"Background"=0 0 0   
"CachedLogonsCount"=10   
"DebugServerCommand"=no   
"DefaultDomainName"=   
"DisableBackButton"=1   
"EnableSIHostIntegration"=1   
"ForceUnlockLogon"=0   
"LegalNoticeCaption"=   
"LegalNoticeText"=   
"PasswordExpiryWarning"=5   
"PowerdownAfterShutdown"=0   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"ReportBootOk"=1   
"Shell"=explorer.exe   
"ShellCritical"=0   
"ShellInfrastructure"=sihost.exe   
"SiHostCritical"=0   
"SiHostReadyTimeOut"=0   
"SiHostRestartCountLimit"=0   
"SiHostRestartTimeGap"=0   
"Userinit"=C:\WINDOWS\system32\userinit.exe,   
"VMApplet"=SystemPropertiesPerformance.exe /pagefile   
"WinStationsDisabled"=0   
"scremoveoption"=0   
"AutoAdminLogon"=0   
"DefaultUserName"=Utilisateur   
"LastLogOffEndTimePerfCounter"=11918318304   
"ShutdownFlags"=2147483691   
"DisableCad"=1   
"DisableLockWorkstation"=0   
"EnableFirstLogonAnimation"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DefaultDomainName"=   
"DefaultUserName"=   
"EnableSIHostIntegration"=1   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"Shell"=explorer.exe   
"ShellCritical"=0   
"SiHostCritical"=0   
"SiHostReadyTimeOut"=0   
"SiHostRestartCountLimit"=0   
"SiHostRestartTimeGap"=0   


---------- | Associations

[HKLM\Software\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\Classes\.com]
""=comfile   

[HKLM\Software\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.reg]
""=regfile   

[HKLM\Software\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\Classes\.scr]
""=scrfile   

[HKLM\Software\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\Classes\.bat]
""=batfile   

[HKLM\Software\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.cmd]
""=cmdfile   

[HKLM\Software\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.pif]
""=piffile   

[HKLM\Software\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.inf]
""=inffile   

[HKLM\Software\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\Classes\.url]
""=InternetShortcut   

[HKLM\Software\Classes\.lnk]
""=lnkfile   

[HKLM\Software\Classes\.hta]
""=htafile   
"Content Type"=application/hta   
"PerceivedType"=text   

[HKLM\Software\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %*   

[HKLM\Software\Classes\InternetShortcut]
"EditFlags"=2   
"FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"NeverShowExt"=   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   
""=Raccourci Internet   

[HKLM\Software\Classes\Application.Manifest]
""=Application Manifest   
"BrowserFlags"=4096   
"EditFlags"=4259840   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200   

[HKLM\Software\Classes\Application.Reference]
""=Application Reference   
"EditFlags"=131072   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201   
"IsShortcut"=   
"NeverShowExt"=   

[HKLM\Software\Classes\Folder]
""=Folder   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeLayoutPatternForSearch"=alpha   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.HomeGroupSharingStatus   

[HKLM\Software\WOW6432Node\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.com]
""=comfile   

[HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.reg]
""=regfile   

[HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\WOW6432Node\Classes\.scr]
""=scrfile   

[HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\WOW6432Node\Classes\.bat]
""=batfile   

[HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.cmd]
""=cmdfile   

[HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.pif]
""=piffile   

[HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.inf]
""=inffile   

[HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\WOW6432Node\Classes\.url]
""=InternetShortcut   

[HKLM\Software\WOW6432Node\Classes\.lnk]
""=lnkfile   

[HKLM\Software\WOW6432Node\Classes\.hta]
""=htafile   
"Content Type"=application/hta   
"PerceivedType"=text   

[HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %*   

[HKLM\Software\WOW6432Node\Classes\InternetShortcut]
"EditFlags"=2   
"FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"NeverShowExt"=   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   
""=Raccourci Internet   

[HKLM\Software\WOW6432Node\Classes\Application.Manifest]
""=Application Manifest   
"BrowserFlags"=4096   
"EditFlags"=4259840   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200   

[HKLM\Software\WOW6432Node\Classes\Application.Reference]
""=Application Reference   
"EditFlags"=131072   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201   
"IsShortcut"=   
"NeverShowExt"=   

[HKLM\Software\WOW6432Node\Classes\Folder]
""=Folder   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeLayoutPatternForSearch"=alpha   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.HomeGroupSharingStatus   

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command]
""="C:\Program Files\Mozilla Firefox\firefox.exe"   
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo]
"ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command]
""="C:\Program Files\Mozilla Firefox\firefox.exe"   
[HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo]
"ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files\Internet Explorer\iexplore.exe   [05/06/2017 08:58:21]
[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command]
""="C:\Program Files\Mozilla Firefox\firefox.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo]
"ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files\Internet Explorer\iexplore.exe   [05/06/2017 08:58:21]
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall


---------- | AppcompatFlags

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe"=32
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe"=32

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"SIGN.MEDIA=117A629 autorun.exe"=0x5341435001000000000000000700000028000000F86D2B00278B2B000100000000000000000000067102000070D84B2B7292D2010000000000000000
"SIGN.MEDIA=4AC396C Drivers\06_Airplane\setup.exe"=0x5341435001000000000000000700000028000000D8190D00469C0D000100000000000000000003060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000064620000000000000100000001000000
"SIGN.MEDIA=3539E99 Options\00_IRST\SetupRST.exe"=0x534143500100000000000000070000002800000068E6D400796FD50001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000CCA40000000000000200000002000000
"SIGN.MEDIA=B78A60 Options\02_Finger\Synaptics\Syna_WBFUSB_Viper_FPReader_Setup_WHCK.exe"=0x5341435001000000000000000700000028000000608AB700A34FB80001000000000000000000000A7120000019B4C529E312D101000000000000000002000000280000000000000000080040000000000000000000000000000000002A060000000000000100000001000000
"SIGN.MEDIA=44790 Options\03_SBX\setup.exe"=0x5341435001000000000000000700000028000000C8470400E86A040001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000002EA60100000000000100000001000000
"\\192.168.0.41\atelier\LOGICIELS\Apps Reinstall\7Zip.exe"=0x5341435001000000000000000700000028000000CCF11000000000000100000000000000000000067100000019B4C529E312D10100000000000000000200000028000000000000000008004000000000000000000000000000000000A7760000000000000100000001000000
"\\192.168.0.41\atelier\LOGICIELS\Apps Reinstall\LibreOffice_5.0.6_Win_x86.msi"=0x53414350010000000000000007000000280000000002010066CD01000100000000000000000001050010000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000009F1F0300000000000100000001000000
"\\192.168.0.41\atelier\LOGICIELS\Apps Reinstall\vlc-2.2.4-win32.exe"=0x534143500100000000000000070000002800000038E8D1015414D2010100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000005CB40000000000000100000001000000
"C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe"=0x5341435001000000000000000700000028000000C80304001B58040001000000000000000000000A8021000070D84B2B7292D201000000000000000002000000280000000000000000000000000000000000000000000000000000007EFF4500000000000600000006000000
"C:\Users\Utilisateur\Downloads\SteamSetup.exe"=0x534143500100000000000000070000002800000088131600052B160001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000B4380000000000000100000001000000
"C:\Program Files (x86)\Creative\ALchemy\ALchemy.exe"=0x5341435001000000000000000700000028000000C8ED06003DB507000100000000000000000001060001000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000BF170000000000000100000001000000
"C:\Users\Utilisateur\Downloads\UplayInstaller.exe"=0x53414350010000000000000007000000280000003840BA03F395BA0301000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000C3128900000000000100000001000000
"SIGN.MEDIA=110E16B8 Setup.exe"=0x534143500100000000000000070000002800000088151200840B13000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000F856EB02000000000100000001000000
"C:\Users\Utilisateur\Downloads\winrar-x64-540fr.exe"=0x534143500100000000000000070000002800000058D92200119C230001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000B72D0000000000000100000001000000
"C:\Program Files\WinRAR\WinRAR.exe"=0x534143500100000000000000070000002800000090AB1700BE9B180001000000000000000000000A00210000762A2FB21ADDD20100000000000000000200000028000000000000000000000000000000000000000000000000000000B3C80900000000004700000047000000
"C:\Users\Utilisateur\Downloads\nvidia-inspector_1-9-7-6_en_338154\nvidiaInspector.exe"=0x534143500100000000000000070000002800000000DE06000000000001000000000000000000000AF522000059193B14E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000201F0000000000000100000001000000
"C:\Users\Utilisateur\Downloads\nvidia-inspector_1-9-7-6_en_338154\nvidiaProfileInspector.exe"=0x5341435001000000000000000700000028000000004A05000000000001000000000000000000000AF522000059193B14E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000566E0100000000000100000001000000
"C:\Program Files\Rockstar Games\Grand Theft Auto V\PlayGTAV.exe"=0x5341435001000000000000000700000028000000987F9B0055919B0001000000000000000000000A73220000762A2FB21ADDD20100000000000000000200000028000000000000000000000000000000000000000000000000000000D1F69A04000000002600000026000000
"E:\Unreal Engine\Epic Games\4.12\Engine\Extras\Redist\en-us\UE4PrereqSetup_x64.exe"=0x534143500100000000000000070000002800000030BE62020FEA62020100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000C92A0000000000000100000001000000
"E:\Unreal Engine\Epic Games\Launcher\Engine\Binaries\Win64\UnrealVersionSelector.exe"=0x5341435001000000000000000700000028000000C0351500DE78150001000000000000000000000A7322000059193B14E312D1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000013020000000000000200000002000000
"C:\Users\Utilisateur\Downloads\fbx20161_2_fbxsdk_vs2013_win.exe"=0x5341435001000000000000000700000028000000F870EF059650F0050100000000000000000000067100000019B4C529E312D10100000000000000000200000028000000000000000008004000000000000000000000000000000000982E0200000000000200000002000000
"SIGN.MEDIA=121C58 wdexpress_full.exe"=0x5341435001000000000000000700000028000000581C1200EF7E120001000000000000000000000A0021000019B4C529E312D101000000800000000002000000280000000000000000000010000000000000000000000000000000008C7B0600000000000400000004000000
"C:\Users\Utilisateur\Downloads\OriginThinSetup.exe"=0x5341435001000000000000000700000028000000900DDF01E55BDF010100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F6560400000000000100000001000000
"C:\Users\Utilisateur\Downloads\GMStudio-Installer-1.4.1757.exe"=0x534143500100000000000000070000002800000058112E07440A2F0701000000000000000000010600010000EC0226F94500D20100000000000000000200000028000000000000000000000000000000000000000000000000000000AB430B00000000000100000001000000
"C:\Users\Utilisateur\Downloads\rehd-noblaya-2cfad7d5afa540d\rehd-noblaya.exe"=0x534143500100000000000000070000002800000021240B000000000001000000000000000000000A71200000EC0226F94500D201000000000000000002000000280000000000000000000000000000000000000000000000000000008F080900000000000100000001000000
"C:\Users\Utilisateur\Downloads\Nexus Mod Manager-0.61.23.exe"=0x5341435001000000000000000700000028000000C80961000B78610001000000000000000000000A00210000EC0226F94500D201000000000000000002000000280000000000000000000040000000000000000000000000000000003D8D0000000000000100000001000000
"C:\Users\Utilisateur\Downloads\UnityDownloadAssistant-5.4.0f3.exe"=0x534143500100000000000000070000002800000038F60A00CB310B0001000000000000000000010600010000EC0226F94500D2010000000000000000
"D:\Unity\Editor\Unity.exe"=0x5341435001000000000000000700000028000000D827830390A2830301000000000000000000000A00210000752E1A03CC3CD201000000000000000002000000280000000000000000000000000000000000000000000000000000002428E400000000000600000006000000
"C:\Users\Utilisateur\Downloads\BethesdaNetLauncher_Setup (1).exe"=0x53414350010000000000000007000000280000008898730062B5730001000000000000000000000A00210000EC0226F94500D20100000000000000000200000028000000000000008000004000000000000000000000000000000000B3B50000000000000100000001000000
"C:\Users\Utilisateur\Downloads\npp.6.9.2.Installer.exe"=0x5341435001000000000000000700000028000000A841400008F9400001000000000000000000010671000000EC0226F94500D20100000000000000000200000028000000000000000008004000000000000000000000000000000000F25F0000000000000100000001000000
"C:\Users\Utilisateur\Downloads\w2dc-noblaya-7102ef6beddedf2\w2dc-noblaya.exe"=0x534143500100000000000000070000002800000025740E000000000001000000000000000000000A732200005C92D7CC4500D2010000000000000000020000002800000000000000000000400000000000000000000000000000000092980E00000000000100000001000000
"C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe"=0x5341435001000000000000000700000028000000C83A5E0094865E0001000000000000000000000A002100005C92D7CC4500D2010000000000000000020000002800000000000000000000000000000000000000000000000000000058CAC201000000000100000001000000
"C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE"=0x5341435001000000000000000700000028000000C0E68A012E458B0101000000000000000000000A00210000EC0226F94500D2010000009100000000
"C:\Users\Utilisateur\OneDrive\Power and Revolution\par_fr_dl_610.exe"=0x534143500100000000000000070000002800000098B5F065AFCEF06501000000000000000000010671020000EC0226F94500D20100000000000000000200000028000000000000000000004000000000000000000000000000000000A59A0100000000000100000001000000
"C:\Users\Utilisateur\OneDrive\Power and Revolution\pgs_fr_dl_621_addon.exe"=0x53414350010000000000000007000000280000001062E70C9D3FE80C01000000000000000000010671020000EC0226F94500D201000000000000000002000000280000000000000000000040000000000000000000000000000000007D340000000000000100000001000000
"C:\Users\Utilisateur\OneDrive\Power and Revolution\pmt_fr_dl_622_addon.exe"=0x53414350010000000000000007000000280000006079771053FB771001000000000000000000010671020000EC0226F94500D20100000000000000000200000028000000000000000000004000000000000000000000000000000000A3190000000000000100000001000000
"D:\Game\Power & Revolution (français)\_start.exe"=0x534143500100000000000000070000002800000088AC640080F5640001000000000000000000000A7122000099E63F362530D201000000000000000002000000280000000000000000000000000000000000000000000000000000002A223C00000000000600000006000000
"C:\Users\Utilisateur\Downloads\Star_Citizen_Launcher_Setup.exe"=0x534143500100000000000000070000002800000096CEA4060000000001000000000000000000000671000000EC0226F94500D20100000000000000000200000028000000000000008008004000000000000000000000000000000000C4E50500000000000100000001000000
"D:\Games\Cloud Imperium Games\CIGLauncher.exe"=0x534143500100000000000000020000002800000000000000000000400000000000000000000000000000000073000200000000000100000001000000070000002800000000B000000000000001000000000000000000000AF5220000EDFEA142F60BD2010000000000000000
"C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe"=0x5341435001000000000000000700000028000000387206004631070001000000000000000000000A00210000A980D27BC710D201000000000000000002000000280000000000000080000040000000000000000000000000000000007F360700000000000100000001000000
"C:\Users\Utilisateur\Downloads\372.90-desktop-win10-64bit-international-whql.exe"=0x5341435001000000000000000700000028000000D81D3715B6B3371501000000000000000000020600010000A980D27BC710D20100000000000000000200000028000000000000000000004000000000000000000000000000000000590E0300000000000100000001000000
"D:\Games\Steam\steamapps\common\Rollercoaster Tycoon 2\Install\setup.exe"=0x5341435001000000000000000700000028000000F8A30100A81F020001000000000000000000010571000000A980D27BC710D20100000000000000000200000028000000000000000008004000000000000000000000000000000000895B0100000000000400000004000000
"D:\Games\Steam\steamapps\common\Rollercoaster Tycoon 2\rct2.exe"=0x5341435001000000000000000700000028000000008A67001000010001000000000000000000000A61200000A980D27BC710D20100000000000000000500000010000000000000000000000000000000200000000200000028000000000000002000006000000000000000000000000000000000F2540400000000000100000001000000
"C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE"=0x5341435001000000000000000700000028000000C8E2D9015286DA0101000000000000000000000A00210000A980D27BC710D2010000009100000000
"C:\Users\Utilisateur\Downloads\ce-launcher.exe"=0x5341435001000000000000000700000028000000789A25043392260401000000000000000000010600010000A980D27BC710D20100000000000000000200000028000000000000008000004000000000000000000000000000000000528C0000000000000100000001000000
"C:\Program Files (x86)\Cheat Engine 6.5.1\Cheat Engine.exe"=0x534143500100000000000000070000002800000008230500E0E0050001000000000000000000000A61220000A980D27BC710D201000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000001EC20200000000000300000003000000
"C:\Program Files (x86)\Cheat Engine 6.5.1\cheatengine-x86_64.exe"=0x5341435001000000000000000700000028000000085BA700FEC0A70001000000000000000000000A002100002A1B0F5AC710D20100000000000000000200000028000000000000000000004000000000000000000000000000000000BFCD0000000000000100000001000000
"SIGN.MEDIA=2500FD3 Autorun.exe"=0x534143500100000000000000070000002800000000C002000000000001000000000000000000010571200000A980D27BC710D20100000000000000000200000028000000000000008000000000000000000000000000000000000000AA640900000000000100000001000000
"D:\Crytek\CRYENGINE Launcher\live\CRYENGINE_Launcher.exe"=0x5341435001000000000000000700000028000000F84B48031B49490301000000000000000000000A00210000C227CE2BCC3CD20100000000000000000200000028000000000000008000000000000000000000000000000000000000156E0800000000000300000003000000
"C:\Users\Utilisateur\Downloads\chofflinekeyreq\CH_requestkey.exe"=0x5341435001000000000000000700000028000000004400000000000001000000000000000000000671200000C227CE2BCC3CD201000000000000000002000000280000000000000000000000000000000000000000000000000000008B9F2100000000000300000003000000
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\VsImmersiveActivateHelper140.exe"=0x5341435001000000000000000700000028000000F8A601000ED6010001000000000000000000030600010000C227CE2BCC3CD201000000000000000002000000280000000000000000000040000000000000000000000000000000001F000000000000000200000002000000
"C:\Program Files (x86)\Steam\bin\steamservice.exe"=0x534143500100000000000000070000002800000020451600724C160001000000000000000000000A00210000C227CE2BCC3CD2010000000000000000020000002800000000000000000000400000000000000000000000000000000022310000000000002400000024000000
"C:\Users\Utilisateur\Downloads\373.06-desktop-win10-64bit-international-whql.exe"=0x5341435001000000000000000700000028000000A85148157939491501000000000000000000020600010000CD85FFE1BE26D20100000000000000000200000028000000000000000000004000000000000000000000000000000000E2B60200000000000100000001000000
"C:\Users\Utilisateur\Downloads\qbittorrent_3.3.7_setup.exe"=0x53414350010000000000000007000000280000009631FB000000000001000000000000000000020600010000CD85FFE1BE26D20100000000000000000200000028000000000000000000004000000000000000000000000000000000BE8E0100000000000100000001000000
"C:\Users\Utilisateur\Downloads\purevpn_setup.exe"=0x53414350010000000000000007000000280000003057D4012A36D50101000000000000000000000A00210000CD85FFE1BE26D201000000000000000002000000280000000000000000000040000000000000000000000000000000003ECA0800000000000100000001000000
"D:\Games\Ark Server Manager\ARK Server Manager.exe"=0x5341435001000000000000000700000028000000309D140080BF140001000000000000000000000AF52200003928B1BB702BD2010000000000000000050000001000000000000000000000000000000020000000020000002800000000000000200000600000000000000000000000000000000017BED100000000000500000005000000
"E:\SteamLibrary\steamapps\common\ARKDevKit\ARKDevKitLaunch.bat"=0x5341435001000000000000000700000028000000007C0300A058040001000000000000000000010500100000C227CE2BCC3CD2010000000000000000
"E:\SteamLibrary\steamapps\common\ARKDevKit\ARKDevKit.bat"=0x534143500100000000000000070000002800000000460400381B0500010000000000000000000105001000003928B1BB702BD2010000000000000000
"C:\Users\Utilisateur\Downloads\fi17-noblaya-83d7ec03e17aa73\fi17-noblaya.exe"=0x5341435001000000000000000700000028000000296E10000000000001000000000000000000000A732200003928B1BB702BD2010000000000000000020000002800000000000000000000400000000000000000000000000000000041B91D00000000000100000001000000
"C:\Users\Utilisateur\Downloads\paint.net.4.0.12.install\paint.net.4.0.12.install.exe"=0x5341435001000000000000000700000028000000E8E86B0024246C0001000000000000000000010600010000DC7A5F0E712BD20100000000000000000200000028000000000000000000004000000000000000000000000000000000BA920000000000000100000001000000
"C:\Users\Utilisateur\Downloads\civ6-noblaya-541df1bf8090b50\civ6-noblaya.exe"=0x53414350010000000000000007000000280000001A5610000000000001000000000000000000000A73220000691522EE4E37D20100000000000000000200000028000000000000000000004000000000000000000000000000000000A9DBB200000000000600000006000000
"C:\Program Files\paint.net\PaintDotNet.exe"=0x5341435001000000000000000700000028000000D0EC1A00B5D11B0001000000000000000000000A80210000C48C08A5BD69D20100000000000000000200000028000000000000000000001000000000000000000000000000000000F884FC01000000000200000002000000
"C:\Users\Utilisateur\Downloads\mm-noblaya-53e33c8338de8c9\mm-noblaya.exe"=0x53414350010000000000000007000000280000001AAC40010000000001000000000000000000000A71220000C227CE2BCC3CD20100000000000000000200000028000000000000000000004000000000000000000000000000000000D0F45A02000000000500000005000000
"D:\Games\Origin\FIFA 17\FIFA17.exe"=0x5341435001000000000000000700000028000000B083490851DE490801000000000000000000000A00210000691522EE4E37D2010000000000000000020000002800000000000000100000200000000000000000000000000000000057C70000000000000200000002000000
"E:\Amazon\Lumberyard\1.5.0.0\dev\Bin64\Editor.exe"=0x53414350010000000000000002000000280000000000000000000000000000000000000000000000000000008E29BC00000000000200000002000000070000002800000000D053017AE7530101000000000000000000000A73220000752E1A03CC3CD2010000000000000000
"C:\Users\Utilisateur\Downloads\powersaves3ds-software-143\powersaves_setup_v1.43.exe"=0x53414350010000000000000007000000280000007BA546000000000001000000000000000000030600010000C227CE2BCC3CD201000000000000000002000000280000000000000000000000000000000000000000000000000000003D440000000000000100000001000000
"C:\Users\Utilisateur\Downloads\Nexus Mod Manager-0.63.9.exe"=0x534143500100000000000000070000002800000068796200FED3620001000000000000000000000A00210000C227CE2BCC3CD20100000000000000000200000028000000000000000000004000000000000000000000000000000000BB9F0000000000000100000001000000
"C:\Program Files\Rockstar Games\Grand Theft Auto V\GTAVLauncher.exe"=0x5341435001000000000000000700000028000000986943011006440101000000000000000000000A73220000752E1A03CC3CD2010000000000000000020000002800000000000000000000000000000000000000000000000000000064300400000000000200000002000000
"C:\Users\Utilisateur\Downloads\powersaves3ds-software-145\powersaves_setup_v1.45.exe"=0x53414350010000000000000007000000280000002BA946000000000001000000000000000000030600010000C227CE2BCC3CD20100000000000000000200000028000000000000000000000000000000000000000000000000000000C5D40D00000000000100000001000000
"C:\Program Files (x86)\Action Replay PowerSaves 3DS\PowerSaves3DS.exe"=0x5341435001000000000000000700000028000000009C8E00167C8F0001000000000000000000000A71220000C227CE2BCC3CD2010000000000000000020000002800000000000000000000000000000000000000000000000000000075D10400000000000200000002000000
"C:\Users\Utilisateur\Downloads\fcp-noblaya-4e194dcd1667766\fcp-noblaya.exe"=0x534143500100000000000000070000002800000028C20E000000000001000000000000000000000A73220000752E1A03CC3CD20100000000000000000200000028000000000000000000004000000000000000000000000000000000B56B2200000000000100000001000000
"C:\Users\Utilisateur\Downloads\ytl-noblaya-3ac17f61f2f3c05\ytl-noblaya.exe"=0x5341435001000000000000000700000028000000157026010000000001000000000000000000000A71220000C227CE2BCC3CD201000000000000000002000000280000000000000000000040000000000000000000000000000000006036B200000000000200000002000000
"SIGN.MEDIA=FD1177F9 Autorun.exe"=0x5341435001000000000000000700000028000000000010000000000001000000000000000000010571200000C227CE2BCC3CD20100000000000000000200000028000000000000008000000000000000000000000000000000000000F07C0A00000000000100000001000000
"C:\Program Files (x86)\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000C01702001B81020001000000000000000000000A61220000C227CE2BCC3CD201000000000000000002000000280000000000000000000010000000000000000000000000000000008ED13A00000000000400000004000000
"C:\Users\Utilisateur\Downloads\Setup_MakeMKV_v1.10.2.exe"=0x534143500100000000000000070000002800000065B2A20041B6010001000000000000000000010600010000C227CE2BCC3CD2010000000000000000020000002800000000000000000000400000000000000000000000000000000080241700000000000100000001000000
"C:\Program Files (x86)\MakeMKV\makemkv.exe"=0x534143500100000000000000070000002800000000443006F31F310601000000000000000000000A71200000C227CE2BCC3CD2010000000000000000020000002800000000000000000000000000000000000000000000000000000031426100000000000300000003000000
"SIGN.MEDIA=6BCD78 Autorun.exe"=0x534143500100000000000000070000002800000000B000000000000001000000000000000000010571200000C227CE2BCC3CD201000000000000000002000000280000000000000080000000000000000000000000000000000000001F1D0300000000000100000001000000
"SIGN.MEDIA=1C0C090 Autorun.exe"=0x534143500100000000000000070000002800000000C000000000000001000000000000000000010571200000C227CE2BCC3CD20100000000000000000200000028000000000000008000000000000000000000000000000000000000994A0600000000000300000003000000
"D:\Games\Steam\steamapps\common\RailWorks\RailWorks.exe"=0x534143500100000000000000070000002800000000CA0500510A060001000000000000000000000A71220000C227CE2BCC3CD20100000000000000000200000050000000000000001000002000000000000000000000000000000000F2D6010000000000010000000100000000000000000000000000000001000000000000000000000039430200000000000100000000000000
"D:\Games\Atari\RollerCoaster Tycoon 3\RCT3.EXE"=0x5341435001000000000000000700000028000000005400000000000001000000000000000000010571200000C227CE2BCC3CD20100000000000000000200000028000000000000001000002000540000000000000000000000000000D8916100000000000700000007000000
"C:\Users\Utilisateur\Downloads\twom-noblaya-bf949d7030db50b\twom-noblaya.exe"=0x5341435001000000000000000700000028000000181A0B000000000001000000000000000000000A71200000C227CE2BCC3CD20100000000000000000200000028000000000000000000000000000000000000000000000000000000898B0001000000000400000004000000
"C:\Users\Utilisateur\Downloads\dreamset249x64\dreamset.exe"=0x5341435001000000000000000700000028000000007CA3000000000001000000000000000000000A73220000752E1A03CC3CD2010000000000000000020000002800000000000000000000000000000000000000000000000000000005191400000000000200000002000000
"C:\Users\Utilisateur\Downloads\FileZilla_3.22.2.2_win64-setup_bundled2.exe"=0x534143500100000000000000070000002800000008E265002D73660001000000000000000000000A00210000C227CE2BCC3CD20100000000000000000200000028000000000000000000004000000000000000000000000000000000F0770300000000000100000001000000
"C:\Users\Utilisateur\Downloads\dcc296\DCC.exe"=0x5341435001000000000000000700000028000000005265000000000001000000000000000000000671200000C227CE2BCC3CD20100000000000000000200000028000000000000000000000000000200000000000000000000000000356A0300000000000100000001000000
"C:\Program Files\FileZilla FTP Client\filezilla.exe"=0x5341435001000000000000000700000028000000B0DCBF0060A4C00001000000000000000000000A00210000752E1A03CC3CD201000000000000000002000000280000000000000000000000000000000000000000000000000000007BFDAF01000000000500000005000000
"C:\Users\Utilisateur\Downloads\UnityDownloadAssistant-5.5.0f3.exe"=0x5341435001000000000000000700000028000000002F0B0001640B0001000000000000000000010600010000C227CE2BCC3CD20100000000000000000200000028000000000000000000004000000000000000000000000000000000CE9B0100000000000100000001000000
"E:\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe"=0x534143500100000000000000070000002800000088CE08001CB6090001000000000000000000030600010000C227CE2BCC3CD201000000C000000000020000002800000000000000000000100000000000000000000000000000000017810000000000000100000001000000
"D:\Games\Singles 2\Singles2.exe"=0x53414350010000000000000007000000280000000070770022C0770001000000000000000000010571200000C227CE2BCC3CD2010000000000000000020000007800000000000A042000006000000000000000000000000000000000C60E000000000000010000000100000000020105200000600000000000000000000000000000000010270000000000000100000000000000000000000000000000000000000000000000000000000000901C0000000000000100000000000000
"C:\Users\Utilisateur\Downloads\376.19-desktop-win10-64bit-international-whql.exe"=0x5341435001000000000000000700000028000000A0817E176C5D7F1701000000000000000000020600010000C227CE2BCC3CD2010000000000000000020000002800000000000000000000400000000000000000000000000000000065DF0300000000000100000001000000
"C:\Users\Utilisateur\Downloads\DSLtest2107.exe"=0x534143500100000000000000070000002800000000AE17000000000001000000000000000000030671000000C227CE2BCC3CD20100000000000000000500000010000000000000000000000000000106200000000200000050000000000001062000006000000000000000000000000000000000530E010000000000010000000100000000000000000000400400000000000000000000000000000086710000000000000100000000000000
"C:\Users\Utilisateur\Downloads\maLivebox_setup_3.4.0.0.exe"=0x5341435001000000000000000700000028000000F01EB404A3B5B40401000000000000000000010600010000C227CE2BCC3CD2010000000000000000
"C:\Users\Utilisateur\Downloads\setup-x86_64.exe"=0x534143500100000000000000070000002800000013FC0D000000000001000000000000000000000A00210000752E1A03CC3CD20100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000168D0800000000000100000001000000
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe"=0x5341435001000000000000000700000028000000C83E8000A554800001000000000000000000000A71220000706DD1C7BD69D201000000000000000002000000280000000000000000000000000000000000000000000000000000004103AA00000000000300000003000000
"E:\Unreal Engine\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe"=0x53414350010000000000000002000000280000000000000000000000000000000000000000000000000000004AB700000000000001000000010000000700000028000000C08FA001C8B0A00101000000000000000000000A73220000762A2FB21ADDD2010000000000000000
"C:\Program Files (x86)\Notepad++\notepad++.exe"=0x5341435001000000000000000700000028000000B09C22000C3B230001000000000000000000000A00210000762A2FB21ADDD20100000000000000000200000028000000000000000000000000000000000000000000000000000000BB169F04000000002F0000002F000000
"C:\Users\Utilisateur\Downloads\GPU-Z.0.8.7.exe"=0x534143500100000000000000070000002800000028A71B0095C71B0001000000000000000000000A71220000F4708272724DD20100000000000000000200000028000000000000000000004000000000000000000000000000000000A6790300000000000100000001000000
"C:\Users\Utilisateur\Downloads\cpu-z_1.77-en\cpuz_x64.exe"=0x5341435001000000000000000700000028000000D8583500C924360001000000000000000000000A00210000A3483754724DD20100000000000000000200000028000000000000000000004000000000000000000000000000000000C6F30000000000000100000001000000
"C:\Users\Utilisateur\Downloads\kav_setup.exe"=0x5341435001000000000000000700000028000000A835DA00F648DA0001000000000000000000020600010000F4708272724DD201000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000050000000000000000000000000000000002F0D0000000000000100000001000000
"C:\Users\Utilisateur\Downloads\bitpro.exe"=0x5341435001000000000000000700000028000000D05E9C01A8959C0101000000000000000000000A00210000F4708272724DD201000000000000000002000000280000000000000000000040000000000000000000000000000000002E290B00000000000100000001000000
"C:\Users\Utilisateur\Downloads\FurMark_1.11.0_Setup.exe"=0x5341435001000000000000000700000028000000DD7E49000000000001000000000000000000020600010000F4708272724DD2010000000000000000020000002800000000000000000000400000000000000000000000000000000058350000000000000100000001000000
"C:\Users\Utilisateur\Downloads\instspeedfan452.exe"=0x534143500100000000000000070000002800000068192F008906300001000000000000000000000A00210000F4708272724DD201000000000000000002000000280000000000000000000040000000000000000000000000000000000E1D0000000000000100000001000000
"C:\Program Files (x86)\SpeedFan\speedfan.exe"=0x5341435001000000000000000700000028000000889C7C0033627D0001000000000000000000000A00210000706DD1C7BD69D201000000000000000002000000280000000000000000000040000000000000000000000000000000003B830300000000000200000002000000
"C:\Users\Utilisateur\Downloads\spsetup130.exe"=0x5341435001000000000000000700000028000000C00660008435600001000000000000000000010600010000F4708272724DD2010000000000000000020000002800000000000000000000400000000000000000000000000000000050F0E200000000000100000001000000
"C:\Users\Utilisateur\Downloads\hw64_542.exe"=0x534143500100000000000000070000002800000010A73900304F3A0001000000000000000000010600010000F4708272724DD20100000000000000000200000028000000000000000000004000000000000000000000000000000000AD1F0000000000000100000001000000
"C:\Program Files\HWiNFO64\HWiNFO64.EXE"=0x5341435001000000000000000700000028000000703E34002F3A350001000000000000000000000A00210000A3483754724DD2010000000000000000020000002800000000000000000000400000000000000000000000000000000091DDDC00000000000100000001000000
"C:\Users\Utilisateur\Downloads\subs-noblaya-3d07f81014d4f85\subs-noblaya.exe"=0x534143500100000000000000070000002800000048CA0A000000000001000000000000000000000A71220000F4708272724DD2010000000000000000020000002800000000000000000000400000000000000000000000000000000048601C00000000000100000001000000
"D:\Games\Steam\steamapps\common\Subsistence\Binaries\UnSetup.exe"=0x534143500100000000000000070000002800000040351000C01C1100010000000000000000000306F5020000A3483754724DD20100000000000000000200000028000000000000000000004000000000000000000000000000000000680E0000000000000100000001000000
"E:\Blender Foundation\Blender\blender.exe"=0x534143500100000000000000070000002800000000260E060000000001000000000000000000000A73220000A3483754724DD201000000000000000002000000280000000000000000000000000000000000000000000000000000004D2B2600000000000200000002000000
"D:\Games\Origin\The Sims 4\Game\Bin\TS4.exe"=0x534143500100000000000000070000002800000018F73E019A373F0101000000000000000000000A00210000F4708272724DD20100000000000000000200000028000000000000000000000000000000000000000000000000000000665C8400000000000200000002000000
"E:\SteamLibrary\steamapps\common\Football Manager 2017\fm.exe"=0x534143500100000000000000070000002800000000B6BF070000000001000000000000000000000A00210000C48C08A5BD69D201000000000000000002000000280000000000000000000000000000000000000000000000000000004F050000000000000100000001000000
"C:\Program Files\BurnInTest\bit.exe"=0x5341435001000000000000000700000028000000402B73011EC3730101000000000000000000000A0021000092BBAB82A674D201000000000000000002000000500000000000000010000060000000000000000000000000000000007CF50000000000000100000001000000000000000000004000000000000000000000000000000000CD470200000000000200000000000000
"C:\Program Files\Speccy\Speccy64.exe"=0x5341435001000000000000000200000028000000000000000000000000000000000000000000000000000000C14B10000000000005000000050000000700000028000000D8C46C0089006D0001000000000000000000000A73220000EE8D78097292D2010000000000000000
"C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark_1.11.0\FurMark.exe"=0x5341435001000000000000000200000028000000000000000000000000000000000000000000000000000000CA3A8300000000000400000004000000070000002800000000AE4900AA104A0001000000000000000000020671220000DA5325B7A674D2010000000000000000
"D:\The Sims 1 - The Complete Collection\start.exe"=0x5341435001000000000000000700000028000000006056000000000001000000000000000000010571200000706DD1C7BD69D20100000000000000000200000028000000000000000000000000000000000000000000000000000000DD2C0300000000000200000002000000
"C:\Program Files (x86)\Maxis\Les Sims\Sims.exe"=0x534143500100000000000000070000002800000000702E000000000001000000000000000000010571200000706DD1C7BD69D20100000000000000000200000050000000000201052080006000040000000000000000000000000000EC80130000000000020000000200000000020105200000600004004000000000000000000000000009121C00000000000100000000000000
"\\nas\ATELIER\Outils\Testeur de materiel\OCCT - Stresstest alim-cpu-gpu.exe"=0x534143500100000000000000070000002800000074C769000000000001000000000000000000000671000000706DD1C7BD69D2010000000000000000020000002800000000000000000800400000000000000000000000000000000031EC2500000000000100000001000000
"C:\Program Files (x86)\OCCTPT\OCCT.exe"=0x53414350010000000000000007000000280000000018C304BF08C404010000000000000000000306F1020000DA5325B7A674D2010000000000000000020000002800000000000000000000400010000000000000000000000000000070CC6501000000000100000001000000
"C:\Program Files\NVIDIA Corporation\Display\nvtray.exe"=0x5341435001000000000000000700000028000000387C2500EAF9250001000000000000000000000A7322000092BBAB82A674D2010000000000000000020000002800000000000000000000000000000000000000000000000000000084195200000000000100000001000000
"C:\Program Files (x86)\Hotkey\HkeyTray.exe"=0x534143500100000000000000070000002800000000D417000000000001000000000000000000000AF1220000DA5325B7A674D2010000000000000000020000002800000000000000000000000000000000000000000000000000000022020000000000000100000001000000
"C:\Program Files (x86)\Hotkey\GameFeet.exe"=0x5341435001000000000000000700000028000000004609000000000001000000000000000000000AF1220000DA5325B7A674D201000000000000000002000000280000000000000000000000000000000000000000000000000000006C370000000000000100000001000000
"C:\Program Files (x86)\Hotkey\devicecontrol.exe"=0x5341435001000000000000000700000028000000D8B7270040F327000100000000000000000003067302000092BBAB82A674D20100000000000000000200000028000000000000000000000000000000000000000000000000000000CB000000000000000100000001000000
"C:\Program Files (x86)\Hotkey\ControlCenter.exe"=0x5341435001000000000000000200000028000000000000000000000014000000000000000000000000000000E74F03000000000006000000060000000700000028000000005A59000000000001000000000000000000000AF122000070D84B2B7292D2010000000000000000
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"=0x5341435001000000000000000700000028000000D8B41100C199120001000000000000000000000A71220000DA5325B7A674D201000000000000000002000000280000000000000000000000000000000000000000000000000000000A010000000000000200000002000000
"C:\ProgramData\NVIDIA Corporation\Downloader\latest\setup.exe"=0x5341435001000000000000000700000028000000C06F06003E47070001000000000000000000000A00210000DA5325B7A674D2010000000000000000020000002800000000000000000000400000000000000000000000000000000096AD0000000000000100000001000000
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe"=0x5341435001000000000000000700000028000000C0EB0B0096020C0001000000000000000000000A71200000DA5325B7A674D201000000000000000002000000280000000000000080000000000000000000000000000000000000007D000000000000000100000001000000
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"=0x5341435001000000000000000700000028000000C031160086C6160001000000000000000000000A00210000DA5325B7A674D20100000000000000000200000028000000000000000000000000000000000000000000000000000000D4130B01000000000100000001000000
"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"=0x5341435001000000000000000700000028000000607A0300E606040001000000000000000000030600010000762A2FB21ADDD201000000000000000002000000280000000000000000000040000000000000000000000000000000006642F032000000001300000013000000
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x534143500100000000000000070000002800000058731100C541120001000000000000000000000A00210000762A2FB21ADDD2010000000100000000
"C:\Users\Utilisateur\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000787C03003765040001000000000000000000000A002100007AE8ED9FBACCD2010000000100000000
"C:\Users\Utilisateur\Downloads\chofflinekeyreq (1)\CH_requestkey.exe"=0x53414350010000000000000007000000280000000044000000000000010000000000000000000006712000007AE8ED9FBACCD201000000000000000002000000280000000000000000000000000000000000000000000000000000008ED01700000000000100000001000000
"C:\Users\Utilisateur\Downloads\wild-noblaya-aced947aaccd31b\21238-noblaya-Tom Clancys Ghost Recon Wildlands Trainer.exe"=0x5341435001000000000000000700000028000000C06021000000000001000000000000000000000A712200007AE8ED9FBACCD20100000000000000000200000028000000000000000000004000000000000000000000000000000000597B1400000000000100000001000000
"C:\Users\Utilisateur\Downloads\par-noblaya-43180deac0e5d31\par-noblaya.exe"=0x534143500100000000000000070000002800000017A20B000000000001000000000000000000000A712200007AE8ED9FBACCD2010000000000000000020000002800000000000000000000400000000000000000000000000000000050C6A400000000000100000001000000
"C:\Users\Utilisateur\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.139-1.0.2060.exe"=0x534143500100000000000000070000002800000088F5D003E57BD10301000000000000000000000A002100007AE8ED9FBACCD20100000000000000000200000028000000000000000000004000000000000000000000000000000000F2670000000000000100000001000000
"C:\Users\Utilisateur\Downloads\maf3-noblaya-dea259e7670b0e3\21370-noblaya-Mafia III Trainer.exe"=0x5341435001000000000000000700000028000000C0DE1B000000000001000000000000000000000A712200007AE8ED9FBACCD20100000000000000000200000028000000000000000000004000000000000000000000000000000000C6200A00000000000100000001000000
"C:\Program Files (x86)\Origin\legacyPM\OriginLegacyCLI.exe"=0x534143500100000000000000070000002800000070AD0C00F9F30C00010000000000000000000106000100007AE8ED9FBACCD2010000000000000000020000002800000000000000000000000000000000000000000000000000000020000000000000000200000002000000
"C:\Program Files\CCleaner\CCleaner64.exe"=0x5341435001000000000000000700000028000000D8BA8D000DCD8D0001000000000000000000000A00210000762A2FB21ADDD2010000000000000000020000002800000000000000000000000000000000000000000000000000000029010000000000000200000002000000
"C:\Users\Utilisateur\Desktop\GTA V Offline.cmd"=0x5341435001000000000000000700000028000000002C04008D66040001000000000000000000010500100000762A2FB21ADDD2010000000000000000
"C:\Users\Utilisateur\Downloads\FiveM.exe"=0x5341435001000000000000000700000028000000000621000000000001000000000000000000000A002100007AE8ED9FBACCD20100000000000000000200000028000000000000000000000000000000000000000000000000000000F1890000000000000100000001000000
"C:\Users\Utilisateur\Downloads\FiveMP Installer.exe"=0x5341435001000000000000000700000028000000577C7F020000000001000000000000000000000A002100007AE8ED9FBACCD2010000000000000000020000002800000000000000000000400000000000000000000000000000000038EE0000000000000100000001000000
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"=0x5341435001000000000000000700000028000000508C2100383E220001000000000000000000010600010000762A2FB21ADDD20100000000000000000200000028000000000000000000001000000000000000000000000000000000F411CC01000000000500000005000000
"C:\Program Files\iTunes\iTunes.exe"=0x5341435001000000000000000700000028000000387B6E0249B96E0201000000000000000000000A002100007AE8ED9FBACCD20100000000000000000200000028000000000000000000001000000000000000000000000000000000CB904E00000000000100000001000000
"C:\Users\Utilisateur\Downloads\whocrashedSetup.exe"=0x5341435001000000000000000700000028000000E0904B00F3484C0001000000000000000000000A002100007AE8ED9FBACCD2010000000000000000020000002800000000000000000000400000000000000000000000000000000063853A00000000000100000001000000
"C:\ProgramData\Origin\SelfUpdate\Staged\OriginThinSetupInternal.exe"=0x534143500100000000000000070000002800000088EF4201C770430101000000000000000000000A002100007AE8ED9FBACCD20100000000000000000200000028000000000000000000000000000000000000000000000000000000A7420000000000000100000001000000
"C:\Program Files (x86)\Origin\OriginClientService.exe"=0x534143500100000000000000070000002800000090EB2000A4CD2100010000000000000000000106000100007AE8ED9FBACCD201000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000009A030000000000000100000001000000
"C:\Program Files (x86)\Origin\OriginWebHelperService.exe"=0x534143500100000000000000070000002800000098B72F00F7993000010000000000000000000106000100007AE8ED9FBACCD20100000000000000000200000028000000000000000000000000000000000000000000000000000000B9030000000000000100000001000000
"C:\Users\Utilisateur\Downloads\NDP452-KB2901907-x86-x64-AllOS-ENU.exe"=0x5341435001000000000000000700000028000000581B2C0449A62C04010000000000000000000306000100007AE8ED9FBACCD20100000000000000000200000028000000000000000000004000000000000000000000000000000000C9660000000000000100000001000000
"C:\Users\Utilisateur\AppData\Local\Microsoft\OneDrive\17.3.6816.0313_1\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000787C03003765040001000000000000000000000A00210000762A2FB21ADDD2010000000100000000
"C:\Program Files (x86)\Steam\Steam.exe"=0x5341435001000000000000000700000028000000206D2E001DC72E0001000000000000000000000A00210000762A2FB21ADDD20100000000000000000200000028000000000000000000000000000000000000000000000000000000E6526901000000000300000003000000
"C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE"=0x5341435001000000000000000700000028000000C8A01D00AADB1D0001000000000000000000000A00210000762A2FB21ADDD2010000009100000000
"SIGN.MEDIA=D1D90120 Install.exe"=0x534143500100000000000000070000002800000000F001000000000001000000000000000000010571200000762A2FB21ADDD20100000000000000000200000028000000000000000008004000000000000000000000000000000000400B0900000000000100000001000000
"C:\Program Files (x86)\Rockstar Games\GTA San Andreas\GTA_SA.EXE"=0x5341435001000000000000000700000028000000007ADB00EA5BDC0001000000000000000000010571200000762A2FB21ADDD201000000000000000001000000040000000100000005000000100000000000000000000000000201053080000002000000780000000002010530800070000400000000000000000000000000006469950000000000020000000200000000020105200000700004004001000000000000000100000047A70100000000000100000000000000000000000000001000040000000000000000000000000000718D0200000000000100000000000000
"C:\Program Files (x86)\Origin\Origin.exe"=0x534143500100000000000000070000002800000078832E000E922E0001000000000000000000000A00210000762A2FB21ADDD20100000000000000000200000028000000000000000000000000000000000000000000000000000000DE6B2000000000000400000004000000
"C:\Users\Utilisateur\Downloads\UDPixel22_installer.exe"=0x53414350010000000000000007000000280000000ECC00000000000001000000000000000000010571000000762A2FB21ADDD20100000000000000000200000028000000000000000008004000000000000000000000000000000000F53A0000000000000100000001000000
"C:\Program Files (x86)\UDPixel\UDPixel.exe"=0x53414350010000000000000007000000280000000020010000000000010000000000000000000006F1200000762A2FB21ADDD201000000000000000002000000280000000000000000000000000000000000000000000000000000002C712A00000000000100000001000000
"C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000C0E83E00A5A33F0001000000000000000000000A00210000762A2FB21ADDD20100000000000000000200000028000000000000000000000000000000000000000000000000000000E6A40100000000000200000002000000
"D:\Games\Bethesda.net Launcher\BethesdaNetUpdater.exe"=0x5341435001000000000000000700000028000000C07427004595270001000000000000000000000A71220000762A2FB21ADDD201000000000000000002000000280000000000000000000000000000000000000000000000000000003F8E0C01000000000300000003000000
"D:\Nexus Mod Manager\NexusClient.exe"=0x534143500100000000000000070000002800000098F731001AE7320001000000000000000000000AF1220000762A2FB21ADDD201000000000000000002000000280000000000000000000000000000000000000000000000000000006FAB0400000000000100000001000000
"C:\Users\Utilisateur\Downloads\setup_galaxy_1.2.10.31.exe"=0x5341435001000000000000000700000028000000D8D8770964C8780901000000000000000000000A00210000762A2FB21ADDD20100000000000000000200000028000000000000000000004000000000000000000000000000000000CE4B0000000000000100000001000000
"C:\Users\Utilisateur\Downloads\FxBgbear.exe"=0x534143500100000000000000070000002800000088B80200C350030001000000000000000000010571000000762A2FB21ADDD2010000000000000000020000002800000000000000000000400000000000000000000000000000000041EE2900000000000100000001000000
"C:\Users\Utilisateur\Downloads\ZHPCleaner.exe"=0x534143500100000000000000070000002800000080A72A0003022B0001000000000000000000030600010000762A2FB21ADDD20100000000000000000200000028000000000000000000004000000000000000000000000000000000571F0500000000000100000001000000
"C:\Users\Utilisateur\Downloads\RogueKiller_setup.exe"=0x534143500100000000000000070000002800000050BF1C0291271D0201000000000000000000000A00210000762A2FB21ADDD20100000000000000000200000028000000000000000000004000000000000000000000000000000000D9510000000000000100000001000000
"C:\Program Files\RogueKiller\RogueKiller64.exe"=0x534143500100000000000000070000002800000048E89201C082930101000000000000000000000A00210000762A2FB21ADDD20100000000000000000200000028000000000000000000004000000000000000000000000000000000EB731D00000000000200000002000000
"C:\Users\Utilisateur\Downloads\adwcleaner_6-047_fr_430277.exe"=0x5341435001000000000000000700000028000000C8B73E0077C63E0001000000000000000000000A00210000762A2FB21ADDD201000000000000000002000000280000000000000000000040000000000000000000000000000000009A9A0000000000000100000001000000
"C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe"=0x534143500100000000000000070000002800000058CD0600F9CE060001000000000000000000000A71220000762A2FB21ADDD201000000000000000002000000280000000000000000000000020000000000000000000000000000006C6B0A00000000000100000001000000
"C:\Users\Utilisateur\Desktop\QuickDiag.exe"=0x5341435001000000000000000700000028000000A8632A000C532B0001000000000000000000000A00210000762A2FB21ADDD201000000000000000002000000280000000000000000000040000000000000000000000000000000008A0A0B00000000000100000001000000
"C:\Program Files\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000C85B07006B92070001000000000000000000000A00210000762A2FB21ADDD2010000000100000000
"C:\Users\Utilisateur\Desktop\swh0f24d.exe"=0x534143500100000000000000070000002800000000EA28098957290901000000000000000000030600010000762A2FB21ADDD20100000000000000000200000028000000000000000000004000000000000000000000000000000000E79CEE00000000000200000002000000
"C:\Users\Utilisateur\Downloads\ccsetup531.exe"=0x5341435001000000000000000700000028000000A8759200420E930001000000000000000000000A00210000762A2FB21ADDD2010000000000000000
"C:\Program Files\Bitdefender\Bitdefender 2017\odsw.exe"=0x5341435001000000000000000700000028000000F84F0D001C7E0D0001000000000000000000000A71220000762A2FB21ADDD20100000000000000000200000028000000000000000000000000000000000000000000000000000000F8C10000000000000100000001000000
"C:\Program Files\Bitdefender\Bitdefender 2017\bdtkexec.exe"=0x534143500100000000000000070000002800000058A300003291010001000000000000000000000A71220000762A2FB21ADDD201000000000000000002000000280000000000000000000000000000000000000000000000000000000C4C0000000000000100000001000000
"C:\Users\Utilisateur\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.141-1.0.2092.exe"=0x5341435001000000000000000700000028000000101ED4031B39D40301000000000000000000000A00210000762A2FB21ADDD20100000000000000000200000028000000000000000000000000000000000000000000000000000000DCF49201000000000100000001000000


---------- | IFEO


---------- | Mountpoints2


---------- | Windows

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows   
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"Beep"=#USR:Control Panel\Sound   
"CoolSwitch"=USR:Control Panel\Desktop   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"Beep"=#USR:Control Panel\Sound   
"CoolSwitch"=USR:Control Panel\Desktop   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

---------- | Security center

[HKLM\SOFTWARE\Microsoft\Security Center]
"cval"=1

[HKLM\SOFTWARE\Microsoft\Security Center\svc]
"VistaSp1"=131417320896085871

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender
"ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100
"ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000
"RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe
"DisableAntiSpyware"=1
"ProductType"=2
"ManagedDefenderProductType"=0
"ProductStatus"=0
"InstallTime"=0x3DC7674EAB03D201
"OOBEInstallTime"=0xB7FF10CBD4D4D201
"InstallLocation"=C:\Program Files\Windows Defender\
"DisableAntiVirus"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=1
"DefaultInboundAction"=1


---------- | Safeboot

[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

---------- | Winsock (Whitelist)


---------- | Hosts


---------- | Ping

Envoi d'une requ?te 'ping' sur google.com [216.58.206.238] avec 32 octets de donn?es?:
R?ponse de 216.58.206.238?: octets=32 temps=28 ms TTL=55
R?ponse de 216.58.206.238?: octets=32 temps=18 ms TTL=55
R?ponse de 216.58.206.238?: octets=32 temps=31 ms TTL=55
R?ponse de 216.58.206.238?: octets=32 temps=19 ms TTL=55

Statistiques Ping pour 216.58.206.238:
    Paquets?: envoy?s = 4, re?us = 4, perdus = 0 (perte 0%),
Dur?e approximative des boucles en millisecondes :
    Minimum = 18ms, Maximum = 31ms, Moyenne = 24ms

---------- | @

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Internet Explorer\Main]
"Anchor Underline"=yes
"Cache_Update_Frequency"=yes
"Disable Script Debugger"=yes
"DisableScriptDebuggerIE"=yes
"Display Inline Images"=yes
"Do404Search"=0x01000000
"Local Page"=%11%\blank.htm
"Save_Session_History_On_Exit"=no
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Show_FullURL"=no
"Show_StatusBar"=yes
"Show_ToolBar"=yes
"Show_URLinStatusBar"=yes
"Show_URLToolBar"=yes
"Use_DlgBox_Colors"=yes
"UseClearType"=no
"XMLHTTP"=1
"Enable Browser Extensions"=yes
"Play_Background_Sounds"=yes
"Play_Animations"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"ImageStoreRandomFolder"=7gzuaa7

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"DisableCachingOfSSLPages"=0
"IE5_UA_Backup_Flag"=5.0
"PrivacyAdvanced"=1
"SecureProtocols"=2688
"CertificateRevocation"=1
"User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32)
"EnableNegotiate"=1
"MigrateProxy"=1
"ProxyEnable"=0
"ProxyOverride"=*.local
"ZonesSecurityUpgrade"=0x3215ABF94FE2D201
"WarnonZoneCrossing"=0

[HKLM\Software\Microsoft\Internet Explorer\Main]
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"AutoHide"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\Windows\System32\blank.htm
"Placeholder_Height"=0x1A000000
"Placeholder_Width"=0x1A000000
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Use_Async_DNS"=yes
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

[HKLM\Software\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"Home"=270
"InPrivate"=res://ieframe.dll/inprivate.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"PostNotCached"=res://ieframe.dll/repost.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"ftp"=ftp://
"home"=http://
"mosaic"=http://
"www"=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"ActiveXCache"=C:\Windows\Downloaded Program Files
"CodeBaseSearchPath"=CODEBASE
"EnablePunycode"=1
"MinorVersion"=0
"WarnOnIntranet"=1

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main]
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"AutoHide"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\Windows\SysWOW64\blank.htm
"Placeholder_Height"=0x1A000000
"Placeholder_Width"=0x1A000000
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Use_Async_DNS"=yes
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"Home"=270
"InPrivate"=res://ieframe.dll/inprivate.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"PostNotCached"=res://ieframe.dll/repost.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"ftp"=ftp://
"home"=http://
"mosaic"=http://
"www"=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings]
"ActiveXCache"=C:\Windows\Downloaded Program Files
"CodeBaseSearchPath"=CODEBASE
"EnablePunycode"=1
"MinorVersion"=0
"WarnOnIntranet"=1


---------- | Proxy


[HKLM\System\CurrentControlSet\Services\NLASVC\Parameters\Internet\Manualproxies]

---------- | reparsepoint


---------- | Detection of offsets


---------- | Notify 


---------- | Execution FileExts









---------- | SIOI | SEH | URLSH

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict)] - {8BA85C75-763B-4103-94EB-9470F12FE0F7} --  C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL   [05/02/2016 18:15:31]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro2 (SyncInProgress)] - {CD55129A-B1A1-438E-A425-CEBC7DC684EE} --  C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL   [05/02/2016 18:15:31]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro3 (InSync)] - {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} --  C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL   [05/02/2016 18:15:31]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} --  C:\Windows\System32\EhStorShell.dll   [04/06/2017 12:10:06]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\Offline Files] - {4E77131D-3629-431c-9818-C5679DC83E81} --  %SystemRoot%\System32\cscui.dll   
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} --     

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=   


---------- | Toolbar

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"Locked"=1   

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}"=0   

[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar]
"{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}"=0   

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   


---------- | Extensions

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) -       []
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Lync Click to Call) -       []
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) -       []
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) -       []
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) -       []

---------- | SearchScopes

[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BAC1E9C-6A17-49D2-AF6D-9C9219FBCE9D}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRNAM1&src=IE11TR&pc=NMTE : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0BAC1E9C-6A17-49D2-AF6D-9C9219FBCE9D}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=PRNAM1&src=IE11TR&pc=NMTE : 

---------- | ElevationPolicy

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FBAF6E6-C64B-49DB-AB1B-F93C607EBC71}] - (C:\Program Files (x86)\Microsoft Office\root\Office16\) - onenote.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\System32\) - CertEnrollCtrl.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\system32\IME\SHARED\) - IMEPADSV.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\System32\IME\SHARED\) - imesearch.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD993BDC-06E0-4131-B889-DD3B9AEBE253}] - (C:\Program Files (x86)\Microsoft Office\root\Office16\) - IEContentService.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E62A7A31-6025-408E-87F6-81AEB0DC9347}] - (C:\WINDOWS\system32\) - vsjitdebugger.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\system32\IME\SHARED\) - imedictupdateui.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\System32\Macromed\Flash) - FlashUtil_ActiveX.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{003B91A6-61E3-4591-891D-01E94C8CB11E}] - (C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\) - Silverlight.Configuration.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B3FB63-66F4-4EFC-B717-BB283B85E79B}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\) - AcroBroker.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ec76a37-1762-46ff-9b14-765b3e6793be}] - (C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\) - agcp.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FBAF6E6-C64B-49DB-AB1B-F93C607EBC71}] - (C:\Program Files (x86)\Microsoft Office\root\Office16\) - onenote.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{681f008a-b1c3-412d-9d95-e7a68837a6ce}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E2369A-75BA-41F9-8B9E-16059E5CF9A6}] - (C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\) - AdobeARM.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AC06A6F-4C88-4707-8DEC-61017CB50E1E}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader) - AcroRd32.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\sysnative\IME\SHARED\) - IMEPADSV.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D13E03F-8289-4c15-A84F-7A8F655C830A}] - (C:\Program Files (x86)\Microsoft Office\root\Office16\) - NAMECONTROLSERVER.EXE : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E1F80F4-953F-41E7-8460-E64AE5BE4ED3}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader) - AdobeCollabSync.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\SysWOW64\IME\SHARED\) - imesearch.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C6A861C-B233-4994-AFB1-C158EE4FC578}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader) - AcroRd32.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5054EC7-B9CB-4ad5-9F95-D8171A6D6BFA}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AAD4AE2E-D834-46D4-8B09-490FAC9C722B}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7278BD0-7970-47D6-8954-99B2343EED88}] - (C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF) - RdrCEF.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] - (C:\Program Files (x86)\Google\Update\1.3.33.5) - GoogleUpdateBroker.exe : C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] - (C:\Program Files (x86)\Google\Update\1.3.33.5) - GoogleUpdateWebPlugin.exe : C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD993BDC-06E0-4131-B889-DD3B9AEBE253}] - (C:\Program Files (x86)\Microsoft Office\root\Office16\) - IEContentService.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E62A7A31-6025-408E-87F6-81AEB0DC9347}] - (C:\WINDOWS\system32\) - vsjitdebugger.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ea109b0c-6a97-45f0-9eb4-5907dd99b995}] - (%WINDIR%\sysnative\IME\SHARED\) - imedictupdateui.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FAF199D2-BFA7-4394-A4DE-044A08E59B32}] - (C:\Windows\SysWOW64\Macromed\Flash) - FlashUtil_ActiveX.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : 

---------- | Ext\Settings


---------- | Ext\Stats

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9BE31822-FDAD-461B-AD51-BE1D1C159921}] :  : C:\Program Files (x86)\VideoLAN\VLC\axvlc.dll
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] :  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}] :  : C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C442AC41-9200-4770-8CC0-7CDB4F245C55}] :  : C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll

---------- | Browser Helper Objects

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}] -> (Bitdefender Wallet) : C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll  [02/06/2017 13:11:02]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> () :   
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] -> () :   
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}] -> (Bitdefender Wallet) : C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll  [02/06/2017 13:11:02]

---------- | Chrome

C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb =  :     __MSG_description__ -    short_name: __MSG_name__ - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\cifilbmpnkjinlkchohdfcpdkmpngiik =  :     __MSG_extension_description__ -     __MSG_extension_name__ - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\dliochdbjfkdbacpmhlcpmleaejidimm =  :     Google Cast -     Google Cast (Beta) - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\efaidnbmnnnibpcajpcglclefindmkaj =  :     __MSG_web2pdfExtnDescription__ -     __MSG_web2pdfExtnName__ - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\fpniocchabmgenibceglhnfeimmdhdfm =  :     Easily organize and share your personal media and online content on all of your devices no matter where you are. -     Plex - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\gannpgaobkkhmpomoijebaigcapoeebl =  :     Automatically fills your logins online while keeping them completely secured. -     Bitdefender Wallet - permissions:[tabswebNavigationnativeMessaging\u003Call_urls>] - http://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi =  :     __MSG_extDesc__ -     __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\jnilhmhccmndnjdfibjnlembifhkbcdn =  :     Countdown the number of days left until favourite holidays and events such as Public holidays Christmas and Easter or any date. - http://days.to/ -     Days To - [http://days.to/http://www.days.to/] - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\mlomiejdfkolichcflejclcbmpeaniij =  :     __MSG_short_description__ -    version_name: 7.2.2 - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm =  :     Provider for discovery and services for mirroring of Chrome Media Router -     Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx

[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\gannpgaobkkhmpomoijebaigcapoeebl]

---------- | Opera


---------- | Firefox


[HKLM\Software\mozilla\Firefox\Extensions]
"bdwteffv20@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\
[HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions]
"bdwteffv20@bitdefender.com"=C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff\
[HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
[HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVision] - (NVIDIA stereo images plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] - (NVIDIA 3D Vision Streaming plugin for Mozilla browsers) : C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.4] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\Adobe Reader] - (Handles PDFs in-place in Firefox) : C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\9399vpuk.default\Prefs.js

user_pref("browser.startup.homepage_override.buildID", "20170608105825");
user_pref("browser.startup.homepage_override.mstone", "54.0");
user_pref("extensions.blocklist.pingCountTotal", 3);
user_pref("extensions.blocklist.pingCountVersion", 3);
user_pref("extensions.bootstrappedAddons", "{\"aushelper@mozilla.org\":{\"version\":\"2.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"e10srollout@mozilla.org\":{\"version\":\"1.50\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"firefox@getpocket.com\":{\"version\":\"1.0.5\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"screenshots@mozilla.org\":{\"version\":\"6.6.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\screenshots@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"webcompat@mozilla.org\":{\"version\":\"1.1\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":true,\"dependencies\":[],\"hasEmbeddedWebExtension\":false},\"uBlock0@raymondhill.net\":{\"version\":\"1.13.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Users\\\\Utilisateur\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\9399vpuk.default\\\\extensions\\\\uBlock0@raymondhill.net.xpi\",\"multiprocessCompatible\":true,\"runInSafeMode\":false,\"dependencies\":[],\"hasEmbeddedWebExtension\":false}}");
user_pref("extensions.databaseSchema", 19);
user_pref("extensions.e10s.rollout.blocklist", "");
user_pref("extensions.e10s.rollout.hasAddon", true);
user_pref("extensions.e10s.rollout.policy", "50allmpc");
user_pref("extensions.e10sBlockedByAddons", false);
user_pref("extensions.e10sMultiBlockedByAddons", true);
user_pref("extensions.enabledAddons", "%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:54.0");
user_pref("extensions.getAddons.cache.lastUpdate", 1498037015);
user_pref("extensions.getAddons.databaseSchema", 5);
user_pref("extensions.hotfix.lastVersion", "20170302.01");
user_pref("extensions.lastAppVersion", "54.0");
user_pref("extensions.lastPlatformVersion", "54.0");
user_pref("extensions.pendingOperations", false);
user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}");
user_pref("extensions.ublock0.cloudStorage.myFiltersPane", "");
user_pref("extensions.ublock0.cloudStorage.myRulesPane", "");
user_pref("extensions.ublock0.cloudStorage.tpFiltersPane", "");
user_pref("extensions.ublock0.cloudStorage.whitelistPane", "");
user_pref("extensions.xpiState", "{\"app-profile\":{\"uBlock0@raymondhill.net\":{\"d\":\"C:\\\\Users\\\\Utilisateur\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\9399vpuk.default\\\\extensions\\\\uBlock0@raymondhill.net.xpi\",\"e\":true,\"v\":\"1.13.0\",\"st\":1498037017492}},\"app-system-defaults\":{\"aushelper@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\aushelper@mozilla.org.xpi\",\"e\":true,\"v\":\"2.0\",\"st\":1496963030167},\"e10srollout@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\e10srollout@mozilla.org.xpi\",\"e\":true,\"v\":\"1.50\",\"st\":1496963030168},\"firefox@getpocket.com\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\firefox@getpocket.com.xpi\",\"e\":true,\"v\":\"1.0.5\",\"st\":1496963030920},\"screenshots@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\screenshots@mozilla.org.xpi\",\"e\":true,\"v\":\"6.6.0\",\"st\":1496963031420},\"webcompat@mozilla.org\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\features\\\\webcompat@mozilla.org.xpi\",\"e\":true,\"v\":\"1.1\",\"st\":1496963030227}},\"app-global\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"d\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi\",\"e\":true,\"v\":\"54.0\",\"st\":1496963030196}},\"winreg-app-global\":{\"bdwteffv20@bitdefender.com\":{\"d\":\"C:\\\\Program Files\\\\Bitdefender\\\\Bitdefender 2017\\\\antispam32\\\\bdwteff\",\"e\":false,\"v\":\"4.2.5\",\"st\":1497943899562,\"mt\":1497994617889}}}");
user_pref("services.sync.prefs.sync.extensions.ublock0.cloudStorage.myFiltersPane", true);
user_pref("services.sync.prefs.sync.extensions.ublock0.cloudStorage.myRulesPane", true);
user_pref("services.sync.prefs.sync.extensions.ublock0.cloudStorage.tpFiltersPane", true);
user_pref("services.sync.prefs.sync.extensions.ublock0.cloudStorage.whitelistPane", true);

C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\9399vpuk.default

[Profile0] - Name=default -> Profiles/9399vpuk.default

---------- | DNS

[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"=192.168.0.1 0.0.0.0
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{05f01594-ed76-4f43-8aac-475760d24c6a}]
"NameServer"=8.8.8.8
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{1df4de1a-9502-470b-bf59-bb6375f78b98}]
"NameServer"=8.8.8.8
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{20559f0e-ace1-450f-bdf0-bff52e3cd6d0}]
"DhcpNameServer"=192.168.0.1 0.0.0.0
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{20559f0e-ace1-450f-bdf0-bff52e3cd6d0}]
"NameServer"=8.8.8.8
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{71c8edc6-fba2-4822-b772-678fab3843c8}]
"DhcpNameServer"=192.168.1.1 192.168.1.1
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{910a25e4-14cd-47fd-b29b-c7d76fad55ab}]
"DhcpNameServer"=192.168.0.1 0.0.0.0
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{910a25e4-14cd-47fd-b29b-c7d76fad55ab}]
"NameServer"=8.8.8.8
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{f5000d55-c697-46fc-990f-870c3d1a49fe}]
"DhcpNameServer"=192.168.0.101 4.2.2.3
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{05f01594-ed76-4f43-8aac-475760d24c6a}]
"NameServer"=8.8.8.8
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{1df4de1a-9502-470b-bf59-bb6375f78b98}]
"NameServer"=8.8.8.8
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{20559f0e-ace1-450f-bdf0-bff52e3cd6d0}]
"DhcpNameServer"=192.168.0.1 0.0.0.0
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{20559f0e-ace1-450f-bdf0-bff52e3cd6d0}]
"NameServer"=8.8.8.8
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{71c8edc6-fba2-4822-b772-678fab3843c8}]
"DhcpNameServer"=192.168.1.1 192.168.1.1
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{910a25e4-14cd-47fd-b29b-c7d76fad55ab}]
"DhcpNameServer"=192.168.0.1 0.0.0.0
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{910a25e4-14cd-47fd-b29b-c7d76fad55ab}]
"NameServer"=8.8.8.8
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{f5000d55-c697-46fc-990f-870c3d1a49fe}]
"DhcpNameServer"=192.168.0.101 4.2.2.3

---------- | ActiveX 

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - -> 
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - -> 
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> 
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> 
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> 
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - () - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - @%SystemRoot%\system32\themeui.dll,-2682 -> /UserInstall
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - @%SystemRoot%\system32\shell32.dll,-32969 -> U
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - (Google Chrome) - -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8E846595-913C-3305-833D-114F4E462EA9}] - (.NET Framework) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{FEBEF00C-046D-438D-8A88-BF94A6C9E703}] - (.NET Framework) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7C028AF8-F614-47B3-82DA-BA94E41B1089}] - (.NET Framework) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{88B1D083-4802-3BEA-9631-F2FFF21610D3}] - (.NET Framework) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD}] - (.NET Framework) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> 


---------- | Applications

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Classes\Applications\chrome.exe] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "%1"
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Classes\Applications\notepad++.exe] : "C:\Program Files (x86)\Notepad++\notepad++.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\devenv.exe] : "C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1
[HKLM\SOFTWARE\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L"
[HKLM\SOFTWARE\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE" "%1"
[HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\Classes\Applications\VSLauncher.exe] : "C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\devenv.exe] : "C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iTunes.exe] : "C:\Program Files\iTunes\iTunes.exe" /open "%L"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\VSLauncher.exe] : "C:\Program Files (x86)\Common Files\Microsoft Shared\MSEnv\VSLauncher.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"

---------- | DCOMApplications

Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af}
Name: Local Service Credential UI Broker - AppID: {00944ad3-b2ad-4bcf-9202-59bf4662d521}
Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68}
Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba}
Name: TabTip - AppID: {01419581-4d63-4d43-ac26-6e2fc976c1f3}
Name: lfsvc - AppID: {020FB939-2C8B-4DB7-9E90-9527966E38E5}
Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030}
Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd}
Name: DevicesFlowExperienceFlow - AppID: {046AEAD9-5A27-4D3C-8A67-F82552E0A91B}
Name: NvCpl - AppID: {048F26EF-2F89-46C9-99E7-481E40F3F2EC}
Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B}
Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32}
Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23}
Name: rzwdetmgr - AppID: {0746AF52-1075-4401-B34F-6FCC49658EF8}
Name: OOBE Bio Enrollment - AppID: {0771f7af-8de6-4bce-9528-2d4a12cb8168}
Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299}
Name: Retail Demo User COM Agent - AppID: {0886dae5-13ba-49d6-a6ef-d0922e502d96}
Name: RtkApoApi - AppID: {08B039CA-84AA-40EA-8E9C-1D9537DC415B}
Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A}
Name: Proximity Sharing - AppID: {08FC06E4-C6B5-40BE-97B0-B80F943C615B}
Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3}
Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3}
Name: MaxxAudioAPODll - AppID: {0A21D954-674A-4C09-806E-DB4FBE8F199C}
Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94}
Name: NotificationController App ID - AppID: {0B789C73-D8DA-416D-B665-C1603676CEB1}
Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C}
Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de}
Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E}
Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666}
Name: Shell Create Object Task Server - AppID: {133eac4f-5891-4d04-bada-d84870380a80}
Name: Shell Create Object Handler - AppID: {135fd325-45b7-4c30-89f8-4386961669f0}
Name: TPM Virtual Smart Card VCard Module Manager - AppID: {150F28F1-49A5-4C28-BE1A-CFA854A1D04B}
Name: Remote TPM Virtual Smart Card Manager - AppID: {152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}
Name: RuntimeBroker - AppID: {15c20b67-12e7-4bb6-92bb-7aff07997402}
Name: TPM Virtual Smart Card Manager - AppID: {16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}
Name: AppleSoftwareUpdateAdmin - AppID: {16D99191-6280-4B33-A2F5-04805A0FC582}
Name: Speech Runtime COM - AppID: {1725704B-A716-4E04-8EF6-87ED4F0A180A}
Name: Immersive TPM Virtual Smart Card Manager - AppID: {19833350-BF9B-42A1-BDF0-BD1FCBE1FD31}
Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5}
Name: Nv3DVStreamingIePlugin - AppID: {1AADA852-632F-4711-B201-37D27E27D3CD}
Name: GIDS Smart Card Simulator Manager - AppID: {1AC32B1A-E379-4CAD-B655-F978A30856EC}
Name: DaisyWrp - AppID: {1B96A1EB-EC0D-4729-BCB4-5E50A177B3F7}
Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6}
Name: Office Licensing COM Server 16 - AppID: {1E886174-DC88-4B83-8BC5-66409EC75F16}
Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c}
Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}
Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2}
Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7}
Name: Microsoft Software Protection Platform Admin Object (Inner) - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A717}
Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526}
Name: Provisioning Core - AppID: {217700E0-0000-11DF-ADB9-F4CE462D9137}
Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829}
Name: CortanaExperienceFlow - AppID: {24AC8F2B-4D4A-4C17-9607-6A4B14068F97}
Name: IpodService - AppID: {250DD19F-6E7F-4BA3-9E1B-69E6CDC52F30}
Name: Experimentation Broker - AppID: {2568BFC5-CDBE-4585-B8AE-C403A2A5B84A}
Name: Update Notification Component Com Handler - AppID: {25d6d937-1fa3-4a22-8875-8680943b3f29}
Name: InstallAgent - AppID: {260eb9de-5cbe-4bff-a99a-3710af55bf1e}
Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF}
Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E}
Name: WInRTDesktopBroker - AppID: {27550CA0-E9DE-4186-A566-37A59BB6CA69}
Name: Cloud Change Wnf Monitor - AppID: {276D4FD3-C41D-465F-8CA9-A82A7762DF32}
Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E}
Name: WalletService - AppID: {27D6B72D-094D-445A-9ACE-8298CBA0611A}
Name: AERTACap - AppID: {288E7ECC-EB53-45df-8EBD-72EAF9AFCB00}
Name: InstallAgentUserBroker - AppID: {28d08f70-46eb-4f26-a6cb-54b75132e100}
Name: bdelev - AppID: {28F49FF5-3CCE-44C4-919C-49C7E1D33927}
Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78}
Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A}
Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5}
Name: WalletService - AppID: {2EA38040-0B9C-4379-87FD-4D38BB892F37}
Name: Windows Security Health Service - AppID: {2EB6D15C-5239-41CF-82FB-353D20B816CF}
Name: DevicesFlow - AppID: {2F93C02D-77F9-46B4-95FB-8CBB81EEB62C}
Name: Immersive Shell Broker - AppID: {2FD08A73-D1F1-43EB-B888-24C2496F95FD}
Name: ShellServiceHostBrokerProvider - AppID: {30AD8C8E-AE85-42FA-B9E8-7E99E3DFBFC5}
Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7}
Name: AuthHost - AppID: {31337EC7-5767-11CF-BEAB-00AA006C3606}
Name: ICCProxy - AppID: {3163A299-B985-4140-A820-57D8351EFCA1}
Name: Immersive Shell - AppID: {316CDED5-E4AE-4B15-9113-7055D84DCC97}
Name: Delivery Optimization Mgmt - AppID: {338B40F9-9D68-4B53-A793-6B9AA0C5F63B}
Name: Language Components Installer Com Handler - AppID: {33ADC7D5-BAF1-4661-9822-1FD23E63B39F}
Name: wpnservice - AppID: {34E76A18-223B-4E23-BEAD-F59358CC0A90}
Name: CoreDpusSvr - AppID: {36234D6F-D9B8-404B-91C9-736BD2EE3040}
Name: Windows Push Notification Platform - AppID: {362cc086-4d81-4824-bbb5-666d34b3197d}
Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB}
Name: Security Health Agent Activate As Activator Host - AppID: {37096FBE-2F09-4FF6-8507-C6E4E1179893}
Name: Delivery Optimization - AppID: {379001DE-7108-4A45-8A74-6CD0A9FBEF2C}
Name: Microsoft Portable Workspace Launcher - AppID: {37B73D7B-A976-43AE-97E4-BD4977B241F2}
Name: CortanaMapiHelper - AppID: {3BFADDE5-09ED-42AE-8190-2E68B650CFE6}
Name: WorkspacePolicyProcessor - AppID: {3C3F40BC-60EB-4567-B90C-480C87C21AC1}
Name: EEL64A - AppID: {3D5781D9-B2FF-4396-8478-395412020995}
Name: Microsoft.VisualStudio.ProductKeyDialog - AppID: {3DC42F2C-AD30-461E-B877-11C917E8FE20}
Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F}
Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e}
Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7}
Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683}
Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25}
Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c}
Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91}
Name: Connected User Store - AppID: {40AFA0B6-3B2F-4654-8C3F-161DE85CF80E}
Name: NaturalAuthentication - AppID: {412E0F20-6C5B-43EC-879F-DA444A416EAC}
Name: AERTARen - AppID: {41C98373-FE7F-4a42-B694-34CC4F979E61}
Name: EntAppSvc - AppID: {42C21DF5-FB58-4102-90E9-96A213DC7CE8}
Name: VSPerfControl - AppID: {42F36251-2EB6-4026-88A0-3A4A0B508046}
Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775}
Name: SPP External COM Object - AppID: {44831FEC-DC51-4716-A7E1-E898FDF83C85}
Name: Thumbnail Extraction Host Class - AppID: {4545dea0-2dfc-4906-a728-6d986ba399a9}
Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29}
Name: Application Activation Manager - AppID: {45BA127D-10A8-46EA-8AB7-56EA9078943C}
Name: NvXDSyncPlugin - AppID: {4680B596-CF8C-44E1-A676-4AAA819E041F}
Name: Set Network Location Elevated Virtual Factory - AppID: {46B988E8-BEC2-401F-A1C5-16C694F26D3E}
Name: Radio Management Service - AppID: {478B41E6-3257-4519-BDA8-E971F9843849}
Name: EEG64A - AppID: {47EC1E17-F30B-430b-B9C4-DF60ED501A4B}
Name: ShellServiceHost - AppID: {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
Name: rzdevinfo - AppID: {4849BF16-A043-431F-951F-171A5E0913A7}
Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077}
Name: COM_SRS_HP360 - AppID: {49611624-F1A3-4AA7-8A06-0209D7D6BA92}
Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF}
Name: Telephony App Launcher - AppID: {49EBD8BE-1A92-4A86-A651-70AC565E0FEB}
Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d}
Name: IndexedDbCacheServer - AppID: {49f6e667-6658-4bd1-9de9-6af87f9faf85}
Name: Virtual Factory for Languages Configuration - AppID: {4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}
Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17}
Name: CSISYNCCLIENT.EXE - AppID: {4B417484-ABFF-4C70-8C2F-5A729026263C}
Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}
Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC}
Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94}
Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345}
Name: ServiceModule - AppID: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B}
Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630}
Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25}
Name: Security Health Agent Interactive User Host for WDSP only - AppID: {4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}
Name: iTunesAdmin - AppID: {5011B6DE-E9FA-4518-B5E5-45DE9DD2CDC6}
Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601}
Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1}
Name: wuapihost - AppID: {50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}
Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5}
Name: Offline Files Service - AppID: {52551A19-B337-498d-AE75-2283E29902DE}
Name: FsrmPropertiesPropSheet - AppID: {52FC5917-F4E4-4C78-B469-20E722379F6C}
Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B}
Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B}
Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C}
Name: Visual Studio Just-In-Time Debugger (Internal) - AppID: {534E4CF4-3249-4842-8D65-A9BEAE0BBEAC}
Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660}
Name: LockScreenContentServer Out of Proc Helper for LockScreenContent Clients - AppID: {536AACFB-5238-4314-B4D4-5B0A2E8B968E}
Name: LMS - AppID: {545C8D56-7A88-492D-B38D-559657A3DD4C}
Name: ShareFlow - AppID: {549e57e9-b362-49d1-b679-b64d510efe4b}
Name: Bonjour - AppID: {56608F9C-223B-4CB6-813D-85EDCCADFB4B}
Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF}
Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B}
Name: Elevated System Settings COM Host - AppID: {57360832-5F9B-4190-8467-000D2D510212}
Name: Microsoft.Windows.Simulator.UtilitiesElevated AppID - AppID: {57D1F1FB-B413-4730-BACA-695BDE0FD943}
Name: PrintNotify - AppID: {588E10FA-0618-48A1-BE2F-0AD93E899FCC}
Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2}
Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61}
Name: Docking.VirtualInput Create Object Server - AppID: {5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}
Name: WalletService - AppID: {5BC7A3A1-E905-414B-9790-E511346F5CA6}
Name: Microsoft Maps Background Transfer Service - AppID: {5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}
Name: EED64A - AppID: {5C73574D-FC7B-4747-8352-143F011923A0}
Name: PrintBrmEngine - AppID: {5C797117-3B23-4549-A6D8-475AB3B62228}
Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1}
Name: Splash screen - AppID: {5EAD00DC-0E8B-497C-BDE8-B9153058CBEF}
Name: User OOBE Create User Object Server - AppID: {5f7f3f7b-1177-4d4b-b1db-bc6f671b8f25}
Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1}
Name: PDFPrevHndlr - AppID: {6236FF8C-E747-4173-86D3-99F511B61DF3}
Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D}
Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327}
Name: PenIMC2 - AppID: {63CE6D27-426A-41F9-8E51-549C1132DAE2}
Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E}
Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}
Name: tiledatamodelsvc - AppID: {65E2E13A-7110-4912-9F03-9A42E253D8F6}
Name: Microsoft Visual Studio 2015 - AppID: {67E88D46-FF81-4E57-8C5E-F270A4F9EA1A}
Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30}
Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8}
Name: SoftwareUpdateApp - AppID: {6A070EEA-E3F8-411E-9D3A-F3814ED6D1A8}
Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}
Name: Software Gamepad Elevated Object Server - AppID: {6B34F2DD-CF79-4467-B94C-20AADD5B7FE8}
Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b}
Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56}
Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56}
Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}
Name: TieringEngineService - AppID: {6DF5BCF4-22E9-446D-8763-A2C7677ECF7D}
Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce}
Name: SEMgrSvc - AppID: {6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}
Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca}
Name: EditionUpgradeHelper - AppID: {6F65B602-F798-4094-8A41-A2A61961E5E8}
Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5}
Name: Windows Insider Service - AppID: {7006698d-2974-4091-a424-85dd0b909e23}
Name: workfolderssvc - AppID: {712cedb9-16a4-4f79-801d-7de24d8c706e}
Name: Nv3DVisionIePlugin - AppID: {727C4938-C5C5-4743-B543-7E6F100CE67B}
Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC}
Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD}
Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}
Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED}
Name: PenIMC4 - AppID: {7568952A-571E-4C70-BEA9-7F9004393436}
Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950}
Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070}
Name: WebPlatStorageBrokerServer - AppID: {7966b4d8-4fdc-4126-a10b-39a3209ad251}
Name: Microsoft.VisualStudio.ProductKeyDialog - AppID: {79A62785-E105-4185-BDAA-08AED13A1838}
Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100}
Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d}
Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7}
Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829}
Name: Shell Create Object Local Server - AppID: {7B6EA1D5-03C2-4AE4-B21C-8D0515CC91B7}
Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32}
Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6}
Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB}
Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715}
Name: Security Health Agent Interactive User Host - AppID: {7E55A26D-EF95-4A45-9F55-21E52ADF9887}
Name: Battery Notification Manager - AppID: {7EAD5C10-8B3F-11E6-AE22-56B6B6499611}
Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034}
Name: GPMC Reporting - AppID: {7f9bbc82-ba5f-4448-8622-ef76b8d007e6}
Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {7FC12E96-4CB7-4ABD-ADAA-EF7845B10629}
Name: WindowsSimulatorServiceFactory - AppID: {82068B61-3900-4B14-AC8E-DCF330F6BB1F}
Name: LibreOffice Service Manager (Ver 1.0) - AppID: {82154420-0FBF-11d4-8313-005004526AB4}
Name: CFmIfsEngine host - AppID: {82D94FB3-7FE6-4797-BB72-9A886C66073B}
Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F}
Name: APSDaemon - AppID: {85187E17-383D-4EC5-B8D6-D9466EE3DD92}
Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850}
Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE}
Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}
Name: AppReadiness Service - AppID: {88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}
Name: Activation Manager Shim - AppID: {8A9AE632-CB07-4A11-8872-358A2A271A24}
Name: Desktop Wallpaper Factory - AppID: {8B30085D-A3E3-44e3-AE7F-B03A1340EBED}
Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854}
Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB}
Name: Microsoft Visual Studio - AppID: {8CD2DD97-4EC1-4bc4-9359-89A3EEDD57A6}
Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee}
Name: TiWorker - AppID: {8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}
Name: AppVClient - AppID: {8D315960-32C4-4235-8369-901DF222816F}
Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C}
Name: WalletService - AppID: {8E44A57C-5638-44D3-9B83-34DF70EB57F2}
Name: RdpSa - AppID: {8e7fae4d-cff0-41d3-a326-5a80470264bb}
Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444}
Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db}
Name: Microsoft.Windows.Simulator.UtilitiesElevated AppID - AppID: {907FF85D-B346-40F6-94D8-10D908817647}
Name: WindowsSimulatorServiceFactory - AppID: {91F0793A-CD98-4304-BCA2-654A2786F328}
Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F}
Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients - AppID: {924DC564-16A6-42EB-929A-9A61FA7DA06F}
Name: RtkPgExt - AppID: {92842063-1ECC-4a1a-9343-9A8E1C972E60}
Name: HtmlLocalFileResolver - AppID: {93AAD2A0-036A-4B11-A078-DA8776B38139}
Name: ServiceModule - AppID: {9465B4B4-5216-4042-9A2C-754D3BCDC410}
Name: UiaManager - AppID: {94a38670-983b-459c-87c8-bb6ad617fd74}
Name: fshredctx - AppID: {96E72FCA-663F-4E6B-AF24-1FE6F03AA89A}
Name: WebPlatformStorageServer - AppID: {973d20d7-562d-44b9-b70b-5a0f49ccdf3f}
Name: VSPerfControl - AppID: {980972B5-6C88-40D5-898E-9B7E7085716B}
Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60}
Name: Telephony Incoming Call Toast - AppID: {990F07C7-78DC-4BD2-B145-5F791410BDDE}
Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7}
Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Name: NVXDPlcy - AppID: {9C5791C4-BCD3-48B8-A10D-CA0279320836}
Name: RuntimeBroker - AppID: {9CA88EE3-ACB7-47c8-AFC4-AB702511C276}
Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}
Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030}
Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D}
Name: CDP Reference Host - AppID: {A0316E2D-8793-4E74-AA48-8CE2ED05BA57}
Name: RtkCfg - AppID: {A11009A7-DC01-48F8-B6AA-C4613FC5CB15}
Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Name: TrayNotify - AppID: {a2b77517-6d12-4c60-b0c6-725e971ec8fe}
Name: rundll32.exe - AppID: {a2d9ca22-a492-400c-b875-78ac25c0a6f3}
Name: Xhr2OOP - AppID: {a3a81ee7-be13-4dd8-89f7-26aba705d81d}
Name: CTAPO - AppID: {a42365ad-1377-4a04-9dde-1c7cb2938db6}
Name: Virtual Factory for Windows Defender Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357}
Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6}
Name: Nv3DAppShExt - AppID: {A4CF1DBB-664A-4600-9CE3-96FBAA344504}
Name: DsmAdminApi - AppID: {A5065670-136D-4FD6-A45F-00C85B90359C}
Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24}
Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121}
Name: Virtual Factory for MaintenanceUI - AppID: {A6BFEA43-501F-456F-A845-983D3AD7B8F0}
Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}
Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50}
Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D}
Name: SwapAPODll - AppID: {A85F41D6-156B-470D-B505-110388968D5A}
Name: Delivery Optimization Mgmt - AppID: {AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}
Name: F12AppFrameClient Class - AppID: {AABAA6AA-5398-4C08-AE60-6321A7F05E9C}
Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22}
Name: Blend for Visual Studio - AppID: {AB7DC0D3-451E-42C2-8F12-81E85D050E9D}
Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}
Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94}
Name: PaymentsSvc - AppID: {AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}
Name: RetailDemo Service - AppID: {ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}
Name: WPN Srumon Server - AppID: {ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}
Name: TrayToastActivator - AppID: {AFC732E2-BA57-4B3E-A70A-71371F99B871}
Name: WorkspaceBroker Class - AppID: {B06FF84E-0A77-4DD2-A919-0EABD8979DC1}
Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA}
Name: DockInterface COM server - AppID: {b21858c6-9711-4257-99c8-5c0084bebce1}
Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492}
Name: AppActivationFailedHandler - AppID: {B3AADFEA-8404-4CBE-A62E-B0B715412C9E}
Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C}
Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599}
Name: Com_SRS_TruSurroundHD - AppID: {B6D5C1B8-6F68-4A82-8E20-2D0F3A52BD6A}
Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2}
Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D}
Name: Windows App Certification Kit Fast User Switching Utility Service - AppID: {B8DD253B-2CF6-4F4F-96F4-97D1E4D82C78}
Name: NVXDApiX - AppID: {B92B577B-628A-442B-A017-E86FB518C6FD}
Name: ApplicationActivationImpl - AppID: {B9305506-D05B-4C36-81C5-0E50886C1755}
Name: Application Frame Host - AppID: {B9B05098-3E30-483F-87F7-027CA78DA287}
Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4}
Name: AcroPDF - AppID: {BBAA0E44-3862-490C-8E63-AC2D2D6EF733}
Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70}
Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}
Name: Setting Sync Task Factory - AppID: {bcbb3f8c-2889-474f-8fb7-904d4a416145}
Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}
Name: EditionUpgradeManagerObj - AppID: {BD54C901-076B-434E-B6C7-17C531F4AB41}
Name: VM IC Heartbeat Service - AppID: {be0fc7f0-f248-4091-a123-34ca29a6901b}
Name: ChezSCSPI - AppID: {BF43CA5F-2276-4334-BB3D-642F3834EA23}
Name: Shell AutoPlay Direct - AppID: {BF8841C9-378A-4CAD-B4FC-5091366CBC0D}
Name: ShellBrowserWindow - AppID: {c08afd90-f2a1-11d1-8455-00a0c91f3880}
Name: LockAppHost Out of Proc Helper for Lock Apps - AppID: {C08B030B-E91C-479D-BEFD-02DDA7FF1BCF}
Name: Spectrum - AppID: {C0E1CE99-C981-44A2-AC4C-41036FAC6593}
Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6}
Name: DataExchangeHost - AppID: {C2E9756F-8155-4EAC-9ED5-0B690169D412}
Name: RetailCoreSystemAgent Service - AppID: {C2EA2356-994C-45AF-BDAE-10796F73BC47}
Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF}
Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1}
Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E}
Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444}
Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D}
Name: Xbox Live Game Saves - AppID: {C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}
Name: NvXDCore - AppID: {C5EDFC9D-B018-41A4-9877-39AB18469C3A}
Name: EntAppSvc - AppID: {C63261E4-6052-41FF-B919-496FECF4C4E5}
Name: EmailClient Class - AppID: {C6E0A4C8-A933-411E-8068-406C2391665F}
Name: FamilySafetyRefreshTask - AppID: {C844C79D-AED8-4DCE-AB25-4D359BED84F8}
Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9}
Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81}
Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D}
Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C}
Name: editionupgradebroker - AppID: {C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}
Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F}
Name: User OOBE Create Elevated Object Server - AppID: {ca8c87c1-929d-45ba-94db-ef8e6cb346ad}
Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B}
Name: PrintIsolationSessionHost - AppID: {CB363445-F453-4C1E-8EE4-BD123C5E394F}
Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF}
Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF}
Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933}
Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2}
Name: ShadowPlay Server - AppID: {CE79BC8B-2980-4CA9-9570-6E0BF5B93BF2}
Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03}
Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395}
Name: SwapAPODll - AppID: {CF85F74A-E465-4fb6-898F-8F72C2B84D8E}
Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7}
Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5}
Name: Color Management - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937}
Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652}
Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30}
Name: CloudStorageWizard - AppID: {D8775A07-C529-4EA7-B307-BA7C8CBBDA03}
Name: Microsoft Software Protection Platform Admin Object (outer) - AppID: {D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}
Name: IndexedDbBrokerServer - AppID: {dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6}
Name: Microsoft Volumetric Audio Compositor - AppID: {DD7B2C49-A779-4055-BBD5-7C96F502F97F}
Name: BrowserBrokerServer - AppID: {DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}
Name: Srumon Server - AppID: {ddcfd26b-feed-44cd-b71d-79487d2e5e5a}
Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44}
Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5}
Name: LockScreen Call Broker - AppID: {DE7D3D65-5454-4EF5-9518-776739DAB39F}
Name: ConfigManager2WrapperCSP - AppID: {DF3D6493-B4CB-4EFA-A4D0-FBBEBF4CDB62}
Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E}
Name: Immersive Print Dialog Surrogate - AppID: {E15FBAC2-C276-4523-92CA-561456EBCF3E}
Name: RtkAPODll - AppID: {E1D2965E-D32B-4e1c-B9F1-159ACB984258}
Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212}
Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB}
Name: Execute Unknown - AppID: {e44e9428-bdbc-4987-a099-40dc8fd255e7}
Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients (Failed Mouse In Pointer) - AppID: {E45A56CE-399C-45F0-9E6F-BFAACD3C711F}
Name: COM_SRS_WOWHD2 - AppID: {E46D2660-D86E-4B0A-BB61-F0FFE9BBDEB5}
Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A}
Name: Visual Studio Just-In-Time Debugger - AppID: {E62A7A31-6025-408E-87F6-81AEB0DC9347}
Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9}
Name: Orchestrator Service - AppID: {E7299E79-75E5-47BB-A03D-6D319FB7F886}
Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5}
Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90}
Name: Remove Device elevation surrogate - AppID: {E95186C7-7D80-4311-843D-0702CBC8B1E4}
Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45E1-8E7D-64414AFF281A}
Name: Exchange Active Sync Policy Manager Broker - AppID: {E9DD849F-B3CF-4614-94BB-CB2696BD34FB}
Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB}
Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}
Name: Remote Desktop Services Message Server - AppID: {EB521D7D-4095-4E61-88FB-BF25700F142A}
Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A}
Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A}
Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58}
Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147}
Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7}
Name: NVXDBat - AppID: {EF73A51A-EE4A-4E16-9D3A-649245C8F44F}
Name: CloudExperienceHost Broker AppID - AppID: {efe2d6d8-a81b-41e7-ae77-e5244ab80522}
Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}
Name: Microsoft Visual Studio 2013 - AppID: {F1EC4627-3968-46A8-8C57-2D6779D7EDBD}
Name: AcroBroker - AppID: {F2383816-917A-46CC-AD2A-5013BED3800F}
Name: AvailableNetworksExperienceFlow - AppID: {F2506CD7-82C2-43D9-A1D3-F85F5EFE7D09}
Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7}
Name: FodHelper - AppID: {F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}
Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}
Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A}
Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248}
Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717}
Name: Pen Workspace Discover Broker - AppID: {F5A6ACF4-FFE0-4934-AE1D-5F960EA0AAD9}
Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8}
Name: CloudExperienceHost Create System Object Server - AppID: {f7fa3149-91e7-43b7-8040-b707688ced1a}
Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E}
Name: WLIDFDP - AppID: {F828BB1A-2FAE-4AC4-AE6F-CAC9B529F996}
Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}
Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Name: iTunes - AppID: {F98206B5-F052-4965-9FA0-85F61BC3C19D}
Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333}
Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E}
Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb}
Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160}
Name: Hotspot Auth Module - AppID: {FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}
Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9}
Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00}
Name: Proximity UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10C}
Name: MP UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10D}
Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}
Name: EntAppSvc - AppID: {FFE1E5FE-F1F0-48C8-953E-72BA272F2744}

Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{00944ad3-b2ad-4bcf-9202-59bf4662d521}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-3-3215430884-1339816292-89257616-1145831019"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559"
Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522"
Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-84-0-0-0-0-0"
Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{16D99191-6280-4B33-A2F5-04805A0FC582}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{16D99191-6280-4B33-A2F5-04805A0FC582}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556"
Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F16}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F16}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F16}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1E886174-DC88-4B83-8BC5-66409EC75F16}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628"
Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556"
Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-32-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067"
Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-15-3-1024-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067"
Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-32-2558976728-3115931106-1512009022-3208506203-2008579624-341828572-3950653509-2339491937"
Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-15-3-1024-2558976728-3115931106-1512009022-3208506203-2008579624-341828572-3950653509-2339491937"
Win32_DCOMApplication.AppID="{260eb9de-5cbe-4bff-a99a-3710af55bf1e}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-2781"
Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-32-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067"
Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-15-3-1024-4267310653-3012624349-32869343-335676702-674013981-1531007892-2777328540-762217067"
Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-5-32-2558976728-3115931106-1512009022-3208506203-2008579624-341828572-3950653509-2339491937"
Win32_DCOMApplication.AppID="{28d08f70-46eb-4f26-a6cb-54b75132e100}" - Win32_SID.SID="S-1-15-3-1024-2558976728-3115931106-1512009022-3208506203-2008579624-341828572-3950653509-2339491937"
Win32_DCOMApplication.AppID="{28F49FF5-3CCE-44C4-919C-49C7E1D33927}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{28F49FF5-3CCE-44C4-919C-49C7E1D33927}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-15-3-1024-1314380931-3989923313-3249193833-1963115619-3940350845-1282913705-2904921893-3519892189"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1212"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3DC42F2C-AD30-461E-B877-11C917E8FE20}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{3DC42F2C-AD30-461E-B877-11C917E8FE20}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-1"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-2"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-3"
Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-3-1024-3153509613-960666767-3724611135-2725662640-12138253-543910227-1950414635-4190290187"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4680B596-CF8C-44E1-A676-4AAA819E041F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4680B596-CF8C-44E1-A676-4AAA819E041F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4680B596-CF8C-44E1-A676-4AAA819E041F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4680B596-CF8C-44E1-A676-4AAA819E041F}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-80-611605672-2879557022-2206624263-4029342278-3129212340"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4A3F2F56-454A-4CC5-9734-BB7D8141AC0A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{5011B6DE-E9FA-4518-B5E5-45DE9DD2CDC6}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{5011B6DE-E9FA-4518-B5E5-45DE9DD2CDC6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{5011B6DE-E9FA-4518-B5E5-45DE9DD2CDC6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-15-3-1024-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412"
Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{52FC5917-F4E4-4C78-B469-20E722379F6C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{52FC5917-F4E4-4C78-B469-20E722379F6C}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{534E4CF4-3249-4842-8D65-A9BEAE0BBEAC}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{534E4CF4-3249-4842-8D65-A9BEAE0BBEAC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-3-1024-3625662137-2682091254-856171984-2868379045-3001028726-1009205972-4175949866-684286152"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1031"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-80-3028837079-3186095147-955107200-3701964851-1150726376"
Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991"
Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{65E2E13A-7110-4912-9F03-9A42E253D8F6}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{67E88D46-FF81-4E57-8C5E-F270A4F9EA1A}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{67E88D46-FF81-4E57-8C5E-F270A4F9EA1A}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{730BFCEC-E4BF-4D3A-9FBB-01DD132467A4}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-503"
Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546"
Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331"
Win32_DCOMApplication.AppID="{79A62785-E105-4185-BDAA-08AED13A1838}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{79A62785-E105-4185-BDAA-08AED13A1838}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{7f9bbc82-ba5f-4448-8622-ef76b8d007e6}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7f9bbc82-ba5f-4448-8622-ef76b8d007e6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{874E03B4-29BD-4628-A0F6-78B8B011ADA9}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{874E03B4-29BD-4628-A0F6-78B8B011ADA9}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{874E03B4-29BD-4628-A0F6-78B8B011ADA9}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{874E03B4-29BD-4628-A0F6-78B8B011ADA9}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-80-4155767994-3874329934-3800885181-2130851812-726865888"
Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-15-3-1024-1701033769-137094913-3738083205-577272984-1204217555-1180762924-3352773070-2589626690"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1210"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-3859068477-1314311106-1651661491-1685393560"
Win32_DCOMApplication.AppID="{92940059-57cc-41bc-a042-80a6247ffce6}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194-2385269614-3243675-834220592-3047885450"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331"
Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A0316E2D-8793-4E74-AA48-8CE2ED05BA57}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{A0ADD4EC-5BD3-4f70-A47B-07797A45C635}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A0ADD4EC-5BD3-4f70-A47B-07797A45C635}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{A0ADD4EC-5BD3-4f70-A47B-07797A45C635}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331"
Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422"
Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{AB7DC0D3-451E-42C2-8F12-81E85D050E9D}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{AB7DC0D3-451E-42C2-8F12-81E85D050E9D}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{AB7DC0D3-451E-42C2-8F12-81E85D050E9D}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{AB7DC0D3-451E-42C2-8F12-81E85D050E9D}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{AB7DC0D3-451E-42C2-8F12-81E85D050E9D}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-3-1024-2922296261-1647482768-2017091146-3858667068-4135663662-2931985894-1627820925-818366431"
Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708"
Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{B8DD253B-2CF6-4F4F-96F4-97D1E4D82C78}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{B8DD253B-2CF6-4F4F-96F4-97D1E4D82C78}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{C5EDFC9D-B018-41A4-9877-39AB18469C3A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{C5EDFC9D-B018-41A4-9877-39AB18469C3A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C5EDFC9D-B018-41A4-9877-39AB18469C3A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C5EDFC9D-B018-41A4-9877-39AB18469C3A}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628"
Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464"
Win32_DCOMApplication.AppID="{dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{dc4537c3-ca73-4ac7-9e1d-b2ce27c3a7a6}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{DD7B2C49-A779-4055-BBD5-7C96F502F97F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{DD7B2C49-A779-4055-BBD5-7C96F502F97F}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{DD7B2C49-A779-4055-BBD5-7C96F502F97F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}" - Win32_SID.SID="S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{DF3D6493-B4CB-4EFA-A4D0-FBBEBF4CDB62}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{DF3D6493-B4CB-4EFA-A4D0-FBBEBF4CDB62}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-15-3-1024-2819154332-3691255550-2499738133-2646149002-4290075130-3069449926-721213713-3168903538"
Win32_DCOMApplication.AppID="{E62A7A31-6025-408E-87F6-81AEB0DC9347}" - Win32_SID.SID="S-1-2-0"
Win32_DCOMApplication.AppID="{E62A7A31-6025-408E-87F6-81AEB0DC9347}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E62A7A31-6025-408E-87F6-81AEB0DC9347}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{E62A7A31-6025-408E-87F6-81AEB0DC9347}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{E62A7A31-6025-408E-87F6-81AEB0DC9347}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{E72D8978-ABF1-48CC-9B25-8F2787A66C1E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E72D8978-ABF1-48CC-9B25-8F2787A66C1E}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{E72D8978-ABF1-48CC-9B25-8F2787A66C1E}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{E72D8978-ABF1-48CC-9B25-8F2787A66C1E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-5-7"
Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991"
Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{F1EC4627-3968-46A8-8C57-2D6779D7EDBD}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{F1EC4627-3968-46A8-8C57-2D6779D7EDBD}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551"
Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-3433512109-503559027-1389316256-1766580070-2256751264"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-1260278928-804197538-2066346633-4268302704-2216462912"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-345135819-4012009209-3062012967-1747265747-3674605950"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-951620777-1059631183-2804607755-3010024351-809615488"
Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675"
Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-1"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-2"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-3"
Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556"
Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-32-544"

---------- | SvcHost (Whitelist)

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"DcomLaunch"=Power
LSM
BrokerInfrastructure
PlugPlay
DcomLaunch
DeviceInstall
SystemEventsBroker
"rdxgroup"=RetailDemo
"Camera"=FrameS
"PrintWorkflow"=PrintWorkflowUserSvc
"DevicesFlow"=DevicesFlowUserSvc
"GraphicsPerfSvcGroup"=GraphicsPerfSvc
"smbsvcs"=lanmanserver
browser
"PeerDist"=PeerDistSvc
"AssignedAccessManagerSvc"=AssignedAccessManagerSvc

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost]
"DcomLaunch"=PlugPlay
DcomLaunch
DeviceInstall
"PrintWorkflow"=PrintWorkflowUserSvc
"smbsvcs"=lanmanserver


---------- | SvcHost - Netsvcs (Whitelist)

TokenBroker - %SystemRoot%\System32\TokenBroker.dll : %SystemRoot%\system32\svchost.exe -k netsvcs -p

---------- | Software

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\5tudio]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\7-Zip]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Adobe]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Amazon]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\AppDataLow]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Apple Computer, Inc.]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Apple Inc.]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Audiokinetic Inc.]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Beam Team Games]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Bethesda Softworks]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Bitdefender]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Blender Foundation]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\BugSplat]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Cheat Engine]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\CheatHappens]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\ched]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Chromium]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Clickteam]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Clients]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\ComboKey]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Creative Tech]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Crytek]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\DefaultCompany]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Electronic Arts]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Epic Games]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\g3n-h@ckm@n]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Gaditek]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\GameMakerPlayer]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\GfaceGmbh]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\GMStudio]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\GNU]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\GOG.com]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Google]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\hotkey]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\HWiNFO64]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Indigo Rose]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Intel]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\inXile Entertainment]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\JavaSoft]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Killer Networking]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Lazy Bear Games]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\LeaderTech]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Ludeon Studios]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Lumberyard]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\MakeMKV]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Malwarebytes]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\McMagic Productions]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\MountAndBladeKeys]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Mozilla]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Netscape]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\NVIDIA Corporation]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Obsidium]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\ODBC]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\paint.net]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\perforce]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Piriform]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Playsport Games]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Policies]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\QtProject]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Realtek]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Red Dot Games]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\RegisteredApplications]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Resplendence Sp]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\SecuROM]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\SpeedFan]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Synaptics]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\SyncEngines]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\sysinternals]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\techPowerUp]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\The Document Foundation]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\The Fun Pimps]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Trolltech]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\U-Play online]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Ubisoft]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Unity]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Unity Technologies]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Valve]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\WinRAR]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\WinRAR SFX]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Wintertree]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\WixSharp]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Wow6432Node]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\ZHP]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\AppDataLow\Software\Microsoft]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Windows\AssignedAccessConfiguration]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Windows\DWM]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Windows\Shell]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Windows\TabletPC]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Windows\Windows Error Reporting]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Windows\Winlogon]
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\Autodesk]
[HKLM\Software\AVC3]
[HKLM\Software\BitDefender]
[HKLM\Software\Bitdefender Agent]
[HKLM\Software\Bitdefender Device Management]
[HKLM\Software\Clients]
[HKLM\Software\Creative Tech]
[HKLM\Software\EA Sports]
[HKLM\Software\EpicGames]
[HKLM\Software\FileZilla 3]
[HKLM\Software\Fortemedia]
[HKLM\Software\g3n-h@ckm@n]
[HKLM\Software\Gaditek]
[HKLM\Software\Google]
[HKLM\Software\Ignis]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Killer Networking]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Maxis]
[HKLM\Software\Microsoft]
[HKLM\Software\Mozilla]
[HKLM\Software\mozilla.org]
[HKLM\Software\Nuance]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\paint.net]
[HKLM\Software\Partner]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Synaptics]
[HKLM\Software\sysinternals]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Microsoft\Windows\AssignedAccessConfiguration]
[HKLM\Software\Microsoft\Windows\ClickNote]
[HKLM\Software\Microsoft\Windows\CurrentVersion]
[HKLM\Software\Microsoft\Windows\Dwm]
[HKLM\Software\Microsoft\Windows\DynamicManagement]
[HKLM\Software\Microsoft\Windows\EnterpriseResourceManager]
[HKLM\Software\Microsoft\Windows\Heat]
[HKLM\Software\Microsoft\Windows\HTML Help]
[HKLM\Software\Microsoft\Windows\ITStorage]
[HKLM\Software\Microsoft\Windows\ScheduledDiagnostics]
[HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\Microsoft\Windows\Shell]
[HKLM\Software\Microsoft\Windows\Tablet PC]
[HKLM\Software\Microsoft\Windows\TabletPC]
[HKLM\Software\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\Microsoft\Windows\Windows Search]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AssignedAccessManagerSvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx]
[HKLM\Software\WOW6432Node\7-Zip]
[HKLM\Software\WOW6432Node\Adobe]
[HKLM\Software\WOW6432Node\AGEIA Technologies]
[HKLM\Software\WOW6432Node\Airplane Mode Hid Installer]
[HKLM\Software\WOW6432Node\Apple Inc.]
[HKLM\Software\WOW6432Node\Atari]
[HKLM\Software\WOW6432Node\Audiokinetic Inc.]
[HKLM\Software\WOW6432Node\Autodesk FBX SDK 2016.1.2]
[HKLM\Software\WOW6432Node\Bethesda Softworks]
[HKLM\Software\WOW6432Node\Bitdefender]
[HKLM\Software\WOW6432Node\Bitdefender Agent]
[HKLM\Software\WOW6432Node\Clickteam]
[HKLM\Software\WOW6432Node\Control Center 5.0001.0.71]
[HKLM\Software\WOW6432Node\Creative Tech]
[HKLM\Software\WOW6432Node\Crytek]
[HKLM\Software\WOW6432Node\Deep Silver]
[HKLM\Software\WOW6432Node\EA Sports]
[HKLM\Software\WOW6432Node\EasyAntiCheat]
[HKLM\Software\WOW6432Node\Electronic Arts]
[HKLM\Software\WOW6432Node\EpicGames]
[HKLM\Software\WOW6432Node\Eversim]
[HKLM\Software\WOW6432Node\FileZilla 3]
[HKLM\Software\WOW6432Node\FileZilla Client]
[HKLM\Software\WOW6432Node\fish technology group]
[HKLM\Software\WOW6432Node\Gaditek]
[HKLM\Software\WOW6432Node\GfaceGmbh]
[HKLM\Software\WOW6432Node\gog.com]
[HKLM\Software\WOW6432Node\Google]
[HKLM\Software\WOW6432Node\Infogrames]
[HKLM\Software\WOW6432Node\Intel]
[HKLM\Software\WOW6432Node\JavaSoft]
[HKLM\Software\WOW6432Node\Khronos]
[HKLM\Software\WOW6432Node\LibreOffice]
[HKLM\Software\WOW6432Node\Macromedia]
[HKLM\Software\WOW6432Node\Maxis]
[HKLM\Software\WOW6432Node\Microsoft]
[HKLM\Software\WOW6432Node\Microsoft Corporation]
[HKLM\Software\WOW6432Node\Mozilla]
[HKLM\Software\WOW6432Node\MozillaPlugins]
[HKLM\Software\WOW6432Node\Notepad++]
[HKLM\Software\WOW6432Node\Nuance]
[HKLM\Software\WOW6432Node\NuGet]
[HKLM\Software\WOW6432Node\NVIDIA Corporation]
[HKLM\Software\WOW6432Node\ODBC]
[HKLM\Software\WOW6432Node\OpenAL]
[HKLM\Software\WOW6432Node\Orange]
[HKLM\Software\WOW6432Node\Origin]
[HKLM\Software\WOW6432Node\Origin Games]
[HKLM\Software\WOW6432Node\Piriform]
[HKLM\Software\WOW6432Node\PocketSoft]
[HKLM\Software\WOW6432Node\PreEmptive Solutions]
[HKLM\Software\WOW6432Node\railsimulator.com]
[HKLM\Software\WOW6432Node\Realtek]
[HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\WOW6432Node\Rockstar Games]
[HKLM\Software\WOW6432Node\Rotobee - Realtime 3D GmbH]
[HKLM\Software\WOW6432Node\SpeedFan]
[HKLM\Software\WOW6432Node\SyncIntegrationClients]
[HKLM\Software\WOW6432Node\The Document Foundation]
[HKLM\Software\WOW6432Node\Thraex Software]
[HKLM\Software\WOW6432Node\Ubisoft]
[HKLM\Software\WOW6432Node\UDPixel]
[HKLM\Software\WOW6432Node\Valve]
[HKLM\Software\WOW6432Node\VideoLAN]
[HKLM\Software\WOW6432Node\WinPcap]
[HKLM\Software\WOW6432Node\WOW6432Node]
[HKLM\Software\WOW6432Node\Xamarin]
[HKLM\Software\WOW6432Node\Xvid Team]
[HKLM\Software\WOW6432Node\Clients]
[HKLM\Software\WOW6432Node\Policies]
[HKLM\Software\WOW6432Node\RegisteredApplications]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm]
[HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Heat]
[HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]

---------- | FeatureControl

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
"5piceIDE.exe"="8888"
"AcroRd32.exe"="10001"
"OneDrive.exe"="11000"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]
"*"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
"infopath.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]
"HelpPane.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
"HelpPane.exe"="10000"
"prevhost.exe"="8000"
"UNPUXHost.exe"="11000"
"seccenter.exe"="8888"
"bdagent.exe"="8888"
"obk.exe"="8888"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]
"*"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
"SAPfewgsrv.exe"="0"
"SAPGUI.exe"="0"
"SAPGuiIT.exe"="0"
"SAPLgPad.exe"="0"
"SAPLOGON.exe"="0"
"Scale_for_R3.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]
"ieuser.exe"="1"
"iexplore.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]
"YahooMusicEngine.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE]
"HelpPane.exe"="100000"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]
"devenv.exe"="1"
"dexplore.exe"="1"
"helppane.exe"="1"
"PresentationHost.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]
"msfeedssync.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]
"HelpPane.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]
""=""
"msiexec.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]
"cs.exe"="1"
"waol.exe"="1"
"wm.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]
"iexplore.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]
"helppane.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]
"wlmail.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]
"explorer.exe"="4"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]
"explorer.exe"="2"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]
"mshta.exe"="1"
"outlook.exe"="1"
"sidebar.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]
"explorer.exe"="0"
"iexplore.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]
"communicator.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]
"msimn.exe"="1"
"prevhost.exe"="1"
"winmail.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]
"HelpPane.exe"="0"
"prevhost.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]
"msimn.exe"="1"
"outlook.exe"="1"
"winmail.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]
"HelpPane.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]
"excel.exe"="1"
"infopath.exe"="1"
"powerpnt.exe"="1"
"winword.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE]
"HelpPane.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]
"msn.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]
"iexplore.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]
"explorer.exe"="1"
"iexplore.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]
"PresentationHost.exe"="1"
"sllauncher.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]
"*"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
"infopath.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_CROSS_PROTOCOL_FILE_NAVIGATION]
"devenv.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]
"HelpPane.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"sllauncher.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"sllauncher.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"sllauncher.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
"HelpPane.exe"="10000"
"prevhost.exe"="8000"
"WebBrowserServer.exe"="10000"
"sllauncher.exe"="8000"
"Xde.exe"="10000"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]
"*"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
"SAPfewgsrv.exe"="0"
"SAPGUI.exe"="0"
"SAPGuiIT.exe"="0"
"SAPLgPad.exe"="0"
"SAPLOGON.exe"="0"
"Scale_for_R3.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]
"ieuser.exe"="1"
"iexplore.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]
"YahooMusicEngine.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE]
"HelpPane.exe"="100000"
"WebBrowserServer.exe"="100000"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]
"dexplore.exe"="1"
"helppane.exe"="1"
"PresentationHost.exe"="0"
"devenv.exe"="0"
"sllauncher.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]
"msfeedssync.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]
"HelpPane.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IFRAME_MAILTO_THRESHOLD]
"devenv.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]
""=""
"msiexec.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]
"cs.exe"="1"
"waol.exe"="1"
"wm.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]
"iexplore.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]
"helppane.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]
"wlmail.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
"devenv.exe"="1"
"sllauncher.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]
"explorer.exe"="4"
"sllauncher.exe"="6"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]
"explorer.exe"="2"
"sllauncher.exe"="6"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]
"mshta.exe"="1"
"outlook.exe"="1"
"sidebar.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]
"explorer.exe"="0"
"iexplore.exe"="0"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]
"communicator.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
"devenv.exe"="1"
"sllauncher.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]
"msimn.exe"="1"
"prevhost.exe"="1"
"winmail.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]
"PresentationHost.exe"="1"
"sllauncher.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
"sllauncher.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SCRIPTURL_MITIGATION]
"devenv.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]
"prevhost.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]
"HelpPane.exe"="0"
"prevhost.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]
"PresentationHost.exe"="1"
"devenv.exe"="1"
"sllauncher.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]
"msimn.exe"="1"
"outlook.exe"="1"
"winmail.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]
"HelpPane.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]
"excel.exe"="1"
"infopath.exe"="1"
"powerpnt.exe"="1"
"winword.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE]
"HelpPane.exe"="1"
"devenv.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]
"msn.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]
"iexplore.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]
"explorer.exe"="1"
"iexplore.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
"OSPPREARM.EXE"="1"
"LICLUA.EXE"="1"
"OSE.EXE"="1"
"VSTOInstaller.exe"="1"

---------- | The Created last ones ¦ Modified

[MD5.00000000000000000000000000000000] - [06/06/2017 11:29:01] - |AD| - [2767262] - C:\Program Files (x86)\Apple Software Update
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [404969969] - C:\Program Files (x86)\Common Files
[MD5.5B8A2BA3138573583FF9E0158096EC48] - [04/06/2017 12:17:06] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini
[MD5.00000000000000000000000000000000] - [04/06/2017 16:58:20] - |AD| - [151454501] - C:\Program Files (x86)\Five Multiplayer
[MD5.00000000000000000000000000000000] - [19/06/2017 20:45:26] - |D| - [249073820] - C:\Program Files (x86)\GOG Galaxy
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [2005059] - C:\Program Files (x86)\Internet Explorer
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [44326103] - C:\Program Files (x86)\Microsoft.NET
[MD5.00000000000000000000000000000000] - [20/06/2017 10:23:05] - |D| - [285127] - C:\Program Files (x86)\Mozilla Maintenance Service
[MD5.00000000000000000000000000000000] - [11/06/2017 03:23:09] - |D| - [140143960] - C:\Program Files (x86)\MSBuild
[MD5.00000000000000000000000000000000] - [11/06/2017 03:23:09] - |D| - [1285503411] - C:\Program Files (x86)\Reference Assemblies
[MD5.00000000000000000000000000000000] - [15/06/2017 09:44:57] - |D| - [109864] - C:\Program Files (x86)\UDPixel
[MD5.00000000000000000000000000000000] - [12/06/2017 11:00:07] - |D| - [1099146] - C:\Program Files (x86)\VulkanRT
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [1720976] - C:\Program Files (x86)\Windows Defender
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [626688] - C:\Program Files (x86)\Windows Mail
[MD5.00000000000000000000000000000000] - [05/06/2017 08:58:30] - |D| - [3295897] - C:\Program Files (x86)\Windows Media Player
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [38784] - C:\Program Files (x86)\Windows Multimedia Platform
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [7569602] - C:\Program Files (x86)\Windows NT
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [5347168] - C:\Program Files (x86)\Windows Photo Viewer
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [38784] - C:\Program Files (x86)\Windows Portable Devices
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [2244361] - C:\Program Files (x86)\WindowsPowerShell
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [802] - C:\WINDOWS\addins
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [94172773] - C:\WINDOWS\appcompat
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [7892248] - C:\WINDOWS\apppatch
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [0] - C:\WINDOWS\AppReadiness
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |RSD| - [2666601563] - C:\WINDOWS\assembly
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [673125] - C:\WINDOWS\bcastdvr
[MD5.2352504AD79AF33EF21D4B4F217C1141] - [04/06/2017 12:09:18] - |A| - [64512] - C:\WINDOWS\bfsvc.exe
[MD5.00000000000000000000000000000000] - [05/06/2017 09:00:07] - |SHD| - [576523] - C:\WINDOWS\BitLockerDiscoveryVolumeContents
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [37468869] - C:\WINDOWS\Boot
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/06/2017 10:58:14] - |AS| - [67584] - C:\WINDOWS\bootstat.dat
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [2446344] - C:\WINDOWS\Branding
[MD5.9130CCE19B5DB3D2E31F9F789263FC4A] - [02/06/2017 13:11:17] - |A| - [511328] - C:\WINDOWS\capicom.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:03:09] - |D| - [0] - C:\WINDOWS\CbsTemp
[MD5.37D052D8AE871402DEB60CB9F319412F] - [12/06/2017 11:03:44] - |A| - [7159] - C:\WINDOWS\comsetup.log
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [11482410] - C:\WINDOWS\Cursors
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [3] - C:\WINDOWS\debug
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [58202897117] - C:\WINDOWS\DeliveryOptimization
[MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [12/06/2017 11:07:05] - |A| - [7623] - C:\WINDOWS\diagerr.xml
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [4772937] - C:\WINDOWS\diagnostics
[MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [12/06/2017 11:07:05] - |A| - [7623] - C:\WINDOWS\diagwrn.xml
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:44] - |D| - [0] - C:\WINDOWS\DigitalLocker
[MD5.46FF85C9A48A86F224B64672272EBD1E] - [20/06/2017 15:11:20] - |A| - [18587] - C:\WINDOWS\DirectX.log
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files
[MD5.10D2993828B2A91C975EC4CACEF3CE7B] - [04/06/2017 12:18:41] - |A| - [4176] - C:\WINDOWS\DtcInstall.log
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |HD| - [40832] - C:\WINDOWS\ELAMBKUP
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:44] - |D| - [0] - C:\WINDOWS\en-US
[MD5.7F5C3EE402F6C22FB4BD40BD71091BE0] - [04/06/2017 12:10:49] - |A| - [3876864] - C:\WINDOWS\explorer.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |RSD| - [444564848] - C:\WINDOWS\Fonts
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:44] - |D| - [109056] - C:\WINDOWS\fr-FR
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [46643311] - C:\WINDOWS\Globalization
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [71206283] - C:\WINDOWS\Help
[MD5.CBA65F502A4EB3A39655372AE1BED111] - [04/06/2017 12:10:02] - |A| - [1003008] - C:\WINDOWS\HelpPane.exe
[MD5.07C90A833C624B43E6D7B1D96EA1D006] - [04/06/2017 12:10:03] - |A| - [17920] - C:\WINDOWS\hh.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [173056880] - C:\WINDOWS\IME
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |RD| - [7768346] - C:\WINDOWS\ImmersiveControlPanel
[MD5.00000000000000000000000000000000] - [04/06/2017 12:14:48] - |D| - [109755344] - C:\WINDOWS\INF
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [1452092897] - C:\WINDOWS\InfusedApps
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [41503391] - C:\WINDOWS\InputMethod
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |SHD| - [4952536513] - C:\WINDOWS\Installer
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [94096] - C:\WINDOWS\L2Schemas
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [1132519] - C:\WINDOWS\LiveKernelReports
[MD5.00000000000000000000000000000000] - [04/06/2017 10:16:48] - |D| - [29482256] - C:\WINDOWS\Logs
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |RSD| - [20316123] - C:\WINDOWS\Media
[MD5.81040D47AC73DA548384AE74619D9716] - [07/06/2017 12:56:27] - |A| - [2627079862] - C:\WINDOWS\MEMORY.DMP
[MD5.23AF90D2355D8C83AA4567EF1763B467] - [04/06/2017 12:10:36] - |A| - [43131] - C:\WINDOWS\mib.bin
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |RD| - [1097522993] - C:\WINDOWS\Microsoft.NET
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [2751] - C:\WINDOWS\Migration
[MD5.00000000000000000000000000000000] - [18/06/2017 10:13:01] - |D| - [1930988] - C:\WINDOWS\Minidump
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [0] - C:\WINDOWS\ModemLogs
[MD5.8318A68067191C8B07C22085625569A8] - [04/06/2017 12:09:49] - |A| - [246272] - C:\WINDOWS\notepad.exe
[MD5.00000000000000000000000000000000] - [05/06/2017 08:59:11] - |D| - [199472] - C:\WINDOWS\OCR
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |RD| - [65] - C:\WINDOWS\Offline Web Pages
[MD5.00000000000000000000000000000000] - [09/06/2017 16:58:35] - |DC| - [533960940] - C:\WINDOWS\Panther
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [29924717] - C:\WINDOWS\Performance
[MD5.6685AAF05D045AB812FDFF17E23B0DB2] - [06/06/2017 11:32:08] - |A| - [127600] - C:\WINDOWS\PFRO.log
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [1136442] - C:\WINDOWS\PLA
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [7095130] - C:\WINDOWS\PolicyDefinitions
[MD5.00000000000000000000000000000000] - [12/06/2017 10:57:20] - |D| - [4502434] - C:\WINDOWS\Prefetch
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |RD| - [2155639] - C:\WINDOWS\PrintDialog
[MD5.CC700D9C2A31C811727762BF1BE44A01] - [05/06/2017 09:00:42] - |A| - [35524] - C:\WINDOWS\Professional.xml
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [3772566] - C:\WINDOWS\Provisioning
[MD5.374525D11E8BC8C435BA47528AA0B980] - [04/06/2017 12:10:32] - |A| - [335872] - C:\WINDOWS\regedit.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [1141084] - C:\WINDOWS\Registration
[MD5.00000000000000000000000000000000] - [05/06/2017 09:00:07] - |D| - [0] - C:\WINDOWS\RemotePackages
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [2407728] - C:\WINDOWS\rescache
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [4889721] - C:\WINDOWS\Resources
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [0] - C:\WINDOWS\SchCache
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [153150] - C:\WINDOWS\schemas
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [11430213] - C:\WINDOWS\security
[MD5.00000000000000000000000000000000] - [12/06/2017 11:47:22] - |D| - [63130619] - C:\WINDOWS\ServiceProfiles
[MD5.00000000000000000000000000000000] - [04/06/2017 10:16:43] - |D| - [39107737] - C:\WINDOWS\servicing
[MD5.00000000000000000000000000000000] - [04/06/2017 12:19:20] - |D| - [42] - C:\WINDOWS\Setup
[MD5.6F67C0B32FD505C9D80F6BF1BF458AAE] - [12/06/2017 10:57:46] - |A| - [20417] - C:\WINDOWS\setupact.log
[MD5.D060131CD55776F1C058590263CFF30E] - [12/06/2017 10:57:46] - |A| - [168] - C:\WINDOWS\setuperr.log
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [56435200] - C:\WINDOWS\ShellExperiences
[MD5.00000000000000000000000000000000] - [05/06/2017 08:58:46] - |D| - [3070736] - C:\WINDOWS\SKB
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [86037185] - C:\WINDOWS\Speech
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [58941157] - C:\WINDOWS\Speech_OneCore
[MD5.50B086ECF4977EE23DA0C13A2A63FF09] - [04/06/2017 12:10:47] - |A| - [130560] - C:\WINDOWS\splwow64.exe
[MD5.125F8862D2C1B4CB24BE6E10032580AB] - [12/06/2017 11:00:34] - |A| - [603] - C:\WINDOWS\Synaptics.log
[MD5.125F8862D2C1B4CB24BE6E10032580AB] - [12/06/2017 11:00:34] - |A| - [603] - C:\WINDOWS\Synaptics.PD.log
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [31039] - C:\WINDOWS\System
[MD5.00000000000000000000000000000000] - [04/06/2017 10:16:43] - |D| - [6208308586] - C:\WINDOWS\System32
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [197763400] - C:\WINDOWS\SystemApps
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [20015707] - C:\WINDOWS\SystemResources
[MD5.00000000000000000000000000000000] - [04/06/2017 10:16:48] - |D| - [1652988592] - C:\WINDOWS\SysWOW64
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\TAPI
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [34236782] - C:\WINDOWS\Temp
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [12401152] - C:\WINDOWS\TextInput
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\tracing
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [7680] - C:\WINDOWS\twain_32
[MD5.6B2EBA5FA1D2F1CA2B4C7982F4BF03CC] - [04/06/2017 12:11:07] - |A| - [65536] - C:\WINDOWS\twain_32.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [12420] - C:\WINDOWS\Vss
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [15729830] - C:\WINDOWS\Web
[MD5.C844CA459F3B209329984772269B6E56] - [04/06/2017 12:10:32] - |RAH| - [670] - C:\WINDOWS\WindowsShell.Manifest
[MD5.038356387332650843BCB352BB89A101] - [02/06/2017 23:26:17] - |A| - [275] - C:\WINDOWS\WindowsUpdate.log
[MD5.C2C4A9B3B9BC8217ABAFFEADC01AED6A] - [04/06/2017 12:11:05] - |A| - [10240] - C:\WINDOWS\winhlp32.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 10:16:43] - |D| - [6545421644] - C:\WINDOWS\WinSxS
[MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [04/06/2017 12:09:04] - |A| - [316640] - C:\WINDOWS\WMSysPr9.prx
[MD5.68F8EC9C848252D10B9746ADED25F003] - [04/06/2017 12:09:49] - |A| - [11264] - C:\WINDOWS\write.exe
[MD5.54FCF46D877C3B3FA8AB0495CB6B06BD] - [06/06/2017 11:10:44] - |A| - [43057152] - C:\WINDOWS\Installer\32ed8bd8.msi
[MD5.1B7C1FDDB641474AC4340CCE72AD90C3] - [06/06/2017 11:15:02] - |A| - [48156672] - C:\WINDOWS\Installer\32ed8da3.msi
[MD5.E5D5BE27EE42AA69A3C9C14B75502A97] - [06/06/2017 11:15:13] - |A| - [2420736] - C:\WINDOWS\Installer\32ed8e16.msi
[MD5.D74A72659B78CB88EB36EF3C35B1C6D2] - [06/06/2017 11:16:14] - |A| - [13926400] - C:\WINDOWS\Installer\32ed8e59.msi
[MD5.B86DB6386AA72E09CF30CB59C12FF295] - [06/06/2017 11:27:51] - |A| - [161579008] - C:\WINDOWS\Installer\32ed9db4.msi
[MD5.1993AE0487013B35934E92876D71E828] - [16/06/2017 03:30:22] - |A| - [10563584] - C:\WINDOWS\Installer\6727410.msi
[MD5.06EBC9A8AEEEAB5E789B01F181E87849] - [16/06/2017 03:30:22] - |A| - [1327104] - C:\WINDOWS\Installer\672742a.msi
[MD5.F1F6947687A9ED07138DFE4D9D0401CD] - [16/06/2017 03:41:24] - |A| - [540672] - C:\WINDOWS\Installer\6727450.msi
[MD5.A52B74B4854B989010BEBBAB7E56D705] - [16/06/2017 03:31:54] - |A| - [13729792] - C:\WINDOWS\Installer\672745d.msi
[MD5.00000000000000000000000000000000] - [21/06/2017 15:54:02] - |D| - [0] - C:\WINDOWS\Installer\MSIEF13.tmp-
[MD5.A39524EED7D2E23D92A53F956246DFE1] - [06/06/2017 11:29:20] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{0A596141-97D5-45FA-9281-98DFAF48D579}
[MD5.230DB3B716891ED0A51458257B0F9D61] - [06/06/2017 11:29:01] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{52D87F32-70E4-4348-8148-C0B9F35B1314}
[MD5.AC9939B12732DBFE01DF0C2B9FE01CF4] - [10/06/2017 15:02:06] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{5740BD44-B58D-321A-AFC0-6D3D4556DD6C}
[MD5.82887B4A0DBD7C02CC0B94B419B21644] - [06/06/2017 11:28:42] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}
[MD5.CAC4111BC29B7707F7DC92BCDE834FA3] - [10/06/2017 15:01:54] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{CB0836EC-B072-368D-82B2-D3470BF95707}
[MD5.0FD2FFE2738AFFD816B06A432FC1D8A0] - [06/06/2017 11:28:04] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}
[MD5.E2397A7635B8DC7808791D6C855FCCAE] - [06/06/2017 11:29:50] - |A| - [20480] - C:\WINDOWS\Installer\SourceHash{F0C7385A-9D20-45F3-8101-05D383885180}
[MD5.00000000000000000000000000000000] - [06/06/2017 11:29:22] - |D| - [287190] - C:\WINDOWS\Installer\{0A596141-97D5-45FA-9281-98DFAF48D579}
[MD5.00000000000000000000000000000000] - [06/06/2017 11:29:01] - |D| - [52350] - C:\WINDOWS\Installer\{52D87F32-70E4-4348-8148-C0B9F35B1314}
[MD5.00000000000000000000000000000000] - [06/06/2017 11:28:49] - |D| - [2238] - C:\WINDOWS\Installer\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}
[MD5.00000000000000000000000000000000] - [06/06/2017 11:28:30] - |D| - [2238] - C:\WINDOWS\Installer\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}
[MD5.00000000000000000000000000000000] - [06/06/2017 11:31:02] - |D| - [161331] - C:\WINDOWS\Installer\{F0C7385A-9D20-45F3-8101-05D383885180}
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:44] - |D| - [0] - C:\WINDOWS\system32\0409
[MD5.82C37C3E27020AF6C2E018E944284676] - [04/06/2017 12:09:49] - |A| - [308] - C:\WINDOWS\system32\@AudioToastIcon.png
[MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - [04/06/2017 12:09:24] - |A| - [450] - C:\WINDOWS\system32\@BackgroundAccessToastIcon.png
[MD5.3937359E324E15F6A7A7092D4DAEBD64] - [04/06/2017 12:10:07] - |A| - [199] - C:\WINDOWS\system32\@bitlockertoastimage.png
[MD5.2E04FA797218711D9ED5958CD2B656AB] - [04/06/2017 12:10:07] - |A| - [14791] - C:\WINDOWS\system32\@edptoastimage.png
[MD5.495C1F072039B434827A5FE0D9761E4D] - [04/06/2017 12:09:34] - |A| - [330] - C:\WINDOWS\system32\@EnrollmentToastIcon.png
[MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - [04/06/2017 12:10:11] - |A| - [563] - C:\WINDOWS\system32\@language_notification_icon.png
[MD5.A119D69B4C29845D3F8CE2E5638C8E65] - [04/06/2017 12:10:24] - |A| - [483] - C:\WINDOWS\system32\@optionalfeatures.png
[MD5.1622DE67156496C78D6B7BE9B471645B] - [04/06/2017 12:10:32] - |A| - [404] - C:\WINDOWS\system32\@VpnToastIcon.png
[MD5.7AC3EA1A5175106ED6467FF0C5315541] - [04/06/2017 12:10:47] - |A| - [15106] - C:\WINDOWS\system32\@WiFiNotificationIcon.png
[MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - [04/06/2017 12:09:34] - |A| - [714] - C:\WINDOWS\system32\@WindowsHelloFaceToastIcon.png
[MD5.F553B252FEC3134D4F5303D9B25298B3] - [04/06/2017 12:08:53] - |A| - [518] - C:\WINDOWS\system32\@WindowsUpdateToastIcon.png
[MD5.D0FCF781D0801ABF5F74B54E98076A5B] - [04/06/2017 12:09:25] - |A| - [155] - C:\WINDOWS\system32\@WwanNotificationIcon.png
[MD5.85D91E478AF18125007C531227FF6E59] - [04/06/2017 12:09:25] - |A| - [352] - C:\WINDOWS\system32\@WwanSimLockIcon.png
[MD5.0A80D47A4293E72621FBEDD4F1A50D55] - [04/06/2017 12:09:24] - |A| - [230912] - C:\WINDOWS\system32\aadauthhelper.dll
[MD5.100B89903545AFF1C7A35FF87084B809] - [04/06/2017 12:09:25] - |A| - [620032] - C:\WINDOWS\system32\aadcloudap.dll
[MD5.0540A51B8C2686DCA11FA9D479D66BE6] - [04/06/2017 12:09:52] - |A| - [59392] - C:\WINDOWS\system32\aadjcsp.dll
[MD5.7BCE90E75E87F40F6A639ABDA50C470D] - [04/06/2017 12:09:25] - |A| - [1188352] - C:\WINDOWS\system32\aadtb.dll
[MD5.87B86E85148682F89FA0C115A30437CC] - [04/06/2017 12:10:24] - |A| - [230912] - C:\WINDOWS\system32\AboutSettingsHandlers.dll
[MD5.EA9858F09FC2F66209C77ACDA7BF47FD] - [04/06/2017 12:10:11] - |A| - [311808] - C:\WINDOWS\system32\AboveLockAppHost.dll
[MD5.DEA67C3D0A8F0AA88B71BCB112CDE528] - [04/06/2017 12:09:43] - |A| - [3825664] - C:\WINDOWS\system32\accessibilitycpl.dll
[MD5.49D132BAA58A17B934AAD23515977F6B] - [05/06/2017 08:59:13] - |A| - [268800] - C:\WINDOWS\system32\accountaccessor.dll
[MD5.D85C85B5E9167F1E2D294C13F726B6DD] - [05/06/2017 08:59:13] - |A| - [434176] - C:\WINDOWS\system32\AccountsRt.dll
[MD5.BF7EF3C61FF782520BCE878C3989CE39] - [04/06/2017 12:10:44] - |A| - [327680] - C:\WINDOWS\system32\AcGenral.dll
[MD5.825F1527CA3E011B9320732864601887] - [04/06/2017 12:10:44] - |A| - [245248] - C:\WINDOWS\system32\AcLayers.dll
[MD5.FCA8956FBD2F95C089304C2F281B9FE0] - [04/06/2017 12:09:43] - |A| - [11264] - C:\WINDOWS\system32\acledit.dll
[MD5.15D49300A748CFB17C38D24BB8A4E00D] - [04/06/2017 12:09:47] - |A| - [5499392] - C:\WINDOWS\system32\aclui.dll
[MD5.D47735E452B2880D1939D49E90906B86] - [04/06/2017 12:10:44] - |A| - [171856] - C:\WINDOWS\system32\acmigration.dll
[MD5.A82AB0996C50E5ED2C9204670B4734EC] - [04/06/2017 12:09:25] - |A| - [190976] - C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
[MD5.550684AF16A9EED841521E26E8606873] - [04/06/2017 12:09:47] - |A| - [62464] - C:\WINDOWS\system32\acppage.dll
[MD5.B940B1FCB170E29A792FD9962886EE17] - [04/06/2017 12:09:49] - |A| - [12800] - C:\WINDOWS\system32\acproxy.dll
[MD5.6E84E941C59DA694ADAF72D67842B9FC] - [04/06/2017 12:10:44] - |A| - [56320] - C:\WINDOWS\system32\AcSpecfc.dll
[MD5.4B817C600C7E929B4A22FD61ACF7B76E] - [04/06/2017 12:10:02] - |A| - [316928] - C:\WINDOWS\system32\ActionCenter.dll
[MD5.7FBD431FD8B90C341FBD324E2B9170C3] - [04/06/2017 12:10:03] - |A| - [560128] - C:\WINDOWS\system32\ActionCenterCPL.dll
[MD5.6D47CD46FD20CC9EF49A8DD0959023CB] - [04/06/2017 12:10:32] - |A| - [215376] - C:\WINDOWS\system32\ActionQueue.dll
[MD5.294C7FD9F59D76E89E3AA704A298DB27] - [04/06/2017 12:09:22] - |A| - [35840] - C:\WINDOWS\system32\ActivationClient.dll
[MD5.53BBFE22135D5F700BC93F1368D04B39] - [04/06/2017 12:09:22] - |A| - [512512] - C:\WINDOWS\system32\ActivationManager.dll
[MD5.167ACFD8BCF28DEDE1E54660DC371E60] - [04/06/2017 12:09:47] - |A| - [265728] - C:\WINDOWS\system32\activeds.dll
[MD5.3E291A37DCE8125611BFC86DAA02E5FC] - [04/06/2017 12:09:47] - |A| - [112128] - C:\WINDOWS\system32\activeds.tlb
[MD5.797FAC7D78AB055571C77AF9390C9D1A] - [05/06/2017 08:59:13] - |A| - [97792] - C:\WINDOWS\system32\ActiveSyncCsp.dll
[MD5.11BBF15349BAAB16E55A83F2719A619A] - [05/06/2017 08:59:13] - |A| - [1775104] - C:\WINDOWS\system32\ActiveSyncProvider.dll
[MD5.4959453EE82CB1C7AD521AAD2FA02D14] - [04/06/2017 12:10:11] - |A| - [587776] - C:\WINDOWS\system32\actxprxy.dll
[MD5.58E01384AD0D2666FC67092B075B411F] - [04/06/2017 12:10:42] - |A| - [31744] - C:\WINDOWS\system32\AcWinRT.dll
[MD5.BE29A6000688D52E294F124E34274CE8] - [04/06/2017 12:10:44] - |A| - [14848] - C:\WINDOWS\system32\AcXtrnal.dll
[MD5.ED9B1362381643ABF535E45A79B2D2C3] - [04/06/2017 12:09:21] - |A| - [48128] - C:\WINDOWS\system32\AdaptiveCards.dll
[MD5.911A0E9DE262786C84372EC742E73445] - [04/06/2017 12:09:33] - |A| - [66560] - C:\WINDOWS\system32\AddressParser.dll
[MD5.DF743A98D0A4FFBBD61637B1D1D95348] - [04/06/2017 12:10:24] - |A| - [24064] - C:\WINDOWS\system32\adhapi.dll
[MD5.0DA900CCD9A3191EF9DAC483C25CFA2D] - [04/06/2017 12:10:24] - |A| - [71680] - C:\WINDOWS\system32\adhsvc.dll
[MD5.88A96E5027124A72816132AEE61D7769] - [04/06/2017 12:11:51] - |A| - [547840] - C:\WINDOWS\system32\AdmTmpl.dll
[MD5.67BEF6003ED91B109415486F64736CD7] - [04/06/2017 12:10:00] - |A| - [58368] - C:\WINDOWS\system32\adprovider.dll
[MD5.BE4BB23EDA22DE37AE03FF38B769E912] - [04/06/2017 12:11:48] - |A| - [133120] - C:\WINDOWS\system32\adrclient.dll
[MD5.1D629489621C7FCC4698BAEC080075CA] - [04/06/2017 12:09:49] - |A| - [246272] - C:\WINDOWS\system32\adsldp.dll
[MD5.74F86CD52964BC419F71735BE6856349] - [04/06/2017 12:09:43] - |A| - [251392] - C:\WINDOWS\system32\adsldpc.dll
[MD5.E3D3FF91DF1638C18DEDD795548F28FE] - [04/06/2017 12:09:43] - |A| - [98304] - C:\WINDOWS\system32\adsmsext.dll
[MD5.A493A96E6DE53D5DFD203EAE025C5CC1] - [04/06/2017 12:09:43] - |A| - [340992] - C:\WINDOWS\system32\adsnt.dll
[MD5.0FF3962F65C9B033AACA96B68663B8AB] - [04/06/2017 12:09:55] - |A| - [827392] - C:\WINDOWS\system32\adtschema.dll
[MD5.26FCC062CFAAF5E5A8300707008F1F87] - [04/06/2017 12:09:18] - |A| - [109568] - C:\WINDOWS\system32\AdvancedEmojiDS.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 10:16:48] - |D| - [3050320] - C:\WINDOWS\system32\AdvancedInstallers
[MD5.54AAC0286CA24178EC3ED63C47A527CD] - [04/06/2017 12:10:47] - |A| - [638952] - C:\WINDOWS\system32\advapi32.dll
[MD5.F028F5AEF2047248A2ABB25EDC0FAD75] - [04/06/2017 12:10:49] - |A| - [2560] - C:\WINDOWS\system32\advapi32res.dll
[MD5.EF8DBBA9559FB116838FE51BF312F986] - [04/06/2017 12:10:11] - |A| - [143360] - C:\WINDOWS\system32\advpack.dll
[MD5.E27F0E30572E57FBA8B0357CB0DA4D16] - [04/06/2017 12:09:47] - |A| - [30720] - C:\WINDOWS\system32\aeevts.dll
[MD5.72581264208BCC8C7B710E7C95E3483B] - [04/06/2017 12:09:47] - |A| - [791888] - C:\WINDOWS\system32\aeinv.dll
[MD5.3F7172826224127092D5153CDBF57049] - [04/06/2017 12:09:47] - |A| - [566272] - C:\WINDOWS\system32\aeinv2.dll
[MD5.376401AC2E3D63C3A5B787F89C4FA70F] - [04/06/2017 12:09:57] - |A| - [317776] - C:\WINDOWS\system32\aepic.dll
[MD5.7D59B9C0D2DF65318CA8F294F20EFA42] - [04/06/2017 12:11:48] - |A| - [1189888] - C:\WINDOWS\system32\AgentService.exe
[MD5.DD74BB075FB24D2D6F55B3100293D5CF] - [04/06/2017 12:09:47] - |A| - [2016256] - C:\WINDOWS\system32\aitstatic.exe
[MD5.77706D6CD4D6CB2E47B0FC34260044D1] - [04/06/2017 12:09:25] - |A| - [25088] - C:\WINDOWS\system32\AJRouter.dll
[MD5.A6663DD6E00041C1FEDFB3C1A2019134] - [04/06/2017 12:09:34] - |A| - [92672] - C:\WINDOWS\system32\alg.exe
[MD5.801404104FB38AB3F4E2F3BEBC52EABC] - [04/06/2017 12:09:42] - |A| - [5632] - C:\WINDOWS\system32\altspace.dll
[MD5.DBFE3F326E3E0F801EA7E751810DB685] - [05/06/2017 08:58:25] - |A| - [18944] - C:\WINDOWS\system32\amcompat.tlb
[MD5.1BB2FB8087C9C4D1DC4BD2D4EE62053B] - [04/06/2017 12:09:21] - |A| - [62464] - C:\WINDOWS\system32\amsi.dll
[MD5.ED075F2E9A48D6CECDEF847364F46E76] - [04/06/2017 12:09:21] - |A| - [14336] - C:\WINDOWS\system32\amsiproxy.dll
[MD5.C02709F4D8E735E4E1139755605B02C8] - [04/06/2017 12:09:21] - |A| - [95744] - C:\WINDOWS\system32\amstream.dll
[MD5.C40DF5163D21D5C521E0BA11F261E127] - [04/06/2017 12:10:47] - |A| - [33280] - C:\WINDOWS\system32\AnalogCommonProxyStub.dll
[MD5.587B7D479F8878F001A92FBFBFFE6209] - [04/06/2017 12:10:07] - |A| - [250368] - C:\WINDOWS\system32\apds.dll
[MD5.20646A6E2642322F3B176091E70CDB23] - [05/06/2017 08:59:13] - |A| - [70656] - C:\WINDOWS\system32\APHostClient.dll
[MD5.1053B5E117259627975F88A04906725A] - [05/06/2017 08:59:13] - |A| - [16384] - C:\WINDOWS\system32\APHostRes.dll
[MD5.DC0F911B8F97F9F5581738F670897A2C] - [05/06/2017 08:59:13] - |A| - [369152] - C:\WINDOWS\system32\APHostService.dll
[MD5.FAF9829F84D17225CEEC4C76193C57F0] - [04/06/2017 12:09:25] - |A| - [88576] - C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
[MD5.DF4AF73751146B10A9FC7EA7C43AC0D5] - [04/06/2017 12:10:47] - |A| - [106832] - C:\WINDOWS\system32\apisetschema.dll
[MD5.E21E74D118E16FF9BA42A6F87F34E9B0] - [04/06/2017 12:10:50] - |A| - [446124] - C:\WINDOWS\system32\ApnDatabase.xml
[MD5.3ED7524C4F044B00D13AEE59EE2CFEE1] - [04/06/2017 12:09:21] - |A| - [100352] - C:\WINDOWS\system32\AppCapture.dll
[MD5.2F87F5323C1C5FB740B2182E74CA9CBA] - [04/06/2017 12:09:22] - |A| - [913408] - C:\WINDOWS\system32\AppContracts.dll
[MD5.719FE556AD1038FBA80C4CB32E0448C5] - [04/06/2017 12:09:24] - |A| - [175104] - C:\WINDOWS\system32\AppExtension.dll
[MD5.C414F37DE8E8B86FE86E4A18681FEE64] - [04/06/2017 12:09:43] - |A| - [509952] - C:\WINDOWS\system32\apphelp.dll
[MD5.606C977179D019598333F0165F007A9A] - [04/06/2017 12:09:43] - |A| - [35840] - C:\WINDOWS\system32\Apphlpdm.dll
[MD5.C366401F06DF1489A659E836E255CB17] - [04/06/2017 12:09:24] - |A| - [104960] - C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
[MD5.F256E3DC94787AAD6B300942C2A73188] - [04/06/2017 12:09:47] - |A| - [59480] - C:\WINDOWS\system32\appidapi.dll
[MD5.7A44F4059E6060526C1633F75076AD8B] - [04/06/2017 12:09:47] - |A| - [18944] - C:\WINDOWS\system32\appidcertstorecheck.exe
[MD5.0467DA8AC3B312D2EBCBEB87BB65C995] - [04/06/2017 12:09:47] - |A| - [158720] - C:\WINDOWS\system32\appidpolicyconverter.exe
[MD5.D8E491143CEC7CED5E41CF9630194BA3] - [04/06/2017 12:11:51] - |A| - [412160] - C:\WINDOWS\system32\AppIdPolicyEngineApi.dll
[MD5.9D298185492632CA5B7DA84ED8E16D16] - [04/06/2017 12:09:47] - |A| - [120320] - C:\WINDOWS\system32\appidsvc.dll
[MD5.35068563EADEFD68A208654039574E1C] - [04/06/2017 12:09:47] - |A| - [24576] - C:\WINDOWS\system32\appidtel.exe
[MD5.EA80DA47855E5A370C78385A053E0984] - [04/06/2017 12:10:11] - |A| - [141824] - C:\WINDOWS\system32\appinfo.dll
[MD5.92484939A0F4E81144A975ECE11026B1] - [04/06/2017 12:10:11] - |A| - [11776] - C:\WINDOWS\system32\appinfoext.dll
[MD5.7865CF2BCA23067437433BAD43ADA28A] - [04/06/2017 12:09:42] - |A| - [655872] - C:\WINDOWS\system32\ApplicationFrame.dll
[MD5.10E9D27CCE8B625785FAAF09A7644E45] - [04/06/2017 12:09:37] - |A| - [65112] - C:\WINDOWS\system32\ApplicationFrameHost.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [0] - C:\WINDOWS\system32\AppLocker
[MD5.CF5D738EB8C18B8AE409060CCCD5C68B] - [04/06/2017 12:09:47] - |A| - [336896] - C:\WINDOWS\system32\AppLockerCSP.dll
[MD5.CEC44E7B79BA198E690808EB3E0F2ACF] - [04/06/2017 12:11:48] - |A| - [1128960] - C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
[MD5.10704C13B03D09114004BB007941DF8B] - [04/06/2017 12:11:48] - |A| - [149504] - C:\WINDOWS\system32\AppManagementConfiguration.dll
[MD5.1F46F3E38EC24382C62FE47F396B9C58] - [04/06/2017 12:11:51] - |A| - [196096] - C:\WINDOWS\system32\appmgmts.dll
[MD5.27E37B2717F7BF49A4C09C1C2EA9CFF8] - [04/06/2017 12:11:51] - |A| - [449536] - C:\WINDOWS\system32\appmgr.dll
[MD5.F39833C21DA5A80D7003607D9F33F623] - [04/06/2017 12:10:29] - |A| - [118272] - C:\WINDOWS\system32\AppMon.dll
[MD5.5B6D10E8BDD281BE36F2F545F9583877] - [04/06/2017 12:09:33] - |A| - [145920] - C:\WINDOWS\system32\AppointmentActivation.dll
[MD5.2CBFB8119D6C6863F2DA863AF763F620] - [04/06/2017 12:09:33] - |A| - [761856] - C:\WINDOWS\system32\AppointmentApis.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [2544487] - C:\WINDOWS\system32\appraiser
[MD5.940D5613025FEE2DC08A7BAEE8A417F0] - [04/06/2017 12:09:47] - |A| - [1575248] - C:\WINDOWS\system32\appraiser.dll
[MD5.FAFDE52483883E526F861B4E2980E0DD] - [04/06/2017 12:12:56] - |A| - [601088] - C:\WINDOWS\system32\AppReadiness.dll
[MD5.BAA7179949517B47F0F4D7C20839B438] - [04/06/2017 12:09:43] - |A| - [12288] - C:\WINDOWS\system32\apprepapi.dll
[MD5.8F32CC2923E2051063A37601D8B00FB8] - [04/06/2017 12:09:39] - |A| - [722104] - C:\WINDOWS\system32\AppResolver.dll
[MD5.D14C76A3914AD7419382DF325C2FF5BC] - [04/06/2017 12:10:47] - |A| - [230400] - C:\WINDOWS\system32\ApproveChildRequest.exe
[MD5.D4B79BF56721150CA650E809AC093A4E] - [04/06/2017 12:09:21] - |A| - [159232] - C:\WINDOWS\system32\appsruprov.dll
[MD5.00000000000000000000000000000000] - [05/06/2017 09:00:07] - |SD| - [289807] - C:\WINDOWS\system32\AppV
[MD5.0CD9392F119DDFD93462243CEA7DE000] - [04/06/2017 12:11:48] - |A| - [663376] - C:\WINDOWS\system32\AppVCatalog.dll
[MD5.BCB34B362D4D9198605DBE7C79EB11D4] - [04/06/2017 12:11:48] - |A| - [812368] - C:\WINDOWS\system32\AppVClient.exe
[MD5.A171AAA00C6FA9C945F061F3ED312E3F] - [04/06/2017 12:11:48] - |A| - [224256] - C:\WINDOWS\system32\AppvClientEventLog.dll
[MD5.D10C5CB827FAE4F9D010CFD899A1ABE9] - [04/06/2017 12:11:48] - |A| - [36176] - C:\WINDOWS\system32\AppVClientPS.dll
[MD5.40B2F7DA4FE5DC97387F34BAA527949B] - [04/06/2017 12:11:48] - |A| - [179024] - C:\WINDOWS\system32\AppVDllSurrogate.exe
[MD5.2D5E81425558C555455A7164C6A4356D] - [04/06/2017 12:11:48] - |A| - [808784] - C:\WINDOWS\system32\AppVEntStreamingManager.dll
[MD5.A884CE962C08D7381A53F182FC985E6F] - [04/06/2017 12:11:48] - |A| - [1411408] - C:\WINDOWS\system32\AppVEntSubsystemController.dll
[MD5.22441EB5DF3C7A0B040D90FB6C1397EF] - [04/06/2017 12:11:48] - |A| - [2215760] - C:\WINDOWS\system32\AppVEntSubsystems64.dll
[MD5.79CF2BD988AE28B61C681457BF8A9373] - [04/06/2017 12:11:48] - |A| - [1771856] - C:\WINDOWS\system32\AppVEntVirtualization.dll
[MD5.65E7DFF4C16C2A211BB8B2E7F4A71785] - [04/06/2017 12:11:48] - |A| - [133632] - C:\WINDOWS\system32\appvetwclientres.dll
[MD5.D9CA7B041E21E21E12CAF3831B12F551] - [04/06/2017 12:11:48] - |A| - [224256] - C:\WINDOWS\system32\appvetwsharedperformance.dll
[MD5.B8BD410FBC54798B9F744520E7499802] - [04/06/2017 12:11:48] - |A| - [13824] - C:\WINDOWS\system32\appvetwstreamingux.dll
[MD5.5DF4812E8B6D83BB3501775C08C8191C] - [04/06/2017 12:11:48] - |A| - [252752] - C:\WINDOWS\system32\AppVFileSystemMetadata.dll
[MD5.BAF3944168A4EB00D23B67F9F4B2F309] - [04/06/2017 12:11:48] - |A| - [1622864] - C:\WINDOWS\system32\AppVIntegration.dll
[MD5.5E92D3B97C07C2330536C66592DF3165] - [04/06/2017 12:11:48] - |A| - [959824] - C:\WINDOWS\system32\AppVManifest.dll
[MD5.7C2EF572644D0E3F2C9E7E04A39370D9] - [04/06/2017 12:11:48] - |A| - [167760] - C:\WINDOWS\system32\AppVNice.exe
[MD5.6E7E7BDED61E4AFCB754684C189B6DED] - [04/06/2017 12:11:48] - |A| - [819024] - C:\WINDOWS\system32\AppVOrchestration.dll
[MD5.C187BA162952CE6693F063BADFE8FD6A] - [04/06/2017 12:11:48] - |A| - [1046864] - C:\WINDOWS\system32\AppVPolicy.dll
[MD5.3E5D47F02871265AB5F13D113EB79C27] - [04/06/2017 12:11:48] - |A| - [637776] - C:\WINDOWS\system32\AppVPublishing.dll
[MD5.790AF3BFB63777CE212B0310BABF363E] - [04/06/2017 12:11:48] - |A| - [740176] - C:\WINDOWS\system32\AppVReporting.dll
[MD5.8CDD5176EE1FDE04C4F2056C39E5C1AC] - [04/06/2017 12:11:48] - |A| - [385360] - C:\WINDOWS\system32\AppVScripting.dll
[MD5.702CD180847C986E2349728355056C2C] - [04/06/2017 12:11:48] - |A| - [11088] - C:\WINDOWS\system32\AppVSentinel.dll
[MD5.7125F27008EA8C8124203197A67ABEB8] - [04/06/2017 12:11:48] - |A| - [226640] - C:\WINDOWS\system32\AppVShNotify.exe
[MD5.B6772DFDF33446D29EEE6BAD08A99113] - [04/06/2017 12:11:48] - |A| - [198480] - C:\WINDOWS\system32\AppVStreamingUX.dll
[MD5.308A587F647B1C31A3A774FE1D2A420A] - [04/06/2017 12:11:48] - |A| - [223056] - C:\WINDOWS\system32\AppVStreamMap.dll
[MD5.A1AE0088141EDC4A96FDC372512E6686] - [04/06/2017 12:11:48] - |A| - [15696] - C:\WINDOWS\system32\AppVTerminator.dll
[MD5.1B4CE0BA8D73D07B6D26BD2A8F7DC916] - [04/06/2017 12:09:58] - |A| - [821760] - C:\WINDOWS\system32\appwiz.cpl
[MD5.4C5484706522D80E67CA6FF9208876F1] - [04/06/2017 12:10:44] - |A| - [230224] - C:\WINDOWS\system32\AppxAllUserStore.dll
[MD5.A27109DBC0339E2062BC906F829EEF6C] - [04/06/2017 12:10:44] - |A| - [194560] - C:\WINDOWS\system32\AppXApplicabilityBlob.dll
[MD5.20876D3A2D8B2F2DE0C6E82AAADB7967] - [04/06/2017 12:09:25] - |A| - [619520] - C:\WINDOWS\system32\AppxApplicabilityEngine.dll
[MD5.4D022B8BA6504C5D030D3919744F2207] - [04/06/2017 12:09:34] - |A| - [675624] - C:\WINDOWS\system32\AppXDeploymentClient.dll
[MD5.713BF8E70BB6B5C82B16EB97769D8BD9] - [04/06/2017 12:10:44] - |A| - [1440256] - C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
[MD5.CA95C79DAEBC5EF609D3513A413E4660] - [04/06/2017 12:10:44] - |A| - [2134016] - C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
[MD5.9C2E3D9E5FE91D9E647C03DCCA27D961] - [04/06/2017 12:10:44] - |A| - [2892288] - C:\WINDOWS\system32\AppXDeploymentServer.dll
[MD5.A5F664289B42FCBA03B5108A1D52339A] - [04/06/2017 12:09:34] - |A| - [1349968] - C:\WINDOWS\system32\AppxPackaging.dll
[MD5.331C418378E2F0B02E0EBC968006986C] - [04/06/2017 12:10:44] - |A| - [2778] - C:\WINDOWS\system32\AppxProvisioning.xml
[MD5.9625BA53FB27A569899028064335E92C] - [04/06/2017 12:09:30] - |A| - [182272] - C:\WINDOWS\system32\AppxSip.dll
[MD5.FCF66FDBE4AA9E6777359BBA553D84D1] - [04/06/2017 12:09:34] - |A| - [19456] - C:\WINDOWS\system32\AppxStreamingDataSourcePS.dll
[MD5.E8876807B388F061C3663565083D45CA] - [04/06/2017 12:10:44] - |A| - [125440] - C:\WINDOWS\system32\AppxSysprep.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [280064] - C:\WINDOWS\system32\ar-SA
[MD5.34EEDD0950D1AA6B02CFBAD1A91A52D7] - [04/06/2017 12:09:34] - |A| - [25600] - C:\WINDOWS\system32\ARP.EXE
[MD5.F76371DD48660A5F13DF5F93FD1D9AC1] - [04/06/2017 12:09:04] - |A| - [2560] - C:\WINDOWS\system32\asferror.dll
[MD5.77D73B12F7653677287CA7BBA22B8A9C] - [04/06/2017 12:12:49] - |A| - [30912] - C:\WINDOWS\system32\aspnet_counters.dll
[MD5.30EC6A3301B36242B88B51D6E99F9153] - [04/06/2017 12:11:53] - |A| - [250880] - C:\WINDOWS\system32\AssignedAccessCsp.dll
[MD5.7496DA096CC1FEB8954653D4D44D4B85] - [04/06/2017 12:11:53] - |A| - [337920] - C:\WINDOWS\system32\AssignedAccessManager.dll
[MD5.5783FF16E805366DB093004679E0A3C1] - [04/06/2017 12:11:53] - |A| - [361472] - C:\WINDOWS\system32\assignedaccessmanagersvc.dll
[MD5.9B3C70D7C49D1DBDFB791AC8EEF83074] - [04/06/2017 12:10:24] - |A| - [87552] - C:\WINDOWS\system32\asycfilt.dll
[MD5.E9A82F60DD4D77CFAFE3F426804B0BA3] - [04/06/2017 12:10:36] - |A| - [30208] - C:\WINDOWS\system32\at.exe
[MD5.3607BDADCEBF11E176E0F73FB7D4A535] - [04/06/2017 12:09:49] - |A| - [60928] - C:\WINDOWS\system32\AtBroker.exe
[MD5.3BA818DB3ACA4A4983C96066C957CBF3] - [04/06/2017 12:10:42] - |A| - [97280] - C:\WINDOWS\system32\atl.dll
[MD5.585C83FC2DCC78557F9033E3FAE0B9BD] - [04/06/2017 12:09:25] - |A| - [36864] - C:\WINDOWS\system32\atlthunk.dll
[MD5.EA0D6FF34E1006BB605724674A0EE01D] - [04/06/2017 12:10:00] - |A| - [377168] - C:\WINDOWS\system32\atmfd.dll
[MD5.9834C77E4F66A394DA15CEB38CE863A5] - [04/06/2017 12:10:00] - |A| - [47104] - C:\WINDOWS\system32\atmlib.dll
[MD5.4C3E93761E184BF3D6B1E5111E202276] - [04/06/2017 12:09:34] - |A| - [20992] - C:\WINDOWS\system32\attrib.exe
[MD5.5C0B92A193A6A557C3D51C987CB9EA8F] - [04/06/2017 12:09:21] - |A| - [611632] - C:\WINDOWS\system32\audiodg.exe
[MD5.A9114D32743DE94885B50C34BF698F65] - [04/06/2017 12:09:21] - |A| - [651264] - C:\WINDOWS\system32\AudioEndpointBuilder.dll
[MD5.DDC713A30E963C70B473BB8C36D9FA85] - [04/06/2017 12:09:21] - |A| - [1403920] - C:\WINDOWS\system32\AudioEng.dll
[MD5.17FAA5FD9A831DE12039137F1DFDFF52] - [04/06/2017 12:09:21] - |A| - [389016] - C:\WINDOWS\system32\AUDIOKSE.dll
[MD5.9097A9E9CF4E31A7C9D037530E6CF213] - [04/06/2017 12:09:21] - |A| - [1147224] - C:\WINDOWS\system32\AudioSes.dll
[MD5.0A3DA30B9F56AD18464EB7A594FE9686] - [04/06/2017 12:09:21] - |A| - [1533952] - C:\WINDOWS\system32\audiosrv.dll
[MD5.060157C5AA09CE0AF0CF36AF1768F920] - [04/06/2017 12:09:21] - |A| - [254160] - C:\WINDOWS\system32\AudioSrvPolicyManager.dll
[MD5.16AB226A40A9D5C183DE1C11DA5B18BB] - [04/06/2017 12:10:32] - |A| - [203264] - C:\WINDOWS\system32\auditcse.dll
[MD5.8453C84523E09B5A30DD3AEA182D3A56] - [04/06/2017 12:11:51] - |A| - [222720] - C:\WINDOWS\system32\AuditNativeSnapIn.dll
[MD5.36682CE2BC46098451C7794A3AA9FD0A] - [04/06/2017 12:09:37] - |A| - [34816] - C:\WINDOWS\system32\auditpol.exe
[MD5.32714935AC14ABF79C7C5EE3612E03AE] - [04/06/2017 12:09:37] - |A| - [71168] - C:\WINDOWS\system32\auditpolcore.dll
[MD5.25FD54DF91E17A5420650731A1BB88E0] - [04/06/2017 12:11:51] - |A| - [71680] - C:\WINDOWS\system32\AuditPolicyGPInterop.dll
[MD5.C012444D2516583673C8995ED0E15AC2] - [04/06/2017 12:11:51] - |A| - [95744] - C:\WINDOWS\system32\auditpolmsg.dll
[MD5.A60980F08298844BCC927A02791D1F61] - [04/06/2017 12:09:24] - |A| - [199168] - C:\WINDOWS\system32\AuthBroker.dll
[MD5.640A04C73CD97755ABE0C8451B6C5F2D] - [04/06/2017 12:10:42] - |A| - [111104] - C:\WINDOWS\system32\AuthBrokerUI.dll
[MD5.F4857A61104A60551011E7BB91EF4240] - [04/06/2017 12:10:32] - |A| - [64512] - C:\WINDOWS\system32\AuthExt.dll
[MD5.745600A502A23BA5EEC2EC64C8DE0237] - [04/06/2017 12:10:27] - |A| - [550400] - C:\WINDOWS\system32\authfwcfg.dll
[MD5.3B46B0BDC0C71026D867AD513C9ED2C3] - [04/06/2017 12:10:03] - |A| - [304640] - C:\WINDOWS\system32\AuthFWGP.dll
[MD5.86688E26B110DA3F8C7F45C31F76D57F] - [04/06/2017 12:10:03] - |A| - [5101056] - C:\WINDOWS\system32\AuthFWSnapin.dll
[MD5.B95B3C97FF3B9EFA12BAC7A825DC6F72] - [04/06/2017 12:10:03] - |A| - [112640] - C:\WINDOWS\system32\AuthFWWizFwk.dll
[MD5.8879C41D65687406AC19E63FD0BC35BD] - [04/06/2017 12:09:37] - |A| - [130712] - C:\WINDOWS\system32\AuthHost.exe
[MD5.B9D51A31DFBF754A69A21DCFEB2F3A55] - [04/06/2017 12:09:37] - |A| - [18944] - C:\WINDOWS\system32\AuthHostProxy.dll
[MD5.6AB6BC71C36FC5CFA843A0826D981BD6] - [04/06/2017 12:10:44] - |A| - [484352] - C:\WINDOWS\system32\authui.dll
[MD5.9AC431009C4F6AA05FABEC8E86A0D7FF] - [04/06/2017 12:09:55] - |A| - [288256] - C:\WINDOWS\system32\authz.dll
[MD5.5BC8D503D267AD08256E8D585D74CC9E] - [04/06/2017 12:09:54] - |A| - [971264] - C:\WINDOWS\system32\autochk.exe
[MD5.32C7D358B9AB1BADDD53F26E408DEC55] - [04/06/2017 12:09:52] - |A| - [952832] - C:\WINDOWS\system32\autoconv.exe
[MD5.6A819C255709CFD96261E42FF86AB262] - [04/06/2017 12:09:54] - |A| - [924672] - C:\WINDOWS\system32\autofmt.exe
[MD5.9399F0D0C19CEBE7BB8D970637FBB1D8] - [04/06/2017 12:10:00] - |A| - [163840] - C:\WINDOWS\system32\autoplay.dll
[MD5.C03F0062C0749CDB59A4D60862C3E83E] - [04/06/2017 12:09:18] - |A| - [138092] - C:\WINDOWS\system32\AverageRoom.bin
[MD5.C49E340F5699429A11B37EB358DE6F2A] - [04/06/2017 12:09:18] - |A| - [79360] - C:\WINDOWS\system32\avicap32.dll
[MD5.E2B3E8B9A8EF48905665CFBD11E7CF70] - [04/06/2017 12:09:18] - |A| - [113664] - C:\WINDOWS\system32\avifil32.dll
[MD5.0F603D9DF9ADBE7F0F92918E8F6A3F5E] - [04/06/2017 12:09:21] - |A| - [25880] - C:\WINDOWS\system32\avrt.dll
[MD5.D6222FECD5B96E13C904B2992F2AF160] - [04/06/2017 12:10:11] - |A| - [110592] - C:\WINDOWS\system32\AxInstSv.dll
[MD5.BD6F9C6F1A4EDFA7FD2AA0FA46DE2A8D] - [04/06/2017 12:10:11] - |A| - [60416] - C:\WINDOWS\system32\AxInstUI.exe
[MD5.C5B3E109B3B88B0CC420304EA7BF6B70] - [04/06/2017 12:10:32] - |A| - [41587] - C:\WINDOWS\system32\azman.msc
[MD5.F809C0C7F408F6E434E38EDC6C2C702C] - [04/06/2017 12:09:47] - |A| - [891392] - C:\WINDOWS\system32\azroles.dll
[MD5.F67FBA2C0EF7FF3D8F3904E0B0BAFDFA] - [04/06/2017 12:10:32] - |A| - [436736] - C:\WINDOWS\system32\azroleui.dll
[MD5.971A1742E80FBC79EAC96908526A02B9] - [04/06/2017 12:09:47] - |A| - [30720] - C:\WINDOWS\system32\AzSqlExt.dll
[MD5.491678291CB373F4991F6350832A647B] - [04/06/2017 12:09:24] - |A| - [1922048] - C:\WINDOWS\system32\AzureSettingSyncProvider.dll
[MD5.1D3D60A4482B448573BB99714BC59B08] - [04/06/2017 12:13:01] - |A| - [112640] - C:\WINDOWS\system32\baaupdate.exe
[MD5.8A26AFF9ACF5E6F1305DE793A33E0FE2] - [04/06/2017 12:09:43] - |A| - [67584] - C:\WINDOWS\system32\BackgroundMediaPolicy.dll
[MD5.D0321CF11D3506C4221686CB72CDEC79] - [04/06/2017 12:09:30] - |A| - [15184] - C:\WINDOWS\system32\backgroundTaskHost.exe
[MD5.485F3ADB2B14D4D068E46B3104B4D8E0] - [04/06/2017 12:09:24] - |A| - [36864] - C:\WINDOWS\system32\BackgroundTransferHost.exe
[MD5.5D38EA70D71C142F76A760BB48E1C41C] - [04/06/2017 12:10:42] - |A| - [15360] - C:\WINDOWS\system32\BamSettingsClient.dll
[MD5.9A87205AC824FDFE8108F9FEF0462713] - [04/06/2017 12:10:44] - |A| - [89600] - C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
[MD5.DD010B9A6B8B1492BA36946F306F4E49] - [04/06/2017 12:10:36] - |A| - [200528] - C:\WINDOWS\system32\basecsp.dll
[MD5.FD41D8FBEEF01A850ACC0DFB4FC7BEA9] - [04/06/2017 12:09:57] - |A| - [64000] - C:\WINDOWS\system32\basesrv.dll
[MD5.1F86D658327C202C98F36A64D6636E8C] - [04/06/2017 12:10:50] - |A| - [1669120] - C:\WINDOWS\system32\batmeter.dll
[MD5.43BEE76D6BFB32E48DF2B7DF356C4284] - [04/06/2017 12:09:21] - |A| - [1061888] - C:\WINDOWS\system32\bcastdvr.exe
[MD5.E0D2713002F4640B9EC1E577D6CADE3C] - [04/06/2017 12:09:24] - |A| - [286208] - C:\WINDOWS\system32\bcastdvr.proxy.dll
[MD5.1DF58E32BB085624DC55C35BB380863A] - [04/06/2017 12:09:24] - |A| - [514048] - C:\WINDOWS\system32\BcastDVRBroker.dll
[MD5.7FCD11A25E34E7E765F5088D063101C7] - [04/06/2017 12:09:24] - |A| - [324096] - C:\WINDOWS\system32\BcastDVRClient.dll
[MD5.E152AB18D8849510B4A4596F153B5916] - [04/06/2017 12:09:24] - |A| - [190976] - C:\WINDOWS\system32\BcastDVRCommon.dll
[MD5.88906583F1E8338889AFB7382FCD0992] - [04/06/2017 12:09:58] - |A| - [114184] - C:\WINDOWS\system32\bcd.dll
[MD5.12AC1AFD6DACCBCD7EF4C1311142147B] - [04/06/2017 12:09:17] - |A| - [208384] - C:\WINDOWS\system32\bcdboot.exe
[MD5.1BECE84E0FCDA970105DA226118C4199] - [04/06/2017 12:09:18] - |A| - [455680] - C:\WINDOWS\system32\bcdedit.exe
[MD5.0F8E8FE5E879346784BA77F627A06577] - [04/06/2017 12:09:18] - |A| - [76800] - C:\WINDOWS\system32\bcdprov.dll
[MD5.7A8105B029BD95D70EFBB200F70A26FC] - [04/06/2017 12:09:18] - |A| - [87552] - C:\WINDOWS\system32\bcdsrv.dll
[MD5.AF3A9C4B4B4E3936AA643F56875AADA6] - [04/06/2017 12:09:34] - |A| - [418928] - C:\WINDOWS\system32\BCP47Langs.dll
[MD5.9AC8F5ED7657A842EFD64D4E4C401980] - [04/06/2017 12:09:57] - |A| - [131800] - C:\WINDOWS\system32\bcrypt.dll
[MD5.3B20CB3AB6B1A6663E27D6633294F150] - [04/06/2017 12:09:58] - |A| - [456104] - C:\WINDOWS\system32\bcryptprimitives.dll
[MD5.A9A05E5BF9A383F77A25B0391B20C28E] - [04/06/2017 12:10:40] - |A| - [94208] - C:\WINDOWS\system32\bdaplgin.ax
[MD5.18576D080AB132002671BF08D9C41FC6] - [04/06/2017 12:13:01] - |A| - [364544] - C:\WINDOWS\system32\bdechangepin.exe
[MD5.1B9B95190A271D0C7936B1E6B4D3300B] - [04/06/2017 12:13:01] - |A| - [132608] - C:\WINDOWS\system32\BdeHdCfg.exe
[MD5.7124FB97BA6DE984DE611E69BA3E55C8] - [04/06/2017 12:13:01] - |A| - [102400] - C:\WINDOWS\system32\BdeHdCfgLib.dll
[MD5.66755E7AEB7B37895907CB47DDC7AABC] - [04/06/2017 12:12:53] - |A| - [49152] - C:\WINDOWS\system32\bderepair.dll
[MD5.254EA1AED5FF3208E922EB392B11D95D] - [04/06/2017 12:12:53] - |A| - [386048] - C:\WINDOWS\system32\bdesvc.dll
[MD5.0E2DA1B09715DF354882C18B93678280] - [04/06/2017 12:13:01] - |A| - [11264] - C:\WINDOWS\system32\BdeSysprep.dll
[MD5.2AEAEEDD494FC8B4160BDA4F55C83967] - [04/06/2017 12:12:53] - |A| - [34304] - C:\WINDOWS\system32\bdeui.dll
[MD5.F970E2F1E005F593CDDF5EE064C877EC] - [04/06/2017 12:12:53] - |A| - [52736] - C:\WINDOWS\system32\BdeUISrv.exe
[MD5.61DA4C9459925CCE59FB57CCDEB2E8B5] - [04/06/2017 12:12:53] - |A| - [282576] - C:\WINDOWS\system32\bdeunlock.exe
[MD5.8A8AA7AEFAFD091F5824BEA22F4F9B15] - [04/06/2017 12:09:30] - |A| - [828928] - C:\WINDOWS\system32\BFE.DLL
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [262656] - C:\WINDOWS\system32\bg-BG
[MD5.12AB393C6109B4310AFA551CECBF9ECB] - [04/06/2017 12:09:34] - |A| - [29696] - C:\WINDOWS\system32\bi.dll
[MD5.18E2E343126584C1FA601E3F2DE16672] - [04/06/2017 12:10:49] - |A| - [64000] - C:\WINDOWS\system32\bidispl.dll
[MD5.BDE6723977FDE4907564E064F404BBFA] - [04/06/2017 12:10:16] - |A| - [321024] - C:\WINDOWS\system32\BingASDS.dll
[MD5.7A28E7DAB1476C7EDFD2DE3B37BE5802] - [04/06/2017 12:10:16] - |A| - [63488] - C:\WINDOWS\system32\BingFilterDS.dll
[MD5.5E9A6F2548EBA7326CAC8127980981EE] - [04/06/2017 12:09:29] - |A| - [8524288] - C:\WINDOWS\system32\BingMaps.dll
[MD5.8CFC7EE8F89FE6BD5ABD1B007931617D] - [04/06/2017 12:09:29] - |A| - [752640] - C:\WINDOWS\system32\BingOnlineServices.dll
[MD5.979C9640D585D39A18089AE396FBA249] - [04/06/2017 12:09:37] - |A| - [308224] - C:\WINDOWS\system32\BioCredProv.dll
[MD5.3D523A6CD0785A9F2E9A5FA29C6A4D96] - [04/06/2017 12:09:37] - |A| - [394640] - C:\WINDOWS\system32\BioIso.exe
[MD5.B0BC2F494820F34CCF4240676FFFDCAF] - [04/06/2017 12:09:34] - |A| - [883200] - C:\WINDOWS\system32\bisrv.dll
[MD5.00D1CBCFF7B890A3D913959DDA524B28] - [04/06/2017 12:10:02] - |A| - [180736] - C:\WINDOWS\system32\BitLockerCsp.dll
[MD5.DFE239C81F8C407C9BAC3E9E02867489] - [04/06/2017 12:12:53] - |A| - [139264] - C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
[MD5.4E59C3E0086E1E634AEC0A8DB37AB92D] - [04/06/2017 12:13:01] - |A| - [101888] - C:\WINDOWS\system32\BitLockerWizard.exe
[MD5.E3665C3ECDAC5BFC711D745119F6EE2F] - [04/06/2017 12:13:01] - |A| - [101888] - C:\WINDOWS\system32\BitLockerWizardElev.exe
[MD5.D475129609DFB409C54B7529FFDACEC9] - [04/06/2017 12:09:54] - |A| - [203264] - C:\WINDOWS\system32\bitsadmin.exe
[MD5.17A6D6857FA394AB1E7F155A9C4FF33A] - [04/06/2017 12:09:52] - |A| - [55296] - C:\WINDOWS\system32\bitsigd.dll
[MD5.F359985C431E18187A249123AFC9457E] - [04/06/2017 12:09:25] - |A| - [25088] - C:\WINDOWS\system32\bitsperf.dll
[MD5.EA8BB15D670D51D7449B1AB51507B325] - [04/06/2017 12:09:24] - |A| - [58880] - C:\WINDOWS\system32\BitsProxy.dll
[MD5.0118A25D6F03BA19AA244CA05F916247] - [04/06/2017 12:09:34] - |A| - [328576] - C:\WINDOWS\system32\biwinrt.dll
[MD5.4524016CAB0CDF2DE9F387D1BE05D27E] - [04/06/2017 12:12:40] - |A| - [77824] - C:\WINDOWS\system32\BlbEvents.dll
[MD5.B0EBCAB4C75C5048BBC8D8CC1DCE7057] - [04/06/2017 12:13:06] - |A| - [2560] - C:\WINDOWS\system32\blbres.dll
[MD5.92C38E3C76354507E406197AE5C9CF75] - [04/06/2017 12:13:06] - |A| - [66560] - C:\WINDOWS\system32\blb_ps.dll
[MD5.E2F197C7B3E09D84FA919635AE014925] - [04/06/2017 12:09:37] - |A| - [182272] - C:\WINDOWS\system32\BluetoothApis.dll
[MD5.166AC3E0EFFF2539959AC42A01B4E1C5] - [04/06/2017 12:10:24] - |A| - [64512] - C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
[MD5.EFBC8D0C262271F7F46DFF0B081703B5] - [04/06/2017 12:09:37] - |A| - [20992] - C:\WINDOWS\system32\bnmanager.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [4709264] - C:\WINDOWS\system32\Boot
[MD5.22D9945B4AAE36DD59620A918F2E65F4] - [04/06/2017 12:10:42] - |A| - [3170304] - C:\WINDOWS\system32\boot.sdi
[MD5.8D5D74B686FC9E001994C8CEA148B8EF] - [04/06/2017 12:09:21] - |A| - [92160] - C:\WINDOWS\system32\bootcfg.exe
[MD5.BBED8421E1BDF5ADE35B139FCEE07106] - [04/06/2017 12:12:56] - |A| - [25600] - C:\WINDOWS\system32\bootim.exe
[MD5.058E31958168C53E44C15ADA5EE1E3EB] - [04/06/2017 12:10:44] - |A| - [604672] - C:\WINDOWS\system32\BootMenuUX.dll
[MD5.22F0AFD1CC93E8242B31E08F1C3A1342] - [04/06/2017 12:09:18] - |A| - [101712] - C:\WINDOWS\system32\bootsect.exe
[MD5.FF3E5575C14A8822237B7EE3E9664580] - [04/06/2017 12:09:54] - |A| - [3072] - C:\WINDOWS\system32\bootstr.dll
[MD5.BCEAA610E9B46F536A2C5248C54ECB71] - [04/06/2017 12:12:56] - |A| - [3756032] - C:\WINDOWS\system32\bootux.dll
[MD5.D17D19670BDCC11237F3D2F1963FEB3E] - [04/06/2017 12:09:57] - |A| - [21840] - C:\WINDOWS\system32\BOOTVID.DLL
[MD5.405E1EF8E3C88E9BCD2853382BB12430] - [04/06/2017 12:10:36] - |A| - [22984] - C:\WINDOWS\system32\bopomofo.uce
[MD5.B0EED76E55CDF0DF4FC040A2F279271E] - [04/06/2017 12:10:06] - |A| - [2560] - C:\WINDOWS\system32\bridgeres.dll
[MD5.D39F017D820C4DF7E457341625AB0961] - [04/06/2017 12:10:06] - |A| - [19968] - C:\WINDOWS\system32\bridgeunattend.exe
[MD5.220A4E6165BD29EC2850607AA7C2E508] - [04/06/2017 12:09:30] - |A| - [251904] - C:\WINDOWS\system32\BrokerLib.dll
[MD5.D31B9A1CD10DF9F087C0021FA422EFA8] - [04/06/2017 12:09:08] - |A| - [57344] - C:\WINDOWS\system32\browcli.dll
[MD5.D59AB450DFA0834F75AAFC6AA6C60922] - [04/06/2017 12:09:09] - |A| - [133632] - C:\WINDOWS\system32\browser.dll
[MD5.A30A47722D36F6A5198FBF2D33D5F75F] - [04/06/2017 12:08:54] - |A| - [214352] - C:\WINDOWS\system32\browserbroker.dll
[MD5.A43AB519F891F143DF43893D83C8E706] - [04/06/2017 12:08:57] - |A| - [329728] - C:\WINDOWS\system32\browserexport.exe
[MD5.BC6F9475F52276C99E15807318D5653B] - [04/06/2017 12:10:47] - |A| - [153600] - C:\WINDOWS\system32\BrowserSettingSync.dll
[MD5.47024340A17C8D3C2ACB327B9AD68087] - [04/06/2017 12:08:54] - |A| - [28496] - C:\WINDOWS\system32\browser_broker.exe
[MD5.5820A79DEC2CB83FD2CE22C073281426] - [04/06/2017 12:10:32] - |A| - [14336] - C:\WINDOWS\system32\browseui.dll
[MD5.6FBD084A9D0894D2A867E8E5DD655E3B] - [04/06/2017 12:09:52] - |A| - [114176] - C:\WINDOWS\system32\bthci.dll
[MD5.FBF23EAAD9D92B6EFF188CFA406C3D17] - [04/06/2017 12:08:45] - |A| - [456704] - C:\WINDOWS\system32\BthHFSrv.dll
[MD5.143466A3720CBE876B42762167CC02E8] - [04/06/2017 12:10:00] - |A| - [32768] - C:\WINDOWS\system32\BthMtpContextHandler.dll
[MD5.6A66613C59D78328993ED2D23D224E2E] - [04/06/2017 12:09:49] - |A| - [31232] - C:\WINDOWS\system32\bthpanapi.dll
[MD5.B62FE02B3D13A03CCAFB4213922C6B3C] - [04/06/2017 12:09:54] - |A| - [184832] - C:\WINDOWS\system32\BthpanContextHandler.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [103] - C:\WINDOWS\system32\Bthprops
[MD5.CF6AB886D8F9AD59DD46D4D3F39BB3E8] - [04/06/2017 12:09:52] - |A| - [250880] - C:\WINDOWS\system32\bthprops.cpl
[MD5.CAD046C7A890DB6B9819FBC375777866] - [04/06/2017 12:09:34] - |A| - [102912] - C:\WINDOWS\system32\BthRadioMedia.dll
[MD5.88FA6A48F46CCB5D5EF42784FF76D1EE] - [04/06/2017 12:09:34] - |A| - [154624] - C:\WINDOWS\system32\bthserv.dll
[MD5.71187A35600AE7C2F9CFC86FCE85B11C] - [04/06/2017 12:09:37] - |A| - [33280] - C:\WINDOWS\system32\BthTelemetry.dll
[MD5.E4B80DFD428C6E6CDFFE2811259ECD4A] - [04/06/2017 12:09:54] - |A| - [40448] - C:\WINDOWS\system32\bthudtask.exe
[MD5.2D9446645F72AE68A956996D1AA3F436] - [04/06/2017 12:09:54] - |A| - [124928] - C:\WINDOWS\system32\btpanui.dll
[MD5.1B031E3F193578FB60610C61D28CCCE5] - [04/06/2017 12:10:32] - |A| - [805888] - C:\WINDOWS\system32\Bubbles.scr
[MD5.1633112DE23BF2DFF1F72D3C9CB5FB08] - [04/06/2017 12:10:00] - |A| - [62976] - C:\WINDOWS\system32\BWContextHandler.dll
[MD5.6AFFAA6716B2C4A399F4ADA226EFADB4] - [04/06/2017 12:09:33] - |A| - [58368] - C:\WINDOWS\system32\ByteCodeGenerator.exe
[MD5.A846495B6BF95F4607A6861A6DD874B2] - [04/06/2017 12:09:55] - |A| - [80384] - C:\WINDOWS\system32\cabapi.dll
[MD5.DCD22F4F5B04E079BCA9A27CE8C52A24] - [04/06/2017 12:09:55] - |A| - [134880] - C:\WINDOWS\system32\cabinet.dll
[MD5.EE3D1D758D8B945DA06E850366E5664B] - [04/06/2017 12:09:55] - |A| - [165376] - C:\WINDOWS\system32\cabview.dll
[MD5.31EFF81E6B1355784BB9944881383057] - [04/06/2017 12:10:44] - |A| - [32768] - C:\WINDOWS\system32\cacls.exe
[MD5.A5D91B5E1828E135031EC1140694A8C9] - [04/06/2017 12:10:38] - |A| - [27648] - C:\WINDOWS\system32\calc.exe
[MD5.465B7E28CF5923ADDEA9365C30C2D477] - [04/06/2017 12:09:21] - |A| - [98816] - C:\WINDOWS\system32\CallButtons.dll
[MD5.D471C8C2A8A3A61482D70E308843541B] - [04/06/2017 12:09:21] - |A| - [27648] - C:\WINDOWS\system32\CallButtons.ProxyStub.dll
[MD5.E6E9823796E01B376236BE45E92893CB] - [04/06/2017 12:09:30] - |A| - [155136] - C:\WINDOWS\system32\CallHistoryClient.dll
[MD5.F04D4D5AF2F3516C2ABB4B3EF3437AAA] - [04/06/2017 12:09:24] - |A| - [111104] - C:\WINDOWS\system32\CameraCaptureUI.dll
[MD5.69A8B275E490B2198DF93C339AF902DE] - [04/06/2017 12:09:09] - |A| - [29464] - C:\WINDOWS\system32\CameraSettingsUIHost.exe
[MD5.C5D2139BCA883F0C75024C7E8F02FDBC] - [04/06/2017 12:09:22] - |A| - [33792] - C:\WINDOWS\system32\canonurl.dll
[MD5.7AFF9B87CE3E02E1DF59CEC6664CB298] - [04/06/2017 12:09:21] - |A| - [243200] - C:\WINDOWS\system32\CapabilityAccessManager.dll
[MD5.D946611B0A0D57B8489F88CD5031868B] - [04/06/2017 12:09:24] - |A| - [316688] - C:\WINDOWS\system32\capauthz.dll
[MD5.E0CE023A23DDC1F2E857D9E5E9F01491] - [04/06/2017 12:10:00] - |A| - [61952] - C:\WINDOWS\system32\capiprovider.dll
[MD5.187FB357F37B803D4098D56A031104F4] - [04/06/2017 12:10:00] - |A| - [23552] - C:\WINDOWS\system32\capisp.dll
[MD5.1AF21AFC080906B683A10BEDDEF58A92] - [04/06/2017 12:09:54] - |A| - [147968] - C:\WINDOWS\system32\CastingShellExt.dll
[MD5.CACFA153204B9657C9CC744C149027C7] - [04/06/2017 12:09:54] - |A| - [105472] - C:\WINDOWS\system32\CastLaunch.dll
[MD5.41A7AC4DC4C4D115A271FB2F990B5FE7] - [04/06/2017 12:09:49] - |A| - [68224] - C:\WINDOWS\system32\CastSrv.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 10:16:43] - |D| - [36916405] - C:\WINDOWS\system32\CatRoot
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [26530135] - C:\WINDOWS\system32\catroot2
[MD5.BE0CE71F86409F1B4E0487CBF1607C43] - [04/06/2017 12:09:55] - |A| - [455680] - C:\WINDOWS\system32\catsrv.dll
[MD5.28424EB060E73FA2F52B472F554C5DFB] - [04/06/2017 12:09:55] - |A| - [49664] - C:\WINDOWS\system32\catsrvps.dll
[MD5.F4B51637F1B945A6E23AB9B176CB7CF9] - [04/06/2017 12:09:55] - |A| - [483840] - C:\WINDOWS\system32\catsrvut.dll
[MD5.D477E51618FEAFAB3E054A607C8F8831] - [04/06/2017 12:10:38] - |A| - [89600] - C:\WINDOWS\system32\cca.dll
[MD5.828A515B8983E4DE79600F3715DEF82C] - [04/06/2017 12:09:29] - |A| - [232448] - C:\WINDOWS\system32\cdd.dll
[MD5.0EADD3AC3D7C0BCDE686A798C9F20387] - [04/06/2017 12:10:07] - |A| - [1053184] - C:\WINDOWS\system32\cdosys.dll
[MD5.C5E7BADD3619E3A916E3988D8FAD111B] - [04/06/2017 12:12:56] - |A| - [5971456] - C:\WINDOWS\system32\cdp.dll
[MD5.4922C0ED0BF9AA254E58A609B25099A3] - [04/06/2017 12:09:25] - |A| - [1015296] - C:\WINDOWS\system32\cdprt.dll
[MD5.D4E475D42CA37B53DE35C849EC2A1069] - [04/06/2017 12:09:21] - |A| - [1005568] - C:\WINDOWS\system32\cdpsvc.dll
[MD5.4693096744891D75DE9308BA44337C72] - [04/06/2017 12:09:21] - |A| - [574464] - C:\WINDOWS\system32\cdpusersvc.dll
[MD5.51B2883BA519CD28E9982CD6F0CA53AF] - [04/06/2017 12:10:50] - |A| - [717824] - C:\WINDOWS\system32\CellularAPI.dll
[MD5.637108D8519DE755D024901C762DAB37] - [04/06/2017 12:10:49] - |A| - [44544] - C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
[MD5.4D65D8F46A99F6557706C73E03AAA40D] - [04/06/2017 12:09:33] - |A| - [247296] - C:\WINDOWS\system32\cemapi.dll
[MD5.0B596C2C414628720B69A3C837AB7ACB] - [04/06/2017 12:10:47] - |A| - [34816] - C:\WINDOWS\system32\cero.rs
[MD5.B7BE9799D2672F7FEDD0F535EFC7F01B] - [04/06/2017 12:09:25] - |A| - [803328] - C:\WINDOWS\system32\certca.dll
[MD5.7D7C0BE314C1783AE6ACD3A34605F385] - [04/06/2017 12:09:21] - |A| - [457728] - C:\WINDOWS\system32\certcli.dll
[MD5.2F5C0DB3B5A1C6B1820E2DF1804CEBB9] - [04/06/2017 12:10:00] - |A| - [438784] - C:\WINDOWS\system32\certCredProvider.dll
[MD5.B4EC0813CFDFC59FEE23DBE58EC33A32] - [04/06/2017 12:10:29] - |A| - [64512] - C:\WINDOWS\system32\certenc.dll
[MD5.A4818A0F86A9943F1DC96A18AB520666] - [04/06/2017 12:09:24] - |A| - [3110912] - C:\WINDOWS\system32\CertEnroll.dll
[MD5.372C5FA3DE39D9037CDC073A4BD192A5] - [04/06/2017 12:09:24] - |A| - [51712] - C:\WINDOWS\system32\CertEnrollCtrl.exe
[MD5.765EC46C66C8239C70B363BB3C811D1D] - [04/06/2017 12:10:32] - |A| - [325632] - C:\WINDOWS\system32\CertEnrollUI.dll
[MD5.DCCA682FEA47192106EC4F2001EAE182] - [04/06/2017 12:10:32] - |A| - [63081] - C:\WINDOWS\system32\certlm.msc
[MD5.8CEEF0F1E08ABDF8FCD7BBE10340F1A5] - [04/06/2017 12:10:32] - |A| - [2209792] - C:\WINDOWS\system32\certmgr.dll
[MD5.4C7390A1FF613FBBF59141CA0BE8AE89] - [04/06/2017 12:10:32] - |A| - [63070] - C:\WINDOWS\system32\certmgr.msc
[MD5.FE508112F2531B31266A4F4739E2A03A] - [04/06/2017 12:10:29] - |A| - [61440] - C:\WINDOWS\system32\CertPKICmdlet.dll
[MD5.5EDB5CA545E9ADD3E07E1CD8218F51DC] - [04/06/2017 12:09:49] - |A| - [117760] - C:\WINDOWS\system32\CertPolEng.dll
[MD5.61AFB4ADCF981E63CE59F2BE53E5A3C1] - [04/06/2017 12:10:35] - |A| - [188928] - C:\WINDOWS\system32\certprop.dll
[MD5.A58578BEE074578C7476AF82E6D4AEF0] - [04/06/2017 12:10:32] - |A| - [494080] - C:\WINDOWS\system32\certreq.exe
[MD5.6284664CC381968E9F017908E90A672E] - [04/06/2017 12:10:29] - |A| - [1439744] - C:\WINDOWS\system32\certutil.exe
[MD5.D60AEA5115D08AD82E9541D743A7FF82] - [04/06/2017 12:09:04] - |A| - [263168] - C:\WINDOWS\system32\cewmdm.dll
[MD5.5AB05380E7746D2D9184DB0B74A6407C] - [04/06/2017 12:10:41] - |A| - [76800] - C:\WINDOWS\system32\cfgbkend.dll
[MD5.C4DC67DFB237D98013D7DE593CC33B69] - [04/06/2017 12:09:55] - |A| - [284144] - C:\WINDOWS\system32\cfgmgr32.dll
[MD5.9960AC8735292822446FA3BB9509C567] - [04/06/2017 12:09:55] - |A| - [132608] - C:\WINDOWS\system32\CfgSPCellular.dll
[MD5.61568BBA9AC272EF0C574F4569469AB1] - [04/06/2017 12:10:47] - |A| - [137728] - C:\WINDOWS\system32\CfgSPPolicy.dll
[MD5.0EA4FD03E8FD9223A27A65D9C3326ED5] - [04/06/2017 12:10:02] - |A| - [68608] - C:\WINDOWS\system32\cflapi.dll
[MD5.1F2F152C3659C421F6BDC6CBECA62355] - [04/06/2017 12:09:18] - |A| - [35664] - C:\WINDOWS\system32\cfmifs.dll
[MD5.AD520C88F8ECA572ECDBC80318D4B8C4] - [04/06/2017 12:09:18] - |A| - [14848] - C:\WINDOWS\system32\cfmifsproxy.dll
[MD5.CD103E03553639E7D887BF3E4EB04590] - [04/06/2017 12:09:03] - |A| - [8274432] - C:\WINDOWS\system32\Chakra.dll
[MD5.F93E37DF12254D5A11B148C51B0985C6] - [04/06/2017 12:09:03] - |A| - [104960] - C:\WINDOWS\system32\Chakradiag.dll
[MD5.569F14F7BF7B561EABDCEFFAD721DC46] - [04/06/2017 12:09:03] - |A| - [122880] - C:\WINDOWS\system32\Chakrathunk.dll
[MD5.25FABD5690F37C60CA8C06A20D26FBC7] - [04/06/2017 12:11:52] - |A| - [17408] - C:\WINDOWS\system32\change.exe
[MD5.8B99EA474E0A46395F08F49B00E234DC] - [04/06/2017 12:10:36] - |A| - [96600] - C:\WINDOWS\system32\changepk.exe
[MD5.1286DF247252AC0AF06208D8DD13EEFA] - [04/06/2017 12:10:36] - |A| - [188416] - C:\WINDOWS\system32\charmap.exe
[MD5.DF68670603D3352E27C70049A94B1235] - [04/06/2017 12:09:47] - |A| - [128512] - C:\WINDOWS\system32\chartv.dll
[MD5.C604277989EE9BF24398DDC61E7FADF7] - [04/06/2017 12:09:33] - |A| - [753664] - C:\WINDOWS\system32\ChatApis.dll
[MD5.6587C07DC825AE0027CEB6BF7C26B482] - [04/06/2017 12:09:52] - |A| - [14336] - C:\WINDOWS\system32\chcp.com
[MD5.D71A0FC78A76EB28C522BB5EB4EA3EDD] - [04/06/2017 12:10:27] - |A| - [29696] - C:\WINDOWS\system32\CheckNetIsolation.exe
[MD5.1F6EA4BEB3766D78B01F3AF9943B0991] - [04/06/2017 12:11:53] - |A| - [22016] - C:\WINDOWS\system32\chglogon.exe
[MD5.1602672EAE063898C67A85DCD2F068EA] - [04/06/2017 12:11:52] - |A| - [24576] - C:\WINDOWS\system32\chgport.exe
[MD5.86D9567451CE477847777FBDDA5FB5EC] - [04/06/2017 12:11:52] - |A| - [21504] - C:\WINDOWS\system32\chgusr.exe
[MD5.069623296D93526944AF201B6CA21591] - [04/06/2017 12:09:34] - |A| - [25088] - C:\WINDOWS\system32\chkdsk.exe
[MD5.64FBDE0AF656EBB53DD8E19A48346A9B] - [04/06/2017 12:09:52] - |A| - [21504] - C:\WINDOWS\system32\chkntfs.exe
[MD5.D4335C6FF597DC0EF4B87E63C49F8932] - [04/06/2017 12:10:24] - |A| - [25600] - C:\WINDOWS\system32\chkwudrv.dll
[MD5.5902DB0FCF0348373018F5CD5EED4AEB] - [04/06/2017 12:09:52] - |A| - [33280] - C:\WINDOWS\system32\choice.exe
[MD5.474D5E11A285EA65CA0704BF2FD53CC0] - [04/06/2017 12:09:18] - |A| - [452608] - C:\WINDOWS\system32\ChsStrokeDS.dll
[MD5.CCEAEFAA4DF2F399E9A179D942FEB23C] - [04/06/2017 12:09:33] - |A| - [167640] - C:\WINDOWS\system32\chs_singlechar_pinyin.dat
[MD5.C6685958CBA43443597E2136D944D4DD] - [04/06/2017 12:09:18] - |A| - [454144] - C:\WINDOWS\system32\ChtBopomofoDS.dll
[MD5.D17AE834959FFE099CE80DA5E61D5BAF] - [04/06/2017 12:09:18] - |A| - [457728] - C:\WINDOWS\system32\ChtCangjieDS.dll
[MD5.49E1573D24FD40D2AD8DE9A807F64EAF] - [04/06/2017 12:09:18] - |A| - [451584] - C:\WINDOWS\system32\ChtHkStrokeDS.dll
[MD5.AC5E370955FB604D40DD5D70A29AC909] - [04/06/2017 12:09:18] - |A| - [446976] - C:\WINDOWS\system32\ChtQuickDS.dll
[MD5.4E15AC88E873E7C4EC10778701AE1B42] - [04/06/2017 12:09:18] - |A| - [531456] - C:\WINDOWS\system32\ChxAPDS.dll
[MD5.80CB1203A7A9F2A28C29A4118D9A48BD] - [04/06/2017 12:09:18] - |A| - [371200] - C:\WINDOWS\system32\ChxDecoder.dll
[MD5.2AE437450475B98C80BDDF65C0F0BC4C] - [04/06/2017 12:09:18] - |A| - [503808] - C:\WINDOWS\system32\ChxHAPDS.dll
[MD5.46CAC5C4F4647C7391D5C1F265DE67D9] - [04/06/2017 12:09:18] - |A| - [326144] - C:\WINDOWS\system32\chxinputrouter.dll
[MD5.23876FCF6B4D218379D2EEA8BF2A382D] - [04/06/2017 12:09:18] - |A| - [95232] - C:\WINDOWS\system32\chxranker.dll
[MD5.8D057C36845BAD16285E405E21B0E66F] - [04/06/2017 12:10:36] - |A| - [12800] - C:\WINDOWS\system32\CHxReadingStringIME.dll
[MD5.F0B1CD8FFCD93D01261C24AA8D19EE22] - [04/06/2017 12:09:57] - |A| - [675256] - C:\WINDOWS\system32\ci.dll
[MD5.305398D9581A1B8DC30537ED2F3AD0B0] - [04/06/2017 12:10:13] - |A| - [196096] - C:\WINDOWS\system32\cic.dll
[MD5.83D00C7717C88771B7933C7DDA57CE9C] - [04/06/2017 12:10:03] - |A| - [46080] - C:\WINDOWS\system32\cipher.exe
[MD5.82B38C41288F4B0CFEFA87DB82424829] - [04/06/2017 12:08:28] - |A| - [11264] - C:\WINDOWS\system32\CIRCoInst.dll
[MD5.D72AB0F104C79FB4676112D395351D20] - [04/06/2017 12:11:53] - |A| - [39936] - C:\WINDOWS\system32\CIWmi.dll
[MD5.3BBAA2E8738FD20A56CD57FF47E659B6] - [04/06/2017 12:10:32] - |A| - [17920] - C:\WINDOWS\system32\clb.dll
[MD5.5E13938BD3F287DF604FE0283FCBF638] - [04/06/2017 12:09:55] - |A| - [626040] - C:\WINDOWS\system32\clbcatq.dll
[MD5.289D1A873A9D1515D28D245402040969] - [04/06/2017 12:09:52] - |A| - [75264] - C:\WINDOWS\system32\cldapi.dll
[MD5.0967AA934A25E32CDADC74769B985D98] - [04/06/2017 12:09:43] - |A| - [219648] - C:\WINDOWS\system32\cleanmgr.exe
[MD5.E7C9A42011F6C98296391CBA109150B3] - [04/06/2017 12:10:29] - |A| - [56320] - C:\WINDOWS\system32\CleanPCCSP.dll
[MD5.48333BD1F31AF4AB1F8E82B3B5AF45EF] - [04/06/2017 12:09:52] - |A| - [73216] - C:\WINDOWS\system32\clfsw32.dll
[MD5.B603C3ED2AE6FE9C3A9748D4D9BE55CD] - [04/06/2017 12:10:13] - |A| - [84480] - C:\WINDOWS\system32\cliconfg.dll
[MD5.EB9175E598B4A018B3BCD2465C366BEE] - [04/06/2017 12:10:13] - |A| - [30720] - C:\WINDOWS\system32\cliconfg.exe
[MD5.70E5B92923E4292691AAD22732E8BC0F] - [04/06/2017 12:10:13] - |A| - [37376] - C:\WINDOWS\system32\cliconfg.rll
[MD5.B34D9456B3A9B7E3E9CCCA94FB5F88DC] - [04/06/2017 12:09:54] - |A| - [29696] - C:\WINDOWS\system32\clip.exe
[MD5.E03D065F6764AD26303978F3D107AFDA] - [04/06/2017 12:09:25] - |A| - [206336] - C:\WINDOWS\system32\ClipboardServer.dll
[MD5.B4649FC2EA0FDDDF734E622BFE3AB8BD] - [04/06/2017 12:09:21] - |A| - [145192] - C:\WINDOWS\system32\Clipc.dll
[MD5.B02C7FAEE13203C448EA5FE0C375AB2E] - [04/06/2017 12:11:29] - |A| - [131408] - C:\WINDOWS\system32\ClipRenew.exe
[MD5.39EE39BA5FFAC134E0135C2F39E2F479] - [04/06/2017 12:09:21] - |A| - [816624] - C:\WINDOWS\system32\ClipSVC.dll
[MD5.59EAA77501A6931906D1B33A36D38019] - [04/06/2017 12:09:21] - |A| - [1259800] - C:\WINDOWS\system32\ClipUp.exe
[MD5.A02EA2A10E19287CC5B965EA8CFA14A4] - [04/06/2017 12:09:21] - |A| - [378880] - C:\WINDOWS\system32\cloudAP.dll
[MD5.3AE9AA3C56AA5B52FE56B6766068688E] - [04/06/2017 12:10:47] - |A| - [300032] - C:\WINDOWS\system32\CloudBackupSettings.dll
[MD5.9F532C4A25C82DFD4B4EA00139505C81] - [04/06/2017 12:09:54] - |A| - [84480] - C:\WINDOWS\system32\CloudDomainJoinAUG.dll
[MD5.ABD0500D89D71DB141434C5D5E475F54] - [04/06/2017 12:09:54] - |A| - [356352] - C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
[MD5.C1FA666A5BA3940A86185A392C69E637] - [04/06/2017 12:09:49] - |A| - [383824] - C:\WINDOWS\system32\CloudExperienceHost.dll
[MD5.9B3EF708C814A14E82B1F242A838DB82] - [04/06/2017 12:09:52] - |A| - [215888] - C:\WINDOWS\system32\CloudExperienceHostBroker.dll
[MD5.A741D1826861485E8D2FFD8C6883F47C] - [04/06/2017 12:09:47] - |A| - [73040] - C:\WINDOWS\system32\CloudExperienceHostBroker.exe
[MD5.E2FA50137EFFB8CBC638365F4AE256A9] - [04/06/2017 12:09:29] - |A| - [423760] - C:\WINDOWS\system32\CloudExperienceHostCommon.dll
[MD5.CF962BBAB8E417F0D542B6FBB91426E3] - [04/06/2017 12:09:25] - |A| - [175952] - C:\WINDOWS\system32\CloudExperienceHostUser.dll
[MD5.9266FBC62A2DEAA080B78FB91E2B01EA] - [04/06/2017 12:10:47] - |A| - [87856] - C:\WINDOWS\system32\CloudNotifications.exe
[MD5.C7EF462866FF4C11EFDF183C97401105] - [04/06/2017 12:10:47] - |A| - [193240] - C:\WINDOWS\system32\CloudStorageWizard.exe
[MD5.4FB35C74B171407A7658A25025E7F160] - [04/06/2017 12:09:07] - |A| - [18432] - C:\WINDOWS\system32\clrhost.dll
[MD5.7809B53641B4D2510E74F26DCFCBD3E5] - [04/06/2017 12:09:17] - |A| - [893440] - C:\WINDOWS\system32\clusapi.dll
[MD5.1D24A96BD8EE025DE88DBE5B939C837C] - [04/06/2017 12:10:27] - |A| - [37888] - C:\WINDOWS\system32\cmcfg32.dll
[MD5.A5502DA709163B6B3FFFDDE183A41ADD] - [04/06/2017 12:09:37] - |A| - [273408] - C:\WINDOWS\system32\cmd.exe
[MD5.F9A0C523A01AB5FE36EBF74472708DC3] - [04/06/2017 12:09:52] - |A| - [26624] - C:\WINDOWS\system32\cmdext.dll
[MD5.34AC094A1A2569A8707CED76BE7AF946] - [04/06/2017 12:10:27] - |A| - [552448] - C:\WINDOWS\system32\cmdial32.dll
[MD5.653068DB3FA221F6D34F4E0C4B802C5B] - [04/06/2017 12:10:32] - |A| - [20480] - C:\WINDOWS\system32\cmdkey.exe
[MD5.07A9155B3AFBA431FA55AC877B2BD859] - [04/06/2017 12:10:27] - |A| - [51712] - C:\WINDOWS\system32\cmdl32.exe
[MD5.DA295D098C75EC243E44B2A0061F2BCE] - [04/06/2017 12:09:37] - |A| - [71168] - C:\WINDOWS\system32\cmgrcspps.dll
[MD5.097A347A591665CB62ED92F24EA0937F] - [04/06/2017 12:09:34] - |A| - [37888] - C:\WINDOWS\system32\cmgrcspsvr.exe
[MD5.3EBEA603C24F80359E8ED72EFA10C3A0] - [04/06/2017 12:10:49] - |A| - [97104] - C:\WINDOWS\system32\cmifw.dll
[MD5.7F3B48EB5CC52E8EB8D23E4CC218C460] - [04/06/2017 12:09:34] - |A| - [43008] - C:\WINDOWS\system32\cmintegrator.dll
[MD5.0BA6A6B99AE663F8561F3A94D9801B9D] - [04/06/2017 12:10:27] - |A| - [44544] - C:\WINDOWS\system32\cmlua.dll
[MD5.961EE18D956D2B02C3BBFF3320EA2555] - [04/06/2017 12:10:27] - |A| - [41984] - C:\WINDOWS\system32\cmmon32.exe
[MD5.7B4D5CB2AA06100330B2FDAD8CAE2870] - [04/06/2017 12:10:27] - |A| - [29184] - C:\WINDOWS\system32\cmpbk32.dll
[MD5.449FC4AE4FB28AA371491D6296629391] - [04/06/2017 12:10:27] - |A| - [92672] - C:\WINDOWS\system32\cmstp.exe
[MD5.D23486C89FD1CAB0FDC5565BE9B705C9] - [04/06/2017 12:10:27] - |A| - [19968] - C:\WINDOWS\system32\cmstplua.dll
[MD5.26E314084434542EB9A62AC129B8ADFA] - [04/06/2017 12:10:27] - |A| - [58880] - C:\WINDOWS\system32\cmutil.dll
[MD5.BAC1214ED6298A7877908FF0B747D0A2] - [04/06/2017 12:10:33] - |A| - [110080] - C:\WINDOWS\system32\cngcredui.dll
[MD5.951058DB37AFC7B45A58B4C71910CA01] - [04/06/2017 12:10:00] - |A| - [65024] - C:\WINDOWS\system32\cngprovider.dll
[MD5.E4FE9ACE2641397AF068FE79073B251F] - [04/06/2017 12:09:52] - |A| - [38912] - C:\WINDOWS\system32\cnvfat.dll
[MD5.ADE14EC2ED025275E13EA1A837484286] - [04/06/2017 12:10:47] - |A| - [30720] - C:\WINDOWS\system32\cob-au.rs
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [3823989] - C:\WINDOWS\system32\CodeIntegrity
[MD5.0D7613CBC9A1D7802D4FDB4F1A496679] - [04/06/2017 12:10:38] - |A| - [23552] - C:\WINDOWS\system32\cofire.exe
[MD5.09464607B969122C9AE81C2AA41E7761] - [04/06/2017 12:10:38] - |A| - [32768] - C:\WINDOWS\system32\cofiredm.dll
[MD5.F8BF21405AFE56763C87FF34351541F4] - [04/06/2017 12:09:55] - |A| - [79360] - C:\WINDOWS\system32\colbact.dll
[MD5.C486302F948543D2108B3CA39AA83AC3] - [04/06/2017 12:08:52] - |A| - [196864] - C:\WINDOWS\system32\COLORCNV.DLL
[MD5.F91F53F5F156284AF212FF7E4209FBFB] - [04/06/2017 12:08:58] - |A| - [87552] - C:\WINDOWS\system32\colorcpl.exe
[MD5.BE9E2BDB69A4722C9FEA1C8FE35C3619] - [04/06/2017 12:08:58] - |A| - [620544] - C:\WINDOWS\system32\colorui.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [366592] - C:\WINDOWS\system32\Com
[MD5.D1BEA94D2B2D7034182EADDF2E1821B2] - [04/06/2017 12:09:55] - |A| - [3155888] - C:\WINDOWS\system32\combase.dll
[MD5.8B7E95959CFE5CF4B22B632A66030FBE] - [04/06/2017 12:09:54] - |A| - [10240] - C:\WINDOWS\system32\comcat.dll
[MD5.EC2079AF69BA0925043CFB5461FBBC9D] - [04/06/2017 12:10:32] - |A| - [657744] - C:\WINDOWS\system32\comctl32.dll
[MD5.5B3AC9510732D7095ECD47D3FE72A33E] - [04/06/2017 12:10:32] - |A| - [1052672] - C:\WINDOWS\system32\comdlg32.dll
[MD5.AC27746CE65F3A7A1329BEBA7A64E08F] - [04/06/2017 12:09:55] - |A| - [124118] - C:\WINDOWS\system32\comexp.msc
[MD5.63C868B709862F185283A7B03A83E5B8] - [04/06/2017 12:09:30] - |A| - [450384] - C:\WINDOWS\system32\coml2.dll
[MD5.502B0627AE8E176B95136E95CA0EB089] - [04/06/2017 12:09:17] - |A| - [25088] - C:\WINDOWS\system32\comp.exe
[MD5.9B5F12204CDB2ACBBD32C286ECB4CC66] - [04/06/2017 12:09:55] - |A| - [44544] - C:\WINDOWS\system32\compact.exe
[MD5.F738AD18D8E69731B5BCF5B4A5C817C3] - [04/06/2017 12:09:47] - |A| - [110944] - C:\WINDOWS\system32\CompatTelRunner.exe
[MD5.F04C119C159670C9271623454BEC3254] - [04/06/2017 12:09:55] - |A| - [113256] - C:\WINDOWS\system32\compmgmt.msc
[MD5.043770B6296B92B56F4B519DAF37B784] - [04/06/2017 12:09:55] - |A| - [90112] - C:\WINDOWS\system32\CompMgmtLauncher.exe
[MD5.C3ECB70E1C0D9716FE8B6D6162244E33] - [04/06/2017 12:09:21] - |A| - [59992] - C:\WINDOWS\system32\CompPkgSup.dll
[MD5.B5B999EFDE496F25BBA6C0BC338F93A9] - [04/06/2017 12:10:29] - |A| - [308736] - C:\WINDOWS\system32\compstui.dll
[MD5.5A95A39EA3BAFF9B28B8707781FCD41B] - [04/06/2017 12:10:00] - |A| - [74752] - C:\WINDOWS\system32\ComputerDefaults.exe
[MD5.BBB00FC5C5E8BD783CC899E0F5BD9B45] - [04/06/2017 12:09:55] - |A| - [110592] - C:\WINDOWS\system32\comrepl.dll
[MD5.D69D31E75723E8ABEE8EA35DD8356BFA] - [04/06/2017 12:09:55] - |A| - [1295360] - C:\WINDOWS\system32\comres.dll
[MD5.7BA272AA568D4E5B0B653D4D1D66CA59] - [04/06/2017 12:09:55] - |A| - [283136] - C:\WINDOWS\system32\comsnap.dll
[MD5.B4DFD9AD453493C02CEAA2EA6C4B0381] - [04/06/2017 12:09:55] - |A| - [1710592] - C:\WINDOWS\system32\comsvcs.dll
[MD5.79400536B99398D87112CCC36630CBAE] - [04/06/2017 12:09:55] - |A| - [816128] - C:\WINDOWS\system32\comuid.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 10:16:43] - |D| - [371271940] - C:\WINDOWS\system32\config
[MD5.F83FBB04F08591D9D1C14A33B6245142] - [04/06/2017 12:09:37] - |A| - [605184] - C:\WINDOWS\system32\configmanager2.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |SD| - [54388] - C:\WINDOWS\system32\Configuration
[MD5.0A7E341AAF1370B0FC61B39CA09C0A80] - [04/06/2017 12:10:32] - |A| - [73728] - C:\WINDOWS\system32\ConfigureExpandedStorage.dll
[MD5.A6E861F9BF9DC010BF66244B8BAA47B6] - [04/06/2017 12:10:00] - |A| - [50688] - C:\WINDOWS\system32\conhost.exe
[MD5.019A219521DFE858A8DF6BFDD9207DB3] - [04/06/2017 12:10:00] - |A| - [316416] - C:\WINDOWS\system32\ConhostV1.dll
[MD5.2FCF461572ACE7FB16B969F76981E9AC] - [04/06/2017 12:09:58] - |A| - [403968] - C:\WINDOWS\system32\ConhostV2.dll
[MD5.E5FB322343286FA2660B5E4471C86058] - [04/06/2017 12:10:24] - |A| - [1353728] - C:\WINDOWS\system32\connect.dll
[MD5.51B8D3462854DC421673894B50DDA4E8] - [04/06/2017 12:10:07] - |A| - [61440] - C:\WINDOWS\system32\ConnectedAccountState.dll
[MD5.DDE694FDFA43AE85ADC4BFACEABBE447] - [04/06/2017 12:10:11] - |A| - [150864] - C:\WINDOWS\system32\consent.exe
[MD5.FF5AC184AD875D0D74EA38642F20B886] - [04/06/2017 12:10:02] - |A| - [176464] - C:\WINDOWS\system32\ConsentUX.dll
[MD5.8D98665ADC66A8EEA2EC704922F5C68B] - [04/06/2017 12:10:02] - |A| - [120320] - C:\WINDOWS\system32\console.dll
[MD5.5920C29BE6E676A1CF26532D1200080A] - [04/06/2017 12:12:56] - |A| - [344576] - C:\WINDOWS\system32\ConsoleLogon.dll
[MD5.C24BE64009CDDD5BD52E1DDE1423FFE6] - [04/06/2017 12:09:43] - |A| - [1885696] - C:\WINDOWS\system32\ConstraintIndex.Search.dll
[MD5.086EF4164A4A69F30F7E844EEDC4D68E] - [04/06/2017 12:09:33] - |A| - [58368] - C:\WINDOWS\system32\ContactActivation.dll
[MD5.14E6F61EE19AD4BFB2F38ECC2CCC7DC7] - [04/06/2017 12:09:33] - |A| - [1153536] - C:\WINDOWS\system32\ContactApis.dll
[MD5.C513CAAE3EB47103D4BE63E9CCA4A6F3] - [04/06/2017 12:10:16] - |A| - [209408] - C:\WINDOWS\system32\ContactHarvesterDS.dll
[MD5.B390EF21A6B7E8E9CF07E1F6726660E9] - [04/06/2017 12:09:34] - |A| - [212992] - C:\WINDOWS\system32\container.dll
[MD5.CCE72D56BB55E2F4F8C7D272B63816AE] - [04/06/2017 12:09:18] - |A| - [1248080] - C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
[MD5.FC49356A01760FFC3ED088F1DECD9CA5] - [04/06/2017 12:10:49] - |A| - [117760] - C:\WINDOWS\system32\control.exe
[MD5.5F85A05F3805673BDA9DD8DDFEAF8D90] - [04/06/2017 12:09:52] - |A| - [20992] - C:\WINDOWS\system32\convert.exe
[MD5.EC63E46C8E0121A604853981A7C3AEF4] - [04/06/2017 12:09:21] - |A| - [14336] - C:\WINDOWS\system32\coreaudiopolicymanagerext.dll
[MD5.33F90107CB8BE162A39F404A602236F2] - [04/06/2017 12:09:37] - |A| - [252416] - C:\WINDOWS\system32\coredpus.dll
[MD5.EA87C14F8611F51888B3AF1092C18E87] - [04/06/2017 12:09:34] - |A| - [71168] - C:\WINDOWS\system32\coredpussvr.exe
[MD5.9652D6ABF5A124B75AEFA32BB8FA7F69] - [04/06/2017 12:09:55] - |A| - [922488] - C:\WINDOWS\system32\CoreMessaging.dll
[MD5.E253594A1AC2CD5129521E53F1A72B6B] - [04/06/2017 12:08:52] - |A| - [19968] - C:\WINDOWS\system32\CoreMmRes.dll
[MD5.5674423FC1F9595B07EBBB9E5D87E45C] - [04/06/2017 12:11:39] - |A| - [299520] - C:\WINDOWS\system32\CoreShellAPI.dll
[MD5.FAC66566B13A1148AB5F6486F01C9C88] - [04/06/2017 12:09:25] - |A| - [3037048] - C:\WINDOWS\system32\CoreUIComponents.dll
[MD5.1C07736C92E29EE949361DEB89ABF6CB] - [04/06/2017 12:10:38] - |A| - [86528] - C:\WINDOWS\system32\correngine.dll
[MD5.A65AF3A6DBCB0F00EE66C5D97056B539] - [04/06/2017 12:10:32] - |A| - [288256] - C:\WINDOWS\system32\Cortana.Persona.dll
[MD5.7C8D9C1BB99454C7DF65785FA3A81684] - [04/06/2017 12:10:29] - |A| - [246272] - C:\WINDOWS\system32\CortanaMapiHelper.dll
[MD5.52D4754B5991A0994A8D57CC1C2FE662] - [04/06/2017 12:10:32] - |A| - [17408] - C:\WINDOWS\system32\CortanaMapiHelper.ProxyStub.dll
[MD5.24A03B07E2CD874911260B39C07DAEC3] - [04/06/2017 12:10:47] - |A| - [206336] - C:\WINDOWS\system32\CourtesyEngine.dll
[MD5.05CD4E5AD991C266382FB635891A9DAE] - [04/06/2017 12:10:40] - |A| - [870912] - C:\WINDOWS\system32\CPFilters.dll
[MD5.F78CF9069CA310F8FAA9F462008D3274] - [04/06/2017 12:09:52] - |A| - [107520] - C:\WINDOWS\system32\CredDialogBroker.dll
[MD5.62992DAE39DFA48F2B57437E9175654F] - [04/06/2017 12:10:50] - |A| - [46592] - C:\WINDOWS\system32\CredentialMigrationHandler.dll
[MD5.67ACE73FF9BB41C16779D42101F7AB2F] - [04/06/2017 12:10:44] - |A| - [110528] - C:\WINDOWS\system32\CredentialUIBroker.exe
[MD5.6160D8D0147169B074CAAF0858D0FB66] - [04/06/2017 12:10:00] - |A| - [96256] - C:\WINDOWS\system32\CredProv2faHelper.dll
[MD5.16A6FA6D79AE717777BFD06F16B16CE2] - [04/06/2017 12:10:00] - |A| - [453120] - C:\WINDOWS\system32\CredProvDataModel.dll
[MD5.9E583A9472533890A1560AD485E0BE8C] - [04/06/2017 12:10:00] - |A| - [257536] - C:\WINDOWS\system32\credprovhost.dll
[MD5.5EE06AC5798D753FFEA3A8EB2466532E] - [04/06/2017 12:10:00] - |A| - [198144] - C:\WINDOWS\system32\credprovs.dll
[MD5.F46394A72ADC5154D62678B847D9EC68] - [04/06/2017 12:09:58] - |A| - [168448] - C:\WINDOWS\system32\credprovslegacy.dll
[MD5.EA41F7D21C7AF401F8F50F0928BDDCE8] - [04/06/2017 12:10:32] - |A| - [23552] - C:\WINDOWS\system32\credssp.dll
[MD5.F87B5040B2E286B103DA4866E88BE3D9] - [04/06/2017 12:09:58] - |A| - [48640] - C:\WINDOWS\system32\credui.dll
[MD5.3FEB28E40E9165B70537890B9771AA26] - [04/06/2017 12:10:32] - |A| - [37376] - C:\WINDOWS\system32\credwiz.exe
[MD5.E9AE9E59A67B8158A96C154F78D2EE90] - [04/06/2017 12:09:57] - |A| - [1852184] - C:\WINDOWS\system32\crypt32.dll
[MD5.E44E4762D8A382C6370408A07F3F973C] - [04/06/2017 12:09:57] - |A| - [27472] - C:\WINDOWS\system32\cryptbase.dll
[MD5.BC5377D7B72D014D63729D2ED0152BA4] - [04/06/2017 12:10:00] - |A| - [124928] - C:\WINDOWS\system32\cryptcatsvc.dll
[MD5.501738B4E09B045294C63164D8292ECF] - [04/06/2017 12:10:11] - |A| - [31232] - C:\WINDOWS\system32\cryptdlg.dll
[MD5.5CFC7A20CDB0B0B953DC468CF851E84A] - [04/06/2017 12:09:57] - |A| - [60528] - C:\WINDOWS\system32\cryptdll.dll
[MD5.6BB8914EE07D093A662F40FC1F763A7D] - [04/06/2017 12:10:02] - |A| - [72704] - C:\WINDOWS\system32\cryptext.dll
[MD5.128576F4C4593601253F3BFEEFDF0FB0] - [04/06/2017 12:09:57] - |A| - [172032] - C:\WINDOWS\system32\cryptnet.dll
[MD5.A687CE40F72A8929830C6FE593235D93] - [04/06/2017 12:09:29] - |A| - [437248] - C:\WINDOWS\system32\cryptngc.dll
[MD5.BC2A44A96E161E6212BA487F29EC6469] - [04/06/2017 12:09:25] - |A| - [369664] - C:\WINDOWS\system32\CryptoWinRT.dll
[MD5.9EDAF21EBE31674BA1F863DBC9CAC7B1] - [04/06/2017 12:09:57] - |A| - [76032] - C:\WINDOWS\system32\cryptsp.dll
[MD5.2C285088813BF1C4B370B0EC4F99F72F] - [04/06/2017 12:09:57] - |A| - [97792] - C:\WINDOWS\system32\cryptsvc.dll
[MD5.A1ACCBE4DBE884B12F26F349D67EDE35] - [04/06/2017 12:09:24] - |A| - [61440] - C:\WINDOWS\system32\crypttpmeksvc.dll
[MD5.B45308A3218C1CF59A89938B98C53D45] - [04/06/2017 12:10:00] - |A| - [594432] - C:\WINDOWS\system32\cryptui.dll
[MD5.878E9888EABDE7829C2CAB4AB9967137] - [04/06/2017 12:10:32] - |A| - [381952] - C:\WINDOWS\system32\cryptuiwizard.dll
[MD5.62BB26FBA05798D2745AC8606550096F] - [04/06/2017 12:09:33] - |A| - [122448] - C:\WINDOWS\system32\cryptxml.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [313344] - C:\WINDOWS\system32\cs-CZ
[MD5.9FAC2CEBACDD84473A0858D5F7DC3C6B] - [04/06/2017 12:10:32] - |A| - [51200] - C:\WINDOWS\system32\cscapi.dll
[MD5.2061929CBBF96A3BEE8A805F0972348D] - [04/06/2017 12:10:32] - |A| - [28672] - C:\WINDOWS\system32\cscdll.dll
[MD5.AE7CB9F3F46CFA3977861A4953B5B5A5] - [04/06/2017 12:11:52] - |A| - [138576] - C:\WINDOWS\system32\CscMig.dll
[MD5.3A0D21EC00A3560565C5EEF81C92B7F4] - [04/06/2017 12:11:52] - |A| - [291328] - C:\WINDOWS\system32\cscobj.dll
[MD5.330A6FD6CBEDDAC43FC7FA06F99BC2C0] - [04/06/2017 12:10:32] - |A| - [165376] - C:\WINDOWS\system32\cscript.exe
[MD5.419C6BDEFA496128AADAFA33F21DC2E2] - [04/06/2017 12:11:52] - |A| - [727040] - C:\WINDOWS\system32\cscsvc.dll
[MD5.52C726904DD249B52849E0B04FBD00F3] - [04/06/2017 12:11:52] - |A| - [798720] - C:\WINDOWS\system32\cscui.dll
[MD5.CF021A494097A91AE159D156E422A059] - [04/06/2017 12:09:55] - |A| - [45056] - C:\WINDOWS\system32\CspCellularSettings.dll
[MD5.BAC5919AF2ED3AEAFC95C4003B7F3627] - [04/06/2017 12:09:55] - |A| - [156160] - C:\WINDOWS\system32\csplte.dll
[MD5.DAE6E5F2FC42C2D677FD739EBA197081] - [04/06/2017 12:10:47] - |A| - [60416] - C:\WINDOWS\system32\CspProxy.dll
[MD5.365D04027AF98B1C088F04651D27FC69] - [04/06/2017 12:10:47] - |A| - [43520] - C:\WINDOWS\system32\csrr.rs
[MD5.5C41BC185F87DB341AD07426C1033E67] - [04/06/2017 12:09:57] - |A| - [61440] - C:\WINDOWS\system32\csrsrv.dll
[MD5.F939C28FD276FDF02F844838181C4629] - [04/06/2017 12:09:57] - |A| - [13520] - C:\WINDOWS\system32\csrss.exe
[MD5.56C532A654ED76A18683FDBF6F547AEB] - [04/06/2017 12:09:30] - |A| - [23040] - C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
[MD5.07BADFFC1D1B0DBCE2295E92EC54AFCC] - [04/06/2017 12:10:36] - |A| - [10752] - C:\WINDOWS\system32\ctfmon.exe
[MD5.5BF8BDC06AC4EA6A36507BD239CDD3C5] - [04/06/2017 12:09:54] - |A| - [324608] - C:\WINDOWS\system32\cttune.exe
[MD5.05676FA445E0A3961A1828524AD50FFE] - [04/06/2017 12:09:54] - |A| - [41472] - C:\WINDOWS\system32\cttunesvr.exe
[MD5.D6D7E1C59B0D26B8E62E96928B15E4F4] - [04/06/2017 12:10:47] - |A| - [265216] - C:\WINDOWS\system32\CXHProvisioningServer.dll
[MD5.0D143112394173967A3647096F74E743] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_037.NLS
[MD5.A716B23BA6632B7F0DABB5B8AC078F27] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_10000.NLS
[MD5.157A2706E78D7B581642F6F787EC37E5] - [04/06/2017 12:10:07] - |A| - [162850] - C:\WINDOWS\system32\C_10001.NLS
[MD5.05C0B7F8FA403E6DA75671685A58A940] - [04/06/2017 12:10:07] - |A| - [195618] - C:\WINDOWS\system32\C_10002.NLS
[MD5.1855E6398A2E937E47809FD8B83647E4] - [04/06/2017 12:10:07] - |A| - [177698] - C:\WINDOWS\system32\C_10003.NLS
[MD5.1DBBCC1B712C2674BDF29A05A5DD366E] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_10004.NLS
[MD5.72233F1A1D788A84D4687A258CC97CBF] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_10005.NLS
[MD5.0A206B5CACD3CA70D2044DA691304765] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_10006.NLS
[MD5.AF4A866226BD04ACF06135088D75BB63] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_10007.NLS
[MD5.23C1E8F026FB81824388E8EC457CF75E] - [04/06/2017 12:10:07] - |A| - [173602] - C:\WINDOWS\system32\C_10008.NLS
[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_10010.NLS
[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_10017.NLS
[MD5.F3C139AD492C4F73353057442E6995CE] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_10021.NLS
[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_10029.NLS
[MD5.29B5AF5B12D955C316821F277C5B4D7D] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_10079.NLS
[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_10081.NLS
[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_10082.NLS
[MD5.71E7F8B0F28585439E95B3D3B296984B] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_1026.NLS
[MD5.7CB90B3604A45355218E6A20BD7B7A0B] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_1047.NLS
[MD5.27E1CBE7F0DF21CA0892D16FD1961F29] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_1140.NLS
[MD5.F0C0509A9A633332B99F009D1DAA7612] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_1141.NLS
[MD5.69316F1B309BA5AC371EFD09267BD670] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_1142.NLS
[MD5.3EA8E21340AF59C80CB35A6A53FE52D7] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_1143.NLS
[MD5.FD2D28063FB4FD12BC6EF18A6D10769E] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_1144.NLS
[MD5.123B711FF0BF69B4462C279D342380AF] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_1145.NLS
[MD5.D288777605A2F4E12A9C6E360CE44987] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_1146.NLS
[MD5.7623492F4FCB5E317578F897A7476E16] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_1147.NLS
[MD5.32CA3320D8C8F37770764BDFF1C2FE15] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_1148.NLS
[MD5.484A1C398A16DD464E8468046526985C] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_1149.NLS
[MD5.2E0B152ED60DE2431DFC0C436363385E] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_1250.NLS
[MD5.0E91B896B81CF0B7DF62C824224B891A] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_1251.NLS
[MD5.ACB769EC498FB62316EAB45ADB680F22] - [04/06/2017 12:09:57] - |A| - [66082] - C:\WINDOWS\system32\C_1252.NLS
[MD5.E1858EDF032363E84922CDB91E75797A] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_1253.NLS
[MD5.808CCC573F51DC7AB3D5151A2D2AF1BF] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_1254.NLS
[MD5.C386BDB1A653A4390313AE192EFF2732] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_1255.NLS
[MD5.6F42B3E7ED97C9EAC38615B907F08721] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_1256.NLS
[MD5.AF381A5B093736A3A28EFDC1BB4F5FCB] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_1257.NLS
[MD5.43B0D0C38C885CCF742740FFC1F00535] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_1258.NLS
[MD5.A337491EA01F4BE0779A981CB7ACB999] - [04/06/2017 12:10:00] - |A| - [189986] - C:\WINDOWS\system32\C_1361.NLS
[MD5.AAB0740BCBDCE107E0BABEE466905EB4] - [04/06/2017 12:10:00] - |A| - [180258] - C:\WINDOWS\system32\C_20000.NLS
[MD5.48699E0B2F0B56E132D8200BA23E7176] - [04/06/2017 12:10:00] - |A| - [186402] - C:\WINDOWS\system32\C_20001.NLS
[MD5.A5D79E78E4412AC3C79DED42CD95C3EA] - [04/06/2017 12:10:00] - |A| - [173602] - C:\WINDOWS\system32\C_20002.NLS
[MD5.971E382CB790C07536F380C172848C92] - [04/06/2017 12:10:00] - |A| - [185378] - C:\WINDOWS\system32\C_20003.NLS
[MD5.A47DBDBAEA690F4713185EBB5790BBFF] - [04/06/2017 12:10:00] - |A| - [180258] - C:\WINDOWS\system32\C_20004.NLS
[MD5.9C78D8BC06315FE97936167F5063F924] - [04/06/2017 12:10:00] - |A| - [187938] - C:\WINDOWS\system32\C_20005.NLS
[MD5.1F55C295A71290992C95CF1F41CDB0E4] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20105.NLS
[MD5.00E11B5E8C252190DEC893FD84D3B06D] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20106.NLS
[MD5.EB7AD61171B280F1CA90CF3AC0F43717] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20107.NLS
[MD5.C8FBDF3805D2F229DE3CA2EF5A248CCC] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20108.NLS
[MD5.6CB26848BCDAA361B6EE21264FB362C3] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_20127.NLS
[MD5.7D07126E0ED768C04B245A43AF2F94ED] - [04/06/2017 12:10:00] - |A| - [139810] - C:\WINDOWS\system32\C_20261.NLS
[MD5.BA660D994876755C9E90871B919BB5EC] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20269.NLS
[MD5.947813F75A56A20EF65DC9E479EBEA4D] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20273.NLS
[MD5.947B06BC793BFF9A4808C8CF57B0E273] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20277.NLS
[MD5.AF4F8AEC071515D6FC6E8203A0DBF655] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20278.NLS
[MD5.2AB1DF9DFBD49E343AF5D5FA7D17024E] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20280.NLS
[MD5.E37E1766C1D7C21C5EFAD0F20D923039] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20284.NLS
[MD5.BCD8AC4CE06E227A2FBA81862B5F0D42] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20285.NLS
[MD5.B2B3B6A63D9A1837673A2B2C44455A20] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20290.NLS
[MD5.C3581190325F812CB7F5F928E722F132] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20297.NLS
[MD5.4FEA99284FA34D8E69C8D865D9426D2B] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20420.NLS
[MD5.E3AAE11859C598FB936017816567FD96] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20423.NLS
[MD5.3A0FA5F25C5FF909766347627B446511] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20424.NLS
[MD5.E27DCCEEFABD04FC7D81BE65B233C653] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20833.NLS
[MD5.A124CAA7470CCF0354A57AB30808293F] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20838.NLS
[MD5.DD7F9900C070890C59417B5271581ED3] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_20866.NLS
[MD5.61FBE3736279973CBA71EE0CDEAAAA6C] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20871.NLS
[MD5.8464E9CAB0DA3F209320D782631DD5A2] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20880.NLS
[MD5.1ADCE2879B486ACB126750EF18B2E658] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20905.NLS
[MD5.E4642396D2098F65C7E88C0AC1EE7379] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_20924.NLS
[MD5.3FEF4EEFC8827A03B19124575B17205E] - [04/06/2017 12:10:00] - |A| - [180770] - C:\WINDOWS\system32\C_20932.NLS
[MD5.32919D0DA9A834E8197203C4858ABCF6] - [04/06/2017 12:10:00] - |A| - [173602] - C:\WINDOWS\system32\C_20936.NLS
[MD5.232094E602642181A5A508975665D11B] - [04/06/2017 12:10:00] - |A| - [177698] - C:\WINDOWS\system32\C_20949.NLS
[MD5.85D74656F26B33F21B5129252B1578D0] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_21025.NLS
[MD5.07CD5D103AEB4AD2B624EE1ADBFAA456] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_21027.NLS
[MD5.41034D46626ECC2CC635FD884E878D6D] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_21866.NLS
[MD5.E45ECA3F540E09C039710EF00219A61B] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_28591.NLS
[MD5.0F8F998263E4C090C9C9B31D84C41654] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_28592.NLS
[MD5.082453B28A3F457FFF330DBDDB32FF45] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_28593.NLS
[MD5.5D038EEABA8EA438F6B5ABD5E91BC851] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_28594.NLS
[MD5.E22D1B9AC7854C0A654E4C4232074E49] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_28595.NLS
[MD5.4D4C7CED88E5621F21A4911A44CADACC] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_28596.NLS
[MD5.B537ACFAB9E70F0EF48DB696A08ADC81] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_28597.NLS
[MD5.BDD5D78F5DB2204A9247C53861357FAF] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_28598.NLS
[MD5.C37A21EE1ADFDC13FC707D97073148ED] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_28599.NLS
[MD5.35448F3A71EBBECF8E997FAD3A99327D] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\c_28603.nls
[MD5.DA11C0F72C41A6B3CA24FB83E52D7043] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_28605.NLS
[MD5.0BD539284D746E022BDA27C1F85A525A] - [04/06/2017 12:09:57] - |A| - [66594] - C:\WINDOWS\system32\C_437.NLS
[MD5.90F5232D99D17AA1BBA3CE2228CF1B2A] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_500.NLS
[MD5.34634240C6034830A8B0BC56CD70CF78] - [04/06/2017 12:10:00] - |A| - [147490] - C:\WINDOWS\system32\C_65001.NLS
[MD5.77F127766D758EB2C6451E221A0C7F7D] - [04/06/2017 12:10:00] - |A| - [66082] - C:\WINDOWS\system32\C_708.NLS
[MD5.C050215D8D21DF5658E94187973FB89C] - [04/06/2017 12:10:02] - |A| - [66594] - C:\WINDOWS\system32\C_720.NLS
[MD5.BAC7072B365F9648CA318154BA7E03EC] - [04/06/2017 12:10:00] - |A| - [66594] - C:\WINDOWS\system32\C_737.NLS
[MD5.0E61D6CD6391CE9BF007BAF0DC905320] - [04/06/2017 12:10:02] - |A| - [66594] - C:\WINDOWS\system32\C_775.NLS
[MD5.CAAF621DC0936CCAC5106EA62F350E80] - [04/06/2017 12:10:02] - |A| - [66594] - C:\WINDOWS\system32\C_850.NLS
[MD5.21E928C8E6ED8EEAB0D1AAEE82ACDD76] - [04/06/2017 12:10:02] - |A| - [66594] - C:\WINDOWS\system32\C_852.NLS
[MD5.3E969213F35127D83DAB48FF1283E8E4] - [04/06/2017 12:10:00] - |A| - [66594] - C:\WINDOWS\system32\C_855.NLS
[MD5.A8764750B22B528D85A691A52CB21856] - [04/06/2017 12:10:00] - |A| - [66594] - C:\WINDOWS\system32\C_857.NLS
[MD5.42518F84AA761C84B4F5F366C6E424F1] - [04/06/2017 12:10:00] - |A| - [66594] - C:\WINDOWS\system32\C_858.NLS
[MD5.B124A84735113A699F0413F1D6875975] - [04/06/2017 12:10:02] - |A| - [66594] - C:\WINDOWS\system32\C_860.NLS
[MD5.DDE3D4D8C117B5A67F7898DA547F0E4E] - [04/06/2017 12:10:02] - |A| - [66594] - C:\WINDOWS\system32\C_861.NLS
[MD5.A99203A3397A9DB352C5D8DFBDA230A8] - [04/06/2017 12:10:02] - |A| - [66594] - C:\WINDOWS\system32\C_862.NLS
[MD5.0220888BDD435156DE91C5D390FE0166] - [04/06/2017 12:10:02] - |A| - [66594] - C:\WINDOWS\system32\C_863.NLS
[MD5.C58563DF50115E935BC811FFBCE1FC89] - [04/06/2017 12:10:02] - |A| - [66594] - C:\WINDOWS\system32\C_864.NLS
[MD5.4091021638E2591CFAED8E1CF9D54E1F] - [04/06/2017 12:10:00] - |A| - [66594] - C:\WINDOWS\system32\C_865.NLS
[MD5.5CD475CA7B87844DE1E0483B536F9AAE] - [04/06/2017 12:10:00] - |A| - [66594] - C:\WINDOWS\system32\C_866.NLS
[MD5.780C444EB16B65E6DE96F794A732DA12] - [04/06/2017 12:10:00] - |A| - [66594] - C:\WINDOWS\system32\C_869.NLS
[MD5.48841546AC3B8698C93991E99851F0CF] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_870.NLS
[MD5.7A0EE54F89FFE0F038660BA580FB4440] - [04/06/2017 12:10:02] - |A| - [66594] - C:\WINDOWS\system32\C_874.NLS
[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\system32\C_875.NLS
[MD5.1955F78D9E7E16099DBABAB36FE3CC3C] - [04/06/2017 12:10:02] - |A| - [162850] - C:\WINDOWS\system32\C_932.NLS
[MD5.17028718996FCBCEEE59F38F2D944281] - [04/06/2017 12:10:00] - |A| - [196642] - C:\WINDOWS\system32\C_936.NLS
[MD5.D2558C26CDBF05740348451DB6A5B955] - [04/06/2017 12:10:00] - |A| - [196642] - C:\WINDOWS\system32\C_949.NLS
[MD5.8557D3EDA30586685DAD701ABA69D0DD] - [04/06/2017 12:10:02] - |A| - [196642] - C:\WINDOWS\system32\C_950.NLS
[MD5.E18CDC735ABF5D0B691AF82E93CB2669] - [04/06/2017 12:10:02] - |A| - [227328] - C:\WINDOWS\system32\C_G18030.DLL
[MD5.C31E708FBC8764B245216C1B87F03251] - [04/06/2017 12:10:02] - |A| - [14848] - C:\WINDOWS\system32\c_GSM7.DLL
[MD5.0DE4B5FC63545EE767B1691E138A856F] - [04/06/2017 12:10:02] - |A| - [17408] - C:\WINDOWS\system32\C_IS2022.DLL
[MD5.FFAA8DACC8660BFBF4A6BFD0E25F23DB] - [04/06/2017 12:10:07] - |A| - [14336] - C:\WINDOWS\system32\C_ISCII.DLL
[MD5.A56AFFB064FC77E64CE01A3AB73077DB] - [04/06/2017 12:09:25] - |A| - [5929472] - C:\WINDOWS\system32\d2d1.dll
[MD5.58797808F0E8514F140B9D83C0699BF7] - [11/06/2017 03:12:29] - |A| - [537600] - C:\WINDOWS\system32\d2d1debug3.dll
[MD5.319122F51D4BDEDD8626EC6792F25B44] - [04/06/2017 12:10:00] - |A| - [1210880] - C:\WINDOWS\system32\d3d10.dll
[MD5.A21997EFFBC22F297E81C6D45445E53A] - [04/06/2017 12:10:00] - |A| - [318976] - C:\WINDOWS\system32\d3d10core.dll
[MD5.7C48BB077AE107B65B7BB3A0A71047EF] - [04/06/2017 12:09:29] - |A| - [373992] - C:\WINDOWS\system32\d3d10level9.dll
[MD5.88BFF2F9FD0536D2880AC3532D7EED28] - [04/06/2017 12:09:25] - |A| - [7803856] - C:\WINDOWS\system32\d3d10warp.dll
[MD5.10FF956836628B807ED125FB7156C2C1] - [04/06/2017 12:10:00] - |A| - [178688] - C:\WINDOWS\system32\d3d10_1.dll
[MD5.19C04367F92DF2CD5E4F0A1AEA1ADE75] - [04/06/2017 12:10:00] - |A| - [357888] - C:\WINDOWS\system32\d3d10_1core.dll
[MD5.5B70EE8F8E184AEB87E5D8C7E6B52F46] - [04/06/2017 12:09:29] - |A| - [2966328] - C:\WINDOWS\system32\d3d11.dll
[MD5.73F1B045699CE9A75908605D44F3CBCD] - [11/06/2017 03:12:29] - |A| - [1312256] - C:\WINDOWS\system32\d3d11_3SDKLayers.dll
[MD5.A5B014617E21F4126C28E163620FA3B1] - [04/06/2017 12:09:29] - |A| - [1310968] - C:\WINDOWS\system32\D3D12.dll
[MD5.DC9A8450E939D009F8CCCE254B66BEC0] - [11/06/2017 03:12:29] - |A| - [2726400] - C:\WINDOWS\system32\d3d12SDKLayers.dll
[MD5.B84E1605331ABA4BD8291EE056B34E9D] - [04/06/2017 12:10:00] - |A| - [13824] - C:\WINDOWS\system32\d3d8thk.dll
[MD5.844A19990981D7339F14D247E616D778] - [04/06/2017 12:10:00] - |A| - [1635240] - C:\WINDOWS\system32\d3d9.dll
[MD5.B49FBA2EA633C466A991387CCBDBC2E7] - [04/06/2017 12:09:29] - |A| - [764416] - C:\WINDOWS\system32\d3d9on12.dll
[MD5.E8A0D835B6A10FA2E652555B1028D0DD] - [04/06/2017 12:09:30] - |A| - [4296192] - C:\WINDOWS\system32\D3DCompiler_47.dll
[MD5.9B48EDB16D276B1B1396E40185B530D1] - [04/06/2017 12:09:29] - |A| - [140288] - C:\WINDOWS\system32\D3DSCache.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [307200] - C:\WINDOWS\system32\da-DK
[MD5.F025D0FF3BEC50431435EB5AB4579C88] - [04/06/2017 12:10:00] - |A| - [109056] - C:\WINDOWS\system32\dab.dll
[MD5.FB55EC0D26C9D32EFED45CA616358005] - [04/06/2017 12:10:00] - |A| - [14336] - C:\WINDOWS\system32\dabapi.dll
[MD5.98D11D1C7CA8C7D3E5268FA59975ACAE] - [04/06/2017 12:10:00] - |A| - [53760] - C:\WINDOWS\system32\DAConn.dll
[MD5.B00E7CEAD435FDA88899E890F50FB0BE] - [04/06/2017 12:10:49] - |A| - [124416] - C:\WINDOWS\system32\dafAspInfraProvider.dll
[MD5.28B5DFD7C6B6059D6A8E83BBF892A8AB] - [04/06/2017 12:09:34] - |A| - [266240] - C:\WINDOWS\system32\dafBth.dll
[MD5.1A0A38403DFE09E5821797A8BC887E90] - [04/06/2017 12:09:25] - |A| - [46080] - C:\WINDOWS\system32\DafDnsSd.dll
[MD5.5B9B412AD9BBE11B065F7E0B8E8861C8] - [04/06/2017 12:10:02] - |A| - [133632] - C:\WINDOWS\system32\dafDockingProvider.dll
[MD5.72406747AE485EB8B7859C9CD0E37546] - [04/06/2017 12:09:34] - |A| - [69632] - C:\WINDOWS\system32\DafGip.dll
[MD5.ACDF9756F2A4BF2E34AA8F33844017F1] - [04/06/2017 12:09:25] - |A| - [225792] - C:\WINDOWS\system32\DAFIoT.dll
[MD5.D09156A0202E8412CD3F48005D7B6D49] - [04/06/2017 12:10:29] - |A| - [171520] - C:\WINDOWS\system32\DAFIPP.dll
[MD5.78C2B077E77219E415BAF950A4AA7194] - [04/06/2017 12:09:29] - |A| - [266752] - C:\WINDOWS\system32\dafpos.dll
[MD5.0F8A0E6C906CD1CC2C27B9D995683431] - [04/06/2017 12:10:29] - |A| - [118784] - C:\WINDOWS\system32\DafPrintProvider.dll
[MD5.64DEC8CADBCEE0DA6CAC240655FF8072] - [04/06/2017 12:09:42] - |A| - [182784] - C:\WINDOWS\system32\dafupnp.dll
[MD5.6D46628E4967A15D9C6BCD5D6D4238C6] - [04/06/2017 12:08:57] - |A| - [114176] - C:\WINDOWS\system32\dafWCN.dll
[MD5.A92AAADF5955DF5C112FF55116B39B23] - [04/06/2017 12:10:50] - |A| - [342528] - C:\WINDOWS\system32\dafWfdProvider.dll
[MD5.4544AF0DAACCB48CB744EFA8C48582EE] - [04/06/2017 12:09:21] - |A| - [117248] - C:\WINDOWS\system32\DAFWiProv.dll
[MD5.796B3E86C1DD96B2CD2FBA881D1D13D8] - [04/06/2017 12:09:37] - |A| - [251904] - C:\WINDOWS\system32\DAFWSD.dll
[MD5.12CF829B9B94E1CFD5A5399AB0F3BF17] - [04/06/2017 12:09:43] - |A| - [137216] - C:\WINDOWS\system32\DAMediaManager.dll
[MD5.CA212DAD10B6B5A865E6BC787829A62E] - [04/06/2017 12:10:02] - |A| - [123392] - C:\WINDOWS\system32\DAMM.dll
[MD5.6F878DECB27F79B2C7EBC3483D741799] - [04/06/2017 12:10:24] - |A| - [320512] - C:\WINDOWS\system32\DaOtpCredentialProvider.dll
[MD5.7F12657AA7005482A42BCCA97B40FC9B] - [04/06/2017 12:09:37] - |A| - [457728] - C:\WINDOWS\system32\das.dll
[MD5.4DDBA63C3F41BAFB8FDB4B99A908766B] - [04/06/2017 12:09:37] - |A| - [93696] - C:\WINDOWS\system32\dasHost.exe
[MD5.11CA19CD1F9F94EEDD3285689957E169] - [04/06/2017 12:09:47] - |A| - [45568] - C:\WINDOWS\system32\dataclen.dll
[MD5.4A6A31E4EF4423E32C73A8934367240C] - [04/06/2017 12:09:22] - |A| - [276992] - C:\WINDOWS\system32\DataExchange.dll
[MD5.CB521943A629948E4993D4F56BFF03D2] - [04/06/2017 12:10:00] - |A| - [198992] - C:\WINDOWS\system32\DataExchangeHost.exe
[MD5.66C5451B3ED99C95F4A7642885D5A52D] - [04/06/2017 12:11:30] - |A| - [150016] - C:\WINDOWS\system32\datamarketsvc.dll
[MD5.5786FA8D2EA889A83B35F3CF31DDA681] - [04/06/2017 12:09:49] - |A| - [92672] - C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
[MD5.1093D4D9992933353CC349867E075D00] - [04/06/2017 12:09:18] - |A| - [333824] - C:\WINDOWS\system32\DataUsageHandlers.dll
[MD5.1490F464360E2A461F6267E7CE56057F] - [04/06/2017 12:09:18] - |A| - [138752] - C:\WINDOWS\system32\DataUsageLiveTileTask.exe
[MD5.D120EDA3B8C9A53D426FA1071AEFDA47] - [04/06/2017 12:10:24] - |A| - [33792] - C:\WINDOWS\system32\datusage.dll
[MD5.395403092BD75259C6FE5908EA70D7B1] - [04/06/2017 12:10:47] - |A| - [96768] - C:\WINDOWS\system32\davclnt.dll
[MD5.7B13E0D6662771E502D394EFC3A62EFE] - [04/06/2017 12:10:32] - |A| - [26624] - C:\WINDOWS\system32\davhlpr.dll
[MD5.E561C7C4BB326639AB4ECC92E7154B17] - [05/06/2017 08:59:13] - |A| - [404480] - C:\WINDOWS\system32\DavSyncProvider.dll
[MD5.B01A65547982EC61CF49EC127640CFC0] - [04/06/2017 12:09:37] - |A| - [485376] - C:\WINDOWS\system32\daxexec.dll
[MD5.BAE31B0DFE2CF95133887E11BA6169C8] - [04/06/2017 12:09:55] - |A| - [147968] - C:\WINDOWS\system32\dbgcore.dll
[MD5.181BDAD83BA9210628D9ABE06F2CA722] - [04/06/2017 12:09:57] - |A| - [5749248] - C:\WINDOWS\system32\dbgeng.dll
[MD5.02B5984C19774F3F9CF8372B562275DA] - [04/06/2017 12:09:55] - |A| - [1611776] - C:\WINDOWS\system32\dbghelp.dll
[MD5.28EE7A54325E46876B54AD5C285675C5] - [04/06/2017 12:09:57] - |A| - [662016] - C:\WINDOWS\system32\DbgModel.dll
[MD5.E86B2F7864820DE2AE554354BF20B060] - [04/06/2017 12:10:13] - |A| - [116736] - C:\WINDOWS\system32\dbnetlib.dll
[MD5.36082E8B2F160C02F5D0B4B44B3F5790] - [04/06/2017 12:10:13] - |A| - [24064] - C:\WINDOWS\system32\dbnmpntw.dll
[MD5.D4AD30F6E7A66C76A6DE85FBDAD15D94] - [04/06/2017 12:08:58] - |A| - [655872] - C:\WINDOWS\system32\dccw.exe
[MD5.ACD064B7839788D01A66CF0693FA2D19] - [04/06/2017 12:10:00] - |A| - [14336] - C:\WINDOWS\system32\dciman32.dll
[MD5.58EC1A535A4E0EF826A56BF4D44F18F4] - [04/06/2017 12:09:57] - |A| - [414544] - C:\WINDOWS\system32\dcntel.dll
[MD5.488DCA944A254588F3ED875E3F268415] - [04/06/2017 12:09:55] - |A| - [11776] - C:\WINDOWS\system32\dcomcnfg.exe
[MD5.472D0E261876F7FC4CD3F6EC294FB74B] - [04/06/2017 12:09:55] - |A| - [1307312] - C:\WINDOWS\system32\dcomp.dll
[MD5.A4AF9952F2AF5721B6E55A429E8EED54] - [04/06/2017 12:09:47] - |A| - [23888] - C:\WINDOWS\system32\DDACLSys.dll
[MD5.903B72FC6D474BC7E5065213AB6AD2D4] - [04/06/2017 12:10:47] - |A| - [40448] - C:\WINDOWS\system32\DdcComImplementations.dll
[MD5.62DF577B057969E6510A311A9A81D906] - [04/06/2017 12:10:16] - |A| - [467456] - C:\WINDOWS\system32\DDDS.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [208521] - C:\WINDOWS\system32\DDFs
[MD5.41AA29DEE02BF5EB5017CDC1472A6D4C] - [04/06/2017 12:09:29] - |A| - [129536] - C:\WINDOWS\system32\ddisplay.dll
[MD5.66F8666AF9E6033BA559AD2A852FD7C4] - [04/06/2017 12:10:00] - |A| - [37888] - C:\WINDOWS\system32\ddodiag.exe
[MD5.B22CD6D5CF7F667CF15563FF37A9AF98] - [04/06/2017 12:10:02] - |A| - [31232] - C:\WINDOWS\system32\DDOIProxy.dll
[MD5.7EA6A925CC2F81417B29AD05E0407D58] - [04/06/2017 12:10:00] - |A| - [15597320] - C:\WINDOWS\system32\DDORes.dll
[MD5.2C164EE566231B21ACD76FD2B3413792] - [04/06/2017 12:11:49] - |A| - [229376] - C:\WINDOWS\system32\ddpchunk.dll
[MD5.DA9B4C2900A63E5189CE2AE13A64AF43] - [04/06/2017 12:11:49] - |A| - [137728] - C:\WINDOWS\system32\ddptrace.dll
[MD5.901A05D6246A846B04481D7569DF31A5] - [04/06/2017 12:11:49] - |A| - [285696] - C:\WINDOWS\system32\ddputils.dll
[MD5.7D816E720A3F11DED07FBD20940EA620] - [04/06/2017 12:11:49] - |A| - [66560] - C:\WINDOWS\system32\ddp_ps.dll
[MD5.1FF52E3F075FD881829EA4E82365984D] - [04/06/2017 12:10:00] - |A| - [556032] - C:\WINDOWS\system32\ddraw.dll
[MD5.BB3FB08C7B4FC59A4FC355A33CA9C15D] - [04/06/2017 12:10:00] - |A| - [47104] - C:\WINDOWS\system32\ddrawex.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |D| - [347136] - C:\WINDOWS\system32\de-DE
[MD5.58E58E71B9E2A73F6B87BD9FA863DA71] - [04/06/2017 12:10:00] - |A| - [16552] - C:\WINDOWS\system32\DefaultDeviceManager.dll
[MD5.618BA9E529EAB7E11DBA43469481835F] - [04/06/2017 12:09:18] - |A| - [4227116] - C:\WINDOWS\system32\DefaultHrtfs.bin
[MD5.3F2D32217DDB6AC4FADC421AA896FD20] - [04/06/2017 12:10:00] - |A| - [26112] - C:\WINDOWS\system32\DefaultPrinterProvider.dll
[MD5.664AA698FC0106A2B075A641E8DC6302] - [04/06/2017 12:17:10] - |A| - [858] - C:\WINDOWS\system32\DefaultQuestions.json
[MD5.7774AEB049B1DB33ECC8978623A44CBF] - [04/06/2017 12:10:00] - |A| - [185856] - C:\WINDOWS\system32\Defrag.exe
[MD5.DF9E17CBC59207F3A473DF01F5460B7A] - [04/06/2017 12:10:00] - |A| - [19968] - C:\WINDOWS\system32\defragproxy.dll
[MD5.B92503557CC3BD018F2B2FB179CA1E23] - [04/06/2017 12:10:00] - |A| - [4096] - C:\WINDOWS\system32\defragres.dll
[MD5.E96D3D730B9E4195E28340DCFE65AAB0] - [04/06/2017 12:10:00] - |A| - [535552] - C:\WINDOWS\system32\defragsvc.dll
[MD5.ABCFAF17FF65AD5F9253C5CC2318F735] - [04/06/2017 12:09:37] - |A| - [28672] - C:\WINDOWS\system32\delegatorprovider.dll
[MD5.9E4BC1FD4FDCD6EC9DB0174E67190533] - [04/06/2017 12:10:38] - |A| - [167936] - C:\WINDOWS\system32\desk.cpl
[MD5.BCDA3D405FC0441616EB240B02FA0C2E] - [04/06/2017 12:10:00] - |A| - [50176] - C:\WINDOWS\system32\deskadp.dll
[MD5.D547EC054B2265A2E238B6520B7ED199] - [04/06/2017 12:10:36] - |A| - [48640] - C:\WINDOWS\system32\deskmon.dll
[MD5.1428742AEE507E1E88B4E5C11761F7AE] - [04/06/2017 12:09:42] - |A| - [74752] - C:\WINDOWS\system32\desktopimgdownldr.exe
[MD5.AD025DF763E6D2EDDD3ED08559E9E178] - [04/06/2017 12:09:37] - |A| - [99328] - C:\WINDOWS\system32\DesktopShellExt.dll
[MD5.837BB7D903FB9E841270DF48BB3F57EA] - [04/06/2017 12:09:25] - |A| - [111112] - C:\WINDOWS\system32\DevDispItemProvider.dll
[MD5.B2DEBC6F2D3961C2A94EBD31AA204F4F] - [04/06/2017 12:10:24] - |A| - [309760] - C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
[MD5.11369E18037A9D4365DF2A74286CAA43] - [04/06/2017 12:09:17] - |A| - [87312] - C:\WINDOWS\system32\devenum.dll
[MD5.53B063D93703A1F6A02E8F9320A6B9D2] - [04/06/2017 12:09:22] - |A| - [343552] - C:\WINDOWS\system32\deviceaccess.dll
[MD5.C47DFF24105E6B7ED711E4D0C42C5E91] - [04/06/2017 12:09:37] - |A| - [56376] - C:\WINDOWS\system32\deviceassociation.dll
[MD5.8A84C4955A63CE6CEE2D7577FD32676E] - [04/06/2017 12:09:57] - |A| - [30544] - C:\WINDOWS\system32\DeviceCensus.exe
[MD5.2E7D135BBD92F0D04B70CD6AE660E084] - [04/06/2017 12:10:02] - |A| - [437248] - C:\WINDOWS\system32\DeviceCenter.dll
[MD5.E70A56D55A5A8D4E0D8DD57EB4E19D6A] - [04/06/2017 12:09:25] - |A| - [66048] - C:\WINDOWS\system32\DeviceCredential.dll
[MD5.D266107817524AE201AB6BB7E34CBF77] - [04/06/2017 12:09:37] - |A| - [76288] - C:\WINDOWS\system32\DeviceCredentialDeployment.exe
[MD5.BC61B8F972C75FBE25BC11BADCC62625] - [04/06/2017 12:10:47] - |A| - [311296] - C:\WINDOWS\system32\DeviceDirectoryClient.dll
[MD5.38DA51B18B5798A17D8DA5B78C576123] - [04/06/2017 12:10:00] - |A| - [36864] - C:\WINDOWS\system32\DeviceDisplayStatusManager.dll
[MD5.1BD49ECE53131572C90A06A803F31E2E] - [04/06/2017 12:10:00] - |A| - [46592] - C:\WINDOWS\system32\DeviceDriverRetrievalClient.dll
[MD5.A20AF3A36D8384C288E6A07E3691C4B0] - [04/06/2017 12:10:24] - |A| - [27136] - C:\WINDOWS\system32\DeviceEject.exe
[MD5.F72047509BCA76CB6E1C216EDE3CC2A5] - [04/06/2017 12:09:58] - |A| - [126464] - C:\WINDOWS\system32\DeviceElementSource.dll
[MD5.0F5BAD527F770043316E20435589BDE4] - [04/06/2017 12:09:37] - |A| - [330240] - C:\WINDOWS\system32\DeviceEnroller.exe
[MD5.709BA4CA3A96931386BB03D34FF81116] - [04/06/2017 12:09:47] - |A| - [2394624] - C:\WINDOWS\system32\DeviceFlows.DataModel.dll
[MD5.F74FBB14B26AF7FF23278A0B4F97E1C2] - [04/06/2017 12:10:00] - |A| - [133632] - C:\WINDOWS\system32\DeviceMetadataRetrievalClient.dll
[MD5.75C5AFFE3395800FB040131689B757FB] - [04/06/2017 12:09:25] - |A| - [220160] - C:\WINDOWS\system32\devicengccredprov.dll
[MD5.9FBBD093891597E2D1D350EEA6D4E247] - [04/06/2017 12:10:02] - |A| - [566272] - C:\WINDOWS\system32\DevicePairing.dll
[MD5.211B65032B9B69BD4FF0B7961A74B363] - [04/06/2017 12:09:58] - |A| - [214016] - C:\WINDOWS\system32\DevicePairingFolder.dll
[MD5.09CC6D9C3A274BF561243849F548D318] - [04/06/2017 12:10:02] - |A| - [28672] - C:\WINDOWS\system32\DevicePairingProxy.dll
[MD5.E774F1834A8BFDC738811FDE248E1840] - [04/06/2017 12:10:02] - |A| - [92672] - C:\WINDOWS\system32\DevicePairingWizard.exe
[MD5.FB49A33F239EC2EFC47FD3B01AC67EF3] - [04/06/2017 12:10:00] - |A| - [94720] - C:\WINDOWS\system32\DeviceProperties.exe
[MD5.642BE243AB8110D7D36BDDD0DFAF24CA] - [04/06/2017 12:10:36] - |A| - [94544] - C:\WINDOWS\system32\DeviceReactivation.dll
[MD5.4F6283BD69BF80D624CE4237CCA61082] - [04/06/2017 12:10:49] - |A| - [226816] - C:\WINDOWS\system32\deviceregistration.dll
[MD5.4ABF9828AD402EC98F818BE1E4A36672] - [04/06/2017 12:09:25] - |A| - [237568] - C:\WINDOWS\system32\DeviceSetupManager.dll
[MD5.166C67912C0AEB7F9F2FF0AAC60128CB] - [04/06/2017 12:10:02] - |A| - [128512] - C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
[MD5.CBF9A28EA9A8BB55683DA2AC61600669] - [04/06/2017 12:10:00] - |A| - [35840] - C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
[MD5.A88ADC2F76FCCB1CE4303C87D2F28391] - [04/06/2017 12:09:47] - |A| - [694272] - C:\WINDOWS\system32\DevicesFlowBroker.dll
[MD5.416375F9C487D2B5D3B4FF64C71A68FB] - [04/06/2017 12:10:00] - |A| - [46080] - C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
[MD5.8FE6223B682D62F975786748194469C7] - [04/06/2017 12:10:24] - |A| - [65536] - C:\WINDOWS\system32\DeviceUpdateAgent.dll
[MD5.CA7809903B9122FCA5636B7E62F19340] - [04/06/2017 12:10:00] - |A| - [13312] - C:\WINDOWS\system32\DeviceUxRes.dll
[MD5.1BB4C28710F60C22A6F52BA13182FEA1] - [04/06/2017 12:09:47] - |A| - [595280] - C:\WINDOWS\system32\devinv.dll
[MD5.383A3B36999FABD8DCA7691B38713C40] - [04/06/2017 12:10:27] - |A| - [145622] - C:\WINDOWS\system32\devmgmt.msc
[MD5.3A2B6C9678B9C3C0DE43AF5C5ED8E698] - [04/06/2017 12:10:27] - |A| - [806400] - C:\WINDOWS\system32\devmgr.dll
[MD5.A99DE223E49E2253426D3DF4746437EC] - [04/06/2017 12:10:24] - |A| - [13091] - C:\WINDOWS\system32\DevModeRunAsUserConfig.msc
[MD5.7CD60D9335A366A5CDBF76D4220B306C] - [04/06/2017 12:09:55] - |A| - [146728] - C:\WINDOWS\system32\devobj.dll
[MD5.2375E1FC17FEE37CCA70C9EE0E952E05] - [04/06/2017 12:09:24] - |A| - [123392] - C:\WINDOWS\system32\DevPropMgr.dll
[MD5.81CFE7714BEF4277AAECB68CE758F280] - [04/06/2017 12:09:34] - |A| - [33792] - C:\WINDOWS\system32\DevQueryBroker.dll
[MD5.5EB861F2A9ECBB69A74F84C1998F12B4] - [04/06/2017 12:09:55] - |A| - [58368] - C:\WINDOWS\system32\devrtl.dll
[MD5.DADDA50A5ECE62C0304F5D8D9C68E359] - [04/06/2017 12:11:37] - |A| - [45056] - C:\WINDOWS\system32\dfdts.dll
[MD5.0AE4A172D9320973A65F44C61CA8236E] - [04/06/2017 12:11:37] - |A| - [51712] - C:\WINDOWS\system32\DFDWiz.exe
[MD5.1F4AAE68E18B4169C03FA3A6DEFD6462] - [04/06/2017 12:10:00] - |A| - [575488] - C:\WINDOWS\system32\dfrgui.exe
[MD5.53C08407783F8CF6C6D386724CC1B3AD] - [04/06/2017 12:09:55] - |A| - [63488] - C:\WINDOWS\system32\dfscli.dll
[MD5.26FEF1511C25DEE7922686E72F14933D] - [04/06/2017 12:09:04] - |A| - [1555456] - C:\WINDOWS\system32\dfshim.dll
[MD5.E8743CD065EAEED8879EBEAE37D8BD59] - [04/06/2017 12:10:27] - |A| - [66048] - C:\WINDOWS\system32\DfsShlEx.dll
[MD5.BD3D2AABC6393D03E911883A9DEF1C94] - [04/06/2017 12:11:53] - |A| - [79360] - C:\WINDOWS\system32\dggpext.dll
[MD5.8C488605562D988CECCE9C9CD37E1276] - [04/06/2017 12:10:00] - |A| - [14336] - C:\WINDOWS\system32\dhcpcmonitor.dll
[MD5.1B6521917959EFE1C2AE06C03E26FBF2] - [04/06/2017 12:09:55] - |A| - [364544] - C:\WINDOWS\system32\dhcpcore.dll
[MD5.4F6162DF8C69E7C1BFDFE9011F0C939F] - [04/06/2017 12:09:55] - |A| - [289792] - C:\WINDOWS\system32\dhcpcore6.dll
[MD5.9A4BBEB36B4570DB640CD8D41860A423] - [04/06/2017 12:09:55] - |A| - [84992] - C:\WINDOWS\system32\dhcpcsvc.dll
[MD5.25AABCC9181FB62824503199C5877D71] - [04/06/2017 12:09:55] - |A| - [67072] - C:\WINDOWS\system32\dhcpcsvc6.dll
[MD5.99353DA5B30EE773E414BC715E36ECE7] - [04/06/2017 12:10:00] - |A| - [217088] - C:\WINDOWS\system32\dhcpsapi.dll
[MD5.D437996ABD14606BB10BAAFB943EAEF4] - [04/06/2017 12:11:39] - |A| - [5637120] - C:\WINDOWS\system32\DHolographicDisplay.dll
[MD5.F61D5D456BAB4B4BA27309356BED7324] - [04/06/2017 12:10:40] - |A| - [1049600] - C:\WINDOWS\system32\DiagCpl.dll
[MD5.B8A712F56AFF79E4AA2214F78AC63A50] - [04/06/2017 12:09:37] - |A| - [299520] - C:\WINDOWS\system32\DiagnosticLogCSP.dll
[MD5.F72079E6E1F69F4561626146309CE790] - [04/06/2017 12:09:21] - |A| - [46080] - C:\WINDOWS\system32\DiagnosticsInvoker.dll
[MD5.07186DFA1D77F4B528324B0F9BA5561E] - [04/06/2017 12:09:18] - |A| - [1342976] - C:\WINDOWS\system32\diagperf.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:03] - |SD| - [885248] - C:\WINDOWS\system32\DiagSvcs
[MD5.8E26DC0277AFCF4FCFCEC583E2477E92] - [04/06/2017 12:09:57] - |A| - [2760192] - C:\WINDOWS\system32\diagtrack.dll
[MD5.2079D6076D34F536B7801964CEBC47CD] - [04/06/2017 12:09:52] - |A| - [240640] - C:\WINDOWS\system32\dialclient.dll
[MD5.77E4D0B48D215D5650FB30CB9D24B411] - [04/06/2017 12:10:33] - |A| - [37376] - C:\WINDOWS\system32\dialer.exe
[MD5.7D7C537C4D29B10B6CB22926BCF4C764] - [04/06/2017 12:09:52] - |A| - [180224] - C:\WINDOWS\system32\dialserver.dll
[MD5.9DCC5E4D3C1B2B9AE155C2A6B0831AB8] - [04/06/2017 12:09:42] - |A| - [467456] - C:\WINDOWS\system32\DictationManager.dll
[MD5.2B9A518091814AEA0F25C8588D6E3B9D] - [04/06/2017 12:10:24] - |A| - [368128] - C:\WINDOWS\system32\difxapi.dll
[MD5.AF7EDA27524C0A153B83BE0B56E8AAE4] - [04/06/2017 12:10:02] - |A| - [43520] - C:\WINDOWS\system32\dimsjob.dll
[MD5.519F48D4065D783599E19B7FC129CFBC] - [04/06/2017 12:10:00] - |A| - [46592] - C:\WINDOWS\system32\dimsroam.dll
[MD5.BF0E2319236BDC8997E387B43CAEBF28] - [04/06/2017 12:10:02] - |A| - [165376] - C:\WINDOWS\system32\dinput.dll
[MD5.F04579EAB3B4909F7640E5E654C4062D] - [04/06/2017 12:10:02] - |A| - [217088] - C:\WINDOWS\system32\dinput8.dll
[MD5.39028BB8B282B2F7A9B4C436C0EBCA1A] - [04/06/2017 12:09:34] - |A| - [24576] - C:\WINDOWS\system32\Direct2DDesktop.dll
[MD5.0BA73641C0B734F8A7B50A243AA4A78C] - [04/06/2017 12:09:24] - |A| - [580112] - C:\WINDOWS\system32\directmanipulation.dll
[MD5.F4F61D401EA58637BF7A340B21E2C200] - [04/06/2017 12:09:17] - |A| - [249856] - C:\WINDOWS\system32\discan.dll
[MD5.E343F7FD42210043208A295CBD6E251C] - [04/06/2017 12:10:42] - |A| - [47682] - C:\WINDOWS\system32\diskmgmt.msc
[MD5.CBC226E9214B98DC9D3BAD014A4AF64D] - [04/06/2017 12:10:42] - |A| - [155648] - C:\WINDOWS\system32\diskpart.exe
[MD5.CBC79739FC4F47B01356A95ACA0718FC] - [04/06/2017 12:10:27] - |A| - [24576] - C:\WINDOWS\system32\diskperf.exe
[MD5.5DA1C385A584CAE33C7B2534FB7C7901] - [04/06/2017 12:10:42] - |A| - [335360] - C:\WINDOWS\system32\diskraid.exe
[MD5.706F32A0D5E6B92B7E7167AFD3DA8AB1] - [04/06/2017 12:10:00] - |A| - [92932] - C:\WINDOWS\system32\DiskSnapshot.conf
[MD5.44778C2D44F8E67AEB15077F1C03DED0] - [04/06/2017 12:10:00] - |A| - [87040] - C:\WINDOWS\system32\DiskSnapshot.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 10:16:46] - |D| - [8854224] - C:\WINDOWS\system32\Dism
[MD5.CD30E5325B20A85E514A5BF4027120B0] - [04/06/2017 12:10:06] - |A| - [294224] - C:\WINDOWS\system32\Dism.exe
[MD5.589396D1DCAC949A5F188C31075196A5] - [04/06/2017 12:10:02] - |A| - [964944] - C:\WINDOWS\system32\DismApi.dll
[MD5.7234C847586D83F50B3A9E9E710AA449] - [04/06/2017 12:09:25] - |A| - [55808] - C:\WINDOWS\system32\DispBroker.dll
[MD5.19A7189E9DA78921DAAAE6A720416F1E] - [04/06/2017 12:10:00] - |A| - [129536] - C:\WINDOWS\system32\dispdiag.exe
[MD5.FD1262F4222F6F88E42BA188B2E56F13] - [04/06/2017 12:10:32] - |A| - [28672] - C:\WINDOWS\system32\dispex.dll
[MD5.D6B2B24185F94884A4C5EAAED3FA3C40] - [04/06/2017 12:10:00] - |A| - [152064] - C:\WINDOWS\system32\Display.dll
[MD5.C837066570E100822D6F88A40ACAD523] - [04/06/2017 12:09:22] - |A| - [183296] - C:\WINDOWS\system32\DisplayManager.dll
[MD5.670DD3D845833264585D094F4F51917D] - [04/06/2017 12:09:58] - |A| - [1926048] - C:\WINDOWS\system32\DisplaySwitch.exe
[MD5.8F319667C8553DF926EC99E824B7B4AF] - [04/06/2017 12:10:47] - |A| - [15360] - C:\WINDOWS\system32\djctq.rs
[MD5.64D6D338D5E7FA4423DD7EE9110A150A] - [04/06/2017 12:10:24] - |A| - [72192] - C:\WINDOWS\system32\djoin.exe
[MD5.CC8F16966F69F945F434339850D91315] - [04/06/2017 12:09:57] - |A| - [16720] - C:\WINDOWS\system32\dllhost.exe
[MD5.6FA93F4AA42EC282C1A020040B68166E] - [04/06/2017 12:09:54] - |A| - [12288] - C:\WINDOWS\system32\dllhst3g.exe
[MD5.8FF6D181FC48154262536CD6BC19A605] - [04/06/2017 12:09:04] - |A| - [286208] - C:\WINDOWS\system32\dlnashext.dll
[MD5.77995A7EB33EC7D0B3BEA38314B30885] - [04/06/2017 12:09:34] - |A| - [10752] - C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
[MD5.970425A288C24A8D4D449AA37C93B80F] - [04/06/2017 12:10:47] - |A| - [58880] - C:\WINDOWS\system32\DmApiSetExtImplDesktop.dll
[MD5.8A334112353B77847615A0377235DC00] - [04/06/2017 12:09:37] - |A| - [2560] - C:\WINDOWS\system32\DMAppsRes.dll
[MD5.190B7E61FA2E41DC7DFAD27B7A5F746D] - [04/06/2017 12:09:37] - |A| - [163328] - C:\WINDOWS\system32\dmcertinst.exe
[MD5.1BD9746BD12CDCDA9D97A307A40AC7DF] - [04/06/2017 12:09:34] - |A| - [38400] - C:\WINDOWS\system32\dmcfghost.exe
[MD5.A0DC5139104A2DBCB88447E559AC0FC3] - [04/06/2017 12:09:34] - |A| - [106496] - C:\WINDOWS\system32\dmcfgutils.dll
[MD5.F961176B4719DDB0339DE21EB4C52BF5] - [04/06/2017 12:10:49] - |A| - [91648] - C:\WINDOWS\system32\dmclient.exe
[MD5.138D64A91B0A67B2756D3A24346A8176] - [04/06/2017 12:09:37] - |A| - [120368] - C:\WINDOWS\system32\dmcmnutils.dll
[MD5.E761BCB8D2F6681B35790C98B089E611] - [04/06/2017 12:09:37] - |A| - [14848] - C:\WINDOWS\system32\dmcommandlineutils.dll
[MD5.9F2BBDBF91D11FC8A68C538EA9864664] - [04/06/2017 12:09:34] - |A| - [144384] - C:\WINDOWS\system32\dmcsps.dll
[MD5.287EBA07FE0222CE89CB640D08CB0EE3] - [04/06/2017 12:10:42] - |A| - [466432] - C:\WINDOWS\system32\dmdlgs.dll
[MD5.6FAFF034C4EB372FC6A474BB1EFE7081] - [04/06/2017 12:10:44] - |A| - [267776] - C:\WINDOWS\system32\dmdskmgr.dll
[MD5.DB1E9964D8930E93C76CB0177314FB3D] - [04/06/2017 12:10:42] - |A| - [1064960] - C:\WINDOWS\system32\dmdskres.dll
[MD5.8594CF1CA3A5F997FE20B8346EEB5BE6] - [04/06/2017 12:10:42] - |A| - [2560] - C:\WINDOWS\system32\dmdskres2.dll
[MD5.864A0CC392F93388020E800A3C22A5EE] - [04/06/2017 12:09:37] - |A| - [498688] - C:\WINDOWS\system32\dmenrollengine.dll
[MD5.A9BBAC91B4D63A94FC870CCD8F09717B] - [04/06/2017 12:09:34] - |A| - [290304] - C:\WINDOWS\system32\dmenterprisediagnostics.dll
[MD5.E43AA55C8630AD47686552BAE54DFD78] - [04/06/2017 12:10:42] - |A| - [56320] - C:\WINDOWS\system32\dmintf.dll
[MD5.2AD49B5CF896B3E6B612CC961199F5CF] - [04/06/2017 12:09:34] - |A| - [14848] - C:\WINDOWS\system32\dmiso8601utils.dll
[MD5.D6B54A60EB5B1EFD8B6CF276211B287D] - [04/06/2017 12:10:00] - |A| - [49152] - C:\WINDOWS\system32\dmloader.dll
[MD5.A12CECB4BA70A22D8B283CC6E22A53A7] - [04/06/2017 12:10:47] - |A| - [31744] - C:\WINDOWS\system32\DmNotificationBroker.exe
[MD5.2A157A355B9144FB119154B1C95A8B4C] - [04/06/2017 12:10:27] - |A| - [51200] - C:\WINDOWS\system32\dmocx.dll
[MD5.797BFD0E14A334A2883C9F49B0B42F14] - [04/06/2017 12:09:37] - |A| - [27136] - C:\WINDOWS\system32\dmoleaututils.dll
[MD5.B6F16523F2D49D7D907BD4F59719DD68] - [04/06/2017 12:09:37] - |A| - [34816] - C:\WINDOWS\system32\DmOmaCpMo.exe
[MD5.BE649A271513860059A7AAB73D3405CF] - [04/06/2017 12:09:37] - |A| - [32768] - C:\WINDOWS\system32\dmprocessxmlfiltered.dll
[MD5.C7069F443D71834DA31F0B242CDC43B2] - [04/06/2017 12:09:37] - |A| - [17920] - C:\WINDOWS\system32\dmpushproxy.dll
[MD5.6D51A8A29B80F71E1BBF69B949BEDFD4] - [04/06/2017 12:09:37] - |A| - [145408] - C:\WINDOWS\system32\DMPushRouterCore.dll
[MD5.2C41092EE08370ACB493D6A75B4DDA6D] - [04/06/2017 12:09:04] - |A| - [511880] - C:\WINDOWS\system32\DMRServer.dll
[MD5.2E4F6054D860EC4DD733AC491F252609] - [04/06/2017 12:10:00] - |A| - [114176] - C:\WINDOWS\system32\dmsynth.dll
[MD5.45837E4DA1540A1660FD8C35675EA9C0] - [04/06/2017 12:10:00] - |A| - [129536] - C:\WINDOWS\system32\dmusic.dll
[MD5.9EAFE18FF73A7D85E27BBB6E7F164E3D] - [04/06/2017 12:10:42] - |A| - [26112] - C:\WINDOWS\system32\dmutil.dll
[MD5.C00BD968F3542AE45B73B9583BEF787B] - [04/06/2017 12:10:44] - |A| - [179200] - C:\WINDOWS\system32\dmvdsitf.dll
[MD5.8D9D885279A3136BF0E99C475579FCDC] - [04/06/2017 12:10:42] - |A| - [139264] - C:\WINDOWS\system32\dmview.ocx
[MD5.C6EA36D5A0686F3E969E5B45B76640F3] - [04/06/2017 12:09:34] - |A| - [56832] - C:\WINDOWS\system32\dmwappushsvc.dll
[MD5.ADB0767BFF5F696A45A0AA5C3A10D623] - [04/06/2017 12:10:49] - |A| - [152576] - C:\WINDOWS\system32\dmwmicsp.dll
[MD5.1215886A74EB75F0D0CC7184186212FC] - [04/06/2017 12:09:30] - |A| - [61952] - C:\WINDOWS\system32\dmxmlhelputils.dll
[MD5.0AFB54BDDE1E904C43E142330E0D5263] - [04/06/2017 12:09:55] - |A| - [710768] - C:\WINDOWS\system32\dnsapi.dll
[MD5.4BA59C6A901AB8C8BA18D4C529E67AA7] - [04/06/2017 12:10:00] - |A| - [32256] - C:\WINDOWS\system32\dnscacheugc.exe
[MD5.CA119627ACE0E5961D3879F39B5BF029] - [04/06/2017 12:10:00] - |A| - [134656] - C:\WINDOWS\system32\dnscmmc.dll
[MD5.57662DED4833127F5F943106D12B2010] - [04/06/2017 12:10:24] - |A| - [14336] - C:\WINDOWS\system32\dnsext.dll
[MD5.347EE61F6CCAB4DE65D056974022805C] - [04/06/2017 12:10:40] - |A| - [103936] - C:\WINDOWS\system32\dnshc.dll
[MD5.25F41856A62C259A667045FE23A36C14] - [04/06/2017 12:09:55] - |A| - [281600] - C:\WINDOWS\system32\dnsrslvr.dll
[MD5.E38ADB72BDEB92B627F29671C2D1F266] - [04/06/2017 12:10:47] - |A| - [140800] - C:\WINDOWS\system32\Docking.VirtualInput.dll
[MD5.8D90CB60CA8C9C3AEF59E62DDF6D80EE] - [04/06/2017 12:10:02] - |A| - [14336] - C:\WINDOWS\system32\DockInterface.ProxyStub.dll
[MD5.DE97835D3B5DF034DC90C4ED3A13235E] - [04/06/2017 12:10:29] - |A| - [41472] - C:\WINDOWS\system32\docprop.dll
[MD5.6CE91E8CBADCBE1D8EC9D135BA9C6E0F] - [04/06/2017 12:10:27] - |A| - [77312] - C:\WINDOWS\system32\DocumentPerformanceEvents.dll
[MD5.B3AC94C5DBA3883D17CC928D7D7D57E8] - [04/06/2017 12:11:39] - |A| - [977224] - C:\WINDOWS\system32\DolbyDecMFT.dll
[MD5.C119078A2E94CDDE584A23413B598DBA] - [04/06/2017 12:09:21] - |A| - [756224] - C:\WINDOWS\system32\DolbyHrtfEnc.dll
[MD5.4C61CABEC4ED39EEA1206DF195246212] - [04/06/2017 12:09:21] - |A| - [234496] - C:\WINDOWS\system32\DolbyMATEnc.dll
[MD5.EA8BC6F2D40DB2D2F24152C6F71AAE45] - [04/06/2017 12:09:37] - |A| - [247296] - C:\WINDOWS\system32\domgmt.dll
[MD5.68B8792F967C45FE27981015B82A7413] - [04/06/2017 12:09:34] - |A| - [258048] - C:\WINDOWS\system32\dosettings.dll
[MD5.FE34D61A539C38BA3763590625CBEACB] - [04/06/2017 12:09:52] - |A| - [18944] - C:\WINDOWS\system32\doskey.exe
[MD5.ACE922BE675289BA0ACE64F7736E840F] - [04/06/2017 12:09:37] - |A| - [1271808] - C:\WINDOWS\system32\dosvc.dll
[MD5.C283AA710AACDC8DF1EB07A9BE8BED69] - [04/06/2017 12:10:49] - |A| - [88576] - C:\WINDOWS\system32\dot3api.dll
[MD5.68B1DCD8A96A97D7BFB43B26E0950518] - [04/06/2017 12:10:50] - |A| - [68608] - C:\WINDOWS\system32\dot3cfg.dll
[MD5.3066B431F7F49A82CC8309CB6213BC98] - [04/06/2017 12:10:49] - |A| - [29184] - C:\WINDOWS\system32\Dot3Conn.dll
[MD5.D67033614E6FBD9A98024B98E235C45C] - [04/06/2017 12:10:49] - |A| - [57856] - C:\WINDOWS\system32\dot3dlg.dll
[MD5.A1F09B85CCC5985B8998A850AE409ADA] - [04/06/2017 12:10:50] - |A| - [56320] - C:\WINDOWS\system32\dot3gpclnt.dll
[MD5.46C9D12B8F791D60D07590C66D8A1A89] - [04/06/2017 12:10:49] - |A| - [276480] - C:\WINDOWS\system32\dot3gpui.dll
[MD5.452AB3518523C10062B10DE9B05A0318] - [04/06/2017 12:10:38] - |A| - [70656] - C:\WINDOWS\system32\dot3hc.dll
[MD5.2D5DA15E84EE74D4A806DB1591B8ED6E] - [04/06/2017 12:10:49] - |A| - [178688] - C:\WINDOWS\system32\dot3mm.dll
[MD5.68612D0A92F6AA70105B9EACADE44D92] - [04/06/2017 12:10:49] - |A| - [101888] - C:\WINDOWS\system32\dot3msm.dll
[MD5.10DA20D8C68B6ED60B602614C1C8D8EF] - [04/06/2017 12:10:49] - |A| - [253440] - C:\WINDOWS\system32\dot3svc.dll
[MD5.F72A4038853D0046E860D2993D6F724B] - [04/06/2017 12:10:49] - |A| - [312320] - C:\WINDOWS\system32\dot3ui.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 10:16:46] - |D| - [764928] - C:\WINDOWS\system32\downlevel
[MD5.5E5355A6119B8A9621AF224B0FC240BF] - [04/06/2017 12:09:57] - |A| - [15872] - C:\WINDOWS\system32\dpapi.dll
[MD5.C39220903A0CBF35025DDB8F12185DFA] - [04/06/2017 12:10:32] - |A| - [76800] - C:\WINDOWS\system32\dpapimig.exe
[MD5.D7BCDA6EA52738954B3C9337E970D6DD] - [04/06/2017 12:10:00] - |A| - [56320] - C:\WINDOWS\system32\dpapiprovider.dll
[MD5.6D6BD658EC2E244964376A47459FC7CF] - [04/06/2017 12:09:57] - |A| - [205312] - C:\WINDOWS\system32\dpapisrv.dll
[MD5.7170D6C3E1BBC7F04BC4BBA17BBDDCA9] - [04/06/2017 12:10:00] - |A| - [79360] - C:\WINDOWS\system32\DpiScaling.exe
[MD5.6B81EAA34E5608B0167965ECF13FFBEA] - [04/06/2017 12:08:57] - |A| - [6144] - C:\WINDOWS\system32\dpnaddr.dll
[MD5.23A172EA4D7EF2E7A26778DE420C6A7B] - [04/06/2017 12:08:57] - |A| - [67584] - C:\WINDOWS\system32\dpnathlp.dll
[MD5.16ACD97B747548839D22BE91124446FD] - [04/06/2017 12:08:57] - |A| - [464896] - C:\WINDOWS\system32\dpnet.dll
[MD5.CB1D60629EE8A7C00BDD4987D18B18CF] - [04/06/2017 12:08:57] - |A| - [10240] - C:\WINDOWS\system32\dpnhpast.dll
[MD5.71229D06F6DD868FB0009CE7FC30F02C] - [04/06/2017 12:08:57] - |A| - [10240] - C:\WINDOWS\system32\dpnhupnp.dll
[MD5.1339467CC851164D1286D686CD3BAC35] - [04/06/2017 12:08:57] - |A| - [6144] - C:\WINDOWS\system32\dpnlobby.dll
[MD5.0224C71DD3E2AB44C5E6479807F84964] - [04/06/2017 12:08:57] - |A| - [26624] - C:\WINDOWS\system32\dpnsvr.exe
[MD5.A2E1F2D4ED1BBF103FF17AFEA460E175] - [04/06/2017 12:10:40] - |A| - [169472] - C:\WINDOWS\system32\dps.dll
[MD5.228871151FC8CFE713482AE6CF63788D] - [04/06/2017 12:10:00] - |A| - [606032] - C:\WINDOWS\system32\dpx.dll
[MD5.3D7A3E9BD76B173799468532C35E749F] - [04/06/2017 12:10:24] - |A| - [80896] - C:\WINDOWS\system32\driverquery.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:16:34] - |D| - [109833551] - C:\WINDOWS\system32\drivers
[MD5.00000000000000000000000000000000] - [04/06/2017 10:16:43] - |D| - [2098988697] - C:\WINDOWS\system32\DriverStore
[MD5.2A8695DAD6B1E241527363CFE2F1E8DA] - [04/06/2017 12:10:41] - |A| - [25600] - C:\WINDOWS\system32\drprov.dll
[MD5.04C984469FF2CCA0752162055363FADD] - [04/06/2017 12:09:07] - |A| - [274944] - C:\WINDOWS\system32\drt.dll
[MD5.FDE65262E953B84F2DE286940CDD8DCE] - [04/06/2017 12:09:07] - |A| - [66560] - C:\WINDOWS\system32\drtprov.dll
[MD5.AAA03E01BA285699D2D8EA8503F953C1] - [04/06/2017 12:09:07] - |A| - [52224] - C:\WINDOWS\system32\drttransport.dll
[MD5.BC55B7016037D3A6CBE1E03117AE32F8] - [04/06/2017 12:09:43] - |A| - [70656] - C:\WINDOWS\system32\drvcfg.exe
[MD5.773DCC72379FEC5E1B732CBD3CBC0A30] - [04/06/2017 12:10:24] - |A| - [153088] - C:\WINDOWS\system32\drvinst.exe
[MD5.93468187158A82A882EC9E0A5FE43FC1] - [04/06/2017 12:09:37] - |A| - [978256] - C:\WINDOWS\system32\drvstore.dll
[MD5.B8D4183FFC40D308B59A8AF4217399B7] - [04/06/2017 12:10:00] - |A| - [45568] - C:\WINDOWS\system32\dsauth.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |SD| - [165376] - C:\WINDOWS\system32\dsc
[MD5.970BA562298B55FBD827795A69DDFA13] - [04/06/2017 12:10:27] - |A| - [466432] - C:\WINDOWS\system32\DscCore.dll
[MD5.C7C4205C08FFA878253FF9BB33613F30] - [04/06/2017 12:10:27] - |A| - [199168] - C:\WINDOWS\system32\DscCoreConfProv.dll
[MD5.277E05931C1A4E3C1959DFCD298BB5DF] - [04/06/2017 12:09:22] - |A| - [46024] - C:\WINDOWS\system32\dsclient.dll
[MD5.264DCB5B39534750648E23BEA3D7B880] - [04/06/2017 12:10:29] - |A| - [19968] - C:\WINDOWS\system32\dscproxy.dll
[MD5.9CFCE11A1960203265473B489DD05019] - [04/06/2017 12:10:27] - |A| - [25600] - C:\WINDOWS\system32\DscTimer.dll
[MD5.9A18B40135E39791454E1A68424B6AA3] - [04/06/2017 12:09:17] - |A| - [194048] - C:\WINDOWS\system32\dsdmo.dll
[MD5.6077430B1B4C3C82239F0BF3E111A569] - [04/06/2017 12:10:00] - |A| - [131584] - C:\WINDOWS\system32\dskquota.dll
[MD5.5F4AC4FEC5AD37D8E5378D8A7B6AB603] - [04/06/2017 12:10:00] - |A| - [226816] - C:\WINDOWS\system32\dskquoui.dll
[MD5.C55BEB9AD0CCC636F602548A45ED7E86] - [04/06/2017 12:10:02] - |A| - [17920] - C:\WINDOWS\system32\DsmUserTask.exe
[MD5.C94B49289E2CDD7796B06C67D45D8D31] - [04/06/2017 12:09:17] - |A| - [567296] - C:\WINDOWS\system32\dsound.dll
[MD5.F2754891E59C3876DD625012B27B919E] - [04/06/2017 12:09:57] - |A| - [31744] - C:\WINDOWS\system32\dsparse.dll
[MD5.A09702DBC39C3942C4005E22120C0708] - [04/06/2017 12:10:00] - |A| - [171008] - C:\WINDOWS\system32\dsprop.dll
[MD5.DF2596A2E8624BA76AE2F3C4AA0E8808] - [04/06/2017 12:10:02] - |A| - [441344] - C:\WINDOWS\system32\dsquery.dll
[MD5.2B61C3F4DBB789512388635BD81B41A3] - [04/06/2017 12:09:24] - |A| - [675328] - C:\WINDOWS\system32\dsreg.dll
[MD5.B810E63D95D30CC40BDD992DAB295595] - [04/06/2017 12:10:49] - |A| - [717312] - C:\WINDOWS\system32\dsregcmd.exe
[MD5.51B51AC028FC5412DB693E6545F50FFB] - [04/06/2017 12:09:57] - |A| - [23832] - C:\WINDOWS\system32\dsrole.dll
[MD5.8C6F56F4CDDE6A1FD01F4FCF2773298E] - [04/06/2017 12:17:10] - |A| - [215943] - C:\WINDOWS\system32\dssec.dat
[MD5.E8626C2E0A43D2B22261A6584190E733] - [04/06/2017 12:09:49] - |A| - [60416] - C:\WINDOWS\system32\dssec.dll
[MD5.FC738D85448A115D61E0740E09FE7B98] - [04/06/2017 12:09:57] - |A| - [147752] - C:\WINDOWS\system32\dssenh.dll
[MD5.9A8D576AC88C75E65172716EB069FF0D] - [04/06/2017 12:09:21] - |A| - [150528] - C:\WINDOWS\system32\dssvc.dll
[MD5.9026297AF5594BC937FAD7EFB98A4D08] - [04/06/2017 12:09:21] - |A| - [12800] - C:\WINDOWS\system32\dstokenclean.exe
[MD5.C35F98C717722C5F7C0B6C0AA3A8D429] - [04/06/2017 12:10:00] - |A| - [150016] - C:\WINDOWS\system32\Dsui.dll
[MD5.B7C39C0C40E850594675AFF7997F7085] - [04/06/2017 12:10:02] - |A| - [686592] - C:\WINDOWS\system32\dsuiext.dll
[MD5.908C87E8BB8E69924B41181D1E0B4922] - [04/06/2017 12:10:00] - |A| - [27136] - C:\WINDOWS\system32\dswave.dll
[MD5.C7ECD3AA3D634EE647E78B9778B3EF64] - [04/06/2017 12:10:06] - |A| - [37376] - C:\WINDOWS\system32\dtsh.dll
[MD5.906515CF3B8AB4AFC5396DF1E94D1652] - [04/06/2017 12:09:37] - |A| - [104448] - C:\WINDOWS\system32\DuCsps.dll
[MD5.72D73965A87512305078550153A06836] - [04/06/2017 12:10:02] - |A| - [1729024] - C:\WINDOWS\system32\dui70.dll
[MD5.F91DC283A0144367291B2961546E8966] - [04/06/2017 12:10:00] - |A| - [583168] - C:\WINDOWS\system32\duser.dll
[MD5.7E2CF5F9A7D13DB15F45C28DED630A49] - [04/06/2017 12:09:21] - |A| - [48128] - C:\WINDOWS\system32\dusmapi.dll
[MD5.F368F45B3873D6F8A8C8E2EDAE5FD18F] - [04/06/2017 12:09:21] - |A| - [318464] - C:\WINDOWS\system32\dusmsvc.dll
[MD5.ADB8AD46196FC6AEFD285F59EE4CAFEF] - [04/06/2017 12:09:21] - |A| - [34816] - C:\WINDOWS\system32\dusmtask.exe
[MD5.84343CDF6072B9324BD951DCCF9AD676] - [04/06/2017 12:09:21] - |A| - [12288] - C:\WINDOWS\system32\dvdplay.exe
[MD5.7F129E97343A00DEFD4BAB49FF584279] - [04/06/2017 12:09:55] - |A| - [59904] - C:\WINDOWS\system32\dwm.exe
[MD5.1DC38E59C62903D7A5812FA4A0B1C885] - [04/06/2017 12:09:55] - |A| - [143696] - C:\WINDOWS\system32\dwmapi.dll
[MD5.F46B3623DDD8978D49296AB2BDCCE2FE] - [04/06/2017 12:09:55] - |A| - [2909184] - C:\WINDOWS\system32\dwmcore.dll
[MD5.B7525C611C2282D9452B64FCA95FEE14] - [04/06/2017 12:09:55] - |A| - [71168] - C:\WINDOWS\system32\dwmghost.dll
[MD5.2FAC1F89105FB5711BFFD7B217388F5C] - [04/06/2017 12:09:55] - |A| - [55120] - C:\WINDOWS\system32\dwminit.dll
[MD5.9620D53A4FB82704DC459644DDA1F40D] - [04/06/2017 12:09:55] - |A| - [143872] - C:\WINDOWS\system32\dwmredir.dll
[MD5.30FAB7FDAEB99FC3E92CBBFEBCCB13D7] - [04/06/2017 12:09:29] - |A| - [3072512] - C:\WINDOWS\system32\DWrite.dll
[MD5.ECD8207F0C01D4F2952DF8E03E88D93B] - [04/06/2017 12:10:06] - |A| - [195584] - C:\WINDOWS\system32\DWWIN.EXE
[MD5.32128700B17675CD85558AD56FC9439A] - [11/06/2017 03:12:29] - |A| - [1179648] - C:\WINDOWS\system32\DXCap.exe
[MD5.8A07537F68779B2657A212F885427796] - [11/06/2017 03:12:29] - |A| - [17668096] - C:\WINDOWS\system32\DXCaptureReplay.dll
[MD5.854C145501B79B42AADC7376C6513245] - [11/06/2017 03:12:29] - |A| - [396288] - C:\WINDOWS\system32\DXCpl.exe
[MD5.5CC1B3FFDF9A917A0CAC05FBAABF576A] - [04/06/2017 12:10:00] - |A| - [357888] - C:\WINDOWS\system32\dxdiag.exe
[MD5.E07D17DF51491F222FDEB5AE3F69865F] - [04/06/2017 12:10:00] - |A| - [353280] - C:\WINDOWS\system32\dxdiagn.dll
[MD5.AB6A332D09F2596C672F0889CCD828EE] - [04/06/2017 12:09:30] - |A| - [694200] - C:\WINDOWS\system32\dxgi.dll
[MD5.771EEEDB142B6ED055EF2AF04BE4361E] - [11/06/2017 03:12:29] - |A| - [334336] - C:\WINDOWS\system32\DXGIDebug.dll
[MD5.7D9F05710D267E669B6E0023671A9581] - [04/06/2017 12:10:00] - |A| - [20480] - C:\WINDOWS\system32\dxgwdi.dll
[MD5.0B5FDE5D98D92395E20C3D8A0033057A] - [04/06/2017 12:09:29] - |A| - [1323008] - C:\WINDOWS\system32\dxilconv.dll
[MD5.C6B2C6C6981A03D76D480BD7D49B6217] - [05/06/2017 08:58:25] - |A| - [7168] - C:\WINDOWS\system32\dxmasf.dll
[MD5.3D02F52B055C6D26287220E8CDFA1D2E] - [04/06/2017 12:10:06] - |A| - [466944] - C:\WINDOWS\system32\DXP.dll
[MD5.AB4CF90F0B797CCE638D39D220D65C17] - [04/06/2017 12:10:06] - |A| - [37888] - C:\WINDOWS\system32\dxpps.dll
[MD5.233A2B97AEB1CEDA60F8BD134B9B75AA] - [04/06/2017 12:10:06] - |A| - [303104] - C:\WINDOWS\system32\Dxpserver.exe
[MD5.DE3E30EA863481664137EC27F19E5A97] - [04/06/2017 12:10:00] - |A| - [1432576] - C:\WINDOWS\system32\DxpTaskSync.dll
[MD5.F9AF80658C72179C8548ACE3BB8A3A11] - [04/06/2017 12:09:03] - |A| - [456704] - C:\WINDOWS\system32\dxtmsft.dll
[MD5.F8C1258C1770C93663697B3B811A6F5B] - [11/06/2017 03:12:29] - |A| - [189440] - C:\WINDOWS\system32\DXToolsMonitor.dll
[MD5.A5C98D873C8CE9736A9069A5080B8504] - [11/06/2017 03:12:29] - |A| - [1983488] - C:\WINDOWS\system32\DXToolsOfflineAnalysis.dll
[MD5.74FFE9B11740C4E854DC3E2AEE36EAF5] - [11/06/2017 03:12:29] - |A| - [94720] - C:\WINDOWS\system32\DxToolsReportGenerator.dll
[MD5.043BEF536F29D853C06A813476B35E85] - [11/06/2017 03:12:29] - |A| - [177664] - C:\WINDOWS\system32\DXToolsReporting.dll
[MD5.4E215820F46AA069D31D4B9AA4D5B0FB] - [04/06/2017 12:09:03] - |A| - [275968] - C:\WINDOWS\system32\dxtrans.dll
[MD5.659536662B57F57E5D6EA676D9F51BA5] - [04/06/2017 12:09:25] - |A| - [124568] - C:\WINDOWS\system32\dxva2.dll
[MD5.10080F7C9609DA368DD544E53CDBAF44] - [04/06/2017 12:09:18] - |A| - [1283160] - C:\WINDOWS\system32\DynamicLong.bin
[MD5.DA82512B83F3E095D8F33497227A8ABA] - [04/06/2017 12:09:18] - |A| - [707160] - C:\WINDOWS\system32\DynamicMedium.bin
[MD5.53D57AEA0AB2FE454603F4F094C69EF5] - [04/06/2017 12:09:18] - |A| - [419160] - C:\WINDOWS\system32\DynamicShort.bin
[MD5.D844C0AE84EA8944530F5E82E4F7ED45] - [04/06/2017 12:09:34] - |A| - [56832] - C:\WINDOWS\system32\dynamoapi.dll
[MD5.1508CE77F084ABC99FE5A9EC461D602A] - [04/06/2017 12:09:37] - |A| - [43520] - C:\WINDOWS\system32\EAMProgressHandler.dll
[MD5.7C7E3F335C38B6694C047D035B516D98] - [04/06/2017 12:10:49] - |A| - [13312] - C:\WINDOWS\system32\Eap3Host.exe
[MD5.88B9D7AD8172C0670E0A784D9F5A133A] - [04/06/2017 12:10:47] - |A| - [321024] - C:\WINDOWS\system32\eapp3hst.dll
[MD5.D47CEC3452AB9B47474973B958C56150] - [04/06/2017 12:10:47] - |A| - [241664] - C:\WINDOWS\system32\eappcfg.dll
[MD5.5EAF0F1F2F0A9DD389D38B8CE7FCB8CD] - [04/06/2017 12:10:03] - |A| - [313344] - C:\WINDOWS\system32\eappcfgui.dll
[MD5.CA06DB8FABBA2120D7C6AA4251F184B8] - [04/06/2017 12:10:47] - |A| - [104448] - C:\WINDOWS\system32\eappgnui.dll
[MD5.E4F1B7D3875B4C7D96426129D7C5418A] - [04/06/2017 12:10:47] - |A| - [296960] - C:\WINDOWS\system32\eapphost.dll
[MD5.397A74F496DEE94D1C2DFE3BE5CEADD9] - [04/06/2017 12:10:47] - |A| - [71168] - C:\WINDOWS\system32\eappprxy.dll
[MD5.0B39FCF056B38A46CACC3573D9CD7EEB] - [04/06/2017 12:10:29] - |A| - [29696] - C:\WINDOWS\system32\eapprovp.dll
[MD5.93CB8F53C325EE416B25889540B9635E] - [04/06/2017 12:10:03] - |A| - [145920] - C:\WINDOWS\system32\eapsimextdesktop.dll
[MD5.816DEAA5EE2A2684460FFB5DD5C12D8E] - [04/06/2017 12:10:49] - |A| - [107520] - C:\WINDOWS\system32\eapsvc.dll
[MD5.EA2109DFF5EAB33D3304EFE322EE976C] - [04/06/2017 12:10:03] - |A| - [24576] - C:\WINDOWS\system32\easconsent.dll
[MD5.8D0E9641E1CFC25AA517A79583C56CF5] - [04/06/2017 12:09:43] - |A| - [295936] - C:\WINDOWS\system32\EaseOfAccessDialog.exe
[MD5.61872F0E0D79D5B7A70549E5086B9A1E] - [04/06/2017 12:10:03] - |A| - [68768] - C:\WINDOWS\system32\easinvoker.exe
[MD5.4D72DE03515C94A638879FF93168A872] - [04/06/2017 12:10:03] - |A| - [28672] - C:\WINDOWS\system32\easinvoker.proxystub.dll
[MD5.E35BF7E86A1D204232B6ACE90DEAAEB4] - [05/06/2017 08:59:13] - |A| - [62976] - C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
[MD5.FAEB7485B6E83EDAC4AEBD9ADC36B61E] - [05/06/2017 08:59:13] - |A| - [13824] - C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
[MD5.BB2CD8753465FBF2063E35EF2B7387C7] - [04/06/2017 12:10:06] - |A| - [173056] - C:\WINDOWS\system32\easwrt.dll
[MD5.1F98FABABF5DBCC316288C60528264C7] - [04/06/2017 12:09:03] - |A| - [24332800] - C:\WINDOWS\system32\edgehtml.dll
[MD5.3E992F6F0CF22F13198FD31C781E36E9] - [04/06/2017 12:08:52] - |A| - [3492] - C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
[MD5.AB61833CBA5C7B00E2DF7ADFB73A6A8B] - [04/06/2017 12:10:11] - |A| - [390656] - C:\WINDOWS\system32\edgeIso.dll
[MD5.3EF28E3925DF3400FA580CB270D97578] - [04/06/2017 12:09:03] - |A| - [116736] - C:\WINDOWS\system32\EdgeManager.dll
[MD5.D6FD1FE68A2E57FD85C18F79F305508D] - [04/06/2017 12:09:25] - |A| - [83968] - C:\WINDOWS\system32\EditBufferTestHook.dll
[MD5.A2E7580267C2723D60296D66983D6191] - [04/06/2017 12:10:36] - |A| - [179200] - C:\WINDOWS\system32\EditionUpgradeHelper.dll
[MD5.CA455BDB9DDAF7E83B4D5738FEA9E6D4] - [04/06/2017 12:10:36] - |A| - [683856] - C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
[MD5.A109B7BD35A0D887AB237F81E4A05D26] - [04/06/2017 12:10:06] - |A| - [136192] - C:\WINDOWS\system32\edpauditapi.dll
[MD5.1E9EC7BAA0F6849C384DFBB6D8C5B02E] - [04/06/2017 12:09:37] - |A| - [144896] - C:\WINDOWS\system32\EDPCleanup.exe
[MD5.19F014131054C8710AE8948E61AB4615] - [04/06/2017 12:09:37] - |A| - [139264] - C:\WINDOWS\system32\edpcsp.dll
[MD5.9F284582C20EAA1F4E5D3C3825A975F5] - [04/06/2017 12:10:02] - |A| - [59392] - C:\WINDOWS\system32\edpnotify.exe
[MD5.B0694F19013621D82BEFC06561A347E1] - [04/06/2017 12:10:07] - |A| - [62976] - C:\WINDOWS\system32\edptask.dll
[MD5.8C2A45312009510700148E199C7DE3D8] - [04/06/2017 12:10:07] - |A| - [254464] - C:\WINDOWS\system32\edputil.dll
[MD5.CCE780A9ED55D45B3553D6BAD40A83E2] - [04/06/2017 12:10:44] - |A| - [437760] - C:\WINDOWS\system32\EduPrintProv.exe
[MD5.19369454FEFA76BB46D6A475D8290BE4] - [04/06/2017 12:09:37] - |A| - [195584] - C:\WINDOWS\system32\eeprov.dll
[MD5.8E6E1036C8E44B8CC2F0FCF1ACF31406] - [04/06/2017 12:09:37] - |A| - [54784] - C:\WINDOWS\system32\eeutil.dll
[MD5.E615C3FEAFC6DC80E701164E74F74172] - [04/06/2017 12:10:03] - |A| - [123904] - C:\WINDOWS\system32\efsadu.dll
[MD5.CCCC4871B224B81A21E5968CA80841F8] - [04/06/2017 12:10:03] - |A| - [1028432] - C:\WINDOWS\system32\efscore.dll
[MD5.20F54FE9CDB7E128801D7CCB040CA7A5] - [04/06/2017 12:10:02] - |A| - [73216] - C:\WINDOWS\system32\efsext.dll
[MD5.9630C1D42BEB4968A0067CE6FDCA9429] - [04/06/2017 12:10:03] - |A| - [80384] - C:\WINDOWS\system32\efslsaext.dll
[MD5.12789CEBF8C26C732EEB8AEE61C7B8A8] - [04/06/2017 12:10:02] - |A| - [57344] - C:\WINDOWS\system32\efssvc.dll
[MD5.27E805B1B6FAA33CE11E509C38928BB3] - [04/06/2017 12:10:03] - |A| - [14336] - C:\WINDOWS\system32\efsui.exe
[MD5.E18930EA9B52ACC1A8F36D71EA229ABB] - [04/06/2017 12:10:03] - |A| - [41472] - C:\WINDOWS\system32\efsutil.dll
[MD5.AEB1B3D8FD6E15396CA777B5E542BFB7] - [04/06/2017 12:10:29] - |A| - [633856] - C:\WINDOWS\system32\efswrt.dll
[MD5.4B26CF2D50F810504EB77AEB26315F1F] - [04/06/2017 12:10:07] - |A| - [131072] - C:\WINDOWS\system32\EhStorAPI.dll
[MD5.598C327920991266BAF93E3E356C9731] - [04/06/2017 12:10:07] - |A| - [128512] - C:\WINDOWS\system32\EhStorAuthn.exe
[MD5.CE69992CC147F36CC32F44560A48A62F] - [04/06/2017 12:10:06] - |A| - [111616] - C:\WINDOWS\system32\EhStorPwdMgr.dll
[MD5.C860EB28943F301573A70A3C1BFE6D3F] - [04/06/2017 12:10:06] - |A| - [205824] - C:\WINDOWS\system32\EhStorShell.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [343552] - C:\WINDOWS\system32\el-GR
[MD5.AFC0B19E6053D1041AF5CBCC762FA5B5] - [04/06/2017 12:10:03] - |A| - [227328] - C:\WINDOWS\system32\els.dll
[MD5.8FFE8CBE981074D1D752440C8273F538] - [04/06/2017 12:10:07] - |A| - [76288] - C:\WINDOWS\system32\ELSCore.dll
[MD5.2D710A8DD0F9EBF70D082CB10C44D939] - [04/06/2017 12:09:04] - |A| - [252416] - C:\WINDOWS\system32\elshyph.dll
[MD5.ADD83A9E9779286CFD8022AC0ED57FFD] - [04/06/2017 12:10:11] - |A| - [701952] - C:\WINDOWS\system32\elslad.dll
[MD5.F9AC6E4DD6FDD327090611890FF31166] - [04/06/2017 12:10:07] - |A| - [28672] - C:\WINDOWS\system32\elsTrans.dll
[MD5.1E2C5CF92E441788DB9A2B563CB0AE77] - [04/06/2017 12:09:33] - |A| - [1115136] - C:\WINDOWS\system32\EmailApis.dll
[MD5.1C54616F72622FA9628EA477FCBAD9E7] - [04/06/2017 12:09:24] - |A| - [162816] - C:\WINDOWS\system32\embeddedmodesvc.dll
[MD5.A7AA28BB958F1AA7DC068F58C707001F] - [04/06/2017 12:09:25] - |A| - [45568] - C:\WINDOWS\system32\embeddedmodesvcapi.dll
[MD5.4E1BF82A4A7B64037C6B801988A42C89] - [04/06/2017 12:09:18] - |A| - [55808] - C:\WINDOWS\system32\EmojiDS.dll
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:44] - |D| - [0] - C:\WINDOWS\system32\en
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [248832] - C:\WINDOWS\system32\en-GB
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [2470400] - C:\WINDOWS\system32\en-US
[MD5.945BA7728E4D96BB22DE95E1623FFCE6] - [04/06/2017 12:09:21] - |A| - [26112] - C:\WINDOWS\system32\encapi.dll
[MD5.162F1DA89E6DA8DDA3F3E3BF46088711] - [04/06/2017 12:10:40] - |A| - [434176] - C:\WINDOWS\system32\EncDec.dll
[MD5.8CD63C8DAD3B9A5BBBA4856BFEAC09EA] - [04/06/2017 12:09:55] - |A| - [94552] - C:\WINDOWS\system32\EncDump.dll
[MD5.CDC13494E49FC636532F19CEE71AE6A1] - [04/06/2017 12:10:00] - |A| - [664064] - C:\WINDOWS\system32\energy.dll
[MD5.6B153734C582E7F9D32999772CD00DCA] - [04/06/2017 12:09:37] - |A| - [157696] - C:\WINDOWS\system32\energyprov.dll
[MD5.4D03B51F83C187735317D4278F7E3628] - [04/06/2017 12:10:29] - |A| - [59392] - C:\WINDOWS\system32\energytask.dll
[MD5.01019222587BE1AD291B82349342FAD9] - [04/06/2017 12:09:37] - |A| - [196096] - C:\WINDOWS\system32\enrollmentapi.dll
[MD5.6A2F53065C54FE9B83D72005DAD445AC] - [04/06/2017 12:09:55] - |A| - [131072] - C:\WINDOWS\system32\EnterpriseAPNCsp.dll
[MD5.35FAE3C3FA77798F18E307BB40335160] - [04/06/2017 12:09:37] - |A| - [25088] - C:\WINDOWS\system32\EnterpriseAppMgmtClient.dll
[MD5.798A5C32E96CE7C6D92EF6F4454EFE16] - [04/06/2017 12:09:37] - |A| - [300032] - C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
[MD5.6C0ED9CD76C85C750596204C015E33FB] - [04/06/2017 12:11:48] - |A| - [89088] - C:\WINDOWS\system32\EnterpriseAppVMgmtCSP.dll
[MD5.70376ED30C676A2092AE210E13E216B2] - [04/06/2017 12:09:37] - |A| - [1361408] - C:\WINDOWS\system32\enterprisecsps.dll
[MD5.4AA59FECD872AC2761A88B23E4F66491] - [04/06/2017 12:09:34] - |A| - [75776] - C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
[MD5.47F37CBE1FA7FE427BB996DC94D98C8E] - [04/06/2017 12:09:34] - |A| - [19456] - C:\WINDOWS\system32\enterpriseetw.dll
[MD5.0B57424EA29B479C06DF8CF1214E9440] - [04/06/2017 12:09:34] - |A| - [168960] - C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
[MD5.81C531EEC99EAA8B26A40224A164ACA0] - [04/06/2017 12:09:34] - |A| - [81920] - C:\WINDOWS\system32\enterpriseresourcemanager.dll
[MD5.E764808B42F93757ED8D11B1CA6F1C67] - [04/06/2017 12:10:27] - |A| - [78848] - C:\WINDOWS\system32\eqossnap.dll
[MD5.0B1A134170DBB1D85528B2BAC0646219] - [04/06/2017 12:09:25] - |A| - [217600] - C:\WINDOWS\system32\ErrorDetails.dll
[MD5.9B72AA10688E1EF969D0667EF290538D] - [04/06/2017 12:09:25] - |A| - [45056] - C:\WINDOWS\system32\ErrorDetailsCore.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [335872] - C:\WINDOWS\system32\es-ES
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [273408] - C:\WINDOWS\system32\es-MX
[MD5.6EBCC9BADDF5DD8B9EECD5624E3A1BF3] - [04/06/2017 12:09:55] - |A| - [437248] - C:\WINDOWS\system32\es.dll
[MD5.22F57C4C58BAE0ADB65A8D7FA4BCE5B7] - [04/06/2017 12:10:03] - |A| - [19968] - C:\WINDOWS\system32\EsdSip.dll
[MD5.C5FE72E4692361836D559F1712683926] - [04/06/2017 12:09:30] - |A| - [3102720] - C:\WINDOWS\system32\esent.dll
[MD5.8B9FF61E2F76FD2D2E5BEB4A16FD724F] - [04/06/2017 12:10:03] - |A| - [67072] - C:\WINDOWS\system32\esentprf.dll
[MD5.FFAB14D74638AA654D3824CA8CC2405A] - [04/06/2017 12:10:03] - |A| - [334336] - C:\WINDOWS\system32\esentutl.exe
[MD5.ADC7D48DFE3751C526110B5B9F8E06C4] - [04/06/2017 12:10:02] - |A| - [36864] - C:\WINDOWS\system32\esevss.dll
[MD5.0CC81C86F86FD2C28C947ADF347CD4EB] - [04/06/2017 12:08:54] - |A| - [121344] - C:\WINDOWS\system32\eShims.dll
[MD5.99A7D55BC7B779E63E71C6A793BC3321] - [04/06/2017 12:10:47] - |A| - [33792] - C:\WINDOWS\system32\esrb.rs
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [245248] - C:\WINDOWS\system32\et-EE
[MD5.2811EF5C451AC7C4D33613D99726BE2B] - [04/06/2017 12:09:42] - |A| - [181760] - C:\WINDOWS\system32\EthernetMediaManager.dll
[MD5.A70E14CB888DD4E04E7B97C73767034D] - [04/06/2017 12:09:25] - |A| - [151040] - C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
[MD5.273443138586402A8BC17B6AB681A7C7] - [04/06/2017 12:09:30] - |A| - [53760] - C:\WINDOWS\system32\ETWESEProviderResources.dll
[MD5.66E00EF17D1CD200E403DC532359F398] - [04/06/2017 12:10:00] - |A| - [50688] - C:\WINDOWS\system32\EtwRundown.dll
[MD5.9F194F5A0274B89E88FF9AE7155AFD9A] - [04/06/2017 12:09:47] - |A| - [355328] - C:\WINDOWS\system32\eudcedit.exe
[MD5.A2BDCEB5F5274C904C87C92324EC6239] - [04/06/2017 12:10:49] - |A| - [79872] - C:\WINDOWS\system32\eUICCsCSP.dll
[MD5.6AD29573A0F757A3CA6CED8B4015CC60] - [04/06/2017 12:09:34] - |A| - [76288] - C:\WINDOWS\system32\EventAggregation.dll
[MD5.D1680435ADF555E591FC1B8D3FCCC33B] - [04/06/2017 12:10:44] - |A| - [17408] - C:\WINDOWS\system32\eventcls.dll
[MD5.89874DB9A750CDF1FDAE20E1E5D235A3] - [04/06/2017 12:10:42] - |A| - [41984] - C:\WINDOWS\system32\eventcreate.exe
[MD5.93E76CF7B04EC33A1E9E0FD7546D3603] - [04/06/2017 12:10:06] - |A| - [17935] - C:\WINDOWS\system32\EventViewer_EventDetails.xsl
[MD5.048BC4FB6C0A2113E4BE68E60339B036] - [04/06/2017 12:10:06] - |A| - [83456] - C:\WINDOWS\system32\eventvwr.exe
[MD5.9BDCCC1A87CCA27ADEACE8144F385165] - [04/06/2017 12:10:06] - |A| - [145127] - C:\WINDOWS\system32\eventvwr.msc
[MD5.F3A8435090728CF47588A1260CFC5D40] - [04/06/2017 12:08:52] - |A| - [750512] - C:\WINDOWS\system32\evr.dll
[MD5.343EBDACCB3E34C08315B983E52DC9FC] - [04/06/2017 12:09:21] - |A| - [276992] - C:\WINDOWS\system32\ExecModelClient.dll
[MD5.8A6B02B5F129621C79B88C92833052B5] - [04/06/2017 12:09:25] - |A| - [75776] - C:\WINDOWS\system32\execmodelproxy.dll
[MD5.9C82047B2FC58E32BBAA3A436EBDCFF3] - [04/06/2017 12:10:00] - |A| - [64512] - C:\WINDOWS\system32\expand.exe
[MD5.DEFC34455EEBFEB428D9D8A10D6C89E6] - [04/06/2017 12:10:32] - |A| - [4754944] - C:\WINDOWS\system32\ExplorerFrame.dll
[MD5.9CC8222056146810DD3B473C36A4DC3D] - [04/06/2017 12:09:33] - |A| - [257536] - C:\WINDOWS\system32\ExSMime.dll
[MD5.EA8FD7EF43034AD45D01FFE533C68974] - [04/06/2017 12:09:55] - |A| - [34304] - C:\WINDOWS\system32\extrac32.exe
[MD5.8155F2C90FFF208A4C5E35E2DF28EA85] - [04/06/2017 12:09:33] - |A| - [23552] - C:\WINDOWS\system32\ExtrasXmlParser.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |SD| - [30125223] - C:\WINDOWS\system32\F12
[MD5.C8BD7D29C308AC3EDA13B67154381B2A] - [04/06/2017 12:10:11] - |A| - [8704] - C:\WINDOWS\system32\f3ahvoas.dll
[MD5.200A957AB66BE7E8849DB0C36735569B] - [04/06/2017 12:09:34] - |A| - [448512] - C:\WINDOWS\system32\facecredentialprovider.dll
[MD5.A62179F506C6FA573CA2D77293BEA792] - [04/06/2017 12:09:34] - |A| - [986112] - C:\WINDOWS\system32\FaceProcessor.dll
[MD5.B8020205F6519E9BA897CFBECC38A214] - [04/06/2017 12:09:34] - |A| - [315104] - C:\WINDOWS\system32\FaceProcessorCore.dll
[MD5.A979310C666D03AB6424B9BF7D7EA9F4] - [04/06/2017 12:09:34] - |A| - [1353296] - C:\WINDOWS\system32\FaceTrackerInternal.dll
[MD5.6614F5B31507A52CE611B87E42B104E4] - [04/06/2017 12:10:27] - |A| - [108032] - C:\WINDOWS\system32\Family.Authentication.dll
[MD5.C692EABB1E4412061912DF4A992283B3] - [04/06/2017 12:10:27] - |A| - [98816] - C:\WINDOWS\system32\Family.Cache.dll
[MD5.7867DE7CAD0B77E51B00F249D5FB668E] - [04/06/2017 12:10:24] - |A| - [155648] - C:\WINDOWS\system32\Family.Client.dll
[MD5.487F37526ED2EC6FA233C7D9AC6B3EEA] - [04/06/2017 12:10:24] - |A| - [257024] - C:\WINDOWS\system32\Family.SyncEngine.dll
[MD5.43A1D29DA7DB516FE02869056A89A8D4] - [04/06/2017 12:09:43] - |A| - [14336] - C:\WINDOWS\system32\FamilySafetyExt.dll
[MD5.D9CF9C8F0827E6990E9E0F2204745A40] - [04/06/2017 12:09:55] - |A| - [414760] - C:\WINDOWS\system32\Faultrep.dll
[MD5.131FBADF25AC46B7489AE41499EFB70F] - [04/06/2017 12:10:47] - |A| - [30720] - C:\WINDOWS\system32\FaxPrinterInstaller.dll
[MD5.51A951202DE7FF8E3819B4509857C05F] - [04/06/2017 12:09:17] - |A| - [24576] - C:\WINDOWS\system32\fc.exe
[MD5.E998B02DEFA754C85F11285857597B93] - [04/06/2017 12:09:49] - |A| - [68608] - C:\WINDOWS\system32\fdBth.dll
[MD5.710531CAF6F8DE6486C3FA9825D29904] - [04/06/2017 12:09:49] - |A| - [14336] - C:\WINDOWS\system32\fdBthProxy.dll
[MD5.C610100255CD5D73B2FBD78C8E8CF5F3] - [04/06/2017 12:10:00] - |A| - [34816] - C:\WINDOWS\system32\FdDevQuery.dll
[MD5.FBC3F96803BCA15229E79A20F8A79FF4] - [04/06/2017 12:10:38] - |A| - [160768] - C:\WINDOWS\system32\fde.dll
[MD5.30E2370A5750A75FEB0DC940E8279A3F] - [04/06/2017 12:10:38] - |A| - [155136] - C:\WINDOWS\system32\fdeploy.dll
[MD5.A7463AC28DE4669FD79175FB599018A8] - [04/06/2017 12:10:03] - |A| - [20992] - C:\WINDOWS\system32\fdPHost.dll
[MD5.20F58BF77353E7415DBD973ABB3653DA] - [04/06/2017 12:10:02] - |A| - [58368] - C:\WINDOWS\system32\fdPnp.dll
[MD5.EC86B0C5D2F87E0453180093376CAE69] - [04/06/2017 12:10:27] - |A| - [286720] - C:\WINDOWS\system32\fdprint.dll
[MD5.90D5A0F6B7CC669B92C20402F30FA884] - [04/06/2017 12:10:03] - |A| - [68096] - C:\WINDOWS\system32\fdProxy.dll
[MD5.12FCF70E9674E5E7E354292DC4002D8D] - [04/06/2017 12:10:03] - |A| - [34816] - C:\WINDOWS\system32\FDResPub.dll
[MD5.2416DC3FCC732E0DBB97F9964053856A] - [04/06/2017 12:09:39] - |A| - [108032] - C:\WINDOWS\system32\fdSSDP.dll
[MD5.EE77DA2DDDEF0FABA34123B8B6F182CE] - [04/06/2017 12:08:57] - |A| - [108032] - C:\WINDOWS\system32\fdWCN.dll
[MD5.E985DB148E48CC764E3B0D88026934C8] - [04/06/2017 12:10:03] - |A| - [29184] - C:\WINDOWS\system32\fdWNet.dll
[MD5.CAE5AE516C81A86F618DDFAF0F3B8DF5] - [04/06/2017 12:09:42] - |A| - [151552] - C:\WINDOWS\system32\fdWSD.dll
[MD5.D12E48340EF1452B111135B8DB48555E] - [04/06/2017 12:08:53] - |A| - [55502] - C:\WINDOWS\system32\FeatureToastHeroImg.jpg
[MD5.2AA29525023231851A8A47D57181ED3C] - [04/06/2017 12:10:02] - |A| - [80384] - C:\WINDOWS\system32\feclient.dll
[MD5.2670C3B2F96A0A49C802F409B07571FF] - [04/06/2017 12:09:25] - |A| - [70656] - C:\WINDOWS\system32\ffbroker.dll
[MD5.8658CF978578BD78BFF8BB7C303C9EDD] - [04/06/2017 12:10:47] - |A| - [293376] - C:\WINDOWS\system32\fhcat.dll
[MD5.F7DA2C0AED7BD749F8B2EFCCFF1777E8] - [04/06/2017 12:10:47] - |A| - [437760] - C:\WINDOWS\system32\fhcfg.dll
[MD5.EB932790329DA78701448B66BF24934C] - [04/06/2017 12:10:47] - |A| - [53760] - C:\WINDOWS\system32\fhcleanup.dll
[MD5.1C27E055E6DF51E8A0C1B195543A58BF] - [04/06/2017 12:10:47] - |A| - [344064] - C:\WINDOWS\system32\fhcpl.dll
[MD5.276C8114D8CBF3034F8AD8D9D605174E] - [04/06/2017 12:10:47] - |A| - [241152] - C:\WINDOWS\system32\fhengine.dll
[MD5.EAAE3D0E242553FF30579A609033FDD1] - [04/06/2017 12:10:47] - |A| - [72192] - C:\WINDOWS\system32\fhevents.dll
[MD5.C510F07BE38D51B9FB8451630C5614AB] - [04/06/2017 12:10:47] - |A| - [65024] - C:\WINDOWS\system32\fhlisten.dll
[MD5.04210E288FB80C13619897852AB0F635] - [04/06/2017 12:10:47] - |A| - [129024] - C:\WINDOWS\system32\fhmanagew.exe
[MD5.605960077DA204445AE25BA25CAB170F] - [04/06/2017 12:10:47] - |A| - [361984] - C:\WINDOWS\system32\fhsettingsprovider.dll
[MD5.E4E62368F628D160EF403629ED56485F] - [04/06/2017 12:10:47] - |A| - [152576] - C:\WINDOWS\system32\fhshl.dll
[MD5.D61B6A057FB7C778EB7E3B96D1CD3C9F] - [04/06/2017 12:10:47] - |A| - [80384] - C:\WINDOWS\system32\fhsrchapi.dll
[MD5.D33F0ACD4493A928E4DC7D8C1829C14F] - [04/06/2017 12:10:47] - |A| - [68096] - C:\WINDOWS\system32\fhsrchph.dll
[MD5.AA59572FB4D6D03E5D41F91CE0A9F326] - [04/06/2017 12:10:47] - |A| - [121344] - C:\WINDOWS\system32\fhsvc.dll
[MD5.030F50BE813DDF67D4A2E5E5355AD4BC] - [04/06/2017 12:10:47] - |A| - [29184] - C:\WINDOWS\system32\fhsvcctl.dll
[MD5.E1F3F329BC51AC9FCE00059AEDC80D57] - [04/06/2017 12:10:47] - |A| - [58880] - C:\WINDOWS\system32\fhtask.dll
[MD5.E0BFA532AE7B30714939363917D598E6] - [04/06/2017 12:10:47] - |A| - [132096] - C:\WINDOWS\system32\fhuxadapter.dll
[MD5.AB3A2E5CCA8972361276D95A069B9FEE] - [04/06/2017 12:10:47] - |A| - [16896] - C:\WINDOWS\system32\fhuxapi.dll
[MD5.7D8780050CCB132412939F9057F241AA] - [04/06/2017 12:10:47] - |A| - [48128] - C:\WINDOWS\system32\fhuxcommon.dll
[MD5.5635374B8A14F3725173C5EB9FA68782] - [04/06/2017 12:10:47] - |A| - [77312] - C:\WINDOWS\system32\fhuxgraphics.dll
[MD5.2048F12F46C6E15D6BDBF11BB4175B04] - [04/06/2017 12:10:47] - |A| - [899072] - C:\WINDOWS\system32\fhuxpresentation.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [312832] - C:\WINDOWS\system32\fi-FI
[MD5.F876383B65542FC77CA236E09725F784] - [04/06/2017 12:09:25] - |A| - [176128] - C:\WINDOWS\system32\fidocredprov.dll
[MD5.F6CF0175F98E32AFB1FAF89D83FC1131] - [04/06/2017 12:09:34] - |A| - [32768] - C:\WINDOWS\system32\FileAppxStreamingDataSource.dll
[MD5.B76B6A17A64D0940D0C6E6465A014C86] - [04/06/2017 12:10:47] - |A| - [246784] - C:\WINDOWS\system32\FileHistory.exe
[MD5.0FE7ADD985ADB09F1499B7DA73D34747] - [04/06/2017 12:10:24] - |A| - [561664] - C:\WINDOWS\system32\filemgmt.dll
[MD5.E63067A642A66D029C6B86D9BE683980] - [04/06/2017 12:10:16] - |A| - [167936] - C:\WINDOWS\system32\FilterDS.dll
[MD5.BD0070B95E656493FFFE82FBB2227D7E] - [04/06/2017 12:09:52] - |A| - [17408] - C:\WINDOWS\system32\find.exe
[MD5.E9D0F492F8C75B73B0B07FDA348DC0CD] - [04/06/2017 12:10:29] - |A| - [66048] - C:\WINDOWS\system32\findnetprinters.dll
[MD5.B7B95BBD83CD44B205F07D71E5F135AA] - [04/06/2017 12:09:34] - |A| - [34304] - C:\WINDOWS\system32\findstr.exe
[MD5.A003119B83C79BE1C47F19B65EB1E165] - [04/06/2017 12:09:34] - |A| - [15872] - C:\WINDOWS\system32\finger.exe
[MD5.EA6F251056234737535A7028013D2A49] - [04/06/2017 12:09:54] - |A| - [113664] - C:\WINDOWS\system32\fingerprintcredential.dll
[MD5.9366EDF5BD5C51719B2BB6209B901D24] - [04/06/2017 12:10:03] - |A| - [7168] - C:\WINDOWS\system32\Firewall.cpl
[MD5.3DEF8345C0B4A8D4A16D8B363FB3FCF8] - [04/06/2017 12:09:34] - |A| - [535552] - C:\WINDOWS\system32\FirewallAPI.dll
[MD5.D13B213E907FDFFB0D74C63E03F4A7F6] - [04/06/2017 12:10:06] - |A| - [924672] - C:\WINDOWS\system32\FirewallControlPanel.dll
[MD5.282EDBFC2D35BDD34620ED7767164CD4] - [04/06/2017 12:10:44] - |A| - [20992] - C:\WINDOWS\system32\fixmapi.exe
[MD5.27B0D7C0E558F42BC21F68537BD66AEA] - [04/06/2017 12:09:57] - |A| - [743424] - C:\WINDOWS\system32\FlightSettings.dll
[MD5.42CD05FD00B68E7E095C70DAC8D2DD3E] - [04/06/2017 12:09:55] - |A| - [22528] - C:\WINDOWS\system32\fltLib.dll
[MD5.F6B49796CCF925942B459AFB4F4E331E] - [04/06/2017 12:09:55] - |A| - [30208] - C:\WINDOWS\system32\fltMC.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [3459116] - C:\WINDOWS\system32\Fluency
[MD5.2680E2929B755BD3EB3C7F97491CE1A9] - [04/06/2017 12:09:18] - |A| - [2806272] - C:\WINDOWS\system32\FluencyDS.dll
[MD5.5E84F47E373912F1223B05F12D7F2C65] - [04/06/2017 12:10:42] - |A| - [74240] - C:\WINDOWS\system32\fmapi.dll
[MD5.31BF985C9042F1FFDC0F8E6BF1A48D59] - [04/06/2017 12:09:34] - |A| - [55120] - C:\WINDOWS\system32\fmifs.dll
[MD5.4686172D6AE07FCB4E985533034032B5] - [04/06/2017 12:10:03] - |A| - [201216] - C:\WINDOWS\system32\fms.dll
[MD5.22A3CEDAF01B2982BF27076CDA740A20] - [12/06/2017 10:57:16] - |A| - [392488] - C:\WINDOWS\system32\FNTCACHE.DAT
[MD5.2A96C1EAED0AAAF5BDD76233E6B46A73] - [04/06/2017 12:09:29] - |A| - [1911808] - C:\WINDOWS\system32\FntCache.dll
[MD5.57B2EE598C93D8C7BF2DFB52EA5F256A] - [04/06/2017 12:10:24] - |A| - [47616] - C:\WINDOWS\system32\fodhelper.exe
[MD5.59886AB9E320C956ED96A45947589D73] - [04/06/2017 12:10:24] - |A| - [111616] - C:\WINDOWS\system32\Fondue.exe
[MD5.897BBBDE370A30DB83B50DFCA82618A5] - [04/06/2017 12:10:00] - |A| - [745832] - C:\WINDOWS\system32\fontdrvhost.exe
[MD5.9F88ECA148638162F8A93B7D4E521BE6] - [04/06/2017 12:10:50] - |A| - [965632] - C:\WINDOWS\system32\fontext.dll
[MD5.77DCC2C38F454344839F2CB3D67BE744] - [04/06/2017 12:10:06] - |A| - [58368] - C:\WINDOWS\system32\FontGlyphAnimator.dll
[MD5.1E4B8D7474B9164722B51B62B8562807] - [04/06/2017 12:10:03] - |A| - [19456] - C:\WINDOWS\system32\fontgroupsoverride.dll
[MD5.B575CE1F8DD132B1702ECBF4DA712850] - [04/06/2017 12:09:29] - |A| - [137216] - C:\WINDOWS\system32\FontProvider.dll
[MD5.B67C69FBA8C3765320929D09A4249431] - [04/06/2017 12:10:00] - |A| - [122368] - C:\WINDOWS\system32\fontsub.dll
[MD5.43B0AFA1D77B028116B36421D2C9AF78] - [04/06/2017 12:10:50] - |A| - [120832] - C:\WINDOWS\system32\fontview.exe
[MD5.FE2FDC730148CD1D58BCC02DB668E47A] - [04/06/2017 12:09:54] - |A| - [48640] - C:\WINDOWS\system32\forfiles.exe
[MD5.9F29595C42E4B94242DF35D6C3E9D7C0] - [04/06/2017 12:09:18] - |A| - [37888] - C:\WINDOWS\system32\format.com
[MD5.1E49C87DEE0769BA44E0A1F414E62585] - [04/06/2017 12:10:47] - |A| - [41472] - C:\WINDOWS\system32\fpb.rs
[MD5.5862CFD04AB13B30E7C4135A199AA714] - [04/06/2017 12:10:27] - |A| - [118272] - C:\WINDOWS\system32\fphc.dll
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:44] - |D| - [3573760] - C:\WINDOWS\system32\fr
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [280576] - C:\WINDOWS\system32\fr-CA
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [47705445] - C:\WINDOWS\system32\fr-FR
[MD5.9F69F22BC996D6BA3C0AB96183BA7173] - [04/06/2017 12:09:40] - |A| - [246784] - C:\WINDOWS\system32\framedyn.dll
[MD5.272FD03F83CC082A8DF38178479F2829] - [04/06/2017 12:10:44] - |A| - [293888] - C:\WINDOWS\system32\framedynos.dll
[MD5.DC821C3F07B92395B7956AA24BA49ABC] - [04/06/2017 12:09:21] - |A| - [660480] - C:\WINDOWS\system32\FrameServer.dll
[MD5.9FE21C9873A94E5509102BAC821517DF] - [04/06/2017 12:10:38] - |A| - [82944] - C:\WINDOWS\system32\frprov.dll
[MD5.531CDBF715952338AA158D9204C503C5] - [04/06/2017 12:10:44] - |A| - [16896] - C:\WINDOWS\system32\fsavailux.exe
[MD5.AD3ED6B8A1A05558813BAB3F4B8989CD] - [04/06/2017 12:09:21] - |A| - [293376] - C:\WINDOWS\system32\FSClient.dll
[MD5.847BD2931362C986AFDE301F3A09288D] - [04/06/2017 12:09:21] - |A| - [93584] - C:\WINDOWS\system32\FsIso.exe
[MD5.97AED7FC6C2B38F34CA1A3C10D2F5A60] - [04/06/2017 12:10:24] - |A| - [144909] - C:\WINDOWS\system32\fsmgmt.msc
[MD5.12BF81D8655633F04986A629291FC5AC] - [04/06/2017 12:09:54] - |A| - [140800] - C:\WINDOWS\system32\fsquirt.exe
[MD5.07490188E7A32D4A5B03B452AE54BEC9] - [04/06/2017 12:09:21] - |A| - [161280] - C:\WINDOWS\system32\fsutil.exe
[MD5.FFB70E218651DB64980C198478B290F9] - [04/06/2017 12:09:52] - |A| - [31744] - C:\WINDOWS\system32\fsutilext.dll
[MD5.7B32F2285B9F487CA65C28EE78FFBBF1] - [04/06/2017 12:10:41] - |A| - [65536] - C:\WINDOWS\system32\fthsvc.dll
[MD5.4B063F278BF1B50B6547DB248040EA44] - [04/06/2017 12:10:42] - |A| - [55296] - C:\WINDOWS\system32\ftp.exe
[MD5.58D9DE1162A7B301ECC9E86BCC74F2B7] - [04/06/2017 12:10:02] - |A| - [151040] - C:\WINDOWS\system32\fundisc.dll
[MD5.D4473F6F4E2CFB951AEE0BDCBB25AFB4] - [04/06/2017 12:12:53] - |A| - [842240] - C:\WINDOWS\system32\fveapi.dll
[MD5.A47F74A6F13C48BA9820CFB5451E69A8] - [04/06/2017 12:12:53] - |A| - [356864] - C:\WINDOWS\system32\fveapibase.dll
[MD5.0A43A7C3624269F74511746848545100] - [04/06/2017 12:12:53] - |A| - [26624] - C:\WINDOWS\system32\fvecerts.dll
[MD5.76E2456440377C056007F777A9132153] - [04/06/2017 12:13:01] - |A| - [324608] - C:\WINDOWS\system32\fvecpl.dll
[MD5.B5507D41AE038CEA4A3D0FAE493A97CE] - [04/06/2017 12:12:53] - |A| - [174080] - C:\WINDOWS\system32\fvenotify.exe
[MD5.A9D5E3531524430F946037DD0BDEABF3] - [04/06/2017 12:13:01] - |A| - [162304] - C:\WINDOWS\system32\fveprompt.exe
[MD5.86B31091B0DC1B6F67B1D8044348C17D] - [04/06/2017 12:12:53] - |A| - [65024] - C:\WINDOWS\system32\fveskybackup.dll
[MD5.8BE915BD29E43ED45635DF74F6849419] - [04/06/2017 12:12:53] - |A| - [304640] - C:\WINDOWS\system32\fveui.dll
[MD5.A5A164BCF7ABF9F2F8C40435D79E43EC] - [04/06/2017 12:13:01] - |A| - [803328] - C:\WINDOWS\system32\fvewiz.dll
[MD5.64BC321020D067033416816B50A2D92B] - [04/06/2017 12:09:33] - |A| - [154624] - C:\WINDOWS\system32\fwbase.dll
[MD5.359BC18833ED00D6B625D0CF97AC02D3] - [04/06/2017 12:10:27] - |A| - [53248] - C:\WINDOWS\system32\fwcfg.dll
[MD5.EA136CFA35AC473C0A1D31C90F195724] - [04/06/2017 12:09:33] - |A| - [76800] - C:\WINDOWS\system32\fwmdmcsp.dll
[MD5.40B1DA5B9766B2021AE92282C4922223] - [04/06/2017 12:09:33] - |A| - [217088] - C:\WINDOWS\system32\fwpolicyiomgr.dll
[MD5.B09E8A1B78222FA1CD55AF3AD49FD55F] - [04/06/2017 12:09:30] - |A| - [442880] - C:\WINDOWS\system32\FWPUCLNT.DLL
[MD5.C42D051F1455855DEB5C31C04C137B76] - [04/06/2017 12:10:06] - |A| - [98304] - C:\WINDOWS\system32\FwRemoteSvr.dll
[MD5.74E22AA3F4640AD95948B86416E0B668] - [04/06/2017 12:13:09] - |A| - [281088] - C:\WINDOWS\system32\FXSAPI.dll
[MD5.37D865024FE0366E000A71F1067E1C21] - [04/06/2017 12:13:09] - |A| - [88064] - C:\WINDOWS\system32\FXSCOM.dll
[MD5.7B55DF1B80B29008CFFE841B0E778691] - [04/06/2017 12:13:11] - |A| - [647168] - C:\WINDOWS\system32\FXSCOMEX.dll
[MD5.7F3B6F5C9F130D899A04370A25A5D83F] - [04/06/2017 12:12:53] - |A| - [410112] - C:\WINDOWS\system32\FXSCOMPOSE.dll
[MD5.86FABF55053056D48FFC019A3BCF6B0E] - [04/06/2017 12:12:53] - |A| - [35328] - C:\WINDOWS\system32\FXSCOMPOSERES.dll
[MD5.0DAD618C4A21814985527CA313558E7C] - [04/06/2017 12:12:53] - |A| - [239616] - C:\WINDOWS\system32\FXSCOVER.exe
[MD5.EA0CF2EE62A411680F84A169E646BA6A] - [04/06/2017 12:13:11] - |A| - [8192] - C:\WINDOWS\system32\FXSEVENT.dll
[MD5.271088A7B2E7A32C677C01E440A2EE08] - [04/06/2017 12:13:11] - |A| - [46080] - C:\WINDOWS\system32\FXSMON.dll
[MD5.2486354AF550D3841A82F98FAEA8CDC0] - [04/06/2017 12:13:11] - |A| - [925696] - C:\WINDOWS\system32\FXSRESM.dll
[MD5.DC7182AA31D9AD78618B1DD751F5B9C1] - [04/06/2017 12:13:11] - |A| - [78848] - C:\WINDOWS\system32\FXSROUTE.dll
[MD5.F6A2A06E1A51E8DAC619A3B64296A21B] - [04/06/2017 12:13:11] - |A| - [856576] - C:\WINDOWS\system32\FXSST.dll
[MD5.7291F52AB87C2C6EC9A37EA5B2C1F6C3] - [04/06/2017 12:13:11] - |A| - [640512] - C:\WINDOWS\system32\FXSSVC.exe
[MD5.605E2F1378B63BA2CF88BB9F313FE38E] - [04/06/2017 12:13:09] - |A| - [253440] - C:\WINDOWS\system32\FXST30.dll
[MD5.3FC637F3E3469121B0FF2486D8A3BAF6] - [04/06/2017 12:13:09] - |A| - [411648] - C:\WINDOWS\system32\FXSTIFF.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\system32\FxsTmp
[MD5.1B78737EB17EF93DD9B43AE61BCABAC6] - [04/06/2017 12:13:11] - |A| - [19456] - C:\WINDOWS\system32\FXSUNATD.exe
[MD5.452C0C106700338CAC82D9AB489112E0] - [04/06/2017 12:12:53] - |A| - [179712] - C:\WINDOWS\system32\FXSUTILITY.dll
[MD5.F37A99EAA0673E6A998A409659FEA1F9] - [04/06/2017 12:10:36] - |A| - [58368] - C:\WINDOWS\system32\g711codc.ax
[MD5.BA108BF99C88A45CBDC4F5A20DDC963C] - [04/06/2017 12:10:47] - |A| - [62288] - C:\WINDOWS\system32\gacinstall.dll
[MD5.56E00B94B095FCF057C2B5D8FA7274E8] - [04/06/2017 12:09:21] - |A| - [298496] - C:\WINDOWS\system32\GameBarPresenceWriter.exe
[MD5.6D3F43F08EBFF10DD4F9B8974F5E1017] - [04/06/2017 12:09:21] - |A| - [13824] - C:\WINDOWS\system32\GameBarPresenceWriter.proxy.dll
[MD5.ACD1B847A7C7B008764A8603417529CA] - [04/06/2017 12:09:21] - |A| - [12288] - C:\WINDOWS\system32\GameChatOverlayExt.dll
[MD5.B804BFA8B606BE192A3BC5E58EFD32DC] - [04/06/2017 12:09:25] - |A| - [129024] - C:\WINDOWS\system32\GameChatTranscription.dll
[MD5.7AB8B3687D2223FF36CA96FE0BA7747C] - [04/06/2017 12:09:22] - |A| - [20992] - C:\WINDOWS\system32\gamemode.dll
[MD5.C1FABF758F506B60A070792729ED144A] - [04/06/2017 12:09:24] - |A| - [48640] - C:\WINDOWS\system32\gamemonitor.dll
[MD5.766D5773DB1E71F85225B911006443CD] - [04/06/2017 12:09:21] - |A| - [1231872] - C:\WINDOWS\system32\GamePanel.exe
[MD5.94A9FDECB23BF68E1B29CB754F01872F] - [04/06/2017 12:09:21] - |A| - [28160] - C:\WINDOWS\system32\GamePanelExternalHook.dll
[MD5.A2FC008D56681602389A4DCEB872B05B] - [04/06/2017 12:10:03] - |A| - [2522624] - C:\WINDOWS\system32\gameux.dll
[MD5.AF8B5EED282A43DA74394F5CDA2AF797] - [04/06/2017 12:10:03] - |A| - [4238336] - C:\WINDOWS\system32\GameUXLegacyGDFs.dll
[MD5.B0A9F2EAFC192415B25534C3917B891B] - [04/06/2017 12:09:22] - |A| - [177152] - C:\WINDOWS\system32\gamingtcui.dll
[MD5.D07F2281427BD098356EE74B6CB26B86] - [04/06/2017 12:10:38] - |A| - [91132] - C:\WINDOWS\system32\gatherNetworkInfo.vbs
[MD5.4FDED87068052EEB9B72A97FDBC141DB] - [04/06/2017 12:10:36] - |A| - [24006] - C:\WINDOWS\system32\gb2312.uce
[MD5.752DDCDBC86C64D4C29FBFC36EBDC9C0] - [04/06/2017 12:10:02] - |A| - [133120] - C:\WINDOWS\system32\gcdef.dll
[MD5.F3ED26E30F305FCDEA1758E21B6FE722] - [04/06/2017 12:09:25] - |A| - [150352] - C:\WINDOWS\system32\gdi32.dll
[MD5.252CE55B3411B79693BD1CE5A0C88D1C] - [04/06/2017 12:10:02] - |A| - [1590848] - C:\WINDOWS\system32\gdi32full.dll
[MD5.CF52C4137679A652B8B36E69F4547801] - [04/06/2017 12:10:06] - |A| - [1664000] - C:\WINDOWS\system32\GdiPlus.dll
[MD5.5E2CF8914D339C495A76D946729EEA27] - [04/06/2017 12:09:47] - |A| - [645968] - C:\WINDOWS\system32\generaltel.dll
[MD5.05E1488BB476A880D9139245E6C079CD] - [04/06/2017 12:10:33] - |A| - [651824] - C:\WINDOWS\system32\GenValObj.exe
[MD5.4380B14B700B2A44132FDEA736C99D1F] - [04/06/2017 12:09:25] - |A| - [48128] - C:\WINDOWS\system32\Geocommon.dll
[MD5.59542B9423D26919956C48D50347842F] - [04/06/2017 12:09:34] - |A| - [496640] - C:\WINDOWS\system32\Geolocation.dll
[MD5.6E43113E92AA8EF6FBB56BA0661106F7] - [04/06/2017 12:10:03] - |A| - [83456] - C:\WINDOWS\system32\getmac.exe
[MD5.0D35771CBC62D9AF3A5022BF1932B06F] - [04/06/2017 12:10:36] - |A| - [10752] - C:\WINDOWS\system32\getuname.dll
[MD5.944660B1C464A27D588F89D891D4DCB8] - [04/06/2017 12:10:27] - |A| - [492032] - C:\WINDOWS\system32\glmf32.dll
[MD5.088A42134446D56E63D8CC64F3330CD7] - [04/06/2017 12:09:25] - |A| - [325120] - C:\WINDOWS\system32\GlobCollationHost.dll
[MD5.90CBC30FAAEFDD85FAF8EAB826540D0B] - [04/06/2017 12:09:30] - |A| - [175104] - C:\WINDOWS\system32\globinputhost.dll
[MD5.3D75336FF4E9B2A7C538188A1C0DA8D1] - [04/06/2017 12:10:24] - |A| - [162304] - C:\WINDOWS\system32\glu32.dll
[MD5.8EAE4D6D34F602A29DF01D61D2D015CB] - [04/06/2017 12:09:55] - |A| - [37888] - C:\WINDOWS\system32\gmsaclient.dll
[MD5.20DC9783CCD4A6FFE2181F50C19248A8] - [04/06/2017 12:10:06] - |A| - [124024] - C:\WINDOWS\system32\gpapi.dll
[MD5.E59C11B97A9FD954727B21008C60185D] - [04/06/2017 12:10:02] - |A| - [1101312] - C:\WINDOWS\system32\gpedit.dll
[MD5.6C054DA115C2CA2C523ABD159ED7814B] - [04/06/2017 12:11:51] - |A| - [147439] - C:\WINDOWS\system32\gpedit.msc
[MD5.FB7007B78AC8DF50A862BC09CA7099C3] - [04/06/2017 12:11:51] - |A| - [671744] - C:\WINDOWS\system32\gpprefcl.dll
[MD5.B43A2926BD59DB6A076113FFA8E1C661] - [04/06/2017 12:10:49] - |A| - [38912] - C:\WINDOWS\system32\gpprnext.dll
[MD5.86F3C6F45DA5F2592375C7547CB4164E] - [04/06/2017 12:10:03] - |A| - [220672] - C:\WINDOWS\system32\gpresult.exe
[MD5.B98453F2B6EA129C88B4C5F7317DF53E] - [04/06/2017 12:11:51] - |A| - [50176] - C:\WINDOWS\system32\gpscript.dll
[MD5.EF49A18B93446EDC51130EDEE0E7F3BE] - [04/06/2017 12:11:51] - |A| - [44032] - C:\WINDOWS\system32\gpscript.exe
[MD5.63AC0C272B8D3124C25BEE5D8B32C0DC] - [04/06/2017 12:10:06] - |A| - [1270784] - C:\WINDOWS\system32\gpsvc.dll
[MD5.EB2BB952D589E867CC44E65D21CB0EDB] - [04/06/2017 12:10:03] - |A| - [26112] - C:\WINDOWS\system32\gptext.dll
[MD5.89D355BFD5F3276D0434A92EBA2985CE] - [04/06/2017 12:10:06] - |A| - [29184] - C:\WINDOWS\system32\gpupdate.exe
[MD5.B4A8DE26F9F16E7FBA65EB06957124E1] - [04/06/2017 12:09:29] - |A| - [63488] - C:\WINDOWS\system32\GraphicsPerfSvc.dll
[MD5.224708467540FE30178C92CE07864355] - [04/06/2017 12:10:47] - |A| - [19456] - C:\WINDOWS\system32\grb.rs
[MD5.325D19A39A8F26335A2C793EAB3561E3] - [04/06/2017 12:09:07] - |A| - [71680] - C:\WINDOWS\system32\Groupinghc.dll
[MD5.A5DB3331F530894350A80E1C7BA1CF98] - [04/06/2017 12:10:42] - |A| - [50688] - C:\WINDOWS\system32\grpconv.exe
[MD5.A95DE52CFC01DCFB6610F0A612F8DE2F] - [04/06/2017 12:09:55] - |A| - [466768] - C:\WINDOWS\system32\hal.dll
[MD5.349D7C51F75A798A1E3A05DA1F24BFAC] - [04/06/2017 12:08:35] - |A| - [16768] - C:\WINDOWS\system32\HalExtIntcLpioDMA.dll
[MD5.91AE2C49F85B85142AF2DDDE9625BF80] - [04/06/2017 12:08:35] - |A| - [14720] - C:\WINDOWS\system32\HalExtPL080.dll
[MD5.31B13DF68DB24DBA8AB870EBD193319D] - [04/06/2017 12:09:37] - |A| - [85504] - C:\WINDOWS\system32\hascsp.dll
[MD5.E6FEB9606936DFE445DC4B6C773E4198] - [04/06/2017 12:11:39] - |A| - [7351296] - C:\WINDOWS\system32\Havok.Physics.dll
[MD5.C786FA7395DA0930FAC344DE5A9AD6D8] - [04/06/2017 12:09:39] - |A| - [81920] - C:\WINDOWS\system32\hbaapi.dll
[MD5.4D892747FCC9CB1F7B479284D05CDF42] - [04/06/2017 12:10:06] - |A| - [60416] - C:\WINDOWS\system32\hcproviders.dll
[MD5.5AE70609157A70AA973E623C1331518F] - [04/06/2017 12:09:54] - |A| - [317128] - C:\WINDOWS\system32\HdcpHandler.dll
[MD5.A494662E3701CE525ECC1C0CD19D8C0F] - [04/06/2017 12:10:24] - |A| - [381952] - C:\WINDOWS\system32\hdwwiz.cpl
[MD5.F2A65DB1D6DD1A33AB9B30675D627FCD] - [04/06/2017 12:10:24] - |A| - [65024] - C:\WINDOWS\system32\hdwwiz.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [267264] - C:\WINDOWS\system32\he-IL
[MD5.2E75CDFD6EF47A1FDE5B1E2E8B367F84] - [04/06/2017 12:10:47] - |A| - [624128] - C:\WINDOWS\system32\HeadTrackerStorage.dll
[MD5.6BCB92AF6D8A16413D8B8156C0FE363A] - [04/06/2017 12:09:29] - |A| - [196096] - C:\WINDOWS\system32\HeatCore.dll
[MD5.69E2049111F63AABAF7A509E72AFB0DC] - [04/06/2017 12:09:54] - |A| - [11776] - C:\WINDOWS\system32\help.exe
[MD5.28BEAD034066BA13216690C35A86E39C] - [04/06/2017 12:10:07] - |A| - [55296] - C:\WINDOWS\system32\HelpPaneProxy.dll
[MD5.788D0C9ED3D7D6BB1161E02F9FFD11B1] - [04/06/2017 12:10:03] - |A| - [615936] - C:\WINDOWS\system32\hgcpl.dll
[MD5.31C54370EB46C263D10868C07C4E036C] - [04/06/2017 12:09:08] - |A| - [230400] - C:\WINDOWS\system32\hgprint.dll
[MD5.C49CAA40497C555B79C881C4F394B458] - [04/06/2017 12:10:03] - |A| - [655360] - C:\WINDOWS\system32\hhctrl.ocx
[MD5.C3089C8266EBC504579B1DD1FDE79E26] - [04/06/2017 12:10:03] - |A| - [55296] - C:\WINDOWS\system32\hhsetup.dll
[MD5.B9EC0D76E46F616CF87BC748EE35376F] - [04/06/2017 12:10:11] - |A| - [34816] - C:\WINDOWS\system32\hid.dll
[MD5.B92A355E84B5F2A8E168AF9397BCDA7A] - [04/06/2017 12:10:36] - |A| - [39424] - C:\WINDOWS\system32\hidphone.tsp
[MD5.332225D232BF123CB6A66E9312FDE5B9] - [04/06/2017 12:10:11] - |A| - [33792] - C:\WINDOWS\system32\hidserv.dll
[MD5.96485C545A9DE62C010CFFDE0EB537C4] - [04/06/2017 12:10:11] - |A| - [99328] - C:\WINDOWS\system32\hlink.dll
[MD5.68CCA169B8929FB5542F2F2B55D3BA39] - [04/06/2017 12:09:37] - |A| - [58368] - C:\WINDOWS\system32\hmkd.dll
[MD5.CC49F7DEED279483F6D2007D1EB838F6] - [04/06/2017 12:10:03] - |A| - [389632] - C:\WINDOWS\system32\hnetcfg.dll
[MD5.1D08AF354211DD931A34BE5E39961E20] - [04/06/2017 12:10:29] - |A| - [249344] - C:\WINDOWS\system32\HNetCfgClient.dll
[MD5.193361234FA4D115DE135B5E43FBDA8E] - [04/06/2017 12:10:02] - |A| - [16384] - C:\WINDOWS\system32\hnetmon.dll
[MD5.195B287254DE969F404FB1D154C0EA7C] - [04/06/2017 12:11:39] - |A| - [17900032] - C:\WINDOWS\system32\HologramCompositor.dll
[MD5.E27037063EB18194A043D12BA3B6FC76] - [04/06/2017 12:11:39] - |A| - [479232] - C:\WINDOWS\system32\HolographicExtensions.dll
[MD5.E5036C3B044411616312A8243B59FF41] - [04/06/2017 12:11:39] - |A| - [370688] - C:\WINDOWS\system32\HolographicRuntimes.dll
[MD5.FDFCF698D81A4917CB705C96A55338C6] - [04/06/2017 12:11:39] - |A| - [235008] - C:\WINDOWS\system32\HoloShellRuntime.dll
[MD5.F1068CCB71C06C6D93CC23FA45C3D398] - [04/06/2017 12:09:34] - |A| - [13824] - C:\WINDOWS\system32\HOSTNAME.EXE
[MD5.9ADFFEDF7F360409FEA469B5EFB5252A] - [04/06/2017 12:10:24] - |A| - [90112] - C:\WINDOWS\system32\hotplug.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [255488] - C:\WINDOWS\system32\hr-HR
[MD5.5C6EAEC9025E8E31265B61022BBAB662] - [04/06/2017 12:09:17] - |A| - [474624] - C:\WINDOWS\system32\HrtfApo.dll
[MD5.7B3D50EDB97FD5A16F9E2FC71CD44912] - [04/06/2017 12:09:03] - |A| - [417280] - C:\WINDOWS\system32\html.iec
[MD5.569B6078AAD0CF50325ECD64F7786111] - [04/06/2017 12:09:52] - |A| - [30720] - C:\WINDOWS\system32\httpapi.dll
[MD5.5FBE1249D9109D9B2390D913188DE407] - [04/06/2017 12:10:24] - |A| - [18432] - C:\WINDOWS\system32\httpprxc.dll
[MD5.9EDC3738499C411F5D3277B2C2877CA0] - [04/06/2017 12:10:24] - |A| - [123392] - C:\WINDOWS\system32\httpprxm.dll
[MD5.BE2DC5828DEED8FC4B1D99359848B468] - [04/06/2017 12:10:24] - |A| - [19456] - C:\WINDOWS\system32\httpprxp.dll
[MD5.0D67E54660A6A2E644852300BA923EA7] - [04/06/2017 12:09:34] - |A| - [84480] - C:\WINDOWS\system32\HttpsDataSource.dll
[MD5.36075CF636A00862922F09B00F740FB7] - [04/06/2017 12:10:29] - |A| - [42496] - C:\WINDOWS\system32\htui.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [316928] - C:\WINDOWS\system32\hu-HU
[MD5.F2FD1DEE2D36DDFA0F7FA360B9BA55F4] - [04/06/2017 12:09:18] - |A| - [1045840] - C:\WINDOWS\system32\hvax64.exe
[MD5.D8BB0D7607510FFBF0F65448993221D3] - [04/06/2017 12:09:17] - |A| - [55632] - C:\WINDOWS\system32\hvhostsvc.dll
[MD5.C404C309C5323803ACE2D2EB9C132230] - [04/06/2017 12:09:18] - |A| - [1174864] - C:\WINDOWS\system32\hvix64.exe
[MD5.EC219818851A74A659FDC0EED3041F3B] - [04/06/2017 12:09:18] - |A| - [73040] - C:\WINDOWS\system32\hvloader.dll
[MD5.D2F34F3C3E270E9E89F80281F43B10E2] - [04/06/2017 12:11:51] - |A| - [100688] - C:\WINDOWS\system32\hvsievaluator.exe
[MD5.3C9BE2AE31AA811E0FA4AD99DE3EAB6F] - [04/06/2017 12:11:51] - |A| - [100176] - C:\WINDOWS\system32\hvsigpext.dll
[MD5.A8676BF3F8B55B3CE7486DF9FA9D8FF4] - [04/06/2017 12:11:37] - |A| - [47104] - C:\WINDOWS\system32\hwrcomp.exe
[MD5.F69F575B8EC9DECD748E5BC45DEE5BE7] - [04/06/2017 12:11:37] - |A| - [184320] - C:\WINDOWS\system32\hwrreg.exe
[MD5.00000000000000000000000000000000] - [05/06/2017 09:00:07] - |D| - [44639596] - C:\WINDOWS\system32\Hydrogen
[MD5.994A4ABD9A5010E368B7224AB69F90A3] - [04/06/2017 12:11:39] - |A| - [22372352] - C:\WINDOWS\system32\Hydrogen.dll
[MD5.A565537F1580872AE5B95D0CA457D780] - [04/06/2017 12:09:18] - |A| - [45461] - C:\WINDOWS\system32\hypervisor.mof
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [5489] - C:\WINDOWS\system32\ias
[MD5.A0D5D9FD9ED58B32C1CDB1EAF870C263] - [04/06/2017 12:10:02] - |A| - [30720] - C:\WINDOWS\system32\ias.dll
[MD5.04D0C17FE50ACCDF06013EDFDD799BCF] - [04/06/2017 12:10:02] - |A| - [81920] - C:\WINDOWS\system32\iasacct.dll
[MD5.75879F7F52A1490F10EF985DAFD823BD] - [04/06/2017 12:10:02] - |A| - [72192] - C:\WINDOWS\system32\iasads.dll
[MD5.A1EB0B411F3C03E755541B01D84C8589] - [04/06/2017 12:10:02] - |A| - [75776] - C:\WINDOWS\system32\iasdatastore.dll
[MD5.511463C9A460D0A0A20815C4B8D3EF41] - [04/06/2017 12:10:02] - |A| - [88064] - C:\WINDOWS\system32\iashlpr.dll
[MD5.1CC0CF2492A4C38764B2D383FDD5AC4E] - [04/06/2017 12:10:02] - |A| - [687952] - C:\WINDOWS\system32\IasMigPlugin.dll
[MD5.59DDF01D8E0453D6DC4AC69C44EF364A] - [04/06/2017 12:10:02] - |A| - [141824] - C:\WINDOWS\system32\iasnap.dll
[MD5.4AFF294A052C72ED95F6E161D063A4C4] - [04/06/2017 12:10:02] - |A| - [47616] - C:\WINDOWS\system32\iaspolcy.dll
[MD5.D15F8E64CADDD6C3E47C9025F2B6F931] - [04/06/2017 12:10:02] - |A| - [224768] - C:\WINDOWS\system32\iasrad.dll
[MD5.F30A77B5767331E1B0955F3BE58D9789] - [04/06/2017 12:10:02] - |A| - [186368] - C:\WINDOWS\system32\iasrecst.dll
[MD5.307CCDB51A40E7CA60FAAD664EE118B0] - [04/06/2017 12:10:02] - |A| - [248832] - C:\WINDOWS\system32\iassam.dll
[MD5.C5E33722E70B50699DEA01D9DA238B6C] - [04/06/2017 12:10:02] - |A| - [447488] - C:\WINDOWS\system32\iassdo.dll
[MD5.D395A50720D14BD9FCA6A129993C640E] - [04/06/2017 12:10:03] - |A| - [140800] - C:\WINDOWS\system32\iassvcs.dll
[MD5.02B43C4AE81C62D7D031A2CCCFA99CA6] - [04/06/2017 12:09:37] - |A| - [36864] - C:\WINDOWS\system32\icacls.exe
[MD5.428A858D4DBD59B9CFBCA7FA13AD9461] - [04/06/2017 12:09:33] - |A| - [109392] - C:\WINDOWS\system32\icfupgd.dll
[MD5.652815C801A8657AA0523E6C728C49D9] - [04/06/2017 12:09:25] - |A| - [245248] - C:\WINDOWS\system32\icm32.dll
[MD5.51630BC4FC9563BA556164140EDA9133] - [04/06/2017 12:09:37] - |A| - [3072] - C:\WINDOWS\system32\icmp.dll
[MD5.6F74C633C100E8AB2F78056563D2D997] - [04/06/2017 12:08:58] - |A| - [26112] - C:\WINDOWS\system32\icmui.dll
[MD5.C283FDB1A59B72CD00D7942DCC81D2EA] - [04/06/2017 12:10:03] - |A| - [14336] - C:\WINDOWS\system32\IconCodecService.dll
[MD5.BDD9713BAE4B605C82BD35C8891EC615] - [04/06/2017 12:09:29] - |A| - [72192] - C:\WINDOWS\system32\IcsEntitlementHost.exe
[MD5.749836DD75E16568BB5C2954603D1494] - [04/06/2017 12:10:03] - |A| - [199680] - C:\WINDOWS\system32\icsigd.dll
[MD5.136143A0595DF73C84BA57B3DE37EAF0] - [04/06/2017 12:10:29] - |A| - [16896] - C:\WINDOWS\system32\icsunattend.exe
[MD5.BBB2BD60631308BC488AAA155A7363AB] - [04/06/2017 12:08:57] - |A| - [286208] - C:\WINDOWS\system32\icsvc.dll
[MD5.F899BADCD2E9AEC7C4B5F0C97DF35B06] - [04/06/2017 12:08:57] - |A| - [309760] - C:\WINDOWS\system32\icsvcext.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [37145] - C:\WINDOWS\system32\icsxml
[MD5.CFC3D294BB66C9166DA528AFDAF7108C] - [04/06/2017 12:09:30] - |RA| - [1900544] - C:\WINDOWS\system32\icuin.dll
[MD5.EAFD306A7DCF045AD7465A1514EABD58] - [04/06/2017 12:09:30] - |RA| - [1340928] - C:\WINDOWS\system32\icuuc.dll
[MD5.8EB151E291ED2A3DA15C5F6A713CA064] - [04/06/2017 12:10:32] - |A| - [112640] - C:\WINDOWS\system32\IdCtrls.dll
[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - [04/06/2017 12:10:36] - |A| - [60458] - C:\WINDOWS\system32\ideograf.uce
[MD5.8CBB5852C58A7517B09FC6E58DE279EE] - [04/06/2017 12:10:38] - |A| - [203264] - C:\WINDOWS\system32\IdListen.dll
[MD5.82AF5454754355C7D1AB0B1066A4E411] - [04/06/2017 12:10:11] - |A| - [10240] - C:\WINDOWS\system32\idndl.dll
[MD5.B2D75C857FC812671B9BA24E8A041808] - [04/06/2017 12:09:24] - |A| - [141312] - C:\WINDOWS\system32\IDStore.dll
[MD5.10DAB61EDBBC2D7798FAC7F332D9A80C] - [04/06/2017 12:09:04] - |A| - [248320] - C:\WINDOWS\system32\ie4uinit.exe
[MD5.7CD08EEDDF48D5631E19AEFB80CDB986] - [04/06/2017 12:09:04] - |A| - [143360] - C:\WINDOWS\system32\IEAdvpack.dll
[MD5.C8D33A0E5612313AD770715C2C5D69C3] - [04/06/2017 12:09:03] - |A| - [1599488] - C:\WINDOWS\system32\ieapfltr.dll
[MD5.B5F8C840921D90CCDAB9F7EE8BBC373D] - [04/06/2017 12:09:04] - |A| - [411648] - C:\WINDOWS\system32\iedkcs32.dll
[MD5.40F2A47B415C2907C9C63CE2E31E2FA9] - [04/06/2017 12:09:04] - |A| - [12839424] - C:\WINDOWS\system32\ieframe.dll
[MD5.BA9DC7137A69648DF65F6931BBE3563E] - [04/06/2017 12:09:03] - |A| - [142848] - C:\WINDOWS\system32\iepeers.dll
[MD5.6EA0F658F2465540899491083DCAF7E7] - [04/06/2017 12:09:03] - |A| - [811008] - C:\WINDOWS\system32\ieproxy.dll
[MD5.8A498A4A6D2CD8C017D806A42F8553F7] - [04/06/2017 12:09:04] - |A| - [46080] - C:\WINDOWS\system32\iernonce.dll
[MD5.4BA6994D2BD23CE4D18EC9DBEDB587C4] - [04/06/2017 12:10:11] - |A| - [2666264] - C:\WINDOWS\system32\iertutil.dll
[MD5.F93321915D6A27789DDDCAA9284AD84B] - [04/06/2017 12:09:04] - |A| - [77824] - C:\WINDOWS\system32\iesetup.dll
[MD5.5BC553F83788EED2FF596E1AE12A9A8F] - [04/06/2017 12:09:04] - |A| - [117760] - C:\WINDOWS\system32\iesysprep.dll
[MD5.D4817F8548835C4DE7FBF0B6DE895D3F] - [04/06/2017 12:09:03] - |A| - [561152] - C:\WINDOWS\system32\ieui.dll
[MD5.6B31D08801D3A3F51B59FB1DB14E4A01] - [04/06/2017 12:09:04] - |A| - [3458] - C:\WINDOWS\system32\ieuinit.inf
[MD5.61CF5A3749290EFB8E42FA8D8E07A61C] - [04/06/2017 12:09:04] - |A| - [151040] - C:\WINDOWS\system32\ieUnatt.exe
[MD5.8929E0EAB04220837F1EDCD28C2D30A5] - [04/06/2017 12:09:04] - |A| - [167424] - C:\WINDOWS\system32\iexpress.exe
[MD5.B77F099556B45968E8C52B1790A6EA63] - [04/06/2017 12:09:37] - |A| - [30720] - C:\WINDOWS\system32\ifmon.dll
[MD5.CA44547BF49D172A39FF992CB2550C95] - [04/06/2017 12:09:37] - |A| - [221520] - C:\WINDOWS\system32\ifsutil.dll
[MD5.23275445A2805EC53E972E1E643EA092] - [04/06/2017 12:10:44] - |A| - [16384] - C:\WINDOWS\system32\ifsutilx.dll
[MD5.CD09CE03CD30AAEC50BAC7B02F51FA7D] - [04/06/2017 12:10:38] - |A| - [82432] - C:\WINDOWS\system32\igdDiag.dll
[MD5.9858F662B1F5702868063FBAE0E85495] - [04/06/2017 12:09:18] - |A| - [172032] - C:\WINDOWS\system32\IHDS.dll
[MD5.7FA0852EE21628E8F7863D9CF34F84EC] - [04/06/2017 12:10:50] - |A| - [68096] - C:\WINDOWS\system32\ihvrilproxy.dll
[MD5.FD66E1D6241270350CE1F5FB0F5B56E8] - [04/06/2017 12:09:30] - |A| - [964608] - C:\WINDOWS\system32\IKEEXT.DLL
[MD5.CEE3A85D0E15F88F04523FCAEE280CBF] - [04/06/2017 12:09:21] - |A| - [31584] - C:\WINDOWS\system32\imaadp32.acm
[MD5.46398B2E646EA3E5B5268E6453D4FD57] - [04/06/2017 12:09:55] - |A| - [101280] - C:\WINDOWS\system32\imagehlp.dll
[MD5.3F5DD2E8D71CA29B7113F120F7102B6E] - [04/06/2017 12:10:50] - |A| - [23632384] - C:\WINDOWS\system32\imageres.dll
[MD5.2BC044AD798F2E2A0B81B9C1A02FB5F9] - [04/06/2017 12:10:50] - |A| - [694784] - C:\WINDOWS\system32\imagesp1.dll
[MD5.7AD3151B5C44F6B6CB0B6E504697CC64] - [04/06/2017 12:10:03] - |A| - [136704] - C:\WINDOWS\system32\imapi.dll
[MD5.FA835CB88C30BFCE74D4E395543B0C45] - [04/06/2017 12:10:07] - |A| - [523264] - C:\WINDOWS\system32\imapi2.dll
[MD5.97E46EF4B3FD0E36145B4A77468EBBB9] - [04/06/2017 12:10:02] - |A| - [1047552] - C:\WINDOWS\system32\imapi2fs.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [25404595] - C:\WINDOWS\system32\IME
[MD5.071D35AF29E0EEB3E414BBF2444E9012] - [04/06/2017 12:09:03] - |A| - [55808] - C:\WINDOWS\system32\imgutil.dll
[MD5.7BCE06B6104D5B75082CE7260099B17C] - [04/06/2017 12:10:00] - |A| - [169984] - C:\WINDOWS\system32\imm32.dll
[MD5.88D0B7AFF550A29D4B0892FEAA513CD4] - [04/06/2017 12:10:36] - |A| - [142848] - C:\WINDOWS\system32\immersivetpmvscmgrsvr.exe
[MD5.0463F712F90E879A7ED42CEDEA8862A2] - [04/06/2017 12:10:24] - |A| - [130384] - C:\WINDOWS\system32\ImplatSetup.dll
[MD5.58E254605D8340B1BD46E4F40294BAE5] - [04/06/2017 12:10:11] - |A| - [985600] - C:\WINDOWS\system32\inetcomm.dll
[MD5.DBAEF950ED671E452286A96D68EEB38F] - [04/06/2017 12:09:04] - |A| - [2102784] - C:\WINDOWS\system32\inetcpl.cpl
[MD5.1BFE9167876CA1BD3E95CBB94D1C4066] - [04/06/2017 12:09:37] - |A| - [66048] - C:\WINDOWS\system32\inetmib1.dll
[MD5.A23D135545B42FB863CFECCB89C17B4B] - [04/06/2017 12:11:37] - |A| - [173568] - C:\WINDOWS\system32\inetpp.dll
[MD5.FB952BEC2E0A271BF0DF22EACCAECE78] - [04/06/2017 12:11:37] - |A| - [33792] - C:\WINDOWS\system32\inetppui.dll
[MD5.C80DA6A39983D8BBDCA5D976E04F572C] - [04/06/2017 12:10:11] - |A| - [85504] - C:\WINDOWS\system32\INETRES.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\system32\inetsrv
[MD5.C40867278A6540B93A31A783C1EB7150] - [04/06/2017 12:10:24] - |A| - [13312] - C:\WINDOWS\system32\InfDefaultInstall.exe
[MD5.4A350368808D21CC7400609DA1DDDCD7] - [04/06/2017 12:10:33] - |A| - [262656] - C:\WINDOWS\system32\InkEd.dll
[MD5.EC4927DDB7F9AEE1BD0CECF036EEE68A] - [04/06/2017 12:09:25] - |A| - [970240] - C:\WINDOWS\system32\InkObjCore.dll
[MD5.FEF7981D40D3C8208FF976F39DFF9E54] - [05/06/2017 08:59:13] - |A| - [58880] - C:\WINDOWS\system32\InprocLogger.dll
[MD5.DF593F34442541D9935D6CE632CF27BA] - [04/06/2017 12:10:36] - |A| - [323920] - C:\WINDOWS\system32\input.dll
[MD5.BE297449521DFA5C095EBE92C0BF8277] - [04/06/2017 12:09:25] - |A| - [146216] - C:\WINDOWS\system32\InputHost.dll
[MD5.81F2B1DEC46F78A56B19D2B8AEA5FCB0] - [04/06/2017 12:09:24] - |A| - [109568] - C:\WINDOWS\system32\InputInjectionBroker.dll
[MD5.EB3C462AC91B8275B14D9DD7B9E477E8] - [04/06/2017 12:09:25] - |A| - [125952] - C:\WINDOWS\system32\InputLocaleManager.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [6570496] - C:\WINDOWS\system32\InputMethod
[MD5.9E7E10AC458CE97EE9DBD4A4C3477671] - [04/06/2017 12:09:25] - |A| - [3101184] - C:\WINDOWS\system32\InputService.dll
[MD5.E4A430235887B62A83CE3F3E61E6D4EB] - [04/06/2017 12:10:36] - |A| - [405504] - C:\WINDOWS\system32\InputSwitch.dll
[MD5.4DC598CA35760ADAECF930FF978E3F79] - [04/06/2017 12:09:04] - |A| - [115200] - C:\WINDOWS\system32\inseng.dll
[MD5.89F2ABE10F303635782F455EACF7FDDD] - [04/06/2017 12:09:29] - |A| - [436736] - C:\WINDOWS\system32\InstallAgent.exe
[MD5.5E44CD5FE354AF9BE48A8EC7AB0D46F1] - [04/06/2017 12:09:29] - |A| - [470016] - C:\WINDOWS\system32\InstallAgentUserBroker.exe
[MD5.9B953942532A33A06D83EE5657125367] - [05/06/2017 08:59:13] - |A| - [743424] - C:\WINDOWS\system32\internetmail.dll
[MD5.1E8361F4B9D48130D499B3A3FDCFACA4] - [05/06/2017 08:59:13] - |A| - [90112] - C:\WINDOWS\system32\InternetMailCsp.dll
[MD5.F6AE8E97BA65E78948F57A04273E6EF3] - [04/06/2017 12:10:11] - |A| - [499200] - C:\WINDOWS\system32\intl.cpl
[MD5.03CE9C99D7C62377EDD7A9002E9C8CBD] - [04/06/2017 12:09:47] - |A| - [347984] - C:\WINDOWS\system32\invagent.dll
[MD5.98142E09F775795B10FF079CA6D6DC9D] - [04/06/2017 12:10:16] - |A| - [2560] - C:\WINDOWS\system32\iologmsg.dll
[MD5.36C5FAB4C77F3594CC03770395B3CCEB] - [04/06/2017 12:11:53] - |A| - [125440] - C:\WINDOWS\system32\IoTAssignedAccessLockFramework.dll
[MD5.A47023833BDB09A73A3058BFB392140C] - [04/06/2017 12:09:37] - |A| - [34304] - C:\WINDOWS\system32\ipconfig.exe
[MD5.4BF159A2D4B3648A80186563F02D33E5] - [04/06/2017 12:09:42] - |A| - [70144] - C:\WINDOWS\system32\IPELoggingDictationHelper.dll
[MD5.4B36482F45DF56956FFA60C2C586D7F3] - [04/06/2017 12:09:55] - |A| - [218544] - C:\WINDOWS\system32\IPHLPAPI.DLL
[MD5.9568DAFB7894BF86DE10B60D4B24AA8B] - [04/06/2017 12:10:24] - |A| - [820224] - C:\WINDOWS\system32\iphlpsvc.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\system32\Ipmi
[MD5.9E61BE00D8A5853567FAB171B574631C] - [04/06/2017 12:10:29] - |A| - [598528] - C:\WINDOWS\system32\ipnathlp.dll
[MD5.5A1A5F7CC29EC2AEF169EEDD61C42842] - [04/06/2017 12:10:29] - |A| - [29184] - C:\WINDOWS\system32\IpNatHlpClient.dll
[MD5.EB95AE540AAD2B820700B3FD242566AF] - [04/06/2017 12:10:29] - |A| - [225280] - C:\WINDOWS\system32\IPPMon.dll
[MD5.CE5ED171BF62C6CA778C2224781AA48A] - [04/06/2017 12:10:27] - |A| - [11776] - C:\WINDOWS\system32\iprtprio.dll
[MD5.4B828F45B573F99D70BA0F1AEBDCF75A] - [04/06/2017 12:10:27] - |A| - [560128] - C:\WINDOWS\system32\iprtrmgr.dll
[MD5.376C5D71F92F93AD45BD72A89688C1F1] - [04/06/2017 12:10:06] - |A| - [836096] - C:\WINDOWS\system32\ipsecsnp.dll
[MD5.2532E94C7178ED258E957382C7B1BD5D] - [04/06/2017 12:10:06] - |A| - [431104] - C:\WINDOWS\system32\IPSECSVC.DLL
[MD5.E55B144DE71AA6A560CCBF0C08CF08EA] - [04/06/2017 12:10:06] - |A| - [518656] - C:\WINDOWS\system32\ipsmsnap.dll
[MD5.43AA109F9A8599CDA81C4241450352C0] - [04/06/2017 12:09:18] - |A| - [64000] - C:\WINDOWS\system32\ipxlatcfg.dll
[MD5.A012656F0108C9C2B335BCFD2CA7887A] - [04/06/2017 12:10:47] - |A| - [19968] - C:\WINDOWS\system32\irclass.dll
[MD5.DB1C39CF3A17FA696A513318899B9DA8] - [04/06/2017 12:10:47] - |A| - [186368] - C:\WINDOWS\system32\irftp.exe
[MD5.2573B1E26E48533811A5D2F9B6762E6A] - [04/06/2017 12:09:34] - |A| - [46024] - C:\WINDOWS\system32\iri.dll
[MD5.528B2CD24D75FE700654FEBDE48334B8] - [04/06/2017 12:10:47] - |A| - [24576] - C:\WINDOWS\system32\irmon.dll
[MD5.F677653781D7AED22D5BD4F44F660F93] - [04/06/2017 12:10:47] - |A| - [422912] - C:\WINDOWS\system32\irprops.cpl
[MD5.AD2A752C7E9F39A148A81E9CE7AB120F] - [04/06/2017 12:10:11] - |A| - [155136] - C:\WINDOWS\system32\iscsicli.exe
[MD5.10036B722F0B2A66B47AC7D5CA47D980] - [04/06/2017 12:10:11] - |A| - [228352] - C:\WINDOWS\system32\iscsicpl.dll
[MD5.99A111065DA07BE4176E9281B274802C] - [04/06/2017 12:10:11] - |A| - [122368] - C:\WINDOWS\system32\iscsicpl.exe
[MD5.90E487A30A3F3FB74FBCD8A2BCC2CE7E] - [04/06/2017 12:10:11] - |A| - [75776] - C:\WINDOWS\system32\iscsidsc.dll
[MD5.5E13CAED303292EE7547E3B5A44B93C2] - [04/06/2017 12:10:11] - |A| - [12288] - C:\WINDOWS\system32\iscsied.dll
[MD5.96A0871E6ADC20F3DBEA2E2D5FB39C50] - [04/06/2017 12:10:11] - |A| - [150016] - C:\WINDOWS\system32\iscsiexe.dll
[MD5.49C5B407EB70EBE153745FE5D2F532FF] - [04/06/2017 12:08:35] - |A| - [16896] - C:\WINDOWS\system32\iscsilog.dll
[MD5.F963F3D1EB1932F2413E224FBF3E3A13] - [04/06/2017 12:10:11] - |A| - [35328] - C:\WINDOWS\system32\iscsium.dll
[MD5.D30A40C9A935A9B8BF9401E474226CD1] - [04/06/2017 12:10:11] - |A| - [76800] - C:\WINDOWS\system32\iscsiwmi.dll
[MD5.50309A21377C46BF6C3DCD2799A06A43] - [04/06/2017 12:10:11] - |A| - [129536] - C:\WINDOWS\system32\iscsiwmiv2.dll
[MD5.03D69DAC58568EAB56896F2FD595B8BB] - [04/06/2017 12:09:25] - |A| - [1036800] - C:\WINDOWS\system32\ISM.dll
[MD5.E5FA8CC38D7EBD3E558067D3D27DEDB4] - [04/06/2017 12:09:47] - |A| - [118784] - C:\WINDOWS\system32\isoburn.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [338432] - C:\WINDOWS\system32\it-IT
[MD5.DD06C91363CEE5ED14D4EE8CF619E542] - [04/06/2017 12:10:07] - |A| - [194048] - C:\WINDOWS\system32\itircl.dll
[MD5.6A0F501BA56D912696688B64BF37A2CB] - [04/06/2017 12:10:07] - |A| - [172544] - C:\WINDOWS\system32\itss.dll
[MD5.3B41ECA3AE9A3DAD9B8DD308523DBB49] - [04/06/2017 12:10:32] - |A| - [46024] - C:\WINDOWS\system32\iuilp.dll
[MD5.162F71C8B878673B6D51CC73E2FC2591] - [04/06/2017 12:09:17] - |A| - [18624] - C:\WINDOWS\system32\iumbase.dll
[MD5.50A60648ED05C83836CE4BAF3BFC10A4] - [04/06/2017 12:09:18] - |A| - [62544] - C:\WINDOWS\system32\iumcrypt.dll
[MD5.8AA2A944A2258635AF04F2D0C616EAE0] - [04/06/2017 12:09:17] - |A| - [11456] - C:\WINDOWS\system32\iumdll.dll
[MD5.840FABA24AB5C1E7E37D99360CB3523B] - [04/06/2017 12:09:21] - |A| - [18040] - C:\WINDOWS\system32\IumSdk.dll
[MD5.B87DCB5FF893BF86039AF9767B646508] - [04/06/2017 12:09:18] - |A| - [53760] - C:\WINDOWS\system32\iyuv_32.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [249592] - C:\WINDOWS\system32\ja-jp
[MD5.E89E9D6F8F5F1B68A0F8DB279A031E7A] - [04/06/2017 12:09:04] - |A| - [94720] - C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
[MD5.FE71709F616E665C8EB0EDE9F2B483EB] - [04/06/2017 12:10:27] - |A| - [51712] - C:\WINDOWS\system32\joinproviderol.dll
[MD5.1731E02A18848CB578BBA450663223A9] - [04/06/2017 12:10:24] - |A| - [105472] - C:\WINDOWS\system32\joinutil.dll
[MD5.77788B3D3BA21EDC114159B8BF953ABC] - [04/06/2017 12:10:00] - |A| - [97792] - C:\WINDOWS\system32\joy.cpl
[MD5.A3FC44D88C2D5A969EF62495A2A44C91] - [04/06/2017 12:09:29] - |A| - [1225728] - C:\WINDOWS\system32\JpMapControl.dll
[MD5.A6AC7AC50A41A4B4B583ECF9A34D6F5E] - [04/06/2017 12:09:18] - |A| - [372224] - C:\WINDOWS\system32\jpndecoder.dll
[MD5.AF2413CA50CA79032CEE3DB4F5CFBD01] - [04/06/2017 12:09:18] - |A| - [53760] - C:\WINDOWS\system32\jpninputrouter.dll
[MD5.E82FBFB8716458320557D76619FC5046] - [04/06/2017 12:09:18] - |A| - [286208] - C:\WINDOWS\system32\jpnranker.dll
[MD5.3171E9B64F44EAA6388AEFCDCB0101F7] - [04/06/2017 12:10:16] - |A| - [217088] - C:\WINDOWS\system32\JpnServiceDS.dll
[MD5.BBCB7F3FFD531E170F3B9EE245B03C86] - [04/06/2017 12:09:03] - |A| - [809984] - C:\WINDOWS\system32\jscript.dll
[MD5.0BE44E84774A612F3F74D42B92437A7A] - [04/06/2017 12:09:03] - |A| - [4763136] - C:\WINDOWS\system32\jscript9.dll
[MD5.66135D6AAEB83AC81B8B173214B2F226] - [04/06/2017 12:09:03] - |A| - [672768] - C:\WINDOWS\system32\jscript9diag.dll
[MD5.4BE194473C0B2C6121E1615E781F96D9] - [04/06/2017 12:10:11] - |A| - [50688] - C:\WINDOWS\system32\jsproxy.dll
[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - [04/06/2017 12:10:36] - |A| - [6948] - C:\WINDOWS\system32\kanji_1.uce
[MD5.529BBD63519BBD654EF328454019693F] - [04/06/2017 12:10:36] - |A| - [8484] - C:\WINDOWS\system32\kanji_2.uce
[MD5.965DDD0B98A91B0374D6BCCCE841EA05] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\kbd101.dll
[MD5.3D182C12124A00421528C81085979BF5] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\kbd101a.dll
[MD5.899C0440F1954FF8F1818B3BD913B3C8] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\kbd101b.dll
[MD5.9BABBE0667E0E7E09C316190DD788C66] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\kbd101c.dll
[MD5.41B5D562FF3B390AF3F5521CAC978BBD] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\kbd103.dll
[MD5.6B8C5CF7D29BEE4A77D6C67A372ADDA3] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\kbd106.dll
[MD5.24545BBAB7FBAAF2C288B893E07A8BBA] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\kbd106n.dll
[MD5.6540E0E6F993C32F333D83E9787CC9F5] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDA1.DLL
[MD5.3ECA62F5DFBA18C07D269F8C4911AEB9] - [04/06/2017 12:10:10] - |A| - [7168] - C:\WINDOWS\system32\KBDA2.DLL
[MD5.7E12BE0D2D3C2BCED02DCF1EA38B5E64] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDA3.DLL
[MD5.BB91CA926E9DF53A292B0084DC401FC8] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDAL.DLL
[MD5.F5E0721683385EBF33A5C73757C40284] - [04/06/2017 12:10:10] - |A| - [7168] - C:\WINDOWS\system32\KBDARME.DLL
[MD5.7BC988FC36A80DD7B412F0BFA0EF88AE] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\kbdarmph.dll
[MD5.D7855C8FC0107A3659BB528ADD33E4A5] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\kbdarmty.dll
[MD5.26FD63568EF3E6B13A8783B803CDF517] - [04/06/2017 12:10:07] - |A| - [7168] - C:\WINDOWS\system32\KBDARMW.DLL
[MD5.6D83E0DFABE7D5DCAB9434A38F5748C2] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\kbdax2.dll
[MD5.9C4A0878E4B13DD6110D7DEB1CA2E177] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDAZE.DLL
[MD5.232A800470096B37C996E701859BDC90] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDAZEL.DLL
[MD5.002B89F0F0DA534C904371EA510308EE] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDAZST.DLL
[MD5.053554DE10B00B11432E88AC13090572] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDBASH.DLL
[MD5.08F68F4129A0D67DD878C63F9BD464A4] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDBE.DLL
[MD5.D9D511813B809A97A0E89706A95506C5] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDBENE.DLL
[MD5.275BA52556D1EF5FE28FF4A50F00E259] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDBGPH.DLL
[MD5.94A56583246D466D851A32EBC4B57BA6] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDBGPH1.DLL
[MD5.89A488AF47280DB8FB8630D31EB1E881] - [04/06/2017 12:10:10] - |A| - [7680] - C:\WINDOWS\system32\KBDBHC.DLL
[MD5.6540C5BC6B3DC98833D53563F0BB8348] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDBLR.DLL
[MD5.7079C9A35A1AE8B6A000FF1F0A0FB688] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDBR.DLL
[MD5.D31E6A3148E560B24051DE9B851CED79] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDBU.DLL
[MD5.B1154F0887A11BC76E2CC7D3340F01F8] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDBUG.DLL
[MD5.98EFDCCE14F828FF03C087C35F7C13C4] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDBULG.DLL
[MD5.DA440FECAAB5D93351D31082392B5524] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\KBDCA.DLL
[MD5.8CEF0DC6CF7B84C8C2A2D0F09699E13A] - [04/06/2017 12:10:07] - |A| - [9216] - C:\WINDOWS\system32\KBDCAN.DLL
[MD5.5416D0A2D8BB6440551FC9565E96AC1E] - [04/06/2017 12:10:10] - |A| - [7680] - C:\WINDOWS\system32\KBDCHER.DLL
[MD5.AFFBACE13D46044FD2BC134762493B55] - [04/06/2017 12:10:07] - |A| - [17408] - C:\WINDOWS\system32\KBDCHERP.DLL
[MD5.619F22465FB79BBF79F0160B11199A2A] - [04/06/2017 12:10:11] - |A| - [8704] - C:\WINDOWS\system32\KBDCR.DLL
[MD5.2D9658E81E36B73326DA383BCE9299B3] - [04/06/2017 12:10:11] - |A| - [8704] - C:\WINDOWS\system32\KBDCZ.DLL
[MD5.33B82B22B6EF58D4F662AC39079D2624] - [04/06/2017 12:10:07] - |A| - [8704] - C:\WINDOWS\system32\KBDCZ1.DLL
[MD5.77ECE03B27BC7CD95F0EC3D9DD4E03C4] - [04/06/2017 12:10:07] - |A| - [8704] - C:\WINDOWS\system32\KBDCZ2.DLL
[MD5.83DE94619A52A47EC4BF0116EB19252F] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDDA.DLL
[MD5.F4361F57FF88D73BFA44DBF963C2DD47] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDDIV1.DLL
[MD5.28DA495953CD1D005DA210BC629183DA] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDDIV2.DLL
[MD5.610AE31678017132B98F6243F285DE55] - [04/06/2017 12:10:07] - |A| - [7168] - C:\WINDOWS\system32\KBDDV.DLL
[MD5.ACC6D32D927926BB7400355C48775E16] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDDZO.DLL
[MD5.399DFE67972D22FA93A4F2F6F775F658] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDES.DLL
[MD5.FAF65EFFDA916695E0277609B80E60EB] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDEST.DLL
[MD5.B939414A8DC749BC6865E5953CC99E43] - [04/06/2017 12:10:11] - |A| - [7168] - C:\WINDOWS\system32\KBDFA.DLL
[MD5.4764781B871010D401A3B728ED32645C] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\kbdfar.dll
[MD5.55DD98391EB1D30112BBD995B46AEAC5] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDFC.DLL
[MD5.CD8046A23877B39B14B02212FD26BF68] - [04/06/2017 12:10:10] - |A| - [7680] - C:\WINDOWS\system32\KBDFI.DLL
[MD5.6F4EA23E80386D980D35D4D9EF1A1379] - [04/06/2017 12:10:11] - |A| - [8704] - C:\WINDOWS\system32\KBDFI1.DLL
[MD5.F4830640A34AC08079CFB533A0540211] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDFO.DLL
[MD5.B42C6302FF6084B39FBA97B60552DA74] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDFR.DLL
[MD5.1301B2A9BD3834429A001ED991BF1D90] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDFTHRK.DLL
[MD5.207AE6213675DA286B8374DD401497CC] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDGAE.DLL
[MD5.90C7A270E3C1DD1F01C3A19050C954DC] - [04/06/2017 12:10:11] - |A| - [7168] - C:\WINDOWS\system32\KBDGEO.DLL
[MD5.E55C6592CF7405CEE3945F7AC638A878] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\kbdgeoer.dll
[MD5.00B19145402DEE43F667CF92D1803599] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\kbdgeome.dll
[MD5.7C2DC08A672DFC2DE0EB63A1DE117BDF] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\kbdgeooa.dll
[MD5.D3EBF8DE52B94C1D1CB34FED472EDC20] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\kbdgeoqw.dll
[MD5.6F7B13684B30EFFF4D12CF2CCC7CEF1F] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\KBDGKL.DLL
[MD5.38026E88824BAFB19AD53D784B1306B4] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\KBDGN.DLL
[MD5.20DF739BCD10F42A00B58E0E0217C526] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDGR.DLL
[MD5.9771BD2850070D46877A77D8DBFA0665] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDGR1.DLL
[MD5.693AC40540F43131063C04FF39F906AC] - [04/06/2017 12:10:07] - |A| - [8704] - C:\WINDOWS\system32\KBDGRLND.DLL
[MD5.D35B9C70591E7F735C6B785F98E4410D] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDGTHC.DLL
[MD5.30825DEF74D5021E93669E1BF207361B] - [04/06/2017 12:10:11] - |A| - [7168] - C:\WINDOWS\system32\KBDHAU.DLL
[MD5.CAB2CDDE246BC3B10180CAF52293A358] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDHAW.DLL
[MD5.F290EFC58A2BB47F0FD5D5767F3BFEFA] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDHE.DLL
[MD5.DDD77DB61DFE5FA567958515CBD128CF] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDHE220.DLL
[MD5.33D790BBF4632D0416E6BFB549AE2EA2] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDHE319.DLL
[MD5.6CEED3D47B7A985ED8A328286DE2244F] - [04/06/2017 12:10:07] - |A| - [7168] - C:\WINDOWS\system32\KBDHEB.DLL
[MD5.B1C4EDB11B5BD95ED437E54629424561] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\kbdhebl3.dll
[MD5.A7C5DB8B21A6438F8726F26E33D686E9] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDHELA2.DLL
[MD5.CEBC3A9F24D3B021EB1EFD28854508D1] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDHELA3.DLL
[MD5.36CD9706B346E910B969675F4C5E5B36] - [04/06/2017 12:10:11] - |A| - [10240] - C:\WINDOWS\system32\KBDHEPT.DLL
[MD5.43F812659D50989241912E99AAAEBAD4] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDHU.DLL
[MD5.6ACF47DF9D4CFE5B556FD7AF04E90589] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDHU1.DLL
[MD5.4F9AAA25B6A95F916B82AC001E5030BC] - [04/06/2017 12:10:11] - |A| - [8704] - C:\WINDOWS\system32\kbdibm02.dll
[MD5.5F397FF5A48AF211498AD32CF804E636] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\KBDIBO.DLL
[MD5.4FF0A106929E9F1F82D925F01A59D8B1] - [04/06/2017 12:10:07] - |A| - [7168] - C:\WINDOWS\system32\KBDIC.DLL
[MD5.2A7C60A6B0902EB05E0FFF75392314ED] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDINASA.DLL
[MD5.3C0EC4928FCBF46E39339AD61BD9DDB9] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDINBE1.DLL
[MD5.03B9A3824586B6F3931CF6BC0AEE3E45] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDINBE2.DLL
[MD5.4207A69D496CA64E941517AB385DBEB3] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\KBDINBEN.DLL
[MD5.7E40D314CE4319743C9992F971F53CA2] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDINDEV.DLL
[MD5.7B95A33C190908A0447A58D09FBD13BD] - [04/06/2017 12:10:11] - |A| - [9216] - C:\WINDOWS\system32\KBDINEN.DLL
[MD5.4829CEB7C90E41A4FB4C17ECD970DEF4] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDINGUJ.DLL
[MD5.D189FBB409DC6F0AE04A5DBC08F031D5] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDINHIN.DLL
[MD5.F42CAC625F86BC16650EF7EBEA4F7CC2] - [04/06/2017 12:10:10] - |A| - [7680] - C:\WINDOWS\system32\KBDINKAN.DLL
[MD5.4934C46D441286682FF87F67D392640F] - [04/06/2017 12:10:10] - |A| - [8192] - C:\WINDOWS\system32\KBDINMAL.DLL
[MD5.0DD8D902884CDB13ABC401A6587EC7C2] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDINMAR.DLL
[MD5.923D8AC8182BDFA2CD176D2020F510B5] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\KBDINORI.DLL
[MD5.969B9EAF932E3AE0544DC21447CA5BED] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDINPUN.DLL
[MD5.8EC19269B3382CDF65D7BD9C92A32563] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDINTAM.DLL
[MD5.53CCE9DD51B0A3B6C7BCDF238CA8E16C] - [04/06/2017 12:10:10] - |A| - [7680] - C:\WINDOWS\system32\KBDINTEL.DLL
[MD5.AC6B5E4646DD3CC6A0386FA118A2CBF6] - [04/06/2017 12:10:07] - |A| - [8704] - C:\WINDOWS\system32\KBDINUK2.DLL
[MD5.A8429791F0D220AA3C8A9D079BDED1E0] - [04/06/2017 12:10:11] - |A| - [7168] - C:\WINDOWS\system32\KBDIR.DLL
[MD5.703031BC9B2718E4ECACCE34A6CD6255] - [04/06/2017 12:10:11] - |A| - [7168] - C:\WINDOWS\system32\KBDIT.DLL
[MD5.6B7F761C3A288A4D1D1323F4758002BD] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDIT142.DLL
[MD5.987FFA67E007B4E50AACC018A4DB132E] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDIULAT.DLL
[MD5.9726C4B2D72CA68A1A3149023EBCDA34] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDJAV.DLL
[MD5.A590D02B86B09B41540DDAA341E2BDD1] - [04/06/2017 12:10:11] - |A| - [15360] - C:\WINDOWS\system32\KBDJPN.DLL
[MD5.B2F90B892F21BFA7999B9EB1A2865316] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDKAZ.DLL
[MD5.4B554B84FF5BA5FB735A0E3E04729DBE] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDKHMR.DLL
[MD5.BB7FF55953792315F78D956FA847D58F] - [04/06/2017 12:10:10] - |A| - [7680] - C:\WINDOWS\system32\KBDKNI.DLL
[MD5.D5D340009DED7D4D1493AB4CBCEEEC48] - [04/06/2017 12:10:11] - |A| - [14848] - C:\WINDOWS\system32\KBDKOR.DLL
[MD5.3AC40EAD6BD4DE2CF5D4F79C39863462] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDKURD.DLL
[MD5.6E4FE7227583E882D9FA008D132E8086] - [04/06/2017 12:10:11] - |A| - [7168] - C:\WINDOWS\system32\KBDKYR.DLL
[MD5.0F8C737E64037BB759D41A53DFB6E22F] - [04/06/2017 12:10:10] - |A| - [8192] - C:\WINDOWS\system32\KBDLA.DLL
[MD5.AA5A4E30A0AFE77E90537B7888076FF8] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDLAO.DLL
[MD5.505C4A9490A3CCEB43C90C8D8FF7FB05] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\kbdlisub.dll
[MD5.BAD7888876593A4B76826D905AB3037E] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\kbdlisus.dll
[MD5.6F7647D0AA372BC08ECA31C8B37B6F83] - [04/06/2017 12:10:11] - |A| - [8704] - C:\WINDOWS\system32\kbdlk41a.dll
[MD5.DD1F5F15EDB51A7C0886D197651205A1] - [04/06/2017 12:10:11] - |A| - [7168] - C:\WINDOWS\system32\KBDLT.DLL
[MD5.CE98BEA5478D0D5D4C9CD6D63AE4609D] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDLT1.DLL
[MD5.3A50456270BADD5335457C30B4639F0B] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDLT2.DLL
[MD5.38E93A6EADB5718DE3DD2F65D4AAB2C5] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDLV.DLL
[MD5.ED9BB23670D4554B2C597143802FB59D] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDLV1.DLL
[MD5.F48253C6BA21C8DABBA32B01CD41C8DA] - [04/06/2017 12:10:07] - |A| - [9216] - C:\WINDOWS\system32\KBDLVST.DLL
[MD5.ABA93DD7F77F9381F11B7560F19715EE] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDMAC.DLL
[MD5.923A4852A5DEA6CDE10AA4797AB1C83B] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDMACST.DLL
[MD5.091E9D12E2BBD1269525911215A345E5] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDMAORI.DLL
[MD5.7A1CD98C952CF54D4830BDCD7B8BE1BB] - [04/06/2017 12:10:10] - |A| - [7680] - C:\WINDOWS\system32\KBDMLT47.DLL
[MD5.493589F6FE18311CA49892EFFECDE4D8] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDMLT48.DLL
[MD5.B575F7174855A70A3153A52F76BDB598] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDMON.DLL
[MD5.06640F864E2E16B7A2A6EFDD94FAECEA] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDMONMO.DLL
[MD5.AD2D981EF329C62178F56F52F5BCEE86] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDMONST.DLL
[MD5.C6A5869545BE51E871E250900146F40C] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDMYAN.DLL
[MD5.DD435E31DF384A540582BB44D5DA8A53] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDNE.DLL
[MD5.F060853B775FCF06B7A34324AEBF7F49] - [04/06/2017 12:10:11] - |A| - [8704] - C:\WINDOWS\system32\kbdnec.dll
[MD5.FF732CC0FCDE33B01A4D728EAC09350A] - [04/06/2017 12:10:11] - |A| - [8704] - C:\WINDOWS\system32\kbdnec95.dll
[MD5.E051489CF9854AB89BB2CC4449325E0A] - [04/06/2017 12:10:11] - |A| - [10752] - C:\WINDOWS\system32\kbdnecat.dll
[MD5.3D43C967725B4BF96A7879DAD750909D] - [04/06/2017 12:10:11] - |A| - [9216] - C:\WINDOWS\system32\kbdnecnt.dll
[MD5.34F01B134FBC8A4FBB962B5AE503E390] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\KBDNEPR.DLL
[MD5.4AAE56122571D639087667C7313571F6] - [04/06/2017 12:10:11] - |A| - [7168] - C:\WINDOWS\system32\kbdnko.dll
[MD5.23E0E26907C3C74224A6321BE237314C] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDNO.DLL
[MD5.5BA3A7A4F26B3D2DF2BC4C6A99EE4795] - [04/06/2017 12:10:10] - |A| - [8704] - C:\WINDOWS\system32\KBDNO1.DLL
[MD5.D740A8E41549324BC5EBC2671EBA79A5] - [04/06/2017 12:10:10] - |A| - [8704] - C:\WINDOWS\system32\KBDNSO.DLL
[MD5.69509F5C4C849CACBDEAF373A093888A] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDNTL.DLL
[MD5.FE554B5EA6014CCD5A3993BC13D51C2E] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDOGHAM.DLL
[MD5.B747868F61F8FCEC9A2AB582AADE696C] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDOLCH.DLL
[MD5.2FD04E76FABE811D0BF353EE564641E4] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDOLDIT.DLL
[MD5.44CE3B9A037A6E2C66D9D84FE7B487A9] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDOSM.DLL
[MD5.3903A23C4D726A4BD4B7F1069A54C680] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDPASH.DLL
[MD5.22E86C19EF38DEF8C2E69EC839D889F8] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\kbdphags.dll
[MD5.0EEA3E64D1F8EAEE74B3E56BDAA03A04] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDPL.DLL
[MD5.1DEA6025905EFD60DD5F370A511D9092] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\KBDPL1.DLL
[MD5.30FBBBD093A25945779C477F34A4150A] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\KBDPO.DLL
[MD5.083E0E274046604F206BBD02A8C214B4] - [04/06/2017 12:10:11] - |A| - [8704] - C:\WINDOWS\system32\KBDRO.DLL
[MD5.F35DE1E025331D488AC8AE271503EB4F] - [04/06/2017 12:10:07] - |A| - [9216] - C:\WINDOWS\system32\KBDROPR.DLL
[MD5.2C2406FD3B956A548BDE969F623AA38E] - [04/06/2017 12:10:07] - |A| - [9216] - C:\WINDOWS\system32\KBDROST.DLL
[MD5.F6BA64D2BDCE5C09F28DF4D206601096] - [04/06/2017 12:10:11] - |A| - [7168] - C:\WINDOWS\system32\KBDRU.DLL
[MD5.881B933E128EC697BAFEC60D5CEE2C87] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDRU1.DLL
[MD5.ACBD35D5387E2A4061682799C5BD393A] - [04/06/2017 12:10:07] - |A| - [9216] - C:\WINDOWS\system32\KBDRUM.DLL
[MD5.2EEEDCBBE748FC2F891756C2349BC33F] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\KBDSF.DLL
[MD5.224EEB1E2B58558536D4F560FD49694F] - [04/06/2017 12:10:11] - |A| - [8704] - C:\WINDOWS\system32\KBDSG.DLL
[MD5.606465D7996F2D3331899805FC09F3F6] - [04/06/2017 12:10:10] - |A| - [8192] - C:\WINDOWS\system32\KBDSL.DLL
[MD5.82A758221624DFCBBB7F3C9A2ABD851C] - [04/06/2017 12:10:07] - |A| - [8704] - C:\WINDOWS\system32\KBDSL1.DLL
[MD5.80516D6AAB8B2B452F2B0684B06DE9C8] - [04/06/2017 12:10:07] - |A| - [9216] - C:\WINDOWS\system32\KBDSMSFI.DLL
[MD5.CE3FF87B63C0F7270D84CB08948F58C6] - [04/06/2017 12:10:07] - |A| - [9216] - C:\WINDOWS\system32\KBDSMSNO.DLL
[MD5.1794EDC4125151CF4DF34E3048814BD2] - [04/06/2017 12:10:10] - |A| - [7168] - C:\WINDOWS\system32\KBDSN1.DLL
[MD5.3DFCF2AE651FAEE7336B9611EEDFEE27] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDSORA.DLL
[MD5.D478B59B129C6B652200461DD3EFAAEA] - [04/06/2017 12:10:07] - |A| - [8704] - C:\WINDOWS\system32\KBDSOREX.DLL
[MD5.B6B16966A367E4FE8C59AEB4FED075BB] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDSORS1.DLL
[MD5.A63AAE1C787A539D10DDA09380A59303] - [04/06/2017 12:10:07] - |A| - [8704] - C:\WINDOWS\system32\KBDSORST.DLL
[MD5.527B439DFBA44147D616C78129984EDF] - [04/06/2017 12:10:10] - |A| - [7680] - C:\WINDOWS\system32\KBDSP.DLL
[MD5.C2D58387BBF8208214EA7A7596DCD803] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDSW.DLL
[MD5.747DCE2280C8A3C9B37A767E3AD2E632] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDSW09.DLL
[MD5.F7C2A90CD6BCB79D6478625CF26BC15B] - [04/06/2017 12:10:10] - |A| - [7680] - C:\WINDOWS\system32\KBDSYR1.DLL
[MD5.2C3BE1C884F0B0C30584E398445E7008] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDSYR2.DLL
[MD5.8BF2DE64841EE2231F520E1F8833B92F] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDTAILE.DLL
[MD5.742B01CFD3413AA298736016BD9BFD92] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDTAJIK.DLL
[MD5.4C550FC8F2F74318C9347CABFA14E521] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDTAT.DLL
[MD5.27127CC0C4D565572894E30FD0C859A4] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDTH0.DLL
[MD5.B10064E7FF66C486433EC4AC7815BB32] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDTH1.DLL
[MD5.62B5CC197F84F8F8520509D0979B5400] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDTH2.DLL
[MD5.B6298F99CAE763D700D4688D48CA9AE3] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDTH3.DLL
[MD5.AE80A4B76BF6D82FA69E7EEC930A8699] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDTIFI.DLL
[MD5.6019468BC33694036CFD30138CD6F9C7] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDTIFI2.DLL
[MD5.AB62B9F69C754CF26CC766AC20540E69] - [04/06/2017 12:10:11] - |A| - [8192] - C:\WINDOWS\system32\KBDTIPRC.DLL
[MD5.FC0F6EFB67443CF9253FA9173C3C06D5] - [04/06/2017 12:10:11] - |A| - [8704] - C:\WINDOWS\system32\KBDTIPRD.DLL
[MD5.6B00451881863CFE7BFA13A851FB1321] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDTT102.DLL
[MD5.4A803898ABDE4FCA4EF235B7909FF303] - [04/06/2017 12:10:07] - |A| - [8704] - C:\WINDOWS\system32\KBDTUF.DLL
[MD5.445FCDD1DF500CE66AFAA48852565704] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDTUQ.DLL
[MD5.5E0AEA75B0F61D7EE6DC7D3EE5B3A66D] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDTURME.DLL
[MD5.46A4DC3D8046E291660AA36FC944B94C] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDTZM.DLL
[MD5.814A5BE6A9168BB57C4EDDA0BE812ADF] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDUGHR.DLL
[MD5.9D1A12749BB0CC39E40358E133423DFE] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDUGHR1.DLL
[MD5.8345704977D5A1A84DB352D36E2A3C33] - [04/06/2017 12:10:11] - |A| - [7168] - C:\WINDOWS\system32\KBDUK.DLL
[MD5.552DF9E38BC8B7533C301CBD7BB3C777] - [04/06/2017 12:10:11] - |A| - [8704] - C:\WINDOWS\system32\KBDUKX.DLL
[MD5.EA08E41D27C2A74B1984686A4394B771] - [04/06/2017 12:10:11] - |A| - [7168] - C:\WINDOWS\system32\KBDUR.DLL
[MD5.F36E8F925C1F00B389BCFBFB2AC59DDA] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDUR1.DLL
[MD5.AE47C417F407565018B973982CC3722B] - [04/06/2017 12:10:11] - |A| - [7168] - C:\WINDOWS\system32\KBDURDU.DLL
[MD5.56D2A7D161AFACF63C3A9093A1C11C9B] - [04/06/2017 12:09:57] - |A| - [9728] - C:\WINDOWS\system32\KBDUS.DLL
[MD5.1EF472B501415867D481B5897B4E82D5] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDUSA.DLL
[MD5.D7D1BD87E933FDBB1FADDCDBFDF9B9BA] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDUSL.DLL
[MD5.3A449B44DAC7A9FC9FA3F9F80C6E7884] - [04/06/2017 12:10:07] - |A| - [7680] - C:\WINDOWS\system32\KBDUSR.DLL
[MD5.7F9033AAAF00E699AC064675BAD38526] - [04/06/2017 12:10:07] - |A| - [8192] - C:\WINDOWS\system32\KBDUSX.DLL
[MD5.3708DDE34FA117467E1205C4AB1B6737] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDUZB.DLL
[MD5.1723FF789B7537177E25146CD96B1353] - [04/06/2017 12:10:10] - |A| - [7680] - C:\WINDOWS\system32\KBDVNTC.DLL
[MD5.66806BCF10FF81F7497B78B451685029] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDWOL.DLL
[MD5.528BC0E1DEED6EBE0A6F25F5367CBE64] - [04/06/2017 12:10:11] - |A| - [7680] - C:\WINDOWS\system32\KBDYAK.DLL
[MD5.3EEA767F687651ECA642673C0473310D] - [04/06/2017 12:10:10] - |A| - [7680] - C:\WINDOWS\system32\KBDYBA.DLL
[MD5.7716177C12CD5CF0661BA97A19EFD250] - [04/06/2017 12:10:10] - |A| - [7680] - C:\WINDOWS\system32\KBDYCC.DLL
[MD5.DC272DA8584687032A27D8ECBD634512] - [04/06/2017 12:10:10] - |A| - [9216] - C:\WINDOWS\system32\KBDYCL.DLL
[MD5.C21FE4DF01157DFE0FC0E420DF9F1F42] - [04/06/2017 12:09:55] - |A| - [11600] - C:\WINDOWS\system32\kd.dll
[MD5.146F17F26C1655266668B78607E708C1] - [04/06/2017 12:09:57] - |A| - [29520] - C:\WINDOWS\system32\kdcom.dll
[MD5.C66200C0818FE0C25219D8E0E19C6D39] - [04/06/2017 12:09:18] - |A| - [15696] - C:\WINDOWS\system32\kdhvcom.dll
[MD5.D4F7434FFA38F1F671CB8CAB1FE35E7D] - [04/06/2017 12:09:55] - |A| - [109392] - C:\WINDOWS\system32\kdnet.dll
[MD5.335700A2C491577331D59A3ED0A4ADA4] - [04/06/2017 12:10:00] - |A| - [13648] - C:\WINDOWS\system32\kdnet_uart16550.dll
[MD5.DE4188AA46A02809FB330174B1BA978A] - [04/06/2017 12:09:55] - |A| - [82944] - C:\WINDOWS\system32\KdsCli.dll
[MD5.70F83E02AEE4CBFDCFA1426A5F047965] - [04/06/2017 12:09:55] - |A| - [19792] - C:\WINDOWS\system32\kdstub.dll
[MD5.19AFAD44E3C88CE7DC0AB7792362FBED] - [04/06/2017 12:10:02] - |A| - [40784] - C:\WINDOWS\system32\kdusb.dll
[MD5.7C960A7E7B3380F0299EAB6F19490E81] - [04/06/2017 12:10:00] - |A| - [26960] - C:\WINDOWS\system32\kd_02_10df.dll
[MD5.43334353AF42F80ADE42F4D9FA763173] - [04/06/2017 12:10:00] - |A| - [324944] - C:\WINDOWS\system32\kd_02_10ec.dll
[MD5.D99B3B8565184D2969DDE7E582921C5D] - [04/06/2017 12:10:00] - |A| - [22352] - C:\WINDOWS\system32\kd_02_1137.dll
[MD5.E63B2515B0F6E99C0DE631C473771832] - [04/06/2017 12:10:00] - |A| - [212304] - C:\WINDOWS\system32\kd_02_14e4.dll
[MD5.A29ECA95A7B5AC5ABBBB81D574BE6858] - [04/06/2017 12:10:00] - |A| - [40272] - C:\WINDOWS\system32\kd_02_15b3.dll
[MD5.D3D556EFD1BF6C475A5671553D3BA3D1] - [04/06/2017 12:10:00] - |A| - [38224] - C:\WINDOWS\system32\kd_02_1969.dll
[MD5.8E64A791FDCF18A3EFE1B5899E69DF73] - [04/06/2017 12:10:00] - |A| - [26960] - C:\WINDOWS\system32\kd_02_19a2.dll
[MD5.FB63060EA1F93EEB2D5D127BF286E3B0] - [04/06/2017 12:10:00] - |A| - [15696] - C:\WINDOWS\system32\kd_02_1af4.dll
[MD5.E04F31DF18F6026B22D89DB5B209194C] - [04/06/2017 12:10:00] - |A| - [244048] - C:\WINDOWS\system32\kd_02_8086.dll
[MD5.3B25CD560E787B38822E9E26FB96C5A0] - [04/06/2017 12:10:00] - |A| - [14672] - C:\WINDOWS\system32\kd_07_1415.dll
[MD5.2EE95E6D04B6B30F936C9DA093C83C16] - [04/06/2017 12:10:00] - |A| - [35152] - C:\WINDOWS\system32\kd_0C_8086.dll
[MD5.15519D113D72219E259142B6ED0BF3A8] - [04/06/2017 12:09:33] - |A| - [73216] - C:\WINDOWS\system32\keepaliveprovider.dll
[MD5.3191C2A34CBE09BB2361B37A85C7077D] - [04/06/2017 12:09:33] - |A| - [147816] - C:\WINDOWS\system32\KerbClientShared.dll
[MD5.1D825BE6925AFE3C30D80123457731E4] - [04/06/2017 12:09:33] - |A| - [943616] - C:\WINDOWS\system32\kerberos.dll
[MD5.802AC3C4DBB8EF6728EDF8B79C947000] - [04/06/2017 12:09:33] - |A| - [50192] - C:\WINDOWS\system32\kernel.appcore.dll
[MD5.29A93A442E657B505048D4CCA79A6FC9] - [04/06/2017 12:10:42] - |A| - [697848] - C:\WINDOWS\system32\kernel32.dll
[MD5.215BD2E85D0ED709BC15CBAB41A671B8] - [04/06/2017 12:09:57] - |A| - [2478224] - C:\WINDOWS\system32\KernelBase.dll
[MD5.1009E8EB74499FB9B163E846D5AC67B1] - [04/06/2017 12:10:44] - |A| - [17920] - C:\WINDOWS\system32\kernelceip.dll
[MD5.CFE5A7C22570C6E441ABD9A533ED7BCE] - [04/06/2017 12:09:57] - |A| - [94208] - C:\WINDOWS\system32\keyiso.dll
[MD5.DAF3AB3FAC6351D726C7A309FD8F5EA2] - [04/06/2017 12:10:32] - |A| - [165888] - C:\WINDOWS\system32\keymgr.dll
[MD5.13A73086648D43FD5A9AD5E4CDA3F9E3] - [04/06/2017 12:09:39] - |A| - [117248] - C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
[MD5.C78AABBC72CF187E80C85F33A576055D] - [04/06/2017 12:10:32] - |A| - [36352] - C:\WINDOWS\system32\klist.exe
[MD5.24A24564A051E134E6663638E414F99B] - [04/06/2017 12:10:32] - |A| - [48128] - C:\WINDOWS\system32\kmddsp.tsp
[MD5.21656AB37AD4C534717FB68D6EC0BDA0] - [04/06/2017 12:10:44] - |A| - [235008] - C:\WINDOWS\system32\KnobsCore.dll
[MD5.294A7201599E3A7E934A5974FBC406A2] - [04/06/2017 12:10:44] - |A| - [119296] - C:\WINDOWS\system32\KnobsCsp.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [243712] - C:\WINDOWS\system32\ko-KR
[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - [04/06/2017 12:10:36] - |A| - [12876] - C:\WINDOWS\system32\korean.uce
[MD5.757DE0105E830F8391D595062FE00869] - [04/06/2017 12:10:29] - |A| - [37376] - C:\WINDOWS\system32\ksetup.exe
[MD5.E7A1C028B18507A6964FA45256608AEB] - [04/06/2017 12:09:18] - |A| - [278528] - C:\WINDOWS\system32\ksproxy.ax
[MD5.5C8450A44A747A42D43821CC802CDF80] - [04/06/2017 12:10:40] - |A| - [100352] - C:\WINDOWS\system32\kstvtune.ax
[MD5.7A14AEDFFC61088668C73255ED08F4F2] - [04/06/2017 12:09:21] - |A| - [19184] - C:\WINDOWS\system32\ksuser.dll
[MD5.FC2285A5D23F2D4DE4E0DB3B58F4288A] - [04/06/2017 12:09:17] - |A| - [133632] - C:\WINDOWS\system32\Kswdmcap.ax
[MD5.8D8C5FB20EEB74CFC9D22753E680AA3C] - [04/06/2017 12:10:40] - |A| - [64000] - C:\WINDOWS\system32\ksxbar.ax
[MD5.6AFC3349827AE648159781C06B6DCA1A] - [04/06/2017 12:09:54] - |A| - [17408] - C:\WINDOWS\system32\ktmutil.exe
[MD5.11CBFB9EC947EB18A40756944AE85F83] - [04/06/2017 12:10:15] - |A| - [24064] - C:\WINDOWS\system32\ktmw32.dll
[MD5.C5C9E9092A1947022BE8B2F3595B0DAF] - [04/06/2017 12:10:50] - |A| - [70144] - C:\WINDOWS\system32\l2gpstore.dll
[MD5.7A8021B2FC124C381F3CEDBD72384C5E] - [04/06/2017 12:10:50] - |A| - [61440] - C:\WINDOWS\system32\l2nacp.dll
[MD5.4316409714F02110F5D69201B6C1A7FC] - [04/06/2017 12:10:49] - |A| - [188928] - C:\WINDOWS\system32\L2SecHC.dll
[MD5.57BBD69B456B37C446F2922ED2E2451A] - [04/06/2017 12:08:52] - |A| - [84480] - C:\WINDOWS\system32\l3codeca.acm
[MD5.4423BF60D451290326CC2E61A7BC081B] - [04/06/2017 12:08:52] - |A| - [181248] - C:\WINDOWS\system32\l3codecp.acm
[MD5.221C8455B15D6B1565E40F637FD2D954] - [04/06/2017 12:09:54] - |A| - [16896] - C:\WINDOWS\system32\label.exe
[MD5.06C3CC3AEF22AAE1E3FFFDAB125BA3D0] - [04/06/2017 12:10:11] - |A| - [15872] - C:\WINDOWS\system32\LangCleanupSysprepAction.dll
[MD5.AFA4D04D2E2EB19774C05361CD50C751] - [04/06/2017 12:10:11] - |A| - [183808] - C:\WINDOWS\system32\LanguageComponentsInstaller.dll
[MD5.FB1C4AB8C39681AAA073C7181A4477B5] - [04/06/2017 12:10:11] - |A| - [51712] - C:\WINDOWS\system32\LanguageComponentsInstallerComHandler.exe
[MD5.25715865A3EBDE9521B80114E584AB8B] - [04/06/2017 12:09:04] - |A| - [13312] - C:\WINDOWS\system32\LAPRXY.DLL
[MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - [04/06/2017 12:09:18] - |A| - [149056] - C:\WINDOWS\system32\LargeRoom.bin
[MD5.1EBD2965A8235FA67EDC0A9E979CDFC1] - [04/06/2017 12:09:49] - |A| - [184320] - C:\WINDOWS\system32\LaunchTM.exe
[MD5.BF58830A986E4E1DD9AED2485881BC35] - [04/06/2017 12:10:40] - |A| - [41984] - C:\WINDOWS\system32\LaunchWinApp.exe
[MD5.531FE5A2634D87A078017259F21D9736] - [04/06/2017 12:10:02] - |A| - [211938] - C:\WINDOWS\system32\lcphrase.tbl
[MD5.D3C85593F8C4576FCF9B42AC48CA4368] - [04/06/2017 12:10:02] - |A| - [24114] - C:\WINDOWS\system32\lcptr.tbl
[MD5.4D25BF2BC74CE6D4FB31209EA1E45CC4] - [04/06/2017 12:09:40] - |A| - [67072] - C:\WINDOWS\system32\LegacyNetUX.dll
[MD5.AEE76577809639F10EA2804C923FEF73] - [04/06/2017 12:09:40] - |A| - [197632] - C:\WINDOWS\system32\LegacyNetUXHost.exe
[MD5.B1DC298844F90C2A45426FBAD9DF4A2F] - [04/06/2017 12:09:30] - |A| - [45568] - C:\WINDOWS\system32\lfsvc.dll
[MD5.FE1E510DF392254DCF7EF6537C1A7EA7] - [11/06/2017 03:23:21] - |A| - [58398] - C:\WINDOWS\system32\license.rtf
[MD5.3B3682C3B328715444B3B30ED582D54C] - [04/06/2017 12:09:29] - |A| - [1063760] - C:\WINDOWS\system32\LicenseManager.dll
[MD5.3A7E30B748D7DC38FFFBAD48C41570BA] - [04/06/2017 12:09:25] - |A| - [92160] - C:\WINDOWS\system32\LicenseManagerApi.dll
[MD5.639A11222C82A321CDC43BECAA462097] - [04/06/2017 12:09:25] - |A| - [41472] - C:\WINDOWS\system32\LicenseManagerShellext.exe
[MD5.CD10B6313E3A86F16472675A212E412F] - [04/06/2017 12:09:29] - |A| - [47616] - C:\WINDOWS\system32\LicenseManagerSvc.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [81303] - C:\WINDOWS\system32\Licenses
[MD5.48645C67DCC6F92E81848F2742B20C86] - [04/06/2017 12:09:21] - |A| - [123904] - C:\WINDOWS\system32\LicensingCSP.dll
[MD5.DD53EEA49D332108D2F80875BBE4EC07] - [04/06/2017 12:09:21] - |A| - [82944] - C:\WINDOWS\system32\licensingdiag.exe
[MD5.5FD40EFE84801AC71C6591DA00ABBD5A] - [04/06/2017 12:10:36] - |A| - [189440] - C:\WINDOWS\system32\LicensingDiagSpp.dll
[MD5.0FDFA5D525562520487140625BA1DBAE] - [04/06/2017 12:10:36] - |A| - [142600] - C:\WINDOWS\system32\LicensingUI.exe
[MD5.9660A047A55D54CFA3C8F641F418D56D] - [04/06/2017 12:10:36] - |A| - [822608] - C:\WINDOWS\system32\LicensingWinRT.dll
[MD5.9146B82C7FC5D33CB2E5C7265A920BAE] - [04/06/2017 12:09:04] - |A| - [32256] - C:\WINDOWS\system32\licmgr10.dll
[MD5.5C67453B20453CD3636ECD5546832AC7] - [04/06/2017 12:10:32] - |A| - [44032] - C:\WINDOWS\system32\linkinfo.dll
[MD5.A8E18743EA2B5FAF307CD0A7F7D60742] - [04/06/2017 12:09:08] - |A| - [270336] - C:\WINDOWS\system32\ListSvc.dll
[MD5.5E0E1C16D70E6E7FA4DC34C1EEFB8BF2] - [04/06/2017 12:10:06] - |A| - [47616] - C:\WINDOWS\system32\lltdapi.dll
[MD5.65809CEB770A5D2805FDCBF504835268] - [04/06/2017 12:10:06] - |A| - [2560] - C:\WINDOWS\system32\lltdres.dll
[MD5.7EA7FB37591200982BE69E21E4E7D2BC] - [04/06/2017 12:10:06] - |A| - [267264] - C:\WINDOWS\system32\lltdsvc.dll
[MD5.ABFDBA7FB34A195096C9E18902AB17D1] - [04/06/2017 12:09:57] - |A| - [26112] - C:\WINDOWS\system32\lmhsvc.dll
[MD5.13CDA57B9F984B4569299D7942BE1D9C] - [04/06/2017 12:10:00] - |A| - [120832] - C:\WINDOWS\system32\loadperf.dll
[MD5.5609E1ABBBCDC54C306F9A1AAA89D22D] - [04/06/2017 12:09:57] - |A| - [803896] - C:\WINDOWS\system32\locale.nls
[MD5.9C0A0B976F9D92FFAE25033D1E2CDF65] - [04/06/2017 12:09:47] - |A| - [506368] - C:\WINDOWS\system32\localsec.dll
[MD5.7A90ECD8DE05B3FF75E1777C0B42F48C] - [04/06/2017 12:09:54] - |A| - [80616] - C:\WINDOWS\system32\LocalServiceCredUIBroker.exe
[MD5.7170CAE2CC78A472EA3FAB96146BDEF3] - [04/06/2017 12:10:47] - |A| - [1155584] - C:\WINDOWS\system32\localspl.dll
[MD5.5281765121893C28734D0ABB4E9C78AE] - [04/06/2017 12:10:27] - |A| - [18944] - C:\WINDOWS\system32\localui.dll
[MD5.CBE0BD4F91914A56AF95D082D2111DD6] - [04/06/2017 12:10:13] - |A| - [383488] - C:\WINDOWS\system32\LocationApi.dll
[MD5.82F502D66C8AB832690E0929627BE289] - [04/06/2017 12:09:30] - |A| - [2228224] - C:\WINDOWS\system32\LocationFramework.dll
[MD5.4601EFAB504EC7A094DCE626B863FB28] - [04/06/2017 12:09:30] - |A| - [80896] - C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
[MD5.5720D336A61478A19385AA5437BA3A80] - [04/06/2017 12:09:30] - |A| - [35664] - C:\WINDOWS\system32\LocationFrameworkPS.dll
[MD5.6F06A7972B7848CE4FC780BF714F4110] - [04/06/2017 12:10:16] - |A| - [67072] - C:\WINDOWS\system32\LocationNotificationWindows.exe
[MD5.5D6E005D5E6D8AAA9969526514F1DF62] - [04/06/2017 12:10:16] - |A| - [119296] - C:\WINDOWS\system32\LocationWinPalMisc.dll
[MD5.80CE4B7B32B9F8544A463380F89E02D8] - [04/06/2017 12:09:55] - |A| - [10752] - C:\WINDOWS\system32\Locator.exe
[MD5.8A7A1F97A4E063D2458DEA786B65C3C0] - [04/06/2017 12:10:11] - |A| - [655360] - C:\WINDOWS\system32\LockAppBroker.dll
[MD5.B1BE9A6C8C2907FDEE9936E4E3870119] - [04/06/2017 12:10:11] - |A| - [84240] - C:\WINDOWS\system32\LockAppHost.exe
[MD5.B773CB7CCCEE0AD56AA598BB24865771] - [04/06/2017 12:10:11] - |A| - [526336] - C:\WINDOWS\system32\LockController.dll
[MD5.853ACE2C8D53811F2B029B4DFA4647FB] - [04/06/2017 12:10:11] - |A| - [535552] - C:\WINDOWS\system32\LockHostingFramework.dll
[MD5.BF76C76F7747186342FC8CAA9DF2C776] - [04/06/2017 12:10:49] - |A| - [160256] - C:\WINDOWS\system32\LockScreenContent.dll
[MD5.03E570C3D27016597B9EB5D309E6192D] - [04/06/2017 12:10:49] - |A| - [42496] - C:\WINDOWS\system32\LockScreenContentHost.dll
[MD5.6E3B945491D6F303CCDF5AB17F45EA1E] - [04/06/2017 12:10:49] - |A| - [45000] - C:\WINDOWS\system32\LockScreenContentServer.exe
[MD5.54F1E85774EDE97FB0C1684162A2DDCB] - [04/06/2017 12:10:11] - |A| - [380928] - C:\WINDOWS\system32\LockScreenData.dll
[MD5.B70D37C16F24AA88E7E5F31DEA98A05A] - [04/06/2017 12:10:00] - |A| - [49664] - C:\WINDOWS\system32\lodctr.exe
[MD5.E0DDA899013062AA3C14766310E62E1D] - [04/06/2017 12:09:04] - |A| - [100864] - C:\WINDOWS\system32\logagent.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [30390943] - C:\WINDOWS\system32\LogFiles
[MD5.06F507401A2AB2FDED0BF1FFCCCA3676] - [04/06/2017 12:10:32] - |A| - [81920] - C:\WINDOWS\system32\loghours.dll
[MD5.BE17BBB0E064D99AF41EB6E92692F3E9] - [04/06/2017 12:10:27] - |A| - [116736] - C:\WINDOWS\system32\logman.exe
[MD5.6FA5BBF87859AD206AAD95DE08B99FCA] - [04/06/2017 12:11:53] - |A| - [22528] - C:\WINDOWS\system32\logoff.exe
[MD5.D5DC05AC676F4C1F4F740739199690BB] - [04/06/2017 12:09:55] - |A| - [242792] - C:\WINDOWS\system32\logoncli.dll
[MD5.1DA7EBBF5F0C9E90164FF1EE51020197] - [04/06/2017 12:10:00] - |A| - [697344] - C:\WINDOWS\system32\LogonController.dll
[MD5.F1C4828B8966B59FFA672B8C7963E107] - [04/06/2017 12:10:42] - |A| - [13312] - C:\WINDOWS\system32\LogonUI.exe
[MD5.57FC1DBD25980853BC1FA1CE0E584F49] - [04/06/2017 12:10:49] - |A| - [1328640] - C:\WINDOWS\system32\lpasvc.dll
[MD5.B092874D1F339637F49B33EFC3D35FE3] - [04/06/2017 12:10:00] - |A| - [3072] - C:\WINDOWS\system32\lpk.dll
[MD5.7E3571DE8E2DA1531DB3481465001285] - [04/06/2017 12:10:07] - |A| - [40960] - C:\WINDOWS\system32\lpkinstall.exe
[MD5.C23D2C09DE70EB1C85DD2C847C9DE4B5] - [04/06/2017 12:10:11] - |A| - [741376] - C:\WINDOWS\system32\lpksetup.exe
[MD5.908D777C827928E714118912C94EDBD1] - [04/06/2017 12:10:11] - |A| - [10240] - C:\WINDOWS\system32\lpksetupproxyserv.dll
[MD5.D894C84EA45C7948EE0A36EFDF1DD847] - [04/06/2017 12:10:11] - |A| - [65536] - C:\WINDOWS\system32\lpremove.exe
[MD5.71CCC1352DA35A663759BC42694BCF77] - [04/06/2017 12:09:18] - |A| - [259856] - C:\WINDOWS\system32\LsaIso.exe
[MD5.8B5BBD8B71970F2F57A44FB7F971B30E] - [04/06/2017 12:09:55] - |A| - [1497600] - C:\WINDOWS\system32\lsasrv.dll
[MD5.7613A511A58B2D8F0E634705D5999220] - [04/06/2017 12:09:57] - |A| - [53800] - C:\WINDOWS\system32\lsass.exe
[MD5.854B21CD91FA6952ABEF74898964F5D8] - [04/06/2017 12:11:52] - |A| - [59904] - C:\WINDOWS\system32\LSCSHostPolicy.dll
[MD5.6F45C42D49E3BF4C7321E20C4238390B] - [04/06/2017 12:10:41] - |A| - [719360] - C:\WINDOWS\system32\lsm.dll
[MD5.1703C36420A0CCC50463E168DB2F5B65] - [04/06/2017 12:10:40] - |A| - [44032] - C:\WINDOWS\system32\lsmproxy.dll
[MD5.D18DC73988DD2650AA5CCD1FF7477024] - [04/06/2017 12:11:52] - |A| - [26624] - C:\WINDOWS\system32\lstelemetry.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [250880] - C:\WINDOWS\system32\lt-LT
[MD5.B4DC71701600E79086DB45131756B5D4] - [04/06/2017 12:10:47] - |A| - [54608] - C:\WINDOWS\system32\luainstall.dll
[MD5.FAAC041322CE9CBAACC55B91F97CF451] - [04/06/2017 12:10:50] - |A| - [33280] - C:\WINDOWS\system32\luiapi.dll
[MD5.3279476E39DE235B426D69CFE8DEBF55] - [04/06/2017 12:10:40] - |A| - [144998] - C:\WINDOWS\system32\lusrmgr.msc
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [252416] - C:\WINDOWS\system32\lv-LV
[MD5.299A2F60F76C9629A376326A3A33CC1C] - [04/06/2017 12:09:58] - |A| - [3072] - C:\WINDOWS\system32\lz32.dll
[MD5.3EC1A12B4841F7CCD65B12D792FC8FDA] - [04/06/2017 12:09:57] - |A| - [9926] - C:\WINDOWS\system32\l_intl.nls
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [30088134] - C:\WINDOWS\system32\Macromed
[MD5.000C84B9B1ACCD888B0AD1C614AA7CEA] - [04/06/2017 12:09:47] - |A| - [49152] - C:\WINDOWS\system32\Magnification.dll
[MD5.000D1A10BA63E1653C0AF280251B597E] - [04/06/2017 12:09:47] - |A| - [972800] - C:\WINDOWS\system32\Magnify.exe
[MD5.00000000000000000000000000000000] - [05/06/2017 08:59:15] - |D| - [33460] - C:\WINDOWS\system32\MailContactsCalendarSync
[MD5.0BAE49EC8993F820E053DE5C8AC053AD] - [04/06/2017 12:10:27] - |A| - [644096] - C:\WINDOWS\system32\main.cpl
[MD5.99CC01F71236FC7C417E7A0CC441BE4D] - [04/06/2017 12:10:13] - |A| - [74752] - C:\WINDOWS\system32\MaintenanceUI.dll
[MD5.887F302C7799CC5E6F9150B5A7A7CDA5] - [04/06/2017 12:09:55] - |A| - [83968] - C:\WINDOWS\system32\makecab.exe
[MD5.56880DF73AE84F42D4124933C8BE83AB] - [04/06/2017 12:12:53] - |A| - [214016] - C:\WINDOWS\system32\manage-bde.exe
[MD5.7A495CA1402C2F9F5D035092AD808669] - [04/06/2017 12:13:01] - |A| - [874] - C:\WINDOWS\system32\manage-bde.wsf
[MD5.D232A84261B194922F563F3EB27494A5] - [04/06/2017 12:09:29] - |A| - [483840] - C:\WINDOWS\system32\MapConfiguration.dll
[MD5.676C53EB6AD67E8727A26996184FA989] - [04/06/2017 12:09:29] - |A| - [885248] - C:\WINDOWS\system32\MapControlCore.dll
[MD5.D074D248C06851BB98D0451197AFF2AA] - [04/06/2017 12:09:29] - |A| - [2560] - C:\WINDOWS\system32\MapControlStringsRes.dll
[MD5.31884B72843F795049331D82D37BAAC4] - [04/06/2017 12:09:29] - |A| - [2817536] - C:\WINDOWS\system32\MapGeocoder.dll
[MD5.3836E608F67FE3F98E2E0F7D8D1D308C] - [04/06/2017 12:10:44] - |A| - [108032] - C:\WINDOWS\system32\mapi32.dll
[MD5.3836E608F67FE3F98E2E0F7D8D1D308C] - [04/06/2017 12:10:44] - |A| - [108032] - C:\WINDOWS\system32\mapistub.dll
[MD5.51249E9DD45B5123BF08FF724C891F98] - [04/06/2017 12:09:29] - |A| - [3372544] - C:\WINDOWS\system32\MapRouter.dll
[MD5.996717615F410D0E68DAB8AE897B099A] - [04/06/2017 12:09:29] - |A| - [141312] - C:\WINDOWS\system32\MapsBtSvc.dll
[MD5.FB50D70A4CA9B7A6DBA9270A76C572EA] - [04/06/2017 12:09:29] - |A| - [14848] - C:\WINDOWS\system32\MapsBtSvcProxy.dll
[MD5.CA377D848F0F7927EDF9E7C26B011A23] - [04/06/2017 12:09:29] - |A| - [91136] - C:\WINDOWS\system32\MapsCSP.dll
[MD5.F5E8C1326394AFAAF3B7681E65D1C1F0] - [04/06/2017 12:09:29] - |A| - [1137664] - C:\WINDOWS\system32\MapsStore.dll
[MD5.A08714848E705E1FA8AF896BDE5C8827] - [04/06/2017 12:09:29] - |A| - [29184] - C:\WINDOWS\system32\MapsTelemetry.dll
[MD5.B9905B083A4FD62717962075544D5AE3] - [04/06/2017 12:09:29] - |A| - [52736] - C:\WINDOWS\system32\mapstoasttask.dll
[MD5.786303C4775D399B94CEAE6130E1D2A4] - [04/06/2017 12:09:29] - |A| - [40960] - C:\WINDOWS\system32\mapsupdatetask.dll
[MD5.0FBDA44EBEBFF87FCAB07F2E53B1576C] - [04/06/2017 12:11:48] - |A| - [178512] - C:\WINDOWS\system32\mavinject.exe
[MD5.F1FFB99C7D5D81B8A7B4B774C81B5FCB] - [04/06/2017 12:09:25] - |A| - [839168] - C:\WINDOWS\system32\MbaeApi.dll
[MD5.61913085F38E31D0EEB53EC3CC42D9E4] - [04/06/2017 12:09:29] - |A| - [1062400] - C:\WINDOWS\system32\MbaeApiPublic.dll
[MD5.2B67048A08918A927EFD13DEEBE34F68] - [04/06/2017 12:10:13] - |A| - [113664] - C:\WINDOWS\system32\MbaeParserTask.exe
[MD5.BD80891441AB6E5F0625C35CBBAF9CDB] - [04/06/2017 12:10:13] - |A| - [50176] - C:\WINDOWS\system32\MbaeXmlParser.dll
[MD5.2B4400BED865B8C274E1F265A5AF4EEB] - [04/06/2017 12:11:37] - |A| - [799232] - C:\WINDOWS\system32\mblctr.exe
[MD5.65F41CA93433C820938353D6D3B89D4A] - [04/06/2017 12:09:40] - |A| - [464384] - C:\WINDOWS\system32\MBMediaManager.dll
[MD5.884070100DE2CAAAB78E8943CD55DE47] - [04/06/2017 12:10:32] - |A| - [792064] - C:\WINDOWS\system32\MBR2GPT.EXE
[MD5.FA6624D6435B803487040C8ED897F73E] - [04/06/2017 12:09:25] - |A| - [664064] - C:\WINDOWS\system32\mbsmsapi.dll
[MD5.575D4D3B9CB2856B394D1BF38075938C] - [04/06/2017 12:09:25] - |A| - [79872] - C:\WINDOWS\system32\mbussdapi.dll
[MD5.9E281693063A1B4F697584CBDDD5E9E4] - [04/06/2017 12:10:15] - |A| - [348160] - C:\WINDOWS\system32\mcbuilder.exe
[MD5.31C095E9BA823AE990E15D12809D1158] - [05/06/2017 08:59:13] - |A| - [175616] - C:\WINDOWS\system32\MCCSEngineShared.dll
[MD5.CF6E8D1464464DDC592DD44F1A3D67B1] - [05/06/2017 08:59:13] - |A| - [20480] - C:\WINDOWS\system32\MCCSPal.dll
[MD5.BE67A83287C998C9996F4419C2AFE241] - [04/06/2017 12:09:18] - |A| - [97792] - C:\WINDOWS\system32\mciavi32.dll
[MD5.76BC27CC6D6BA3BB93328073FF28340C] - [04/06/2017 12:09:21] - |A| - [48128] - C:\WINDOWS\system32\mcicda.dll
[MD5.B0F4AB813DAAE5757FAE696F98C63FD4] - [04/06/2017 12:09:21] - |A| - [42496] - C:\WINDOWS\system32\mciqtz32.dll
[MD5.E9DF09410F45E6E71C92F7C3DF8393C3] - [04/06/2017 12:09:21] - |A| - [29696] - C:\WINDOWS\system32\mciseq.dll
[MD5.2E8288B87F1906D1A3E645B3DAB6FB4F] - [04/06/2017 12:09:21] - |A| - [30208] - C:\WINDOWS\system32\mciwave.dll
[MD5.13A5AF9EE7C79246C5ED71A009A65DED] - [04/06/2017 12:09:54] - |A| - [965120] - C:\WINDOWS\system32\MCRecvSrc.dll
[MD5.0CBFB74E91400FF62D8CBB5D54494C70] - [04/06/2017 12:10:07] - |A| - [76112] - C:\WINDOWS\system32\mcupdate_AuthenticAMD.dll
[MD5.8B36E4DC61B104F3B11F03543ADC390B] - [04/06/2017 12:10:11] - |A| - [536912] - C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
[MD5.ED1FB0E8C30A14E45DFB019B873F3FFB] - [04/06/2017 12:09:04] - |A| - [479744] - C:\WINDOWS\system32\MDEServer.exe
[MD5.2E47D615D3FE42B4252280B8B70B17C5] - [04/06/2017 12:10:49] - |A| - [108032] - C:\WINDOWS\system32\MDMAgent.exe
[MD5.B59D74C7532D1A6ADF3EB5E84CBD94DF] - [04/06/2017 12:09:37] - |A| - [114688] - C:\WINDOWS\system32\MDMAppInstaller.exe
[MD5.5881BA0AD35FC0AC12C2687AC7BAF35C] - [04/06/2017 12:10:47] - |A| - [181760] - C:\WINDOWS\system32\MdmCommon.dll
[MD5.FF0CBB2DE12C77A344CAF3D3D4275098] - [04/06/2017 12:09:34] - |A| - [389632] - C:\WINDOWS\system32\MdmDiagnostics.dll
[MD5.7E76D33E5CD19D46FEF7D2227F4E9A7A] - [04/06/2017 12:09:34] - |A| - [36864] - C:\WINDOWS\system32\MdmDiagnosticsTool.exe
[MD5.9CBD523E5417162B0163D468EBA835CB] - [04/06/2017 12:10:42] - |A| - [173056] - C:\WINDOWS\system32\mdminst.dll
[MD5.325624164EC7C833B0A42C00019546AF] - [04/06/2017 12:09:37] - |A| - [56320] - C:\WINDOWS\system32\mdmlocalmanagement.dll
[MD5.93F3D8D1F35397BD98156D9E48985DD1] - [04/06/2017 12:09:37] - |A| - [139264] - C:\WINDOWS\system32\mdmmigrator.dll
[MD5.1CEE04B85CA41B6C9E0AD3035DF46AEA] - [04/06/2017 12:09:37] - |RA| - [58368] - C:\WINDOWS\system32\mdmpostprocessevaluator.dll
[MD5.2CE7F7451C62C9E7C9B98B2A89B37B2C] - [04/06/2017 12:09:37] - |A| - [202240] - C:\WINDOWS\system32\mdmregistration.dll
[MD5.9101AFD9C41BEB0F2949F9BFF4051DE3] - [04/06/2017 12:10:47] - |A| - [86528] - C:\WINDOWS\system32\MdRes.exe
[MD5.0CFAE30027C1AC23B13EAA4C78C07459] - [04/06/2017 12:10:47] - |A| - [91648] - C:\WINDOWS\system32\MdSched.exe
[MD5.D58D5A70C8104F8C08D3836E086E5932] - [04/06/2017 12:10:29] - |A| - [129536] - C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
[MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - [04/06/2017 12:09:18] - |A| - [110036] - C:\WINDOWS\system32\MediumRoom.bin
[MD5.F73B398594C2027062E3FEC167826CC6] - [04/06/2017 12:10:47] - |A| - [32256] - C:\WINDOWS\system32\MemoryDiagnostic.dll
[MD5.9B1CEB68E2AEEE7D8CF08E92ABE32C39] - [04/06/2017 12:09:33] - |A| - [905216] - C:\WINDOWS\system32\MessagingDataModel2.dll
[MD5.1961FF71F0EB25F05AD13DC86F8646E7] - [04/06/2017 12:09:21] - |A| - [52224] - C:\WINDOWS\system32\MessagingService.dll
[MD5.21C7B2471C368620CC2264E439026DD5] - [04/06/2017 12:08:52] - |A| - [601760] - C:\WINDOWS\system32\mf.dll
[MD5.E78ABB85FCD98EE5B2E8EC53003CC8E4] - [04/06/2017 12:10:02] - |A| - [56320] - C:\WINDOWS\system32\mf3216.dll
[MD5.503F7F51704F76574298C4DA6688DC78] - [04/06/2017 12:08:53] - |A| - [137880] - C:\WINDOWS\system32\mfAACEnc.dll
[MD5.A73A14F855528DBA8902C57AA0640136] - [04/06/2017 12:08:52] - |A| - [1990624] - C:\WINDOWS\system32\mfasfsrcsnk.dll
[MD5.4B38FE428DE3111433E46E56318C1FE0] - [04/06/2017 12:08:52] - |A| - [127096] - C:\WINDOWS\system32\mfaudiocnv.dll
[MD5.44E247B16D6D67F1627ED1EFA5E19A6E] - [04/06/2017 12:10:42] - |A| - [1420800] - C:\WINDOWS\system32\mfc42.dll
[MD5.7E8ED01B22A167AE192A6CBA0DBAB071] - [04/06/2017 12:10:42] - |A| - [1446912] - C:\WINDOWS\system32\mfc42u.dll
[MD5.0B13D2061D8038A6F5C0AB8BC34B8B1B] - [04/06/2017 12:08:52] - |A| - [470016] - C:\WINDOWS\system32\MFCaptureEngine.dll
[MD5.F6A70B8764441ACF7D0C4584AA98A0BA] - [04/06/2017 12:08:52] - |A| - [4483760] - C:\WINDOWS\system32\mfcore.dll
[MD5.C62B020F2AE73C810F3C01C4F9D29A7F] - [04/06/2017 12:09:55] - |A| - [34816] - C:\WINDOWS\system32\mfcsubs.dll
[MD5.3E25C10DADC0FBBBA76FE86200457BBC] - [04/06/2017 12:08:52] - |A| - [1141992] - C:\WINDOWS\system32\mfds.dll
[MD5.A271B78B593FE683DD23E0E8CFE693E8] - [04/06/2017 12:08:53] - |A| - [120832] - C:\WINDOWS\system32\mfdvdec.dll
[MD5.03B32116B8B92837CA902859DE7FB181] - [04/06/2017 12:08:52] - |A| - [70656] - C:\WINDOWS\system32\mferror.dll
[MD5.BC8B4339E747ECF13D9DB06EC28113FC] - [04/06/2017 12:08:52] - |A| - [49664] - C:\WINDOWS\system32\mfh263enc.dll
[MD5.E52D55C27E1DA1A1DFBC304689E8B99A] - [04/06/2017 12:08:52] - |A| - [613376] - C:\WINDOWS\system32\mfh264enc.dll
[MD5.5AF157974E16E0E190FCC3506B983F1B] - [04/06/2017 12:08:52] - |A| - [967168] - C:\WINDOWS\system32\mfh265enc.dll
[MD5.C26DA38B93D65CD99D7738E03F92ACA2] - [04/06/2017 12:09:18] - |A| - [294400] - C:\WINDOWS\system32\mfksproxy.dll
[MD5.C0E30EBD7294BFBBDF6548F59AA3184D] - [04/06/2017 12:08:52] - |A| - [4726784] - C:\WINDOWS\system32\MFMediaEngine.dll
[MD5.D805D47428E7FA6D552459A3E513C630] - [04/06/2017 12:08:53] - |A| - [97280] - C:\WINDOWS\system32\mfmjpegdec.dll
[MD5.C10112FDAF9FAD8D9292663C5A34E89E] - [04/06/2017 12:08:52] - |A| - [1356800] - C:\WINDOWS\system32\mfmkvsrcsnk.dll
[MD5.5101D64111E816CFE3FF81B11FD0DDB7] - [04/06/2017 12:08:52] - |A| - [2646080] - C:\WINDOWS\system32\mfmp4srcsnk.dll
[MD5.600972E4EC18B09A8A126A1797A52EE9] - [04/06/2017 12:08:52] - |A| - [1499944] - C:\WINDOWS\system32\mfmpeg2srcsnk.dll
[MD5.27B1B4DEE999F08026388C207A16E2B8] - [04/06/2017 12:08:52] - |A| - [1197280] - C:\WINDOWS\system32\mfnetcore.dll
[MD5.7BA29F27924351DF07C54F59AA08DD41] - [04/06/2017 12:08:52] - |A| - [1622880] - C:\WINDOWS\system32\mfnetsrc.dll
[MD5.0C92010C00479EFA93A72EB3FED68101] - [04/06/2017 12:08:52] - |A| - [1224120] - C:\WINDOWS\system32\mfperfhelper.dll
[MD5.4B11E4FAC08F8F382981C075834C585E] - [04/06/2017 12:08:52] - |A| - [1770568] - C:\WINDOWS\system32\mfplat.dll
[MD5.77C85B2E8F4E11CFEB960DA188E6D792] - [04/06/2017 12:08:52] - |A| - [599128] - C:\WINDOWS\system32\MFPlay.dll
[MD5.4B10B0E8F8504192F389334DB9135F60] - [04/06/2017 12:08:52] - |A| - [41896] - C:\WINDOWS\system32\mfpmp.exe
[MD5.738CDF9C138B4EE908A51C19CBCAA59C] - [04/06/2017 12:08:52] - |A| - [251568] - C:\WINDOWS\system32\mfps.dll
[MD5.463EA4472DF8E45AED8B8F1531471F8E] - [04/06/2017 12:08:52] - |A| - [990680] - C:\WINDOWS\system32\mfreadwrite.dll
[MD5.F862D9B856CC5445BB4E8D342CB0FB02] - [04/06/2017 12:09:21] - |A| - [208712] - C:\WINDOWS\system32\mfsensorgroup.dll
[MD5.17642C120EB913667E2AD3176C935609] - [04/06/2017 12:08:52] - |A| - [2243192] - C:\WINDOWS\system32\mfsrcsnk.dll
[MD5.77DC7664B91F5F2364A8182BA99E139C] - [04/06/2017 12:08:52] - |A| - [1231360] - C:\WINDOWS\system32\mfsvr.dll
[MD5.598ABCE668D1D25BC5E7AFBBC024540B] - [04/06/2017 12:08:52] - |A| - [522744] - C:\WINDOWS\system32\mftranscode.dll
[MD5.BC6DCB6953ABE35C4A11BD10DCF49E40] - [04/06/2017 12:08:52] - |A| - [90928] - C:\WINDOWS\system32\mfvdsp.dll
[MD5.9C729D170574CC1BAF07093867EC9408] - [04/06/2017 12:08:53] - |A| - [45568] - C:\WINDOWS\system32\mfvfw.dll
[MD5.4318126717E0FB927207753088B2C042] - [04/06/2017 12:08:52] - |A| - [454144] - C:\WINDOWS\system32\MFWMAAEC.DLL
[MD5.9CA4BE7C1EB18FA719F7AC5510FD9023] - [04/06/2017 12:10:36] - |A| - [23040] - C:\WINDOWS\system32\mgmtapi.dll
[MD5.9BE22B83A1CCA83FFF8CED288748DBE2] - [04/06/2017 12:10:44] - |A| - [124416] - C:\WINDOWS\system32\mi.dll
[MD5.F1D1229FD7EB12413706194FF267EEAC] - [04/06/2017 12:10:42] - |A| - [89600] - C:\WINDOWS\system32\mibincodec.dll
[MD5.00000000000000000000000000000000] - [12/06/2017 11:47:22] - |D| - [1138032] - C:\WINDOWS\system32\Microsoft
[MD5.9A134AD8034255FC036259546C0F643C] - [04/06/2017 12:09:25] - |A| - [208384] - C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
[MD5.AFC03F426F4AD3385A571B348E050085] - [04/06/2017 12:10:42] - |A| - [12288] - C:\WINDOWS\system32\microsoft-windows-battery-events.dll
[MD5.E99DA7A61A80DBB59A37814A06B69D53] - [04/06/2017 12:10:42] - |A| - [6656] - C:\WINDOWS\system32\microsoft-windows-hal-events.dll
[MD5.188A17E5BA3031BBEE5B721CF1BDEC28] - [04/06/2017 12:10:42] - |A| - [39936] - C:\WINDOWS\system32\microsoft-windows-kernel-pnp-events.dll
[MD5.DB0645D480D19E67BF33564458D5EB11] - [04/06/2017 12:10:42] - |A| - [225792] - C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
[MD5.76B0095086903BFEAFF9040860E15734] - [04/06/2017 12:10:44] - |A| - [117248] - C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
[MD5.FEB77B3BBFEAF7322120AA2C43D0E646] - [04/06/2017 12:09:29] - |A| - [113664] - C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
[MD5.08F1E71F5CB1008F62183AC56D044CA8] - [04/06/2017 12:09:29] - |A| - [9216] - C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
[MD5.9D30D70280CF305552C1A0B1911F89FD] - [04/06/2017 12:09:29] - |A| - [9728] - C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
[MD5.5E44C79337290AB19EAEF0BE2E78243B] - [04/06/2017 12:10:44] - |A| - [64000] - C:\WINDOWS\system32\microsoft-windows-pdc.dll
[MD5.23F52BB203BEA7123A245B08DDDEADDE] - [04/06/2017 12:08:57] - |A| - [10240] - C:\WINDOWS\system32\microsoft-windows-power-cad-events.dll
[MD5.D048A909FE7FF3ED7DDD379911DE650B] - [04/06/2017 12:10:44] - |A| - [4096] - C:\WINDOWS\system32\microsoft-windows-processor-aggregator-events.dll
[MD5.F1B5CEA60E10316FBA77585F2C98060A] - [04/06/2017 12:10:38] - |A| - [6144] - C:\WINDOWS\system32\microsoft-windows-sleepstudy-events.dll
[MD5.3D5FC2D8BE5BD89B0AE83CC523E5D5F5] - [04/06/2017 12:09:54] - |A| - [6144] - C:\WINDOWS\system32\microsoft-windows-storage-tiering-events.dll
[MD5.34953314CD917DC017EC22BC8D3FA3F8] - [04/06/2017 12:09:57] - |A| - [397824] - C:\WINDOWS\system32\microsoft-windows-system-events.dll
[MD5.725994A6D8494A23D426C92397279330] - [04/06/2017 12:09:25] - |A| - [2560] - C:\WINDOWS\system32\Microsoft-WindowsPhone-SEManagementProvider.dll
[MD5.E52F2DFD41A3EC69A69B4E4113C9DB72] - [04/06/2017 12:09:37] - |A| - [381952] - C:\WINDOWS\system32\Microsoft.Bluetooth.Core.dll
[MD5.542A509EDBE24E5763F60CE494328FB9] - [04/06/2017 12:09:37] - |A| - [3105792] - C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
[MD5.92FCA961619EA7F78398AC6B003F0368] - [04/06/2017 12:09:37] - |A| - [217088] - C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
[MD5.4437A1300E8760D1CDF4975FA80CF372] - [04/06/2017 12:13:11] - |A| - [17920] - C:\WINDOWS\system32\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
[MD5.93183481289668F65AE43BE32BD5FDB8] - [04/06/2017 12:11:48] - |A| - [13312] - C:\WINDOWS\system32\Microsoft.Uev.AgentDriverEvents.dll
[MD5.A8EDC1734E38BFBB5EE57035499FC766] - [04/06/2017 12:11:48] - |A| - [2371920] - C:\WINDOWS\system32\Microsoft.Uev.AppAgent.dll
[MD5.2319F1BBAD4478FF86CE89728CEAEEB5] - [04/06/2017 12:11:48] - |A| - [54272] - C:\WINDOWS\system32\Microsoft.Uev.CabUtil.dll
[MD5.A6EA84EBFB48EA1A1B4FED376AFD4312] - [04/06/2017 12:11:48] - |A| - [212992] - C:\WINDOWS\system32\Microsoft.Uev.CmUtil.dll
[MD5.AF2D18CE4CA4B9C0D6B9A5777985D866] - [04/06/2017 12:11:48] - |A| - [70656] - C:\WINDOWS\system32\Microsoft.Uev.Common.dll
[MD5.F4642AFF36DBEE155EDB00DD106CB373] - [04/06/2017 12:11:48] - |A| - [18432] - C:\WINDOWS\system32\Microsoft.Uev.Common.WinRT.dll
[MD5.4DEA672B97C8BC6102174D1CCFDB9BFC] - [04/06/2017 12:11:48] - |A| - [1185280] - C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
[MD5.5DC0D0517BF3E2CE4F79C709ADE1C7B5] - [04/06/2017 12:11:48] - |A| - [292352] - C:\WINDOWS\system32\Microsoft.Uev.ConfigWrapper.dll
[MD5.48F45C2CE8B7850175B321D44DFE0FCE] - [04/06/2017 12:11:48] - |A| - [409600] - C:\WINDOWS\system32\Microsoft.Uev.CscUnpinTool.exe
[MD5.36439FA368F4D1DE2EC39573D5B6D885] - [04/06/2017 12:11:48] - |A| - [46592] - C:\WINDOWS\system32\Microsoft.Uev.EventLogMessages.dll
[MD5.766240A63837F36BB48A1A35512BD776] - [04/06/2017 12:11:48] - |A| - [17920] - C:\WINDOWS\system32\Microsoft.Uev.LocalSyncProvider.dll
[MD5.52E94E4DC3C3D7CA0103D772E7F3BF36] - [04/06/2017 12:11:48] - |A| - [287744] - C:\WINDOWS\system32\Microsoft.Uev.ManagedEventLogging.dll
[MD5.4A89FAD990CB2E4732530498716B0B1D] - [04/06/2017 12:11:48] - |A| - [21504] - C:\WINDOWS\system32\Microsoft.Uev.Management.dll
[MD5.A506F0800345E3A22BFF35CBCB9F6999] - [04/06/2017 12:11:48] - |A| - [23552] - C:\WINDOWS\system32\Microsoft.Uev.Management.WmiAccess.dll
[MD5.B3897A37FA426EE0239C74AB6C964238] - [04/06/2017 12:11:48] - |A| - [2192384] - C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
[MD5.3075858303844BCC0EE58999A5D94CCA] - [04/06/2017 12:11:48] - |A| - [58368] - C:\WINDOWS\system32\Microsoft.Uev.ModernAppCore.dll
[MD5.10F994F8AE0B1ED9380EA531C2E8301A] - [04/06/2017 12:11:48] - |A| - [20992] - C:\WINDOWS\system32\Microsoft.Uev.ModernAppData.WinRT.dll
[MD5.3BFFD036100616477937FF2E1BCBAA3F] - [04/06/2017 12:11:48] - |A| - [14336] - C:\WINDOWS\system32\Microsoft.Uev.ModernSync.dll
[MD5.644828736B96EFC15DA4915E370872D2] - [04/06/2017 12:11:48] - |A| - [8192] - C:\WINDOWS\system32\Microsoft.Uev.MonitorSyncProvider.dll
[MD5.DE9B7F7A99008135A1901C50340CFE0C] - [04/06/2017 12:11:48] - |A| - [45056] - C:\WINDOWS\system32\Microsoft.Uev.Office2010CustomActions.dll
[MD5.8C130F3FB4C0953A597E1DBB45D6BE14] - [04/06/2017 12:11:48] - |A| - [732672] - C:\WINDOWS\system32\Microsoft.Uev.Office2013CustomActions.dll
[MD5.F85F2238BB31864EFE8C4AC41911D4E6] - [04/06/2017 12:11:48] - |A| - [755712] - C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
[MD5.A311A8A4DB1A0DD15BDE2DDD9F202383] - [04/06/2017 12:11:48] - |A| - [11264] - C:\WINDOWS\system32\Microsoft.Uev.SmbSyncProvider.dll
[MD5.56ABE6311FA2E8A79E9956A5A74EBFF6] - [04/06/2017 12:11:48] - |A| - [19456] - C:\WINDOWS\system32\Microsoft.Uev.SyncCommon.dll
[MD5.F4DE1C5A131438BCBA8260B5327ACBB3] - [04/06/2017 12:11:48] - |A| - [7680] - C:\WINDOWS\system32\Microsoft.Uev.SyncConditions.dll
[MD5.B34CE789D7DD10BAA3B99AB38F3505DB] - [04/06/2017 12:11:48] - |A| - [82944] - C:\WINDOWS\system32\Microsoft.Uev.SyncController.exe
[MD5.AFC0E6828D85237A98FDBA4690235F4D] - [04/06/2017 12:09:25] - |A| - [271360] - C:\WINDOWS\system32\MicrosoftAccountCloudAP.dll
[MD5.230CE458901CA5C4FE1BC836006C801B] - [04/06/2017 12:09:25] - |A| - [309760] - C:\WINDOWS\system32\MicrosoftAccountExtension.dll
[MD5.A936C9923009BD036A33B5F9A7C8D49E] - [04/06/2017 12:09:22] - |A| - [204288] - C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
[MD5.1E6E2A8EFD98D343959D44A8DBF4DDA2] - [04/06/2017 12:09:25] - |A| - [248320] - C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
[MD5.AC6501BCEE2BCA60D391117CFB10508C] - [04/06/2017 12:09:18] - |A| - [24576] - C:\WINDOWS\system32\midimap.dll
[MD5.695C35DA05FCAEF4C7FE190D85DC3430] - [04/06/2017 12:10:32] - |A| - [137552] - C:\WINDOWS\system32\migisol.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [6879423] - C:\WINDOWS\system32\migration
[MD5.A5B758AAB054C802B5935C1B2BC7655F] - [04/06/2017 12:10:06] - |A| - [183808] - C:\WINDOWS\system32\miguiresource.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [47868412] - C:\WINDOWS\system32\migwiz
[MD5.CF0B9D0491A3F475D5404B427A51A7E5] - [04/06/2017 12:10:33] - |A| - [38912] - C:\WINDOWS\system32\mimefilt.dll
[MD5.E62FA04190C893AABE44AAC4D1A2283E] - [04/06/2017 12:10:42] - |A| - [156160] - C:\WINDOWS\system32\mimofcodec.dll
[MD5.E9CAA438BCF124BF7D0D70B8D66B42FC] - [04/06/2017 12:09:49] - |A| - [12288] - C:\WINDOWS\system32\MinstoreEvents.dll
[MD5.83EE052A73111CB89A6AEDF8D9437F02] - [04/06/2017 12:10:02] - |A| - [302080] - C:\WINDOWS\system32\mintdh.dll
[MD5.A3E46EBF469D4F9BBA6275295430AD43] - [04/06/2017 12:09:34] - |A| - [38400] - C:\WINDOWS\system32\MiracastInputMgr.dll
[MD5.66931F22225E2C99182FB7D70DAFC247] - [04/06/2017 12:09:54] - |A| - [1154048] - C:\WINDOWS\system32\MiracastReceiver.dll
[MD5.52176B65E6E63EA72E1887957C5C5E44] - [04/06/2017 12:10:44] - |A| - [37376] - C:\WINDOWS\system32\MirrorDrvCompat.dll
[MD5.3D2D7380D6BCD4370B12626F9EAA7023] - [04/06/2017 12:09:40] - |A| - [3352064] - C:\WINDOWS\system32\mispace.dll
[MD5.F62436A4D27B5B44D24702C6239FCD19] - [04/06/2017 12:10:44] - |A| - [231936] - C:\WINDOWS\system32\miutils.dll
[MD5.ED434A3EBE29070A7E0138C42482EB93] - [04/06/2017 12:10:23] - |A| - [673088] - C:\WINDOWS\system32\mlang.dat
[MD5.B25D525F06EF2C26ED3F5C7EF290E71C] - [04/06/2017 12:10:23] - |A| - [240640] - C:\WINDOWS\system32\mlang.dll
[MD5.B1DBE209CCF8F449F516169D8BC1FF20] - [04/06/2017 12:10:13] - |A| - [1936384] - C:\WINDOWS\system32\mmc.exe
[MD5.2D945B744B1DAD31D83E0080DD945434] - [04/06/2017 12:10:13] - |A| - [342016] - C:\WINDOWS\system32\mmcbase.dll
[MD5.C0E9DB073448D79A1D2F2C23AA729348] - [04/06/2017 12:09:18] - |A| - [78336] - C:\WINDOWS\system32\mmci.dll
[MD5.DA369F81E960580FDF7C68FCA62DDEFC] - [04/06/2017 12:09:18] - |A| - [15360] - C:\WINDOWS\system32\mmcico.dll
[MD5.D952C4C6AEEE15BE5ED780FDE5539E60] - [04/06/2017 12:10:16] - |A| - [2959360] - C:\WINDOWS\system32\mmcndmgr.dll
[MD5.0FF8FDBD00BD067AC61EE5FD056014E2] - [04/06/2017 12:10:13] - |A| - [128000] - C:\WINDOWS\system32\mmcshext.dll
[MD5.3BF32A103834F6AE8170BF7A8E4798BC] - [04/06/2017 12:09:21] - |A| - [408104] - C:\WINDOWS\system32\MMDevAPI.dll
[MD5.084B1800A043A4A534AA72755E29FAC9] - [04/06/2017 12:09:37] - |A| - [2185728] - C:\WINDOWS\system32\mmgaclient.dll
[MD5.D3C69E4395824191F11F523C2CAABACF] - [04/06/2017 12:09:37] - |A| - [155136] - C:\WINDOWS\system32\mmgaproxystub.dll
[MD5.314D27EFAD27CC4AF3AD981BEB995884] - [04/06/2017 12:09:37] - |A| - [1684480] - C:\WINDOWS\system32\mmgaserver.exe
[MD5.0C3B1676B5CCF306737D61B08983F7D2] - [04/06/2017 12:09:49] - |A| - [9569280] - C:\WINDOWS\system32\mmres.dll
[MD5.71628DD0FD3FEE0A1D5EC8CC0EC39CA0] - [04/06/2017 12:09:49] - |A| - [803840] - C:\WINDOWS\system32\mmsys.cpl
[MD5.BD92C0906C49EF11C8AA6B1CCFEFB990] - [04/06/2017 12:10:35] - |A| - [97792] - C:\WINDOWS\system32\mobsync.exe
[MD5.8E50770AA7DA8B9659DA3CB302988B37] - [04/06/2017 12:09:52] - |A| - [31232] - C:\WINDOWS\system32\mode.com
[MD5.B9D6A1DE5839D6D6D114BBEB783D44F7] - [04/06/2017 12:10:42] - |A| - [183296] - C:\WINDOWS\system32\modemui.dll
[MD5.110B75564A38DD2A67F004E82623C8A3] - [04/06/2017 12:09:24] - |A| - [1008640] - C:\WINDOWS\system32\modernexecserver.dll
[MD5.B494A48FEBA140B307740AD81A3CED80] - [04/06/2017 12:09:37] - |A| - [30208] - C:\WINDOWS\system32\more.com
[MD5.6B452652762BBD2E9141C38A55825F13] - [04/06/2017 12:10:36] - |A| - [185344] - C:\WINDOWS\system32\moricons.dll
[MD5.02042892AFDF5C1F197B22F2CD4A8FD0] - [04/06/2017 12:09:29] - |A| - [7129088] - C:\WINDOWS\system32\mos.dll
[MD5.A3AF074C4ED3079E9EA013EF33E8D9D6] - [04/06/2017 12:09:29] - |A| - [84992] - C:\WINDOWS\system32\moshost.dll
[MD5.8314A049B39227D6D2B033213A106370] - [04/06/2017 12:09:29] - |A| - [92160] - C:\WINDOWS\system32\MosHostClient.dll
[MD5.CBC0C2CBE1C0F96B6B2FA68F042A2757] - [04/06/2017 12:09:29] - |A| - [329040] - C:\WINDOWS\system32\moshostcore.dll
[MD5.056D56E897D8CB16527394C6598759E2] - [04/06/2017 12:09:29] - |A| - [409088] - C:\WINDOWS\system32\MosResource.dll
[MD5.1E815D19670D81B04720647330BDAD29] - [04/06/2017 12:09:29] - |A| - [82944] - C:\WINDOWS\system32\MosStorage.dll
[MD5.45D6DB7E4409B21858A901201A468039] - [04/06/2017 12:09:34] - |A| - [17920] - C:\WINDOWS\system32\mountvol.exe
[MD5.4251E7F02FCDD2BDA7A49F99CEDA4D69] - [04/06/2017 12:08:52] - |A| - [111552] - C:\WINDOWS\system32\MP3DMOD.DLL
[MD5.86EC52B3BD1C507E35A5A8637DF13899] - [04/06/2017 12:08:53] - |A| - [231968] - C:\WINDOWS\system32\MP43DECD.DLL
[MD5.F4FAD743CD9F59F81380D9E48EE1E5D5] - [04/06/2017 12:08:52] - |A| - [352304] - C:\WINDOWS\system32\MP4SDECD.DLL
[MD5.03B2D63DB649EE5516CD80F7C40D7C1D] - [04/06/2017 12:10:38] - |A| - [100352] - C:\WINDOWS\system32\Mpeg2Data.ax
[MD5.8C546CBA22A8138940EA42A686831CA1] - [04/06/2017 12:10:29] - |A| - [232960] - C:\WINDOWS\system32\mpeval.dll
[MD5.9BDA4A6F454EB70664888C679CE2073D] - [04/06/2017 12:10:40] - |A| - [252928] - C:\WINDOWS\system32\mpg2splt.ax
[MD5.15203557A5DD1AA2F1A975AFBA848743] - [04/06/2017 12:08:53] - |A| - [232480] - C:\WINDOWS\system32\MPG4DECD.DLL
[MD5.B6E04C0B046E3C3ABC13EC84C5395CBA] - [04/06/2017 12:10:42] - |A| - [19456] - C:\WINDOWS\system32\mpnotify.exe
[MD5.29925AD8269E7C1A582960C3A2E16B20] - [04/06/2017 12:09:55] - |A| - [96120] - C:\WINDOWS\system32\mpr.dll
[MD5.5954C7161D23EB5744C9A5F0A4009B64] - [04/06/2017 12:09:34] - |A| - [510976] - C:\WINDOWS\system32\mprapi.dll
[MD5.3F7372A5881128A2D766DE92B7ACAACC] - [04/06/2017 12:10:29] - |A| - [855552] - C:\WINDOWS\system32\mprddm.dll
[MD5.69FCC367C095B17F4261F072EF09AB45] - [04/06/2017 12:10:27] - |A| - [491520] - C:\WINDOWS\system32\mprdim.dll
[MD5.D3EA51135CE0E4227E6B0CCAC4BAC5D9] - [04/06/2017 12:10:27] - |A| - [13824] - C:\WINDOWS\system32\mprext.dll
[MD5.274AB936284A65EFF338CA69F959E920] - [04/06/2017 12:10:29] - |A| - [115200] - C:\WINDOWS\system32\mprmsg.dll
[MD5.D76D3A06E80F6AC0473AB4EAF1D136ED] - [04/06/2017 12:09:33] - |A| - [976384] - C:\WINDOWS\system32\MPSSVC.dll
[MD5.AAD519744D2858B4E0FC08EF2E956842] - [04/06/2017 12:10:27] - |A| - [481792] - C:\WINDOWS\system32\mpunits.dll
[MD5.B66E714DE8B0404CE1E1FF6C59AC9124] - [04/06/2017 12:09:34] - |A| - [16896] - C:\WINDOWS\system32\MRINFO.EXE
[MD5.EFC5ACA16F4FA4BE2CE2AC88BABB92EF] - [04/06/2017 12:09:30] - |A| - [1066592] - C:\WINDOWS\system32\MrmCoreR.dll
[MD5.6D46DCFA24577585D8DBC085E24F63A5] - [04/06/2017 12:09:30] - |A| - [358960] - C:\WINDOWS\system32\MrmDeploy.dll
[MD5.CBA8A79F969AEB0638788E6C326DC035] - [04/06/2017 12:10:15] - |A| - [820736] - C:\WINDOWS\system32\MrmIndexer.dll
[MD5.E1F51A60689002C614CD4BEA49534D4D] - [04/06/2017 12:09:34] - |A| - [31904] - C:\WINDOWS\system32\mrt100.dll
[MD5.CA38D29EA401068262FF1C9E19CB7A0D] - [04/06/2017 12:09:34] - |A| - [33440] - C:\WINDOWS\system32\mrt_map.dll
[MD5.F3EBD34CFF50786C120C03B9DAB0A9FD] - [04/06/2017 12:12:53] - |A| - [55296] - C:\WINDOWS\system32\ms3dthumbnailprovider.dll
[MD5.62E56304E50DAD1F885E35FB97365E1F] - [04/06/2017 12:10:24] - |A| - [164352] - C:\WINDOWS\system32\msaatext.dll
[MD5.F6B3EA1B2F5C41549B9580FB44D8200D] - [04/06/2017 12:08:52] - |A| - [228352] - C:\WINDOWS\system32\MSAC3ENC.DLL
[MD5.720077887FE6EF8C1BF5AABE6515F723] - [04/06/2017 12:09:21] - |A| - [101280] - C:\WINDOWS\system32\msacm32.dll
[MD5.519B0EE607F3B0FB6BD011E74D5433C4] - [04/06/2017 12:09:18] - |A| - [28672] - C:\WINDOWS\system32\msacm32.drv
[MD5.E9259DD094E2F2B7B4A48AED8FECE87F] - [04/06/2017 12:09:21] - |A| - [30008] - C:\WINDOWS\system32\msadp32.acm
[MD5.A35313FA82C20BD392FB3CB5D16806E8] - [04/06/2017 12:10:44] - |A| - [3072] - C:\WINDOWS\system32\msafd.dll
[MD5.7F947031C9A92A8ABEF99E069488B2BC] - [04/06/2017 12:09:22] - |A| - [3329536] - C:\WINDOWS\system32\MSAJApi.dll
[MD5.4B65D11951DA3E02B14CF829BB613EEC] - [04/06/2017 12:08:52] - |A| - [56832] - C:\WINDOWS\system32\MSAlacDecoder.dll
[MD5.08874367D1349503B761B5444A580450] - [04/06/2017 12:08:52] - |A| - [70144] - C:\WINDOWS\system32\MSAlacEncoder.dll
[MD5.77E488FF4C0C58031D9378861AF1CAF7] - [04/06/2017 12:08:52] - |A| - [132096] - C:\WINDOWS\system32\MSAMRNBDecoder.dll
[MD5.59C316FEA4E8333B1167CAB852A15249] - [04/06/2017 12:08:52] - |A| - [207872] - C:\WINDOWS\system32\MSAMRNBEncoder.dll
[MD5.6DBFE644D86BD50FB07DA3A206CFD8EB] - [04/06/2017 12:08:52] - |A| - [28160] - C:\WINDOWS\system32\MSAMRNBSink.dll
[MD5.65B9DD837E6506C4C76487FFBAF43087] - [04/06/2017 12:08:52] - |A| - [92160] - C:\WINDOWS\system32\MSAMRNBSource.dll
[MD5.0F60C14AAC08698075A7F01330D5A47E] - [04/06/2017 12:09:25] - |A| - [52736] - C:\WINDOWS\system32\MSAProfileNotificationHandler.dll
[MD5.636A3B8E5E2B093921A656F74E477F8B] - [04/06/2017 12:09:57] - |A| - [59472] - C:\WINDOWS\system32\msasn1.dll
[MD5.993A8693C470D78F75EEB11A0CB786E7] - [04/06/2017 12:08:52] - |A| - [413480] - C:\WINDOWS\system32\MSAudDecMFT.dll
[MD5.A66094610F1339FA81F6236C5E24CFF4] - [04/06/2017 12:09:55] - |A| - [155136] - C:\WINDOWS\system32\msaudite.dll
[MD5.B0F5E92D2D0D0205859E340FF19F52C3] - [04/06/2017 12:10:07] - |A| - [22528] - C:\WINDOWS\system32\msauserext.dll
[MD5.8A2B044F5D530EE7AFA2B7ED1C3C5457] - [04/06/2017 12:10:36] - |A| - [293376] - C:\WINDOWS\system32\mscandui.dll
[MD5.4A9040F1B6344538063E6D10E049C723] - [04/06/2017 12:10:02] - |A| - [11776] - C:\WINDOWS\system32\mscat32.dll
[MD5.B24D17940E8E2154F35C57FC44CAC270] - [04/06/2017 12:10:15] - |A| - [82944] - C:\WINDOWS\system32\MSchedExe.exe
[MD5.D5378AE5523934B21E8C557EDB766F26] - [04/06/2017 12:17:10] - |A| - [229376] - C:\WINDOWS\system32\msclmd.dll
[MD5.69BA1B126F32AD7EF8D2F064DF142D0D] - [04/06/2017 12:09:25] - |A| - [590336] - C:\WINDOWS\system32\mscms.dll
[MD5.6191872D5F073DA10997F2AB4AE15491] - [04/06/2017 12:10:14] - |A| - [184320] - C:\WINDOWS\system32\msconfig.exe
[MD5.44483DC65F4F8A887076DFBDF18B2273] - [04/06/2017 12:09:04] - |A| - [372736] - C:\WINDOWS\system32\mscoree.dll
[MD5.BBB5CE97A050123B2F0254DB0847D96A] - [04/06/2017 12:09:04] - |A| - [19968] - C:\WINDOWS\system32\mscorier.dll
[MD5.A68B6BCC0DC176BA822BE7578B163AAF] - [04/06/2017 12:09:04] - |A| - [73880] - C:\WINDOWS\system32\mscories.dll
[MD5.8D80ED01CE9D96A75D96D6C294AEDBF0] - [04/06/2017 12:10:00] - |A| - [1461728] - C:\WINDOWS\system32\msctf.dll
[MD5.4D86D59F665130A9C1E207366F1CAFD7] - [04/06/2017 12:10:36] - |A| - [10240] - C:\WINDOWS\system32\msctfime.ime
[MD5.4A79A5314560C9DF901269D7B08C6DF5] - [04/06/2017 12:10:35] - |A| - [82432] - C:\WINDOWS\system32\MsCtfMonitor.dll
[MD5.9F7C80014C578987D6676B8CB5766B99] - [04/06/2017 12:10:36] - |A| - [217600] - C:\WINDOWS\system32\msctfp.dll
[MD5.2C97F2DB5D2E3AF9FF7A75E3ED128759] - [04/06/2017 12:10:36] - |A| - [113664] - C:\WINDOWS\system32\msctfui.dll
[MD5.AB5D2302855FB4AA2FF7517201AC981E] - [04/06/2017 12:10:33] - |A| - [966656] - C:\WINDOWS\system32\msctfuimanager.dll
[MD5.3A3AA812DC88D5E9E6F0D2AF7457A0D6] - [04/06/2017 12:10:13] - |A| - [152064] - C:\WINDOWS\system32\msdadiag.dll
[MD5.EB19128C7088C985DF1258391D109F19] - [04/06/2017 12:10:16] - |A| - [134656] - C:\WINDOWS\system32\msdart.dll
[MD5.4B2F11E741ACB664A805F1DC9DB556D4] - [04/06/2017 12:10:15] - |A| - [5120] - C:\WINDOWS\system32\msdatsrc.tlb
[MD5.DD1AC502A727C2A3E5070934490943FC] - [04/06/2017 12:10:00] - |A| - [503120] - C:\WINDOWS\system32\msdelta.dll
[MD5.60A8A8901E3B42BEAE49EED1F34167E5] - [04/06/2017 12:09:21] - |A| - [32056] - C:\WINDOWS\system32\msdmo.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [46592] - C:\WINDOWS\system32\MSDRM
[MD5.814C37885B3E88E6BEC6D12E561CC8B9] - [04/06/2017 12:10:47] - |A| - [560128] - C:\WINDOWS\system32\msdrm.dll
[MD5.03EC8191528644296E2DCCBD3698FCF2] - [04/06/2017 12:10:42] - |A| - [1558528] - C:\WINDOWS\system32\msdt.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [4706594] - C:\WINDOWS\system32\MsDtc
[MD5.BB9565615489F51B5A920E354D91BCE0] - [04/06/2017 12:09:52] - |A| - [146944] - C:\WINDOWS\system32\msdtc.exe
[MD5.55846E899C6017A53B6B0234BB9A64DF] - [04/06/2017 12:09:52] - |A| - [368128] - C:\WINDOWS\system32\msdtckrm.dll
[MD5.E9BEACF3E65A687685672853C1F01DF0] - [04/06/2017 12:09:49] - |A| - [125952] - C:\WINDOWS\system32\msdtclog.dll
[MD5.A994ECA5EE76136C4848F17ADCB68F42] - [04/06/2017 12:09:54] - |A| - [826880] - C:\WINDOWS\system32\msdtcprx.dll
[MD5.D204C2D488EF7E8C873F1CA264E84146] - [04/06/2017 12:09:54] - |A| - [1546752] - C:\WINDOWS\system32\msdtctm.dll
[MD5.E801CC4B94ED98C43B9CBD757584F199] - [04/06/2017 12:09:54] - |A| - [300544] - C:\WINDOWS\system32\msdtcuiu.dll
[MD5.7FC68C185D5346EECB0B5407591624CB] - [04/06/2017 12:09:55] - |A| - [22528] - C:\WINDOWS\system32\msdtcVSp1res.dll
[MD5.ABC3864924E9ECDA85B0017227E0913B] - [04/06/2017 12:10:38] - |A| - [76288] - C:\WINDOWS\system32\MSDvbNP.ax
[MD5.C6B2C6C6981A03D76D480BD7D49B6217] - [05/06/2017 08:58:25] - |A| - [7168] - C:\WINDOWS\system32\msdxm.ocx
[MD5.1294CF3A0322E974451E7D5B343B33D4] - [05/06/2017 08:58:25] - |A| - [44032] - C:\WINDOWS\system32\msdxm.tlb
[MD5.D227C4E96BCB7B9847FB42A338FA3185] - [04/06/2017 12:09:04] - |A| - [775680] - C:\WINDOWS\system32\msfeeds.dll
[MD5.5FFD7E7A879710BD929C2A3686776430] - [04/06/2017 12:09:04] - |A| - [72704] - C:\WINDOWS\system32\msfeedsbs.dll
[MD5.CA212FCD2E5321385E8B7B5219B527D1] - [04/06/2017 12:09:04] - |A| - [14848] - C:\WINDOWS\system32\msfeedssync.exe
[MD5.9638D9F2D6E3D2EB71DCAE86CCB1D809] - [04/06/2017 12:08:52] - |A| - [441344] - C:\WINDOWS\system32\MSFlacDecoder.dll
[MD5.FFD13C5046DFEDFA4B04546DD72BB211] - [04/06/2017 12:08:52] - |A| - [276992] - C:\WINDOWS\system32\MSFlacEncoder.dll
[MD5.7D87DDB15023D998D59ED5BB43D9CA40] - [04/06/2017 12:09:21] - |A| - [3079168] - C:\WINDOWS\system32\msftedit.dll
[MD5.08AF6E6448EF39D6DCFA31B18C101ABA] - [04/06/2017 12:11:52] - |A| - [26112] - C:\WINDOWS\system32\msg.exe
[MD5.D53E99EECB1E479B2B4FC20FCEA79267] - [04/06/2017 12:09:21] - |A| - [21232] - C:\WINDOWS\system32\msg711.acm
[MD5.EC0D9FD47B44F9B79D5ADE743067047C] - [04/06/2017 12:09:21] - |A| - [38312] - C:\WINDOWS\system32\msgsm32.acm
[MD5.FD9742DB68CE21D8209FEC7DE5117AF7] - [04/06/2017 12:09:03] - |A| - [14848] - C:\WINDOWS\system32\mshta.exe
[MD5.26491D53B6CB245135847DA2F918002B] - [04/06/2017 12:09:03] - |A| - [23689216] - C:\WINDOWS\system32\mshtml.dll
[MD5.3BFD67DC96603DC63274CFD84C0C3756] - [04/06/2017 12:09:03] - |A| - [2755584] - C:\WINDOWS\system32\mshtml.tlb
[MD5.828110900D09F33DC16EB2F0F4816737] - [04/06/2017 12:09:03] - |A| - [82432] - C:\WINDOWS\system32\MshtmlDac.dll
[MD5.790762E11DD40A1551F1A8BCAC01AFEA] - [04/06/2017 12:09:03] - |A| - [93696] - C:\WINDOWS\system32\mshtmled.dll
[MD5.354083AABA69170DFEBA7AD6269FBF4C] - [04/06/2017 12:09:03] - |A| - [49152] - C:\WINDOWS\system32\mshtmler.dll
[MD5.04149C99E887814CCE34DEDC5BE8A29F] - [04/06/2017 12:10:15] - |A| - [4060672] - C:\WINDOWS\system32\msi.dll
[MD5.E8D4FAFB018FC1CC27336E1EEC86C00F] - [04/06/2017 12:10:41] - |A| - [43008] - C:\WINDOWS\system32\MsiCofire.dll
[MD5.915EC4406D8481319D8A37F4B15D7FA3] - [04/06/2017 12:10:11] - |A| - [14848] - C:\WINDOWS\system32\msidcrl40.dll
[MD5.C0C90648E6E77F29FA973C85A05DAC99] - [04/06/2017 12:10:13] - |A| - [63488] - C:\WINDOWS\system32\msident.dll
[MD5.9BCE22FCCAA96F6645130CFA6DEC310D] - [04/06/2017 12:10:15] - |A| - [11776] - C:\WINDOWS\system32\msidle.dll
[MD5.19991051BDAA30F5027EC6B621EC13A9] - [04/06/2017 12:10:13] - |A| - [5120] - C:\WINDOWS\system32\msidntld.dll
[MD5.D0B87182A133D6AB5C974C69A5F45C34] - [04/06/2017 12:10:49] - |A| - [318464] - C:\WINDOWS\system32\msieftp.dll
[MD5.3A1366F2DF94A3AC1D678C41320ED518] - [04/06/2017 12:10:13] - |A| - [65536] - C:\WINDOWS\system32\msiexec.exe
[MD5.44159CAD34342D4EFE0EFCD0EB712942] - [04/06/2017 12:10:13] - |A| - [390144] - C:\WINDOWS\system32\msihnd.dll
[MD5.B247936FDE186E71D11707AE055F6574] - [04/06/2017 12:10:14] - |A| - [20992] - C:\WINDOWS\system32\msiltcfg.dll
[MD5.E6DC16C7DA8BA044749CCEBDA96DD19D] - [04/06/2017 12:10:02] - |A| - [8192] - C:\WINDOWS\system32\msimg32.dll
[MD5.4220F55ABAB6AE7A8C237BB88FA52D2C] - [04/06/2017 12:10:15] - |A| - [26112] - C:\WINDOWS\system32\msimsg.dll
[MD5.AE5460079BA6C028D5A2E0CE9EEAD293] - [04/06/2017 12:10:36] - |A| - [46080] - C:\WINDOWS\system32\msimtf.dll
[MD5.2544FB23D5CE2D95E428FD6F726B9E0A] - [04/06/2017 12:10:49] - |A| - [369664] - C:\WINDOWS\system32\msinfo32.exe
[MD5.7F06540FCA8C95E3EDD3303D783E7AB2] - [04/06/2017 12:10:16] - |A| - [30208] - C:\WINDOWS\system32\msisip.dll
[MD5.42A5B4E6D586903BB588B8100B4F1449] - [04/06/2017 12:10:11] - |A| - [392192] - C:\WINDOWS\system32\msIso.dll
[MD5.10F4CB1421E1ACB1F7541BC5171BD518] - [04/06/2017 12:10:15] - |A| - [12288] - C:\WINDOWS\system32\msiwer.dll
[MD5.EA75EBAEAF4700383CFE810D8A5CB19F] - [04/06/2017 12:09:25] - |A| - [181760] - C:\WINDOWS\system32\mskeyprotcli.dll
[MD5.A20A27A372B4ACC38F95EA74FC57AFCE] - [04/06/2017 12:09:25] - |A| - [60416] - C:\WINDOWS\system32\mskeyprotect.dll
[MD5.B860E9F07AD72FB01FEC00324F4E055D] - [04/06/2017 12:10:32] - |A| - [210944] - C:\WINDOWS\system32\msls31.dll
[MD5.3EDC9C494090B9334A5422EDDB87571F] - [04/06/2017 12:08:53] - |A| - [993280] - C:\WINDOWS\system32\msmpeg2adec.dll
[MD5.56E7539E7B3E1E7669B536CB3CFEE3FC] - [04/06/2017 12:08:52] - |A| - [909824] - C:\WINDOWS\system32\MSMPEG2ENC.DLL
[MD5.DD8E56E0CDF36A57DCDAD4942F69DA4B] - [04/06/2017 12:08:52] - |A| - [2398696] - C:\WINDOWS\system32\msmpeg2vdec.dll
[MD5.DCC7775CE4E95FCCE8437E80C8927643] - [04/06/2017 12:10:38] - |A| - [251392] - C:\WINDOWS\system32\MSNP.ax
[MD5.AF1BB587F147E5F325FD90069B24D41E] - [04/06/2017 12:09:55] - |A| - [62976] - C:\WINDOWS\system32\msobjs.dll
[MD5.7E9F9121440B7909DB75567D6CA035B2] - [04/06/2017 12:10:11] - |A| - [112640] - C:\WINDOWS\system32\msoert2.dll
[MD5.0D523A55CD2EBE11B5C7FE250162B90E] - [04/06/2017 12:08:52] - |A| - [159232] - C:\WINDOWS\system32\MSOpusDecoder.dll
[MD5.9CEA606409695FF990EA42CDDF5C5347] - [04/06/2017 12:09:49] - |A| - [6720000] - C:\WINDOWS\system32\mspaint.exe
[MD5.E5E8225724C0515D3C4C88F9795BFFDF] - [04/06/2017 12:10:00] - |A| - [50000] - C:\WINDOWS\system32\mspatcha.dll
[MD5.FD684986FD75471AAD7C3D8174BEA418] - [04/06/2017 12:10:00] - |A| - [80896] - C:\WINDOWS\system32\mspatchc.dll
[MD5.EA885E1DB1BBAD26FBD8F882134C7295] - [04/06/2017 12:08:52] - |A| - [1734144] - C:\WINDOWS\system32\MSPhotography.dll
[MD5.E5BD2C422C519AB7EB50A0575B46F78E] - [04/06/2017 12:10:40] - |A| - [54272] - C:\WINDOWS\system32\msports.dll
[MD5.88A90E5D9FC9BFFCCC8C2A7755339E74] - [04/06/2017 12:09:55] - |A| - [2560] - C:\WINDOWS\system32\msprivs.dll
[MD5.B67B11B8B8771AA71AE423B3F2BEF629] - [04/06/2017 12:12:40] - |A| - [567808] - C:\WINDOWS\system32\msra.exe
[MD5.C0C3C21312D67DAFCEAD5913BE9F6107] - [04/06/2017 12:12:40] - |A| - [126976] - C:\WINDOWS\system32\msrahc.dll
[MD5.5EED09DB8D488567C99A184813E07619] - [04/06/2017 12:12:40] - |A| - [7680] - C:\WINDOWS\system32\MsraLegacy.tlb
[MD5.308F978D7AF312539F7304E835E91E9E] - [04/06/2017 12:10:11] - |A| - [12288] - C:\WINDOWS\system32\msrating.dll
[MD5.70D20AF8088E305364A22E75CAFADB61] - [04/06/2017 12:09:08] - |A| - [178688] - C:\WINDOWS\system32\msrdc.dll
[MD5.FA85076F4F8036E971F3F3E00E432BEA] - [04/06/2017 12:10:38] - |A| - [62464] - C:\WINDOWS\system32\MsRdpWebAccess.dll
[MD5.A40C1DF535204160DAA2EDC1EB2E748A] - [04/06/2017 12:09:18] - |A| - [17920] - C:\WINDOWS\system32\msrle32.dll
[MD5.F699E46D97AB2F1F28338CB20BDA49B5] - [04/06/2017 12:09:29] - |A| - [53760] - C:\WINDOWS\system32\msscntrs.dll
[MD5.6D45DA904BFA603ECFF63E90ED00441A] - [04/06/2017 12:11:45] - |A| - [80896] - C:\WINDOWS\system32\mssecuser.dll
[MD5.5A8D96107DFCBFAF1F84FE02531E2DFA] - [04/06/2017 12:10:00] - |A| - [73728] - C:\WINDOWS\system32\mssign32.dll
[MD5.34ABDDF731CB5435BFB0213B55163F82] - [04/06/2017 12:10:00] - |A| - [10240] - C:\WINDOWS\system32\mssip32.dll
[MD5.5E5BB8ED0813E44CD34484BE5B2A9E68] - [04/06/2017 12:09:29] - |A| - [126976] - C:\WINDOWS\system32\mssitlb.dll
[MD5.CFA4156F0168890CA46D2A8FCF262C63] - [04/06/2017 12:12:58] - |A| - [863744] - C:\WINDOWS\system32\MsSpellCheckingFacility.dll
[MD5.7BC799A18035F342E7B122798E1DB61A] - [04/06/2017 12:12:58] - |A| - [73728] - C:\WINDOWS\system32\MsSpellCheckingHost.exe
[MD5.8CA09249FA62099DD2198D7DFA35FCF7] - [04/06/2017 12:09:29] - |A| - [178176] - C:\WINDOWS\system32\mssph.dll
[MD5.B4A472FDE75806C81B3BB937EE3F7561] - [04/06/2017 12:09:29] - |A| - [143872] - C:\WINDOWS\system32\mssprxy.dll
[MD5.FD66719DDDE627FEF78F6F221D4995D9] - [04/06/2017 12:09:29] - |A| - [2746880] - C:\WINDOWS\system32\mssrch.dll
[MD5.F1038126BB19C89E0C8BBF3B32C61683] - [04/06/2017 12:09:29] - |A| - [792064] - C:\WINDOWS\system32\mssvp.dll
[MD5.30222BA7B112ED2CE4238F4820B36BD9] - [04/06/2017 12:10:35] - |A| - [248320] - C:\WINDOWS\system32\mstask.dll
[MD5.B728817E719AD2C00DC825F4C12A9B91] - [04/06/2017 12:11:37] - |A| - [577024] - C:\WINDOWS\system32\msTextPrediction.dll
[MD5.654925F9AA0F8E9A28B960B0ABA1A93D] - [04/06/2017 12:10:42] - |A| - [3506688] - C:\WINDOWS\system32\mstsc.exe
[MD5.54E39E92332B5C718BD754B7D2C9BE44] - [04/06/2017 12:10:40] - |A| - [8424960] - C:\WINDOWS\system32\mstscax.dll
[MD5.DD99DCEB6FD2E9D21A1651F9DDB71F1C] - [04/06/2017 12:10:36] - |A| - [463872] - C:\WINDOWS\system32\msutb.dll
[MD5.4A66B7F6684C3488089AF1DD5A3D6973] - [04/06/2017 12:09:55] - |A| - [407376] - C:\WINDOWS\system32\msv1_0.dll
[MD5.8620BBCC6FA2A88A6971232D5D1B1DEA] - [04/06/2017 12:10:42] - |A| - [82432] - C:\WINDOWS\system32\msvcirt.dll
[MD5.3A5B287B9AAFBC33E75E90D3E7902D66] - [04/06/2017 12:09:55] - |A| - [582624] - C:\WINDOWS\system32\msvcp110_win.dll
[MD5.BB4477C9E4032FA06991FB3210B4C668] - [04/06/2017 12:12:49] - |A| - [690008] - C:\WINDOWS\system32\msvcp120_clr0400.dll
[MD5.B77A38BEBB6F28B40EDD67C0A49330AB] - [04/06/2017 12:09:57] - |A| - [604672] - C:\WINDOWS\system32\msvcp60.dll
[MD5.9FB924758CD734F698EF1471BA42785E] - [04/06/2017 12:09:58] - |A| - [622888] - C:\WINDOWS\system32\msvcp_win.dll
[MD5.B272A9D2BCCE8A11FDC6EFAA06C952AC] - [04/06/2017 12:12:46] - |A| - [19112] - C:\WINDOWS\system32\msvcr100_clr0400.dll
[MD5.99E982747B36AF703209B734D9D05263] - [04/06/2017 12:12:52] - |A| - [993632] - C:\WINDOWS\system32\msvcr120_clr0400.dll
[MD5.F969C956BA2F3EEDC0097B8C87433E17] - [04/06/2017 12:09:57] - |A| - [626576] - C:\WINDOWS\system32\msvcrt.dll
[MD5.4F45D9666E630FC5C5BFE1301B56E32B] - [04/06/2017 12:09:18] - |A| - [142848] - C:\WINDOWS\system32\msvfw32.dll
[MD5.58C079555299B7ED31DE17ECF67F7CDF] - [04/06/2017 12:09:18] - |A| - [38912] - C:\WINDOWS\system32\msvidc32.dll
[MD5.CF3B4F4BD6846A4FA02A63272F973F82] - [04/06/2017 12:10:40] - |A| - [3504640] - C:\WINDOWS\system32\MSVidCtl.dll
[MD5.03A5FD0686E3DAF075270CB4148C1E62] - [04/06/2017 12:08:52] - |A| - [702976] - C:\WINDOWS\system32\MSVideoDSP.dll
[MD5.9C26394B18A4A43C84AE03C80E004665] - [04/06/2017 12:08:52] - |A| - [1085680] - C:\WINDOWS\system32\MSVP9DEC.dll
[MD5.1A3A4A6A21500E73C1AA6FC5941A3A0E] - [04/06/2017 12:08:52] - |A| - [1002016] - C:\WINDOWS\system32\msvproc.dll
[MD5.DE4940B6BA1937563FF654529372E0E2] - [04/06/2017 12:08:52] - |A| - [1281536] - C:\WINDOWS\system32\MSVPXENC.dll
[MD5.082AB5B30D845512ACCA89928C122BD1] - [04/06/2017 12:09:21] - |A| - [255152] - C:\WINDOWS\system32\MSWB7.dll
[MD5.4C93883DBDC8DD22C11C614D10CEB718] - [04/06/2017 12:09:04] - |A| - [423424] - C:\WINDOWS\system32\mswmdm.dll
[MD5.0529B488CC0754B1309399A7D97D9CFF] - [04/06/2017 12:09:55] - |A| - [395744] - C:\WINDOWS\system32\mswsock.dll
[MD5.E0291224B4EDA33B7A76BA6DBF09BAB3] - [04/06/2017 12:10:14] - |A| - [1812480] - C:\WINDOWS\system32\msxml3.dll
[MD5.AF68804A825E8B2C0F8701F548BB8874] - [04/06/2017 12:10:14] - |A| - [2560] - C:\WINDOWS\system32\msxml3r.dll
[MD5.F4DCFEE3CC1129202BEE5BDF081D91EF] - [04/06/2017 12:09:33] - |A| - [2357312] - C:\WINDOWS\system32\msxml6.dll
[MD5.9C1DA01898B6480DD56576FBAE14DE69] - [04/06/2017 12:09:33] - |A| - [2560] - C:\WINDOWS\system32\msxml6r.dll
[MD5.4EBAF6FF272E8571241697C41714C484] - [04/06/2017 12:09:18] - |A| - [28672] - C:\WINDOWS\system32\msyuv.dll
[MD5.6490B489690758FB0064405289F5581D] - [04/06/2017 12:09:43] - |A| - [156672] - C:\WINDOWS\system32\MtcModel.dll
[MD5.8AB5DF62C645617037F73AA0D93AB5F6] - [04/06/2017 12:10:13] - |A| - [230400] - C:\WINDOWS\system32\MTF.dll
[MD5.EE9E877A215BB6C209BE2E9C19F544BB] - [04/06/2017 12:09:18] - |A| - [309248] - C:\WINDOWS\system32\MtfDecoder.dll
[MD5.AED5122667D6E3C266F97D56E8198C1C] - [04/06/2017 12:09:18] - |A| - [143872] - C:\WINDOWS\system32\MTFFuzzyDS.dll
[MD5.A9344FBC92F2579D9F134C89E26E0614] - [04/06/2017 12:10:16] - |A| - [263168] - C:\WINDOWS\system32\MTFServer.dll
[MD5.72436D3A5F56453F453110F19E80C66A] - [04/06/2017 12:09:18] - |A| - [91136] - C:\WINDOWS\system32\MTFSpellcheckDS.dll
[MD5.34BB69325B9121774254D7E1282F3D8A] - [04/06/2017 12:09:55] - |A| - [130048] - C:\WINDOWS\system32\mtstocom.exe
[MD5.804DB9AA25365A64602468C2FF1B823B] - [04/06/2017 12:09:52] - |A| - [400384] - C:\WINDOWS\system32\mtxclu.dll
[MD5.AF0F19AE1E426E6B5F6392C33DA7F322] - [04/06/2017 12:09:55] - |A| - [32256] - C:\WINDOWS\system32\mtxdm.dll
[MD5.3923A057F13ADEBB1D7EF49F97FBEFFA] - [04/06/2017 12:09:55] - |A| - [9728] - C:\WINDOWS\system32\mtxex.dll
[MD5.5C625B8F05CB35F339E0016F771F5D9A] - [04/06/2017 12:09:52] - |A| - [141824] - C:\WINDOWS\system32\mtxoci.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [19608] - C:\WINDOWS\system32\MUI
[MD5.8799126389417051028B6D7F77B98C93] - [04/06/2017 12:10:03] - |A| - [18432] - C:\WINDOWS\system32\muifontsetup.dll
[MD5.EF16686E0DB8AD05F8544559A5FF1074] - [04/06/2017 12:10:11] - |A| - [15872] - C:\WINDOWS\system32\MUILanguageCleanup.dll
[MD5.1EFD3A2BB9D2685F4E4C593D0DFB62F0] - [04/06/2017 12:09:57] - |A| - [107008] - C:\WINDOWS\system32\MuiUnattend.exe
[MD5.4466FEFA5B31C7DEB60C0BF8A3D0B39B] - [04/06/2017 12:10:35] - |A| - [53760] - C:\WINDOWS\system32\MultiDigiMon.exe
[MD5.4FABEB16A334C5DEFC14A0F37E06A492] - [04/06/2017 12:08:53] - |A| - [98816] - C:\WINDOWS\system32\musdialoghandlers.dll
[MD5.C9D4390F252D31A2814886B0AC06E1F9] - [04/06/2017 12:08:53] - |A| - [308736] - C:\WINDOWS\system32\MusNotification.exe
[MD5.ED043D1B47A1D63DE07586AD82B8BDAE] - [04/06/2017 12:08:53] - |A| - [201216] - C:\WINDOWS\system32\MusNotificationUx.exe
[MD5.A48B3A5A74E8151DA56F1CFE7A3FA0FF] - [04/06/2017 12:08:53] - |A| - [255224] - C:\WINDOWS\system32\MusNotifyIcon.exe
[MD5.1B855995511F97096011DDE0C8CE4234] - [04/06/2017 12:08:53] - |A| - [825856] - C:\WINDOWS\system32\MusUpdateHandlers.dll
[MD5.BA76C563D2DC92DB24BD94F6D8204914] - [04/06/2017 12:09:55] - |A| - [266240] - C:\WINDOWS\system32\mycomput.dll
[MD5.A2B98DF2003CAC3469E880EA3A92E128] - [04/06/2017 12:10:38] - |A| - [165888] - C:\WINDOWS\system32\mydocs.dll
[MD5.4AC4652A2093A215D944DEC5BE7299B9] - [04/06/2017 12:10:30] - |A| - [150016] - C:\WINDOWS\system32\Mystify.scr
[MD5.3B78877CD2D86A3B891C57D0995140E3] - [04/06/2017 12:10:24] - |A| - [48640] - C:\WINDOWS\system32\NAPCRYPT.DLL
[MD5.2F1F0C6E157A8DBA2BE603DE6EB19947] - [04/06/2017 12:10:42] - |A| - [67072] - C:\WINDOWS\system32\NapiNSP.dll
[MD5.6D6CA973D3B3F6A49228075D4CB3D421] - [04/06/2017 12:09:47] - |A| - [357376] - C:\WINDOWS\system32\Narrator.exe
[MD5.765423BBDF1D41C73FA4C145300D2102] - [04/06/2017 12:09:29] - |A| - [19456] - C:\WINDOWS\system32\nativemap.dll
[MD5.322D43414CAD0E0AFFE7CC2B8A65A43E] - [04/06/2017 12:10:47] - |A| - [787456] - C:\WINDOWS\system32\NaturalAuth.dll
[MD5.C387CFDAE42E7C298498944B140A60E6] - [04/06/2017 12:10:47] - |A| - [24576] - C:\WINDOWS\system32\NaturalAuthClient.dll
[MD5.BEEDB0FA7EB101FF40F12FF198B34DCF] - [04/06/2017 12:09:21] - |A| - [1041920] - C:\WINDOWS\system32\NaturalLanguage6.dll
[MD5.D57235286DC9818163B045B2DE7CC455] - [04/06/2017 12:09:29] - |A| - [38912] - C:\WINDOWS\system32\navshutdown.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [301568] - C:\WINDOWS\system32\nb-NO
[MD5.AD11E0E47A44FB720A8C3A9CA5426ECD] - [04/06/2017 12:10:27] - |A| - [20992] - C:\WINDOWS\system32\nbtstat.exe
[MD5.E24077E50FC8FAB58809055FD1D95F74] - [04/06/2017 12:10:00] - |A| - [25088] - C:\WINDOWS\system32\NcaApi.dll
[MD5.E69D6C6B0A24C592F2310CD2BE7D3F30] - [04/06/2017 12:10:00] - |A| - [169984] - C:\WINDOWS\system32\NcaSvc.dll
[MD5.CEA4D2BD6179B21DEF0E0306D6C4F2A1] - [04/06/2017 12:09:33] - |A| - [364544] - C:\WINDOWS\system32\ncbservice.dll
[MD5.4CE7816EA94A3A321BDE2B9797FB4C36] - [04/06/2017 12:10:47] - |A| - [88064] - C:\WINDOWS\system32\NcdAutoSetup.dll
[MD5.D0EF8CE26328DC103BABDCE814B4C518] - [04/06/2017 12:10:27] - |A| - [25088] - C:\WINDOWS\system32\NcdProp.dll
[MD5.EB4A8CC593A6FAF64ECD3A7A96719C6E] - [04/06/2017 12:10:11] - |A| - [45056] - C:\WINDOWS\system32\nci.dll
[MD5.CDE96D9810579062A64C04C931A227E9] - [04/06/2017 12:10:44] - |A| - [68608] - C:\WINDOWS\system32\ncobjapi.dll
[MD5.D1C5004A6065D9224843F07B9324D914] - [04/06/2017 12:10:27] - |A| - [102912] - C:\WINDOWS\system32\ncpa.cpl
[MD5.13C0998F7F14011E66A322B8622E62BC] - [04/06/2017 12:09:57] - |A| - [136928] - C:\WINDOWS\system32\ncrypt.dll
[MD5.4621115B79BAEF30DCF30FB594F9EF73] - [04/06/2017 12:09:57] - |A| - [315904] - C:\WINDOWS\system32\ncryptprov.dll
[MD5.8F418EA4B8AEDCF5ABA08B0EF59F2148] - [04/06/2017 12:09:57] - |A| - [113672] - C:\WINDOWS\system32\ncryptsslp.dll
[MD5.F762CE464195EC7AC7397F3A3C3877F0] - [04/06/2017 12:10:27] - |A| - [400384] - C:\WINDOWS\system32\ncsi.dll
[MD5.6674C1C46E98C57465374FF7F84B30BF] - [04/06/2017 12:10:24] - |A| - [26624] - C:\WINDOWS\system32\ncuprov.dll
[MD5.FFB657594FFA84D97550D6ECFD9D2D17] - [04/06/2017 12:10:24] - |A| - [65536] - C:\WINDOWS\system32\ndadmin.exe
[MD5.85643F14416979F1AE04B4FF654F10B0] - [04/06/2017 12:10:13] - |A| - [11264] - C:\WINDOWS\system32\nddeapi.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [786432] - C:\WINDOWS\system32\NDF
[MD5.B717389D1FF68F036CCDBA029C94DE8F] - [04/06/2017 12:10:40] - |A| - [301056] - C:\WINDOWS\system32\ndfapi.dll
[MD5.24C995A5DBD78C197DEF83D89287523A] - [04/06/2017 12:10:40] - |A| - [43520] - C:\WINDOWS\system32\ndfetw.dll
[MD5.86166DAA04A6C154826508304CC6D4AC] - [04/06/2017 12:10:40] - |A| - [565] - C:\WINDOWS\system32\NdfEventView.xml
[MD5.0A67AACBDC75DEBFF044C896029BDE83] - [04/06/2017 12:10:40] - |A| - [112640] - C:\WINDOWS\system32\ndfhcdiscovery.dll
[MD5.563C230123792F336A55A257AB8133CA] - [04/06/2017 12:10:40] - |A| - [93184] - C:\WINDOWS\system32\ndishc.dll
[MD5.83DC73B076CCCFF2179E13F5DFA55F3A] - [04/06/2017 12:10:40] - |A| - [32256] - C:\WINDOWS\system32\ndproxystub.dll
[MD5.7A3CBE2CC7C23FBAED3C5AEEA4D095D2] - [04/06/2017 12:09:18] - |A| - [75776] - C:\WINDOWS\system32\nduprov.dll
[MD5.85BFA806CB9DBA524A51752B681C5054] - [04/06/2017 12:09:25] - |A| - [118784] - C:\WINDOWS\system32\negoexts.dll
[MD5.45D4D026D35C7FCEC830211443EE9D2A] - [04/06/2017 12:09:34] - |A| - [56832] - C:\WINDOWS\system32\net.exe
[MD5.65EE9934BC4A3A696C2E2BFAC7A0AF16] - [04/06/2017 12:09:34] - |A| - [175104] - C:\WINDOWS\system32\net1.exe
[MD5.4AB2C9E676DBB075CD08BECEED4ED8E1] - [04/06/2017 12:09:37] - |A| - [76008] - C:\WINDOWS\system32\netapi32.dll
[MD5.BFCF5E882E36F79AAFCFE1FD9215DB69] - [04/06/2017 12:10:24] - |A| - [17920] - C:\WINDOWS\system32\netbios.dll
[MD5.ACFD87FF2A4D2ADB30FF01E4BB64A191] - [04/06/2017 12:10:27] - |A| - [25600] - C:\WINDOWS\system32\netbtugc.exe
[MD5.725CF07607ABF516F44CEB2688C9E5EA] - [04/06/2017 12:10:27] - |A| - [1209856] - C:\WINDOWS\system32\netcenter.dll
[MD5.BE53BAD2B4EA78B3439306333A3B5256] - [04/06/2017 12:10:07] - |A| - [31744] - C:\WINDOWS\system32\netcfg.exe
[MD5.37057A563682A9476E42A5B25118C9FF] - [04/06/2017 12:10:24] - |A| - [77824] - C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
[MD5.A246D2FC8FE456CB870C903FDCFE6BFF] - [04/06/2017 12:10:24] - |A| - [95568] - C:\WINDOWS\system32\netcfgx.dll
[MD5.F58F7FD43A42E9CFCEECA56294504DD5] - [04/06/2017 12:10:40] - |A| - [445952] - C:\WINDOWS\system32\netcorehc.dll
[MD5.FE8B768642D926542B3C4C0BA40257EC] - [04/06/2017 12:10:40] - |A| - [298496] - C:\WINDOWS\system32\netdiagfx.dll
[MD5.3B72EC2788C170DCE0FDE52EFB784262] - [04/06/2017 10:16:45] - |A| - [109568] - C:\WINDOWS\system32\NetDriverInstall.dll
[MD5.7E47833C7326F618E9E3ACA2DDA049BB] - [04/06/2017 12:10:13] - |A| - [20480] - C:\WINDOWS\system32\netevent.dll
[MD5.29B81DDC69AB5608365F9F383D348DF2] - [04/06/2017 12:10:41] - |A| - [45568] - C:\WINDOWS\system32\NetEvtFwdr.exe
[MD5.9D6F72A11109675BA519048BE32D244E] - [04/06/2017 12:09:04] - |A| - [40960] - C:\WINDOWS\system32\netfxperf.dll
[MD5.83FDD32B646527E7668951F8B45FDFF8] - [04/06/2017 12:09:34] - |A| - [2560] - C:\WINDOWS\system32\neth.dll
[MD5.7EC8D9238C6059EC9D1C8BEE1E7CD74E] - [04/06/2017 12:10:32] - |A| - [10752] - C:\WINDOWS\system32\NetHost.exe
[MD5.E83EF3FBC62ED4328E7380991816D2E1] - [04/06/2017 12:10:27] - |A| - [177152] - C:\WINDOWS\system32\netid.dll
[MD5.4ED1ED151562FC0457A59BAC6710BB90] - [04/06/2017 12:09:34] - |A| - [194560] - C:\WINDOWS\system32\netiohlp.dll
[MD5.12EBEA21E40E2BFBA20D67ECCAC9C866] - [04/06/2017 12:10:24] - |A| - [29696] - C:\WINDOWS\system32\netiougc.exe
[MD5.CE6673EABDBB0A2DC58350D0AB7A6B4A] - [04/06/2017 12:10:24] - |A| - [157184] - C:\WINDOWS\system32\netjoin.dll
[MD5.F914279FE61EE4DC037B7C4415BBB5E0] - [04/06/2017 12:09:55] - |A| - [826368] - C:\WINDOWS\system32\netlogon.dll
[MD5.61D2F97A186CC17B3BC3766F7135ADA6] - [04/06/2017 12:10:47] - |A| - [254976] - C:\WINDOWS\system32\netman.dll
[MD5.C668758B581D004E54797CD2374A146C] - [04/06/2017 12:09:57] - |A| - [2560] - C:\WINDOWS\system32\netmsg.dll
[MD5.E1DD00446ED6D819438E86BB0A9BE51B] - [04/06/2017 12:10:40] - |A| - [297984] - C:\WINDOWS\system32\netplwiz.dll
[MD5.00385B8264A057AA535DB2BCDF012585] - [04/06/2017 12:10:41] - |A| - [39936] - C:\WINDOWS\system32\Netplwiz.exe
[MD5.03DD24FE5E3E22D85A7E564EE97F25EC] - [04/06/2017 12:10:24] - |A| - [220160] - C:\WINDOWS\system32\netprofm.dll
[MD5.6855F33D17B45FAF80B5434A238FB9D1] - [04/06/2017 12:10:24] - |A| - [533504] - C:\WINDOWS\system32\netprofmsvc.dll
[MD5.07771EA287A754B7DFF33A22B51D25B3] - [04/06/2017 12:10:27] - |A| - [63488] - C:\WINDOWS\system32\netprovfw.dll
[MD5.B94104203FB24E3F89F8A374521FF3B1] - [04/06/2017 12:10:24] - |A| - [69120] - C:\WINDOWS\system32\netprovisionsp.dll
[MD5.9825147DC9B4C5B7BEA19A2FFA5DFBA0] - [04/06/2017 10:16:45] - |A| - [139088] - C:\WINDOWS\system32\NetSetupApi.dll
[MD5.66DEEE615A87DBADAB731F9F7E18DEF5] - [04/06/2017 10:16:45] - |A| - [766800] - C:\WINDOWS\system32\NetSetupEngine.dll
[MD5.0519A1FA99F49997ED33A1B17E775A70] - [04/06/2017 12:10:24] - |A| - [486912] - C:\WINDOWS\system32\NetSetupShim.dll
[MD5.4C93567C611C84AB78DFA635C9A7E331] - [04/06/2017 12:09:57] - |A| - [259584] - C:\WINDOWS\system32\NetSetupSvc.dll
[MD5.5C84770133C6FEA849C04014D73BCC1B] - [04/06/2017 12:09:37] - |A| - [92672] - C:\WINDOWS\system32\netsh.exe
[MD5.A3B74C64D4F731CCE0E12B67E37007E5] - [04/06/2017 12:10:27] - |A| - [2854400] - C:\WINDOWS\system32\netshell.dll
[MD5.AFC29074373992BC37CE83B426A380B0] - [04/06/2017 12:09:34] - |A| - [38912] - C:\WINDOWS\system32\NETSTAT.EXE
[MD5.70CC851F298160DD0CAE3E27ACCD65C4] - [04/06/2017 12:10:38] - |A| - [1108992] - C:\WINDOWS\system32\nettrace.dll
[MD5.C146E873B22C3B300B21A859FE66C27A] - [04/06/2017 12:10:38] - |A| - [21656] - C:\WINDOWS\system32\NetTrace.PLA.Diagnostics.xml
[MD5.021DB6845DB4DE075E7B271DE29ADF6E] - [04/06/2017 12:09:55] - |A| - [40360] - C:\WINDOWS\system32\netutils.dll
[MD5.B2DFE1B009B51B4BA7FEE37D24386E46] - [04/06/2017 12:10:27] - |A| - [335696] - C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
[MD5.7619E9DECCCA0D0EC1B527A865577FB5] - [04/06/2017 12:09:04] - |A| - [650240] - C:\WINDOWS\system32\NetworkCollectionAgent.dll
[MD5.8371898EF60DC047AEC6E3C61849CF49] - [04/06/2017 12:10:24] - |A| - [236032] - C:\WINDOWS\system32\NetworkDesktopSettings.dll
[MD5.55668FE525CB38016E3D2667673E731C] - [04/06/2017 12:10:02] - |A| - [1196544] - C:\WINDOWS\system32\networkexplorer.dll
[MD5.78061500FEBFB2326602B714F5AF72CF] - [05/06/2017 08:59:13] - |A| - [137216] - C:\WINDOWS\system32\networkhelper.dll
[MD5.126894E82B79CBC184DEF53B2F009E96] - [04/06/2017 12:10:02] - |A| - [53248] - C:\WINDOWS\system32\networkitemfactory.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [52224] - C:\WINDOWS\system32\networklist
[MD5.569613DAE7B24C198075846D3CF4F1B2] - [04/06/2017 12:09:40] - |A| - [3181568] - C:\WINDOWS\system32\NetworkMobileSettings.dll
[MD5.574D4B8E3EF015528BFB510ECF9B96AA] - [04/06/2017 12:10:07] - |A| - [50176] - C:\WINDOWS\system32\NetworkProxyCsp.dll
[MD5.FA0622ADE35F511F3DC5B4064DF80BC3] - [04/06/2017 12:10:24] - |A| - [125952] - C:\WINDOWS\system32\NetworkStatus.dll
[MD5.F7AED864AE312BDC80F51221FD06977C] - [04/06/2017 12:09:37] - |A| - [352768] - C:\WINDOWS\system32\NetworkUXBroker.dll
[MD5.2CE387BABF75A4769EE4290661A1C55E] - [04/06/2017 12:10:47] - |A| - [12288] - C:\WINDOWS\system32\netwphelper.dll
[MD5.B29575B83ED659430AB8DF57E8D3652E] - [04/06/2017 12:10:24] - |A| - [509440] - C:\WINDOWS\system32\newdev.dll
[MD5.67AD76A70228DC56893C76EC58DF269F] - [04/06/2017 12:10:24] - |A| - [68096] - C:\WINDOWS\system32\newdev.exe
[MD5.F3D331669324965F7E9137BD537EEAA6] - [04/06/2017 12:10:44] - |A| - [101376] - C:\WINDOWS\system32\NFCProvisioningPlugin.dll
[MD5.1E3A1F08AD1678CD397682B48253018C] - [04/06/2017 12:09:29] - |A| - [52736] - C:\WINDOWS\system32\NfcRadioMedia.dll
[MD5.77B42D4A9B41344EE9ED3EDDCA358D01] - [04/06/2017 12:09:25] - |A| - [662016] - C:\WINDOWS\system32\ngccredprov.dll
[MD5.1E4A883C33298B8E276FD116FB14B04F] - [04/06/2017 12:09:29] - |A| - [459264] - C:\WINDOWS\system32\NgcCtnr.dll
[MD5.3FC519BA8988E81C4635BAC437F7863F] - [04/06/2017 12:10:00] - |A| - [497152] - C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
[MD5.14E967EF5215CD035818585E915099F8] - [04/06/2017 12:09:25] - |A| - [493056] - C:\WINDOWS\system32\NgcCtnrSvc.dll
[MD5.DC5822E5C9A2822D59E44D81062DC983] - [04/06/2017 12:09:25] - |A| - [162304] - C:\WINDOWS\system32\ngckeyenum.dll
[MD5.B65BB796A59F5F57EA81321C8A3A0949] - [04/06/2017 12:09:30] - |A| - [118272] - C:\WINDOWS\system32\ngcksp.dll
[MD5.5E085FAFC1C68BD9D4484876D34B539F] - [04/06/2017 12:09:25] - |A| - [106496] - C:\WINDOWS\system32\ngcpopkeysrv.dll
[MD5.3065EAC0CCA998CB024E3D60B557C2A9] - [04/06/2017 12:09:30] - |A| - [132096] - C:\WINDOWS\system32\NgcProCsp.dll
[MD5.14DF72844182E79220EAFF151F93A088] - [04/06/2017 12:09:25] - |A| - [191488] - C:\WINDOWS\system32\ngcrecovery.dll
[MD5.DF6B6D65BBBDD5F4DC8A5FADC5CAB870] - [04/06/2017 12:09:25] - |A| - [1051648] - C:\WINDOWS\system32\ngcsvc.dll
[MD5.991CF00D1CF5B06276CE727ABC31977F] - [04/06/2017 12:10:32] - |A| - [78336] - C:\WINDOWS\system32\ngctasks.dll
[MD5.75A1E5AD5B90267DCEAF49B399C56B8B] - [04/06/2017 12:10:36] - |A| - [400896] - C:\WINDOWS\system32\ninput.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [324096] - C:\WINDOWS\system32\nl-NL
[MD5.B63CA5596E8A0A9778D4DF9F39328E17] - [04/06/2017 12:10:27] - |A| - [80384] - C:\WINDOWS\system32\nlaapi.dll
[MD5.7A94938AE72FB15C7D3172CFA3F1B491] - [04/06/2017 12:10:40] - |A| - [88576] - C:\WINDOWS\system32\nlahc.dll
[MD5.F687CC47AE457200C4C35E1B287FEAD2] - [04/06/2017 12:10:27] - |A| - [367104] - C:\WINDOWS\system32\nlasvc.dll
[MD5.3DF63AD3CFAF318036E671C59C721BF6] - [04/06/2017 12:10:33] - |A| - [192000] - C:\WINDOWS\system32\nlhtml.dll
[MD5.DFF3ED027B1E3F1943BF1C542B294F7B] - [04/06/2017 12:10:24] - |A| - [174080] - C:\WINDOWS\system32\nlmgp.dll
[MD5.157459355C93272FD10CE86C35FD4D01] - [04/06/2017 12:10:24] - |A| - [29184] - C:\WINDOWS\system32\nlmproxy.dll
[MD5.50588CB93F3511CD596CCA5C5C1414D6] - [04/06/2017 12:10:24] - |A| - [17408] - C:\WINDOWS\system32\nlmsprep.dll
[MD5.5E55E95987106E40725DE78538DB195D] - [04/06/2017 12:10:11] - |A| - [85328] - C:\WINDOWS\system32\nlsbres.dll
[MD5.D9EDBD36E314D6E700824BEDFCBC7851] - [04/06/2017 12:09:21] - |A| - [1572864] - C:\WINDOWS\system32\NlsData0000.dll
[MD5.9D0134B8187EEB6B4237C5F483FA94E3] - [04/06/2017 12:12:19] - |A| - [2352128] - C:\WINDOWS\system32\NlsData000c.dll
[MD5.071DAC74DA621A39F62E905C55473DA2] - [04/06/2017 12:10:11] - |A| - [10752] - C:\WINDOWS\system32\Nlsdl.dll
[MD5.67F74BCF4F2A7C650634474A32A078F5] - [04/06/2017 12:12:19] - |A| - [6238208] - C:\WINDOWS\system32\NlsLexicons000c.dll
[MD5.04E9D59DD6CCBEEB2B8BFB8563F92849] - [04/06/2017 12:10:32] - |A| - [504320] - C:\WINDOWS\system32\nltest.exe
[MD5.A6D874B610F2F7532CF39E8EEFED265E] - [04/06/2017 12:09:29] - |A| - [893440] - C:\WINDOWS\system32\NMAA.dll
[MD5.9006AECD60A3BDE11751C4B2FDD5F4B6] - [04/06/2017 12:09:29] - |A| - [330752] - C:\WINDOWS\system32\NmaDirect.dll
[MD5.DE78E0C57BC478D47CC2F470B68E1A45] - [04/06/2017 12:17:10] - |A| - [741] - C:\WINDOWS\system32\NOISE.DAT
[MD5.F01AFA358B64F16F9D20285F0C8E65D2] - [04/06/2017 12:10:00] - |A| - [5632] - C:\WINDOWS\system32\normaliz.dll
[MD5.597C96281C55868CDBB06E22ADAEDCA9] - [04/06/2017 12:10:00] - |A| - [80078] - C:\WINDOWS\system32\normidna.nls
[MD5.9814F3AA6D4992B2C063D01B1D45E526] - [04/06/2017 12:10:00] - |A| - [50112] - C:\WINDOWS\system32\normnfc.nls
[MD5.2288FE4F6518F8A836E1FE31E808C401] - [04/06/2017 12:10:00] - |A| - [43566] - C:\WINDOWS\system32\normnfd.nls
[MD5.BBD02FA36D24E43EF5FF51266D1B71A4] - [04/06/2017 12:10:00] - |A| - [71824] - C:\WINDOWS\system32\normnfkc.nls
[MD5.A492147939DE74E189BB270144CDA7FB] - [04/06/2017 12:10:00] - |A| - [65698] - C:\WINDOWS\system32\normnfkd.nls
[MD5.8318A68067191C8B07C22085625569A8] - [04/06/2017 12:10:24] - |A| - [246272] - C:\WINDOWS\system32\notepad.exe
[MD5.EA29DE2FA395FE1C5DAF7891F0527BA2] - [04/06/2017 12:09:43] - |A| - [915968] - C:\WINDOWS\system32\NotificationController.dll
[MD5.7B3C15A01A9E8427C24C3F61DD70E1E2] - [04/06/2017 12:09:43] - |A| - [32768] - C:\WINDOWS\system32\NotificationControllerPS.dll
[MD5.92FF6AED3C40C13C92DB7CE698FFF5AA] - [04/06/2017 12:09:30] - |A| - [321536] - C:\WINDOWS\system32\NotificationObjFactory.dll
[MD5.4DABC1DE9FEA153654E56CDA3F57CE67] - [04/06/2017 12:09:29] - |A| - [45568] - C:\WINDOWS\system32\notificationplatformcomponent.dll
[MD5.42E8D3960F457D3C7C8E8C4B2BF9746A] - [04/06/2017 12:10:24] - |A| - [39424] - C:\WINDOWS\system32\npmproxy.dll
[MD5.BAD544E420F87218AEE2866BEC57E061] - [04/06/2017 12:09:25] - |A| - [190976] - C:\WINDOWS\system32\NPSM.dll
[MD5.E449704A619DDB1AFD5A3570FCA36A98] - [04/06/2017 12:09:34] - |A| - [873472] - C:\WINDOWS\system32\NPSMDesktopProvider.dll
[MD5.72020095B0FE9F1E724E80B50904CD75] - [04/06/2017 12:09:57] - |A| - [18944] - C:\WINDOWS\system32\nrpsrv.dll
[MD5.3F1F5E6D4ED118CB16E536334E226384] - [04/06/2017 12:10:03] - |A| - [42496] - C:\WINDOWS\system32\nshhttp.dll
[MD5.17BC10B47E9246EB5F7B26BBEC636A80] - [04/06/2017 12:10:02] - |A| - [361984] - C:\WINDOWS\system32\nshipsec.dll
[MD5.DD721A11C7C37C284936AFDAB60D6353] - [04/06/2017 12:10:27] - |A| - [751616] - C:\WINDOWS\system32\nshwfp.dll
[MD5.D5CE7207CA6C5659473E69B5754B91BE] - [04/06/2017 12:09:57] - |A| - [20200] - C:\WINDOWS\system32\nsi.dll
[MD5.DF0AEEE90468BF778432B8AA642B4125] - [04/06/2017 12:09:57] - |A| - [31232] - C:\WINDOWS\system32\nsisvc.dll
[MD5.AE3B9ACCE6A0E9C9075917DD458065F8] - [04/06/2017 12:10:00] - |A| - [86016] - C:\WINDOWS\system32\nslookup.exe
[MD5.E3558BCF36369AFD2F2883DB971D3012] - [04/06/2017 12:09:57] - |A| - [216904] - C:\WINDOWS\system32\ntasn1.dll
[MD5.D330561413F9AC06C18295D892E00443] - [04/06/2017 12:09:57] - |A| - [1929184] - C:\WINDOWS\system32\ntdll.dll
[MD5.B4E8FE127699815D460BFD3200980D04] - [04/06/2017 12:09:37] - |A| - [146944] - C:\WINDOWS\system32\ntdsapi.dll
[MD5.38335C949B95D4DD20D286CABEAB5CF6] - [04/06/2017 12:10:00] - |A| - [69120] - C:\WINDOWS\system32\ntlanman.dll
[MD5.09926D54214820659D576FC5EC10F704] - [04/06/2017 12:10:32] - |A| - [19968] - C:\WINDOWS\system32\ntlanui2.dll
[MD5.449E990E617B3B963704423E8BA7A0D1] - [04/06/2017 12:09:55] - |A| - [34712] - C:\WINDOWS\system32\NtlmShared.dll
[MD5.6955B92D495D1878A4FCF88D32A5F7DD] - [04/06/2017 12:09:57] - |A| - [183408] - C:\WINDOWS\system32\ntmarta.dll
[MD5.1FD6A35B0325731799713B926B0572E0] - [04/06/2017 12:09:57] - |A| - [8532816] - C:\WINDOWS\system32\ntoskrnl.exe
[MD5.26F2DB13A1B9C4059DD0BAE5976C11FD] - [04/06/2017 12:10:27] - |A| - [355328] - C:\WINDOWS\system32\ntprint.dll
[MD5.EAA1B09A824F83DA1353ACDCFA0C9213] - [04/06/2017 12:10:27] - |A| - [64000] - C:\WINDOWS\system32\ntprint.exe
[MD5.8A7576BCB2A0234F61868D3797EEAEFF] - [04/06/2017 12:10:32] - |A| - [865792] - C:\WINDOWS\system32\ntshrui.dll
[MD5.014DAF85E1AC0A976C827275C3D40086] - [04/06/2017 12:09:21] - |A| - [18944] - C:\WINDOWS\system32\ntvdm64.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |SD| - [3872256] - C:\WINDOWS\system32\Nui
[MD5.C4CBB47D27233EAACA05B0485D07116B] - [04/06/2017 12:09:49] - |A| - [675328] - C:\WINDOWS\system32\objsel.dll
[MD5.EB8E374CD3B0B090C029417907392231] - [04/06/2017 12:09:04] - |A| - [147968] - C:\WINDOWS\system32\occache.dll
[MD5.1EE9078975B5843E56ED4379CA1F4476] - [04/06/2017 12:09:52] - |A| - [165888] - C:\WINDOWS\system32\ocsetapi.dll
[MD5.3DB9A7937EA54B4B7BF89505816A3102] - [04/06/2017 12:10:16] - |A| - [714240] - C:\WINDOWS\system32\odbc32.dll
[MD5.1A6146C634C99C59B30C08754DE4F111] - [04/06/2017 12:10:13] - |A| - [73728] - C:\WINDOWS\system32\odbcad32.exe
[MD5.0829D207CA2CEEEBF77AD0F25F5C90B4] - [04/06/2017 12:10:13] - |A| - [48640] - C:\WINDOWS\system32\odbcbcp.dll
[MD5.E561A7C2F888E3A5C7DA3DBDA33C593A] - [04/06/2017 12:10:16] - |A| - [28160] - C:\WINDOWS\system32\odbcconf.dll
[MD5.8D8CFCB95DCAAD40EF39FA460FBB83CF] - [04/06/2017 12:10:16] - |A| - [25600] - C:\WINDOWS\system32\odbcconf.exe
[MD5.5D27362AF3BCAA75A418F5416A35934E] - [04/06/2017 12:10:16] - |A| - [263] - C:\WINDOWS\system32\odbcconf.rsp
[MD5.C5DEB8BE21B3DFB3131C4F623534EC24] - [04/06/2017 12:10:13] - |A| - [128000] - C:\WINDOWS\system32\odbccp32.dll
[MD5.7E027C006B695F45112197D04323FDED] - [04/06/2017 12:10:15] - |A| - [86528] - C:\WINDOWS\system32\odbccr32.dll
[MD5.FE9F3C974E45D086544D007AFFAFA52E] - [04/06/2017 12:10:14] - |A| - [87552] - C:\WINDOWS\system32\odbccu32.dll
[MD5.5FBDA20065455E611240C52A82C6C4E8] - [04/06/2017 12:10:16] - |A| - [225280] - C:\WINDOWS\system32\odbcint.dll
[MD5.917161DB889D865CE04F38DDE0475A3C] - [04/06/2017 12:10:13] - |A| - [163840] - C:\WINDOWS\system32\odbctrac.dll
[MD5.C5F066C17D01CD3E825768CC2CE19080] - [04/06/2017 12:17:10] - |A| - [16078] - C:\WINDOWS\system32\OEMDefaultAssociations.xml
[MD5.369B822337F3BDFB26015276AA7C8AFD] - [04/06/2017 12:09:21] - |A| - [129536] - C:\WINDOWS\system32\oemlicense.dll
[MD5.D002B1DEF581720B0205CF65E11536C1] - [04/06/2017 12:10:46] - |A| - [86016] - C:\WINDOWS\system32\ofdeploy.exe
[MD5.E74937DF620FA54773EFAE9BC0399418] - [04/06/2017 12:10:32] - |A| - [265728] - C:\WINDOWS\system32\offfilt.dll
[MD5.C004CAA78679C047DD41062B286ACF18] - [04/06/2017 12:10:46] - |A| - [123904] - C:\WINDOWS\system32\officecsp.dll
[MD5.8A04FB7779FCBAD87FD0E7AA35CBAADC] - [04/06/2017 12:09:55] - |A| - [123728] - C:\WINDOWS\system32\offlinelsa.dll
[MD5.57083073A3CC3364FFE99E871BA745A1] - [04/06/2017 12:09:57] - |A| - [245072] - C:\WINDOWS\system32\offlinesam.dll
[MD5.4BFD5C8177693222EBEE8240C23AB6A8] - [04/06/2017 12:10:32] - |A| - [78848] - C:\WINDOWS\system32\offreg.dll
[MD5.1FD6AAB26F51E29793CDD141FC87E0A4] - [04/06/2017 12:10:47] - |A| - [45568] - C:\WINDOWS\system32\oflc-nz.rs
[MD5.F3DC097E834C1A11F2BEDFD429C644A9] - [04/06/2017 12:08:53] - |A| - [423] - C:\WINDOWS\system32\OkDone_80.contrast-black.png
[MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - [04/06/2017 12:08:53] - |A| - [438] - C:\WINDOWS\system32\OkDone_80.contrast-white.png
[MD5.F3DC097E834C1A11F2BEDFD429C644A9] - [04/06/2017 12:08:53] - |A| - [423] - C:\WINDOWS\system32\OkDone_80.png
[MD5.12952DD9E7F62AD01ABE63D5E6E84BD0] - [04/06/2017 12:09:54] - |A| - [1330056] - C:\WINDOWS\system32\ole32.dll
[MD5.DA342FA7D7A76CE243F05B2DD2784D8A] - [04/06/2017 12:10:24] - |A| - [417280] - C:\WINDOWS\system32\oleacc.dll
[MD5.E787A06E2BEDCC938466ED6B54E9E548] - [04/06/2017 12:10:24] - |A| - [12800] - C:\WINDOWS\system32\oleacchooks.dll
[MD5.2D5C7B15F90455EC9E0009A9ADE67443] - [04/06/2017 12:10:24] - |A| - [4608] - C:\WINDOWS\system32\oleaccrc.dll
[MD5.A129175B20CC49E5C755CCD1B51CFD11] - [04/06/2017 12:09:57] - |A| - [786168] - C:\WINDOWS\system32\oleaut32.dll
[MD5.0014E7153CA64BAEF35F45EF17B83742] - [04/06/2017 12:09:54] - |A| - [164864] - C:\WINDOWS\system32\oledlg.dll
[MD5.461734CEC12F6DAC9EF0932B48A64852] - [04/06/2017 12:10:47] - |A| - [141824] - C:\WINDOWS\system32\oleprn.dll
[MD5.0DA928003D4D062B5D2422D5DC004078] - [04/06/2017 12:10:47] - |A| - [205312] - C:\WINDOWS\system32\OmaDmAgent.dll
[MD5.3AB52741A6DA347A605B389507087931] - [04/06/2017 12:09:34] - |A| - [148264] - C:\WINDOWS\system32\omadmapi.dll
[MD5.A3338F2DD5D5341D2CE7DAF467F3052A] - [04/06/2017 12:09:34] - |A| - [301568] - C:\WINDOWS\system32\omadmclient.exe
[MD5.CF421814937289521EEBA4C1EADED22F] - [04/06/2017 12:09:34] - |A| - [61440] - C:\WINDOWS\system32\omadmprc.exe
[MD5.5CE0F64EFDC0968F3840C91143E741DB] - [04/06/2017 12:09:34] - |A| - [48640] - C:\WINDOWS\system32\OnDemandBrokerClient.dll
[MD5.CA739A8974087C6A377D98EDF2C81E95] - [04/06/2017 12:09:21] - |A| - [69120] - C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
[MD5.BFC801F916CBAB79F1A71C9187A88311] - [04/06/2017 12:10:49] - |A| - [365056] - C:\WINDOWS\system32\OneBackupHandler.dll
[MD5.4E37C2B69DFDF894B915752FC6FCCA82] - [04/06/2017 12:09:57] - |A| - [421888] - C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
[MD5.C8765363D8FA4D117F190DD192C20924] - [04/06/2017 12:09:24] - |A| - [5939792] - C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
[MD5.8F15EF2E01293C5A7ADF91B7FBD4B803] - [04/06/2017 12:09:21] - |A| - [647168] - C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
[MD5.6C2617405B941B77CF4456F068729650] - [04/06/2017 12:10:50] - |A| - [237568] - C:\WINDOWS\system32\onex.dll
[MD5.1D3ED6D537C3CF377FD9EF99640EE7C5] - [04/06/2017 12:10:02] - |A| - [1080320] - C:\WINDOWS\system32\onexui.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [13772934] - C:\WINDOWS\system32\oobe
[MD5.68EB3A4346E9124FB3570BB13DE3025C] - [04/06/2017 12:10:36] - |A| - [631296] - C:\WINDOWS\system32\OobeFldr.dll
[MD5.AA7A0917837B987B1E67A8532293915C] - [04/06/2017 12:10:29] - |A| - [2160640] - C:\WINDOWS\system32\OpcServices.dll
[MD5.2D7AB7B34BA4B4FF55822CE41B1D458C] - [12/06/2017 10:58:45] - |A| - [513144] - C:\WINDOWS\system32\OpenCL.dll
[MD5.56AF06185BB5B96879088F226D919401] - [04/06/2017 12:09:54] - |A| - [71680] - C:\WINDOWS\system32\openfiles.exe
[MD5.DCC2B2C15C847C563666522D2EBB7417] - [04/06/2017 12:10:24] - |A| - [1034752] - C:\WINDOWS\system32\opengl32.dll
[MD5.15F37AA4EAC163CFABA486D7AFC1E885] - [04/06/2017 12:10:32] - |A| - [107456] - C:\WINDOWS\system32\OpenWith.exe
[MD5.89DD3C55191523076D6B6E2E0A4C638D] - [04/06/2017 12:10:27] - |A| - [111104] - C:\WINDOWS\system32\OptionalFeatures.exe
[MD5.B7009CEDF6CBFE055633B3266A7E5B9E] - [04/06/2017 12:09:09] - |A| - [893072] - C:\WINDOWS\system32\ortcengine.dll
[MD5.B10CD6235125364C87C2D2F05463D8DD] - [04/06/2017 12:10:36] - |A| - [26112] - C:\WINDOWS\system32\osbaseln.dll
[MD5.D4750E5AAA64628E643B9514A9D53C3D] - [04/06/2017 12:09:43] - |A| - [612352] - C:\WINDOWS\system32\osk.exe
[MD5.C99EE852A860794959C5FE5FBB8A23AE] - [04/06/2017 12:09:49] - |A| - [10240] - C:\WINDOWS\system32\OskSupport.dll
[MD5.68A01E4DC75194EE2F2A3F24AF425511] - [04/06/2017 12:10:44] - |A| - [9728] - C:\WINDOWS\system32\osuninst.dll
[MD5.459FB33AA2114A28C5932FEAA115B072] - [04/06/2017 12:09:18] - |A| - [46920] - C:\WINDOWS\system32\OutdoorAudioEnvironment.bin
[MD5.551E280BDEF14BD0529DE8EB10D61D09] - [04/06/2017 12:09:07] - |A| - [210944] - C:\WINDOWS\system32\P2P.dll
[MD5.D01DF10A295AB55F46B2CB371226768B] - [04/06/2017 12:09:08] - |A| - [421888] - C:\WINDOWS\system32\P2PGraph.dll
[MD5.99B2AABB6D220CCBE0106649A48198A0] - [04/06/2017 12:09:08] - |A| - [202752] - C:\WINDOWS\system32\p2pnetsh.dll
[MD5.4AE9EF0D4351556A51FDABD8FCF943F4] - [04/06/2017 12:09:08] - |A| - [423424] - C:\WINDOWS\system32\p2psvc.dll
[MD5.83EE094BFB671EE5CDF6C5809BD90323] - [04/06/2017 12:09:37] - |A| - [37376] - C:\WINDOWS\system32\PackagedCWALauncher.exe
[MD5.03A14656B8170523877573096EB546C8] - [04/06/2017 12:11:53] - |A| - [87552] - C:\WINDOWS\system32\PackageInspector.exe
[MD5.69AD1B252056EB2E9E68316CA5BDA499] - [04/06/2017 12:10:00] - |A| - [91648] - C:\WINDOWS\system32\packager.dll
[MD5.A10325A1ED29E9442B882D976F0D2905] - [04/06/2017 12:09:25] - |A| - [212480] - C:\WINDOWS\system32\PackageStateRoaming.dll
[MD5.F532D007BBE787812C3267ED702D0E28] - [04/06/2017 12:10:50] - |A| - [14848] - C:\WINDOWS\system32\panmap.dll
[MD5.9BA758E37D74D7A0249AACFFF5B5815C] - [04/06/2017 12:10:40] - |A| - [39808] - C:\WINDOWS\system32\PasswordOnWakeSettingFlyout.exe
[MD5.D178B7116618CFC8B2F30AE302E9464D] - [04/06/2017 12:09:34] - |A| - [19456] - C:\WINDOWS\system32\PATHPING.EXE
[MD5.145793492FD0A143E63D2CFB8EEAC61C] - [04/06/2017 12:10:00] - |A| - [63488] - C:\WINDOWS\system32\pautoenr.dll
[MD5.A9FB6FDD537D6C5F7D57180E5255944E] - [04/06/2017 12:09:29] - |A| - [24064] - C:\WINDOWS\system32\PaymentMediatorServiceProxy.dll
[MD5.EDEE68AD52730D5EE7EEB714079D25F5] - [04/06/2017 12:09:47] - |A| - [51200] - C:\WINDOWS\system32\pcacli.dll
[MD5.CD934B6B7D5DBF9AB48476C2A55C63BD] - [04/06/2017 12:09:43] - |A| - [50176] - C:\WINDOWS\system32\pcadm.dll
[MD5.BC36DC4EFC3A957D33913ABC25D29A1A] - [04/06/2017 12:09:43] - |A| - [12800] - C:\WINDOWS\system32\pcaevts.dll
[MD5.6EC6140E609EFEA48074A5977A7EEBA3] - [04/06/2017 12:09:43] - |A| - [32768] - C:\WINDOWS\system32\pcalua.exe
[MD5.AF10FE105013552C9356A6D504DDC039] - [04/06/2017 12:09:43] - |A| - [536912] - C:\WINDOWS\system32\pcasvc.dll
[MD5.1E9B5A40EBEF88874018E3894280CB8D] - [04/06/2017 12:09:47] - |A| - [75264] - C:\WINDOWS\system32\pcaui.dll
[MD5.483F874AC0D23557D482859925C76D30] - [04/06/2017 12:09:43] - |A| - [52224] - C:\WINDOWS\system32\pcaui.exe
[MD5.B317344DAB2AF2EA4D136C7451EB40C8] - [04/06/2017 12:10:47] - |A| - [15360] - C:\WINDOWS\system32\pcbp.rs
[MD5.66D58077CC739E4B8166E33AB0BA4639] - [04/06/2017 12:10:29] - |A| - [150] - C:\WINDOWS\system32\pcl.sep
[MD5.67B5E2C4A9040EC41B89484AF4402C20] - [04/06/2017 12:10:47] - |A| - [766464] - C:\WINDOWS\system32\PCPKsp.dll
[MD5.8BCDE9BFDF667F4F5FA256FDF2290CB2] - [04/06/2017 12:09:40] - |A| - [12800] - C:\WINDOWS\system32\PCShellCommonProxyStub.dll
[MD5.2DAEE897287D061BFFDC2EDA0A277335] - [04/06/2017 12:10:42] - |A| - [377344] - C:\WINDOWS\system32\pcsvDevice.dll
[MD5.DB610D600C8DB87F2EE56DA8D121EAB1] - [04/06/2017 12:10:41] - |A| - [15872] - C:\WINDOWS\system32\pcwrun.exe
[MD5.427D3BB2D2319395EE1312213F788A9F] - [04/06/2017 12:09:55] - |A| - [22808] - C:\WINDOWS\system32\pcwum.dll
[MD5.47A01BF28C34204171403E1D002489D0] - [04/06/2017 12:10:41] - |A| - [108032] - C:\WINDOWS\system32\pcwutl.dll
[MD5.D9FD349DF5F06BEC19E6A6252E453832] - [04/06/2017 12:10:00] - |A| - [298496] - C:\WINDOWS\system32\pdh.dll
[MD5.D392AE075CABB11DC2C2A30BD0FB449D] - [04/06/2017 12:10:24] - |A| - [55808] - C:\WINDOWS\system32\pdhui.dll
[MD5.9CFAD8E33D8A2461CCFE450CC280CAB6] - [04/06/2017 12:11:49] - |A| - [222720] - C:\WINDOWS\system32\PeerDist.dll
[MD5.C78538D99C7F64BB2402B6661153FD6E] - [04/06/2017 12:11:49] - |A| - [40960] - C:\WINDOWS\system32\PeerDistAD.dll
[MD5.0A69723D00E3E77DCDF1FEF60BC085AF] - [04/06/2017 12:11:49] - |A| - [718336] - C:\WINDOWS\system32\PeerDistCacheProvider.dll
[MD5.00854ABA133A727D8B123D8B048D61B9] - [04/06/2017 12:11:49] - |A| - [220160] - C:\WINDOWS\system32\PeerDistCleaner.dll
[MD5.78DDB7580CD369E5CA200C2D827EFF9F] - [04/06/2017 12:11:49] - |A| - [56320] - C:\WINDOWS\system32\PeerDistHttpTrans.dll
[MD5.B7908B6CF7BDAFFA3DE4F4008ACFF032] - [04/06/2017 12:11:49] - |A| - [417280] - C:\WINDOWS\system32\PeerDistSh.dll
[MD5.57E012B06DA00A01CEE63731DA2DB8E9] - [04/06/2017 12:11:49] - |A| - [1957888] - C:\WINDOWS\system32\PeerDistSvc.dll
[MD5.CF13C268633F16186EB91AED6296C0CC] - [04/06/2017 12:11:49] - |A| - [180736] - C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
[MD5.37E9C75022A9110CFC9BF11C600BDD15] - [04/06/2017 12:10:47] - |A| - [20992] - C:\WINDOWS\system32\pegi-pt.rs
[MD5.626E1FABED27EEF8847B97776F2E0EB8] - [04/06/2017 12:10:47] - |A| - [20480] - C:\WINDOWS\system32\pegi.rs
[MD5.B67F6FF5FC7FEA2E3230C77C8BE96824] - [04/06/2017 12:09:33] - |A| - [121856] - C:\WINDOWS\system32\PeopleAPIs.dll
[MD5.BCADF3C38F34FEDD94EEE3FBA63A05EC] - [04/06/2017 12:09:37] - |A| - [218624] - C:\WINDOWS\system32\PeopleBand.dll
[MD5.ABBED25FF19BD122CD91B957B571F830] - [04/06/2017 12:09:18] - |A| - [15872] - C:\WINDOWS\system32\PerceptionSimulation.ProxyStubs.dll
[MD5.1F2BC4D6CBBF0E384F61C79454AC3AFC] - [04/06/2017 12:09:18] - |A| - [500736] - C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
[MD5.3AC4353474EAFDA1639605BE671BD3EC] - [04/06/2017 12:18:32] - |A| - [200942] - C:\WINDOWS\system32\perfc009.dat
[MD5.6BDE8549B73DB46A4DD95DC4DD8302EB] - [05/06/2017 08:57:48] - |A| - [229136] - C:\WINDOWS\system32\perfc00C.dat
[MD5.9DA0292DE070456633D9DFBDF8D3DF83] - [04/06/2017 12:10:00] - |A| - [46592] - C:\WINDOWS\system32\perfctrs.dll
[MD5.1E60BC5E525063B96078DF17FBD3C4E1] - [04/06/2017 12:18:32] - |A| - [33424] - C:\WINDOWS\system32\perfd009.dat
[MD5.9F9AF8517189B0D61B2615007E071084] - [05/06/2017 08:57:48] - |A| - [40694] - C:\WINDOWS\system32\perfd00C.dat
[MD5.DC191CEB22661DAFE26A00B65FCCF64D] - [04/06/2017 12:10:00] - |A| - [40960] - C:\WINDOWS\system32\perfdisk.dll
[MD5.BA85BF63A9EA4C1C796FB456A5B1C40B] - [04/06/2017 12:18:32] - |A| - [840850] - C:\WINDOWS\system32\perfh009.dat
[MD5.8BB65B2BB4A9C595B2F9C7BB5A3B24DC] - [05/06/2017 08:57:48] - |A| - [1038456] - C:\WINDOWS\system32\perfh00C.dat
[MD5.56C3B96DD714B0DA77C0B9FB0D392C86] - [04/06/2017 12:18:32] - |A| - [297062] - C:\WINDOWS\system32\perfi009.dat
[MD5.9A780B14EEAFA8B9A2409F02BF9D9AF0] - [05/06/2017 08:57:48] - |A| - [351124] - C:\WINDOWS\system32\perfi00C.dat
[MD5.07039C3B68663B6B2CD3667F51CA5682] - [04/06/2017 12:10:24] - |A| - [175616] - C:\WINDOWS\system32\perfmon.exe
[MD5.9BE46DD971FBA66D84567679D3D414EC] - [04/06/2017 12:10:24] - |A| - [145519] - C:\WINDOWS\system32\perfmon.msc
[MD5.3435593D13CF080649A56C5378861E65] - [04/06/2017 12:10:00] - |A| - [25088] - C:\WINDOWS\system32\perfnet.dll
[MD5.62546A490857644B7FF8BE5C440C3115] - [04/06/2017 12:10:00] - |A| - [40448] - C:\WINDOWS\system32\perfos.dll
[MD5.D29A2EDF3893BD06D10ABD4FDEC20C90] - [04/06/2017 12:10:00] - |A| - [40448] - C:\WINDOWS\system32\perfproc.dll
[MD5.7492711432D4686C43C63D77A62EFDE6] - [12/06/2017 11:00:42] - |A| - [2313080] - C:\WINDOWS\system32\PerfStringBackup.INI
[MD5.256F5B8D8E301A9C4457208C25AD1947] - [04/06/2017 12:09:17] - |A| - [82944] - C:\WINDOWS\system32\perftrack.dll
[MD5.07BEBA90062C151371689F5B8ABAA5C7] - [04/06/2017 12:10:38] - |A| - [16384] - C:\WINDOWS\system32\perfts.dll
[MD5.641E7814A3257934847FC0A848159DBF] - [11/06/2017 03:12:29] - |A| - [349696] - C:\WINDOWS\system32\perf_gputiming.dll
[MD5.F927DEBC5EB40ACC6FC1F19CF974E272] - [04/06/2017 12:09:42] - |A| - [81920] - C:\WINDOWS\system32\PersonalizationCSP.dll
[MD5.0A8D2DEE64F80844BB97583C1B381E9D] - [04/06/2017 12:10:32] - |A| - [203264] - C:\WINDOWS\system32\PersonaX.dll
[MD5.13CAFD0BC555D9E5EDF4E101AB83B5D4] - [04/06/2017 12:10:36] - |A| - [104864] - C:\WINDOWS\system32\phoneactivate.exe
[MD5.5CCC26D46C7C3EDEAEC65D1C48881EC7] - [04/06/2017 12:09:33] - |A| - [240640] - C:\WINDOWS\system32\PhoneCallHistoryApis.dll
[MD5.08A1BB5438EA573C1A7A19A61DE7581F] - [04/06/2017 12:09:42] - |A| - [495104] - C:\WINDOWS\system32\PhoneDataSync.dll
[MD5.8CD7466CFA03FA203FE270704E89D56B] - [04/06/2017 12:09:37] - |A| - [382976] - C:\WINDOWS\system32\PhoneOm.dll
[MD5.B50A0333D2135CA3FDFED1A0BD082472] - [04/06/2017 12:09:43] - |A| - [68608] - C:\WINDOWS\system32\PhonePlatformAbstraction.dll
[MD5.4FEAC106246603D471E69F7B5831C89B] - [04/06/2017 12:09:37] - |A| - [742400] - C:\WINDOWS\system32\PhoneProviders.dll
[MD5.340C01B46C3611FD398BC499CC22152C] - [04/06/2017 12:09:39] - |A| - [782336] - C:\WINDOWS\system32\PhoneService.dll
[MD5.E62F5D941919E50CF5A8C7B3BAC9168A] - [04/06/2017 12:09:39] - |A| - [2560] - C:\WINDOWS\system32\PhoneServiceRes.dll
[MD5.A99596E8B0988A0320C8DC44B69D4E9D] - [04/06/2017 12:09:34] - |A| - [315904] - C:\WINDOWS\system32\Phoneutil.dll
[MD5.369938372C8F99AC146FED9D154B9242] - [04/06/2017 12:09:34] - |A| - [2560] - C:\WINDOWS\system32\PhoneutilRes.dll
[MD5.589A19172395732A583D1FA98C057F5A] - [04/06/2017 12:09:29] - |A| - [422400] - C:\WINDOWS\system32\PhotoMetadataHandler.dll
[MD5.D5A26CB57C9A105DCECC5E879153A1BD] - [04/06/2017 12:09:08] - |A| - [570368] - C:\WINDOWS\system32\PhotoScreensaver.scr
[MD5.6E86E158F069BB22FD08A646DDB20717] - [04/06/2017 12:09:08] - |A| - [337408] - C:\WINDOWS\system32\photowiz.dll
[MD5.A620EF096ED7B1B52ACACE6BD2A76E21] - [04/06/2017 12:09:21] - |A| - [99160] - C:\WINDOWS\system32\PickerHost.exe
[MD5.85D8C6DB8FE0FB3316825A38DAA82031] - [04/06/2017 12:09:43] - |A| - [350208] - C:\WINDOWS\system32\PickerPlatform.dll
[MD5.FAA654A095F53DFEB7471416FE1FC25F] - [04/06/2017 12:10:02] - |A| - [45056] - C:\WINDOWS\system32\pid.dll
[MD5.9B6F6A882A16DD729533F955A4D93AF6] - [04/06/2017 12:10:36] - |A| - [1034064] - C:\WINDOWS\system32\pidgenx.dll
[MD5.4B207D7E07FD5EC03177F78D59D0DBDC] - [04/06/2017 12:10:32] - |A| - [35840] - C:\WINDOWS\system32\pifmgr.dll
[MD5.D767331A9ECD76398171475D3C79ABD0] - [04/06/2017 12:09:34] - |A| - [187904] - C:\WINDOWS\system32\PimIndexMaintenance.dll
[MD5.9BFDE484F3283F4596EE62C15DDD4731] - [04/06/2017 12:09:34] - |A| - [62976] - C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
[MD5.4B5D8B8E0DD07CDE8B03408E6C255A08] - [04/06/2017 12:09:34] - |A| - [1100800] - C:\WINDOWS\system32\Pimstore.dll
[MD5.3BEC35059B2B35BF935739B653162D85] - [04/06/2017 12:10:47] - |A| - [172544] - C:\WINDOWS\system32\PinEnrollmentHelper.dll
[MD5.6B032392EBB4D3E5AAE6F3AE3FEFB669] - [04/06/2017 12:09:37] - |A| - [21504] - C:\WINDOWS\system32\PING.EXE
[MD5.D56CFD5B63959F165692C53A0E841B3D] - [04/06/2017 10:16:45] - |A| - [206848] - C:\WINDOWS\system32\PkgMgr.exe
[MD5.7473B2B8B32EE11230A6B7703268ED15] - [04/06/2017 12:10:32] - |A| - [234496] - C:\WINDOWS\system32\pku2u.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [322560] - C:\WINDOWS\system32\pl-PL
[MD5.46D756C1811439252730FB236F6E7D56] - [04/06/2017 12:10:42] - |A| - [1461760] - C:\WINDOWS\system32\pla.dll
[MD5.D642583DDAC49007D8F25AF1FA1A0E07] - [04/06/2017 12:10:42] - |A| - [10752] - C:\WINDOWS\system32\plasrv.exe
[MD5.4CD44C69BFBE0F093C3BE380C929FA9B] - [04/06/2017 12:10:32] - |A| - [77312] - C:\WINDOWS\system32\playlistfolder.dll
[MD5.4B670A63C638F5E73F01825F337B2CEE] - [04/06/2017 12:09:18] - |A| - [88064] - C:\WINDOWS\system32\PlaySndSrv.dll
[MD5.FDF74D5F5AE3A5ABBBEE73CCA2F5A717] - [04/06/2017 12:09:52] - |A| - [390656] - C:\WINDOWS\system32\PlayToDevice.dll
[MD5.5A28ED65E659A43FFF4F87FD59312E10] - [04/06/2017 12:09:54] - |A| - [563712] - C:\WINDOWS\system32\PlayToManager.dll
[MD5.C24F84AF7776127D3954F6C3D0636AAE] - [04/06/2017 12:09:52] - |A| - [156160] - C:\WINDOWS\system32\playtomenu.dll
[MD5.210335D8AA3A5517356A486B5D0191A9] - [04/06/2017 12:09:04] - |A| - [277504] - C:\WINDOWS\system32\PlayToReceiver.dll
[MD5.8FB35E2672ADDA226779ACDF09E80834] - [04/06/2017 12:10:02] - |A| - [36864] - C:\WINDOWS\system32\PlayToStatusProvider.dll
[MD5.6737084D96EA265919C12EA96A7648F5] - [04/06/2017 12:10:47] - |A| - [58704] - C:\WINDOWS\system32\ploptin.dll
[MD5.D34672AC2D7D7BC3C010BA4B886E4927] - [04/06/2017 12:11:52] - |A| - [804864] - C:\WINDOWS\system32\pmcsnap.dll
[MD5.5A747310CDAED2804FC6B4ADA6822F40] - [04/06/2017 12:09:03] - |A| - [61440] - C:\WINDOWS\system32\pngfilt.dll
[MD5.C4A5790F3DB34BE7F0429F084BB8B3FF] - [04/06/2017 12:10:24] - |A| - [2119168] - C:\WINDOWS\system32\pnidui.dll
[MD5.F86B636B5DEAA543C807DFBDD429DE03] - [04/06/2017 12:10:24] - |A| - [127488] - C:\WINDOWS\system32\pnpclean.dll
[MD5.21BA8D61F68B0D075AFF571637ED104D] - [04/06/2017 12:10:27] - |A| - [51712] - C:\WINDOWS\system32\pnppolicy.dll
[MD5.1B8E3B56557095FDD84236F509B4EFD4] - [04/06/2017 12:10:38] - |A| - [15360] - C:\WINDOWS\system32\pnpts.dll
[MD5.6014280C67BA8AFDE3D12003394CF26A] - [04/06/2017 12:10:24] - |A| - [39936] - C:\WINDOWS\system32\pnpui.dll
[MD5.10B0D1EF9C93061B2FA001D14F29505C] - [04/06/2017 12:10:27] - |A| - [56320] - C:\WINDOWS\system32\PnPUnattend.exe
[MD5.136BA0A57D5974451E35374D009B0DCD] - [04/06/2017 12:10:24] - |A| - [231424] - C:\WINDOWS\system32\pnputil.exe
[MD5.9AA7C269040C78F69B97A04B36E78E9B] - [04/06/2017 12:10:24] - |A| - [109056] - C:\WINDOWS\system32\PNPXAssoc.dll
[MD5.0CD80E09A36F86E28ED9A530B7289435] - [04/06/2017 12:10:24] - |A| - [57344] - C:\WINDOWS\system32\PNPXAssocPrx.dll
[MD5.D4FC3FAB1B3A56671FAADA79D442C356] - [04/06/2017 12:09:08] - |A| - [26624] - C:\WINDOWS\system32\pnrpauto.dll
[MD5.ECDB724807E5A4EC139D9603FD78893E] - [04/06/2017 12:09:07] - |A| - [79872] - C:\WINDOWS\system32\Pnrphc.dll
[MD5.B363250656E3F830ED322C0AF355FE2A] - [04/06/2017 12:09:07] - |A| - [84480] - C:\WINDOWS\system32\pnrpnsp.dll
[MD5.75E732B3A645020F42D58CE307F91612] - [04/06/2017 12:09:07] - |A| - [341504] - C:\WINDOWS\system32\pnrpsvc.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [673280] - C:\WINDOWS\system32\PointOfService
[MD5.5E933C6DF26AD196F266AEE6AA4C9765] - [04/06/2017 12:09:37] - |A| - [479848] - C:\WINDOWS\system32\policymanager.dll
[MD5.560F8384DD23919C16B9528ED770CC64] - [04/06/2017 12:09:37] - |A| - [137728] - C:\WINDOWS\system32\policymanagerprecheck.dll
[MD5.B56386EE243992B4D4DF8063D0211936] - [04/06/2017 12:10:06] - |A| - [327168] - C:\WINDOWS\system32\polstore.dll
[MD5.D1D231774E2927E46AE411B2BBB38F99] - [04/06/2017 10:16:47] - |A| - [141312] - C:\WINDOWS\system32\poqexec.exe
[MD5.613677E73BEA0E74F94093DD372CBF31] - [04/06/2017 12:09:08] - |A| - [638976] - C:\WINDOWS\system32\PortableDeviceApi.dll
[MD5.75144FC2AB918F953406C01108917699] - [04/06/2017 12:09:08] - |A| - [125440] - C:\WINDOWS\system32\PortableDeviceClassExtension.dll
[MD5.28322EE872E58E01708FAEB0CCC334E3] - [04/06/2017 12:09:08] - |A| - [68608] - C:\WINDOWS\system32\PortableDeviceConnectApi.dll
[MD5.4A593350A6CDEDB415D448E21269FEF7] - [04/06/2017 12:09:08] - |A| - [437760] - C:\WINDOWS\system32\PortableDeviceStatus.dll
[MD5.DC15A4BAF5FD3AD2A393653075D7DD8F] - [04/06/2017 12:10:00] - |A| - [157184] - C:\WINDOWS\system32\PortableDeviceSyncProvider.dll
[MD5.37C1DCC12DA802F6C9EEEA0B6BFA396A] - [04/06/2017 12:09:08] - |A| - [190464] - C:\WINDOWS\system32\PortableDeviceTypes.dll
[MD5.54191DE078CD30E494201E5FD6E2BCDB] - [04/06/2017 12:09:08] - |A| - [154112] - C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
[MD5.A1468FE73E703D3FD71FC8092367F02E] - [04/06/2017 12:09:33] - |A| - [66560] - C:\WINDOWS\system32\POSyncServices.dll
[MD5.0718FE3A900166012527D6202CA9A09F] - [04/06/2017 12:09:54] - |A| - [35840] - C:\WINDOWS\system32\pots.dll
[MD5.8548645B470D3CFE521C0D907DFB3A4B] - [04/06/2017 12:10:27] - |A| - [217600] - C:\WINDOWS\system32\powercfg.cpl
[MD5.86F33E06C75B0A2CF14CA48AD2DB5241] - [04/06/2017 12:10:00] - |A| - [94208] - C:\WINDOWS\system32\powercfg.exe
[MD5.3C878736DDD2894FEC68500A06C6C690] - [04/06/2017 12:10:27] - |A| - [501248] - C:\WINDOWS\system32\powercpl.dll
[MD5.692AA93BC76ECF41B7D19466D5A7C9D5] - [04/06/2017 12:10:27] - |A| - [302592] - C:\WINDOWS\system32\PowerWmiProvider.dll
[MD5.3846C82B589FA85C6E90EB7F18A6DBFB] - [04/06/2017 12:09:57] - |A| - [296032] - C:\WINDOWS\system32\powrprof.dll
[MD5.037336777C82120DDE11F1B8502E33CB] - [04/06/2017 12:11:52] - |A| - [264704] - C:\WINDOWS\system32\ppcsnap.dll
[MD5.9D63E53CFC928E0000F0C5ECEAFA4AA1] - [04/06/2017 12:09:37] - |A| - [68096] - C:\WINDOWS\system32\prauthproviders.dll
[MD5.918C1F0F306EFE826E9BE142117E72B7] - [11/06/2017 03:21:52] - |A| - [124624] - C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
[MD5.B94D03C90F500BBB4999FFBDA211F79B] - [04/06/2017 12:09:04] - |A| - [259072] - C:\WINDOWS\system32\PresentationHost.exe
[MD5.6A8BAD7F226AA8AABD5E7087FD916271] - [04/06/2017 12:09:04] - |A| - [64512] - C:\WINDOWS\system32\PresentationHostProxy.dll
[MD5.021CEB46E05A82E36571E67E49FB3D53] - [11/06/2017 03:21:53] - |A| - [1166520] - C:\WINDOWS\system32\PresentationNative_v0300.dll
[MD5.D52EE78EF09561604BF065C9766BCDDE] - [04/06/2017 12:11:52] - |A| - [222208] - C:\WINDOWS\system32\PresentationSettings.exe
[MD5.0595879196EE879468C1C391B115CA38] - [04/06/2017 12:10:32] - |A| - [28160] - C:\WINDOWS\system32\prevhost.exe
[MD5.C935464BEBA6D94F2889300F9982B5C3] - [04/06/2017 12:10:00] - |A| - [12800] - C:\WINDOWS\system32\prflbmsg.dll
[MD5.33B2F1F296277E5F85414D92B39EE3FB] - [04/06/2017 12:09:52] - |A| - [16896] - C:\WINDOWS\system32\print.exe
[MD5.E604EC22F68C3ACEB0BD1711ED4A95F1] - [04/06/2017 12:10:27] - |A| - [69632] - C:\WINDOWS\system32\Print.Workflow.Source.dll
[MD5.F0AB8A6B97CB3C529EBF5E90B409BD29] - [04/06/2017 12:11:52] - |A| - [72704] - C:\WINDOWS\system32\PrintBrmUi.exe
[MD5.D68B69C5F80F793F17CD8B0F60C82690] - [04/06/2017 12:10:29] - |A| - [25880] - C:\WINDOWS\system32\PrintDialogHost.exe
[MD5.A4845E6CF5EDB6D842952A9F7C25613A] - [04/06/2017 12:10:27] - |A| - [582656] - C:\WINDOWS\system32\PrintDialogs.dll
[MD5.F0D548D33754089E6F19B94C2623E68D] - [04/06/2017 12:10:47] - |A| - [45056] - C:\WINDOWS\system32\printfilterpipelineprxy.dll
[MD5.A0236E671B94936321B4D752C30DFC67] - [04/06/2017 12:10:47] - |A| - [836096] - C:\WINDOWS\system32\printfilterpipelinesvc.exe
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:45] - |D| - [430506] - C:\WINDOWS\system32\Printing_Admin_Scripts
[MD5.DFF2A81F837FC671BBC3C5D5BFA2B26A] - [04/06/2017 12:10:47] - |A| - [76288] - C:\WINDOWS\system32\PrintIsolationHost.exe
[MD5.66A792C07FE005CF5C47B5F1C7AB37BE] - [04/06/2017 12:10:46] - |A| - [58880] - C:\WINDOWS\system32\PrintIsolationProxy.dll
[MD5.4856202475EFE0D66FA11EE1DCF6D0D3] - [04/06/2017 12:11:52] - |A| - [146389] - C:\WINDOWS\system32\printmanagement.msc
[MD5.860849B515A262792584A19631F8863B] - [04/06/2017 12:10:29] - |A| - [68608] - C:\WINDOWS\system32\PrintPlatformConfig.dll
[MD5.B34965414CB662FE14A24996671E5179] - [04/06/2017 12:10:29] - |A| - [738816] - C:\WINDOWS\system32\PrintRenderAPIHost.DLL
[MD5.FBBA8758A370A9C070D9CDE59E15A11E] - [04/06/2017 12:10:27] - |A| - [1201664] - C:\WINDOWS\system32\printui.dll
[MD5.F432FB9CD9F1A08724DB5473D785629F] - [04/06/2017 12:10:29] - |A| - [64000] - C:\WINDOWS\system32\printui.exe
[MD5.A8AA65C786E8A29A1CBB0169FE64CDAA] - [04/06/2017 12:10:27] - |A| - [25088] - C:\WINDOWS\system32\PrintWorkflowProxy.dll
[MD5.D81670B466A8E0D90853C41339607F3F] - [04/06/2017 12:10:27] - |A| - [163328] - C:\WINDOWS\system32\PrintWorkflowService.dll
[MD5.28AA14A070A4C4EAF9C66ADFF26BC3BA] - [04/06/2017 12:10:27] - |A| - [134656] - C:\WINDOWS\system32\PrintWSDAHost.dll
[MD5.57139864522B190FD6D2440A6B9A6DA0] - [04/06/2017 12:10:27] - |A| - [184320] - C:\WINDOWS\system32\prncache.dll
[MD5.0C1CF3457999D9312C20714D6E73E543] - [04/06/2017 12:10:29] - |A| - [480768] - C:\WINDOWS\system32\prnfldr.dll
[MD5.EB1A3F50A28B658D7264336572EC92FC] - [04/06/2017 12:10:29] - |A| - [254464] - C:\WINDOWS\system32\prnntfy.dll
[MD5.A43A8EB277479B1027C14509EC5C9AEA] - [04/06/2017 12:10:29] - |A| - [177664] - C:\WINDOWS\system32\prntvpt.dll
[MD5.E72E71ECE8162DFD562B8280F1B4F1EC] - [04/06/2017 12:09:29] - |A| - [33280] - C:\WINDOWS\system32\ProductEnumerator.dll
[MD5.CCD8C51D0FA0EE84657775B792D5C7B4] - [04/06/2017 12:09:55] - |A| - [89464] - C:\WINDOWS\system32\profapi.dll
[MD5.CE2B45DB82E7A4D640C1F9D3985E4AEA] - [04/06/2017 12:09:34] - |A| - [116224] - C:\WINDOWS\system32\profext.dll
[MD5.48997DF9A787B112CF3B00650C2E5AE6] - [04/06/2017 12:10:07] - |A| - [112128] - C:\WINDOWS\system32\profprov.dll
[MD5.6293BFBCF69E0D35E50ED0249087D826] - [04/06/2017 12:09:55] - |A| - [414720] - C:\WINDOWS\system32\profsvc.dll
[MD5.3E85A542FA319BC198A1E5591B64C0B8] - [04/06/2017 12:10:03] - |A| - [143360] - C:\WINDOWS\system32\profsvcext.dll
[MD5.A4470683D6C69089EE3FB2C429E914D6] - [04/06/2017 12:09:33] - |A| - [1772144] - C:\WINDOWS\system32\propsys.dll
[MD5.1B59AAF99136DA67876199F73820FBE6] - [04/06/2017 12:10:03] - |A| - [33792] - C:\WINDOWS\system32\proquota.exe
[MD5.538FE397922F7DDCC322E91DE3F44408] - [04/06/2017 12:10:44] - |A| - [800768] - C:\WINDOWS\system32\provcore.dll
[MD5.1680C055043285BF9B55B5AAB255B5FB] - [04/06/2017 12:10:44] - |A| - [82944] - C:\WINDOWS\system32\provdatastore.dll
[MD5.193C2D3E08917126E091258481C60C64] - [04/06/2017 12:10:47] - |A| - [12288] - C:\WINDOWS\system32\provdiagnostics.dll
[MD5.2C86168912C7884F0B310A75A3B04880] - [04/06/2017 12:10:46] - |A| - [437248] - C:\WINDOWS\system32\provengine.dll
[MD5.AFB39FE4DA08C080BAFAF95529E5DD89] - [04/06/2017 12:10:44] - |A| - [424448] - C:\WINDOWS\system32\provhandlers.dll
[MD5.465EA5BCA33C2274FF34BCA1F9BF5267] - [04/06/2017 12:10:47] - |A| - [71680] - C:\WINDOWS\system32\provisioningcommandscsp.dll
[MD5.C8A124502E578B502A68C61CF971241A] - [04/06/2017 12:10:44] - |A| - [204800] - C:\WINDOWS\system32\provisioningcsp.dll
[MD5.4D3059A9B39D0E924E1DD3FBB3700AEF] - [04/06/2017 12:10:47] - |A| - [252416] - C:\WINDOWS\system32\ProvisioningHandlers.dll
[MD5.62002351B6E8A735F0C9DB6E1121027E] - [04/06/2017 12:10:47] - |A| - [58880] - C:\WINDOWS\system32\provlaunch.exe
[MD5.93E548EAF687BD327701636770DE94B5] - [04/06/2017 12:10:47] - |A| - [93184] - C:\WINDOWS\system32\provmigrate.dll
[MD5.23E6AC9C9B53C4E929C1F6109CF59711] - [04/06/2017 12:10:44] - |A| - [240640] - C:\WINDOWS\system32\provops.dll
[MD5.57D5952BEB342253244A114A96649083] - [04/06/2017 12:10:49] - |A| - [141312] - C:\WINDOWS\system32\provpackageapidll.dll
[MD5.95716C882B8AB84917457545E0E2AF6F] - [04/06/2017 12:10:47] - |A| - [76800] - C:\WINDOWS\system32\provplatformdesktop.dll
[MD5.2B9C8A3F126C29D412859037CD372C72] - [04/06/2017 12:10:44] - |A| - [93184] - C:\WINDOWS\system32\ProvPluginEng.dll
[MD5.4D3D61FE703F7DE6713698C40556240A] - [04/06/2017 12:09:08] - |A| - [465920] - C:\WINDOWS\system32\provsvc.dll
[MD5.5C7096DA0D1EC6D0A2A75B150A7EC848] - [04/06/2017 12:10:49] - |A| - [76288] - C:\WINDOWS\system32\ProvSysprep.dll
[MD5.19AF7C61C815B916D4C9A61B78604C37] - [04/06/2017 12:10:44] - |A| - [313856] - C:\WINDOWS\system32\provthrd.dll
[MD5.ACADCD17569D14DDE11C9F7D922AC136] - [04/06/2017 12:10:46] - |A| - [70656] - C:\WINDOWS\system32\provtool.exe
[MD5.981FF0186638D1587DDFBF5F3F3686AE] - [04/06/2017 12:09:22] - |A| - [162304] - C:\WINDOWS\system32\ProximityCommon.dll
[MD5.22F8238CBC0346B71A9527C8965B3F06] - [04/06/2017 12:09:25] - |A| - [16896] - C:\WINDOWS\system32\ProximityCommonPal.dll
[MD5.46F0ABAB1D2A8F3069D31EC4F25942CA] - [04/06/2017 12:09:21] - |A| - [17408] - C:\WINDOWS\system32\ProximityRtapiPal.dll
[MD5.EFE0790B24686FD85B895371E5A2B81D] - [04/06/2017 12:09:24] - |A| - [300544] - C:\WINDOWS\system32\ProximityService.dll
[MD5.B41D8CCE2DEDF2D066CDC98FE0F67405] - [04/06/2017 12:09:25] - |A| - [47616] - C:\WINDOWS\system32\ProximityServicePal.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\system32\ProximityToast
[MD5.65DF2EC30E382A67A85E89A851093EB7] - [04/06/2017 12:10:47] - |A| - [260856] - C:\WINDOWS\system32\ProximityUxHost.exe
[MD5.DE4BFE809D0525EAF1885C3435AB72E5] - [04/06/2017 12:09:21] - |A| - [20208] - C:\WINDOWS\system32\prproc.exe
[MD5.272FBC33210F325DE1418E6437FD0B85] - [04/06/2017 12:10:44] - |A| - [81408] - C:\WINDOWS\system32\prvdmofcomp.dll
[MD5.97D25A437BF7CC85BFDF4FE39EBAAEA7] - [04/06/2017 12:09:49] - |A| - [14544] - C:\WINDOWS\system32\psapi.dll
[MD5.C09741B9886EF0D15EC3B1443352FB62] - [04/06/2017 12:10:29] - |A| - [51] - C:\WINDOWS\system32\pscript.sep
[MD5.7DE50ECE8A3F2B5F84746CD24EBD324B] - [04/06/2017 12:09:55] - |A| - [62288] - C:\WINDOWS\system32\PSHED.DLL
[MD5.F7C4868F9443E24EFDDF166325600D38] - [04/06/2017 12:10:38] - |A| - [579584] - C:\WINDOWS\system32\psisdecd.dll
[MD5.B92B9F1934284FB62980E7B3CC9C4D61] - [04/06/2017 12:10:38] - |A| - [97792] - C:\WINDOWS\system32\psisrndr.ax
[MD5.EA8C1763537850BD42BF85414E7B0989] - [04/06/2017 12:10:42] - |A| - [49152] - C:\WINDOWS\system32\PSModuleDiscoveryProvider.dll
[MD5.007893E8374C766471239EB291BA8C17] - [04/06/2017 12:10:42] - |A| - [4148] - C:\WINDOWS\system32\psmodulediscoveryprovider.mof
[MD5.C6AA31B483815C1B09466F1245F9E1D6] - [04/06/2017 12:09:33] - |A| - [392704] - C:\WINDOWS\system32\PsmServiceExtHost.dll
[MD5.31CEA8C387D4062F422AF825E6A2B9FA] - [04/06/2017 12:09:30] - |A| - [220672] - C:\WINDOWS\system32\psmsrv.dll
[MD5.42F38CB229FEF2AC4C47DAF42AE4D77A] - [04/06/2017 12:09:43] - |A| - [592896] - C:\WINDOWS\system32\psr.exe
[MD5.88702646D51701BC232A465A6E7DB440] - [04/06/2017 12:10:42] - |A| - [15360] - C:\WINDOWS\system32\pstask.dll
[MD5.FD0AFA55AF34D2BA3CCC4EE853C8E883] - [04/06/2017 12:10:00] - |A| - [15872] - C:\WINDOWS\system32\pstorec.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [325120] - C:\WINDOWS\system32\pt-BR
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [319488] - C:\WINDOWS\system32\pt-PT
[MD5.600105F7A3AECA9915E0219959E2D806] - [04/06/2017 12:10:29] - |A| - [201216] - C:\WINDOWS\system32\puiapi.dll
[MD5.7193BB06179CF7BDE59687AFCB3DAE72] - [04/06/2017 12:10:29] - |A| - [460288] - C:\WINDOWS\system32\puiobj.dll
[MD5.3EB9D93B3688B1737EBEA6D15C9E2BAE] - [04/06/2017 12:11:43] - |A| - [790528] - C:\WINDOWS\system32\pwcreator.exe
[MD5.035939B34888CAF29559E1AF203393A0] - [04/06/2017 12:10:24] - |A| - [325632] - C:\WINDOWS\system32\pwlauncher.dll
[MD5.8100B3C75CA8979802356576EBA6B8AE] - [04/06/2017 12:10:24] - |A| - [35840] - C:\WINDOWS\system32\pwlauncher.exe
[MD5.E42689142F3A1020DBA61373D2F7F707] - [04/06/2017 12:12:58] - |A| - [92160] - C:\WINDOWS\system32\pwrshplugin.dll
[MD5.63DC9E552B0AE5B7B50AA1EC968C55D9] - [04/06/2017 12:10:27] - |A| - [32768] - C:\WINDOWS\system32\pwsso.dll
[MD5.1D0C2C877EF18664D2DA77D85C1026F8] - [04/06/2017 12:11:53] - |A| - [24064] - C:\WINDOWS\system32\qappsrv.exe
[MD5.7DF8BA20DCC9C768EDEF16BD94865D40] - [04/06/2017 12:10:02] - |A| - [150528] - C:\WINDOWS\system32\qasf.dll
[MD5.9A9E8B0293727CAA5A1E3A4D5FBD62C6] - [04/06/2017 12:09:21] - |A| - [190464] - C:\WINDOWS\system32\qcap.dll
[MD5.97061F02C5FAF95A5CE2734FAA494644] - [04/06/2017 12:09:21] - |A| - [246272] - C:\WINDOWS\system32\qdv.dll
[MD5.BF452F3F54D8815296647905CAACEAFA] - [04/06/2017 12:09:21] - |A| - [382464] - C:\WINDOWS\system32\qdvd.dll
[MD5.0D4A57DB836CA7B854D6FA00E0AB7396] - [04/06/2017 12:10:42] - |A| - [633344] - C:\WINDOWS\system32\qedit.dll
[MD5.EF1A605B15826D56162DD3DA994C8211] - [04/06/2017 12:10:42] - |A| - [733696] - C:\WINDOWS\system32\qedwipes.dll
[MD5.D52A61EB08D15AC09F5CDF441F36B3D3] - [04/06/2017 12:09:24] - |A| - [1185792] - C:\WINDOWS\system32\qmgr.dll
[MD5.5C3C0F69486473F66685CC682C08B566] - [04/06/2017 12:11:52] - |A| - [27648] - C:\WINDOWS\system32\qprocess.exe
[MD5.68FD9F807F46381607E2C0F612B2FFBD] - [04/06/2017 12:09:21] - |A| - [1609216] - C:\WINDOWS\system32\quartz.dll
[MD5.DCCAC1C904009EBB19E25011047754E9] - [04/06/2017 12:09:29] - |A| - [101888] - C:\WINDOWS\system32\Query.dll
[MD5.AE7C2298F35E141C52E750ACF6309EDA] - [04/06/2017 12:11:52] - |A| - [16896] - C:\WINDOWS\system32\query.exe
[MD5.42B0ED6FDCDDDD3F9E077BBA3A67DA99] - [04/06/2017 12:09:43] - |A| - [320512] - C:\WINDOWS\system32\QuickActionsDataModel.dll
[MD5.BB99D0C834786BA9334E25A73CE28B2E] - [05/06/2017 08:58:16] - |A| - [559104] - C:\WINDOWS\system32\quickassist.exe
[MD5.A8EAFC2C212948E619D861568A582BCA] - [04/06/2017 12:11:52] - |A| - [24576] - C:\WINDOWS\system32\quser.exe
[MD5.1B9827C9FE1FEF35E6003DE0F0CFB3AE] - [04/06/2017 12:10:24] - |A| - [275968] - C:\WINDOWS\system32\qwave.dll
[MD5.6B77D536491F8A4364DA9E4B8FE98E67] - [04/06/2017 12:11:52] - |A| - [28672] - C:\WINDOWS\system32\qwinsta.exe
[MD5.8608C94D70CF5770BA9C22171949555E] - [04/06/2017 12:10:27] - |A| - [33792] - C:\WINDOWS\system32\RacEngn.dll
[MD5.050F3F4857CF3C71A84247E7BE15A016] - [04/06/2017 12:12:40] - |A| - [128000] - C:\WINDOWS\system32\racpldlg.dll
[MD5.310BDEEDD340983A35E412960CF820E0] - [04/06/2017 12:10:41] - |A| - [97792] - C:\WINDOWS\system32\radardt.dll
[MD5.827AF4D0282F209E37C84795E46E1098] - [04/06/2017 12:10:38] - |A| - [70144] - C:\WINDOWS\system32\radarrs.dll
[MD5.F75D96FD45195CF7BFFE96180B427D08] - [04/06/2017 12:10:40] - |A| - [336384] - C:\WINDOWS\system32\RADCUI.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [24316] - C:\WINDOWS\system32\ras
[MD5.8945CC0825261EF088CE167325C5DD76] - [04/06/2017 12:10:27] - |A| - [16896] - C:\WINDOWS\system32\rasadhlp.dll
[MD5.5CC5C3940886948C9F8F57BF5FD253CC] - [04/06/2017 12:10:32] - |A| - [824832] - C:\WINDOWS\system32\rasapi32.dll
[MD5.C8792376068B84C7954912B2A2A908B7] - [04/06/2017 12:10:27] - |A| - [104960] - C:\WINDOWS\system32\rasauto.dll
[MD5.1FF3A248C6ACBFC05FC22D5912615D3D] - [04/06/2017 12:10:27] - |A| - [17920] - C:\WINDOWS\system32\rasautou.exe
[MD5.22AD625842DA33C2F8A13B53A7A6A92F] - [04/06/2017 12:10:29] - |A| - [137216] - C:\WINDOWS\system32\raschap.dll
[MD5.8EB26462E8A7DC4819D46AB23A1D768D] - [04/06/2017 12:10:27] - |A| - [280064] - C:\WINDOWS\system32\raschapext.dll
[MD5.3A77C18665A4C8428768CE186A5BC1EF] - [04/06/2017 12:10:32] - |A| - [1820] - C:\WINDOWS\system32\rasctrnm.h
[MD5.DBE9DD43CAF690F78742190F28DE2D1E] - [04/06/2017 12:10:27] - |A| - [21504] - C:\WINDOWS\system32\rasctrs.dll
[MD5.4484BBF5279F1EA8C9A9A97AA6C91992] - [04/06/2017 12:10:32] - |A| - [399872] - C:\WINDOWS\system32\rascustom.dll
[MD5.0D977BF5E78D52D9B0EAA015261133ED] - [04/06/2017 12:10:32] - |A| - [79360] - C:\WINDOWS\system32\rasdiag.dll
[MD5.61529A345FD0593D36A82324EAA0B081] - [04/06/2017 12:10:29] - |A| - [20480] - C:\WINDOWS\system32\rasdial.exe
[MD5.E21DCBB92CB5E2E24D5FFE23BD34A3AB] - [04/06/2017 12:10:29] - |A| - [927232] - C:\WINDOWS\system32\rasdlg.dll
[MD5.84282122661FE8932969ACC0B01F5573] - [04/06/2017 12:12:40] - |A| - [128000] - C:\WINDOWS\system32\raserver.exe
[MD5.D1EDE4E439A34F83EB32BEA500BF9415] - [04/06/2017 12:10:27] - |A| - [950272] - C:\WINDOWS\system32\rasgcw.dll
[MD5.34C7B27C65C66F5BB365FBADF0ABE16F] - [04/06/2017 12:10:29] - |A| - [182784] - C:\WINDOWS\system32\rasman.dll
[MD5.EA619783D6DACD9154DC101A1BB85EA2] - [04/06/2017 12:10:32] - |A| - [924160] - C:\WINDOWS\system32\rasmans.dll
[MD5.508400D66C6732A5A3D97FEB9BB39350] - [04/06/2017 12:10:32] - |A| - [59904] - C:\WINDOWS\system32\rasmbmgr.dll
[MD5.0F464D17B9962C0EA211BA189DA84015] - [04/06/2017 12:09:37] - |A| - [335872] - C:\WINDOWS\system32\RasMediaManager.dll
[MD5.6F002B48C81760083BA3F4D9DBEF2030] - [04/06/2017 12:10:30] - |A| - [1666048] - C:\WINDOWS\system32\RASMM.dll
[MD5.41F3A7FB2183135439D6AC0A45D9BEB4] - [04/06/2017 12:10:27] - |A| - [351744] - C:\WINDOWS\system32\rasmontr.dll
[MD5.154EB09767E801DA40549A835165D99A] - [04/06/2017 12:10:29] - |A| - [34304] - C:\WINDOWS\system32\rasphone.exe
[MD5.AF7A2BEA7B83C80A21CE7F2C1A247CAF] - [04/06/2017 12:10:27] - |A| - [481280] - C:\WINDOWS\system32\rasplap.dll
[MD5.6F980DD10C782605D36BC07DA8B49014] - [04/06/2017 12:12:58] - |A| - [309248] - C:\WINDOWS\system32\rasppp.dll
[MD5.227501BEBBAD393D0290F87F288A0B15] - [04/06/2017 12:10:32] - |A| - [251904] - C:\WINDOWS\system32\rastapi.dll
[MD5.13EA305DCFFB50DBAC335F46FF8B7688] - [04/06/2017 12:10:29] - |A| - [498688] - C:\WINDOWS\system32\rastls.dll
[MD5.5822ABD04044DF935597AC183DCD7B38] - [04/06/2017 12:10:27] - |A| - [370176] - C:\WINDOWS\system32\rastlsext.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\system32\RasToast
[MD5.F8C608287AEE9BA3DDF99FE24D4B9243] - [04/06/2017 12:10:47] - |A| - [615424] - C:\WINDOWS\system32\rdbui.dll
[MD5.98A69D3DE872663D2361143841BD63DB] - [04/06/2017 12:09:33] - |A| - [1097216] - C:\WINDOWS\system32\rdpbase.dll
[MD5.F878C864BBE0D4F7B7C4F53A8E2128E9] - [04/06/2017 12:10:40] - |A| - [11264] - C:\WINDOWS\system32\rdpcfgex.dll
[MD5.52037044B58E17ACD36779B4D46EE151] - [04/06/2017 12:11:37] - |A| - [394240] - C:\WINDOWS\system32\rdpclip.exe
[MD5.6C485E7245E4087A6A97A0CB48EBD2CE] - [04/06/2017 12:09:29] - |A| - [626688] - C:\WINDOWS\system32\rdpcore.dll
[MD5.7A9E136AF5EBE2C08143BE46C50C1A65] - [04/06/2017 12:11:37] - |A| - [2024448] - C:\WINDOWS\system32\rdpcorets.dll
[MD5.70302E402B085CF8B723FFC1326A38B2] - [04/06/2017 12:09:29] - |A| - [399872] - C:\WINDOWS\system32\rdpencom.dll
[MD5.6C591E246C734F5302D974A61861376F] - [04/06/2017 12:11:37] - |A| - [294936] - C:\WINDOWS\system32\rdpendp.dll
[MD5.964139861BFDFF96A4A73856315F8D71] - [04/06/2017 12:11:51] - |A| - [317952] - C:\WINDOWS\system32\rdpinit.exe
[MD5.EF2E5EB56F234C0E3096CB81F0BF3202] - [04/06/2017 12:11:37] - |A| - [178176] - C:\WINDOWS\system32\rdpinput.exe
[MD5.EB213F789660972D90CCE6979DC20C43] - [04/06/2017 12:09:09] - |A| - [216576] - C:\WINDOWS\system32\RdpRelayTransport.dll
[MD5.A6C3D9617B5E7CA7F7405679A598C31C] - [04/06/2017 12:10:38] - |A| - [42496] - C:\WINDOWS\system32\RdpSa.exe
[MD5.139C94065FF10BD78749F6EA0C1AA652] - [04/06/2017 12:10:40] - |A| - [25600] - C:\WINDOWS\system32\RdpSaProxy.exe
[MD5.46E613DFA716A6414936CA95ADA30296] - [04/06/2017 12:10:38] - |A| - [14848] - C:\WINDOWS\system32\RdpSaPs.dll
[MD5.AC1881CF1E24093024729C1E410A099B] - [04/06/2017 12:10:38] - |A| - [28672] - C:\WINDOWS\system32\RdpSaUacHelper.exe
[MD5.D53E65D94699FC25D6D61A9B551407BE] - [04/06/2017 12:09:34] - |A| - [1655296] - C:\WINDOWS\system32\rdpserverbase.dll
[MD5.72E06470B3445B23C8E9E7352623E273] - [04/06/2017 12:11:51] - |A| - [418304] - C:\WINDOWS\system32\rdpshell.exe
[MD5.50A06FDFB6A11F36234E65C0EDC232BA] - [04/06/2017 12:11:53] - |A| - [86016] - C:\WINDOWS\system32\rdpsign.exe
[MD5.C142C6571384E354882DC6A4A2C6E5E4] - [04/06/2017 12:11:37] - |A| - [89936] - C:\WINDOWS\system32\rdpudd.dll
[MD5.299C4AA24E7359E751FE61CF50FB8472] - [04/06/2017 12:09:55] - |A| - [46080] - C:\WINDOWS\system32\rdrleakdiag.exe
[MD5.6621D7182DDF0147AB157EA6523B7123] - [04/06/2017 12:10:38] - |A| - [76800] - C:\WINDOWS\system32\RDSAppXHelper.dll
[MD5.E950EA25C751DA27E431AD203BC36C59] - [04/06/2017 12:10:38] - |A| - [166400] - C:\WINDOWS\system32\rdsdwmdr.dll
[MD5.B04C08699733898F559BA9D2D381C40B] - [04/06/2017 12:10:38] - |A| - [57344] - C:\WINDOWS\system32\RDSPnf.exe
[MD5.AF37024A8772B27534CDACEA0CE9623B] - [04/06/2017 12:11:52] - |A| - [107008] - C:\WINDOWS\system32\RDVGHelper.exe
[MD5.93A2BA2E130C37A843C1F8176CA26E1D] - [04/06/2017 12:10:40] - |A| - [80896] - C:\WINDOWS\system32\rdvvmtransport.dll
[MD5.E4F17ED761627AB590947CF6C2D1EA1C] - [04/06/2017 12:12:56] - |A| - [655872] - C:\WINDOWS\system32\RDXService.dll
[MD5.DD9EC95E564E04F53912C0EC9393D4C1] - [04/06/2017 12:10:47] - |A| - [398848] - C:\WINDOWS\system32\RDXTaskFactory.dll
[MD5.F736067A3D541FAEE6597368A75BC34D] - [04/06/2017 12:10:42] - |A| - [1028432] - C:\WINDOWS\system32\ReAgent.dll
[MD5.14FF096C87F54EA16F12CCB44832DB0B] - [04/06/2017 12:10:42] - |A| - [39936] - C:\WINDOWS\system32\ReAgentc.exe
[MD5.669ACBAB033DE36594C837889AE9AA2B] - [04/06/2017 12:10:42] - |A| - [13312] - C:\WINDOWS\system32\ReAgentTask.dll
[MD5.99D43EB37373BC0B52A89260771EA7D5] - [04/06/2017 12:09:08] - |A| - [193536] - C:\WINDOWS\system32\recdisc.exe
[MD5.D56E17891E60D51C85200D192BC648EA] - [04/06/2017 12:09:18] - |A| - [13824] - C:\WINDOWS\system32\recover.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [2230] - C:\WINDOWS\system32\Recovery
[MD5.5F9C83B930FFF1CEFADF0DAF1DC0A014] - [04/06/2017 12:10:29] - |A| - [89088] - C:\WINDOWS\system32\recovery.dll
[MD5.54A0F16ECAB812F60F596B8F1AC56F20] - [04/06/2017 12:10:32] - |A| - [1534976] - C:\WINDOWS\system32\RecoveryDrive.exe
[MD5.D31A84A6D08A8833EAA87424C5FDDA95] - [04/06/2017 12:09:34] - |A| - [73216] - C:\WINDOWS\system32\reg.exe
[MD5.1800B9A1B0DE90574F397A7156B0CDD4] - [04/06/2017 12:10:42] - |A| - [105984] - C:\WINDOWS\system32\regapi.dll
[MD5.375D3CAF107603518F8BDFC62C5A7BD0] - [04/06/2017 12:10:00] - |A| - [50176] - C:\WINDOWS\system32\RegCtrl.dll
[MD5.9132FDA555FD350E3A8F98583C48E15A] - [04/06/2017 12:10:32] - |A| - [11776] - C:\WINDOWS\system32\regedt32.exe
[MD5.858FB69880A65582D11AA90CB4651285] - [04/06/2017 12:10:32] - |A| - [15360] - C:\WINDOWS\system32\regidle.dll
[MD5.C5477F3AC44C9478A228C7403FE0EF41] - [04/06/2017 12:10:32] - |A| - [46080] - C:\WINDOWS\system32\regini.exe
[MD5.E7ABC972776C366C48DDA07E2679E7E2] - [04/06/2017 12:10:44] - |A| - [24064] - C:\WINDOWS\system32\Register-CimProvider.exe
[MD5.FF9255823C7C0B0FDDDBB58E65EE9BF6] - [04/06/2017 12:09:39] - |A| - [154624] - C:\WINDOWS\system32\regsvc.dll
[MD5.4C18CCB260A62B357953BF84BF6DF1B8] - [04/06/2017 12:10:29] - |A| - [23552] - C:\WINDOWS\system32\regsvr32.exe
[MD5.DBAD9C16A2D0C1ED648DC448A5798BCE] - [04/06/2017 12:09:29] - |A| - [30520] - C:\WINDOWS\system32\reguwpapi.dll
[MD5.DDDADECEC98486D981437CCF5AE91F43] - [04/06/2017 12:10:42] - |A| - [182272] - C:\WINDOWS\system32\ReInfo.dll
[MD5.69A3D0B71B4B3F65AE98B1933B7B7658] - [04/06/2017 12:10:06] - |A| - [120320] - C:\WINDOWS\system32\rekeywiz.exe
[MD5.32A8B9A262AFCFD18AE31C129CFA1170] - [04/06/2017 12:10:27] - |A| - [43008] - C:\WINDOWS\system32\relog.exe
[MD5.2538B6E3276072DA3BEF21AC931B9D9B] - [04/06/2017 12:10:44] - |A| - [157696] - C:\WINDOWS\system32\RelPost.exe
[MD5.C75D5DEC6170F605674D07CB10E1F64F] - [04/06/2017 12:09:21] - |A| - [83216] - C:\WINDOWS\system32\remoteaudioendpoint.dll
[MD5.B8906AEA86B566056302FBDCBB710B48] - [04/06/2017 12:10:40] - |A| - [209408] - C:\WINDOWS\system32\remotepg.dll
[MD5.85EBA0D501A4A3E77BC9DCA215A6008A] - [04/06/2017 12:09:25] - |A| - [12800] - C:\WINDOWS\system32\RemotePosWorker.exe
[MD5.0D8C3DBE09E0D9AACCA1F17A8B992A1D] - [04/06/2017 12:10:35] - |A| - [104448] - C:\WINDOWS\system32\remotesp.tsp
[MD5.6BC886E530303D54A1B5283BD342B17F] - [04/06/2017 12:10:29] - |A| - [18944] - C:\WINDOWS\system32\RemoteWipeCSP.dll
[MD5.ED5DFD44F3E7CBCDA5B057652D6CD1F9] - [04/06/2017 12:10:46] - |A| - [66560] - C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
[MD5.4EDCCC1FE0FFCA58AC6E27C4A0E909F9] - [04/06/2017 12:10:00] - |A| - [70656] - C:\WINDOWS\system32\RemoveDeviceContextHandler.dll
[MD5.87F6A6AEAD66D55E40E810B20770EADF] - [04/06/2017 12:10:00] - |A| - [14336] - C:\WINDOWS\system32\RemoveDeviceElevated.dll
[MD5.692DC6EF573FFCDD9DFB55D1C783DB93] - [04/06/2017 12:09:18] - |A| - [167] - C:\WINDOWS\system32\removehypervisor.mof
[MD5.730EBF00771288D24BF9E3214A1C492D] - [04/06/2017 12:12:40] - |A| - [6656] - C:\WINDOWS\system32\rendezvousSession.tlb
[MD5.629D950FD922EADA4D2F2BEC3BC26433] - [04/06/2017 12:12:53] - |A| - [126976] - C:\WINDOWS\system32\repair-bde.exe
[MD5.D4F85F11620B718228FBAA471B7F73DA] - [04/06/2017 12:09:52] - |A| - [21504] - C:\WINDOWS\system32\replace.exe
[MD5.6EB5AD7763A4369D87AA138CB200FC98] - [04/06/2017 12:09:37] - |A| - [115712] - C:\WINDOWS\system32\ReportingCSP.dll
[MD5.CD834D1AF674857B5CE89C4A222372D7] - [04/06/2017 12:08:52] - |A| - [241216] - C:\WINDOWS\system32\RESAMPLEDMO.DLL
[MD5.AD672B13D3F05E365D80455E23E500FD] - [04/06/2017 12:11:53] - |A| - [17408] - C:\WINDOWS\system32\reset.exe
[MD5.26236FED9D35C485527354F964173B5E] - [04/06/2017 12:10:32] - |A| - [1159168] - C:\WINDOWS\system32\reseteng.dll
[MD5.827CE938D5C5F2EFEDDF3A257E1ED4FE] - [04/06/2017 12:10:32] - |A| - [2496512] - C:\WINDOWS\system32\ResetEngine.dll
[MD5.0702BFFE77E6E8AAA9535B28FA62C52C] - [04/06/2017 12:10:32] - |A| - [11264] - C:\WINDOWS\system32\ResetEngine.exe
[MD5.48F63AB0B791A48A3394BF5FEBEEF0C5] - [04/06/2017 12:10:32] - |A| - [173568] - C:\WINDOWS\system32\ResetEngOnline.dll
[MD5.39309FB9EE2B4A45F806970E261A1A6D] - [04/06/2017 12:10:24] - |A| - [110080] - C:\WINDOWS\system32\resmon.exe
[MD5.4953CA80BE8D01EA4EB091FFA9A7C031] - [04/06/2017 12:09:24] - |A| - [106984] - C:\WINDOWS\system32\ResourcePolicyClient.dll
[MD5.550D7A1C1670EBBF74A588BCD4138DD7] - [04/06/2017 12:09:22] - |A| - [214864] - C:\WINDOWS\system32\ResourcePolicyServer.dll
[MD5.BAC57A0212EE3710C850707EBC300740] - [04/06/2017 12:10:47] - |A| - [9114] - C:\WINDOWS\system32\ResPriHMImageList
[MD5.6CD8E7E1BEB75C2D477A3E03273175A3] - [04/06/2017 12:10:47] - |A| - [8561] - C:\WINDOWS\system32\ResPriImageList
[MD5.43E7D0AB6A8564F5BF375FBF0934FAD1] - [04/06/2017 12:10:29] - |A| - [714] - C:\WINDOWS\system32\RestartManager.mof
[MD5.3F75A221A01F68D6CE67FE99A868BD8F] - [04/06/2017 12:10:29] - |A| - [176] - C:\WINDOWS\system32\RestartManagerUninstall.mof
[MD5.831C579709F4761E4AB7053FCF4176EC] - [04/06/2017 12:08:53] - |A| - [759] - C:\WINDOWS\system32\RestartNowPower_80.contrast-black.png
[MD5.DF286186041C6BF73C5DC21CEEEFFED5] - [04/06/2017 12:08:53] - |A| - [785] - C:\WINDOWS\system32\RestartNowPower_80.contrast-white.png
[MD5.831C579709F4761E4AB7053FCF4176EC] - [04/06/2017 12:08:53] - |A| - [759] - C:\WINDOWS\system32\RestartNowPower_80.png
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [76] - C:\WINDOWS\system32\restore
[MD5.62001177B173338383E712C3BAADCA22] - [04/06/2017 12:09:17] - |A| - [594432] - C:\WINDOWS\system32\resutils.dll
[MD5.191CF986FB65ABAEB8B0226BC92910C9] - [04/06/2017 12:11:48] - |A| - [40448] - C:\WINDOWS\system32\rfxvmt.dll
[MD5.C3674325D5F844204D49C50654EE2278] - [04/06/2017 12:10:00] - |A| - [177152] - C:\WINDOWS\system32\rgb9rast.dll
[MD5.79263BA481DC8AE05388F9F5CE24DCA5] - [04/06/2017 12:10:29] - |A| - [148480] - C:\WINDOWS\system32\Ribbons.scr
[MD5.5574C4C304981E37AF3B215F517C2DB3] - [04/06/2017 12:10:32] - |A| - [590848] - C:\WINDOWS\system32\riched20.dll
[MD5.2290369DA7FF0EC9142667EE7BF0F68D] - [04/06/2017 12:10:32] - |A| - [10240] - C:\WINDOWS\system32\riched32.dll
[MD5.7A047665BFE3E0D45E7378F29D358BBD] - [04/06/2017 12:10:50] - |A| - [61440] - C:\WINDOWS\system32\rilproxy.dll
[MD5.3F4617B1E6C355553D2D5DAB4A7F3090] - [04/06/2017 12:10:49] - |A| - [114176] - C:\WINDOWS\system32\RjvMDMConfig.dll
[MD5.DBAB50C98B523F22C92FEBB9E7CAFAF7] - [04/06/2017 12:10:46] - |A| - [567808] - C:\WINDOWS\system32\RMActivate.exe
[MD5.41E5A815756E0332D171D47B31ABD859] - [04/06/2017 12:10:49] - |A| - [597504] - C:\WINDOWS\system32\RMActivate_isv.exe
[MD5.2592AE588A36E5D3CD2AA82244D05C6D] - [04/06/2017 12:10:47] - |A| - [492544] - C:\WINDOWS\system32\RMActivate_ssp.exe
[MD5.52AF1F3A1EFCECCD88F4F05700F67A60] - [04/06/2017 12:10:49] - |A| - [494080] - C:\WINDOWS\system32\RMActivate_ssp_isv.exe
[MD5.5D6E85CFD4271D533B583FA6E3730ADD] - [04/06/2017 12:10:27] - |A| - [153088] - C:\WINDOWS\system32\RMapi.dll
[MD5.26629E3EFA552C20F8968AE0D56EADBC] - [04/06/2017 12:09:34] - |A| - [119344] - C:\WINDOWS\system32\rmclient.dll
[MD5.EF7E1DCEE0C4C912D0E96B96DA3FB675] - [04/06/2017 12:10:29] - |A| - [17408] - C:\WINDOWS\system32\RmClient.exe
[MD5.4FF6B989E63D8EEB3B7A30621126D50F] - [04/06/2017 12:10:49] - |A| - [98816] - C:\WINDOWS\system32\RMSRoamingSecurity.dll
[MD5.69F10A1A160BF9353C1D139137B9B5E9] - [04/06/2017 12:10:36] - |A| - [138752] - C:\WINDOWS\system32\rmttpmvscmgrsvr.exe
[MD5.599851D61BBAACA9FD0E4712FBC9FAD8] - [04/06/2017 12:10:24] - |A| - [2560] - C:\WINDOWS\system32\rnr20.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [258048] - C:\WINDOWS\system32\ro-RO
[MD5.72AE5C4F1453CBA17C649D419B0B40B4] - [04/06/2017 12:09:25] - |A| - [47104] - C:\WINDOWS\system32\RoamingSecurity.dll
[MD5.1829714A9CB4E508222F988CFEFCA410] - [04/06/2017 12:09:54] - |A| - [132608] - C:\WINDOWS\system32\Robocopy.exe
[MD5.1DE922AE1836EB667D489898BD666E93] - [04/06/2017 12:09:21] - |A| - [227800] - C:\WINDOWS\system32\rometadata.dll
[MD5.150DC0634F170BDD8E8268D5B1443543] - [04/06/2017 12:11:37] - |A| - [48640] - C:\WINDOWS\system32\RotMgr.dll
[MD5.02C1C52F025DBDE38060114EEE2FE955] - [04/06/2017 12:09:34] - |A| - [23552] - C:\WINDOWS\system32\ROUTE.EXE
[MD5.5FB108D762BC20D2A55B59066CB3F284] - [04/06/2017 12:09:57] - |A| - [78336] - C:\WINDOWS\system32\RpcEpMap.dll
[MD5.A65CB1AA6C75D9FB11EBC7956014C2E2] - [04/06/2017 12:09:55] - |A| - [194560] - C:\WINDOWS\system32\rpchttp.dll
[MD5.6CF07610F88C79313D5859B77144EABB] - [04/06/2017 12:09:55] - |A| - [10240] - C:\WINDOWS\system32\RpcNs4.dll
[MD5.0CE2CCB005D139CDAE08BAF37D447775] - [04/06/2017 12:09:55] - |A| - [32256] - C:\WINDOWS\system32\rpcnsh.dll
[MD5.4FA1D62541F4E1F7DEC5842F5377934D] - [04/06/2017 12:09:55] - |A| - [30208] - C:\WINDOWS\system32\RpcPing.exe
[MD5.73744F73704E67D828C19E8B038F18D8] - [04/06/2017 12:09:55] - |A| - [1184872] - C:\WINDOWS\system32\rpcrt4.dll
[MD5.A44D5A94E9D51EFE54151EDB65FDAEC5] - [04/06/2017 12:09:30] - |A| - [57400] - C:\WINDOWS\system32\RpcRtRemote.dll
[MD5.AC6185BAC91818052F0C5F0CC91C6FD9] - [04/06/2017 12:09:55] - |A| - [1082880] - C:\WINDOWS\system32\rpcss.dll
[MD5.A188465CF06CA21A06E62A3FD3D996A4] - [04/06/2017 12:08:52] - |A| - [46592] - C:\WINDOWS\system32\rrinstaller.exe
[MD5.52B29A336350DCC2FDC823A5B52B7C2D] - [04/06/2017 12:09:57] - |A| - [199384] - C:\WINDOWS\system32\rsaenh.dll
[MD5.E13736AFEAC2F46B21BD77D791A80DDC] - [04/06/2017 12:09:47] - |A| - [130048] - C:\WINDOWS\system32\rshx32.dll
[MD5.49525986566A050AA233A428AA50D83F] - [04/06/2017 12:11:51] - |A| - [43566] - C:\WINDOWS\system32\rsop.msc
[MD5.62CE69AC65A660698E773AF047270BCF] - [04/06/2017 12:10:29] - |A| - [198656] - C:\WINDOWS\system32\RstrtMgr.dll
[MD5.FC6DE80BAF996BF24A021E92F4E9A57A] - [04/06/2017 12:09:09] - |A| - [266752] - C:\WINDOWS\system32\rstrui.exe
[MD5.A613B0537EB0DC95751905AF88947309] - [04/06/2017 12:10:29] - |A| - [45056] - C:\WINDOWS\system32\rtffilt.dll
[MD5.1F7AED61150F02C07011395702A3A121] - [04/06/2017 12:10:27] - |A| - [179712] - C:\WINDOWS\system32\rtm.dll
[MD5.6ECCC26690055505495D5521DEFFC69A] - [04/06/2017 12:09:09] - |A| - [988816] - C:\WINDOWS\system32\rtmcodecs.dll
[MD5.5D9A21A0F690269069A901357DB201A9] - [04/06/2017 12:09:24] - |A| - [438784] - C:\WINDOWS\system32\RTMediaFrame.dll
[MD5.E4D7808F6D77D2C2BB7C6D27C145F41F] - [04/06/2017 12:09:09] - |A| - [72848] - C:\WINDOWS\system32\rtmmvrortc.dll
[MD5.A9D15C40F279905378322AFF98A5CE2C] - [04/06/2017 12:09:09] - |A| - [1233552] - C:\WINDOWS\system32\rtmpal.dll
[MD5.9090BAF85FCE856AF8AB1D675B887F66] - [04/06/2017 12:09:09] - |A| - [4988560] - C:\WINDOWS\system32\rtmpltfm.dll
[MD5.57B0D1D1501EE5E6FA9A2E8220765DEE] - [04/06/2017 12:10:29] - |A| - [63488] - C:\WINDOWS\system32\rtutils.dll
[MD5.5FCCC7BDDAFF901136ADFFA78ED08960] - [04/06/2017 12:09:17] - |A| - [166912] - C:\WINDOWS\system32\RTWorkQ.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [317440] - C:\WINDOWS\system32\ru-RU
[MD5.6ED9970F2B3219E5AFD16C9A6E1B0B2D] - [04/06/2017 12:09:18] - |A| - [68608] - C:\WINDOWS\system32\RuleBasedDS.dll
[MD5.4CE794ED90D35C2473023F7583CE30A4] - [04/06/2017 12:10:42] - |A| - [19456] - C:\WINDOWS\system32\runas.exe
[MD5.6F87DEF67E559863467F8CC5C390A4B3] - [04/06/2017 12:10:32] - |A| - [71168] - C:\WINDOWS\system32\rundll32.exe
[MD5.4209D345D5345C2349F21B1DFF85179E] - [04/06/2017 12:09:57] - |A| - [97792] - C:\WINDOWS\system32\runexehelper.exe
[MD5.8365AB6D399509E1822FD3E231A0835E] - [04/06/2017 12:10:50] - |A| - [72704] - C:\WINDOWS\system32\RunLegacyCPLElevated.exe
[MD5.399D5B573E913E132644A74BDED3F1D2] - [04/06/2017 12:10:11] - |A| - [58368] - C:\WINDOWS\system32\runonce.exe
[MD5.AF2FCAED4FD96D0EA7C92A8A2168F8C1] - [04/06/2017 12:09:57] - |A| - [8704] - C:\WINDOWS\system32\runscripthelper.exe
[MD5.68744469718B1221ACCDCFCAD2566C61] - [04/06/2017 12:09:24] - |A| - [77984] - C:\WINDOWS\system32\RuntimeBroker.exe
[MD5.D3E6E40D62FD15D16EF10948D83B03B1] - [04/06/2017 12:11:53] - |A| - [22528] - C:\WINDOWS\system32\rwinsta.exe
[MD5.5C47EE9B8B39CFFAFBFECCB2EAB04777] - [04/06/2017 12:09:57] - |A| - [76800] - C:\WINDOWS\system32\samcli.dll
[MD5.08A3366B1B6361E9115FA630DF21DF9E] - [04/06/2017 12:09:57] - |A| - [121344] - C:\WINDOWS\system32\samlib.dll
[MD5.7A0A5679A2D5F87E778C0FFDD83B1789] - [04/06/2017 12:09:57] - |A| - [891904] - C:\WINDOWS\system32\samsrv.dll
[MD5.AD6A6B9D7F851C9DCE162FF33144DE0A] - [04/06/2017 12:10:38] - |A| - [14336] - C:\WINDOWS\system32\sas.dll
[MD5.0E9256B211268125938E3CB25B93F961] - [04/06/2017 12:10:40] - |A| - [930304] - C:\WINDOWS\system32\sbe.dll
[MD5.30079223E6C3C72249C5C28C0440140C] - [04/06/2017 12:10:40] - |A| - [191488] - C:\WINDOWS\system32\sbeio.dll
[MD5.138E36C76D57907ED8F177B04510F560] - [04/06/2017 12:10:41] - |A| - [66048] - C:\WINDOWS\system32\sberes.dll
[MD5.D7C2EF89B1E01EE6CC11DD3C238210D5] - [04/06/2017 12:09:33] - |A| - [22528] - C:\WINDOWS\system32\sbservicetrigger.dll
[MD5.B6347B8C83C7C1652825E65A2E2F89CF] - [04/06/2017 12:09:37] - |A| - [68608] - C:\WINDOWS\system32\sc.exe
[MD5.D514FB3499DBA7817861C8E5B364B65B] - [04/06/2017 12:10:02] - |A| - [290816] - C:\WINDOWS\system32\scansetting.dll
[MD5.63FD3395697D79121C153D9DB510DFA7] - [04/06/2017 12:10:35] - |A| - [48640] - C:\WINDOWS\system32\SCardBi.dll
[MD5.E75A550E716F81C2FC54F9AFC7D83201] - [04/06/2017 12:10:35] - |A| - [82432] - C:\WINDOWS\system32\SCardDlg.dll
[MD5.1F4CC8C05DBD334FDE2DE18F6CCF5C21] - [04/06/2017 12:10:35] - |A| - [250880] - C:\WINDOWS\system32\SCardSvr.dll
[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - [04/06/2017 12:12:56] - |A| - [10429] - C:\WINDOWS\system32\ScavengeSpace.xml
[MD5.6F5B55305D2E6124AE6674A6EC8B0B57] - [04/06/2017 12:12:56] - |A| - [68608] - C:\WINDOWS\system32\scavengeui.dll
[MD5.F8927782CCEA2DDE4FCFA48806AFA415] - [04/06/2017 12:10:35] - |A| - [198144] - C:\WINDOWS\system32\ScDeviceEnum.dll
[MD5.52B8EAC8D50B39930EC2350CCA29CED8] - [04/06/2017 12:10:32] - |A| - [271360] - C:\WINDOWS\system32\scecli.dll
[MD5.CA3B9AE7DAD0C9A73A52E7DCA6B81A11] - [04/06/2017 12:10:32] - |A| - [504832] - C:\WINDOWS\system32\scesrv.dll
[MD5.1D5F29C7220A886AB8A8A85F4C467194] - [04/06/2017 12:09:55] - |A| - [477696] - C:\WINDOWS\system32\schannel.dll
[MD5.1E30E07AC3F255A1E10C8057614DCA9C] - [04/06/2017 12:09:55] - |A| - [25088] - C:\WINDOWS\system32\schedcli.dll
[MD5.38AFA27462EDDA60DCA8C868FA646857] - [04/06/2017 12:10:36] - |A| - [875520] - C:\WINDOWS\system32\schedsvc.dll
[MD5.2F24BC74DCB28FE032C1596755385917] - [04/06/2017 12:08:53] - |A| - [538] - C:\WINDOWS\system32\ScheduleTime_80.contrast-black.png
[MD5.E72B1B6800DE45AA9AE7E10F899E5999] - [04/06/2017 12:08:53] - |A| - [551] - C:\WINDOWS\system32\ScheduleTime_80.contrast-white.png
[MD5.2F24BC74DCB28FE032C1596755385917] - [04/06/2017 12:08:53] - |A| - [538] - C:\WINDOWS\system32\ScheduleTime_80.png
[MD5.F9F7990286C9512CE43286BA4337FB0A] - [04/06/2017 12:10:36] - |A| - [225280] - C:\WINDOWS\system32\schtasks.exe
[MD5.E6F6F793B0EEAFFF1664A17D0023D85A] - [04/06/2017 12:10:36] - |A| - [252416] - C:\WINDOWS\system32\scksp.dll
[MD5.143E520AABA2929EC1804E1BEFEA8542] - [04/06/2017 12:10:11] - |A| - [71168] - C:\WINDOWS\system32\scripto.dll
[MD5.72F50E0C3FA54B83F1A320FF69EF6611] - [04/06/2017 12:11:48] - |A| - [17744] - C:\WINDOWS\system32\ScriptRunner.exe
[MD5.561AEC4F010148DC962EB85D3293D1DF] - [04/06/2017 12:10:32] - |A| - [36864] - C:\WINDOWS\system32\scrnsave.scr
[MD5.4277935E7FDF3CF572D7591151DF7A4D] - [04/06/2017 12:10:32] - |A| - [222208] - C:\WINDOWS\system32\scrobj.dll
[MD5.86D5FB2F1046C43F79197DC0BE7EF229] - [04/06/2017 12:11:51] - |A| - [546304] - C:\WINDOWS\system32\scrptadm.dll
[MD5.E7DB35FDB0272BE376FF0B1774093E42] - [04/06/2017 12:10:32] - |A| - [193024] - C:\WINDOWS\system32\scrrun.dll
[MD5.2621DB01C6D641C42E54AA558FEE22AB] - [04/06/2017 12:09:43] - |A| - [23552] - C:\WINDOWS\system32\sdbinst.exe
[MD5.DCFE4299C8F6933EDD49ECA6201ED0C0] - [04/06/2017 12:12:40] - |A| - [49152] - C:\WINDOWS\system32\sdchange.exe
[MD5.26D4912B62F78883E57B5CB817B57198] - [04/06/2017 12:08:54] - |A| - [1211904] - C:\WINDOWS\system32\sdclt.exe
[MD5.64737F227B4F21D82F689A4ED39A0E50] - [04/06/2017 12:08:54] - |A| - [749056] - C:\WINDOWS\system32\sdcpl.dll
[MD5.3BFD35D77A3A38F7307B6B83177E01C7] - [04/06/2017 12:10:16] - |A| - [422912] - C:\WINDOWS\system32\SDDS.dll
[MD5.EE18D3D514BD15BBE07C1BA1F58208F7] - [04/06/2017 12:08:54] - |A| - [1178624] - C:\WINDOWS\system32\sdengin2.dll
[MD5.9A4F0DD830AC7496BD1EFD7E7F29765F] - [04/06/2017 12:09:17] - |A| - [31568] - C:\WINDOWS\system32\SDFHost.dll
[MD5.F76A83A4395791C8BBD9B45C3475577A] - [04/06/2017 12:10:03] - |A| - [35840] - C:\WINDOWS\system32\sdhcinst.dll
[MD5.943693DD59282742D3EC10518025A98A] - [04/06/2017 12:10:38] - |A| - [210432] - C:\WINDOWS\system32\sdiageng.dll
[MD5.C19ED8A770DBD03FA7AFE9013B9922CB] - [04/06/2017 12:10:38] - |A| - [24576] - C:\WINDOWS\system32\sdiagnhost.exe
[MD5.95B1124FA65ACC5D877421272B3AE7DF] - [04/06/2017 12:10:41] - |A| - [169472] - C:\WINDOWS\system32\sdiagprv.dll
[MD5.C4FF81479D418EC3EBF7D9985C4FA24D] - [04/06/2017 12:10:40] - |A| - [51200] - C:\WINDOWS\system32\sdiagschd.dll
[MD5.3914F77F03FA55B85B5C2622714F50FE] - [04/06/2017 12:10:02] - |A| - [535552] - C:\WINDOWS\system32\sdohlp.dll
[MD5.396CA70009E4E6D68132337D4FEE7022] - [04/06/2017 12:08:54] - |A| - [145408] - C:\WINDOWS\system32\sdrsvc.dll
[MD5.2501E3C88213E07387296A4CDDEFDFA8] - [04/06/2017 12:08:54] - |A| - [123392] - C:\WINDOWS\system32\sdshext.dll
[MD5.A99C87DF207E62B19A613A4284334F3F] - [04/06/2017 12:09:29] - |A| - [388096] - C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
[MD5.7CC1A41945967206B32F82DADD3F2A7C] - [04/06/2017 12:09:29] - |A| - [222720] - C:\WINDOWS\system32\SearchFilterHost.exe
[MD5.B5187AC3120068405823821B07894758] - [04/06/2017 12:10:32] - |A| - [388096] - C:\WINDOWS\system32\SearchFolder.dll
[MD5.BA1FF997AB56507FC13262A07A9DD1A0] - [04/06/2017 12:09:29] - |A| - [967680] - C:\WINDOWS\system32\SearchIndexer.exe
[MD5.BE5032BB83CE89B96FF109827F346F68] - [04/06/2017 12:09:29] - |A| - [370176] - C:\WINDOWS\system32\SearchProtocolHost.exe
[MD5.7F85EC8C9A07FD9AFB9B6E44E41708B9] - [04/06/2017 12:09:21] - |A| - [60416] - C:\WINDOWS\system32\SebBackgroundManagerPolicy.dll
[MD5.C9CB5376C17E76905BF27A2E7FDF8954] - [04/06/2017 12:10:29] - |A| - [1037648] - C:\WINDOWS\system32\SecConfig.efi
[MD5.98F9D92992251CE77C70FD201CEDA255] - [04/06/2017 12:10:32] - |A| - [39936] - C:\WINDOWS\system32\SecEdit.exe
[MD5.FEE91915F249BA611D9A5616C4AD5883] - [04/06/2017 12:09:57] - |A| - [363632] - C:\WINDOWS\system32\sechost.dll
[MD5.A569045381F4D0CED5E1357C654BF3FA] - [04/06/2017 12:10:11] - |A| - [10240] - C:\WINDOWS\system32\secinit.exe
[MD5.5C417641728380D223276CC46F42A450] - [04/06/2017 12:10:24] - |A| - [30720] - C:\WINDOWS\system32\seclogon.dll
[MD5.2BC2546831B054680C6F59888F295E44] - [04/06/2017 12:11:51] - |A| - [120458] - C:\WINDOWS\system32\secpol.msc
[MD5.D23C6310C8D5BEA6B32BCA1AEAF26E5A] - [04/06/2017 12:10:46] - |A| - [393728] - C:\WINDOWS\system32\secproc.dll
[MD5.D4DE1093360C39351A9103B87307BE70] - [04/06/2017 12:10:47] - |A| - [393216] - C:\WINDOWS\system32\secproc_isv.dll
[MD5.14835A1C3F70821C9856FBD01B6D4675] - [04/06/2017 12:10:47] - |A| - [110592] - C:\WINDOWS\system32\secproc_ssp.dll
[MD5.A54EFA17D3F9770318B023E7406116CB] - [04/06/2017 12:10:49] - |A| - [110592] - C:\WINDOWS\system32\secproc_ssp_isv.dll
[MD5.0A6111C83AACD44F71A2A2E4A041C214] - [04/06/2017 12:10:24] - |A| - [27648] - C:\WINDOWS\system32\secur32.dll
[MD5.79D1F1C5B46F0944F6E95CD5ACA996A3] - [04/06/2017 12:11:42] - |RA| - [156160] - C:\WINDOWS\system32\SecureAssessmentHandlers.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [7088] - C:\WINDOWS\system32\SecureBootUpdates
[MD5.8DF1A515162BF297A03FE99FAF8B5F97] - [04/06/2017 12:09:18] - |A| - [601424] - C:\WINDOWS\system32\securekernel.exe
[MD5.CA76D813552D3F7F36EE6E727D767D0A] - [04/06/2017 12:10:47] - |A| - [93696] - C:\WINDOWS\system32\SecureTimeAggregator.dll
[MD5.BD0678BC235516AB1F3E97C4A3BACC58] - [04/06/2017 12:10:24] - |A| - [5120] - C:\WINDOWS\system32\security.dll
[MD5.BEB5DD400AA25251E6C1A6F10635682D] - [04/06/2017 12:10:02] - |A| - [5783] - C:\WINDOWS\system32\SecurityAndMaintenance.png
[MD5.5633300FF98F8582E653D94D0BD811CB] - [04/06/2017 12:10:02] - |A| - [2613] - C:\WINDOWS\system32\SecurityAndMaintenance_Alert.png
[MD5.1382CE1BD44FA02B6C58580B02AEFA9C] - [04/06/2017 12:10:02] - |A| - [6873] - C:\WINDOWS\system32\SecurityAndMaintenance_Error.png
[MD5.544AE7D1F8E91AA416C43D6B2EAF676B] - [04/06/2017 12:10:50] - |A| - [170320] - C:\WINDOWS\system32\SecurityHealthAgent.dll
[MD5.F4B844DF8F221EC7AB4ACA84B4259275] - [04/06/2017 12:10:50] - |A| - [35664] - C:\WINDOWS\system32\SecurityHealthBatteryAlertsManager.dll
[MD5.1058D0F616091746F5B5E67C424F5107] - [04/06/2017 12:10:50] - |A| - [68432] - C:\WINDOWS\system32\SecurityHealthProxyStub.dll
[MD5.004E7240B2E3181F24C3F9B6602D8157] - [04/06/2017 12:10:50] - |A| - [391056] - C:\WINDOWS\system32\SecurityHealthService.exe
[MD5.4B8713912325E470B064069756B881AF] - [04/06/2017 12:09:43] - |A| - [811520] - C:\WINDOWS\system32\SecurityHealthSSO.dll
[MD5.B89245D95020D00EB592376248ADD035] - [04/06/2017 12:09:29] - |A| - [37376] - C:\WINDOWS\system32\SEMgrPS.dll
[MD5.0D8749004F9E3C1262ABEEAD79997BD5] - [04/06/2017 12:09:25] - |A| - [1224192] - C:\WINDOWS\system32\SEMgrSvc.dll
[MD5.819AC7B26851405487398C877F809A5B] - [04/06/2017 12:09:25] - |A| - [26112] - C:\WINDOWS\system32\SEMgrSvcPAL.dll
[MD5.679847E30CFB2909C91610E5113530E0] - [04/06/2017 12:10:11] - |A| - [138240] - C:\WINDOWS\system32\sendmail.dll
[MD5.E36C657EDD6A240187046242F1313013] - [04/06/2017 12:10:32] - |A| - [73728] - C:\WINDOWS\system32\Sens.dll
[MD5.AC185BB6F6EFCD0778BF879E5EABBE33] - [04/06/2017 12:10:32] - |A| - [14336] - C:\WINDOWS\system32\SensApi.dll
[MD5.8A9870026ED660FD23904BEB51FF5B0D] - [04/06/2017 12:11:37] - |A| - [21504] - C:\WINDOWS\system32\SensorCustomAdbAlgorithm.dll
[MD5.9F3C160743F59F028E264301336C8608] - [04/06/2017 12:10:29] - |A| - [1288704] - C:\WINDOWS\system32\SensorDataService.exe
[MD5.E5283F30650077EC42C156AE76E2E5F4] - [04/06/2017 12:11:37] - |A| - [27648] - C:\WINDOWS\system32\SensorPerformanceEvents.dll
[MD5.7AA35417C256B0470E70CFFE8F068000] - [04/06/2017 12:11:37] - |A| - [425984] - C:\WINDOWS\system32\SensorsApi.dll
[MD5.25390AB3289B54CA41AA957F36740A1F] - [04/06/2017 12:11:37] - |A| - [135168] - C:\WINDOWS\system32\SensorsClassExtension.dll
[MD5.253750C88488A54B70978D82256FC39F] - [04/06/2017 12:11:37] - |A| - [1311744] - C:\WINDOWS\system32\SensorsCpl.dll
[MD5.2F6DB65989911A1CDD191FC14B0F0986] - [04/06/2017 12:09:34] - |A| - [549888] - C:\WINDOWS\system32\SensorService.dll
[MD5.9480DD3C22F42D9AFC5EEAD77EE9B618] - [04/06/2017 12:09:34] - |A| - [58968] - C:\WINDOWS\system32\SensorsNativeApi.dll
[MD5.F4156DAB1280FD30FA2E9F0D08249A98] - [04/06/2017 12:09:34] - |A| - [115200] - C:\WINDOWS\system32\SensorsNativeApi.V2.dll
[MD5.E996570C494A9330FFD272EEA8D2C9DB] - [04/06/2017 12:09:34] - |A| - [48624] - C:\WINDOWS\system32\SensorsUtilsV2.dll
[MD5.DCBEA874B56DD09BB943DAC74E700278] - [04/06/2017 12:11:37] - |A| - [206336] - C:\WINDOWS\system32\sensrsvc.dll
[MD5.D20F937483F0C9C2B6909D493E976A1A] - [04/06/2017 12:10:42] - |A| - [18432] - C:\WINDOWS\system32\serialui.dll
[MD5.E872B7C333CB3366D439DA21D93D26EE] - [04/06/2017 12:09:57] - |A| - [611600] - C:\WINDOWS\system32\services.exe
[MD5.2D8D95469EC26AAA986AAD1CE424E631] - [04/06/2017 12:10:33] - |A| - [92746] - C:\WINDOWS\system32\services.msc
[MD5.2A7A74E8C6F90C834616BA37037FD5B6] - [04/06/2017 12:09:49] - |A| - [59392] - C:\WINDOWS\system32\ServiceWorkerHost.exe
[MD5.4BC5548A7DEA2C8E22914EA59CC2994E] - [04/06/2017 12:10:38] - |A| - [24064] - C:\WINDOWS\system32\serwvdrv.dll
[MD5.2ABE662C2EA8D10D9C2DB8DAA3F1C525] - [04/06/2017 12:10:40] - |A| - [387072] - C:\WINDOWS\system32\SessEnv.dll
[MD5.B3223C1FA5EF3B0C4440142CE61219D6] - [04/06/2017 12:10:40] - |A| - [70272] - C:\WINDOWS\system32\sessionmsg.exe
[MD5.5B5625CAF1941593B6CF006E31BC77A9] - [04/06/2017 12:10:42] - |A| - [80384] - C:\WINDOWS\system32\setbcdlocale.dll
[MD5.397F7E616C80155DB763D88B6400B500] - [04/06/2017 12:09:43] - |A| - [273408] - C:\WINDOWS\system32\sethc.exe
[MD5.41D55DBE4662BF880E802B37AD7FDC66] - [04/06/2017 12:10:27] - |A| - [26112] - C:\WINDOWS\system32\SetNetworkLocation.dll
[MD5.33DC67A60C75D8D2F6D4FCA2A6B108F9] - [04/06/2017 12:10:27] - |A| - [36864] - C:\WINDOWS\system32\SetNetworkLocationFlyout.dll
[MD5.895D984E4C01496B7A7F72A3AFAD330D] - [04/06/2017 12:10:27] - |A| - [35328] - C:\WINDOWS\system32\SetProxyCredential.dll
[MD5.184D1E8F10F8D17340335A5D4828CC7C] - [04/06/2017 12:10:32] - |A| - [29184] - C:\WINDOWS\system32\setspn.exe
[MD5.12F54D29C70BEAF9ACA27EC2EC1BABFD] - [04/06/2017 12:10:49] - |A| - [198656] - C:\WINDOWS\system32\SettingMonitor.dll
[MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - [04/06/2017 12:10:44] - |A| - [8192] - C:\WINDOWS\system32\settings.dat
[MD5.D28243FED496DBC6F2648F436A6AD045] - [04/06/2017 12:09:37] - |A| - [371712] - C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
[MD5.1EBC2935137F510A4C8727E975350E92] - [04/06/2017 12:10:27] - |A| - [139776] - C:\WINDOWS\system32\SettingsExtensibilityHandlers.dll
[MD5.AB76F45FE78DE41C28CE9E235DDD6DD0] - [04/06/2017 12:09:43] - |A| - [98816] - C:\WINDOWS\system32\SettingsHandlers_AppControl.dll
[MD5.62F3FC97F1F6D28F328EAE0B6A8370B2] - [04/06/2017 12:10:24] - |A| - [254976] - C:\WINDOWS\system32\SettingsHandlers_BatteryUsage.dll
[MD5.FE6443E82C9FB4841679415C38C417B2] - [04/06/2017 12:09:24] - |A| - [135168] - C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
[MD5.6739EBBE0911B98DF21DDCC7DF823D15] - [04/06/2017 12:10:47] - |A| - [137728] - C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
[MD5.5A81E504B288C33DEA0A77AF75824646] - [04/06/2017 12:09:47] - |A| - [106496] - C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
[MD5.F77C593A0BD3F0164E43ABF129A64213] - [04/06/2017 12:09:49] - |A| - [201216] - C:\WINDOWS\system32\SettingsHandlers_Cortana.dll
[MD5.60FCB5390F3ADA3A7A98A40B34938602] - [04/06/2017 12:09:40] - |A| - [619520] - C:\WINDOWS\system32\SettingsHandlers_Devices.dll
[MD5.CC7C2FFEFBD34FC6EB71C35DF23F4E69] - [04/06/2017 12:09:43] - |A| - [468480] - C:\WINDOWS\system32\SettingsHandlers_Display.dll
[MD5.76440F37106AE98D980BF21200A87502] - [04/06/2017 12:10:47] - |A| - [312832] - C:\WINDOWS\system32\SettingsHandlers_Flights.dll
[MD5.9868D4E06F939F0572896E39B03916B8] - [04/06/2017 12:10:24] - |A| - [141312] - C:\WINDOWS\system32\SettingsHandlers_Fonts.dll
[MD5.30691F87BAEAF3D5072F07BF646C397E] - [04/06/2017 12:09:42] - |A| - [301568] - C:\WINDOWS\system32\SettingsHandlers_Gaming.dll
[MD5.5EE62D5F508FC793E36E1E872C768DC3] - [04/06/2017 12:09:30] - |A| - [194560] - C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
[MD5.FD9ED85973B60BD6C265170055932AC1] - [04/06/2017 12:10:47] - |A| - [274432] - C:\WINDOWS\system32\SettingsHandlers_Maps.dll
[MD5.35B7BDC47F7D9D47E6D3A0A844B2A6BC] - [04/06/2017 12:09:49] - |A| - [294912] - C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
[MD5.AEE33E6AA8BD895CFECF2AD61B71AFA8] - [04/06/2017 12:10:24] - |A| - [4561920] - C:\WINDOWS\system32\SettingsHandlers_nt.dll
[MD5.F253C9307924429741FBD1D855D57A8B] - [04/06/2017 12:10:47] - |A| - [187904] - C:\WINDOWS\system32\SettingsHandlers_OneCore_BatterySaver.dll
[MD5.562C54E2957288A20360371D090BFF22] - [04/06/2017 12:09:39] - |A| - [458752] - C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
[MD5.02325E18FCE6E33A9DF9BAB5705FEA18] - [04/06/2017 12:09:29] - |A| - [228352] - C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
[MD5.850307721F3AC17B6BDD03D3B8C36B41] - [04/06/2017 12:09:43] - |A| - [113152] - C:\WINDOWS\system32\SettingsHandlers_QuickActions.dll
[MD5.B907D6B7DD6FD90C4E40D6DC349FFDB8] - [04/06/2017 12:09:21] - |A| - [133632] - C:\WINDOWS\system32\SettingsHandlers_SharedExperiences_Rome.dll
[MD5.5098CA96BC1A417806BD957A65D11566] - [04/06/2017 12:09:40] - |A| - [249856] - C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
[MD5.C9AE9321A5D200E828DDCA1DBD7B959D] - [04/06/2017 12:10:47] - |A| - [138240] - C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
[MD5.C7E2A67666F9DB8DFC18471172DA00B3] - [04/06/2017 12:10:47] - |A| - [643408] - C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
[MD5.90C6FBC389640A6D48567A34BF2A2A99] - [04/06/2017 12:10:40] - |A| - [119856] - C:\WINDOWS\system32\SettingsHandlers_Troubleshoot.dll
[MD5.EFABB43D214395860BDAB54D7A4735B2] - [04/06/2017 12:09:39] - |A| - [513536] - C:\WINDOWS\system32\SettingsHandlers_User.dll
[MD5.B0FD00A8EF83878A89A4E67399AD92BE] - [04/06/2017 12:10:47] - |A| - [381952] - C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
[MD5.02C111ED93CF0A07B18D6B05378E5B85] - [04/06/2017 12:10:47] - |A| - [319488] - C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
[MD5.04CE20DC1A5515D3D034308FD87B08A6] - [04/06/2017 12:10:49] - |A| - [527360] - C:\WINDOWS\system32\SettingSync.dll
[MD5.25F6065AD8F8DB4892E2D0A115DAEED8] - [04/06/2017 12:09:21] - |A| - [1150464] - C:\WINDOWS\system32\SettingSyncCore.dll
[MD5.4A01F0C09CD385BF1370DEB079855FF7] - [04/06/2017 12:09:21] - |A| - [972624] - C:\WINDOWS\system32\SettingSyncHost.exe
[MD5.751504BE72BC50233376EC8077355360] - [04/06/2017 12:10:49] - |A| - [88576] - C:\WINDOWS\system32\SettingSyncPolicy.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [1087984] - C:\WINDOWS\system32\setup
[MD5.215E20D643EC7D776BBB077F1FAC309A] - [04/06/2017 12:10:27] - |A| - [4459992] - C:\WINDOWS\system32\setupapi.dll
[MD5.42CCA9CC4BF0677DF439A5ADF2FBF603] - [04/06/2017 12:09:54] - |A| - [102912] - C:\WINDOWS\system32\setupcl.exe
[MD5.FFBE40E5CA29951A9B5ABAB6C12B8F0C] - [04/06/2017 12:10:29] - |A| - [111104] - C:\WINDOWS\system32\setupcln.dll
[MD5.25FD36846837AE2A9FFF4DC6B1DAA8D1] - [04/06/2017 12:10:32] - |A| - [15184] - C:\WINDOWS\system32\setupetw.dll
[MD5.6A6D546F92ED7E1C4B91161A9C99C70A] - [04/06/2017 12:09:54] - |A| - [127488] - C:\WINDOWS\system32\setupugc.exe
[MD5.F930BD0DBFDD08AEAFD55B2260A47B01] - [04/06/2017 12:09:37] - |A| - [54784] - C:\WINDOWS\system32\setx.exe
[MD5.A65FA51CD52B22428E3764BEF1D2A6FD] - [04/06/2017 12:10:42] - |A| - [3072] - C:\WINDOWS\system32\sfc.dll
[MD5.2FF4C3DBECEC2B7745937AFB15986CC2] - [04/06/2017 12:09:21] - |A| - [41472] - C:\WINDOWS\system32\sfc.exe
[MD5.99EA955B2E2C15C095D7A50D2E67356B] - [04/06/2017 12:10:42] - |A| - [48128] - C:\WINDOWS\system32\sfc_os.dll
[MD5.BEBD81D08A633A3FD4A0AAFA0599B1EF] - [04/06/2017 12:09:54] - |A| - [137216] - C:\WINDOWS\system32\shacct.dll
[MD5.C7BA638B0329E75CDBA8C6B4CDFD139D] - [04/06/2017 12:09:54] - |A| - [68608] - C:\WINDOWS\system32\shacctprofile.dll
[MD5.593540E5D6F439F60305292683696BD5] - [04/06/2017 12:09:39] - |A| - [202240] - C:\WINDOWS\system32\SharedPCCSP.dll
[MD5.92B8D560280AFFFFFBA923D8A64CABF2] - [04/06/2017 12:10:47] - |A| - [367104] - C:\WINDOWS\system32\SharedRealitySvc.dll
[MD5.F8DDC6E09D4AA663437A63FBCDC94108] - [04/06/2017 12:10:50] - |A| - [1209344] - C:\WINDOWS\system32\SharedStartModel.dll
[MD5.75396947DE3EDC5BD9B2E0EC5CBBCC6B] - [04/06/2017 12:09:25] - |A| - [30720] - C:\WINDOWS\system32\SharedStartModelShim.dll
[MD5.1823BFFE5BB4DF62562B196620355729] - [04/06/2017 12:09:25] - |A| - [1291264] - C:\WINDOWS\system32\ShareHost.dll
[MD5.D3897882C948E55912277F09E4A04FC4] - [04/06/2017 12:09:08] - |A| - [241152] - C:\WINDOWS\system32\sharemediacpl.dll
[MD5.545AA66995DD095E1B698AFED9F9846B] - [04/06/2017 12:09:43] - |A| - [681328] - C:\WINDOWS\system32\SHCore.dll
[MD5.A3CFB7A0E1130A2E846BD9073FD948FF] - [04/06/2017 12:10:32] - |A| - [247296] - C:\WINDOWS\system32\shdocvw.dll
[MD5.58CC12F105D9E69695D9DD4B4113AC11] - [04/06/2017 12:10:32] - |A| - [21316480] - C:\WINDOWS\system32\shell32.dll
[MD5.03BE3DD62E8CDDB86DD94C10348F0BBD] - [04/06/2017 12:09:43] - |A| - [202752] - C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
[MD5.23A8813F003515379D4AA9527433FDC5] - [04/06/2017 12:10:36] - |A| - [1155584] - C:\WINDOWS\system32\shellstyle.dll
[MD5.C16604788AB375AEC8DD16DA9E703176] - [04/06/2017 12:10:33] - |A| - [10752] - C:\WINDOWS\system32\shfolder.dll
[MD5.B577760421AFFB2A2D9DD421017F9F3D] - [04/06/2017 12:10:07] - |A| - [28160] - C:\WINDOWS\system32\shgina.dll
[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - [04/06/2017 12:10:36] - |A| - [16740] - C:\WINDOWS\system32\ShiftJIS.uce
[MD5.E9932BBA7E5FC9A5374D4F7B4DBC0FB9] - [04/06/2017 12:09:43] - |A| - [7680] - C:\WINDOWS\system32\shimeng.dll
[MD5.073E6778A52FBCCCFE2C86CDA054A68C] - [04/06/2017 12:10:32] - |A| - [31744] - C:\WINDOWS\system32\shimgvw.dll
[MD5.6216E1F447F86F48A107A73B0F88683B] - [04/06/2017 12:10:32] - |A| - [323856] - C:\WINDOWS\system32\shlwapi.dll
[MD5.0ACF0D6FFF98AA29D6C75E916D92A8C8] - [04/06/2017 12:10:11] - |A| - [20480] - C:\WINDOWS\system32\shpafact.dll
[MD5.8C92AF0CCB7AD26E08906C4F33504813] - [04/06/2017 12:10:24] - |A| - [402944] - C:\WINDOWS\system32\shrpubw.exe
[MD5.A2D9ED954A2A1BC40183B5C0B4C3FAC6] - [04/06/2017 12:09:54] - |A| - [135680] - C:\WINDOWS\system32\shsetup.dll
[MD5.38F34804CD25E5B7FDC10D0B0142D939] - [04/06/2017 12:10:02] - |A| - [612864] - C:\WINDOWS\system32\shsvcs.dll
[MD5.E993234F306813E111C6ADE4772EA1E0] - [04/06/2017 12:10:29] - |A| - [23040] - C:\WINDOWS\system32\shunimpl.dll
[MD5.704310ADC17697682701FA181BB593C6] - [04/06/2017 12:10:03] - |A| - [26624] - C:\WINDOWS\system32\shutdown.exe
[MD5.6F0F63081DE2C8B922D0C4DC1CBF65B4] - [04/06/2017 12:10:02] - |A| - [29696] - C:\WINDOWS\system32\shutdownext.dll
[MD5.5E93C03BE775488B5529F5A8753EE42B] - [04/06/2017 12:10:00] - |A| - [236032] - C:\WINDOWS\system32\shutdownux.dll
[MD5.A4AD45A76C57C12EC68DDA18AD06A4AC] - [04/06/2017 12:10:32] - |A| - [452608] - C:\WINDOWS\system32\shwebsvc.dll
[MD5.E5096BD12DB7C0D939C72F7DE8850B7C] - [04/06/2017 12:10:47] - |A| - [52736] - C:\WINDOWS\system32\signdrv.dll
[MD5.26AC2D0DD6BA4CF8FED0195FFEA7586C] - [04/06/2017 12:10:27] - |A| - [74752] - C:\WINDOWS\system32\sigverif.exe
[MD5.95B97F6F9A46DEDDE5D405F2338DF2C6] - [04/06/2017 12:09:21] - |A| - [228864] - C:\WINDOWS\system32\SIHClient.exe
[MD5.DD104B5645AA541CF80E423DBA2EEF63] - [04/06/2017 12:09:25] - |A| - [78336] - C:\WINDOWS\system32\sihost.exe
[MD5.410CEA4BAE0F1F3F6BE6B46B814DBA10] - [04/06/2017 12:10:47] - |A| - [157184] - C:\WINDOWS\system32\SimAuth.dll
[MD5.FEB29CEA7016080072A246B1AB148D68] - [04/06/2017 12:10:47] - |A| - [103424] - C:\WINDOWS\system32\SimCfg.dll
[MD5.BCB4A8B210D83F14687BD2B6A9253F30] - [04/06/2017 12:10:14] - |A| - [8192] - C:\WINDOWS\system32\simpdata.tlb
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [259584] - C:\WINDOWS\system32\sk-SK
[MD5.F070DDAD10F52D52346A088AAC5ACC55] - [04/06/2017 12:09:18] - |A| - [181504] - C:\WINDOWS\system32\skci.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [255488] - C:\WINDOWS\system32\sl-SI
[MD5.D57A50D80B6A3ADCE7D0BE80E247A364] - [04/06/2017 12:10:36] - |A| - [134144] - C:\WINDOWS\system32\slc.dll
[MD5.9A3EEE2F1F4FC82BEC01AC74706CB785] - [04/06/2017 12:10:36] - |A| - [21504] - C:\WINDOWS\system32\slcext.dll
[MD5.00000000000000000000000000000000] - [12/06/2017 10:57:17] - |D| - [3743163] - C:\WINDOWS\system32\SleepStudy
[MD5.CECC3370CAF38F38BA9FFA9BB9EA4D22] - [04/06/2017 12:10:49] - |A| - [15528] - C:\WINDOWS\system32\SlideToShutDown.exe
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:45] - |D| - [53396] - C:\WINDOWS\system32\slmgr
[MD5.3903BCAB32A4A853DFA54962112D4D02] - [04/06/2017 12:10:36] - |A| - [142904] - C:\WINDOWS\system32\slmgr.vbs
[MD5.DBF0478B12A8F532AFC52045B22E29A2] - [04/06/2017 12:10:00] - |A| - [179200] - C:\WINDOWS\system32\slr100.dll
[MD5.F3A9F7D191E1D92396FC12D9A18E671D] - [04/06/2017 12:10:36] - |A| - [446976] - C:\WINDOWS\system32\slui.exe
[MD5.39266173AEE2A2C86360E474BBA2ED47] - [04/06/2017 12:10:36] - |A| - [73216] - C:\WINDOWS\system32\slwga.dll
[MD5.DAC275ABAAD2B689D7BB3685E4032072] - [04/06/2017 12:09:18] - |A| - [69788] - C:\WINDOWS\system32\SmallRoom.bin
[MD5.B46A60E3A580E221ABE79A00AA4BFAB3] - [04/06/2017 12:09:25] - |A| - [63488] - C:\WINDOWS\system32\SmartCardBackgroundPolicy.dll
[MD5.2F217745015E28E08E2969939A9C6F38] - [04/06/2017 12:10:36] - |A| - [899072] - C:\WINDOWS\system32\SmartcardCredentialProvider.dll
[MD5.BDF6F889D25E8628704E451F12CCD4F9] - [04/06/2017 12:10:36] - |A| - [714752] - C:\WINDOWS\system32\SmartCardSimulator.dll
[MD5.0A71615F0742BF30374D79222EB3AB49] - [04/06/2017 12:09:25] - |A| - [2408448] - C:\WINDOWS\system32\smartscreen.dll
[MD5.79FCEA3E6CA32ECFE6066E1FDEEB88F6] - [04/06/2017 12:09:25] - |A| - [44544] - C:\WINDOWS\system32\smartscreen.exe
[MD5.568E807CAC7A9C8799999F66F33E4C4B] - [04/06/2017 12:09:25] - |A| - [223232] - C:\WINDOWS\system32\smartscreenps.dll
[MD5.D7ED957F1BB3661D97F13663A5E708AA] - [04/06/2017 12:10:32] - |A| - [110592] - C:\WINDOWS\system32\SMBHelperClass.dll
[MD5.7F818970B65F940B24244EC4B9696CB7] - [04/06/2017 12:10:32] - |A| - [216576] - C:\WINDOWS\system32\smbwmiv2.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 10:16:43] - |D| - [12919831] - C:\WINDOWS\system32\SMI
[MD5.FEC83FAC0BADD0842C0A85931869B511] - [04/06/2017 10:16:45] - |A| - [844112] - C:\WINDOWS\system32\SmiEngine.dll
[MD5.45EA5803093ED5BBD715E895AAE24998] - [04/06/2017 12:09:40] - |A| - [23552] - C:\WINDOWS\system32\smphost.dll
[MD5.EEFBC97981B55E0EF48EFEA3A4A69891] - [04/06/2017 12:10:16] - |A| - [22016] - C:\WINDOWS\system32\SmsDeviceAccessRevocation.dll
[MD5.CAEABAF83396B273D9F0F895C05117B6] - [04/06/2017 12:10:13] - |A| - [70144] - C:\WINDOWS\system32\SMSRouter.dll
[MD5.3E6E790F41F8B0A1C40E18953A3CA008] - [04/06/2017 12:10:49] - |A| - [585728] - C:\WINDOWS\system32\SmsRouterSvc.dll
[MD5.0568244FFA9C0BB3073559311B590F68] - [04/06/2017 12:09:57] - |A| - [139488] - C:\WINDOWS\system32\smss.exe
[MD5.B8EE2477142F5A39AC1EAB1CC1C903AE] - [04/06/2017 12:09:49] - |A| - [256760] - C:\WINDOWS\system32\SndVol.exe
[MD5.F292BF0791A506AD8D307C3A700A7685] - [04/06/2017 12:09:49] - |A| - [736256] - C:\WINDOWS\system32\SndVolSSO.dll
[MD5.F33BFBFE63FB99AE3982DBA06EBE72BB] - [04/06/2017 12:11:37] - |A| - [3161600] - C:\WINDOWS\system32\SnippingTool.exe
[MD5.A142C7247210FDC3834F964E4AAF15BB] - [04/06/2017 12:09:34] - |A| - [32768] - C:\WINDOWS\system32\snmpapi.dll
[MD5.BF82051F27B8BC8DDCE672393AF449BF] - [04/06/2017 12:10:33] - |A| - [15360] - C:\WINDOWS\system32\snmptrap.exe
[MD5.55121989BE7B289813D419BA0FDEE8B7] - [04/06/2017 12:08:53] - |A| - [925] - C:\WINDOWS\system32\Snooze_80.contrast-black.png
[MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - [04/06/2017 12:08:53] - |A| - [901] - C:\WINDOWS\system32\Snooze_80.contrast-white.png
[MD5.55121989BE7B289813D419BA0FDEE8B7] - [04/06/2017 12:08:53] - |A| - [925] - C:\WINDOWS\system32\Snooze_80.png
[MD5.8C70453AE0CD95266F8B66971BF05EC3] - [04/06/2017 12:09:34] - |A| - [139264] - C:\WINDOWS\system32\socialapis.dll
[MD5.98D70B9C442138C7D00D2A431BBE48CD] - [04/06/2017 12:10:35] - |A| - [158208] - C:\WINDOWS\system32\softkbd.dll
[MD5.1484553F80437309804470BAEFD675BE] - [04/06/2017 12:10:00] - |A| - [10752] - C:\WINDOWS\system32\softpub.dll
[MD5.DA0F6B68F7DCABD67DC86C22E411AB64] - [04/06/2017 12:09:37] - |A| - [24576] - C:\WINDOWS\system32\sort.exe
[MD5.7607B63769983064EEF5224235A5CA32] - [04/06/2017 12:10:11] - |A| - [46080] - C:\WINDOWS\system32\SortServer2003Compat.dll
[MD5.F02620977C504C76BE13857CE7308F04] - [04/06/2017 12:10:11] - |A| - [50688] - C:\WINDOWS\system32\SortWindows61.dll
[MD5.3D6DC77264021F864C52BB65C7495831] - [04/06/2017 12:10:11] - |A| - [71168] - C:\WINDOWS\system32\SortWindows6Compat.dll
[MD5.66A04203D03A3FC65721922949057E4A] - [04/06/2017 12:10:47] - |A| - [131072] - C:\WINDOWS\system32\SpaceAgent.exe
[MD5.2E74D7C555A7D51A2B534373D931C173] - [04/06/2017 12:09:43] - |A| - [9216] - C:\WINDOWS\system32\spacebridge.dll
[MD5.8457FBE0F2B1A1EE244FD8613FAD04AE] - [04/06/2017 12:10:47] - |A| - [622592] - C:\WINDOWS\system32\SpaceControl.dll
[MD5.B0FC72E7EC5BEF984E21DFF97E5D1063] - [04/06/2017 12:09:40] - |A| - [34816] - C:\WINDOWS\system32\spaceman.exe
[MD5.03B16029EAFC80565ACC4A5F43452281] - [04/06/2017 12:09:17] - |A| - [356352] - C:\WINDOWS\system32\SpatializerApo.dll
[MD5.18FF1103389A794F8FF64872301430E0] - [04/06/2017 12:11:39] - |A| - [259584] - C:\WINDOWS\system32\SpatialStore.dll
[MD5.9CE8FDB6DB97AF84286EF5D86EA1DBD0] - [04/06/2017 12:10:35] - |A| - [94720] - C:\WINDOWS\system32\spbcd.dll
[MD5.BE3B5DBD242FC8E517DFEBCAB5EAEB50] - [04/06/2017 12:10:36] - |A| - [96768] - C:\WINDOWS\system32\spcompat.dll
[MD5.7CE73A80182B154502FFA519DCAAE15B] - [04/06/2017 12:10:47] - |A| - [1132032] - C:\WINDOWS\system32\Spectrum.exe
[MD5.093DA88CC824923845A96BF261EFF064] - [04/06/2017 12:10:49] - |A| - [37888] - C:\WINDOWS\system32\SpectrumSyncClient.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [7663440] - C:\WINDOWS\system32\Speech
[MD5.535D13ADBBF742FE36131AD9FB9BAF89] - [04/06/2017 12:08:52] - |A| - [1616896] - C:\WINDOWS\system32\SpeechPal.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [12695715] - C:\WINDOWS\system32\Speech_OneCore
[MD5.0325F7EB19096D820BBA3EAB0D1B4284] - [04/06/2017 12:10:24] - |A| - [100864] - C:\WINDOWS\system32\spfileq.dll
[MD5.52FA47751B615294424D8B7789CC362B] - [04/06/2017 12:10:24] - |A| - [103936] - C:\WINDOWS\system32\spinf.dll
[MD5.27F7828DCBD96DF609C636F1F22B4C80] - [04/06/2017 12:10:36] - |A| - [10752] - C:\WINDOWS\system32\spmpm.dll
[MD5.C017EEF8599F6E98216DCF876992B310] - [04/06/2017 12:10:35] - |A| - [11776] - C:\WINDOWS\system32\spnet.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [212872736] - C:\WINDOWS\system32\spool
[MD5.1F0093A4B00825137E82C296CCE23D1F] - [04/06/2017 12:10:46] - |A| - [91648] - C:\WINDOWS\system32\spoolss.dll
[MD5.0C84C52C0F669E9B57D2BE268CABC2EA] - [04/06/2017 12:10:47] - |A| - [759808] - C:\WINDOWS\system32\spoolsv.exe
[MD5.3A25743942E206A66DA50A010FB02F61] - [04/06/2017 12:10:35] - |A| - [136192] - C:\WINDOWS\system32\spopk.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [15802234] - C:\WINDOWS\system32\spp
[MD5.400CB39C39EA3EC77410E9B0E220F757] - [04/06/2017 12:08:54] - |A| - [271360] - C:\WINDOWS\system32\spp.dll
[MD5.81A591367DB9A2FEF1FA52B98D80AFCA] - [04/06/2017 12:10:36] - |A| - [134656] - C:\WINDOWS\system32\sppc.dll
[MD5.6395E6017D89EBD926BAD0DDECAC4174] - [04/06/2017 12:10:36] - |A| - [485888] - C:\WINDOWS\system32\sppcext.dll
[MD5.674BC5D4C629FEF3557A5D79B4F47609] - [04/06/2017 12:10:36] - |A| - [414208] - C:\WINDOWS\system32\sppcomapi.dll
[MD5.CD2FF11BDE5F77C52FE2D94D98C85CAB] - [04/06/2017 12:10:36] - |A| - [312832] - C:\WINDOWS\system32\sppcommdlg.dll
[MD5.960FCA3E4843507411BFD48F53E76C51] - [04/06/2017 12:10:33] - |A| - [576512] - C:\WINDOWS\system32\SppExtComObj.Exe
[MD5.8B2AADF1E7A134188965F6215ED7172C] - [04/06/2017 12:10:36] - |A| - [38224] - C:\WINDOWS\system32\sppinst.dll
[MD5.89A07BE3751E0673D2E80995529B896F] - [04/06/2017 12:10:24] - |A| - [179712] - C:\WINDOWS\system32\sppnp.dll
[MD5.B808833D27323783416120E47DFE05E8] - [04/06/2017 12:10:36] - |A| - [1619224] - C:\WINDOWS\system32\sppobjs.dll
[MD5.5A5B93C69F01FE0849FF389B5AD6A457] - [04/06/2017 12:10:38] - |A| - [4668160] - C:\WINDOWS\system32\sppsvc.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [32646] - C:\WINDOWS\system32\sppui
[MD5.B3330642C6FF1EB12C9714B47F17B116] - [04/06/2017 12:10:36] - |A| - [701408] - C:\WINDOWS\system32\sppwinob.dll
[MD5.446F6BD9E670876AE40A9AF504224EC9] - [04/06/2017 12:10:36] - |A| - [141312] - C:\WINDOWS\system32\sppwmi.dll
[MD5.047A6741904885AE99396B01CA4031D1] - [04/06/2017 12:10:42] - |A| - [14848] - C:\WINDOWS\system32\spwinsat.dll
[MD5.4C13013CECB3710E44B2B0F323732C9C] - [04/06/2017 12:10:29] - |A| - [497488] - C:\WINDOWS\system32\spwizeng.dll
[MD5.AC9DDC90E45A32F8DF5C3387F31B9C3B] - [04/06/2017 12:10:29] - |A| - [5861200] - C:\WINDOWS\system32\spwizimg.dll
[MD5.D5DE8C7E7B335367FEB732B5DA70472D] - [04/06/2017 12:10:29] - |A| - [12624] - C:\WINDOWS\system32\spwizres.dll
[MD5.397EF590C7315A2FAB922758BCE169E0] - [05/06/2017 08:58:25] - |A| - [11264] - C:\WINDOWS\system32\spwmp.dll
[MD5.0EA514E7BCE9D19DE0440F760B18DAC3] - [04/06/2017 12:10:33] - |A| - [137728] - C:\WINDOWS\system32\sqlcecompact40.dll
[MD5.23CA3DFEEFE15682EB54ED2474C77CB1] - [04/06/2017 12:10:36] - |A| - [202240] - C:\WINDOWS\system32\sqlceoledb40.dll
[MD5.421C6CE09064661D8672A58661E562C4] - [04/06/2017 12:10:35] - |A| - [906752] - C:\WINDOWS\system32\sqlceqp40.dll
[MD5.F3FCD005D32800CD963355716B54B471] - [04/06/2017 12:10:35] - |A| - [529408] - C:\WINDOWS\system32\sqlcese40.dll
[MD5.4863EC631616C2F8E7E15A4CAEB644F6] - [04/06/2017 12:10:16] - |A| - [740864] - C:\WINDOWS\system32\sqlsrv32.dll
[MD5.BB39A82C9ABE3E625BE8FAB452890EC1] - [04/06/2017 12:10:16] - |A| - [94208] - C:\WINDOWS\system32\sqlsrv32.rll
[MD5.6D6403E716EF212EF3C49F8744600A09] - [04/06/2017 12:10:36] - |A| - [45512] - C:\WINDOWS\system32\sqmapi.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [258048] - C:\WINDOWS\system32\sr-Latn-RS
[MD5.274C07E437FA0622CB7FD83DA721E5DA] - [04/06/2017 12:09:08] - |A| - [365056] - C:\WINDOWS\system32\srchadmin.dll
[MD5.0AE82B8EF090067F25ABDD53D4FCCB1B] - [04/06/2017 12:09:09] - |A| - [71680] - C:\WINDOWS\system32\srclient.dll
[MD5.CAB12326C8CAB0224E94220C830BFA45] - [04/06/2017 12:09:09] - |A| - [471040] - C:\WINDOWS\system32\srcore.dll
[MD5.343F15BE81B7F4DAC142D437B3FAA593] - [04/06/2017 12:09:09] - |A| - [18944] - C:\WINDOWS\system32\srdelayed.exe
[MD5.5E1FB72457D2B42894E7400527F0532A] - [04/06/2017 12:09:09] - |A| - [5120] - C:\WINDOWS\system32\SrEvents.dll
[MD5.89867A8F5B5CE976D1E433624879C0BB] - [04/06/2017 12:09:43] - |A| - [3533312] - C:\WINDOWS\system32\SRH.dll
[MD5.3B4758CB65892B205B102F0332F450B1] - [04/06/2017 12:09:09] - |A| - [83456] - C:\WINDOWS\system32\srhelper.dll
[MD5.8E6E32D4FFFBB7EE46C0EB5B5A8B5F16] - [04/06/2017 12:11:48] - |A| - [280064] - C:\WINDOWS\system32\srm.dll
[MD5.2016905F2DF39AB6A101D446EBCAE965] - [04/06/2017 12:11:48] - |A| - [1314816] - C:\WINDOWS\system32\srmclient.dll
[MD5.43420735DCA06E4B812A225D0DDAB965] - [04/06/2017 12:11:48] - |A| - [90112] - C:\WINDOWS\system32\srmlib.dll
[MD5.047BCF71FB0E5EC754437879E8DAA7F6] - [04/06/2017 12:10:32] - |A| - [57731] - C:\WINDOWS\system32\srms.dat
[MD5.0FE104B13F2FC346FCE2573EEEC3A675] - [04/06/2017 12:11:48] - |A| - [635392] - C:\WINDOWS\system32\srmscan.dll
[MD5.2A74D02D2D4851E3B139D599DE5BFB6A] - [04/06/2017 12:11:48] - |A| - [169472] - C:\WINDOWS\system32\srmshell.dll
[MD5.CC533FCAADCBC853AF99701E0E9F6E73] - [04/06/2017 12:11:48] - |A| - [274432] - C:\WINDOWS\system32\srmstormod.dll
[MD5.C3DC2325A069502B40493FAE436C5B74] - [04/06/2017 12:11:48] - |A| - [84480] - C:\WINDOWS\system32\srmtrace.dll
[MD5.BC80912891A6BCFBC9B6772B0BE615D5] - [04/06/2017 12:11:48] - |A| - [31744] - C:\WINDOWS\system32\srm_ps.dll
[MD5.19E753A10F225A81249C5F64710A7C4D] - [04/06/2017 12:09:47] - |A| - [142336] - C:\WINDOWS\system32\srpapi.dll
[MD5.23FF695160C62ACC345B2998029453FC] - [04/06/2017 12:11:51] - |A| - [311296] - C:\WINDOWS\system32\SrpUxNativeSnapIn.dll
[MD5.AAE63FB953135D5D3189F0E9A2E2370A] - [04/06/2017 12:09:09] - |A| - [248320] - C:\WINDOWS\system32\srrstr.dll
[MD5.A07AFD40114D26319906F243C87C07DD] - [04/06/2017 12:09:09] - |A| - [56832] - C:\WINDOWS\system32\SrTasks.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [40984576] - C:\WINDOWS\system32\sru
[MD5.4A86A6CDCA79D8E357ABA785F9AD566C] - [04/06/2017 12:09:21] - |A| - [61952] - C:\WINDOWS\system32\srumapi.dll
[MD5.65B7E61D2A0C13936AF7DCC685A6A26F] - [04/06/2017 12:09:21] - |A| - [216576] - C:\WINDOWS\system32\srumsvc.dll
[MD5.6699627ABB5D5DD798785EA5FAD91CE6] - [04/06/2017 12:09:55] - |A| - [106984] - C:\WINDOWS\system32\srvcli.dll
[MD5.4B65B4A5668E4FF3C69E4B678A2DC851] - [04/06/2017 12:09:57] - |A| - [268288] - C:\WINDOWS\system32\srvsvc.dll
[MD5.63FF65FEB4FE5AFF45B7ADA2B397D69F] - [04/06/2017 12:09:09] - |A| - [26624] - C:\WINDOWS\system32\srwmi.dll
[MD5.796BB61B29BB2E5C377785F8E313FA3E] - [04/06/2017 12:09:57] - |A| - [47104] - C:\WINDOWS\system32\sscore.dll
[MD5.F9F078CA4F5BA302BA51D7C8949F21E2] - [04/06/2017 12:10:27] - |A| - [13312] - C:\WINDOWS\system32\sscoreext.dll
[MD5.ED78326317227373177C3DA1E7ACEC75] - [04/06/2017 12:09:17] - |A| - [419328] - C:\WINDOWS\system32\ssdm.dll
[MD5.4953F6FCFD12086F16405BDC18C8D7C0] - [04/06/2017 12:09:42] - |A| - [61952] - C:\WINDOWS\system32\ssdpapi.dll
[MD5.B51387FE31262ACF23533F702F4D11EF] - [04/06/2017 12:09:42] - |A| - [233984] - C:\WINDOWS\system32\ssdpsrv.dll
[MD5.3B889F40F22FB417512D82D7361AC6F7] - [04/06/2017 12:09:57] - |A| - [177736] - C:\WINDOWS\system32\sspicli.dll
[MD5.9C5C556E4B446610B64407842CB5AF17] - [04/06/2017 12:09:57] - |A| - [28672] - C:\WINDOWS\system32\sspisrv.dll
[MD5.3D51A9CB9A482CF556689ED9A7DB68EE] - [04/06/2017 10:16:45] - |A| - [130384] - C:\WINDOWS\system32\SSShim.dll
[MD5.AF94ACB00E9B5F0F71BD9D13623BAB19] - [04/06/2017 12:10:30] - |A| - [217088] - C:\WINDOWS\system32\ssText3d.scr
[MD5.86BDC4E1BBC36341DF756E95A50D92F5] - [04/06/2017 12:10:32] - |A| - [207360] - C:\WINDOWS\system32\sstpsvc.dll
[MD5.B8C15FE9BDEC1D3CF86903A42C184685] - [04/06/2017 12:09:49] - |A| - [5608176] - C:\WINDOWS\system32\StartTileData.dll
[MD5.90BF237F8AAD1883161BA440EE05CE3E] - [04/06/2017 12:10:07] - |A| - [18944] - C:\WINDOWS\system32\Startupscan.dll
[MD5.931AF745E22BBD4DCB8BABC0681DB0F9] - [04/06/2017 12:09:34] - |A| - [662648] - C:\WINDOWS\system32\StateRepository.Core.dll
[MD5.B5ECE648923301302599CB143EF11FA6] - [04/06/2017 12:09:18] - |A| - [117760] - C:\WINDOWS\system32\StaticDictDS.dll
[MD5.DFAC72A3C7A998A06D18925559A29CC9] - [04/06/2017 12:09:55] - |A| - [61440] - C:\WINDOWS\system32\stclient.dll
[MD5.549F00E15E844AADE80915037F28B0B2] - [04/06/2017 12:09:58] - |A| - [18432] - C:\WINDOWS\system32\stdole2.tlb
[MD5.7430A0EC3EF934AE7C4D6807D36ECEBA] - [04/06/2017 12:10:27] - |A| - [7168] - C:\WINDOWS\system32\stdole32.tlb
[MD5.3ABCA54B23B901EBEA847CB4D91B09B2] - [04/06/2017 12:10:03] - |A| - [315904] - C:\WINDOWS\system32\sti.dll
[MD5.718D73ECE53EE54CDE3C2C9AC2C3B7FB] - [04/06/2017 12:10:03] - |A| - [187904] - C:\WINDOWS\system32\sti_ci.dll
[MD5.82FEDA432D41E922C239A9FBE44DEE88] - [04/06/2017 12:10:49] - |A| - [414720] - C:\WINDOWS\system32\stobject.dll
[MD5.7C4BCA5B0CA639677792C25C4A22BCC0] - [04/06/2017 12:10:00] - |A| - [86528] - C:\WINDOWS\system32\StorageContextHandler.dll
[MD5.915B0817A26F36BCC82A54B76B840CA7] - [04/06/2017 12:10:02] - |A| - [68096] - C:\WINDOWS\system32\StorageUsage.dll
[MD5.AA3A1B275EFDB13EE7ACF4C5912C9BE0] - [04/06/2017 12:09:37] - |A| - [2860032] - C:\WINDOWS\system32\storagewmi.dll
[MD5.827B6600A26A65AA7B3C8992A85DDBCB] - [04/06/2017 12:09:37] - |A| - [25088] - C:\WINDOWS\system32\storagewmi_passthru.dll
[MD5.02834C59D0B368C4AE18414F9CD0F215] - [04/06/2017 12:09:54] - |A| - [71168] - C:\WINDOWS\system32\stordiag.exe
[MD5.2841C95D977E703DAD73E6A59F3E3371] - [04/06/2017 12:09:29] - |A| - [1069568] - C:\WINDOWS\system32\StoreAgent.dll
[MD5.918085B0E61D2C7B9E0E1076DCC14247] - [04/06/2017 12:09:29] - |A| - [209408] - C:\WINDOWS\system32\storewuauth.dll
[MD5.38AC6800F6528E5AEEEA296441AB361A] - [04/06/2017 12:10:33] - |A| - [67584] - C:\WINDOWS\system32\Storprop.dll
[MD5.77917048DDCC1B273EEA0E692F870AA9] - [04/06/2017 12:10:02] - |A| - [821760] - C:\WINDOWS\system32\StorSvc.dll
[MD5.4B24EC5531930B58F69DB52EB719825E] - [04/06/2017 12:08:58] - |A| - [22352] - C:\WINDOWS\system32\streamci.dll
[MD5.30BFC186DA25B1FC2F84B72D5C6C09B7] - [04/06/2017 12:09:34] - |A| - [659648] - C:\WINDOWS\system32\StructuredQuery.dll
[MD5.30F5568679A54042F99CA9EC1102EBCD] - [04/06/2017 12:10:36] - |A| - [93702] - C:\WINDOWS\system32\SubRange.uce
[MD5.E2A4CB4A82598C6D2889806C4455C9FF] - [04/06/2017 12:09:52] - |A| - [16384] - C:\WINDOWS\system32\subst.exe
[MD5.0DD98A0AE8527A63A32545D2924A0EAA] - [04/06/2017 12:10:00] - |A| - [683008] - C:\WINDOWS\system32\sud.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [308224] - C:\WINDOWS\system32\sv-SE
[MD5.AB032D75B4526A7906D3FACEE35A69B6] - [04/06/2017 12:09:57] - |A| - [49672] - C:\WINDOWS\system32\svchost.exe
[MD5.89049C775ED73BE687DFC2E3469B21DD] - [04/06/2017 12:11:39] - |A| - [246784] - C:\WINDOWS\system32\svf.dll
[MD5.37B85E5A46562536E7D232EFB4D03779] - [04/06/2017 12:10:42] - |A| - [13824] - C:\WINDOWS\system32\svsvc.dll
[MD5.F49B14CC83FEB1D3502BB7785A1BEDC0] - [04/06/2017 12:10:42] - |A| - [460288] - C:\WINDOWS\system32\swprv.dll
[MD5.880C85AEA6EFAC1B06A6014977FF1913] - [04/06/2017 12:08:54] - |A| - [78336] - C:\WINDOWS\system32\sxproxy.dll
[MD5.7F65E5A22DE9CF7752BCDFCD2E75EB09] - [04/06/2017 12:10:35] - |A| - [618288] - C:\WINDOWS\system32\sxs.dll
[MD5.CCBF9E5D7E41A95305AB66ACD824FEC2] - [04/06/2017 12:10:02] - |A| - [45056] - C:\WINDOWS\system32\sxshared.dll
[MD5.5CA8CABBF16F14AEDC080A68D73D3A9D] - [04/06/2017 12:10:36] - |A| - [33792] - C:\WINDOWS\system32\sxssrv.dll
[MD5.ACCCB833F36C46B4E969C5728D75AA64] - [04/06/2017 12:10:35] - |A| - [28672] - C:\WINDOWS\system32\sxsstore.dll
[MD5.BBFF83F3DD8A6578F5D59176FBB61D10] - [04/06/2017 12:10:35] - |A| - [35840] - C:\WINDOWS\system32\sxstrace.exe
[MD5.4480E594EAAF7B5A497C258F7392F3D0] - [04/06/2017 12:11:48] - |A| - [73040] - C:\WINDOWS\system32\SyncAppvPublishingServer.exe
[MD5.20C4FE2B130D9F0C92D7629E71AFBB66] - [04/06/2017 12:11:48] - |A| - [1720] - C:\WINDOWS\system32\SyncAppvPublishingServer.vbs
[MD5.8ACEAA51E3082BB47FC0BC5B594EFE65] - [04/06/2017 12:10:35] - |A| - [3365888] - C:\WINDOWS\system32\SyncCenter.dll
[MD5.2904072CB059B68DB996C7EE3AB8EB09] - [05/06/2017 08:59:13] - |A| - [624128] - C:\WINDOWS\system32\SyncController.dll
[MD5.6471D73489CB67D970500E4E64111A23] - [04/06/2017 12:10:00] - |A| - [45056] - C:\WINDOWS\system32\SyncHost.exe
[MD5.9D3F6D82A4D9D70289F73436DD19D651] - [04/06/2017 12:10:00] - |A| - [14336] - C:\WINDOWS\system32\SyncHostps.dll
[MD5.77E3C45CD3134BFA1EDF5DB37B390A05] - [04/06/2017 12:10:02] - |A| - [413184] - C:\WINDOWS\system32\SyncInfrastructure.dll
[MD5.23B604C64DC779483BFF3D2705111789] - [04/06/2017 12:10:02] - |A| - [37376] - C:\WINDOWS\system32\SyncInfrastructureps.dll
[MD5.B9E2AD06A1987DCCC897B0991EDEE576] - [05/06/2017 08:59:13] - |A| - [62464] - C:\WINDOWS\system32\SyncProxy.dll
[MD5.45D7EDD737563E6C2F0D11FE3F1A5774] - [04/06/2017 12:10:00] - |A| - [78336] - C:\WINDOWS\system32\Syncreg.dll
[MD5.B5693E1C46F6535932F6B8F5B8E0F80D] - [05/06/2017 08:59:13] - |A| - [2560] - C:\WINDOWS\system32\SyncRes.dll
[MD5.0AD267A21287E48E1BFD390D4B8F1039] - [04/06/2017 12:10:44] - |A| - [324096] - C:\WINDOWS\system32\SyncSettings.dll
[MD5.DD15343089A6E19BAA790F7B67FD719D] - [05/06/2017 08:59:13] - |A| - [393728] - C:\WINDOWS\system32\syncutil.dll
[MD5.58093F8ED8801B9BB58E884AE7FBC8F4] - [04/06/2017 12:10:24] - |A| - [124928] - C:\WINDOWS\system32\sysclass.dll
[MD5.A19A60DCB50417201AA9339B3A39A144] - [04/06/2017 12:10:36] - |A| - [334848] - C:\WINDOWS\system32\sysdm.cpl
[MD5.C235EF9F33B2FAABDF124D931D287299] - [04/06/2017 12:08:28] - |A| - [372224] - C:\WINDOWS\system32\SysFxUI.dll
[MD5.C131468DD3466371FA24ED33B9D7B47F] - [04/06/2017 12:10:42] - |A| - [31744] - C:\WINDOWS\system32\syskey.exe
[MD5.B29633A7356593801817E939C1F16D4E] - [04/06/2017 12:10:49] - |A| - [972800] - C:\WINDOWS\system32\sysmain.dll
[MD5.BC9F7601DAEDC15808E00DC59952AE7F] - [04/06/2017 12:10:24] - |A| - [466432] - C:\WINDOWS\system32\sysmon.ocx
[MD5.6F6416303F3A23EF46FD3C2C4BC545F4] - [04/06/2017 12:09:57] - |A| - [24576] - C:\WINDOWS\system32\sysntfy.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 10:16:46] - |D| - [1297196] - C:\WINDOWS\system32\Sysprep
[MD5.81B14F1AD906AC1CF9102796C97A54FE] - [04/06/2017 12:10:29] - |A| - [3317] - C:\WINDOWS\system32\sysprint.sep
[MD5.58A67EC6B00A54A69DC364194CA171E0] - [04/06/2017 12:10:29] - |A| - [3666] - C:\WINDOWS\system32\sysprtj.sep
[MD5.F7208568CE5417F4BAE489C6B0F4A9BD] - [04/06/2017 12:10:32] - |A| - [38224] - C:\WINDOWS\system32\SysResetErr.exe
[MD5.1922F6B8A74FE8649922C19E3059F98B] - [04/06/2017 12:10:24] - |A| - [18944] - C:\WINDOWS\system32\syssetup.dll
[MD5.84687F1A16014158E0B353E6C653E3D1] - [04/06/2017 12:10:35] - |A| - [300032] - C:\WINDOWS\system32\systemcpl.dll
[MD5.598A1CE9E1D3A6130814B5F3F899ACB7] - [04/06/2017 12:09:34] - |A| - [30208] - C:\WINDOWS\system32\SystemEventsBrokerClient.dll
[MD5.EBE696DF3A6C155AD0AAEDC38811B20D] - [04/06/2017 12:09:30] - |A| - [287744] - C:\WINDOWS\system32\SystemEventsBrokerServer.dll
[MD5.DB07D68BE89B726E133F1B8BF26FEA90] - [04/06/2017 12:10:44] - |A| - [100352] - C:\WINDOWS\system32\systeminfo.exe
[MD5.72D5D48D78A520C182D03DC13AD7D346] - [04/06/2017 12:10:36] - |A| - [83968] - C:\WINDOWS\system32\SystemPropertiesAdvanced.exe
[MD5.69899A124452198B5D84F3667FDEEF71] - [04/06/2017 12:10:33] - |A| - [83968] - C:\WINDOWS\system32\SystemPropertiesComputerName.exe
[MD5.F3538B6B3833C10D0D2E5B5938CB5ACC] - [04/06/2017 12:10:33] - |A| - [83968] - C:\WINDOWS\system32\SystemPropertiesDataExecutionPrevention.exe
[MD5.3CBBF8211D6CE2693FF6C1A29651B7DA] - [04/06/2017 12:10:36] - |A| - [83968] - C:\WINDOWS\system32\SystemPropertiesHardware.exe
[MD5.18C1BE77ED08B89C8C00690C99CCCC28] - [04/06/2017 12:10:36] - |A| - [83968] - C:\WINDOWS\system32\SystemPropertiesPerformance.exe
[MD5.4A1C1DAA878F264F26B4026B34D2FCBB] - [04/06/2017 12:10:38] - |A| - [83968] - C:\WINDOWS\system32\SystemPropertiesProtection.exe
[MD5.17147194F0EE8EA6F4E44344E53871C1] - [04/06/2017 12:10:38] - |A| - [83968] - C:\WINDOWS\system32\SystemPropertiesRemote.exe
[MD5.CB47242CD008A0FAB7FA4A53D31A846A] - [04/06/2017 12:10:32] - |A| - [503072] - C:\WINDOWS\system32\systemreset.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [927516] - C:\WINDOWS\system32\SystemResetPlatform
[MD5.4FA0D6C3C0AE4B4BEDF7B3A15B405A1E] - [04/06/2017 12:10:49] - |A| - [371024] - C:\WINDOWS\system32\SystemSettings.DataModel.dll
[MD5.7AE333E4B9F42A868E084E9101A0D0F6] - [04/06/2017 12:12:53] - |A| - [164864] - C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
[MD5.1EC84C04E84B3DC21C2DA24D2DB9E790] - [04/06/2017 12:10:24] - |A| - [1418752] - C:\WINDOWS\system32\SystemSettings.Handlers.dll
[MD5.74068515216E82F5C25E9F50586AD3D7] - [04/06/2017 12:09:43] - |A| - [159568] - C:\WINDOWS\system32\SystemSettings.SettingsExtensibility.dll
[MD5.E0BF58717D065328E470FBC2E8719ACC] - [04/06/2017 12:09:42] - |A| - [491008] - C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
[MD5.17A7B3BFC2FF1E1D96DF129FCFD58568] - [04/06/2017 12:09:43] - |A| - [387448] - C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
[MD5.CB369B6B17034675557C64C2F935DFE1] - [04/06/2017 12:10:49] - |A| - [203520] - C:\WINDOWS\system32\SystemSettingsBroker.exe
[MD5.8FBA45CF2FFDE59CEE808CC4CD9EA81B] - [04/06/2017 12:10:00] - |A| - [23792] - C:\WINDOWS\system32\SystemSettingsRemoveDevice.exe
[MD5.CD8140C238D4B9FF6F875DAE98D84550] - [04/06/2017 12:09:43] - |A| - [4587520] - C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
[MD5.27F88577DCDAC4D865B16AC7AE267525] - [04/06/2017 12:09:24] - |A| - [65536] - C:\WINDOWS\system32\SystemUWPLauncher.exe
[MD5.3F394C628A450BE8C5CFD5AF77C29928] - [04/06/2017 12:10:50] - |A| - [10752] - C:\WINDOWS\system32\systray.exe
[MD5.93246C2DF5F754BF19E632633570D6FF] - [04/06/2017 12:10:07] - |A| - [175104] - C:\WINDOWS\system32\t2embed.dll
[MD5.09F03C392FAFDCBEEDE69BCE77410F48] - [04/06/2017 12:10:33] - |A| - [166912] - C:\WINDOWS\system32\Tabbtn.dll
[MD5.F5D1BF4C1AEC664CF402EB0FE54A1AE9] - [04/06/2017 12:10:33] - |A| - [79872] - C:\WINDOWS\system32\TabbtnEx.dll
[MD5.0AD35AE48B77D85239013A649D3B58A9] - [04/06/2017 12:10:35] - |A| - [82432] - C:\WINDOWS\system32\tabcal.exe
[MD5.DE29E14D34F6C42EF83201E81DAF6E16] - [04/06/2017 12:10:35] - |A| - [767488] - C:\WINDOWS\system32\TabletPC.cpl
[MD5.DE0DBF3DBA5918FD435696BF49C76E61] - [04/06/2017 12:10:36] - |A| - [186368] - C:\WINDOWS\system32\TabSvc.dll
[MD5.B4CA5359C88ABB554018CB817803E61D] - [04/06/2017 12:10:44] - |A| - [61952] - C:\WINDOWS\system32\takeown.exe
[MD5.334C564BCC3E842EBB952710F152B803] - [04/06/2017 12:10:36] - |A| - [967680] - C:\WINDOWS\system32\tapi3.dll
[MD5.0FAD9819B6898269A93D015123D38AEC] - [04/06/2017 12:10:33] - |A| - [231936] - C:\WINDOWS\system32\tapi32.dll
[MD5.FE145A0B506F0D13EFC9556079ECE349] - [04/06/2017 12:10:33] - |A| - [32768] - C:\WINDOWS\system32\tapilua.dll
[MD5.B4EC854A6ECDEFDF7AB21B0BA77A99FC] - [04/06/2017 12:10:36] - |A| - [53760] - C:\WINDOWS\system32\TapiMigPlugin.dll
[MD5.8FCE07B982F0C958B680D09818B04B2E] - [04/06/2017 12:10:35] - |A| - [12288] - C:\WINDOWS\system32\tapiperf.dll
[MD5.ABDB1EA878781ECC17D9FF49AFEEAAA9] - [04/06/2017 12:10:36] - |A| - [307200] - C:\WINDOWS\system32\tapisrv.dll
[MD5.19707FCFFB94B1FE486AEEBE3B42C7D7] - [04/06/2017 12:10:36] - |A| - [13312] - C:\WINDOWS\system32\TapiSysprep.dll
[MD5.DCC97C560D26EE0FB2FFB8C76DB61880] - [04/06/2017 12:10:33] - |A| - [109056] - C:\WINDOWS\system32\tapiui.dll
[MD5.246B44FE95CFC435576B985670DD5D65] - [04/06/2017 12:10:36] - |A| - [14848] - C:\WINDOWS\system32\TapiUnattend.exe
[MD5.8043EC0006643777F81CEA59A4605C1A] - [04/06/2017 12:09:33] - |A| - [400896] - C:\WINDOWS\system32\TaskApis.dll
[MD5.98822352903F357854B8410C34B0C9D0] - [04/06/2017 12:10:49] - |A| - [943104] - C:\WINDOWS\system32\taskbarcpl.dll
[MD5.3450997232447E3B2BC9D16C3098D7BA] - [04/06/2017 12:10:36] - |A| - [504832] - C:\WINDOWS\system32\taskcomp.dll
[MD5.1112A75BCC309F4BF4F8E02632041444] - [04/06/2017 12:09:12] - |A| - [997376] - C:\WINDOWS\system32\TaskFlowDataEngine.dll
[MD5.98000AD0D33B490C6C5B06BC3B87ADCD] - [04/06/2017 12:10:35] - |A| - [83176] - C:\WINDOWS\system32\taskhostw.exe
[MD5.1E0FFAE37D37B220A7B3DBD7C6DAD953] - [04/06/2017 12:10:42] - |A| - [94208] - C:\WINDOWS\system32\taskkill.exe
[MD5.E0AC46A43908CA681B1183642C0140BF] - [04/06/2017 12:10:42] - |A| - [99840] - C:\WINDOWS\system32\tasklist.exe
[MD5.23CBC953D48AD4B1D818D880BF325AD2] - [04/06/2017 12:09:49] - |A| - [1209168] - C:\WINDOWS\system32\Taskmgr.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [616962] - C:\WINDOWS\system32\Tasks
[MD5.B854A3BE9B3A5A5A4E9992D77554EA8D] - [04/06/2017 12:10:36] - |A| - [789784] - C:\WINDOWS\system32\taskschd.dll
[MD5.AB2A58839814D2EA5EE621B5DBF944FF] - [04/06/2017 12:10:36] - |A| - [145059] - C:\WINDOWS\system32\taskschd.msc
[MD5.420D1264672C1E9D959EE24D63A8B3F4] - [04/06/2017 12:10:38] - |A| - [59392] - C:\WINDOWS\system32\TaskSchdPS.dll
[MD5.B18B08B074916EFA80FA77DEACE0BF01] - [04/06/2017 12:09:24] - |A| - [36352] - C:\WINDOWS\system32\tbauth.dll
[MD5.986E07F9C04BBEE912D341EF3902A81A] - [04/06/2017 12:09:34] - |A| - [45536] - C:\WINDOWS\system32\tbs.dll
[MD5.945717A79B1A6B8E214F7DF2FDDC0972] - [04/06/2017 12:10:36] - |A| - [16384] - C:\WINDOWS\system32\tcmsetup.exe
[MD5.31B010EF50D54D548B4B8B211F421318] - [04/06/2017 12:10:29] - |A| - [1673] - C:\WINDOWS\system32\tcpbidi.xml
[MD5.D549A54DCA30746EB89AE4D4D27A1372] - [04/06/2017 12:10:24] - |A| - [231424] - C:\WINDOWS\system32\tcpipcfg.dll
[MD5.F2DE20F8EE05D094D7804F29C9F22972] - [04/06/2017 12:10:29] - |A| - [38912] - C:\WINDOWS\system32\tcpmib.dll
[MD5.95C4F5204E8FEEDF557ABF8BC0C2AF77] - [04/06/2017 12:10:29] - |A| - [217600] - C:\WINDOWS\system32\tcpmon.dll
[MD5.D602CA245CC6774A0981B607F0675609] - [04/06/2017 12:10:29] - |A| - [60124] - C:\WINDOWS\system32\tcpmon.ini
[MD5.026BD5D3CC9D92E232FB392F343EF45B] - [04/06/2017 12:10:29] - |A| - [71168] - C:\WINDOWS\system32\tcpmonui.dll
[MD5.58100B0195FA89F843C3E4C28CC9D9EA] - [04/06/2017 12:09:34] - |A| - [12288] - C:\WINDOWS\system32\TCPSVCS.EXE
[MD5.93C1B44A26E210194AE6DD9D073ABB10] - [04/06/2017 12:09:04] - |A| - [84992] - C:\WINDOWS\system32\tdc.ocx
[MD5.7B27CA2762E5FBA0A4925383DB3A7D82] - [04/06/2017 12:10:00] - |A| - [750592] - C:\WINDOWS\system32\tdh.dll
[MD5.4DED495795104295FF6BE502D14813F9] - [04/06/2017 12:09:30] - |A| - [529920] - C:\WINDOWS\system32\TDLMigration.dll
[MD5.36B408BA44E7F547DD85B39CC6149F52] - [04/06/2017 12:09:30] - |A| - [172544] - C:\WINDOWS\system32\tdlrecover.exe
[MD5.F4B1F6EEC6D5F060F016436C07885584] - [04/06/2017 12:10:33] - |A| - [109056] - C:\WINDOWS\system32\telephon.cpl
[MD5.9EE5B4B25F8508812A4388B81C4EF19C] - [04/06/2017 12:09:39] - |A| - [92672] - C:\WINDOWS\system32\TelephonyInteractiveUser.dll
[MD5.2E111734166C29AA156E8850D663EE1B] - [04/06/2017 12:09:37] - |A| - [2560] - C:\WINDOWS\system32\TelephonyInteractiveUserRes.dll
[MD5.13B53BDD40AACD7182854E3B9CE0C1E6] - [04/06/2017 12:09:25] - |A| - [72192] - C:\WINDOWS\system32\TempSignedLicenseExchangeTask.dll
[MD5.7BF2981E5E2C603D35E496A4FD2A6909] - [04/06/2017 12:10:36] - |A| - [413696] - C:\WINDOWS\system32\termmgr.dll
[MD5.2F45441EE5BA19BD1B7036C8E937F28C] - [04/06/2017 12:10:38] - |A| - [999936] - C:\WINDOWS\system32\termsrv.dll
[MD5.026DDA950B6DC7F52B1FB68559E5C3DB] - [04/06/2017 12:09:29] - |A| - [59904] - C:\WINDOWS\system32\tetheringclient.dll
[MD5.8DD11E21DA192AFD07C71B8840F46E54] - [04/06/2017 12:09:29] - |A| - [40448] - C:\WINDOWS\system32\tetheringconfigsp.dll
[MD5.B758C5F16B50421003C0EA44E54975E8] - [04/06/2017 12:09:29] - |A| - [12800] - C:\WINDOWS\system32\TetheringIeProvider.dll
[MD5.561F6AD0FADB2CE76D35D053B691DB21] - [04/06/2017 12:09:29] - |A| - [217088] - C:\WINDOWS\system32\TetheringMgr.dll
[MD5.909A4EA4200A8628A7FD8540DEBB0073] - [04/06/2017 12:09:29] - |A| - [209408] - C:\WINDOWS\system32\tetheringservice.dll
[MD5.EC9857D13B6FCA0CC4FC11DA7B953F8E] - [04/06/2017 12:10:49] - |A| - [226304] - C:\WINDOWS\system32\TetheringStation.dll
[MD5.2E6D89A114DFD2BB4F6A81E82C206BEB] - [04/06/2017 12:09:25] - |A| - [569856] - C:\WINDOWS\system32\TextInputFramework.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [240128] - C:\WINDOWS\system32\th-TH
[MD5.980EFE8208952DB6E3DEF9DB1E5265EF] - [04/06/2017 12:10:36] - |A| - [2489856] - C:\WINDOWS\system32\themecpl.dll
[MD5.5D449FACA51B3440B95C745F50464E13] - [04/06/2017 12:10:36] - |A| - [69120] - C:\WINDOWS\system32\themeservice.dll
[MD5.CCF647BA10CAB8F33ECCD9ED5605A426] - [04/06/2017 12:10:38] - |A| - [2875904] - C:\WINDOWS\system32\themeui.dll
[MD5.48963C942934AD5152A5687EB0A448C6] - [04/06/2017 12:09:22] - |A| - [69632] - C:\WINDOWS\system32\threadpoolwinrt.dll
[MD5.3D8B849CB6422B311E4774F5E7F4BFC2] - [04/06/2017 12:09:25] - |A| - [341840] - C:\WINDOWS\system32\thumbcache.dll
[MD5.3ABD973F0FED146FB0EFDDC2FE5C1A04] - [04/06/2017 12:10:29] - |A| - [33280] - C:\WINDOWS\system32\ThumbnailExtractionHost.exe
[MD5.19F655E4B6F0A5AC572A1F685FC259B6] - [04/06/2017 12:09:43] - |A| - [2560] - C:\WINDOWS\system32\tier2punctuations.dll
[MD5.D4DF7835258F9E7640C9A57AD58CE3F2] - [04/06/2017 12:10:35] - |A| - [19456] - C:\WINDOWS\system32\TieringEngineProxy.dll
[MD5.B66B5F3E73F065B07E19122103B5CCAA] - [04/06/2017 12:10:35] - |A| - [302592] - C:\WINDOWS\system32\TieringEngineService.exe
[MD5.749623EDFCCF54C74209A55DA88ABC04] - [04/06/2017 12:09:29] - |A| - [532992] - C:\WINDOWS\system32\TileDataRepository.dll
[MD5.9DBD7B47E29B89FB7D7165EFFA680B1B] - [04/06/2017 12:09:30] - |A| - [647680] - C:\WINDOWS\system32\tileobjserver.dll
[MD5.A93810EA1B8B849DB50F8E78253EC192] - [04/06/2017 12:09:30] - |A| - [35328] - C:\WINDOWS\system32\TimeBrokerClient.dll
[MD5.426BC43C8A5EA973B5FF8299C35FFE16] - [04/06/2017 12:09:30] - |A| - [167936] - C:\WINDOWS\system32\TimeBrokerServer.dll
[MD5.092DC286F3843050DD3D83BF94622393] - [04/06/2017 12:10:47] - |A| - [510464] - C:\WINDOWS\system32\timedate.cpl
[MD5.ED18C2E4C85ADA7AD2E5082384098160] - [04/06/2017 12:10:13] - |A| - [11776] - C:\WINDOWS\system32\TimeDateMUICallback.dll
[MD5.41EB52DE1FC6A19E3B5E6D71CF484B63] - [04/06/2017 12:10:44] - |A| - [30208] - C:\WINDOWS\system32\timeout.exe
[MD5.86BD3967ABADD63245561D15164D65D1] - [04/06/2017 12:10:49] - |A| - [14848] - C:\WINDOWS\system32\TimeSyncTask.dll
[MD5.D57FE21FE4804C2AE854BDE25C349008] - [04/06/2017 12:10:38] - |A| - [47104] - C:\WINDOWS\system32\tlscsp.dll
[MD5.21E1B665B0C8EA137D11372A90007DA5] - [04/06/2017 12:09:55] - |A| - [43008] - C:\WINDOWS\system32\tokenbinding.dll
[MD5.AD24EBC3AA10134368F265622C7F24F9] - [04/06/2017 12:09:24] - |A| - [1191936] - C:\WINDOWS\system32\TokenBroker.dll
[MD5.D9B889C390878C0E16A5CD22C78D2E53] - [04/06/2017 12:09:24] - |A| - [17408] - C:\WINDOWS\system32\TokenBrokerCookies.exe
[MD5.134A9A5C4EC80D3791A8075BF1B14385] - [04/06/2017 12:10:36] - |A| - [44032] - C:\WINDOWS\system32\TokenBrokerUI.dll
[MD5.9359341F78E00134B527814B4868ECD5] - [04/06/2017 12:10:47] - |A| - [144862] - C:\WINDOWS\system32\tpm.msc
[MD5.89D3A6A2DEBAE730E5D6EA18F1B349BB] - [04/06/2017 12:09:34] - |A| - [3584] - C:\WINDOWS\system32\TpmCertResources.dll
[MD5.A0F59D6930C2A4165A3BA4AFDE4BC2E6] - [04/06/2017 12:10:47] - |A| - [46080] - C:\WINDOWS\system32\tpmcompc.dll
[MD5.618F493764B21169C906A57B83D08E81] - [04/06/2017 12:09:34] - |A| - [628736] - C:\WINDOWS\system32\TpmCoreProvisioning.dll
[MD5.DAB768DB84B506D22EECBD708108371E] - [04/06/2017 12:10:47] - |A| - [67584] - C:\WINDOWS\system32\TpmInit.exe
[MD5.A7A783D9DBFCD054494D377B4EEAD507] - [04/06/2017 12:10:47] - |A| - [58368] - C:\WINDOWS\system32\TpmTasks.dll
[MD5.FC5C7F4CD21C35AD2EFC58B7405E72B7] - [04/06/2017 12:12:56] - |A| - [378880] - C:\WINDOWS\system32\tpmvsc.dll
[MD5.F7E2444D72A784F0DF07BA35612CA64B] - [04/06/2017 12:10:36] - |A| - [109056] - C:\WINDOWS\system32\tpmvscmgr.exe
[MD5.72E4D271D07AFA64F3A3DF14EBD9C20C] - [04/06/2017 12:10:36] - |A| - [139776] - C:\WINDOWS\system32\tpmvscmgrsvr.exe
[MD5.3971638AF5B8B3C74835BD37777B55A3] - [04/06/2017 12:09:29] - |A| - [3405312] - C:\WINDOWS\system32\tquery.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [305152] - C:\WINDOWS\system32\tr-TR
[MD5.75D8162586BB69C264A91B6763FA7EF1] - [04/06/2017 12:10:27] - |A| - [411648] - C:\WINDOWS\system32\tracerpt.exe
[MD5.1BE797EC7968CDBBA997A21F1681921A] - [04/06/2017 12:09:34] - |A| - [17920] - C:\WINDOWS\system32\TRACERT.EXE
[MD5.5F1DEA8758CB0FF5FC05EA54B5FA8690] - [04/06/2017 12:10:24] - |A| - [41472] - C:\WINDOWS\system32\traffic.dll
[MD5.B88B8D017386A00D7724519F475317A0] - [04/06/2017 12:10:47] - |A| - [10576] - C:\WINDOWS\system32\TransformPPSToWlan.xslt
[MD5.2F05390B798363D51EBE65D6320CD45E] - [04/06/2017 12:10:47] - |A| - [1688] - C:\WINDOWS\system32\TransformPPSToWlanCredentials.xslt
[MD5.13AA5DB5E9372D6F015FCE8CF4B1EE2A] - [04/06/2017 12:09:18] - |A| - [57344] - C:\WINDOWS\system32\TransliterationRanker.dll
[MD5.E69405488D8D3A28AEADB64B0B68F996] - [04/06/2017 12:11:48] - |A| - [489808] - C:\WINDOWS\system32\TransportDSA.dll
[MD5.C3DB4CAB4940B746DD9E9F3456B14CE6] - [04/06/2017 12:09:52] - |A| - [19968] - C:\WINDOWS\system32\tree.com
[MD5.BF52DA7B3A67CCE8506CEC7AE9E52CA8] - [04/06/2017 12:09:18] - |A| - [172032] - C:\WINDOWS\system32\trie.dll
[MD5.1884FBFD88A9494CC921B93133AA3EF9] - [04/06/2017 12:09:55] - |A| - [110592] - C:\WINDOWS\system32\trkwks.dll
[MD5.8AD14A62A847A8C361C1F556396C9A36] - [04/06/2017 12:10:00] - |A| - [116736] - C:\WINDOWS\system32\TrustedSignalCredProv.dll
[MD5.DB489E218C08AC4C3619CDF0DF53A82E] - [04/06/2017 12:09:18] - |A| - [16896] - C:\WINDOWS\system32\tsbyuv.dll
[MD5.538D0444611CB7A4A3FFE38BFC19B6F9] - [04/06/2017 12:11:53] - |A| - [218624] - C:\WINDOWS\system32\tscfgwmi.dll
[MD5.1468EE4FE747FEF1D4711AFF4A05CF22] - [04/06/2017 12:11:52] - |A| - [23552] - C:\WINDOWS\system32\tscon.exe
[MD5.977C30BEE47AF7A70C5C774C4E4D0582] - [04/06/2017 12:10:38] - |A| - [15360] - C:\WINDOWS\system32\tsddd.dll
[MD5.616CA10264BE5833DD61A7434314AFBF] - [04/06/2017 12:11:52] - |A| - [23040] - C:\WINDOWS\system32\tsdiscon.exe
[MD5.EDD1440EAB6027CEE71A85EE6C5D2F1B] - [04/06/2017 12:11:51] - |A| - [11776] - C:\WINDOWS\system32\TSErrRedir.dll
[MD5.5D6FBAD8D5D5A0B61E33C0CBA2C29822] - [04/06/2017 12:10:40] - |A| - [62464] - C:\WINDOWS\system32\tsgqec.dll
[MD5.13168365C568CD1C4DE4EF1A0BC36085] - [04/06/2017 12:11:52] - |A| - [24064] - C:\WINDOWS\system32\tskill.exe
[MD5.895BCFC7AA8DFD97BF6DCCD2E4F490EE] - [04/06/2017 12:10:40] - |A| - [398744] - C:\WINDOWS\system32\tsmf.dll
[MD5.0FF233F7B09E9B890EEF4C504AE19DEA] - [04/06/2017 12:10:32] - |A| - [113152] - C:\WINDOWS\system32\TSpkg.dll
[MD5.3BD288A16F5111E53805313D45F3211A] - [04/06/2017 12:11:53] - |A| - [218112] - C:\WINDOWS\system32\tspubwmi.dll
[MD5.4FBC296FC67E30A949759D10BEBD4828] - [04/06/2017 12:12:56] - |A| - [84992] - C:\WINDOWS\system32\TSSessionUX.dll
[MD5.B7E590A9670A3FAE757A71A31E723E85] - [04/06/2017 12:11:52] - |A| - [180736] - C:\WINDOWS\system32\tssrvlic.dll
[MD5.091A05EC2FB0AEA9D61FB88BBFF485A0] - [04/06/2017 12:10:38] - |A| - [52224] - C:\WINDOWS\system32\TSTheme.exe
[MD5.A826A5BC2744749CD4A38CA5BD34928B] - [04/06/2017 12:08:36] - |A| - [39936] - C:\WINDOWS\system32\TsUsbGDCoInstaller.dll
[MD5.D715B2976F602A5061C53479CD6BB456] - [04/06/2017 12:08:58] - |A| - [13312] - C:\WINDOWS\system32\TsUsbRedirectionGroupPolicyExtension.dll
[MD5.8BC3B9813F0A8EDE3912F0B2F58F8FF7] - [04/06/2017 12:10:38] - |A| - [67072] - C:\WINDOWS\system32\TSWbPrxy.exe
[MD5.9A690C0C5DAF7926C30C8C180354994B] - [04/06/2017 12:10:38] - |A| - [982528] - C:\WINDOWS\system32\TSWorkspace.dll
[MD5.F548ADCE9C2E6CEB7FA26BF52EF4BF91] - [11/06/2017 03:21:53] - |A| - [35480] - C:\WINDOWS\system32\TsWpfWrp.exe
[MD5.E893C6095872A19A0CCB3623AF575D70] - [04/06/2017 12:10:47] - |A| - [240128] - C:\WINDOWS\system32\TtlsAuth.dll
[MD5.797A6C7A615360B2C494223DFCD24837] - [04/06/2017 12:10:47] - |A| - [219648] - C:\WINDOWS\system32\TtlsCfg.dll
[MD5.BAE82645F42099E284875B064D610965] - [04/06/2017 12:10:06] - |A| - [222208] - C:\WINDOWS\system32\TtlsExt.dll
[MD5.AB9AFA47DF46C067D5F133DBE9E724A9] - [04/06/2017 12:10:40] - |A| - [34816] - C:\WINDOWS\system32\tvratings.dll
[MD5.2453964CF387A25355F04861BAD91AF9] - [04/06/2017 12:10:32] - |A| - [181248] - C:\WINDOWS\system32\twext.dll
[MD5.DC1E8086C3EC20BD40C0EEE58818A929] - [04/06/2017 12:09:24] - |A| - [1568648] - C:\WINDOWS\system32\twinapi.appcore.dll
[MD5.02AF814B63A64454CC181EA7CDA46E0F] - [04/06/2017 12:10:38] - |A| - [519680] - C:\WINDOWS\system32\twinapi.dll
[MD5.CDDBBDE38AC1428F604A7F9C62D3706E] - [04/06/2017 12:09:22] - |A| - [823808] - C:\WINDOWS\system32\twinui.appcore.dll
[MD5.965C1F95AC411F8B3F35C5497AF50FE8] - [04/06/2017 12:10:40] - |A| - [7870976] - C:\WINDOWS\system32\twinui.dll
[MD5.40D1E10493751FB9C56BA4573AB3F3F4] - [04/06/2017 12:09:43] - |A| - [2859520] - C:\WINDOWS\system32\twinui.pcshell.dll
[MD5.8CF4F6BB5694FE5A4F9EF48139764A0B] - [04/06/2017 12:09:55] - |A| - [116224] - C:\WINDOWS\system32\txflog.dll
[MD5.C7AAE351010D78A1DC2E34A1553A782A] - [04/06/2017 12:09:54] - |A| - [12800] - C:\WINDOWS\system32\txfw32.dll
[MD5.C94302F6EABB3606760831F758B4B757] - [04/06/2017 12:10:27] - |A| - [47104] - C:\WINDOWS\system32\typeperf.exe
[MD5.4C8FB3682E66B37C7075956D262D26A2] - [04/06/2017 12:09:22] - |A| - [96256] - C:\WINDOWS\system32\tzautoupdate.dll
[MD5.B2D1479C149CE5D9094E195001E92380] - [04/06/2017 12:09:57] - |A| - [2560] - C:\WINDOWS\system32\tzres.dll
[MD5.68DD7C0E18D1C4C198C47CFBBDD39E36] - [04/06/2017 12:10:38] - |A| - [60928] - C:\WINDOWS\system32\tzsync.exe
[MD5.D784EB7A63A8F97CF0E1444790BF3B28] - [04/06/2017 12:10:36] - |A| - [4096] - C:\WINDOWS\system32\tzsyncres.dll
[MD5.E3524F731A75ABAEF9C39C1CD62F8379] - [04/06/2017 12:10:36] - |A| - [57856] - C:\WINDOWS\system32\tzutil.exe
[MD5.B5ECB8A4143D5893371AEC825F380872] - [04/06/2017 12:10:36] - |A| - [268288] - C:\WINDOWS\system32\ubpm.dll
[MD5.05229AECF8BA82CB52EDC623CF2827F8] - [04/06/2017 12:10:40] - |A| - [58368] - C:\WINDOWS\system32\ucmhc.dll
[MD5.49DF2EEA4567C5FCCFBF080B04225560] - [04/06/2017 12:09:58] - |A| - [1006176] - C:\WINDOWS\system32\ucrtbase.dll
[MD5.0A8E79B16EE363703FF441C4DA9A14BF] - [04/06/2017 12:09:17] - |A| - [476768] - C:\WINDOWS\system32\ucrtbase_enclave.dll
[MD5.0CBB8362777AD2F27F8DC538909B42E9] - [04/06/2017 12:10:11] - |A| - [43008] - C:\WINDOWS\system32\ucsvc.exe
[MD5.46928175DF5C13C18CA792A0299321D4] - [04/06/2017 12:09:37] - |A| - [66560] - C:\WINDOWS\system32\udhisapi.dll
[MD5.636BAA7E8F7577388D3239C49398D756] - [04/06/2017 12:09:55] - |A| - [848896] - C:\WINDOWS\system32\uDWM.dll
[MD5.E2C4C28C3C6B19ED2BD2F8479C6BA9BC] - [04/06/2017 12:11:48] - |A| - [40960] - C:\WINDOWS\system32\UevAgentPolicyGenerator.exe
[MD5.CF4F2C1D74EC5E80960EFC0B25E098A3] - [04/06/2017 12:11:48] - |A| - [55808] - C:\WINDOWS\system32\UevAppMonitor.exe
[MD5.D200497DD3A24F138123F0EB6C385D1D] - [04/06/2017 12:11:48] - |A| - [146] - C:\WINDOWS\system32\UevAppMonitor.exe.config
[MD5.4AAEE8D86EC81DA2A1514ABC77E71F57] - [04/06/2017 12:11:48] - |A| - [3420] - C:\WINDOWS\system32\UevCustomActionTypes.tlb
[MD5.473055B31D1A598C03B2B7C116DD0DDA] - [04/06/2017 12:11:48] - |A| - [13824] - C:\WINDOWS\system32\UevTemplateBaselineGenerator.exe
[MD5.6A9117ECB88F25B87367E81CA1C9E197] - [04/06/2017 12:11:48] - |A| - [11776] - C:\WINDOWS\system32\UevTemplateConfigItemGenerator.exe
[MD5.A1A99985BEEBC94F8DCAFDDE2FE13A1C] - [04/06/2017 12:09:34] - |A| - [114176] - C:\WINDOWS\system32\uexfat.dll
[MD5.9ABD9472512BE310745893E8137EA79D] - [04/06/2017 12:09:18] - |A| - [152064] - C:\WINDOWS\system32\ufat.dll
[MD5.FB2C627545E5A83F60C4F33975DE0D80] - [04/06/2017 12:10:42] - |A| - [42496] - C:\WINDOWS\system32\UI0Detect.exe
[MD5.FFE64A0E0B22B6F581F4508585D8EEF7] - [04/06/2017 12:09:24] - |A| - [552960] - C:\WINDOWS\system32\UiaManager.dll
[MD5.385CC9E8680B7A29EB2934B73852DCD7] - [04/06/2017 12:09:22] - |A| - [283648] - C:\WINDOWS\system32\UIAnimation.dll
[MD5.EF46780907FA0FA4FB0F4E8AC1A73729] - [04/06/2017 12:09:21] - |A| - [2040832] - C:\WINDOWS\system32\UIAutomationCore.dll
[MD5.EB002931260ABD52F206E8407A9E03A2] - [04/06/2017 12:10:42] - |A| - [43008] - C:\WINDOWS\system32\uicom.dll
[MD5.72D20D73F439731B1F21978C281B4366] - [04/06/2017 12:10:36] - |A| - [13824] - C:\WINDOWS\system32\UIManagerBrokerps.dll
[MD5.96E0C4FC49D4B9976E99564694D3572F] - [04/06/2017 12:10:36] - |A| - [36352] - C:\WINDOWS\system32\UIMgrBroker.exe
[MD5.0AED49FB78AC4484B3D9E8648C090D96] - [04/06/2017 12:09:47] - |A| - [258560] - C:\WINDOWS\system32\uireng.dll
[MD5.C617988615CE6AA20573651FDFA5C7B1] - [04/06/2017 12:12:58] - |A| - [3994624] - C:\WINDOWS\system32\UIRibbon.dll
[MD5.D34814423A99D7D711304BFC5F96A96B] - [04/06/2017 12:12:58] - |A| - [584192] - C:\WINDOWS\system32\UIRibbonRes.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [253440] - C:\WINDOWS\system32\uk-UA
[MD5.A5E8FEC90ED2CCF59CA7A8680E316756] - [04/06/2017 12:09:37] - |A| - [173392] - C:\WINDOWS\system32\ulib.dll
[MD5.883ADF470F1ED31AE83A2BD36058BE74] - [04/06/2017 12:10:38] - |A| - [68096] - C:\WINDOWS\system32\umb.dll
[MD5.7FFCF87B4258945CD0BC6B3D8EDABFB3] - [04/06/2017 12:10:38] - |A| - [19456] - C:\WINDOWS\system32\umdmxfrm.dll
[MD5.6318F6A247A155675CC682DA90509B1A] - [04/06/2017 12:09:43] - |A| - [114176] - C:\WINDOWS\system32\umpnpmgr.dll
[MD5.DDECD4DDA24083424BFA0DB140413A70] - [04/06/2017 12:09:21] - |A| - [55296] - C:\WINDOWS\system32\umpo-overrides.dll
[MD5.2EDDE81BDABA8681C5B9EB0109F0CC8B] - [04/06/2017 12:09:55] - |A| - [153088] - C:\WINDOWS\system32\umpo.dll
[MD5.E0E785070F15A688BFD308A0C82DF0BB] - [04/06/2017 12:10:24] - |A| - [101888] - C:\WINDOWS\system32\umpoext.dll
[MD5.08F98DB7B488504C04BA1F061E1033D2] - [04/06/2017 12:10:29] - |A| - [54784] - C:\WINDOWS\system32\umpowmi.dll
[MD5.94A1E551EA1FC6D3DCB602B430B4148B] - [04/06/2017 12:11:37] - |A| - [279040] - C:\WINDOWS\system32\umrdp.dll
[MD5.C88640D0FB5CBE1B37758CD3AC3399CB] - [04/06/2017 12:10:32] - |A| - [235856] - C:\WINDOWS\system32\unattend.dll
[MD5.E82C68182C7793DB1306F54A8F45117C] - [04/06/2017 12:09:34] - |A| - [75264] - C:\WINDOWS\system32\unenrollhook.dll
[MD5.D57C9667958F6B181503BC6240C82715] - [04/06/2017 12:10:40] - |A| - [293376] - C:\WINDOWS\system32\unimdm.tsp
[MD5.1B71F277B81F1359DC74D7AC58B9F380] - [04/06/2017 12:10:38] - |A| - [75264] - C:\WINDOWS\system32\unimdmat.dll
[MD5.552F8D8CF8F1A36C70860E034BA0C9A3] - [04/06/2017 12:10:40] - |A| - [21504] - C:\WINDOWS\system32\uniplat.dll
[MD5.9F09B8FACEA961F25873AAB311EC2EE8] - [04/06/2017 12:09:34] - |A| - [1228800] - C:\WINDOWS\system32\Unistore.dll
[MD5.09B91F4A189DAF53404C33057D1D4AFC] - [04/06/2017 12:10:00] - |A| - [40960] - C:\WINDOWS\system32\unlodctr.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |SD| - [5104272] - C:\WINDOWS\system32\UNP
[MD5.5647C2F178A87B9A0413BAF19DC7C642] - [05/06/2017 08:58:25] - |A| - [257024] - C:\WINDOWS\system32\unregmp2.exe
[MD5.4124E5DABA21E001AF2DE25B1A8539D1] - [04/06/2017 12:09:21] - |A| - [577536] - C:\WINDOWS\system32\untfs.dll
[MD5.6ED32278C4914A0D5200BCD75DECEDF7] - [04/06/2017 12:09:29] - |A| - [2378064] - C:\WINDOWS\system32\UpdateAgent.dll
[MD5.98A8425CA78141C660ABFD6071A28A79] - [04/06/2017 12:09:40] - |A| - [91648] - C:\WINDOWS\system32\updatecsp.dll
[MD5.7734D7703F1BBAD26AC69DBCD5425CC7] - [04/06/2017 12:09:40] - |A| - [460288] - C:\WINDOWS\system32\updatehandlers.dll
[MD5.18A26FCA9D89EDF22F343B62A9B0FF99] - [04/06/2017 12:09:29] - |A| - [113152] - C:\WINDOWS\system32\updatepolicy.dll
[MD5.B3A57E0BE6194A939064256E8F45F83A] - [04/06/2017 12:10:36] - |A| - [36864] - C:\WINDOWS\system32\UpgradeResultsUI.exe
[MD5.D5F60999E99246B96E121695DC21B34A] - [04/06/2017 12:09:37] - |A| - [380416] - C:\WINDOWS\system32\upnp.dll
[MD5.6E6A1F428F9243142BBDFB4F0683D688] - [04/06/2017 12:09:37] - |A| - [39936] - C:\WINDOWS\system32\upnpcont.exe
[MD5.F56FAD0F616992B737B450DD41E765C0] - [04/06/2017 12:09:37] - |A| - [444928] - C:\WINDOWS\system32\upnphost.dll
[MD5.AADC4BAC359798B3607F6878A8324B8A] - [04/06/2017 12:09:52] - |A| - [654336] - C:\WINDOWS\system32\uReFS.dll
[MD5.D87DD36C91707C3DDF8D53F6BE606DFB] - [04/06/2017 12:09:54] - |A| - [510464] - C:\WINDOWS\system32\uReFSv1.dll
[MD5.BDB68E73CD00C7A31634D2D20B1B40AF] - [04/06/2017 12:09:52] - |A| - [30208] - C:\WINDOWS\system32\ureg.dll
[MD5.E3D445C860D400A0A95ECC8C4381A7E4] - [04/06/2017 12:09:04] - |A| - [235520] - C:\WINDOWS\system32\url.dll
[MD5.0593F8FA9E339D8283A6891D6609CB47] - [04/06/2017 12:10:11] - |A| - [1798144] - C:\WINDOWS\system32\urlmon.dll
[MD5.AA54B3347BD77508FCB71C08C324A036] - [04/06/2017 12:09:34] - |A| - [39936] - C:\WINDOWS\system32\UsbCApi.dll
[MD5.604701BB7F41CEC2A8B5F2F7A5A9C782] - [04/06/2017 12:10:42] - |A| - [123904] - C:\WINDOWS\system32\usbceip.dll
[MD5.3FAB8FE9F94153E62CDF579A84B2D2A6] - [04/06/2017 12:10:27] - |A| - [324608] - C:\WINDOWS\system32\usbmon.dll
[MD5.8F90CB47EDEA6249BC8A4B57B32C25F1] - [04/06/2017 12:10:42] - |A| - [13824] - C:\WINDOWS\system32\usbperf.dll
[MD5.CC6D2C404150A92821E3B1CC4A11221D] - [04/06/2017 12:09:43] - |A| - [71168] - C:\WINDOWS\system32\UsbSettingsHandlers.dll
[MD5.08CB7D136BC8C8B97DB824719FA784B0] - [04/06/2017 12:09:34] - |A| - [33792] - C:\WINDOWS\system32\UsbTask.dll
[MD5.AB2FDC24D71F19E22779DC62CDA9C80A] - [04/06/2017 12:10:42] - |A| - [104960] - C:\WINDOWS\system32\usbui.dll
[MD5.7321E151821E7F5988A9F83774833848] - [04/06/2017 12:09:34] - |A| - [1619808] - C:\WINDOWS\system32\user32.dll
[MD5.9719ABA04369ED6C2D1F2DE644A9FF82] - [04/06/2017 12:10:40] - |A| - [36192] - C:\WINDOWS\system32\UserAccountBroker.exe
[MD5.F2A8F1B1EF8362B7421CBCEAB6E4929D] - [04/06/2017 12:10:03] - |A| - [85504] - C:\WINDOWS\system32\UserAccountControlSettings.dll
[MD5.21D806EC58B8FAD6E05E2E3C2969695E] - [04/06/2017 12:10:03] - |A| - [98304] - C:\WINDOWS\system32\UserAccountControlSettings.exe
[MD5.702AE3EDC64FD822AFC9ADC71E7C4A23] - [04/06/2017 12:10:38] - |A| - [1354240] - C:\WINDOWS\system32\usercpl.dll
[MD5.A40D1A688402866E46F47EC7B2049D24] - [04/06/2017 12:09:33] - |A| - [8192] - C:\WINDOWS\system32\UserDataAccessRes.dll
[MD5.D7B19834460280206BE5B78E67093015] - [04/06/2017 12:09:33] - |A| - [437760] - C:\WINDOWS\system32\UserDataAccountApis.dll
[MD5.4BDE1329A6E6ED7A69F936F57C683CB3] - [04/06/2017 12:09:33] - |A| - [43008] - C:\WINDOWS\system32\UserDataLanguageUtil.dll
[MD5.68E9ACE3E7D9DE73CFFBE3783B3DA6C3] - [04/06/2017 12:09:33] - |A| - [62464] - C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
[MD5.C475F7FD11EF0E301457FD797D709BE0] - [04/06/2017 12:09:30] - |A| - [1509888] - C:\WINDOWS\system32\UserDataService.dll
[MD5.7390C37D646453316182A0D5B4B527BF] - [04/06/2017 12:09:33] - |A| - [119296] - C:\WINDOWS\system32\UserDataTimeUtil.dll
[MD5.9C46A6C9B2F8B5FA9FA12C7416516CB7] - [04/06/2017 12:09:33] - |A| - [45568] - C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
[MD5.98990BBC575EC807DBC4934BF3B48134] - [04/06/2017 12:09:24] - |A| - [199168] - C:\WINDOWS\system32\UserDeviceRegistration.dll
[MD5.6F97C9B4EE9554CC2C1487B7B4DABB63] - [04/06/2017 12:09:24] - |A| - [209408] - C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
[MD5.537D66701D1660BF7ABF3E774339BA32] - [04/06/2017 12:09:55] - |A| - [150384] - C:\WINDOWS\system32\userenv.dll
[MD5.0791D91F6E34EAF90622605B72508E82] - [04/06/2017 12:09:57] - |A| - [32256] - C:\WINDOWS\system32\userinit.exe
[MD5.5A7F70F3707010B404B870CAB5FC9890] - [04/06/2017 12:10:06] - |A| - [19968] - C:\WINDOWS\system32\userinitext.dll
[MD5.3B458E415B17ABE2669CF74AC96AEF28] - [04/06/2017 12:09:30] - |A| - [78848] - C:\WINDOWS\system32\UserLanguageProfileCallback.dll
[MD5.1C7EBB84CD5A8C99CD2FB35041557597] - [04/06/2017 12:10:07] - |A| - [648192] - C:\WINDOWS\system32\UserLanguagesCpl.dll
[MD5.ACFBC480D29D13F3BECF915A0AE84892] - [04/06/2017 12:10:00] - |A| - [886784] - C:\WINDOWS\system32\usermgr.dll
[MD5.A687F49F3F27DF8D30104EBBBF6ABB6E] - [04/06/2017 12:10:02] - |A| - [69280] - C:\WINDOWS\system32\usermgrcli.dll
[MD5.A639300672A7036509C8C7B1E962A7BB] - [04/06/2017 12:10:00] - |A| - [252416] - C:\WINDOWS\system32\UserMgrProxy.dll
[MD5.4E8F2BB3A5A87E75C35533723B50E685] - [02/06/2017 13:12:29] - |A| - [385] - C:\WINDOWS\system32\user_gensett.xml
[MD5.7A321C130C2D965D39D865CA559F4A4D] - [04/06/2017 12:10:47] - |A| - [31232] - C:\WINDOWS\system32\usk.rs
[MD5.3DC0000D68D2163ED1BBC52C60A435EA] - [04/06/2017 12:09:37] - |A| - [86528] - C:\WINDOWS\system32\usoapi.dll
[MD5.3E6F9BBF0989E47270882EEF6E35323E] - [04/06/2017 12:09:40] - |A| - [34816] - C:\WINDOWS\system32\UsoClient.exe
[MD5.3A3E4128D22DE9AEC5B0CC1854638507] - [04/06/2017 12:09:39] - |A| - [1310208] - C:\WINDOWS\system32\usocore.dll
[MD5.BE60EF948D8ECB4DD4759735FF291073] - [04/06/2017 12:10:00] - |A| - [79360] - C:\WINDOWS\system32\usp10.dll
[MD5.42B645E12C041ADAF90786AEF7C09B87] - [04/06/2017 12:10:38] - |A| - [49152] - C:\WINDOWS\system32\ustprov.dll
[MD5.91863EE5B138A873A538F8C2ECEDD088] - [04/06/2017 12:09:57] - |A| - [100352] - C:\WINDOWS\system32\utcutil.dll
[MD5.8AD9F9A893A5347710E4316EC8F349BC] - [04/06/2017 12:10:40] - |A| - [42408] - C:\WINDOWS\system32\utildll.dll
[MD5.4A8B6F642BB0F49845F670CBB6C45939] - [04/06/2017 12:09:43] - |A| - [90112] - C:\WINDOWS\system32\Utilman.exe
[MD5.7DB13B2A52F2279476736702676686BB] - [04/06/2017 12:09:52] - |A| - [165888] - C:\WINDOWS\system32\uudf.dll
[MD5.1942DFDBC12F2B2B87BEFA774051F13D] - [04/06/2017 12:09:43] - |A| - [137216] - C:\WINDOWS\system32\UvcModel.dll
[MD5.02550611E7BF41AFFFC21FEB13CCD289] - [04/06/2017 12:10:36] - |A| - [91648] - C:\WINDOWS\system32\UXInit.dll
[MD5.D91DF72D753C4FE95173795E9C61A611] - [04/06/2017 12:10:29] - |A| - [171344] - C:\WINDOWS\system32\uxlib.dll
[MD5.EFA0B4265CE074A3513B475244D52263] - [04/06/2017 12:10:29] - |A| - [7504] - C:\WINDOWS\system32\uxlibres.dll
[MD5.47AD17E6F5E5F7FD2BFE9C0E85E57498] - [04/06/2017 12:10:36] - |A| - [582144] - C:\WINDOWS\system32\uxtheme.dll
[MD5.37983AC9AA2F756472FB427164E71D94] - [04/06/2017 12:09:21] - |A| - [363128] - C:\WINDOWS\system32\vac.exe
[MD5.653BB515AEC15968C0DDDF2B660C8AF6] - [04/06/2017 12:10:42] - |A| - [545280] - C:\WINDOWS\system32\VAN.dll
[MD5.2438ED765DAFAF7F6A1C2B89600D072D] - [04/06/2017 12:10:42] - |A| - [744448] - C:\WINDOWS\system32\Vault.dll
[MD5.39522334CB88713E1D765CCD0102A417] - [04/06/2017 12:09:30] - |A| - [271360] - C:\WINDOWS\system32\vaultcli.dll
[MD5.933D3BB63D1FD87A445B87354510D83F] - [04/06/2017 12:09:30] - |A| - [26112] - C:\WINDOWS\system32\VaultCmd.exe
[MD5.B2842BEA7AB54FEAEDF106DD1C1C8DE0] - [04/06/2017 12:09:25] - |A| - [117760] - C:\WINDOWS\system32\VaultRoaming.dll
[MD5.0C624849DADDE54FA436F6D0B633ACB4] - [04/06/2017 12:09:30] - |A| - [347648] - C:\WINDOWS\system32\vaultsvc.dll
[MD5.8DB0089F1C4B03CE3CF96DF90D06DA16] - [04/06/2017 12:10:38] - |A| - [165888] - C:\WINDOWS\system32\VBICodec.ax
[MD5.BE1972484FD6BC5C8A06CBAAE0ACA225] - [04/06/2017 12:10:40] - |A| - [45056] - C:\WINDOWS\system32\vbisurf.ax
[MD5.2B7D0F94D784620CE85111F6179259EB] - [04/06/2017 12:09:03] - |A| - [602112] - C:\WINDOWS\system32\vbscript.dll
[MD5.2D2AEBC3BA2BC670BD1A791DB80A5634] - [04/06/2017 12:09:33] - |A| - [184832] - C:\WINDOWS\system32\VCardParser.dll
[MD5.308B4606355E44C0D2DF90E85627E648] - [04/06/2017 12:10:44] - |A| - [640512] - C:\WINDOWS\system32\vds.exe
[MD5.5D229124FB2FEB5DD0203306B276416A] - [04/06/2017 12:10:42] - |A| - [237056] - C:\WINDOWS\system32\vdsbas.dll
[MD5.F849CD39CB4E51FBA05C49C8E289D40D] - [04/06/2017 12:10:44] - |A| - [581120] - C:\WINDOWS\system32\vdsdyn.dll
[MD5.937253F360E86F84332F77CEFE3CB58D] - [04/06/2017 12:10:44] - |A| - [25088] - C:\WINDOWS\system32\vdsldr.exe
[MD5.19B6941E7E1FF7B81FD38A38C4F9FE8D] - [04/06/2017 12:10:44] - |A| - [129536] - C:\WINDOWS\system32\vdsutil.dll
[MD5.9CAB9F629829821AE95509A07DDE0DF4] - [04/06/2017 12:10:44] - |A| - [56832] - C:\WINDOWS\system32\vdsvd.dll
[MD5.01FA7CA1E9DE7E36EC553208E8AE98DD] - [04/06/2017 12:10:44] - |A| - [109056] - C:\WINDOWS\system32\vds_ps.dll
[MD5.889BDBF67EFB4757DB9C1FBD0965293F] - [04/06/2017 12:09:30] - |A| - [154112] - C:\WINDOWS\system32\VEDataLayerHelpers.dll
[MD5.3EA4DE3A0AF1A81BA4B7361C052CB59D] - [04/06/2017 12:09:33] - |A| - [376832] - C:\WINDOWS\system32\VEEventDispatcher.dll
[MD5.F1F5D6B985E28DC39A1A0C7A185D2A53] - [04/06/2017 12:10:32] - |A| - [13312] - C:\WINDOWS\system32\verclsid.exe
[MD5.CDB93C40F1CD6742E5BE8D395FCA0B78] - [04/06/2017 12:09:42] - |A| - [382728] - C:\WINDOWS\system32\verifier.dll
[MD5.F3070F7EC93521E00373D02C68B4A5D4] - [04/06/2017 12:09:37] - |A| - [140288] - C:\WINDOWS\system32\verifier.exe
[MD5.B713FECD711C783456C0B4515CF87D39] - [04/06/2017 12:10:40] - |A| - [178688] - C:\WINDOWS\system32\verifiergui.exe
[MD5.ACF8A6CAF8299A9E9D34124F5224FFF5] - [04/06/2017 12:10:29] - |A| - [26392] - C:\WINDOWS\system32\version.dll
[MD5.51C981041C938329A078281DA96A65E0] - [04/06/2017 12:09:17] - |A| - [149312] - C:\WINDOWS\system32\vertdll.dll
[MD5.14B72BB2348D2F2F94D085DE42E1C8D6] - [04/06/2017 12:09:33] - |A| - [179712] - C:\WINDOWS\system32\VEStoreEventHandlers.dll
[MD5.8E2F35DEA4A931C945FC821D5D316B60] - [04/06/2017 12:09:17] - |A| - [67072] - C:\WINDOWS\system32\vfwwdm32.dll
[MD5.F67762A9283943AF62BFFEE01894EC6D] - [04/06/2017 12:09:17] - |A| - [33280] - C:\WINDOWS\system32\vidcap.ax
[MD5.E299B21F68B27082E416331D45542879] - [04/06/2017 12:10:24] - |A| - [105984] - C:\WINDOWS\system32\VideoHandlers.dll
[MD5.272044D35C22E17390DA40838950C92E] - [04/06/2017 12:08:52] - |A| - [106944] - C:\WINDOWS\system32\VIDRESZR.DLL
[MD5.B0EE649A3CA8E95D8DF422935D3FBE3C] - [04/06/2017 12:09:43] - |A| - [50688] - C:\WINDOWS\system32\virtdisk.dll
[MD5.58674F0FBEDE2B005514B8A8A2206231] - [04/06/2017 12:08:57] - |A| - [17408] - C:\WINDOWS\system32\VmApplicationHealthMonitorProxy.dll
[MD5.6BF3E5AF854B6F09032099BBA10F336A] - [04/06/2017 12:08:28] - |A| - [22768] - C:\WINDOWS\system32\vmbuspipe.dll
[MD5.CCA8BC7EDAB9766EAAD779D93CD4A81D] - [04/06/2017 12:08:57] - |A| - [50176] - C:\WINDOWS\system32\vmictimeprovider.dll
[MD5.BF80AB43BE30D26088704FE6CE4F6553] - [04/06/2017 12:08:57] - |A| - [425984] - C:\WINDOWS\system32\vmrdvcore.dll
[MD5.7469BEBBB26DBA9FC6FFB91400B6EBF1] - [04/06/2017 12:09:18] - |A| - [130048] - C:\WINDOWS\system32\VocabRoamingHandler.dll
[MD5.0A42970A21BD8A140012670A73AF56F0] - [04/06/2017 12:09:42] - |A| - [43008] - C:\WINDOWS\system32\VoiceActivationManager.dll
[MD5.6961A6006D518BB92298A8687BF9463D] - [04/06/2017 12:09:43] - |A| - [135168] - C:\WINDOWS\system32\VoipRT.dll
[MD5.223D8DADF0DF0B0C7A65925B0A0B3E87] - [04/06/2017 12:10:32] - |A| - [687104] - C:\WINDOWS\system32\vpnike.dll
[MD5.5D87CC9ED7ED36443AC6B08E9AD5BF6B] - [04/06/2017 12:10:32] - |A| - [53248] - C:\WINDOWS\system32\vpnikeapi.dll
[MD5.936F7E3F9DC107E4CF5B8A35D8BAEBB0] - [04/06/2017 12:10:32] - |A| - [11264] - C:\WINDOWS\system32\VpnSohDesktop.dll
[MD5.704134AF9341FB3272397150F6558924] - [04/06/2017 12:09:34] - |A| - [231936] - C:\WINDOWS\system32\VPNv2CSP.dll
[MD5.84D62B36AC5A30B01877CF97FE51A497] - [04/06/2017 12:08:58] - |A| - [17920] - C:\WINDOWS\system32\VrdUmed.dll
[MD5.55087946A88C10E373C18A4BDFEB2293] - [04/06/2017 12:12:56] - |A| - [19968] - C:\WINDOWS\system32\VscMgrPS.dll
[MD5.C95A54D1F23697A572E0985980B295BD] - [11/06/2017 03:12:29] - |A| - [76800] - C:\WINDOWS\system32\VSD3DWARPDebug.dll
[MD5.8FDB67FB5B884040F40373BDCF6D1771] - [11/06/2017 03:12:29] - |A| - [162304] - C:\WINDOWS\system32\VsGraphicsCapture.dll
[MD5.59F51129A1EFEA8AA76B22D567337B32] - [11/06/2017 03:12:29] - |A| - [5769728] - C:\WINDOWS\system32\VsGraphicsDesktopEngine.exe
[MD5.1C268D9264A4ACCE20E85E2B6099BF90] - [11/06/2017 03:12:29] - |A| - [284160] - C:\WINDOWS\system32\VsGraphicsExperiment.dll
[MD5.6309E5F8C147938748D109A5F9DB809A] - [11/06/2017 03:12:29] - |A| - [90624] - C:\WINDOWS\system32\VsGraphicsProxyStub.dll
[MD5.76EA49A5244EF5F9FD588061EC3AF754] - [11/06/2017 03:12:29] - |A| - [4892160] - C:\WINDOWS\system32\VsGraphicsRemoteEngine.exe
[MD5.FEB36A004F33F1B02C131AC03EFD7415] - [04/06/2017 12:10:42] - |A| - [143360] - C:\WINDOWS\system32\vssadmin.exe
[MD5.BAFEF91F9A7720225AC4F593D09DB157] - [04/06/2017 12:10:44] - |A| - [1653248] - C:\WINDOWS\system32\vssapi.dll
[MD5.3437DFECE16E7F0C5D96B60033DBDAAF] - [04/06/2017 12:10:44] - |A| - [68608] - C:\WINDOWS\system32\vsstrace.dll
[MD5.1A5423A8C203E5FC0C3877637165DEB0] - [04/06/2017 12:10:44] - |A| - [1558016] - C:\WINDOWS\system32\VSSVC.exe
[MD5.09CB62307FD16E39DD026A59ECD1F201] - [04/06/2017 12:10:42] - |A| - [61440] - C:\WINDOWS\system32\vss_ps.dll
[MD5.6632EC0848E7C2745695C9FC25416789] - [12/06/2017 11:00:07] - |A| - [536864] - C:\WINDOWS\system32\vulkan-1.dll
[MD5.5D71BF91F7F8760097BE36B38B76BB09] - [12/06/2017 11:00:07] - |A| - [254240] - C:\WINDOWS\system32\vulkaninfo.exe
[MD5.06730733F4A2B485E9AFD3BC3F811586] - [04/06/2017 12:10:47] - |A| - [551936] - C:\WINDOWS\system32\w32time.dll
[MD5.1D004780D43FDAA8F499C8E83B075DEB] - [04/06/2017 12:10:47] - |A| - [88576] - C:\WINDOWS\system32\w32tm.exe
[MD5.F0EA478BF1518F18A7B269B33521D746] - [04/06/2017 12:09:37] - |A| - [34816] - C:\WINDOWS\system32\w32topl.dll
[MD5.42A2FA6704861D7D23CD8172B89A81CE] - [04/06/2017 12:09:30] - |A| - [101376] - C:\WINDOWS\system32\WaaSAssessment.dll
[MD5.D26719BA72500575B077DDB429D6A7CB] - [04/06/2017 12:10:00] - |A| - [71168] - C:\WINDOWS\system32\WABSyncProvider.dll
[MD5.8E9E0DE8A150C5B2EEBA2D33932EB13A] - [04/06/2017 12:10:42] - |A| - [39424] - C:\WINDOWS\system32\waitfor.exe
[MD5.3211C9EF340C169345EA598E521A9AD7] - [04/06/2017 12:09:30] - |A| - [12288] - C:\WINDOWS\system32\WalletBackgroundServiceProxy.dll
[MD5.086A8F8593B7FECF26B7568826A52DD9] - [04/06/2017 12:09:33] - |A| - [103936] - C:\WINDOWS\system32\WalletProxy.dll
[MD5.9492A92AADE924984EA35BECE2D1FD34] - [04/06/2017 12:12:56] - |A| - [430592] - C:\WINDOWS\system32\WalletService.dll
[MD5.2FFEA9B5961FA7440F942E971255A5B9] - [04/06/2017 12:10:32] - |A| - [22016] - C:\WINDOWS\system32\WallpaperHost.exe
[MD5.7D9C92041FA5CA124D6AD3DB0A412BC5] - [04/06/2017 12:10:36] - |A| - [253952] - C:\WINDOWS\system32\wavemsp.dll
[MD5.79AD30DCB7FF920418DD096D84EDEAE1] - [04/06/2017 12:12:40] - |A| - [281600] - C:\WINDOWS\system32\wbadmin.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [97803343] - C:\WINDOWS\system32\wbem
[MD5.63DC4C7F5E583C0BDB41F9F866C3F5F8] - [04/06/2017 12:10:42] - |A| - [480256] - C:\WINDOWS\system32\wbemcomn.dll
[MD5.E4C041864072ADE56A17249F86B3AE71] - [04/06/2017 12:12:40] - |A| - [1524736] - C:\WINDOWS\system32\wbengine.exe
[MD5.A8A87E76FE464B03C62171CAAF329B8D] - [04/06/2017 12:09:37] - |A| - [970752] - C:\WINDOWS\system32\wbiosrvc.dll
[MD5.2FDD11D9127A361401E0E1DA396AEF19] - [04/06/2017 12:09:37] - |A| - [198144] - C:\WINDOWS\system32\wcimage.dll
[MD5.47685193B70E2BAE9E59E02899B6F6F5] - [04/06/2017 12:10:00] - |A| - [304128] - C:\WINDOWS\system32\wcl.dll
[MD5.B145BBEAB58646D4B470B294680DA338] - [04/06/2017 12:10:00] - |A| - [59904] - C:\WINDOWS\system32\wclEtw.dll
[MD5.7C0F7B9B58A25FD3D7880C92B827A198] - [04/06/2017 12:10:00] - |A| - [132096] - C:\WINDOWS\system32\wclPowrProf.dll
[MD5.CF82DEA1096BAFC52E9AB80F54CB385F] - [04/06/2017 12:10:00] - |A| - [15360] - C:\WINDOWS\system32\wclSqm.dll
[MD5.5FED8AD00343B46699674E3FEDA5263D] - [04/06/2017 12:10:00] - |A| - [125952] - C:\WINDOWS\system32\wclUnicode.dll
[MD5.85B9D293E826B03B417F82FA6C1DE675] - [04/06/2017 12:10:00] - |A| - [8704] - C:\WINDOWS\system32\wclWdi.dll
[MD5.82C9A4E4E65E3AF036E9673CAF218874] - [04/06/2017 12:10:49] - |A| - [134144] - C:\WINDOWS\system32\wcmapi.dll
[MD5.15D07CD4C09D6FB9BC120BD7DE643759] - [04/06/2017 12:10:49] - |A| - [228352] - C:\WINDOWS\system32\wcmcsp.dll
[MD5.C076D4328FEF817D23FA0BCB0EAAFFA9] - [04/06/2017 12:10:49] - |A| - [860672] - C:\WINDOWS\system32\wcmsvc.dll
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:45] - |D| - [0] - C:\WINDOWS\system32\WCN
[MD5.81600F65A1517E0E1ADF8B3D8B3152C3] - [04/06/2017 12:08:57] - |A| - [134656] - C:\WINDOWS\system32\WcnApi.dll
[MD5.54C7F1331B16493481083A9ED9AA2260] - [04/06/2017 12:08:57] - |A| - [465920] - C:\WINDOWS\system32\wcncsvc.dll
[MD5.2D70B28641C7E8116CACB3736C4611E6] - [04/06/2017 12:08:57] - |A| - [34816] - C:\WINDOWS\system32\WcnEapAuthProxy.dll
[MD5.7DB86DF5C0B0AD6843EB8A7470EC6106] - [04/06/2017 12:08:57] - |A| - [36352] - C:\WINDOWS\system32\WcnEapPeerProxy.dll
[MD5.5A44AAE79DE120CBE2884251BE71F8DB] - [04/06/2017 12:08:57] - |A| - [48128] - C:\WINDOWS\system32\WcnNetsh.dll
[MD5.6EC955AE8A0ED93D43F5D8F5DA5EF95A] - [04/06/2017 12:08:57] - |A| - [1304576] - C:\WINDOWS\system32\wcnwiz.dll
[MD5.8647EB6FE4BCE6D7610FDF4F1D9A7A87] - [04/06/2017 12:09:37] - |A| - [303616] - C:\WINDOWS\system32\wc_storage.dll
[MD5.82D7E9751AA90418EB9F85EFD503DA9B] - [04/06/2017 12:10:24] - |A| - [1403392] - C:\WINDOWS\system32\wdc.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [173448810] - C:\WINDOWS\system32\WDI
[MD5.462C46E510CD36D1D2BA56A59683E966] - [04/06/2017 12:10:00] - |A| - [100352] - C:\WINDOWS\system32\wdi.dll
[MD5.9AF746ACA615AD3E918217064C1171CE] - [04/06/2017 12:09:55] - |A| - [215552] - C:\WINDOWS\system32\wdigest.dll
[MD5.171D4C4850551A423ADA9F6E2459A9CC] - [04/06/2017 12:09:21] - |A| - [242688] - C:\WINDOWS\system32\wdmaud.drv
[MD5.518A4668BC153AABB713CB9A9EB64F87] - [04/06/2017 10:16:45] - |A| - [242000] - C:\WINDOWS\system32\wdscore.dll
[MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - [04/06/2017 12:09:52] - |A| - [614] - C:\WINDOWS\system32\WdsUnattendTemplate.xml
[MD5.218919CAC1C879666E380041D45D661A] - [04/06/2017 12:10:49] - |A| - [4608] - C:\WINDOWS\system32\WEB.rs
[MD5.FD07B9CA342C0C355739C8D7C41E1048] - [04/06/2017 12:09:29] - |A| - [251904] - C:\WINDOWS\system32\webauthn.dll
[MD5.74CBA251957DEFD5F413F930E42C15DC] - [04/06/2017 12:08:54] - |A| - [10240] - C:\WINDOWS\system32\WebCache.exe
[MD5.A5B27CBDF753AF60F77F745B15A937CD] - [04/06/2017 12:09:09] - |A| - [952320] - C:\WINDOWS\system32\WebcamUi.dll
[MD5.09F3AB4FA6776BF4D6E74278571426DF] - [04/06/2017 12:09:04] - |A| - [258560] - C:\WINDOWS\system32\webcheck.dll
[MD5.6A90C36E0BA6032EA06CEA92C40C329A] - [04/06/2017 12:10:47] - |A| - [220672] - C:\WINDOWS\system32\WebClnt.dll
[MD5.51CBDF3E072C548BA05CA8BD13687126] - [04/06/2017 12:09:57] - |A| - [565248] - C:\WINDOWS\system32\webio.dll
[MD5.72F570C29195719D561D9A7016CE6EA0] - [04/06/2017 12:09:03] - |A| - [518656] - C:\WINDOWS\system32\webplatstorageserver.dll
[MD5.90128F6A62C86128790DD77E540FDD2E] - [04/06/2017 12:09:47] - |A| - [1402880] - C:\WINDOWS\system32\WebRuntimeManager.dll
[MD5.F50AFA13532EDE2F8FBC82AA5D8D402C] - [04/06/2017 12:09:30] - |A| - [1323328] - C:\WINDOWS\system32\webservices.dll
[MD5.57275A72DABA9EFEB0D51E9062B4BAFB] - [04/06/2017 12:09:55] - |A| - [45568] - C:\WINDOWS\system32\Websocket.dll
[MD5.C1A263E97DB180CD432E5EA8884FF974] - [04/06/2017 12:10:03] - |A| - [78336] - C:\WINDOWS\system32\wecapi.dll
[MD5.783068CB239CEAC4FFED1E6E5CC877FD] - [04/06/2017 12:10:03] - |A| - [201216] - C:\WINDOWS\system32\wecsvc.dll
[MD5.EB68704AFAA808CAB23195F1A6038FA3] - [04/06/2017 12:10:03] - |A| - [102912] - C:\WINDOWS\system32\wecutil.exe
[MD5.F56856F849B7FBAC47642658CBDC2D25] - [04/06/2017 12:10:03] - |A| - [27136] - C:\WINDOWS\system32\wephostsvc.dll
[MD5.4E7B9ACDE28FEAB45F878849ECBDDCB5] - [04/06/2017 12:09:57] - |A| - [744808] - C:\WINDOWS\system32\wer.dll
[MD5.A570131DBACC41AA99BEE1230587D272] - [04/06/2017 12:10:02] - |A| - [1273344] - C:\WINDOWS\system32\werconcpl.dll
[MD5.D8F1B905CB3DB248231A525618706613] - [04/06/2017 12:10:02] - |A| - [104448] - C:\WINDOWS\system32\wercplsupport.dll
[MD5.3EE4ED233C3421A9462927FAE8D6CACE] - [04/06/2017 12:09:57] - |A| - [38400] - C:\WINDOWS\system32\werdiagcontroller.dll
[MD5.F49F9B2D2371FAB1B3CF91AE370AF949] - [04/06/2017 12:09:57] - |A| - [238112] - C:\WINDOWS\system32\weretw.dll
[MD5.53A9C0E1176055503300B487C2BCBD4A] - [04/06/2017 12:09:55] - |A| - [331600] - C:\WINDOWS\system32\WerFault.exe
[MD5.F96EFBC45339AC66BB89F8374C0E8969] - [04/06/2017 12:09:55] - |A| - [139048] - C:\WINDOWS\system32\WerFaultSecure.exe
[MD5.4FE67C2CC08BE9C9F22BECB4D8A88A9B] - [04/06/2017 12:09:57] - |A| - [182608] - C:\WINDOWS\system32\wermgr.exe
[MD5.560BCE9721CB8BD1493B5C1CACDAA075] - [04/06/2017 12:09:57] - |A| - [185856] - C:\WINDOWS\system32\wersvc.dll
[MD5.D100D2A577CAAA75026CF2F0FEF53E9E] - [04/06/2017 12:10:06] - |A| - [468992] - C:\WINDOWS\system32\werui.dll
[MD5.8F4B9A2F71E105029A0564877C09C90E] - [04/06/2017 12:09:39] - |A| - [402440] - C:\WINDOWS\system32\wevtapi.dll
[MD5.2A362DCE588E0E70821DBBDC730A4A53] - [04/06/2017 12:10:06] - |A| - [101888] - C:\WINDOWS\system32\wevtfwd.dll
[MD5.EBE755FA237BFB7DB64EE175A08647CB] - [04/06/2017 12:09:43] - |A| - [1802240] - C:\WINDOWS\system32\wevtsvc.dll
[MD5.5109CFF2F1C2FFDC0F3D46DBC064D561] - [04/06/2017 12:09:34] - |A| - [227328] - C:\WINDOWS\system32\wevtutil.exe
[MD5.791D263C280C994DC62940BABD06D33F] - [04/06/2017 12:09:04] - |A| - [144896] - C:\WINDOWS\system32\wextract.exe
[MD5.CB74567907F74DB11AAEC85865FDF35E] - [04/06/2017 12:10:03] - |A| - [115109] - C:\WINDOWS\system32\WF.msc
[MD5.5D09D142CF79194E00EB1531E6C35FF3] - [04/06/2017 12:09:33] - |A| - [24064] - C:\WINDOWS\system32\wfapigp.dll
[MD5.04D5C09C7702743F4107E32851DCE8F2] - [04/06/2017 12:10:50] - |A| - [46080] - C:\WINDOWS\system32\wfdprov.dll
[MD5.EA0B3F6BDAB6A20A4AF7DF37E56D4057] - [04/06/2017 12:10:50] - |A| - [62464] - C:\WINDOWS\system32\WFDSConMgr.dll
[MD5.09FA27DA10FE365508B1BAC9078D9F08] - [04/06/2017 12:10:50] - |A| - [615936] - C:\WINDOWS\system32\WFDSConMgrSvc.dll
[MD5.16422675A7FB63260A546A6A2C03626D] - [04/06/2017 12:10:47] - |A| - [82944] - C:\WINDOWS\system32\WfHC.dll
[MD5.6F8496EBA432C297A7D5903C017AAD96] - [04/06/2017 12:12:53] - |A| - [939520] - C:\WINDOWS\system32\WFS.exe
[MD5.F05EB3249B67703CB7E88C209436D422] - [04/06/2017 12:12:53] - |A| - [669696] - C:\WINDOWS\system32\WFSR.dll
[MD5.C659A5A9AE4E20CFAEF441974E403FB5] - [04/06/2017 12:10:00] - |A| - [39424] - C:\WINDOWS\system32\whealogr.dll
[MD5.00553A80A591FD488CF42B6B27B49661] - [04/06/2017 12:10:44] - |A| - [40448] - C:\WINDOWS\system32\where.exe
[MD5.B5808719E98CD67F2B441BB019A9231F] - [04/06/2017 12:10:02] - |A| - [15872] - C:\WINDOWS\system32\whhelper.dll
[MD5.827AABB87068FFE8ADF7C93E2D801367] - [04/06/2017 12:10:42] - |A| - [71168] - C:\WINDOWS\system32\whoami.exe
[MD5.7025BB98A9823F3D5E087282AC640AC7] - [04/06/2017 12:10:03] - |A| - [96256] - C:\WINDOWS\system32\wiaacmgr.exe
[MD5.ED878564767CEA2167F084BDA964CF7A] - [04/06/2017 12:10:03] - |A| - [663552] - C:\WINDOWS\system32\wiaaut.dll
[MD5.62FBEEA6613111248D64090D2CB4B8B3] - [04/06/2017 12:10:03] - |A| - [453632] - C:\WINDOWS\system32\wiadefui.dll
[MD5.A5A11995038BA5B6E10B3B86E929F98B] - [04/06/2017 12:10:06] - |A| - [152064] - C:\WINDOWS\system32\wiadss.dll
[MD5.356E1237BAC8009EF230E4F41402917B] - [04/06/2017 12:10:02] - |A| - [11776] - C:\WINDOWS\system32\WiaExtensionHost64.dll
[MD5.813F0EA49B3E1264C78FC996BC5F4926] - [04/06/2017 12:10:03] - |A| - [81920] - C:\WINDOWS\system32\wiarpc.dll
[MD5.8491E2593E192C65D268A75B61BFD772] - [04/06/2017 12:10:02] - |A| - [99840] - C:\WINDOWS\system32\wiascanprofiles.dll
[MD5.0FD3B1E1368539386BF34C8B86ABD693] - [04/06/2017 12:10:03] - |A| - [620544] - C:\WINDOWS\system32\wiaservc.dll
[MD5.03791C4FED7130B4EC7BF0BA922CB8D1] - [04/06/2017 12:10:03] - |A| - [461312] - C:\WINDOWS\system32\wiashext.dll
[MD5.4028F6F097139BD5D35851AECA0C8231] - [04/06/2017 12:10:03] - |A| - [18944] - C:\WINDOWS\system32\wiatrace.dll
[MD5.2FEB943D64B991F0D0E412682AEA448C] - [04/06/2017 12:10:06] - |A| - [39424] - C:\WINDOWS\system32\wiawow64.exe
[MD5.23D47831D8F455F88082078B71576896] - [04/06/2017 12:10:50] - |A| - [27136] - C:\WINDOWS\system32\WiFiConfigSP.dll
[MD5.DDE17CD7D5C1D90E353F4B28E7556178] - [04/06/2017 12:10:47] - |A| - [133120] - C:\WINDOWS\system32\wificonnapi.dll
[MD5.357111556ECA2D6C26ED48201E90DB30] - [04/06/2017 12:10:50] - |A| - [305664] - C:\WINDOWS\system32\WiFiDisplay.dll
[MD5.9BE8CDA4D96AE75901212C177B2A5A9C] - [04/06/2017 12:10:47] - |A| - [1342464] - C:\WINDOWS\system32\wifinetworkmanager.dll
[MD5.A12B23A98483AC8883067D03DF7F85CD] - [04/06/2017 12:10:50] - |A| - [309248] - C:\WINDOWS\system32\wifiprofilessettinghandler.dll
[MD5.7FCFF6511F19B27EAF0A8DE6F2C81A48] - [04/06/2017 12:10:47] - |A| - [454480] - C:\WINDOWS\system32\wifitask.exe
[MD5.BB2D1DF427C9284DE64DC66A6F1CC2AD] - [04/06/2017 12:09:54] - |A| - [2307] - C:\WINDOWS\system32\WimBootCompress.ini
[MD5.7E9A056087C068CE31B0488EB9FA67D8] - [04/06/2017 12:09:54] - |A| - [700752] - C:\WINDOWS\system32\wimgapi.dll
[MD5.AC797C03129A155490FD260D80AB8984] - [04/06/2017 12:09:54] - |A| - [520528] - C:\WINDOWS\system32\wimserv.exe
[MD5.E3AB2CD592D798FEE69799E9BDBDB452] - [04/06/2017 12:09:47] - |A| - [70144] - C:\WINDOWS\system32\win32appinventorycsp.dll
[MD5.E94E670D828C72915815EFAB80743D06] - [04/06/2017 12:09:37] - |A| - [459264] - C:\WINDOWS\system32\win32k.sys
[MD5.29ECB239DEFC382C593A2E307C8414A5] - [04/06/2017 12:09:25] - |A| - [2046464] - C:\WINDOWS\system32\win32kbase.sys
[MD5.2C79F874B4BB3187DAC256F62257B10A] - [04/06/2017 12:09:37] - |A| - [3610624] - C:\WINDOWS\system32\win32kfull.sys
[MD5.BB350B3A1E1675BBABC11DE2EF89AD8B] - [04/06/2017 12:10:47] - |A| - [834560] - C:\WINDOWS\system32\win32spl.dll
[MD5.BFF16B9A5612764FA8C1F80530A3CF9B] - [04/06/2017 12:09:37] - |A| - [114248] - C:\WINDOWS\system32\win32u.dll
[MD5.B75DD9DC5373850B54EB3B3C9DBC3569] - [04/06/2017 12:11:53] - |A| - [25600] - C:\WINDOWS\system32\Win32_DeviceGuard.dll
[MD5.363CD4902C18760E81B9A19FCBE511F8] - [04/06/2017 12:09:34] - |A| - [149504] - C:\WINDOWS\system32\winbio.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [101376] - C:\WINDOWS\system32\WinBioDatabase
[MD5.15907295EA3E0B0007DF8249FBDC2CF6] - [04/06/2017 12:12:56] - |A| - [329216] - C:\WINDOWS\system32\WinBioDataModel.dll
[MD5.2F9B7884489777F37A611705A4EE75D9] - [04/06/2017 12:12:56] - |A| - [57856] - C:\WINDOWS\system32\WinBioDataModelOOBE.exe
[MD5.799F1613C64AAC2B377835EFE6E26459] - [04/06/2017 12:09:54] - |A| - [40960] - C:\WINDOWS\system32\winbioext.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [82496400] - C:\WINDOWS\system32\WinBioPlugIns
[MD5.A38CEB1E49416242AB5CC1A038767781] - [04/06/2017 12:09:52] - |A| - [88920] - C:\WINDOWS\system32\winbrand.dll
[MD5.2231077D24F800E59E7A9764FE1C6849] - [04/06/2017 12:09:55] - |A| - [414720] - C:\WINDOWS\system32\wincorlib.dll
[MD5.FDBFCF11A4A3B6C890DB0A19CE45CE0D] - [04/06/2017 12:10:00] - |A| - [44032] - C:\WINDOWS\system32\wincredprovider.dll
[MD5.9505E3A9265AF2F13032647FDCC16E9F] - [04/06/2017 12:10:00] - |A| - [196608] - C:\WINDOWS\system32\wincredui.dll
[MD5.70EF8F50B66ADF0FDABFBF8612FC30A0] - [04/06/2017 12:09:34] - |A| - [835072] - C:\WINDOWS\system32\WindowManagement.dll
[MD5.220582FC09004E7192E1AA2AD35FBBCC] - [04/06/2017 12:09:24] - |A| - [923136] - C:\WINDOWS\system32\Windows.AccountsControl.dll
[MD5.C5F9F43015C4A1AF314FEC7FCBA57733] - [04/06/2017 12:09:34] - |A| - [114688] - C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
[MD5.667E8D444872A15E0527435234790082] - [04/06/2017 12:09:34] - |A| - [31744] - C:\WINDOWS\system32\Windows.ApplicationModel.Background.TimeBroker.dll
[MD5.5E80A8CF83BD7B69375141BA6AC32471] - [04/06/2017 12:09:22] - |A| - [209920] - C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
[MD5.5B4A9AE1E2021618811B1C40147B4D41] - [04/06/2017 12:09:24] - |A| - [635880] - C:\WINDOWS\system32\Windows.ApplicationModel.dll
[MD5.0AB6C639E7B987651BB5D7062ABBC951] - [04/06/2017 12:10:11] - |A| - [434176] - C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
[MD5.F08C7A4184180BF5C3D95CD8D0E77F49] - [04/06/2017 12:09:25] - |A| - [1884752] - C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
[MD5.C8BC17C0F62EF6D4E7815184F5DD42D2] - [04/06/2017 12:09:25] - |A| - [308736] - C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
[MD5.371EB36A63BA5D5A37CF1D147564AB56] - [04/06/2017 12:09:33] - |A| - [543744] - C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
[MD5.AE1990B8E23C1DE431D729F5D5ECD5B7] - [04/06/2017 12:09:49] - |A| - [16384] - C:\WINDOWS\system32\Windows.CloudDomainJoinAUG.ProxyStub.dll
[MD5.FB9862E558879DCADAFA8692F3CC00CD] - [04/06/2017 12:09:21] - |A| - [3330560] - C:\WINDOWS\system32\Windows.CloudStore.dll
[MD5.1E08DC0633DE47FD9763B7C5D489FCB9] - [04/06/2017 12:10:32] - |A| - [87552] - C:\WINDOWS\system32\Windows.CloudStore.Schema.DesktopShell.dll
[MD5.2639CE7461B7BDBA047438CDA775BF78] - [04/06/2017 12:09:47] - |A| - [529408] - C:\WINDOWS\system32\Windows.CloudStore.Schema.Shell.dll
[MD5.3C79335324CC7886AD4266F6D6F0B56A] - [04/06/2017 12:10:32] - |A| - [508928] - C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
[MD5.54ED9966358393DC3ADA24273A02908C] - [04/06/2017 12:10:29] - |A| - [295936] - C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
[MD5.75D67A26F1DC599F9E38498D6C67E143] - [04/06/2017 12:08:58] - |A| - [138752] - C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
[MD5.8A645884A8698EF4B82EEA4F59E53CEF] - [04/06/2017 12:10:32] - |A| - [123904] - C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
[MD5.3105FF9D1D2978344134EC8C07ADE781] - [04/06/2017 12:09:24] - |A| - [7658496] - C:\WINDOWS\system32\Windows.Data.Pdf.dll
[MD5.7B85770DFAE0A906F8272DA4FC8A8881] - [04/06/2017 12:09:25] - |A| - [632320] - C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
[MD5.CBC2BD1BD7866E1E2B8D0C1AD296F39D] - [04/06/2017 12:09:24] - |A| - [84480] - C:\WINDOWS\system32\Windows.Devices.Background.dll
[MD5.A19023AFB45750141A46DC6F142BDAB8] - [04/06/2017 12:09:24] - |A| - [20480] - C:\WINDOWS\system32\Windows.Devices.Background.ps.dll
[MD5.8F64B01124D65FDB91AF1704D7FEC05C] - [04/06/2017 12:09:25] - |A| - [2209792] - C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
[MD5.A33BAC1A5D132C2C0015A1609FCB5033] - [04/06/2017 12:09:25] - |A| - [95744] - C:\WINDOWS\system32\Windows.Devices.Custom.dll
[MD5.2536711E07B3B994AB719B707F044B41] - [04/06/2017 12:09:25] - |A| - [23040] - C:\WINDOWS\system32\Windows.Devices.Custom.ps.dll
[MD5.026B67BA2C8F463D6AB2FB74561BF9FA] - [04/06/2017 12:09:25] - |A| - [502120] - C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
[MD5.ED0F0579651E35989320CC7648D0CAE5] - [04/06/2017 12:09:25] - |A| - [185344] - C:\WINDOWS\system32\Windows.Devices.Haptics.dll
[MD5.210AA5EE147346060495CAFCE2AD428B] - [04/06/2017 12:09:24] - |A| - [279040] - C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
[MD5.23901CE22B6FA58CD16DEBCDC289D207] - [04/06/2017 12:09:33] - |A| - [143872] - C:\WINDOWS\system32\Windows.Devices.Lights.dll
[MD5.184676553C746B718C057D9BC0CD9B21] - [04/06/2017 12:09:25] - |A| - [611328] - C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
[MD5.4BE4EC2140908D683B7E6FA8D3B2A179] - [04/06/2017 12:09:18] - |A| - [438784] - C:\WINDOWS\system32\Windows.Devices.Midi.dll
[MD5.E4E49CD42F8B729774C66AE882C2264B] - [04/06/2017 12:09:37] - |A| - [2366464] - C:\WINDOWS\system32\Windows.Devices.Perception.dll
[MD5.F9E65189EF8EAA45646C23C9DFFCCCDC] - [04/06/2017 12:12:56] - |A| - [344576] - C:\WINDOWS\system32\Windows.Devices.Picker.dll
[MD5.F3FE786DCF6A43DFD7A095527D5B3EB9] - [04/06/2017 12:09:25] - |A| - [1267200] - C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
[MD5.6B9CA523A5D27306F042001428B296FE] - [04/06/2017 12:10:42] - |A| - [45056] - C:\WINDOWS\system32\Windows.Devices.Portable.dll
[MD5.6C18C589CEF957E13AFE4411C8BFF419] - [04/06/2017 12:09:21] - |A| - [91136] - C:\WINDOWS\system32\Windows.Devices.Printers.dll
[MD5.5F57DA295F9FDC56A0F0BD6B734C613D] - [04/06/2017 12:10:29] - |A| - [44544] - C:\WINDOWS\system32\Windows.Devices.Printers.Extensions.dll
[MD5.FA839245904255B50328C63E261DE954] - [04/06/2017 12:09:21] - |A| - [189952] - C:\WINDOWS\system32\Windows.Devices.Radios.dll
[MD5.9E31A02E30261622AAA095714AD3FAD9] - [04/06/2017 12:10:03] - |A| - [217600] - C:\WINDOWS\system32\Windows.Devices.Scanners.dll
[MD5.57425061EF8BD1EE53FDB263951053DE] - [04/06/2017 12:11:37] - |A| - [954368] - C:\WINDOWS\system32\Windows.Devices.Sensors.dll
[MD5.E3247349FD555F7FC0186270C03750D4] - [04/06/2017 12:09:24] - |A| - [168448] - C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
[MD5.9DF12CC945A8895EA51C56143A634233] - [04/06/2017 12:09:22] - |A| - [918528] - C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
[MD5.2E2D95232882AF30EF85710C86787719] - [04/06/2017 12:09:29] - |A| - [435712] - C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
[MD5.2E4AB41263CA7C2A5B267D71F725B09D] - [04/06/2017 12:09:21] - |A| - [430080] - C:\WINDOWS\system32\Windows.Devices.Usb.dll
[MD5.CAE46D466AF8ABA75FC3028698DD3344] - [04/06/2017 12:09:24] - |A| - [275456] - C:\WINDOWS\system32\Windows.Devices.WiFi.dll
[MD5.788C810FACD0E7406E600936DD89B99A] - [04/06/2017 12:09:24] - |A| - [493568] - C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
[MD5.24C3197C9A736841E081365600A8C492] - [04/06/2017 12:09:24] - |A| - [196608] - C:\WINDOWS\system32\Windows.Energy.dll
[MD5.37FCA833EE8663BC891B97B3C4FD7C19] - [04/06/2017 12:09:21] - |A| - [802816] - C:\WINDOWS\system32\Windows.Gaming.Input.dll
[MD5.A52EE2EDBF179C1E058187C1AAEE9629] - [04/06/2017 12:09:29] - |A| - [296448] - C:\WINDOWS\system32\Windows.Gaming.Preview.dll
[MD5.DD551DF2888FA6271E86C3A7C91CBBB9] - [04/06/2017 12:09:29] - |A| - [87552] - C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
[MD5.6FFBBBBA386957CD5E938B57E3B15595] - [04/06/2017 12:09:29] - |A| - [462336] - C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
[MD5.474B2C9CA8613EDB7C7A72C4606F69A0] - [04/06/2017 12:09:25] - |A| - [1580032] - C:\WINDOWS\system32\Windows.Globalization.dll
[MD5.FCE75DF0DC23B70CEFD1D9BFD4078235] - [04/06/2017 12:09:24] - |A| - [74752] - C:\WINDOWS\system32\Windows.Globalization.Fontgroups.dll
[MD5.04F1497F99328A4ACB09FCB51BA864DE] - [04/06/2017 12:09:33] - |A| - [915968] - C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
[MD5.12B3E2D5DE86B84A15DF3FAC09CC6638] - [04/06/2017 12:11:37] - |A| - [121976] - C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
[MD5.0A3B6E95B2D9069866CE6B14AF5BFE84] - [04/06/2017 12:09:30] - |A| - [423424] - C:\WINDOWS\system32\Windows.Graphics.dll
[MD5.5CF85130E8A7EFCD7276A83AD51030C8] - [04/06/2017 12:09:22] - |A| - [2287616] - C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
[MD5.C8BD8EB2138A013A946C63AD2061E7F9] - [04/06/2017 12:09:25] - |A| - [641024] - C:\WINDOWS\system32\Windows.Graphics.Printing.dll
[MD5.74C967776709BDC55984A653CD49BF2D] - [04/06/2017 12:10:27] - |A| - [475136] - C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
[MD5.744A4AE7AAC4BA398B636A5C0525775E] - [04/06/2017 12:10:27] - |A| - [16896] - C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.Native.dll
[MD5.A93192BD25AC835975FFE12B1061B945] - [04/06/2017 12:10:06] - |A| - [157696] - C:\WINDOWS\system32\Windows.Help.Runtime.dll
[MD5.DE29839B50F0F12DE27B9F541446164F] - [04/06/2017 12:09:37] - |A| - [503296] - C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
[MD5.C6EA528C379B19C8CDF984645B4ABA2A] - [04/06/2017 12:09:49] - |A| - [534528] - C:\WINDOWS\system32\Windows.Internal.AdaptiveCards.XamlCardRenderer.dll
[MD5.5000EC6D5EA65BBBDC2613ECFDB25AF9] - [04/06/2017 12:09:24] - |A| - [618496] - C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
[MD5.0817ED86D9E4B122F2B4C8FFCF96FC52] - [04/06/2017 12:11:39] - |A| - [330752] - C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
[MD5.A2711AEB2686F0C3C2DB6240544EFEB0] - [04/06/2017 12:11:39] - |A| - [22528] - C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.ProxyStub.dll
[MD5.43A27BAB60D74B3F202F313795CD31AA] - [04/06/2017 12:09:34] - |A| - [581632] - C:\WINDOWS\system32\Windows.Internal.Management.dll
[MD5.83FAE28DC85FD586A59568DAE264FF47] - [04/06/2017 12:11:43] - |A| - [140800] - C:\WINDOWS\system32\Windows.Internal.Management.SecureAssessment.dll
[MD5.B9AA191A14263E498E369C8CBC1B973D] - [04/06/2017 12:10:49] - |A| - [247808] - C:\WINDOWS\system32\Windows.Internal.PredictionUnit.dll
[MD5.735871B31130FFEEF4D8D599679AECF0] - [04/06/2017 12:09:03] - |A| - [45056] - C:\WINDOWS\system32\Windows.Internal.SecurityMitigationsBroker.dll
[MD5.89A390F43968F1C2DD1C9796763EF358] - [04/06/2017 12:10:11] - |A| - [1108936] - C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
[MD5.ECA01B2AC0435AC69FBD5D0D2BB11CE0] - [04/06/2017 12:09:49] - |A| - [52752] - C:\WINDOWS\system32\Windows.Internal.ShellCommon.Broker.dll
[MD5.02931A24C61539DAEC9EE228C8CFED9F] - [04/06/2017 12:09:43] - |A| - [253952] - C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
[MD5.F41CAE760D33D5F82344435537693BAB] - [04/06/2017 12:10:47] - |A| - [1010688] - C:\WINDOWS\system32\Windows.Internal.Signals.dll
[MD5.6EFC5BEE519048D78096DD6BB6E6B72F] - [04/06/2017 12:09:54] - |A| - [49152] - C:\WINDOWS\system32\Windows.Internal.UI.BioEnrollment.ProxyStub.dll
[MD5.E06555BF6310384B6AEA6F268DC4D2CA] - [04/06/2017 12:10:00] - |A| - [226816] - C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
[MD5.80D750A5222EFBC7A3494AAA9F4185FC] - [04/06/2017 12:10:44] - |A| - [29696] - C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
[MD5.A7B5778D59580CA0B48302D1628796CB] - [04/06/2017 12:11:42] - |RA| - [169472] - C:\WINDOWS\system32\Windows.Management.SecureAssessment.CfgProvider.dll
[MD5.92DD72FE5F87FA32C3DAD38A4F2788EE] - [04/06/2017 12:11:42] - |A| - [6144] - C:\WINDOWS\system32\Windows.Management.SecureAssessment.Diagnostics.dll
[MD5.3C44982E3F4577C0ECEEBF7215D9DFEF] - [04/06/2017 12:09:30] - |A| - [209744] - C:\WINDOWS\system32\Windows.Management.Workplace.dll
[MD5.E88917CFB75D7F025A873FC0BB379C2D] - [04/06/2017 12:10:44] - |A| - [34816] - C:\WINDOWS\system32\Windows.Management.Workplace.WorkplaceSettings.dll
[MD5.2BD021A5F9D6B9FFF643547658B2E458] - [04/06/2017 12:08:52] - |A| - [1214976] - C:\WINDOWS\system32\Windows.Media.Audio.dll
[MD5.5C284D65794C3276F74D8307ECC77B8B] - [04/06/2017 12:09:21] - |A| - [938496] - C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
[MD5.732AE8CCAD7F66FEF1F665F5028C193C] - [04/06/2017 12:09:21] - |A| - [13312] - C:\WINDOWS\system32\Windows.Media.BackgroundPlayback.exe
[MD5.F3C670D53B5F3E6B6E3141831DDEFABC] - [04/06/2017 12:09:21] - |A| - [241152] - C:\WINDOWS\system32\Windows.Media.Devices.dll
[MD5.63297C27C5DD178015E0620F2BC6E781] - [04/06/2017 12:08:52] - |A| - [6986688] - C:\WINDOWS\system32\Windows.Media.dll
[MD5.A2EC489F6DAC20EA8A53DFE7E3E9E7A1] - [04/06/2017 12:08:52] - |A| - [1376256] - C:\WINDOWS\system32\Windows.Media.Editing.dll
[MD5.9FE97BD0654CF299594CE30BA08FB659] - [04/06/2017 12:09:22] - |A| - [1498624] - C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
[MD5.03221A19E62FFCC37A9608DAE70F37AF] - [04/06/2017 12:09:24] - |A| - [820736] - C:\WINDOWS\system32\Windows.Media.Import.dll
[MD5.280C851332145EE61D086C62FD28D385] - [04/06/2017 12:09:49] - |A| - [389496] - C:\WINDOWS\system32\Windows.Media.MediaControl.dll
[MD5.F2E1159F7703319CC0F5D50174909DCD] - [04/06/2017 12:09:24] - |A| - [1044992] - C:\WINDOWS\system32\Windows.Media.Ocr.dll
[MD5.E543C1B8AA7974B5D4FFA485A45E69FA] - [04/06/2017 12:09:21] - |A| - [935936] - C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
[MD5.2265E010A92D33DD3C8A350BBA51ABD9] - [04/06/2017 12:09:21] - |A| - [913920] - C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
[MD5.7AD54FC2F93718BA907137BA0437257C] - [04/06/2017 12:09:21] - |A| - [111104] - C:\WINDOWS\system32\Windows.Media.Playback.ProxyStub.dll
[MD5.AA98FA992D38719935AC5E2AC77CB4D7] - [04/06/2017 12:09:21] - |A| - [7346872] - C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
[MD5.800B6D8B06D95EA5F46A85F1EEB3EB34] - [04/06/2017 12:08:52] - |A| - [111104] - C:\WINDOWS\system32\Windows.Media.Renewal.dll
[MD5.53F1BF58BF7301573C2EC4EC1BEA8A48] - [04/06/2017 12:09:37] - |A| - [1796608] - C:\WINDOWS\system32\Windows.Media.Speech.dll
[MD5.CC2AB13B51A6D0096A7B985193FCF814] - [04/06/2017 12:09:37] - |A| - [568832] - C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
[MD5.5D44AF398CC04FA1431D2F8C517B0B5B] - [04/06/2017 12:09:04] - |A| - [1061376] - C:\WINDOWS\system32\Windows.Media.Streaming.dll
[MD5.E465CBAD7434B9AACCDA0240196F394B] - [04/06/2017 12:09:04] - |A| - [218112] - C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
[MD5.C4DA7C13283D526FD10B1099BE1E1CC5] - [04/06/2017 12:10:47] - |A| - [2905600] - C:\WINDOWS\system32\Windows.Mirage.dll
[MD5.3F27DDED1D7F7B087407AEF08BD1DD9E] - [04/06/2017 12:10:47] - |A| - [780288] - C:\WINDOWS\system32\Windows.Mirage.Internal.dll
[MD5.FC86EF1E4B3C94B440AD15F66DCB5ADF] - [04/06/2017 12:09:24] - |A| - [104960] - C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[MD5.168AC5F48068C67A2500EF9170D26769] - [04/06/2017 12:09:24] - |A| - [505856] - C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
[MD5.AF4B5A919F80485329F54ED0F237367B] - [04/06/2017 12:09:25] - |A| - [1077760] - C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
[MD5.43540EA8889C14AA10A5E6CB087060B4] - [04/06/2017 12:09:21] - |A| - [681472] - C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
[MD5.8BA45330D34BFC0B725E30F456106D20] - [04/06/2017 12:09:22] - |A| - [886784] - C:\WINDOWS\system32\Windows.Networking.dll
[MD5.C2479E6D7C779521CC9FCD5B92E372E9] - [04/06/2017 12:09:24] - |A| - [204288] - C:\WINDOWS\system32\Windows.Networking.HostName.dll
[MD5.98A3481D8B1113051777F5F55C3A7F94] - [04/06/2017 12:09:21] - |A| - [138752] - C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
[MD5.FEE1714D1BEB6E2602DD329002D8E6CD] - [04/06/2017 12:09:21] - |A| - [339968] - C:\WINDOWS\system32\Windows.Networking.Proximity.dll
[MD5.1C3948B5F64F302C4675FD8647E37233] - [04/06/2017 12:09:29] - |A| - [113664] - C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
[MD5.4FAFB52132F7F21839EE49C186C59367] - [04/06/2017 12:09:24] - |A| - [147456] - C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
[MD5.79BD858FDBD617E48F23CB2FDDBFCDB4] - [04/06/2017 12:09:43] - |A| - [567296] - C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
[MD5.D112162F3FC2F90F8E1AF2A64EE88708] - [04/06/2017 12:09:34] - |A| - [1216000] - C:\WINDOWS\system32\Windows.Networking.Vpn.dll
[MD5.F84D644A985ABF741CBDF5666367BB78] - [04/06/2017 12:09:18] - |A| - [75264] - C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
[MD5.8C692A1F8C8BC4529D374983B1FAC124] - [04/06/2017 12:09:29] - |A| - [579584] - C:\WINDOWS\system32\Windows.Payments.dll
[MD5.C13073A2AAB911D43549FD3A1A42E441] - [04/06/2017 12:09:22] - |A| - [765440] - C:\WINDOWS\system32\Windows.Perception.Stub.dll
[MD5.1FA22FFE99C78F49F36085EB19FABC04] - [04/06/2017 12:09:29] - |A| - [267776] - C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
[MD5.EDFD655AC0F22B9DEA4240AD36FCE43D] - [04/06/2017 12:09:24] - |A| - [1077248] - C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
[MD5.023959B00A98BC5D4E505E9F0DCD9EE4] - [04/06/2017 12:09:24] - |A| - [832000] - C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
[MD5.8E9D35BF20C4B8AF1A5894AA97BC3E49] - [04/06/2017 12:09:21] - |A| - [98208] - C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll
[MD5.4A4EAC410934393A06D99BB796F4BFCD] - [04/06/2017 12:09:25] - |A| - [126976] - C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
[MD5.8BD5A73918EB70BD5C10A89952D101EF] - [04/06/2017 12:09:33] - |A| - [984912] - C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
[MD5.34951E2221660A38580C145F4D7BDB7D] - [04/06/2017 12:09:47] - |A| - [194560] - C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
[MD5.49A606B64D894F90D49A52A03AECA18C] - [04/06/2017 12:09:42] - |A| - [196096] - C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
[MD5.5C137B83D920FD09966CC2DE231BAD74] - [04/06/2017 12:09:43] - |A| - [487424] - C:\WINDOWS\system32\Windows.Shell.BlueLightReduction.dll
[MD5.36D33E107D02561EFA6623EB69E97F55] - [04/06/2017 12:10:29] - |A| - [59904] - C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
[MD5.E17D8A9CA182064B5E57304059F1817B] - [04/06/2017 12:09:30] - |A| - [91648] - C:\WINDOWS\system32\Windows.Shell.ServiceHostBuilder.dll
[MD5.F3498A0EA6BAA5DD25A21165804F77C6] - [04/06/2017 12:09:24] - |A| - [22528] - C:\WINDOWS\system32\Windows.Shell.StartLayoutPopulationEvents.dll
[MD5.C4E128265DFD3089D878666348ACED34] - [04/06/2017 12:09:47] - |A| - [2347008] - C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
[MD5.FD236EEFD959C21162264AA2FE9E85AA] - [04/06/2017 12:09:34] - |A| - [5616952] - C:\WINDOWS\system32\Windows.StateRepository.dll
[MD5.30B97BA40A47EAF77AF681FBA8A64546] - [04/06/2017 12:09:34] - |A| - [95056] - C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
[MD5.6C4A5077C2AA47294390C5139D9BAB0D] - [04/06/2017 12:09:34] - |A| - [149328] - C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
[MD5.610CB85144F6D17CEB0E70CBF0F063A0] - [04/06/2017 12:09:34] - |A| - [161792] - C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
[MD5.70DBE5A9CE6E21BB202227FA5DC9417B] - [04/06/2017 12:09:25] - |A| - [358008] - C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
[MD5.07EB8B917B82C0AAE6D122D90434DD70] - [04/06/2017 12:09:22] - |A| - [166400] - C:\WINDOWS\system32\Windows.Storage.Compression.dll
[MD5.387B645C1A2971D3A828B50B115AF2D5] - [04/06/2017 12:09:34] - |A| - [7630328] - C:\WINDOWS\system32\windows.storage.dll
[MD5.D576BABD5DE321F3DFF3B3E2D36E0ECA] - [04/06/2017 12:09:24] - |A| - [788480] - C:\WINDOWS\system32\Windows.Storage.Search.dll
[MD5.9FE42AB9B18D890B1B3248B197B6BCCF] - [04/06/2017 12:09:33] - |A| - [65024] - C:\WINDOWS\system32\Windows.Storage.WinRT.dll
[MD5.0ED8DF769BEE42E33028E05938EC2F8C] - [04/06/2017 12:09:34] - |A| - [284672] - C:\WINDOWS\system32\Windows.System.Diagnostics.dll
[MD5.48A8D0041AF02D8F96A60B27AD265873] - [04/06/2017 12:09:22] - |A| - [53760] - C:\WINDOWS\system32\Windows.System.Diagnostics.Telemetry.PlatformTelemetryClient.dll
[MD5.453B524BDE27196E025F74A22525F10F] - [04/06/2017 12:09:25] - |A| - [102912] - C:\WINDOWS\system32\Windows.System.Diagnostics.TraceReporting.PlatformDiagnosticActions.dll
[MD5.23FE84E4446413BC4D85B03B8BB6EDFB] - [04/06/2017 12:09:25] - |A| - [612864] - C:\WINDOWS\system32\Windows.System.Launcher.dll
[MD5.F16DA08D5B46DCC2A0A40BDA12462902] - [04/06/2017 12:09:21] - |A| - [210944] - C:\WINDOWS\system32\Windows.System.Profile.HardwareId.dll
[MD5.8CAB2B5845DAD20D17E1F315081ED318] - [04/06/2017 12:09:21] - |A| - [64512] - C:\WINDOWS\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
[MD5.4E9FDD39E874C6800399BCC3CE755EDB] - [04/06/2017 12:09:40] - |A| - [144384] - C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
[MD5.F46E37631F5FE656FECE5490FAB15B90] - [04/06/2017 12:09:29] - |A| - [58368] - C:\WINDOWS\system32\Windows.System.Profile.SystemId.dll
[MD5.BE43DF49704E406DF5CC8F84025F6486] - [04/06/2017 12:10:00] - |A| - [49664] - C:\WINDOWS\system32\Windows.System.Profile.SystemManufacturers.dll
[MD5.7EF6F7EB4FF6E1A497ABA62C6A08614A] - [04/06/2017 12:09:25] - |A| - [24064] - C:\WINDOWS\system32\Windows.System.RemoteDesktop.dll
[MD5.896FD8E0941F4ED94FCA26B4BB69B256] - [04/06/2017 12:09:25] - |A| - [188416] - C:\WINDOWS\system32\Windows.System.SystemManagement.dll
[MD5.039FD43EE898E5E57E4565F677E444CD] - [04/06/2017 12:09:21] - |A| - [84480] - C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
[MD5.CAC774EE6D01AC9A0F2160B1CF23085F] - [04/06/2017 12:09:24] - |A| - [62464] - C:\WINDOWS\system32\Windows.System.UserProfile.DiagnosticsSettings.dll
[MD5.4AA501EABE32CC23AF2A58D1B11C66C5] - [04/06/2017 12:09:43] - |A| - [228352] - C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
[MD5.F3846EEC8916E5C705D0523220A2F45A] - [04/06/2017 12:12:56] - |A| - [359424] - C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
[MD5.99D8DC25030B4321EF04EC875FFF6C2F] - [04/06/2017 12:09:54] - |A| - [415232] - C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
[MD5.0ED6640F1554A6EA0CECA9F6933C5749] - [04/06/2017 12:09:25] - |A| - [578048] - C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
[MD5.1279077FD057F804DD8EEF5FFC46C3D8] - [04/06/2017 12:09:52] - |A| - [1528832] - C:\WINDOWS\system32\Windows.UI.Cred.dll
[MD5.B50CFB672FEEFC958E9E7CDD1D293465] - [04/06/2017 12:10:00] - |A| - [283136] - C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
[MD5.F2AB207721F00591130FCA4DF341E5B3] - [04/06/2017 12:10:44] - |A| - [1122816] - C:\WINDOWS\system32\Windows.UI.dll
[MD5.60847ED24C80334DC71962D2938514B3] - [04/06/2017 12:10:03] - |A| - [1727488] - C:\WINDOWS\system32\Windows.UI.Immersive.dll
[MD5.3857E46A411563D75D2BAD6CA3CD2EDA] - [04/06/2017 12:09:29] - |A| - [4047360] - C:\WINDOWS\system32\Windows.UI.Input.Inking.Analysis.dll
[MD5.39D546DF9A2AF560C14CD40A4124DF93] - [04/06/2017 12:09:29] - |A| - [1597440] - C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
[MD5.CD30AD1CE56C270A283F24898C4CF951] - [04/06/2017 12:09:49] - |A| - [2757120] - C:\WINDOWS\system32\Windows.UI.Logon.dll
[MD5.38D1EA8E9D0F0126A13C644E22168F65] - [04/06/2017 12:12:56] - |A| - [2729472] - C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
[MD5.3B6F932897858CD7E36E488067AE7983] - [04/06/2017 12:10:29] - |A| - [883712] - C:\WINDOWS\system32\Windows.UI.Search.dll
[MD5.95FE6CCE5323B049114C28C82D633A32] - [04/06/2017 12:12:58] - |A| - [51712] - C:\WINDOWS\system32\Windows.UI.Shell.dll
[MD5.C9825D409593F1C23010DAF8912522C3] - [04/06/2017 12:09:43] - |A| - [126976] - C:\WINDOWS\system32\Windows.UI.Storage.dll
[MD5.6A0A143E90F59F0C8D11830DD8F0801F] - [04/06/2017 12:09:25] - |A| - [3182080] - C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
[MD5.3DDDD146F0EAFDBC5D53D587D8F90B08] - [04/06/2017 12:09:25] - |A| - [17610752] - C:\WINDOWS\system32\Windows.UI.Xaml.dll
[MD5.89FDAA002D7BBADDAD7F5E636F1ABE3D] - [04/06/2017 12:09:22] - |A| - [978944] - C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
[MD5.94C3491944F026F59991469E30664147] - [04/06/2017 12:09:25] - |A| - [1514496] - C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
[MD5.163B4027148843FAFA0422EDB75126D7] - [04/06/2017 12:09:24] - |A| - [1401344] - C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
[MD5.441E1B00BEA0B7D600EA50598D58AEB3] - [04/06/2017 12:09:25] - |A| - [2885120] - C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
[MD5.8ADD281A6AD18E215E936F3BE77A29C5] - [04/06/2017 12:12:56] - |A| - [165888] - C:\WINDOWS\system32\Windows.UI.XamlHost.dll
[MD5.5D7619CC336FBF94BBC64D2B6CAB9E60] - [04/06/2017 12:09:25] - |A| - [25088] - C:\WINDOWS\system32\Windows.WARP.JITService.dll
[MD5.9FAD86D7D21197D7473BD73705D1B31A] - [04/06/2017 12:09:30] - |A| - [24064] - C:\WINDOWS\system32\Windows.WARP.JITService.exe
[MD5.D1CE90F347ED434BADE0D470AD1DD853] - [04/06/2017 12:09:33] - |A| - [233472] - C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
[MD5.794ADF55433E5FA2FDBAF63EAE15F54D] - [04/06/2017 12:09:21] - |A| - [735744] - C:\WINDOWS\system32\Windows.Web.dll
[MD5.7A7C8AC169B67D8A0CC97508039DA395] - [04/06/2017 12:09:24] - |A| - [1341440] - C:\WINDOWS\system32\Windows.Web.Http.dll
[MD5.9960D5F757542074120F5A96C7FD934B] - [04/06/2017 12:10:16] - |A| - [59392] - C:\WINDOWS\system32\WindowsActionDialog.exe
[MD5.37383916B81B7A38F191138C2286CB06] - [04/06/2017 12:09:29] - |A| - [1742192] - C:\WINDOWS\system32\WindowsCodecs.dll
[MD5.0F6BB89B5D2B0D3F3C3D044B7BD67313] - [04/06/2017 12:09:29] - |A| - [274432] - C:\WINDOWS\system32\WindowsCodecsExt.dll
[MD5.5BE57194E943585B92F54857AD176154] - [04/06/2017 12:09:08] - |A| - [32539544] - C:\WINDOWS\system32\WindowsCodecsRaw.dll
[MD5.E0974EE3F592223A950B3B0C04797212] - [04/06/2017 12:09:08] - |A| - [1649] - C:\WINDOWS\system32\WindowsCodecsRaw.txt
[MD5.F66655C2083B5645D4A0FA818BAD9E41] - [04/06/2017 12:09:29] - |A| - [104448] - C:\WINDOWS\system32\WindowsDefaultHeatProcessor.dll
[MD5.ED6DD7DCE85626340DCFCE3A3C0BDD4F] - [04/06/2017 12:11:51] - |A| - [59728] - C:\WINDOWS\system32\windowsdefenderapplicationguardcsp.dll
[MD5.01D28D70424B734C1D389FC09C4D16CD] - [04/06/2017 12:10:11] - |A| - [227328] - C:\WINDOWS\system32\windowslivelogin.dll
[MD5.84408A8BE3BFB868375C36C45F74022A] - [04/06/2017 12:09:57] - |A| - [1093120] - C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [10786572] - C:\WINDOWS\system32\WindowsPowerShell
[MD5.BBBBB39E660AEACC979D70C8745EB7AF] - [04/06/2017 12:08:53] - |A| - [32256] - C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
[MD5.1DAB6FE40AE207656198BD3A760FF273] - [04/06/2017 12:10:38] - |A| - [85504] - C:\WINDOWS\system32\winethc.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [102494208] - C:\WINDOWS\system32\winevt
[MD5.81FF0D9907021868149AABAE86FED4E3] - [04/06/2017 12:13:09] - |A| - [29184] - C:\WINDOWS\system32\WinFax.dll
[MD5.3AB0370712AD8CCEAAC7315C2512EC63] - [04/06/2017 12:09:57] - |A| - [865696] - C:\WINDOWS\system32\winhttp.dll
[MD5.479BA8F93D2A8D4A33EB8C95A8919206] - [04/06/2017 12:09:57] - |A| - [97792] - C:\WINDOWS\system32\winhttpcom.dll
[MD5.5039A3544DC57C055FDC3DB7A11F8C32] - [04/06/2017 12:10:11] - |A| - [3319296] - C:\WINDOWS\system32\wininet.dll
[MD5.B812BB0F390BDB9090FE325D87330B86] - [04/06/2017 12:10:03] - |A| - [68608] - C:\WINDOWS\system32\wininetlui.dll
[MD5.3508D0582E9B971D822C5A8F9A99F5B6] - [04/06/2017 12:09:57] - |A| - [351792] - C:\WINDOWS\system32\wininit.exe
[MD5.CA60D4AE07E76BC4016CF6DCA2ED5A1C] - [04/06/2017 12:10:00] - |A| - [37712] - C:\WINDOWS\system32\wininitext.dll
[MD5.96361624D94BC787951D80B61213A4AD] - [04/06/2017 12:09:34] - |A| - [497664] - C:\WINDOWS\system32\winipcfile.dll
[MD5.20646AC17EE72B4260D1F845C47D3237] - [04/06/2017 12:09:34] - |A| - [984064] - C:\WINDOWS\system32\winipcsecproc.dll
[MD5.9335BFB4BEECC7285FB784C517004449] - [04/06/2017 12:10:06] - |A| - [98816] - C:\WINDOWS\system32\winipsec.dll
[MD5.28625CFA1CAFEA14A207053CD43026D3] - [04/06/2017 12:10:49] - |A| - [141824] - C:\WINDOWS\system32\winjson.dll
[MD5.CAE2C8755DEAF7F9A7F4183EA40A6BAF] - [04/06/2017 12:09:30] - |A| - [424960] - C:\WINDOWS\system32\Winlangdb.dll
[MD5.02DE319CBD9ADCBBB981D2A363EA1C73] - [04/06/2017 12:09:52] - |A| - [1411672] - C:\WINDOWS\system32\winload.efi
[MD5.A16B569C553C9BB40A5CA4DE4812376E] - [04/06/2017 12:09:52] - |A| - [1201960] - C:\WINDOWS\system32\winload.exe
[MD5.E694907E0C017F2583934C21987969ED] - [04/06/2017 12:10:00] - |A| - [712704] - C:\WINDOWS\system32\winlogon.exe
[MD5.86DC7740425744F42C5E99974C089BCA] - [04/06/2017 12:10:42] - |A| - [77312] - C:\WINDOWS\system32\winlogonext.dll
[MD5.551F7D5CF90FF8B5C08A4F7356359A39] - [04/06/2017 12:09:04] - |A| - [1684896] - C:\WINDOWS\system32\winmde.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [5205520] - C:\WINDOWS\system32\WinMetadata
[MD5.B758C92C7DF785FA8D5FC5859FE68A80] - [04/06/2017 12:09:18] - |A| - [119416] - C:\WINDOWS\system32\winmm.dll
[MD5.88F0C183667FE3C89746545413D3DDDA] - [04/06/2017 12:09:18] - |A| - [158104] - C:\WINDOWS\system32\winmmbase.dll
[MD5.63C6B80C149DE3F3845047FD65F9D81F] - [04/06/2017 12:09:34] - |A| - [2319360] - C:\WINDOWS\system32\winmsipc.dll
[MD5.5CE7FC8C13294900ED8EAFE154DD7B67] - [04/06/2017 12:09:37] - |A| - [85504] - C:\WINDOWS\system32\WinMsoIrmProtector.dll
[MD5.D4E8DF50436D671AEE27846CBC1F3962] - [04/06/2017 12:09:57] - |A| - [19968] - C:\WINDOWS\system32\winnlsres.dll
[MD5.BB72F84AEFF1AA512B769A17E27AE598] - [04/06/2017 12:09:57] - |A| - [30520] - C:\WINDOWS\system32\winnsi.dll
[MD5.FD31D0785D8A82050B3724351E8D66A5] - [04/06/2017 12:09:37] - |A| - [79360] - C:\WINDOWS\system32\WinOpcIrmProtector.dll
[MD5.A29F5F60A96CA1DB6EDF62E3AF004F3F] - [04/06/2017 12:09:52] - |A| - [1084728] - C:\WINDOWS\system32\winresume.efi
[MD5.7586A5A8177606364ED400EA0FCF2A92] - [04/06/2017 12:09:52] - |A| - [918424] - C:\WINDOWS\system32\winresume.exe
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:45] - |D| - [110108] - C:\WINDOWS\system32\winrm
[MD5.F80EEF72983614DB418A0C1FAE21EBC1] - [04/06/2017 12:10:42] - |A| - [33] - C:\WINDOWS\system32\winrm.cmd
[MD5.9D7684F978EBD77E6A3EA7EF1330B946] - [04/06/2017 12:10:42] - |A| - [204105] - C:\WINDOWS\system32\winrm.vbs
[MD5.51299954A511F61702976FDC4BD407B0] - [04/06/2017 12:10:00] - |A| - [31232] - C:\WINDOWS\system32\winrnr.dll
[MD5.6951AA3CA90E68C0E1C4C7514054847F] - [04/06/2017 12:09:21] - |A| - [48640] - C:\WINDOWS\system32\winrs.exe
[MD5.EF8C708AF97EE4528789A9B3073CB53D] - [04/06/2017 12:09:21] - |A| - [105984] - C:\WINDOWS\system32\winrscmd.dll
[MD5.2477A457DBDD704C7DB94359B2D0DE59] - [04/06/2017 12:09:21] - |A| - [28160] - C:\WINDOWS\system32\winrshost.exe
[MD5.ECFE108811C2CB0F240F9339A209590B] - [04/06/2017 12:09:21] - |A| - [2048] - C:\WINDOWS\system32\winrsmgr.dll
[MD5.A10B89C4E86467120B8FDA1986CBF3D8] - [04/06/2017 12:09:21] - |A| - [14336] - C:\WINDOWS\system32\winrssrv.dll
[MD5.5E7A76FA2195BCCCF38414731C73EDE3] - [04/06/2017 12:09:24] - |A| - [187392] - C:\WINDOWS\system32\WinRtTracing.dll
[MD5.CD7CF6267A0B5A28E7C657506A961B53] - [04/06/2017 12:10:44] - |A| - [3366400] - C:\WINDOWS\system32\WinSAT.exe
[MD5.98A93DC2A9D3CE0CA423BD2FB1AB7824] - [04/06/2017 12:10:44] - |A| - [375808] - C:\WINDOWS\system32\WinSATAPI.dll
[MD5.AC4A867BD578F6C9FA0D006B9797E324] - [04/06/2017 12:10:36] - |A| - [241152] - C:\WINDOWS\system32\WinSCard.dll
[MD5.B0B0A84704A2E2DC1BDDB7F6085906C3] - [04/06/2017 12:10:32] - |A| - [380240] - C:\WINDOWS\system32\WinSetupUI.dll
[MD5.2FAECA126DCB8A43795633A60052C6B0] - [04/06/2017 12:08:57] - |A| - [18432] - C:\WINDOWS\system32\winshfhc.dll
[MD5.B2E3DD5C944575241B28FB625FB4F368] - [04/06/2017 12:09:52] - |A| - [288768] - C:\WINDOWS\system32\winsku.dll
[MD5.1833708EE815148877FCAC566F4E9E23] - [04/06/2017 12:10:44] - |A| - [92672] - C:\WINDOWS\system32\winsockhc.dll
[MD5.BF8B1114AB8EDEF68D8FA146E5A5C7A6] - [04/06/2017 12:10:49] - |A| - [543232] - C:\WINDOWS\system32\winspool.drv
[MD5.F1BE568B6AE18F1FC5FCABFF2E848791] - [04/06/2017 12:09:21] - |A| - [776032] - C:\WINDOWS\system32\winsqlite3.dll
[MD5.35F985024BFD7C0F57502B45D37B5C31] - [04/06/2017 12:10:27] - |A| - [26112] - C:\WINDOWS\system32\WINSRPC.DLL
[MD5.6005100057B9680E00086528B7B91B3E] - [04/06/2017 12:10:00] - |A| - [65536] - C:\WINDOWS\system32\winsrv.dll
[MD5.4481820F2FA3413D4BBB8B3F6A05D958] - [04/06/2017 12:10:00] - |A| - [88064] - C:\WINDOWS\system32\winsrvext.dll
[MD5.44E88C08899959CA541213E3E10E4E8E] - [04/06/2017 12:10:40] - |A| - [330072] - C:\WINDOWS\system32\winsta.dll
[MD5.81141F5BD53FA1265304D762B62D055A] - [04/06/2017 12:09:34] - |A| - [764416] - C:\WINDOWS\system32\WinSync.dll
[MD5.588C2C3153F33E930D205D5AE5193A04] - [04/06/2017 12:10:00] - |A| - [234496] - C:\WINDOWS\system32\WinSyncMetastore.dll
[MD5.43E7613AEE5A6F44EE6158A04538DB1A] - [04/06/2017 12:10:00] - |A| - [134144] - C:\WINDOWS\system32\WinSyncProviders.dll
[MD5.AF7D7846A5E1A99C849327E136023745] - [04/06/2017 12:09:33] - |A| - [355376] - C:\WINDOWS\system32\wintrust.dll
[MD5.9BB1FBB6960E56C3ACB89A4A06EFAB5C] - [04/06/2017 12:09:55] - |A| - [1260800] - C:\WINDOWS\system32\WinTypes.dll
[MD5.B0CA3E398125533FAC91E80DF2D41ABD] - [04/06/2017 12:09:24] - |A| - [27648] - C:\WINDOWS\system32\winusb.dll
[MD5.4B20513CA493FB99987BADB640EBDE5A] - [04/06/2017 12:10:36] - |A| - [58880] - C:\WINDOWS\system32\winver.exe
[MD5.249873675F3BA8A741E375B63DB85E96] - [04/06/2017 12:10:36] - |A| - [236032] - C:\WINDOWS\system32\wisp.dll
[MD5.27C8941B5010FBE863DE9967F00B21A6] - [04/06/2017 12:10:36] - |A| - [35840] - C:\WINDOWS\system32\witnesswmiv2provider.dll
[MD5.C7974D1D5B9FDB60A3ABB09E8E0A6A13] - [04/06/2017 12:09:57] - |A| - [77544] - C:\WINDOWS\system32\wkscli.dll
[MD5.9937CD74E30CB4484CFA593A2DD33A9D] - [04/06/2017 12:10:42] - |A| - [261912] - C:\WINDOWS\system32\wkspbroker.exe
[MD5.426F4A5664180ECFD7A8C33A2530738C] - [04/06/2017 12:10:38] - |A| - [116736] - C:\WINDOWS\system32\wkspbrokerAx.dll
[MD5.0F0B2BBCAC17CF97A0642A28405CD5AE] - [04/06/2017 12:10:40] - |A| - [436736] - C:\WINDOWS\system32\wksprt.exe
[MD5.A140E422D94C0BA270C554E0CC33718B] - [04/06/2017 12:10:38] - |A| - [31232] - C:\WINDOWS\system32\wksprtPS.dll
[MD5.1734DA0021E610C630DF684AC24BD4BD] - [04/06/2017 12:09:57] - |A| - [272896] - C:\WINDOWS\system32\wkssvc.dll
[MD5.2E62F88CBDF6E03DB325D28559E93B65] - [04/06/2017 12:10:50] - |A| - [415312] - C:\WINDOWS\system32\wlanapi.dll
[MD5.FC1120F2040F97CE4FA3250B1162AACE] - [04/06/2017 12:10:49] - |A| - [293888] - C:\WINDOWS\system32\wlancfg.dll
[MD5.CC66A8587146531441D05A0A339C3F90] - [04/06/2017 12:10:24] - |A| - [583168] - C:\WINDOWS\system32\WLanConn.dll
[MD5.0E7C22634C72526060DC7B949203184E] - [04/06/2017 12:10:50] - |A| - [198144] - C:\WINDOWS\system32\wlandlg.dll
[MD5.69838FDE985728230321574BCB8E2DB1] - [04/06/2017 12:10:49] - |A| - [99328] - C:\WINDOWS\system32\wlanext.exe
[MD5.A6132CAF79435A0926D87DAC502E1E41] - [04/06/2017 12:10:50] - |A| - [477696] - C:\WINDOWS\system32\wlangpui.dll
[MD5.61E4FCB333C267C6D4F1A15E6A80CDC1] - [04/06/2017 12:10:50] - |A| - [214528] - C:\WINDOWS\system32\WLanHC.dll
[MD5.19F90D26E584471B8FCF00EECAE17D43] - [04/06/2017 12:10:50] - |A| - [16384] - C:\WINDOWS\system32\wlanhlp.dll
[MD5.B8A23D29DA937A675426322AAF6D7CB3] - [04/06/2017 12:09:42] - |A| - [669184] - C:\WINDOWS\system32\WlanMediaManager.dll
[MD5.36D30D339BCEAC9F8B3663641782C469] - [04/06/2017 12:10:16] - |A| - [4264960] - C:\WINDOWS\system32\WlanMM.dll
[MD5.C4105CF17B8BF236FA2193D74A16956C] - [04/06/2017 12:10:50] - |A| - [409600] - C:\WINDOWS\system32\wlanmsm.dll
[MD5.0F07342799FCB65B3998B3C487FFB9B8] - [04/06/2017 12:10:50] - |A| - [772608] - C:\WINDOWS\system32\wlanpref.dll
[MD5.77712745D7BC87B0123C6E6BECE19B5F] - [04/06/2017 12:10:50] - |A| - [67584] - C:\WINDOWS\system32\WlanRadioManager.dll
[MD5.0831C5463F6FDA09E0874741E92100E7] - [04/06/2017 12:10:50] - |A| - [460800] - C:\WINDOWS\system32\wlansec.dll
[MD5.90F438551B43D74D15FAF14705573BC5] - [04/06/2017 12:10:50] - |A| - [2510336] - C:\WINDOWS\system32\wlansvc.dll
[MD5.A684CD09CBACF04D6AAF1BE2477AABD1] - [04/06/2017 12:10:50] - |A| - [26624] - C:\WINDOWS\system32\wlansvcpal.dll
[MD5.E1DC32E733D4B958D91C68A9CFB951F1] - [04/06/2017 12:10:50] - |A| - [405504] - C:\WINDOWS\system32\wlanui.dll
[MD5.A3AA2CE9A091AC81832477824DD6CEFA] - [04/06/2017 12:10:50] - |A| - [3584] - C:\WINDOWS\system32\wlanutil.dll
[MD5.D03B9392E0565134F68C9738D9364DEA] - [04/06/2017 12:09:55] - |A| - [356352] - C:\WINDOWS\system32\Wldap32.dll
[MD5.554425A6746DAA8A20C470462DEBE913] - [04/06/2017 12:10:49] - |A| - [66688] - C:\WINDOWS\system32\wldp.dll
[MD5.6101C6D6D571DDFA80089AB2D27C9FF6] - [04/06/2017 12:10:50] - |A| - [117248] - C:\WINDOWS\system32\wlgpclnt.dll
[MD5.1B43304F81741CC73C113D4B743E57A1] - [04/06/2017 12:10:11] - |A| - [716288] - C:\WINDOWS\system32\wlidcli.dll
[MD5.E21CF80CBE4D63356F41862938831082] - [04/06/2017 12:10:11] - |A| - [313344] - C:\WINDOWS\system32\wlidcredprov.dll
[MD5.6E462D7D2004EC82D07ABC04EEE877D5] - [04/06/2017 12:10:11] - |A| - [99840] - C:\WINDOWS\system32\wlidfdp.dll
[MD5.834BFA355A4CDD0333B7A1FB098EF070] - [04/06/2017 12:10:11] - |A| - [65536] - C:\WINDOWS\system32\wlidnsp.dll
[MD5.E2B74E45D2591EF1D6D7DF0BC98AEF4C] - [04/06/2017 12:09:24] - |A| - [682496] - C:\WINDOWS\system32\wlidprov.dll
[MD5.9FFC71E91A27701360B66CDDF7550AA7] - [04/06/2017 12:09:24] - |A| - [30720] - C:\WINDOWS\system32\wlidres.dll
[MD5.D764D8E0B589D25B7570419AAEB73E3F] - [04/06/2017 12:09:24] - |A| - [2161152] - C:\WINDOWS\system32\wlidsvc.dll
[MD5.50546A15418F4CFDEC576CC4242AD2B7] - [04/06/2017 12:10:42] - |A| - [61528] - C:\WINDOWS\system32\wlrmdr.exe
[MD5.0E4AA83E2AE62A10FFAE7891BA22D89F] - [04/06/2017 12:10:42] - |A| - [17232] - C:\WINDOWS\system32\WlS0WndH.dll
[MD5.8874D12448CDEA193A87B720AE1E1832] - [04/06/2017 12:08:53] - |A| - [729344] - C:\WINDOWS\system32\WMADMOD.DLL
[MD5.4365A0624E06FE103F8CD734A9A3E1F0] - [04/06/2017 12:08:53] - |A| - [737056] - C:\WINDOWS\system32\WMADMOE.DLL
[MD5.BC71E304CFE8F61DF532CD4EEE42B943] - [04/06/2017 12:08:28] - |A| - [1796456] - C:\WINDOWS\system32\WMALFXGFXDSP.dll
[MD5.5F2AB5778887156C952748A1A04006A2] - [04/06/2017 12:09:04] - |A| - [331608] - C:\WINDOWS\system32\WMASF.DLL
[MD5.EC9D2E355CDBEA6294A5DAE5A6868BE6] - [04/06/2017 12:08:52] - |A| - [14336] - C:\WINDOWS\system32\wmcodecdspps.dll
[MD5.6D4F3A52C6F6B3150521FD56031D5339] - [04/06/2017 12:09:04] - |A| - [38912] - C:\WINDOWS\system32\wmdmlog.dll
[MD5.425E3A65E64CFE87A4D6D588E646D63D] - [04/06/2017 12:09:04] - |A| - [95744] - C:\WINDOWS\system32\wmdmps.dll
[MD5.5F316E7250FC5F1722F3DF5B92DFA448] - [04/06/2017 12:09:17] - |A| - [7680] - C:\WINDOWS\system32\wmdrmsdk.dll
[MD5.16969CE6EF0242A9F1260538657217CA] - [05/06/2017 08:58:25] - |A| - [2560] - C:\WINDOWS\system32\wmerror.dll
[MD5.DD8AA17B6AC997BAD7E162D53549B16B] - [04/06/2017 12:09:57] - |A| - [5632] - C:\WINDOWS\system32\wmi.dll
[MD5.7F2F1CDC575A52E20B8FB1941BE402A0] - [04/06/2017 12:09:57] - |A| - [47104] - C:\WINDOWS\system32\wmiclnt.dll
[MD5.259D262D0B9773F66D20A94794B0B9E9] - [04/06/2017 12:10:44] - |A| - [418640] - C:\WINDOWS\system32\wmicmiplugin.dll
[MD5.3CA932EA79DB61B952FFCADE11C83E8D] - [04/06/2017 12:10:42] - |A| - [165376] - C:\WINDOWS\system32\wmidcom.dll
[MD5.56119BF277AA179371D95491F9D3E07A] - [04/06/2017 12:09:04] - |A| - [197120] - C:\WINDOWS\system32\wmidx.dll
[MD5.E0ADDCE97EE521C9AC4F53EE17A05BD5] - [04/06/2017 12:10:42] - |A| - [144673] - C:\WINDOWS\system32\WmiMgmt.msc
[MD5.873D19EA38DBF363862164117E43ECB4] - [04/06/2017 12:10:42] - |A| - [29184] - C:\WINDOWS\system32\wmiprop.dll
[MD5.20D27743BE6A8BC8D40BF904A55F59B4] - [04/06/2017 12:10:44] - |A| - [205312] - C:\WINDOWS\system32\wmitomi.dll
[MD5.B34B33226DA62F5B12116887029DA0E0] - [04/06/2017 12:09:04] - |A| - [1314816] - C:\WINDOWS\system32\WMNetMgr.dll
[MD5.6218A189A4F5C5FE394CE9F3EED7692F] - [05/06/2017 08:58:25] - |A| - [13706240] - C:\WINDOWS\system32\wmp.dll
[MD5.6A8F43297C963678E8D14219E399E5BF] - [04/06/2017 12:09:04] - |A| - [1510912] - C:\WINDOWS\system32\WMPDMC.exe
[MD5.5A7F4A23075CED0E711884DD8C8F444D] - [04/06/2017 12:09:04] - |A| - [360960] - C:\WINDOWS\system32\WmpDui.dll
[MD5.B3BCEBFA5B642F935EF29E0313060186] - [05/06/2017 08:58:25] - |A| - [216576] - C:\WINDOWS\system32\wmpdxm.dll
[MD5.FF7936D75979ECB6BA9BA4C7E9E32628] - [05/06/2017 08:58:25] - |A| - [280456] - C:\WINDOWS\system32\wmpeffects.dll
[MD5.E6F6B823E13205619163F3D9386E0341] - [04/06/2017 12:09:21] - |A| - [393728] - C:\WINDOWS\system32\WMPhoto.dll
[MD5.2BCB86A26DD5D5EB3594F19C812D4F76] - [05/06/2017 08:58:25] - |A| - [9262080] - C:\WINDOWS\system32\wmploc.DLL
[MD5.E11E3917B6D9D43559EFFB162998B68C] - [05/06/2017 08:58:25] - |A| - [2027816] - C:\WINDOWS\system32\wmpmde.dll
[MD5.A58E166987C1B6DFCF9B220D7991129F] - [05/06/2017 08:58:25] - |A| - [383240] - C:\WINDOWS\system32\wmpps.dll
[MD5.DA1DFFFCF684F6CD357383FBED781CAE] - [05/06/2017 08:58:25] - |A| - [127488] - C:\WINDOWS\system32\wmpshell.dll
[MD5.1834B17D42C54D29359553C40C667615] - [04/06/2017 12:09:57] - |A| - [18944] - C:\WINDOWS\system32\wmsgapi.dll
[MD5.7DD1BA0C8CC91330EDE53FB61B4AFFC4] - [04/06/2017 12:10:36] - |A| - [983552] - C:\WINDOWS\system32\WMSPDMOD.DLL
[MD5.21469BA69C4B32C426FA78166828B195] - [04/06/2017 12:08:52] - |A| - [1221632] - C:\WINDOWS\system32\WMSPDMOE.DLL
[MD5.305A823BD520133F86F8768C84BD914C] - [04/06/2017 12:09:04] - |A| - [2350144] - C:\WINDOWS\system32\WMVCORE.DLL
[MD5.FB661017BFD1E800AAB9E602F1D0098D] - [04/06/2017 12:08:52] - |A| - [2503032] - C:\WINDOWS\system32\WMVDECOD.DLL
[MD5.A28583BC8E9FE66BD24135AD4A9BB53F] - [04/06/2017 12:08:52] - |A| - [209408] - C:\WINDOWS\system32\wmvdspa.dll
[MD5.DE1A3E66785BB37DE535CC396AAB0E74] - [04/06/2017 12:08:52] - |A| - [2195176] - C:\WINDOWS\system32\WMVENCOD.DLL
[MD5.1AA20497E0287F625A4B2F4429DA66E6] - [04/06/2017 12:08:53] - |A| - [336288] - C:\WINDOWS\system32\WMVSDECD.DLL
[MD5.7BE012A3E9AE762D45018448105B02C2] - [04/06/2017 12:08:52] - |A| - [435200] - C:\WINDOWS\system32\WMVSENCD.DLL
[MD5.5C151E00F7F874BD8B52645192CD6162] - [04/06/2017 12:08:52] - |A| - [628736] - C:\WINDOWS\system32\WMVXENCD.DLL
[MD5.8D35490BE93A9271FFD1B2C5A2C1FFE9] - [04/06/2017 12:12:53] - |A| - [29184] - C:\WINDOWS\system32\WofTasks.dll
[MD5.C308B0535D03ABE81A652E477D56D50F] - [04/06/2017 12:09:54] - |A| - [33792] - C:\WINDOWS\system32\WofUtil.dll
[MD5.6848F31F61D467EB6F21938FC2163BEE] - [04/06/2017 12:09:25] - |A| - [39936] - C:\WINDOWS\system32\WordBreakers.dll
[MD5.A6981BF8AE25C07667E38AC8B90C2A2E] - [04/06/2017 12:10:41] - |A| - [15360] - C:\WINDOWS\system32\workerdd.dll
[MD5.7B156FC75CD9380837A0C80662F8A562] - [04/06/2017 12:08:58] - |A| - [102912] - C:\WINDOWS\system32\WorkFolders.exe
[MD5.AFD5620AA7516FAD8F57362A19A482DB] - [04/06/2017 12:08:58] - |A| - [807424] - C:\WINDOWS\system32\WorkfoldersControl.dll
[MD5.CCD9950DD6F185EAEFC143DD0CA99C7F] - [04/06/2017 12:08:58] - |A| - [110592] - C:\WINDOWS\system32\WorkFoldersGPExt.dll
[MD5.49F014497CF85512BED4830E6E174120] - [04/06/2017 12:08:58] - |A| - [61952] - C:\WINDOWS\system32\WorkFoldersRes.dll
[MD5.762DE06745F432AC5ED552B050359E7C] - [04/06/2017 12:08:58] - |A| - [223744] - C:\WINDOWS\system32\WorkFoldersShell.dll
[MD5.C0ED65FEBEDBE9FD419664AB5071B9AD] - [04/06/2017 12:08:58] - |A| - [1833984] - C:\WINDOWS\system32\workfolderssvc.dll
[MD5.B0D790E12838E6A4DE8D94DA8CA77AD9] - [04/06/2017 12:09:21] - |A| - [314152] - C:\WINDOWS\system32\wow64.dll
[MD5.AA8BA02EE8078C2C52C68B6DE60D84F1] - [04/06/2017 12:09:21] - |A| - [18224] - C:\WINDOWS\system32\wow64cpu.dll
[MD5.DF56F896ABB944418643635D49968C1A] - [04/06/2017 12:09:21] - |A| - [474208] - C:\WINDOWS\system32\wow64win.dll
[MD5.BC49E066513DFD5375BB9804511E3359] - [04/06/2017 12:10:27] - |A| - [17408] - C:\WINDOWS\system32\wowreg32.exe
[MD5.5EF0A311B528FD91443D799BD5630DD2] - [04/06/2017 12:08:52] - |A| - [413696] - C:\WINDOWS\system32\WpAXHolder.dll
[MD5.9EDEB7A926D52B1FA114298A4062A43B] - [04/06/2017 12:10:06] - |A| - [91136] - C:\WINDOWS\system32\wpbcreds.dll
[MD5.2EDF7EE747FDFBEAB0BFCF68AE240257] - [04/06/2017 12:10:49] - |A| - [1744384] - C:\WINDOWS\system32\Wpc.dll
[MD5.A99B80A60AA2DB3B5A45D05FD7B0DC67] - [04/06/2017 12:10:47] - |A| - [190976] - C:\WINDOWS\system32\WpcApi.dll
[MD5.29D61F58249B19136EFACC9740FA2AB4] - [04/06/2017 12:10:47] - |A| - [1498920] - C:\WINDOWS\system32\WpcMon.exe
[MD5.C30C621748C66CE751B19B2788559A3E] - [04/06/2017 12:10:47] - |A| - [4687] - C:\WINDOWS\system32\wpcmon.png
[MD5.241BCA3D014C5BFE9EC86C1E0D64605F] - [04/06/2017 12:10:47] - |A| - [859648] - C:\WINDOWS\system32\WpcRefreshTask.dll
[MD5.B1945F6FA2C36DA13A78FD787C9E9787] - [04/06/2017 12:10:47] - |A| - [213504] - C:\WINDOWS\system32\WpcTok.exe
[MD5.2FB735418D34BCD812B0E7F6C2F1EC97] - [04/06/2017 12:10:44] - |A| - [894976] - C:\WINDOWS\system32\WpcWebFilter.dll
[MD5.ADB5947AE15AE03B633B930926D779C9] - [04/06/2017 12:09:08] - |A| - [85504] - C:\WINDOWS\system32\wpdbusenum.dll
[MD5.414F31D77AB685CCF26C9C8565C9A868] - [04/06/2017 12:09:08] - |A| - [1937920] - C:\WINDOWS\system32\wpdshext.dll
[MD5.CC96870E8B212DF579B45357DA414374] - [04/06/2017 12:09:08] - |A| - [30208] - C:\WINDOWS\system32\WPDShextAutoplay.exe
[MD5.C637E7CAE03C5292B1F9B6E2748E8205] - [04/06/2017 12:09:08] - |A| - [65536] - C:\WINDOWS\system32\WPDShServiceObj.dll
[MD5.E44B09ABF24364AB123F3A6B2B02FAC9] - [04/06/2017 12:09:08] - |A| - [373760] - C:\WINDOWS\system32\WPDSp.dll
[MD5.43294F532D3150E7D5D4338BAF14E4BE] - [04/06/2017 12:09:08] - |A| - [223232] - C:\WINDOWS\system32\wpd_ci.dll
[MD5.8AAAC61348CF2CA17D97BA239DBD9A34] - [04/06/2017 12:09:34] - |A| - [1280000] - C:\WINDOWS\system32\wpnapps.dll
[MD5.4F4AE6AB6E855CE9906265AAE9F2AB12] - [04/06/2017 12:09:30] - |A| - [303616] - C:\WINDOWS\system32\wpnclient.dll
[MD5.4766C63351825C769AA58E17CD09E954] - [04/06/2017 12:09:30] - |A| - [1704448] - C:\WINDOWS\system32\wpncore.dll
[MD5.BF187E4D580D65279AFD6B9E902A3D6B] - [04/06/2017 12:09:33] - |A| - [105472] - C:\WINDOWS\system32\wpninprc.dll
[MD5.524242CFCD63DF0FB2CA06B2087DFD10] - [04/06/2017 12:11:37] - |A| - [20992] - C:\WINDOWS\system32\wpnpinst.exe
[MD5.C4EC9BE20F0254CF92D40BDA76ABE41C] - [04/06/2017 12:09:30] - |A| - [563712] - C:\WINDOWS\system32\wpnprv.dll
[MD5.FE9085FE8764A03C74A686AC4D9AF11D] - [04/06/2017 12:09:30] - |A| - [284672] - C:\WINDOWS\system32\wpnservice.dll
[MD5.AD119C31B56C67D764A16D319FDC35E1] - [04/06/2017 12:09:33] - |A| - [35328] - C:\WINDOWS\system32\wpnsruprov.dll
[MD5.943D600D3AE7EAA60C610D553917FAC9] - [04/06/2017 12:09:30] - |A| - [73216] - C:\WINDOWS\system32\WpnUserService.dll
[MD5.0951180585726292239219EEF78F1C68] - [04/06/2017 12:09:25] - |A| - [14336] - C:\WINDOWS\system32\WpPortingLibrary.dll
[MD5.7F44F0B8BC2AF4970B16ED25E044B110] - [04/06/2017 12:10:13] - |A| - [10752] - C:\WINDOWS\system32\WppRecorderUM.dll
[MD5.B6B479B04C64AF5EF36C24EBDF278302] - [04/06/2017 12:09:57] - |A| - [726] - C:\WINDOWS\system32\wpr.config.xml
[MD5.DFADD8CD7854E7F53275E232B4DFB8E1] - [04/06/2017 12:09:57] - |A| - [318464] - C:\WINDOWS\system32\wpr.exe
[MD5.71A550951A39D927F88784DB1DA20B7F] - [04/06/2017 12:10:33] - |A| - [171008] - C:\WINDOWS\system32\WPTaskScheduler.dll
[MD5.83BF6FCEEA5674480471A7608E7E617A] - [04/06/2017 12:10:46] - |A| - [1317200] - C:\WINDOWS\system32\wpx.dll
[MD5.68F8EC9C848252D10B9746ADED25F003] - [04/06/2017 12:09:49] - |A| - [11264] - C:\WINDOWS\system32\write.exe
[MD5.9006C3878110CCAAC73CAFD590953857] - [04/06/2017 12:10:44] - |A| - [4608] - C:\WINDOWS\system32\ws2help.dll
[MD5.419C2FCF15AAE41994FCAAAD310008FE] - [04/06/2017 12:09:57] - |A| - [430360] - C:\WINDOWS\system32\ws2_32.dll
[MD5.69059973F6525F7B899FEB8FA2170571] - [04/06/2017 12:10:47] - |A| - [9216] - C:\WINDOWS\system32\wscadminui.exe
[MD5.F67885D191CFF3A397842B867B573DD0] - [04/06/2017 12:10:47] - |A| - [231384] - C:\WINDOWS\system32\wscapi.dll
[MD5.6FF635270523B831A339C0FA885A6801] - [04/06/2017 12:10:49] - |A| - [156160] - C:\WINDOWS\system32\wscinterop.dll
[MD5.4974686054D68D165F66E1F0B27831C7] - [04/06/2017 12:10:47] - |A| - [26112] - C:\WINDOWS\system32\wscisvif.dll
[MD5.8FA1594C8793F20DCA4EA72BCD9D253B] - [04/06/2017 12:10:44] - |A| - [13312] - C:\WINDOWS\system32\WSClient.dll
[MD5.DB79E7FBE2C19F35690869927C9EED4C] - [04/06/2017 12:09:09] - |A| - [93696] - C:\WINDOWS\system32\WSCollect.exe
[MD5.05D631B46F8340A54B108C3D9B2F702C] - [04/06/2017 12:10:47] - |A| - [18944] - C:\WINDOWS\system32\wscproxystub.dll
[MD5.BC4C81DF71CC35F2826443A9859CDF12] - [04/06/2017 12:10:32] - |A| - [164864] - C:\WINDOWS\system32\wscript.exe
[MD5.887DD55C36FEC12FA5BBF97A0B3FD8FF] - [04/06/2017 12:10:47] - |A| - [207872] - C:\WINDOWS\system32\wscsvc.dll
[MD5.694C7A0FD99351051DABC99AC581ED96] - [04/06/2017 12:10:49] - |A| - [1218560] - C:\WINDOWS\system32\wscui.cpl
[MD5.E756D3D4FB5D939AFFB658152BAEDEDD] - [04/06/2017 12:09:34] - |A| - [701440] - C:\WINDOWS\system32\WSDApi.dll
[MD5.21AF069870DDC9473F04F9E632D38C6D] - [04/06/2017 12:10:29] - |A| - [52736] - C:\WINDOWS\system32\wsdchngr.dll
[MD5.4243788F0A9B3366C401E60A88A5C247] - [04/06/2017 12:10:29] - |A| - [565760] - C:\WINDOWS\system32\WSDMon.dll
[MD5.BC5A974A41DDBB7459247616C4DCF870] - [04/06/2017 12:10:27] - |A| - [90624] - C:\WINDOWS\system32\WSDPrintProxy.DLL
[MD5.6AE6E2A3D9D4C84A694E82E7378A6D6C] - [04/06/2017 12:10:03] - |A| - [69120] - C:\WINDOWS\system32\WSDScanProxy.dll
[MD5.D4D7E596F457324225C8D3E0FF2DE4D1] - [04/06/2017 12:09:47] - |A| - [1472000] - C:\WINDOWS\system32\wsecedit.dll
[MD5.925C1C9AE88B73FBE47D55F168D39F4B] - [04/06/2017 12:09:08] - |A| - [39936] - C:\WINDOWS\system32\wsepno.dll
[MD5.DC7C1C172528A0120976CCAA459F2798] - [04/06/2017 12:09:37] - |A| - [63488] - C:\WINDOWS\system32\wshbth.dll
[MD5.EF0090FFB5707541B42E707938056CB3] - [04/06/2017 12:10:32] - |A| - [24064] - C:\WINDOWS\system32\wshcon.dll
[MD5.8D0D0A88C4EC4359C80D6CD3BBE06707] - [04/06/2017 12:10:44] - |A| - [22016] - C:\WINDOWS\system32\wshelper.dll
[MD5.47A7959DB2DB6CD2C221CF403EF7922E] - [04/06/2017 12:10:29] - |A| - [97792] - C:\WINDOWS\system32\wshext.dll
[MD5.FFC06B1B94A4370BD46DF2587D77A916] - [04/06/2017 12:08:58] - |A| - [14504] - C:\WINDOWS\system32\wshhyperv.dll
[MD5.360AFCEEDB563E1EF5B75EF7F0DBB877] - [04/06/2017 12:09:55] - |A| - [12288] - C:\WINDOWS\system32\wship6.dll
[MD5.59B9D9B15919B49B5E9CF13E361B9F30] - [04/06/2017 12:10:47] - |A| - [14848] - C:\WINDOWS\system32\wshirda.dll
[MD5.D78841F9F07B406D4FF2EC2426D6EC98] - [04/06/2017 12:10:32] - |A| - [140800] - C:\WINDOWS\system32\wshom.ocx
[MD5.8E9012E528E7E0FCFFDAE3C8F5672E08] - [04/06/2017 12:09:30] - |A| - [19968] - C:\WINDOWS\system32\wshqos.dll
[MD5.6D90E280B712FADE681AF38E37222FA7] - [04/06/2017 12:10:11] - |A| - [18432] - C:\WINDOWS\system32\wshrm.dll
[MD5.D296A545B161E4EB1C07D3419B865FDB] - [04/06/2017 12:09:55] - |A| - [12800] - C:\WINDOWS\system32\WSHTCPIP.DLL
[MD5.2C0A380AE356A330CBD092A86FFC24FA] - [04/06/2017 12:10:42] - |A| - [31232] - C:\WINDOWS\system32\WsmAgent.dll
[MD5.930423065AB3F5DB52D5726C7FC66385] - [04/06/2017 12:10:42] - |A| - [4675] - C:\WINDOWS\system32\wsmanconfig_schema.xml
[MD5.0BC408E6E7428DF75C83E53886B935BA] - [04/06/2017 12:10:42] - |A| - [32256] - C:\WINDOWS\system32\WSManHTTPConfig.exe
[MD5.670526D83E5187075EC306FA9BF922FC] - [04/06/2017 12:10:42] - |A| - [72704] - C:\WINDOWS\system32\WSManMigrationPlugin.dll
[MD5.055D208D352769301C1DB0C6FF890E5D] - [04/06/2017 12:10:42] - |A| - [156672] - C:\WINDOWS\system32\WsmAuto.dll
[MD5.38C209B16D461FF58399C9B1EF68F1D1] - [04/06/2017 12:10:42] - |A| - [15872] - C:\WINDOWS\system32\wsmplpxy.dll
[MD5.F8C421521E18CFE76EE4F277862DE995] - [04/06/2017 12:10:42] - |A| - [36864] - C:\WINDOWS\system32\wsmprovhost.exe
[MD5.D6CBFA113B69C491DE370E85EBAC80E9] - [04/06/2017 12:10:42] - |A| - [1559] - C:\WINDOWS\system32\WsmPty.xsl
[MD5.4DD25767FF4EF60E6E02FF41F0A52234] - [04/06/2017 12:10:42] - |A| - [61952] - C:\WINDOWS\system32\WsmRes.dll
[MD5.0FBB485F422EB8CFF77884CBFBFEF790] - [04/06/2017 12:10:42] - |A| - [2844160] - C:\WINDOWS\system32\WsmSvc.dll
[MD5.B2EDF82825D979928AE07CBE9C7A2160] - [04/06/2017 12:10:42] - |A| - [2426] - C:\WINDOWS\system32\WsmTxt.xsl
[MD5.4FA022B0C9FCE3AE03688BB770439045] - [04/06/2017 12:10:42] - |A| - [279552] - C:\WINDOWS\system32\WsmWmiPl.dll
[MD5.F83328120D2E0BE17BBB52F0DF94EB3A] - [04/06/2017 12:10:36] - |A| - [62976] - C:\WINDOWS\system32\wsnmp32.dll
[MD5.84874DC7E7E5A2ED4A8E51CA26A4D042] - [04/06/2017 12:10:44] - |A| - [18432] - C:\WINDOWS\system32\wsock32.dll
[MD5.4DC65E62A5AB902F9C70F09E93661B90] - [04/06/2017 12:10:50] - |A| - [43008] - C:\WINDOWS\system32\wsplib.dll
[MD5.E505FBA1871AF5611F4C7E9D9E62B8C3] - [04/06/2017 12:10:38] - |A| - [2046976] - C:\WINDOWS\system32\wsp_fs.dll
[MD5.0C2BCBAA1981378E37B6AEB6DB83CABC] - [04/06/2017 12:10:36] - |A| - [1765376] - C:\WINDOWS\system32\wsp_health.dll
[MD5.7F01A174B7035E9ADBFB13B7FD9EC8FB] - [04/06/2017 12:10:38] - |A| - [944640] - C:\WINDOWS\system32\wsp_sr.dll
[MD5.4831287D01301E9DD14D108227E7BB6C] - [04/06/2017 12:10:35] - |A| - [91136] - C:\WINDOWS\system32\wsqmcons.exe
[MD5.6C5A574340530EB007D221BE1E7CB4E5] - [04/06/2017 12:09:09] - |A| - [91648] - C:\WINDOWS\system32\WSReset.exe
[MD5.3D15FEE8A05A8C2C84B0C7385F73AFAE] - [04/06/2017 12:10:38] - |A| - [91136] - C:\WINDOWS\system32\WSTPager.ax
[MD5.A12924F503EE95C9F3E5C09F2980CA7A] - [04/06/2017 12:10:40] - |A| - [59992] - C:\WINDOWS\system32\wtsapi32.dll
[MD5.8E3FAD91D59088089624E42665651059] - [04/06/2017 12:09:29] - |A| - [996864] - C:\WINDOWS\system32\wuapi.dll
[MD5.60DB899E680A40FEF69CA8E33CE1F83C] - [04/06/2017 12:09:29] - |A| - [10752] - C:\WINDOWS\system32\wuapihost.exe
[MD5.C8ECD1B42DD2DA0B660422B4E15CD274] - [04/06/2017 12:09:29] - |A| - [21272] - C:\WINDOWS\system32\wuauclt.exe
[MD5.17395748A856C9EFE62E54C7712BC22D] - [04/06/2017 12:09:29] - |A| - [2490368] - C:\WINDOWS\system32\wuaueng.dll
[MD5.1F3E85454248045ED3120A8483E67357] - [04/06/2017 12:09:25] - |A| - [33280] - C:\WINDOWS\system32\wuautoappupdate.dll
[MD5.44426388E7BB1A95AEB896DB550CFB92] - [04/06/2017 12:09:55] - |A| - [226816] - C:\WINDOWS\system32\wuceffects.dll
[MD5.CC56D5A796A41B36E5A8E489065544A6] - [04/06/2017 12:10:38] - |A| - [47616] - C:\WINDOWS\system32\WUDFCoinstaller.dll
[MD5.D6C1D0A27461D65B55FC0B3F676D47E2] - [04/06/2017 12:10:16] - |A| - [140064] - C:\WINDOWS\system32\WUDFCompanionHost.exe
[MD5.81E43AA3932202658E9E46DAE839475D] - [04/06/2017 12:10:16] - |A| - [250880] - C:\WINDOWS\system32\WUDFHost.exe
[MD5.BF27B02BD60AFF69FCD9851300AD550E] - [04/06/2017 12:10:16] - |A| - [171488] - C:\WINDOWS\system32\WUDFPlatform.dll
[MD5.9F62532077CADF60FEEF0FD36100F26B] - [04/06/2017 12:10:36] - |A| - [54784] - C:\WINDOWS\system32\WudfSMCClassExt.dll
[MD5.B58A8E8FD32CEA581CCB06452F758CBD] - [04/06/2017 12:10:38] - |A| - [571904] - C:\WINDOWS\system32\WUDFx.dll
[MD5.949CF669AA58A5C7C623AFF592EE0484] - [04/06/2017 12:10:16] - |A| - [606392] - C:\WINDOWS\system32\WUDFx02000.dll
[MD5.EF02D6C3704DE7677329B4EE0BB57B2E] - [04/06/2017 12:10:40] - |A| - [94208] - C:\WINDOWS\system32\wudriver.dll
[MD5.2DBBB6083C5F007DCAE2144BDB0CA24F] - [04/06/2017 12:09:29] - |A| - [65024] - C:\WINDOWS\system32\wups.dll
[MD5.199F644CDCCC87851AE48FEEB2FA77B9] - [04/06/2017 12:09:29] - |A| - [33792] - C:\WINDOWS\system32\wups2.dll
[MD5.ECF16098406F62423F2424F9DD40770B] - [04/06/2017 12:09:21] - |A| - [309248] - C:\WINDOWS\system32\wusa.exe
[MD5.2B2F765CC282B32F0E7DC22652F81BE1] - [04/06/2017 12:10:00] - |A| - [399360] - C:\WINDOWS\system32\wuuhext.dll
[MD5.8853C5FCB6E393C5AF2B761383A7EB2A] - [04/06/2017 12:09:29] - |A| - [115200] - C:\WINDOWS\system32\wuuhosdeployment.dll
[MD5.FFED9368E10486AECF8D2983AE908087] - [04/06/2017 12:10:24] - |A| - [570368] - C:\WINDOWS\system32\wvc.dll
[MD5.8EBEFB110C0C81D5E132837BBA7179A1] - [04/06/2017 12:09:30] - |A| - [356864] - C:\WINDOWS\system32\WwaApi.dll
[MD5.DBE159EB0E0C4FC1817CDB81C52E8A1F] - [04/06/2017 12:10:42] - |A| - [38400] - C:\WINDOWS\system32\WwaExt.dll
[MD5.5EA75967E7D7C4CF9FDF7B69B44D6484] - [04/06/2017 12:09:34] - |A| - [879440] - C:\WINDOWS\system32\WWAHost.exe
[MD5.302F5BE503B46531408ACA1FA8321A5E] - [04/06/2017 12:10:50] - |A| - [545888] - C:\WINDOWS\system32\WWanAPI.dll
[MD5.381E24EC2B1B15DB16D6E6DFA83E0261] - [04/06/2017 12:10:50] - |A| - [78848] - C:\WINDOWS\system32\wwancfg.dll
[MD5.2622B7D980CAA166AE14D3AF649FC160] - [04/06/2017 12:10:50] - |A| - [464896] - C:\WINDOWS\system32\wwanconn.dll
[MD5.3FFDF27EAB2ADEA6530DFD1ABF698331] - [04/06/2017 12:10:50] - |A| - [72192] - C:\WINDOWS\system32\WWanHC.dll
[MD5.F1EBF3DC10E665630D70BD7C40F90C2E] - [04/06/2017 12:10:50] - |A| - [6572032] - C:\WINDOWS\system32\wwanmm.dll
[MD5.4AA664500EAAB2D07591BBB256BD91A2] - [04/06/2017 12:10:50] - |A| - [50176] - C:\WINDOWS\system32\Wwanpref.dll
[MD5.B64F072E6ACA01EF95F0D4B04AD6D020] - [04/06/2017 12:10:50] - |A| - [89088] - C:\WINDOWS\system32\wwanprotdim.dll
[MD5.3148AAA334A3E2B09769424FCB3BE6F9] - [04/06/2017 12:10:49] - |A| - [81920] - C:\WINDOWS\system32\WwanRadioManager.dll
[MD5.CCACBB221B9BB9CB57C70567E8492EE3] - [04/06/2017 12:10:50] - |A| - [1418240] - C:\WINDOWS\system32\wwansvc.dll
[MD5.BA1BF1FA37A458C0F4F3E8D0EC0B5436] - [04/06/2017 12:10:50] - |A| - [96632] - C:\WINDOWS\system32\wwapi.dll
[MD5.4524B21A4D9D6516D6133E6004E0E9AC] - [04/06/2017 12:09:43] - |A| - [192000] - C:\WINDOWS\system32\XamlTileRender.dll
[MD5.CF8EF712D2A6BAD5DBB94532337E3A85] - [04/06/2017 12:09:17] - |A| - [3584] - C:\WINDOWS\system32\XAudio2_8.dll
[MD5.8EF0163666649C504878665675A92639] - [04/06/2017 12:09:17] - |A| - [569856] - C:\WINDOWS\system32\XAudio2_9.dll
[MD5.A51BE9DF231BA98E9A9B4BADDAFF8EE0] - [04/06/2017 12:09:25] - |A| - [581128] - C:\WINDOWS\system32\xbgmengine.dll
[MD5.7FD5D0D146034883614752608817425A] - [04/06/2017 12:09:29] - |A| - [46560] - C:\WINDOWS\system32\xbgmsvc.exe
[MD5.63B1E1D895DAD6581AD738B13AA1F870] - [04/06/2017 12:09:22] - |A| - [1096704] - C:\WINDOWS\system32\XblAuthManager.dll
[MD5.5915D0BB600C756493EB817AEFDED70B] - [04/06/2017 12:09:25] - |A| - [87040] - C:\WINDOWS\system32\XblAuthManagerProxy.dll
[MD5.871FC396C3CD4ACD6CE2CA57AFABC9AC] - [04/06/2017 12:09:25] - |A| - [88576] - C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
[MD5.6F5B601CD08D2FE47C7FAA8F280184F4] - [04/06/2017 12:09:29] - |A| - [1261056] - C:\WINDOWS\system32\XblGameSave.dll
[MD5.0AC4A63138BA495D33BB705AA0D079F3] - [04/06/2017 12:09:25] - |A| - [134144] - C:\WINDOWS\system32\XblGameSaveExt.dll
[MD5.032F6155911FA47461AC0B8EEFB977E7] - [04/06/2017 12:09:29] - |A| - [39936] - C:\WINDOWS\system32\XblGameSaveProxy.dll
[MD5.93CDA69A80F6560BAB239C7C893A207B] - [04/06/2017 12:09:29] - |A| - [31232] - C:\WINDOWS\system32\XblGameSaveTask.exe
[MD5.FC41C56D0D54DBACD452518807586EB4] - [04/06/2017 12:09:37] - |A| - [66560] - C:\WINDOWS\system32\XboxGipRadioManager.dll
[MD5.FFA1E57BA462903DE80BCCA1F51BF12B] - [04/06/2017 12:09:37] - |A| - [37376] - C:\WINDOWS\system32\xboxgipsvc.dll
[MD5.FBBF9B29BC65C3C5B7D5D5F3F02B05A4] - [04/06/2017 12:09:25] - |A| - [85504] - C:\WINDOWS\system32\xboxgipsynthetic.dll
[MD5.B8540BA1533DF0B7BBD1EDB97934F0A1] - [04/06/2017 12:09:18] - |A| - [1067008] - C:\WINDOWS\system32\XboxNetApiSvc.dll
[MD5.C4D78E1F365AE889BD2A682B9525943F] - [04/06/2017 12:09:37] - |A| - [47616] - C:\WINDOWS\system32\xcopy.exe
[MD5.63A4A4FE843492DF897E844324CEB574] - [04/06/2017 12:10:02] - |A| - [43520] - C:\WINDOWS\system32\XInput1_4.dll
[MD5.83F4F31A3B6EE033D35CBC2B2F28E98F] - [04/06/2017 12:10:00] - |A| - [10752] - C:\WINDOWS\system32\XInput9_1_0.dll
[MD5.F97153AD00B400371CACE10A4D66FCAB] - [04/06/2017 12:09:21] - |A| - [46080] - C:\WINDOWS\system32\XInputUap.dll
[MD5.97DC2FCBD17516D2F5B8FC28B050F343] - [04/06/2017 12:10:33] - |A| - [67584] - C:\WINDOWS\system32\xmlfilter.dll
[MD5.FDCACB6AA4D86007BB4435F12DED4FE3] - [04/06/2017 12:10:00] - |A| - [213832] - C:\WINDOWS\system32\xmllite.dll
[MD5.1BC37E5DE5029FF86FDC5512D373DECB] - [04/06/2017 12:10:03] - |A| - [20992] - C:\WINDOWS\system32\xmlprovi.dll
[MD5.A36703E010B7453C946B2DC150CB1A81] - [04/06/2017 12:09:54] - |A| - [61952] - C:\WINDOWS\system32\xolehlp.dll
[MD5.3AC68A2CAAC971EBA7FBFFEA6A1EF5E0] - [04/06/2017 12:10:27] - |A| - [347648] - C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
[MD5.CBE52F7D0706ADFB5E59017979FCB473] - [04/06/2017 12:12:53] - |A| - [931328] - C:\WINDOWS\system32\XpsFilt.dll
[MD5.6700E8899EE86FCFE611E095A9FAE1C8] - [04/06/2017 12:10:29] - |A| - [467456] - C:\WINDOWS\system32\XpsGdiConverter.dll
[MD5.6362AB1F7E479767590472710EA91703] - [04/06/2017 12:10:29] - |A| - [1652736] - C:\WINDOWS\system32\XpsPrint.dll
[MD5.407D8E79A2F9C6DA96FE63BDB223B7BE] - [04/06/2017 12:10:27] - |A| - [206336] - C:\WINDOWS\system32\XpsRasterService.dll
[MD5.29AF671CE7F5EB1ECC9ED2A5366417CA] - [04/06/2017 12:12:53] - |A| - [4496896] - C:\WINDOWS\system32\xpsrchvw.exe
[MD5.9D6B8FC71167D22849424084F0F3D9E9] - [04/06/2017 12:12:53] - |A| - [76060] - C:\WINDOWS\system32\xpsrchvw.xml
[MD5.04202A2D16442B128A00648340CAB918] - [04/06/2017 12:10:29] - |A| - [2905088] - C:\WINDOWS\system32\xpsservices.dll
[MD5.5CA8FD6581C87B96C40910949759D75E] - [04/06/2017 12:12:53] - |A| - [98304] - C:\WINDOWS\system32\XPSSHHDR.dll
[MD5.684DDBD6ED4066B10660A3A06655B59A] - [04/06/2017 12:09:21] - |A| - [4014] - C:\WINDOWS\system32\xwizard.dtd
[MD5.C0616102860FEC68E59730A3B684B828] - [04/06/2017 12:09:21] - |A| - [62464] - C:\WINDOWS\system32\xwizard.exe
[MD5.E52AAC4E8A3F641A1E1A3463FCF7F47C] - [04/06/2017 12:09:21] - |A| - [443904] - C:\WINDOWS\system32\xwizards.dll
[MD5.4CD157B6453375F0539E6052EA9B52BB] - [04/06/2017 12:09:21] - |A| - [117248] - C:\WINDOWS\system32\xwreg.dll
[MD5.AEFB476AB781B51B2981EC00B2E4EE63] - [04/06/2017 12:09:21] - |A| - [254464] - C:\WINDOWS\system32\xwtpdui.dll
[MD5.4472DE92F998DC3D5EE773D678BDF18C] - [04/06/2017 12:09:21] - |A| - [141824] - C:\WINDOWS\system32\xwtpw32.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [246824] - C:\WINDOWS\system32\zh-CN
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [211456] - C:\WINDOWS\system32\zh-TW
[MD5.386D50BF935FE05AAEAA35C41836440F] - [04/06/2017 12:09:34] - |A| - [76288] - C:\WINDOWS\system32\zipcontainer.dll
[MD5.61514F76C4F8B73942A13ED83F6388B9] - [04/06/2017 12:09:55] - |A| - [386048] - C:\WINDOWS\system32\zipfldr.dll
[MD5.F8274B791269D35181E44D88E6085DAE] - [04/06/2017 12:09:25] - |A| - [29184] - C:\WINDOWS\system32\ztrace_maps.dll
[MD5.16E98C48DB508DD128B73424834A374E] - [04/06/2017 12:08:33] - |A| - [237568] - C:\WINDOWS\system32\Drivers\1394ohci.sys
[MD5.71A24477F3638B11C561F486BCFFAC6B] - [04/06/2017 12:08:33] - |A| - [103248] - C:\WINDOWS\system32\Drivers\3ware.sys
[MD5.76A172B2A9C6FBE7FB444487DEFFCE44] - [04/06/2017 12:08:35] - |A| - [723280] - C:\WINDOWS\system32\Drivers\acpi.sys
[MD5.34D28C346FE17BE99C4EEAC90544E5B2] - [04/06/2017 12:08:33] - |A| - [20480] - C:\WINDOWS\system32\Drivers\AcpiDev.sys
[MD5.9E3186CFD5859066BF2ADBDA6F9AFADE] - [04/06/2017 12:08:58] - |A| - [123216] - C:\WINDOWS\system32\Drivers\acpiex.sys
[MD5.256DDA1543F262A42F7D29038733DD16] - [04/06/2017 12:08:35] - |A| - [12800] - C:\WINDOWS\system32\Drivers\acpipagr.sys
[MD5.568C808A8A2B32FF5A7B3A053A2F2215] - [04/06/2017 12:08:33] - |A| - [14336] - C:\WINDOWS\system32\Drivers\acpipmi.sys
[MD5.E5AEB6075EF1485E3021A0FFFDFD8B79] - [04/06/2017 12:08:35] - |A| - [13312] - C:\WINDOWS\system32\Drivers\acpitime.sys
[MD5.6F1C9B24AD1A8738658F4C9ADDF220F5] - [04/06/2017 12:08:33] - |A| - [1131344] - C:\WINDOWS\system32\Drivers\adp80xx.sys
[MD5.2238F699FB593A1DCFB2356893E6BBFB] - [04/06/2017 12:09:55] - |A| - [606032] - C:\WINDOWS\system32\Drivers\afd.sys
[MD5.9E3CE47956E64CA9EEAF26FDE4BF3872] - [04/06/2017 12:10:32] - |A| - [108544] - C:\WINDOWS\system32\Drivers\agilevpn.sys
[MD5.1424CFF33C3128C35E2B9AEDE9B510FE] - [04/06/2017 12:10:13] - |A| - [245248] - C:\WINDOWS\system32\Drivers\ahcache.sys
[MD5.96D8168DC776D157FF257B0B89C9EBDF] - [04/06/2017 12:08:35] - |A| - [180736] - C:\WINDOWS\system32\Drivers\amdk8.sys
[MD5.3550FE4A7897218523B2EAB8217109F7] - [04/06/2017 12:08:35] - |A| - [178176] - C:\WINDOWS\system32\Drivers\amdppm.sys
[MD5.B13A517FCB60AFD392F1724FAD62CA00] - [04/06/2017 12:08:33] - |A| - [79184] - C:\WINDOWS\system32\Drivers\amdsata.sys
[MD5.C0CFB0E241714FC1B0FDDCDB38986E5C] - [04/06/2017 12:08:33] - |A| - [255312] - C:\WINDOWS\system32\Drivers\amdsbs.sys
[MD5.128AF377A05BDF597E57D1C455CFA39B] - [04/06/2017 12:08:33] - |A| - [22864] - C:\WINDOWS\system32\Drivers\amdxata.sys
[MD5.B4B85C739FE88769DFE845034F7C88CD] - [04/06/2017 12:09:47] - |A| - [183120] - C:\WINDOWS\system32\Drivers\appid.sys
[MD5.E940F2BF41D333C06B225D5CC499C449] - [04/06/2017 12:09:47] - |A| - [17920] - C:\WINDOWS\system32\Drivers\applockerfltr.sys
[MD5.A19D1FF50EDD682820F9F15FDCD0F404] - [04/06/2017 12:11:48] - |A| - [122704] - C:\WINDOWS\system32\Drivers\AppVStrm.sys
[MD5.968F3F1161EECA38A6FF346895BFF330] - [04/06/2017 12:11:48] - |A| - [153424] - C:\WINDOWS\system32\Drivers\AppvVemgr.sys
[MD5.CEB7AF96F94F574DD8C5090B690C3AF6] - [04/06/2017 12:11:48] - |A| - [139088] - C:\WINDOWS\system32\Drivers\AppvVfs.sys
[MD5.50912D1AE3E7A8BBC9697F0ACA1747D3] - [04/06/2017 12:08:33] - |A| - [127824] - C:\WINDOWS\system32\Drivers\arcsas.sys
[MD5.C5077E0D3C51C90FE623B1DE6A8ECCA3] - [04/06/2017 12:10:29] - |A| - [28160] - C:\WINDOWS\system32\Drivers\asyncmac.sys
[MD5.4A11A15D6DB5DD12A33FAC4C239CB003] - [04/06/2017 12:08:35] - |A| - [24400] - C:\WINDOWS\system32\Drivers\atapi.sys
[MD5.1B7B2BA9BAE6DC09C09EB4CB6E2626B7] - [04/06/2017 12:08:35] - |A| - [190800] - C:\WINDOWS\system32\Drivers\ataport.sys
[MD5.39993659695A6C37933AA2A4B5477622] - [02/06/2017 13:11:03] - |A| - [1612648] - C:\WINDOWS\system32\Drivers\avc3.sys
[MD5.DA80F4B7CCFED444C130A19BAF130D7B] - [02/06/2017 13:11:03] - |A| - [879600] - C:\WINDOWS\system32\Drivers\avckf.sys
[MD5.78FD65DBE18073BA84F7D12EE2936564] - [04/06/2017 12:10:44] - |A| - [59216] - C:\WINDOWS\system32\Drivers\bam.sys
[MD5.2ACACCDE9E98C2A31DE713176A18AC26] - [04/06/2017 12:08:35] - |A| - [58368] - C:\WINDOWS\system32\Drivers\BasicDisplay.sys
[MD5.9CDD384A71B9588A743D289E4E8A9BF5] - [04/06/2017 12:08:35] - |A| - [34816] - C:\WINDOWS\system32\Drivers\BasicRender.sys
[MD5.BB2D99D56CA84E5A09DC4D03A1CB53AC] - [04/06/2017 12:08:35] - |A| - [34128] - C:\WINDOWS\system32\Drivers\battc.sys
[MD5.739D089777D2B66DBE7201E5EA4BA2D7] - [04/06/2017 12:08:33] - |A| - [9728] - C:\WINDOWS\system32\Drivers\bcmfn2.sys
[MD5.4B190ACAE90EC79AD4D43EFCD3743DA0] - [02/06/2017 13:11:18] - |A| - [23672] - C:\WINDOWS\system32\Drivers\bdelam.sys
[MD5.D8FAF7CFBC81E5E15CA7A7EC8EE1B409] - [02/06/2017 13:11:05] - |A| - [87912] - C:\WINDOWS\system32\Drivers\bdvedisk.sys
[MD5.3B64344FB8F676D472B4959A9ABC0B7B] - [04/06/2017 12:10:36] - |A| - [10240] - C:\WINDOWS\system32\Drivers\beep.sys
[MD5.C1BD2581FF605E15A54FDD85DD25D63B] - [04/06/2017 12:09:08] - |A| - [104448] - C:\WINDOWS\system32\Drivers\bowser.sys
[MD5.945EC02E0EA747216FE06C5663D763E0] - [04/06/2017 12:10:06] - |A| - [117248] - C:\WINDOWS\system32\Drivers\bridge.sys
[MD5.F7A8B30030AD7F5CBB60160320A8883F] - [04/06/2017 12:08:45] - |A| - [23040] - C:\WINDOWS\system32\Drivers\BtaMPM.sys
[MD5.95A57BDAE8E55F0051ABABEA9849CB0B] - [04/06/2017 12:08:45] - |A| - [45056] - C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
[MD5.A6027007A963B66B4C3272FE24328BC4] - [04/06/2017 12:08:45] - |A| - [105472] - C:\WINDOWS\system32\Drivers\bthenum.sys
[MD5.3EF7C730AC904175FB56ECD33AF6CC6F] - [04/06/2017 12:08:45] - |A| - [102400] - C:\WINDOWS\system32\Drivers\bthhfenum.sys
[MD5.AD11303EF68C8BC10153B37DD5D74A83] - [04/06/2017 12:08:45] - |A| - [31232] - C:\WINDOWS\system32\Drivers\BthhfHid.sys
[MD5.6E8DB7722DCE26C0ED75804007F7268E] - [04/06/2017 12:08:45] - |A| - [83968] - C:\WINDOWS\system32\Drivers\bthl2cap.sys
[MD5.2CFD8C691507C11D624EBF27E72DCAF9] - [04/06/2017 12:08:28] - |A| - [67072] - C:\WINDOWS\system32\Drivers\bthmodem.sys
[MD5.8428C8FA0E80FB6FDD57B463340CD2B4] - [04/06/2017 12:08:45] - |A| - [129536] - C:\WINDOWS\system32\Drivers\bthpan.sys
[MD5.8775DD48E83744D4848A678723010BCB] - [04/06/2017 12:08:45] - |A| - [1009152] - C:\WINDOWS\system32\Drivers\bthport.sys
[MD5.8B8F515A44B97CD752628419717C193B] - [04/06/2017 12:08:45] - |A| - [85504] - C:\WINDOWS\system32\Drivers\BTHUSB.SYS
[MD5.30600885FAD34C00A1F4B04A7DF48BEB] - [04/06/2017 12:08:45] - |A| - [38912] - C:\WINDOWS\system32\Drivers\buttonconverter.sys
[MD5.ED7BC36A4031141D61AE662C70983050] - [04/06/2017 12:08:33] - |A| - [529744] - C:\WINDOWS\system32\Drivers\bxvbda.sys
[MD5.55F841BD2BB7673F34EF07FDC084B42D] - [04/06/2017 12:08:28] - |A| - [49488] - C:\WINDOWS\system32\Drivers\CAD.sys
[MD5.BBA4ED406A6F0714179C8571731D2362] - [04/06/2017 12:08:33] - |A| - [122368] - C:\WINDOWS\system32\Drivers\capimg.sys
[MD5.E175537788607AD057EA49313A8F4461] - [04/06/2017 12:09:58] - |A| - [93184] - C:\WINDOWS\system32\Drivers\cdfs.sys
[MD5.4E3427D37F1F5EF8B42DA89C2DE1AA8F] - [04/06/2017 12:08:33] - |A| - [159744] - C:\WINDOWS\system32\Drivers\cdrom.sys
[MD5.C0705D53536DA603E6AB18F8E57AC79B] - [04/06/2017 12:09:34] - |A| - [73040] - C:\WINDOWS\system32\Drivers\CEA.sys
[MD5.0584F5942986E2C5EF4B172F125DE893] - [04/06/2017 12:08:35] - |A| - [137040] - C:\WINDOWS\system32\Drivers\cht4dx64.sys
[MD5.C248B47538BCF2213FE46203A5888400] - [04/06/2017 12:08:35] - |A| - [353104] - C:\WINDOWS\system32\Drivers\cht4sx64.sys
[MD5.6440F3727A5A14763FD97D9362126316] - [04/06/2017 12:08:35] - |A| - [1719120] - C:\WINDOWS\system32\Drivers\cht4vx64.sys
[MD5.A572F3123DD110BE3544923F9880A8EA] - [04/06/2017 12:08:28] - |A| - [49152] - C:\WINDOWS\system32\Drivers\circlass.sys
[MD5.777AD99F1B2BCAEC364AC28900A8A44B] - [04/06/2017 12:09:57] - |A| - [395088] - C:\WINDOWS\system32\Drivers\Classpnp.sys
[MD5.9AE02E4B6769A226671B7C548828C0F9] - [04/06/2017 12:09:52] - |A| - [342016] - C:\WINDOWS\system32\Drivers\cldflt.sys
[MD5.D5BD876205443BFCDAD77064739BD081] - [04/06/2017 12:09:58] - |A| - [377168] - C:\WINDOWS\system32\Drivers\clfs.sys
[MD5.FDA6F308B2D144235AA3C6FC2BC6BF03] - [04/06/2017 12:09:21] - |A| - [976720] - C:\WINDOWS\system32\Drivers\ClipSp.sys
[MD5.66DF728FB1F04156DD58643D50F24657] - [04/06/2017 12:08:35] - |A| - [29696] - C:\WINDOWS\system32\Drivers\CmBatt.sys
[MD5.8E1EC9539F1E8ED25F7F7352B1872B08] - [04/06/2017 12:08:58] - |A| - [24400] - C:\WINDOWS\system32\Drivers\cmimcext.sys
[MD5.0935998EB58A012937647B8BC03AD3C1] - [04/06/2017 12:09:55] - |A| - [667944] - C:\WINDOWS\system32\Drivers\cng.sys
[MD5.880EFB8550E709E238FDDE5FAFB877DE] - [04/06/2017 12:09:34] - |A| - [35152] - C:\WINDOWS\system32\Drivers\cnghwassist.sys
[MD5.4EF544343491E5D2D5740EAC35654AC3] - [04/06/2017 12:09:57] - |A| - [52048] - C:\WINDOWS\system32\Drivers\condrv.sys
[MD5.D4C9FAC0FF42F2614F290F635708C7E6] - [04/06/2017 12:09:57] - |A| - [81744] - C:\WINDOWS\system32\Drivers\crashdmp.sys
[MD5.04104F7986DB85DD848B4A40E44D00F6] - [04/06/2017 12:11:52] - |A| - [561664] - C:\WINDOWS\system32\Drivers\csc.sys
[MD5.B385329D4C7BFBB1BE05F5E624DD04F2] - [04/06/2017 12:10:42] - |A| - [71504] - C:\WINDOWS\system32\Drivers\dam.sys
[MD5.A7208B99B05F23A46FCCDBBA30853EC4] - [04/06/2017 12:08:28] - |A| - [98530] - C:\WINDOWS\system32\Drivers\Data61x4_2_2.msc
[MD5.34129C8EA1D5D4095735937AB7CAEECD] - [04/06/2017 12:08:45] - |A| - [45056] - C:\WINDOWS\system32\Drivers\devauthe.sys
[MD5.1ED29C46AD6D0F47C38692FAA2543BA2] - [04/06/2017 12:10:00] - |A| - [148992] - C:\WINDOWS\system32\Drivers\dfsc.sys
[MD5.057EA4FBAAF96F504ECE577AF22B1F60] - [04/06/2017 12:08:35] - |A| - [89424] - C:\WINDOWS\system32\Drivers\disk.sys
[MD5.6421AA94E4AF95FCA815963753D1D708] - [04/06/2017 12:10:00] - |A| - [34640] - C:\WINDOWS\system32\Drivers\Diskdump.sys
[MD5.4211F8950B10EDA74472199C17CCCE69] - [04/06/2017 12:10:00] - |A| - [15360] - C:\WINDOWS\system32\Drivers\Dmpusbstor.sys
[MD5.7AEBFF17DC6B5721907E626587FC91C6] - [04/06/2017 12:08:28] - |A| - [46080] - C:\WINDOWS\system32\Drivers\dmvsc.sys
[MD5.9F4352D522ECF1C17F0076D1F96CD2EF] - [04/06/2017 12:08:28] - |A| - [96768] - C:\WINDOWS\system32\Drivers\drmk.sys
[MD5.21A12DC26B5EF44722ADBE122F3A65A3] - [04/06/2017 12:08:28] - |A| - [12056] - C:\WINDOWS\system32\Drivers\drmkaud.sys
[MD5.1F781F42E24BD3BEA3C03DA7AF9CD0A0] - [04/06/2017 12:09:52] - |A| - [31568] - C:\WINDOWS\system32\Drivers\Dumpata.sys
[MD5.32185BBB1D3FBA8ED9B7089B2EE5A706] - [04/06/2017 12:12:53] - |A| - [86976] - C:\WINDOWS\system32\Drivers\dumpfve.sys
[MD5.F56971097F0B18E57F6286B2C58A15E0] - [04/06/2017 12:08:46] - |A| - [185680] - C:\WINDOWS\system32\Drivers\dumpsd.sys
[MD5.8613D128ED0F4B08D4383289217F8E15] - [04/06/2017 12:09:37] - |A| - [32256] - C:\WINDOWS\system32\Drivers\dumpsdport.sys
[MD5.97BA4316BA5C5CF2062EC7FE26799393] - [04/06/2017 12:10:00] - |A| - [25600] - C:\WINDOWS\system32\Drivers\Dumpstorport.sys
[MD5.59A29436F9D62BA4AAF55000A9D13AB9] - [04/06/2017 12:09:29] - |A| - [2517840] - C:\WINDOWS\system32\Drivers\dxgkrnl.sys
[MD5.F391B8B8CDB3AE370797E2FB70DDEACA] - [04/06/2017 12:09:29] - |A| - [408912] - C:\WINDOWS\system32\Drivers\dxgmms1.sys
[MD5.0649995BE8BFA4ACF6432BC7DC33A176] - [04/06/2017 12:09:29] - |A| - [731472] - C:\WINDOWS\system32\Drivers\dxgmms2.sys
[MD5.CDFEB3E0BD19C285AEDB4CE24B1A7AA2] - [04/06/2017 12:08:33] - |A| - [145920] - C:\WINDOWS\system32\Drivers\e2xw10x64.sys
[MD5.DF5BA1CA92F98BBD9CB537DDC5747011] - [04/06/2017 12:08:28] - |A| - [8124] - C:\WINDOWS\system32\Drivers\eeprom_ar6320_3p0_NFA364xp.bin
[MD5.F635C0B2E4A972F894E4B17AA2C34832] - [04/06/2017 12:08:28] - |A| - [8124] - C:\WINDOWS\system32\Drivers\eeprom_ar6320_3p0_NFA364xp_RV_0519.bin
[MD5.7EC1B0EA642CEC061B8C942C6298FEB6] - [04/06/2017 12:08:28] - |A| - [8124] - C:\WINDOWS\system32\Drivers\eeprom_ar6320_3p0_NFA364xp_RV_0520.bin
[MD5.B363F87A0C64069A673158AED3E077BA] - [04/06/2017 12:10:03] - |A| - [84816] - C:\WINDOWS\system32\Drivers\EhStorClass.sys
[MD5.4CA1470B0B0C78FD9C099FC93AD9ED12] - [04/06/2017 12:08:28] - |A| - [114512] - C:\WINDOWS\system32\Drivers\EhStorTcgDrv.sys
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:44] - |D| - [120832] - C:\WINDOWS\system32\Drivers\en-US
[MD5.61EA5FBD7F41D7760B8B1CA2722947CC] - [04/06/2017 12:08:35] - |A| - [13824] - C:\WINDOWS\system32\Drivers\errdev.sys
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [23735] - C:\WINDOWS\system32\Drivers\etc
[MD5.D069C787B083B96D0874AC8976A7F95F] - [04/06/2017 12:08:33] - |A| - [3414864] - C:\WINDOWS\system32\Drivers\evbda.sys
[MD5.E0A068AD0362CDC17F7C422357DA7072] - [04/06/2017 12:09:54] - |A| - [353792] - C:\WINDOWS\system32\Drivers\exfat.sys
[MD5.C51267EE2726707D38C489C06DDF01ED] - [21/06/2017 16:17:58] - |A| - [113592] - C:\WINDOWS\system32\Drivers\farflt.sys
[MD5.6F5F6EFE49AFBC248510B61C43E4CD20] - [04/06/2017 12:09:52] - |A| - [366416] - C:\WINDOWS\system32\Drivers\fastfat.sys
[MD5.7BE96AD37C88D585EC7E1C660F17DC7B] - [04/06/2017 12:08:35] - |A| - [32768] - C:\WINDOWS\system32\Drivers\fdc.sys
[MD5.189919393E4DEFDE24D6B4C2437C2ABA] - [04/06/2017 12:08:58] - |A| - [55296] - C:\WINDOWS\system32\Drivers\filecrypt.sys
[MD5.77196FFDA44396511A14EB198424D33C] - [04/06/2017 12:09:49] - |A| - [82256] - C:\WINDOWS\system32\Drivers\fileinfo.sys
[MD5.EBE9D4A6DD89DC6B61D818D6D7F7E44F] - [04/06/2017 12:09:52] - |A| - [36352] - C:\WINDOWS\system32\Drivers\filetrace.sys
[MD5.3CA1A24928AE1B4705546197CE111F2B] - [04/06/2017 12:08:35] - |A| - [26112] - C:\WINDOWS\system32\Drivers\flpydisk.sys
[MD5.B9AA209E18EC33A20F684D876FC02E79] - [04/06/2017 12:09:55] - |A| - [386896] - C:\WINDOWS\system32\Drivers\fltMgr.sys
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:44] - |D| - [1538048] - C:\WINDOWS\system32\Drivers\fr-FR
[MD5.BB0E2E3F25553FCA3AF5A94BCF1E8C55] - [04/06/2017 12:08:58] - |A| - [59216] - C:\WINDOWS\system32\Drivers\fsdepends.sys
[MD5.CEB5ACB5462BA2E6D1B869FC2E7615FD] - [04/06/2017 12:09:55] - |A| - [26960] - C:\WINDOWS\system32\Drivers\fs_rec.sys
[MD5.EFDC0B6AAD98DB5B20457DA3F0D95E54] - [04/06/2017 12:12:53] - |A| - [724816] - C:\WINDOWS\system32\Drivers\fvevol.sys
[MD5.53CDA23829DA52ED4555962025F918B1] - [04/06/2017 12:09:57] - |A| - [437072] - C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
[MD5.0A13909AE0213AADF6E8D8ECB4B8D309] - [04/06/2017 12:08:45] - |A| - [20992] - C:\WINDOWS\system32\Drivers\genericusbfn.sys
[MD5.7F29903CB8F5590D52DB0C9F97049A25] - [04/06/2017 12:09:18] - |A| - [3440660] - C:\WINDOWS\system32\Drivers\gm.dls
[MD5.7111BFA692A22E4B3C07F1E6C6FF6F72] - [04/06/2017 12:09:18] - |A| - [646] - C:\WINDOWS\system32\Drivers\gmreadme.txt
[MD5.DB13F2B8DCD6F971D75B64445E18BA7B] - [04/06/2017 12:09:34] - |A| - [8192] - C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
[MD5.F72818A52CBB5A9E8B2C9E350638A945] - [02/06/2017 13:09:59] - |A| - [182944] - C:\WINDOWS\system32\Drivers\gzflt.sys
[MD5.89CBF3476595A90A42F946E52C92B20B] - [04/06/2017 12:08:28] - |A| - [86016] - C:\WINDOWS\system32\Drivers\hdaudbus.sys
[MD5.52DE99FD5CFC17B531ABF1627C7C0E92] - [04/06/2017 12:08:35] - |A| - [34128] - C:\WINDOWS\system32\Drivers\hidbatt.sys
[MD5.3ACC480D287EAA8B5C69A74B13D7E0B9] - [04/06/2017 12:08:45] - |A| - [107008] - C:\WINDOWS\system32\Drivers\hidbth.sys
[MD5.8192965F7D210FF8962279BF104E2F52] - [04/06/2017 12:08:45] - |A| - [183808] - C:\WINDOWS\system32\Drivers\hidclass.sys
[MD5.F528FA036B252AB147ECC69371BA88A0] - [04/06/2017 12:08:46] - |A| - [51712] - C:\WINDOWS\system32\Drivers\hidi2c.sys
[MD5.277488DEE0F0DBAD1EBBA00F70345DAC] - [04/06/2017 12:08:46] - |A| - [46416] - C:\WINDOWS\system32\Drivers\hidinterrupt.sys
[MD5.D4AA05C0EEA0C892F31406D0E359D458] - [04/06/2017 12:08:28] - |A| - [46592] - C:\WINDOWS\system32\Drivers\hidir.sys
[MD5.2CC6F5D14DE292B95BC8F83103BECD79] - [04/06/2017 12:08:45] - |A| - [45568] - C:\WINDOWS\system32\Drivers\hidparse.sys
[MD5.ED1F74ACC375A5B63548CFE567BCEC19] - [04/06/2017 12:08:45] - |A| - [41472] - C:\WINDOWS\system32\Drivers\hidusb.sys
[MD5.7C385E562DDC3E50BF90EF213C02972F] - [04/06/2017 12:08:33] - |A| - [60240] - C:\WINDOWS\system32\Drivers\HpSAMD.sys
[MD5.CCDF6D9336333136701DBB7E9754E892] - [04/06/2017 12:09:54] - |A| - [1099600] - C:\WINDOWS\system32\Drivers\http.sys
[MD5.396CEB4BC54A24D91C9A702B4B140841] - [04/06/2017 12:09:18] - |A| - [69456] - C:\WINDOWS\system32\Drivers\hvservice.sys
[MD5.7917A94085C5D76C840FD5259B78B7AD] - [04/06/2017 12:08:58] - |A| - [117072] - C:\WINDOWS\system32\Drivers\hvsocket.sys
[MD5.95DCAF69EF3021650DD26FC7D24F812C] - [04/06/2017 12:09:57] - |A| - [25424] - C:\WINDOWS\system32\Drivers\hwpolicy.sys
[MD5.1B7150C1D4D4469F10CE2C07AD093CF0] - [04/06/2017 12:08:28] - |A| - [16896] - C:\WINDOWS\system32\Drivers\hyperkbd.sys
[MD5.A8D76DA9E3EB70851BFFCD2C5F6E8194] - [04/06/2017 12:08:28] - |A| - [28672] - C:\WINDOWS\system32\Drivers\HyperVideo.sys
[MD5.8F5F73DCE1C2C07A842383300A1A5F60] - [04/06/2017 12:08:46] - |A| - [115712] - C:\WINDOWS\system32\Drivers\i8042prt.sys
[MD5.C6B8743B213F06AA60943D8366FE968F] - [04/06/2017 12:08:28] - |A| - [33280] - C:\WINDOWS\system32\Drivers\iagpio.sys
[MD5.9A2A2F3C69B9A30B6E78536F6D258BAD] - [04/06/2017 12:08:28] - |A| - [81408] - C:\WINDOWS\system32\Drivers\iai2c.sys
[MD5.42962355A7911407026E920E7252E3E5] - [04/06/2017 12:08:28] - |A| - [70656] - C:\WINDOWS\system32\Drivers\iaLPSS2i_GPIO2.sys
[MD5.BD47B2FEABFA48C6224D43EE9EA9BC06] - [04/06/2017 12:08:28] - |A| - [85504] - C:\WINDOWS\system32\Drivers\iaLPSS2i_GPIO2_BXT_P.sys
[MD5.2184CB3A65888F446FCD6DBA9F073F4C] - [04/06/2017 12:08:28] - |A| - [165376] - C:\WINDOWS\system32\Drivers\iaLPSS2i_I2C.sys
[MD5.4126F8DA08CE7924A3AE6F7235F85D5F] - [04/06/2017 12:08:28] - |A| - [168448] - C:\WINDOWS\system32\Drivers\iaLPSS2i_I2C_BXT_P.sys
[MD5.16A10CCEDCF5AC4CAAE43DC9FC40392F] - [04/06/2017 12:08:33] - |A| - [38128] - C:\WINDOWS\system32\Drivers\iaLPSSi_GPIO.sys
[MD5.EB82A11613326691508D9ED9A4FE29E7] - [04/06/2017 12:08:28] - |A| - [113152] - C:\WINDOWS\system32\Drivers\iaLPSSi_I2C.sys
[MD5.518BAB49D0C0587EFF907CC8D1CB27A4] - [04/06/2017 12:08:35] - |A| - [670032] - C:\WINDOWS\system32\Drivers\iaStorAV.sys
[MD5.23042E013727095B91237FD96D70996B] - [04/06/2017 12:08:35] - |A| - [407888] - C:\WINDOWS\system32\Drivers\iaStorV.sys
[MD5.F6E2735F88A0B598E0A3610A54A72332] - [04/06/2017 12:08:35] - |A| - [522064] - C:\WINDOWS\system32\Drivers\ibbus.sys
[MD5.4AB719D0CEB64ED85D30EB974A5C806E] - [02/06/2017 13:10:56] - |A| - [305120] - C:\WINDOWS\system32\Drivers\ignis.sys
[MD5.31DD7C55B986EA9017A7675DBD32F5F5] - [04/06/2017 12:09:37] - |A| - [39424] - C:\WINDOWS\system32\Drivers\IndirectKmd.sys
[MD5.495B8BFA599748929E4E9F87DF0127BA] - [04/06/2017 12:08:35] - |A| - [15184] - C:\WINDOWS\system32\Drivers\intelide.sys
[MD5.362E227387C75852C79E61D751E5DC5C] - [04/06/2017 12:08:33] - |A| - [82816] - C:\WINDOWS\system32\Drivers\intelpep.sys
[MD5.31FC115A5AB7FD89AC6A97A912F7A64A] - [04/06/2017 12:08:35] - |A| - [198656] - C:\WINDOWS\system32\Drivers\intelppm.sys
[MD5.F4A30DCE4E544495728F1B59135001CC] - [04/06/2017 12:09:21] - |A| - [45392] - C:\WINDOWS\system32\Drivers\iorate.sys
[MD5.D8773942AA3C8EC98FDC35D7E8BA1B80] - [04/06/2017 12:10:29] - |A| - [86528] - C:\WINDOWS\system32\Drivers\ipfltdrv.sys
[MD5.66A0528ED0205ED34BCCD58232ED78D4] - [04/06/2017 12:08:35] - |A| - [87888] - C:\WINDOWS\system32\Drivers\IPMIDrv.sys
[MD5.F1C151DC347E0C6385FE774264454260] - [04/06/2017 12:09:34] - |A| - [214528] - C:\WINDOWS\system32\Drivers\ipnat.sys
[MD5.011C5067E7BF978A35DAADF7EA93AB76] - [04/06/2017 12:08:58] - |A| - [26112] - C:\WINDOWS\system32\Drivers\ipt.sys
[MD5.119AA0D014B6D76FA4C58AEC349AB39B] - [04/06/2017 12:10:47] - |A| - [119808] - C:\WINDOWS\system32\Drivers\irda.sys
[MD5.A91D7BA02A88948903D69B4D58378A79] - [04/06/2017 12:10:44] - |A| - [19968] - C:\WINDOWS\system32\Drivers\irenum.sys
[MD5.06FEC7C01918E37991258BF074752A94] - [04/06/2017 12:08:35] - |A| - [18768] - C:\WINDOWS\system32\Drivers\isapnp.sys
[MD5.CDD8AC7FFFB18D5B023660273F0C18AE] - [04/06/2017 12:08:46] - |A| - [59216] - C:\WINDOWS\system32\Drivers\kbdclass.sys
[MD5.01CCD5E70EE2CE78B63C0E12408BC6FD] - [04/06/2017 12:08:46] - |A| - [40960] - C:\WINDOWS\system32\Drivers\kbdhid.sys
[MD5.77F0304D9C1C37F88C9BB1B7F43DA42C] - [04/06/2017 12:08:46] - |A| - [23040] - C:\WINDOWS\system32\Drivers\kdnic.sys
[MD5.21FC38905B10FA97F0A27873E001220F] - [04/06/2017 12:10:11] - |A| - [408064] - C:\WINDOWS\system32\Drivers\ks.sys
[MD5.0CBC3B05DEFFD27C9310959B0777C763] - [04/06/2017 12:09:57] - |A| - [134480] - C:\WINDOWS\system32\Drivers\ksecdd.sys
[MD5.2D66427DCB0236496382EE61F3045540] - [04/06/2017 12:09:55] - |A| - [165712] - C:\WINDOWS\system32\Drivers\ksecpkg.sys
[MD5.21C9FD960D87487E5F50A235DAD176DB] - [04/06/2017 12:10:11] - |A| - [26624] - C:\WINDOWS\system32\Drivers\ksthunk.sys
[MD5.941767B1E3C60ABC2A98E392DC57F5B6] - [04/06/2017 12:10:03] - |A| - [66560] - C:\WINDOWS\system32\Drivers\lltdio.sys
[MD5.9A92DA263FC429B236709119792BF7BC] - [04/06/2017 12:08:33] - |A| - [104784] - C:\WINDOWS\system32\Drivers\lsi_sas.sys
[MD5.E0D72D74CB9FC3137419818C319242C8] - [04/06/2017 12:08:33] - |A| - [119632] - C:\WINDOWS\system32\Drivers\lsi_sas2i.sys
[MD5.E3FD9DC4B472D4E2F37990EB9618543B] - [04/06/2017 12:08:33] - |A| - [99152] - C:\WINDOWS\system32\Drivers\lsi_sas3i.sys
[MD5.EB7B6F5832EC9F59FF696A93DBB88188] - [04/06/2017 12:08:33] - |A| - [78672] - C:\WINDOWS\system32\Drivers\lsi_sss.sys
[MD5.E509801EFA14E7B210FC3A361E3B7EFE] - [04/06/2017 12:10:11] - |A| - [126976] - C:\WINDOWS\system32\Drivers\luafv.sys
[MD5.9F8C434A266ABC501DC0DD051B9A4A23] - [04/06/2017 12:08:35] - |A| - [495440] - C:\WINDOWS\system32\Drivers\mausbhost.sys
[MD5.9946258CC4EB7D5F363EBDBB16F9DDE0] - [04/06/2017 12:08:35] - |A| - [52560] - C:\WINDOWS\system32\Drivers\mausbip.sys
[MD5.5C9CA030C451CB3553DB9094C68EE6E9] - [21/06/2017 16:17:51] - |A| - [77376] - C:\WINDOWS\system32\Drivers\mbae64.sys
[MD5.68B3141EEFEA3AF9C244945B52247241] - [21/06/2017 16:17:56] - |A| - [44960] - C:\WINDOWS\system32\Drivers\mbam.sys
[MD5.E095FFE590241C1765D093E91E325147] - [21/06/2017 16:18:05] - |A| - [188312] - C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
[MD5.913F4230E29E312D1B4B02E2BAC67C87] - [01/06/2017 00:02:54] - |A| - [252832] - C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
[MD5.6F16DF1484E3CAEC51A6A484A1E87DE8] - [04/06/2017 12:10:36] - |A| - [23552] - C:\WINDOWS\system32\Drivers\mcd.sys
[MD5.49B77BE171C48AC18137A8CAA2A4993E] - [04/06/2017 12:08:34] - |A| - [55632] - C:\WINDOWS\system32\Drivers\megasas.sys
[MD5.91960FD920A73C65950C73E6791E1460] - [04/06/2017 12:08:34] - |A| - [60240] - C:\WINDOWS\system32\Drivers\MegaSas2i.sys
[MD5.1216012E31F0A5FBCB8433B7CE6E5A58] - [04/06/2017 12:08:34] - |A| - [571728] - C:\WINDOWS\system32\Drivers\megasr.sys
[MD5.2CEB238BEC283B8871A0695E7F2629EC] - [04/06/2017 12:08:45] - |A| - [75776] - C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
[MD5.450EC859022300A980E76E07416152A2] - [04/06/2017 12:08:35] - |A| - [838480] - C:\WINDOWS\system32\Drivers\mlx4_bus.sys
[MD5.76338D57815F86A63376B8CBA905584A] - [04/06/2017 12:09:21] - |A| - [49664] - C:\WINDOWS\system32\Drivers\mmcss.sys
[MD5.D0440A77D1E89B41E1EDBDF04E644A7F] - [04/06/2017 12:10:40] - |A| - [42496] - C:\WINDOWS\system32\Drivers\modem.sys
[MD5.54C1159546C2C235B84A7011FCE433B3] - [04/06/2017 12:08:33] - |A| - [38912] - C:\WINDOWS\system32\Drivers\monitor.sys
[MD5.E2D3E4E885EA08BA44EC2ED0122C5E5B] - [04/06/2017 12:08:46] - |A| - [56144] - C:\WINDOWS\system32\Drivers\mouclass.sys
[MD5.40A7DCF00ECC81681C4DF59F85BBB4DA] - [04/06/2017 12:08:46] - |A| - [32768] - C:\WINDOWS\system32\Drivers\mouhid.sys
[MD5.C012D916DF5E0C757C315D6444B03254] - [04/06/2017 12:09:57] - |A| - [101200] - C:\WINDOWS\system32\Drivers\mountmgr.sys
[MD5.B2B2A84332DCD4BF579B8726A3ACACC9] - [04/06/2017 12:09:33] - |A| - [75776] - C:\WINDOWS\system32\Drivers\mpsdrv.sys
[MD5.7FF46A1C7850C7190EFC04473167ED72] - [04/06/2017 12:10:47] - |A| - [143872] - C:\WINDOWS\system32\Drivers\mrxdav.sys
[MD5.9EBFA5867BD056F6A05B03B67EDBD07E] - [04/06/2017 12:10:00] - |A| - [468816] - C:\WINDOWS\system32\Drivers\mrxsmb.sys
[MD5.8E025705FAAA6D2C9059CD901883AE24] - [04/06/2017 12:09:09] - |A| - [285696] - C:\WINDOWS\system32\Drivers\mrxsmb10.sys
[MD5.1E1F9F3B2F2E97B73646AB6DEC2CD0FF] - [04/06/2017 12:10:00] - |A| - [229200] - C:\WINDOWS\system32\Drivers\mrxsmb20.sys
[MD5.F688A34E35C4FF4CDAAD01735E68AB6A] - [04/06/2017 12:09:58] - |A| - [31232] - C:\WINDOWS\system32\Drivers\msfs.sys
[MD5.ABC89622317CDB2501A742A29701A9DC] - [04/06/2017 12:09:30] - |A| - [165200] - C:\WINDOWS\system32\Drivers\msgpioclx.sys
[MD5.90C364508632961C2045AA90417A1BF2] - [04/06/2017 12:08:46] - |A| - [44880] - C:\WINDOWS\system32\Drivers\msgpiowin32.sys
[MD5.89BC2838CF69FE522792348CD2C55C5F] - [04/06/2017 12:09:34] - |A| - [8704] - C:\WINDOWS\system32\Drivers\mshidkmdf.sys
[MD5.13C5A105CF3DB8BF31CA051D200B1A79] - [04/06/2017 12:09:34] - |A| - [11776] - C:\WINDOWS\system32\Drivers\mshidumdf.sys
[MD5.40764D0A91B9665CBA37E56F8DCA3DB7] - [04/06/2017 12:08:35] - |A| - [14672] - C:\WINDOWS\system32\Drivers\msisadrv.sys
[MD5.75EDB4A6AC93F2AC8D3DA229CDBCACDE] - [04/06/2017 12:08:35] - |A| - [274768] - C:\WINDOWS\system32\Drivers\msiscsi.sys
[MD5.6E3CA151A8FD51ABCC6956E7B5E78C1C] - [04/06/2017 12:10:11] - |A| - [32768] - C:\WINDOWS\system32\Drivers\mskssrv.sys
[MD5.91D01794D5F2E6791960B04CFF521B7C] - [04/06/2017 12:10:24] - |A| - [82944] - C:\WINDOWS\system32\Drivers\mslldp.sys
[MD5.988B5F0703AA1DC868E612DB7DB27A85] - [04/06/2017 12:10:11] - |A| - [10752] - C:\WINDOWS\system32\Drivers\mspclock.sys
[MD5.C767F35DF70892921364A4FAA2D775FA] - [04/06/2017 12:10:11] - |A| - [10752] - C:\WINDOWS\system32\Drivers\mspqm.sys
[MD5.EF4088A05F4C1142783227B359E9379C] - [04/06/2017 12:09:55] - |A| - [366928] - C:\WINDOWS\system32\Drivers\msrpc.sys
[MD5.A6F4087E5308BF5F967101A67E341E8A] - [04/06/2017 12:11:45] - |A| - [273232] - C:\WINDOWS\system32\Drivers\mssecflt.sys
[MD5.3151B911090A62DB86EFCB7DFDADF7DE] - [04/06/2017 12:08:35] - |A| - [39760] - C:\WINDOWS\system32\Drivers\mssmbios.sys
[MD5.C6DD1D9ECF02F42FE902E3CAD9C2165B] - [04/06/2017 12:10:11] - |A| - [12800] - C:\WINDOWS\system32\Drivers\mstee.sys
[MD5.D1B298A90E486873586724715DE34A05] - [04/06/2017 12:08:34] - |A| - [16896] - C:\WINDOWS\system32\Drivers\MTConfig.sys
[MD5.E662A96EE669C37D9742A7B1D02BD944] - [04/06/2017 12:10:00] - |A| - [124240] - C:\WINDOWS\system32\Drivers\mup.sys
[MD5.DE8AB02F97885487152143722B606F70] - [04/06/2017 12:08:34] - |A| - [59728] - C:\WINDOWS\system32\Drivers\mvumis.sys
[MD5.80F6C490D2966D0135DF5999E6DE1A0B] - [21/06/2017 16:17:58] - |A| - [93600] - C:\WINDOWS\system32\Drivers\mwac.sys
[MD5.85981ACCCC1CFD434ACC71E7CEBC22F9] - [04/06/2017 12:08:35] - |A| - [104784] - C:\WINDOWS\system32\Drivers\ndfltr.sys
[MD5.46589A7D84021FAB9507D3F0CC86811A] - [04/06/2017 12:09:55] - |A| - [1243984] - C:\WINDOWS\system32\Drivers\ndis.sys
[MD5.F01B3B305D26AE5C96EDF8B681ACBD84] - [04/06/2017 12:10:41] - |A| - [50688] - C:\WINDOWS\system32\Drivers\ndiscap.sys
[MD5.C973B746C6BFCDADE784C088B5AA0837] - [04/06/2017 12:10:24] - |A| - [127488] - C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
[MD5.BDD579A6F45807EBE906F5DABB14A7B1] - [04/06/2017 12:10:32] - |A| - [26624] - C:\WINDOWS\system32\Drivers\ndistapi.sys
[MD5.090BB58275729431D1C1817A75462F67] - [04/06/2017 12:09:57] - |A| - [65024] - C:\WINDOWS\system32\Drivers\ndisuio.sys
[MD5.E8B0AF0F19C3522AB89E727057811A7F] - [04/06/2017 12:10:27] - |A| - [20992] - C:\WINDOWS\system32\Drivers\NdisVirtualBus.sys
[MD5.72FEC327023453F62A3B22FC84F912E4] - [04/06/2017 12:10:29] - |A| - [192000] - C:\WINDOWS\system32\Drivers\ndiswan.sys
[MD5.C0F894053A83501137F9985F455FFF11] - [04/06/2017 12:10:32] - |A| - [62464] - C:\WINDOWS\system32\Drivers\ndproxy.sys
[MD5.94C243037C6A432B6D7F18F2750E8EC7] - [04/06/2017 12:09:18] - |A| - [126976] - C:\WINDOWS\system32\Drivers\Ndu.sys
[MD5.947FFF81C39FEF39316398A7AC220EE0] - [04/06/2017 12:09:57] - |A| - [132096] - C:\WINDOWS\system32\Drivers\NetAdapterCx.sys
[MD5.DD4B36C68B985DBC819888AC70AC1222] - [04/06/2017 12:10:24] - |A| - [53584] - C:\WINDOWS\system32\Drivers\netbios.sys
[MD5.B1C5786AF9649C257C71393610868006] - [04/06/2017 12:10:27] - |A| - [306176] - C:\WINDOWS\system32\Drivers\netbt.sys
[MD5.A73C5EEF0AB3A35F708133AE06A65E25] - [04/06/2017 12:09:57] - |A| - [529232] - C:\WINDOWS\system32\Drivers\netio.sys
[MD5.386F17C49879C753EBC1231B777A79FB] - [04/06/2017 12:08:28] - |A| - [185344] - C:\WINDOWS\system32\Drivers\netvsc.sys
[MD5.5C213151DDF1116698102169CC0748C6] - [04/06/2017 12:09:58] - |A| - [72704] - C:\WINDOWS\system32\Drivers\npfs.sys
[MD5.20370A58F1BF60EEA2E6DECE39A9E8DF] - [04/06/2017 12:08:46] - |A| - [26624] - C:\WINDOWS\system32\Drivers\npsvctrig.sys
[MD5.7029ADD9D7017E9294A088C665BF7BC6] - [04/06/2017 12:09:57] - |A| - [43008] - C:\WINDOWS\system32\Drivers\nsiproxy.sys
[MD5.CC5FEC7E3978B06C82079DE849E0B747] - [04/06/2017 12:09:58] - |A| - [2309456] - C:\WINDOWS\system32\Drivers\ntfs.sys
[MD5.D07A0CDA386D5904C8DCA1141D01650B] - [04/06/2017 12:10:13] - |A| - [15696] - C:\WINDOWS\system32\Drivers\ntosext.sys
[MD5.A5088DF863593B5423A40801390FDCF9] - [04/06/2017 12:09:58] - |A| - [7168] - C:\WINDOWS\system32\Drivers\null.sys
[MD5.71FF183E990FD883FC008AB663316A1D] - [04/06/2017 12:08:35] - |A| - [86016] - C:\WINDOWS\system32\Drivers\nvdimmn.sys
[MD5.6BBEB2626A05A54E539F6378F4C6DEC6] - [04/06/2017 12:08:34] - |A| - [146256] - C:\WINDOWS\system32\Drivers\nvraid.sys
[MD5.04D36C88D10F41B9F1154D1FB5015A9B] - [04/06/2017 12:08:34] - |A| - [162128] - C:\WINDOWS\system32\Drivers\nvstor.sys
[MD5.96D45807F7F3D9960AD27C418580B952] - [04/06/2017 12:10:49] - |A| - [528896] - C:\WINDOWS\system32\Drivers\nwifi.sys
[MD5.C3E3C147B853632105F701F10FD5E087] - [04/06/2017 12:09:30] - |A| - [149328] - C:\WINDOWS\system32\Drivers\pacer.sys
[MD5.5893B11541EDE1DEA5796F16F6279210] - [04/06/2017 12:08:35] - |A| - [98816] - C:\WINDOWS\system32\Drivers\parport.sys
[MD5.9B1BC0AE4C78E7B757DA0BC5A6E5DC90] - [04/06/2017 12:09:57] - |A| - [157008] - C:\WINDOWS\system32\Drivers\partmgr.sys
[MD5.A0DBA32BAFCCC66F3C1817A5C1E1D3CB] - [04/06/2017 12:08:35] - |A| - [354640] - C:\WINDOWS\system32\Drivers\pci.sys
[MD5.BC821F74EC3D8CB8AE53EB9D26BC8371] - [04/06/2017 12:08:35] - |A| - [12112] - C:\WINDOWS\system32\Drivers\pciide.sys
[MD5.970D9B2BD4C82C242B8E46CC39F12FCD] - [04/06/2017 12:08:35] - |A| - [48976] - C:\WINDOWS\system32\Drivers\pciidex.sys
[MD5.2F0BB5FA11CC479F86DBA16F57B386FA] - [04/06/2017 12:08:28] - |A| - [115536] - C:\WINDOWS\system32\Drivers\pcmcia.sys
[MD5.4157CE5D644632619935E4B942DDC6A6] - [04/06/2017 12:09:55] - |A| - [48464] - C:\WINDOWS\system32\Drivers\pcw.sys
[MD5.061A60F160D10870D065D8F625F629F4] - [04/06/2017 12:08:58] - |A| - [118096] - C:\WINDOWS\system32\Drivers\pdc.sys
[MD5.E4DA4085ABD9178915D3720D79D87B16] - [04/06/2017 12:10:47] - |A| - [730112] - C:\WINDOWS\system32\Drivers\PEAuth.sys
[MD5.0DFFF8BF597A4F5CE32C37DE68E31C5D] - [04/06/2017 12:08:34] - |A| - [54608] - C:\WINDOWS\system32\Drivers\percsas2i.sys
[MD5.4EE810738344E132CE7894FA735B80CC] - [04/06/2017 12:08:34] - |A| - [57680] - C:\WINDOWS\system32\Drivers\percsas3i.sys
[MD5.162C8510E3AB7398917E233CD4C99CA2] - [04/06/2017 12:08:35] - |A| - [102912] - C:\WINDOWS\system32\Drivers\pmem.sys
[MD5.1C51C9248F209A2DEF94805C5643ECAE] - [04/06/2017 12:08:33] - |A| - [16896] - C:\WINDOWS\system32\Drivers\pnpmem.sys
[MD5.39B3C0398480C461AA6DE9627BCB6F7F] - [04/06/2017 12:08:28] - |A| - [379904] - C:\WINDOWS\system32\Drivers\portcls.sys
[MD5.9093BB61613FF6AB28E2E8A55C050705] - [04/06/2017 12:08:35] - |A| - [177152] - C:\WINDOWS\system32\Drivers\processr.sys
[MD5.CB24371ED4A98DBC63E78286F17F73E8] - [04/06/2017 12:08:28] - |A| - [1086432] - C:\WINDOWS\system32\Drivers\qca61x4_2_2.bin
[MD5.47B1B98FF5E2B173B86EB53A417FA26E] - [04/06/2017 12:08:28] - |A| - [2344448] - C:\WINDOWS\system32\Drivers\Qcamain10x64.sys
[MD5.6D166CBE207FBC63FD0660EF9D0C4B98] - [04/06/2017 12:10:24] - |A| - [49152] - C:\WINDOWS\system32\Drivers\qwavedrv.sys
[MD5.43D3A39AF12BA090F88C9CA2278758FA] - [04/06/2017 12:09:39] - |A| - [35152] - C:\WINDOWS\system32\Drivers\ramdisk.sys
[MD5.21DA587DC5B630AE9D67B3FEC57B3B34] - [04/06/2017 12:10:27] - |A| - [17408] - C:\WINDOWS\system32\Drivers\rasacd.sys
[MD5.C19B766AED33C686B468EA9B3C59FC6C] - [04/06/2017 12:10:32] - |A| - [106496] - C:\WINDOWS\system32\Drivers\rasl2tp.sys
[MD5.939C7D02D5FB20592B682E50384EEE1A] - [04/06/2017 12:10:32] - |A| - [81920] - C:\WINDOWS\system32\Drivers\raspppoe.sys
[MD5.00EF9515383708DBB0CAA25BB5A311A5] - [04/06/2017 12:10:32] - |A| - [97280] - C:\WINDOWS\system32\Drivers\raspptp.sys
[MD5.334B24E6601E8979276EC6849C1D73B6] - [04/06/2017 12:10:32] - |A| - [78848] - C:\WINDOWS\system32\Drivers\rassstp.sys
[MD5.CB22ED864958E526AD731C926F2F3581] - [04/06/2017 12:10:00] - |A| - [434000] - C:\WINDOWS\system32\Drivers\rdbss.sys
[MD5.B0EEF0E17CEF2AC8C14C4AA3DA44367F] - [04/06/2017 12:08:46] - |A| - [26624] - C:\WINDOWS\system32\Drivers\rdpbus.sys
[MD5.E9E2D002EA6703F28F3655BE89486DB8] - [04/06/2017 12:11:37] - |A| - [185344] - C:\WINDOWS\system32\Drivers\rdpdr.sys
[MD5.B68544097CFF420EDACDEEF9283C5260] - [04/06/2017 12:11:37] - |A| - [26448] - C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
[MD5.B8DE87C973CD81CBB7227375387898DE] - [04/06/2017 12:10:49] - |A| - [278864] - C:\WINDOWS\system32\Drivers\rdyboost.sys
[MD5.7A3CC07A138B6AD6D0C5EE8312BF5C55] - [04/06/2017 12:09:54] - |A| - [1740624] - C:\WINDOWS\system32\Drivers\refs.sys
[MD5.0CECCF25E9791483AA94E299653F315E] - [04/06/2017 12:09:52] - |A| - [932688] - C:\WINDOWS\system32\Drivers\refsv1.sys
[MD5.945913EAC41EDBAE636D55F5B0DC77E1] - [04/06/2017 12:08:45] - |A| - [182272] - C:\WINDOWS\system32\Drivers\rfcomm.sys
[MD5.54E9F58EF02EFDAABA4AF469784D54F6] - [04/06/2017 12:08:28] - |A| - [43008] - C:\WINDOWS\system32\Drivers\RfxVmt.sys
[MD5.A27ABE603C3089FF107B651E1C095B1E] - [04/06/2017 12:08:33] - |A| - [104448] - C:\WINDOWS\system32\Drivers\rhproxy.sys
[MD5.0E859085529A71E9CD0CFAEDACA1177F] - [04/06/2017 12:10:11] - |A| - [149504] - C:\WINDOWS\system32\Drivers\rmcast.sys
[MD5.759211E5C08F94862DAE9F4A9B0642C4] - [04/06/2017 12:10:32] - |A| - [35328] - C:\WINDOWS\system32\Drivers\RNDISMP.sys
[MD5.12502D767028B3DD1B21F148E0D1AAB4] - [04/06/2017 12:10:40] - |A| - [13312] - C:\WINDOWS\system32\Drivers\rootmdm.sys
[MD5.E3A4AC444E52BB5083F2510D5FD2AFD1] - [04/06/2017 12:10:03] - |A| - [81920] - C:\WINDOWS\system32\Drivers\rspndr.sys
[MD5.6CAADE457E14F0C630E2A3D8E813336D] - [04/06/2017 12:17:12] - |RA| - [57856] - C:\WINDOWS\system32\Drivers\rteth.sys
[MD5.DC527D3DEB329164E6F4C91CC4CC2FF8] - [04/06/2017 12:08:33] - |A| - [105808] - C:\WINDOWS\system32\Drivers\sbp2port.sys
[MD5.6823E9A8022DA2A954205DEC0B4649F3] - [04/06/2017 12:10:35] - |A| - [43008] - C:\WINDOWS\system32\Drivers\scfilter.sys
[MD5.4E0503A36CF6A3C4631DAD03362CEF53] - [04/06/2017 12:08:35] - |A| - [107344] - C:\WINDOWS\system32\Drivers\scmbus.sys
[MD5.BE7225276AB24F00EB9F0511C701ACE1] - [04/06/2017 12:10:33] - |A| - [171856] - C:\WINDOWS\system32\Drivers\scsiport.sys
[MD5.90AB93CFD9529CA6794EF1C417C92B7A] - [04/06/2017 12:08:46] - |A| - [283472] - C:\WINDOWS\system32\Drivers\sdbus.sys
[MD5.53F9F1954D664CE8CBDF2A799704857B] - [04/06/2017 12:08:36] - |A| - [29008] - C:\WINDOWS\system32\Drivers\SDFRd.sys
[MD5.7D545C1ED4A4C9FFEC55A7A24DFF4D6E] - [04/06/2017 12:08:58] - |A| - [93520] - C:\WINDOWS\system32\Drivers\sdport.sys
[MD5.F6525473801991937409DE850C118A9B] - [04/06/2017 12:08:46] - |A| - [91472] - C:\WINDOWS\system32\Drivers\sdstor.sys
[MD5.2C9E9009EBB71E922C50B29ABE1B12C1] - [04/06/2017 12:09:34] - |A| - [70992] - C:\WINDOWS\system32\Drivers\SerCx.sys
[MD5.E74B44F760C27BB1938369A54F7271C7] - [04/06/2017 12:09:34] - |A| - [150352] - C:\WINDOWS\system32\Drivers\SerCx2.sys
[MD5.41C14C8380754A08E7E88FC0B823475B] - [04/06/2017 12:08:35] - |A| - [25088] - C:\WINDOWS\system32\Drivers\serenum.sys
[MD5.9FC7F54DA78CEE2480E776867808C324] - [04/06/2017 12:08:35] - |A| - [84480] - C:\WINDOWS\system32\Drivers\serial.sys
[MD5.12EFB19D08AC0E571B6F5BE6BDBC8384] - [04/06/2017 12:08:46] - |A| - [28160] - C:\WINDOWS\system32\Drivers\sermouse.sys
[MD5.D603271978355CC8312A06785D61AF5D] - [04/06/2017 12:08:35] - |A| - [17920] - C:\WINDOWS\system32\Drivers\sfloppy.sys
[MD5.FD2CF90157B557FC9D34A12D1EF8B185] - [04/06/2017 12:08:34] - |A| - [40784] - C:\WINDOWS\system32\Drivers\sisraid2.sys
[MD5.73567600A680DC656C879D0A96C23DB5] - [04/06/2017 12:08:34] - |A| - [77648] - C:\WINDOWS\system32\Drivers\sisraid4.sys
[MD5.765CB1B81A8CC9A2D398B6C8949F78AB] - [04/06/2017 12:09:57] - |A| - [29008] - C:\WINDOWS\system32\Drivers\SleepStudyHelper.sys
[MD5.2F3D15DD329BB4FD0708201C52B5901F] - [04/06/2017 12:10:36] - |A| - [21504] - C:\WINDOWS\system32\Drivers\smclib.sys
[MD5.8B9E2DFE564E01AC167ACD0DF30D5E7E] - [04/06/2017 12:08:35] - |A| - [165200] - C:\WINDOWS\system32\Drivers\spacedump.sys
[MD5.DE5C01C8FBD708948BCD3F52D8D0CC0B] - [04/06/2017 12:08:35] - |A| - [585552] - C:\WINDOWS\system32\Drivers\spaceport.sys
[MD5.75145F82892CB28F82259FB557BB4D27] - [04/06/2017 12:11:39] - |A| - [40784] - C:\WINDOWS\system32\Drivers\SpatialGraphFilter.sys
[MD5.8C33FD62A070029253F907A388E20B9F] - [04/06/2017 12:09:37] - |A| - [77136] - C:\WINDOWS\system32\Drivers\SpbCx.sys
[MD5.D94B26C1191635D41C920BCB3815EA89] - [04/06/2017 12:09:09] - |A| - [414720] - C:\WINDOWS\system32\Drivers\srv.sys
[MD5.01FFC5850DEAD011F9357BC131F86E67] - [04/06/2017 12:10:00] - |A| - [727040] - C:\WINDOWS\system32\Drivers\srv2.sys
[MD5.CA57FACEACF3A5345B4F07E75369C5A0] - [04/06/2017 12:10:02] - |A| - [259072] - C:\WINDOWS\system32\Drivers\srvnet.sys
[MD5.08C8456485C035F9B6BBA17D95DDBB3A] - [04/06/2017 12:08:35] - |A| - [26960] - C:\WINDOWS\system32\Drivers\stexstor.sys
[MD5.DF2AF611C2AAE87B7F5782919424C315] - [04/06/2017 12:08:35] - |A| - [143184] - C:\WINDOWS\system32\Drivers\storahci.sys
[MD5.C93133D4CE227ED2B76F2C8F882286E0] - [04/06/2017 12:08:35] - |A| - [98640] - C:\WINDOWS\system32\Drivers\stornvme.sys
[MD5.FC4A14730A82EA166266B65A7C7978FD] - [04/06/2017 12:08:58] - |A| - [549712] - C:\WINDOWS\system32\Drivers\storport.sys
[MD5.A246A26A440EABAA7B46D1A821FCF176] - [04/06/2017 12:09:37] - |A| - [79872] - C:\WINDOWS\system32\Drivers\storqosflt.sys
[MD5.82FED3EDFBE465FF8DC4291BEF567543] - [04/06/2017 12:08:35] - |A| - [35152] - C:\WINDOWS\system32\Drivers\storufs.sys
[MD5.80311333282AA77F5B83E2A790F6AC5B] - [04/06/2017 12:08:28] - |A| - [34640] - C:\WINDOWS\system32\Drivers\storvsc.sys
[MD5.FEF9284D59178CDFB97267DE10210704] - [04/06/2017 12:10:33] - |A| - [75264] - C:\WINDOWS\system32\Drivers\stream.sys
[MD5.DFBBE6433633E35E3B55A3D83F0DCAA8] - [04/06/2017 12:08:36] - |A| - [14160] - C:\WINDOWS\system32\Drivers\swenum.sys
[MD5.4215D52760823B266CA3B6A4CC80A429] - [04/06/2017 12:08:28] - |A| - [65024] - C:\WINDOWS\system32\Drivers\Synth3dVsc.sys
[MD5.63F3A621DEDAFAB7CAA94E71D6B33DE2] - [04/06/2017 12:10:36] - |A| - [31232] - C:\WINDOWS\system32\Drivers\tape.sys
[MD5.CFBB0388E25B1674562BBE13FA18502E] - [04/06/2017 12:09:34] - |A| - [23888] - C:\WINDOWS\system32\Drivers\tbs.sys
[MD5.8C47E9355BA8C42DEB032A82066391C8] - [04/06/2017 12:09:57] - |A| - [2702672] - C:\WINDOWS\system32\Drivers\tcpip.sys
[MD5.AD2A0EF8577438BE80061C805365B19A] - [04/06/2017 12:10:27] - |A| - [51712] - C:\WINDOWS\system32\Drivers\tcpipreg.sys
[MD5.67E122D7DA1A57D7844AD6D4E3288029] - [04/06/2017 12:09:55] - |A| - [36688] - C:\WINDOWS\system32\Drivers\tdi.sys
[MD5.69CAC3FB4BD818367995894B33CE5D35] - [04/06/2017 12:09:57] - |A| - [116048] - C:\WINDOWS\system32\Drivers\tdx.sys
[MD5.A43D146889088C3EC9CCA654281587BE] - [04/06/2017 12:08:46] - |A| - [32592] - C:\WINDOWS\system32\Drivers\terminpt.sys
[MD5.007C08F3352AC454AB0B6B47E5C82258] - [04/06/2017 12:10:00] - |A| - [126800] - C:\WINDOWS\system32\Drivers\tm.sys
[MD5.9C989499E214C15874A7608C67C71A2B] - [04/06/2017 12:08:46] - |A| - [223568] - C:\WINDOWS\system32\Drivers\tpm.sys
[MD5.0D5A09B08568760AE85A801FCBC0F83D] - [20/06/2017 00:09:01] - |A| - [28272] - C:\WINDOWS\system32\Drivers\TrueSight.sys
[MD5.AA129EFF64E41947F6A46388A7F5F966] - [02/06/2017 13:09:58] - |A| - [520032] - C:\WINDOWS\system32\Drivers\trufos.sys
[MD5.10BB1032D9A77D2657D0B5941D4979BF] - [04/06/2017 12:08:58] - |A| - [61952] - C:\WINDOWS\system32\Drivers\TsUsbFlt.sys
[MD5.94027E4E7DB37AC53C6D33F2720DAAAC] - [04/06/2017 12:08:36] - |A| - [35328] - C:\WINDOWS\system32\Drivers\TsUsbGD.sys
[MD5.D4EBCB816D2295B12B2A351A2B0C8E5F] - [04/06/2017 12:08:46] - |A| - [125952] - C:\WINDOWS\system32\Drivers\tsusbhub.sys
[MD5.59C36E09BCA425870B1896C5F4552DC3] - [04/06/2017 12:10:24] - |A| - [106496] - C:\WINDOWS\system32\Drivers\tunnel.sys
[MD5.4F04060416DA2F8CD0CAFA8484D559C1] - [04/06/2017 12:08:35] - |A| - [74576] - C:\WINDOWS\system32\Drivers\uaspstor.sys
[MD5.952960B44762398DC4DBAEBB6C80320E] - [04/06/2017 12:09:34] - |A| - [114176] - C:\WINDOWS\system32\Drivers\UcmCx.sys
[MD5.C1B6F6C93F210A1DC95CA1B242077CBE] - [04/06/2017 12:09:34] - |A| - [146944] - C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
[MD5.C2051887030CC200F046746AE253F0A6] - [04/06/2017 12:08:46] - |A| - [53760] - C:\WINDOWS\system32\Drivers\UcmUcsi.sys
[MD5.8BD197D323CA95E55C4A79F041E35B48] - [04/06/2017 12:08:58] - |A| - [223056] - C:\WINDOWS\system32\Drivers\Ucx01000.sys
[MD5.596BEA433B467FFECF374BF6E63B0BBA] - [04/06/2017 12:08:58] - |A| - [45568] - C:\WINDOWS\system32\Drivers\Udecx.sys
[MD5.C09C6EAB1FC4F321BEE8460A39039F53] - [04/06/2017 12:10:42] - |A| - [323072] - C:\WINDOWS\system32\Drivers\udfs.sys
[MD5.480FEE09AA0D4BCCD7C2428D9F03DA77] - [04/06/2017 12:08:35] - |A| - [24400] - C:\WINDOWS\system32\Drivers\uefi.sys
[MD5.8A3B56679C99A1C570E1E21D0504255E] - [04/06/2017 12:11:48] - |A| - [36176] - C:\WINDOWS\system32\Drivers\UevAgentDriver.sys
[MD5.23506A3F69053FA0D647F666AA057BB3] - [04/06/2017 12:09:34] - |A| - [260944] - C:\WINDOWS\system32\Drivers\ufx01000.sys
[MD5.ABA6D517357F523C6E8C8B4BBF40A19E] - [04/06/2017 12:08:45] - |A| - [94544] - C:\WINDOWS\system32\Drivers\UfxChipidea.sys
[MD5.53439AA0DDAC4B9805CC2D011AEFDF1E] - [04/06/2017 12:08:45] - |A| - [136528] - C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
[MD5.7C52E1ADF62B909E9ED2281CE15386C3] - [04/06/2017 12:08:35] - |A| - [56832] - C:\WINDOWS\system32\Drivers\umbus.sys
[MD5.00000000000000000000000000000000] - [04/06/2017 12:16:36] - |D| - [4133792] - C:\WINDOWS\system32\Drivers\UMDF
[MD5.14B4534FD9B6CEDE01F7DB750C70D7A5] - [04/06/2017 12:08:45] - |A| - [14336] - C:\WINDOWS\system32\Drivers\umpass.sys
[MD5.79409343C1206E22EB736B4374A93B7E] - [04/06/2017 12:08:45] - |A| - [24400] - C:\WINDOWS\system32\Drivers\urschipidea.sys
[MD5.B534FB77CCF969EF4C6C5470423CE520] - [04/06/2017 12:09:37] - |A| - [55120] - C:\WINDOWS\system32\Drivers\urscx01000.sys
[MD5.2D1A318A0C25851EAB197CA1AD38C596] - [04/06/2017 12:08:45] - |A| - [23376] - C:\WINDOWS\system32\Drivers\urssynopsys.sys
[MD5.D16F38DB4FFC868A971D914B9AB2C19C] - [04/06/2017 12:10:29] - |A| - [23040] - C:\WINDOWS\system32\Drivers\usb8023.sys
[MD5.08E7621E5BC0367B9900ABB2A4AFA8B6] - [04/06/2017 12:10:42] - |A| - [37376] - C:\WINDOWS\system32\Drivers\USBCAMD2.sys
[MD5.34B2E99E0E6B744CDDED518F8A8D814C] - [04/06/2017 12:08:46] - |A| - [165200] - C:\WINDOWS\system32\Drivers\usbccgp.sys
[MD5.9046F7972514129FBFF74D946C60E48E] - [04/06/2017 12:08:28] - |A| - [103424] - C:\WINDOWS\system32\Drivers\usbcir.sys
[MD5.330F778CC41F2FEDAF4CC7409211F63D] - [04/06/2017 12:08:46] - |A| - [27984] - C:\WINDOWS\system32\Drivers\usbd.sys
[MD5.70839EEC5C729136C98EE137D3CB7126] - [04/06/2017 12:08:46] - |A| - [93008] - C:\WINDOWS\system32\Drivers\usbehci.sys
[MD5.84D6C89EC040EE84C5A03B97692AD649] - [04/06/2017 12:08:46] - |A| - [510800] - C:\WINDOWS\system32\Drivers\usbhub.sys
[MD5.357F88512498AFF76F95552A0BF60422] - [04/06/2017 12:08:46] - |A| - [549200] - C:\WINDOWS\system32\Drivers\USBHUB3.SYS
[MD5.50A2A53A6812DDEFB9ABCF4A9D9CEE67] - [04/06/2017 12:08:46] - |A| - [30208] - C:\WINDOWS\system32\Drivers\usbohci.sys
[MD5.B3FACBCC0347817039B41B71AA6C1632] - [04/06/2017 12:08:46] - |A| - [458576] - C:\WINDOWS\system32\Drivers\usbport.sys
[MD5.3CA2FF91A56D111B111DC3D08C949016] - [04/06/2017 12:08:31] - |A| - [27136] - C:\WINDOWS\system32\Drivers\usbprint.sys
[MD5.2AAA4A6B555793D9F34D3108AB4CF855] - [04/06/2017 12:08:35] - |A| - [71680] - C:\WINDOWS\system32\Drivers\usbser.sys
[MD5.F967C4AD06BDE464DD690C7CE8839806] - [04/06/2017 12:08:46] - |A| - [126800] - C:\WINDOWS\system32\Drivers\USBSTOR.SYS
[MD5.794E4B64CEF20BD4406E48361EE74B79] - [04/06/2017 12:08:46] - |A| - [35328] - C:\WINDOWS\system32\Drivers\usbuhci.sys
[MD5.6642676186F8C7463F75F180AF3E0E2A] - [04/06/2017 12:08:33] - |A| - [279552] - C:\WINDOWS\system32\Drivers\usbvideo.sys
[MD5.CA463A3F4CADEABC397F8E6328B6262D] - [04/06/2017 12:08:46] - |A| - [437072] - C:\WINDOWS\system32\Drivers\USBXHCI.SYS
[MD5.4456035D302D837D9D361151194D3C3B] - [04/06/2017 12:08:35] - |A| - [49488] - C:\WINDOWS\system32\Drivers\vdrvroot.sys
[MD5.051C16C52F5A0363DF9F9D6FE828A277] - [04/06/2017 12:09:57] - |A| - [216912] - C:\WINDOWS\system32\Drivers\VerifierExt.sys
[MD5.A45D4B2ABEECCA5B64BF648AFACE1F81] - [04/06/2017 12:08:35] - |A| - [734544] - C:\WINDOWS\system32\Drivers\vhdmp.sys
[MD5.F2D41AC93C9D35C30D3FDBC5E35628CC] - [04/06/2017 12:08:58] - |A| - [34816] - C:\WINDOWS\system32\Drivers\vhf.sys
[MD5.2E69C1AAE3F36E3A61CEC624DE84FEF6] - [04/06/2017 12:10:02] - |A| - [48640] - C:\WINDOWS\system32\Drivers\videoprt.sys
[MD5.253C02AF0D010AAA52E577EE9FF0259F] - [04/06/2017 12:08:58] - |A| - [76624] - C:\WINDOWS\system32\Drivers\vmbkmcl.sys
[MD5.D9836B0AE116F48666DC51852741DB65] - [04/06/2017 12:09:29] - |A| - [84480] - C:\WINDOWS\system32\Drivers\vmbkmclr.sys
[MD5.4F9E40AEC46C491A32A6734A78124CC5] - [04/06/2017 12:08:28] - |A| - [102736] - C:\WINDOWS\system32\Drivers\vmbus.sys
[MD5.DCCEB3DA0D39EACBD6C59B5CEDA2CB6C] - [04/06/2017 12:08:28] - |A| - [25088] - C:\WINDOWS\system32\Drivers\VMBusHID.sys
[MD5.13319EC859C7185A945D2D6E4EE8A00C] - [04/06/2017 12:08:28] - |A| - [13312] - C:\WINDOWS\system32\Drivers\vmgencounter.sys
[MD5.7A09707F80CE9BA2BD9AA772FE3791B2] - [04/06/2017 12:08:28] - |A| - [10240] - C:\WINDOWS\system32\Drivers\vmgid.sys
[MD5.05F522D5DE0249A83AC936AD13CFC014] - [04/06/2017 12:08:28] - |A| - [9216] - C:\WINDOWS\system32\Drivers\vms3cap.sys
[MD5.DA9110A7D3BBC128E43787AD06A1967B] - [04/06/2017 12:08:28] - |A| - [43344] - C:\WINDOWS\system32\Drivers\vmstorfl.sys
[MD5.98D1F3BBE73CE7050214750455EAF4B0] - [04/06/2017 12:08:35] - |A| - [79696] - C:\WINDOWS\system32\Drivers\volmgr.sys
[MD5.E7144B5088F4CF2150C1416C7EB7DC71] - [04/06/2017 12:10:00] - |A| - [370512] - C:\WINDOWS\system32\Drivers\volmgrx.sys
[MD5.4238A38D8A5E59AB4525EFF2EAE6DE17] - [04/06/2017 12:10:42] - |A| - [408912] - C:\WINDOWS\system32\Drivers\volsnap.sys
[MD5.71DD1C23F7D52B356E4D5E4BF5174D7E] - [04/06/2017 12:08:35] - |A| - [12112] - C:\WINDOWS\system32\Drivers\volume.sys
[MD5.9C2D9BDFCC75261EE79433ED62FEA222] - [04/06/2017 12:08:28] - |A| - [70992] - C:\WINDOWS\system32\Drivers\vpci.sys
[MD5.06090D294B1276AA00D868496CABDF54] - [04/06/2017 12:08:35] - |A| - [162640] - C:\WINDOWS\system32\Drivers\vsmraid.sys
[MD5.57065D5B980DBC84172B173F861C4768] - [04/06/2017 12:08:35] - |A| - [301392] - C:\WINDOWS\system32\Drivers\VSTXRAID.SYS
[MD5.B7A9D52DE8832CE4B521C17BB97CCAB2] - [04/06/2017 12:10:50] - |A| - [27136] - C:\WINDOWS\system32\Drivers\vwifibus.sys
[MD5.8A7ED09A73413F7ECA9B0D3F3CF17E83] - [04/06/2017 12:10:50] - |A| - [77824] - C:\WINDOWS\system32\Drivers\vwififlt.sys
[MD5.10A24E27A8FB6F9869AA0B469C36CBB5] - [04/06/2017 12:10:50] - |A| - [40448] - C:\WINDOWS\system32\Drivers\vwifimp.sys
[MD5.9B0AEF1C16B89A801EEC9DC800DD81C5] - [04/06/2017 12:08:33] - |A| - [30720] - C:\WINDOWS\system32\Drivers\wacompen.sys
[MD5.BC393F15C723B7B0D7693F13ABB55A4A] - [04/06/2017 12:10:32] - |A| - [81408] - C:\WINDOWS\system32\Drivers\wanarp.sys
[MD5.574760C252C00A93D641A87971EDE84C] - [04/06/2017 12:09:29] - |A| - [56832] - C:\WINDOWS\system32\Drivers\watchdog.sys
[MD5.B58DBDDC9A8EF5E149FF9031AD97CFA1] - [04/06/2017 12:09:37] - |A| - [140112] - C:\WINDOWS\system32\Drivers\wcifs.sys
[MD5.BD0596172E4B55647C9FA3DFA43C245B] - [04/06/2017 12:09:37] - |A| - [73216] - C:\WINDOWS\system32\Drivers\wcnfs.sys
[MD5.A853FEE5638881E58E157C20FCA681A0] - [04/06/2017 12:08:57] - |A| - [40832] - C:\WINDOWS\system32\Drivers\WdBoot.sys
[MD5.E7F9A634C14C81F47F3074AFAF5FBF60] - [04/06/2017 12:09:58] - |A| - [892752] - C:\WINDOWS\system32\Drivers\Wdf01000.sys
[MD5.AC7E343D1BF52B7F2A1AF1A68F5AAFE9] - [04/06/2017 12:08:57] - |A| - [297296] - C:\WINDOWS\system32\Drivers\WdFilter.sys
[MD5.053BB901DACD23B1DFA00F4803C16482] - [04/06/2017 12:09:58] - |A| - [50512] - C:\WINDOWS\system32\Drivers\WdfLdr.sys
[MD5.18EC2E64FB8C44AC996031DD3007633A] - [04/06/2017 12:10:49] - |A| - [765952] - C:\WINDOWS\system32\Drivers\WdiWiFi.sys
[MD5.7D95AC0AD817AAF5BD418F02FDD0773C] - [04/06/2017 12:08:57] - |A| - [116560] - C:\WINDOWS\system32\Drivers\WdNisDrv.sys
[MD5.939B6C56013D68979445F94E3865EB43] - [04/06/2017 12:09:55] - |A| - [41296] - C:\WINDOWS\system32\Drivers\werkernel.sys
[MD5.5452B36761252D2AC8B24345039150FB] - [04/06/2017 12:09:30] - |A| - [161104] - C:\WINDOWS\system32\Drivers\wfplwfs.sys
[MD5.EFE766FBA2B3E356EA15AA882D48BDE5] - [04/06/2017 12:09:54] - |A| - [31568] - C:\WINDOWS\system32\Drivers\wimmount.sys
[MD5.CD67F4AB1321F5D5C11704E7446AE99F] - [04/06/2017 12:09:37] - |A| - [65920] - C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
[MD5.8C514E60DE5430D66197CB8FE212BB5C] - [04/06/2017 12:08:46] - |A| - [13696] - C:\WINDOWS\system32\Drivers\WindowsTrustedRTProxy.sys
[MD5.411CB51E071513D37DBB1939AAC2EF74] - [04/06/2017 12:08:57] - |A| - [27472] - C:\WINDOWS\system32\Drivers\winhv.sys
[MD5.6D3B146AB248B877F725C8DC4AE86C0C] - [04/06/2017 12:09:21] - |A| - [64512] - C:\WINDOWS\system32\Drivers\winhvr.sys
[MD5.A3EFE1CDD2DABC01B7D3A5B124122656] - [04/06/2017 12:08:35] - |A| - [27984] - C:\WINDOWS\system32\Drivers\winmad.sys
[MD5.260FE4E9BF5E78FAEE84C810A6883D91] - [04/06/2017 12:08:57] - |A| - [218624] - C:\WINDOWS\system32\Drivers\winnat.sys
[MD5.02A9C1265F7D51B55CFA3832E32306F8] - [04/06/2017 12:08:46] - |A| - [92160] - C:\WINDOWS\system32\Drivers\winusb.sys
[MD5.2781033418EA75EEF75A2D5FBD7202F6] - [04/06/2017 12:08:35] - |A| - [60752] - C:\WINDOWS\system32\Drivers\winverbs.sys
[MD5.6670FF7C15E0DEA17441A5B92AFE7F60] - [04/06/2017 12:08:35] - |A| - [18432] - C:\WINDOWS\system32\Drivers\wmiacpi.sys
[MD5.494521BAE2195F4A4BDC6535256B58EC] - [04/06/2017 12:09:57] - |A| - [16208] - C:\WINDOWS\system32\Drivers\wmilib.sys
[MD5.F712E87256449673738BDD0931B7BCE8] - [04/06/2017 12:09:49] - |A| - [204624] - C:\WINDOWS\system32\Drivers\wof.sys
[MD5.D4472B7029FB36B2B1DAAC383929E844] - [04/06/2017 12:09:08] - |A| - [25936] - C:\WINDOWS\system32\Drivers\WpdUpFltr.sys
[MD5.698C02BCBB2FCE2B03BD52EF894478DD] - [04/06/2017 12:09:57] - |A| - [28496] - C:\WINDOWS\system32\Drivers\WppRecorder.sys
[MD5.02A85633753B39D37DFEB08C4743C3B7] - [04/06/2017 12:10:44] - |A| - [23040] - C:\WINDOWS\system32\Drivers\ws2ifsl.sys
[MD5.21E1D4BFC296AB411C89799413546D5E] - [04/06/2017 12:10:16] - |A| - [114688] - C:\WINDOWS\system32\Drivers\WUDFPf.sys
[MD5.D89F342FD46308A27356C1D1EC732DFC] - [04/06/2017 12:10:16] - |A| - [259072] - C:\WINDOWS\system32\Drivers\WUDFRd.sys
[MD5.E9A80C0509C877123051C1A0E0245365] - [04/06/2017 12:08:45] - |A| - [281088] - C:\WINDOWS\system32\Drivers\xboxgip.sys
[MD5.ACF742013C68423FE0F32BD6EE66E829] - [04/06/2017 12:08:45] - |A| - [46592] - C:\WINDOWS\system32\Drivers\xinputhid.sys
[MD5.ACE1C1B342D9CAD7102AE23C186ABBCE] - [04/06/2017 12:08:45] - |A| - [98816] - C:\WINDOWS\system32\Drivers\xusb22.sys
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:45] - |D| - [0] - C:\WINDOWS\syswow64\0409
[MD5.0A0FEB9EB28BDE8CD835716343B03B14] - [04/06/2017 12:11:11] - |A| - [2151] - C:\WINDOWS\syswow64\12520437.cpx
[MD5.D69AE057CD82D04EE7D311809ABEFB2A] - [04/06/2017 12:11:11] - |A| - [2233] - C:\WINDOWS\syswow64\12520850.cpx
[MD5.82C37C3E27020AF6C2E018E944284676] - [04/06/2017 12:10:59] - |A| - [308] - C:\WINDOWS\syswow64\@AudioToastIcon.png
[MD5.495C1F072039B434827A5FE0D9761E4D] - [04/06/2017 12:11:00] - |A| - [330] - C:\WINDOWS\syswow64\@EnrollmentToastIcon.png
[MD5.1622DE67156496C78D6B7BE9B471645B] - [04/06/2017 12:11:23] - |A| - [404] - C:\WINDOWS\syswow64\@VpnToastIcon.png
[MD5.B74F679DAE0777252A4EC29A86635F8D] - [04/06/2017 12:10:53] - |A| - [920064] - C:\WINDOWS\syswow64\aadtb.dll
[MD5.47C24C7C7907C47A51216F6D239360FE] - [04/06/2017 12:11:08] - |A| - [262656] - C:\WINDOWS\syswow64\AboveLockAppHost.dll
[MD5.A720E51849F353784B503C1978C2AB7A] - [04/06/2017 12:10:59] - |A| - [3798528] - C:\WINDOWS\syswow64\accessibilitycpl.dll
[MD5.3116D106129146958FCD7D73995927BE] - [05/06/2017 08:59:13] - |A| - [215040] - C:\WINDOWS\syswow64\accountaccessor.dll
[MD5.3933A6C2631D13846117F16E7A6DBD27] - [05/06/2017 08:59:13] - |A| - [363520] - C:\WINDOWS\syswow64\AccountsRt.dll
[MD5.CF7D57E20D4D320BB99372DBED007F46] - [04/06/2017 12:11:23] - |A| - [2413568] - C:\WINDOWS\syswow64\AcGenral.dll
[MD5.9A12DEDF42D7F3CAA4BAD9D90A226B46] - [04/06/2017 12:11:23] - |A| - [328704] - C:\WINDOWS\syswow64\AcLayers.dll
[MD5.9EB6C89239048AA693709728AF89D315] - [04/06/2017 12:11:00] - |A| - [9216] - C:\WINDOWS\syswow64\acledit.dll
[MD5.F83EF6BF1662034954BE777DBA449F22] - [04/06/2017 12:11:00] - |A| - [5388800] - C:\WINDOWS\syswow64\aclui.dll
[MD5.2975C1B2294F360DB368643383788740] - [04/06/2017 12:11:00] - |A| - [53248] - C:\WINDOWS\syswow64\acppage.dll
[MD5.FA94C9271F10960D42F509880B66CD8D] - [04/06/2017 12:11:23] - |A| - [486400] - C:\WINDOWS\syswow64\AcSpecfc.dll
[MD5.E05C9D579FD335E0FF79DD0DD241F041] - [04/06/2017 12:11:07] - |A| - [266752] - C:\WINDOWS\syswow64\ActionCenter.dll
[MD5.07B2B09F50B81331DA1A82A4D5A62F97] - [04/06/2017 12:11:08] - |A| - [541184] - C:\WINDOWS\syswow64\ActionCenterCPL.dll
[MD5.E11D553BC334BC5BC303304737F4AAAC] - [04/06/2017 12:10:53] - |A| - [30720] - C:\WINDOWS\syswow64\ActivationClient.dll
[MD5.32733353C81B7C2C1C758773ACCAD85B] - [04/06/2017 12:10:53] - |A| - [439808] - C:\WINDOWS\syswow64\ActivationManager.dll
[MD5.A59AE5FD9A53D13CF181804BBB683666] - [04/06/2017 12:11:00] - |A| - [223232] - C:\WINDOWS\syswow64\activeds.dll
[MD5.97B757EC82176F424925FDC7B34E99A6] - [04/06/2017 12:11:00] - |A| - [112128] - C:\WINDOWS\syswow64\activeds.tlb
[MD5.89A0A7B8534BCBDC539DA5F17F4B4467] - [05/06/2017 08:59:13] - |A| - [1548288] - C:\WINDOWS\syswow64\ActiveSyncProvider.dll
[MD5.FFABDE84EA6C6CEEF1A8678ABDB68983] - [04/06/2017 12:11:08] - |A| - [262656] - C:\WINDOWS\syswow64\actxprxy.dll
[MD5.7A561E9295C1E4D0BC71B4C520598F5A] - [04/06/2017 12:11:26] - |A| - [31232] - C:\WINDOWS\syswow64\AcWinRT.dll
[MD5.6F4D94AE41E2DDCD35E47C153B68F80D] - [04/06/2017 12:11:13] - |A| - [38400] - C:\WINDOWS\syswow64\acwow64.dll
[MD5.500270F057AC68385EEF6A4020C8BC67] - [04/06/2017 12:11:23] - |A| - [87552] - C:\WINDOWS\syswow64\AcXtrnal.dll
[MD5.03AA8CA6396A799B57F591CFFEB6B763] - [04/06/2017 12:10:53] - |A| - [38400] - C:\WINDOWS\syswow64\AdaptiveCards.dll
[MD5.6E6C4D81D4E6C95EC9A62522E1D20B8C] - [04/06/2017 12:10:53] - |A| - [53248] - C:\WINDOWS\syswow64\AddressParser.dll
[MD5.7F8DB7BC3195CD9198662DD87A19F8D2] - [04/06/2017 12:11:52] - |A| - [449024] - C:\WINDOWS\syswow64\AdmTmpl.dll
[MD5.124AC751F315920640D436E3E4FF570E] - [04/06/2017 12:11:03] - |A| - [50176] - C:\WINDOWS\syswow64\adprovider.dll
[MD5.0E9D89157FED0FA8C6FE2375BBCA8417] - [04/06/2017 12:11:48] - |A| - [98304] - C:\WINDOWS\syswow64\adrclient.dll
[MD5.3E9B2306E93B0EE40C44F2DD35F5017D] - [04/06/2017 12:10:57] - |A| - [204800] - C:\WINDOWS\syswow64\adsldp.dll
[MD5.0FD41A3A32C0171455C3F7E79A390ABB] - [04/06/2017 12:11:00] - |A| - [218112] - C:\WINDOWS\syswow64\adsldpc.dll
[MD5.DF7DFCFB7C74B823D542B4B9A08F4CF3] - [04/06/2017 12:10:59] - |A| - [89088] - C:\WINDOWS\syswow64\adsmsext.dll
[MD5.10C17CF4E8228E1AAA5B6ACA019899D8] - [04/06/2017 12:11:00] - |A| - [294912] - C:\WINDOWS\syswow64\adsnt.dll
[MD5.371444B2C65A04E8AAD6D02829261C5E] - [04/06/2017 12:11:28] - |A| - [827392] - C:\WINDOWS\syswow64\adtschema.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 10:16:48] - |D| - [2044240] - C:\WINDOWS\syswow64\AdvancedInstallers
[MD5.F1583DE6AF8B26D18BE45DFF243D693C] - [04/06/2017 12:11:28] - |A| - [473672] - C:\WINDOWS\syswow64\advapi32.dll
[MD5.B09A464CED1CF0FAB2EA5645FE92904A] - [04/06/2017 12:11:28] - |A| - [2560] - C:\WINDOWS\syswow64\advapi32res.dll
[MD5.47991B4607EEFD545F4FBF5D11438CA1] - [04/06/2017 12:11:05] - |A| - [120320] - C:\WINDOWS\syswow64\advpack.dll
[MD5.C6D4FFD29F74F0E973B7C74DA3CE56C4] - [04/06/2017 12:11:02] - |A| - [30720] - C:\WINDOWS\syswow64\aeevts.dll
[MD5.89DDA57DA7D6562445284AF4CDF73905] - [04/06/2017 12:11:02] - |A| - [246608] - C:\WINDOWS\syswow64\aepic.dll
[MD5.41B39F1650CF11B3233BC6C240A8E993] - [05/06/2017 08:58:25] - |A| - [18944] - C:\WINDOWS\syswow64\amcompat.tlb
[MD5.5C0A7C3440666A5162A4D583CCF58EF8] - [04/06/2017 12:10:56] - |A| - [50176] - C:\WINDOWS\syswow64\amsi.dll
[MD5.F6DD253ED5843617F3A7C7FC4D74F2B8] - [04/06/2017 12:10:53] - |A| - [82432] - C:\WINDOWS\syswow64\amstream.dll
[MD5.4A2AA8CD0D9D3A12FE769E933279412E] - [04/06/2017 12:11:28] - |A| - [19456] - C:\WINDOWS\syswow64\AnalogCommonProxyStub.dll
[MD5.5B0559DD6485DAFE586EA7BDFA02256C] - [04/06/2017 12:11:05] - |A| - [211968] - C:\WINDOWS\syswow64\apds.dll
[MD5.FF9A7C05511BE5644A185C1268F54815] - [05/06/2017 08:59:13] - |A| - [48640] - C:\WINDOWS\syswow64\APHostClient.dll
[MD5.0540AA52D1DD9406D22C0F7A0DF7D190] - [04/06/2017 12:10:53] - |A| - [68096] - C:\WINDOWS\syswow64\ApiSetHost.AppExecutionAlias.dll
[MD5.6D6A4EB4383CCF1B2CE97261C2F66D4C] - [04/06/2017 12:10:53] - |A| - [83968] - C:\WINDOWS\syswow64\AppCapture.dll
[MD5.5FD85111F7ECCB18BF398E4E40B821D0] - [04/06/2017 12:10:53] - |A| - [709120] - C:\WINDOWS\syswow64\AppContracts.dll
[MD5.65592DE2DEE81D95D6FFADE086C7D4AB] - [04/06/2017 12:10:56] - |A| - [140288] - C:\WINDOWS\syswow64\AppExtension.dll
[MD5.1B9EDE5B085D815FBE0A710EF0666C74] - [04/06/2017 12:10:59] - |A| - [594432] - C:\WINDOWS\syswow64\apphelp.dll
[MD5.74418A363EB20C9EFC1A0883ED9C1B17] - [04/06/2017 12:11:00] - |A| - [30720] - C:\WINDOWS\syswow64\Apphlpdm.dll
[MD5.A7A8BA7AAA26FC814E6FA04CC1B99611] - [04/06/2017 12:11:00] - |A| - [48072] - C:\WINDOWS\syswow64\appidapi.dll
[MD5.F1BCDCF8649BB58465243AD3EB1C3F97] - [04/06/2017 12:11:52] - |A| - [285184] - C:\WINDOWS\syswow64\AppIdPolicyEngineApi.dll
[MD5.E4A73442CA654831977EF6EAE87EA149] - [04/06/2017 12:11:00] - |A| - [20480] - C:\WINDOWS\syswow64\appidtel.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\syswow64\AppLocker
[MD5.9A201D3299007CA3A94980D3A96DF4EC] - [04/06/2017 12:11:00] - |A| - [233984] - C:\WINDOWS\syswow64\AppLockerCSP.dll
[MD5.0A661C8600E64C968E6FC84DB6E1B1A0] - [04/06/2017 12:11:53] - |A| - [132608] - C:\WINDOWS\syswow64\AppManagementConfiguration.dll
[MD5.781FBC1014B638211E04C1B073622833] - [04/06/2017 12:11:51] - |A| - [163840] - C:\WINDOWS\syswow64\appmgmts.dll
[MD5.5EED9AF0B9B8D80F4673C9E379BC76ED] - [04/06/2017 12:11:52] - |A| - [365568] - C:\WINDOWS\syswow64\appmgr.dll
[MD5.C04B6E1AB3F38D517EEF2C42C6D7FB2B] - [04/06/2017 12:10:53] - |A| - [126976] - C:\WINDOWS\syswow64\AppointmentActivation.dll
[MD5.ADACA496512290ECF0AC54F5117F9771] - [04/06/2017 12:10:53] - |A| - [679424] - C:\WINDOWS\syswow64\AppointmentApis.dll
[MD5.2C1D4580960B3507DD37A57CE45DF6D8] - [04/06/2017 12:10:59] - |A| - [10752] - C:\WINDOWS\syswow64\apprepapi.dll
[MD5.E13AF20537CD039ECAEB0524F0A6E8CD] - [04/06/2017 12:11:00] - |A| - [560920] - C:\WINDOWS\syswow64\AppResolver.dll
[MD5.548A28E31B0C5FCE054B3954EE3A616F] - [04/06/2017 12:11:53] - |A| - [22864] - C:\WINDOWS\syswow64\AppVClientPS.dll
[MD5.42634D3B9A5256F3B841A8282530580A] - [04/06/2017 12:11:53] - |A| - [1487696] - C:\WINDOWS\syswow64\AppVEntSubsystems32.dll
[MD5.B41EA0F9E971A1FF567DE12E9B444C56] - [04/06/2017 12:11:53] - |A| - [9552] - C:\WINDOWS\syswow64\AppVSentinel.dll
[MD5.FEC054EDD09CC0E30C9AA2F2BC9E9D72] - [04/06/2017 12:11:53] - |A| - [14160] - C:\WINDOWS\syswow64\AppVTerminator.dll
[MD5.713B45C0956F0666EDF6CEAF0B3805B3] - [04/06/2017 12:11:03] - |A| - [754688] - C:\WINDOWS\syswow64\appwiz.cpl
[MD5.6DAF2AB3A188AEAE8AB6834E78D26182] - [04/06/2017 12:11:13] - |A| - [191824] - C:\WINDOWS\syswow64\AppxAllUserStore.dll
[MD5.4ADD33352CF5C0847153B3ED22CFC640] - [04/06/2017 12:10:56] - |A| - [547840] - C:\WINDOWS\syswow64\AppxApplicabilityEngine.dll
[MD5.8154679462F3D3AE5ADDFEBA7BF0F2AF] - [04/06/2017 12:10:57] - |A| - [528408] - C:\WINDOWS\syswow64\AppXDeploymentClient.dll
[MD5.3D006A36DE94579104EC3C24BF690B2B] - [04/06/2017 12:10:56] - |A| - [1231696] - C:\WINDOWS\syswow64\AppxPackaging.dll
[MD5.331C418378E2F0B02E0EBC968006986C] - [04/06/2017 12:11:13] - |A| - [2778] - C:\WINDOWS\syswow64\AppxProvisioning.xml
[MD5.D71BC4912645B5EB5A575B99304E53B8] - [04/06/2017 12:10:57] - |A| - [159232] - C:\WINDOWS\syswow64\AppxSip.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [261120] - C:\WINDOWS\syswow64\ar-SA
[MD5.5ED71C4DA152CBC3169D83862C44AC3E] - [04/06/2017 12:10:59] - |A| - [22528] - C:\WINDOWS\syswow64\ARP.EXE
[MD5.E2D69429996220EC7E160012A04E0851] - [04/06/2017 12:09:13] - |A| - [2560] - C:\WINDOWS\syswow64\asferror.dll
[MD5.8A9E0B82EBC4D59E3839D3DBC4E1A26B] - [04/06/2017 12:13:09] - |A| - [29376] - C:\WINDOWS\syswow64\aspnet_counters.dll
[MD5.015FB69968D501094BC02EC77EB9976E] - [04/06/2017 12:11:21] - |A| - [78336] - C:\WINDOWS\syswow64\asycfilt.dll
[MD5.B99D88DFA577BC972746D01D52409D4A] - [04/06/2017 12:11:26] - |A| - [25088] - C:\WINDOWS\syswow64\at.exe
[MD5.9D9E3037EDE0944DC1AE0B9887C5BA32] - [04/06/2017 12:10:59] - |A| - [48128] - C:\WINDOWS\syswow64\AtBroker.exe
[MD5.9BB0AF67972068BFCA3ACD4CC13421F1] - [04/06/2017 12:11:26] - |A| - [83456] - C:\WINDOWS\syswow64\atl.dll
[MD5.C564C09CDC6CC1D0ACA46DBA6A2A2C0E] - [04/06/2017 12:10:56] - |A| - [37376] - C:\WINDOWS\syswow64\atlthunk.dll
[MD5.EBE64106906E195AE219C8EED9D5A047] - [04/06/2017 12:11:03] - |A| - [306512] - C:\WINDOWS\syswow64\atmfd.dll
[MD5.007172651BFDD215EB4854D9B19B50F4] - [04/06/2017 12:11:03] - |A| - [38912] - C:\WINDOWS\syswow64\atmlib.dll
[MD5.0419BFA33C55ADD42F71EB3BB4ACFC50] - [04/06/2017 12:11:00] - |A| - [19456] - C:\WINDOWS\syswow64\attrib.exe
[MD5.FF02326DD8270EB2FD2480425E64AA25] - [04/06/2017 12:09:13] - |A| - [246272] - C:\WINDOWS\syswow64\audiodev.dll
[MD5.A5CC7C881BC6A73FA7CFCDD460CCEE25] - [04/06/2017 12:10:53] - |A| - [1254616] - C:\WINDOWS\syswow64\AudioEng.dll
[MD5.DB7076C853061E76AE1B05A58088FFEE] - [04/06/2017 12:10:53] - |A| - [375048] - C:\WINDOWS\syswow64\AUDIOKSE.dll
[MD5.52AF8AC2A36DF82A5E307087CFD668D1] - [04/06/2017 12:10:53] - |A| - [931336] - C:\WINDOWS\syswow64\AudioSes.dll
[MD5.7DCB53B915C7D7DA2FA92BBDB6ED70D3] - [04/06/2017 12:11:52] - |A| - [220672] - C:\WINDOWS\syswow64\AuditNativeSnapIn.dll
[MD5.ABCC77A433E45CA341564D991C6C4678] - [04/06/2017 12:11:00] - |A| - [28672] - C:\WINDOWS\syswow64\auditpol.exe
[MD5.D37BF0CC84070923E7EFB1A65EE0EFB6] - [04/06/2017 12:11:00] - |A| - [55296] - C:\WINDOWS\syswow64\auditpolcore.dll
[MD5.2202B39D73C43004C1AF26373FAF0095] - [04/06/2017 12:11:52] - |A| - [56320] - C:\WINDOWS\syswow64\AuditPolicyGPInterop.dll
[MD5.6185367EFDE88F462B47C13B894E1383] - [04/06/2017 12:11:52] - |A| - [95744] - C:\WINDOWS\syswow64\auditpolmsg.dll
[MD5.4A45EC197DF633F761B28D89148D6504] - [04/06/2017 12:10:56] - |A| - [163328] - C:\WINDOWS\syswow64\AuthBroker.dll
[MD5.33D26A6FC699229817B0356A7C4C12D1] - [04/06/2017 12:11:26] - |A| - [94720] - C:\WINDOWS\syswow64\AuthBrokerUI.dll
[MD5.8561C0958DDFA6BE3E3480961B7D120A] - [04/06/2017 12:11:23] - |A| - [54272] - C:\WINDOWS\syswow64\AuthExt.dll
[MD5.3DF4E344CD6013BFF58700579450ECAA] - [04/06/2017 12:11:21] - |A| - [351744] - C:\WINDOWS\syswow64\authfwcfg.dll
[MD5.4F2F5BF63F4487C1C86FE2D0A1B1709B] - [04/06/2017 12:11:07] - |A| - [301056] - C:\WINDOWS\syswow64\AuthFWGP.dll
[MD5.3B7017792EB224727D92E4DC7E7D49A9] - [04/06/2017 12:11:07] - |A| - [5101056] - C:\WINDOWS\syswow64\AuthFWSnapin.dll
[MD5.F20B208C6C6BCCCFE8AC67AFFD79DAE3] - [04/06/2017 12:11:07] - |A| - [112640] - C:\WINDOWS\syswow64\AuthFWWizFwk.dll
[MD5.6C48DE28E71420536D3B7C7F0347584B] - [04/06/2017 12:11:26] - |A| - [457216] - C:\WINDOWS\syswow64\authui.dll
[MD5.C1DDD4DD227B0C150224C9BA7165C477] - [04/06/2017 12:11:05] - |A| - [184832] - C:\WINDOWS\syswow64\authz.dll
[MD5.545DB84BEDBA940EE9BC77735D0B41A8] - [04/06/2017 12:11:02] - |A| - [892416] - C:\WINDOWS\syswow64\autochk.exe
[MD5.CEC7199D836E02D44618597FEA9E9759] - [04/06/2017 12:11:00] - |A| - [875520] - C:\WINDOWS\syswow64\autoconv.exe
[MD5.AF564B145DE4684EAD0AC6F18ED5A5A0] - [04/06/2017 12:11:02] - |A| - [851456] - C:\WINDOWS\syswow64\autofmt.exe
[MD5.EA2C9CF8EE45FC37D06E9C94160B2279] - [04/06/2017 12:11:05] - |A| - [151040] - C:\WINDOWS\syswow64\autoplay.dll
[MD5.8B3F131E68F50124EEE3B6AA69F8C85E] - [04/06/2017 12:10:53] - |A| - [69632] - C:\WINDOWS\syswow64\avicap32.dll
[MD5.7E06D1DB14B5C6484C2CFAB63752DCDC] - [04/06/2017 12:10:53] - |A| - [98304] - C:\WINDOWS\syswow64\avifil32.dll
[MD5.0D0EE44B8A33FCDE5DD0FBE08C224230] - [04/06/2017 12:10:53] - |A| - [23248] - C:\WINDOWS\syswow64\avrt.dll
[MD5.C5B3E109B3B88B0CC420304EA7BF6B70] - [04/06/2017 12:11:21] - |A| - [41587] - C:\WINDOWS\syswow64\azman.msc
[MD5.4F450632133C2DE3FCBC4BAB76A74E7F] - [04/06/2017 12:11:00] - |A| - [781312] - C:\WINDOWS\syswow64\azroles.dll
[MD5.C743EAD4B18EEF2E1A724949CD66DF02] - [04/06/2017 12:11:21] - |A| - [332288] - C:\WINDOWS\syswow64\azroleui.dll
[MD5.6DC5F2D0B578EA017D50A6648CBCB076] - [04/06/2017 12:11:00] - |A| - [25600] - C:\WINDOWS\syswow64\AzSqlExt.dll
[MD5.F97321A56EC19EE661A3D7F4CAF1A05C] - [04/06/2017 12:10:56] - |A| - [1275392] - C:\WINDOWS\syswow64\AzureSettingSyncProvider.dll
[MD5.21C7CC5FAB276FB1456D30C8AC489051] - [04/06/2017 12:10:59] - |A| - [57856] - C:\WINDOWS\syswow64\BackgroundMediaPolicy.dll
[MD5.4E241925DB047DC645607CAB28B73300] - [04/06/2017 12:10:57] - |A| - [13648] - C:\WINDOWS\syswow64\backgroundTaskHost.exe
[MD5.2CAE2DD0100897D8AD8AF030564D8738] - [04/06/2017 12:10:56] - |A| - [34816] - C:\WINDOWS\syswow64\BackgroundTransferHost.exe
[MD5.091C34146A8A4E071429B69B6C7681DF] - [04/06/2017 12:11:13] - |A| - [12288] - C:\WINDOWS\syswow64\BamSettingsClient.dll
[MD5.B81526785741FD336FCDD9D7934CC291] - [04/06/2017 12:11:23] - |A| - [176976] - C:\WINDOWS\syswow64\basecsp.dll
[MD5.61BD6556A6C7697D32DCB213E89E286F] - [04/06/2017 12:11:28] - |A| - [1662976] - C:\WINDOWS\syswow64\batmeter.dll
[MD5.255C598163325B42EE775A7395798686] - [04/06/2017 12:10:53] - |A| - [844288] - C:\WINDOWS\syswow64\bcastdvr.exe
[MD5.D2844EBEC6598ED16DF73087F595FD6E] - [04/06/2017 12:10:56] - |A| - [142848] - C:\WINDOWS\syswow64\bcastdvr.proxy.dll
[MD5.CDC0BDD59558F9D5CA3A3D8D6AD973B2] - [04/06/2017 12:10:56] - |A| - [400384] - C:\WINDOWS\syswow64\BcastDVRBroker.dll
[MD5.3D41A13A38D9FAE57E9B459BDD0D870C] - [04/06/2017 12:10:56] - |A| - [257536] - C:\WINDOWS\syswow64\BcastDVRClient.dll
[MD5.E1EF1415D8C71B165E21FE93F1880C23] - [04/06/2017 12:10:56] - |A| - [150528] - C:\WINDOWS\syswow64\BcastDVRCommon.dll
[MD5.9F3F0B139F9CEC1A0B0D05F531FD011E] - [04/06/2017 12:11:28] - |A| - [98136] - C:\WINDOWS\syswow64\bcd.dll
[MD5.3A277CA86E23ADDA99FD9D173E1DB39B] - [04/06/2017 12:10:57] - |A| - [316144] - C:\WINDOWS\syswow64\BCP47Langs.dll
[MD5.3FB6E7EE01AFFF6664613CFD7832B158] - [04/06/2017 12:11:02] - |A| - [92976] - C:\WINDOWS\syswow64\bcrypt.dll
[MD5.5AE1920EB56FFFA4EED803F97B9F208A] - [04/06/2017 12:09:55] - |A| - [346056] - C:\WINDOWS\syswow64\bcryptprimitives.dll
[MD5.E9632624447344FEC88942FD3EA47F1D] - [04/06/2017 12:11:26] - |A| - [76800] - C:\WINDOWS\syswow64\bdaplgin.ax
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [240640] - C:\WINDOWS\syswow64\bg-BG
[MD5.05A7599EDB41D46DBFE234B63C820FF6] - [04/06/2017 12:11:28] - |A| - [54272] - C:\WINDOWS\syswow64\bidispl.dll
[MD5.121F20E4A8B9F8C75EAB8AA29950CAD9] - [04/06/2017 12:10:56] - |A| - [6054912] - C:\WINDOWS\syswow64\BingMaps.dll
[MD5.D205D252E8607B3EF7BC12AF936A9456] - [04/06/2017 12:10:56] - |A| - [610304] - C:\WINDOWS\syswow64\BingOnlineServices.dll
[MD5.7F3860CE33DB2E20B225EB2D06B5B7BC] - [04/06/2017 12:11:00] - |A| - [246272] - C:\WINDOWS\syswow64\BioCredProv.dll
[MD5.05F0801A2446FBD3CB9D84F363E655EB] - [04/06/2017 12:11:06] - |A| - [112640] - C:\WINDOWS\syswow64\BitLockerCsp.dll
[MD5.2C42C35C32A2C5BE9F7DFDB74C71C841] - [04/06/2017 12:10:59] - |A| - [174592] - C:\WINDOWS\syswow64\bitsadmin.exe
[MD5.0FFA7FF4B006F5110224D693EA8CDE11] - [04/06/2017 12:10:53] - |A| - [20992] - C:\WINDOWS\syswow64\bitsperf.dll
[MD5.11C98299A0153B8EC16B29CA675830A4] - [04/06/2017 12:10:56] - |A| - [43520] - C:\WINDOWS\syswow64\BitsProxy.dll
[MD5.476A5391E74A5B12906C0E10E26BBB22] - [04/06/2017 12:10:57] - |A| - [253648] - C:\WINDOWS\syswow64\biwinrt.dll
[MD5.3E7D843E4AB1B01763B7365CA11EC0C3] - [04/06/2017 12:11:02] - |A| - [138752] - C:\WINDOWS\syswow64\BluetoothApis.dll
[MD5.22D9945B4AAE36DD59620A918F2E65F4] - [04/06/2017 12:11:26] - |A| - [3170304] - C:\WINDOWS\syswow64\boot.sdi
[MD5.B91C02BA65C5E89638F5B5C4B85EAEFC] - [04/06/2017 12:10:50] - |A| - [82944] - C:\WINDOWS\syswow64\bootcfg.exe
[MD5.6E340F424C74D76865DD3C9967AB1307] - [04/06/2017 12:11:05] - |A| - [19792] - C:\WINDOWS\syswow64\BOOTVID.DLL
[MD5.405E1EF8E3C88E9BCD2853382BB12430] - [04/06/2017 12:11:23] - |A| - [22984] - C:\WINDOWS\syswow64\bopomofo.uce
[MD5.6E6FFCC00D66B3E04C382D06A613AD73] - [04/06/2017 12:09:17] - |A| - [43008] - C:\WINDOWS\syswow64\browcli.dll
[MD5.E143C3DD1D50B168444594D2FE21B111] - [04/06/2017 12:11:28] - |A| - [124416] - C:\WINDOWS\syswow64\BrowserSettingSync.dll
[MD5.F4FD1FB5015B5FFECB8F358D16F06AFE] - [04/06/2017 12:11:23] - |A| - [11776] - C:\WINDOWS\syswow64\browseui.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [103] - C:\WINDOWS\syswow64\Bthprops
[MD5.4BB2D7654D8B5E35F97B2C607774BFA6] - [04/06/2017 12:11:00] - |A| - [222208] - C:\WINDOWS\syswow64\bthprops.cpl
[MD5.594C467214E7EFF872846312D291C794] - [04/06/2017 12:11:02] - |A| - [28672] - C:\WINDOWS\syswow64\BthTelemetry.dll
[MD5.FC7D5A595743C45E3D05CF21095A2C03] - [04/06/2017 12:11:02] - |A| - [37888] - C:\WINDOWS\syswow64\bthudtask.exe
[MD5.417DC90EC747BBC3E3FF32A630A856D5] - [04/06/2017 12:10:59] - |A| - [117248] - C:\WINDOWS\syswow64\btpanui.dll
[MD5.51287D40BE53ECABD0EE2892D2171B41] - [04/06/2017 12:11:05] - |A| - [54272] - C:\WINDOWS\syswow64\BWContextHandler.dll
[MD5.A69C3FC4B4888A0FF1F5449104CE9BD9] - [04/06/2017 12:10:57] - |A| - [48128] - C:\WINDOWS\syswow64\ByteCodeGenerator.exe
[MD5.2C2E7760CDD59C8EEABC00842CFBF7FA] - [04/06/2017 12:11:05] - |A| - [55808] - C:\WINDOWS\syswow64\cabapi.dll
[MD5.7DED47B163AA41AFE9207F1024FC7E50] - [04/06/2017 12:11:05] - |A| - [115208] - C:\WINDOWS\syswow64\cabinet.dll
[MD5.7766023576C895E61A4326C249C2354E] - [04/06/2017 12:11:05] - |A| - [152576] - C:\WINDOWS\syswow64\cabview.dll
[MD5.9059A7CFA4A7C59F602D617D7A755F69] - [04/06/2017 12:11:25] - |A| - [27648] - C:\WINDOWS\syswow64\cacls.exe
[MD5.E13640457ACCD7703BB9E6419EC6FA39] - [04/06/2017 12:11:21] - |A| - [26112] - C:\WINDOWS\syswow64\calc.exe
[MD5.898AA3120B144DDEF02A2AD197F230C1] - [04/06/2017 12:10:53] - |A| - [81408] - C:\WINDOWS\syswow64\CallButtons.dll
[MD5.18A7D0BFDB206694483A39416A1B87B7] - [04/06/2017 12:10:53] - |A| - [17920] - C:\WINDOWS\syswow64\CallButtons.ProxyStub.dll
[MD5.320BB86030AC726E7B71D0B5F6677977] - [04/06/2017 12:10:53] - |A| - [130048] - C:\WINDOWS\syswow64\CallHistoryClient.dll
[MD5.CAE056D7104FEAD2F3AB0513184C271F] - [04/06/2017 12:10:53] - |A| - [89088] - C:\WINDOWS\syswow64\CameraCaptureUI.dll
[MD5.03650D6A970BF51ADBA64E8F476EE10F] - [04/06/2017 12:09:17] - |A| - [26352] - C:\WINDOWS\syswow64\CameraSettingsUIHost.exe
[MD5.2C277D7CEC66EBB436460AF1BF5A9CE8] - [04/06/2017 12:10:53] - |A| - [28672] - C:\WINDOWS\syswow64\canonurl.dll
[MD5.21FE066E3AE509AF20201878A6B48907] - [04/06/2017 12:10:53] - |A| - [176640] - C:\WINDOWS\syswow64\CapabilityAccessManager.dll
[MD5.2B3F9E4677C02BC23FFFCB02B6DD04AC] - [04/06/2017 12:10:53] - |A| - [262464] - C:\WINDOWS\syswow64\capauthz.dll
[MD5.75DA039CB3DD09AD6CA5489A0F24F822] - [04/06/2017 12:11:03] - |A| - [54272] - C:\WINDOWS\syswow64\capiprovider.dll
[MD5.B9C8A347155196C16BA1AFC91D1A4FFC] - [04/06/2017 12:11:03] - |A| - [19456] - C:\WINDOWS\syswow64\capisp.dll
[MD5.2F257BDE13B1E24BCCF7AACB23969D40] - [04/06/2017 12:10:57] - |A| - [135680] - C:\WINDOWS\syswow64\CastingShellExt.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\syswow64\catroot
[MD5.AEDFD61AB3FC680E07ED2BFBD70F36F2] - [04/06/2017 12:11:05] - |A| - [388096] - C:\WINDOWS\syswow64\catsrv.dll
[MD5.03F21236F42B7C14AB75FA52C46571C5] - [04/06/2017 12:11:05] - |A| - [24064] - C:\WINDOWS\syswow64\catsrvps.dll
[MD5.15EB54675E0F94900451E5EED3A8B981] - [04/06/2017 12:11:05] - |A| - [408576] - C:\WINDOWS\syswow64\catsrvut.dll
[MD5.935F035F0962995C7441452866D65047] - [04/06/2017 12:11:26] - |A| - [74240] - C:\WINDOWS\syswow64\cca.dll
[MD5.C4E45527D5ACA26DB0E67B52DADBFB73] - [04/06/2017 12:11:08] - |A| - [828928] - C:\WINDOWS\syswow64\cdosys.dll
[MD5.98F79C1400BE7F65070043DB1906081D] - [04/06/2017 12:12:58] - |A| - [3749888] - C:\WINDOWS\syswow64\cdp.dll
[MD5.62394DD3D3E6ECF70A531F17B6E4FDB3] - [04/06/2017 12:10:53] - |A| - [721920] - C:\WINDOWS\syswow64\cdprt.dll
[MD5.93253FB70EF04C547221D560173D2D1E] - [04/06/2017 12:10:53] - |A| - [208896] - C:\WINDOWS\syswow64\cemapi.dll
[MD5.482ED341DF5CB193F60B3BB88C6E13E0] - [04/06/2017 12:11:28] - |A| - [34816] - C:\WINDOWS\syswow64\cero.rs
[MD5.3E89824345303EA0893030829BABC9F4] - [04/06/2017 12:10:56] - |A| - [652288] - C:\WINDOWS\syswow64\certca.dll
[MD5.27B94D3792E35B06CB27DBA1549765F3] - [04/06/2017 12:10:53] - |A| - [346624] - C:\WINDOWS\syswow64\certcli.dll
[MD5.C14190190E3A8A1737D65D22F61E251E] - [04/06/2017 12:11:03] - |A| - [430592] - C:\WINDOWS\syswow64\certCredProvider.dll
[MD5.DBAEDBAE90687D9260ABDE3D55A76E12] - [04/06/2017 12:11:21] - |A| - [55808] - C:\WINDOWS\syswow64\certenc.dll
[MD5.FBDF16FE6DBF8326167D9ACCF16911A4] - [04/06/2017 12:10:53] - |A| - [2798592] - C:\WINDOWS\syswow64\CertEnroll.dll
[MD5.61F5453B56D05E6CE880863A984F8857] - [04/06/2017 12:10:53] - |A| - [42496] - C:\WINDOWS\syswow64\CertEnrollCtrl.exe
[MD5.CDC7D8943C56C37F3E7880761FC0AF7C] - [04/06/2017 12:11:23] - |A| - [290304] - C:\WINDOWS\syswow64\CertEnrollUI.dll
[MD5.DCCA682FEA47192106EC4F2001EAE182] - [04/06/2017 12:11:23] - |A| - [63081] - C:\WINDOWS\syswow64\certlm.msc
[MD5.2DCDC86641E0E95E016DE92298C01735] - [04/06/2017 12:11:23] - |A| - [1975808] - C:\WINDOWS\syswow64\certmgr.dll
[MD5.4C7390A1FF613FBBF59141CA0BE8AE89] - [04/06/2017 12:11:23] - |A| - [63070] - C:\WINDOWS\syswow64\certmgr.msc
[MD5.FBA3DB82FE14320783C9525B0831F3DE] - [04/06/2017 12:11:21] - |A| - [49152] - C:\WINDOWS\syswow64\CertPKICmdlet.dll
[MD5.1AB50E06E8A47638DB2C30821DF3EC16] - [04/06/2017 12:10:59] - |A| - [99840] - C:\WINDOWS\syswow64\CertPolEng.dll
[MD5.ECAF7FDA574B7EE4B44EB42C658A58FB] - [04/06/2017 12:11:21] - |A| - [411136] - C:\WINDOWS\syswow64\certreq.exe
[MD5.5808E2DAB289702CF171E7C3C214E309] - [04/06/2017 12:11:21] - |A| - [1172992] - C:\WINDOWS\syswow64\certutil.exe
[MD5.A8A80F646DCC3A73AECE3ADBF62133C5] - [04/06/2017 12:09:13] - |A| - [239104] - C:\WINDOWS\syswow64\cewmdm.dll
[MD5.26CD8B12589A440F6CA9D8D11A1562C6] - [04/06/2017 12:11:23] - |A| - [64000] - C:\WINDOWS\syswow64\cfgbkend.dll
[MD5.443DB92146CAA9CE2E5E2B31ABDE6804] - [04/06/2017 12:11:03] - |A| - [222128] - C:\WINDOWS\syswow64\cfgmgr32.dll
[MD5.BC2C2BB48128B74F5E947784A2E6D251] - [04/06/2017 12:11:03] - |A| - [53760] - C:\WINDOWS\syswow64\cflapi.dll
[MD5.693437E5E111F7F6FB1DED763E962E9B] - [04/06/2017 12:10:53] - |A| - [30544] - C:\WINDOWS\syswow64\cfmifs.dll
[MD5.F1CD8BE2B70383463141F7754D22A1E1] - [04/06/2017 12:10:53] - |A| - [11264] - C:\WINDOWS\syswow64\cfmifsproxy.dll
[MD5.FDFFF32167CEA5A241C48B73606CB7A8] - [04/06/2017 12:09:12] - |A| - [6322176] - C:\WINDOWS\syswow64\Chakra.dll
[MD5.FFC0959666A79BAAB54D6D00351B544C] - [04/06/2017 12:09:12] - |A| - [79360] - C:\WINDOWS\syswow64\Chakradiag.dll
[MD5.7E81D7B780FB822E362B665FECDE14EF] - [04/06/2017 12:09:12] - |A| - [103936] - C:\WINDOWS\syswow64\Chakrathunk.dll
[MD5.B7DAD07153DA8B53815BD9B2B2BC6523] - [04/06/2017 12:11:23] - |A| - [172544] - C:\WINDOWS\syswow64\charmap.exe
[MD5.479C5E3FEBECD2DDDF83ED47A3702591] - [04/06/2017 12:11:00] - |A| - [107520] - C:\WINDOWS\syswow64\chartv.dll
[MD5.94B73B50D32A85BEF12AA9D6DF92E2F0] - [04/06/2017 12:10:53] - |A| - [571904] - C:\WINDOWS\syswow64\ChatApis.dll
[MD5.20F85F11E4455386F70120FB148B24A0] - [04/06/2017 12:11:00] - |A| - [12800] - C:\WINDOWS\syswow64\chcp.com
[MD5.12B4095855A447D06987EDD8676E019C] - [04/06/2017 12:11:21] - |A| - [27648] - C:\WINDOWS\syswow64\CheckNetIsolation.exe
[MD5.6DDF6BF8DAD5D07A53BE48C2666FC5BA] - [04/06/2017 12:11:00] - |A| - [23040] - C:\WINDOWS\syswow64\chkdsk.exe
[MD5.DFF36AB9762ED71EC37463A29D1F60A4] - [04/06/2017 12:11:00] - |A| - [19968] - C:\WINDOWS\syswow64\chkntfs.exe
[MD5.26B7C5C963EC16A2AD3759198C0DC07B] - [04/06/2017 12:11:00] - |A| - [28160] - C:\WINDOWS\syswow64\choice.exe
[MD5.CCEAEFAA4DF2F399E9A179D942FEB23C] - [04/06/2017 12:10:53] - |A| - [167640] - C:\WINDOWS\syswow64\chs_singlechar_pinyin.dat
[MD5.3B3110AD0D7664C8086CB205BC7E05AC] - [04/06/2017 12:11:23] - |A| - [10752] - C:\WINDOWS\syswow64\CHxReadingStringIME.dll
[MD5.F190A1B9DF08871083FAF61FD9FA2D18] - [04/06/2017 12:11:13] - |A| - [160768] - C:\WINDOWS\syswow64\cic.dll
[MD5.6EA9854B7A5B6038F2BB5049723F7454] - [04/06/2017 12:11:08] - |A| - [40448] - C:\WINDOWS\syswow64\cipher.exe
[MD5.43015FEA7AC22F1C9DA15084C96F80C2] - [04/06/2017 12:11:23] - |A| - [15360] - C:\WINDOWS\syswow64\clb.dll
[MD5.296A0C57402185304469FE0E2E3EE4BC] - [04/06/2017 12:11:05] - |A| - [518576] - C:\WINDOWS\syswow64\clbcatq.dll
[MD5.CF06411DE4283723746EB16568753E1E] - [04/06/2017 12:11:00] - |A| - [65536] - C:\WINDOWS\syswow64\cldapi.dll
[MD5.C47792BED87419E6C10249474B61205E] - [04/06/2017 12:11:00] - |A| - [211456] - C:\WINDOWS\syswow64\cleanmgr.exe
[MD5.55D85FA2AB11D9885F77DEA7CB736A61] - [04/06/2017 12:11:00] - |A| - [59392] - C:\WINDOWS\syswow64\clfsw32.dll
[MD5.A3F2B89D7BB3413EC479EA416C6E66F5] - [04/06/2017 12:11:11] - |A| - [79872] - C:\WINDOWS\syswow64\cliconfg.dll
[MD5.D9E5A98BA0F6403EC380459D1C247CD3] - [04/06/2017 12:11:11] - |A| - [29184] - C:\WINDOWS\syswow64\cliconfg.exe
[MD5.9F9BF94CE1A6FF6D88AFC4AD87F92949] - [04/06/2017 12:11:11] - |A| - [37376] - C:\WINDOWS\syswow64\cliconfg.rll
[MD5.89564548A53ED23B98D46FF00834BFC4] - [04/06/2017 12:10:59] - |A| - [24576] - C:\WINDOWS\syswow64\clip.exe
[MD5.865F658917535758CF3D69A94EBC1C10] - [04/06/2017 12:10:56] - |A| - [176640] - C:\WINDOWS\syswow64\ClipboardServer.dll
[MD5.0A29E9A8A654E0F35F02511502167E51] - [04/06/2017 12:10:56] - |A| - [121936] - C:\WINDOWS\syswow64\Clipc.dll
[MD5.E908D5934A1F0910D66C42AED583DDDF] - [04/06/2017 12:11:28] - |A| - [236544] - C:\WINDOWS\syswow64\CloudBackupSettings.dll
[MD5.A2302913FF32FA52637E561FD7C6BF19] - [04/06/2017 12:10:53] - |A| - [343376] - C:\WINDOWS\syswow64\CloudExperienceHostCommon.dll
[MD5.06456D18855DCE6896F9647E870055BD] - [04/06/2017 12:10:53] - |A| - [137040] - C:\WINDOWS\syswow64\CloudExperienceHostUser.dll
[MD5.3D7B7F4EE2CF21221E014E2639459BE9] - [04/06/2017 12:11:28] - |A| - [73376] - C:\WINDOWS\syswow64\CloudNotifications.exe
[MD5.7752009E3BA151582A671E5B5EA7BD53] - [04/06/2017 12:11:28] - |A| - [162232] - C:\WINDOWS\syswow64\CloudStorageWizard.exe
[MD5.DFF43D34FDA88DDB0BBF28E2DC6464E5] - [04/06/2017 12:09:07] - |A| - [15360] - C:\WINDOWS\syswow64\clrhost.dll
[MD5.6ACB0AFF8CD9B974A2031A6D7814E979] - [04/06/2017 12:10:50] - |A| - [681984] - C:\WINDOWS\syswow64\clusapi.dll
[MD5.101DF05A1768219601AB5B20808C2761] - [04/06/2017 12:11:21] - |A| - [32256] - C:\WINDOWS\syswow64\cmcfg32.dll
[MD5.DB9884240CE1B77D538C2F3B276332B5] - [04/06/2017 12:10:59] - |A| - [231936] - C:\WINDOWS\syswow64\cmd.exe
[MD5.5C03FA551D246A48BBED73CBA0D5429A] - [04/06/2017 12:11:00] - |A| - [19968] - C:\WINDOWS\syswow64\cmdext.dll
[MD5.4926EF16EA0B4440FF4D412D44948523] - [04/06/2017 12:11:21] - |A| - [494592] - C:\WINDOWS\syswow64\cmdial32.dll
[MD5.E054A173A1814169E23F068A540F916F] - [04/06/2017 12:11:23] - |A| - [17408] - C:\WINDOWS\syswow64\cmdkey.exe
[MD5.C18D317E43B8D446B5A803DE77E03CB5] - [04/06/2017 12:11:21] - |A| - [47104] - C:\WINDOWS\syswow64\cmdl32.exe
[MD5.7728661AD124CE02223E5FB3D2401300] - [04/06/2017 12:10:59] - |A| - [30208] - C:\WINDOWS\syswow64\cmgrcspps.dll
[MD5.F33674D26B258B7BCAEC2E87B33C7B02] - [04/06/2017 12:11:28] - |A| - [82768] - C:\WINDOWS\syswow64\cmifw.dll
[MD5.7950AEFEAB49FD5294B0A23E8BC7C0A4] - [04/06/2017 12:10:57] - |A| - [28672] - C:\WINDOWS\syswow64\cmintegrator.dll
[MD5.B631FFC8B59B1DDA94A3DA566AFF2FB7] - [04/06/2017 12:11:21] - |A| - [34816] - C:\WINDOWS\syswow64\cmlua.dll
[MD5.0882F025636AE22942655C238029292F] - [04/06/2017 12:11:21] - |A| - [36864] - C:\WINDOWS\syswow64\cmmon32.exe
[MD5.5ACB10928FFC5414490826BB26F9D696] - [04/06/2017 12:11:21] - |A| - [24064] - C:\WINDOWS\syswow64\cmpbk32.dll
[MD5.B59BE8099114C3EE2EE1D605FE5F9F28] - [04/06/2017 12:11:21] - |A| - [82432] - C:\WINDOWS\syswow64\cmstp.exe
[MD5.377BBBD302A07B38C54434EA0E878EFE] - [04/06/2017 12:11:21] - |A| - [16384] - C:\WINDOWS\syswow64\cmstplua.dll
[MD5.EE5B948DDA86D0B7345B587349FD18FE] - [04/06/2017 12:11:21] - |A| - [45568] - C:\WINDOWS\syswow64\cmutil.dll
[MD5.10028319DA2FB089E09842DE8FA7E711] - [04/06/2017 12:11:21] - |A| - [104960] - C:\WINDOWS\syswow64\cngcredui.dll
[MD5.DE1E2A51ECD9A77A9EF93DDE67FC66A8] - [04/06/2017 12:11:03] - |A| - [56832] - C:\WINDOWS\syswow64\cngprovider.dll
[MD5.4653D8E331B5C60A999255D319C2A965] - [04/06/2017 12:11:00] - |A| - [34816] - C:\WINDOWS\syswow64\cnvfat.dll
[MD5.FB172CB51F03A1C8611083E56B995F73] - [04/06/2017 12:11:28] - |A| - [30720] - C:\WINDOWS\syswow64\cob-au.rs
[MD5.E3F3368C298B96F66F0581501F5A5875] - [04/06/2017 12:11:05] - |A| - [69632] - C:\WINDOWS\syswow64\colbact.dll
[MD5.7DD031B210D1986CF5D5E34620BA3BDB] - [04/06/2017 12:09:12] - |A| - [185968] - C:\WINDOWS\syswow64\COLORCNV.DLL
[MD5.29A826CD3E253190B0F6BFB07AA98E26] - [04/06/2017 12:09:12] - |A| - [86528] - C:\WINDOWS\syswow64\colorcpl.exe
[MD5.36198EE4AC4AB5B1969617CE89CA6D7E] - [04/06/2017 12:09:12] - |A| - [601600] - C:\WINDOWS\syswow64\colorui.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [322048] - C:\WINDOWS\syswow64\Com
[MD5.DE300FDFBB5A808F4D206793D91A69D3] - [04/06/2017 12:11:03] - |A| - [2342320] - C:\WINDOWS\syswow64\combase.dll
[MD5.9F6503C7C58623722510502E7BC03F9C] - [04/06/2017 12:11:00] - |A| - [8704] - C:\WINDOWS\syswow64\comcat.dll
[MD5.69A808BE4BD935C0442858A3AB023240] - [04/06/2017 12:11:23] - |A| - [567632] - C:\WINDOWS\syswow64\comctl32.dll
[MD5.22704C9DA671AD6D14C43D98B1A38413] - [04/06/2017 12:11:23] - |A| - [953344] - C:\WINDOWS\syswow64\comdlg32.dll
[MD5.AC27746CE65F3A7A1329BEBA7A64E08F] - [04/06/2017 12:11:05] - |A| - [124118] - C:\WINDOWS\syswow64\comexp.msc
[MD5.68C1662D2BD78BEABB580574A6793933] - [04/06/2017 12:10:57] - |A| - [370512] - C:\WINDOWS\syswow64\coml2.dll
[MD5.B25319E47F1E3DCD15AF68F831DEF329] - [04/06/2017 12:10:50] - |A| - [23552] - C:\WINDOWS\syswow64\comp.exe
[MD5.AD20400AFF90BBF83316BE9ED2DC9276] - [04/06/2017 12:11:05] - |A| - [40448] - C:\WINDOWS\syswow64\compact.exe
[MD5.F04C119C159670C9271623454BEC3254] - [04/06/2017 12:11:05] - |A| - [113256] - C:\WINDOWS\syswow64\compmgmt.msc
[MD5.9A355B75137E8A5F3C384C999CC6DBBC] - [04/06/2017 12:11:18] - |A| - [8960] - C:\WINDOWS\syswow64\compobj.dll
[MD5.51289E84F2694FFBF7FDF49FC25F67B5] - [04/06/2017 12:10:53] - |A| - [53232] - C:\WINDOWS\syswow64\CompPkgSup.dll
[MD5.999A867305570B1921DC2BBC1D6E13A3] - [04/06/2017 12:11:21] - |A| - [288768] - C:\WINDOWS\syswow64\compstui.dll
[MD5.E09429EDB2817DAAF892325136D552E4] - [04/06/2017 12:11:05] - |A| - [64512] - C:\WINDOWS\syswow64\ComputerDefaults.exe
[MD5.17D162218C5B60905C786EA73CF84152] - [04/06/2017 12:11:03] - |A| - [96768] - C:\WINDOWS\syswow64\comrepl.dll
[MD5.AF89EFDD36FA4963CB573F1C7E91F1FA] - [04/06/2017 12:11:05] - |A| - [1295360] - C:\WINDOWS\syswow64\comres.dll
[MD5.CCDA159128C94D54D04B0BE194A2B7A3] - [04/06/2017 12:11:03] - |A| - [229376] - C:\WINDOWS\syswow64\comsnap.dll
[MD5.96ED729C827CBC6D4EF40D4F994704DC] - [04/06/2017 12:11:05] - |A| - [1347072] - C:\WINDOWS\syswow64\comsvcs.dll
[MD5.AF052444EF67CB50FA48942640868DB6] - [04/06/2017 12:11:03] - |A| - [630272] - C:\WINDOWS\syswow64\comuid.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [368289] - C:\WINDOWS\syswow64\config
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |SD| - [54388] - C:\WINDOWS\syswow64\Configuration
[MD5.1D30EF4E853C8991B52187352687EDEE] - [04/06/2017 12:11:23] - |A| - [59904] - C:\WINDOWS\syswow64\ConfigureExpandedStorage.dll
[MD5.DEC6B14435B4C3A4D698BCA0B1680B21] - [04/06/2017 12:11:19] - |A| - [1295360] - C:\WINDOWS\syswow64\connect.dll
[MD5.24AAB9C278FEFDC97E18F98F220E0F68] - [04/06/2017 12:11:05] - |A| - [51200] - C:\WINDOWS\syswow64\ConnectedAccountState.dll
[MD5.0D813BC160A777F1793398606637E5CE] - [04/06/2017 12:11:03] - |A| - [106496] - C:\WINDOWS\syswow64\console.dll
[MD5.9A0A5A50EC8E6DA4316D0368E73D039E] - [04/06/2017 12:10:53] - |A| - [51200] - C:\WINDOWS\syswow64\ContactActivation.dll
[MD5.8D9EED8F46C0BF8F593F4DF57AB7F42E] - [04/06/2017 12:10:53] - |A| - [888320] - C:\WINDOWS\syswow64\ContactApis.dll
[MD5.DC636B927CEA097788A15D9A634A0A16] - [04/06/2017 12:10:59] - |A| - [148992] - C:\WINDOWS\syswow64\container.dll
[MD5.618753189A1A678E050A050D8B4D6DCF] - [04/06/2017 12:10:53] - |A| - [960848] - C:\WINDOWS\syswow64\ContentDeliveryManager.Utilities.dll
[MD5.96A98FEFDB15CCDEB0B4D9DD8D3AC55C] - [04/06/2017 12:11:28] - |A| - [114688] - C:\WINDOWS\syswow64\control.exe
[MD5.C0ED5170C30A78C8F9BE9BCCFAF253C8] - [04/06/2017 12:11:00] - |A| - [19456] - C:\WINDOWS\syswow64\convert.exe
[MD5.2F76E7A7496F2D6833BFAA7448F8EC25] - [04/06/2017 12:11:05] - |A| - [591928] - C:\WINDOWS\syswow64\CoreMessaging.dll
[MD5.548BC4030DA6D0A8CF691F0D48B93199] - [04/06/2017 12:09:12] - |A| - [19968] - C:\WINDOWS\syswow64\CoreMmRes.dll
[MD5.A95DFBC6DA94BB765B52CFA19FC82317] - [04/06/2017 12:11:39] - |A| - [219648] - C:\WINDOWS\syswow64\CoreShellAPI.dll
[MD5.EB67CF813D18FBC91E4309E4799F9D95] - [04/06/2017 12:10:53] - |A| - [2287584] - C:\WINDOWS\syswow64\CoreUIComponents.dll
[MD5.717E4293D0E78E126048EC8CD8980242] - [04/06/2017 12:11:23] - |A| - [219136] - C:\WINDOWS\syswow64\Cortana.Persona.dll
[MD5.906ACE458CCF5DB2A66379DEA3DB5F6E] - [04/06/2017 12:11:21] - |A| - [204288] - C:\WINDOWS\syswow64\CortanaMapiHelper.dll
[MD5.F033B030952D50E07D682A03041AF59D] - [04/06/2017 12:11:21] - |A| - [11776] - C:\WINDOWS\syswow64\CortanaMapiHelper.ProxyStub.dll
[MD5.14E924F6DAFDDC4E1FD7DC4E27CFAE8C] - [04/06/2017 12:11:23] - |A| - [699904] - C:\WINDOWS\syswow64\CPFilters.dll
[MD5.200CD98D08AD258F90329B70D6B2CBDF] - [04/06/2017 12:11:28] - |A| - [36864] - C:\WINDOWS\syswow64\CredentialMigrationHandler.dll
[MD5.AABA7A2162E35F1BC8293D0C1178B695] - [04/06/2017 12:11:03] - |A| - [73728] - C:\WINDOWS\syswow64\CredProv2faHelper.dll
[MD5.392849A5774ACFA30F96EE89C1183008] - [04/06/2017 12:11:03] - |A| - [363520] - C:\WINDOWS\syswow64\CredProvDataModel.dll
[MD5.12C692BA851F7FCE6F80CF16F671738A] - [04/06/2017 12:11:03] - |A| - [214016] - C:\WINDOWS\syswow64\credprovhost.dll
[MD5.20090A00938EC80DBFC892DFC767B210] - [04/06/2017 12:11:03] - |A| - [171520] - C:\WINDOWS\syswow64\credprovs.dll
[MD5.608215B9340CE93ABFDC22AB84C6B3B3] - [04/06/2017 12:11:03] - |A| - [144896] - C:\WINDOWS\syswow64\credprovslegacy.dll
[MD5.ABBD6A6EFA083426BFC1F14773ABFAAF] - [04/06/2017 12:11:23] - |A| - [19456] - C:\WINDOWS\syswow64\credssp.dll
[MD5.A2435FEBBBF9F2939EDBE40D82C9C9E3] - [04/06/2017 12:11:03] - |A| - [35840] - C:\WINDOWS\syswow64\credui.dll
[MD5.5F8F8FF1CF7CB21E1A7E1BC076E33B6A] - [04/06/2017 12:11:21] - |A| - [29696] - C:\WINDOWS\syswow64\credwiz.exe
[MD5.D17A0D5E0B6F95BB133C6DD761EE78FD] - [04/06/2017 12:11:26] - |A| - [149019] - C:\WINDOWS\syswow64\crtdll.dll
[MD5.29CE51ED8F810CDE44125790C0A3C229] - [04/06/2017 12:11:05] - |A| - [1554680] - C:\WINDOWS\syswow64\crypt32.dll
[MD5.BFBAC6A20F825E64E283A4F051D6C990] - [04/06/2017 12:11:28] - |A| - [27416] - C:\WINDOWS\syswow64\cryptbase.dll
[MD5.2E40F450E055AB9AAF2EF2A58175C950] - [04/06/2017 12:11:08] - |A| - [26112] - C:\WINDOWS\syswow64\cryptdlg.dll
[MD5.88E9457A8DB261EE2EFFA31E54699034] - [04/06/2017 12:11:05] - |A| - [53232] - C:\WINDOWS\syswow64\cryptdll.dll
[MD5.99880813E9E75CFA5428A5A0D8B4904F] - [04/06/2017 12:11:03] - |A| - [61952] - C:\WINDOWS\syswow64\cryptext.dll
[MD5.5F8DBA3B3190A3181D56529BD55AB37A] - [04/06/2017 12:11:02] - |A| - [137728] - C:\WINDOWS\syswow64\cryptnet.dll
[MD5.BEFBDCFDE72B485AE4F9D3448A94237B] - [04/06/2017 12:10:56] - |A| - [315392] - C:\WINDOWS\syswow64\cryptngc.dll
[MD5.EE8B0421C03E03AE207922FB4842F627] - [04/06/2017 12:10:53] - |A| - [298496] - C:\WINDOWS\syswow64\CryptoWinRT.dll
[MD5.7668E41C4B00E8754E145D8E2CDE2A95] - [04/06/2017 12:11:02] - |A| - [64088] - C:\WINDOWS\syswow64\cryptsp.dll
[MD5.C5B7CDB9F5B1230D22B2517D81CDC472] - [04/06/2017 12:10:53] - |A| - [45056] - C:\WINDOWS\syswow64\crypttpmeksvc.dll
[MD5.5954F97262B58A74C28E5A4946D40D08] - [04/06/2017 12:11:05] - |A| - [549376] - C:\WINDOWS\syswow64\cryptui.dll
[MD5.35CBAA4698B0F07B7F4F1DD4B0B6A725] - [04/06/2017 12:11:23] - |A| - [365056] - C:\WINDOWS\syswow64\cryptuiwizard.dll
[MD5.FF82A7ED37FFF3E3F8B1C0B0EC823DB8] - [04/06/2017 12:10:57] - |A| - [95024] - C:\WINDOWS\syswow64\cryptxml.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [287232] - C:\WINDOWS\syswow64\cs-CZ
[MD5.456D9980896DD5C8145F0A9FE3157AEB] - [04/06/2017 12:11:21] - |A| - [41984] - C:\WINDOWS\syswow64\cscapi.dll
[MD5.14A8845DE061BD84060055AEE275AA90] - [04/06/2017 12:11:21] - |A| - [22016] - C:\WINDOWS\syswow64\cscdll.dll
[MD5.058FA08EC5148216114860BAF2720E43] - [04/06/2017 12:11:52] - |A| - [211968] - C:\WINDOWS\syswow64\cscobj.dll
[MD5.B7AFE9BB03F5F93510A0C2FBD6E84E2C] - [04/06/2017 12:11:21] - |A| - [142848] - C:\WINDOWS\syswow64\cscript.exe
[MD5.DD8F6E26F8B3493FBC2EE97242921060] - [04/06/2017 12:11:28] - |A| - [43520] - C:\WINDOWS\syswow64\csrr.rs
[MD5.27A8C20ECB8A92F413C39724B33461F5] - [04/06/2017 12:11:26] - |A| - [9728] - C:\WINDOWS\syswow64\ctfmon.exe
[MD5.E790EB2C0D1327E2E20AF397DF8D6ABD] - [04/06/2017 12:11:26] - |A| - [27136] - C:\WINDOWS\syswow64\ctl3d32.dll
[MD5.ECC63EA36A903ED156E2D4E3BC0DBE89] - [04/06/2017 12:11:00] - |A| - [312320] - C:\WINDOWS\syswow64\cttune.exe
[MD5.2F289B6D623EC41C0206E1D59A9628AA] - [04/06/2017 12:10:59] - |A| - [35840] - C:\WINDOWS\syswow64\cttunesvr.exe
[MD5.0D143112394173967A3647096F74E743] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_037.NLS
[MD5.A716B23BA6632B7F0DABB5B8AC078F27] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_10000.NLS
[MD5.157A2706E78D7B581642F6F787EC37E5] - [04/06/2017 12:10:07] - |A| - [162850] - C:\WINDOWS\syswow64\C_10001.NLS
[MD5.05C0B7F8FA403E6DA75671685A58A940] - [04/06/2017 12:10:07] - |A| - [195618] - C:\WINDOWS\syswow64\C_10002.NLS
[MD5.1855E6398A2E937E47809FD8B83647E4] - [04/06/2017 12:10:07] - |A| - [177698] - C:\WINDOWS\syswow64\C_10003.NLS
[MD5.1DBBCC1B712C2674BDF29A05A5DD366E] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_10004.NLS
[MD5.72233F1A1D788A84D4687A258CC97CBF] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_10005.NLS
[MD5.0A206B5CACD3CA70D2044DA691304765] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_10006.NLS
[MD5.AF4A866226BD04ACF06135088D75BB63] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_10007.NLS
[MD5.23C1E8F026FB81824388E8EC457CF75E] - [04/06/2017 12:10:07] - |A| - [173602] - C:\WINDOWS\syswow64\C_10008.NLS
[MD5.6F8A509550FE8C92D07EE0143BF29BA1] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_10010.NLS
[MD5.314E85390BEBDAE5D1E11DB2D8CBC6E9] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_10017.NLS
[MD5.F3C139AD492C4F73353057442E6995CE] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_10021.NLS
[MD5.D2CA471D36A69D17F82D5C1B64FAEE39] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_10029.NLS
[MD5.29B5AF5B12D955C316821F277C5B4D7D] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_10079.NLS
[MD5.EFFDFF60A38CF648811BBCDD722ECF5E] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_10081.NLS
[MD5.9CA501D2A8E6909C5B2E8C9274682BF1] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_10082.NLS
[MD5.71E7F8B0F28585439E95B3D3B296984B] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1026.NLS
[MD5.7CB90B3604A45355218E6A20BD7B7A0B] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1047.NLS
[MD5.27E1CBE7F0DF21CA0892D16FD1961F29] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1140.NLS
[MD5.F0C0509A9A633332B99F009D1DAA7612] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1141.NLS
[MD5.69316F1B309BA5AC371EFD09267BD670] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1142.NLS
[MD5.3EA8E21340AF59C80CB35A6A53FE52D7] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1143.NLS
[MD5.FD2D28063FB4FD12BC6EF18A6D10769E] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1144.NLS
[MD5.123B711FF0BF69B4462C279D342380AF] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1145.NLS
[MD5.D288777605A2F4E12A9C6E360CE44987] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1146.NLS
[MD5.7623492F4FCB5E317578F897A7476E16] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1147.NLS
[MD5.32CA3320D8C8F37770764BDFF1C2FE15] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1148.NLS
[MD5.484A1C398A16DD464E8468046526985C] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_1149.NLS
[MD5.ACB769EC498FB62316EAB45ADB680F22] - [04/06/2017 12:09:57] - |A| - [66082] - C:\WINDOWS\syswow64\C_1252.NLS
[MD5.1F55C295A71290992C95CF1F41CDB0E4] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20105.NLS
[MD5.00E11B5E8C252190DEC893FD84D3B06D] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20106.NLS
[MD5.EB7AD61171B280F1CA90CF3AC0F43717] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20107.NLS
[MD5.C8FBDF3805D2F229DE3CA2EF5A248CCC] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20108.NLS
[MD5.BA660D994876755C9E90871B919BB5EC] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20269.NLS
[MD5.947813F75A56A20EF65DC9E479EBEA4D] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20273.NLS
[MD5.947B06BC793BFF9A4808C8CF57B0E273] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20277.NLS
[MD5.AF4F8AEC071515D6FC6E8203A0DBF655] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20278.NLS
[MD5.2AB1DF9DFBD49E343AF5D5FA7D17024E] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20280.NLS
[MD5.E37E1766C1D7C21C5EFAD0F20D923039] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20284.NLS
[MD5.BCD8AC4CE06E227A2FBA81862B5F0D42] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20285.NLS
[MD5.B2B3B6A63D9A1837673A2B2C44455A20] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20290.NLS
[MD5.C3581190325F812CB7F5F928E722F132] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20297.NLS
[MD5.4FEA99284FA34D8E69C8D865D9426D2B] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20420.NLS
[MD5.E3AAE11859C598FB936017816567FD96] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20423.NLS
[MD5.3A0FA5F25C5FF909766347627B446511] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20424.NLS
[MD5.E27DCCEEFABD04FC7D81BE65B233C653] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20833.NLS
[MD5.A124CAA7470CCF0354A57AB30808293F] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20838.NLS
[MD5.61FBE3736279973CBA71EE0CDEAAAA6C] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20871.NLS
[MD5.8464E9CAB0DA3F209320D782631DD5A2] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20880.NLS
[MD5.1ADCE2879B486ACB126750EF18B2E658] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20905.NLS
[MD5.E4642396D2098F65C7E88C0AC1EE7379] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_20924.NLS
[MD5.85D74656F26B33F21B5129252B1578D0] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_21025.NLS
[MD5.07CD5D103AEB4AD2B624EE1ADBFAA456] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_21027.NLS
[MD5.0BD539284D746E022BDA27C1F85A525A] - [04/06/2017 12:09:57] - |A| - [66594] - C:\WINDOWS\syswow64\C_437.NLS
[MD5.90F5232D99D17AA1BBA3CE2228CF1B2A] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_500.NLS
[MD5.48841546AC3B8698C93991E99851F0CF] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_870.NLS
[MD5.8BE0D77A873730B4EB1DAB7C6622CD46] - [04/06/2017 12:10:07] - |A| - [66082] - C:\WINDOWS\syswow64\C_875.NLS
[MD5.672200E4C920BA3F63F5C79064F0B250] - [04/06/2017 12:11:02] - |A| - [225280] - C:\WINDOWS\syswow64\C_G18030.DLL
[MD5.BD7EE042A3C182C746A18F760D312A93] - [04/06/2017 12:11:02] - |A| - [12288] - C:\WINDOWS\syswow64\c_GSM7.DLL
[MD5.1AC3EEE8D0913547B647FD9E3CD321FA] - [04/06/2017 12:11:02] - |A| - [14336] - C:\WINDOWS\syswow64\C_IS2022.DLL
[MD5.5CDADA339DBFA08E082A6D4D9DE4C67C] - [04/06/2017 12:11:06] - |A| - [12288] - C:\WINDOWS\syswow64\C_ISCII.DLL
[MD5.8BCA36005D6C3892385E8FF2C9FFA83B] - [04/06/2017 12:10:53] - |A| - [5242368] - C:\WINDOWS\syswow64\d2d1.dll
[MD5.099D6E0D547818842998AA9C5CEC04C4] - [11/06/2017 03:12:30] - |A| - [463360] - C:\WINDOWS\syswow64\d2d1debug3.dll
[MD5.8AA1392ED811D7218E5809E55B07A7AF] - [04/06/2017 12:11:05] - |A| - [1045504] - C:\WINDOWS\syswow64\d3d10.dll
[MD5.283C4D9C64D7C8FA1BBBB8E3B3AB3B7B] - [04/06/2017 12:11:05] - |A| - [324096] - C:\WINDOWS\syswow64\d3d10core.dll
[MD5.32D7BAE6FABD00E04EAD07CFFD776758] - [04/06/2017 12:10:56] - |A| - [332600] - C:\WINDOWS\syswow64\d3d10level9.dll
[MD5.D634A2C965F802BA51342B8A78CF6A7B] - [04/06/2017 12:10:53] - |A| - [5596840] - C:\WINDOWS\syswow64\d3d10warp.dll
[MD5.7481C61F6C2EF8191C97225422490A6A] - [04/06/2017 12:11:05] - |A| - [154112] - C:\WINDOWS\syswow64\d3d10_1.dll
[MD5.0C1DD0DED45C8F3159DCECD7A0E10134] - [04/06/2017 12:11:05] - |A| - [358400] - C:\WINDOWS\syswow64\d3d10_1core.dll
[MD5.D2E3D0CD43D49EF1F93574B71AD9528D] - [04/06/2017 12:10:56] - |A| - [2388320] - C:\WINDOWS\syswow64\d3d11.dll
[MD5.8D4ADCD449444A4670B20C9F7FCF0F94] - [11/06/2017 03:12:30] - |A| - [1063936] - C:\WINDOWS\syswow64\d3d11_3SDKLayers.dll
[MD5.F8C8EC88A854CEC9AD57FFC5992CDC8F] - [04/06/2017 12:10:56] - |A| - [1071312] - C:\WINDOWS\syswow64\D3D12.dll
[MD5.AC564BCBD298E035D4C4B24D75AA7F1F] - [11/06/2017 03:12:30] - |A| - [2177024] - C:\WINDOWS\syswow64\d3d12SDKLayers.dll
[MD5.F971BC89A439CFDA0AE4E310E0552978] - [04/06/2017 12:11:05] - |A| - [712704] - C:\WINDOWS\syswow64\d3d8.dll
[MD5.83C3A88C03D26E451EF2A2D8B293A37D] - [04/06/2017 12:11:03] - |A| - [12800] - C:\WINDOWS\syswow64\d3d8thk.dll
[MD5.C0228D4A95F70D088A57A1C69A9FF682] - [04/06/2017 12:11:03] - |A| - [1466888] - C:\WINDOWS\syswow64\d3d9.dll
[MD5.A40E4A1F0FE902FECEFAE3CEC67C18CD] - [04/06/2017 12:10:56] - |A| - [506880] - C:\WINDOWS\syswow64\d3d9on12.dll
[MD5.E24B22FD05AF65A19628269B3C2E373D] - [04/06/2017 12:10:53] - |A| - [3645952] - C:\WINDOWS\syswow64\D3DCompiler_47.dll
[MD5.137CDF82D5F1843B95C5790EAEDEC7D7] - [04/06/2017 12:11:05] - |A| - [396288] - C:\WINDOWS\syswow64\d3dim.dll
[MD5.4D0927E18CDC5A648734D26D34F79C26] - [04/06/2017 12:11:05] - |A| - [423936] - C:\WINDOWS\syswow64\d3dim700.dll
[MD5.08B753BE85D5D1823E72CCFFC6879075] - [04/06/2017 12:11:03] - |A| - [595456] - C:\WINDOWS\syswow64\d3dramp.dll
[MD5.C13E762C87E075382A06B0D6BD128F04] - [04/06/2017 12:10:53] - |A| - [110080] - C:\WINDOWS\syswow64\D3DSCache.dll
[MD5.E1C24D9FA58A289EBFF710E49EF05F82] - [04/06/2017 12:11:02] - |A| - [57856] - C:\WINDOWS\syswow64\d3dxof.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [282112] - C:\WINDOWS\syswow64\da-DK
[MD5.3647AC6FABF83638A7CA2787CBD906EE] - [04/06/2017 12:11:03] - |A| - [8704] - C:\WINDOWS\syswow64\dabapi.dll
[MD5.8AAC6667A38E81363CE9683C17B2B54C] - [04/06/2017 12:11:21] - |A| - [91136] - C:\WINDOWS\syswow64\DafPrintProvider.dll
[MD5.8FDF144DDFDFEE2C98C7095796B69C65] - [04/06/2017 12:11:19] - |A| - [269312] - C:\WINDOWS\syswow64\DaOtpCredentialProvider.dll
[MD5.02BEFC884F0A438530743A7859D2B7B4] - [04/06/2017 12:11:00] - |A| - [36352] - C:\WINDOWS\syswow64\dataclen.dll
[MD5.009FAE0239351D2965730114E19843FD] - [04/06/2017 12:10:53] - |A| - [254464] - C:\WINDOWS\syswow64\DataExchange.dll
[MD5.AEF8F087EE8E7D37E7C77A2B9FD06435] - [04/06/2017 12:11:28] - |A| - [81408] - C:\WINDOWS\syswow64\davclnt.dll
[MD5.C6AC19AFC1780CACF9426CDD1A35B31A] - [04/06/2017 12:11:21] - |A| - [20992] - C:\WINDOWS\syswow64\davhlpr.dll
[MD5.C24242319AD4C0D9910E2809FB9E7B7B] - [05/06/2017 08:59:13] - |A| - [348672] - C:\WINDOWS\syswow64\DavSyncProvider.dll
[MD5.9E63624E1A9477ED8AB3771B291FD905] - [04/06/2017 12:10:59] - |A| - [340992] - C:\WINDOWS\syswow64\daxexec.dll
[MD5.CBE38ECCA56F316C5156A6704E4E4951] - [04/06/2017 12:11:03] - |A| - [130048] - C:\WINDOWS\syswow64\dbgcore.dll
[MD5.5E5421DEE8168FD304AEB99DBA4C1FFE] - [04/06/2017 12:11:05] - |A| - [4707328] - C:\WINDOWS\syswow64\dbgeng.dll
[MD5.514759221CA5D670B8440D7EC446AB31] - [04/06/2017 12:11:03] - |A| - [1326592] - C:\WINDOWS\syswow64\dbghelp.dll
[MD5.93EB06080CEFCA2F81CAFC1D394A98EE] - [04/06/2017 12:11:05] - |A| - [467456] - C:\WINDOWS\syswow64\DbgModel.dll
[MD5.D4C95DC15E6016BA74891E4DA0C57223] - [04/06/2017 12:11:11] - |A| - [105472] - C:\WINDOWS\syswow64\dbnetlib.dll
[MD5.A9962528BBC609E4F5D70F41699241FF] - [04/06/2017 12:11:11] - |A| - [20480] - C:\WINDOWS\syswow64\dbnmpntw.dll
[MD5.2D2B15D804CF7EB118554133490816E2] - [04/06/2017 12:09:12] - |A| - [641536] - C:\WINDOWS\syswow64\dccw.exe
[MD5.4DD6BBF040B39E21F9936CFEF0DDB1EF] - [04/06/2017 12:11:03] - |A| - [11776] - C:\WINDOWS\syswow64\dciman32.dll
[MD5.8072C416765F6084AF74CEB7A31ADD5D] - [04/06/2017 12:11:03] - |A| - [10240] - C:\WINDOWS\syswow64\dcomcnfg.exe
[MD5.CE47D3129DACC59A9E7C3E128D77DB7B] - [04/06/2017 12:11:03] - |A| - [1034088] - C:\WINDOWS\syswow64\dcomp.dll
[MD5.AFA878190D00C3CC23667475E6D64AD5] - [04/06/2017 12:11:00] - |A| - [21328] - C:\WINDOWS\syswow64\DDACLSys.dll
[MD5.6A0224B2AA1C01AC05D294BF40A1DCCA] - [04/06/2017 12:10:56] - |A| - [98304] - C:\WINDOWS\syswow64\ddisplay.dll
[MD5.DA2CC5B21CF1E0C3792EC4924FCE95CD] - [04/06/2017 12:11:05] - |A| - [32768] - C:\WINDOWS\syswow64\ddodiag.exe
[MD5.7B0E35CBF44AD3D651F79C81883F2A81] - [04/06/2017 12:11:02] - |A| - [13824] - C:\WINDOWS\syswow64\DDOIProxy.dll
[MD5.DFD8AA3D1C124DF5C1FD796A5AFA6D83] - [04/06/2017 12:11:03] - |A| - [15592128] - C:\WINDOWS\syswow64\DDORes.dll
[MD5.5BEE6696B8DC38A4E735E710B3B30101] - [04/06/2017 12:11:05] - |A| - [528896] - C:\WINDOWS\syswow64\ddraw.dll
[MD5.DC8F47189B5032FBAE491E75094FE365] - [04/06/2017 12:11:05] - |A| - [44544] - C:\WINDOWS\syswow64\ddrawex.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [319488] - C:\WINDOWS\syswow64\de-DE
[MD5.182B197BC1C998296FF1EE79C6CA0956] - [04/06/2017 12:11:05] - |A| - [15016] - C:\WINDOWS\syswow64\DefaultDeviceManager.dll
[MD5.089720F2064DA2ABB41CE82AFE016301] - [04/06/2017 12:11:03] - |A| - [22016] - C:\WINDOWS\syswow64\DefaultPrinterProvider.dll
[MD5.499707914D46F405D4D4C941F672699C] - [04/06/2017 12:10:50] - |A| - [23040] - C:\WINDOWS\syswow64\delegatorprovider.dll
[MD5.7211938B2B1425EC6B5AB4D82D0DE82D] - [04/06/2017 12:11:26] - |A| - [166400] - C:\WINDOWS\syswow64\desk.cpl
[MD5.DFCEEBE208ED57A29A5017322FF937EF] - [04/06/2017 12:11:05] - |A| - [47616] - C:\WINDOWS\syswow64\deskadp.dll
[MD5.3FBF70F8E0FCBCD2406F9DE050B0531B] - [04/06/2017 12:11:26] - |A| - [45056] - C:\WINDOWS\syswow64\deskmon.dll
[MD5.F16966EB6DBFCC76D67D63CC9E8BE44F] - [04/06/2017 12:10:53] - |A| - [97144] - C:\WINDOWS\syswow64\DevDispItemProvider.dll
[MD5.E1333210D5C3C980B55396BE0EBBD864] - [04/06/2017 12:10:50] - |A| - [80544] - C:\WINDOWS\syswow64\devenum.dll
[MD5.0CBADF9EB902BAD5194640CE92F6ED42] - [04/06/2017 12:10:53] - |A| - [284672] - C:\WINDOWS\syswow64\deviceaccess.dll
[MD5.3315ED780FDCF6849C917BEFAFBA4C5F] - [04/06/2017 12:11:02] - |A| - [43392] - C:\WINDOWS\syswow64\deviceassociation.dll
[MD5.9642504EA0DD23E59EAB8C891F1D57E1] - [04/06/2017 12:11:02] - |A| - [409088] - C:\WINDOWS\syswow64\DeviceCenter.dll
[MD5.4B4E56AA113B1B87D15CBFE19782F1DF] - [04/06/2017 12:10:56] - |A| - [48640] - C:\WINDOWS\syswow64\DeviceCredential.dll
[MD5.27B1A101FB74A46A39E759FC694677A9] - [04/06/2017 12:11:03] - |A| - [32256] - C:\WINDOWS\syswow64\DeviceDisplayStatusManager.dll
[MD5.4C6468FEF9F347F0524AE6E67AF8CEA7] - [04/06/2017 12:11:00] - |A| - [1989120] - C:\WINDOWS\syswow64\DeviceFlows.DataModel.dll
[MD5.290E09ED9770FDF3A4127D592B923DF2] - [04/06/2017 12:10:56] - |A| - [167424] - C:\WINDOWS\syswow64\devicengccredprov.dll
[MD5.CDBB8FED28B373FD357644DFD84F7412] - [04/06/2017 12:11:02] - |A| - [504832] - C:\WINDOWS\syswow64\DevicePairing.dll
[MD5.B0D0C48AFA4FECB7EF27E47419783421] - [04/06/2017 12:11:03] - |A| - [200704] - C:\WINDOWS\syswow64\DevicePairingFolder.dll
[MD5.010A7EE47B30A7F66FFE55C3B5B8FBD6] - [04/06/2017 12:11:03] - |A| - [24064] - C:\WINDOWS\syswow64\DevicePairingProxy.dll
[MD5.51C2B40D68B97F56D27A8C9F4EF61044] - [04/06/2017 12:11:02] - |A| - [82944] - C:\WINDOWS\syswow64\DevicePairingWizard.exe
[MD5.A8C8C2385DD6C2F0DED03DA933018096] - [04/06/2017 12:11:03] - |A| - [31232] - C:\WINDOWS\syswow64\DeviceSetupStatusProvider.dll
[MD5.63D3F011C8AA2B8950939ADF14D09F37] - [04/06/2017 12:11:05] - |A| - [12288] - C:\WINDOWS\syswow64\DeviceUxRes.dll
[MD5.383A3B36999FABD8DCA7691B38713C40] - [04/06/2017 12:11:19] - |A| - [145622] - C:\WINDOWS\syswow64\devmgmt.msc
[MD5.1BBE0D1E21DF7A1677295DA7A808E706] - [04/06/2017 12:11:19] - |A| - [750080] - C:\WINDOWS\syswow64\devmgr.dll
[MD5.C72751CD0410D64D67EE4DADD4CE9FEF] - [04/06/2017 12:11:03] - |A| - [127608] - C:\WINDOWS\syswow64\devobj.dll
[MD5.AE7FAEB51C3E408BE2DA3677594B07BC] - [04/06/2017 12:11:03] - |A| - [48128] - C:\WINDOWS\syswow64\devrtl.dll
[MD5.94D2FC535BDC58DE3B349EADF7F53C93] - [04/06/2017 12:11:05] - |A| - [561152] - C:\WINDOWS\syswow64\dfrgui.exe
[MD5.7099C07279B769A2664148A494D838EF] - [04/06/2017 12:11:03] - |A| - [44032] - C:\WINDOWS\syswow64\dfscli.dll
[MD5.DDD5FAC3689371F05916EE2697CE3233] - [04/06/2017 12:09:04] - |A| - [1194496] - C:\WINDOWS\syswow64\dfshim.dll
[MD5.818DE4B14CCDA05563F1FD775F6FAE66] - [04/06/2017 12:11:18] - |A| - [55808] - C:\WINDOWS\syswow64\DfsShlEx.dll
[MD5.708B107F5EB559B0078294D36EF0FCE8] - [04/06/2017 12:11:05] - |A| - [12288] - C:\WINDOWS\syswow64\dhcpcmonitor.dll
[MD5.AB53C38EDF1B0A392D0F5EAFBEA0A133] - [04/06/2017 12:11:03] - |A| - [307200] - C:\WINDOWS\syswow64\dhcpcore.dll
[MD5.DE3DF3C6B3EDD91D40749F3DC3DDF49D] - [04/06/2017 12:11:03] - |A| - [254976] - C:\WINDOWS\syswow64\dhcpcore6.dll
[MD5.75E29715099A02F26FFFFDAD13A3E6F6] - [04/06/2017 12:11:03] - |A| - [62976] - C:\WINDOWS\syswow64\dhcpcsvc.dll
[MD5.BE6185F456B0E4EA9E7EB810B6E207D5] - [04/06/2017 12:11:03] - |A| - [57856] - C:\WINDOWS\syswow64\dhcpcsvc6.dll
[MD5.263D1A36103C7582439849FFE95DDEBB] - [04/06/2017 12:11:05] - |A| - [138240] - C:\WINDOWS\syswow64\dhcpsapi.dll
[MD5.B342EDDFDE71BDE01A0059F332BFE91C] - [04/06/2017 12:10:53] - |A| - [35328] - C:\WINDOWS\syswow64\DiagnosticsInvoker.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |SD| - [205312] - C:\WINDOWS\syswow64\DiagSvcs
[MD5.23B678652D62805A1EF33B2B0B97E687] - [04/06/2017 12:11:00] - |A| - [182272] - C:\WINDOWS\syswow64\dialclient.dll
[MD5.6F0C97071BF2F8EFE92AFAA199235322] - [04/06/2017 12:11:26] - |A| - [32256] - C:\WINDOWS\syswow64\dialer.exe
[MD5.8814E662CBFFA8F19808789B60369567] - [04/06/2017 12:11:02] - |A| - [345088] - C:\WINDOWS\syswow64\DictationManager.dll
[MD5.362EFE8D10FD02660A2D5B8946822DAA] - [04/06/2017 12:11:21] - |A| - [332288] - C:\WINDOWS\syswow64\difxapi.dll
[MD5.FF6952C77051696FE20BEF20EFE1AC6C] - [04/06/2017 12:11:03] - |A| - [35840] - C:\WINDOWS\syswow64\dimsjob.dll
[MD5.0C28B5D1FB9D31F2279AEF2DEA1A7608] - [04/06/2017 12:11:03] - |A| - [39424] - C:\WINDOWS\syswow64\dimsroam.dll
[MD5.0E9C0A69086E013B8B6067032E1D22AF] - [04/06/2017 12:11:03] - |A| - [138752] - C:\WINDOWS\syswow64\dinput.dll
[MD5.FF2F5ABF5D1A89E025E45AEC8994B55E] - [04/06/2017 12:11:03] - |A| - [178176] - C:\WINDOWS\syswow64\dinput8.dll
[MD5.F8EAA05B7E7B44A5C6ED4D6057C9CF0D] - [04/06/2017 12:11:00] - |A| - [20480] - C:\WINDOWS\syswow64\Direct2DDesktop.dll
[MD5.23005429B9E8FC16EC782128B46029EA] - [04/06/2017 12:10:56] - |A| - [487056] - C:\WINDOWS\syswow64\directmanipulation.dll
[MD5.E343F7FD42210043208A295CBD6E251C] - [04/06/2017 12:11:26] - |A| - [47682] - C:\WINDOWS\syswow64\diskmgmt.msc
[MD5.9210AF447325A9E67BCE30C1D7A20E05] - [04/06/2017 12:11:26] - |A| - [149504] - C:\WINDOWS\syswow64\diskpart.exe
[MD5.D62393760A37B65D907CAFD1B5152CF3] - [04/06/2017 12:11:18] - |A| - [21504] - C:\WINDOWS\syswow64\diskperf.exe
[MD5.95AE6BF57F9C9C6FCC39FEF98D060E86] - [04/06/2017 12:11:26] - |A| - [286208] - C:\WINDOWS\syswow64\diskraid.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [6945488] - C:\WINDOWS\syswow64\Dism
[MD5.A19050796539E32B4C13A37B86C8FD23] - [04/06/2017 12:11:05] - |A| - [222544] - C:\WINDOWS\syswow64\Dism.exe
[MD5.2E795D7A098F20109F3BFB370B853888] - [04/06/2017 12:11:07] - |A| - [718160] - C:\WINDOWS\syswow64\DismApi.dll
[MD5.9E1BD3E3C4800042929F0F4D60C0A38D] - [04/06/2017 12:10:53] - |A| - [44032] - C:\WINDOWS\syswow64\DispBroker.dll
[MD5.A23CC20F4CADE43A03195C9CC82A032E] - [04/06/2017 12:11:21] - |A| - [16896] - C:\WINDOWS\syswow64\dispex.dll
[MD5.6E6168581836C7666BB1EED40CD72693] - [04/06/2017 12:11:05] - |A| - [138240] - C:\WINDOWS\syswow64\Display.dll
[MD5.7F47AF1BD7CBAC9BEC12DDA2039BAEED] - [04/06/2017 12:10:53] - |A| - [135680] - C:\WINDOWS\syswow64\DisplayManager.dll
[MD5.22471C8AF01FBE3EF7FEF2D8090831D0] - [04/06/2017 12:11:28] - |A| - [15360] - C:\WINDOWS\syswow64\djctq.rs
[MD5.5A1493F1FF5D924F08B0BEACE97E521A] - [04/06/2017 12:11:05] - |A| - [15184] - C:\WINDOWS\syswow64\dllhost.exe
[MD5.ECE2997FD902774B6D6B59195C621CB2] - [04/06/2017 12:10:57] - |A| - [10752] - C:\WINDOWS\syswow64\dllhst3g.exe
[MD5.B18A23F465449CF5DBD4933EBE7EA152] - [04/06/2017 12:09:13] - |A| - [244224] - C:\WINDOWS\syswow64\dlnashext.dll
[MD5.6DE6FFF24EB9F155A1890506C2A6DBD0] - [04/06/2017 12:11:00] - |A| - [7680] - C:\WINDOWS\syswow64\DMAlertListener.ProxyStub.dll
[MD5.C34748AFC0124F6CEBD40D5889B57632] - [04/06/2017 12:11:05] - |A| - [34816] - C:\WINDOWS\syswow64\dmband.dll
[MD5.9BC31ABBAA7813A9866DE501DFCF2277] - [04/06/2017 12:11:00] - |A| - [98816] - C:\WINDOWS\syswow64\dmcfgutils.dll
[MD5.04F4A2E5BD25C756F2B6349DA76FE4C9] - [04/06/2017 12:11:02] - |A| - [96088] - C:\WINDOWS\syswow64\dmcmnutils.dll
[MD5.AB5E5995CF5DED13190DC651E9F9E7FD] - [04/06/2017 12:11:00] - |A| - [11776] - C:\WINDOWS\syswow64\dmcommandlineutils.dll
[MD5.FD6A5C99514A5035F485504617A0ADB5] - [04/06/2017 12:11:05] - |A| - [74752] - C:\WINDOWS\syswow64\dmcompos.dll
[MD5.636E99752ACCF8617B3DF3B71CC5D323] - [04/06/2017 12:11:26] - |A| - [410112] - C:\WINDOWS\syswow64\dmdlgs.dll
[MD5.12AC1DDE5DF4C4FBC457960479994C54] - [04/06/2017 12:11:28] - |A| - [218112] - C:\WINDOWS\syswow64\dmdskmgr.dll
[MD5.20A47048431808A7C6E08D6374171D1D] - [04/06/2017 12:11:26] - |A| - [1064960] - C:\WINDOWS\syswow64\dmdskres.dll
[MD5.808FFDB512B96BF67EA0434912051091] - [04/06/2017 12:11:26] - |A| - [2560] - C:\WINDOWS\syswow64\dmdskres2.dll
[MD5.6C09BF649D2552688B4CD7FECC672B42] - [04/06/2017 12:11:00] - |A| - [427520] - C:\WINDOWS\syswow64\dmenrollengine.dll
[MD5.E0556F8AE8534CE882BAFAC2776CA4D7] - [04/06/2017 12:11:05] - |A| - [204288] - C:\WINDOWS\syswow64\dmime.dll
[MD5.092E859B35DD868BFF1A87C09B7BD5FC] - [04/06/2017 12:11:26] - |A| - [24064] - C:\WINDOWS\syswow64\dmintf.dll
[MD5.9ECAB6D38427ADD013EBDC2C1B16A5B6] - [04/06/2017 12:10:59] - |A| - [11776] - C:\WINDOWS\syswow64\dmiso8601utils.dll
[MD5.EE34083969BFEF365C8CF6EFDBCA1194] - [04/06/2017 12:11:05] - |A| - [42496] - C:\WINDOWS\syswow64\dmloader.dll
[MD5.2F88A4D292A61D379E06E8C61231AC5C] - [04/06/2017 12:11:19] - |A| - [45056] - C:\WINDOWS\syswow64\dmocx.dll
[MD5.E1828FD5AF0B7C1323DD186E42310755] - [04/06/2017 12:10:57] - |A| - [22528] - C:\WINDOWS\syswow64\dmoleaututils.dll
[MD5.701FEFC333163258CFC18F872B719A57] - [04/06/2017 12:10:57] - |A| - [25600] - C:\WINDOWS\syswow64\dmprocessxmlfiltered.dll
[MD5.B38B47FD006D876A9553F5A7B15A5F74] - [04/06/2017 12:11:02] - |A| - [13312] - C:\WINDOWS\syswow64\dmpushproxy.dll
[MD5.9DE44A6B5C36FA528C054F127FFE9059] - [04/06/2017 12:11:05] - |A| - [96768] - C:\WINDOWS\syswow64\dmscript.dll
[MD5.A74A3226A4B9897D21BB9023E7C42909] - [04/06/2017 12:11:05] - |A| - [119808] - C:\WINDOWS\syswow64\dmstyle.dll
[MD5.787ED019E16354A3B16E6310BAC8F99C] - [04/06/2017 12:11:05] - |A| - [114176] - C:\WINDOWS\syswow64\dmsynth.dll
[MD5.28F26EA2E1D2E9759CB5E7634EC4D7CD] - [04/06/2017 12:11:05] - |A| - [112640] - C:\WINDOWS\syswow64\dmusic.dll
[MD5.4707E5371653B9413B4AF73AB875C8E1] - [04/06/2017 12:11:26] - |A| - [21504] - C:\WINDOWS\syswow64\dmutil.dll
[MD5.A14DB8CC536A599F718AD05F279590B1] - [04/06/2017 12:11:26] - |A| - [153088] - C:\WINDOWS\syswow64\dmvdsitf.dll
[MD5.E38E5D2050E1F6A5C69BEB99E48A6FD4] - [04/06/2017 12:11:26] - |A| - [112640] - C:\WINDOWS\syswow64\dmview.ocx
[MD5.C52E5754ABC3236405E26357136CFBEB] - [04/06/2017 12:10:53] - |A| - [47104] - C:\WINDOWS\syswow64\dmxmlhelputils.dll
[MD5.0594489AD781F7AAD00B109E1BE72163] - [04/06/2017 12:11:03] - |A| - [553240] - C:\WINDOWS\syswow64\dnsapi.dll
[MD5.0547BB38DD7664ECCF2D63C5BB86EBB1] - [04/06/2017 12:11:08] - |A| - [128512] - C:\WINDOWS\syswow64\dnscmmc.dll
[MD5.91620D854FA8D16DC71C156AB318B5DA] - [04/06/2017 12:11:21] - |A| - [36352] - C:\WINDOWS\syswow64\docprop.dll
[MD5.4301A11FF35280B37357DE4ADB3DA3F1] - [04/06/2017 12:11:39] - |A| - [853304] - C:\WINDOWS\syswow64\DolbyDecMFT.dll
[MD5.24FCA9FB3EB7310452EFAC416667FBB8] - [04/06/2017 12:11:00] - |A| - [16896] - C:\WINDOWS\syswow64\doskey.exe
[MD5.79BDB804A0DD314CF6D44C7FBEC2E0B5] - [04/06/2017 12:11:28] - |A| - [81920] - C:\WINDOWS\syswow64\dot3api.dll
[MD5.CB43648B7C69B45149F8F81F6D20DA0F] - [04/06/2017 12:11:28] - |A| - [59904] - C:\WINDOWS\syswow64\dot3cfg.dll
[MD5.90607765E4AF9F195A9A2FEE593282A6] - [04/06/2017 12:11:28] - |A| - [48128] - C:\WINDOWS\syswow64\dot3dlg.dll
[MD5.E5F25F7A01945E8F353658CB2AC11095] - [04/06/2017 12:11:28] - |A| - [47616] - C:\WINDOWS\syswow64\dot3gpclnt.dll
[MD5.E93009D8B3F88F217994A75D44D55C59] - [04/06/2017 12:11:28] - |A| - [243200] - C:\WINDOWS\syswow64\dot3gpui.dll
[MD5.E7BD61BC256DBFC1EB1C381FBEB29554] - [04/06/2017 12:11:26] - |A| - [56320] - C:\WINDOWS\syswow64\dot3hc.dll
[MD5.32F0577DE464E9955D6A8CAF3447A60C] - [04/06/2017 12:11:28] - |A| - [87040] - C:\WINDOWS\syswow64\dot3msm.dll
[MD5.1183ACEEF215A1011EAB6C77EAAF4EAE] - [04/06/2017 12:11:28] - |A| - [288768] - C:\WINDOWS\syswow64\dot3ui.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [714240] - C:\WINDOWS\syswow64\downlevel
[MD5.C03E338D375D1F7962658D4C46894218] - [04/06/2017 12:11:03] - |A| - [13312] - C:\WINDOWS\syswow64\dpapi.dll
[MD5.FA11E9070B6265C13A8F2876C7BD6904] - [04/06/2017 12:11:23] - |A| - [73728] - C:\WINDOWS\syswow64\dpapimig.exe
[MD5.D5B191B63E03AB3849A3E0E030611DCE] - [04/06/2017 12:11:03] - |A| - [49664] - C:\WINDOWS\syswow64\dpapiprovider.dll
[MD5.F8529EAC73CC552E59F9F8A7FB0E1425] - [04/06/2017 12:11:03] - |A| - [77312] - C:\WINDOWS\syswow64\DpiScaling.exe
[MD5.D71862E8252F23A2A742F5231ABD0F8A] - [04/06/2017 12:08:57] - |A| - [20480] - C:\WINDOWS\syswow64\dplaysvr.exe
[MD5.0701F15D0BFD05E0F53AF684ED374FD8] - [04/06/2017 12:08:57] - |A| - [218112] - C:\WINDOWS\syswow64\dplayx.dll
[MD5.8D34E4B4094BE5963AE3F464CC6A478C] - [04/06/2017 12:08:57] - |A| - [24576] - C:\WINDOWS\syswow64\dpmodemx.dll
[MD5.4421CF581503954FA9F7312A7F87156E] - [04/06/2017 12:08:57] - |A| - [5120] - C:\WINDOWS\syswow64\dpnaddr.dll
[MD5.306A0B33FF39C103014C3D89C2ED441B] - [04/06/2017 12:08:57] - |A| - [61440] - C:\WINDOWS\syswow64\dpnathlp.dll
[MD5.1AD26C1C307EE202E1BF3CDBCCB1CC3B] - [04/06/2017 12:08:57] - |A| - [389120] - C:\WINDOWS\syswow64\dpnet.dll
[MD5.AE29F8DBE9DDE8B3DE548121D6BBAFED] - [04/06/2017 12:08:57] - |A| - [8704] - C:\WINDOWS\syswow64\dpnhpast.dll
[MD5.0136ECD2FF7F2268A2DC49C686E34AD7] - [04/06/2017 12:08:57] - |A| - [8704] - C:\WINDOWS\syswow64\dpnhupnp.dll
[MD5.AC830DC1B862D67252CFB1A2D1D271C7] - [04/06/2017 12:08:57] - |A| - [5120] - C:\WINDOWS\syswow64\dpnlobby.dll
[MD5.3CE996CA3707529433729B10F2B5E85B] - [04/06/2017 12:08:57] - |A| - [22528] - C:\WINDOWS\syswow64\dpnsvr.exe
[MD5.B000813CC3FFF4E19580820590DE261A] - [04/06/2017 12:08:57] - |A| - [46592] - C:\WINDOWS\syswow64\dpwsockx.dll
[MD5.E97E56591F9AF1143BAB6A9C187801FD] - [04/06/2017 12:11:03] - |A| - [437072] - C:\WINDOWS\syswow64\dpx.dll
[MD5.F8FE905212602463F273409B6820C82A] - [04/06/2017 12:11:19] - |A| - [66560] - C:\WINDOWS\syswow64\driverquery.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [3651318] - C:\WINDOWS\syswow64\drivers
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [324] - C:\WINDOWS\syswow64\DriverStore
[MD5.D3C6EEA17691652E73BF64699965462D] - [04/06/2017 12:11:26] - |A| - [20480] - C:\WINDOWS\syswow64\drprov.dll
[MD5.7D17DE044F9EB4D20B3E01A431F28122] - [04/06/2017 12:09:17] - |A| - [225792] - C:\WINDOWS\syswow64\drt.dll
[MD5.FA8B2FB33FF4CFEF385B00B16ABDE5F1] - [04/06/2017 12:09:17] - |A| - [57344] - C:\WINDOWS\syswow64\drtprov.dll
[MD5.8CFE432CB91829122E301B355CA1B7E7] - [04/06/2017 12:09:17] - |A| - [43008] - C:\WINDOWS\syswow64\drttransport.dll
[MD5.64CE1A9D1C1922CD19E3DC1A02167F5D] - [04/06/2017 12:10:59] - |A| - [797008] - C:\WINDOWS\syswow64\drvstore.dll
[MD5.CA270E035E15D7249FE81A10A482B55E] - [04/06/2017 12:11:05] - |A| - [38912] - C:\WINDOWS\syswow64\dsauth.dll
[MD5.CC0309B310A0F05CCF33CED373F888C4] - [04/06/2017 12:11:19] - |A| - [138240] - C:\WINDOWS\syswow64\DscCoreConfProv.dll
[MD5.9B38DECC8B81CE1BF2986A568E58E142] - [04/06/2017 12:10:53] - |A| - [37176] - C:\WINDOWS\syswow64\dsclient.dll
[MD5.0A2138903C58330F96790E182FBBEDB9] - [04/06/2017 12:10:50] - |A| - [186880] - C:\WINDOWS\syswow64\dsdmo.dll
[MD5.A0FBF870E96A8FF1051D9F51996FFCC6] - [04/06/2017 12:11:05] - |A| - [106496] - C:\WINDOWS\syswow64\dskquota.dll
[MD5.19618D489701AF5002CD820E8B79DF1E] - [04/06/2017 12:11:05] - |A| - [193536] - C:\WINDOWS\syswow64\dskquoui.dll
[MD5.631BD45C08265688BF76544C263C826D] - [04/06/2017 12:10:50] - |A| - [502272] - C:\WINDOWS\syswow64\dsound.dll
[MD5.91857405BC40F77B6DB68BB162B136CE] - [04/06/2017 12:11:05] - |A| - [24064] - C:\WINDOWS\syswow64\dsparse.dll
[MD5.68C6381ADC8CA7C627F08A6674955C8B] - [04/06/2017 12:11:03] - |A| - [148992] - C:\WINDOWS\syswow64\dsprop.dll
[MD5.E3F6145AF29D329C18D92899B3FC00C5] - [04/06/2017 12:11:02] - |A| - [413696] - C:\WINDOWS\syswow64\dsquery.dll
[MD5.59C2EEB38EBD7B010039A572A9EA0838] - [04/06/2017 12:10:56] - |A| - [572416] - C:\WINDOWS\syswow64\dsreg.dll
[MD5.E8A0DF37E88E8842B608B2BADE39285B] - [04/06/2017 12:11:05] - |A| - [20208] - C:\WINDOWS\syswow64\dsrole.dll
[MD5.8C6F56F4CDDE6A1FD01F4FCF2773298E] - [04/06/2017 12:17:14] - |A| - [215943] - C:\WINDOWS\syswow64\dssec.dat
[MD5.04F5E5213AB04A2306A4C46CC920527D] - [04/06/2017 12:10:57] - |A| - [50688] - C:\WINDOWS\syswow64\dssec.dll
[MD5.0B94E0982945983B812C22361D5385DA] - [04/06/2017 12:11:05] - |A| - [129688] - C:\WINDOWS\syswow64\dssenh.dll
[MD5.A449FB44465282CA17B44508B59B0B32] - [04/06/2017 12:11:05] - |A| - [131584] - C:\WINDOWS\syswow64\Dsui.dll
[MD5.A51110A3AA7293C936E8215A4D4D843C] - [04/06/2017 12:11:02] - |A| - [674304] - C:\WINDOWS\syswow64\dsuiext.dll
[MD5.FAE541FD8C826FB0DA3F21B067758DFF] - [04/06/2017 12:11:05] - |A| - [23552] - C:\WINDOWS\syswow64\dswave.dll
[MD5.024C4897FEC37A5618DE4D0E67852051] - [04/06/2017 12:11:02] - |A| - [46592] - C:\WINDOWS\syswow64\dtdump.exe
[MD5.B6038FC4F64D33D6B0E4E5CF16B41088] - [04/06/2017 12:11:08] - |A| - [31744] - C:\WINDOWS\syswow64\dtsh.dll
[MD5.A77136CE36AD276BB6F539FED341FAEE] - [04/06/2017 12:11:02] - |A| - [1481216] - C:\WINDOWS\syswow64\dui70.dll
[MD5.EC1F456BC46CE645B5F463EB01230A18] - [04/06/2017 12:11:02] - |A| - [482304] - C:\WINDOWS\syswow64\duser.dll
[MD5.C9F4C3E3EDD8586B018FCEAE8F6D95ED] - [04/06/2017 12:10:50] - |A| - [36352] - C:\WINDOWS\syswow64\dusmapi.dll
[MD5.134CE694F35016D4B1ECD451878D781E] - [04/06/2017 12:10:50] - |A| - [10752] - C:\WINDOWS\syswow64\dvdplay.exe
[MD5.93073A64FE2B205E5DDF47C7A91CB811] - [04/06/2017 12:11:03] - |A| - [123728] - C:\WINDOWS\syswow64\dwmapi.dll
[MD5.4B4A468D1E0E0FF10D177F91FF916094] - [04/06/2017 12:11:03] - |A| - [2558464] - C:\WINDOWS\syswow64\dwmcore.dll
[MD5.0A400465A351641E35B0CD2D42F3C24E] - [04/06/2017 12:10:53] - |A| - [2539008] - C:\WINDOWS\syswow64\DWrite.dll
[MD5.4008CA62C44FEE1A9FA7C411A149DCF7] - [04/06/2017 12:11:05] - |A| - [164864] - C:\WINDOWS\syswow64\DWWIN.EXE
[MD5.D0F45804A5028A2D264586A1BA9B5F4B] - [11/06/2017 03:12:30] - |A| - [922624] - C:\WINDOWS\syswow64\DXCap.exe
[MD5.910E42E7B3E132564D8DCBD56B5F0313] - [11/06/2017 03:12:30] - |A| - [13813248] - C:\WINDOWS\syswow64\DXCaptureReplay.dll
[MD5.F6AED85426F9FD238B39A5DA673A9A9A] - [11/06/2017 03:12:30] - |A| - [373760] - C:\WINDOWS\syswow64\DXCpl.exe
[MD5.97FC9BECB755653CA817C25646E04D7C] - [04/06/2017 12:11:03] - |A| - [306688] - C:\WINDOWS\syswow64\dxdiag.exe
[MD5.57C20E2C281DFCF18250EDE2738213AA] - [04/06/2017 12:11:03] - |A| - [292352] - C:\WINDOWS\syswow64\dxdiagn.dll
[MD5.9A01742DADDD56EB0EC6C4E75A9BA519] - [04/06/2017 12:10:53] - |A| - [574888] - C:\WINDOWS\syswow64\dxgi.dll
[MD5.92CCC8ED3DFC15F7764AFCDACC2CE7CF] - [11/06/2017 03:12:30] - |A| - [239104] - C:\WINDOWS\syswow64\DXGIDebug.dll
[MD5.0C70E029546ACF125C45894B8A4CDBA1] - [04/06/2017 12:10:53] - |A| - [909824] - C:\WINDOWS\syswow64\dxilconv.dll
[MD5.9988A3F9A6B02C92A37BD253A7391E96] - [05/06/2017 08:58:25] - |A| - [5632] - C:\WINDOWS\syswow64\dxmasf.dll
[MD5.4E2B992FBBD8DE73EF61489B52A19B15] - [04/06/2017 12:11:05] - |A| - [1392640] - C:\WINDOWS\syswow64\DxpTaskSync.dll
[MD5.12BB3BD1BFE559035A22374FFC5B9DE1] - [04/06/2017 12:09:13] - |A| - [397824] - C:\WINDOWS\syswow64\dxtmsft.dll
[MD5.5B2BD3644E7C1F87F8C4F8577B8DA23C] - [11/06/2017 03:12:30] - |A| - [143360] - C:\WINDOWS\syswow64\DXToolsMonitor.dll
[MD5.1FDDBF9D4CB835D97F3C6E34022E03A6] - [11/06/2017 03:12:30] - |A| - [1488384] - C:\WINDOWS\syswow64\DXToolsOfflineAnalysis.dll
[MD5.05F5BAB79586DFF3C75E5B6A74E70FD1] - [11/06/2017 03:12:29] - |A| - [94720] - C:\WINDOWS\syswow64\DxToolsReportGenerator.dll
[MD5.10D73780185D46055BFD4DCF44A26B29] - [11/06/2017 03:12:30] - |A| - [120320] - C:\WINDOWS\syswow64\DXToolsReporting.dll
[MD5.C9F97FD404B66F5A255B568E80732298] - [04/06/2017 12:09:13] - |A| - [268288] - C:\WINDOWS\syswow64\dxtrans.dll
[MD5.8A99C8280D2A4869E4BAA00D504EE8FC] - [04/06/2017 12:10:53] - |A| - [108008] - C:\WINDOWS\syswow64\dxva2.dll
[MD5.4E9799F8ACC715F1EC8769380A519D36] - [04/06/2017 12:11:28] - |A| - [238592] - C:\WINDOWS\syswow64\eapp3hst.dll
[MD5.6849C2CDA14FF1D3E789842512B9747D] - [04/06/2017 12:11:28] - |A| - [196096] - C:\WINDOWS\syswow64\eappcfg.dll
[MD5.801AD10B9A0539CC2ABC564C7EAE123A] - [04/06/2017 12:11:28] - |A| - [90112] - C:\WINDOWS\syswow64\eappgnui.dll
[MD5.D620579438F280B51065FABA40EFD411] - [04/06/2017 12:11:28] - |A| - [228864] - C:\WINDOWS\syswow64\eapphost.dll
[MD5.D24287C14AC44A5CC96770D3CC0458AB] - [04/06/2017 12:11:28] - |A| - [55808] - C:\WINDOWS\syswow64\eappprxy.dll
[MD5.098C4B152F55967AC2DBC5B36B367860] - [04/06/2017 12:11:21] - |A| - [25600] - C:\WINDOWS\syswow64\eapprovp.dll
[MD5.B227F7E8EEE43FD6DB333B6938D468B1] - [04/06/2017 12:11:08] - |A| - [119296] - C:\WINDOWS\syswow64\eapsimextdesktop.dll
[MD5.36CF9236C1518DBE1FB9A85EA89EA8DB] - [04/06/2017 12:11:00] - |A| - [281088] - C:\WINDOWS\syswow64\EaseOfAccessDialog.exe
[MD5.75C9B666622B2E4C084B72D6A28C4396] - [04/06/2017 12:11:08] - |A| - [146944] - C:\WINDOWS\syswow64\easwrt.dll
[MD5.6320F44FD96635ABA9B281ACF4077692] - [04/06/2017 12:09:12] - |A| - [21122048] - C:\WINDOWS\syswow64\edgehtml.dll
[MD5.182B39FC9CDA8F15C41803F96534EE7E] - [04/06/2017 12:11:08] - |A| - [326144] - C:\WINDOWS\syswow64\edgeIso.dll
[MD5.73141F2354AB5DCE767329E675D1E290] - [04/06/2017 12:09:12] - |A| - [96256] - C:\WINDOWS\syswow64\EdgeManager.dll
[MD5.8F68280F3006FCE5A72BE32CDAE68F31] - [04/06/2017 12:10:53] - |A| - [66560] - C:\WINDOWS\syswow64\EditBufferTestHook.dll
[MD5.BFC4A1946E00A2E86C34F182D493259C] - [04/06/2017 12:11:08] - |A| - [106496] - C:\WINDOWS\syswow64\edpauditapi.dll
[MD5.27DFBFDAEA2788BDACFCEBFFB19A3BBF] - [04/06/2017 12:11:06] - |A| - [49664] - C:\WINDOWS\syswow64\edpnotify.exe
[MD5.B8D5EDEA0ADD46D8E5423DEF53DF6BE5] - [04/06/2017 12:11:05] - |A| - [231936] - C:\WINDOWS\syswow64\edputil.dll
[MD5.8D6742C12BB731833F6F18FA54048BB1] - [04/06/2017 12:11:08] - |A| - [106496] - C:\WINDOWS\syswow64\efsadu.dll
[MD5.E9E47E46B57584BE45B378A258D941EB] - [04/06/2017 12:11:07] - |A| - [58880] - C:\WINDOWS\syswow64\efsext.dll
[MD5.6404207701E4E91F1DF31F0A84906C0A] - [04/06/2017 12:11:08] - |A| - [12800] - C:\WINDOWS\syswow64\efsui.exe
[MD5.249DCA878A7E6272D71FD3F0357D63F4] - [04/06/2017 12:11:08] - |A| - [33280] - C:\WINDOWS\syswow64\efsutil.dll
[MD5.678D024DB5422BB506BC67401ACE2A27] - [04/06/2017 12:11:21] - |A| - [464896] - C:\WINDOWS\syswow64\efswrt.dll
[MD5.ED586F4FA87FFF6AC207990EAF35C3BD] - [04/06/2017 12:11:05] - |A| - [117248] - C:\WINDOWS\syswow64\EhStorAPI.dll
[MD5.E269EC1E5B3066E72E1DDFA7CE1F635E] - [04/06/2017 12:11:05] - |A| - [119808] - C:\WINDOWS\syswow64\EhStorAuthn.exe
[MD5.8CDBF65977DEFDE7C55D640AF0DB68ED] - [04/06/2017 12:11:05] - |A| - [106496] - C:\WINDOWS\syswow64\EhStorPwdMgr.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [314368] - C:\WINDOWS\syswow64\el-GR
[MD5.D58F20F2BF70FF3F0CEEE9F337119730] - [04/06/2017 12:11:08] - |A| - [182784] - C:\WINDOWS\syswow64\els.dll
[MD5.CFFE575C70F715F0E711C36D9CAEBB92] - [04/06/2017 12:11:08] - |A| - [62464] - C:\WINDOWS\syswow64\ELSCore.dll
[MD5.135947503EB0D9C83F4E84523EA07FC9] - [04/06/2017 12:09:13] - |A| - [204288] - C:\WINDOWS\syswow64\elshyph.dll
[MD5.544C6CEF83AF3006B1E466BA9BA8AE2D] - [04/06/2017 12:11:11] - |A| - [591360] - C:\WINDOWS\syswow64\elslad.dll
[MD5.DEC37A1DDBA09BA33916B8803D247783] - [04/06/2017 12:11:08] - |A| - [24576] - C:\WINDOWS\syswow64\elsTrans.dll
[MD5.0BF80FD282AD000CD7C5518D1FF764F4] - [04/06/2017 12:10:53] - |A| - [834560] - C:\WINDOWS\syswow64\EmailApis.dll
[MD5.22FE9FC32050C0923894A50FD13E28F7] - [04/06/2017 12:10:53] - |A| - [36864] - C:\WINDOWS\syswow64\embeddedmodesvcapi.dll
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:45] - |D| - [0] - C:\WINDOWS\syswow64\en
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [228864] - C:\WINDOWS\syswow64\en-GB
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [1697280] - C:\WINDOWS\syswow64\en-US
[MD5.2BC45B2A3581290706C73A55A11E3F5E] - [04/06/2017 12:10:53] - |A| - [21504] - C:\WINDOWS\syswow64\encapi.dll
[MD5.7CEB2CC1AD2644A6DE4682F308CE9DBD] - [04/06/2017 12:11:26] - |A| - [380928] - C:\WINDOWS\syswow64\EncDec.dll
[MD5.0A990A8EFB8FF543FFEAE26944D36B8A] - [04/06/2017 12:11:05] - |A| - [89872] - C:\WINDOWS\syswow64\EncDump.dll
[MD5.31EC4E81FF5D2DC7B1ADE179CCF302AD] - [04/06/2017 12:11:00] - |A| - [167424] - C:\WINDOWS\syswow64\enrollmentapi.dll
[MD5.28709179E89CE587B1A0245B4BC8916C] - [04/06/2017 12:11:02] - |A| - [16384] - C:\WINDOWS\syswow64\EnterpriseAppMgmtClient.dll
[MD5.49EC6820EECE49433FF92A23C45BC422] - [04/06/2017 12:11:00] - |A| - [66048] - C:\WINDOWS\syswow64\enterpriseresourcemanager.dll
[MD5.3210297824B6B9AEC3DD3583D62CF32A] - [04/06/2017 12:11:21] - |A| - [71168] - C:\WINDOWS\syswow64\eqossnap.dll
[MD5.A486F75C0F9666E8FF6F89A82A671AF2] - [04/06/2017 12:10:53] - |A| - [172544] - C:\WINDOWS\syswow64\ErrorDetails.dll
[MD5.D826896946A602F2F163A46362017924] - [04/06/2017 12:10:53] - |A| - [37888] - C:\WINDOWS\syswow64\ErrorDetailsCore.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [308224] - C:\WINDOWS\syswow64\es-ES
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [251392] - C:\WINDOWS\syswow64\es-MX
[MD5.A1AE1D5F6F5C81B7B7A79F71F274188A] - [04/06/2017 12:11:03] - |A| - [332288] - C:\WINDOWS\syswow64\es.dll
[MD5.4BFBBFDE4EE4204A09FC5AA0660780B3] - [04/06/2017 12:11:08] - |A| - [16896] - C:\WINDOWS\syswow64\EsdSip.dll
[MD5.373992FC4FD042868E210EDC0F4840B2] - [04/06/2017 12:10:56] - |A| - [2770944] - C:\WINDOWS\syswow64\esent.dll
[MD5.393A79DEC434E88E047A88F064B2BF4C] - [04/06/2017 12:11:08] - |A| - [64000] - C:\WINDOWS\syswow64\esentprf.dll
[MD5.41FE4D7EE1A0DA533E53F2080302E767] - [04/06/2017 12:11:08] - |A| - [304128] - C:\WINDOWS\syswow64\esentutl.exe
[MD5.E010AAFAE6FB6169B0EC44F991A193EF] - [04/06/2017 12:11:07] - |A| - [34304] - C:\WINDOWS\syswow64\esevss.dll
[MD5.D697D542AC79B75B928D488BCAF5EE16] - [04/06/2017 12:11:28] - |A| - [33792] - C:\WINDOWS\syswow64\esrb.rs
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [225792] - C:\WINDOWS\syswow64\et-EE
[MD5.25D2196A76154DB782B5D5197FCB9DD0] - [04/06/2017 12:10:53] - |A| - [151040] - C:\WINDOWS\syswow64\ETWCoreUIComponentsResources.dll
[MD5.34AD0E55E81FA9A24966F5FF9EA58168] - [04/06/2017 12:10:57] - |A| - [53760] - C:\WINDOWS\syswow64\ETWESEProviderResources.dll
[MD5.DD4278D9CC4BF08BD78A783B2DE0542E] - [04/06/2017 12:11:05] - |A| - [42496] - C:\WINDOWS\syswow64\EtwRundown.dll
[MD5.DAACA3D876500E68511E558BA78697A3] - [04/06/2017 12:11:02] - |A| - [305664] - C:\WINDOWS\syswow64\eudcedit.exe
[MD5.5BD1602E3E15588C6FFCBB516B441B9B] - [04/06/2017 12:11:23] - |A| - [15360] - C:\WINDOWS\syswow64\eventcls.dll
[MD5.7B4E984B23AB80710F26F77E550F66BB] - [04/06/2017 12:11:26] - |A| - [34304] - C:\WINDOWS\syswow64\eventcreate.exe
[MD5.93E76CF7B04EC33A1E9E0FD7546D3603] - [04/06/2017 12:11:05] - |A| - [17935] - C:\WINDOWS\syswow64\EventViewer_EventDetails.xsl
[MD5.1C13792C6427570CA0F67B9DE9BB927C] - [04/06/2017 12:11:05] - |A| - [81408] - C:\WINDOWS\syswow64\eventvwr.exe
[MD5.9BDCCC1A87CCA27ADEACE8144F385165] - [04/06/2017 12:11:05] - |A| - [145127] - C:\WINDOWS\syswow64\eventvwr.msc
[MD5.ED7240CBE1A59B76D86C17B807D84FAE] - [04/06/2017 12:09:12] - |A| - [656976] - C:\WINDOWS\syswow64\evr.dll
[MD5.260303D8FB119655A6FFB23EBFE7EDEC] - [04/06/2017 12:10:53] - |A| - [221696] - C:\WINDOWS\syswow64\ExecModelClient.dll
[MD5.A10A85BB17ACDC0E82476C815F7E7182] - [04/06/2017 12:10:56] - |A| - [43008] - C:\WINDOWS\syswow64\execmodelproxy.dll
[MD5.6084422DD54A14D75C709B61C56EA061] - [04/06/2017 12:11:03] - |A| - [52736] - C:\WINDOWS\syswow64\expand.exe
[MD5.9D747AD74938DA5549608849A052C5A0] - [04/06/2017 12:11:28] - |A| - [3480704] - C:\WINDOWS\syswow64\explorer.exe
[MD5.AAC16F49FE1F8FC34E06EB9603AC09A1] - [04/06/2017 12:11:23] - |A| - [4427264] - C:\WINDOWS\syswow64\ExplorerFrame.dll
[MD5.394FFD8FACD3F664B84D921FE624D5BE] - [04/06/2017 12:11:13] - |A| - [380957] - C:\WINDOWS\syswow64\expsrv.dll
[MD5.EF7196379BDE31001F80F89303978CB1] - [04/06/2017 12:10:53] - |A| - [222208] - C:\WINDOWS\syswow64\ExSMime.dll
[MD5.C35A1848450197FE3D3562DA3E565FC5] - [04/06/2017 12:11:02] - |A| - [29184] - C:\WINDOWS\syswow64\extrac32.exe
[MD5.C431EC145F499FADF78E623408ABF51E] - [04/06/2017 12:10:53] - |A| - [19456] - C:\WINDOWS\syswow64\ExtrasXmlParser.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |SD| - [25736871] - C:\WINDOWS\syswow64\F12
[MD5.5B87E73ACFD51BB73490AAD9D5996830] - [04/06/2017 12:11:11] - |A| - [8704] - C:\WINDOWS\syswow64\f3ahvoas.dll
[MD5.87943F751D0335C5A7A803343CD52621] - [04/06/2017 12:10:59] - |A| - [11776] - C:\WINDOWS\syswow64\FamilySafetyExt.dll
[MD5.8A5495497397579DDB9754797BF53F87] - [04/06/2017 12:11:03] - |A| - [363640] - C:\WINDOWS\syswow64\Faultrep.dll
[MD5.618AA652B2A00FA4B80F9750126A2C02] - [04/06/2017 12:10:50] - |A| - [23040] - C:\WINDOWS\syswow64\fc.exe
[MD5.94F1186FD40C5E6DA18EA70EA6A20E7D] - [04/06/2017 12:10:59] - |A| - [59392] - C:\WINDOWS\syswow64\fdBth.dll
[MD5.4A8F07B800E2E9A627E8C257EEAE6633] - [04/06/2017 12:10:59] - |A| - [10752] - C:\WINDOWS\syswow64\fdBthProxy.dll
[MD5.D1AC0E631D9267C00A43C9E5868714D7] - [04/06/2017 12:11:03] - |A| - [28160] - C:\WINDOWS\syswow64\FdDevQuery.dll
[MD5.F9DE975BBE4B6EE93A73A9713A9244C3] - [04/06/2017 12:11:26] - |A| - [130048] - C:\WINDOWS\syswow64\fde.dll
[MD5.CD309EA047AF3C7D9337457271825FE2] - [04/06/2017 12:11:26] - |A| - [130048] - C:\WINDOWS\syswow64\fdeploy.dll
[MD5.05C3129B6F0F4A9BA319E5596168A299] - [04/06/2017 12:11:05] - |A| - [48128] - C:\WINDOWS\syswow64\fdPnp.dll
[MD5.FE1D7B624E4D5F78EA7EC908D3406FC3] - [04/06/2017 12:11:23] - |A| - [253952] - C:\WINDOWS\syswow64\fdprint.dll
[MD5.F30F6A50E3AC1C623CD50A2639CE04B4] - [04/06/2017 12:11:07] - |A| - [28672] - C:\WINDOWS\syswow64\fdProxy.dll
[MD5.8B8C976CCDD407235B6EEDCAFB9FF029] - [04/06/2017 12:11:00] - |A| - [92160] - C:\WINDOWS\syswow64\fdSSDP.dll
[MD5.D85E09FDF90AE62F62D4022885DD9B2B] - [04/06/2017 12:08:58] - |A| - [93184] - C:\WINDOWS\syswow64\fdWCN.dll
[MD5.845D79649959D7DB39DB12309B8594BD] - [04/06/2017 12:11:07] - |A| - [25088] - C:\WINDOWS\syswow64\fdWNet.dll
[MD5.005E2EAB459F144F8C10DE4F7CEAE6A8] - [04/06/2017 12:11:02] - |A| - [132096] - C:\WINDOWS\syswow64\fdWSD.dll
[MD5.D8F443AEA56FF94498B30CE3F0E15ACC] - [04/06/2017 12:11:07] - |A| - [53760] - C:\WINDOWS\syswow64\feclient.dll
[MD5.3300D849538F562F2E38C0E1D05C4F83] - [04/06/2017 12:10:53] - |A| - [54272] - C:\WINDOWS\syswow64\ffbroker.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [286720] - C:\WINDOWS\syswow64\fi-FI
[MD5.E8F772439904B623D1DAF6A3334AE6B2] - [04/06/2017 12:10:56] - |A| - [139776] - C:\WINDOWS\syswow64\fidocredprov.dll
[MD5.AD4CD6B39581BCFC4480AA203271325D] - [04/06/2017 12:11:19] - |A| - [467456] - C:\WINDOWS\syswow64\filemgmt.dll
[MD5.A8295304AC1122FF7DEEEFC5D117F647] - [04/06/2017 12:11:00] - |A| - [14848] - C:\WINDOWS\syswow64\find.exe
[MD5.5917B019E78E59FAB75172F56414A788] - [04/06/2017 12:11:21] - |A| - [55808] - C:\WINDOWS\syswow64\findnetprinters.dll
[MD5.22EE98153CDEDB2E3E2BF49DA614EF67] - [04/06/2017 12:10:59] - |A| - [29696] - C:\WINDOWS\syswow64\findstr.exe
[MD5.3447AF551972AB96472B3F5FEC6C32D3] - [04/06/2017 12:10:59] - |A| - [13824] - C:\WINDOWS\syswow64\finger.exe
[MD5.3990A31B605D8247939E2097E363F953] - [04/06/2017 12:10:59] - |A| - [83968] - C:\WINDOWS\syswow64\fingerprintcredential.dll
[MD5.AA59CB07B9BD9C4BAC375C45759030CD] - [04/06/2017 12:10:57] - |A| - [374272] - C:\WINDOWS\syswow64\FirewallAPI.dll
[MD5.99BEFCE213E3FB6AA8FAC33E1350E630] - [04/06/2017 12:11:05] - |A| - [885248] - C:\WINDOWS\syswow64\FirewallControlPanel.dll
[MD5.37040EF0F2103BA6D6BFC1DACD0562DA] - [04/06/2017 12:11:26] - |A| - [16896] - C:\WINDOWS\syswow64\fixmapi.exe
[MD5.B59D0331049559414247FADEFB239FAB] - [04/06/2017 12:19:01] - |A| - [835576] - C:\WINDOWS\syswow64\FlashPlayerApp.exe
[MD5.754FE8626AAFABAA662CAF3542FC6E49] - [04/06/2017 12:19:01] - |A| - [177656] - C:\WINDOWS\syswow64\FlashPlayerCPLApp.cpl
[MD5.2AC54EA4BA00BC26E4632E6E00E86633] - [04/06/2017 12:11:03] - |A| - [18944] - C:\WINDOWS\syswow64\fltLib.dll
[MD5.AD184478A3FC72AC1C5614A5E4149FD1] - [04/06/2017 12:11:03] - |A| - [24576] - C:\WINDOWS\syswow64\fltMC.exe
[MD5.2F5667E06A5D6180A21BDB0856040B5B] - [04/06/2017 12:10:59] - |A| - [50512] - C:\WINDOWS\syswow64\fmifs.dll
[MD5.FB43A7FC5CE7C819612D895FA9762C89] - [04/06/2017 12:11:08] - |A| - [158208] - C:\WINDOWS\syswow64\fms.dll
[MD5.4B74B104DE063FAC68EF416CADFCFCD7] - [04/06/2017 12:11:19] - |A| - [107008] - C:\WINDOWS\syswow64\Fondue.exe
[MD5.A474FBAC3E122310ADAE10A9C0F5032E] - [04/06/2017 12:11:03] - |A| - [622896] - C:\WINDOWS\syswow64\fontdrvhost.exe
[MD5.F5272D6AC8F1BB1A257428BD3368D633] - [04/06/2017 12:11:28] - |A| - [908288] - C:\WINDOWS\syswow64\fontext.dll
[MD5.B7ECF546829766323FADBC9D1FFFD1B1] - [04/06/2017 12:11:05] - |A| - [49664] - C:\WINDOWS\syswow64\FontGlyphAnimator.dll
[MD5.E8527D1AAE0AEB462473125AD1A3F1C3] - [04/06/2017 12:11:03] - |A| - [96768] - C:\WINDOWS\syswow64\fontsub.dll
[MD5.2C4B376D69728442C7EC0A4AAFB780E5] - [04/06/2017 12:11:28] - |A| - [114176] - C:\WINDOWS\syswow64\fontview.exe
[MD5.D9F0C4B2A81494551B798F357D700408] - [04/06/2017 12:11:02] - |A| - [40960] - C:\WINDOWS\syswow64\forfiles.exe
[MD5.BFA558411F05D3F542B8BCE96DFBB881] - [04/06/2017 12:10:53] - |A| - [45056] - C:\WINDOWS\syswow64\format.com
[MD5.CC04C7019D9E3D7274F69C91F14DDBBE] - [04/06/2017 12:11:28] - |A| - [41472] - C:\WINDOWS\syswow64\fpb.rs
[MD5.5B0720011700302E4C62A94B7769BD19] - [04/06/2017 12:11:18] - |A| - [95744] - C:\WINDOWS\syswow64\fphc.dll
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:45] - |D| - [3226112] - C:\WINDOWS\syswow64\fr
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [257024] - C:\WINDOWS\syswow64\fr-CA
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [39241031] - C:\WINDOWS\syswow64\fr-FR
[MD5.9CE2D276CAD0AC56EED6556B2E7C97BD] - [04/06/2017 12:11:00] - |A| - [195584] - C:\WINDOWS\syswow64\framedyn.dll
[MD5.7004398C9BBA0B4711D48EA7F4ED2003] - [04/06/2017 12:11:26] - |A| - [236032] - C:\WINDOWS\syswow64\framedynos.dll
[MD5.9EB4E9CD697DC9730527A80750B47FA0] - [04/06/2017 12:11:26] - |A| - [66048] - C:\WINDOWS\syswow64\frprov.dll
[MD5.C5ED658476401EC82904C630AB58F53B] - [04/06/2017 12:10:53] - |A| - [224768] - C:\WINDOWS\syswow64\FSClient.dll
[MD5.97AED7FC6C2B38F34CA1A3C10D2F5A60] - [04/06/2017 12:11:19] - |A| - [144909] - C:\WINDOWS\syswow64\fsmgmt.msc
[MD5.571D5DCE56659A56AF08E135A0785D84] - [04/06/2017 12:11:02] - |A| - [127488] - C:\WINDOWS\syswow64\fsquirt.exe
[MD5.1E94430428310E1163E97BF706100EE5] - [04/06/2017 12:10:50] - |A| - [131072] - C:\WINDOWS\syswow64\fsutil.exe
[MD5.B933B2783FD8CA520CEBCA8E34A40245] - [04/06/2017 12:11:00] - |A| - [26112] - C:\WINDOWS\syswow64\fsutilext.dll
[MD5.8AE7D0B2D601AAB4915A5EA9AFE6CDCA] - [04/06/2017 12:11:26] - |A| - [48640] - C:\WINDOWS\syswow64\ftp.exe
[MD5.CC673A20F311BF2F1BE86249986CBFD2] - [04/06/2017 12:11:06] - |A| - [141824] - C:\WINDOWS\syswow64\fundisc.dll
[MD5.04CD1C935FEF793CF2B1CA74109040EB] - [04/06/2017 12:10:57] - |A| - [128000] - C:\WINDOWS\syswow64\fwbase.dll
[MD5.16ABA295F8CF6514069417A01E41128C] - [04/06/2017 12:11:21] - |A| - [45056] - C:\WINDOWS\syswow64\fwcfg.dll
[MD5.20FFACCBF24F4828A1ECDDE68AFDD75A] - [04/06/2017 12:10:57] - |A| - [175616] - C:\WINDOWS\syswow64\fwpolicyiomgr.dll
[MD5.1AC4DABED4D66C079C39106A50EDA089] - [04/06/2017 12:10:56] - |A| - [302080] - C:\WINDOWS\syswow64\FWPUCLNT.DLL
[MD5.F1DFA565C11B5DEDA9A7D74BAF8FA034] - [04/06/2017 12:11:08] - |A| - [58880] - C:\WINDOWS\syswow64\FwRemoteSvr.dll
[MD5.75BDCBC4DE13CA58C005FF8AD44ECC0D] - [04/06/2017 12:13:14] - |A| - [229376] - C:\WINDOWS\syswow64\FXSAPI.dll
[MD5.3A345283D6F4B9C6051750680C6BB39C] - [04/06/2017 12:13:14] - |A| - [77824] - C:\WINDOWS\syswow64\FXSCOM.dll
[MD5.63A02F4F4F3E3F3BCC73955BAE8B0C42] - [04/06/2017 12:13:14] - |A| - [517632] - C:\WINDOWS\syswow64\FXSCOMEX.dll
[MD5.E697E777E6B8EAFACD1E69467E4C879B] - [04/06/2017 12:13:11] - |A| - [37888] - C:\WINDOWS\syswow64\FXSEXT32.dll
[MD5.561C099B15F0B484F913D086B0369F2A] - [04/06/2017 12:13:14] - |A| - [925696] - C:\WINDOWS\syswow64\FXSRESM.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\syswow64\FxsTmp
[MD5.782C64E89782596C8BB4BE6B2897E572] - [04/06/2017 12:13:11] - |A| - [104448] - C:\WINDOWS\syswow64\FXSXP32.dll
[MD5.279030BC0319D5F475E3A60F19AC8CA7] - [04/06/2017 12:11:26] - |A| - [53760] - C:\WINDOWS\syswow64\g711codc.ax
[MD5.886F35510A512A9DE033C57B874C870E] - [04/06/2017 12:10:53] - |A| - [212480] - C:\WINDOWS\syswow64\GameBarPresenceWriter.exe
[MD5.25FCCD5B39318593528075E69995E30F] - [04/06/2017 12:10:53] - |A| - [10752] - C:\WINDOWS\syswow64\GameBarPresenceWriter.proxy.dll
[MD5.8180CBAFDD1C94FC100641E969367697] - [04/06/2017 12:10:56] - |A| - [10240] - C:\WINDOWS\syswow64\GameChatOverlayExt.dll
[MD5.032DAFDBEF97578C2DDD15924B7495E5] - [04/06/2017 12:10:53] - |A| - [102400] - C:\WINDOWS\syswow64\GameChatTranscription.dll
[MD5.7204D46258A8A008FBAEAD24060F3C0E] - [04/06/2017 12:10:53] - |A| - [17408] - C:\WINDOWS\syswow64\gamemode.dll
[MD5.674CDC58FF40312E6C86B801A8634BF8] - [04/06/2017 12:10:56] - |A| - [39936] - C:\WINDOWS\syswow64\gamemonitor.dll
[MD5.17E316561F3324A0B6DD62C6FF85E0BE] - [04/06/2017 12:10:53] - |A| - [914432] - C:\WINDOWS\syswow64\GamePanel.exe
[MD5.0F79B5312325317B83242D96DB8E05D5] - [04/06/2017 12:10:53] - |A| - [23040] - C:\WINDOWS\syswow64\GamePanelExternalHook.dll
[MD5.A4EF44C4FCADECB00F784DB5259FFF87] - [04/06/2017 12:11:08] - |A| - [2413568] - C:\WINDOWS\syswow64\gameux.dll
[MD5.9E4009B54AD28646898D1C30DE0F582E] - [04/06/2017 12:11:08] - |A| - [4238336] - C:\WINDOWS\syswow64\GameUXLegacyGDFs.dll
[MD5.EFDB06D31A3ACFECDDE2DF6823D99512] - [04/06/2017 12:10:53] - |A| - [139776] - C:\WINDOWS\syswow64\gamingtcui.dll
[MD5.4FDED87068052EEB9B72A97FDBC141DB] - [04/06/2017 12:11:23] - |A| - [24006] - C:\WINDOWS\syswow64\gb2312.uce
[MD5.18347A12B140A263BF78F7E805084313] - [04/06/2017 12:11:03] - |A| - [125952] - C:\WINDOWS\syswow64\gcdef.dll
[MD5.217D02847F0D25CA390D011311200D4B] - [04/06/2017 12:10:53] - |A| - [129144] - C:\WINDOWS\syswow64\gdi32.dll
[MD5.8FB64B376259A9A6AA2452A0EA70E88A] - [04/06/2017 12:11:05] - |A| - [1405416] - C:\WINDOWS\syswow64\gdi32full.dll
[MD5.C79B6CA892A6A4CD56DCAAF8D820733A] - [04/06/2017 12:11:05] - |A| - [1471488] - C:\WINDOWS\syswow64\GdiPlus.dll
[MD5.B840B65B2E932CA6D856D18EB8AAC957] - [04/06/2017 12:10:57] - |A| - [41984] - C:\WINDOWS\syswow64\Geocommon.dll
[MD5.DF30CF5FCEBF230C520A5C64E620DEF8] - [04/06/2017 12:10:57] - |A| - [406528] - C:\WINDOWS\syswow64\Geolocation.dll
[MD5.BF58244DB508606EDBDDD6BACA451FA7] - [04/06/2017 12:11:21] - |A| - [65536] - C:\WINDOWS\syswow64\getmac.exe
[MD5.F12CCEB7C285A0A9019F3A9C3DAE58E6] - [04/06/2017 12:11:23] - |A| - [8704] - C:\WINDOWS\syswow64\getuname.dll
[MD5.DAE53D64AA666A890B892B0C80FFE2EA] - [04/06/2017 12:11:18] - |A| - [426496] - C:\WINDOWS\syswow64\glmf32.dll
[MD5.ECA1C5A8B8D5BAF840E1BFF7CCB265CA] - [04/06/2017 12:10:56] - |A| - [201216] - C:\WINDOWS\syswow64\GlobCollationHost.dll
[MD5.18DABC90B3F9DA33565174598CCDA96D] - [04/06/2017 12:10:57] - |A| - [130560] - C:\WINDOWS\syswow64\globinputhost.dll
[MD5.1455B505EDD554EB1D4E03FDA97735CA] - [04/06/2017 12:11:19] - |A| - [138752] - C:\WINDOWS\syswow64\glu32.dll
[MD5.E6F1BFD33254D2E5A4CEC4AB1D2D4E0E] - [04/06/2017 12:11:03] - |A| - [32768] - C:\WINDOWS\syswow64\gmsaclient.dll
[MD5.9EA5E2FA0938475BD85CA68975DFD682] - [04/06/2017 12:11:08] - |A| - [106432] - C:\WINDOWS\syswow64\gpapi.dll
[MD5.4DA884615A14D697064ADBF42AA3F234] - [04/06/2017 12:11:07] - |A| - [1062400] - C:\WINDOWS\syswow64\gpedit.dll
[MD5.6C054DA115C2CA2C523ABD159ED7814B] - [04/06/2017 12:11:52] - |A| - [147439] - C:\WINDOWS\syswow64\gpedit.msc
[MD5.DC9181EE6351E031C6913EBFF5AC26B4] - [04/06/2017 12:11:51] - |A| - [559616] - C:\WINDOWS\syswow64\gpprefcl.dll
[MD5.7E7392781C9EFFEB2E7FEB45C085037A] - [04/06/2017 12:11:28] - |A| - [32256] - C:\WINDOWS\syswow64\gpprnext.dll
[MD5.6A5BC72C0F8F31DABC80FA91196BF97C] - [04/06/2017 12:11:08] - |A| - [195072] - C:\WINDOWS\syswow64\gpresult.exe
[MD5.73D65C0C74F58C3FECE29563C9863331] - [04/06/2017 12:11:51] - |A| - [41984] - C:\WINDOWS\syswow64\gpscript.dll
[MD5.70B5AA2E8E78203A24F26127316CF8C4] - [04/06/2017 12:11:51] - |A| - [37888] - C:\WINDOWS\syswow64\gpscript.exe
[MD5.46003530DE23144E4DD21271D670CD25] - [04/06/2017 12:11:08] - |A| - [21504] - C:\WINDOWS\syswow64\gptext.dll
[MD5.B6BA7E89B6EFC74F0793AF65B483DD99] - [04/06/2017 12:11:08] - |A| - [25088] - C:\WINDOWS\syswow64\gpupdate.exe
[MD5.788D7899E5F0D34EE95C24DC5141846D] - [04/06/2017 12:11:28] - |A| - [19456] - C:\WINDOWS\syswow64\grb.rs
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\syswow64\GroupPolicy
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\syswow64\GroupPolicyUsers
[MD5.D3BB6C356FF4FF2BE6E62EDC2BEE8DEF] - [04/06/2017 12:11:26] - |A| - [39936] - C:\WINDOWS\syswow64\grpconv.exe
[MD5.C95CBF16C67DB24B2C0ED51D718EE0F3] - [04/06/2017 12:11:23] - |A| - [67584] - C:\WINDOWS\syswow64\hbaapi.dll
[MD5.4540FDF2D6C4F327A5C59BE05342D2DB] - [04/06/2017 12:11:05] - |A| - [47616] - C:\WINDOWS\syswow64\hcproviders.dll
[MD5.B02FCE7CE858808446F2A82EF86F9314] - [04/06/2017 12:11:02] - |A| - [218544] - C:\WINDOWS\syswow64\HdcpHandler.dll
[MD5.C4B8423604525E7559B95ABFDF7DB3BE] - [04/06/2017 12:11:19] - |A| - [373760] - C:\WINDOWS\syswow64\hdwwiz.cpl
[MD5.1791EFA9380F091F00FDFDC0993674D0] - [04/06/2017 12:11:19] - |A| - [62976] - C:\WINDOWS\syswow64\hdwwiz.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [249344] - C:\WINDOWS\syswow64\he-IL
[MD5.3653660E7B36DFC8EC9115F97D28BA26] - [04/06/2017 12:10:53] - |A| - [174080] - C:\WINDOWS\syswow64\HeatCore.dll
[MD5.8C4BB319241ED2CFC89BD154D78DAC10] - [04/06/2017 12:10:59] - |A| - [10240] - C:\WINDOWS\syswow64\help.exe
[MD5.D2881761BD80B55C6E2F292B0D7336C8] - [04/06/2017 12:11:05] - |A| - [45056] - C:\WINDOWS\syswow64\HelpPaneProxy.dll
[MD5.F45749C26F62112BA967E7FFCECB0EB3] - [04/06/2017 12:11:08] - |A| - [576512] - C:\WINDOWS\syswow64\hgcpl.dll
[MD5.203A7E2045143CE25DCFAF7A2CC968F2] - [04/06/2017 12:11:08] - |A| - [16384] - C:\WINDOWS\syswow64\hh.exe
[MD5.B19B82264F3BE056F84A516C36C2C7DF] - [04/06/2017 12:11:08] - |A| - [538624] - C:\WINDOWS\syswow64\hhctrl.ocx
[MD5.E5E45CEFB527A81FF19A793D128FE96B] - [04/06/2017 12:11:08] - |A| - [45568] - C:\WINDOWS\syswow64\hhsetup.dll
[MD5.A5C1A9832D7D458F2AA704DF4FCFEEA8] - [04/06/2017 12:11:05] - |A| - [25600] - C:\WINDOWS\syswow64\hid.dll
[MD5.2BCD5D51541498433E4F7CA667B4C493] - [04/06/2017 12:11:28] - |A| - [32256] - C:\WINDOWS\syswow64\hidphone.tsp
[MD5.C8B28166103ACF89DFCF359766581C6A] - [04/06/2017 12:11:08] - |A| - [29696] - C:\WINDOWS\syswow64\hidserv.dll
[MD5.E58C0E191FDA5779566214961A775D53] - [04/06/2017 12:11:07] - |A| - [99840] - C:\WINDOWS\syswow64\hlink.dll
[MD5.8E7255A56F8CFDCAFE6848606760E0C9] - [04/06/2017 12:10:57] - |A| - [46080] - C:\WINDOWS\syswow64\hmkd.dll
[MD5.ED19C8B78F798D2DE09CB6B614127755] - [04/06/2017 12:11:08] - |A| - [330240] - C:\WINDOWS\syswow64\hnetcfg.dll
[MD5.FFC1B534686237582F0B1F9ADECC6F1F] - [04/06/2017 12:11:21] - |A| - [210432] - C:\WINDOWS\syswow64\HNetCfgClient.dll
[MD5.ECFFFBF025FE2663C3221E3E8AF684F1] - [04/06/2017 12:11:07] - |A| - [14336] - C:\WINDOWS\syswow64\hnetmon.dll
[MD5.FCEDF461AAB2DB1550E54A1460310EEC] - [04/06/2017 12:11:39] - |A| - [184320] - C:\WINDOWS\syswow64\HoloShellRuntime.dll
[MD5.7FA52316C61CEDBDE6AC93F26DFECC67] - [04/06/2017 12:10:59] - |A| - [11776] - C:\WINDOWS\syswow64\HOSTNAME.EXE
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [235008] - C:\WINDOWS\syswow64\hr-HR
[MD5.6838E242FFDDBC198BFF4D9AD1A1DDE5] - [04/06/2017 12:10:52] - |A| - [340992] - C:\WINDOWS\syswow64\HrtfApo.dll
[MD5.C431A6B2CBBB856D27B6BDDA7B693105] - [04/06/2017 12:09:13] - |A| - [340480] - C:\WINDOWS\syswow64\html.iec
[MD5.CB632608218728AC478ABDF41238BD0B] - [04/06/2017 12:11:00] - |A| - [25088] - C:\WINDOWS\syswow64\httpapi.dll
[MD5.4CC16C2471DE20744F12951DF0181EC8] - [04/06/2017 12:11:23] - |A| - [35328] - C:\WINDOWS\syswow64\htui.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [289792] - C:\WINDOWS\syswow64\hu-HU
[MD5.25AD416820C7214F0177C65F4812745C] - [04/06/2017 12:11:08] - |A| - [197632] - C:\WINDOWS\syswow64\iac25_32.ax
[MD5.91419942A2BF7A927C18014DB97A42E2] - [04/06/2017 12:11:06] - |A| - [23040] - C:\WINDOWS\syswow64\ias.dll
[MD5.BBCF2D22018A1766147B6FBFEB04A3BB] - [04/06/2017 12:11:06] - |A| - [66048] - C:\WINDOWS\syswow64\iasacct.dll
[MD5.584B25D85D1690AA052D07D9418CD6E5] - [04/06/2017 12:11:05] - |A| - [55808] - C:\WINDOWS\syswow64\iasads.dll
[MD5.DA5F2BBF9228239BE04514D97496F8D4] - [04/06/2017 12:11:05] - |A| - [57344] - C:\WINDOWS\syswow64\iasdatastore.dll
[MD5.4519AE88D87F3580B22BB9268CD0E49A] - [04/06/2017 12:11:07] - |A| - [75264] - C:\WINDOWS\syswow64\iashlpr.dll
[MD5.AAD692FF2F059C7B4F51009CF26E257D] - [04/06/2017 12:11:07] - |A| - [567120] - C:\WINDOWS\syswow64\IasMigPlugin.dll
[MD5.0F95BF44B01E4E8363A515614B03980B] - [04/06/2017 12:11:07] - |A| - [109056] - C:\WINDOWS\syswow64\iasnap.dll
[MD5.7FE7C1506FE01D3F1944C46F72008EDC] - [04/06/2017 12:11:06] - |A| - [40960] - C:\WINDOWS\syswow64\iaspolcy.dll
[MD5.C17A7B26A8794DBDB3627E9CC6C98556] - [04/06/2017 12:11:06] - |A| - [188416] - C:\WINDOWS\syswow64\iasrad.dll
[MD5.A985C19212F3E894131177B7F13FEF5F] - [04/06/2017 12:11:05] - |A| - [133632] - C:\WINDOWS\syswow64\iasrecst.dll
[MD5.0A1F6F412FEF6735CA71E218D1086327] - [04/06/2017 12:11:07] - |A| - [197632] - C:\WINDOWS\syswow64\iassam.dll
[MD5.843EF22F5F6D915857D98A0B09F0F102] - [04/06/2017 12:11:07] - |A| - [362496] - C:\WINDOWS\syswow64\iassdo.dll
[MD5.B83D8B2D3845170D64529593D4A18AAF] - [04/06/2017 12:11:08] - |A| - [129024] - C:\WINDOWS\syswow64\iassvcs.dll
[MD5.32EA6CCA57670D2D4677455EBF260BAE] - [04/06/2017 12:11:00] - |A| - [29696] - C:\WINDOWS\syswow64\icacls.exe
[MD5.B802B4F7676E2C9F29DAEDF697761764] - [04/06/2017 12:11:28] - |A| - [86016] - C:\WINDOWS\syswow64\iccvid.dll
[MD5.66859F0EA27E549C3FAFC80B1D53E697] - [04/06/2017 12:10:53] - |A| - [230912] - C:\WINDOWS\syswow64\icm32.dll
[MD5.B1C8CE493CC164721A078428AD84C600] - [04/06/2017 12:11:00] - |A| - [2560] - C:\WINDOWS\syswow64\icmp.dll
[MD5.C18829250603037D93B5DECAD4C265AF] - [04/06/2017 12:09:12] - |A| - [20992] - C:\WINDOWS\syswow64\icmui.dll
[MD5.929BE270D034ED79B5E71C45617760B2] - [04/06/2017 12:11:08] - |A| - [11776] - C:\WINDOWS\syswow64\IconCodecService.dll
[MD5.97FCCA5BB3BF7828FF6FF249C30120CE] - [04/06/2017 12:11:08] - |A| - [199168] - C:\WINDOWS\syswow64\icsigd.dll
[MD5.C651930A9845AAE15FC6D6811912DED3] - [04/06/2017 12:11:21] - |A| - [15872] - C:\WINDOWS\syswow64\icsunattend.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [37145] - C:\WINDOWS\syswow64\icsxml
[MD5.F804CB6E3D071739C291C54C63D07933] - [04/06/2017 12:10:57] - |RA| - [1640960] - C:\WINDOWS\syswow64\icuin.dll
[MD5.751EF942C6D9BD4FFE59EEFFCD67C8D1] - [04/06/2017 12:10:57] - |RA| - [1158144] - C:\WINDOWS\syswow64\icuuc.dll
[MD5.82ED5FDFA3946C23FA9F0ECB52C16784] - [04/06/2017 12:11:23] - |A| - [96256] - C:\WINDOWS\syswow64\IdCtrls.dll
[MD5.038F6AD6CEE43585D814CDBC7CDFD3EC] - [04/06/2017 12:11:23] - |A| - [60458] - C:\WINDOWS\syswow64\ideograf.uce
[MD5.0F8BE273E878C7DDE2A81386DCDD674E] - [04/06/2017 12:11:11] - |A| - [8192] - C:\WINDOWS\syswow64\idndl.dll
[MD5.3CC5520AB3AE0991B6AEC9DF89244C39] - [04/06/2017 12:10:56] - |A| - [119808] - C:\WINDOWS\syswow64\IDStore.dll
[MD5.A1EA5EA8688B2AB3AA4148263F758070] - [04/06/2017 12:09:13] - |A| - [120320] - C:\WINDOWS\syswow64\IEAdvpack.dll
[MD5.D652E3F1B2753CC2F3630C93B51DFD03] - [04/06/2017 12:09:13] - |A| - [1472000] - C:\WINDOWS\syswow64\ieapfltr.dll
[MD5.52AC944BFB4C12134EF069F51C0997A7] - [04/06/2017 12:09:13] - |A| - [358400] - C:\WINDOWS\syswow64\iedkcs32.dll
[MD5.693F8C791F84C6BA938C7C34F6B0A691] - [04/06/2017 12:09:13] - |A| - [11930112] - C:\WINDOWS\syswow64\ieframe.dll
[MD5.B4C14C6179B3B08EA174FD5A7081FF79] - [04/06/2017 12:09:12] - |A| - [133632] - C:\WINDOWS\syswow64\iepeers.dll
[MD5.30E6B73F7C7AFE9C8183A47289BE8842] - [04/06/2017 12:09:13] - |A| - [361984] - C:\WINDOWS\syswow64\ieproxy.dll
[MD5.8D1C045C5A716A137268A499055BE0C9] - [04/06/2017 12:09:13] - |A| - [38400] - C:\WINDOWS\syswow64\iernonce.dll
[MD5.FCAEBB6129ECC19995909FD1CF79E20F] - [04/06/2017 12:11:08] - |A| - [2177624] - C:\WINDOWS\syswow64\iertutil.dll
[MD5.14B11051F0FF8E516B5F337EF5C30229] - [04/06/2017 12:09:13] - |A| - [70144] - C:\WINDOWS\syswow64\iesetup.dll
[MD5.8A54F83E3D77A7CD8AA7055FF59B8189] - [04/06/2017 12:09:13] - |A| - [98304] - C:\WINDOWS\syswow64\iesysprep.dll
[MD5.4F8A7D8A3196D0DE9DF7C665F2D45BD5] - [04/06/2017 12:09:12] - |A| - [475136] - C:\WINDOWS\syswow64\ieui.dll
[MD5.6B31D08801D3A3F51B59FB1DB14E4A01] - [04/06/2017 12:09:13] - |A| - [3458] - C:\WINDOWS\syswow64\ieuinit.inf
[MD5.BDBFF0EF8038F24AAE810D6C32E64B7F] - [04/06/2017 12:09:13] - |A| - [123392] - C:\WINDOWS\syswow64\ieUnatt.exe
[MD5.67FEA9A2B18D743947A26B2975B323DC] - [04/06/2017 12:09:13] - |A| - [152064] - C:\WINDOWS\syswow64\iexpress.exe
[MD5.8D57BA1C267DC0C75627156935204F9B] - [04/06/2017 12:11:02] - |A| - [25600] - C:\WINDOWS\syswow64\ifmon.dll
[MD5.8E480B7FB7FB94E8CFA7B5B21AAD9659] - [04/06/2017 12:10:57] - |A| - [198480] - C:\WINDOWS\syswow64\ifsutil.dll
[MD5.FCFBF0002311BF8356B051BEB7282F57] - [04/06/2017 12:11:23] - |A| - [14336] - C:\WINDOWS\syswow64\ifsutilx.dll
[MD5.7BF2707403115D1A6EF5CDDB566DDA78] - [04/06/2017 12:10:50] - |A| - [26392] - C:\WINDOWS\syswow64\imaadp32.acm
[MD5.70734676D216B2479AB7CED253742D6D] - [04/06/2017 12:09:55] - |A| - [91408] - C:\WINDOWS\syswow64\imagehlp.dll
[MD5.59A2D6F6560C8E204AA961E1017D7A44] - [04/06/2017 12:11:28] - |A| - [23632384] - C:\WINDOWS\syswow64\imageres.dll
[MD5.F64561F47C9F65F391769F58F2E85118] - [04/06/2017 12:11:28] - |A| - [694784] - C:\WINDOWS\syswow64\imagesp1.dll
[MD5.47F470460B3B45B7C62EE6C2608C4A45] - [04/06/2017 12:11:08] - |A| - [118784] - C:\WINDOWS\syswow64\imapi.dll
[MD5.2F49976B7D9AD4EC43DC940090DDB91B] - [04/06/2017 12:11:05] - |A| - [443392] - C:\WINDOWS\syswow64\imapi2.dll
[MD5.14FDD2EC60859C81DBB3FE279D1F11B6] - [04/06/2017 12:11:07] - |A| - [867328] - C:\WINDOWS\syswow64\imapi2fs.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [21207731] - C:\WINDOWS\syswow64\IME
[MD5.063AAE04A641120E7FB39BFF0D7851FD] - [04/06/2017 12:09:12] - |A| - [43008] - C:\WINDOWS\syswow64\imgutil.dll
[MD5.3D4006C08FE453A17DC2D4DE8756602C] - [04/06/2017 12:11:05] - |A| - [138976] - C:\WINDOWS\syswow64\imm32.dll
[MD5.4F7C23FAC3DA9DE7EABDCDC19551865B] - [04/06/2017 12:11:11] - |A| - [897024] - C:\WINDOWS\syswow64\inetcomm.dll
[MD5.EF6C1B9FC743D7F62FE68E271B6D33C2] - [04/06/2017 12:09:13] - |A| - [2028032] - C:\WINDOWS\syswow64\inetcpl.cpl
[MD5.AAA83962B875C21F67F76DC5BD5822CA] - [04/06/2017 12:11:02] - |A| - [53760] - C:\WINDOWS\syswow64\inetmib1.dll
[MD5.5C2B9EE31AA747E3B3DFE66E910E459E] - [04/06/2017 12:11:11] - |A| - [84992] - C:\WINDOWS\syswow64\INETRES.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\syswow64\inetsrv
[MD5.2F4564196F926ADA7F0EF9236F0DB446] - [04/06/2017 12:11:20] - |A| - [11776] - C:\WINDOWS\syswow64\InfDefaultInstall.exe
[MD5.75D7AD6D914F550BD9A194DF635F3AE2] - [04/06/2017 12:11:21] - |A| - [229888] - C:\WINDOWS\syswow64\InkEd.dll
[MD5.91DC399010DAD99D943070855ECED364] - [04/06/2017 12:10:53] - |A| - [709120] - C:\WINDOWS\syswow64\InkObjCore.dll
[MD5.57991E71A14EDB4F1D00BBEF57EC768D] - [04/06/2017 12:11:26] - |A| - [276816] - C:\WINDOWS\syswow64\input.dll
[MD5.3A019717FEC47184FEFD2F2513E97982] - [04/06/2017 12:10:56] - |A| - [122448] - C:\WINDOWS\syswow64\InputHost.dll
[MD5.0870A02FF16060022BCD1157EEED5D7B] - [04/06/2017 12:10:56] - |A| - [78848] - C:\WINDOWS\syswow64\InputInjectionBroker.dll
[MD5.64B37EBDDAB6B8D6195A42ABFA7E28FD] - [04/06/2017 12:10:53] - |A| - [95232] - C:\WINDOWS\syswow64\InputLocaleManager.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [223744] - C:\WINDOWS\syswow64\InputMethod
[MD5.6655A7B5CB0F69E2184FFF8333256F4E] - [04/06/2017 12:10:53] - |A| - [2342912] - C:\WINDOWS\syswow64\InputService.dll
[MD5.4C6F3CED22978BFEF64ACF12FE45B114] - [04/06/2017 12:11:23] - |A| - [354816] - C:\WINDOWS\syswow64\InputSwitch.dll
[MD5.8697D0681B6E5432D9165DE412688263] - [04/06/2017 12:09:13] - |A| - [97280] - C:\WINDOWS\syswow64\inseng.dll
[MD5.3446975B4F3FE6EFC2564B7E42E4E5AB] - [04/06/2017 12:10:56] - |A| - [374272] - C:\WINDOWS\syswow64\InstallAgent.exe
[MD5.98CFB9F40EB8520B8B1F9598CD09275A] - [04/06/2017 12:10:56] - |A| - [409088] - C:\WINDOWS\syswow64\InstallAgentUserBroker.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [1187840] - C:\WINDOWS\syswow64\InstallShield
[MD5.ED9531B684EAB591B59BCEFF4E85713F] - [04/06/2017 12:11:13] - |A| - [8704] - C:\WINDOWS\syswow64\instnm.exe
[MD5.21F9B6A35B590120EF3B9CE55945160A] - [04/06/2017 12:11:08] - |A| - [450048] - C:\WINDOWS\syswow64\intl.cpl
[MD5.75E66C72A002B02F6F0081EB21755D89] - [04/06/2017 12:11:13] - |A| - [2560] - C:\WINDOWS\syswow64\iologmsg.dll
[MD5.EC0BDB8282D4EFB907CDA5126F6C276E] - [04/06/2017 12:10:59] - |A| - [29184] - C:\WINDOWS\syswow64\ipconfig.exe
[MD5.C488ABDA9BCB894EE1B3DBDA1AC5CCB6] - [04/06/2017 12:11:02] - |A| - [48640] - C:\WINDOWS\syswow64\IPELoggingDictationHelper.dll
[MD5.C53DA3276BE73C3D0BF541B697B21714] - [04/06/2017 12:11:05] - |A| - [183368] - C:\WINDOWS\syswow64\IPHLPAPI.DLL
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\syswow64\Ipmi
[MD5.C0B88F03ADF511584C9627C660FC788E] - [04/06/2017 12:11:21] - |A| - [24064] - C:\WINDOWS\syswow64\IpNatHlpClient.dll
[MD5.E10E37ADAECA2091B6DDB8AF44546506] - [04/06/2017 12:11:02] - |A| - [2560] - C:\WINDOWS\syswow64\iprop.dll
[MD5.88AEE07B0271FB2AA500A4AB47211D52] - [04/06/2017 12:11:21] - |A| - [9216] - C:\WINDOWS\syswow64\iprtprio.dll
[MD5.D72E85A9EC9DF5EF3B91E2CA7A40986B] - [04/06/2017 12:11:21] - |A| - [527360] - C:\WINDOWS\syswow64\iprtrmgr.dll
[MD5.A5A1B083F88541C8AF5B5503693B900A] - [04/06/2017 12:11:05] - |A| - [767488] - C:\WINDOWS\syswow64\ipsecsnp.dll
[MD5.6E6D01F815704392A2C8B39C60C604FF] - [04/06/2017 12:11:05] - |A| - [424960] - C:\WINDOWS\syswow64\ipsmsnap.dll
[MD5.D607CD73F850C630B83E3484F0FF3BBC] - [04/06/2017 12:11:28] - |A| - [8704] - C:\WINDOWS\syswow64\ir32_32.dll
[MD5.7D2445C2A8CB3A1DDA2972ED6D1741ED] - [04/06/2017 12:11:28] - |A| - [197632] - C:\WINDOWS\syswow64\ir32_32original.dll
[MD5.8A65885EA3518DF7417F287BDD8C2972] - [04/06/2017 12:11:07] - |A| - [9216] - C:\WINDOWS\syswow64\ir41_32.ax
[MD5.1417474A4615CB4736AD71E789EB42A2] - [04/06/2017 12:11:07] - |A| - [839680] - C:\WINDOWS\syswow64\ir41_32original.dll
[MD5.0D92D60C88E29AD8C17E65526235E963] - [04/06/2017 12:11:07] - |A| - [9216] - C:\WINDOWS\syswow64\ir41_qc.dll
[MD5.29927527B1DC13FB50076CF97911E146] - [04/06/2017 12:11:07] - |A| - [120320] - C:\WINDOWS\syswow64\ir41_qcoriginal.dll
[MD5.C14CBB97AC2C7ADA74BFBB009F62EBD1] - [04/06/2017 12:11:07] - |A| - [9216] - C:\WINDOWS\syswow64\ir41_qcx.dll
[MD5.EBEF5891519887216CB7DE579DCBC34C] - [04/06/2017 12:11:07] - |A| - [338432] - C:\WINDOWS\syswow64\ir41_qcxoriginal.dll
[MD5.2F1EDA947F437D15ADE55F287272DC7A] - [04/06/2017 12:11:07] - |A| - [9216] - C:\WINDOWS\syswow64\ir50_32.dll
[MD5.471285445DC9EB0AEAE031D8B6769F0D] - [04/06/2017 12:11:08] - |A| - [746496] - C:\WINDOWS\syswow64\ir50_32original.dll
[MD5.E2E0457EF9B4E4DB04CC163FC7D6EB6F] - [04/06/2017 12:11:08] - |A| - [9216] - C:\WINDOWS\syswow64\ir50_qc.dll
[MD5.8093AD066DCE207B1F30240FF1D7CC98] - [04/06/2017 12:11:07] - |A| - [200192] - C:\WINDOWS\syswow64\ir50_qcoriginal.dll
[MD5.794C101520BA8009D5A9ADA4F57D40A3] - [04/06/2017 12:11:08] - |A| - [9216] - C:\WINDOWS\syswow64\ir50_qcx.dll
[MD5.9903D7054ECF4BE47EE5D56E30907A6A] - [04/06/2017 12:11:08] - |A| - [183808] - C:\WINDOWS\syswow64\ir50_qcxoriginal.dll
[MD5.7E02241324080562A8CF0C94088E5E06] - [04/06/2017 12:11:28] - |A| - [16384] - C:\WINDOWS\syswow64\irclass.dll
[MD5.BDE27B504BB0ECEFE732D62F6FE06C09] - [04/06/2017 12:11:00] - |A| - [36152] - C:\WINDOWS\syswow64\iri.dll
[MD5.C51241C5988F551EC53460D3B4BE6B9E] - [04/06/2017 12:11:28] - |A| - [417280] - C:\WINDOWS\syswow64\irprops.cpl
[MD5.C160A5120E717E066A917ECC6BB079BC] - [04/06/2017 12:11:08] - |A| - [150528] - C:\WINDOWS\syswow64\iscsicli.exe
[MD5.74AFF2632954D47E138FE4B8F8CF3A39] - [04/06/2017 12:11:11] - |A| - [216064] - C:\WINDOWS\syswow64\iscsicpl.dll
[MD5.6BE6196EB3F4BF2A192138DE95FE01CB] - [04/06/2017 12:11:11] - |A| - [120320] - C:\WINDOWS\syswow64\iscsicpl.exe
[MD5.AECCB144F1EAEAA414D535B46D4A55CF] - [04/06/2017 12:11:08] - |A| - [55296] - C:\WINDOWS\syswow64\iscsidsc.dll
[MD5.61A03CFB4CB4AF790E8DBBD74A92AB88] - [04/06/2017 12:11:08] - |A| - [9728] - C:\WINDOWS\syswow64\iscsied.dll
[MD5.E05DC8623634F46ECD5D3A18A3E4F340] - [04/06/2017 12:11:08] - |A| - [29184] - C:\WINDOWS\syswow64\iscsium.dll
[MD5.F820B0C6E464A019CA63DD2B56641740] - [04/06/2017 12:11:08] - |A| - [67072] - C:\WINDOWS\syswow64\iscsiwmi.dll
[MD5.92E54B217B9B1AB139BF3BADD21FE9D1] - [04/06/2017 12:11:08] - |A| - [95232] - C:\WINDOWS\syswow64\iscsiwmiv2.dll
[MD5.BCD9778749A1A116D83CE6AD924D3E0A] - [04/06/2017 12:11:00] - |A| - [108544] - C:\WINDOWS\syswow64\isoburn.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [311808] - C:\WINDOWS\syswow64\it-IT
[MD5.A462CC753AE75ADA5385074E6FC5DBDF] - [04/06/2017 12:11:05] - |A| - [161792] - C:\WINDOWS\syswow64\itircl.dll
[MD5.409F20F1339F0A73D9A1512096DDFA16] - [04/06/2017 12:11:05] - |A| - [150528] - C:\WINDOWS\syswow64\itss.dll
[MD5.3DDBC542B1410087A25A74C557649906] - [04/06/2017 12:11:07] - |A| - [146944] - C:\WINDOWS\syswow64\ivfsrc.ax
[MD5.A27497E10CBD24FCE3592A30EA8315C1] - [04/06/2017 12:10:53] - |A| - [49152] - C:\WINDOWS\syswow64\iyuv_32.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [228352] - C:\WINDOWS\syswow64\ja-JP
[MD5.AD341259EB2F566E6A07C4EF077267A2] - [04/06/2017 12:09:13] - |A| - [72704] - C:\WINDOWS\syswow64\JavaScriptCollectionAgent.dll
[MD5.A66186EDCD33527C3361B5AFB56BFFA1] - [04/06/2017 12:11:19] - |A| - [44544] - C:\WINDOWS\syswow64\joinproviderol.dll
[MD5.A50E66F2BA8518237C588A0978D384EE] - [04/06/2017 12:11:19] - |A| - [100864] - C:\WINDOWS\syswow64\joinutil.dll
[MD5.39FF0665C34233338497F052F9389F91] - [04/06/2017 12:11:03] - |A| - [91136] - C:\WINDOWS\syswow64\joy.cpl
[MD5.EA62AF2F278B7035ED94D369770F4EBA] - [04/06/2017 12:10:56] - |A| - [954880] - C:\WINDOWS\syswow64\JpMapControl.dll
[MD5.55BF8BD7F0D4BC69D14C2CA6FA00DEC4] - [04/06/2017 12:09:12] - |A| - [662528] - C:\WINDOWS\syswow64\jscript.dll
[MD5.9ADDE3019DCC75D4551709FD9665C1F9] - [04/06/2017 12:09:13] - |A| - [3670528] - C:\WINDOWS\syswow64\jscript9.dll
[MD5.4B9C9EBB481A498B431401B430995D67] - [04/06/2017 12:09:13] - |A| - [531968] - C:\WINDOWS\syswow64\jscript9diag.dll
[MD5.644B7C3CA9578AEFB7C7251F34210A47] - [04/06/2017 12:11:08] - |A| - [45056] - C:\WINDOWS\syswow64\jsproxy.dll
[MD5.7C0C25F4BA1084C4ABBEEA2C74194C5F] - [04/06/2017 12:11:23] - |A| - [6948] - C:\WINDOWS\syswow64\kanji_1.uce
[MD5.529BBD63519BBD654EF328454019693F] - [04/06/2017 12:11:23] - |A| - [8484] - C:\WINDOWS\syswow64\kanji_2.uce
[MD5.CD0230A143FF7C9175F08F9F7BD90A72] - [04/06/2017 12:11:08] - |A| - [7680] - C:\WINDOWS\syswow64\kbd101.DLL
[MD5.EBD8E8EDCE212EDE1896F2A50F3B9817] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\kbd101a.DLL
[MD5.265AE07D574D6344D0CDB919B4522C50] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\kbd101b.DLL
[MD5.FC54D16FE0A53E29B89B8EF23DF09E79] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\kbd101c.DLL
[MD5.96FF4C6CD3651BEF681BAA2F30BD5AF3] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\kbd103.DLL
[MD5.95B16234791A3AD7D419C1EFC8070C44] - [04/06/2017 12:11:08] - |A| - [7680] - C:\WINDOWS\syswow64\kbd106.dll
[MD5.D470AE3EED6E542F98A2CA2380804656] - [04/06/2017 12:11:08] - |A| - [7680] - C:\WINDOWS\syswow64\kbd106n.dll
[MD5.5ADBBEC12E9F4C4B45CFFAD4D814F2B0] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDA1.DLL
[MD5.00D552DDFE7143B63CF7200368DCDA95] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDA2.DLL
[MD5.4D1A62DB1C3EDBED68CAF94079FB704F] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDA3.DLL
[MD5.B37F37248EACDE17CE5390D40052DF4E] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDAL.DLL
[MD5.3016077BF4057804023014762C49F13D] - [04/06/2017 12:11:10] - |A| - [6656] - C:\WINDOWS\syswow64\KBDARME.DLL
[MD5.2D5EFF1E65D78EA7C3EE94B9B187C6FD] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\kbdarmph.dll
[MD5.DECE5791B526B6C26B174689634D0BF0] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\kbdarmty.dll
[MD5.D00F71A6DC9D4D0ECFB3F31BD331FAFD] - [04/06/2017 12:11:10] - |A| - [6656] - C:\WINDOWS\syswow64\KBDARMW.DLL
[MD5.B434DC1DF9B7520618391B4165F239DE] - [04/06/2017 12:11:11] - |A| - [7680] - C:\WINDOWS\syswow64\kbdax2.dll
[MD5.D373A30C9748CDA99DA70176E8FA6388] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDAZE.DLL
[MD5.467BC902591217297EEB2FB147CF2B48] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDAZEL.DLL
[MD5.32C9E3AE42208C8A8DF04DDD59F80E46] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDAZST.DLL
[MD5.E80EF88906D724A2E250E5B6365C3F5D] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDBASH.DLL
[MD5.4E174F4B73B58F18F35E566758C97A53] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\KBDBE.DLL
[MD5.577FF150FC1E992486F53AAB99D2A0E1] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDBENE.DLL
[MD5.2BC23DD97C596DA6989336971A9DDA78] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDBGPH.DLL
[MD5.630484DEF1A82DE29CC465EDC5504706] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\KBDBGPH1.DLL
[MD5.84C5AA58A830ED32942E1CE7D8CD686C] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDBHC.DLL
[MD5.5273E4A85B199810780299E47157D8BE] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDBLR.DLL
[MD5.138983AA20F1ED9AA98C0B111BC8670A] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\KBDBR.DLL
[MD5.B691CEDD123CEFA8C6785A1F66BD1239] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDBU.DLL
[MD5.D8BEACFE32FAC257226CD974B816E945] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDBUG.DLL
[MD5.37688CE3CD13B3472AE08C6C08BE2222] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\KBDBULG.DLL
[MD5.18959181A19F3889235AE05E923E4510] - [04/06/2017 12:11:11] - |A| - [7680] - C:\WINDOWS\syswow64\KBDCA.DLL
[MD5.9E3A80E0A97D8979FF0628BCB83D84B8] - [04/06/2017 12:11:10] - |A| - [8704] - C:\WINDOWS\syswow64\KBDCAN.DLL
[MD5.E5C7030C0E24188E25A817F70EBE75FB] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDCHER.DLL
[MD5.A981FFA9469B07A02B8985CEB7FE13C9] - [04/06/2017 12:11:10] - |A| - [16896] - C:\WINDOWS\syswow64\KBDCHERP.DLL
[MD5.67AF454FCEA73080CF074042DBE9705F] - [04/06/2017 12:11:08] - |A| - [8192] - C:\WINDOWS\syswow64\KBDCR.DLL
[MD5.B05A68878620EFE211B2ABCB1D568752] - [04/06/2017 12:11:11] - |A| - [8192] - C:\WINDOWS\syswow64\KBDCZ.DLL
[MD5.164AD346970F9D03ECAE12C7B2A8B62C] - [04/06/2017 12:11:10] - |A| - [8192] - C:\WINDOWS\syswow64\KBDCZ1.DLL
[MD5.CC4C94E5AD055C9B0921ABA8BFD4B558] - [04/06/2017 12:11:10] - |A| - [8192] - C:\WINDOWS\syswow64\KBDCZ2.DLL
[MD5.067B5F41AC03854794FF42D7B1E8E458] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDDA.DLL
[MD5.10DBA6E1449F7E49BACE4216F81AC283] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDDIV1.DLL
[MD5.EA11244D3A954A3A9BC7CE8857F3F477] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDDIV2.DLL
[MD5.16D7A8E0DE82D6C6186608AEEB0AFD6E] - [04/06/2017 12:11:10] - |A| - [6656] - C:\WINDOWS\syswow64\KBDDV.DLL
[MD5.921DE763C5636C940A95EA47538152B9] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDDZO.DLL
[MD5.9A75AF4424A1B56C7289D6D72CF6602F] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDES.DLL
[MD5.161F5776FDFBDE3F3E690D1EA55355D4] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDEST.DLL
[MD5.860BF78E7CEF1C69FC117F2C2D41A8B6] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDFA.DLL
[MD5.51F0655824185403B6822D98375B72A6] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\kbdfar.dll
[MD5.C57BA9C7FC875C5F4E051F76DD93CBF6] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDFC.DLL
[MD5.529339B65FCD829B34248FAD640145E9] - [04/06/2017 12:11:10] - |A| - [6656] - C:\WINDOWS\syswow64\KBDFI.DLL
[MD5.741E47F58DD345D0680120E6F30D860F] - [04/06/2017 12:11:11] - |A| - [8192] - C:\WINDOWS\syswow64\KBDFI1.DLL
[MD5.B18F8DFF0504C671BA4D4E861EBF6C56] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDFO.DLL
[MD5.0235B2C58740F83009865C925EE4F7BC] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDFR.DLL
[MD5.73D20E0C4BA481B05B8AB0A0E9D4E89D] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDFTHRK.DLL
[MD5.D77D5BC205B0A35DB5BF479F623DA487] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDGAE.DLL
[MD5.A1302568B0FF94B1DA90750478129752] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDGEO.DLL
[MD5.DF5C6179C6AAF158DA557477797349E7] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\kbdgeoer.dll
[MD5.783F60FE09F1DA53B5D87C321276DD1E] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\kbdgeome.dll
[MD5.39450B79E7350A6A439A231321057831] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\kbdgeooa.dll
[MD5.69C5C297179ECE2E28B7333E6B843D75] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\kbdgeoqw.dll
[MD5.111A604A6890C9568319FE99A9081C44] - [04/06/2017 12:11:08] - |A| - [7680] - C:\WINDOWS\syswow64\KBDGKL.DLL
[MD5.0156A2BA1220C9365DA493811059CE3E] - [04/06/2017 12:11:11] - |A| - [7680] - C:\WINDOWS\syswow64\KBDGN.DLL
[MD5.B3DBE9D6C6932ED2D6E13676E528F56C] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDGR.DLL
[MD5.BA3D4C1B9C2AAEB8F09C0ECD3BAA432B] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDGR1.DLL
[MD5.491A9100904A29FD23CAFC2055C59A48] - [04/06/2017 12:11:10] - |A| - [8192] - C:\WINDOWS\syswow64\KBDGRLND.DLL
[MD5.78FDFA0EA614E467D396C3A7FC70701D] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDGTHC.DLL
[MD5.F55C798AA6DEB154C665B50383D80A7F] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDHAU.DLL
[MD5.7AFA167308C831BA051E4154BDD79487] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDHAW.DLL
[MD5.7CBF373D269EA69F1798AEC84948D1D5] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDHE.DLL
[MD5.C46940ABCD303E9BAA21579D806E0E10] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDHE220.DLL
[MD5.E9346E513366C6DF09283FC8BCE91E22] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\KBDHE319.DLL
[MD5.051E7CA5825DD00877F46A68E580B879] - [04/06/2017 12:11:10] - |A| - [6656] - C:\WINDOWS\syswow64\KBDHEB.DLL
[MD5.38846696EBA4D07185C7CA2DC4F8ED88] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\kbdhebl3.dll
[MD5.6FA305153DF0279CE7DF9FEAC57B840B] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\KBDHELA2.DLL
[MD5.9828EC2A2B3A0B73A744FBA724F2D524] - [04/06/2017 12:11:08] - |A| - [7680] - C:\WINDOWS\syswow64\KBDHELA3.DLL
[MD5.2BBE0D8EA15A33A228CFA6713FFEF086] - [04/06/2017 12:11:08] - |A| - [9728] - C:\WINDOWS\syswow64\KBDHEPT.DLL
[MD5.D4D322E0A8A52A440858F30EE95E060B] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDHU.DLL
[MD5.B956AA8C1BF26BBD99D13009566C79F0] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDHU1.DLL
[MD5.E37944C97CB3C85AF46E45703D943821] - [04/06/2017 12:11:11] - |A| - [7680] - C:\WINDOWS\syswow64\kbdibm02.DLL
[MD5.811E7E64EC9AD1B8984C3DF5CA75DC44] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDIBO.DLL
[MD5.DD6AC2ECB8482D29E8DA7465EB80199F] - [04/06/2017 12:11:10] - |A| - [6656] - C:\WINDOWS\syswow64\KBDIC.DLL
[MD5.2DD23CFC30C35E35C368C78D41A1F4B9] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINASA.DLL
[MD5.5FC387CFF8D2A42B20DD6E5619957496] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINBE1.DLL
[MD5.D9EB5CBE4369BC01B5E6A8235732ECC8] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINBE2.DLL
[MD5.2183450232699A2D54C0BF5C04CD139D] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINBEN.DLL
[MD5.0477085365934A57EB3F826E9B7B30DF] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINDEV.DLL
[MD5.0764B2057A5D3AD7138102BA2856BE45] - [04/06/2017 12:11:11] - |A| - [8192] - C:\WINDOWS\syswow64\KBDINEN.DLL
[MD5.61DC07FAE2817034B582EDA4EC4DC333] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINGUJ.DLL
[MD5.2281E2081FE54CDA9A7BA1BAF6F814B9] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINHIN.DLL
[MD5.828941A53F897B14B0953822BDD27804] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINKAN.DLL
[MD5.66D4F87F8C193BA3EB98C688DC217640] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINMAL.DLL
[MD5.10CECA3CD6B5F4953E1F7674455FD5DB] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINMAR.DLL
[MD5.17AFD406D5E27231DBA2F239DC701E14] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINORI.DLL
[MD5.882604CF2AB2840670F898B8F7EB43F0] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINPUN.DLL
[MD5.991174C4869CB6948862EB2EFAE98885] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINTAM.DLL
[MD5.AFA05BA812DDE0CAAA921E00171B76E1] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDINTEL.DLL
[MD5.8D092032ECD22438ED7BF9AB6FF18BB7] - [04/06/2017 12:11:10] - |A| - [8192] - C:\WINDOWS\syswow64\KBDINUK2.DLL
[MD5.F15CB61C9B9924A239E5D4AD0E9DDD57] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDIR.DLL
[MD5.3F9373045FFCBE0CCAB47EDE2B64862D] - [04/06/2017 12:11:11] - |A| - [6144] - C:\WINDOWS\syswow64\KBDIT.DLL
[MD5.15F87518812D964EC7BF3E92ECCD0AF3] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDIT142.DLL
[MD5.203B4AF3957F88B3E6F8A28F19BEBDD0] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDIULAT.DLL
[MD5.6C88E8FC7913454CA82E44144235CD5C] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDJAV.DLL
[MD5.5B9D4260A54BA5832FFEABDDC64F15CF] - [04/06/2017 12:11:11] - |A| - [13824] - C:\WINDOWS\syswow64\KBDJPN.DLL
[MD5.D58059FCFC80F06D1477CF5A04182620] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDKAZ.DLL
[MD5.5B82F5427F5096E696F5F74082ACA281] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDKHMR.DLL
[MD5.5F4BAFD4180F3500488A260777AE33A8] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDKNI.DLL
[MD5.87DB2B66AD2875EC87B9ED31DCF5CBD1] - [04/06/2017 12:11:11] - |A| - [13312] - C:\WINDOWS\syswow64\KBDKOR.DLL
[MD5.DD62575A07E7643D43BEEF70771BCF82] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDKURD.DLL
[MD5.C5095974BEA8AD4DF63B38A97DE24899] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDKYR.DLL
[MD5.D8B3EB6171FD665FB1089C4F9A55F4C5] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDLA.DLL
[MD5.67FF8883AD0C0E3400EF748C86E16362] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDLAO.DLL
[MD5.A77FA8F610F3C71859E1521214807FF2] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\kbdlisub.dll
[MD5.04DA3FE09DDE64082EB526104F1D269D] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\kbdlisus.dll
[MD5.9FD2700AC2B9263F0A5000637ADE59A0] - [04/06/2017 12:11:11] - |A| - [7680] - C:\WINDOWS\syswow64\kbdlk41a.dll
[MD5.CB3E72506138A5F2AC395B7712089F27] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDLT.DLL
[MD5.632B873F236126805AB9D955729808A6] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDLT1.DLL
[MD5.3CC03E8A90DD00B863052D3746AF9341] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\KBDLT2.DLL
[MD5.915B59901FE72E45C3C0B3C08CBC7874] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDLV.DLL
[MD5.E2FB3977B4EAE47D033C989E6D2C5912] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDLV1.DLL
[MD5.106D22443597E7FDA7D1D62B26D48555] - [04/06/2017 12:11:10] - |A| - [8704] - C:\WINDOWS\syswow64\KBDLVST.DLL
[MD5.1011C972260BA36D8593DB07AE296417] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDMAC.DLL
[MD5.206C83D28EC1E017EEAA4923235E76AE] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\KBDMACST.DLL
[MD5.D097F9EBF7752E14AF0A05A486CE51DE] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDMAORI.DLL
[MD5.1F3FE6264B92B1AD49C3173C2C24A677] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDMLT47.DLL
[MD5.0C8E57FDCC1DC0C748D6C0912AFA8E4B] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDMLT48.DLL
[MD5.779AD5FD620CA4FFA1297F97B5988FA0] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDMON.DLL
[MD5.7C45F9AD14E8DAE2F72E530B6C19A622] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDMONMO.DLL
[MD5.F2DACE8A4CA670F2A2357A2DBB216C44] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDMONST.DLL
[MD5.40B4AECAF255D7D9309AD3013C2CE2F7] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDMYAN.DLL
[MD5.50CA783F56D80A84628C2ABE871B710C] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDNE.DLL
[MD5.BB8B263055B4D81EF7933B44B6E05FEB] - [04/06/2017 12:11:11] - |A| - [8192] - C:\WINDOWS\syswow64\kbdnec.DLL
[MD5.7394D1CE25118E76072388689EAEB008] - [04/06/2017 12:11:11] - |A| - [8192] - C:\WINDOWS\syswow64\kbdnec95.DLL
[MD5.4DA9FAFF1F9ED3601E7FC1DA0354551D] - [04/06/2017 12:11:11] - |A| - [9728] - C:\WINDOWS\syswow64\kbdnecat.DLL
[MD5.E88880EE5655D84912697CD9F0910E14] - [04/06/2017 12:11:11] - |A| - [8192] - C:\WINDOWS\syswow64\kbdnecnt.DLL
[MD5.F8CDCE690655EE676511B701D1E52B1C] - [04/06/2017 12:11:11] - |A| - [7680] - C:\WINDOWS\syswow64\KBDNEPR.DLL
[MD5.6F7081B45EB4378DCF802120F69B2FE9] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\kbdnko.dll
[MD5.511E5C947491FD6703526762CF0FFDED] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDNO.DLL
[MD5.2168B80269972A678FAC4D35573EF684] - [04/06/2017 12:11:10] - |A| - [8192] - C:\WINDOWS\syswow64\KBDNO1.DLL
[MD5.75B8333CC55EF1532F8E7D422DEE23EC] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDNSO.DLL
[MD5.7B3059490A42A39A4ECEE51C0A4C567C] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDNTL.DLL
[MD5.47177CBA1059BFC33D9304202507C800] - [04/06/2017 12:11:08] - |A| - [6656] - C:\WINDOWS\syswow64\KBDOGHAM.DLL
[MD5.0E7807FDE891852987CD7DC63D3EC09D] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDOLCH.DLL
[MD5.FD070D5A8725231F7EEC4AC23AE17A44] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDOLDIT.DLL
[MD5.43992BF8DA8C8BD64FE3804B5F4E2E86] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDOSM.DLL
[MD5.3EA7E7652C4A07307A7A9DA671E3BCE7] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDPASH.DLL
[MD5.F6D43522982C87A3EACF360EB628FFE7] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\kbdphags.dll
[MD5.FBA71612E34408149E3E42C0FBAC91BD] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDPL.DLL
[MD5.D10FEA4EF8470838220C5764608B123D] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDPL1.DLL
[MD5.64DC730B9D3CD2BAB61A4E15A2E200C3] - [04/06/2017 12:11:11] - |A| - [7680] - C:\WINDOWS\syswow64\KBDPO.DLL
[MD5.147047658345B72BBAE683DE0238F49A] - [04/06/2017 12:11:11] - |A| - [8192] - C:\WINDOWS\syswow64\KBDRO.DLL
[MD5.A11884E924773B3AF508F9C4F7476544] - [04/06/2017 12:11:08] - |A| - [8704] - C:\WINDOWS\syswow64\KBDROPR.DLL
[MD5.EA1E2C8FCC1803E1420449BE4A9ED13A] - [04/06/2017 12:11:10] - |A| - [8704] - C:\WINDOWS\syswow64\KBDROST.DLL
[MD5.1798A00C6A5F63DBDF1E1A75EC3F8D8E] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDRU.DLL
[MD5.FAC16775BCD9FB41CF2BBA63BCE248B0] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDRU1.DLL
[MD5.FB6524CF3E53E8DFBCD89BB9DAFEE81F] - [04/06/2017 12:11:08] - |A| - [8192] - C:\WINDOWS\syswow64\KBDRUM.DLL
[MD5.365AC509CC5AD44760EB9D8EE5300EB2] - [04/06/2017 12:11:08] - |A| - [7680] - C:\WINDOWS\syswow64\KBDSF.DLL
[MD5.A39023BC6DE5D34FD09E1AEB29CA48C9] - [04/06/2017 12:11:11] - |A| - [7680] - C:\WINDOWS\syswow64\KBDSG.DLL
[MD5.116FB42DCAEF73113286DB731A3ED83B] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDSL.DLL
[MD5.7114828BD4D4F6059F78C52BADB270DD] - [04/06/2017 12:11:10] - |A| - [8192] - C:\WINDOWS\syswow64\KBDSL1.DLL
[MD5.AB6B184F44D2498F3CAF238C1404626C] - [04/06/2017 12:11:08] - |A| - [8704] - C:\WINDOWS\syswow64\KBDSMSFI.DLL
[MD5.9A2411C715FBE6B1FB90004EE9173C01] - [04/06/2017 12:11:10] - |A| - [8704] - C:\WINDOWS\syswow64\KBDSMSNO.DLL
[MD5.3D573176F0D7660F972C582B359B4218] - [04/06/2017 12:11:10] - |A| - [6656] - C:\WINDOWS\syswow64\KBDSN1.DLL
[MD5.A5784A3EC705BD8477861DFB85D80B43] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDSORA.DLL
[MD5.E00D866E7BB9F7206D3E130625E65443] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDSOREX.DLL
[MD5.4FDBBA20D77B31CD4887B442FCAAE426] - [04/06/2017 12:11:08] - |A| - [7680] - C:\WINDOWS\syswow64\KBDSORS1.DLL
[MD5.7578900C090142E7416A01FD2FF5AB69] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDSORST.DLL
[MD5.094F3D95C15D92C74545CEC8951B2240] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDSP.DLL
[MD5.F99B580F803794D03271C084CA904A23] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDSW.DLL
[MD5.E472F909E8133E3E577C49B569C51BCF] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDSW09.DLL
[MD5.C9A6F02C75544B54BF1B62A67037B047] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDSYR1.DLL
[MD5.5E3C03FE90ABF24B8F88D7ABEBB8A982] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDSYR2.DLL
[MD5.56BA9427A3C1DDF2438B90DCF9ACA618] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\KBDTAILE.DLL
[MD5.6FEFB52A9962D73AFAC81C82AF453A1F] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDTAJIK.DLL
[MD5.1B0AB03C2DACE1D3F3608550763FFC3D] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDTAT.DLL
[MD5.2E5CA81A5387AF1E8EB876FC056936F4] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDTH0.DLL
[MD5.0CC5654BD23D51AF9DD47783F80BE86D] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDTH1.DLL
[MD5.EB57BD13DC3D17A7CC94807532A7A32D] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\KBDTH2.DLL
[MD5.BF1B9C5DF70BBA3DF9B3B2BED9A0391E] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\KBDTH3.DLL
[MD5.A378245F970F9421EBDDC2110370C629] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDTIFI.DLL
[MD5.46A9251839D19F6B0D7B2BE7B4FBE8FE] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDTIFI2.DLL
[MD5.F7FBCD79AA9135778DD91EAF153C1630] - [04/06/2017 12:11:11] - |A| - [7680] - C:\WINDOWS\syswow64\KBDTIPRC.DLL
[MD5.BECEC81C8916E329597A5C53DCBBB10E] - [04/06/2017 12:11:11] - |A| - [7680] - C:\WINDOWS\syswow64\KBDTIPRD.DLL
[MD5.08E18482D664BF551EA2FEE9DAA90628] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDTT102.DLL
[MD5.E47D0BDDDEB9957DCD3F50BE9827863F] - [04/06/2017 12:11:08] - |A| - [7680] - C:\WINDOWS\syswow64\KBDTUF.DLL
[MD5.BBF583A133FC8476A82176AE91E2A6CD] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDTUQ.DLL
[MD5.40657D0E9C99C660CD52C0F9926AC991] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDTURME.DLL
[MD5.32C87FD8872BE495402094516787CE7D] - [04/06/2017 12:11:10] - |A| - [7680] - C:\WINDOWS\syswow64\KBDTZM.DLL
[MD5.0FC164967E6CE788AA2E10FD297BEF63] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDUGHR.DLL
[MD5.20DABECDACE5857EBF0F40A1282EA501] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDUGHR1.DLL
[MD5.68386157C1AB5BED28F56A0FF957ECC7] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDUK.DLL
[MD5.7301790EF875ACA63838F80BFB1E6337] - [04/06/2017 12:11:11] - |A| - [8192] - C:\WINDOWS\syswow64\KBDUKX.DLL
[MD5.20BA8540A6030780E0BE176652B24B9E] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDUR.DLL
[MD5.323E1F68AF27F4E95F2214BC87A027B7] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDUR1.DLL
[MD5.55EFD3378F34FB4A3133B8B4212AE28C] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDURDU.DLL
[MD5.CE5B1D7B25E8BAEE6A5C324AEBC877CF] - [04/06/2017 12:11:28] - |A| - [8192] - C:\WINDOWS\syswow64\KBDUS.DLL
[MD5.7D2B7FCA8D2B0636C0775DEAEF6ED805] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\KBDUSA.DLL
[MD5.A1B12BF908A4DD0BF7EC730E47229F58] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\KBDUSL.DLL
[MD5.5626944026F0EC2D0C4A003F2831F93C] - [04/06/2017 12:11:08] - |A| - [7168] - C:\WINDOWS\syswow64\KBDUSR.DLL
[MD5.1AC6EFCF31A26E9D7FE07DE7168D7822] - [04/06/2017 12:11:08] - |A| - [7680] - C:\WINDOWS\syswow64\KBDUSX.DLL
[MD5.ABF8249F7B9CAFAE8634C388B5B1BB15] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDUZB.DLL
[MD5.AF0245C6476CE9C2C48503C69CD91656] - [04/06/2017 12:11:11] - |A| - [6656] - C:\WINDOWS\syswow64\KBDVNTC.DLL
[MD5.A89D9315401AEEDFDAF4CE511D8A63B0] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDWOL.DLL
[MD5.1C5D6455A7A63EEBBEDF7BCF76CFFB8C] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDYAK.DLL
[MD5.E0834C627B1B47279A16F10ACB4A3A85] - [04/06/2017 12:11:11] - |A| - [7168] - C:\WINDOWS\syswow64\KBDYBA.DLL
[MD5.1C04197E99C024E9B605A927C43E5157] - [04/06/2017 12:11:10] - |A| - [7168] - C:\WINDOWS\syswow64\KBDYCC.DLL
[MD5.0B5D5C86E471097D82340B37A2A93F4B] - [04/06/2017 12:11:10] - |A| - [8704] - C:\WINDOWS\syswow64\KBDYCL.DLL
[MD5.DA140F746CDFF77DA30CCAB056D8A64A] - [04/06/2017 12:10:57] - |A| - [121424] - C:\WINDOWS\syswow64\KerbClientShared.dll
[MD5.5DE8D9642B1FE3F2390321D73F9F9084] - [04/06/2017 12:10:57] - |A| - [771072] - C:\WINDOWS\syswow64\kerberos.dll
[MD5.5F88CC3F57BE2957C37BC4BF3B33BD37] - [04/06/2017 12:10:57] - |A| - [43432] - C:\WINDOWS\syswow64\kernel.appcore.dll
[MD5.39D9CFBF91B09B5B909465C5E522EF0B] - [04/06/2017 12:11:26] - |A| - [591272] - C:\WINDOWS\syswow64\kernel32.dll
[MD5.D6AE1A43D405E2D9171A7971052B8409] - [04/06/2017 12:09:57] - |A| - [1896616] - C:\WINDOWS\syswow64\KernelBase.dll
[MD5.BB0D0C0C6080AFF11B5221D095AD1524] - [04/06/2017 12:11:53] - |A| - [30032] - C:\WINDOWS\syswow64\KeyboardFilterCore.dll
[MD5.6457E653F1054588DB85C4942922B917] - [04/06/2017 12:11:53] - |A| - [33616] - C:\WINDOWS\syswow64\KeyboardFilterShim.dll
[MD5.7C8B7E04A072AEB029C1228503247FBC] - [04/06/2017 12:11:02] - |A| - [69632] - C:\WINDOWS\syswow64\keyiso.dll
[MD5.11B99F7F5D8A4987762528A4D1D95E85] - [04/06/2017 12:11:21] - |A| - [157184] - C:\WINDOWS\syswow64\keymgr.dll
[MD5.7CDA225A6D59789BDD9F04B3319BA752] - [04/06/2017 12:11:23] - |A| - [39424] - C:\WINDOWS\syswow64\kmddsp.tsp
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [226304] - C:\WINDOWS\syswow64\ko-KR
[MD5.7A7A04370A6030B9B0E8178DAD4A6E41] - [04/06/2017 12:11:23] - |A| - [12876] - C:\WINDOWS\syswow64\korean.uce
[MD5.31349DFC11DC87FBA6A6722B08F2CF7A] - [04/06/2017 12:10:53] - |A| - [233984] - C:\WINDOWS\syswow64\ksproxy.ax
[MD5.2AAE9B71F0AFF10530EDF939C7CD25B7] - [04/06/2017 12:11:26] - |A| - [92672] - C:\WINDOWS\syswow64\kstvtune.ax
[MD5.D8934651D5CD6C82847E262014719E49] - [04/06/2017 12:10:50] - |A| - [16552] - C:\WINDOWS\syswow64\ksuser.dll
[MD5.18093660E5AAB25EDD97A49F68D8CCA5] - [04/06/2017 12:10:50] - |A| - [117248] - C:\WINDOWS\syswow64\Kswdmcap.ax
[MD5.99BB4F8F30987179311988ECC3EC7D04] - [04/06/2017 12:11:26] - |A| - [56320] - C:\WINDOWS\syswow64\ksxbar.ax
[MD5.C8A0F7361D49DE1B0102F1E79A472349] - [04/06/2017 12:10:57] - |A| - [15360] - C:\WINDOWS\syswow64\ktmutil.exe
[MD5.FCB5F5EA01AA0A3F15B081FD4C6DDDA5] - [04/06/2017 12:11:13] - |A| - [20992] - C:\WINDOWS\syswow64\ktmw32.dll
[MD5.178AD9B95AF2ED415DA4751696F75E82] - [04/06/2017 12:11:29] - |A| - [58368] - C:\WINDOWS\syswow64\l2gpstore.dll
[MD5.D152E5657BAFB209373154D2E8F3FF04] - [04/06/2017 12:11:28] - |A| - [55296] - C:\WINDOWS\syswow64\l2nacp.dll
[MD5.F68BD7D5444A1F20D03F500DE98EC7C8] - [04/06/2017 12:11:28] - |A| - [153600] - C:\WINDOWS\syswow64\L2SecHC.dll
[MD5.A9C0239D835C00FFEE6B97DFCF6B5208] - [04/06/2017 12:09:12] - |A| - [70144] - C:\WINDOWS\syswow64\l3codeca.acm
[MD5.FE99187BC038C3C63F97051DFB344224] - [04/06/2017 12:09:12] - |A| - [189952] - C:\WINDOWS\syswow64\l3codecp.acm
[MD5.6B6274E9112AAD294CA65C2DE64D24F8] - [04/06/2017 12:11:02] - |A| - [15360] - C:\WINDOWS\syswow64\label.exe
[MD5.92D636136E9438B5466F1217FE6140EF] - [04/06/2017 12:09:13] - |A| - [10240] - C:\WINDOWS\syswow64\LAPRXY.DLL
[MD5.A3D92821E8C347AFD2EB56D5FA2EAA54] - [04/06/2017 12:11:02] - |A| - [182784] - C:\WINDOWS\syswow64\LaunchTM.exe
[MD5.F652560B9625E1E2AAF75AF928CEBFB4] - [04/06/2017 12:11:26] - |A| - [33280] - C:\WINDOWS\syswow64\LaunchWinApp.exe
[MD5.531FE5A2634D87A078017259F21D9736] - [04/06/2017 12:11:06] - |A| - [211938] - C:\WINDOWS\syswow64\lcphrase.tbl
[MD5.D3C85593F8C4576FCF9B42AC48CA4368] - [04/06/2017 12:11:06] - |A| - [24114] - C:\WINDOWS\syswow64\lcptr.tbl
[MD5.FE1E510DF392254DCF7EF6537C1A7EA7] - [11/06/2017 03:23:21] - |A| - [58398] - C:\WINDOWS\syswow64\license.rtf
[MD5.F4D10C5261C342A31DF9FC08B92A9C33] - [04/06/2017 12:10:57] - |A| - [750928] - C:\WINDOWS\syswow64\LicenseManager.dll
[MD5.B5EACA83F0DEE96B5CD562AED564B330] - [04/06/2017 12:10:53] - |A| - [74752] - C:\WINDOWS\syswow64\LicenseManagerApi.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [81303] - C:\WINDOWS\syswow64\Licenses
[MD5.7BF44190888B5DAFD91F03D7BB7B10C2] - [04/06/2017 12:11:23] - |A| - [164352] - C:\WINDOWS\syswow64\LicensingDiagSpp.dll
[MD5.F4321CE45FB88CAE39EBF054056315EE] - [04/06/2017 12:09:13] - |A| - [26624] - C:\WINDOWS\syswow64\licmgr10.dll
[MD5.5FD21837F56B8DAEFC46354CCE7BC044] - [04/06/2017 12:11:23] - |A| - [33280] - C:\WINDOWS\syswow64\linkinfo.dll
[MD5.A44EAD58866DBC307CF4EFB91458F2EA] - [04/06/2017 12:11:03] - |A| - [100352] - C:\WINDOWS\syswow64\loadperf.dll
[MD5.5609E1ABBBCDC54C306F9A1AAA89D22D] - [04/06/2017 12:09:57] - |A| - [803896] - C:\WINDOWS\syswow64\locale.nls
[MD5.E7801CAF4457DE8CC1C028C9708E1400] - [04/06/2017 12:11:00] - |A| - [454656] - C:\WINDOWS\syswow64\localsec.dll
[MD5.760C85C8EE57F1F4E338BEF1C17E3EAB] - [04/06/2017 12:11:13] - |A| - [318976] - C:\WINDOWS\syswow64\LocationApi.dll
[MD5.C869DCD78CF8289D844336A63F6F13B6] - [04/06/2017 12:10:56] - |A| - [44032] - C:\WINDOWS\syswow64\LocationFrameworkInternalPS.dll
[MD5.4C904CECB006A0164D2F0C33244B9137] - [04/06/2017 12:10:56] - |A| - [23376] - C:\WINDOWS\syswow64\LocationFrameworkPS.dll
[MD5.B4AC71EDC4AA99677D6E9259BC184B33] - [04/06/2017 12:11:11] - |A| - [534528] - C:\WINDOWS\syswow64\LockAppBroker.dll
[MD5.9B13D35ED0C9FAAEBDB4AD64ED50DC26] - [04/06/2017 12:11:08] - |A| - [278528] - C:\WINDOWS\syswow64\LockScreenData.dll
[MD5.0A2F8B84F66DCA7949168558A2BF4ED5] - [04/06/2017 12:11:03] - |A| - [43008] - C:\WINDOWS\syswow64\lodctr.exe
[MD5.0EBDB4C7E5CD7F0CEDB6637A9C8FC653] - [04/06/2017 12:09:13] - |A| - [86016] - C:\WINDOWS\syswow64\logagent.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\syswow64\LogFiles
[MD5.ABEFB378ABD6EF37E1C2140953BD2218] - [04/06/2017 12:11:21] - |A| - [66560] - C:\WINDOWS\syswow64\loghours.dll
[MD5.3BFD4CC6583CE69739E0D53F55B4F6F6] - [04/06/2017 12:11:18] - |A| - [99840] - C:\WINDOWS\syswow64\logman.exe
[MD5.325521376153FCB84741EF5BA465A12F] - [04/06/2017 12:11:03] - |A| - [182856] - C:\WINDOWS\syswow64\logoncli.dll
[MD5.BA33DB34AE5BCE8868E6D31D5460BE92] - [04/06/2017 12:11:03] - |A| - [2560] - C:\WINDOWS\syswow64\lpk.dll
[MD5.0FF8A3280DEEAD9E76EACEACA20FA39A] - [04/06/2017 12:11:28] - |A| - [22528] - C:\WINDOWS\syswow64\lsmproxy.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [230400] - C:\WINDOWS\syswow64\lt-LT
[MD5.27620488EFF77366F9621AFF6D602A80] - [04/06/2017 12:11:28] - |A| - [45904] - C:\WINDOWS\syswow64\luainstall.dll
[MD5.717AC7409039EAA8844412AE687310E6] - [04/06/2017 12:11:29] - |A| - [28160] - C:\WINDOWS\syswow64\luiapi.dll
[MD5.3279476E39DE235B426D69CFE8DEBF55] - [04/06/2017 12:11:26] - |A| - [144998] - C:\WINDOWS\syswow64\lusrmgr.msc
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [231936] - C:\WINDOWS\syswow64\lv-LV
[MD5.A79ABE608F25148F00C3E2CBF60BB38D] - [04/06/2017 12:11:03] - |A| - [2560] - C:\WINDOWS\syswow64\lz32.dll
[MD5.3EC1A12B4841F7CCD65B12D792FC8FDA] - [04/06/2017 12:09:57] - |A| - [9926] - C:\WINDOWS\syswow64\l_intl.nls
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [24520838] - C:\WINDOWS\syswow64\Macromed
[MD5.77833BFE5263D03F7A592E84FF9980B6] - [04/06/2017 12:11:00] - |A| - [41984] - C:\WINDOWS\syswow64\Magnification.dll
[MD5.851A492BFFBB7500A1B7569104C535F5] - [04/06/2017 12:11:00] - |A| - [911360] - C:\WINDOWS\syswow64\Magnify.exe
[MD5.00000000000000000000000000000000] - [05/06/2017 08:59:15] - |D| - [33460] - C:\WINDOWS\syswow64\MailContactsCalendarSync
[MD5.894EC063E79A90D49E87C01A2BA25DF6] - [04/06/2017 12:11:18] - |A| - [631808] - C:\WINDOWS\syswow64\main.cpl
[MD5.11AC8A3DF99B6F0E8BACF3E9855B8193] - [04/06/2017 12:11:05] - |A| - [68608] - C:\WINDOWS\syswow64\makecab.exe
[MD5.A7A4C0F5C98CC99CE46F02093B5DA6C3] - [04/06/2017 12:10:56] - |A| - [360448] - C:\WINDOWS\syswow64\MapConfiguration.dll
[MD5.163B4758859109A4A0239A640EF3F3E1] - [04/06/2017 12:10:56] - |A| - [707072] - C:\WINDOWS\syswow64\MapControlCore.dll
[MD5.BD73395A69B646DA90EBF26B799A485F] - [04/06/2017 12:10:56] - |A| - [2560] - C:\WINDOWS\syswow64\MapControlStringsRes.dll
[MD5.93C660BC6EFFC553610291BA61033A43] - [04/06/2017 12:10:56] - |A| - [1930752] - C:\WINDOWS\syswow64\MapGeocoder.dll
[MD5.1E2368AD9C802CE71EF25C3E7ED12BB8] - [04/06/2017 12:11:26] - |A| - [93696] - C:\WINDOWS\syswow64\mapi32.dll
[MD5.1E2368AD9C802CE71EF25C3E7ED12BB8] - [04/06/2017 12:11:26] - |A| - [93696] - C:\WINDOWS\syswow64\mapistub.dll
[MD5.83030FFB67C74F41673B802478138BAE] - [04/06/2017 12:10:56] - |A| - [2395136] - C:\WINDOWS\syswow64\MapRouter.dll
[MD5.3ADF1D605D1B1161256461300181DF58] - [04/06/2017 12:10:56] - |A| - [105472] - C:\WINDOWS\syswow64\MapsBtSvc.dll
[MD5.24FEDC4147834A532E56BD517DB80F0D] - [04/06/2017 12:10:56] - |A| - [23040] - C:\WINDOWS\syswow64\MapsTelemetry.dll
[MD5.9E8260F07182106BFC4061AA2C722C5C] - [04/06/2017 12:11:53] - |A| - [143696] - C:\WINDOWS\syswow64\mavinject.exe
[MD5.76CAF6E2CFE52CF07DCC8EA7CEF57194] - [04/06/2017 12:10:56] - |A| - [657408] - C:\WINDOWS\syswow64\MbaeApi.dll
[MD5.B26F4B08168E0FB285B39FEA2F5751D0] - [04/06/2017 12:10:56] - |A| - [863232] - C:\WINDOWS\syswow64\MbaeApiPublic.dll
[MD5.5931E324B0753E293E8523DF090CD0BE] - [04/06/2017 12:10:56] - |A| - [489984] - C:\WINDOWS\syswow64\mbsmsapi.dll
[MD5.AF7F6CC9F581F65CA9E3CA2055B55BC4] - [04/06/2017 12:10:56] - |A| - [66048] - C:\WINDOWS\syswow64\mbussdapi.dll
[MD5.D20CD1C2FB4D6F2D034372A3761EDDDF] - [04/06/2017 12:11:13] - |A| - [301568] - C:\WINDOWS\syswow64\mcbuilder.exe
[MD5.053BC942FD35B5B1D9F653D3281F16BC] - [05/06/2017 08:59:13] - |A| - [147968] - C:\WINDOWS\syswow64\MCCSEngineShared.dll
[MD5.B2D93C2292540B4CFE9B3EC9A33E36DD] - [04/06/2017 12:10:53] - |A| - [84992] - C:\WINDOWS\syswow64\mciavi32.dll
[MD5.40AF33A4A5478E850B14C8E6A4F99885] - [04/06/2017 12:10:53] - |A| - [38912] - C:\WINDOWS\syswow64\mcicda.dll
[MD5.B3612C09A5E59BFBC433A6414A03561C] - [04/06/2017 12:10:53] - |A| - [39424] - C:\WINDOWS\syswow64\mciqtz32.dll
[MD5.959BF46C24E90BFECD614A0FAA437F6B] - [04/06/2017 12:10:53] - |A| - [24064] - C:\WINDOWS\syswow64\mciseq.dll
[MD5.4D622D17F81FE1D408C4118708808D35] - [04/06/2017 12:10:53] - |A| - [24576] - C:\WINDOWS\syswow64\mciwave.dll
[MD5.F3C161A213C9CB041B3389C2E655C998] - [04/06/2017 12:11:00] - |A| - [663552] - C:\WINDOWS\syswow64\MCRecvSrc.dll
[MD5.31ADC89AE1DE10987BEF02AE69932603] - [04/06/2017 12:11:26] - |A| - [161792] - C:\WINDOWS\syswow64\mdminst.dll
[MD5.D4163058067A9A6430E310E212CE0556] - [04/06/2017 12:11:02] - |A| - [45568] - C:\WINDOWS\syswow64\mdmlocalmanagement.dll
[MD5.9020F26F6809BE65CE59BAD40F654277] - [04/06/2017 12:11:02] - |A| - [178176] - C:\WINDOWS\syswow64\mdmregistration.dll
[MD5.16CDC29941AA7799B8BA5BB9A2460A45] - [04/06/2017 12:10:53] - |A| - [764416] - C:\WINDOWS\syswow64\MessagingDataModel2.dll
[MD5.F821FAAA54E3C7F5B912CDE4864085EF] - [04/06/2017 12:09:12] - |A| - [544904] - C:\WINDOWS\syswow64\mf.dll
[MD5.B70513A0B8832F74293A3CAA9121828D] - [04/06/2017 12:11:03] - |A| - [43008] - C:\WINDOWS\syswow64\mf3216.dll
[MD5.F36C357D1CA13BF4E4DAE88C5DC31F46] - [04/06/2017 12:09:12] - |A| - [107936] - C:\WINDOWS\syswow64\mfAACEnc.dll
[MD5.D83E2303BAD53E2CDD25EDC2FF77F812] - [04/06/2017 12:09:12] - |A| - [1369840] - C:\WINDOWS\syswow64\mfasfsrcsnk.dll
[MD5.94B7CF16D9A64CE0A4538BD86358B18C] - [04/06/2017 12:09:12] - |A| - [87312] - C:\WINDOWS\syswow64\mfaudiocnv.dll
[MD5.8BBC59AE8497D0BBEE8D66B74C7DB971] - [04/06/2017 12:11:23] - |A| - [924944] - C:\WINDOWS\syswow64\mfc40.dll
[MD5.042E7A7AE4E3DDE7950D16285FF63C8D] - [04/06/2017 12:11:26] - |A| - [924944] - C:\WINDOWS\syswow64\mfc40u.dll
[MD5.D32FED7BD2EC4B5523982C9C7AC8D0D8] - [04/06/2017 12:11:26] - |A| - [1211904] - C:\WINDOWS\syswow64\mfc42.dll
[MD5.2AFCED0956B869ED400A29C9B703C386] - [04/06/2017 12:11:26] - |A| - [1233920] - C:\WINDOWS\syswow64\mfc42u.dll
[MD5.74F81F375D22673DAC451923BAFF0F9E] - [04/06/2017 12:09:12] - |A| - [447344] - C:\WINDOWS\syswow64\MFCaptureEngine.dll
[MD5.5591500DA3B8479C2A2C404CD2D8BF2D] - [04/06/2017 12:09:12] - |A| - [4671744] - C:\WINDOWS\syswow64\mfcore.dll
[MD5.DD56AD660689DF06D9FACE40D32D03C6] - [04/06/2017 12:11:05] - |A| - [27648] - C:\WINDOWS\syswow64\mfcsubs.dll
[MD5.0AD8FCA7498E7AB302B5B725B877FE31] - [04/06/2017 12:09:12] - |A| - [755120] - C:\WINDOWS\syswow64\mfds.dll
[MD5.DE17048E7D72651F2DD8AEEC5AE7772E] - [04/06/2017 12:09:12] - |A| - [152576] - C:\WINDOWS\syswow64\mfdvdec.dll
[MD5.AAAF4B05E0953F5114854ED778BC03AC] - [04/06/2017 12:09:12] - |A| - [70656] - C:\WINDOWS\syswow64\mferror.dll
[MD5.77EFAC4F05837B78A81F84C0165BD6FD] - [04/06/2017 12:09:12] - |A| - [43520] - C:\WINDOWS\syswow64\mfh263enc.dll
[MD5.6A9774396C67A2D2F6971C4975A2420B] - [04/06/2017 12:09:12] - |A| - [563200] - C:\WINDOWS\syswow64\mfh264enc.dll
[MD5.A864C63606E6F367260867F0B377AA44] - [04/06/2017 12:09:12] - |A| - [868352] - C:\WINDOWS\syswow64\mfh265enc.dll
[MD5.FD24CB81154257E71D6CC08A96AA056B] - [04/06/2017 12:10:53] - |A| - [198656] - C:\WINDOWS\syswow64\mfksproxy.dll
[MD5.A136B6079B8CECEFEF59D6D8A0F2D8C6] - [04/06/2017 12:09:12] - |A| - [4178944] - C:\WINDOWS\syswow64\MFMediaEngine.dll
[MD5.E96314ADF1F3D3D7FE09799B3D3DB96D] - [04/06/2017 12:09:12] - |A| - [86016] - C:\WINDOWS\syswow64\mfmjpegdec.dll
[MD5.A572CA359EA403379C691E3DD01FD44D] - [04/06/2017 12:09:12] - |A| - [817152] - C:\WINDOWS\syswow64\mfmkvsrcsnk.dll
[MD5.E01EFE761787E7DFDC42555272E84159] - [04/06/2017 12:09:12] - |A| - [2479704] - C:\WINDOWS\syswow64\mfmp4srcsnk.dll
[MD5.7E9CF6BF33E4668369CF3872E39391D6] - [04/06/2017 12:09:12] - |A| - [1008744] - C:\WINDOWS\syswow64\mfmpeg2srcsnk.dll
[MD5.4A7B1EF895C1F883DDCAAA59DE8AA4FE] - [04/06/2017 12:09:12] - |A| - [1144080] - C:\WINDOWS\syswow64\mfnetcore.dll
[MD5.1A7D23B86C4811A24AED64FD4761D68D] - [04/06/2017 12:09:12] - |A| - [1658528] - C:\WINDOWS\syswow64\mfnetsrc.dll
[MD5.A8D202310B28D9F7980D7BB82A7B9C79] - [04/06/2017 12:09:12] - |A| - [1076904] - C:\WINDOWS\syswow64\mfperfhelper.dll
[MD5.F4AE50389C2FC2D65E45C9E959C11809] - [04/06/2017 12:09:12] - |A| - [1516984] - C:\WINDOWS\syswow64\mfplat.dll
[MD5.381093F7C3A958019AFFE28B8BC8CB58] - [04/06/2017 12:09:12] - |A| - [373440] - C:\WINDOWS\syswow64\MFPlay.dll
[MD5.041B95F7B48E54BEEA646A286BF1AD8D] - [04/06/2017 12:09:12] - |A| - [34104] - C:\WINDOWS\syswow64\mfpmp.exe
[MD5.2C467C54FD51632B61E10CCEFC38173E] - [04/06/2017 12:09:12] - |A| - [121936] - C:\WINDOWS\syswow64\mfps.dll
[MD5.2DEF62ECAC3915C57BB88612928C5F9E] - [04/06/2017 12:09:12] - |A| - [960696] - C:\WINDOWS\syswow64\mfreadwrite.dll
[MD5.3A12FA687F3071F36BC18B6F5E7E29F6] - [04/06/2017 12:10:53] - |A| - [188560] - C:\WINDOWS\syswow64\mfsensorgroup.dll
[MD5.2255113A699D90C0CC714EF8FA01FE8B] - [04/06/2017 12:09:12] - |A| - [1446224] - C:\WINDOWS\syswow64\mfsrcsnk.dll
[MD5.795E15EE5B39FD44F443F30575E6A2DC] - [04/06/2017 12:09:12] - |A| - [1138376] - C:\WINDOWS\syswow64\mfsvr.dll
[MD5.461A60C9E8EFEFD124BE24D23303AA87] - [04/06/2017 12:09:12] - |A| - [330040] - C:\WINDOWS\syswow64\mftranscode.dll
[MD5.C30CFD0A66F9A5985296280022EB8C5A] - [04/06/2017 12:09:12] - |A| - [80072] - C:\WINDOWS\syswow64\mfvdsp.dll
[MD5.5F15B2B087C4F54AFF7144937054EEB7] - [04/06/2017 12:09:12] - |A| - [29184] - C:\WINDOWS\syswow64\mfvfw.dll
[MD5.4B1F9402B5FBF38AC49697F0AD53EAD8] - [04/06/2017 12:09:12] - |A| - [404480] - C:\WINDOWS\syswow64\MFWMAAEC.DLL
[MD5.64DC8BD209E59361F874A18130C88C33] - [04/06/2017 12:11:23] - |A| - [18944] - C:\WINDOWS\syswow64\mgmtapi.dll
[MD5.EDB9FCBFA9B48E04C0DAFD826316BCBE] - [04/06/2017 12:11:26] - |A| - [103936] - C:\WINDOWS\syswow64\mi.dll
[MD5.EDF7498A2265D071666680B10BA9BEDE] - [04/06/2017 12:11:26] - |A| - [74240] - C:\WINDOWS\syswow64\mibincodec.dll
[MD5.82E7D3178C042229C0F08A2B1FCBFE5E] - [04/06/2017 12:10:56] - |A| - [113664] - C:\WINDOWS\syswow64\Microsoft-Windows-MapControls.dll
[MD5.7896965E95CBB5086683BBB6786533F9] - [04/06/2017 12:10:56] - |A| - [9216] - C:\WINDOWS\syswow64\Microsoft-Windows-MosHost.dll
[MD5.7867DEA24428F0F7B3870EE4ED5D3926] - [04/06/2017 12:10:56] - |A| - [9728] - C:\WINDOWS\syswow64\Microsoft-Windows-MosTrace.dll
[MD5.F94F7131DE26552C203C4E7DB35CA0CD] - [04/06/2017 12:11:00] - |A| - [130048] - C:\WINDOWS\syswow64\Microsoft.Bluetooth.Proxy.dll
[MD5.1ECFF528A48C09F0B23A1AEF9A2FA780] - [04/06/2017 12:13:13] - |A| - [14848] - C:\WINDOWS\syswow64\Microsoft.Management.Infrastructure.Native.Unmanaged.dll
[MD5.3AB696F604B329EFDC59CCA55AABC324] - [04/06/2017 12:11:53] - |A| - [1619792] - C:\WINDOWS\syswow64\Microsoft.Uev.AppAgent.dll
[MD5.B481A7960EDBFCF3756FE09D2FFDF3DF] - [04/06/2017 12:11:53] - |A| - [36352] - C:\WINDOWS\syswow64\Microsoft.Uev.Office2010CustomActions.dll
[MD5.1E4C6DC8DFD53D210F1E61E3B507FB64] - [04/06/2017 12:11:53] - |A| - [502272] - C:\WINDOWS\syswow64\Microsoft.Uev.Office2013CustomActions.dll
[MD5.232A16FFE90CA86F1D5699E2FF9DB68E] - [04/06/2017 12:10:53] - |A| - [225280] - C:\WINDOWS\syswow64\MicrosoftAccountExtension.dll
[MD5.E8AAD0C8F10758F9DCDFFD27BC666155] - [04/06/2017 12:11:11] - |A| - [150528] - C:\WINDOWS\syswow64\MicrosoftAccountTokenProvider.dll
[MD5.953A15248E41B90533F53F02CD6198E7] - [04/06/2017 12:10:53] - |A| - [182272] - C:\WINDOWS\syswow64\MicrosoftAccountWAMExtension.dll
[MD5.6524FCB43EE9D3396A05C751F4A9B7E1] - [04/06/2017 12:10:53] - |A| - [18944] - C:\WINDOWS\syswow64\midimap.dll
[MD5.5832BA5297A5B85E306B018A53459B46] - [04/06/2017 12:11:21] - |A| - [118608] - C:\WINDOWS\syswow64\migisol.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [3015760] - C:\WINDOWS\syswow64\migration
[MD5.1616E9D7044E309D3AF880289AC2F403] - [04/06/2017 12:11:05] - |A| - [182784] - C:\WINDOWS\syswow64\miguiresource.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [830800] - C:\WINDOWS\syswow64\migwiz
[MD5.B1D77759113AA18A616ADEAA116C4049] - [04/06/2017 12:11:21] - |A| - [33792] - C:\WINDOWS\syswow64\mimefilt.dll
[MD5.C34AC3B02FEF7C7AE2615BED52908BF8] - [04/06/2017 12:11:26] - |A| - [119808] - C:\WINDOWS\syswow64\mimofcodec.dll
[MD5.7D8F55BD578A8362CCFC8FE6934EF9A2] - [04/06/2017 12:10:59] - |A| - [12288] - C:\WINDOWS\syswow64\MinstoreEvents.dll
[MD5.52EB26D872FCC231F9FF0749BC25FDF2] - [04/06/2017 12:11:02] - |A| - [233984] - C:\WINDOWS\syswow64\mintdh.dll
[MD5.7E02D732094B270ECC00D2EEA7F1F5C4] - [04/06/2017 12:10:59] - |A| - [824832] - C:\WINDOWS\syswow64\MiracastReceiver.dll
[MD5.C0F119A475AD0A5F53BE1F62677CEF64] - [04/06/2017 12:11:28] - |A| - [32768] - C:\WINDOWS\syswow64\MirrorDrvCompat.dll
[MD5.3A881B25FD6303256945E03A5889C9A5] - [04/06/2017 12:10:53] - |A| - [2758144] - C:\WINDOWS\syswow64\mispace.dll
[MD5.8F04E7E4F756280CEF9C97B1709C331C] - [04/06/2017 12:11:26] - |A| - [185856] - C:\WINDOWS\syswow64\miutils.dll
[MD5.ED434A3EBE29070A7E0138C42482EB93] - [04/06/2017 12:10:23] - |A| - [673088] - C:\WINDOWS\syswow64\mlang.dat
[MD5.E2A03DAE7DB9B95ACC7028C4512F612E] - [04/06/2017 12:11:18] - |A| - [201216] - C:\WINDOWS\syswow64\mlang.dll
[MD5.FBE56349FB8C53BF7ABEB25A5772E103] - [04/06/2017 12:11:13] - |A| - [1488384] - C:\WINDOWS\syswow64\mmc.exe
[MD5.17048E2ABCBA50FE8FD767A045C78D01] - [04/06/2017 12:11:13] - |A| - [301056] - C:\WINDOWS\syswow64\mmcbase.dll
[MD5.038820DE338099B6F94A39DAE595F7DB] - [04/06/2017 12:10:53] - |A| - [67072] - C:\WINDOWS\syswow64\mmci.dll
[MD5.809CF7702D665F0B4179B0784BE05C43] - [04/06/2017 12:10:53] - |A| - [12800] - C:\WINDOWS\syswow64\mmcico.dll
[MD5.734A9390FC6DCF0C658ABBF45CD19A11] - [04/06/2017 12:11:13] - |A| - [2427904] - C:\WINDOWS\syswow64\mmcndmgr.dll
[MD5.E43CD951B5CB2BFC8F68F845F6259651] - [04/06/2017 12:11:13] - |A| - [115712] - C:\WINDOWS\syswow64\mmcshext.dll
[MD5.C7F331703C142974A8E74F4D1D4A6702] - [04/06/2017 12:10:53] - |A| - [359000] - C:\WINDOWS\syswow64\MMDevAPI.dll
[MD5.CF26F3E3FC0E22D5D3B0BE09981F189F] - [04/06/2017 12:11:02] - |A| - [1427968] - C:\WINDOWS\syswow64\mmgaclient.dll
[MD5.CA0425B1BD9298EF7F027D8731E3B7C8] - [04/06/2017 12:11:02] - |A| - [62976] - C:\WINDOWS\syswow64\mmgaproxystub.dll
[MD5.E879635853AA81B5796E94F617FCB1A6] - [04/06/2017 12:11:02] - |A| - [1058816] - C:\WINDOWS\syswow64\mmgaserver.exe
[MD5.C03A0C3439FF76D996E92F8AF0C2FD49] - [04/06/2017 12:11:02] - |A| - [9569280] - C:\WINDOWS\syswow64\mmres.dll
[MD5.1FC17875AE0F7CDC420E35D5A85CF89C] - [04/06/2017 12:11:02] - |A| - [737792] - C:\WINDOWS\syswow64\mmsys.cpl
[MD5.70DEF50F3B659E3482617C46686C9058] - [04/06/2017 12:11:21] - |A| - [93696] - C:\WINDOWS\syswow64\mobsync.exe
[MD5.9A84E2CB6BAF52C32D86DCD5A3ADA1A0] - [04/06/2017 12:11:00] - |A| - [27648] - C:\WINDOWS\syswow64\mode.com
[MD5.EA5FCCC7EBD41D1D21EA47DFB2029A17] - [04/06/2017 12:11:26] - |A| - [169984] - C:\WINDOWS\syswow64\modemui.dll
[MD5.3D8A8E9516FE0A1C7F20ED7253E0FAA3] - [04/06/2017 12:10:59] - |A| - [26624] - C:\WINDOWS\syswow64\more.com
[MD5.EB0E7A8F8869C1EC3F459D905B5C8590] - [04/06/2017 12:11:23] - |A| - [185344] - C:\WINDOWS\syswow64\moricons.dll
[MD5.CFD562368EE1B9B88B8C7D30458B8920] - [04/06/2017 12:10:56] - |A| - [6117376] - C:\WINDOWS\syswow64\mos.dll
[MD5.9407A1C02BD6D93BC6647B47D2E18408] - [04/06/2017 12:10:56] - |A| - [67072] - C:\WINDOWS\syswow64\MosHostClient.dll
[MD5.5B129770C99F09A6FFB69ADD8C65A327] - [04/06/2017 12:10:56] - |A| - [409088] - C:\WINDOWS\syswow64\MosResource.dll
[MD5.798B18F0C47622B555D0C9F6823F5601] - [04/06/2017 12:10:56] - |A| - [66048] - C:\WINDOWS\syswow64\MosStorage.dll
[MD5.F4923948CEAE59B618460F981C6F2C44] - [04/06/2017 12:10:59] - |A| - [15360] - C:\WINDOWS\syswow64\mountvol.exe
[MD5.A7879561A084DC5141C01811590196F1] - [04/06/2017 12:09:12] - |A| - [94512] - C:\WINDOWS\syswow64\MP3DMOD.DLL
[MD5.3B58B5430587C3067770F9AC1BC719A8] - [04/06/2017 12:09:12] - |A| - [262392] - C:\WINDOWS\syswow64\MP43DECD.DLL
[MD5.E8D482465D7B8FEC6E300818C925FABB] - [04/06/2017 12:09:12] - |A| - [347080] - C:\WINDOWS\syswow64\MP4SDECD.DLL
[MD5.ADD5490B6614EA47B84ECF0654E2FC0A] - [04/06/2017 12:11:26] - |A| - [80896] - C:\WINDOWS\syswow64\Mpeg2Data.ax
[MD5.11228987D33602918BBF07D80079CBD5] - [04/06/2017 12:11:26] - |A| - [217600] - C:\WINDOWS\syswow64\mpg2splt.ax
[MD5.439352E3400CF7101FFD16802143691B] - [04/06/2017 12:09:12] - |A| - [262904] - C:\WINDOWS\syswow64\MPG4DECD.DLL
[MD5.95326BCF47FE51B8B06A84599C5B8376] - [04/06/2017 12:11:03] - |A| - [82120] - C:\WINDOWS\syswow64\mpr.dll
[MD5.56B2A10E3620CE7FBC53D2A1F8EF135F] - [04/06/2017 12:10:59] - |A| - [448512] - C:\WINDOWS\syswow64\mprapi.dll
[MD5.CC7C4D57F5147564AE1C3F2872A571D0] - [04/06/2017 12:11:23] - |A| - [771584] - C:\WINDOWS\syswow64\mprddm.dll
[MD5.3D8F2BC41B918AF34F94D1D80905DB78] - [04/06/2017 12:11:21] - |A| - [407040] - C:\WINDOWS\syswow64\mprdim.dll
[MD5.4EEC187E79AB6564A9213C3C61834A7D] - [04/06/2017 12:11:18] - |A| - [12288] - C:\WINDOWS\syswow64\mprext.dll
[MD5.64FB336C78C466DBED6FFFF708CCDC3F] - [04/06/2017 12:11:21] - |A| - [113664] - C:\WINDOWS\syswow64\mprmsg.dll
[MD5.6038A017B43ECD90435B2A8BBD97632D] - [04/06/2017 12:10:59] - |A| - [14336] - C:\WINDOWS\syswow64\MRINFO.EXE
[MD5.060018CDFB4DFC1ED832CF857551F3CA] - [04/06/2017 12:10:57] - |A| - [860544] - C:\WINDOWS\syswow64\MrmCoreR.dll
[MD5.1F44B5BB090B1C42EBDE64792505F3CC] - [04/06/2017 12:10:57] - |A| - [287696] - C:\WINDOWS\syswow64\MrmDeploy.dll
[MD5.754FB26176F30A571DAE4D970C40417F] - [04/06/2017 12:11:13] - |A| - [656384] - C:\WINDOWS\syswow64\MrmIndexer.dll
[MD5.1328DA1BC98F0AF180464C1C4C476D7E] - [04/06/2017 12:10:57] - |A| - [28320] - C:\WINDOWS\syswow64\mrt100.dll
[MD5.6140B08213721C9F60FF93818FA851DC] - [04/06/2017 12:10:57] - |A| - [30368] - C:\WINDOWS\syswow64\mrt_map.dll
[MD5.503FA8B25582CA2E271BF9555555E390] - [04/06/2017 12:12:53] - |A| - [44544] - C:\WINDOWS\syswow64\ms3dthumbnailprovider.dll
[MD5.11CA69D713CD4F04221D9C1F33A2C3D6] - [04/06/2017 12:11:19] - |A| - [122880] - C:\WINDOWS\syswow64\msaatext.dll
[MD5.19B9CF69A504A9F1BC99010E4EA1B155] - [04/06/2017 12:09:12] - |A| - [210432] - C:\WINDOWS\syswow64\MSAC3ENC.DLL
[MD5.F26C0C11E9FA01D3484EA593F0429729] - [04/06/2017 12:10:53] - |A| - [89392] - C:\WINDOWS\syswow64\msacm32.dll
[MD5.634A86D938673D5677DC2A15370D8517] - [04/06/2017 12:10:53] - |A| - [24576] - C:\WINDOWS\syswow64\msacm32.drv
[MD5.B190FC5E13C18A8DB6E5E2A3A8B6B8DA] - [04/06/2017 12:10:50] - |A| - [25840] - C:\WINDOWS\syswow64\msadp32.acm
[MD5.5E801C27BED39BE261062A850AD6CE16] - [04/06/2017 12:11:13] - |A| - [2560] - C:\WINDOWS\syswow64\msafd.dll
[MD5.B6B1DC8CAD03227B1406F021F95111ED] - [04/06/2017 12:10:53] - |A| - [2680320] - C:\WINDOWS\syswow64\MSAJApi.dll
[MD5.880B1D5603CE8197259BEC99953DF448] - [04/06/2017 12:09:12] - |A| - [47104] - C:\WINDOWS\syswow64\MSAlacDecoder.dll
[MD5.E63086BFA6C1FFC449D9F782B58A0270] - [04/06/2017 12:09:12] - |A| - [55296] - C:\WINDOWS\syswow64\MSAlacEncoder.dll
[MD5.26A34C84ED89C61EDEB8513EBF66E77E] - [04/06/2017 12:09:12] - |A| - [126464] - C:\WINDOWS\syswow64\MSAMRNBDecoder.dll
[MD5.744701CF2FBB25C4A110913578AFA5FC] - [04/06/2017 12:09:12] - |A| - [197120] - C:\WINDOWS\syswow64\MSAMRNBEncoder.dll
[MD5.F2235453957469159ACA6F0449543899] - [04/06/2017 12:09:12] - |A| - [24064] - C:\WINDOWS\syswow64\MSAMRNBSink.dll
[MD5.F840423D208D079C39C140A476E37F77] - [04/06/2017 12:09:12] - |A| - [89600] - C:\WINDOWS\syswow64\MSAMRNBSource.dll
[MD5.635BAE04DAC3CAC622B50E5D5C9EA7B7] - [04/06/2017 12:11:05] - |A| - [45480] - C:\WINDOWS\syswow64\msasn1.dll
[MD5.AF5391CE3477A2268B1839780E70888E] - [04/06/2017 12:09:12] - |A| - [452976] - C:\WINDOWS\syswow64\MSAudDecMFT.dll
[MD5.4DA43DE15C6FD538AB56ADBE1401903E] - [04/06/2017 12:11:28] - |A| - [155136] - C:\WINDOWS\syswow64\msaudite.dll
[MD5.496FF9B969C5B0F85E69BED3152242B9] - [04/06/2017 12:11:08] - |A| - [19456] - C:\WINDOWS\syswow64\msauserext.dll
[MD5.69396D47BA118895379D98E40D48FF07] - [04/06/2017 12:11:28] - |A| - [245760] - C:\WINDOWS\syswow64\mscandui.dll
[MD5.4708BBDD4F3843D9038F18BA847E3752] - [04/06/2017 12:11:03] - |A| - [11776] - C:\WINDOWS\syswow64\mscat32.dll
[MD5.CFB5024FBD203B316EBBB7A8B8369C8F] - [04/06/2017 12:17:15] - |A| - [208384] - C:\WINDOWS\syswow64\msclmd.dll
[MD5.7BDBEA1FDCCC7332B5C77C8A99C37CC6] - [04/06/2017 12:10:53] - |A| - [534016] - C:\WINDOWS\syswow64\mscms.dll
[MD5.59A0282F68CCD892E66BB7AD9BE0ED84] - [04/06/2017 12:09:04] - |A| - [320512] - C:\WINDOWS\syswow64\mscoree.dll
[MD5.08BBA5EE5D1396BF08E8A7C45BE9CA17] - [04/06/2017 12:09:04] - |A| - [19968] - C:\WINDOWS\syswow64\mscorier.dll
[MD5.3EF425D7122047D1002E96F40A3B8E40] - [04/06/2017 12:09:04] - |A| - [81560] - C:\WINDOWS\syswow64\mscories.dll
[MD5.C05691A8027F55D745867632405B85D8] - [04/06/2017 12:11:11] - |A| - [2560] - C:\WINDOWS\syswow64\mscpx32r.dLL
[MD5.45A083CED62812BBE7296B5EC6A1A21F] - [04/06/2017 12:11:11] - |A| - [14848] - C:\WINDOWS\syswow64\mscpxl32.dLL
[MD5.8AAD607BF34F9A9F53CB149D86330BAC] - [04/06/2017 12:11:02] - |A| - [1318648] - C:\WINDOWS\syswow64\msctf.dll
[MD5.D8B4EB4A3C78C02DDD8E1A61F4F4459F] - [04/06/2017 12:11:28] - |A| - [8704] - C:\WINDOWS\syswow64\msctfime.ime
[MD5.6730F048DDFBB85C63FCE36D2BC1F1BD] - [04/06/2017 12:11:26] - |A| - [67072] - C:\WINDOWS\syswow64\MsCtfMonitor.dll
[MD5.6C5A78972C0D8DD7376459E422A1B7A4] - [04/06/2017 12:11:23] - |A| - [91648] - C:\WINDOWS\syswow64\msctfp.dll
[MD5.E6FF18C19B051680C18178ACB2BA9A5A] - [04/06/2017 12:11:28] - |A| - [90624] - C:\WINDOWS\syswow64\msctfui.dll
[MD5.228F9F15239EAAE9B098F95E7520A665] - [04/06/2017 12:11:26] - |A| - [898048] - C:\WINDOWS\syswow64\msctfuimanager.dll
[MD5.33988D982704B49B9B5CF5656E4CDEF9] - [04/06/2017 12:11:08] - |A| - [147968] - C:\WINDOWS\syswow64\msdadiag.dll
[MD5.32F4798C7CF0A6F6B6EA43B6163E837E] - [04/06/2017 12:11:13] - |A| - [123904] - C:\WINDOWS\syswow64\msdart.dll
[MD5.90B508B0A2A5C016223C420273F83EA5] - [04/06/2017 12:11:11] - |A| - [5120] - C:\WINDOWS\syswow64\msdatsrc.tlb
[MD5.54870B213A793A0FCDB4D8CFE0766546] - [04/06/2017 12:11:05] - |A| - [396112] - C:\WINDOWS\syswow64\msdelta.dll
[MD5.BB9AE3A2D8D8FE1B90308CD188677883] - [04/06/2017 12:10:50] - |A| - [24816] - C:\WINDOWS\syswow64\msdmo.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [46592] - C:\WINDOWS\syswow64\MSDRM
[MD5.495CB462AA5FEC84BD44E1ED1EC32FBB] - [04/06/2017 12:11:28] - |A| - [444928] - C:\WINDOWS\syswow64\msdrm.dll
[MD5.955992F566FFE4600A38804379971416] - [04/06/2017 12:11:26] - |A| - [1505792] - C:\WINDOWS\syswow64\msdt.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [53538] - C:\WINDOWS\syswow64\Msdtc
[MD5.99B3A1A19EE7A0F5D13E0F4396A0DE76] - [04/06/2017 12:11:00] - |A| - [708096] - C:\WINDOWS\syswow64\msdtcprx.dll
[MD5.C1470202CC8E8AB5BFC363953B67EBA5] - [04/06/2017 12:11:02] - |A| - [254976] - C:\WINDOWS\syswow64\msdtcuiu.dll
[MD5.12D62EE2E8978953D761C43935C57C86] - [04/06/2017 12:11:02] - |A| - [22528] - C:\WINDOWS\syswow64\msdtcVSp1res.dll
[MD5.D3818F2FED730E5A471BBA463390FF0F] - [04/06/2017 12:11:26] - |A| - [70656] - C:\WINDOWS\syswow64\MSDvbNP.ax
[MD5.9988A3F9A6B02C92A37BD253A7391E96] - [05/06/2017 08:58:25] - |A| - [5632] - C:\WINDOWS\syswow64\msdxm.ocx
[MD5.4AD6AC7D1A76232881E16061BC0C6EA6] - [05/06/2017 08:58:25] - |A| - [44032] - C:\WINDOWS\syswow64\msdxm.tlb
[MD5.633CD8A938AB8C6B2D0166A4A55A225F] - [04/06/2017 12:11:13] - |A| - [409600] - C:\WINDOWS\syswow64\msexch40.dll
[MD5.040F333E591CBAB4C6A1880F6C8A1D03] - [04/06/2017 12:11:13] - |A| - [339968] - C:\WINDOWS\syswow64\msexcl40.dll
[MD5.F7EFB20C2C60457991DA2872A1DCE59F] - [04/06/2017 12:09:13] - |A| - [683520] - C:\WINDOWS\syswow64\msfeeds.dll
[MD5.95C9617F086B08C219C3F2B8E14B61A0] - [04/06/2017 12:09:13] - |A| - [64000] - C:\WINDOWS\syswow64\msfeedsbs.dll
[MD5.6685429DB4EA1075B02DB3DC0B6D44B6] - [04/06/2017 12:09:13] - |A| - [13824] - C:\WINDOWS\syswow64\msfeedssync.exe
[MD5.0BABE8607A2DD1EF408F935E95021DB3] - [04/06/2017 12:09:12] - |A| - [328192] - C:\WINDOWS\syswow64\MSFlacDecoder.dll
[MD5.F33DA7958CC206F1ED47FA13FF5BE687] - [04/06/2017 12:09:12] - |A| - [217088] - C:\WINDOWS\syswow64\MSFlacEncoder.dll
[MD5.244C0ED8E1F9561DECA5474724DEAEC4] - [04/06/2017 12:10:53] - |A| - [2680832] - C:\WINDOWS\syswow64\msftedit.dll
[MD5.24124183C1B15F2036895B7BBF4D5DE5] - [04/06/2017 12:10:50] - |A| - [18640] - C:\WINDOWS\syswow64\msg711.acm
[MD5.29C6DB1FB0B470050446DEBB6294CCC0] - [04/06/2017 12:10:50] - |A| - [32056] - C:\WINDOWS\syswow64\msgsm32.acm
[MD5.71F56C68F12DC315B611E2821EBC5B54] - [04/06/2017 12:09:12] - |A| - [13312] - C:\WINDOWS\syswow64\mshta.exe
[MD5.0B43E8C101B91A109D5ADBAFAE265D4D] - [04/06/2017 12:09:13] - |A| - [19441152] - C:\WINDOWS\syswow64\mshtml.dll
[MD5.46A450FD3B37A36AD5D44A3749E0159E] - [04/06/2017 12:09:12] - |A| - [2755584] - C:\WINDOWS\syswow64\mshtml.tlb
[MD5.535E4277D49D7A04DF4A7917AD2DA749] - [04/06/2017 12:09:12] - |A| - [64000] - C:\WINDOWS\syswow64\MshtmlDac.dll
[MD5.43F0215E0F6522CB44A724FA22AFA380] - [04/06/2017 12:09:13] - |A| - [78336] - C:\WINDOWS\syswow64\mshtmled.dll
[MD5.FD8F91221B1CD98F67A57F8BA639257C] - [04/06/2017 12:09:12] - |A| - [49152] - C:\WINDOWS\syswow64\mshtmler.dll
[MD5.A81D5881E1A6994BC6BF0F95CB459FFD] - [04/06/2017 12:11:13] - |A| - [4050432] - C:\WINDOWS\syswow64\msi.dll
[MD5.1EF01FFA316FB4307E3421B811C0197A] - [04/06/2017 12:11:11] - |A| - [13312] - C:\WINDOWS\syswow64\msidcrl40.dll
[MD5.31F99CCCCDFACF818AC54ECE6DE862F0] - [04/06/2017 12:11:13] - |A| - [51712] - C:\WINDOWS\syswow64\msident.dll
[MD5.14EE03634FD13161BD12712B3C940260] - [04/06/2017 12:11:13] - |A| - [9728] - C:\WINDOWS\syswow64\msidle.dll
[MD5.A98D6A64D689C492A5BFDC45367C70B1] - [04/06/2017 12:11:13] - |A| - [5120] - C:\WINDOWS\syswow64\msidntld.dll
[MD5.B186608DB29DD601FCFC93DDDE2BF398] - [04/06/2017 12:11:28] - |A| - [286208] - C:\WINDOWS\syswow64\msieftp.dll
[MD5.E2F461604235D4191F4DC9C427115FDE] - [04/06/2017 12:11:13] - |A| - [59904] - C:\WINDOWS\syswow64\msiexec.exe
[MD5.49803CA6AA9C6E171802C4ECE6A2A02A] - [04/06/2017 12:11:13] - |A| - [316928] - C:\WINDOWS\syswow64\msihnd.dll
[MD5.1E0C7014BB84BB42717010677BE88CA9] - [04/06/2017 12:11:13] - |A| - [17920] - C:\WINDOWS\syswow64\msiltcfg.dll
[MD5.8B45095C97E3FC83FCB7A6C7D755D918] - [04/06/2017 12:11:03] - |A| - [7168] - C:\WINDOWS\syswow64\msimg32.dll
[MD5.7B448222CDB6F45FAFC9DF3A62A7EC49] - [04/06/2017 12:11:13] - |A| - [26112] - C:\WINDOWS\syswow64\msimsg.dll
[MD5.354867D95C9B4D7C62A399A54166C1A8] - [04/06/2017 12:11:28] - |A| - [37376] - C:\WINDOWS\syswow64\msimtf.dll
[MD5.287D62331C46B35DCC77046FE39E35C4] - [04/06/2017 12:11:28] - |A| - [337920] - C:\WINDOWS\syswow64\msinfo32.exe
[MD5.34828DCD70FBBA9171A626D3E73F0E59] - [04/06/2017 12:11:13] - |A| - [26624] - C:\WINDOWS\syswow64\msisip.dll
[MD5.43300D70E4831D34EFC60C7C879AB266] - [04/06/2017 12:11:08] - |A| - [338944] - C:\WINDOWS\syswow64\msIso.dll
[MD5.1B11552848A685563632DCA5AEAA40A7] - [04/06/2017 12:11:13] - |A| - [10240] - C:\WINDOWS\syswow64\msiwer.dll
[MD5.4154281B7A87D76CDC54483AEA6C5D51] - [04/06/2017 12:11:13] - |A| - [1589248] - C:\WINDOWS\syswow64\msjet40.dll
[MD5.F13CEF6A36B555AC2390D8A5501AA137] - [04/06/2017 12:11:13] - |A| - [364544] - C:\WINDOWS\syswow64\msjetoledb40.dll
[MD5.0DFB1C92C11220F24122480F99384770] - [04/06/2017 12:11:13] - |A| - [28672] - C:\WINDOWS\syswow64\msjint40.dll
[MD5.7F2BF1F8E2E767629F2356153734E61E] - [04/06/2017 12:11:13] - |A| - [61440] - C:\WINDOWS\syswow64\msjter40.dll
[MD5.E25794A9464433DAC5E4F5B6D7952711] - [04/06/2017 12:11:13] - |A| - [290816] - C:\WINDOWS\syswow64\msjtes40.dll
[MD5.7FFBE2189440705A83BD19884E193707] - [04/06/2017 12:10:56] - |A| - [135680] - C:\WINDOWS\syswow64\mskeyprotcli.dll
[MD5.64575E1045CB517EAFB1C51C1D491004] - [04/06/2017 12:10:56] - |A| - [49664] - C:\WINDOWS\syswow64\mskeyprotect.dll
[MD5.2329B0C2600064D26CC628A3C02324E1] - [04/06/2017 12:11:23] - |A| - [187392] - C:\WINDOWS\syswow64\msls31.dll
[MD5.10301B0E8BC56A86FA1DC92821612350] - [04/06/2017 12:11:13] - |A| - [241664] - C:\WINDOWS\syswow64\msltus40.dll
[MD5.6EE9D5A53A246A1DE63E65F1A039506A] - [04/06/2017 12:09:12] - |A| - [866208] - C:\WINDOWS\syswow64\msmpeg2adec.dll
[MD5.3F846B7531E4EA499E5708AC27F2CE46] - [04/06/2017 12:09:12] - |A| - [921600] - C:\WINDOWS\syswow64\MSMPEG2ENC.DLL
[MD5.BE2BC00851D8C5250E98107537708FA8] - [04/06/2017 12:09:12] - |A| - [2289152] - C:\WINDOWS\syswow64\msmpeg2vdec.dll
[MD5.B565DF12F30FC8C2BE00006BEBA9EBF0] - [04/06/2017 12:11:26] - |A| - [213504] - C:\WINDOWS\syswow64\MSNP.ax
[MD5.18B03A9D8EFAEF7C1822A413CCACEBCE] - [04/06/2017 12:11:28] - |A| - [62976] - C:\WINDOWS\syswow64\msobjs.dll
[MD5.F0EE95852194C86A791F6CE83CFA253D] - [04/06/2017 12:11:11] - |A| - [97792] - C:\WINDOWS\syswow64\msoert2.dll
[MD5.3C2C8633C86A9D11401BB136B5E67329] - [04/06/2017 12:09:12] - |A| - [136704] - C:\WINDOWS\syswow64\MSOpusDecoder.dll
[MD5.0185281D450B4E32A32C26571301EDFA] - [04/06/2017 12:11:11] - |A| - [2560] - C:\WINDOWS\syswow64\msorc32r.dll
[MD5.D201C00D5F12C4D05292A8B60923E9E0] - [04/06/2017 12:11:10] - |A| - [157696] - C:\WINDOWS\syswow64\msorcl32.dll
[MD5.5D1C0ECDE934F1FBA921E1E7A0F5BB60] - [04/06/2017 12:10:57] - |A| - [6530048] - C:\WINDOWS\syswow64\mspaint.exe
[MD5.228D46FDEDF5F2EA1A421474994D9ED9] - [04/06/2017 12:11:05] - |A| - [40272] - C:\WINDOWS\syswow64\mspatcha.dll
[MD5.17D6E5A0F725556AFF0FEC0FC1EAA30A] - [04/06/2017 12:11:05] - |A| - [64000] - C:\WINDOWS\syswow64\mspatchc.dll
[MD5.C2820E877953FEAB8C4D3FCF55C67365] - [04/06/2017 12:11:13] - |A| - [368640] - C:\WINDOWS\syswow64\mspbde40.dll
[MD5.F7E3058F3D32C50CE306DFF2E5863505] - [04/06/2017 12:09:12] - |A| - [1344512] - C:\WINDOWS\syswow64\MSPhotography.dll
[MD5.FEADEE640850166224AEC98C7A9A2596] - [04/06/2017 12:11:23] - |A| - [45568] - C:\WINDOWS\syswow64\msports.dll
[MD5.6E686855EFACFF58E8C324B3523A76E0] - [04/06/2017 12:13:06] - |A| - [76800] - C:\WINDOWS\syswow64\msra.exe
[MD5.BA2391CBC90145B9E1BCCEDF027E8A3A] - [04/06/2017 12:13:06] - |A| - [7680] - C:\WINDOWS\syswow64\MsraLegacy.tlb
[MD5.EB77CEA522A8957BA24ABEA43DBD53FA] - [04/06/2017 12:11:08] - |A| - [10752] - C:\WINDOWS\syswow64\msrating.dll
[MD5.53BF08D46BD32185F125C982D52B3DEA] - [04/06/2017 12:11:13] - |A| - [319488] - C:\WINDOWS\syswow64\msrd2x40.dll
[MD5.93DEBDB797B624E548CCC3EE6F617991] - [04/06/2017 12:11:13] - |A| - [344064] - C:\WINDOWS\syswow64\msrd3x40.dll
[MD5.D6EF0C79AF154718B7D954FDCA06B7F7] - [04/06/2017 12:12:53] - |A| - [155648] - C:\WINDOWS\syswow64\msrdc.dll
[MD5.E8F164C8849CB6DB7A116BAFE5AA97BD] - [04/06/2017 12:11:26] - |A| - [53248] - C:\WINDOWS\syswow64\MsRdpWebAccess.dll
[MD5.AEAEFFCACEFD73A9533550C19BF69862] - [04/06/2017 12:11:13] - |A| - [643072] - C:\WINDOWS\syswow64\msrepl40.dll
[MD5.F2CDC560A62DD20498F3B2EC5B456979] - [04/06/2017 12:10:53] - |A| - [14848] - C:\WINDOWS\syswow64\msrle32.dll
[MD5.10F94C829437626BE53CBB4BFF7E51AA] - [04/06/2017 12:10:56] - |A| - [41984] - C:\WINDOWS\syswow64\msscntrs.dll
[MD5.99162D9AA84C8DAFFFA17A43C189C92F] - [04/06/2017 12:11:23] - |A| - [101376] - C:\WINDOWS\syswow64\msscript.ocx
[MD5.9D66ACF5F308797F7FCC71DC75344A0C] - [04/06/2017 12:11:05] - |A| - [60416] - C:\WINDOWS\syswow64\mssign32.dll
[MD5.68877DCAABCBA46C863C3922CE040E67] - [04/06/2017 12:11:05] - |A| - [9216] - C:\WINDOWS\syswow64\mssip32.dll
[MD5.E9257260B0331CE41CD905F28E4F07FA] - [04/06/2017 12:10:56] - |A| - [113152] - C:\WINDOWS\syswow64\mssitlb.dll
[MD5.2FD33CD8D80681FDDA40316361387FA9] - [04/06/2017 12:13:00] - |A| - [711168] - C:\WINDOWS\syswow64\MsSpellCheckingFacility.dll
[MD5.2722E285DC24AED4B7672549706E619D] - [04/06/2017 12:10:56] - |A| - [145408] - C:\WINDOWS\syswow64\mssph.dll
[MD5.964FAC3976A3B6E7C54EEBC5BBB08C60] - [04/06/2017 12:10:56] - |A| - [59392] - C:\WINDOWS\syswow64\mssprxy.dll
[MD5.79B1A1FC3E9A34DA4BEFDEFA621D5A27] - [04/06/2017 12:10:56] - |A| - [2241536] - C:\WINDOWS\syswow64\mssrch.dll
[MD5.4ED030711824E6892A4C9095826E19D9] - [04/06/2017 12:10:56] - |A| - [721920] - C:\WINDOWS\syswow64\mssvp.dll
[MD5.0E3C5FA9BB5D7F28779FC60DB2011BD9] - [04/06/2017 12:11:26] - |A| - [223744] - C:\WINDOWS\syswow64\mstask.dll
[MD5.FF8B6558BB9CD8890253FFC01E57E3EC] - [04/06/2017 12:11:13] - |A| - [282624] - C:\WINDOWS\syswow64\mstext40.dll
[MD5.6CB608573174C2ADF0BA1D1B60053AC6] - [04/06/2017 12:11:26] - |A| - [3307008] - C:\WINDOWS\syswow64\mstsc.exe
[MD5.ED945096A85E1CD9EC175AA1BDDB41B6] - [04/06/2017 12:11:26] - |A| - [7799296] - C:\WINDOWS\syswow64\mstscax.dll
[MD5.81C9E6FF8759657080A33AA68B094534] - [04/06/2017 12:11:23] - |A| - [422400] - C:\WINDOWS\syswow64\msutb.dll
[MD5.5644665705D0641389928C6B738E2FE9] - [04/06/2017 12:11:03] - |A| - [345424] - C:\WINDOWS\syswow64\msv1_0.dll
[MD5.9618E4752B19CE24EFD729C662C8DB1E] - [04/06/2017 12:11:21] - |A| - [1386496] - C:\WINDOWS\syswow64\msvbvm60.dll
[MD5.5930AA2F4901D6EC99BBFBDF52ED2AF7] - [04/06/2017 12:11:26] - |A| - [65536] - C:\WINDOWS\syswow64\msvcirt.dll
[MD5.037CBB76B87DDE31117C2CE7943919F7] - [04/06/2017 12:11:05] - |A| - [412680] - C:\WINDOWS\syswow64\msvcp110_win.dll
[MD5.2737D2D6DD6DCE9FD51EAA026E3ED0C0] - [04/06/2017 12:13:09] - |A| - [485576] - C:\WINDOWS\syswow64\msvcp120_clr0400.dll
[MD5.F1A39B90761AF21AEECFF0964E67E5AF] - [04/06/2017 12:11:05] - |A| - [446976] - C:\WINDOWS\syswow64\msvcp60.dll
[MD5.D4CABB7DB819AC90FBDA5376EFA23234] - [04/06/2017 12:11:03] - |A| - [483984] - C:\WINDOWS\syswow64\msvcp_win.dll
[MD5.13A581A51795E53F0BA465AC3FB30B31] - [04/06/2017 12:13:09] - |A| - [19112] - C:\WINDOWS\syswow64\msvcr100_clr0400.dll
[MD5.05D721CABA1C90ACDA8A780DA97602E2] - [04/06/2017 12:13:06] - |A| - [987840] - C:\WINDOWS\syswow64\msvcr120_clr0400.dll
[MD5.8A47624102C0D904EA262E8F7BD0BE4C] - [04/06/2017 12:11:28] - |A| - [764920] - C:\WINDOWS\syswow64\msvcrt.dll
[MD5.C23A3B9B437C4305823BFC7D1B6E4DC6] - [04/06/2017 12:11:26] - |A| - [253952] - C:\WINDOWS\syswow64\msvcrt20.dll
[MD5.DF8F3538FE60869E29A4BCFC6019B18E] - [04/06/2017 12:11:26] - |A| - [60928] - C:\WINDOWS\syswow64\msvcrt40.dll
[MD5.103F5B5EB1DEF1E1CC6694D3FBCE0F1C] - [04/06/2017 12:10:53] - |A| - [124416] - C:\WINDOWS\syswow64\msvfw32.dll
[MD5.529CAC404A75AC2F25B6DE06237F8572] - [04/06/2017 12:10:53] - |A| - [32768] - C:\WINDOWS\syswow64\msvidc32.dll
[MD5.579A752FC04E731FA12D2FD21167FB5B] - [04/06/2017 12:11:26] - |A| - [2327040] - C:\WINDOWS\syswow64\MSVidCtl.dll
[MD5.903222DDF4642D0D212EC3676BD3E2B9] - [04/06/2017 12:09:12] - |A| - [568704] - C:\WINDOWS\syswow64\MSVideoDSP.dll
[MD5.076FAA453A7905DB6F54C41CC5AED7D8] - [04/06/2017 12:09:12] - |A| - [1263360] - C:\WINDOWS\syswow64\MSVP9DEC.dll
[MD5.61B33BF61DCE8164C430D67CA0553C74] - [04/06/2017 12:09:12] - |A| - [993720] - C:\WINDOWS\syswow64\msvproc.dll
[MD5.B564E76B5078D2914EDF5076A3C477C8] - [04/06/2017 12:09:12] - |A| - [1287168] - C:\WINDOWS\syswow64\MSVPXENC.dll
[MD5.8059A4AEBB1D223A173AF7168A7B00B2] - [04/06/2017 12:10:53] - |A| - [198840] - C:\WINDOWS\syswow64\MSWB7.dll
[MD5.CE77A4723B634810416072CA1EFE4440] - [04/06/2017 12:11:13] - |A| - [856064] - C:\WINDOWS\syswow64\mswdat10.dll
[MD5.945AF0FFA92CB22DA3357A82D5E456A3] - [04/06/2017 12:09:13] - |A| - [358912] - C:\WINDOWS\syswow64\mswmdm.dll
[MD5.A114468E31D345C72A58C8F9F6208426] - [04/06/2017 12:11:03] - |A| - [331088] - C:\WINDOWS\syswow64\mswsock.dll
[MD5.0EA59D7329F3DE75BAA270EBFFC8C79B] - [04/06/2017 12:11:13] - |A| - [618496] - C:\WINDOWS\syswow64\mswstr10.dll
[MD5.6D6EF8A5D621AE62F673ED452CFFCAC5] - [04/06/2017 12:11:13] - |A| - [454656] - C:\WINDOWS\syswow64\msxbde40.dll
[MD5.17B0EB1474BA2C0F1355034711CB1101] - [04/06/2017 12:11:13] - |A| - [1562112] - C:\WINDOWS\syswow64\msxml3.dll
[MD5.FF024F165A508BDDAC261647B9F45E92] - [04/06/2017 12:11:13] - |A| - [2560] - C:\WINDOWS\syswow64\msxml3r.dll
[MD5.FCDCFE8E3EAF9D779411F9C0B3B92C24] - [04/06/2017 12:10:57] - |A| - [1985984] - C:\WINDOWS\syswow64\msxml6.dll
[MD5.7ACB3FB9630086B4070AF1201908EC71] - [04/06/2017 12:10:57] - |A| - [2560] - C:\WINDOWS\syswow64\msxml6r.dll
[MD5.FB097CD1B3BD11EC377CE4AC08EA75AB] - [04/06/2017 12:10:53] - |A| - [24064] - C:\WINDOWS\syswow64\msyuv.dll
[MD5.86A342229745CCFE98DF38FB304D14EF] - [04/06/2017 12:11:13] - |A| - [166400] - C:\WINDOWS\syswow64\MTF.dll
[MD5.8567C9BABA3FCA073C0D34DA7CD7D6F5] - [04/06/2017 12:11:02] - |A| - [113152] - C:\WINDOWS\syswow64\mtstocom.exe
[MD5.A634596568492C9538BDEB54E6E22AD9] - [04/06/2017 12:11:00] - |A| - [355840] - C:\WINDOWS\syswow64\mtxclu.dll
[MD5.B8917365D3F6021B8415DBEA098C83EE] - [04/06/2017 12:11:05] - |A| - [27648] - C:\WINDOWS\syswow64\mtxdm.dll
[MD5.D1F98C082301F3CE0B948E2510C9BD52] - [04/06/2017 12:11:05] - |A| - [8192] - C:\WINDOWS\syswow64\mtxex.dll
[MD5.6ABA7F072BB9224BACD9645270AAB020] - [04/06/2017 12:11:05] - |A| - [30720] - C:\WINDOWS\syswow64\mtxlegih.dll
[MD5.E4E88BD3C0DDD77C17CDE62CF6C4074C] - [04/06/2017 12:11:00] - |A| - [114688] - C:\WINDOWS\syswow64\mtxoci.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [19608] - C:\WINDOWS\syswow64\MUI
[MD5.6C18C7413A58507DF8A4B1261FBD30D3] - [04/06/2017 12:11:08] - |A| - [14848] - C:\WINDOWS\syswow64\muifontsetup.dll
[MD5.7A0438E598A1AA224C8CA4147C63515C] - [04/06/2017 12:11:05] - |A| - [88064] - C:\WINDOWS\syswow64\MuiUnattend.exe
[MD5.98AA333B4B8A7EDBFCA3B88CBE98DE6C] - [04/06/2017 12:11:05] - |A| - [235520] - C:\WINDOWS\syswow64\mycomput.dll
[MD5.2699D3B2CD2E0E1BE2886BFC1DBF15A2] - [04/06/2017 12:11:26] - |A| - [156672] - C:\WINDOWS\syswow64\mydocs.dll
[MD5.DEFB3E0E55BAB0664F458B2334DB6AAA] - [04/06/2017 12:11:19] - |A| - [44032] - C:\WINDOWS\syswow64\NAPCRYPT.DLL
[MD5.823F10592B3673780AF3B6E83D9783CD] - [04/06/2017 12:11:13] - |A| - [54784] - C:\WINDOWS\syswow64\NapiNSP.dll
[MD5.F2844BA56FA11FA5F5F2DC890CEC77DC] - [04/06/2017 12:10:53] - |A| - [795648] - C:\WINDOWS\syswow64\NaturalLanguage6.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [277504] - C:\WINDOWS\syswow64\nb-NO
[MD5.7537502EEEF8DD93F8E855E40D32EE12] - [04/06/2017 12:11:18] - |A| - [20992] - C:\WINDOWS\syswow64\NcdProp.dll
[MD5.43916919F77D80182E5EEFABC211D2AC] - [04/06/2017 12:11:05] - |A| - [33792] - C:\WINDOWS\syswow64\nci.dll
[MD5.06B0D2B30C42B2FDE46DD9C28070BB25] - [04/06/2017 12:11:26] - |A| - [55296] - C:\WINDOWS\syswow64\ncobjapi.dll
[MD5.F6764F72A0A07D760FDBE86CAEF7DA05] - [04/06/2017 12:11:18] - |A| - [100864] - C:\WINDOWS\syswow64\ncpa.cpl
[MD5.B32821CB39C759914F1389A0C8ED8C51] - [04/06/2017 12:11:02] - |A| - [115248] - C:\WINDOWS\syswow64\ncrypt.dll
[MD5.61E089C79543ED0F856E07BF66A9E261] - [04/06/2017 12:11:05] - |A| - [267776] - C:\WINDOWS\syswow64\ncryptprov.dll
[MD5.2113D12D59B1691A29532FA3EBB9DAEA] - [04/06/2017 12:11:05] - |A| - [100184] - C:\WINDOWS\syswow64\ncryptsslp.dll
[MD5.508448EF6CFD70EA77D720762B1789FD] - [04/06/2017 12:11:19] - |A| - [64000] - C:\WINDOWS\syswow64\ndadmin.exe
[MD5.6831FFF01671C3791F11A6506744B770] - [04/06/2017 12:11:13] - |A| - [9728] - C:\WINDOWS\syswow64\nddeapi.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\syswow64\NDF
[MD5.96700F0C3384827988B3AF4BEE72972F] - [04/06/2017 12:11:26] - |A| - [248320] - C:\WINDOWS\syswow64\ndfapi.dll
[MD5.3DD8C7420D56F3D0708DCB2B9C9ABA4A] - [04/06/2017 12:11:28] - |A| - [35328] - C:\WINDOWS\syswow64\ndfetw.dll
[MD5.86166DAA04A6C154826508304CC6D4AC] - [04/06/2017 12:11:26] - |A| - [565] - C:\WINDOWS\syswow64\NdfEventView.xml
[MD5.ED3FE4E89B56154DE87726E3D27613C5] - [04/06/2017 12:11:28] - |A| - [83456] - C:\WINDOWS\syswow64\ndfhcdiscovery.dll
[MD5.47E865BB1D7E42557CBFBC7F93A016F2] - [04/06/2017 12:11:26] - |A| - [74240] - C:\WINDOWS\syswow64\ndishc.dll
[MD5.F851911CCD030E431C3F9E08B50AF9D8] - [04/06/2017 12:11:28] - |A| - [21504] - C:\WINDOWS\syswow64\ndproxystub.dll
[MD5.EC113435AA52E900C9FFB1C4D72918F2] - [04/06/2017 12:10:53] - |A| - [102400] - C:\WINDOWS\syswow64\negoexts.dll
[MD5.DCFC21A8699A104E8427A3C53403ACA6] - [04/06/2017 12:11:00] - |A| - [46080] - C:\WINDOWS\syswow64\net.exe
[MD5.C9E62531A2ABDB66F602F4430BB6630C] - [04/06/2017 12:10:59] - |A| - [141312] - C:\WINDOWS\syswow64\net1.exe
[MD5.C3DC5D41916D8B41A82758D0F74FC70F] - [04/06/2017 12:10:59] - |A| - [64600] - C:\WINDOWS\syswow64\netapi32.dll
[MD5.6476EA2DC1CE4DC0CF50764D15165403] - [04/06/2017 12:11:19] - |A| - [15360] - C:\WINDOWS\syswow64\netbios.dll
[MD5.83B241FBE17B9701318346FB615AA833] - [04/06/2017 12:11:18] - |A| - [22016] - C:\WINDOWS\syswow64\netbtugc.exe
[MD5.A2D2DB768BD9DBA2865A4E6DA8C20F24] - [04/06/2017 12:11:21] - |A| - [1169920] - C:\WINDOWS\syswow64\netcenter.dll
[MD5.5A02F70C95ED5AC8D07F44D2678CBD0F] - [04/06/2017 12:11:19] - |A| - [59904] - C:\WINDOWS\syswow64\NetCfgNotifyObjectHost.exe
[MD5.9CE4F7A4A279F2C4C44D2827985A6F09] - [04/06/2017 12:11:19] - |A| - [74064] - C:\WINDOWS\syswow64\netcfgx.dll
[MD5.7D5148BB3C8E61EF96FC48B78EAC54B5] - [04/06/2017 12:11:26] - |A| - [330752] - C:\WINDOWS\syswow64\netcorehc.dll
[MD5.D56474CA3EAD0D918D376DE7003EBED0] - [04/06/2017 12:11:28] - |A| - [227328] - C:\WINDOWS\syswow64\netdiagfx.dll
[MD5.AC0E6FF8CB6CFDB41415A16F5942581C] - [04/06/2017 12:09:55] - |A| - [80896] - C:\WINDOWS\syswow64\NetDriverInstall.dll
[MD5.E6CEFD53CEB01352B88B94430AD7CCA1] - [04/06/2017 12:11:13] - |A| - [20480] - C:\WINDOWS\syswow64\netevent.dll
[MD5.1C33036FD429A2267E37C8F96058BC5F] - [04/06/2017 12:09:04] - |A| - [41984] - C:\WINDOWS\syswow64\netfxperf.dll
[MD5.33F6226E22CB8DD051AC858BB722F7CB] - [04/06/2017 12:11:00] - |A| - [2560] - C:\WINDOWS\syswow64\neth.dll
[MD5.65F5971FF320C7991B91532674A66C7D] - [04/06/2017 12:11:18] - |A| - [129024] - C:\WINDOWS\syswow64\netid.dll
[MD5.612B7F5BC80DE98A3D5770C6EA6EF775] - [04/06/2017 12:10:59] - |A| - [163328] - C:\WINDOWS\syswow64\netiohlp.dll
[MD5.47C8614A61404D280DDEF80B1D354681] - [04/06/2017 12:11:19] - |A| - [25088] - C:\WINDOWS\syswow64\netiougc.exe
[MD5.FE04103530D02BA57A7220C2F974F4C7] - [04/06/2017 12:11:19] - |A| - [136192] - C:\WINDOWS\syswow64\netjoin.dll
[MD5.1A0E0AA93B5AD6D46C97240ABD2E293F] - [04/06/2017 12:11:03] - |A| - [666112] - C:\WINDOWS\syswow64\netlogon.dll
[MD5.67E501C2DBCBF73B46D972C72E5EA7B6] - [04/06/2017 12:11:05] - |A| - [2560] - C:\WINDOWS\syswow64\netmsg.dll
[MD5.F89CC122C469B2B410675D6DFF953847] - [04/06/2017 12:11:26] - |A| - [220672] - C:\WINDOWS\syswow64\netplwiz.dll
[MD5.0042BE745C39BED60BC9C90E1A96D278] - [04/06/2017 12:11:26] - |A| - [34816] - C:\WINDOWS\syswow64\Netplwiz.exe
[MD5.3561B060EA08E2B8ED2255199412586D] - [04/06/2017 12:11:19] - |A| - [176128] - C:\WINDOWS\syswow64\netprofm.dll
[MD5.AB27AAA1681A584E7BF128ACEE652C76] - [04/06/2017 12:11:21] - |A| - [52736] - C:\WINDOWS\syswow64\netprovfw.dll
[MD5.C431AB505DB0BD7C9F837D1B917E53A2] - [04/06/2017 12:11:19] - |A| - [57344] - C:\WINDOWS\syswow64\netprovisionsp.dll
[MD5.74F8BD4CE4604659871E11F9FD983D05] - [04/06/2017 12:09:55] - |A| - [102736] - C:\WINDOWS\syswow64\NetSetupApi.dll
[MD5.281FABDE15EA9A2E7C2FB255EBB3880B] - [04/06/2017 12:09:55] - |A| - [561488] - C:\WINDOWS\syswow64\NetSetupEngine.dll
[MD5.3FD391355D78F03F55F1F916E863D4E5] - [04/06/2017 12:11:19] - |A| - [339968] - C:\WINDOWS\syswow64\NetSetupShim.dll
[MD5.E7113AFE29D63BB3DCC34600B99984CD] - [04/06/2017 12:10:57] - |A| - [82944] - C:\WINDOWS\syswow64\netsh.exe
[MD5.2D935CFD5DEAAC6F5916DDC12D0519FF] - [04/06/2017 12:11:18] - |A| - [2710528] - C:\WINDOWS\syswow64\netshell.dll
[MD5.2098B3716175828EFCC9143EA064BE8E] - [04/06/2017 12:10:59] - |A| - [32768] - C:\WINDOWS\syswow64\NETSTAT.EXE
[MD5.76FB3D01CC47BDE5B144DE058FA98E4F] - [04/06/2017 12:11:03] - |A| - [33592] - C:\WINDOWS\syswow64\netutils.dll
[MD5.6F3E3690ED16D1735C6B181174A661CD] - [04/06/2017 12:09:13] - |A| - [437760] - C:\WINDOWS\syswow64\NetworkCollectionAgent.dll
[MD5.7BFF02F77DD05448E752A2CC9CA4FAC8] - [04/06/2017 12:11:07] - |A| - [1183744] - C:\WINDOWS\syswow64\networkexplorer.dll
[MD5.CF8A9F150AB4E0A0B4F39D72CECE45E6] - [05/06/2017 08:59:13] - |A| - [118272] - C:\WINDOWS\syswow64\networkhelper.dll
[MD5.65C36B1090C8AF94A3BFF0E083B3A112] - [04/06/2017 12:11:06] - |A| - [43008] - C:\WINDOWS\syswow64\networkitemfactory.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [52224] - C:\WINDOWS\syswow64\networklist
[MD5.FC058395FB9778C0051732CC3D2743AE] - [04/06/2017 12:11:19] - |A| - [480256] - C:\WINDOWS\syswow64\newdev.dll
[MD5.8269757F535144D0DCB07BBA2F255BA4] - [04/06/2017 12:11:19] - |A| - [65536] - C:\WINDOWS\syswow64\newdev.exe
[MD5.76388085B59886F42318E646B328B922] - [04/06/2017 12:10:57] - |A| - [538624] - C:\WINDOWS\syswow64\ngccredprov.dll
[MD5.0AD994776F31C4AD7F174915444079E9] - [04/06/2017 12:10:57] - |A| - [123392] - C:\WINDOWS\syswow64\ngckeyenum.dll
[MD5.6C40B96FBC8531837D232B1CC5B7846A] - [04/06/2017 12:10:56] - |A| - [82432] - C:\WINDOWS\syswow64\ngcksp.dll
[MD5.68719C39ACC900C57B7E52960045B951] - [04/06/2017 12:11:23] - |A| - [338432] - C:\WINDOWS\syswow64\ninput.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [297472] - C:\WINDOWS\syswow64\nl-NL
[MD5.B64159A399CAC83A8D8DD9F85D8984F0] - [04/06/2017 12:11:18] - |A| - [63488] - C:\WINDOWS\syswow64\nlaapi.dll
[MD5.E3EEBD58161B1F727A9752F63598932F] - [04/06/2017 12:11:21] - |A| - [153600] - C:\WINDOWS\syswow64\nlhtml.dll
[MD5.B580D77659C6D283E26A5C1EE5F8BF3E] - [04/06/2017 12:11:19] - |A| - [155648] - C:\WINDOWS\syswow64\nlmgp.dll
[MD5.27123DFE65D2C35B9F1F01D03906779A] - [04/06/2017 12:11:19] - |A| - [18432] - C:\WINDOWS\syswow64\nlmproxy.dll
[MD5.AABD419F543F217D970B22F7634D7D0F] - [04/06/2017 12:11:19] - |A| - [14336] - C:\WINDOWS\syswow64\nlmsprep.dll
[MD5.49F8979ABCE73AA7B7421550BF373066] - [04/06/2017 12:11:08] - |A| - [85328] - C:\WINDOWS\syswow64\nlsbres.dll
[MD5.F23C1560422144EC399CE317AF7941BC] - [04/06/2017 12:10:53] - |A| - [1513984] - C:\WINDOWS\syswow64\NlsData0000.dll
[MD5.7437A54D6D6B809A802BBE2164CA8B1C] - [04/06/2017 12:12:33] - |A| - [2264576] - C:\WINDOWS\syswow64\NlsData000c.dll
[MD5.AE0AD91FC00C7196A74E36FF9283F664] - [04/06/2017 12:11:11] - |A| - [8704] - C:\WINDOWS\syswow64\Nlsdl.dll
[MD5.EBEFA4FDD6F4BA50CFD8E274F5E1090B] - [04/06/2017 12:12:33] - |A| - [6238208] - C:\WINDOWS\syswow64\NlsLexicons000c.dll
[MD5.278AC8DDF3FD4490BB95D6B4058E91CB] - [04/06/2017 12:10:56] - |A| - [741888] - C:\WINDOWS\syswow64\NMAA.dll
[MD5.ED9DF410F5BFCA0C21F9DDD123018F5E] - [04/06/2017 12:10:56] - |A| - [256512] - C:\WINDOWS\syswow64\NmaDirect.dll
[MD5.DE78E0C57BC478D47CC2F470B68E1A45] - [04/06/2017 12:17:15] - |A| - [741] - C:\WINDOWS\syswow64\NOISE.DAT
[MD5.0A0A01DFA8EBF7FD6D3FF62AA83F228E] - [04/06/2017 12:11:05] - |A| - [5120] - C:\WINDOWS\syswow64\normaliz.dll
[MD5.3306BAEF5C5A9BD1944E9B98798E4F2E] - [04/06/2017 12:11:19] - |A| - [236544] - C:\WINDOWS\syswow64\notepad.exe
[MD5.41A439D9352F6252A137B2FFB2AE0B77] - [04/06/2017 12:10:57] - |A| - [283136] - C:\WINDOWS\syswow64\NotificationObjFactory.dll
[MD5.ABA5D5E426188B7F20E28EC738780783] - [04/06/2017 12:11:19] - |A| - [20992] - C:\WINDOWS\syswow64\npmproxy.dll
[MD5.31477E89BE68B5F56B9C45CB2344B611] - [04/06/2017 12:10:57] - |A| - [150016] - C:\WINDOWS\syswow64\NPSM.dll
[MD5.395077843B40A13C38D771B8862D9A95] - [04/06/2017 12:11:00] - |A| - [833024] - C:\WINDOWS\syswow64\NPSMDesktopProvider.dll
[MD5.4E12953CCDD6436C7C659C1CF1E97D01] - [04/06/2017 12:11:07] - |A| - [34816] - C:\WINDOWS\syswow64\nshhttp.dll
[MD5.C110D9C965F259A8C906568460100900] - [04/06/2017 12:11:06] - |A| - [333312] - C:\WINDOWS\syswow64\nshipsec.dll
[MD5.311678E19533DA1C0B025F191C7C0B65] - [04/06/2017 12:11:21] - |A| - [593408] - C:\WINDOWS\syswow64\nshwfp.dll
[MD5.4B2CCF058A02935A35D66F1D39E259BE] - [04/06/2017 12:09:57] - |A| - [16040] - C:\WINDOWS\syswow64\nsi.dll
[MD5.DE7BC70D23C5CD4111289C81CE6974DB] - [04/06/2017 12:11:07] - |A| - [77824] - C:\WINDOWS\syswow64\nslookup.exe
[MD5.77F633BC1FD08AA3BBA9EE79E5D80421] - [04/06/2017 12:11:05] - |A| - [173024] - C:\WINDOWS\syswow64\ntasn1.dll
[MD5.56AA21DB1EA242F06CC0A995DF971CFE] - [04/06/2017 12:11:02] - |A| - [1628032] - C:\WINDOWS\syswow64\ntdll.dll
[MD5.30C82223BEF31AB1F94C6F6E5436BB5D] - [04/06/2017 12:10:57] - |A| - [96768] - C:\WINDOWS\syswow64\ntdsapi.dll
[MD5.1A986B055AC3E29848D4111A85855D54] - [04/06/2017 12:11:05] - |A| - [57344] - C:\WINDOWS\syswow64\ntlanman.dll
[MD5.BD63CEBD12FFCD576196CEE0E76442FD] - [04/06/2017 12:11:23] - |A| - [17920] - C:\WINDOWS\syswow64\ntlanui2.dll
[MD5.6FA002C25EED6CC3338B8365207235B8] - [04/06/2017 12:11:05] - |A| - [28952] - C:\WINDOWS\syswow64\NtlmShared.dll
[MD5.2E1308CDD8799D0BCB2DB935F1B59DD1] - [04/06/2017 12:11:05] - |A| - [148264] - C:\WINDOWS\syswow64\ntmarta.dll
[MD5.3935B4870B0145BF73687E6BABCFE49D] - [04/06/2017 12:11:23] - |A| - [313856] - C:\WINDOWS\syswow64\ntprint.dll
[MD5.94294C187522C54F2B15F0F92845F8B1] - [04/06/2017 12:11:23] - |A| - [61952] - C:\WINDOWS\syswow64\ntprint.exe
[MD5.CE3035C6CDAA50E756F5B811FFB8911E] - [04/06/2017 12:11:21] - |A| - [797184] - C:\WINDOWS\syswow64\ntshrui.dll
[MD5.6B66CA1A16B4193DD6E61F2ED3151FD9] - [04/06/2017 12:11:13] - |A| - [15872] - C:\WINDOWS\syswow64\ntvdm64.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |SD| - [3872256] - C:\WINDOWS\syswow64\Nui
[MD5.368DA8167E980D43C5351343F1BAFBE4] - [12/06/2017 11:00:08] - |A| - [134592] - C:\WINDOWS\syswow64\nvStreaming.exe
[MD5.02DC4E235AC3D8BD73D8AB14E8D9A679] - [04/06/2017 12:10:59] - |A| - [557056] - C:\WINDOWS\syswow64\objsel.dll
[MD5.6EF35253D7E2872B34E2A2BAB6AC9FD1] - [04/06/2017 12:09:13] - |A| - [126464] - C:\WINDOWS\syswow64\occache.dll
[MD5.B1DC9ECC848D81C15BD4120003B3C16C] - [04/06/2017 12:11:00] - |A| - [164864] - C:\WINDOWS\syswow64\ocsetapi.dll
[MD5.368F0CDF4226C820A76E057D5946ADD4] - [04/06/2017 12:11:13] - |A| - [614400] - C:\WINDOWS\syswow64\odbc32.dll
[MD5.A66D4F2FD39034AFA6677A4DF6A6BA3B] - [04/06/2017 12:11:08] - |A| - [72192] - C:\WINDOWS\syswow64\odbcad32.exe
[MD5.022CF6D143AAF63019F67EB3829BC21F] - [04/06/2017 12:11:11] - |A| - [42496] - C:\WINDOWS\syswow64\odbcbcp.dll
[MD5.2687776E09103F42C4CBE5B8961DDA65] - [04/06/2017 12:11:08] - |A| - [24064] - C:\WINDOWS\syswow64\odbcconf.dll
[MD5.A3AC8615736B21170348BD29DD7BBC23] - [04/06/2017 12:11:08] - |A| - [22016] - C:\WINDOWS\syswow64\odbcconf.exe
[MD5.CE8AC7BCA89A2789235669DAEB1E0A5B] - [04/06/2017 12:11:08] - |A| - [4453] - C:\WINDOWS\syswow64\odbcconf.rsp
[MD5.81D23188512542E578BCD8638E44540F] - [04/06/2017 12:11:13] - |A| - [110592] - C:\WINDOWS\syswow64\odbccp32.dll
[MD5.B451C2E4D6B88EEC710CD64777B2F9AD] - [04/06/2017 12:11:11] - |A| - [71680] - C:\WINDOWS\syswow64\odbccr32.dll
[MD5.B0CB022D7E5A60E09B599EB3846C922D] - [04/06/2017 12:11:11] - |A| - [72192] - C:\WINDOWS\syswow64\odbccu32.dll
[MD5.EC6DEA30E92AEE00F80DB75F6697C396] - [04/06/2017 12:11:13] - |A| - [225280] - C:\WINDOWS\syswow64\odbcint.dll
[MD5.DC4C9297C0E859242043CA2289C30B5B] - [04/06/2017 12:11:11] - |A| - [10240] - C:\WINDOWS\syswow64\odbcji32.dll
[MD5.AD6965CEBC373B53428103EC59F27DD9] - [04/06/2017 12:11:13] - |A| - [318464] - C:\WINDOWS\syswow64\odbcjt32.dll
[MD5.D8F2C7980191B5D1EF7AB4827C309938] - [04/06/2017 12:11:13] - |A| - [138752] - C:\WINDOWS\syswow64\odbctrac.dll
[MD5.042D503953EC0A1F81E67EA1526AD85B] - [04/06/2017 12:11:10] - |A| - [8704] - C:\WINDOWS\syswow64\oddbse32.dll
[MD5.FD1EAFC8F8D5F992823963C7D9BA881E] - [04/06/2017 12:11:11] - |A| - [8704] - C:\WINDOWS\syswow64\odexl32.dll
[MD5.15EA74E75DEE54C4E3E779F0123965C6] - [04/06/2017 12:11:11] - |A| - [8704] - C:\WINDOWS\syswow64\odfox32.dll
[MD5.8A8974FBFE1080A9E4B0E7A366051804] - [04/06/2017 12:11:11] - |A| - [8704] - C:\WINDOWS\syswow64\odpdx32.dll
[MD5.A0262E03FE5E0C9163DDE89258A94406] - [04/06/2017 12:11:11] - |A| - [8704] - C:\WINDOWS\syswow64\odtext32.dll
[MD5.659AA263149277D19019252C4F30AAC4] - [04/06/2017 12:10:56] - |A| - [98816] - C:\WINDOWS\syswow64\oemlicense.dll
[MD5.CF653F6988788D196BDB62CA98FD4093] - [04/06/2017 12:11:23] - |A| - [214016] - C:\WINDOWS\syswow64\offfilt.dll
[MD5.FE9A32C4FAA540E737F11E15B07786D9] - [04/06/2017 12:11:03] - |A| - [110416] - C:\WINDOWS\syswow64\offlinelsa.dll
[MD5.EB7BC4F3256B538E6871E6550E91EB8F] - [04/06/2017 12:11:05] - |A| - [217424] - C:\WINDOWS\syswow64\offlinesam.dll
[MD5.17AE521EA77E827299E0245A0C6A63B0] - [04/06/2017 12:11:23] - |A| - [58368] - C:\WINDOWS\syswow64\offreg.dll
[MD5.8D1AC76921187BDADACE40D535182C58] - [04/06/2017 12:11:28] - |A| - [45568] - C:\WINDOWS\syswow64\oflc-nz.rs
[MD5.9A355B75137E8A5F3C384C999CC6DBBC] - [04/06/2017 12:11:18] - |A| - [8960] - C:\WINDOWS\syswow64\ole2.dll
[MD5.9A355B75137E8A5F3C384C999CC6DBBC] - [04/06/2017 12:11:18] - |A| - [8960] - C:\WINDOWS\syswow64\ole2disp.dll
[MD5.9A355B75137E8A5F3C384C999CC6DBBC] - [04/06/2017 12:11:18] - |A| - [8960] - C:\WINDOWS\syswow64\ole2nls.dll
[MD5.B7864890BB45FC538DCA59E17738C0B5] - [04/06/2017 12:10:57] - |A| - [992768] - C:\WINDOWS\syswow64\ole32.dll
[MD5.F5104323FB5B5A540C2036BEF7481279] - [04/06/2017 12:11:19] - |A| - [331776] - C:\WINDOWS\syswow64\oleacc.dll
[MD5.B9E0C06D678062737DE6FFF4C45A48CE] - [04/06/2017 12:11:19] - |A| - [10240] - C:\WINDOWS\syswow64\oleacchooks.dll
[MD5.42839D2A4F5DBD1294584A78B284DE5C] - [04/06/2017 12:11:19] - |A| - [4608] - C:\WINDOWS\syswow64\oleaccrc.dll
[MD5.693B54EB9CCB65C7631081E4076EB968] - [04/06/2017 12:11:02] - |A| - [602784] - C:\WINDOWS\syswow64\oleaut32.dll
[MD5.E8A4E3183E72FF136094E4455505B63F] - [04/06/2017 12:10:59] - |A| - [97792] - C:\WINDOWS\syswow64\olecli32.dll
[MD5.9A6E40B6771D81AF00CBCBC751B928AD] - [04/06/2017 12:11:00] - |A| - [139264] - C:\WINDOWS\syswow64\oledlg.dll
[MD5.41ED486820BC4941C754898781CE7DE3] - [04/06/2017 12:11:28] - |A| - [118784] - C:\WINDOWS\syswow64\oleprn.dll
[MD5.46967D15ECA5550367C780B5EA4EA885] - [04/06/2017 12:11:18] - |A| - [89088] - C:\WINDOWS\syswow64\olepro32.dll
[MD5.54697E4AFC740CF51769140130A6BE74] - [04/06/2017 12:11:02] - |A| - [46080] - C:\WINDOWS\syswow64\olesvr32.dll
[MD5.4F3B8105BA1131C0FA6B6EA4861D4001] - [04/06/2017 12:11:02] - |A| - [90112] - C:\WINDOWS\syswow64\olethk32.dll
[MD5.BC55C7D8971D0FE3A3A787AF650BA051] - [04/06/2017 12:10:59] - |A| - [123472] - C:\WINDOWS\syswow64\omadmapi.dll
[MD5.08BE8D29324D3029B72A0CCAF6F42E47] - [04/06/2017 12:10:56] - |A| - [36352] - C:\WINDOWS\syswow64\OnDemandBrokerClient.dll
[MD5.9CCEFBD513EC1464AB66997CAA4D2666] - [04/06/2017 12:10:53] - |A| - [53760] - C:\WINDOWS\syswow64\OnDemandConnRouteHelper.dll
[MD5.E5CA3CA9C46BF50EF1D2F80945D91821] - [04/06/2017 12:11:02] - |A| - [193024] - C:\WINDOWS\syswow64\OneCoreCommonProxyStub.dll
[MD5.36BF5B8FFF0755A509A2B1FD95F4920B] - [04/06/2017 12:10:53] - |A| - [2822216] - C:\WINDOWS\syswow64\OneCoreUAPCommonProxyStub.dll
[MD5.B3D3AD3EB896CC693ACD93841C9B8EC6] - [04/06/2017 12:10:53] - |A| - [527360] - C:\WINDOWS\syswow64\OneDriveSettingSyncProvider.dll
[MD5.450FDD861FD582026BDCE55FCB2162C4] - [04/06/2017 12:09:13] - |A| - [20488312] - C:\WINDOWS\syswow64\OneDriveSetup.exe
[MD5.35CFF63A5DA9C22D7178A71A9C0A2246] - [04/06/2017 12:11:28] - |A| - [208384] - C:\WINDOWS\syswow64\onex.dll
[MD5.5CC8977F89B537C0AA739DE110A4EDED] - [04/06/2017 12:11:28] - |A| - [1065472] - C:\WINDOWS\syswow64\onexui.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [645456] - C:\WINDOWS\syswow64\oobe
[MD5.E68C6218C517B65FF7C533073D80AE5E] - [04/06/2017 12:11:23] - |A| - [629248] - C:\WINDOWS\syswow64\OobeFldr.dll
[MD5.A42ACE71C68B5FDDAEC631532256A349] - [04/06/2017 12:11:23] - |A| - [1351168] - C:\WINDOWS\syswow64\OpcServices.dll
[MD5.D32FFA390BBA6D8949324C9AA6820A3F] - [05/06/2017 09:00:08] - |A| - [418752] - C:\WINDOWS\syswow64\opencl.dll
[MD5.3C72CE48EA5FD6927D77C99F91373095] - [04/06/2017 12:11:02] - |A| - [60928] - C:\WINDOWS\syswow64\openfiles.exe
[MD5.708636B0AEE119943F12E61F11286B1E] - [04/06/2017 12:11:19] - |A| - [777216] - C:\WINDOWS\syswow64\opengl32.dll
[MD5.4E5FA639EB6E241572B5CA921D785613] - [04/06/2017 12:11:21] - |A| - [97112] - C:\WINDOWS\syswow64\OpenWith.exe
[MD5.E983D216545F970A3D32B36EAA442C6E] - [04/06/2017 12:10:59] - |A| - [29184] - C:\WINDOWS\syswow64\OposHost.exe
[MD5.23A1EB10FC32F3CDFE397216433DEFAB] - [04/06/2017 12:09:17] - |A| - [653456] - C:\WINDOWS\syswow64\ortcengine.dll
[MD5.843798C0237D0D2DFCBC98832F0A30A4] - [04/06/2017 12:11:23] - |A| - [20992] - C:\WINDOWS\syswow64\osbaseln.dll
[MD5.F81D9D1EA40A0BAC784E022F8D72EAFD] - [04/06/2017 12:10:59] - |A| - [588800] - C:\WINDOWS\syswow64\osk.exe
[MD5.A92EC8D178FCE88E16D36651BCE57981] - [04/06/2017 12:10:57] - |A| - [8704] - C:\WINDOWS\syswow64\OskSupport.dll
[MD5.13E7180963B06F02275A16BD3DAB01D7] - [04/06/2017 12:11:26] - |A| - [8192] - C:\WINDOWS\syswow64\osuninst.dll
[MD5.A7A8F20B0E3A94F4221A5BA113950EA7] - [04/06/2017 12:09:13] - |A| - [174592] - C:\WINDOWS\syswow64\P2P.dll
[MD5.F9732E0714E976583D40869B2120631A] - [04/06/2017 12:09:17] - |A| - [365056] - C:\WINDOWS\syswow64\P2PGraph.dll
[MD5.35820117B5693CCF6F310A8E2B537AC3] - [04/06/2017 12:09:17] - |A| - [178176] - C:\WINDOWS\syswow64\p2pnetsh.dll
[MD5.81189B832098427962EA25F7A0CE11EC] - [04/06/2017 12:10:57] - |A| - [29184] - C:\WINDOWS\syswow64\PackagedCWALauncher.exe
[MD5.651C8107866C78EABEA90C340030A0D8] - [04/06/2017 12:11:05] - |A| - [81920] - C:\WINDOWS\syswow64\packager.dll
[MD5.C97896A48048E6AE3DC73957437F7A2B] - [04/06/2017 12:10:56] - |A| - [183808] - C:\WINDOWS\syswow64\PackageStateRoaming.dll
[MD5.F499F5DFF932D81145B1E94EABDB2FEC] - [04/06/2017 12:11:28] - |A| - [12800] - C:\WINDOWS\syswow64\panmap.dll
[MD5.8B6A1C1DDFF688A9CFB30FC714BB88C4] - [04/06/2017 12:11:28] - |A| - [34616] - C:\WINDOWS\syswow64\PasswordOnWakeSettingFlyout.exe
[MD5.CC132C14EB4034EFDF18A5E6B2B4D92B] - [04/06/2017 12:11:00] - |A| - [16896] - C:\WINDOWS\syswow64\PATHPING.EXE
[MD5.409106E24F2651FAF0C8B4792F660A34] - [04/06/2017 12:11:03] - |A| - [53760] - C:\WINDOWS\syswow64\pautoenr.dll
[MD5.7ECE5BE1ECC39A99B91A68BE94C1914F] - [04/06/2017 12:10:57] - |A| - [14336] - C:\WINDOWS\syswow64\PaymentMediatorServiceProxy.dll
[MD5.25E3A409E3C7A42F2381595053711D27] - [04/06/2017 12:11:00] - |A| - [38912] - C:\WINDOWS\syswow64\pcacli.dll
[MD5.7B552CBF66125CCBA14B40905FB9545A] - [04/06/2017 12:11:00] - |A| - [65536] - C:\WINDOWS\syswow64\pcaui.dll
[MD5.0EA10B91C5615727C538091DFBFD2AB7] - [04/06/2017 12:11:00] - |A| - [45056] - C:\WINDOWS\syswow64\pcaui.exe
[MD5.258D49EA254C568B887E1E7F9D35E925] - [04/06/2017 12:11:28] - |A| - [15360] - C:\WINDOWS\syswow64\pcbp.rs
[MD5.66D58077CC739E4B8166E33AB0BA4639] - [04/06/2017 12:11:21] - |A| - [150] - C:\WINDOWS\syswow64\pcl.sep
[MD5.98BD50C59C90761F6F97AB0136689A56] - [04/06/2017 12:11:28] - |A| - [587264] - C:\WINDOWS\syswow64\PCPKsp.dll
[MD5.755DF7D090567E305A3EBBB71A4230DD] - [04/06/2017 12:11:00] - |A| - [10240] - C:\WINDOWS\syswow64\PCShellCommonProxyStub.dll
[MD5.EA5CE547A87DF33C6B8DC4B8E4501E15] - [04/06/2017 12:11:03] - |A| - [21744] - C:\WINDOWS\syswow64\pcwum.dll
[MD5.F639C14AA5472DCA91C34C4A5A34971B] - [04/06/2017 12:11:05] - |A| - [264192] - C:\WINDOWS\syswow64\pdh.dll
[MD5.637445B68CC24D57C3BF26ABA5AB0C15] - [04/06/2017 12:11:21] - |A| - [47616] - C:\WINDOWS\syswow64\pdhui.dll
[MD5.ABF1BB8422E1201476BB9E35987ED601] - [04/06/2017 12:11:53] - |A| - [183808] - C:\WINDOWS\syswow64\PeerDist.dll
[MD5.5115E67BA48A3525B0052DAC4DDB0A46] - [04/06/2017 12:11:53] - |A| - [347136] - C:\WINDOWS\syswow64\PeerDistSh.dll
[MD5.E759AB042563C6F6BA0A19EB9D699CAB] - [04/06/2017 12:11:28] - |A| - [20992] - C:\WINDOWS\syswow64\pegi-pt.rs
[MD5.0E4E55A26D7BDBF2531E0E98438C2E88] - [04/06/2017 12:11:28] - |A| - [20480] - C:\WINDOWS\syswow64\pegi.rs
[MD5.5536863F84917715219434F6A1615178] - [04/06/2017 12:10:53] - |A| - [95232] - C:\WINDOWS\syswow64\PeopleAPIs.dll
[MD5.F3B872A869AF0E8902BC75732965838D] - [04/06/2017 12:10:53] - |A| - [12288] - C:\WINDOWS\syswow64\PerceptionSimulation.ProxyStubs.dll
[MD5.7D5D73F5A1519C8C6A6FA79964467004] - [04/06/2017 12:11:03] - |A| - [41472] - C:\WINDOWS\syswow64\perfctrs.dll
[MD5.D7826D2090DEB230AD090C8603D5A4D0] - [04/06/2017 12:11:03] - |A| - [37376] - C:\WINDOWS\syswow64\perfdisk.dll
[MD5.BE665A502EEEC5542C1F7F09EFB7B152] - [04/06/2017 12:11:05] - |A| - [21504] - C:\WINDOWS\syswow64\perfhost.exe
[MD5.A9B35412A9DE90F8102DDEB4C07282F5] - [04/06/2017 12:11:21] - |A| - [162816] - C:\WINDOWS\syswow64\perfmon.exe
[MD5.9BE46DD971FBA66D84567679D3D414EC] - [04/06/2017 12:11:21] - |A| - [145519] - C:\WINDOWS\syswow64\perfmon.msc
[MD5.9FFB560DA3B5A108EA5E7D81DC1E1058] - [04/06/2017 12:11:03] - |A| - [23040] - C:\WINDOWS\syswow64\perfnet.dll
[MD5.486924CC9DB5DEB5CD5FDDF50BD1B46C] - [04/06/2017 12:11:03] - |A| - [35840] - C:\WINDOWS\syswow64\perfos.dll
[MD5.F2EF3CC8926C963CCE29CAAE630BECB2] - [04/06/2017 12:11:03] - |A| - [36864] - C:\WINDOWS\syswow64\perfproc.dll
[MD5.52ABB4826C0466FBC983B734084AD5EE] - [04/06/2017 12:11:26] - |A| - [14336] - C:\WINDOWS\syswow64\perfts.dll
[MD5.2FE2171549310361F145543F1AA20320] - [11/06/2017 03:12:29] - |A| - [271872] - C:\WINDOWS\syswow64\perf_gputiming.dll
[MD5.9B144C856E0C098B95864F34957BB18E] - [04/06/2017 12:11:23] - |A| - [154624] - C:\WINDOWS\syswow64\PersonaX.dll
[MD5.690E27CC4BEBF7ED8E2679C71A5C03F3] - [04/06/2017 12:10:53] - |A| - [185856] - C:\WINDOWS\syswow64\PhoneCallHistoryApis.dll
[MD5.A700A72DFA2EC7DC5F2CE26C45E8B446] - [04/06/2017 12:10:59] - |A| - [322048] - C:\WINDOWS\syswow64\PhoneOm.dll
[MD5.D09C7F653D1FD23369845E1D6C4B49BA] - [04/06/2017 12:10:59] - |A| - [57344] - C:\WINDOWS\syswow64\PhonePlatformAbstraction.dll
[MD5.4035613AA23668C7DA97CECEAD06FD57] - [04/06/2017 12:10:53] - |A| - [258560] - C:\WINDOWS\syswow64\Phoneutil.dll
[MD5.CED8786C962489793D1FB84F6B218B62] - [04/06/2017 12:10:53] - |A| - [2560] - C:\WINDOWS\syswow64\PhoneutilRes.dll
[MD5.6600E285F9ADA84A645DA34027358F2C] - [04/06/2017 12:10:56] - |A| - [336384] - C:\WINDOWS\syswow64\PhotoMetadataHandler.dll
[MD5.DFDB44713519B93147617A677C0F6E94] - [04/06/2017 12:09:17] - |A| - [508928] - C:\WINDOWS\syswow64\PhotoScreensaver.scr
[MD5.50E740C740A6C13CF4E804F2473064CD] - [04/06/2017 12:09:17] - |A| - [287232] - C:\WINDOWS\syswow64\photowiz.dll
[MD5.FFE9DA7E4B62A3CE68BB11ECCBD8B14B] - [04/06/2017 12:10:53] - |A| - [81128] - C:\WINDOWS\syswow64\PickerHost.exe
[MD5.939E4B662AB63E2A6E9E6A035C0007CF] - [04/06/2017 12:10:57] - |A| - [264704] - C:\WINDOWS\syswow64\PickerPlatform.dll
[MD5.393DE80D55A8AEA77F8C5C20C745F42C] - [04/06/2017 12:11:03] - |A| - [37888] - C:\WINDOWS\syswow64\pid.dll
[MD5.56139D33B6279F0A539BDADA8AD6E837] - [04/06/2017 12:10:38] - |A| - [908112] - C:\WINDOWS\syswow64\pidgenx.dll
[MD5.01506D77E6369219EE9D871FBDD2B40D] - [04/06/2017 12:11:21] - |A| - [35840] - C:\WINDOWS\syswow64\pifmgr.dll
[MD5.32C964B190760280336A4E110E974912] - [04/06/2017 12:10:53] - |A| - [52224] - C:\WINDOWS\syswow64\PimIndexMaintenanceClient.dll
[MD5.414727A7640D11413A013D80A50C673B] - [04/06/2017 12:10:50] - |A| - [838144] - C:\WINDOWS\syswow64\Pimstore.dll
[MD5.10A1D070A0EA6FC731F9806CBECC412E] - [04/06/2017 12:11:00] - |A| - [18944] - C:\WINDOWS\syswow64\PING.EXE
[MD5.6F50BA437F2209985FE014056D81ED39] - [04/06/2017 12:09:55] - |A| - [202240] - C:\WINDOWS\syswow64\PkgMgr.exe
[MD5.5AE137D07F6EE417FC0B562DC25ABB76] - [04/06/2017 12:11:23] - |A| - [193536] - C:\WINDOWS\syswow64\pku2u.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [295424] - C:\WINDOWS\syswow64\pl-PL
[MD5.FD22719DC01D453DBD0580BF64149F96] - [04/06/2017 12:11:13] - |A| - [1537024] - C:\WINDOWS\syswow64\pla.dll
[MD5.AF5C0F2AA616ED20C3E918F0E1468288] - [04/06/2017 12:11:23] - |A| - [60416] - C:\WINDOWS\syswow64\playlistfolder.dll
[MD5.2022D6DD8B1E7316752CF92649F1F1A3] - [04/06/2017 12:10:53] - |A| - [81408] - C:\WINDOWS\syswow64\PlaySndSrv.dll
[MD5.EE592A45735B9670E8B1CAE9B1D40CA1] - [04/06/2017 12:11:00] - |A| - [301056] - C:\WINDOWS\syswow64\PlayToDevice.dll
[MD5.7FE519462A532DC7F455C9AB66185752] - [04/06/2017 12:10:57] - |A| - [427008] - C:\WINDOWS\syswow64\PlayToManager.dll
[MD5.765A8897639E898C8BD764822A284450] - [04/06/2017 12:10:59] - |A| - [141312] - C:\WINDOWS\syswow64\playtomenu.dll
[MD5.742E1DBA55000F1C1DD805A39226203C] - [04/06/2017 12:09:13] - |A| - [215040] - C:\WINDOWS\syswow64\PlayToReceiver.dll
[MD5.5EECE8F28F33868A806AE69FABF42E84] - [04/06/2017 12:10:03] - |A| - [31744] - C:\WINDOWS\syswow64\PlayToStatusProvider.dll
[MD5.420734833502423DC3B6EE193EA74E8F] - [04/06/2017 12:09:13] - |A| - [57856] - C:\WINDOWS\syswow64\pngfilt.dll
[MD5.9E6CA0E522F26490BDD3E58A7C2439FE] - [04/06/2017 12:09:13] - |A| - [70656] - C:\WINDOWS\syswow64\pnrpnsp.dll
[MD5.A223692C8117A8B47A35E2F70DA0686E] - [04/06/2017 12:11:00] - |A| - [415312] - C:\WINDOWS\syswow64\policymanager.dll
[MD5.BAE1FCEDBCB04D1DDD41E679D79F26AE] - [04/06/2017 12:11:08] - |A| - [296960] - C:\WINDOWS\syswow64\polstore.dll
[MD5.A74CE549828D17316A4BBFA6AE420DE4] - [04/06/2017 10:16:48] - |A| - [118272] - C:\WINDOWS\syswow64\poqexec.exe
[MD5.5CA50FD3E0E33918562F793F637C2521] - [04/06/2017 12:09:17] - |A| - [535040] - C:\WINDOWS\syswow64\PortableDeviceApi.dll
[MD5.FF94E5CFA82987E0F95F5C080CEA2B06] - [04/06/2017 12:09:17] - |A| - [110080] - C:\WINDOWS\syswow64\PortableDeviceClassExtension.dll
[MD5.FD8757DFFA98D5DC2E4D99B6B72CBD4F] - [04/06/2017 12:09:17] - |A| - [60416] - C:\WINDOWS\syswow64\PortableDeviceConnectApi.dll
[MD5.52262910624FFB83F9C052C7039227ED] - [04/06/2017 12:09:17] - |A| - [429056] - C:\WINDOWS\syswow64\PortableDeviceStatus.dll
[MD5.FCFA3958470BCF86E75154C6468EEE48] - [04/06/2017 12:11:03] - |A| - [134656] - C:\WINDOWS\syswow64\PortableDeviceSyncProvider.dll
[MD5.0985729B61FEAC9281DFACFB1465C2EA] - [04/06/2017 12:09:17] - |A| - [158208] - C:\WINDOWS\syswow64\PortableDeviceTypes.dll
[MD5.E78FB4A8C8F061866A817BC83340104E] - [04/06/2017 12:09:17] - |A| - [132096] - C:\WINDOWS\syswow64\PortableDeviceWiaCompat.dll
[MD5.ECC1E62731C19452B00687379E7D7675] - [04/06/2017 12:10:53] - |A| - [58368] - C:\WINDOWS\syswow64\POSyncServices.dll
[MD5.35F2686511737F7FA5D99558882F2803] - [04/06/2017 12:11:26] - |A| - [32768] - C:\WINDOWS\syswow64\pots.dll
[MD5.C8E6DAB06522E8D974BD75E497D8C958] - [04/06/2017 12:11:19] - |A| - [207360] - C:\WINDOWS\syswow64\powercfg.cpl
[MD5.9E8A6FC0453B6BAF3A4791B39CE923BA] - [04/06/2017 12:11:05] - |A| - [80384] - C:\WINDOWS\syswow64\powercfg.exe
[MD5.E9306C73EC7D84EFD40F95C2E028ED94] - [04/06/2017 12:11:19] - |A| - [473600] - C:\WINDOWS\syswow64\powercpl.dll
[MD5.5CCB0EEC7C293AC3D16C382507EA7626] - [04/06/2017 12:11:02] - |A| - [269664] - C:\WINDOWS\syswow64\powrprof.dll
[MD5.6872E6A56407B492FA0E5777945D22CE] - [11/06/2017 03:22:08] - |A| - [103120] - C:\WINDOWS\syswow64\PresentationCFFRasterizerNative_v0300.dll
[MD5.ABBB3DD535DD17A329E3AADAF7ACDA8D] - [04/06/2017 12:12:43] - |A| - [243200] - C:\WINDOWS\syswow64\PresentationHost.exe
[MD5.7FACF882F435C7FFD088606545D7A5FC] - [04/06/2017 12:12:43] - |A| - [49664] - C:\WINDOWS\syswow64\PresentationHostProxy.dll
[MD5.955E29A7CB2E1C1E31AD0C8C321BCF29] - [11/06/2017 03:22:09] - |A| - [778936] - C:\WINDOWS\syswow64\PresentationNative_v0300.dll
[MD5.A743FBED8BEEC064F026B172DD4BA2FD] - [04/06/2017 12:11:21] - |A| - [24064] - C:\WINDOWS\syswow64\prevhost.exe
[MD5.D36E0B48EA52735E34AB7C1254E153B7] - [04/06/2017 12:11:05] - |A| - [12800] - C:\WINDOWS\syswow64\prflbmsg.dll
[MD5.6E9D5AA7658ADAB0C83C2B6A075D91E5] - [04/06/2017 12:11:00] - |A| - [14848] - C:\WINDOWS\syswow64\print.exe
[MD5.62D3E37B5980C4BDE36AD9E6C64C6AA2] - [04/06/2017 12:11:19] - |A| - [54272] - C:\WINDOWS\syswow64\Print.Workflow.Source.dll
[MD5.BD4BA90EF5CD53FDB55EC7C1FFB14096] - [12/06/2017 10:59:44] - |A| - [2240512] - C:\WINDOWS\syswow64\PrintConfig.dll
[MD5.D0E653EE8352C6E1A6B2BD7A2331A15D] - [04/06/2017 12:11:21] - |A| - [522752] - C:\WINDOWS\syswow64\PrintDialogs.dll
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:46] - |D| - [430506] - C:\WINDOWS\syswow64\Printing_Admin_Scripts
[MD5.0755E53C9725664A1873F1D5DC0A6416] - [04/06/2017 12:11:23] - |A| - [53248] - C:\WINDOWS\syswow64\PrintPlatformConfig.dll
[MD5.1E7F2198431D284901DBD227CF5EFF2B] - [04/06/2017 12:11:23] - |A| - [1106944] - C:\WINDOWS\syswow64\printui.dll
[MD5.D2F8517ECEE9DA9D668D55215BDFD346] - [04/06/2017 12:11:21] - |A| - [62464] - C:\WINDOWS\syswow64\printui.exe
[MD5.5B715FB60AC89FC553BF7224FA17F5FC] - [04/06/2017 12:11:19] - |A| - [16896] - C:\WINDOWS\syswow64\PrintWorkflowProxy.dll
[MD5.F9D12CAA62510DC9EBBDE6D4D93B2E58] - [04/06/2017 12:11:19] - |A| - [132608] - C:\WINDOWS\syswow64\PrintWorkflowService.dll
[MD5.8C3109005548D3CC9B2E87CD40D5CF7D] - [04/06/2017 12:11:21] - |A| - [134144] - C:\WINDOWS\syswow64\prncache.dll
[MD5.0FB7F55B10CBD06BE06286C97612FFC8] - [04/06/2017 12:11:21] - |A| - [477696] - C:\WINDOWS\syswow64\prnfldr.dll
[MD5.FBC8CF42F086A7356D422EF23824277C] - [04/06/2017 12:11:21] - |A| - [227328] - C:\WINDOWS\syswow64\prnntfy.dll
[MD5.0DE99D8219398333102FA044FD0D4B89] - [04/06/2017 12:11:21] - |A| - [144384] - C:\WINDOWS\syswow64\prntvpt.dll
[MD5.C34DE55305D27595C878427C3963A531] - [04/06/2017 12:11:28] - |A| - [67712] - C:\WINDOWS\syswow64\profapi.dll
[MD5.8115159EE0B592E98715602E7E1F6462] - [04/06/2017 12:10:57] - |A| - [86016] - C:\WINDOWS\syswow64\profext.dll
[MD5.66FEDEC00AA58C004CFD965254854F1D] - [04/06/2017 12:10:57] - |A| - [1566528] - C:\WINDOWS\syswow64\propsys.dll
[MD5.3348A85CD9DF0B0A2033CFD6F19D8C40] - [04/06/2017 12:11:08] - |A| - [31232] - C:\WINDOWS\syswow64\proquota.exe
[MD5.6C434D5B22DC5438C315131ECAF12325] - [04/06/2017 12:11:28] - |A| - [573440] - C:\WINDOWS\syswow64\provcore.dll
[MD5.9BA281C098FF966A863E8E2171F68F45] - [04/06/2017 12:09:17] - |A| - [396288] - C:\WINDOWS\syswow64\provsvc.dll
[MD5.D3B1A38E5B61F73CF4E0234F61538C9F] - [04/06/2017 12:11:13] - |A| - [226816] - C:\WINDOWS\syswow64\provthrd.dll
[MD5.BFC8411DF8225E17EA2D9672FB86B41C] - [04/06/2017 12:10:53] - |A| - [121344] - C:\WINDOWS\syswow64\ProximityCommon.dll
[MD5.58D075753622C9693B1C5676E0CAFB5F] - [04/06/2017 12:10:53] - |A| - [14336] - C:\WINDOWS\syswow64\ProximityCommonPal.dll
[MD5.C6F6302E007F263EC9987CE201F3623A] - [04/06/2017 12:10:53] - |A| - [15360] - C:\WINDOWS\syswow64\ProximityRtapiPal.dll
[MD5.A9189332A3C8F6C6F8E3EF191917F6C5] - [04/06/2017 12:11:23] - |A| - [62464] - C:\WINDOWS\syswow64\prvdmofcomp.dll
[MD5.E4AD6D47DE00FBFD77157237E0D97B5C] - [04/06/2017 12:10:59] - |A| - [12936] - C:\WINDOWS\syswow64\psapi.dll
[MD5.C09741B9886EF0D15EC3B1443352FB62] - [04/06/2017 12:11:21] - |A| - [51] - C:\WINDOWS\syswow64\pscript.sep
[MD5.C22BF93E3E251B39C15B732CBBC4EB38] - [04/06/2017 12:11:28] - |A| - [55632] - C:\WINDOWS\syswow64\PSHED.DLL
[MD5.B1108DAA796D690E5EADCBF7367F573D] - [04/06/2017 12:11:26] - |A| - [493568] - C:\WINDOWS\syswow64\psisdecd.dll
[MD5.3E7D480F2E3BFD96E101026E4589F3D2] - [04/06/2017 12:11:26] - |A| - [84480] - C:\WINDOWS\syswow64\psisrndr.ax
[MD5.20F799AAE00F86C864C9F4E77C1665AA] - [04/06/2017 12:11:26] - |A| - [38400] - C:\WINDOWS\syswow64\PSModuleDiscoveryProvider.dll
[MD5.C7EDF6AA8D146F526796CAC03902C020] - [04/06/2017 12:10:59] - |A| - [563200] - C:\WINDOWS\syswow64\psr.exe
[MD5.42FA8D89B8696889702E3161114B135E] - [04/06/2017 12:11:03] - |A| - [14336] - C:\WINDOWS\syswow64\pstorec.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [298496] - C:\WINDOWS\syswow64\pt-BR
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [292864] - C:\WINDOWS\syswow64\pt-PT
[MD5.42FE50ADB21A52A61F095A1481923E7D] - [04/06/2017 12:11:21] - |A| - [175104] - C:\WINDOWS\syswow64\puiapi.dll
[MD5.303871BF1D59E6881301D532D6DF9B90] - [04/06/2017 12:11:21] - |A| - [380416] - C:\WINDOWS\syswow64\puiobj.dll
[MD5.DD110F28BF754303786C09DE6B64AF5C] - [04/06/2017 12:12:59] - |A| - [72192] - C:\WINDOWS\syswow64\pwrshplugin.dll
[MD5.56FFFBA2D6D229789C57E8E0D336C060] - [04/06/2017 12:11:02] - |A| - [135680] - C:\WINDOWS\syswow64\qasf.dll
[MD5.A7FF40858B768C7DA538375B6804C78F] - [04/06/2017 12:10:50] - |A| - [219648] - C:\WINDOWS\syswow64\qcap.dll
[MD5.52F29E9BF2E067B3B5C57AD407B0B80F] - [04/06/2017 12:10:50] - |A| - [295936] - C:\WINDOWS\syswow64\qdv.dll
[MD5.949D4CE05DE2602D3752EA73625E6C79] - [04/06/2017 12:10:53] - |A| - [570368] - C:\WINDOWS\syswow64\qdvd.dll
[MD5.7AB1CA36E6894A41A23B63601BA81D5E] - [04/06/2017 12:11:26] - |A| - [565760] - C:\WINDOWS\syswow64\qedit.dll
[MD5.03A1E58D4802AB1C1121C1F811A8BA71] - [04/06/2017 12:11:26] - |A| - [733696] - C:\WINDOWS\syswow64\qedwipes.dll
[MD5.3196CA78480D2D01EFB5EB7677DEC427] - [04/06/2017 12:10:50] - |A| - [1508864] - C:\WINDOWS\syswow64\quartz.dll
[MD5.1EB7CDED13C1352B2FCD3DF4A3379EF8] - [04/06/2017 12:10:56] - |A| - [78848] - C:\WINDOWS\syswow64\Query.dll
[MD5.B0AE48095EF06FBF04C787AF9A7234C4] - [05/06/2017 08:58:16] - |A| - [459264] - C:\WINDOWS\syswow64\quickassist.exe
[MD5.5CA73C43E1A281CE57AD06B19E022AE6] - [04/06/2017 12:11:19] - |A| - [236544] - C:\WINDOWS\syswow64\qwave.dll
[MD5.DDBD1E2478C400130C39817106C4C81C] - [04/06/2017 12:11:23] - |A| - [27136] - C:\WINDOWS\syswow64\RacEngn.dll
[MD5.DE613F5E575D51635979AA0EA911EFCA] - [04/06/2017 12:13:06] - |A| - [117248] - C:\WINDOWS\syswow64\racpldlg.dll
[MD5.4AECD280237F6D8DBF39EC827847042E] - [04/06/2017 12:11:26] - |A| - [91136] - C:\WINDOWS\syswow64\radardt.dll
[MD5.DDE0229E00D672D157F7A53B8F9251B3] - [04/06/2017 12:11:26] - |A| - [63488] - C:\WINDOWS\syswow64\radarrs.dll
[MD5.0DF60C7B3974D1C455D1B2F0EAE674E1] - [04/06/2017 12:11:28] - |A| - [293888] - C:\WINDOWS\syswow64\RADCUI.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [24316] - C:\WINDOWS\syswow64\ras
[MD5.4D21200032C02FBB7CFC02394F862A46] - [04/06/2017 12:11:21] - |A| - [12800] - C:\WINDOWS\syswow64\rasadhlp.dll
[MD5.43FE89CD2CC3E2B5928A3EA39FFB4ACC] - [04/06/2017 12:11:23] - |A| - [775680] - C:\WINDOWS\syswow64\rasapi32.dll
[MD5.D81ED6A09C3B2E421CAA4A58F2768A4C] - [04/06/2017 12:11:21] - |A| - [15360] - C:\WINDOWS\syswow64\rasautou.exe
[MD5.8EE71943801EF1BEFC57C97C4AD46BB8] - [04/06/2017 12:11:21] - |A| - [118272] - C:\WINDOWS\syswow64\raschap.dll
[MD5.90B93867874937E437D8A149D2DE21B2] - [04/06/2017 12:11:23] - |A| - [263168] - C:\WINDOWS\syswow64\raschapext.dll
[MD5.3A77C18665A4C8428768CE186A5BC1EF] - [04/06/2017 12:11:23] - |A| - [1820] - C:\WINDOWS\syswow64\rasctrnm.h
[MD5.F098A6382D0DA6AB077606AD2DB0E02B] - [04/06/2017 12:11:23] - |A| - [19456] - C:\WINDOWS\syswow64\rasctrs.dll
[MD5.C40BBEE4732E41753EDA41C6F5D45C41] - [04/06/2017 12:11:23] - |A| - [62464] - C:\WINDOWS\syswow64\rasdiag.dll
[MD5.BE339A2FE90E478FA3040ADDCD623D60] - [04/06/2017 12:11:23] - |A| - [20992] - C:\WINDOWS\syswow64\rasdial.exe
[MD5.A1575FC9D5846EADC82C7931D68544A0] - [04/06/2017 12:11:21] - |A| - [850944] - C:\WINDOWS\syswow64\rasdlg.dll
[MD5.B23C10A30FD6AF876A57EADE4D78B637] - [04/06/2017 12:13:06] - |A| - [108032] - C:\WINDOWS\syswow64\raserver.exe
[MD5.9609541E63B287E05F9ABBCE7A6EEF61] - [04/06/2017 12:11:21] - |A| - [856064] - C:\WINDOWS\syswow64\rasgcw.dll
[MD5.AE7F379113EBC7549A2C48BFC05B7F09] - [04/06/2017 12:11:21] - |A| - [152576] - C:\WINDOWS\syswow64\rasman.dll
[MD5.C00E73CD60C99696A95FCB034A5ED329] - [04/06/2017 12:11:21] - |A| - [302080] - C:\WINDOWS\syswow64\rasmontr.dll
[MD5.E31A7B1E15A55763307F6A8355E77FBA] - [04/06/2017 12:11:23] - |A| - [31744] - C:\WINDOWS\syswow64\rasphone.exe
[MD5.9BCBEF7F96455A1C7313666DF74329F1] - [04/06/2017 12:11:23] - |A| - [456192] - C:\WINDOWS\syswow64\rasplap.dll
[MD5.95E6AC8A15229949B36DA9027E7EF28B] - [04/06/2017 12:13:00] - |A| - [295424] - C:\WINDOWS\syswow64\rasppp.dll
[MD5.8B79EA7DD634D281F3D180BE33910646] - [04/06/2017 12:11:23] - |A| - [242688] - C:\WINDOWS\syswow64\rastapi.dll
[MD5.83FE4DF7C0B440E6874C40B4A9595CD6] - [04/06/2017 12:11:23] - |A| - [447488] - C:\WINDOWS\syswow64\rastls.dll
[MD5.0F7A2664885B3132BDF2BA6F68C70082] - [04/06/2017 12:11:21] - |A| - [331776] - C:\WINDOWS\syswow64\rastlsext.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\syswow64\RasToast
[MD5.71C8243C7B39D659384DD50C8F1940AF] - [04/06/2017 12:10:57] - |A| - [956416] - C:\WINDOWS\syswow64\rdpbase.dll
[MD5.631792C36EE91153550065B0CFC0D9E0] - [04/06/2017 12:10:56] - |A| - [535040] - C:\WINDOWS\syswow64\rdpcore.dll
[MD5.22CBCCFA1D02FEBB49BFDE347F52439E] - [04/06/2017 12:10:57] - |A| - [357376] - C:\WINDOWS\syswow64\rdpencom.dll
[MD5.71E2B177D952BFF5D4C015283189CB75] - [04/06/2017 12:11:39] - |A| - [264952] - C:\WINDOWS\syswow64\rdpendp.dll
[MD5.EED370E89F53C8CCA1755F99129B482C] - [04/06/2017 12:11:26] - |A| - [38912] - C:\WINDOWS\syswow64\RdpSa.exe
[MD5.32B2E88225A891D5377F660551496FE0] - [04/06/2017 12:11:26] - |A| - [23040] - C:\WINDOWS\syswow64\RdpSaProxy.exe
[MD5.0D98A5F71C6301DFC4D7B97AE40235E0] - [04/06/2017 12:11:26] - |A| - [11776] - C:\WINDOWS\syswow64\RdpSaPs.dll
[MD5.13EE69075166CEA8D7CFC12B8465A5E3] - [04/06/2017 12:11:26] - |A| - [25088] - C:\WINDOWS\syswow64\RdpSaUacHelper.exe
[MD5.B47D10A7DD2FD574C951DD0358855806] - [04/06/2017 12:10:56] - |A| - [1482752] - C:\WINDOWS\syswow64\rdpserverbase.dll
[MD5.AF6AA9CA3EAA88429D9DDE5B99D5EDC4] - [04/06/2017 12:11:05] - |A| - [41472] - C:\WINDOWS\syswow64\rdrleakdiag.exe
[MD5.240BE586092C4317D19B26E8A295D502] - [04/06/2017 12:11:52] - |A| - [184320] - C:\WINDOWS\syswow64\rdvgocl32.dll
[MD5.7CF97CEF1E5CD34D606C1C6A95564BB2] - [04/06/2017 12:11:52] - |A| - [665088] - C:\WINDOWS\syswow64\rdvgogl32.dll
[MD5.ECE7D8B930306EA9607CD7F33F5EA78C] - [04/06/2017 12:11:52] - |A| - [154112] - C:\WINDOWS\syswow64\rdvgu1132.dll
[MD5.23CC612DF302F47C43D1DF3542A1A11E] - [04/06/2017 12:11:52] - |A| - [97280] - C:\WINDOWS\syswow64\rdvgumd32.dll
[MD5.17A258ADB013E0F36A2448EBDC90E00E] - [04/06/2017 12:11:28] - |A| - [66048] - C:\WINDOWS\syswow64\rdvvmtransport.dll
[MD5.1E7F9B7885FE790F9962DDF9CCA576AF] - [04/06/2017 12:11:26] - |A| - [901456] - C:\WINDOWS\syswow64\ReAgent.dll
[MD5.126FF1910FFBA08DCB760504DB12E763] - [04/06/2017 12:11:26] - |A| - [35328] - C:\WINDOWS\syswow64\ReAgentc.exe
[MD5.825A491B9A66466DA4FBAB62DBBD5818] - [04/06/2017 12:10:53] - |A| - [12800] - C:\WINDOWS\syswow64\recover.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [837] - C:\WINDOWS\syswow64\Recovery
[MD5.ADA509E7B74F6B335B6FF583585B907A] - [04/06/2017 12:10:59] - |A| - [59392] - C:\WINDOWS\syswow64\reg.exe
[MD5.D986A88C76E77BD1548D99C37AAE7462] - [04/06/2017 12:11:26] - |A| - [82944] - C:\WINDOWS\syswow64\regapi.dll
[MD5.F7675A15FDB31AC45EABC026656B052D] - [04/06/2017 12:11:05] - |A| - [42496] - C:\WINDOWS\syswow64\RegCtrl.dll
[MD5.E859BE98F24859CB58986C5D4A7A5EBC] - [04/06/2017 12:11:23] - |A| - [316416] - C:\WINDOWS\syswow64\regedit.exe
[MD5.CF50F7BB11D7E3095AA55691F51D5D0E] - [04/06/2017 12:11:23] - |A| - [10240] - C:\WINDOWS\syswow64\regedt32.exe
[MD5.CA367DE09EF82228D81FC072F3150EFE] - [04/06/2017 12:11:23] - |A| - [41472] - C:\WINDOWS\syswow64\regini.exe
[MD5.705BE72C157ADF204F520C2FE6969BAE] - [04/06/2017 12:11:28] - |A| - [20480] - C:\WINDOWS\syswow64\Register-CimProvider.exe
[MD5.D93FEE0490EB30C39BA4E05B5608C056] - [04/06/2017 12:11:21] - |A| - [20992] - C:\WINDOWS\syswow64\regsvr32.exe
[MD5.97DD4E317986FF77DA5D52899D8EFE56] - [04/06/2017 12:10:57] - |A| - [26864] - C:\WINDOWS\syswow64\reguwpapi.dll
[MD5.C7B9024CC63F67C863ADCD44FF92ABBC] - [04/06/2017 12:11:26] - |A| - [154112] - C:\WINDOWS\syswow64\ReInfo.dll
[MD5.4E9360AA3C19B543DA91DEE61E987D38] - [04/06/2017 12:11:05] - |A| - [115200] - C:\WINDOWS\syswow64\rekeywiz.exe
[MD5.6D053D0D65A07DC73F6650547B6EC008] - [04/06/2017 12:11:18] - |A| - [38912] - C:\WINDOWS\syswow64\relog.exe
[MD5.AB979B9F0B729680A4D0E655A5FBC51A] - [04/06/2017 12:10:53] - |A| - [70816] - C:\WINDOWS\syswow64\remoteaudioendpoint.dll
[MD5.75C94541238D019EDAC7C32BE999C8D1] - [04/06/2017 12:11:26] - |A| - [206336] - C:\WINDOWS\syswow64\remotepg.dll
[MD5.53DA1C2CE69ABE7FC07CA97031750AE4] - [04/06/2017 12:11:26] - |A| - [87040] - C:\WINDOWS\syswow64\remotesp.tsp
[MD5.5C6B95EA2C53C60836FC3BC2DCD25C09] - [04/06/2017 12:11:03] - |A| - [58368] - C:\WINDOWS\syswow64\RemoveDeviceContextHandler.dll
[MD5.418E2947261BED26C9D175023C01186A] - [04/06/2017 12:11:05] - |A| - [10752] - C:\WINDOWS\syswow64\RemoveDeviceElevated.dll
[MD5.7046FDC8C88114D4751383D0722FE41C] - [04/06/2017 12:13:06] - |A| - [6656] - C:\WINDOWS\syswow64\rendezvousSession.tlb
[MD5.8C2E87B60531E01690C729E65B99ED02] - [04/06/2017 12:11:00] - |A| - [19456] - C:\WINDOWS\syswow64\replace.exe
[MD5.2794F635A4756FC9DB1E37C7FA903414] - [04/06/2017 12:09:12] - |A| - [227248] - C:\WINDOWS\syswow64\RESAMPLEDMO.DLL
[MD5.E2DB55E3449409AA94784618D7B1A801] - [04/06/2017 12:11:21] - |A| - [109056] - C:\WINDOWS\syswow64\resmon.exe
[MD5.417E50265733C648854C27EB65C75C22] - [04/06/2017 12:10:56] - |A| - [82704] - C:\WINDOWS\syswow64\ResourcePolicyClient.dll
[MD5.43E7D0AB6A8564F5BF375FBF0934FAD1] - [04/06/2017 12:11:21] - |A| - [714] - C:\WINDOWS\syswow64\RestartManager.mof
[MD5.3F75A221A01F68D6CE67FE99A868BD8F] - [04/06/2017 12:11:21] - |A| - [176] - C:\WINDOWS\syswow64\RestartManagerUninstall.mof
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\syswow64\restore
[MD5.608ACF74C4D5508FC028A759B16CD463] - [04/06/2017 12:10:50] - |A| - [466944] - C:\WINDOWS\syswow64\resutils.dll
[MD5.369F200E4F6C49986BE73B29FFB28752] - [04/06/2017 12:11:52] - |A| - [32768] - C:\WINDOWS\syswow64\rfxvmt.dll
[MD5.B0F1F9CFD66AE9D890050F9BC8C5FF5A] - [04/06/2017 12:11:02] - |A| - [154624] - C:\WINDOWS\syswow64\rgb9rast.dll
[MD5.1FA6A7A831EDFD11ACF094108379EB57] - [04/06/2017 12:11:23] - |A| - [503808] - C:\WINDOWS\syswow64\riched20.dll
[MD5.4295C1A476730D355F6154B2711DD8CD] - [04/06/2017 12:11:23] - |A| - [8192] - C:\WINDOWS\syswow64\riched32.dll
[MD5.11981C1B1EF329FCB09D6BE6D591DA99] - [04/06/2017 12:11:28] - |A| - [542720] - C:\WINDOWS\syswow64\RMActivate.exe
[MD5.17D103544316B6ADAA8C3D16AF9187AE] - [04/06/2017 12:11:28] - |A| - [561664] - C:\WINDOWS\syswow64\RMActivate_isv.exe
[MD5.E3FF55705721C168469DE3214C83B5AC] - [04/06/2017 12:11:28] - |A| - [482816] - C:\WINDOWS\syswow64\RMActivate_ssp.exe
[MD5.83C3E08947A5F60DD901B0C3E35C03CC] - [04/06/2017 12:11:28] - |A| - [482816] - C:\WINDOWS\syswow64\RMActivate_ssp_isv.exe
[MD5.DC1FB4E6644912FC2F81D848CD744A2F] - [04/06/2017 12:10:57] - |A| - [87856] - C:\WINDOWS\syswow64\rmclient.dll
[MD5.3D5B916EC6D3E9421C16168CA68B170A] - [04/06/2017 12:11:21] - |A| - [15360] - C:\WINDOWS\syswow64\RmClient.exe
[MD5.1F2E644DF9CBAEAB333E85B27636145A] - [04/06/2017 12:11:19] - |A| - [2048] - C:\WINDOWS\syswow64\rnr20.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [236544] - C:\WINDOWS\syswow64\ro-RO
[MD5.3A91A67AA323C8455848B326B4142088] - [04/06/2017 12:11:02] - |A| - [103424] - C:\WINDOWS\syswow64\Robocopy.exe
[MD5.4B64D7FED767D78D835C128C8B9787D1] - [04/06/2017 12:10:53] - |A| - [165272] - C:\WINDOWS\syswow64\rometadata.dll
[MD5.B61DEE593A49DB9CCF4D9729E502F1C4] - [04/06/2017 12:10:59] - |A| - [19456] - C:\WINDOWS\syswow64\ROUTE.EXE
[MD5.909184F201D18EA547C990EC345D6979] - [04/06/2017 12:11:03] - |A| - [158208] - C:\WINDOWS\syswow64\rpchttp.dll
[MD5.2B332E58E0CD6BC8CB2B2D569702D23D] - [04/06/2017 12:11:05] - |A| - [8704] - C:\WINDOWS\syswow64\RpcNs4.dll
[MD5.F691F17DE4731E87143A4FE0F9A4FC6F] - [04/06/2017 12:11:05] - |A| - [28160] - C:\WINDOWS\syswow64\rpcnsh.dll
[MD5.25D34936CB5854D3FC044230D3275327] - [04/06/2017 12:11:03] - |A| - [26624] - C:\WINDOWS\syswow64\RpcPing.exe
[MD5.F7C749B7A4DA8226B4B382DF67EA3246] - [04/06/2017 12:11:28] - |A| - [782000] - C:\WINDOWS\syswow64\rpcrt4.dll
[MD5.34F2629EEADBBB35925FA3E555053245] - [04/06/2017 12:10:57] - |A| - [48072] - C:\WINDOWS\syswow64\RpcRtRemote.dll
[MD5.F9416B74B7CE75791BEBBD916C5C438D] - [04/06/2017 12:09:12] - |A| - [39424] - C:\WINDOWS\syswow64\rrinstaller.exe
[MD5.D8DF1AA0BCA268D5800CFEA57899BAD6] - [04/06/2017 12:11:05] - |A| - [180808] - C:\WINDOWS\syswow64\rsaenh.dll
[MD5.CAB526517814E5C3ECA637F494803B9D] - [04/06/2017 12:11:00] - |A| - [118784] - C:\WINDOWS\syswow64\rshx32.dll
[MD5.49525986566A050AA233A428AA50D83F] - [04/06/2017 12:11:52] - |A| - [43566] - C:\WINDOWS\syswow64\rsop.msc
[MD5.C6B8F9B002E6361F628DEE4535156991] - [04/06/2017 12:11:21] - |A| - [173568] - C:\WINDOWS\syswow64\RstrtMgr.dll
[MD5.EE607912A791E9BD7AD4C97072839758] - [04/06/2017 12:11:21] - |A| - [37376] - C:\WINDOWS\syswow64\rtffilt.dll
[MD5.2B91F2B1EB950AF772C88A8E7960C8BB] - [04/06/2017 12:11:21] - |A| - [164352] - C:\WINDOWS\syswow64\rtm.dll
[MD5.57F32B32CC91406CBAEDFFD880E33CA9] - [04/06/2017 12:09:17] - |A| - [837264] - C:\WINDOWS\syswow64\rtmcodecs.dll
[MD5.F9781C1EAA7AF2DF7B15BBD35666A7DC] - [04/06/2017 12:10:56] - |A| - [350720] - C:\WINDOWS\syswow64\RTMediaFrame.dll
[MD5.2DCFE63AF101CF9B04A22DA911316955] - [04/06/2017 12:09:17] - |A| - [61072] - C:\WINDOWS\syswow64\rtmmvrortc.dll
[MD5.6FD4E7FC319451378DB234F847000690] - [04/06/2017 12:09:17] - |A| - [921232] - C:\WINDOWS\syswow64\rtmpal.dll
[MD5.FB3B6D96F8A357D81A6DBC7747C967B1] - [04/06/2017 12:09:17] - |A| - [4051600] - C:\WINDOWS\syswow64\rtmpltfm.dll
[MD5.C6FBC0E33CAE9A9AC0218BEBACEFDE82] - [04/06/2017 12:11:23] - |A| - [52224] - C:\WINDOWS\syswow64\rtutils.dll
[MD5.2FDF8A97213506EB87B0B0594DE3D9C0] - [04/06/2017 12:10:50] - |A| - [164320] - C:\WINDOWS\syswow64\RTWorkQ.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [290816] - C:\WINDOWS\syswow64\ru-RU
[MD5.E8EDE603007A7D0148523AE7636D3FEE] - [04/06/2017 12:11:26] - |A| - [17920] - C:\WINDOWS\syswow64\runas.exe
[MD5.68C4992E54D630B21C6799F86B799A8C] - [04/06/2017 12:11:23] - |A| - [63488] - C:\WINDOWS\syswow64\rundll32.exe
[MD5.B1519FB3F08EC4848352050E735A40ED] - [04/06/2017 12:11:28] - |A| - [67584] - C:\WINDOWS\syswow64\RunLegacyCPLElevated.exe
[MD5.A73087790D38BCB4EFF5F4F492647636] - [04/06/2017 12:11:08] - |A| - [47616] - C:\WINDOWS\syswow64\runonce.exe
[MD5.37A0AB93B70232374DCECC82B174E0DD] - [04/06/2017 12:11:05] - |A| - [70144] - C:\WINDOWS\syswow64\samcli.dll
[MD5.BDE5B3434C581CC728990ECF376CFD7E] - [04/06/2017 12:11:05] - |A| - [84992] - C:\WINDOWS\syswow64\samlib.dll
[MD5.C447F017DC504A1D28AB4409377763B1] - [04/06/2017 12:11:26] - |A| - [10240] - C:\WINDOWS\syswow64\sas.dll
[MD5.F24100206244C0EDF0416F0A233BAFF8] - [04/06/2017 12:11:26] - |A| - [757760] - C:\WINDOWS\syswow64\sbe.dll
[MD5.38B815993265B988A61B45AC7470CF17] - [04/06/2017 12:11:26] - |A| - [152576] - C:\WINDOWS\syswow64\sbeio.dll
[MD5.D01D345C2FFE668AD2136E73DE13B383] - [04/06/2017 12:11:26] - |A| - [66048] - C:\WINDOWS\syswow64\sberes.dll
[MD5.60D690C2F17139CD876876BE9385324A] - [04/06/2017 12:11:02] - |A| - [60416] - C:\WINDOWS\syswow64\sc.exe
[MD5.86021BFD8588C1E6A88CE5F2ED560574] - [04/06/2017 12:11:07] - |A| - [250368] - C:\WINDOWS\syswow64\scansetting.dll
[MD5.2D4565652B98CCB0121E1B71E483E8A2] - [04/06/2017 12:11:21] - |A| - [68608] - C:\WINDOWS\syswow64\SCardDlg.dll
[MD5.CFB16D8B0D45ECBFB3FC499BF774E723] - [04/06/2017 12:11:23] - |A| - [209408] - C:\WINDOWS\syswow64\scecli.dll
[MD5.AE5663EF6615133D7B10EEB8DEB72DBD] - [04/06/2017 12:11:23] - |A| - [378880] - C:\WINDOWS\syswow64\scesrv.dll
[MD5.CE1DC8F440EE11636DAF5BC8873FA8B1] - [04/06/2017 12:11:03] - |A| - [401920] - C:\WINDOWS\syswow64\schannel.dll
[MD5.ADE95A616EA90CE9B993D92C0A5C8959] - [04/06/2017 12:11:03] - |A| - [20480] - C:\WINDOWS\syswow64\schedcli.dll
[MD5.A79D65D0C9DE1E48A02C978EDF35149E] - [04/06/2017 12:11:26] - |A| - [185344] - C:\WINDOWS\syswow64\schtasks.exe
[MD5.8CDDC111A57CD0665B76CC2A2FDFDCF8] - [04/06/2017 12:11:23] - |A| - [232960] - C:\WINDOWS\syswow64\scksp.dll
[MD5.9A1ADBDB32A68BD7184ABE1863D499EA] - [04/06/2017 12:11:11] - |A| - [59904] - C:\WINDOWS\syswow64\scripto.dll
[MD5.E85BE2A8EEC49DB73D43926D2E0BAAFF] - [04/06/2017 12:11:23] - |A| - [28672] - C:\WINDOWS\syswow64\scrnsave.scr
[MD5.9CFAA3093C89C85A5266A2C49AD9E534] - [04/06/2017 12:11:21] - |A| - [206336] - C:\WINDOWS\syswow64\scrobj.dll
[MD5.F6C06A7FE06DABCA26344D3225C50D82] - [04/06/2017 12:11:52] - |A| - [473600] - C:\WINDOWS\syswow64\scrptadm.dll
[MD5.E556218E23204F403DCC163EA7A7ACA8] - [04/06/2017 12:11:21] - |A| - [166400] - C:\WINDOWS\syswow64\scrrun.dll
[MD5.ACCF97483C6A15C276B38548FB6B4B3C] - [04/06/2017 12:10:59] - |A| - [20992] - C:\WINDOWS\syswow64\sdbinst.exe
[MD5.761B2783D2F1A5BF52A834100C7712F0] - [04/06/2017 12:13:06] - |A| - [40448] - C:\WINDOWS\syswow64\sdchange.exe
[MD5.38B0C80C85D267190EB9613766AFCA61] - [04/06/2017 12:11:26] - |A| - [185344] - C:\WINDOWS\syswow64\sdiageng.dll
[MD5.47522FC624D01DA2F5811CE36EF2BD31] - [04/06/2017 12:11:26] - |A| - [21504] - C:\WINDOWS\syswow64\sdiagnhost.exe
[MD5.CC02E533FA264D355253A83E2FAA68D7] - [04/06/2017 12:11:23] - |A| - [156160] - C:\WINDOWS\syswow64\sdiagprv.dll
[MD5.20AFC4DBD283F3766F854D87082682BB] - [04/06/2017 12:11:05] - |A| - [408064] - C:\WINDOWS\syswow64\sdohlp.dll
[MD5.066326089A6B7C38ACC55E3662C60BB3] - [04/06/2017 12:10:56] - |A| - [288768] - C:\WINDOWS\syswow64\Search.ProtocolHandler.MAPI2.dll
[MD5.E48C24045CC690B1A3F4154332D26287] - [04/06/2017 12:10:56] - |A| - [197120] - C:\WINDOWS\syswow64\SearchFilterHost.exe
[MD5.69A7F1A18E77D27F120DC1B0EBF8E34B] - [04/06/2017 12:11:21] - |A| - [333312] - C:\WINDOWS\syswow64\SearchFolder.dll
[MD5.2B26E89DE76E3527B281FD11DC142E70] - [04/06/2017 12:10:56] - |A| - [821760] - C:\WINDOWS\syswow64\SearchIndexer.exe
[MD5.D9435F48AB3B7348B87D3B08060A32E2] - [04/06/2017 12:10:56] - |A| - [318976] - C:\WINDOWS\syswow64\SearchProtocolHost.exe
[MD5.C150844A87135D8A00006D9EFFA034DA] - [04/06/2017 12:11:23] - |A| - [37888] - C:\WINDOWS\syswow64\SecEdit.exe
[MD5.4FC08BE4D5564E1E6AAE01D32D44B16C] - [04/06/2017 12:11:29] - |A| - [262936] - C:\WINDOWS\syswow64\sechost.dll
[MD5.98E8BFF1546C16A68F9C2509B206BC33] - [04/06/2017 12:11:08] - |A| - [9728] - C:\WINDOWS\syswow64\secinit.exe
[MD5.477F91A852AD015B6F0A2BDD3A5789F6] - [04/06/2017 12:11:28] - |A| - [350208] - C:\WINDOWS\syswow64\secproc.dll
[MD5.26A3AB87828A299280A8CB4A6C23C61A] - [04/06/2017 12:11:28] - |A| - [348672] - C:\WINDOWS\syswow64\secproc_isv.dll
[MD5.CA6DCA3684C01254E24CFA92AD6244DB] - [04/06/2017 12:11:28] - |A| - [89088] - C:\WINDOWS\syswow64\secproc_ssp.dll
[MD5.83883820BC11F4156B809A0F11349BE6] - [04/06/2017 12:11:28] - |A| - [89088] - C:\WINDOWS\syswow64\secproc_ssp_isv.dll
[MD5.DF1CC9839D55ADAB3D8FF4734915DA02] - [04/06/2017 12:11:19] - |A| - [23040] - C:\WINDOWS\syswow64\secur32.dll
[MD5.817851DB396A2C2182D9BAC0646157D3] - [04/06/2017 12:11:19] - |A| - [4608] - C:\WINDOWS\syswow64\security.dll
[MD5.BEB5DD400AA25251E6C1A6F10635682D] - [04/06/2017 12:11:07] - |A| - [5783] - C:\WINDOWS\syswow64\SecurityAndMaintenance.png
[MD5.5633300FF98F8582E653D94D0BD811CB] - [04/06/2017 12:11:07] - |A| - [2613] - C:\WINDOWS\syswow64\SecurityAndMaintenance_Alert.png
[MD5.1382CE1BD44FA02B6C58580B02AEFA9C] - [04/06/2017 12:11:07] - |A| - [6873] - C:\WINDOWS\syswow64\SecurityAndMaintenance_Error.png
[MD5.11C3F7D7F867A813D53ACA74DE57F704] - [04/06/2017 12:10:56] - |A| - [20992] - C:\WINDOWS\syswow64\SEMgrPS.dll
[MD5.3362218BC5F51A39282D4C4B013170FE] - [04/06/2017 12:11:08] - |A| - [123904] - C:\WINDOWS\syswow64\sendmail.dll
[MD5.FE828EC0A64345A471EA880BECA4E924] - [04/06/2017 12:11:23] - |A| - [11264] - C:\WINDOWS\syswow64\SensApi.dll
[MD5.7678D10BFC718103C74B4BE86F5E9DE9] - [04/06/2017 12:11:38] - |A| - [340992] - C:\WINDOWS\syswow64\SensorsApi.dll
[MD5.80BCE01C055C1A7BD020AE5DB8AE19A7] - [04/06/2017 12:11:38] - |A| - [1311744] - C:\WINDOWS\syswow64\SensorsCpl.dll
[MD5.0AD426705BD4EAB12699800AAC22F168] - [04/06/2017 12:10:59] - |A| - [50632] - C:\WINDOWS\syswow64\SensorsNativeApi.dll
[MD5.C1538CDC2F6C9DC0B828AD2180804C09] - [04/06/2017 12:10:59] - |A| - [97792] - C:\WINDOWS\syswow64\SensorsNativeApi.V2.dll
[MD5.53DBF7BC5C2D21E9D68216710B2A5ED6] - [04/06/2017 12:10:59] - |A| - [40800] - C:\WINDOWS\syswow64\SensorsUtilsV2.dll
[MD5.EE1F7ABB02E242DAEA137C5A50AC6758] - [04/06/2017 12:11:26] - |A| - [15872] - C:\WINDOWS\syswow64\serialui.dll
[MD5.2D8D95469EC26AAA986AAD1CE424E631] - [04/06/2017 12:11:21] - |A| - [92746] - C:\WINDOWS\syswow64\services.msc
[MD5.CFA7E841C8382F217A9A309E1C6BB515] - [04/06/2017 12:11:26] - |A| - [19968] - C:\WINDOWS\syswow64\serwvdrv.dll
[MD5.D624CB40643AFBA3FD81D69131020674] - [04/06/2017 12:11:28] - |A| - [339456] - C:\WINDOWS\syswow64\SessEnv.dll
[MD5.777AA009BB8CD31B0FB910EBECB66068] - [04/06/2017 12:11:00] - |A| - [261632] - C:\WINDOWS\syswow64\sethc.exe
[MD5.4798C2C8AD84675B65086D29305DB5B7] - [04/06/2017 12:11:28] - |A| - [157696] - C:\WINDOWS\syswow64\SettingMonitor.dll
[MD5.E1F8FDD9A6A17938A517ECC4CF95C175] - [04/06/2017 12:11:28] - |A| - [421376] - C:\WINDOWS\syswow64\SettingSync.dll
[MD5.5B7F2318B5C83EE40B470EFD464AE590] - [04/06/2017 12:10:53] - |A| - [909824] - C:\WINDOWS\syswow64\SettingSyncCore.dll
[MD5.D4712DC1BA9A2B3D88DCB4F4A2165971] - [04/06/2017 12:10:53] - |A| - [810832] - C:\WINDOWS\syswow64\SettingSyncHost.exe
[MD5.278255CE7502614222C3B73E52687073] - [04/06/2017 12:11:28] - |A| - [73216] - C:\WINDOWS\syswow64\SettingSyncPolicy.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [897520] - C:\WINDOWS\syswow64\setup
[MD5.14B40EBA9CDF493A7245DFF975E2B05F] - [04/06/2017 12:11:13] - |A| - [26112] - C:\WINDOWS\syswow64\setup16.exe
[MD5.ACB44EB06F0606554B76CBA20F135A51] - [04/06/2017 12:11:21] - |A| - [4328312] - C:\WINDOWS\syswow64\setupapi.dll
[MD5.6F0F5197C750576464A9F6DE57B3FB99] - [04/06/2017 12:11:21] - |A| - [98816] - C:\WINDOWS\syswow64\setupcln.dll
[MD5.6083EC6B501B71E43AFB1CA95028153B] - [04/06/2017 12:11:02] - |A| - [118272] - C:\WINDOWS\syswow64\setupugc.exe
[MD5.9DDD39A661F8F400BDDF346AD7D9791C] - [04/06/2017 12:10:59] - |A| - [46592] - C:\WINDOWS\syswow64\setx.exe
[MD5.03A6A6C004E682BFAE25ACF5EDF3886B] - [04/06/2017 12:11:26] - |A| - [2560] - C:\WINDOWS\syswow64\sfc.dll
[MD5.C5364918B022878C51CC6C2E54AC7599] - [04/06/2017 12:11:13] - |A| - [35840] - C:\WINDOWS\syswow64\sfc.exe
[MD5.B3551550CD1CC54FD26D384993777FAD] - [04/06/2017 12:11:26] - |A| - [45056] - C:\WINDOWS\syswow64\sfc_os.dll
[MD5.22762CC1BA92FAD63F8CED01804187AB] - [04/06/2017 12:10:59] - |A| - [105984] - C:\WINDOWS\syswow64\shacct.dll
[MD5.B14E69F60A175539478E0DC8C0C14ED1] - [04/06/2017 12:11:02] - |A| - [52224] - C:\WINDOWS\syswow64\shacctprofile.dll
[MD5.65CE671F5153C87318C4CED410917994] - [04/06/2017 12:10:53] - |A| - [1097728] - C:\WINDOWS\syswow64\ShareHost.dll
[MD5.C71910EC6511D7D3EF3CF5A7A33BE5E6] - [04/06/2017 12:10:59] - |A| - [540840] - C:\WINDOWS\syswow64\SHCore.dll
[MD5.BF546ABC390F07DD0098DF570BD6B19F] - [04/06/2017 12:11:21] - |A| - [228864] - C:\WINDOWS\syswow64\shdocvw.dll
[MD5.A3BE284978B9599515A5406D53D3157B] - [04/06/2017 12:11:21] - |A| - [20354240] - C:\WINDOWS\syswow64\shell32.dll
[MD5.D954001511F1F490394F7542799E24CA] - [04/06/2017 12:10:59] - |A| - [98816] - C:\WINDOWS\syswow64\ShellCommonCommonProxyStub.dll
[MD5.0966CC49D9BC6799C96C98B008D1454E] - [04/06/2017 12:11:26] - |A| - [1155584] - C:\WINDOWS\syswow64\shellstyle.dll
[MD5.C36C0897706651A19EC7C08CCB13C5B4] - [04/06/2017 12:11:21] - |A| - [9216] - C:\WINDOWS\syswow64\shfolder.dll
[MD5.D2980B6CD87097693B98FE6A6B7C0190] - [04/06/2017 12:11:05] - |A| - [23552] - C:\WINDOWS\syswow64\shgina.dll
[MD5.8CA32E9D986FA76F60EFBCFCD9D80A58] - [04/06/2017 12:11:23] - |A| - [16740] - C:\WINDOWS\syswow64\ShiftJIS.uce
[MD5.9E01B6173419CEB3251334B9BF28B435] - [04/06/2017 12:10:59] - |A| - [5632] - C:\WINDOWS\syswow64\shimeng.dll
[MD5.66CA71564D6AE07B22F8B7F924761AA3] - [04/06/2017 12:11:23] - |A| - [26624] - C:\WINDOWS\syswow64\shimgvw.dll
[MD5.83989331D709FA505DD6267078E3D96B] - [04/06/2017 12:11:23] - |A| - [275296] - C:\WINDOWS\syswow64\shlwapi.dll
[MD5.CD8C7F22401C78BB7C66C783A21AFE03] - [04/06/2017 12:11:08] - |A| - [17920] - C:\WINDOWS\syswow64\shpafact.dll
[MD5.A4F418A4507DA829158780017D9855AE] - [04/06/2017 12:11:19] - |A| - [393728] - C:\WINDOWS\syswow64\shrpubw.exe
[MD5.CE72082776BD1DFA04E37FDA29DFA5AD] - [04/06/2017 12:11:02] - |A| - [110080] - C:\WINDOWS\syswow64\shsetup.dll
[MD5.B1AE16E216D699CE6DF5E27A769CB893] - [04/06/2017 12:11:03] - |A| - [564736] - C:\WINDOWS\syswow64\shsvcs.dll
[MD5.1DF6D1C8073EDFD14FAF9CDA50250E9F] - [04/06/2017 12:11:21] - |A| - [22016] - C:\WINDOWS\syswow64\shunimpl.dll
[MD5.FF694855803249C0A7ED6FDDF7DD9E68] - [04/06/2017 12:11:08] - |A| - [23552] - C:\WINDOWS\syswow64\shutdown.exe
[MD5.51E156CE7F4FE88976C48F9E0EADAB5F] - [04/06/2017 12:11:07] - |A| - [25600] - C:\WINDOWS\syswow64\shutdownext.dll
[MD5.65FCD23F30FA4E62300AFA15F722F86F] - [04/06/2017 12:11:21] - |A| - [435200] - C:\WINDOWS\syswow64\shwebsvc.dll
[MD5.2AD719C6889FBDBC8CCC1EB3E6ADD56D] - [04/06/2017 12:11:28] - |A| - [43520] - C:\WINDOWS\syswow64\signdrv.dll
[MD5.C802D39F4F25935DF2DF90C7FF8BDF15] - [04/06/2017 12:11:28] - |A| - [126976] - C:\WINDOWS\syswow64\SimAuth.dll
[MD5.E41B80907AD1A19F1C79883977576377] - [04/06/2017 12:11:28] - |A| - [82432] - C:\WINDOWS\syswow64\SimCfg.dll
[MD5.85622FBE704FDD62E7019C5619DBA287] - [04/06/2017 12:11:11] - |A| - [8192] - C:\WINDOWS\syswow64\simpdata.tlb
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [237056] - C:\WINDOWS\syswow64\sk-SK
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [234496] - C:\WINDOWS\syswow64\sl-SI
[MD5.1103D596FF8BF782F831778AEF16742B] - [04/06/2017 12:11:23] - |A| - [123392] - C:\WINDOWS\syswow64\slc.dll
[MD5.AE7BD2CE6CCB70A69F6FDFEB2A27D4A0] - [04/06/2017 12:11:23] - |A| - [19456] - C:\WINDOWS\syswow64\slcext.dll
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:46] - |D| - [53396] - C:\WINDOWS\syswow64\slmgr
[MD5.3903BCAB32A4A853DFA54962112D4D02] - [04/06/2017 12:11:23] - |A| - [142904] - C:\WINDOWS\syswow64\slmgr.vbs
[MD5.52CEF224301DA689AE6C6132845EBB27] - [04/06/2017 12:11:23] - |A| - [72704] - C:\WINDOWS\syswow64\slwga.dll
[MD5.A2BDB53CEFD14E89A3E4B327227ABEF1] - [04/06/2017 12:11:23] - |A| - [643072] - C:\WINDOWS\syswow64\SmartcardCredentialProvider.dll
[MD5.19A4B72F53463F4A3B435927CCD208BB] - [04/06/2017 12:10:53] - |A| - [150016] - C:\WINDOWS\syswow64\smartscreenps.dll
[MD5.DC555B6615ECC5955D659B58E573DDC9] - [04/06/2017 12:11:23] - |A| - [83456] - C:\WINDOWS\syswow64\SMBHelperClass.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\syswow64\SMI
[MD5.5F7341EA7226D3C61852FDAA31FCDE99] - [04/06/2017 12:10:53] - |A| - [20992] - C:\WINDOWS\syswow64\smphost.dll
[MD5.89A304AA025E02A7A979341E6F207A07] - [04/06/2017 12:10:59] - |A| - [223120] - C:\WINDOWS\syswow64\SndVol.exe
[MD5.056B514A91FE9719DC91E868C9CABA05] - [04/06/2017 12:10:59] - |A| - [704000] - C:\WINDOWS\syswow64\SndVolSSO.dll
[MD5.3714D68A5A54B72EFE1840339550BF14] - [04/06/2017 12:11:00] - |A| - [26112] - C:\WINDOWS\syswow64\snmpapi.dll
[MD5.FCE43EB36F0EC6149FBCE9A66B59AC02] - [04/06/2017 12:10:53] - |A| - [112640] - C:\WINDOWS\syswow64\socialapis.dll
[MD5.9E62BF28698BFEC525595A1F909B6EAA] - [04/06/2017 12:11:26] - |A| - [135168] - C:\WINDOWS\syswow64\softkbd.dll
[MD5.B0E61253A0617DCB90CA7D08403B5CBD] - [04/06/2017 12:11:05] - |A| - [10752] - C:\WINDOWS\syswow64\softpub.dll
[MD5.3271C112F5882D51FC403019517D532B] - [04/06/2017 12:10:59] - |A| - [21504] - C:\WINDOWS\syswow64\sort.exe
[MD5.3456782F0C2A117E25B341A0ACE64794] - [04/06/2017 12:11:11] - |A| - [39936] - C:\WINDOWS\syswow64\SortServer2003Compat.dll
[MD5.F4396CEB6EC6350006B103986A0195D1] - [04/06/2017 12:11:11] - |A| - [41472] - C:\WINDOWS\syswow64\SortWindows61.dll
[MD5.B424089B3A8478A2E938FD6A5687E5AA] - [04/06/2017 12:11:11] - |A| - [56320] - C:\WINDOWS\syswow64\SortWindows6Compat.dll
[MD5.4336BE14EF53B55A4C450323017007BB] - [04/06/2017 12:10:52] - |A| - [267264] - C:\WINDOWS\syswow64\SpatializerApo.dll
[MD5.1930DB9C9F25EC22F515F58E883A5863] - [04/06/2017 12:11:21] - |A| - [78848] - C:\WINDOWS\syswow64\spbcd.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [4213072] - C:\WINDOWS\syswow64\Speech
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [9106443] - C:\WINDOWS\syswow64\Speech_OneCore
[MD5.46634967A818756166F5FDF83B8AF53D] - [04/06/2017 12:11:21] - |A| - [86016] - C:\WINDOWS\syswow64\spfileq.dll
[MD5.E4A1DC9BC39AAE43818461924E2F14AC] - [04/06/2017 12:11:19] - |A| - [82432] - C:\WINDOWS\syswow64\spinf.dll
[MD5.BD570DB66CE0241C080301C0755B42F9] - [04/06/2017 12:11:21] - |A| - [9216] - C:\WINDOWS\syswow64\spnet.dll
[MD5.070168C7ADB834D69D56FBAC2A0A90AD] - [04/06/2017 12:11:21] - |A| - [111104] - C:\WINDOWS\syswow64\spopk.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [2049777] - C:\WINDOWS\syswow64\spp
[MD5.C03E586EF9076D2651FC47F3E9BC036A] - [04/06/2017 12:09:17] - |A| - [218112] - C:\WINDOWS\syswow64\spp.dll
[MD5.2128CF8BD1217ADDC0479973F1195BCD] - [04/06/2017 12:11:23] - |A| - [104448] - C:\WINDOWS\syswow64\sppc.dll
[MD5.B89552EF356D43534F46945F0A295518] - [04/06/2017 12:11:23] - |A| - [459776] - C:\WINDOWS\syswow64\sppcext.dll
[MD5.CAC89B8DC139DCE39807FD6B771DBD37] - [04/06/2017 12:11:23] - |A| - [32592] - C:\WINDOWS\syswow64\sppinst.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [32646] - C:\WINDOWS\syswow64\sppui
[MD5.746E4B55F78DCC16DF93C38EB7E6C2D1] - [04/06/2017 12:11:23] - |A| - [114688] - C:\WINDOWS\syswow64\sppwmi.dll
[MD5.F1EB03816922A4A00AA333D19100359C] - [04/06/2017 12:11:13] - |A| - [12288] - C:\WINDOWS\syswow64\spwinsat.dll
[MD5.1CBDF36544888F4CE133DA26B637D40B] - [04/06/2017 12:11:21] - |A| - [410448] - C:\WINDOWS\syswow64\spwizeng.dll
[MD5.20A5A56BB43138693139DCA4A382F5A7] - [04/06/2017 12:11:21] - |A| - [5861200] - C:\WINDOWS\syswow64\spwizimg.dll
[MD5.261D97F2922CBADC414CB9C64C820F4B] - [04/06/2017 12:11:21] - |A| - [12624] - C:\WINDOWS\syswow64\spwizres.dll
[MD5.1BFF600C5CAA5F375C20E15185FBA10B] - [05/06/2017 08:58:25] - |A| - [9216] - C:\WINDOWS\syswow64\spwmp.dll
[MD5.9FF194CFF54CA22471B350F1893F5565] - [04/06/2017 12:11:21] - |A| - [117248] - C:\WINDOWS\syswow64\sqlcecompact40.dll
[MD5.59AAE406279693E2986830F16DA7EC6C] - [04/06/2017 12:11:23] - |A| - [173056] - C:\WINDOWS\syswow64\sqlceoledb40.dll
[MD5.160BC8599B8551123C419A815344015E] - [04/06/2017 12:11:21] - |A| - [730112] - C:\WINDOWS\syswow64\sqlceqp40.dll
[MD5.519278456ED8F530553396270628BB3E] - [04/06/2017 12:11:21] - |A| - [441344] - C:\WINDOWS\syswow64\sqlcese40.dll
[MD5.E0B9467A4DE194A209120C90842B26CD] - [04/06/2017 12:11:08] - |A| - [663552] - C:\WINDOWS\syswow64\sqlsrv32.dll
[MD5.CBD2C8F207F18A5248DEFE2D91FE558E] - [04/06/2017 12:11:08] - |A| - [94208] - C:\WINDOWS\syswow64\sqlsrv32.rll
[MD5.0906DA4D2A8DDED03787B5B0701856B9] - [04/06/2017 12:11:11] - |A| - [188768] - C:\WINDOWS\syswow64\sqlunirl.dll
[MD5.0E841531135374FF9A00DC62BAEAF978] - [04/06/2017 12:11:11] - |A| - [17760] - C:\WINDOWS\syswow64\sqlwid.dll
[MD5.ED03E162384B0C3FB162D9EE8CFDEEB9] - [04/06/2017 12:11:11] - |A| - [43872] - C:\WINDOWS\syswow64\sqlwoa.dll
[MD5.BE1AA4D88F3AE0340867D17700B437E5] - [04/06/2017 12:11:21] - |A| - [38784] - C:\WINDOWS\syswow64\sqmapi.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [237568] - C:\WINDOWS\syswow64\sr-Latn-RS
[MD5.0C401FCD31DBF7E9AAD0E0923B17BD19] - [04/06/2017 12:09:17] - |A| - [329728] - C:\WINDOWS\syswow64\srchadmin.dll
[MD5.0B0EE9382DD9760872F6295C2B710E9D] - [04/06/2017 12:09:17] - |A| - [61440] - C:\WINDOWS\syswow64\srclient.dll
[MD5.8E7FB7413E8B55267C94C062EFC2942C] - [04/06/2017 12:09:17] - |A| - [16384] - C:\WINDOWS\syswow64\srdelayed.exe
[MD5.588C8AE0F0A5533E6412CD7047D3D892] - [04/06/2017 12:11:00] - |A| - [2827264] - C:\WINDOWS\syswow64\SRH.dll
[MD5.5D57049EEAEEA651CEAE5570D5293DD5] - [04/06/2017 12:11:48] - |A| - [279040] - C:\WINDOWS\syswow64\srm.dll
[MD5.6FBAF990FB508A2924783E363F14FA1C] - [04/06/2017 12:11:48] - |A| - [919552] - C:\WINDOWS\syswow64\srmclient.dll
[MD5.29F0C9D9B98CD7A899AC394DAE68A8C8] - [04/06/2017 12:11:48] - |A| - [90112] - C:\WINDOWS\syswow64\srmlib.dll
[MD5.BE343F86628B05BFAFBCC77B556FB077] - [04/06/2017 12:11:48] - |A| - [458240] - C:\WINDOWS\syswow64\srmscan.dll
[MD5.4E3F6D34F0AA774D53D04E1040ECAF69] - [04/06/2017 12:11:48] - |A| - [123904] - C:\WINDOWS\syswow64\srmshell.dll
[MD5.B30B92FDDB0057450EE595CC2B13AC65] - [04/06/2017 12:11:48] - |A| - [191488] - C:\WINDOWS\syswow64\srmstormod.dll
[MD5.DDFED6F56777830B75359B14FE701EC6] - [04/06/2017 12:11:48] - |A| - [65536] - C:\WINDOWS\syswow64\srmtrace.dll
[MD5.28DEF662DA7786E9C4EBF979745C3502] - [04/06/2017 12:11:48] - |A| - [16896] - C:\WINDOWS\syswow64\srm_ps.dll
[MD5.9A239DD8462DEBFB78AE0056F00D9652] - [04/06/2017 12:11:00] - |A| - [124416] - C:\WINDOWS\syswow64\srpapi.dll
[MD5.D5F69EC19E973D3776130EC237C72E4E] - [04/06/2017 12:11:52] - |A| - [304128] - C:\WINDOWS\syswow64\SrpUxNativeSnapIn.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\syswow64\sru
[MD5.FAE49E8ACB0D2A0B6C1BE0D7C7CC2158] - [04/06/2017 12:10:50] - |A| - [51200] - C:\WINDOWS\syswow64\srumapi.dll
[MD5.F062E3DABB3DACBCACF8D242AEF97DC9] - [04/06/2017 12:10:50] - |A| - [185344] - C:\WINDOWS\syswow64\srumsvc.dll
[MD5.2F714C96C5BD4920BF6385D2307EDB8E] - [04/06/2017 12:11:03] - |A| - [70784] - C:\WINDOWS\syswow64\srvcli.dll
[MD5.9D43FBEEFE5FF8C8323C4156F1A934DC] - [04/06/2017 12:11:05] - |A| - [36352] - C:\WINDOWS\syswow64\sscore.dll
[MD5.C4E8ECBF37CBA9DE64B9FEEDEC128B9D] - [04/06/2017 12:10:52] - |A| - [308224] - C:\WINDOWS\syswow64\ssdm.dll
[MD5.74C136138C2FAB40F2E9ADBD5F9218F2] - [04/06/2017 12:11:02] - |A| - [48640] - C:\WINDOWS\syswow64\ssdpapi.dll
[MD5.BB469378736883956E74AD300538CEEE] - [04/06/2017 12:11:28] - |A| - [120880] - C:\WINDOWS\syswow64\sspicli.dll
[MD5.8F14A10662C6235531AC4519D3AFB2BF] - [04/06/2017 12:09:55] - |A| - [110928] - C:\WINDOWS\syswow64\SSShim.dll
[MD5.FCDB1C9B30E065C9A189BDC344AB70CD] - [04/06/2017 12:11:05] - |A| - [16384] - C:\WINDOWS\syswow64\Startupscan.dll
[MD5.437C02685A7E7E07BDC4859F38FD275F] - [04/06/2017 12:10:57] - |A| - [547976] - C:\WINDOWS\syswow64\StateRepository.Core.dll
[MD5.C3888A1414964EE602CD19FDCF086764] - [04/06/2017 12:11:03] - |A| - [52736] - C:\WINDOWS\syswow64\stclient.dll
[MD5.52D2F82A1B519E2282B0E92E2999BC3F] - [04/06/2017 12:11:03] - |A| - [18432] - C:\WINDOWS\syswow64\stdole2.tlb
[MD5.7430A0EC3EF934AE7C4D6807D36ECEBA] - [04/06/2017 12:11:18] - |A| - [7168] - C:\WINDOWS\syswow64\stdole32.tlb
[MD5.74DDFAF39C00EE4791DEF306237EA7BD] - [04/06/2017 12:11:08] - |A| - [233472] - C:\WINDOWS\syswow64\sti.dll
[MD5.428E64E4CF9AD13F5E95A1E9EF4DEB7C] - [04/06/2017 12:11:28] - |A| - [381952] - C:\WINDOWS\syswow64\stobject.dll
[MD5.9A355B75137E8A5F3C384C999CC6DBBC] - [04/06/2017 12:11:18] - |A| - [8960] - C:\WINDOWS\syswow64\storage.dll
[MD5.3734C7B9525D4407F260E47E49BD1594] - [04/06/2017 12:11:03] - |A| - [70144] - C:\WINDOWS\syswow64\StorageContextHandler.dll
[MD5.9D962305CE411442996042AC6F0AB483] - [04/06/2017 12:10:50] - |A| - [2147840] - C:\WINDOWS\syswow64\storagewmi.dll
[MD5.74C4E0A4DABEDCF5C1F73843DCA4B1A4] - [04/06/2017 12:10:50] - |A| - [19968] - C:\WINDOWS\syswow64\storagewmi_passthru.dll
[MD5.4C4277F889DCB811974390393F32EF00] - [04/06/2017 12:10:56] - |A| - [808960] - C:\WINDOWS\syswow64\StoreAgent.dll
[MD5.C15A1FFCDD78BCE7F5D4495493A3C125] - [04/06/2017 12:11:21] - |A| - [57856] - C:\WINDOWS\syswow64\Storprop.dll
[MD5.0538222949E36786D45601527BED7726] - [04/06/2017 12:10:57] - |A| - [555288] - C:\WINDOWS\syswow64\StructuredQuery.dll
[MD5.30F5568679A54042F99CA9EC1102EBCD] - [04/06/2017 12:11:23] - |A| - [93702] - C:\WINDOWS\syswow64\SubRange.uce
[MD5.55DF0B88319573F5FE5E063B0074F389] - [04/06/2017 12:11:00] - |A| - [14848] - C:\WINDOWS\syswow64\subst.exe
[MD5.5A96FC33B8821A29AB01F670C649395D] - [04/06/2017 12:11:03] - |A| - [654336] - C:\WINDOWS\syswow64\sud.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [283648] - C:\WINDOWS\syswow64\sv-SE
[MD5.A84783A7B0C05A3656257B16F857F2C5] - [04/06/2017 12:11:02] - |A| - [42432] - C:\WINDOWS\syswow64\svchost.exe
[MD5.C3F2CD290F68CF8BDE64259D964A51B7] - [04/06/2017 12:09:17] - |A| - [35840] - C:\WINDOWS\syswow64\sxproxy.dll
[MD5.63E6EA9C040325D53759AA7A4A2B836F] - [04/06/2017 12:11:21] - |A| - [537736] - C:\WINDOWS\syswow64\sxs.dll
[MD5.33817DC98ABFBB598CE44EE62F182E91] - [04/06/2017 12:11:03] - |A| - [19968] - C:\WINDOWS\syswow64\sxshared.dll
[MD5.DD25C9B43B496B06BD51F4B15B386438] - [04/06/2017 12:11:21] - |A| - [24576] - C:\WINDOWS\syswow64\sxsstore.dll
[MD5.70980003D3AC48DA185E4CEB8E9BA455] - [04/06/2017 12:11:21] - |A| - [29184] - C:\WINDOWS\syswow64\sxstrace.exe
[MD5.7E1174D7228C409616CDA5B6DD9939A4] - [04/06/2017 12:11:21] - |A| - [3287040] - C:\WINDOWS\syswow64\SyncCenter.dll
[MD5.81DB5C8D3DB63E7836DF68BA148E1076] - [05/06/2017 08:59:13] - |A| - [524288] - C:\WINDOWS\syswow64\SyncController.dll
[MD5.10D252ABD004948810CD0154E7830D07] - [04/06/2017 12:11:02] - |A| - [39936] - C:\WINDOWS\syswow64\SyncHost.exe
[MD5.4D6597C8F7FC0615655828DC059D741B] - [04/06/2017 12:11:02] - |A| - [11264] - C:\WINDOWS\syswow64\SyncHostps.dll
[MD5.6E5B3BB1F0D0FD13038AA320484F72E9] - [04/06/2017 12:11:02] - |A| - [348672] - C:\WINDOWS\syswow64\SyncInfrastructure.dll
[MD5.31C0D5054C5945A94F5BC20CD665AF31] - [04/06/2017 12:11:02] - |A| - [17920] - C:\WINDOWS\syswow64\SyncInfrastructureps.dll
[MD5.2DA91D674AA3FA6E0BACDECA59318648] - [05/06/2017 08:59:13] - |A| - [48640] - C:\WINDOWS\syswow64\SyncProxy.dll
[MD5.679E6950F9FFD6F5C560CC2A946DEA50] - [04/06/2017 12:11:05] - |A| - [63488] - C:\WINDOWS\syswow64\Syncreg.dll
[MD5.1D757C4ED25422C6F338DFA3F22BCB46] - [05/06/2017 08:59:13] - |A| - [2560] - C:\WINDOWS\syswow64\SyncRes.dll
[MD5.D95360861F9D8F094B1C5DA49B224046] - [04/06/2017 12:11:28] - |A| - [242688] - C:\WINDOWS\syswow64\SyncSettings.dll
[MD5.546EFC1C3A21889878F5C45C5FCDEB44] - [05/06/2017 08:59:13] - |A| - [330240] - C:\WINDOWS\syswow64\syncutil.dll
[MD5.C0D98F6BBC8025BD9D3B4FA15B7D6DE3] - [04/06/2017 12:11:23] - |A| - [315904] - C:\WINDOWS\syswow64\sysdm.cpl
[MD5.6B25E96644CF5FA75EE95567C956E4C4] - [04/06/2017 12:11:26] - |A| - [27648] - C:\WINDOWS\syswow64\syskey.exe
[MD5.2DFEEBD8B8BADABCC6AE9FC418BFF498] - [04/06/2017 12:11:21] - |A| - [419328] - C:\WINDOWS\syswow64\sysmon.ocx
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:46] - |D| - [0] - C:\WINDOWS\syswow64\sysprep
[MD5.81B14F1AD906AC1CF9102796C97A54FE] - [04/06/2017 12:11:21] - |A| - [3317] - C:\WINDOWS\syswow64\sysprint.sep
[MD5.58A67EC6B00A54A69DC364194CA171E0] - [04/06/2017 12:11:21] - |A| - [3666] - C:\WINDOWS\syswow64\sysprtj.sep
[MD5.A3C9D47E50E8FFAC740E810E75C943E7] - [04/06/2017 12:11:19] - |A| - [15360] - C:\WINDOWS\syswow64\syssetup.dll
[MD5.5EA67D77CA72CD8EA3A55D1136722C55] - [04/06/2017 12:11:21] - |A| - [288256] - C:\WINDOWS\syswow64\systemcpl.dll
[MD5.7B8A214D4C197F4F0347B3E279E52057] - [04/06/2017 12:10:57] - |A| - [22528] - C:\WINDOWS\syswow64\SystemEventsBrokerClient.dll
[MD5.9E1FC0513C0459D443103B9EE0D7FB7C] - [04/06/2017 12:11:23] - |A| - [77312] - C:\WINDOWS\syswow64\systeminfo.exe
[MD5.B9B4889AC0880E3F77367F1D7130D8D7] - [04/06/2017 12:11:23] - |A| - [82944] - C:\WINDOWS\syswow64\SystemPropertiesAdvanced.exe
[MD5.9877E6DB22F77EE96822A917D0BF4909] - [04/06/2017 12:11:21] - |A| - [82944] - C:\WINDOWS\syswow64\SystemPropertiesComputerName.exe
[MD5.4FFB788E1BAACDCC15E816A0C19DBAED] - [04/06/2017 12:11:21] - |A| - [82944] - C:\WINDOWS\syswow64\SystemPropertiesDataExecutionPrevention.exe
[MD5.8BFB2FB9A76335DBE948460569FEA8E8] - [04/06/2017 12:11:23] - |A| - [82944] - C:\WINDOWS\syswow64\SystemPropertiesHardware.exe
[MD5.B55E1FDF16123C915D9E0FC35127915C] - [04/06/2017 12:11:21] - |A| - [82944] - C:\WINDOWS\syswow64\SystemPropertiesPerformance.exe
[MD5.E24D4DF26C7228AE0C3B9150AAA074B4] - [04/06/2017 12:11:21] - |A| - [82944] - C:\WINDOWS\syswow64\SystemPropertiesProtection.exe
[MD5.40B4B1D484BD300C1F0B3BDA9B41EAD6] - [04/06/2017 12:11:21] - |A| - [82944] - C:\WINDOWS\syswow64\SystemPropertiesRemote.exe
[MD5.C5C7602AB1285EF8A713D884FE60FC24] - [04/06/2017 12:10:56] - |A| - [53248] - C:\WINDOWS\syswow64\SystemUWPLauncher.exe
[MD5.7C7BE0C84359C89797E9F37990AE862E] - [04/06/2017 12:11:28] - |A| - [9728] - C:\WINDOWS\syswow64\systray.exe
[MD5.550E30975B4ED9CEC3CD9B42BC04ED7E] - [04/06/2017 12:11:05] - |A| - [133120] - C:\WINDOWS\syswow64\t2embed.dll
[MD5.F873A00DE89111DA24B1C647180581E8] - [04/06/2017 12:11:26] - |A| - [51712] - C:\WINDOWS\syswow64\takeown.exe
[MD5.E36E7A24491E40BA31EC0E41C89F97F6] - [04/06/2017 12:11:26] - |A| - [857600] - C:\WINDOWS\syswow64\tapi3.dll
[MD5.B5F54A260D5E1C99410C79C746A068B9] - [04/06/2017 12:11:26] - |A| - [194048] - C:\WINDOWS\syswow64\tapi32.dll
[MD5.595A4A1C39D27E58B90EBDDA134675BE] - [04/06/2017 12:11:26] - |A| - [44544] - C:\WINDOWS\syswow64\TapiMigPlugin.dll
[MD5.9BD189F2CD8426C04A58D3234FFB0C8B] - [04/06/2017 12:11:26] - |A| - [9728] - C:\WINDOWS\syswow64\tapiperf.dll
[MD5.95B0DEA4083DC529222CB2D66558EEC3] - [04/06/2017 12:11:28] - |A| - [252928] - C:\WINDOWS\syswow64\tapisrv.dll
[MD5.12610AE862A8DFAD4A7DC7328FCEFE53] - [04/06/2017 12:11:26] - |A| - [10240] - C:\WINDOWS\syswow64\TapiSysprep.dll
[MD5.D1C329C20903F2F52D3F2885819EFF38] - [04/06/2017 12:11:26] - |A| - [109056] - C:\WINDOWS\syswow64\tapiui.dll
[MD5.1C69B59BDDFAC78DF83773369AF04F27] - [04/06/2017 12:11:26] - |A| - [12800] - C:\WINDOWS\syswow64\TapiUnattend.exe
[MD5.F36FBFAB43D72F337C5B6495F92EA879] - [04/06/2017 12:10:53] - |A| - [309248] - C:\WINDOWS\syswow64\TaskApis.dll
[MD5.BED76A4940A078456FB67FDCD8C153C1] - [04/06/2017 12:11:28] - |A| - [366592] - C:\WINDOWS\syswow64\taskcomp.dll
[MD5.DAEC6FDE2E30EA3A6D89F6314A266A76] - [04/06/2017 12:11:26] - |A| - [74240] - C:\WINDOWS\syswow64\taskkill.exe
[MD5.7593C21E42F4BE5162BB2D9D5A32AA07] - [04/06/2017 12:11:26] - |A| - [79872] - C:\WINDOWS\syswow64\tasklist.exe
[MD5.76C6946BBC824AA808EC4BCCACA1F836] - [04/06/2017 12:11:02] - |A| - [1139400] - C:\WINDOWS\syswow64\Taskmgr.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\syswow64\Tasks
[MD5.06D07199A5B6D3381EABDE045D25DB07] - [04/06/2017 12:11:26] - |A| - [534080] - C:\WINDOWS\syswow64\taskschd.dll
[MD5.AB2A58839814D2EA5EE621B5DBF944FF] - [04/06/2017 12:11:25] - |A| - [145059] - C:\WINDOWS\syswow64\taskschd.msc
[MD5.C41F911E205D564457877370C164804E] - [04/06/2017 12:11:26] - |A| - [36864] - C:\WINDOWS\syswow64\TaskSchdPS.dll
[MD5.BCF407F2030157D02411ABA53AD3C098] - [04/06/2017 12:10:56] - |A| - [30720] - C:\WINDOWS\syswow64\tbauth.dll
[MD5.3DFA6D61C9AFC8D0A0C73E1E14BEE992] - [04/06/2017 12:11:00] - |A| - [38272] - C:\WINDOWS\syswow64\tbs.dll
[MD5.69CB2501A57E852B590D1EEE22EBBD7C] - [04/06/2017 12:11:28] - |A| - [14848] - C:\WINDOWS\syswow64\tcmsetup.exe
[MD5.31B010EF50D54D548B4B8B211F421318] - [04/06/2017 12:11:21] - |A| - [1673] - C:\WINDOWS\syswow64\tcpbidi.xml
[MD5.73DA16859FB734D4E7D643D7BF6FDE62] - [04/06/2017 12:11:19] - |A| - [179200] - C:\WINDOWS\syswow64\tcpipcfg.dll
[MD5.D70DF83E2D0400D222949D772C5032E9] - [04/06/2017 12:11:18] - |A| - [32768] - C:\WINDOWS\syswow64\tcpmib.dll
[MD5.13D019AA37BD00AE8A52222E641B9590] - [04/06/2017 12:11:21] - |A| - [58880] - C:\WINDOWS\syswow64\tcpmonui.dll
[MD5.438A721580EEA377835D37E4AA2151EE] - [04/06/2017 12:10:59] - |A| - [10752] - C:\WINDOWS\syswow64\TCPSVCS.EXE
[MD5.9EF3AE7C3846BDC2622A54F71BF8DD5D] - [04/06/2017 12:09:13] - |A| - [74240] - C:\WINDOWS\syswow64\tdc.ocx
[MD5.AA46C6A3BE54219B402E769E9C9762D9] - [04/06/2017 12:11:05] - |A| - [610304] - C:\WINDOWS\syswow64\tdh.dll
[MD5.F3260B23CF2B51B64F746690D862DDEE] - [04/06/2017 12:10:57] - |A| - [127488] - C:\WINDOWS\syswow64\tdlrecover.exe
[MD5.571AB81B0239DC88AF72897F23E17F5A] - [04/06/2017 12:11:26] - |A| - [107520] - C:\WINDOWS\syswow64\telephon.cpl
[MD5.ED67EDF861BBA310A862B12CAB720B14] - [04/06/2017 12:10:53] - |A| - [71168] - C:\WINDOWS\syswow64\TempSignedLicenseExchangeTask.dll
[MD5.C2A1E6D8F25FD1CE6908D211A1791670] - [04/06/2017 12:11:26] - |A| - [372224] - C:\WINDOWS\syswow64\termmgr.dll
[MD5.1DA4C2E869901BCE04242417782EA844] - [04/06/2017 12:10:57] - |A| - [49664] - C:\WINDOWS\syswow64\tetheringclient.dll
[MD5.32BA303F91BE50696A7CFF000FB3BCDB] - [04/06/2017 12:10:53] - |A| - [421376] - C:\WINDOWS\syswow64\TextInputFramework.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [220672] - C:\WINDOWS\syswow64\th-TH
[MD5.5D7C7F1EACB5B4B9F12F065ED5EB715D] - [04/06/2017 12:11:25] - |A| - [2461184] - C:\WINDOWS\syswow64\themecpl.dll
[MD5.1BA7FE18C8DA20A94AE1B93AB880AA2B] - [04/06/2017 12:11:26] - |A| - [2818048] - C:\WINDOWS\syswow64\themeui.dll
[MD5.C0D2839A213FDE7B37808FD5AC367B0C] - [04/06/2017 12:10:53] - |A| - [57856] - C:\WINDOWS\syswow64\threadpoolwinrt.dll
[MD5.6C200B527386A65F0C97F992CA98D52C] - [04/06/2017 12:10:53] - |A| - [276816] - C:\WINDOWS\syswow64\thumbcache.dll
[MD5.7F43124A12C2466FCCB32713230D6EBC] - [04/06/2017 12:11:21] - |A| - [28672] - C:\WINDOWS\syswow64\ThumbnailExtractionHost.exe
[MD5.CD3BAB690EAEE19BEAA21B7D333CE39C] - [04/06/2017 12:11:00] - |A| - [2560] - C:\WINDOWS\syswow64\tier2punctuations.dll
[MD5.5B43BE0D9532B87D937986EAF09DC7CE] - [04/06/2017 12:10:57] - |A| - [421376] - C:\WINDOWS\syswow64\TileDataRepository.dll
[MD5.1979AA589B02A3001C151475EB1DA322] - [04/06/2017 12:11:28] - |A| - [464896] - C:\WINDOWS\syswow64\timedate.cpl
[MD5.4040A00A0CEB7ED16FDBF4C8AFE002A7] - [04/06/2017 12:11:13] - |A| - [9216] - C:\WINDOWS\syswow64\TimeDateMUICallback.dll
[MD5.8ED518ACD1E315D74265B0ABC6B1E3AF] - [04/06/2017 12:11:26] - |A| - [26112] - C:\WINDOWS\syswow64\timeout.exe
[MD5.0D6BF5612B7629497BD308BF2A4F7887] - [04/06/2017 12:11:26] - |A| - [38400] - C:\WINDOWS\syswow64\tlscsp.dll
[MD5.BA575EA90E1EB82DC60A8303F6AB4980] - [04/06/2017 12:11:05] - |A| - [34816] - C:\WINDOWS\syswow64\tokenbinding.dll
[MD5.05943CDB036B6016D6CD6610681E01AF] - [04/06/2017 12:10:56] - |A| - [883712] - C:\WINDOWS\syswow64\TokenBroker.dll
[MD5.0DF5CA3FB9396E8BC19378EB1CE2B6BB] - [04/06/2017 12:10:56] - |A| - [15872] - C:\WINDOWS\syswow64\TokenBrokerCookies.exe
[MD5.240F4AB2F88B2AAFCE502FBC08BD7C22] - [04/06/2017 12:11:26] - |A| - [37888] - C:\WINDOWS\syswow64\TokenBrokerUI.dll
[MD5.9359341F78E00134B527814B4868ECD5] - [04/06/2017 12:11:29] - |A| - [144862] - C:\WINDOWS\syswow64\tpm.msc
[MD5.C05E1BF76E53834449C4E1753EE06569] - [04/06/2017 12:11:28] - |A| - [3584] - C:\WINDOWS\syswow64\TpmCertResources.dll
[MD5.AD6CE1D72D8C572F47D5931940559E94] - [04/06/2017 12:11:29] - |A| - [44544] - C:\WINDOWS\syswow64\tpmcompc.dll
[MD5.97D6934CC416D0E0AFADAF64DC575D26] - [04/06/2017 12:11:28] - |A| - [538112] - C:\WINDOWS\syswow64\TpmCoreProvisioning.dll
[MD5.69846152302D088AD5030D6A274AF749] - [04/06/2017 12:11:29] - |A| - [60928] - C:\WINDOWS\syswow64\TpmInit.exe
[MD5.507A14701102AEE4BC5A49281BB4F602] - [04/06/2017 12:10:56] - |A| - [2702848] - C:\WINDOWS\syswow64\tquery.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [280576] - C:\WINDOWS\syswow64\tr-TR
[MD5.BAFA44A67C8180C0643BD005A035ABA0] - [04/06/2017 12:11:18] - |A| - [379392] - C:\WINDOWS\syswow64\tracerpt.exe
[MD5.037522D2CCA475777817F43B59A8B25D] - [04/06/2017 12:11:00] - |A| - [15360] - C:\WINDOWS\syswow64\TRACERT.EXE
[MD5.8EC62542D2C01EB98A99945B68766C33] - [04/06/2017 12:11:19] - |A| - [35840] - C:\WINDOWS\syswow64\traffic.dll
[MD5.5B609FBB289BD29B69572A59825ADC28] - [04/06/2017 12:11:00] - |A| - [17920] - C:\WINDOWS\syswow64\tree.com
[MD5.7EFA6CADDF052C15A5BFD1A0239F9829] - [04/06/2017 12:11:05] - |A| - [88064] - C:\WINDOWS\syswow64\TrustedSignalCredProv.dll
[MD5.FFEA92E576B89B8A9FAF32E92375DAEA] - [04/06/2017 12:10:53] - |A| - [13824] - C:\WINDOWS\syswow64\tsbyuv.dll
[MD5.88D83B087BFB08C57DEB974ED72C36E9] - [04/06/2017 12:11:26] - |A| - [50688] - C:\WINDOWS\syswow64\tsgqec.dll
[MD5.CF2DB2D4D375E4C938CEE3FA8E34B08B] - [04/06/2017 12:11:26] - |A| - [352816] - C:\WINDOWS\syswow64\tsmf.dll
[MD5.15DDB17E133BFC1018F6C4286013899D] - [04/06/2017 12:11:23] - |A| - [94208] - C:\WINDOWS\syswow64\TSpkg.dll
[MD5.30C280EBA61472F5FEFAFD039D206924] - [04/06/2017 12:11:26] - |A| - [45568] - C:\WINDOWS\syswow64\TSTheme.exe
[MD5.B62EF6B9FCB6E59A6E89CDED2A64991C] - [04/06/2017 12:11:26] - |A| - [770560] - C:\WINDOWS\syswow64\TSWorkspace.dll
[MD5.2336D648E55EE6FE2EA33CC36DF485C2] - [11/06/2017 03:22:09] - |A| - [35480] - C:\WINDOWS\syswow64\TsWpfWrp.exe
[MD5.70F301F80BE47FE4D7312CF3F78937AE] - [04/06/2017 12:11:28] - |A| - [178176] - C:\WINDOWS\syswow64\TtlsAuth.dll
[MD5.A749765B5FD187C804F92D364A3BE4D0] - [04/06/2017 12:11:28] - |A| - [164352] - C:\WINDOWS\syswow64\TtlsCfg.dll
[MD5.84C3FF1CE53023842746AF7E17807B46] - [04/06/2017 12:11:28] - |A| - [30720] - C:\WINDOWS\syswow64\tvratings.dll
[MD5.CDE213B0A63D80B02E462447E9AC1434] - [04/06/2017 12:11:23] - |A| - [157184] - C:\WINDOWS\syswow64\twext.dll
[MD5.C9FD94196CB3552992DA42014BADE7E9] - [04/06/2017 12:10:56] - |A| - [1333600] - C:\WINDOWS\syswow64\twinapi.appcore.dll
[MD5.341A73AFFF762A8ADCB53E5F8824CD7C] - [04/06/2017 12:11:26] - |A| - [443904] - C:\WINDOWS\syswow64\twinapi.dll
[MD5.EB310E7EF8104842E12F8F99D4D378A9] - [04/06/2017 12:10:53] - |A| - [700928] - C:\WINDOWS\syswow64\twinui.appcore.dll
[MD5.9224B4E6B8CABF5BC5E56295B491B2B1] - [04/06/2017 12:11:26] - |A| - [6647808] - C:\WINDOWS\syswow64\twinui.dll
[MD5.0E63C905DCCE5DFF12A6A0CF17221110] - [04/06/2017 12:11:02] - |A| - [97792] - C:\WINDOWS\syswow64\txflog.dll
[MD5.0110C144940DE0F3E1FA54796A152B60] - [04/06/2017 12:11:02] - |A| - [12288] - C:\WINDOWS\syswow64\txfw32.dll
[MD5.9A355B75137E8A5F3C384C999CC6DBBC] - [04/06/2017 12:11:18] - |A| - [8960] - C:\WINDOWS\syswow64\typelib.dll
[MD5.A7F4F64AFA376363FD64586A15E5C15C] - [04/06/2017 12:11:18] - |A| - [41472] - C:\WINDOWS\syswow64\typeperf.exe
[MD5.3DC4E1AA23BC97A234B6D78001D2CE77] - [04/06/2017 12:11:02] - |A| - [2560] - C:\WINDOWS\syswow64\tzres.dll
[MD5.8E2A2B975247FFFD8422FD980A2C609A] - [04/06/2017 12:11:23] - |A| - [48128] - C:\WINDOWS\syswow64\tzutil.exe
[MD5.C77A611841FEC95F61620BE036505785] - [04/06/2017 12:11:28] - |A| - [48128] - C:\WINDOWS\syswow64\ucmhc.dll
[MD5.3BB0CD6BAD3425BB76D0B99B50FB6A06] - [04/06/2017 12:11:03] - |A| - [1156440] - C:\WINDOWS\syswow64\ucrtbase.dll
[MD5.55F4DD27392327328C2BB9BB59129B7D] - [04/06/2017 12:10:59] - |A| - [59392] - C:\WINDOWS\syswow64\udhisapi.dll
[MD5.01E96A85B337B702AE2BC7F838AE7B65] - [04/06/2017 12:11:53] - |A| - [3420] - C:\WINDOWS\syswow64\UevCustomActionTypes.tlb
[MD5.5275145427CBA3D3CEA0ABD64DFA0003] - [04/06/2017 12:10:59] - |A| - [103936] - C:\WINDOWS\syswow64\uexfat.dll
[MD5.F0095C933F56F25824750A12667F1C08] - [04/06/2017 12:10:53] - |A| - [136192] - C:\WINDOWS\syswow64\ufat.dll
[MD5.A81411C2F9C2BCCAF285B050FE8E0FE3] - [04/06/2017 12:10:53] - |A| - [351232] - C:\WINDOWS\syswow64\UiaManager.dll
[MD5.EC969B3069DF93DE936349DF700DF14A] - [04/06/2017 12:10:53] - |A| - [246784] - C:\WINDOWS\syswow64\UIAnimation.dll
[MD5.402E52E57D4FCED9AAEBDFE16A316106] - [04/06/2017 12:10:53] - |A| - [1753600] - C:\WINDOWS\syswow64\UIAutomationCore.dll
[MD5.BAC10FCE51FAB59FD703A3E29784E161] - [04/06/2017 12:11:26] - |A| - [36352] - C:\WINDOWS\syswow64\uicom.dll
[MD5.B3F32C03D20F3D54CDE9C4B7C66D9D76] - [04/06/2017 12:11:26] - |A| - [10752] - C:\WINDOWS\syswow64\UIManagerBrokerps.dll
[MD5.EEF8CEE51CF6D22A28DBEA9F94DCC6D8] - [04/06/2017 12:11:00] - |A| - [230912] - C:\WINDOWS\syswow64\uireng.dll
[MD5.31CF59D61E92C925261739BC365DEA84] - [04/06/2017 12:12:58] - |A| - [3489792] - C:\WINDOWS\syswow64\UIRibbon.dll
[MD5.0C440BCFEBD0DCB66A2EB31A40CC90FD] - [04/06/2017 12:12:58] - |A| - [584192] - C:\WINDOWS\syswow64\UIRibbonRes.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [232448] - C:\WINDOWS\syswow64\uk-UA
[MD5.B412220D9507196D822BAF14ADECA95E] - [04/06/2017 12:10:57] - |A| - [147280] - C:\WINDOWS\syswow64\ulib.dll
[MD5.CE6DF53D60B345C242C53CE9039DB7B8] - [04/06/2017 12:11:26] - |A| - [16384] - C:\WINDOWS\syswow64\umdmxfrm.dll
[MD5.1C4E06C760159F94464EFDA80153F9DB] - [04/06/2017 12:11:00] - |A| - [60928] - C:\WINDOWS\syswow64\unenrollhook.dll
[MD5.5D97B05CD450528849AB33B9C75F76C9] - [04/06/2017 12:11:28] - |A| - [253952] - C:\WINDOWS\syswow64\unimdm.tsp
[MD5.28BB1A9A70F1D20F816D9D2096A2F124] - [04/06/2017 12:11:26] - |A| - [62464] - C:\WINDOWS\syswow64\unimdmat.dll
[MD5.56F99FEBF31400A33C56D1048228721F] - [04/06/2017 12:11:28] - |A| - [17920] - C:\WINDOWS\syswow64\uniplat.dll
[MD5.0314B83B15FCCD2CF756AC8EDC867BFD] - [04/06/2017 12:10:53] - |A| - [997376] - C:\WINDOWS\syswow64\Unistore.dll
[MD5.378B8A480E03973CFC0D92979B532271] - [04/06/2017 12:11:03] - |A| - [34304] - C:\WINDOWS\syswow64\unlodctr.exe
[MD5.D7DEDC431F6EB9F432FFB77059BBDD8D] - [05/06/2017 08:58:25] - |A| - [217088] - C:\WINDOWS\syswow64\unregmp2.exe
[MD5.0A84616E78143DA08BFD1AB960CE234E] - [04/06/2017 12:10:50] - |A| - [536576] - C:\WINDOWS\syswow64\untfs.dll
[MD5.636E46D9110246F283F5BDDAC6C1B3F8] - [04/06/2017 12:10:57] - |A| - [96256] - C:\WINDOWS\syswow64\updatepolicy.dll
[MD5.D2DD6D72730D2201311D688811A176C3] - [04/06/2017 12:10:59] - |A| - [331776] - C:\WINDOWS\syswow64\upnp.dll
[MD5.C92D8B14A60277783D2FE10C885D8467] - [04/06/2017 12:10:59] - |A| - [35328] - C:\WINDOWS\syswow64\upnpcont.exe
[MD5.26DBEC861A9CB47CAEC0738B5C0ADEC1] - [04/06/2017 12:10:59] - |A| - [332800] - C:\WINDOWS\syswow64\upnphost.dll
[MD5.1632DFA8E84D81457F129D1DE2AB3B35] - [04/06/2017 12:10:59] - |A| - [564224] - C:\WINDOWS\syswow64\uReFS.dll
[MD5.AF3A84200F244B976BC0B4891222BB36] - [04/06/2017 12:10:59] - |A| - [374272] - C:\WINDOWS\syswow64\uReFSv1.dll
[MD5.9FB666B16E57BA7860467E49A62AB0AA] - [04/06/2017 12:11:00] - |A| - [25088] - C:\WINDOWS\syswow64\ureg.dll
[MD5.FD9AE35A266F12E71686BBB110F3A04A] - [04/06/2017 12:09:13] - |A| - [233472] - C:\WINDOWS\syswow64\url.dll
[MD5.E0285F3ED32B43F4A337EB8A56F12C2D] - [04/06/2017 12:11:05] - |A| - [1604608] - C:\WINDOWS\syswow64\urlmon.dll
[MD5.4E9203EC03797CD4FDBD84EE581EEE8C] - [04/06/2017 12:11:13] - |A| - [93696] - C:\WINDOWS\syswow64\usbceip.dll
[MD5.3362CC6B67E30025D2B94324CC78EDFD] - [04/06/2017 12:11:13] - |A| - [12288] - C:\WINDOWS\syswow64\usbperf.dll
[MD5.C724F4196735D7DD7BA60BAFAB384CE1] - [04/06/2017 12:11:13] - |A| - [88064] - C:\WINDOWS\syswow64\usbui.dll
[MD5.5C6814FACE3245E33CFFBEF298B43AE1] - [04/06/2017 12:11:13] - |A| - [4096] - C:\WINDOWS\syswow64\user.exe
[MD5.8B43320F75AF7DD422C5E9B8811EB8F7] - [04/06/2017 12:11:00] - |A| - [1522688] - C:\WINDOWS\syswow64\user32.dll
[MD5.83EE0C0CDCFA5D4549B9F46EA127D120] - [04/06/2017 12:11:28] - |A| - [32536] - C:\WINDOWS\syswow64\UserAccountBroker.exe
[MD5.D1177F60349CEA9728DD22EEFBC7E9ED] - [04/06/2017 12:11:08] - |A| - [72704] - C:\WINDOWS\syswow64\UserAccountControlSettings.dll
[MD5.3429DA189C37F3893C46FFE2DA1BDBE8] - [04/06/2017 12:11:08] - |A| - [88576] - C:\WINDOWS\syswow64\UserAccountControlSettings.exe
[MD5.B318181E31BD28A1BC1F0A892B3F7166] - [04/06/2017 12:11:26] - |A| - [1231360] - C:\WINDOWS\syswow64\usercpl.dll
[MD5.9F0F573D518BE097EF44F1C09E431CC6] - [04/06/2017 12:10:53] - |A| - [8192] - C:\WINDOWS\syswow64\UserDataAccessRes.dll
[MD5.5089F6A0828F7D5DB735B074F77AE1A3] - [04/06/2017 12:10:53] - |A| - [340480] - C:\WINDOWS\syswow64\UserDataAccountApis.dll
[MD5.A2DEFB6ADDB65ED139E36C95014A3822] - [04/06/2017 12:10:53] - |A| - [36864] - C:\WINDOWS\syswow64\UserDataLanguageUtil.dll
[MD5.12747A0B0ED12E2F2613BC3180939D2D] - [04/06/2017 12:10:53] - |A| - [53760] - C:\WINDOWS\syswow64\UserDataPlatformHelperUtil.dll
[MD5.A852A669413414E8CF76971126225297] - [04/06/2017 12:10:53] - |A| - [94720] - C:\WINDOWS\syswow64\UserDataTimeUtil.dll
[MD5.971F3FF89769D1267554A801234DD090] - [04/06/2017 12:10:53] - |A| - [37888] - C:\WINDOWS\syswow64\UserDataTypeHelperUtil.dll
[MD5.CE2EBF4855405AD5ADC10E3C9D156E95] - [04/06/2017 12:10:56] - |A| - [160256] - C:\WINDOWS\syswow64\UserDeviceRegistration.dll
[MD5.CD0CECD131EEE70C09A5FFC960C05352] - [04/06/2017 12:10:56] - |A| - [173568] - C:\WINDOWS\syswow64\UserDeviceRegistration.Ngc.dll
[MD5.579F1A8EA5624161A0D90CA0F18DBFA1] - [04/06/2017 12:11:03] - |A| - [129144] - C:\WINDOWS\syswow64\userenv.dll
[MD5.416A275B34A001AF06DA354635578712] - [04/06/2017 12:11:05] - |A| - [27136] - C:\WINDOWS\syswow64\userinit.exe
[MD5.0183DA92DED1C9DEC8DDC029DBA1AB16] - [04/06/2017 12:11:05] - |A| - [16896] - C:\WINDOWS\syswow64\userinitext.dll
[MD5.3316C0FB093325B3576937793CD262E7] - [04/06/2017 12:10:57] - |A| - [59904] - C:\WINDOWS\syswow64\UserLanguageProfileCallback.dll
[MD5.DDF83C17752D1E8F9CC6EB13A0015AE4] - [04/06/2017 12:11:08] - |A| - [559104] - C:\WINDOWS\syswow64\UserLanguagesCpl.dll
[MD5.D2F9694B0935134A0F8EFEFBB7F199C1] - [04/06/2017 12:11:03] - |A| - [54256] - C:\WINDOWS\syswow64\usermgrcli.dll
[MD5.01664DA6A544954036C03C166BBF2F44] - [04/06/2017 12:11:03] - |A| - [180224] - C:\WINDOWS\syswow64\UserMgrProxy.dll
[MD5.EE1E5A084CC97081CEAE96EC14B76AD2] - [04/06/2017 12:11:28] - |A| - [31232] - C:\WINDOWS\syswow64\usk.rs
[MD5.38C5034CFC9C55594936440EAC812921] - [04/06/2017 12:10:59] - |A| - [60928] - C:\WINDOWS\syswow64\usoapi.dll
[MD5.11416074D970CADD2F901E0CA1F42BAC] - [04/06/2017 12:11:03] - |A| - [77824] - C:\WINDOWS\syswow64\usp10.dll
[MD5.72DA692863E6516821A7BDBB36F944D9] - [04/06/2017 12:11:26] - |A| - [39936] - C:\WINDOWS\syswow64\ustprov.dll
[MD5.049796C146544343A559EA0FD092256C] - [04/06/2017 12:11:26] - |A| - [36152] - C:\WINDOWS\syswow64\utildll.dll
[MD5.4801CD0FF86CC4E777E24BF8778463D8] - [04/06/2017 12:10:59] - |A| - [75264] - C:\WINDOWS\syswow64\Utilman.exe
[MD5.5843BCF2A8EE3CA0AD0EA76AD486398C] - [04/06/2017 12:11:26] - |A| - [141312] - C:\WINDOWS\syswow64\uudf.dll
[MD5.6B7385E2F58E7927B47926E40BDC91CA] - [04/06/2017 12:11:28] - |A| - [67584] - C:\WINDOWS\syswow64\UXInit.dll
[MD5.7B1AB8C9C11DEC7A9D7484BF3ACC066F] - [04/06/2017 12:11:21] - |A| - [131920] - C:\WINDOWS\syswow64\uxlib.dll
[MD5.A056102474733FB73B9A676FF81E1CC6] - [04/06/2017 12:11:21] - |A| - [7504] - C:\WINDOWS\syswow64\uxlibres.dll
[MD5.5CB1D433F57A1FC56CE412B2D90FB305] - [04/06/2017 12:11:25] - |A| - [472576] - C:\WINDOWS\syswow64\uxtheme.dll
[MD5.18DAC5512B0EE43C4488EB015183A751] - [04/06/2017 12:11:26] - |A| - [473088] - C:\WINDOWS\syswow64\VAN.dll
[MD5.F98B841035486F91A03130EF8C1EF253] - [04/06/2017 12:11:26] - |A| - [668672] - C:\WINDOWS\syswow64\Vault.dll
[MD5.6E228B092468B2B1423E2E559D7631F7] - [04/06/2017 12:10:56] - |A| - [201728] - C:\WINDOWS\syswow64\vaultcli.dll
[MD5.A8B799B873537232963697D7CDEC2CFA] - [04/06/2017 12:11:13] - |A| - [30749] - C:\WINDOWS\syswow64\vbajet32.dll
[MD5.997214D80E4CB02EBF154074EB220E50] - [04/06/2017 12:11:26] - |A| - [137728] - C:\WINDOWS\syswow64\VBICodec.ax
[MD5.5F9485B2FB2B0CC8ED7727B5187F84EE] - [04/06/2017 12:11:26] - |A| - [40448] - C:\WINDOWS\syswow64\vbisurf.ax
[MD5.3BAC8A8B1F48E5C27879046E75A909F5] - [04/06/2017 12:09:13] - |A| - [512000] - C:\WINDOWS\syswow64\vbscript.dll
[MD5.DF10D083E053AEBFF4900746C6EC2F35] - [04/06/2017 12:10:53] - |A| - [147456] - C:\WINDOWS\syswow64\VCardParser.dll
[MD5.6A54AE0FC6C7E1DA4FADA8F0243F5548] - [04/06/2017 12:11:19] - |A| - [17920] - C:\WINDOWS\syswow64\vdmdbg.dll
[MD5.A6B72BC00A5F6CF39656F6AD2A2E2E1C] - [04/06/2017 12:11:23] - |A| - [47616] - C:\WINDOWS\syswow64\vds_ps.dll
[MD5.65D8EC205B6CBC8C0867C1ECE2F8C1D3] - [04/06/2017 12:10:57] - |A| - [110080] - C:\WINDOWS\syswow64\VEDataLayerHelpers.dll
[MD5.A7860D4029EC21799F041898EEBB56A3] - [04/06/2017 12:10:57] - |A| - [290304] - C:\WINDOWS\syswow64\VEEventDispatcher.dll
[MD5.150B30AF230CBD852461F5536077BA21] - [04/06/2017 12:11:21] - |A| - [11776] - C:\WINDOWS\syswow64\verclsid.exe
[MD5.DFB4A2100ACEEB0082A7623184E5D591] - [04/06/2017 12:11:02] - |A| - [361520] - C:\WINDOWS\syswow64\verifier.dll
[MD5.AEDC12C21EC77ECD5D93E358AD9B922D] - [04/06/2017 12:11:26] - |A| - [140800] - C:\WINDOWS\syswow64\verifiergui.exe
[MD5.D2F4A8AC47F1DC43FEECF85A07E7B32C] - [04/06/2017 12:11:21] - |A| - [23248] - C:\WINDOWS\syswow64\version.dll
[MD5.5B2EC88B1553D44FB4F202961B2A0414] - [04/06/2017 12:10:50] - |A| - [57856] - C:\WINDOWS\syswow64\vfwwdm32.dll
[MD5.C3EFFAA70BE4FDB8C283E207E37B6B6E] - [04/06/2017 12:10:50] - |A| - [31744] - C:\WINDOWS\syswow64\vidcap.ax
[MD5.A9E3771D35F9367608F8A30FDC2AA125] - [04/06/2017 12:09:12] - |A| - [104352] - C:\WINDOWS\syswow64\VIDRESZR.DLL
[MD5.61D80F38E14A0ED0220EEECA1E368F82] - [04/06/2017 12:10:59] - |A| - [43008] - C:\WINDOWS\syswow64\virtdisk.dll
[MD5.4F73069D09EAD6B2E2B04188AD2A8E87] - [04/06/2017 12:11:02] - |A| - [36352] - C:\WINDOWS\syswow64\VoiceActivationManager.dll
[MD5.4EF2892E4680FC52A6B779DFD28F107C] - [04/06/2017 12:10:57] - |A| - [106496] - C:\WINDOWS\syswow64\VoipRT.dll
[MD5.8E993F663D3E9F54AA2BE545D4E9D961] - [04/06/2017 12:11:23] - |A| - [44032] - C:\WINDOWS\syswow64\vpnikeapi.dll
[MD5.40DA9900C29561F12B31BF62B1A0963F] - [04/06/2017 12:12:58] - |A| - [13312] - C:\WINDOWS\syswow64\VscMgrPS.dll
[MD5.AC0CCFF02FC905EDC5DFB5EE8F257D62] - [11/06/2017 03:12:30] - |A| - [59392] - C:\WINDOWS\syswow64\VSD3DWARPDebug.dll
[MD5.70DB0C41844C640AB3765D7EDA0CC952] - [11/06/2017 03:12:30] - |A| - [121856] - C:\WINDOWS\syswow64\VsGraphicsCapture.dll
[MD5.E220F2F0DB0BA969F25A36DA90719857] - [11/06/2017 03:12:30] - |A| - [4541952] - C:\WINDOWS\syswow64\VsGraphicsDesktopEngine.exe
[MD5.C31ECCB296C71FE626323761AE9CCA98] - [11/06/2017 03:12:30] - |A| - [218624] - C:\WINDOWS\syswow64\VsGraphicsExperiment.dll
[MD5.501A059B32C82D009E7512E6918D31B9] - [11/06/2017 03:12:30] - |A| - [41984] - C:\WINDOWS\syswow64\VsGraphicsProxyStub.dll
[MD5.62DAC4DCC487FAF65B8D49AEEBE7162E] - [11/06/2017 03:12:30] - |A| - [3649024] - C:\WINDOWS\syswow64\VsGraphicsRemoteEngine.exe
[MD5.3BC15E6CFB0BECA97F009DB458611231] - [04/06/2017 12:11:26] - |A| - [109568] - C:\WINDOWS\syswow64\vssadmin.exe
[MD5.8E5489083A2EBCFE99E563E2DF9B7D59] - [04/06/2017 12:11:26] - |A| - [1159680] - C:\WINDOWS\syswow64\vssapi.dll
[MD5.6A89667B59D16EEA710C1CC20351FEAE] - [04/06/2017 12:11:26] - |A| - [53248] - C:\WINDOWS\syswow64\vsstrace.dll
[MD5.F8BCC8F8184F44BCE7E94B376C62C9BA] - [04/06/2017 12:11:26] - |A| - [29184] - C:\WINDOWS\syswow64\vss_ps.dll
[MD5.4F89AC14A299EEB1E23D1BACA381A89F] - [12/06/2017 11:00:07] - |A| - [525600] - C:\WINDOWS\syswow64\vulkan-1.dll
[MD5.82695D42B9F6C2B9625A3E9D3C924B50] - [12/06/2017 11:00:07] - |A| - [233760] - C:\WINDOWS\syswow64\vulkaninfo.exe
[MD5.64CA9A9978200604F4B6A83041B7E69B] - [04/06/2017 12:11:28] - |A| - [78848] - C:\WINDOWS\syswow64\w32tm.exe
[MD5.BCBDC642527D2E10489F629D701C5CD7] - [04/06/2017 12:10:57] - |A| - [28672] - C:\WINDOWS\syswow64\w32topl.dll
[MD5.1689D12D3BB43096B23DB20CCCB81073] - [04/06/2017 12:11:03] - |A| - [59392] - C:\WINDOWS\syswow64\WABSyncProvider.dll
[MD5.B2FDCFF38FD6272FAD1DD663014FFB04] - [04/06/2017 12:11:26] - |A| - [32256] - C:\WINDOWS\syswow64\waitfor.exe
[MD5.39D8C1FFEF02C0E77C751A1A1516341F] - [04/06/2017 12:10:56] - |A| - [10752] - C:\WINDOWS\syswow64\WalletBackgroundServiceProxy.dll
[MD5.08C154E98DCDF6737C5D493D0CF1AE89] - [04/06/2017 12:10:57] - |A| - [36864] - C:\WINDOWS\syswow64\WalletProxy.dll
[MD5.138B0F1A3551790A8E0765321C72A3DD] - [04/06/2017 12:11:26] - |A| - [227328] - C:\WINDOWS\syswow64\wavemsp.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [19824334] - C:\WINDOWS\syswow64\wbem
[MD5.5866682F5A3721502F450491A7E2B6E0] - [04/06/2017 12:11:26] - |A| - [397824] - C:\WINDOWS\syswow64\wbemcomn.dll
[MD5.2861FB2013669F1016402D8ECAD3914B] - [04/06/2017 12:11:28] - |A| - [104960] - C:\WINDOWS\syswow64\wcmapi.dll
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:46] - |D| - [0] - C:\WINDOWS\syswow64\WCN
[MD5.215701633C1595D7C8F84752748158F9] - [04/06/2017 12:08:58] - |A| - [97280] - C:\WINDOWS\syswow64\WcnApi.dll
[MD5.687CD5DE3EFB7C9326791E6C913B05D5] - [04/06/2017 12:08:58] - |A| - [1238528] - C:\WINDOWS\syswow64\wcnwiz.dll
[MD5.011939D9EDAB42AF2C6B8B190DB83410] - [04/06/2017 12:11:21] - |A| - [1304576] - C:\WINDOWS\syswow64\wdc.dll
[MD5.B8FBE9CF55B5EA0528D6F231B85DBE0D] - [04/06/2017 12:11:05] - |A| - [89088] - C:\WINDOWS\syswow64\wdi.dll
[MD5.18568D2F0603FD647537D09034CF4D1F] - [04/06/2017 12:11:05] - |A| - [186880] - C:\WINDOWS\syswow64\wdigest.dll
[MD5.897AC4FDC9C90745E3B67587B9921F63] - [04/06/2017 12:10:53] - |A| - [212480] - C:\WINDOWS\syswow64\wdmaud.drv
[MD5.7CBE55507D4960D88A5A420C5F29D2A9] - [04/06/2017 12:09:57] - |A| - [212304] - C:\WINDOWS\syswow64\wdscore.dll
[MD5.712ED4B9503F8BF5F233FE9F5AC4C901] - [04/06/2017 12:11:28] - |A| - [4608] - C:\WINDOWS\syswow64\WEB.rs
[MD5.6A3E44BE087CB426BF067C186383819B] - [04/06/2017 12:10:57] - |A| - [207360] - C:\WINDOWS\syswow64\webauthn.dll
[MD5.DA321FAAFEA1950E3A7EA85CA402079A] - [04/06/2017 12:09:17] - |A| - [835072] - C:\WINDOWS\syswow64\WebcamUi.dll
[MD5.852F810CD612F5180B92589E5361E3AF] - [04/06/2017 12:09:13] - |A| - [235008] - C:\WINDOWS\syswow64\webcheck.dll
[MD5.CC71D1AE691F6CB41ACDE71435634C25] - [04/06/2017 12:11:28] - |A| - [193536] - C:\WINDOWS\syswow64\WebClnt.dll
[MD5.F41EC567C83DFF18A5B08CC4D60178AA] - [04/06/2017 12:11:05] - |A| - [463872] - C:\WINDOWS\syswow64\webio.dll
[MD5.C83D4DAD8FE99892A0C800FC52F30018] - [04/06/2017 12:09:12] - |A| - [374272] - C:\WINDOWS\syswow64\webplatstorageserver.dll
[MD5.5C0D643CB692791A76BD117152074449] - [04/06/2017 12:10:56] - |A| - [1072808] - C:\WINDOWS\syswow64\webservices.dll
[MD5.2905839F8C7CF36D1CD905D2EDEA584E] - [04/06/2017 12:11:05] - |A| - [37376] - C:\WINDOWS\syswow64\Websocket.dll
[MD5.F8C7AADA48109943DE7FD574E13A6841] - [04/06/2017 12:11:07] - |A| - [56320] - C:\WINDOWS\syswow64\wecapi.dll
[MD5.0459290C4147DBC782DFE3ED6126D875] - [04/06/2017 12:11:07] - |A| - [78336] - C:\WINDOWS\syswow64\wecutil.exe
[MD5.07AD43A60826DAB6C6C537D10FA0885E] - [04/06/2017 12:11:02] - |A| - [628600] - C:\WINDOWS\syswow64\wer.dll
[MD5.0C8F198F89AA452F6523A7FC40401AB9] - [04/06/2017 12:11:02] - |A| - [32768] - C:\WINDOWS\syswow64\werdiagcontroller.dll
[MD5.A097CA157BC8CCC85DD02F9338A4C68D] - [04/06/2017 12:11:02] - |A| - [184360] - C:\WINDOWS\syswow64\weretw.dll
[MD5.22ED042FD4BC6878DBB28B69E8CE62EB] - [04/06/2017 12:11:03] - |A| - [294224] - C:\WINDOWS\syswow64\WerFault.exe
[MD5.1EABF8ECFE578BA3D195431FB7C5C9A5] - [04/06/2017 12:11:03] - |A| - [130240] - C:\WINDOWS\syswow64\WerFaultSecure.exe
[MD5.BFA8122BC01A3409D910BBBEADC3CD9C] - [04/06/2017 12:11:02] - |A| - [169808] - C:\WINDOWS\syswow64\wermgr.exe
[MD5.9E3D175DC55A0023836448226502BABC] - [04/06/2017 12:11:05] - |A| - [410624] - C:\WINDOWS\syswow64\werui.dll
[MD5.06A9C857374DED42F26FEDE798CBC5AE] - [04/06/2017 12:11:00] - |A| - [299064] - C:\WINDOWS\syswow64\wevtapi.dll
[MD5.562D3BDC7B6782D35BFCC93D6174D593] - [04/06/2017 12:11:08] - |A| - [79360] - C:\WINDOWS\syswow64\wevtfwd.dll
[MD5.B99456032BF59BD4875EB807A5A89A36] - [04/06/2017 12:11:00] - |A| - [162816] - C:\WINDOWS\syswow64\wevtutil.exe
[MD5.620A16E8F243523EA27CF7EC9AD97063] - [04/06/2017 12:09:13] - |A| - [136192] - C:\WINDOWS\syswow64\wextract.exe
[MD5.CB74567907F74DB11AAEC85865FDF35E] - [04/06/2017 12:11:07] - |A| - [115109] - C:\WINDOWS\syswow64\WF.msc
[MD5.7D710BF7D06A78A1344FC6D296FA9063] - [04/06/2017 12:10:57] - |A| - [19456] - C:\WINDOWS\syswow64\wfapigp.dll
[MD5.B2BD87CABB912F817C8CD0A258E18CF1] - [04/06/2017 12:11:28] - |A| - [38912] - C:\WINDOWS\syswow64\wfdprov.dll
[MD5.FBF79B0DB7D2BE985D87C636C93556D4] - [04/06/2017 12:11:28] - |A| - [66560] - C:\WINDOWS\syswow64\WfHC.dll
[MD5.2A70EB82513FE2433C0BAECF27222D6A] - [04/06/2017 12:11:28] - |A| - [33280] - C:\WINDOWS\syswow64\where.exe
[MD5.66676B601E2937EC3D3FC53F1B7075B0] - [04/06/2017 12:11:06] - |A| - [13824] - C:\WINDOWS\syswow64\whhelper.dll
[MD5.A9A02EB56FD3BD06B70B08C2812DBC5C] - [04/06/2017 12:11:26] - |A| - [60416] - C:\WINDOWS\syswow64\whoami.exe
[MD5.1C581490581AC320D94E58F2A199D97B] - [04/06/2017 12:11:08] - |A| - [86016] - C:\WINDOWS\syswow64\wiaacmgr.exe
[MD5.03AE91DA7A197382683D6062520FBD3C] - [04/06/2017 12:11:08] - |A| - [580608] - C:\WINDOWS\syswow64\wiaaut.dll
[MD5.2EE420C8189923BECF82B51ECAAC4234] - [04/06/2017 12:11:08] - |A| - [414720] - C:\WINDOWS\syswow64\wiadefui.dll
[MD5.780BD228D0274BC81643B15C133D68BD] - [04/06/2017 12:11:05] - |A| - [128000] - C:\WINDOWS\syswow64\wiadss.dll
[MD5.C3B79A174F1800DD0726951EAA624E77] - [04/06/2017 12:11:07] - |A| - [90624] - C:\WINDOWS\syswow64\wiascanprofiles.dll
[MD5.D7BEF1094E468ED86C0B838E96A62EBF] - [04/06/2017 12:11:08] - |A| - [444928] - C:\WINDOWS\syswow64\wiashext.dll
[MD5.85A40257C98B707E9D96528D110D5BF3] - [04/06/2017 12:11:08] - |A| - [15360] - C:\WINDOWS\syswow64\wiatrace.dll
[MD5.7922CA05E534B5034701F3CAC028B812] - [04/06/2017 12:11:29] - |A| - [254976] - C:\WINDOWS\syswow64\WiFiDisplay.dll
[MD5.BB2D1DF427C9284DE64DC66A6F1CC2AD] - [04/06/2017 12:10:59] - |A| - [2307] - C:\WINDOWS\syswow64\WimBootCompress.ini
[MD5.438D7185A0972CBB81565F8D7112865A] - [04/06/2017 12:10:59] - |A| - [587600] - C:\WINDOWS\syswow64\wimgapi.dll
[MD5.1445A493A9E6F35A45208D92F58DB22D] - [04/06/2017 12:11:00] - |A| - [300544] - C:\WINDOWS\syswow64\win32k.sys
[MD5.E61E701F0C87F682D071CDC6AAFF0C84] - [04/06/2017 12:11:00] - |A| - [2892288] - C:\WINDOWS\syswow64\win32kfull.sys
[MD5.0FE458301CF4D55FD437D7A62D551416] - [04/06/2017 12:11:00] - |A| - [78536] - C:\WINDOWS\syswow64\win32u.dll
[MD5.59A435C231C5C71B29FCC44B3AE855D8] - [04/06/2017 12:11:00] - |A| - [106496] - C:\WINDOWS\syswow64\winbio.dll
[MD5.DA8B9BDD043C4BC0980D7D2390B79ABB] - [04/06/2017 12:11:00] - |A| - [33280] - C:\WINDOWS\syswow64\winbioext.dll
[MD5.F525BDE8165AE83C89ADC19F59FB14FB] - [04/06/2017 12:11:00] - |A| - [74912] - C:\WINDOWS\syswow64\winbrand.dll
[MD5.520947B12EDB66AF7EAD6F6FD14B8A00] - [04/06/2017 12:11:03] - |A| - [284672] - C:\WINDOWS\syswow64\wincorlib.dll
[MD5.521F02EC1BAB8D36A4DB9D8D125FBED2] - [04/06/2017 12:11:03] - |A| - [38400] - C:\WINDOWS\syswow64\wincredprovider.dll
[MD5.3E9283A2878B187AFA1EAC120EE08621] - [04/06/2017 12:11:02] - |A| - [158720] - C:\WINDOWS\syswow64\wincredui.dll
[MD5.8F15079141A6B3C5F9C20D60C64BF861] - [04/06/2017 12:10:53] - |A| - [667648] - C:\WINDOWS\syswow64\Windows.AccountsControl.dll
[MD5.7548DA57CCEB967E8F62011E548610B2] - [04/06/2017 12:10:57] - |A| - [92160] - C:\WINDOWS\syswow64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
[MD5.66C603FDFF98AA2D0CCD68F7ECCDA094] - [04/06/2017 12:10:57] - |A| - [27648] - C:\WINDOWS\syswow64\Windows.ApplicationModel.Background.TimeBroker.dll
[MD5.6C827A4F57A33B03AD93D88A5AC7EF07] - [04/06/2017 12:10:53] - |A| - [162304] - C:\WINDOWS\syswow64\Windows.ApplicationModel.Core.dll
[MD5.3D26C6CA07C27E29E5971B8EB29438BC] - [04/06/2017 12:10:56] - |A| - [513968] - C:\WINDOWS\syswow64\Windows.ApplicationModel.dll
[MD5.5B196B989AFCA0D4BC6CD7B567E8A743] - [04/06/2017 12:11:11] - |A| - [316928] - C:\WINDOWS\syswow64\Windows.ApplicationModel.LockScreen.dll
[MD5.43576D0859F30186E06BC5C0D1439548] - [04/06/2017 12:10:56] - |A| - [1455536] - C:\WINDOWS\syswow64\Windows.ApplicationModel.Store.dll
[MD5.DB370D3E8DA322578D66E12C784BE40C] - [04/06/2017 12:10:56] - |A| - [246272] - C:\WINDOWS\syswow64\Windows.ApplicationModel.Store.TestingFramework.dll
[MD5.E3977A51AFECB503130DAFCFAEAFAA63] - [04/06/2017 12:10:57] - |A| - [414720] - C:\WINDOWS\syswow64\Windows.ApplicationModel.Wallet.dll
[MD5.727CEBF5130D521A7552F0B93E499BB7] - [04/06/2017 12:11:21] - |A| - [61952] - C:\WINDOWS\syswow64\Windows.Cortana.ProxyStub.dll
[MD5.6E257F79384BAD0F5310F6C0238116E2] - [04/06/2017 12:10:53] - |A| - [6275072] - C:\WINDOWS\syswow64\Windows.Data.Pdf.dll
[MD5.011AEE5BA4E297A891DF65DB408F02A2] - [04/06/2017 12:10:53] - |A| - [469504] - C:\WINDOWS\syswow64\Windows.Devices.AllJoyn.dll
[MD5.957E0479E652CBBBB510C7639884572E] - [04/06/2017 12:10:56] - |A| - [69120] - C:\WINDOWS\syswow64\Windows.Devices.Background.dll
[MD5.7A08E7200745F1102360D653064EB39C] - [04/06/2017 12:10:56] - |A| - [14336] - C:\WINDOWS\syswow64\Windows.Devices.Background.ps.dll
[MD5.1EF6579C54AC117A1B67197263DA8A53] - [04/06/2017 12:10:56] - |A| - [1517568] - C:\WINDOWS\syswow64\Windows.Devices.Bluetooth.dll
[MD5.E6E8B3E1F41A9DF256D4C6BAEA790AC3] - [04/06/2017 12:10:56] - |A| - [76800] - C:\WINDOWS\syswow64\Windows.Devices.Custom.dll
[MD5.9B93E3BE9DBFE40CECF577C90A8001AE] - [04/06/2017 12:10:56] - |A| - [15360] - C:\WINDOWS\syswow64\Windows.Devices.Custom.ps.dll
[MD5.721EA093A66E4853D8FD6064EF1F3E29] - [04/06/2017 12:10:53] - |A| - [404448] - C:\WINDOWS\syswow64\Windows.Devices.Enumeration.dll
[MD5.700AC8DC837AFE51EF95D64547F42931] - [04/06/2017 12:10:53] - |A| - [141312] - C:\WINDOWS\syswow64\Windows.Devices.Haptics.dll
[MD5.B5F4433B10FC621634DA2D5CE67115BE] - [04/06/2017 12:10:56] - |A| - [202240] - C:\WINDOWS\syswow64\Windows.Devices.HumanInterfaceDevice.dll
[MD5.65CD8AFA222F0F92B10CB3D771E6451A] - [04/06/2017 12:10:57] - |A| - [112128] - C:\WINDOWS\syswow64\Windows.Devices.Lights.dll
[MD5.3C54C5633CDB491B4B0DAD807CAF77BE] - [04/06/2017 12:10:53] - |A| - [405504] - C:\WINDOWS\syswow64\Windows.Devices.LowLevel.dll
[MD5.6ED22E02F2082AA10729E7F04FA0D152] - [04/06/2017 12:10:53] - |A| - [333312] - C:\WINDOWS\syswow64\Windows.Devices.Midi.dll
[MD5.3FD58742BB1C77DE5FCC60E6AFCC8A18] - [04/06/2017 12:11:00] - |A| - [1620992] - C:\WINDOWS\syswow64\Windows.Devices.Perception.dll
[MD5.E99BDA1078D8A68A8C7C00B2493A590C] - [04/06/2017 12:12:58] - |A| - [269824] - C:\WINDOWS\syswow64\Windows.Devices.Picker.dll
[MD5.806384A0289F464CB2EC963CCB42A3A6] - [04/06/2017 12:10:57] - |A| - [901120] - C:\WINDOWS\syswow64\Windows.Devices.PointOfService.dll
[MD5.8B58546B5422DE7FFC1AFAFF9C174CF1] - [04/06/2017 12:11:13] - |A| - [36864] - C:\WINDOWS\syswow64\Windows.Devices.Portable.dll
[MD5.9CF4A9C6E1FAA2B79BA87F88132FF1F3] - [04/06/2017 12:10:53] - |A| - [71680] - C:\WINDOWS\syswow64\Windows.Devices.Printers.dll
[MD5.5A95B23EE6A37442172C17C922ADFA5F] - [04/06/2017 12:11:23] - |A| - [38912] - C:\WINDOWS\syswow64\Windows.Devices.Printers.Extensions.dll
[MD5.A1AA9563805B1D1AAB4ACAFEE6E2FCD5] - [04/06/2017 12:10:53] - |A| - [144896] - C:\WINDOWS\syswow64\Windows.Devices.Radios.dll
[MD5.BC4A57AC93A04823DE65E0AE481A1C96] - [04/06/2017 12:11:07] - |A| - [173568] - C:\WINDOWS\syswow64\Windows.Devices.Scanners.dll
[MD5.932751246807381288BE71BB950F8062] - [04/06/2017 12:11:38] - |A| - [762368] - C:\WINDOWS\syswow64\Windows.Devices.Sensors.dll
[MD5.B02201B201DB49281C8BE311D5BF711C] - [04/06/2017 12:10:53] - |A| - [127488] - C:\WINDOWS\syswow64\Windows.Devices.SerialCommunication.dll
[MD5.A2C608FD556F3EE46E6C53233D53C8E5] - [04/06/2017 12:10:53] - |A| - [559104] - C:\WINDOWS\syswow64\Windows.Devices.SmartCards.dll
[MD5.97C1AD919875EABCAD0AF0DF43D6F301] - [04/06/2017 12:10:56] - |A| - [343552] - C:\WINDOWS\syswow64\Windows.Devices.SmartCards.Phone.dll
[MD5.1333B66BDF25D220F9CADB03C5DAACF3] - [04/06/2017 12:10:53] - |A| - [309248] - C:\WINDOWS\syswow64\Windows.Devices.Usb.dll
[MD5.87986ECA0DC4C9916C53750059B1D416] - [04/06/2017 12:10:56] - |A| - [203264] - C:\WINDOWS\syswow64\Windows.Devices.WiFi.dll
[MD5.4208D2B551AC552A0C5814BA9D28FDF4] - [04/06/2017 12:10:56] - |A| - [376832] - C:\WINDOWS\syswow64\Windows.Devices.WiFiDirect.dll
[MD5.AC8DE4D9BA16C37778B7CBAB7FDFD9F4] - [04/06/2017 12:10:56] - |A| - [153600] - C:\WINDOWS\syswow64\Windows.Energy.dll
[MD5.B315BE7B59978BE413889E45DFE3A267] - [04/06/2017 12:10:53] - |A| - [581120] - C:\WINDOWS\syswow64\Windows.Gaming.Input.dll
[MD5.36F562A09A5403A48C24AD9288FB9207] - [04/06/2017 12:10:53] - |A| - [226304] - C:\WINDOWS\syswow64\Windows.Gaming.Preview.dll
[MD5.3CCD8AE1C19489B090BC0A58BD079217] - [04/06/2017 12:10:56] - |A| - [66048] - C:\WINDOWS\syswow64\Windows.Gaming.UI.GameBar.dll
[MD5.E33B5334D49EE1B1354F1568FC8298C5] - [04/06/2017 12:10:56] - |A| - [308224] - C:\WINDOWS\syswow64\Windows.Gaming.XboxLive.Storage.dll
[MD5.33C6BF764CB7C374AF55312A30FDDF8B] - [04/06/2017 12:10:56] - |A| - [1253376] - C:\WINDOWS\syswow64\Windows.Globalization.dll
[MD5.2B17E715D384FB21C15A4F523C7C678C] - [04/06/2017 12:10:53] - |A| - [59392] - C:\WINDOWS\syswow64\Windows.Globalization.Fontgroups.dll
[MD5.7AA05C64D879261F4986C9628317DEF6] - [04/06/2017 12:10:53] - |A| - [715264] - C:\WINDOWS\syswow64\Windows.Globalization.PhoneNumberFormatting.dll
[MD5.0A8C66FD80E9D8367BF34F60E21B589E] - [04/06/2017 12:11:38] - |A| - [95608] - C:\WINDOWS\syswow64\Windows.Graphics.Display.BrightnessOverride.dll
[MD5.DFD1FE7C4B109D7A1836CA736A30A313] - [04/06/2017 12:10:57] - |A| - [351744] - C:\WINDOWS\syswow64\Windows.Graphics.dll
[MD5.52A7611340A9CBA1DBBA8195539AB6DA] - [04/06/2017 12:10:53] - |A| - [1591296] - C:\WINDOWS\syswow64\Windows.Graphics.Printing.3D.dll
[MD5.EB7CDC7774C5496DDF716E743B6E868C] - [04/06/2017 12:10:53] - |A| - [494592] - C:\WINDOWS\syswow64\Windows.Graphics.Printing.dll
[MD5.8C3F9DDB4BFC6C819649E8EBDC25DCF9] - [04/06/2017 12:11:19] - |A| - [349184] - C:\WINDOWS\syswow64\Windows.Graphics.Printing.Workflow.dll
[MD5.B4732994D32D68C8A5B219DE8C30B28C] - [04/06/2017 12:11:19] - |A| - [12288] - C:\WINDOWS\syswow64\Windows.Graphics.Printing.Workflow.Native.dll
[MD5.FE8043538C91F4D6C8923061B4C2A7FF] - [04/06/2017 12:10:56] - |A| - [430080] - C:\WINDOWS\syswow64\Windows.Internal.Bluetooth.dll
[MD5.3AC6B9E76567F4382A8DCD51E527F11E] - [04/06/2017 12:11:00] - |A| - [427520] - C:\WINDOWS\syswow64\Windows.Internal.Management.dll
[MD5.CE5A1CAC06DBA8BD56321F8B94BC8C58] - [04/06/2017 12:09:13] - |A| - [40448] - C:\WINDOWS\syswow64\Windows.Internal.SecurityMitigationsBroker.dll
[MD5.260530F5C62F40C66369CDEFCD15F471] - [04/06/2017 12:11:05] - |A| - [113152] - C:\WINDOWS\syswow64\Windows.Internal.UI.Logon.ProxyStub.dll
[MD5.0EB375B59650B0ED0C12195C4894CFCC] - [04/06/2017 12:10:53] - |A| - [162640] - C:\WINDOWS\syswow64\Windows.Management.Workplace.dll
[MD5.5034FE74FCF15BA1D687AF74047FB13D] - [04/06/2017 12:11:13] - |A| - [29184] - C:\WINDOWS\syswow64\Windows.Management.Workplace.WorkplaceSettings.dll
[MD5.1899FB206F49ECB250634144F6387738] - [04/06/2017 12:09:12] - |A| - [1243648] - C:\WINDOWS\syswow64\Windows.Media.Audio.dll
[MD5.6F21C47917DC3A1A586A3063E285077F] - [04/06/2017 12:11:13] - |A| - [617984] - C:\WINDOWS\syswow64\Windows.Media.BackgroundMediaPlayback.dll
[MD5.D3360CDFA001CC5FB2ADDCB7FB0854B5] - [04/06/2017 12:11:13] - |A| - [12288] - C:\WINDOWS\syswow64\Windows.Media.BackgroundPlayback.exe
[MD5.720050DD66BF403E0E5E8A5560E3E9DD] - [04/06/2017 12:10:53] - |A| - [179200] - C:\WINDOWS\syswow64\Windows.Media.Devices.dll
[MD5.BC11C7DC04DBF828D6916B0A9FC07604] - [04/06/2017 12:09:12] - |A| - [6619456] - C:\WINDOWS\syswow64\Windows.Media.dll
[MD5.DAEE5DFE41E2B7B8059313AD6418400E] - [04/06/2017 12:09:12] - |A| - [1063424] - C:\WINDOWS\syswow64\Windows.Media.Editing.dll
[MD5.ADBD702B62ACF5C1F2FCCC90CDD9961E] - [04/06/2017 12:10:53] - |A| - [1238016] - C:\WINDOWS\syswow64\Windows.Media.FaceAnalysis.dll
[MD5.F499D1D3FF9A947A74883E81F862E636] - [04/06/2017 12:10:56] - |A| - [583680] - C:\WINDOWS\syswow64\Windows.Media.Import.dll
[MD5.3BAD7A2D25E87570C446D491D8BE0D2B] - [04/06/2017 12:10:59] - |A| - [296504] - C:\WINDOWS\syswow64\Windows.Media.MediaControl.dll
[MD5.DAE352D3777FEAE50434F2C60EA1E70E] - [04/06/2017 12:10:56] - |A| - [724480] - C:\WINDOWS\syswow64\Windows.Media.Ocr.dll
[MD5.62805DFE496BE41F2C6E1A57905D5969] - [04/06/2017 12:11:13] - |A| - [615936] - C:\WINDOWS\syswow64\Windows.Media.Playback.BackgroundMediaPlayer.dll
[MD5.AE16AEC8611A6341A9DC57E33FA8E9B9] - [04/06/2017 12:11:13] - |A| - [600576] - C:\WINDOWS\syswow64\Windows.Media.Playback.MediaPlayer.dll
[MD5.3A64387C063F6BB63B822E120B429139] - [04/06/2017 12:11:13] - |A| - [56832] - C:\WINDOWS\syswow64\Windows.Media.Playback.ProxyStub.dll
[MD5.860ACD6A3106681EC1F19FAEB93BAF64] - [04/06/2017 12:11:13] - |A| - [6437168] - C:\WINDOWS\syswow64\Windows.Media.Protection.PlayReady.dll
[MD5.96C1DD9CDF7E8082D62F2342DA3A5857] - [04/06/2017 12:10:59] - |A| - [1273344] - C:\WINDOWS\syswow64\Windows.Media.Speech.dll
[MD5.D74538E392FF2A42F5D9155CDEEB8050] - [04/06/2017 12:10:59] - |A| - [568832] - C:\WINDOWS\syswow64\Windows.Media.Speech.UXRes.dll
[MD5.77A3612009A73DA451CACEB17B2AFFBC] - [04/06/2017 12:09:13] - |A| - [867840] - C:\WINDOWS\syswow64\Windows.Media.Streaming.dll
[MD5.BCD3B4676DFEB8BC4D7C7AD7653AD64F] - [04/06/2017 12:09:13] - |A| - [112128] - C:\WINDOWS\syswow64\Windows.Media.Streaming.ps.dll
[MD5.C9DAF925CDCD4AD0F3124AD8D0F62BC1] - [04/06/2017 12:11:28] - |A| - [2175488] - C:\WINDOWS\syswow64\Windows.Mirage.dll
[MD5.987EC0C3DFA5CE0F910FCEDDC3857938] - [04/06/2017 12:11:28] - |A| - [550400] - C:\WINDOWS\syswow64\Windows.Mirage.Internal.dll
[MD5.8890720F9C407825EF07DC9C7E6E3040] - [04/06/2017 12:10:53] - |A| - [75776] - C:\WINDOWS\syswow64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
[MD5.023053246ED38B4573EB3A59D9AF5743] - [04/06/2017 12:10:56] - |A| - [863232] - C:\WINDOWS\syswow64\Windows.Networking.BackgroundTransfer.dll
[MD5.24F0336F35094131019D7FA917D19FEE] - [04/06/2017 12:10:53] - |A| - [548864] - C:\WINDOWS\syswow64\Windows.Networking.Connectivity.dll
[MD5.51DDF8C797B60738CDD8E06578EFFF33] - [04/06/2017 12:10:53] - |A| - [654848] - C:\WINDOWS\syswow64\Windows.Networking.dll
[MD5.6978F4BBD94937CEABB3BB043EA29620] - [04/06/2017 12:10:56] - |A| - [143360] - C:\WINDOWS\syswow64\Windows.Networking.HostName.dll
[MD5.90DB593F63D3852C6A30B8F7CDA423E3] - [04/06/2017 12:10:53] - |A| - [109056] - C:\WINDOWS\syswow64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
[MD5.571D7F53C06BA0F72813AE207F091EE3] - [04/06/2017 12:10:53] - |A| - [314880] - C:\WINDOWS\syswow64\Windows.Networking.Proximity.dll
[MD5.576D049F0D96A8458DE4C37C6E23C2D0] - [04/06/2017 12:10:53] - |A| - [87552] - C:\WINDOWS\syswow64\Windows.Networking.ServiceDiscovery.Dnssd.dll
[MD5.D0E065E32D466AF63A2779F39EB7B817] - [04/06/2017 12:10:56] - |A| - [127488] - C:\WINDOWS\syswow64\Windows.Networking.Sockets.PushEnabledApplication.dll
[MD5.D99A60941FFCE1F87949D6F133B6DB9B] - [04/06/2017 12:10:57] - |A| - [940544] - C:\WINDOWS\syswow64\Windows.Networking.Vpn.dll
[MD5.807583EB76EF3021F2F58B9FB336A482] - [04/06/2017 12:10:53] - |A| - [40448] - C:\WINDOWS\syswow64\Windows.Networking.XboxLive.ProxyStub.dll
[MD5.D678A8B3CCC97A87C968DF9D858B03AE] - [04/06/2017 12:10:57] - |A| - [405504] - C:\WINDOWS\syswow64\Windows.Payments.dll
[MD5.B6F333FE00B9538E7BB7D0B6F46472F6] - [04/06/2017 12:10:53] - |A| - [445952] - C:\WINDOWS\syswow64\Windows.Perception.Stub.dll
[MD5.FD66BE8A0BF80155C7E6FC8FCB7A4CE3] - [04/06/2017 12:10:57] - |A| - [198144] - C:\WINDOWS\syswow64\Windows.Security.Authentication.Identity.Provider.dll
[MD5.D49F6CFBC49ECB7E54D89AB2299899DF] - [04/06/2017 12:10:56] - |A| - [793088] - C:\WINDOWS\syswow64\Windows.Security.Authentication.OnlineId.dll
[MD5.367E22D005B8CD072D2105300F8AB4D6] - [04/06/2017 12:10:56] - |A| - [594944] - C:\WINDOWS\syswow64\Windows.Security.Authentication.Web.Core.dll
[MD5.AE63AB719D9A6F3B2A253AE594CE049C] - [04/06/2017 12:10:53] - |A| - [80656] - C:\WINDOWS\syswow64\Windows.Security.Credentials.UI.CredentialPicker.dll
[MD5.2695D6B906660CA93A625EA6FBD9B9AC] - [04/06/2017 12:10:53] - |A| - [98816] - C:\WINDOWS\syswow64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
[MD5.F626F439862EFF1EAAD086E077F317EA] - [04/06/2017 12:10:57] - |A| - [725328] - C:\WINDOWS\syswow64\Windows.Services.TargetedContent.dll
[MD5.8820392A0835FA2CD52AD3011A61FA98] - [04/06/2017 12:11:21] - |A| - [48128] - C:\WINDOWS\syswow64\Windows.Shell.Search.UriHandler.dll
[MD5.1DCF12D9655EA5DE2F58E23D8DF3E622] - [04/06/2017 12:10:56] - |A| - [77312] - C:\WINDOWS\syswow64\Windows.Shell.ServiceHostBuilder.dll
[MD5.15D8A103C99268E82E83FACC0440A5C2] - [04/06/2017 12:10:57] - |A| - [4568448] - C:\WINDOWS\syswow64\Windows.StateRepository.dll
[MD5.EF3BB95C924F95E2F6027152E18AE1BB] - [04/06/2017 12:10:57] - |A| - [84304] - C:\WINDOWS\syswow64\Windows.StateRepositoryBroker.dll
[MD5.4E35520A16BAD205DFE1677B4CA78754] - [04/06/2017 12:10:57] - |A| - [118608] - C:\WINDOWS\syswow64\Windows.StateRepositoryClient.dll
[MD5.023293D6D9751FCD3A3E6B6D87870A55] - [04/06/2017 12:10:57] - |A| - [138240] - C:\WINDOWS\syswow64\Windows.StateRepositoryUpgrade.dll
[MD5.17508E16CCE1E76B3DC73C6D9017D544] - [04/06/2017 12:10:56] - |A| - [270144] - C:\WINDOWS\syswow64\Windows.Storage.ApplicationData.dll
[MD5.04161F03BB7670D169A84473F46EAFEA] - [04/06/2017 12:10:53] - |A| - [130048] - C:\WINDOWS\syswow64\Windows.Storage.Compression.dll
[MD5.528E20FD076CAAD95FC4FF78362C54F0] - [04/06/2017 12:10:56] - |A| - [6017224] - C:\WINDOWS\syswow64\windows.storage.dll
[MD5.CD92DF56758ED91FBD884FAF14A62A28] - [04/06/2017 12:10:53] - |A| - [691200] - C:\WINDOWS\syswow64\Windows.Storage.Search.dll
[MD5.CFE92915E1A9EE92806C8A6A850D018D] - [04/06/2017 12:10:57] - |A| - [50176] - C:\WINDOWS\syswow64\Windows.Storage.WinRT.dll
[MD5.DA488DB36960ED4A9E523FB39179C9BE] - [04/06/2017 12:10:56] - |A| - [216064] - C:\WINDOWS\syswow64\Windows.System.Diagnostics.dll
[MD5.ADAA8AD2B840FD04426581E6AAC30FA5] - [04/06/2017 12:10:53] - |A| - [42496] - C:\WINDOWS\syswow64\Windows.System.Diagnostics.Telemetry.PlatformTelemetryClient.dll
[MD5.1A8D02AD170167911C32CBFA11348580] - [04/06/2017 12:10:53] - |A| - [76800] - C:\WINDOWS\syswow64\Windows.System.Diagnostics.TraceReporting.PlatformDiagnosticActions.dll
[MD5.CA84917E9E4AD093DCD263E670EF6E8E] - [04/06/2017 12:10:56] - |A| - [450048] - C:\WINDOWS\syswow64\Windows.System.Launcher.dll
[MD5.7A95C06E5C7856A0C45BC98A65200C39] - [04/06/2017 12:10:50] - |A| - [188928] - C:\WINDOWS\syswow64\Windows.System.Profile.HardwareId.dll
[MD5.6EE783727C0B6434AB39422AEB3C37C8] - [04/06/2017 12:10:53] - |A| - [51712] - C:\WINDOWS\syswow64\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
[MD5.60F198BD66D54B8A5037B55E2A59CB33] - [04/06/2017 12:11:00] - |A| - [112640] - C:\WINDOWS\syswow64\Windows.System.Profile.RetailInfo.dll
[MD5.40C009DF72F770F764394439D75CD502] - [04/06/2017 12:10:56] - |A| - [47616] - C:\WINDOWS\syswow64\Windows.System.Profile.SystemId.dll
[MD5.E23EC0E48A0D8C7C3C0420BE6912F088] - [04/06/2017 12:11:03] - |A| - [39936] - C:\WINDOWS\syswow64\Windows.System.Profile.SystemManufacturers.dll
[MD5.76539F2C263F2463ABF76B91DD8A62E4] - [04/06/2017 12:10:56] - |A| - [20480] - C:\WINDOWS\syswow64\Windows.System.RemoteDesktop.dll
[MD5.09666835714881FD2558C0365AD56607] - [04/06/2017 12:10:56] - |A| - [146432] - C:\WINDOWS\syswow64\Windows.System.SystemManagement.dll
[MD5.B691C1856CCA676FBBED922FCECAF1DB] - [04/06/2017 12:10:53] - |A| - [62464] - C:\WINDOWS\syswow64\Windows.System.UserDeviceAssociation.dll
[MD5.D3DAA0E65DD312D16A2EBF2EB16326B1] - [04/06/2017 12:10:56] - |A| - [49152] - C:\WINDOWS\syswow64\Windows.System.UserProfile.DiagnosticsSettings.dll
[MD5.82CB3F5BAFFE36FFF26AF8BD2DC2B8C8] - [04/06/2017 12:10:53] - |A| - [445440] - C:\WINDOWS\syswow64\Windows.UI.Core.TextInput.dll
[MD5.EBAF5EB38EF9FE116DA23289C2D12624] - [04/06/2017 12:11:00] - |A| - [956928] - C:\WINDOWS\syswow64\Windows.UI.Cred.dll
[MD5.8CDE40394C226DDB2AFC4C8D194E8B57] - [04/06/2017 12:11:03] - |A| - [232960] - C:\WINDOWS\syswow64\Windows.UI.CredDialogController.dll
[MD5.17E3DC5C5AF79CF5DD2BE873CFA07274] - [04/06/2017 12:11:13] - |A| - [835584] - C:\WINDOWS\syswow64\Windows.UI.dll
[MD5.D80320C874544AD11F3DE4DC4C9C0A12] - [04/06/2017 12:11:08] - |A| - [1560064] - C:\WINDOWS\syswow64\Windows.UI.Immersive.dll
[MD5.5CA676AA7FADAC521AE299A13221F63B] - [04/06/2017 12:10:53] - |A| - [3360768] - C:\WINDOWS\syswow64\Windows.UI.Input.Inking.Analysis.dll
[MD5.593B3117312CD6C1E50102296A215B11] - [04/06/2017 12:10:56] - |A| - [1283072] - C:\WINDOWS\syswow64\Windows.UI.Input.Inking.dll
[MD5.5CBC7ED3AD1D33320C13F0B18B3C3C0D] - [04/06/2017 12:11:21] - |A| - [694272] - C:\WINDOWS\syswow64\Windows.UI.Search.dll
[MD5.F0617552D403F6CC344774C9A85F8717] - [04/06/2017 12:10:56] - |A| - [2533376] - C:\WINDOWS\syswow64\Windows.UI.Xaml.Controls.dll
[MD5.6091C5E4921F7AE8B8D2A100AB5D4D98] - [04/06/2017 12:10:53] - |A| - [14301696] - C:\WINDOWS\syswow64\Windows.UI.Xaml.dll
[MD5.778078C0F9076DDFDC6B2DF7B81A9DC5] - [04/06/2017 12:10:53] - |A| - [711168] - C:\WINDOWS\syswow64\Windows.UI.Xaml.InkControls.dll
[MD5.EADC897D6D79AC5464D9923EA59CB14C] - [04/06/2017 12:10:56] - |A| - [1292288] - C:\WINDOWS\syswow64\Windows.UI.Xaml.Maps.dll
[MD5.A78B279477A2F36D7E84A6C4026C6142] - [04/06/2017 12:10:56] - |A| - [1247744] - C:\WINDOWS\syswow64\Windows.UI.Xaml.Phone.dll
[MD5.E784B54CEBEC5FD979FBB3243E7FFAFA] - [04/06/2017 12:10:53] - |A| - [2885120] - C:\WINDOWS\syswow64\Windows.UI.Xaml.Resources.dll
[MD5.B4A3BFFB97F61DD1566DB5C55ADDE727] - [04/06/2017 12:12:58] - |A| - [131584] - C:\WINDOWS\syswow64\Windows.UI.XamlHost.dll
[MD5.F61A9028CEA22049512F7A2194267FEC] - [04/06/2017 12:10:53] - |A| - [19456] - C:\WINDOWS\syswow64\Windows.WARP.JITService.exe
[MD5.00A731964E65D67685FC6723985D7C7A] - [04/06/2017 12:10:57] - |A| - [174080] - C:\WINDOWS\syswow64\Windows.Web.Diagnostics.dll
[MD5.46A6405DD3C64353ACB1BEA9D3252D80] - [04/06/2017 12:10:53] - |A| - [615424] - C:\WINDOWS\syswow64\Windows.Web.dll
[MD5.7015A2F1D740AD418ABA2A01D3FB346C] - [04/06/2017 12:10:56] - |A| - [1007104] - C:\WINDOWS\syswow64\Windows.Web.Http.dll
[MD5.92879C0FAB777AE0908A97A3EB568BD9] - [04/06/2017 12:10:56] - |A| - [1504112] - C:\WINDOWS\syswow64\WindowsCodecs.dll
[MD5.C8E6F13EFC88CC31A67BECCB990230D1] - [04/06/2017 12:10:56] - |A| - [240640] - C:\WINDOWS\syswow64\WindowsCodecsExt.dll
[MD5.7CD5831CA6F7314A652D25DC90ED9A12] - [04/06/2017 12:09:17] - |A| - [31615544] - C:\WINDOWS\syswow64\WindowsCodecsRaw.dll
[MD5.E0974EE3F592223A950B3B0C04797212] - [04/06/2017 12:09:17] - |A| - [1649] - C:\WINDOWS\syswow64\WindowsCodecsRaw.txt
[MD5.2120FD31F1294480A523C731EBBB2A45] - [04/06/2017 12:10:53] - |A| - [92160] - C:\WINDOWS\syswow64\WindowsDefaultHeatProcessor.dll
[MD5.F2EE47C063AF0B9D61DBCD67E887393C] - [04/06/2017 12:11:08] - |A| - [167936] - C:\WINDOWS\syswow64\windowslivelogin.dll
[MD5.89C70269A68ADA9F813B8E789543C187] - [04/06/2017 12:11:05] - |A| - [848896] - C:\WINDOWS\syswow64\windowsperformancerecordercontrol.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [8796192] - C:\WINDOWS\syswow64\WindowsPowerShell
[MD5.E60DD961E0486489E35FC0D8204779C3] - [04/06/2017 12:13:14] - |A| - [26624] - C:\WINDOWS\syswow64\WinFax.dll
[MD5.898591FDB0A87CA9B0813DC79D740E6D] - [04/06/2017 12:11:05] - |A| - [698880] - C:\WINDOWS\syswow64\winhttp.dll
[MD5.4CC84B32501E4E7B8BF6810DD0C3AC74] - [04/06/2017 12:11:02] - |A| - [82944] - C:\WINDOWS\syswow64\winhttpcom.dll
[MD5.B9E52FF5211C41C466E17D4F003A7ADB] - [04/06/2017 12:11:08] - |A| - [2874880] - C:\WINDOWS\syswow64\wininet.dll
[MD5.B0A7A7CC377EC46EFEF04080241E3863] - [04/06/2017 12:11:07] - |A| - [65536] - C:\WINDOWS\syswow64\wininetlui.dll
[MD5.003302CFF0C1CC5FDFDDF62D5B37C68E] - [04/06/2017 12:11:03] - |A| - [31056] - C:\WINDOWS\syswow64\wininitext.dll
[MD5.8DC04E182AADDDDAFA24D095BA56C557] - [04/06/2017 12:11:00] - |A| - [359936] - C:\WINDOWS\syswow64\winipcfile.dll
[MD5.63D9D29AB03AFB92FB253FA5C1FDFD96] - [04/06/2017 12:11:00] - |A| - [889856] - C:\WINDOWS\syswow64\winipcsecproc.dll
[MD5.C7D7A4FCB31BA8C42C74D3483AFED275] - [04/06/2017 12:11:08] - |A| - [69120] - C:\WINDOWS\syswow64\winipsec.dll
[MD5.82BB9DB7CDD42B53E59E4A01C18B0ED0] - [04/06/2017 12:10:57] - |A| - [376832] - C:\WINDOWS\syswow64\Winlangdb.dll
[MD5.50C6959B1AF01DB96EB8C24ED650ABE4] - [04/06/2017 12:09:13] - |A| - [1550552] - C:\WINDOWS\syswow64\winmde.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [5205520] - C:\WINDOWS\syswow64\WinMetadata
[MD5.40B379803B4AAD5C083A38A028C74CF6] - [04/06/2017 12:10:53] - |A| - [131264] - C:\WINDOWS\syswow64\winmm.dll
[MD5.38FA6B93CD906323E7E56A3F5FA38F84] - [04/06/2017 12:10:53] - |A| - [126072] - C:\WINDOWS\syswow64\winmmbase.dll
[MD5.37D7081E3CEA48D0E5596A8ABF9FD13A] - [04/06/2017 12:11:00] - |A| - [1656832] - C:\WINDOWS\syswow64\winmsipc.dll
[MD5.32CB5750D614E336E749AB98BA96F727] - [04/06/2017 12:10:57] - |A| - [73216] - C:\WINDOWS\syswow64\WinMsoIrmProtector.dll
[MD5.621E7767176C5448199598764BA9605E] - [04/06/2017 12:11:05] - |A| - [19968] - C:\WINDOWS\syswow64\winnlsres.dll
[MD5.523FC6658C3FD439DE00C4F9C1A0339A] - [04/06/2017 12:09:57] - |A| - [24272] - C:\WINDOWS\syswow64\winnsi.dll
[MD5.67F91ADA69D694B418AAB466F6EF7553] - [04/06/2017 12:10:57] - |A| - [68608] - C:\WINDOWS\syswow64\WinOpcIrmProtector.dll
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:46] - |D| - [110108] - C:\WINDOWS\syswow64\winrm
[MD5.F80EEF72983614DB418A0C1FAE21EBC1] - [04/06/2017 12:11:26] - |A| - [33] - C:\WINDOWS\syswow64\winrm.cmd
[MD5.9D7684F978EBD77E6A3EA7EF1330B946] - [04/06/2017 12:11:26] - |A| - [204105] - C:\WINDOWS\syswow64\winrm.vbs
[MD5.55AB5F539CF9878CA6D91001C5F3A9CB] - [04/06/2017 12:11:07] - |A| - [24064] - C:\WINDOWS\syswow64\winrnr.dll
[MD5.A00E0CF212F2019D086685A134BB7E36] - [04/06/2017 12:11:13] - |A| - [42496] - C:\WINDOWS\syswow64\winrs.exe
[MD5.1B91BB30DC7344A1B3309D1685971B9A] - [04/06/2017 12:11:13] - |A| - [94720] - C:\WINDOWS\syswow64\winrscmd.dll
[MD5.36DACC572F37BD257781D0C5EA33899C] - [04/06/2017 12:11:13] - |A| - [24576] - C:\WINDOWS\syswow64\winrshost.exe
[MD5.F73FAC113F3AF7AA28F2F4B1A0E62220] - [04/06/2017 12:11:13] - |A| - [2048] - C:\WINDOWS\syswow64\winrsmgr.dll
[MD5.C7CA02FCC8E87644E277BCEF58C58A96] - [04/06/2017 12:11:13] - |A| - [10752] - C:\WINDOWS\syswow64\winrssrv.dll
[MD5.6EF372ECB42E612972357A30C155141A] - [04/06/2017 12:10:56] - |A| - [128512] - C:\WINDOWS\syswow64\WinRtTracing.dll
[MD5.CA42912A9395D066DD77CCC9DB9D557E] - [04/06/2017 12:11:13] - |A| - [308224] - C:\WINDOWS\syswow64\WinSATAPI.dll
[MD5.3CEDFAD2E77E8C61292DBE1969EB79DD] - [04/06/2017 12:11:23] - |A| - [172544] - C:\WINDOWS\syswow64\WinSCard.dll
[MD5.308714A7190C8CADD1D0219266307273] - [04/06/2017 12:08:58] - |A| - [15360] - C:\WINDOWS\syswow64\winshfhc.dll
[MD5.1849265BA18C8527E56317100087763C] - [04/06/2017 12:11:00] - |A| - [247296] - C:\WINDOWS\syswow64\winsku.dll
[MD5.07DDA1DF5FB2DF1B76DF0C85C3AB5037] - [04/06/2017 12:11:13] - |A| - [70656] - C:\WINDOWS\syswow64\winsockhc.dll
[MD5.7AD37946DE67EFF946A099679F0DEEF0] - [04/06/2017 12:11:28] - |A| - [437760] - C:\WINDOWS\syswow64\winspool.drv
[MD5.5A5F85F5B811A14644B25444C63362AB] - [04/06/2017 12:10:53] - |A| - [586592] - C:\WINDOWS\syswow64\winsqlite3.dll
[MD5.926C41955F8EB8DB4FE7A99989985A66] - [04/06/2017 12:11:21] - |A| - [17408] - C:\WINDOWS\syswow64\WINSRPC.DLL
[MD5.F353F6E924CFAE387F6510F8834DBD70] - [04/06/2017 12:11:28] - |A| - [260888] - C:\WINDOWS\syswow64\winsta.dll
[MD5.B43DF0793BFF00E984BEE7D7CA5DBBF1] - [04/06/2017 12:10:57] - |A| - [707072] - C:\WINDOWS\syswow64\WinSync.dll
[MD5.4D3897D0ABAB063A23D29D639093B87C] - [04/06/2017 12:11:05] - |A| - [190976] - C:\WINDOWS\syswow64\WinSyncMetastore.dll
[MD5.AB81E424EFA4435868BD9E6884BBD24E] - [04/06/2017 12:11:05] - |A| - [115200] - C:\WINDOWS\syswow64\WinSyncProviders.dll
[MD5.B42BF6BCB50E0AD170089690D617946B] - [04/06/2017 12:10:57] - |A| - [275296] - C:\WINDOWS\syswow64\wintrust.dll
[MD5.2526817FC7F17441B4C3D77B05E559C5] - [04/06/2017 12:11:03] - |A| - [816592] - C:\WINDOWS\syswow64\WinTypes.dll
[MD5.6A05DE4B9EF4827C0E95A459EADDA03B] - [04/06/2017 12:10:56] - |A| - [22016] - C:\WINDOWS\syswow64\winusb.dll
[MD5.75827F9EDCE8A9E5AD9630788EA1685F] - [04/06/2017 12:11:23] - |A| - [57344] - C:\WINDOWS\syswow64\winver.exe
[MD5.7D0C593D3C036B138F7D22123D14994E] - [04/06/2017 12:11:23] - |A| - [232448] - C:\WINDOWS\syswow64\wisp.dll
[MD5.4164FD1B2C611D9BF756B23F1D14197C] - [04/06/2017 12:11:05] - |A| - [55280] - C:\WINDOWS\syswow64\wkscli.dll
[MD5.67944F3913462C3B9491D02280EABB73] - [04/06/2017 12:11:26] - |A| - [93184] - C:\WINDOWS\syswow64\wkspbrokerAx.dll
[MD5.5409295D3B4055BFAE4CB755F74ED7E1] - [04/06/2017 12:11:26] - |A| - [17920] - C:\WINDOWS\syswow64\wksprtPS.dll
[MD5.D08684CB6394C5C496321E7A672A4B08] - [04/06/2017 12:11:28] - |A| - [322320] - C:\WINDOWS\syswow64\wlanapi.dll
[MD5.BAC348689E55174CEDEA0E9872D118FC] - [04/06/2017 12:11:28] - |A| - [246784] - C:\WINDOWS\syswow64\wlancfg.dll
[MD5.EAC897515CE3A1F9EE743670E23FBDAA] - [04/06/2017 12:11:19] - |A| - [456704] - C:\WINDOWS\syswow64\WLanConn.dll
[MD5.049E718C5F3F219A2AB0744AF6BF3DD0] - [04/06/2017 12:11:29] - |A| - [185344] - C:\WINDOWS\syswow64\wlandlg.dll
[MD5.718D1E7C872336DF434840ED76DB21BA] - [04/06/2017 12:11:28] - |A| - [78848] - C:\WINDOWS\syswow64\wlanext.exe
[MD5.13A60722920ED1E1963F8FF76984C98D] - [04/06/2017 12:11:28] - |A| - [407040] - C:\WINDOWS\syswow64\wlangpui.dll
[MD5.12D4BD9D634F37CFEC7E52384DC10984] - [04/06/2017 12:11:28] - |A| - [15872] - C:\WINDOWS\syswow64\wlanhlp.dll
[MD5.336102CD10D4F0D26A29618E19BB687F] - [04/06/2017 12:11:13] - |A| - [4179456] - C:\WINDOWS\syswow64\WlanMM.dll
[MD5.80F16DD27647CB1C0FBE14B56E73755E] - [04/06/2017 12:11:28] - |A| - [716288] - C:\WINDOWS\syswow64\wlanpref.dll
[MD5.4DFF99DA49A63D5A5AA0479C9A3E9917] - [04/06/2017 12:11:29] - |A| - [365056] - C:\WINDOWS\syswow64\wlanui.dll
[MD5.519AE6374B58C4C89D8F782848B3EF0D] - [04/06/2017 12:11:28] - |A| - [3072] - C:\WINDOWS\syswow64\wlanutil.dll
[MD5.07F9EDBA8FFD562C791896FC80B957CA] - [04/06/2017 12:11:03] - |A| - [312320] - C:\WINDOWS\syswow64\Wldap32.dll
[MD5.231973B12BDE34AD0F0F44BCCE15D084] - [04/06/2017 12:11:28] - |A| - [56336] - C:\WINDOWS\syswow64\wldp.dll
[MD5.95698DA142FE79461D181C2230ABA263] - [04/06/2017 12:11:29] - |A| - [98304] - C:\WINDOWS\syswow64\wlgpclnt.dll
[MD5.5FC178849E08F0C6F46283ED8D8E0669] - [04/06/2017 12:11:11] - |A| - [509952] - C:\WINDOWS\syswow64\wlidcli.dll
[MD5.5BE0595A85103BE0BAC2F87E2CA37CC4] - [04/06/2017 12:11:11] - |A| - [225792] - C:\WINDOWS\syswow64\wlidcredprov.dll
[MD5.7254EE06A8A0D3B063CACA6CEAD66E20] - [04/06/2017 12:11:11] - |A| - [67072] - C:\WINDOWS\syswow64\wlidfdp.dll
[MD5.A6A1BB702A0D3825A42D7EA49F50C2DF] - [04/06/2017 12:11:11] - |A| - [42496] - C:\WINDOWS\syswow64\wlidnsp.dll
[MD5.9FA81D862D7ACDECAA63C161EA1740CE] - [04/06/2017 12:10:53] - |A| - [539136] - C:\WINDOWS\syswow64\wlidprov.dll
[MD5.BFD166AD378004F4FCF8B9EA6C45CFD3] - [04/06/2017 12:10:56] - |A| - [30720] - C:\WINDOWS\syswow64\wlidres.dll
[MD5.F9097460A2D32CEA0F38EC66B2AA50EA] - [04/06/2017 12:11:26] - |A| - [14672] - C:\WINDOWS\syswow64\WlS0WndH.dll
[MD5.B1F9AC6FF625775BA14BADFF0FACB722] - [04/06/2017 12:09:12] - |A| - [675624] - C:\WINDOWS\syswow64\WMADMOD.DLL
[MD5.DA489F585B5608A7F3420AA478EF242C] - [04/06/2017 12:09:12] - |A| - [685352] - C:\WINDOWS\syswow64\WMADMOE.DLL
[MD5.3260745E79044C8A5DA6623A572D58D4] - [04/06/2017 12:09:13] - |A| - [249480] - C:\WINDOWS\syswow64\WMASF.DLL
[MD5.F5765C8E0F2A3DFEE2ED84BE47E16E8D] - [04/06/2017 12:09:12] - |A| - [10752] - C:\WINDOWS\syswow64\wmcodecdspps.dll
[MD5.5C3B6778070642FCD4764CF8675A3ECE] - [04/06/2017 12:09:13] - |A| - [32256] - C:\WINDOWS\syswow64\wmdmlog.dll
[MD5.AD9E5160BB442BA0FDEF38DA1E44F7FC] - [04/06/2017 12:09:13] - |A| - [37376] - C:\WINDOWS\syswow64\wmdmps.dll
[MD5.C003D18FE372A614FB412547006A1F85] - [04/06/2017 12:10:50] - |A| - [5632] - C:\WINDOWS\syswow64\wmdrmsdk.dll
[MD5.7C4C05E6B9118411F4048DFB86A1D322] - [05/06/2017 08:58:25] - |A| - [2560] - C:\WINDOWS\syswow64\wmerror.dll
[MD5.1BFAEBF9888202C7A936AD5333DAEC19] - [04/06/2017 12:09:57] - |A| - [5120] - C:\WINDOWS\syswow64\wmi.dll
[MD5.9641B76F677FFC26D7EF05E9D8CA8B14] - [04/06/2017 12:11:05] - |A| - [40448] - C:\WINDOWS\syswow64\wmiclnt.dll
[MD5.11AE34190DFDD86F0F2A47EC75AA674D] - [04/06/2017 12:11:26] - |A| - [133632] - C:\WINDOWS\syswow64\wmidcom.dll
[MD5.9B5FEA2976754D3752E8FF6E2AEE36DC] - [04/06/2017 12:09:13] - |A| - [152064] - C:\WINDOWS\syswow64\wmidx.dll
[MD5.5A5366A8CCB8C5B99CE8DBEBB608FC3C] - [04/06/2017 12:11:13] - |A| - [25088] - C:\WINDOWS\syswow64\wmiprop.dll
[MD5.0D23E11CA4E456747F3B96660FE914D6] - [04/06/2017 12:11:26] - |A| - [151552] - C:\WINDOWS\syswow64\wmitomi.dll
[MD5.6280EC8DC8D538BF230B5F8DF6131474] - [04/06/2017 12:09:13] - |A| - [1204736] - C:\WINDOWS\syswow64\WMNetMgr.dll
[MD5.BAC49239C9BA633DC05A3DEE4E7F1B5C] - [05/06/2017 08:58:25] - |A| - [12680192] - C:\WINDOWS\syswow64\wmp.dll
[MD5.002BFFFCC9A05737F2B53AFFCCC74204] - [04/06/2017 12:09:13] - |A| - [286720] - C:\WINDOWS\syswow64\WmpDui.dll
[MD5.CCF5FD122D975185DE4201DF9E1DE8F6] - [05/06/2017 08:58:25] - |A| - [174080] - C:\WINDOWS\syswow64\wmpdxm.dll
[MD5.08A7DC5B49BBBA5EF2C8C9FD8025DA6D] - [05/06/2017 08:58:25] - |A| - [249008] - C:\WINDOWS\syswow64\wmpeffects.dll
[MD5.5A2376302AC2A8EDC6567F7C0425D86B] - [04/06/2017 12:11:13] - |A| - [345600] - C:\WINDOWS\syswow64\WMPhoto.dll
[MD5.160B1C0D90E9F2016CBA78A6382CB0A6] - [05/06/2017 08:58:25] - |A| - [9262080] - C:\WINDOWS\syswow64\wmploc.DLL
[MD5.F93FFCFCDBDF19D443EC37016F7769EC] - [05/06/2017 08:58:25] - |A| - [1340840] - C:\WINDOWS\syswow64\wmpmde.dll
[MD5.B1AA24668C2A19D51A6C3A1623AC44AC] - [05/06/2017 08:58:25] - |A| - [149800] - C:\WINDOWS\syswow64\wmpps.dll
[MD5.1DA581E1D6A6E9C06CE800A489DCBC0A] - [05/06/2017 08:58:25] - |A| - [102912] - C:\WINDOWS\syswow64\wmpshell.dll
[MD5.C9DFE239A21EBFB1866076B6C1AE092B] - [04/06/2017 12:11:02] - |A| - [15360] - C:\WINDOWS\syswow64\wmsgapi.dll
[MD5.CD502E92582E55E8031E0F9AE9D75148] - [04/06/2017 12:11:21] - |A| - [874496] - C:\WINDOWS\syswow64\WMSPDMOD.DLL
[MD5.B6465BFB6C2B83B45477A19CD20691EA] - [04/06/2017 12:09:12] - |A| - [1047552] - C:\WINDOWS\syswow64\WMSPDMOE.DLL
[MD5.B0F31D2CD2201D87F302BEEFBCDEC03F] - [04/06/2017 12:09:13] - |A| - [2218872] - C:\WINDOWS\syswow64\WMVCORE.DLL
[MD5.7C7B7905DB86619B16A6183763CA9DEF] - [04/06/2017 12:09:12] - |A| - [2367184] - C:\WINDOWS\syswow64\WMVDECOD.DLL
[MD5.5A11D18C207006B3DDBABD11EC98F9BB] - [04/06/2017 12:09:12] - |A| - [186368] - C:\WINDOWS\syswow64\wmvdspa.dll
[MD5.71E69944DE0F3573A3ACCAC7A8258214] - [04/06/2017 12:09:12] - |A| - [2106832] - C:\WINDOWS\syswow64\WMVENCOD.DLL
[MD5.C8D81B490C282A05A4BC23B40019637F] - [04/06/2017 12:09:12] - |A| - [300600] - C:\WINDOWS\syswow64\WMVSDECD.DLL
[MD5.B59F76717F20DDAB6AEDB808C934EA7C] - [04/06/2017 12:09:12] - |A| - [407040] - C:\WINDOWS\syswow64\WMVSENCD.DLL
[MD5.BA6D9266B96DC54F71F15C6A6E26AFBA] - [04/06/2017 12:09:12] - |A| - [740864] - C:\WINDOWS\syswow64\WMVXENCD.DLL
[MD5.EFC31D683A55DA6A57A1868817416B1B] - [04/06/2017 12:10:59] - |A| - [28672] - C:\WINDOWS\syswow64\WofUtil.dll
[MD5.7867256E5FAF210362C5910C9D58DA6E] - [04/06/2017 12:10:53] - |A| - [33280] - C:\WINDOWS\syswow64\WordBreakers.dll
[MD5.20A9EA2FAFF0E25E7A67550ACB7A35CB] - [04/06/2017 12:08:58] - |A| - [61952] - C:\WINDOWS\syswow64\WorkFoldersRes.dll
[MD5.09D51162E96EF4C3D2A28DBA2B8544BC] - [04/06/2017 12:11:13] - |A| - [5632] - C:\WINDOWS\syswow64\wow32.dll
[MD5.DC7B077004160B36CB1F7FF0B990D313] - [04/06/2017 12:11:21] - |A| - [15360] - C:\WINDOWS\syswow64\wowreg32.exe
[MD5.142AF3417776D61DC98ECAA30C21EB7F] - [04/06/2017 12:11:05] - |A| - [74240] - C:\WINDOWS\syswow64\wpbcreds.dll
[MD5.2783311DB52876EDA44AED78E246B4B8] - [04/06/2017 12:11:28] - |A| - [1397248] - C:\WINDOWS\syswow64\Wpc.dll
[MD5.3668F43A8F45479AB74891E1F393E1EF] - [04/06/2017 12:11:28] - |A| - [624640] - C:\WINDOWS\syswow64\WpcWebFilter.dll
[MD5.EC2E60576A25C41BA5DC4B3FA00C55B3] - [04/06/2017 12:09:17] - |A| - [1886720] - C:\WINDOWS\syswow64\wpdshext.dll
[MD5.7D13A3DCA487CC695879289F1F9294F8] - [04/06/2017 12:09:17] - |A| - [25600] - C:\WINDOWS\syswow64\WPDShextAutoplay.exe
[MD5.9EAC80DD7593F5B7D535B67DC6008635] - [04/06/2017 12:09:17] - |A| - [56320] - C:\WINDOWS\syswow64\WPDShServiceObj.dll
[MD5.BFDF5382D8582B84D011B74555DF1618] - [04/06/2017 12:09:17] - |A| - [329216] - C:\WINDOWS\syswow64\WPDSp.dll
[MD5.64DE45544607ED60A1BC179A294D0199] - [04/06/2017 12:10:57] - |A| - [1009664] - C:\WINDOWS\syswow64\wpnapps.dll
[MD5.A9010406FEA3794FC18E47E0D9167FED] - [04/06/2017 12:10:57] - |A| - [261632] - C:\WINDOWS\syswow64\wpnclient.dll
[MD5.F633C93933720E5ACAB02B9E1C48E47B] - [04/06/2017 12:10:56] - |A| - [12288] - C:\WINDOWS\syswow64\WpPortingLibrary.dll
[MD5.27EF2AE4EC70DB1A12843A79FF7C0922] - [04/06/2017 12:11:02] - |A| - [10240] - C:\WINDOWS\syswow64\write.exe
[MD5.B72FDB4274632414F7EC88203158E7E6] - [04/06/2017 12:11:13] - |A| - [4096] - C:\WINDOWS\syswow64\ws2help.dll
[MD5.08B17EAFEBCEC396147D3EE80EA35EE6] - [04/06/2017 12:11:29] - |A| - [405000] - C:\WINDOWS\syswow64\ws2_32.dll
[MD5.DC6918B3CD76FBD7C92AD14CB7F52B37] - [04/06/2017 12:11:28] - |A| - [8192] - C:\WINDOWS\syswow64\wscadminui.exe
[MD5.9051F4778FBDBAF3B2888EB958C02D1B] - [04/06/2017 12:11:28] - |A| - [196824] - C:\WINDOWS\syswow64\wscapi.dll
[MD5.B4E10F29825E864E24E63D2B49F8FD12] - [04/06/2017 12:11:28] - |A| - [106496] - C:\WINDOWS\syswow64\wscinterop.dll
[MD5.AD025F9E16BA71E46EC213215E95BFF7] - [04/06/2017 12:11:28] - |A| - [22528] - C:\WINDOWS\syswow64\wscisvif.dll
[MD5.99B6DF091E76F67FDC0FBCE880A665A0] - [04/06/2017 12:11:13] - |A| - [11776] - C:\WINDOWS\syswow64\WSClient.dll
[MD5.BCF483F2D934BE4B8A7771A37E5A78C2] - [04/06/2017 12:11:28] - |A| - [12800] - C:\WINDOWS\syswow64\wscproxystub.dll
[MD5.87E8848333023397B64F479A45D30321] - [04/06/2017 12:11:21] - |A| - [147456] - C:\WINDOWS\syswow64\wscript.exe
[MD5.CFA61284307C235862F1DD3E147E5E33] - [04/06/2017 12:11:28] - |A| - [1195520] - C:\WINDOWS\syswow64\wscui.cpl
[MD5.36459B9C2D13EDB6F0652671D528E49D] - [04/06/2017 12:10:59] - |A| - [583168] - C:\WINDOWS\syswow64\WSDApi.dll
[MD5.44D1402491B3E323EF4F9C96F8A6DA8D] - [04/06/2017 12:11:23] - |A| - [41984] - C:\WINDOWS\syswow64\wsdchngr.dll
[MD5.2D2474FCA80E580F91D3153615F61966] - [04/06/2017 12:11:02] - |A| - [1332736] - C:\WINDOWS\syswow64\wsecedit.dll
[MD5.5099319E1D31E7E46608FC0E31270B8B] - [04/06/2017 12:11:02] - |A| - [50688] - C:\WINDOWS\syswow64\wshbth.dll
[MD5.EF9D88B0F39D0F28EBEE6D3801D41E26] - [04/06/2017 12:11:21] - |A| - [21504] - C:\WINDOWS\syswow64\wshcon.dll
[MD5.A3EAECE6BB9D15EF4683171E61E3F378] - [04/06/2017 12:11:13] - |A| - [16384] - C:\WINDOWS\syswow64\wshelper.dll
[MD5.E16AE2F808A352147B8A9ABC965FA961] - [04/06/2017 12:11:21] - |A| - [80896] - C:\WINDOWS\syswow64\wshext.dll
[MD5.0C256B54A8DD940A66987CF025A11820] - [04/06/2017 12:08:58] - |A| - [12424] - C:\WINDOWS\syswow64\wshhyperv.dll
[MD5.2485252F6E762DC44E32A956A4AA5574] - [04/06/2017 12:11:03] - |A| - [11264] - C:\WINDOWS\syswow64\wship6.dll
[MD5.83448E97D0CCDD0FD4C31EDC0A90F633] - [04/06/2017 12:11:28] - |A| - [12288] - C:\WINDOWS\syswow64\wshirda.dll
[MD5.581CD7D63AF3ACBD6A8FAD8B70DC6A0C] - [04/06/2017 12:11:21] - |A| - [123392] - C:\WINDOWS\syswow64\wshom.ocx
[MD5.C794E1850256D17DEBDA3A2457D0FC82] - [04/06/2017 12:10:57] - |A| - [16896] - C:\WINDOWS\syswow64\wshqos.dll
[MD5.769E128EF7416D478A77005278E1F652] - [04/06/2017 12:11:11] - |A| - [14848] - C:\WINDOWS\syswow64\wshrm.dll
[MD5.67F7A8EF6F047F8724DBA786AB7EC758] - [04/06/2017 12:11:03] - |A| - [10752] - C:\WINDOWS\syswow64\WSHTCPIP.DLL
[MD5.662237A4B883C0AB25E603CD04E24BBD] - [04/06/2017 12:11:26] - |A| - [26112] - C:\WINDOWS\syswow64\WsmAgent.dll
[MD5.930423065AB3F5DB52D5726C7FC66385] - [04/06/2017 12:11:26] - |A| - [4675] - C:\WINDOWS\syswow64\wsmanconfig_schema.xml
[MD5.EE2B7DF307158EF75F370BF43DCB9101] - [04/06/2017 12:11:26] - |A| - [32768] - C:\WINDOWS\syswow64\WSManHTTPConfig.exe
[MD5.A631A9E8072AEC84B87AA242C92D13CE] - [04/06/2017 12:11:26] - |A| - [61440] - C:\WINDOWS\syswow64\WSManMigrationPlugin.dll
[MD5.C378A98AA3EBAE00DF8166E36E4A1CF7] - [04/06/2017 12:11:26] - |A| - [140288] - C:\WINDOWS\syswow64\WsmAuto.dll
[MD5.123210FE634ED4A44B3A191745DA80D6] - [04/06/2017 12:11:26] - |A| - [11776] - C:\WINDOWS\syswow64\wsmplpxy.dll
[MD5.FF1AD47DDCFCD21499EA3618E5D7F5EE] - [04/06/2017 12:11:26] - |A| - [38400] - C:\WINDOWS\syswow64\wsmprovhost.exe
[MD5.D6CBFA113B69C491DE370E85EBAC80E9] - [04/06/2017 12:11:26] - |A| - [1559] - C:\WINDOWS\syswow64\WsmPty.xsl
[MD5.479C63C257B7FAFD9E49CDF11B92BB4A] - [04/06/2017 12:11:26] - |A| - [61952] - C:\WINDOWS\syswow64\WsmRes.dll
[MD5.B2DB6BADC67B7971C2D675600EA9F415] - [04/06/2017 12:11:26] - |A| - [2387456] - C:\WINDOWS\syswow64\WsmSvc.dll
[MD5.B2EDF82825D979928AE07CBE9C7A2160] - [04/06/2017 12:11:26] - |A| - [2426] - C:\WINDOWS\syswow64\WsmTxt.xsl
[MD5.75D8E65E8A79F1AD50A9B295596B28DF] - [04/06/2017 12:11:26] - |A| - [232960] - C:\WINDOWS\syswow64\WsmWmiPl.dll
[MD5.3021E7D44548060301C1ED9D6C4A6BC7] - [04/06/2017 12:11:23] - |A| - [52736] - C:\WINDOWS\syswow64\wsnmp32.dll
[MD5.8A2F93E39026B706434DED826739F30C] - [04/06/2017 12:11:13] - |A| - [16384] - C:\WINDOWS\syswow64\wsock32.dll
[MD5.CF04968E9A4CA4FB18F7A61EC272BB49] - [04/06/2017 12:11:21] - |A| - [1445888] - C:\WINDOWS\syswow64\wsp_fs.dll
[MD5.2ABF5097857277849F3C390FD629BA2E] - [04/06/2017 12:11:23] - |A| - [1294848] - C:\WINDOWS\syswow64\wsp_health.dll
[MD5.76695598FD0B3507A19273C52299D264] - [04/06/2017 12:11:21] - |A| - [715264] - C:\WINDOWS\syswow64\wsp_sr.dll
[MD5.B56451C77FEF11EE029059BA0AB9E3BB] - [04/06/2017 12:11:26] - |A| - [77312] - C:\WINDOWS\syswow64\WSTPager.ax
[MD5.5EE57E72087F99231FEBA9A96F364D4F] - [04/06/2017 12:11:28] - |A| - [49096] - C:\WINDOWS\syswow64\wtsapi32.dll
[MD5.EA30A4904FEE49CCA16E54AF5912F888] - [04/06/2017 12:10:57] - |A| - [818176] - C:\WINDOWS\syswow64\wuapi.dll
[MD5.63F173D89D49E374A512D725AC1D3637] - [04/06/2017 12:11:03] - |A| - [173056] - C:\WINDOWS\syswow64\wuceffects.dll
[MD5.265295018A38088D695DB6A859E6C943] - [04/06/2017 12:11:23] - |A| - [79360] - C:\WINDOWS\syswow64\wudriver.dll
[MD5.AB684CE81C39C98CB8948BFD102AFDD6] - [04/06/2017 12:10:57] - |A| - [30208] - C:\WINDOWS\syswow64\wups.dll
[MD5.2763BAFE43948E99EFA4EB65EF2DB8AF] - [04/06/2017 12:11:13] - |A| - [305664] - C:\WINDOWS\syswow64\wusa.exe
[MD5.5D4BF9BD4F938797D4537F8C3B7E7D64] - [04/06/2017 12:11:21] - |A| - [480256] - C:\WINDOWS\syswow64\wvc.dll
[MD5.4BD6989006BBDF6F9C9AEACEC380F3C7] - [04/06/2017 12:10:56] - |A| - [327680] - C:\WINDOWS\syswow64\WwaApi.dll
[MD5.1E308E4588CE87E5BED1FE3140490491] - [04/06/2017 12:11:13] - |A| - [31744] - C:\WINDOWS\syswow64\WwaExt.dll
[MD5.68C65480CE7655BF0B3D946FBDF5EFB6] - [04/06/2017 12:10:57] - |A| - [786256] - C:\WINDOWS\syswow64\WWAHost.exe
[MD5.7E7CD0C479C539A709DB267274DAC8DC] - [04/06/2017 12:11:28] - |A| - [446760] - C:\WINDOWS\syswow64\WWanAPI.dll
[MD5.5A1E3546CC8210E2F8A774B279DC34CC] - [04/06/2017 12:11:28] - |A| - [69720] - C:\WINDOWS\syswow64\wwapi.dll
[MD5.CC0B5785FFFBF113272C0FCC2CC64D63] - [04/06/2017 12:10:50] - |A| - [3072] - C:\WINDOWS\syswow64\XAudio2_8.dll
[MD5.B789731F13A7D3920218AA8D925E4AD4] - [04/06/2017 12:10:50] - |A| - [555008] - C:\WINDOWS\syswow64\XAudio2_9.dll
[MD5.481BB2CE06CA45EAC4DF21C332585F4A] - [04/06/2017 12:10:56] - |A| - [54784] - C:\WINDOWS\syswow64\XblAuthManagerProxy.dll
[MD5.9EE781156AF89ADA4512222E7308DFE1] - [04/06/2017 12:10:56] - |A| - [71680] - C:\WINDOWS\syswow64\XblAuthTokenBrokerExt.dll
[MD5.3F174F44C19B3796B50AAACBF051C0AB] - [04/06/2017 12:10:53] - |A| - [21504] - C:\WINDOWS\syswow64\XblGameSaveProxy.dll
[MD5.6A1D342BEE0743A8ED2AF1D14D5FA9DB] - [04/06/2017 12:10:56] - |A| - [58368] - C:\WINDOWS\syswow64\xboxgipsynthetic.dll
[MD5.0905CE2268432001F75C7AE6FBBEA55D] - [04/06/2017 12:10:57] - |A| - [44544] - C:\WINDOWS\syswow64\xcopy.exe
[MD5.39FE6526C81F74C0081EB07118708610] - [04/06/2017 12:11:02] - |A| - [36864] - C:\WINDOWS\syswow64\XInput1_4.dll
[MD5.CD81216EF6CFC1F5B0E6B9EA8103CE0D] - [04/06/2017 12:11:03] - |A| - [9216] - C:\WINDOWS\syswow64\XInput9_1_0.dll
[MD5.7596F7E40C041B520749283621D9FE57] - [04/06/2017 12:10:53] - |A| - [38912] - C:\WINDOWS\syswow64\XInputUap.dll
[MD5.4B6595E0DF08B0C59FD04CBC3D049643] - [04/06/2017 12:11:21] - |A| - [53760] - C:\WINDOWS\syswow64\xmlfilter.dll
[MD5.EFED2253D8D3F141D1EC172EA5EBE382] - [04/06/2017 12:11:05] - |A| - [183880] - C:\WINDOWS\syswow64\xmllite.dll
[MD5.2629FC597EFD48291AF109063D266B7A] - [04/06/2017 12:11:08] - |A| - [17920] - C:\WINDOWS\syswow64\xmlprovi.dll
[MD5.E6F3B36484E1A82F76CAC4A16F569507] - [04/06/2017 12:11:00] - |A| - [51712] - C:\WINDOWS\syswow64\xolehlp.dll
[MD5.4403B9D1FC9E149DFFA735FBFA0FA23C] - [04/06/2017 12:11:21] - |A| - [253440] - C:\WINDOWS\syswow64\XpsDocumentTargetPrint.dll
[MD5.444B6200093E62E84D06CB0CAF44D12D] - [04/06/2017 12:12:53] - |A| - [588288] - C:\WINDOWS\syswow64\XpsFilt.dll
[MD5.BE90F1AE595A3B44A9A4BD128B0DD2F3] - [04/06/2017 12:11:23] - |A| - [353280] - C:\WINDOWS\syswow64\XpsGdiConverter.dll
[MD5.4A01B8192AC812D5370E51EDC0DDCC22] - [04/06/2017 12:11:21] - |A| - [1056768] - C:\WINDOWS\syswow64\XpsPrint.dll
[MD5.1C64EDC5708954AD8E46E839EC6FF211] - [04/06/2017 12:11:21] - |A| - [157696] - C:\WINDOWS\syswow64\XpsRasterService.dll
[MD5.195D9C9FD0DD5CDB479225BFA184F41D] - [04/06/2017 12:12:53] - |A| - [3418624] - C:\WINDOWS\syswow64\xpsrchvw.exe
[MD5.9D6B8FC71167D22849424084F0F3D9E9] - [04/06/2017 12:12:53] - |A| - [76060] - C:\WINDOWS\syswow64\xpsrchvw.xml
[MD5.93C084391C1D6602A4B83DDED0BEA261] - [04/06/2017 12:11:23] - |A| - [1964032] - C:\WINDOWS\syswow64\xpsservices.dll
[MD5.1F155E6ED254241B3E7F20C58476A4C8] - [04/06/2017 12:12:53] - |A| - [81408] - C:\WINDOWS\syswow64\XPSSHHDR.dll
[MD5.00000000000000000000000000000000] - [11/06/2017 03:23:11] - |D| - [10400] - C:\WINDOWS\syswow64\XPSViewer
[MD5.684DDBD6ED4066B10660A3A06655B59A] - [04/06/2017 12:11:13] - |A| - [4014] - C:\WINDOWS\syswow64\xwizard.dtd
[MD5.2E2542C46BAEED65866DA5E261219139] - [04/06/2017 12:11:13] - |A| - [56320] - C:\WINDOWS\syswow64\xwizard.exe
[MD5.4BA522DA0842C44A9E1AB7947E6C07FB] - [04/06/2017 12:11:13] - |A| - [384000] - C:\WINDOWS\syswow64\xwizards.dll
[MD5.ABB42D1EA871B6C988590D985D925A1C] - [04/06/2017 12:11:13] - |A| - [99328] - C:\WINDOWS\syswow64\xwreg.dll
[MD5.E23D3F399097DC53E054AEA80E64E3D9] - [04/06/2017 12:11:13] - |A| - [210944] - C:\WINDOWS\syswow64\xwtpdui.dll
[MD5.6848DF86F29AFACD8BFC134B6DF036CC] - [04/06/2017 12:11:13] - |A| - [121344] - C:\WINDOWS\syswow64\xwtpw32.dll
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [202752] - C:\WINDOWS\syswow64\zh-CN
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [196608] - C:\WINDOWS\syswow64\zh-TW
[MD5.001C65B92C3F21E98B9A92953437CFD7] - [04/06/2017 12:10:57] - |A| - [69120] - C:\WINDOWS\syswow64\zipcontainer.dll
[MD5.F32EBEBBDEB597EC963CA9CEF8ED90EE] - [04/06/2017 12:11:03] - |A| - [345600] - C:\WINDOWS\syswow64\zipfldr.dll
[MD5.FD56F135A811D46AF9F8370DBF2EF50C] - [04/06/2017 12:10:57] - |A| - [25600] - C:\WINDOWS\syswow64\ztrace_maps.dll
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:45] - |D| - [0] - C:\WINDOWS\syswow64\Drivers\en-US
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:45] - |D| - [27648] - C:\WINDOWS\syswow64\Drivers\fr-FR
[MD5.7F29903CB8F5590D52DB0C9F97049A25] - [04/06/2017 12:10:52] - |A| - [3440660] - C:\WINDOWS\syswow64\Drivers\gm.dls
[MD5.7111BFA692A22E4B3C07F1E6C6FF6F72] - [04/06/2017 12:10:52] - |A| - [646] - C:\WINDOWS\syswow64\Drivers\gmreadme.txt
[MD5.00000000000000000000000000000000] - [05/06/2017 08:57:45] - |D| - [0] - C:\WINDOWS\syswow64\Drivers\UMDF

---------- | Drives


D:


E:


---------- | C:

[05/02/2016 18:09:10] - |SHD| - [50274193] - C:\$RECYCLE.BIN
[05/06/2017 09:20:49] - |HD| - [0] - C:\$WINDOWS.~BT
[20/06/2017 00:41:24] - |D| - [5562007] - C:\AdwCleaner
[01/09/2016 21:54:53] - |D| - [10792379297] - C:\Amazon
[05/06/2017 09:04:56] - |D| - [0] - C:\assembly
[MD5.EBAF32298D48E5994A2D087DD9EFAC1D] - [06/06/2017 11:31:24] - |A| - (.-.) - [3930] - (0.0.0.0) - C:\bdlog.txt
[MD5.93B885ADFE0DA089CDF634904FD59F71] - [30/10/2015 10:13:44] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT
[21/09/2016 23:21:37] - |SHD| - [192584] - C:\Config.Msi
[15/12/2016 18:12:33] - |D| - [20028] - C:\cygwin64
[12/06/2017 11:12:51] - |D| - [0] - C:\Data
[05/02/2016 18:07:00] - |SHD| - [0] - C:\Documents and Settings
[MD5.C0652FA971B451A100E2A5DF540CA63D] - [03/12/2016 10:55:56] - |A| - (.-.) - [4184] - (0.0.0.0) - C:\GLOB(0x210727c)
[MD5.49ACD5C7E8F019F5A1D8AB52CE864C59] - [03/12/2016 10:55:56] - |A| - (.-.) - [53743] - (0.0.0.0) - C:\GLOB(0x22b727c)
[MD5.B5240F28C76B0D38E9976F5884A17687] - [03/12/2016 10:55:56] - |A| - (.-.) - [3414] - (0.0.0.0) - C:\GLOB(0x22e727c)
[MD5.CC1AB8BAFC386CDD091964A45727D5C5] - [03/12/2016 10:55:56] - |A| - (.-.) - [3546] - (0.0.0.0) - C:\GLOB(0x231727c)
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [03/12/2016 10:56:07] - |A| - (.-.) - [0] - (0.0.0.0) - C:\GLOB(0x2a5572c)
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [03/12/2016 10:55:56] - |A| - (.-.) - [0] - (0.0.0.0) - C:\GLOB(0x2a5921c)
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [03/12/2016 10:56:17] - |A| - (.-.) - [0] - (0.0.0.0) - C:\GLOB(0x2bea754)
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [03/12/2016 10:55:56] - |A| - (.-.) - [0] - (0.0.0.0) - C:\GLOB(0x2bed23c)
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [03/12/2016 10:56:06] - |A| - (.-.) - [0] - (0.0.0.0) - C:\GLOB(0x2c1371c)
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [03/12/2016 10:55:56] - |A| - (.-.) - [0] - (0.0.0.0) - C:\GLOB(0x2c1d23c)
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [03/12/2016 10:56:06] - |A| - (.-.) - [0] - (0.0.0.0) - C:\GLOB(0x2c46be4)
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [03/12/2016 10:55:56] - |A| - (.-.) - [0] - (0.0.0.0) - C:\GLOB(0x2c4c6e4)
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [24/05/2017 23:26:23] - |ASH| - (.-.) - [27453329408] - (0.0.0.0) - C:\hiberfil.sys
[31/08/2016 14:09:57] - |D| - [5358] - C:\Intel
[14/12/2016 21:04:32] - |D| - [0] - C:\net-snmp-compil-win
[21/06/2017 11:06:57] - |HD| - [0] - C:\OneDriveTemp
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [31/08/2016 19:15:25] - |ASH| - (.-.) - [10200547328] - (0.0.0.0) - C:\pagefile.sys
[04/06/2017 12:17:03] - |D| - [0] - C:\PerfLogs
[04/06/2017 12:17:03] - |RD| - [227016601699] - C:\Program Files
[04/06/2017 12:17:03] - |RD| - [154308191862] - C:\Program Files (x86)
[04/06/2017 12:17:03] - |HD| - [162601938390] - C:\ProgramData
[20/06/2017 09:34:01] - |D| - [831448] - C:\QuickDiag
[MD5.42A9EB1F95AABE8D049D8BD2A9266121] - [21/06/2017 23:38:11] - |A| - (.-.) - [1264907] - (0.0.0.0) - C:\QuickDiag.txt
[MD5.B89B05F1244FC63C9A91B516D0E5E741] - [20/06/2017 09:45:54] - |RA| - (.-.) - [549653] - (0.0.0.0) - C:\QuickDiag_20_06_2017_09_45_54.txt
[05/02/2016 17:39:13] - |HD| - [1235230362] - C:\Recovery
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [31/08/2016 19:15:25] - |ASH| - (.-.) - [16777216] - (0.0.0.0) - C:\swapfile.sys
[31/08/2016 19:15:25] - |SHD| - [0] - C:\System Volume Information
[MD5.61FAB5F16DD6B9B621C81BC52BE88745] - [21/06/2017 15:56:55] - |A| - (.-.) - [14510] - (0.0.0.0) - C:\tascklist.txt
[MD5.A39D3C2DA6789F90C54F8C8466CCD05F] - [21/06/2017 15:58:07] - |A| - (.-.) - [15311] - (0.0.0.0) - C:\tascklistsvc.txt
[05/11/2016 17:31:58] - |D| - [274] - C:\temp
[04/06/2017 10:16:43] - |RD| - [315253491178] - C:\Users
[04/06/2017 10:16:43] - |D| - [88323685440] - C:\Windows
[12/06/2017 11:56:44] - |D| - [174621829701] - C:\Windows.old

---------- | C:\WINDOWS

[04/06/2017 12:17:03] - |D| - [802] - C:\WINDOWS\addins
[04/06/2017 12:17:03] - |D| - [94172773] - C:\WINDOWS\appcompat
[04/06/2017 12:17:03] - |D| - [7892248] - C:\WINDOWS\apppatch
[04/06/2017 12:17:03] - |D| - [0] - C:\WINDOWS\AppReadiness
[04/06/2017 12:17:03] - |RSD| - [2666601563] - C:\WINDOWS\assembly
[04/06/2017 12:17:03] - |D| - [673125] - C:\WINDOWS\bcastdvr
[MD5.2352504AD79AF33EF21D4B4F217C1141] - [04/06/2017 12:09:18] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [64512] - (10.0.16215.1000) - C:\WINDOWS\bfsvc.exe
[05/06/2017 09:00:07] - |SHD| - [576523] - C:\WINDOWS\BitLockerDiscoveryVolumeContents
[04/06/2017 12:17:03] - |D| - [37468869] - C:\WINDOWS\Boot
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/06/2017 10:58:14] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat
[04/06/2017 12:17:03] - |D| - [2446344] - C:\WINDOWS\Branding
[MD5.9130CCE19B5DB3D2E31F9F789263FC4A] - [02/06/2017 13:11:17] - |A| - (.Copyright (c) 1999-2006 Microsoft Corporation - CAPICOM Module.) - [511328] - (2.1.0.2) - C:\WINDOWS\capicom.dll
[04/06/2017 12:03:09] - |D| - [0] - C:\WINDOWS\CbsTemp
[MD5.37D052D8AE871402DEB60CB9F319412F] - [12/06/2017 11:03:44] - |A| - (.-.) - [7159] - (0.0.0.0) - C:\WINDOWS\comsetup.log
[31/08/2016 19:19:23] - |D| - [0] - C:\WINDOWS\CSC
[MD5.45F50529721E9C2CC58B03DA993C8A7D] - [31/08/2016 14:45:46] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\ctfile.rfc
[04/06/2017 12:17:03] - |D| - [11482410] - C:\WINDOWS\Cursors
[04/06/2017 12:17:03] - |D| - [3] - C:\WINDOWS\debug
[04/06/2017 12:17:03] - |D| - [58202897117] - C:\WINDOWS\DeliveryOptimization
[MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [12/06/2017 11:07:05] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagerr.xml
[04/06/2017 12:17:03] - |D| - [4772937] - C:\WINDOWS\diagnostics
[MD5.99F5D5BBD351694638DF3C0CC4A919A3] - [12/06/2017 11:07:05] - |A| - (.-.) - [7623] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml
[05/06/2017 08:57:44] - |D| - [0] - C:\WINDOWS\DigitalLocker
[MD5.46FF85C9A48A86F224B64672272EBD1E] - [20/06/2017 15:11:20] - |A| - (.-.) - [18587] - (0.0.0.0) - C:\WINDOWS\DirectX.log
[04/06/2017 12:17:03] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files
[MD5.10D2993828B2A91C975EC4CACEF3CE7B] - [04/06/2017 12:18:41] - |A| - (.-.) - [4176] - (0.0.0.0) - C:\WINDOWS\DtcInstall.log
[04/06/2017 12:17:03] - |HD| - [40832] - C:\WINDOWS\ELAMBKUP
[05/06/2017 08:57:44] - |D| - [0] - C:\WINDOWS\en-US
[MD5.7F5C3EE402F6C22FB4BD40BD71091BE0] - [04/06/2017 12:10:49] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [3876864] - (10.0.16215.1000) - C:\WINDOWS\explorer.exe
[04/06/2017 12:17:03] - |RSD| - [444564848] - C:\WINDOWS\Fonts
[05/06/2017 08:57:44] - |D| - [109056] - C:\WINDOWS\fr-FR
[04/06/2017 12:17:03] - |D| - [0] - C:\WINDOWS\GameBarPresenceWriter
[04/06/2017 12:17:03] - |D| - [46643311] - C:\WINDOWS\Globalization
[04/06/2017 12:17:03] - |D| - [71206283] - C:\WINDOWS\Help
[MD5.CBA65F502A4EB3A39655372AE1BED111] - [04/06/2017 12:10:02] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1003008] - (10.0.16215.1000) - C:\WINDOWS\HelpPane.exe
[MD5.07C90A833C624B43E6D7B1D96EA1D006] - [04/06/2017 12:10:03] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [17920] - (10.0.16215.1000) - C:\WINDOWS\hh.exe
[02/03/2017 02:53:22] - |D| - [191271071] - C:\WINDOWS\HoloShell
[04/06/2017 12:17:03] - |D| - [173056880] - C:\WINDOWS\IME
[04/06/2017 12:17:03] - |RD| - [7768346] - C:\WINDOWS\ImmersiveControlPanel
[04/06/2017 12:14:48] - |D| - [109755344] - C:\WINDOWS\INF
[04/06/2017 12:17:03] - |D| - [1452092897] - C:\WINDOWS\InfusedApps
[04/06/2017 12:17:03] - |D| - [41503391] - C:\WINDOWS\InputMethod
[04/06/2017 12:17:03] - |SHD| - [4952536513] - C:\WINDOWS\Installer
[04/06/2017 12:17:03] - |D| - [94096] - C:\WINDOWS\L2Schemas
[04/06/2017 12:17:03] - |D| - [1132519] - C:\WINDOWS\LiveKernelReports
[04/06/2017 10:16:48] - |D| - [29490864] - C:\WINDOWS\Logs
[MD5.67CF48B730D1BC158F2FC5BEB0834419] - [31/08/2016 14:45:50] - |A| - (.-.) - [4862] - (0.0.0.0) - C:\WINDOWS\MBCfg_APOIM.ini
[MD5.4E45D368CFF3621450051A5EF9423EA9] - [31/08/2016 14:45:50] - |A| - (.-.) - [1165] - (0.0.0.0) - C:\WINDOWS\MBCfg_Capture_APOIM.ini
[MD5.E0C5B74B34AC369145594C0330F6A1A5] - [31/08/2016 14:45:50] - |A| - (.-.) - [4821] - (0.0.0.0) - C:\WINDOWS\MBCfg_HP_APOIM.ini
[MD5.4EFCA93135ED07ECC983B3F30C359ACD] - [31/08/2016 14:45:50] - |A| - (.-.) - [4914] - (0.0.0.0) - C:\WINDOWS\MBCfg_SP_APOIM.ini
[MD5.F0BF3A5DAA08C0B5B6E64EE817D9F090] - [31/08/2016 14:46:06] - |A| - (.-.) - [57602] - (0.0.0.0) - C:\WINDOWS\MBSpkrEQ.cfg
[04/06/2017 12:17:03] - |RSD| - [20316123] - C:\WINDOWS\Media
[MD5.81040D47AC73DA548384AE74619D9716] - [07/06/2017 12:56:27] - |A| - (.-.) - [2627079862] - (0.0.0.0) - C:\WINDOWS\MEMORY.DMP
[MD5.23AF90D2355D8C83AA4567EF1763B467] - [04/06/2017 12:10:36] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin
[04/06/2017 12:17:03] - |RD| - [1097522993] - C:\WINDOWS\Microsoft.NET
[04/06/2017 12:17:03] - |D| - [2751] - C:\WINDOWS\Migration
[18/06/2017 10:13:01] - |D| - [1930988] - C:\WINDOWS\Minidump
[04/06/2017 12:17:03] - |D| - [0] - C:\WINDOWS\ModemLogs
[MD5.8318A68067191C8B07C22085625569A8] - [04/06/2017 12:09:49] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [246272] - (10.0.16215.1000) - C:\WINDOWS\notepad.exe
[MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [24/05/2017 23:12:41] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvContainerRecovery.bat
[MD5.74F28574BB8F61FFC7DD419FE6B6E0D5] - [21/12/2016 15:28:30] - |A| - (.-.) - [1951] - (0.0.0.0) - C:\WINDOWS\NvTelemetryContainerRecovery.bat
[05/06/2017 08:59:11] - |D| - [199472] - C:\WINDOWS\OCR
[05/02/2016 18:09:38] - |D| - [109795] - C:\WINDOWS\OEMFolder
[04/06/2017 12:17:03] - |RD| - [65] - C:\WINDOWS\Offline Web Pages
[09/06/2017 16:58:35] - |DC| - [533960940] - C:\WINDOWS\Panther
[MD5.8B962D1EDDA1131285ECC91FBF6A654F] - [13/09/2016 13:18:36] - |A| - (.-.) - [644608] - (0.0.0.0) - C:\WINDOWS\PAR FRENCH DL Uninstaller.exe
[MD5.3F30E7D132D62476DB9BA5EBB0F7B902] - [29/09/2016 21:21:22] - |A| - (.-.) - [197120] - (6.50.0.0) - C:\WINDOWS\patchw32.dll
[04/06/2017 12:17:03] - |D| - [29924717] - C:\WINDOWS\Performance
[MD5.6685AAF05D045AB812FDFF17E23B0DB2] - [06/06/2017 11:32:08] - |A| - (.-.) - [127600] - (0.0.0.0) - C:\WINDOWS\PFRO.log
[04/06/2017 12:17:03] - |D| - [1136442] - C:\WINDOWS\PLA
[04/06/2017 12:17:03] - |D| - [7095130] - C:\WINDOWS\PolicyDefinitions
[12/06/2017 10:57:20] - |D| - [4496801] - C:\WINDOWS\Prefetch
[04/06/2017 12:17:03] - |RD| - [2155639] - C:\WINDOWS\PrintDialog
[MD5.CC700D9C2A31C811727762BF1BE44A01] - [05/06/2017 09:00:42] - |A| - (.-.) - [35524] - (0.0.0.0) - C:\WINDOWS\Professional.xml
[04/06/2017 12:17:03] - |D| - [3772566] - C:\WINDOWS\Provisioning
[MD5.374525D11E8BC8C435BA47528AA0B980] - [04/06/2017 12:10:32] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [335872] - (10.0.16215.1000) - C:\WINDOWS\regedit.exe
[04/06/2017 12:17:03] - |D| - [1141084] - C:\WINDOWS\Registration
[05/06/2017 09:00:07] - |D| - [0] - C:\WINDOWS\RemotePackages
[04/06/2017 12:17:03] - |D| - [2407728] - C:\WINDOWS\rescache
[04/06/2017 12:17:03] - |D| - [4889721] - C:\WINDOWS\Resources
[MD5.BAFE98D46BAB095F7935C444DBF9A884] - [31/08/2016 13:45:04] - |A| - (.TODO: (c) <Company name>. - RtCRU.) - [4330200] - (1.11.0.0) - C:\WINDOWS\RtCRU64.exe
[MD5.51254CE041C5D011944C3E11D5A00608] - [11/04/2017 19:38:38] - |A| - (.Copyright (C) 2016 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2838232] - (1.0.6.8) - C:\WINDOWS\RtlExUpd.dll
[05/02/2016 18:09:38] - |D| - [141201859] - C:\WINDOWS\ScanState
[04/06/2017 12:17:03] - |D| - [0] - C:\WINDOWS\SchCache
[04/06/2017 12:17:03] - |D| - [153150] - C:\WINDOWS\schemas
[04/06/2017 12:17:03] - |D| - [11430213] - C:\WINDOWS\security
[12/06/2017 11:47:22] - |D| - [63130619] - C:\WINDOWS\ServiceProfiles
[04/06/2017 10:16:43] - |D| - [39107737] - C:\WINDOWS\servicing
[04/06/2017 12:19:20] - |D| - [42] - C:\WINDOWS\Setup
[MD5.6F67C0B32FD505C9D80F6BF1BF458AAE] - [12/06/2017 10:57:46] - |A| - (.-.) - [20417] - (0.0.0.0) - C:\WINDOWS\setupact.log
[MD5.C6FAA16C3C81657ABFB731746813D806] - [31/08/2016 15:09:41] - |A| - (.Copyright ©  2012 - SetupAfterRebootService.) - [10752] - (1.0.0.0) - C:\WINDOWS\SetupAfterRebootService.exe
[MD5.D060131CD55776F1C058590263CFF30E] - [12/06/2017 10:57:46] - |A| - (.-.) - [168] - (0.0.0.0) - C:\WINDOWS\setuperr.log
[04/06/2017 12:17:03] - |D| - [56435200] - C:\WINDOWS\ShellExperiences
[30/10/2015 11:07:42] - |D| - [0] - C:\WINDOWS\ShellNew
[05/06/2017 08:58:46] - |D| - [3070736] - C:\WINDOWS\SKB
[31/08/2016 19:16:43] - |D| - [48598478] - C:\WINDOWS\SoftwareDistribution
[04/06/2017 12:17:03] - |D| - [86037185] - C:\WINDOWS\Speech
[04/06/2017 12:17:03] - |D| - [58941157] - C:\WINDOWS\Speech_OneCore
[MD5.50B086ECF4977EE23DA0C13A2A63FF09] - [04/06/2017 12:10:47] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [130560] - (10.0.16215.1000) - C:\WINDOWS\splwow64.exe
[02/09/2016 17:27:10] - |D| - [224962048] - C:\WINDOWS\symbols
[MD5.125F8862D2C1B4CB24BE6E10032580AB] - [12/06/2017 11:00:34] - |A| - (.-.) - [603] - (0.0.0.0) - C:\WINDOWS\Synaptics.log
[MD5.125F8862D2C1B4CB24BE6E10032580AB] - [12/06/2017 11:00:34] - |A| - (.-.) - [603] - (0.0.0.0) - C:\WINDOWS\Synaptics.PD.log
[04/06/2017 12:17:03] - |D| - [31039] - C:\WINDOWS\System
[MD5.286A9EDB379DC3423A528B0864A0F111] - [30/10/2015 09:24:29] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini
[04/06/2017 10:16:43] - |D| - [6208308586] - C:\WINDOWS\System32
[04/06/2017 12:17:04] - |D| - [197763400] - C:\WINDOWS\SystemApps
[04/06/2017 12:17:04] - |D| - [20015707] - C:\WINDOWS\SystemResources
[04/06/2017 10:16:48] - |D| - [1652988592] - C:\WINDOWS\SysWOW64
[04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\TAPI
[30/10/2015 09:24:25] - |D| - [6] - C:\WINDOWS\Tasks
[04/06/2017 12:17:04] - |D| - [34236782] - C:\WINDOWS\Temp
[04/06/2017 12:17:04] - |D| - [12401152] - C:\WINDOWS\TextInput
[04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\tracing
[04/06/2017 12:17:04] - |D| - [7680] - C:\WINDOWS\twain_32
[MD5.6B2EBA5FA1D2F1CA2B4C7982F4BF03CC] - [04/06/2017 12:11:07] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65536] - (1.7.1.3) - C:\WINDOWS\twain_32.dll
[MD5.C419DF63E0121D72411285780C2FC6CC] - [31/08/2016 14:46:01] - |A| - (.Copyright (c) Creative Technology Ltd. 2000 - Creative UpdReg.) - [90112] - (1.0.2.0) - C:\WINDOWS\Updreg.EXE
[04/06/2017 12:17:04] - |D| - [12420] - C:\WINDOWS\Vss
[04/06/2017 12:17:04] - |D| - [15729830] - C:\WINDOWS\Web
[12/09/2016 23:16:49] - |RD| - [185752] - C:\WINDOWS\WebManagement
[MD5.23CF8138F49416231807E6DE371FB9E6] - [30/10/2015 09:24:29] - |A| - (.-.) - [92] - (0.0.0.0) - C:\WINDOWS\win.ini
[MD5.C844CA459F3B209329984772269B6E56] - [04/06/2017 12:10:32] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest
[MD5.038356387332650843BCB352BB89A101] - [02/06/2017 23:26:17] - |A| - (.-.) - [275] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log
[MD5.C2C4A9B3B9BC8217ABAFFEADC01AED6A] - [04/06/2017 12:11:05] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [10240] - (10.0.16215.1000) - C:\WINDOWS\winhlp32.exe
[04/06/2017 10:16:43] - |D| - [6545421644] - C:\WINDOWS\WinSxS
[MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [04/06/2017 12:09:04] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx
[MD5.68F8EC9C848252D10B9746ADED25F003] - [04/06/2017 12:09:49] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.16215.1000) - C:\WINDOWS\write.exe

---------- | C:\WINDOWS\System32\GroupPolicy

[20/06/2017 00:39:17] - |D| - [0] - C:\WINDOWS\System32\GroupPolicy\Machine
[20/06/2017 00:39:17] - |D| - [0] - C:\WINDOWS\System32\GroupPolicy\User

---------- | Systemroot\System


---------- | Systemroot\Installer (Microsoft Files Whitelisted)

[24/05/2017 18:57:02] - C:\WINDOWS\Installer\104dca.msi : (Google Update Helper - Google Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[18/10/2016 03:03:58] - C:\WINDOWS\Installer\125815.msi : ([ProductName] Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[31/08/2016 13:41:37] - C:\WINDOWS\Installer\16912c.msi : (Blank Project Template - Rivet Networks)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[31/08/2016 13:41:48] - C:\WINDOWS\Installer\169130.msi : (Blank Project Template - Rivet Networks)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[31/08/2016 13:41:56] - C:\WINDOWS\Installer\169134.msi : (Blank Project Template - Rivet Networks)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[31/08/2016 13:42:01] - C:\WINDOWS\Installer\169138.msi : (Blank Project Template - Rivet Networks)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[13/12/2016 03:02:30] - C:\WINDOWS\Installer\21cd2d7.msi : ( - dotPDN LLC)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 19:40:20] - C:\WINDOWS\Installer\23d008e.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 19:40:22] - C:\WINDOWS\Installer\23d0094.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:01:30] - C:\WINDOWS\Installer\23d009a.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:01:43] - C:\WINDOWS\Installer\23d00a0.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:01:44] - C:\WINDOWS\Installer\23d00a6.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:02:11] - C:\WINDOWS\Installer\23d00ac.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:02:14] - C:\WINDOWS\Installer\23d00b2.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:03:20] - C:\WINDOWS\Installer\23d00b8.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:03:21] - C:\WINDOWS\Installer\23d00be.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:03:40] - C:\WINDOWS\Installer\23d00c4.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:04:57] - C:\WINDOWS\Installer\23d00ca.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:05:05] - C:\WINDOWS\Installer\23d00d0.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:05:09] - C:\WINDOWS\Installer\23d00d6.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:05:45] - C:\WINDOWS\Installer\23d00dc.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:20] - C:\WINDOWS\Installer\23d00e2.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:28] - C:\WINDOWS\Installer\23d00e8.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:31] - C:\WINDOWS\Installer\23d00ee.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:32] - C:\WINDOWS\Installer\23d00f4.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:33] - C:\WINDOWS\Installer\23d00fa.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:34] - C:\WINDOWS\Installer\23d0100.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:39] - C:\WINDOWS\Installer\23d0106.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:41] - C:\WINDOWS\Installer\23d010c.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:42] - C:\WINDOWS\Installer\23d0112.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:45] - C:\WINDOWS\Installer\23d0118.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:47] - C:\WINDOWS\Installer\23d011e.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:49] - C:\WINDOWS\Installer\23d0124.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:50] - C:\WINDOWS\Installer\23d012a.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:51] - C:\WINDOWS\Installer\23d0130.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:52] - C:\WINDOWS\Installer\23d0136.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:53] - C:\WINDOWS\Installer\23d013c.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:06:57] - C:\WINDOWS\Installer\23d0142.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:07:03] - C:\WINDOWS\Installer\23d0148.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:07:13] - C:\WINDOWS\Installer\23d014e.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:07:44] - C:\WINDOWS\Installer\23d0154.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:07:49] - C:\WINDOWS\Installer\23d015a.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:08:01] - C:\WINDOWS\Installer\23d0160.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:08:04] - C:\WINDOWS\Installer\23d0166.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:08:05] - C:\WINDOWS\Installer\23d016c.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:08:10] - C:\WINDOWS\Installer\23d0172.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:12:24] - C:\WINDOWS\Installer\23d0178.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:12:28] - C:\WINDOWS\Installer\23d017e.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:12:29] - C:\WINDOWS\Installer\23d0184.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:12:31] - C:\WINDOWS\Installer\23d018a.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:12:43] - C:\WINDOWS\Installer\23d0190.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:12:49] - C:\WINDOWS\Installer\23d0196.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:12:50] - C:\WINDOWS\Installer\23d019c.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:12:52] - C:\WINDOWS\Installer\23d01a2.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:12:53] - C:\WINDOWS\Installer\23d01a8.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:12:57] - C:\WINDOWS\Installer\23d01ae.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/10/2016 20:23:50] - C:\WINDOWS\Installer\23d01b4.msi : (Amazon Lumberyard 1.5.0.0 Installer - Amazon)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[11/07/2016 21:15:46] - C:\WINDOWS\Installer\307f8a.msi : (Blank Project Template -)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/06/2017 11:10:44] - C:\WINDOWS\Installer\32ed8bd8.msi : (Apple Application Support Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/06/2017 11:15:02] - C:\WINDOWS\Installer\32ed8da3.msi : (Apple Application Support Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/06/2017 11:15:13] - C:\WINDOWS\Installer\32ed8e16.msi : (Apple Software Update Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[06/06/2017 11:16:14] - C:\WINDOWS\Installer\32ed8e59.msi : (Apple Mobile Device Support Installer - Apple Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[24/05/2017 13:39:02] - C:\WINDOWS\Installer\331cb1.msi : (Adobe ARM Installer - Adobe Systems Incorporated)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[25/05/2016 22:56:24] - C:\WINDOWS\Installer\3ab480.msi : (Intel(R) ME UninstallLegacy - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[25/05/2016 22:57:06] - C:\WINDOWS\Installer\3ab484.msi : (Intel(R) Management Engine Components - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[25/05/2016 22:57:20] - C:\WINDOWS\Installer\3ab4a0.msi : (Intel(R) Management Engine Components - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[22/02/2016 21:19:56] - C:\WINDOWS\Installer\3ab4a4.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[22/05/2016 08:46:36] - C:\WINDOWS\Installer\3ab4ab.msi : (Thunderbolt(TM) Software - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/11/2015 23:13:22] - C:\WINDOWS\Installer\4fce7e.msi : (Intel(R) Rapid Storage Technology - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[31/08/2016 14:44:29] - C:\WINDOWS\Installer\4fce81.msi : (Synaptics WBF USB Fingerprint Reader install package - Synaptics Incorporated)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[05/07/2016 11:25:30] - C:\WINDOWS\Installer\51aaf7b.msi : (Audiokinetic Wwise v2015.2_LTX build 5495 - Authoring Data - Audiokinetic Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[05/07/2016 11:25:30] - C:\WINDOWS\Installer\51aaf81.msi : (Audiokinetic Wwise v2015.2_LTX build 5495 - Authoring Binaries 64-bit - Audiokinetic Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[05/07/2016 11:25:58] - C:\WINDOWS\Installer\51aaf87.msi : (Audiokinetic Wwise v2015.2_LTX build 5495 - Wwise LTX License - Audiokinetic Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[05/07/2016 11:25:44] - C:\WINDOWS\Installer\51aaf8d.msi : (Audiokinetic Wwise v2015.2_LTX build 5495 - SDK (Common) - Audiokinetic Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/09/2016 11:47:34] - C:\WINDOWS\Installer\53d6c6.msi : (Epic Games Launcher - Epic Games, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/03/2015 10:41:29] - C:\WINDOWS\Installer\5b7851.msi : ( - Adobe Systems Incorporated)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[02/09/2016 17:33:34] - C:\WINDOWS\Installer\6a3e405.msi : (PreEmptive Solutions' post-build instrumentation services provide obfuscation, tamper defense, shelf life, and runtime intelligence functionality. - PreEmptive Solutions LLC)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[02/09/2016 17:33:40] - C:\WINDOWS\Installer\6a3e40b.msi : (PreEmptive Analytics Visual Studio Components - PreEmptive Solutions)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[14/12/2016 21:02:23] - C:\WINDOWS\Installer\722332.msi : (Adobe AIR Installer - Adobe Systems Incorporated)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/03/2016 14:28:46] - C:\WINDOWS\Installer\910b789.msi : (Gtk# for .Net 2.12.26 - Xamarin, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[21/06/2016 05:44:30] - C:\WINDOWS\Installer\919e41a.msi : (PreEmptive Solutions provides analytics, obfuscation, tamper defense, and shelf life. - PreEmptive Solutions LLC)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[11/06/2015 04:09:05] - C:\WINDOWS\Installer\919e420.msi : (PreEmptive Analytics Visual Studio Components - PreEmptive Solutions)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/12/2016 19:50:25] - C:\WINDOWS\Installer\9b1ee94.msi : (Blender - Blender Foundation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/06/2016 12:49:34] - C:\WINDOWS\Installer\c401e.msi : (Intel(R) Chipset Device Software - Intel Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[12/01/2016 17:51:46] - C:\WINDOWS\Installer\ecbfb9.msi : (UE4 Prerequisites (x64) - Epic Games, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/09/2016 12:01:16] - C:\WINDOWS\Installer\f7d5485.msi : (CRYENGINE Launcher - Crytek GmbH)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[31/08/2016 14:44:29] - C:\WINDOWS\Installer\Syna_Viper_FPReader5.5.204.24.msi : (Synaptics WBF USB Fingerprint Reader install package - Synaptics Incorporated)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[31/08/2016 13:41:39] - [59664] - C:\WINDOWS\Installer\{4BDD142A-2CC4-4C7A-8F17-342FFC2D82CD}\ARPPRODUCTICON.exe     (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield)
[06/06/2017 11:29:01] - [27136] - C:\WINDOWS\Installer\{52D87F32-70E4-4348-8148-C0B9F35B1314}\AppleSoftwareUpdateIco.exe     () - ()
[31/08/2016 13:41:50] - [59664] - C:\WINDOWS\Installer\{62BBB3D7-6209-48DA-8931-2EC3383EA36F}\ARPPRODUCTICON.exe     (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield)
[18/01/2017 20:37:57] - [77610] - C:\WINDOWS\Installer\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}\_853F67D554F05449430E7E.exe     () - ()
[09/09/2016 12:20:00] - [216358] - C:\WINDOWS\Installer\{94E1227C-08A9-4962-B388-1F05D89AEA75}\MSDeployIcon.exe     () - ()
[24/05/2017 13:39:08] - [10134] - C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824225037}\ARPPRODUCTICON.exe     () - ()
[31/08/2016 13:42:03] - [59664] - C:\WINDOWS\Installer\{AF427A50-7D39-4FF3-BD0B-28D08E2873F4}\ARPPRODUCTICON.exe     (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield)
[31/08/2016 13:42:03] - [71952] - C:\WINDOWS\Installer\{AF427A50-7D39-4FF3-BD0B-28D08E2873F4}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe     (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield)
[31/08/2016 13:42:03] - [71952] - C:\WINDOWS\Installer\{AF427A50-7D39-4FF3-BD0B-28D08E2873F4}\NetworkManager.exe_57A52662FCCD47C9AAA02E5E7FCEFD5C.exe     (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield)
[31/08/2016 13:42:03] - [71952] - C:\WINDOWS\Installer\{AF427A50-7D39-4FF3-BD0B-28D08E2873F4}\NetworkManager.exe_6C3A6551A5FC47C881F89AE988830D9A.exe     (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield)
[31/08/2016 13:42:03] - [71952] - C:\WINDOWS\Installer\{AF427A50-7D39-4FF3-BD0B-28D08E2873F4}\NetworkManager.exe_92AA7C31F35F4CBEA430E9A5788C26B8.exe     (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield)
[31/08/2016 13:42:03] - [71952] - C:\WINDOWS\Installer\{AF427A50-7D39-4FF3-BD0B-28D08E2873F4}\NetworkManager.exe_E38B8113745D486384C281C6EE6C49DB.exe     (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield)
[31/08/2016 13:42:03] - [71952] - C:\WINDOWS\Installer\{AF427A50-7D39-4FF3-BD0B-28D08E2873F4}\NewShortcut1_616A95F82A3947759CA4EC2699711C3A.exe     (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield)
[31/08/2016 13:41:57] - [59664] - C:\WINDOWS\Installer\{CF54C187-E49A-4D74-BBC6-345A29C6ADEC}\ARPPRODUCTICON.exe     (Copyright (c) 2014 Flexera Software LLC.) - (InstallShield)
[06/06/2017 11:31:02] - [86016] - C:\WINDOWS\Installer\{F0C7385A-9D20-45F3-8101-05D383885180}\iTunesIco.exe     () - ()

---------- | %System%\*.in*

[04/06/2017 12:09:04] - [3458] - C:\WINDOWS\System32\ieuinit.inf
[31/08/2016 14:45:50] - [20697] - C:\WINDOWS\System32\MBCfg64.ini
[31/08/2016 14:45:50] - [6968] - C:\WINDOWS\System32\MBCfgUninstall64.ini
[12/06/2017 11:00:42] - [2313080] - C:\WINDOWS\System32\PerfStringBackup.INI
[04/06/2017 12:10:29] - [60124] - C:\WINDOWS\System32\tcpmon.ini
[04/06/2017 12:09:54] - [2307] - C:\WINDOWS\System32\WimBootCompress.ini
[04/06/2017 12:09:13] - [3458] - C:\WINDOWS\Syswow64\ieuinit.inf
[31/08/2016 14:45:50] - [20697] - C:\WINDOWS\Syswow64\MBCfg32.ini
[31/08/2016 14:45:50] - [6968] - C:\WINDOWS\Syswow64\MBCfgUninstall32.ini
[24/05/2017 23:13:20] - [1970168] - C:\WINDOWS\Syswow64\PerfStringBackup.INI
[04/06/2017 12:10:59] - [2307] - C:\WINDOWS\Syswow64\WimBootCompress.ini

---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan

[MD5.190DD004504FD85143CCBB74398EA62B] - |A| - [12/06/2017 11:00:39] - (.-.) - [1 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ASPNETSetup_00000.log
[MD5.6A15194093A123C7285EB45D66D0219C] - |A| - [12/06/2017 11:00:41] - (.-.) - [1 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\ASPNETSetup_00001.log
[MD5.06CC56D8F0B8D2A7C9739F207479B923] - |A| - [12/06/2017 11:21:17] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\bdec.bytes
[MD5.00000000000000000000000000000000] - |D| - [12/06/2017 11:09:18] - [27378.95 Ko] - C:\WINDOWS\Temp\bd_AFEE.tmp
[MD5.C61AC3B9D379B3E8EA66539B5398600F] - |A| - [12/06/2017 11:05:43] - (.-.) - [2.69 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\chrome_installer.log
[MD5.00000000000000000000000000000000] - |D| - [12/06/2017 11:05:43] - [0.04 Ko] - C:\WINDOWS\Temp\Crashpad
[MD5.694DB5C04D39D5F57B1474E21AD091C5] - |A| - [12/06/2017 11:03:32] - (.-.) - [288.36 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170612-1103.log
[MD5.97375E2796A77B020C1116C7F3CD77AD] - |A| - [12/06/2017 11:13:39] - (.-.) - [6.25 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170612-1113.log
[MD5.B35A630889F59264003D8C25FE439016] - |A| - [12/06/2017 11:24:00] - (.-.) - [6.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170612-1124.log
[MD5.22D71E02D377DA856DD86F9CD6B09862] - |A| - [12/06/2017 11:54:00] - (.-.) - [6.07 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170612-1154.log
[MD5.AF29FB1BB719498873DA7B9343990999] - |A| - [12/06/2017 12:24:00] - (.-.) - [6.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170612-1224.log
[MD5.4571B19FDF2FE8B6AA0136BB9825A016] - |A| - [13/06/2017 04:00:00] - (.-.) - [2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170613-0400.log
[MD5.F32DC7ED0348D3E55B6395243A9B62DC] - |A| - [13/06/2017 04:01:56] - (.-.) - [6.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170613-0401.log
[MD5.80F10F77A0E5133CF4BD0C9F0B99173F] - |A| - [13/06/2017 09:33:22] - (.-.) - [2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170613-0933.log
[MD5.0C3CA099091634EDFFBE1D172857FAA5] - |A| - [13/06/2017 11:13:39] - (.-.) - [6.25 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170613-1113.log
[MD5.F91A120BD0C0F1B6A66D0FAADEE655FA] - |A| - [14/06/2017 10:36:57] - (.-.) - [2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170614-1036.log
[MD5.DB8CCAEAB1A81A65D92020616C3899E1] - |A| - [14/06/2017 10:39:47] - (.-.) - [1.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170614-1039.log
[MD5.C2EB093C6E046544E97384F5C3534CDB] - |A| - [14/06/2017 10:52:10] - (.-.) - [6.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170614-1052.log
[MD5.C3C4CB904F68B6F3FBFE25E784249B53] - |A| - [14/06/2017 11:13:39] - (.-.) - [2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170614-1113.log
[MD5.B21438AF91115BA17F34632C6CC11C4E] - |A| - [14/06/2017 11:22:20] - (.-.) - [6.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170614-1122.log
[MD5.C8D46709842409CEA456DACE58BCB378] - |A| - [14/06/2017 11:52:10] - (.-.) - [6.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170614-1152.log
[MD5.9A2BF4A5A5542B881E8412D76DDC558C] - |A| - [14/06/2017 18:33:44] - (.-.) - [181.22 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170614-1833.log
[MD5.5CEEDCAAB3E5AE19E297E810CD890130] - |A| - [14/06/2017 18:48:56] - (.-.) - [6.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170614-1848.log
[MD5.0EDDFA7755C16A2848D40B28DAD0AD66] - |A| - [14/06/2017 19:18:56] - (.-.) - [6.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170614-1918.log
[MD5.FA84BAFC0C20AA747CAFD1CED2E89D71] - |A| - [14/06/2017 19:48:56] - (.-.) - [6.06 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170614-1948.log
[MD5.EBB218A14D6E0D6A5B2BE9A1F4D755A3] - |A| - [14/06/2017 21:47:09] - (.-.) - [208.71 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170614-2147.log
[MD5.35EC56B76F4CA17D28A75795DC6F1EC1] - |A| - [14/06/2017 22:02:15] - (.-.) - [6.07 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170614-2202.log
[MD5.42F5EC3ECF5600A8A50D31EC46BEC463] - |A| - [14/06/2017 22:32:13] - (.-.) - [6.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170614-2232.log
[MD5.5393FD16446929A02CF75E3C84655CC9] - |A| - [14/06/2017 23:02:13] - (.-.) - [6.07 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170614-2302.log
[MD5.F0D889552691C535F7D1D2A684DE79F5] - |A| - [15/06/2017 04:00:00] - (.-.) - [6.25 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170615-0400.log
[MD5.781B9A61AFD1D2FDD93DBCA39A644E27] - |A| - [15/06/2017 05:34:02] - (.-.) - [1.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170615-0534.log
[MD5.81E602C4B2032457263F081078651A1A] - |A| - [16/06/2017 03:15:53] - (.-.) - [6.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170616-0315.log
[MD5.F67FD57B794D3C7E7269302F720A5F7A] - |A| - [16/06/2017 03:20:15] - (.-.) - [118.89 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170616-0320.log
[MD5.172D5F2136FC8BF052890A438B67744F] - |A| - [16/06/2017 03:49:17] - (.-.) - [355.47 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170616-0349.log
[MD5.1CD120E6BEBBA1D7D5644C6FABC91469] - |A| - [16/06/2017 03:49:25] - (.-.) - [10.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170616-0349a.log
[MD5.66F4018FAE957001D10894E4B51DB840] - |A| - [16/06/2017 03:49:29] - (.-.) - [37.03 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170616-0349b.log
[MD5.134836332AEB0D7DEC7653ACB802D1EE] - |A| - [16/06/2017 04:00:00] - (.-.) - [6.24 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170616-0400.log
[MD5.7B8CA81352BDB12F6AC68A3DFA8F148B] - |A| - [16/06/2017 07:30:48] - (.-.) - [2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170616-0730.log
[MD5.CA7C141E8FF48BF8525B6AA89C0FFA4E] - |A| - [17/06/2017 11:20:30] - (.-.) - [6.25 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170617-1120.log
[MD5.A65579710C16F546226CC9450F942B55] - |A| - [17/06/2017 11:23:25] - (.-.) - [2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170617-1123.log
[MD5.3CA2A70997FCC045632A150C4F69441E] - |A| - [17/06/2017 11:26:43] - (.-.) - [6.96 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170617-1126.log
[MD5.7E8B05C0A646F8AD9B3938D0CD5CFB99] - |A| - [17/06/2017 11:27:00] - (.-.) - [83.2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170617-1127.log
[MD5.6CEA20ABACFED0C35F53434884E41F72] - |A| - [17/06/2017 11:29:27] - (.-.) - [10.39 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170617-1129.log
[MD5.344E07C71C3EA1373E88426DB49806F7] - |A| - [17/06/2017 11:29:33] - (.-.) - [24.24 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170617-1129a.log
[MD5.679CD162F1784FD31FC82860B827E1D4] - |A| - [18/06/2017 10:13:06] - (.-.) - [168.08 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170618-1013.log
[MD5.87123E64EA9207A467B475040AE3280E] - |A| - [18/06/2017 10:16:04] - (.-.) - [1.99 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170618-1016.log
[MD5.E7C3B6E188CAEAAB2FBA6F4C93130D3A] - |A| - [18/06/2017 10:16:04] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170618-1016a.log
[MD5.EF7699253E0F8228A6FE4E74548EBA2C] - |A| - [18/06/2017 10:29:06] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170618-1029.log
[MD5.4FF1A1C515C88362E945BD75308D6D91] - |A| - [18/06/2017 10:59:06] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170618-1059.log
[MD5.F58AF6A6BD604A14D8A2F88DE8C32E9A] - |A| - [18/06/2017 11:29:06] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170618-1129.log
[MD5.F50F85169D14057863608AD589F09583] - |A| - [18/06/2017 16:18:07] - (.-.) - [485.93 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170618-1618.log
[MD5.52DAF883D53BD927556821EAE5573E37] - |A| - [18/06/2017 16:33:20] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170618-1633.log
[MD5.6808733D1D323F2492236253B19F762C] - |A| - [18/06/2017 17:03:19] - (.-.) - [6.96 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170618-1703.log
[MD5.932106896C2D196C06CE766A509CFA9D] - |A| - [18/06/2017 17:33:19] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170618-1733.log
[MD5.B2A3AD9FF2396115749BAC6851BCC0FA] - |A| - [18/06/2017 23:49:23] - (.-.) - [6.96 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170618-2349.log
[MD5.FE126FED68E8A0C128F6F1A2403543C6] - |A| - [19/06/2017 09:20:01] - (.-.) - [6.24 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170619-0920.log
[MD5.8063FF1C1D5A277A7137180F9F4DBE97] - |A| - [19/06/2017 09:20:03] - (.-.) - [6.96 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170619-0920a.log
[MD5.DD579F6D4D3B5C4F93D255CFA8B31C39] - |A| - [19/06/2017 09:23:00] - (.-.) - [2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170619-0923.log
[MD5.C2D054979DCA7B31663C530EF0B79A4A] - |A| - [19/06/2017 09:35:21] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170619-0935.log
[MD5.745FE10DE742DF7D5CFB55C3B0369A7A] - |A| - [19/06/2017 09:49:23] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170619-0949.log
[MD5.33B11BA13A72F49582EBD9D337409958] - |A| - [19/06/2017 10:05:21] - (.-.) - [6.96 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170619-1005.log
[MD5.5BF22AEC48F665B6023E7A34AB4875E3] - |A| - [19/06/2017 10:35:21] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170619-1035.log
[MD5.ED5BF38A3962F8AD286297EF70BAC4D7] - |A| - [19/06/2017 15:38:12] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170619-1538.log
[MD5.8D54C90CF4A7F86BB17E3C8E32512BA9] - |A| - [19/06/2017 16:07:42] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170619-1607.log
[MD5.6EEC369B8981D727AA0828DD9164D9C9] - |A| - [19/06/2017 16:37:42] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170619-1637.log
[MD5.AF166C70592AA1E784F96D9C8F6A8003] - |A| - [19/06/2017 23:25:26] - (.-.) - [187.27 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170619-2325.log
[MD5.A629AF308C0FC44AFF3472798FB6C7FF] - |A| - [19/06/2017 23:40:53] - (.-.) - [6.96 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170619-2340.log
[MD5.14E8066D8C30F3D3163A039484805641] - |A| - [20/06/2017 00:10:52] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170620-0010.log
[MD5.B6C828D4F4F2CA480E9AD86B140B1218] - |A| - [20/06/2017 00:40:52] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170620-0040.log
[MD5.9C99952D2271E4EA408835A70078F04E] - |A| - [20/06/2017 09:27:56] - (.-.) - [170.37 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170620-0927.log
[MD5.FBEA7A39FD30CC18D79369A13807319B] - |A| - [20/06/2017 09:32:54] - (.-.) - [6.25 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170620-0932.log
[MD5.15F60EA593A2BA392923F658BDB7B299] - |A| - [20/06/2017 09:32:54] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170620-0932a.log
[MD5.92D9219722FF1711A528DF93D6E63F22] - |A| - [20/06/2017 09:44:02] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170620-0944.log
[MD5.F47E1FE557A07E5D20A4DFB1D507D8DE] - |A| - [20/06/2017 10:14:02] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170620-1014.log
[MD5.2E3D40D8783F0B0495BCD43118220AC0] - |A| - [20/06/2017 10:44:02] - (.-.) - [6.96 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170620-1044.log
[MD5.69C200E311131D1950EB1AF246CD2563] - |A| - [20/06/2017 22:51:24] - (.-.) - [89.01 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170620-2251.log
[MD5.350C3853350BB5F0E78F433320FB0AC7] - |A| - [20/06/2017 23:06:30] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170620-2306.log
[MD5.E06C225DDF0DCA137A2EC25093B96F65] - |A| - [20/06/2017 23:36:29] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170620-2336.log
[MD5.C34A7906F6B7050D1469E0950E2E13A4] - |A| - [21/06/2017 11:06:10] - (.-.) - [128.93 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170621-1106.log
[MD5.7DC88DE06F8EFE4623312657623C6BA8] - |A| - [21/06/2017 11:09:08] - (.-.) - [6.25 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170621-1109.log
[MD5.67060949EF26348AA7D461AA432A6BA8] - |A| - [21/06/2017 11:21:34] - (.-.) - [6.97 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170621-1121.log
[MD5.2E040DCDABFE0313CFB1685343F3551F] - |A| - [21/06/2017 11:51:34] - (.-.) - [6.94 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170621-1151.log
[MD5.A80C8F1E1060791FA09B8663FCDF2CC5] - |A| - [21/06/2017 12:21:34] - (.-.) - [6.96 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DESKTOP-CJSUH9G-20170621-1221.log
[MD5.00000000000000000000000000000000] - |D| - [21/06/2017 11:06:09] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_alternativeTrace
[MD5.00000000000000000000000000000000] - |D| - [21/06/2017 11:06:09] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_aot
[MD5.00000000000000000000000000000000] - |D| - [21/06/2017 11:06:09] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_diag
[MD5.00000000000000000000000000000000] - |D| - [21/06/2017 11:06:09] - [0 Ko] - C:\WINDOWS\Temp\DiagTrack_miniTrace
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [12/06/2017 11:02:44] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DMI27A4.tmp
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [12/06/2017 11:02:45] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\DMI27C5.tmp
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [12/06/2017 11:02:44] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSAPIDebugLogFile.txt
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [12/06/2017 11:02:44] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\FXSTIFFDebugLogFile.txt
[MD5.98759F1D82882C7E7818587616665DA8] - |A| - [12/06/2017 11:07:42] - (.-.) - [24.39 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\MpCmdRun.log
[MD5.00000000000000000000000000000000] - |D| - [12/06/2017 11:18:18] - [20 Ko] - C:\WINDOWS\Temp\NVIDIA Corporation
[MD5.00000000000000000000000000000000] - |D| - [12/06/2017 10:57:55] - [2344.65 Ko] - C:\WINDOWS\Temp\NvidiaLogging
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [12/06/2017 11:03:32] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(20170612110332FE0).log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [16/06/2017 03:49:17] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(201706160349173A70).log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/06/2017 10:13:06] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(20170618101306DD4).log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/06/2017 16:18:07] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(2017061816180710B4).log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [19/06/2017 23:25:27] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(20170619232527F6C).log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/06/2017 22:51:24] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(20170620225124F54).log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [21/06/2017 11:06:10] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\officeclicktorun.exe_streamserver(2017062111061010A4).log
[MD5.0B08DBF0D9990EA4E921217F0FFA6BFC] - |A| - [12/06/2017 10:57:44] - (.-.) - [382.54 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\StateRepository.log
[MD5.B13AF738AA8BE55154B2752979D76827] - |A| - [12/06/2017 11:02:20] - (.-.) - [0.2 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\temC792.tmp
[MD5.00000000000000000000000000000000] - |D| - [19/06/2017 16:00:33] - [0 Ko] - C:\WINDOWS\Temp\tmp000014f6
[MD5.00000000000000000000000000000000] - |D| - [20/06/2017 22:56:48] - [0 Ko] - C:\WINDOWS\Temp\tmp000021ae
[MD5.00000000000000000000000000000000] - |D| - [18/06/2017 13:28:18] - [0 Ko] - C:\WINDOWS\Temp\tmp0000524d
[MD5.00000000000000000000000000000000] - |D| - [17/06/2017 12:24:12] - [0 Ko] - C:\WINDOWS\Temp\tmp0000531b
[MD5.00000000000000000000000000000000] - |D| - [21/06/2017 22:21:41] - [5120 Ko] - C:\WINDOWS\Temp\tmp000054ef
[MD5.00000000000000000000000000000000] - |D| - [14/06/2017 12:19:58] - [0 Ko] - C:\WINDOWS\Temp\tmp00006578
[MD5.00000000000000000000000000000000] - |D| - [19/06/2017 23:30:56] - [0 Ko] - C:\WINDOWS\Temp\tmp00006dac
[MD5.447E8800A56F81D7D5E14414E9272849] - |A| - [16/06/2017 01:41:37] - (.-.) - [0.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_1396a5ab-33d3-42ce-9168-6aabaa3ea7c7.log
[MD5.718CC43CF9AB6C6C510EA0253A390A7F] - |A| - [20/06/2017 09:32:55] - (.-.) - [0.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_526b6159-3d5f-4635-a6a9-66fbad079b63.log
[MD5.FBE0DEFA3A8A828B29C96C1038684579] - |A| - [15/06/2017 01:41:37] - (.-.) - [0.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_5654a6e1-6e6c-4f75-b8bd-c6e0bca18331.log
[MD5.A09D19421CD7722283D24BEBFCA5E2D8] - |A| - [12/06/2017 11:13:39] - (.-.) - [0.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_5b9ff98f-ef22-489e-8f8f-74bf5b285a55.log
[MD5.F308A65206ABDECF4B9F4FC1F0ACA130] - |A| - [17/06/2017 11:23:33] - (.-.) - [0.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_5fb63130-6f4c-4352-b35b-772072d1efa2.log
[MD5.12EE31BA92C7D570F693F5959200B4BB] - |A| - [14/06/2017 10:39:47] - (.-.) - [0.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_943cce85-0fc8-4477-bd95-a11205f8c965.log
[MD5.6F785D6C97E898BD125A788666259AFD] - |A| - [13/06/2017 01:41:38] - (.-.) - [0.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_aa696caf-a210-4144-91d4-334e7b1782ad.log
[MD5.A36649D11EF40D306378289A3A0F70FE] - |A| - [19/06/2017 09:23:02] - (.-.) - [0.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_ba723934-5997-41dc-a943-d50efe63ed90.log
[MD5.EFF32920DD393AD15632C0CA0CA0049B] - |A| - [21/06/2017 11:09:09] - (.-.) - [0.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_d6a2214b-400b-4c64-82ef-8b33d0fceed0.log
[MD5.9E2F80BA36838F38512463B6B856D193] - |A| - [18/06/2017 10:16:05] - (.-.) - [0.56 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\VSIXInstaller_fec649f4-2f35-4810-93c6-aae7acc21163.log
[MD5.00000000000000000000000000000000] - |D| - [12/06/2017 11:00:07] - [8.59 Ko] - C:\WINDOWS\Temp\VulkanRT
[MD5.795690B61493664A9AD174B0154539AB] - |A| - [16/06/2017 13:43:27] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\WER1F11.tmp.WERDataCollectionStatus.txt
[MD5.2F805F781C6ABB9DDCED0CE021C92094] - |A| - [19/06/2017 23:28:49] - (.-.) - [0.09 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\WER76F7.tmp.WERDataCollectionStatus.txt
[MD5.FC1E8F863F777464345B4EF3F78AEB9C] - |A| - [14/06/2017 21:42:55] - (.-.) - [0.46 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\WER8C19.tmp.WERDataCollectionStatus.txt
[MD5.2F805F781C6ABB9DDCED0CE021C92094] - |A| - [18/06/2017 10:13:36] - (.-.) - [0.09 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\WERCAD2.tmp.WERDataCollectionStatus.txt
[MD5.83D216D27777D16F71FE0DCD7FA00609] - |A| - [12/06/2017 11:02:21] - (.-.) - [0.25 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\wmsetup.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/06/2017 10:13:06] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\{1A291EE0-CDB4-4660-980A-EF2B37E89650} - OProcSessId.dat
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/06/2017 22:51:23] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\{5FA09261-9B7C-422F-A4F0-644AA75B87DD} - OProcSessId.dat
[MD5.00000000000000000000000000000000] - |D| - [12/06/2017 10:58:53] - [0 Ko] - C:\WINDOWS\Temp\{70D8454B-3D73-4E21-A4C3-F6C8AA84F67B}
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [18/06/2017 16:18:07] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\{8E2724B8-EE43-4089-8F37-CD7C3D5F2F0A} - OProcSessId.dat
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [12/06/2017 11:03:32] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\{8F6E3844-C1F3-4D9C-AF43-D12CD1F8740E} - OProcSessId.dat
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [16/06/2017 03:49:17] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\{92530114-2588-4081-A791-E45009F70B22} - OProcSessId.dat
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [21/06/2017 11:06:10] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\{B13689FA-5CF1-4260-9D9A-0D25905F15D6} - OProcSessId.dat
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [19/06/2017 23:25:26] - (.-.) - [0 Ko] - (0.0.0.0) - C:\WINDOWS\Temp\{F3CAD8C2-4C41-4195-B619-71FC62127948} - OProcSessId.dat
[MD5.00000000000000000000000000000000] - |D| - [12/06/2017 11:00:08] - [0 Ko] - C:\WINDOWS\Temp\{F6B89B3B-BC0F-48ED-967C-33D90F2669CF}
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:57:44] - [0 Ko] - C:\WINDOWS\System32\0409
[MD5.00000000000000000000000000000000] - |D| - [02/09/2016 15:11:42] - [438.24 Ko] - C:\WINDOWS\System32\1033
[MD5.7A19613ED820018D106397542AC916A3] - |A| - [12/11/2016 12:04:18] - (.-.) - [0.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@ActionCenterToastIcon.png
[MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [04/06/2017 12:09:49] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@AudioToastIcon.png
[MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [04/06/2017 12:09:24] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@BackgroundAccessToastIcon.png
[MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [04/06/2017 12:10:07] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@bitlockertoastimage.png
[MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [04/06/2017 12:09:34] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@EnrollmentToastIcon.png
[MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [04/06/2017 12:10:11] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@language_notification_icon.png
[MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [04/06/2017 12:10:24] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@optionalfeatures.png
[MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [04/06/2017 12:10:32] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@VpnToastIcon.png
[MD5.7AC3EA1A5175106ED6467FF0C5315541] - |A| - [04/06/2017 12:10:47] - (.-.) - [14.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WiFiNotificationIcon.png
[MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [04/06/2017 12:09:34] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsHelloFaceToastIcon.png
[MD5.C64012612E82D6113101B9F961E13F1D] - |A| - [22/01/2017 13:55:24] - (.-.) - [1.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdate.240.png
[MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [04/06/2017 12:08:53] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WindowsUpdateToastIcon.png
[MD5.D0FCF781D0801ABF5F74B54E98076A5B] - |A| - [04/06/2017 12:09:25] - (.-.) - [0.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanNotificationIcon.png
[MD5.85D91E478AF18125007C531227FF6E59] - |A| - [04/06/2017 12:09:25] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\@WwanSimLockIcon.png
[MD5.4B8E7580CDD5FAAF1D36DD9CA66E447F] - |A| - [12/11/2016 12:04:18] - (.-.) - [1769.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ActionCenterWelcomeImage.png
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 10:16:48] - [2978.83 Ko] - C:\WINDOWS\System32\AdvancedInstallers
[MD5.E21E74D118E16FF9BA42A6F87F34E9B0] - |A| - [04/06/2017 12:10:50] - (.-.) - [435.67 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ApnDatabase.xml
[MD5.A4BBEC644DA95CE3F3A30F6D057D0526] - |A| - [31/08/2016 14:45:46] - (.-.) - [357.5 Ko] - (1.0.343.0) - C:\WINDOWS\System32\APOMgr64.DLL
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:03] - [0 Ko] - C:\WINDOWS\System32\AppLocker
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:03] - [2484.85 Ko] - C:\WINDOWS\System32\appraiser
[MD5.00000000000000000000000000000000] - |SD| - [05/06/2017 09:00:07] - [283.01 Ko] - C:\WINDOWS\System32\AppV
[MD5.376E4D84F716C5754BA2E110136E5310] - |A| - [18/06/2013 07:46:56] - (.-.) - [637.95 Ko] - (0.0.0.0) - C:\WINDOWS\System32\appverif.chm
[MD5.F94192B47ACA96AFFEBC1073891EBB42] - |A| - [22/01/2017 13:58:09] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AppVStreamingUX.exe.config
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:03] - [273.5 Ko] - C:\WINDOWS\System32\ar-SA
[MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [04/06/2017 12:09:18] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\WINDOWS\System32\AverageRoom.bin
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:03] - [256.5 Ko] - C:\WINDOWS\System32\bg-BG
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:03] - [4598.89 Ko] - C:\WINDOWS\System32\Boot
[MD5.B0197646706F92EE50283AC2E9BA62B2] - |A| - [11/07/2016 10:19:54] - (.Qualcomm Atheros Communications Inc. - Qualcomm Atheros Bluetooth Driver Coinstaller.) - [192.93 Ko] - (1.0.0.0) - C:\WINDOWS\System32\btcoinst.dll
[MD5.FA138A7D2F1EDFE17B4B552D20A573CB] - |A| - [11/07/2016 10:19:54] - (.© Qualcomm Atheros, Inc. - Atheros Bluetooth Module.) - [193.93 Ko] - (8.0.1.302) - C:\WINDOWS\System32\BtContextMenu.dll
[MD5.5DEF55AAE3813D1FBBFDFA09C3F399FB] - |A| - [11/07/2016 10:17:22] - (.© Qualcomm Atheros, Inc. - Atheros Bluetooth Module.) - [19.52 Ko] - (8.0.1.302) - C:\WINDOWS\System32\BtContextMenu.dll.muien-US
[MD5.B62FE02B3D13A03CCAFB4213922C6B3C] - |A| - [04/06/2017 12:09:54] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [180.5 Ko] - (1.0.0.1) - C:\WINDOWS\System32\BthpanContextHandler.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:03] - [0.1 Ko] - C:\WINDOWS\System32\Bthprops
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 10:16:43] - [36051.18 Ko] - C:\WINDOWS\System32\CatRoot
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:03] - [25908.33 Ko] - C:\WINDOWS\System32\catroot2
[MD5.EA7D86175238805B08A2148760843AD2] - |A| - [31/08/2016 14:45:50] - (.Copyright (c) 2015 Creative Technology Ltd. - Creative Host SoundCore Module.) - [369.95 Ko] - (1.0.9.0) - C:\WINDOWS\System32\ChezSC64.DLL
[MD5.D3D71F4E598421B77A58232B2BD60236] - |A| - [31/08/2016 14:45:46] - (.-.) - [87.5 Ko] - (1.0.64.0) - C:\WINDOWS\System32\CmdRtr64.DLL
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:03] - [3734.36 Ko] - C:\WINDOWS\System32\CodeIntegrity
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:03] - [358 Ko] - C:\WINDOWS\System32\Com
[MD5.9AD80558E13395E3E69CA8FAEED07874] - |A| - [12/01/2017 08:22:02] - (.2013 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [119.45 Ko] - (1.0.0.4) - C:\WINDOWS\System32\CONEQMSAPOGUILibrary.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 10:16:43] - [362570.25 Ko] - C:\WINDOWS\System32\config
[MD5.00000000000000000000000000000000] - |SD| - [04/06/2017 12:17:03] - [53.11 Ko] - C:\WINDOWS\System32\Configuration
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:03] - [306 Ko] - C:\WINDOWS\System32\cs-CZ
[MD5.00000000000000000000000000000000] - |D| - [14/05/2017 16:07:32] - [0 Ko] - C:\WINDOWS\System32\CustomSDB
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:03] - [300 Ko] - C:\WINDOWS\System32\da-DK
[MD5.5786FA8D2EA889A83B35F3CF31DDA681] - |A| - [04/06/2017 12:09:49] - (.-.) - [90.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DataStoreCacheDumpTool.exe
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:03] - [203.63 Ko] - C:\WINDOWS\System32\DDFs
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:03] - [339 Ko] - C:\WINDOWS\System32\de-DE
[MD5.618BA9E529EAB7E11DBA43469481835F] - |A| - [04/06/2017 12:09:18] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultHrtfs.bin
[MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [04/06/2017 12:17:10] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DefaultQuestions.json
[MD5.00000000000000000000000000000000] - |SD| - [04/06/2017 12:17:03] - [864.5 Ko] - C:\WINDOWS\System32\DiagSvcs
[MD5.706F32A0D5E6B92B7E7167AFD3DA8AB1] - |A| - [04/06/2017 12:10:00] - (.-.) - [90.75 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DiskSnapshot.conf
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 10:16:46] - [8646.7 Ko] - C:\WINDOWS\System32\Dism
[MD5.10080F7C9609DA368DD544E53CDBAF44] - |A| - [04/06/2017 12:09:18] - (.-.) - [1253.09 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicLong.bin
[MD5.DA82512B83F3E095D8F33497227A8ABA] - |A| - [04/06/2017 12:09:18] - (.-.) - [690.59 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicMedium.bin
[MD5.53D57AEA0AB2FE454603F4F094C69EF5] - |A| - [04/06/2017 12:09:18] - (.-.) - [409.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\DynamicShort.bin
[MD5.3E992F6F0CF22F13198FD31C781E36E9] - |A| - [04/06/2017 12:08:52] - (.-.) - [3.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\edgehtmlpluginpolicy.bin
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [335.5 Ko] - C:\WINDOWS\System32\el-GR
[MD5.65EE094289ADDF3B883FE1904707BED3] - |A| - [07/09/2016 12:33:21] - (.-.) - [22.66 Ko] - (0.0.0.0) - C:\WINDOWS\System32\emptyregdb.dat
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:57:44] - [0 Ko] - C:\WINDOWS\System32\en
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [243 Ko] - C:\WINDOWS\System32\en-GB
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [2412.5 Ko] - C:\WINDOWS\System32\en-US
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [328 Ko] - C:\WINDOWS\System32\es-ES
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [267 Ko] - C:\WINDOWS\System32\es-MX
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [239.5 Ko] - C:\WINDOWS\System32\et-EE
[MD5.00000000000000000000000000000000] - |SD| - [04/06/2017 12:17:04] - [29419.16 Ko] - C:\WINDOWS\System32\F12
[MD5.A62179F506C6FA573CA2D77293BEA792] - |A| - [04/06/2017 12:09:34] - (.-.) - [963 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceProcessor.dll
[MD5.B8020205F6519E9BA897CFBECC38A214] - |A| - [04/06/2017 12:09:34] - (.-.) - [307.72 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceProcessorCore.dll
[MD5.A979310C666D03AB6424B9BF7D7EA9F4] - |A| - [04/06/2017 12:09:34] - (.-.) - [1321.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FaceTrackerInternal.dll
[MD5.D12E48340EF1452B111135B8DB48555E] - |A| - [04/06/2017 12:08:53] - (.-.) - [54.2 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FeatureToastHeroImg.jpg
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [305.5 Ko] - C:\WINDOWS\System32\fi-FI
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [3378.04 Ko] - C:\WINDOWS\System32\Fluency
[MD5.22A3CEDAF01B2982BF27076CDA740A20] - |A| - [12/06/2017 10:57:16] - (.-.) - [383.29 Ko] - (0.0.0.0) - C:\WINDOWS\System32\FNTCACHE.DAT
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:57:44] - [3490 Ko] - C:\WINDOWS\System32\fr
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [274 Ko] - C:\WINDOWS\System32\fr-CA
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [46587.35 Ko] - C:\WINDOWS\System32\fr-FR
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\System32\FxsTmp
[MD5.D07F2281427BD098356EE74B6CB26B86] - |A| - [04/06/2017 12:10:38] - (.-.) - [89 Ko] - (0.0.0.0) - C:\WINDOWS\System32\gatherNetworkInfo.vbs
[MD5.00000000000000000000000000000000] - |HD| - [30/10/2015 09:24:25] - [0 Ko] - C:\WINDOWS\System32\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [30/10/2015 09:24:25] - [0 Ko] - C:\WINDOWS\System32\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [261 Ko] - C:\WINDOWS\System32\he-IL
[MD5.6BCB92AF6D8A16413D8B8156C0FE363A] - |A| - [04/06/2017 12:09:29] - (.-.) - [191.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HeatCore.dll
[MD5.2CA6815CA36F5E8EF6B8AACDED8BF387] - |A| - [14/05/2017 16:02:56] - (.-.) - [13.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\HolographicShareInterop.ProxyStub.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [249.5 Ko] - C:\WINDOWS\System32\hr-HR
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [309.5 Ko] - C:\WINDOWS\System32\hu-HU
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 09:00:07] - [43593.36 Ko] - C:\WINDOWS\System32\Hydrogen
[MD5.A565537F1580872AE5B95D0CA457D780] - |A| - [04/06/2017 12:09:18] - (.-.) - [44.4 Ko] - (0.0.0.0) - C:\WINDOWS\System32\hypervisor.mof
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [5.36 Ko] - C:\WINDOWS\System32\ias
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [36.27 Ko] - C:\WINDOWS\System32\icsxml
[MD5.CFC3D294BB66C9166DA528AFDAF7108C] - |RA| - [04/06/2017 12:09:30] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1856 Ko] - (59.1.0.0) - C:\WINDOWS\System32\icuin.dll
[MD5.EAFD306A7DCF045AD7465A1514EABD58] - |RA| - [04/06/2017 12:09:30] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1309.5 Ko] - (59.1.0.0) - C:\WINDOWS\System32\icuuc.dll
[MD5.9858F662B1F5702868063FBAE0E85495] - |A| - [04/06/2017 12:09:18] - (.-.) - [168 Ko] - (0.0.0.0) - C:\WINDOWS\System32\IHDS.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [24809.17 Ko] - C:\WINDOWS\System32\IME
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\System32\inetsrv
[MD5.BE297449521DFA5C095EBE92C0BF8277] - |A| - [04/06/2017 12:09:25] - (.-.) - [142.79 Ko] - (0.0.0.0) - C:\WINDOWS\System32\InputHost.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [6416.5 Ko] - C:\WINDOWS\System32\InputMethod
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\System32\Ipmi
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [330.5 Ko] - C:\WINDOWS\System32\it-IT
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [243.74 Ko] - C:\WINDOWS\System32\ja-jp
[MD5.130FC8FF1680EF79A3B9166ACECC63C4] - |A| - [23/07/2015 16:03:16] - (.Copyright (C) 2013 Qualcomm Atheros, Inc. - StreamBoost Command Line Utility.) - [92.5 Ko] - (9.0.0.4) - C:\WINDOWS\System32\kstat.exe
[MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [04/06/2017 12:09:18] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LargeRoom.bin
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [79.4 Ko] - C:\WINDOWS\System32\Licenses
[MD5.A74E921318FD929E31114E52E3F27682] - |A| - [14/05/2017 16:03:05] - (.-.) - [30 Ko] - (0.0.0.0) - C:\WINDOWS\System32\LockdownUtil.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [29678.66 Ko] - C:\WINDOWS\System32\LogFiles
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [245 Ko] - C:\WINDOWS\System32\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [246.5 Ko] - C:\WINDOWS\System32\lv-LV
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [29382.94 Ko] - C:\WINDOWS\System32\Macromed
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:59:15] - [32.68 Ko] - C:\WINDOWS\System32\MailContactsCalendarSync
[MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [04/06/2017 12:13:01] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\WINDOWS\System32\manage-bde.wsf
[MD5.88FCE80352CB441B937B843221CF24CE] - |A| - [12/01/2017 08:24:30] - (.Copyright (c) 2006-2016 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [1933.27 Ko] - (1.2.16.131) - C:\WINDOWS\System32\MBAPO264.dll
[MD5.01409C36EAE864B98A5F3B4DA6E20F0E] - |A| - [31/08/2016 14:45:50] - (.Copyright (C) 2014 -.) - [40.13 Ko] - (1.21.0.0) - C:\WINDOWS\System32\MBCfg64.dll
[MD5.F55DC8BFC0B4EEBA996FA297817CC682] - |A| - [31/08/2016 14:45:50] - (.Copyright (c) 2009 Creative Technology Ltd. -.) - [144.63 Ko] - (0.0.0.6) - C:\WINDOWS\System32\MBCfg64.exe
[MD5.ECAFE77AD598305FF72CEEB72F14B6B4] - |A| - [31/08/2016 14:45:50] - (.-.) - [20.21 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBCfg64.ini
[MD5.7738CDD88DA87E2F48D0ADE6FD18C701] - |A| - [31/08/2016 14:45:50] - (.-.) - [6.8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBCfgUninstall64.ini
[MD5.884070100DE2CAAAB78E8943CD55DE47] - |A| - [04/06/2017 12:10:32] - (.-.) - [773.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MBR2GPT.EXE
[MD5.0C179DA9BDF84A8F99A27357DFFA5D97] - |A| - [12/01/2017 08:24:56] - (.Copyright (c) 2006-2010 Creative Technology Ltd. - Audio Processing Object Chaining Module.) - [400.41 Ko] - (1.0.0.270) - C:\WINDOWS\System32\MBWrp64.dll
[MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [04/06/2017 12:09:18] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\WINDOWS\System32\MediumRoom.bin
[MD5.00000000000000000000000000000000] - |D| - [12/06/2017 11:47:22] - [1111.36 Ko] - C:\WINDOWS\System32\Microsoft
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [6718.19 Ko] - C:\WINDOWS\System32\migration
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [46746.5 Ko] - C:\WINDOWS\System32\migwiz
[MD5.00000000000000000000000000000000] - |D| - [05/02/2016 18:27:19] - [0 Ko] - C:\WINDOWS\System32\MRT
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [45.5 Ko] - C:\WINDOWS\System32\MSDRM
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [4596.28 Ko] - C:\WINDOWS\System32\MsDtc
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [19.15 Ko] - C:\WINDOWS\System32\MUI
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [294.5 Ko] - C:\WINDOWS\System32\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [768 Ko] - C:\WINDOWS\System32\NDF
[MD5.7866C0D1556D025028D55FA094383E28] - |A| - [24/05/2017 23:12:13] - (.-.) - [153.98 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetSetupMig.log
[MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [04/06/2017 12:10:38] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NetTrace.PLA.Diagnostics.xml
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [51 Ko] - C:\WINDOWS\System32\networklist
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [316.5 Ko] - C:\WINDOWS\System32\nl-NL
[MD5.00000000000000000000000000000000] - |SD| - [04/06/2017 12:17:04] - [3781.5 Ko] - C:\WINDOWS\System32\Nui
[MD5.A1AEDB9202950B42A3FAFBA2CFFB8B2F] - |A| - [25/05/2017 01:06:51] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nv-vk64.json
[MD5.4BD619DF00512BA8D418A2F86C7C9E80] - |A| - [24/05/2017 23:12:45] - (.-.) - [7805.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvcoproc.bin
[MD5.B5131B34E4D34903D0C13AFCC2D7A045] - |A| - [25/05/2017 01:06:52] - (.-.) - [44 Ko] - (0.0.0.0) - C:\WINDOWS\System32\nvinfo.pb
[MD5.B91130A2233A07C82FC6104092130EC9] - |A| - [31/08/2016 13:51:28] - (.-.) - [118.62 Ko] - (0.0.0.0) - C:\WINDOWS\System32\NvRtmpStreamer64.dll
[MD5.C5F066C17D01CD3E825768CC2CE19080] - |A| - [04/06/2017 12:17:10] - (.-.) - [15.7 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OEMDefaultAssociations.xml
[MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [04/06/2017 12:08:53] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-black.png
[MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [04/06/2017 12:08:53] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.contrast-white.png
[MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [04/06/2017 12:08:53] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OkDone_80.png
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [13450.13 Ko] - C:\WINDOWS\System32\oobe
[MD5.CBA0E6C59D7DEFE8B6D423B778B5AF6A] - |A| - [31/08/2016 14:45:43] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [120.59 Ko] - (6.14.357.25) - C:\WINDOWS\System32\OpenAL32.dll
[MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [04/06/2017 12:09:18] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\WINDOWS\System32\OutdoorAudioEnvironment.bin
[MD5.652F1F54E573AF4D59E0AE658376D077] - |A| - [11/02/2011 23:23:34] - (.Copyright © 2005-2010 CACE Technologies. Copyright © 1999-2005 NetGroup, Politecnico di Torino. - packet.dll (Vista) Dynamic Link Library.) - [103.52 Ko] - (4.1.0.2001) - C:\WINDOWS\System32\Packet.dll
[MD5.3AC4353474EAFDA1639605BE671BD3EC] - |A| - [04/06/2017 12:18:32] - (.-.) - [196.23 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc009.dat
[MD5.6BDE8549B73DB46A4DD95DC4DD8302EB] - |A| - [05/06/2017 08:57:48] - (.-.) - [223.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfc00C.dat
[MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [04/06/2017 12:18:32] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd009.dat
[MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [05/06/2017 08:57:48] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfd00C.dat
[MD5.BA85BF63A9EA4C1C796FB456A5B1C40B] - |A| - [04/06/2017 12:18:32] - (.-.) - [821.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh009.dat
[MD5.8BB65B2BB4A9C595B2F9C7BB5A3B24DC] - |A| - [05/06/2017 08:57:48] - (.-.) - [1014.12 Ko] - (0.0.0.0) - C:\WINDOWS\System32\perfh00C.dat
[MD5.7492711432D4686C43C63D77A62EFDE6] - |A| - [12/06/2017 11:00:42] - (.-.) - [2258.87 Ko] - (0.0.0.0) - C:\WINDOWS\System32\PerfStringBackup.INI
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [315 Ko] - C:\WINDOWS\System32\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [657.5 Ko] - C:\WINDOWS\System32\PointOfService
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:57:45] - [420.42 Ko] - C:\WINDOWS\System32\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\System32\ProximityToast
[MD5.007893E8374C766471239EB291BA8C17] - |A| - [04/06/2017 12:10:42] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\WINDOWS\System32\psmodulediscoveryprovider.mof
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [317.5 Ko] - C:\WINDOWS\System32\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [312 Ko] - C:\WINDOWS\System32\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [23.75 Ko] - C:\WINDOWS\System32\ras
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\System32\RasToast
[MD5.E713275BCE55BBE5B7E4B37D482C66F7] - |A| - [12/04/2016 07:20:52] - (.Copyright © 2014 Razer Inc. All rights reserved - RazerCoinstaller.) - [93.16 Ko] - (0.0.0.5) - C:\WINDOWS\System32\RazerCoinstaller.dll
[MD5.AF37024A8772B27534CDACEA0CE9623B] - |A| - [04/06/2017 12:11:52] - (.Copyright (C) 2009 - RemoteFX Helper.) - [104.5 Ko] - (1.1.0.0) - C:\WINDOWS\System32\RDVGHelper.exe
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [2.18 Ko] - C:\WINDOWS\System32\Recovery
[MD5.692DC6EF573FFCDD9DFB55D1C783DB93] - |A| - [04/06/2017 12:09:18] - (.-.) - [0.16 Ko] - (0.0.0.0) - C:\WINDOWS\System32\removehypervisor.mof
[MD5.BAC57A0212EE3710C850707EBC300740] - |A| - [04/06/2017 12:10:47] - (.-.) - [8.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriHMImageList
[MD5.6CD8E7E1BEB75C2D477A3E03273175A3] - |A| - [04/06/2017 12:10:47] - (.-.) - [8.36 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ResPriImageList
[MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [04/06/2017 12:08:53] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-black.png
[MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [04/06/2017 12:08:53] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.contrast-white.png
[MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [04/06/2017 12:08:53] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\WINDOWS\System32\RestartNowPower_80.png
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0.07 Ko] - C:\WINDOWS\System32\restore
[MD5.4D88B78AE925A70A8AF0AF05D5503F89] - |A| - [12/01/2017 08:25:06] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [314.17 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DAA64.dll
[MD5.D4ACC7498D5C472B979BAFA80FE0CAC5] - |A| - [12/01/2017 08:25:06] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [314.17 Ko] - (6.0.6001.18) - C:\WINDOWS\System32\RP3DHT64.dll
[MD5.EABD549516BF670A684743EEE6A1ADA9] - |A| - [31/08/2016 13:45:04] - (.Copyright (C) 2014 - RtCRX.) - [81.21 Ko] - (1.11.9600.0) - C:\WINDOWS\System32\RtCRX64.dll
[MD5.F6F1A7C7BF422A5EF9DBD0C8B7F4A3CD] - |A| - [12/01/2017 08:25:16] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [209.8 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEED64A.dll
[MD5.94B8836A23BFDBFC945BDB1F7C7FFB92] - |A| - [12/01/2017 08:25:18] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [86.27 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEG64A.dll
[MD5.6CE89C5EDC85AB80E5A2128215586A9D] - |A| - [12/01/2017 08:25:20] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [108.38 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEL64A.dll
[MD5.E6F1F5B98D01FEC2D02441031F57A449] - |A| - [12/01/2017 08:25:24] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [378.23 Ko] - (6.1.6001.33) - C:\WINDOWS\System32\RTEEP64A.dll
[MD5.4209D345D5345C2349F21B1DFF85179E] - |A| - [04/06/2017 12:09:57] - (.-.) - [95.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\runexehelper.exe
[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [04/06/2017 12:12:56] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScavengeSpace.xml
[MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [04/06/2017 12:08:53] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-black.png
[MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [04/06/2017 12:08:53] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.contrast-white.png
[MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [04/06/2017 12:08:53] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ScheduleTime_80.png
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [6.92 Ko] - C:\WINDOWS\System32\SecureBootUpdates
[MD5.93B9AD38F583F4096DF9F4454641F8DD] - |A| - [31/08/2016 14:45:42] - (.Copyright © 2015 Creative - OpenAL Host Implementation.) - [1854 Ko] - (2.2.20.3085) - C:\WINDOWS\System32\Sens_oal.dll
[MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [04/06/2017 12:10:44] - (.-.) - [8 Ko] - (0.0.0.0) - C:\WINDOWS\System32\settings.dat
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [253.5 Ko] - C:\WINDOWS\System32\sk-SK
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [249.5 Ko] - C:\WINDOWS\System32\sl-SI
[MD5.00000000000000000000000000000000] - |D| - [12/06/2017 10:57:17] - [3655.43 Ko] - C:\WINDOWS\System32\SleepStudy
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:57:45] - [52.14 Ko] - C:\WINDOWS\System32\slmgr
[MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [04/06/2017 12:09:18] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SmallRoom.bin
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 10:16:43] - [12617.02 Ko] - C:\WINDOWS\System32\SMI
[MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [04/06/2017 12:08:53] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-black.png
[MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [04/06/2017 12:08:53] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.contrast-white.png
[MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [04/06/2017 12:08:53] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Snooze_80.png
[MD5.093DA88CC824923845A96BF261EFF064] - |A| - [04/06/2017 12:10:49] - (.-.) - [37 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SpectrumSyncClient.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [7483.83 Ko] - C:\WINDOWS\System32\Speech
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [12398.16 Ko] - C:\WINDOWS\System32\Speech_OneCore
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [207883.53 Ko] - C:\WINDOWS\System32\spool
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [15431.87 Ko] - C:\WINDOWS\System32\spp
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [31.88 Ko] - C:\WINDOWS\System32\sppui
[MD5.00000000000000000000000000000000] - |D| - [08/01/2017 16:50:41] - [0 Ko] - C:\WINDOWS\System32\sr-Latn-CS
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [252 Ko] - C:\WINDOWS\System32\sr-Latn-RS
[MD5.047BCF71FB0E5EC754437879E8DAA7F6] - |A| - [04/06/2017 12:10:32] - (.-.) - [56.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\srms.dat
[MD5.29DE1516F330801F9AB9DFFA668AC157] - |A| - [12/01/2017 08:26:20] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [204.62 Ko] - (1.1.0.0) - C:\WINDOWS\System32\SRSHP64.dll
[MD5.41C48D54A3484F0F3B686DED783894C2] - |A| - [12/01/2017 08:26:20] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [216.76 Ko] - (1.1.4.0) - C:\WINDOWS\System32\SRSTSH64.dll
[MD5.39D486B5903E487352942D4897E8D040] - |A| - [12/01/2017 08:26:22] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [519.9 Ko] - (3.2.0.0) - C:\WINDOWS\System32\SRSTSX64.dll
[MD5.5688F913B9BBD92446D8C440A7692D02] - |A| - [12/01/2017 08:26:24] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [162.3 Ko] - (1.1.3.0) - C:\WINDOWS\System32\SRSWOW64.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [40024 Ko] - C:\WINDOWS\System32\sru
[MD5.ED78326317227373177C3DA1E7ACEC75] - |A| - [04/06/2017 12:09:17] - (.-.) - [409.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\ssdm.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [301 Ko] - C:\WINDOWS\System32\sv-SE
[MD5.20C4FE2B130D9F0C92D7629E71AFBB66] - |A| - [04/06/2017 12:11:48] - (.-.) - [1.68 Ko] - (0.0.0.0) - C:\WINDOWS\System32\SyncAppvPublishingServer.vbs
[MD5.788F7214EAF9494BA7D6637A00F85712] - |A| - [25/01/2017 22:21:24] - (.Copyright (C) Synaptics Incorporated 1996-2017 - SynCOM.) - [793.59 Ko] - (19.3.4.66) - C:\WINDOWS\System32\SynCOM.dll
[MD5.9194330CDC242B4F1B9255C1AC2891E3] - |A| - [25/01/2017 22:21:40] - (.Copyright (C) Synaptics Incorporated 1996-2017 - SynTPAPI.) - [281.09 Ko] - (19.3.4.66) - C:\WINDOWS\System32\SynTPAPI.dll
[MD5.7F32B615B3D219EA2085A3A31DB38504] - |A| - [21/08/2016 09:34:28] - (.Copyright (C) Synaptics Incorporated 1996-2016 - Synaptics Pointing Device Driver Co-Installer.) - [327.62 Ko] - (19.3.4.31) - C:\WINDOWS\System32\SynTPCo50-3.dll
[MD5.B16743A405831A133073236D57AD8409] - |A| - [25/01/2017 22:21:40] - (.Copyright (C) Synaptics Incorporated 1996-2017 - Synaptics Pointing Device Driver Co-Installer.) - [343.59 Ko] - (19.3.4.66) - C:\WINDOWS\System32\SynTPCo50-7.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 10:16:46] - [1266.79 Ko] - C:\WINDOWS\System32\Sysprep
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [905.78 Ko] - C:\WINDOWS\System32\SystemResetPlatform
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [602.5 Ko] - C:\WINDOWS\System32\Tasks
[MD5.00000000000000000000000000000000] - |D| - [14/05/2017 16:07:33] - [599.68 Ko] - C:\WINDOWS\System32\Tasks_Migrated
[MD5.D602CA245CC6774A0981B607F0675609] - |A| - [04/06/2017 12:10:29] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\tcpmon.ini
[MD5.00000000000000000000000000000000] - |D| - [22/12/2016 01:09:44] - [0 Ko] - C:\WINDOWS\System32\temp
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [234.5 Ko] - C:\WINDOWS\System32\th-TH
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [298 Ko] - C:\WINDOWS\System32\tr-TR
[MD5.B88B8D017386A00D7724519F475317A0] - |A| - [04/06/2017 12:10:47] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlan.xslt
[MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [04/06/2017 12:10:47] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\WINDOWS\System32\TransformPPSToWlanCredentials.xslt
[MD5.D200497DD3A24F138123F0EB6C385D1D] - |A| - [04/06/2017 12:11:48] - (.-.) - [0.14 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UevAppMonitor.exe.config
[MD5.4AAEE8D86EC81DA2A1514ABC77E71F57] - |A| - [04/06/2017 12:11:48] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\WINDOWS\System32\UevCustomActionTypes.tlb
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [247.5 Ko] - C:\WINDOWS\System32\uk-UA
[MD5.00000000000000000000000000000000] - |SD| - [04/06/2017 12:17:04] - [4984.64 Ko] - C:\WINDOWS\System32\UNP
[MD5.4E8F2BB3A5A87E75C35533723B50E685] - |A| - [02/06/2017 13:12:29] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\WINDOWS\System32\user_gensett.xml
[MD5.6632EC0848E7C2745695C9FC25416789] - |A| - [10/03/2017 23:17:14] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [524.28 Ko] - (1.0.42.1) - C:\WINDOWS\System32\vulkan-1-1-0-42-1.dll
[MD5.6632EC0848E7C2745695C9FC25416789] - |A| - [12/06/2017 11:00:07] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [524.28 Ko] - (1.0.42.1) - C:\WINDOWS\System32\vulkan-1.dll
[MD5.5D71BF91F7F8760097BE36B38B76BB09] - |A| - [10/03/2017 23:17:10] - (.-.) - [248.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo-1-1-0-42-1.exe
[MD5.5D71BF91F7F8760097BE36B38B76BB09] - |A| - [12/06/2017 11:00:07] - (.-.) - [248.28 Ko] - (0.0.0.0) - C:\WINDOWS\System32\vulkaninfo.exe
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [95511.08 Ko] - C:\WINDOWS\System32\wbem
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:57:45] - [0 Ko] - C:\WINDOWS\System32\WCN
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [169383.6 Ko] - C:\WINDOWS\System32\WDI
[MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [04/06/2017 12:09:52] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WdsUnattendTemplate.xml
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [99 Ko] - C:\WINDOWS\System32\WinBioDatabase
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [80562.89 Ko] - C:\WINDOWS\System32\WinBioPlugIns
[MD5.F66655C2083B5645D4A0FA818BAD9E41] - |A| - [04/06/2017 12:09:29] - (.-.) - [102 Ko] - (0.0.0.0) - C:\WINDOWS\System32\WindowsDefaultHeatProcessor.dll
[MD5.00000000000000000000000000000000] - |RSD| - [12/09/2016 23:16:49] - [73.16 Ko] - C:\WINDOWS\System32\WindowsDevicePortal
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [10533.76 Ko] - C:\WINDOWS\System32\WindowsPowerShell
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [100092 Ko] - C:\WINDOWS\System32\winevt
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [5083.52 Ko] - C:\WINDOWS\System32\WinMetadata
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:57:45] - [107.53 Ko] - C:\WINDOWS\System32\winrm
[MD5.A2473CC88ABA67391CE7929E5C69E767] - |A| - [11/02/2011 23:23:34] - (.Copyright © 2005-2010 CACE Technologies. Copyright © 1999-2005 NetGroup, Politecnico di Torino. - wpcap.dll Dynamic Link Library - based on libpcap 1.0rel0b branch (20091008).) - [360.52 Ko] - (4.1.0.2001) - C:\WINDOWS\System32\wpcap.dll
[MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [04/06/2017 12:10:47] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpcmon.png
[MD5.B6B479B04C64AF5EF36C24EBDF278302] - |A| - [04/06/2017 12:09:57] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\WINDOWS\System32\wpr.config.xml
[MD5.53C8A36CA0BAE29BB67B1AC97D748744] - |A| - [31/08/2016 14:45:43] - (.Copyright © 2008 - OpenAL32.) - [455.59 Ko] - (2.2.0.7) - C:\WINDOWS\System32\wrap_oal.dll
[MD5.FBBF9B29BC65C3C5B7D5D5F3F02B05A4] - |A| - [04/06/2017 12:09:25] - (.-.) - [83.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xboxgipsynthetic.dll
[MD5.1897358EF9BA691BB0747D4891B36478] - |A| - [13/09/2016 13:18:57] - (.-.) - [167.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xvid.ax
[MD5.84435F1BA5148814FCF1B3CC06EBCDDD] - |A| - [13/09/2016 13:18:57] - (.-.) - [696.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xvidcore.dll
[MD5.D44A4DA65F4204BA1AAEBAEA97A83E2A] - |A| - [13/09/2016 13:18:57] - (.-.) - [245.5 Ko] - (0.0.0.0) - C:\WINDOWS\System32\xvidvfw.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [241.04 Ko] - C:\WINDOWS\System32\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [08/01/2017 16:50:41] - [6.5 Ko] - C:\WINDOWS\System32\zh-HK
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [206.5 Ko] - C:\WINDOWS\System32\zh-TW
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:57:45] - [0 Ko] - C:\WINDOWS\SysWOW64\0409
[MD5.00000000000000000000000000000000] - |D| - [02/09/2016 15:11:42] - [437.74 Ko] - C:\WINDOWS\SysWOW64\1033
[MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [04/06/2017 12:10:59] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@AudioToastIcon.png
[MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [04/06/2017 12:11:00] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@EnrollmentToastIcon.png
[MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [04/06/2017 12:11:23] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\@VpnToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 10:16:48] - [1996.33 Ko] - C:\WINDOWS\SysWOW64\AdvancedInstallers
[MD5.B2805AD4203437489E22ADAF245DF56F] - |A| - [31/08/2016 14:45:46] - (.-.) - [268.5 Ko] - (1.0.343.0) - C:\WINDOWS\SysWOW64\APOMngr.DLL
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\SysWOW64\AppLocker
[MD5.376E4D84F716C5754BA2E110136E5310] - |A| - [18/06/2013 05:23:20] - (.-.) - [637.95 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\appverif.chm
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [255 Ko] - C:\WINDOWS\SysWOW64\ar-SA
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [235 Ko] - C:\WINDOWS\SysWOW64\bg-BG
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0.1 Ko] - C:\WINDOWS\SysWOW64\Bthprops
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\SysWOW64\catroot
[MD5.DC82758128A9A46C10C323B4D65645E9] - |A| - [31/08/2016 14:45:50] - (.Copyright (c) 2015 Creative Technology Ltd. - Creative Host SoundCore Module.) - [321.95 Ko] - (1.0.9.0) - C:\WINDOWS\SysWOW64\ChezSC32.DLL
[MD5.07FBB2936DC5179CE84DD4ABD0135EAD] - |A| - [01/12/2016 20:49:52] - (.Copyright (C) 2004/05 Sony DADC Austria AG - SecuROM Context-Menu for Explorer..) - [96 Ko] - (1.0.201.0) - C:\WINDOWS\SysWOW64\CmdLineExt.dll
[MD5.B0CCA4201C2252F4246AE656550023B3] - |A| - [31/08/2016 14:45:46] - (.-.) - [72.5 Ko] - (1.0.64.0) - C:\WINDOWS\SysWOW64\CmdRtr.DLL
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [314.5 Ko] - C:\WINDOWS\SysWOW64\Com
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [359.66 Ko] - C:\WINDOWS\SysWOW64\config
[MD5.00000000000000000000000000000000] - |SD| - [04/06/2017 12:17:04] - [53.11 Ko] - C:\WINDOWS\SysWOW64\Configuration
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [280.5 Ko] - C:\WINDOWS\SysWOW64\cs-CZ
[MD5.00000000000000000000000000000000] - |D| - [14/05/2017 16:07:33] - [0 Ko] - C:\WINDOWS\SysWOW64\CustomSDB
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [275.5 Ko] - C:\WINDOWS\SysWOW64\da-DK
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [312 Ko] - C:\WINDOWS\SysWOW64\de-DE
[MD5.00000000000000000000000000000000] - |SD| - [04/06/2017 12:17:04] - [200.5 Ko] - C:\WINDOWS\SysWOW64\DiagSvcs
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [6782.7 Ko] - C:\WINDOWS\SysWOW64\Dism
[MD5.5F03751852D2C7F5DAB6615C541DE833] - |A| - [28/11/2016 17:11:56] - (.Copyright © EasyAntiCheat Ltd 2016 - EasyAntiCheat Service.) - [374.04 Ko] - (4.0.0.0) - C:\WINDOWS\SysWOW64\EasyAntiCheat.exe
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [307 Ko] - C:\WINDOWS\SysWOW64\el-GR
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:57:45] - [0 Ko] - C:\WINDOWS\SysWOW64\en
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [223.5 Ko] - C:\WINDOWS\SysWOW64\en-GB
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [1657.5 Ko] - C:\WINDOWS\SysWOW64\en-US
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [301 Ko] - C:\WINDOWS\SysWOW64\es-ES
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [245.5 Ko] - C:\WINDOWS\SysWOW64\es-MX
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [220.5 Ko] - C:\WINDOWS\SysWOW64\et-EE
[MD5.00000000000000000000000000000000] - |SD| - [04/06/2017 12:17:04] - [25133.66 Ko] - C:\WINDOWS\SysWOW64\F12
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [280 Ko] - C:\WINDOWS\SysWOW64\fi-FI
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:57:45] - [3150.5 Ko] - C:\WINDOWS\SysWOW64\fr
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [251 Ko] - C:\WINDOWS\SysWOW64\fr-CA
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [38321.32 Ko] - C:\WINDOWS\SysWOW64\fr-FR
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\SysWOW64\FxsTmp
[MD5.9294C2F08E4EFF02323F7D634CAE3C6F] - |A| - [31/08/2016 14:21:43] - (.-.) - [9.03 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\Gms.log
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\SysWOW64\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [243.5 Ko] - C:\WINDOWS\SysWOW64\he-IL
[MD5.3653660E7B36DFC8EC9115F97D28BA26] - |A| - [04/06/2017 12:10:53] - (.-.) - [170 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\HeatCore.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [229.5 Ko] - C:\WINDOWS\SysWOW64\hr-HR
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [283 Ko] - C:\WINDOWS\SysWOW64\hu-HU
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [36.27 Ko] - C:\WINDOWS\SysWOW64\icsxml
[MD5.F804CB6E3D071739C291C54C63D07933] - |RA| - [04/06/2017 12:10:57] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N DLL.) - [1602.5 Ko] - (59.1.0.0) - C:\WINDOWS\SysWOW64\icuin.dll
[MD5.751EF942C6D9BD4FFE59EEFFCD67C8D1] - |RA| - [04/06/2017 12:10:57] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common DLL.) - [1131 Ko] - (59.1.0.0) - C:\WINDOWS\SysWOW64\icuuc.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [20710.67 Ko] - C:\WINDOWS\SysWOW64\IME
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\SysWOW64\inetsrv
[MD5.A4001C78F2806662B3BD91ACB44E6330] - |A| - [22/12/2016 01:28:07] - (.-.) - [0.04 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\initdebug.nfo
[MD5.3A019717FEC47184FEFD2F2513E97982] - |A| - [04/06/2017 12:10:56] - (.-.) - [119.58 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\InputHost.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [218.5 Ko] - C:\WINDOWS\SysWOW64\InputMethod
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [1160 Ko] - C:\WINDOWS\SysWOW64\InstallShield
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\SysWOW64\Ipmi
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [304.5 Ko] - C:\WINDOWS\SysWOW64\it-IT
[MD5.EED4AE909ACEDFBC108EF83E7FC30632] - |A| - [12/01/2017 08:24:24] - (.Copyright (c) 2006-2016 Creative Technology Ltd. - Creative Audio Processing Object Module.) - [1705.27 Ko] - (1.2.16.131) - C:\WINDOWS\SysWOW64\MBAPO232.dll
[MD5.20FD18FE9EA2612ED9B421064D69F3D8] - |A| - [31/08/2016 14:45:50] - (.Copyright (C) 2014 -.) - [37.13 Ko] - (1.21.0.0) - C:\WINDOWS\SysWOW64\MBCfg32.dll
[MD5.7391C842DFF4D7ACCA1B3C38486178E8] - |A| - [31/08/2016 14:45:50] - (.Copyright (c) 2009 Creative Technology Ltd. -.) - [135.63 Ko] - (0.0.0.6) - C:\WINDOWS\SysWOW64\MBCfg32.exe
[MD5.ECAFE77AD598305FF72CEEB72F14B6B4] - |A| - [31/08/2016 14:45:50] - (.-.) - [20.21 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\MBCfg32.ini
[MD5.7738CDD88DA87E2F48D0ADE6FD18C701] - |A| - [31/08/2016 14:45:50] - (.-.) - [6.8 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\MBCfgUninstall32.ini
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [2945.08 Ko] - C:\WINDOWS\SysWOW64\migration
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [811.33 Ko] - C:\WINDOWS\SysWOW64\migwiz
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [45.5 Ko] - C:\WINDOWS\SysWOW64\MSDRM
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [52.28 Ko] - C:\WINDOWS\SysWOW64\Msdtc
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [19.15 Ko] - C:\WINDOWS\SysWOW64\MUI
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [271 Ko] - C:\WINDOWS\SysWOW64\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\SysWOW64\NDF
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [51 Ko] - C:\WINDOWS\SysWOW64\networklist
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [290.5 Ko] - C:\WINDOWS\SysWOW64\nl-NL
[MD5.00000000000000000000000000000000] - |SD| - [04/06/2017 12:17:04] - [3781.5 Ko] - C:\WINDOWS\SysWOW64\Nui
[MD5.83B77B03667AF77E0BA3E093EF4831F6] - |A| - [25/05/2017 01:06:51] - (.-.) - [0.65 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\nv-vk32.json
[MD5.663A319D105E14548DBA4C72201876B1] - |A| - [31/08/2016 14:45:43] - (.Copyright (C) 2000-2006 - Standard OpenAL(TM) Implementation.) - [106.59 Ko] - (6.14.357.25) - C:\WINDOWS\SysWOW64\OpenAL32.dll
[MD5.1250BEF11BFA086F772CD2A273BC036E] - |A| - [11/02/2011 23:23:34] - (.Copyright © 2005-2010 CACE Technologies. Copyright © 1999-2005 NetGroup, Politecnico di Torino. - packet.dll (Vista) Dynamic Link Library.) - [94.52 Ko] - (4.1.0.2001) - C:\WINDOWS\SysWOW64\Packet.dll
[MD5.1FD6E0FEEC0485FB14733BB3B120E2DA] - |A| - [24/05/2017 23:13:20] - (.-.) - [1923.99 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\PerfStringBackup.INI
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [288.5 Ko] - C:\WINDOWS\SysWOW64\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:57:46] - [420.42 Ko] - C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [291.5 Ko] - C:\WINDOWS\SysWOW64\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [286 Ko] - C:\WINDOWS\SysWOW64\pt-PT
[MD5.F04A90F917BA10AE2DCBE859870F4DEA] - |A| - [11/02/2011 23:23:34] - (.-.) - [52.05 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\pthreadVC.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [23.75 Ko] - C:\WINDOWS\SysWOW64\ras
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\SysWOW64\RasToast
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0.82 Ko] - C:\WINDOWS\SysWOW64\Recovery
[MD5.98F6807EBE3215EBEB8D4F6C21C86A2E] - |A| - [31/08/2016 14:45:50] - (.Copyright (C) 2011 - Command Router Restore Utility.) - [15.13 Ko] - (2.0.13.0) - C:\WINDOWS\SysWOW64\ResDefA.exe
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\SysWOW64\restore
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [231 Ko] - C:\WINDOWS\SysWOW64\ro-RO
[MD5.1987E86DCBEF29B9ABFF648303BDAF16] - |A| - [14/03/2016 07:36:22] - (.Copyright © 2016 Razer Inc. All rights reserved - Razer RzDeviceDLL Manager.) - [95.46 Ko] - (1.0.45.6) - C:\WINDOWS\SysWOW64\rzdevinfo.dll
[MD5.00000000000000000000000000000000] - |D| - [24/05/2017 23:12:51] - [129.71 Ko] - C:\WINDOWS\SysWOW64\sda
[MD5.826B5EAC12C76FCD92D066BBAAB154E2] - |A| - [31/08/2016 14:45:42] - (.Copyright © 2015 Creative - OpenAL Host Implementation.) - [1572 Ko] - (2.2.20.3085) - C:\WINDOWS\SysWOW64\Sens_oal.dll
[MD5.0FFE35F0B0CD5A324BBE22F02569AE3B] - |A| - [29/12/2012 22:59:38] - (.Copyright © Almico Software 2001-2013 - SpeedFan x64 Driver.) - [27.99 Ko] - (2.3.11.0) - C:\WINDOWS\SysWOW64\speedfan.sys
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [2001.74 Ko] - C:\WINDOWS\SysWOW64\spp
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [31.88 Ko] - C:\WINDOWS\SysWOW64\sppui
[MD5.00000000000000000000000000000000] - |D| - [08/01/2017 16:50:42] - [0 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-CS
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [232 Ko] - C:\WINDOWS\SysWOW64\sr-Latn-RS
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\SysWOW64\sru
[MD5.C4E8ECBF37CBA9DE64B9FEEDEC128B9D] - |A| - [04/06/2017 12:10:52] - (.-.) - [301 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\ssdm.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [277 Ko] - C:\WINDOWS\SysWOW64\sv-SE
[MD5.AAD2347FCC52BC2AC10F4D41BEF9D1B1] - |A| - [25/01/2017 22:21:28] - (.Copyright (C) Synaptics Incorporated 1996-2017 - SynCOM.) - [426.09 Ko] - (19.3.4.66) - C:\WINDOWS\SysWOW64\SynCom.dll
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:57:46] - [0 Ko] - C:\WINDOWS\SysWOW64\sysprep
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [0 Ko] - C:\WINDOWS\SysWOW64\Tasks
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [215.5 Ko] - C:\WINDOWS\SysWOW64\th-TH
[MD5.4AB9C9898DF4529EB05759C24F0A97FD] - |A| - [31/08/2016 14:45:43] - (.Copyright © 2009 - OpenAL Installer.) - [790.59 Ko] - (2.1.0.0) - C:\WINDOWS\SysWOW64\tmp421F.tmp
[MD5.4AB9C9898DF4529EB05759C24F0A97FD] - |A| - [31/08/2016 14:45:43] - (.Copyright © 2009 - OpenAL Installer.) - [790.59 Ko] - (2.1.0.0) - C:\WINDOWS\SysWOW64\tmp4220.tmp
[MD5.4AB9C9898DF4529EB05759C24F0A97FD] - |A| - [11/04/2017 19:46:12] - (.Copyright © 2009 - OpenAL Installer.) - [790.59 Ko] - (2.1.0.0) - C:\WINDOWS\SysWOW64\tmp6121.tmp
[MD5.4AB9C9898DF4529EB05759C24F0A97FD] - |A| - [11/04/2017 19:46:12] - (.Copyright © 2009 - OpenAL Installer.) - [790.59 Ko] - (2.1.0.0) - C:\WINDOWS\SysWOW64\tmp6122.tmp
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [274 Ko] - C:\WINDOWS\SysWOW64\tr-TR
[MD5.01E96A85B337B702AE2BC7F838AE7B65] - |A| - [04/06/2017 12:11:53] - (.-.) - [3.34 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\UevCustomActionTypes.tlb
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [227 Ko] - C:\WINDOWS\SysWOW64\uk-UA
[MD5.4B0C0A8C960AF22761FB6A25D8A50DF2] - |A| - [08/09/2016 12:58:22] - (.Copyright © 2000-3 ON2 Technologies - VP6 VIDEO FOR WINDOWS CODEC.) - [437.26 Ko] - (6.0.6.4) - C:\WINDOWS\SysWOW64\vp6vfw.dll
[MD5.4F89AC14A299EEB1E23D1BACA381A89F] - |A| - [10/03/2017 23:17:28] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [513.28 Ko] - (1.0.42.1) - C:\WINDOWS\SysWOW64\vulkan-1-1-0-42-1.dll
[MD5.4F89AC14A299EEB1E23D1BACA381A89F] - |A| - [12/06/2017 11:00:07] - (.Copyright (C) 2015-2017 - Vulkan Loader.) - [513.28 Ko] - (1.0.42.1) - C:\WINDOWS\SysWOW64\vulkan-1.dll
[MD5.82695D42B9F6C2B9625A3E9D3C924B50] - |A| - [10/03/2017 23:17:20] - (.-.) - [228.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-42-1.exe
[MD5.82695D42B9F6C2B9625A3E9D3C924B50] - |A| - [12/06/2017 11:00:07] - (.-.) - [228.28 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\vulkaninfo.exe
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [19359.7 Ko] - C:\WINDOWS\SysWOW64\wbem
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:57:46] - [0 Ko] - C:\WINDOWS\SysWOW64\WCN
[MD5.2120FD31F1294480A523C731EBBB2A45] - |A| - [04/06/2017 12:10:53] - (.-.) - [90 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\WindowsDefaultHeatProcessor.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [8590.03 Ko] - C:\WINDOWS\SysWOW64\WindowsPowerShell
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [5083.52 Ko] - C:\WINDOWS\SysWOW64\WinMetadata
[MD5.00000000000000000000000000000000] - |D| - [05/06/2017 08:57:46] - [107.53 Ko] - C:\WINDOWS\SysWOW64\winrm
[MD5.190FB481D293D85B507D071E75BCB05C] - |A| - [11/02/2011 23:23:34] - (.Copyright © 2005-2010 CACE Technologies. Copyright © 1999-2005 NetGroup, Politecnico di Torino. - wpcap.dll Dynamic Link Library - based on libpcap 1.0rel0b branch (20091008).) - [274.52 Ko] - (4.1.0.2001) - C:\WINDOWS\SysWOW64\wpcap.dll
[MD5.DB08CF76449D2EB521DFB71A58DAF62D] - |A| - [31/08/2016 14:45:43] - (.Copyright © 2008 - OpenAL32.) - [434.59 Ko] - (2.2.0.7) - C:\WINDOWS\SysWOW64\wrap_oal.dll
[MD5.6A1D342BEE0743A8ED2AF1D14D5FA9DB] - |A| - [04/06/2017 12:10:56] - (.-.) - [57 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
[MD5.00000000000000000000000000000000] - |D| - [11/06/2017 03:23:11] - [10.16 Ko] - C:\WINDOWS\SysWOW64\XPSViewer
[MD5.1AE36A72AFEE8DC664BCDEA73F76FC50] - |A| - [13/09/2016 13:18:57] - (.-.) - [144.5 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xvid.ax
[MD5.BD64AE063AA0DEA6C69CBDF8DBAB6551] - |A| - [13/09/2016 13:18:57] - (.-.) - [624 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xvidcore.dll
[MD5.ABB1048DDD4F6B86041E582C04779B43] - |A| - [13/09/2016 13:18:57] - (.-.) - [230 Ko] - (0.0.0.0) - C:\WINDOWS\SysWOW64\xvidvfw.dll
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [198 Ko] - C:\WINDOWS\SysWOW64\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [08/01/2017 16:50:42] - [0 Ko] - C:\WINDOWS\SysWOW64\zh-HK
[MD5.00000000000000000000000000000000] - |D| - [04/06/2017 12:17:04] - [192 Ko] - C:\WINDOWS\SysWOW64\zh-TW

---------- | Shell Folders

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead   
"AppData"=C:\Users\Utilisateur\AppData\Roaming   [12/06/2017 11:00:51]
"Local AppData"=C:\Users\Utilisateur\AppData\Local   [12/06/2017 11:00:51]
"{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Libraries   [31/08/2016 13:25:03]
"My Video"=C:\Users\Utilisateur\Videos   [31/08/2016 13:25:02]
"My Pictures"=C:\Users\Utilisateur\Pictures   [31/08/2016 13:25:02]
"Desktop"=C:\Users\Utilisateur\Desktop   [31/08/2016 13:25:02]
"History"=C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\History   [31/08/2016 13:25:02]
"NetHood"=C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Network Shortcuts   [12/06/2017 11:00:51]
"{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\Utilisateur\Contacts   [31/08/2016 13:25:03]
"{00BCFC5A-ED94-4E48-96A1-3F6217F21990}"=C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\RoamingTiles   [31/08/2016 13:25:03]
"Cookies"=C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\INetCookies   [31/08/2016 13:25:02]
"Favorites"=C:\Users\Utilisateur\Favorites   [31/08/2016 13:25:02]
"SendTo"=C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\SendTo   [05/11/2016 14:51:22]
"Start Menu"=C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu   [05/11/2016 14:51:22]
"My Music"=C:\Users\Utilisateur\Music   [31/08/2016 13:25:02]
"Programs"=C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs   [05/11/2016 14:51:22]
"Recent"=C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Recent   [31/08/2016 13:25:02]
"CD Burning"=C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\Burn\Burn   [12/06/2017 11:10:43]
"PrintHood"=C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Printer Shortcuts   [12/06/2017 11:00:51]
"{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\Utilisateur\Searches   [31/08/2016 13:25:03]
"{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\Utilisateur\Downloads   [31/08/2016 13:25:02]
"{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\Utilisateur\AppData\LocalLow   [31/08/2016 13:25:02]
"Startup"=C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup   [31/08/2016 13:25:03]
"Administrative Tools"=C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools   [31/08/2016 13:25:03]
"Personal"=C:\Users\Utilisateur\Documents   [31/08/2016 13:25:02]
"{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\Utilisateur\Links   [31/08/2016 13:25:02]
"Cache"=C:\Users\Utilisateur\AppData\Local\Microsoft\Windows\INetCache   [12/06/2017 11:00:51]
"Templates"=C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Templates   [12/06/2017 11:00:51]
"{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\Utilisateur\Saved Games   [31/08/2016 13:25:02]
"Fonts"=C:\WINDOWS\Fonts   [04/06/2017 12:17:03]

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"AppData"=%USERPROFILE%\AppData\Roaming   
"Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCache   
"Cookies"=%USERPROFILE%\AppData\Local\Microsoft\Windows\INetCookies   
"Desktop"=%USERPROFILE%\Desktop   
"Favorites"=%USERPROFILE%\Favorites   
"History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History   
"Local AppData"=%USERPROFILE%\AppData\Local   
"My Music"=%USERPROFILE%\Music   
"My Pictures"=%USERPROFILE%\Pictures   
"My Video"=%USERPROFILE%\Videos   
"NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts   
"Personal"=%USERPROFILE%\Documents   
"PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts   
"Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs   
"Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent   
"SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo   
"Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu   
"Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup   
"Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates   
"{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads   
"{767E6811-49CB-4273-87C2-20F355E1085B}"=C:\Users\Utilisateur\OneDrive\SkyDrive camera roll   [31/08/2016 19:43:56]

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools   [04/06/2017 12:17:03]
"Common AppData"=C:\ProgramData   [04/06/2017 12:17:03]
"Common Desktop"=C:\Users\Public\Desktop   [30/10/2015 09:24:24]
"Common Documents"=C:\Users\Public\Documents   [30/10/2015 09:24:24]
"Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs   [04/06/2017 12:17:03]
"Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu   [04/06/2017 12:17:03]
"Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup   [04/06/2017 12:17:03]
"Common Templates"=C:\ProgramData\Microsoft\Windows\Templates   [30/10/2015 09:24:24]
"CommonMusic"=C:\Users\Public\Music   [30/10/2015 09:24:24]
"CommonPictures"=C:\Users\Public\Pictures   [30/10/2015 09:24:24]
"CommonVideo"=C:\Users\Public\Videos   [30/10/2015 09:24:24]
"OEM Links"=C:\ProgramData\OEM\Links   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Common AppData"=%ProgramData%   
"Common Desktop"=%PUBLIC%\Desktop   
"Common Documents"=%PUBLIC%\Documents   
"Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs   
"Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu   
"Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup   
"Common Templates"=%ProgramData%\Microsoft\Windows\Templates   
"CommonMusic"=%PUBLIC%\Music   
"CommonPictures"=%PUBLIC%\Pictures   
"CommonVideo"=%PUBLIC%\Videos   
"{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools   [04/06/2017 12:17:03]
"Common AppData"=C:\ProgramData   [04/06/2017 12:17:03]
"Common Desktop"=C:\Users\Public\Desktop   [30/10/2015 09:24:24]
"Common Documents"=C:\Users\Public\Documents   [30/10/2015 09:24:24]
"Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs   [04/06/2017 12:17:03]
"Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu   [04/06/2017 12:17:03]
"Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup   [04/06/2017 12:17:03]
"Common Templates"=C:\ProgramData\Microsoft\Windows\Templates   [30/10/2015 09:24:24]
"CommonMusic"=C:\Users\Public\Music   [30/10/2015 09:24:24]
"CommonPictures"=C:\Users\Public\Pictures   [30/10/2015 09:24:24]
"CommonVideo"=C:\Users\Public\Videos   [30/10/2015 09:24:24]
"OEM Links"=C:\ProgramData\OEM\Links   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Common AppData"=%ProgramData%   
"Common Desktop"=%PUBLIC%\Desktop   
"Common Documents"=%PUBLIC%\Documents   
"Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs   
"Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu   
"Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup   
"Common Templates"=%ProgramData%\Microsoft\Windows\Templates   
"CommonMusic"=%PUBLIC%\Music   
"CommonPictures"=%PUBLIC%\Pictures   
"CommonVideo"=%PUBLIC%\Videos   
"{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads   


---------- | [Public]


---------- | [Utilisateur]

[12/06/2017 11:00:51] - |D| - [72659827060] - C:\Users\Utilisateur\AppData\Local
[31/08/2016 13:25:02] - |D| - [8332163963] - C:\Users\Utilisateur\AppData\LocalLow
[12/06/2017 11:00:51] - |D| - [1255772502] - C:\Users\Utilisateur\AppData\Roaming
[21/06/2017 15:21:23] - |D| - [41978] - C:\Users\Utilisateur\AppData\Temp
[07/10/2016 11:01:50] - |D| - [1434363] - C:\Users\Utilisateur\AppData\Local\2K Games
[31/08/2016 13:27:03] - |D| - [0] - C:\Users\Utilisateur\AppData\Local\ActiveSync
[31/08/2016 14:53:34] - |D| - [22610409] - C:\Users\Utilisateur\AppData\Local\Adobe
[06/09/2016 12:43:49] - |D| - [1193] - C:\Users\Utilisateur\AppData\Local\Amazon
[16/01/2017 10:51:54] - |D| - [0] - C:\Users\Utilisateur\AppData\Local\Apple
[16/01/2017 10:52:13] - |D| - [967449172] - C:\Users\Utilisateur\AppData\Local\Apple Computer
[12/06/2017 11:00:51] - |SHD| - [65697115468] - C:\Users\Utilisateur\AppData\Local\Application Data
[04/09/2016 11:19:55] - |D| - [63152] - C:\Users\Utilisateur\AppData\Local\ARK_Server_Manager
[12/06/2017 18:52:36] - |D| - [789004] - C:\Users\Utilisateur\AppData\Local\assembly
[09/09/2016 14:31:44] - |D| - [11402811] - C:\Users\Utilisateur\AppData\Local\Bethesda.net Launcher
[14/09/2016 00:08:37] - |D| - [63488] - C:\Users\Utilisateur\AppData\Local\Black_Tree_Gaming
[08/09/2016 17:24:26] - |D| - [397] - C:\Users\Utilisateur\AppData\Local\CAPCOM
[31/08/2016 19:31:12] - |D| - [5984542] - C:\Users\Utilisateur\AppData\Local\CEF
[13/10/2016 10:00:32] - |D| - [474] - C:\Users\Utilisateur\AppData\Local\Chris_Pietschmann_(http__
[14/12/2016 00:35:14] - |D| - [40] - C:\Users\Utilisateur\AppData\Local\Chromium
[31/08/2016 13:41:48] - |D| - [43974463] - C:\Users\Utilisateur\AppData\Local\Comms
[07/09/2016 12:34:48] - |D| - [2190922] - C:\Users\Utilisateur\AppData\Local\ConnectedDevicesPlatform
[31/08/2016 22:27:26] - |D| - [43380140] - C:\Users\Utilisateur\AppData\Local\CrashDumps
[01/09/2016 15:33:16] - |D| - [26726] - C:\Users\Utilisateur\AppData\Local\CrashReportClient
[26/10/2016 15:58:14] - |D| - [42074] - C:\Users\Utilisateur\AppData\Local\Creative
[28/09/2016 12:01:53] - |D| - [10721275] - C:\Users\Utilisateur\AppData\Local\CRYENGINE_Launcher
[20/12/2016 12:20:58] - |D| - [0] - C:\Users\Utilisateur\AppData\Local\DBG
[09/10/2016 22:15:21] - |D| - [458759] - C:\Users\Utilisateur\AppData\Local\Diagnostics
[31/08/2016 13:40:05] - |A| - [0] - C:\Users\Utilisateur\AppData\Local\Driver_11ACPresent.flag
[31/08/2016 13:40:05] - |A| - [0] - C:\Users\Utilisateur\AppData\Local\Driver_1535Present.flag
[31/08/2016 13:40:05] - |A| - [0] - C:\Users\Utilisateur\AppData\Local\Driver_LOM_8171Present.flag
[13/10/2016 10:03:38] - |D| - [0] - C:\Users\Utilisateur\AppData\Local\ElevatedDiagnostics
[01/09/2016 11:48:36] - |D| - [279720324] - C:\Users\Utilisateur\AppData\Local\EpicGamesLauncher
[02/09/2016 22:18:28] - |D| - [2684] - C:\Users\Utilisateur\AppData\Local\Fallout4
[04/06/2017 15:17:44] - |D| - [41761668] - C:\Users\Utilisateur\AppData\Local\FiveM
[07/09/2016 23:25:17] - |D| - [111141] - C:\Users\Utilisateur\AppData\Local\GameMaker-Studio
[19/06/2017 20:45:32] - |D| - [65583] - C:\Users\Utilisateur\AppData\Local\GOG.com
[31/08/2016 15:09:12] - |D| - [611338097] - C:\Users\Utilisateur\AppData\Local\Google
[12/06/2017 11:00:51] - |SHD| - [130] - C:\Users\Utilisateur\AppData\Local\Historique
[14/06/2017 01:36:03] - |AH| - [120965] - C:\Users\Utilisateur\AppData\Local\IconCache.db
[11/09/2016 17:26:48] - |D| - [92806467] - C:\Users\Utilisateur\AppData\Local\Introversion
[24/10/2016 00:44:44] - |D| - [1132] - C:\Users\Utilisateur\AppData\Local\IsolatedStorage
[16/01/2017 10:53:43] - |D| - [0] - C:\Users\Utilisateur\AppData\Local\iTunes
[12/06/2017 11:00:51] - |D| - [470438876] - C:\Users\Utilisateur\AppData\Local\Microsoft
[31/08/2016 14:51:37] - |D| - [81432] - C:\Users\Utilisateur\AppData\Local\MicrosoftEdge
[20/06/2017 10:23:11] - |D| - [382892073] - C:\Users\Utilisateur\AppData\Local\Mozilla
[25/09/2016 21:52:34] - |D| - [0] - C:\Users\Utilisateur\AppData\Local\My Games
[31/08/2016 20:30:19] - |D| - [0] - C:\Users\Utilisateur\AppData\Local\NetworkTiles
[31/08/2016 13:51:33] - |D| - [823063237] - C:\Users\Utilisateur\AppData\Local\NVIDIA
[31/08/2016 13:52:35] - |D| - [355106309] - C:\Users\Utilisateur\AppData\Local\NVIDIA Corporation
[31/01/2017 16:49:25] - |D| - [10804] - C:\Users\Utilisateur\AppData\Local\OCCT_-_Ocbase_-_Adrien_Me
[05/09/2016 23:09:06] - |D| - [83106976] - C:\Users\Utilisateur\AppData\Local\Origin
[12/06/2017 11:00:59] - |D| - [740927418] - C:\Users\Utilisateur\AppData\Local\Packages
[04/11/2016 16:36:29] - |D| - [128] - C:\Users\Utilisateur\AppData\Local\paint.net
[01/09/2016 15:37:49] - |D| - [0] - C:\Users\Utilisateur\AppData\Local\PeerDistRepub
[12/06/2017 11:18:43] - |D| - [43379] - C:\Users\Utilisateur\AppData\Local\PlaceholderTileLogoFolder
[08/09/2016 23:15:49] - |D| - [0] - C:\Users\Utilisateur\AppData\Local\Programs
[31/08/2016 13:25:06] - |D| - [162274] - C:\Users\Utilisateur\AppData\Local\Publishers
[31/08/2016 19:29:41] - |D| - [864] - C:\Users\Utilisateur\AppData\Local\Razer_Inc
[14/12/2016 21:54:25] - |A| - [7646] - C:\Users\Utilisateur\AppData\Local\Resmon.ResmonCfg
[31/08/2016 22:55:39] - |D| - [80] - C:\Users\Utilisateur\AppData\Local\Rockstar Games
[14/09/2016 00:05:08] - |D| - [4063] - C:\Users\Utilisateur\AppData\Local\Skyrim
[28/10/2016 15:58:05] - |D| - [165] - C:\Users\Utilisateur\AppData\Local\Skyrim Special Edition
[01/09/2016 01:51:21] - |D| - [237350260] - C:\Users\Utilisateur\AppData\Local\Sports Interactive
[31/08/2016 19:31:11] - |D| - [526479453] - C:\Users\Utilisateur\AppData\Local\Steam
[12/06/2017 11:00:51] - |D| - [228830986] - C:\Users\Utilisateur\AppData\Local\Temp
[12/06/2017 11:00:51] - |SHD| - [9424193] - C:\Users\Utilisateur\AppData\Local\Temporary Internet Files
[31/08/2016 13:25:03] - |D| - [17843403] - C:\Users\Utilisateur\AppData\Local\TileDataLayer
[31/08/2016 20:10:12] - |D| - [4322] - C:\Users\Utilisateur\AppData\Local\Ubisoft Game Launcher
[09/09/2016 12:29:03] - |D| - [243574] - C:\Users\Utilisateur\AppData\Local\Unity
[01/09/2016 11:48:36] - |D| - [971370372] - C:\Users\Utilisateur\AppData\Local\UnrealEngine
[01/09/2016 11:51:20] - |D| - [0] - C:\Users\Utilisateur\AppData\Local\UnrealEngineLauncher
[31/08/2016 13:25:03] - |D| - [0] - C:\Users\Utilisateur\AppData\Local\VirtualStore
[07/09/2016 23:26:13] - |D| - [765] - C:\Users\Utilisateur\AppData\Local\YoYo_Games_Ltd
[19/06/2017 23:59:46] - |D| - [158697] - C:\Users\Utilisateur\AppData\Local\ZHP
[11/09/2016 19:02:01] - |D| - [46080] - C:\Users\Utilisateur\AppData\LocalLow\Adobe
[08/09/2016 23:33:48] - |D| - [151] - C:\Users\Utilisateur\AppData\LocalLow\Beam Team Games
[09/09/2016 12:34:00] - |D| - [0] - C:\Users\Utilisateur\AppData\LocalLow\DefaultCompany
[21/09/2016 20:42:50] - |D| - [118224] - C:\Users\Utilisateur\AppData\LocalLow\Lazy Bear Games
[01/09/2016 01:23:27] - |D| - [169284545] - C:\Users\Utilisateur\AppData\LocalLow\Ludeon Studios
[17/12/2016 12:15:26] - |D| - [68204] - C:\Users\Utilisateur\AppData\LocalLow\McMagic Productions
[31/08/2016 13:25:15] - |SD| - [10475986] - C:\Users\Utilisateur\AppData\LocalLow\Microsoft
[20/06/2017 10:23:15] - |D| - [1351680] - C:\Users\Utilisateur\AppData\LocalLow\Mozilla
[12/11/2016 19:14:41] - |D| - [38198495] - C:\Users\Utilisateur\AppData\LocalLow\Playsport Games
[14/01/2017 15:04:46] - |D| - [4929] - C:\Users\Utilisateur\AppData\LocalLow\Red Dot Games
[31/08/2016 20:13:26] - |D| - [0] - C:\Users\Utilisateur\AppData\LocalLow\Temp
[30/11/2016 11:36:06] - |D| - [4738100] - C:\Users\Utilisateur\AppData\LocalLow\U-Play online
[09/09/2016 12:29:03] - |D| - [8107877569] - C:\Users\Utilisateur\AppData\LocalLow\Unity
[04/12/2016 16:16:13] - |D| - [224] - C:\Users\Utilisateur\AppData\Roaming\11bitstudios
[28/11/2016 17:11:57] - |D| - [18375212] - C:\Users\Utilisateur\AppData\Roaming\7DaysToDie
[31/08/2016 13:25:03] - |D| - [178721] - C:\Users\Utilisateur\AppData\Roaming\Adobe
[06/09/2016 13:17:12] - |A| - [3599] - C:\Users\Utilisateur\AppData\Roaming\Amazon.ini
[16/01/2017 10:52:13] - |D| - [8075393] - C:\Users\Utilisateur\AppData\Roaming\Apple Computer
[29/09/2016 21:23:23] - |D| - [1557] - C:\Users\Utilisateur\AppData\Roaming\Atari
[02/06/2017 13:10:46] - |D| - [62641] - C:\Users\Utilisateur\AppData\Roaming\Bitdefender
[28/12/2016 20:58:36] - |D| - [118332] - C:\Users\Utilisateur\AppData\Roaming\Blender Foundation
[04/10/2016 21:15:07] - |D| - [57974] - C:\Users\Utilisateur\AppData\Roaming\Clickteam
[28/09/2016 12:39:42] - |D| - [12647] - C:\Users\Utilisateur\AppData\Roaming\Crytek
[30/11/2016 22:39:08] - |D| - [1648] - C:\Users\Utilisateur\AppData\Roaming\dvdcss
[25/05/2017 12:56:55] - |D| - [1050152] - C:\Users\Utilisateur\AppData\Roaming\EasyAntiCheat
[05/12/2016 16:47:47] - |D| - [38745] - C:\Users\Utilisateur\AppData\Roaming\FileZilla
[25/09/2016 21:52:37] - |D| - [2562596] - C:\Users\Utilisateur\AppData\Roaming\FiraxisLive
[14/12/2016 21:03:30] - |D| - [10240] - C:\Users\Utilisateur\AppData\Roaming\fr.orange.assistancelivebox
[07/09/2016 23:25:55] - |D| - [779257526] - C:\Users\Utilisateur\AppData\Roaming\GameMaker-Studio
[24/05/2017 21:08:27] - |D| - [0] - C:\Users\Utilisateur\AppData\Roaming\Google
[31/08/2016 14:44:12] - |D| - [0] - C:\Users\Utilisateur\AppData\Roaming\Intel Corporation
[25/09/2016 21:26:53] - |D| - [0] - C:\Users\Utilisateur\AppData\Roaming\Leadertech
[31/08/2016 14:52:23] - |D| - [57983] - C:\Users\Utilisateur\AppData\Roaming\Macromedia
[12/06/2017 11:00:51] - |SD| - [48051811] - C:\Users\Utilisateur\AppData\Roaming\Microsoft
[22/11/2016 17:16:35] - |D| - [0] - C:\Users\Utilisateur\AppData\Roaming\MMFApplications
[21/12/2016 14:54:41] - |D| - [990] - C:\Users\Utilisateur\AppData\Roaming\Mount&Blade
[20/06/2017 10:23:11] - |D| - [53306818] - C:\Users\Utilisateur\AppData\Roaming\Mozilla
[10/09/2016 10:57:47] - |D| - [2663496] - C:\Users\Utilisateur\AppData\Roaming\Notepad++
[02/09/2016 17:09:37] - |D| - [60] - C:\Users\Utilisateur\AppData\Roaming\NuGet
[01/09/2016 23:38:54] - |D| - [6711921] - C:\Users\Utilisateur\AppData\Roaming\NVIDIA
[03/09/2016 19:34:50] - |D| - [0] - C:\Users\Utilisateur\AppData\Roaming\OBS
[05/09/2016 23:09:09] - |D| - [147196] - C:\Users\Utilisateur\AppData\Roaming\Origin
[02/06/2017 13:10:06] - |D| - [0] - C:\Users\Utilisateur\AppData\Roaming\QuickScan
[01/09/2016 13:33:32] - |D| - [76] - C:\Users\Utilisateur\AppData\Roaming\Skype
[01/09/2016 01:44:39] - |D| - [38571218] - C:\Users\Utilisateur\AppData\Roaming\Tropico 5
[09/09/2016 12:29:01] - |D| - [291925111] - C:\Users\Utilisateur\AppData\Roaming\Unity
[01/09/2016 14:51:28] - |D| - [173] - C:\Users\Utilisateur\AppData\Roaming\Unreal Engine
[30/11/2016 22:34:13] - |D| - [86321] - C:\Users\Utilisateur\AppData\Roaming\vlc
[01/09/2016 10:32:51] - |D| - [12] - C:\Users\Utilisateur\AppData\Roaming\WinRAR
[19/06/2017 23:59:46] - |D| - [4442109] - C:\Users\Utilisateur\AppData\Roaming\ZHP
[31/08/2016 13:25:03] - |ASH| - [174] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
[12/06/2017 11:00:51] - |SHD| - [97625] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
[05/11/2016 14:51:22] - |RD| - [97625] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[12/06/2017 11:00:51] - |RD| - [3888] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[12/06/2017 11:00:51] - |RD| - [2961] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[31/08/2016 13:25:03] - |RD| - [174] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[02/09/2016 15:52:42] - |D| - [2917] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
[01/09/2016 00:14:35] - |A| - [233] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Assassin's Creed® Rogue.url
[09/09/2016 14:33:54] - |D| - [588] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher
[19/12/2016 19:51:19] - |D| - [759] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
[12/06/2017 11:09:03] - |ASH| - [174] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
[31/08/2016 20:19:27] - |A| - [234] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Far Cry Primal.url
[04/06/2017 15:17:45] - |A| - [2093] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FiveM.lnk
[01/09/2016 10:14:19] - |A| - [1047] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fonctionnalités optionnelles.lnk
[07/09/2016 23:25:17] - |D| - [3500] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameMaker-Studio 1.4
[12/06/2017 11:00:51] - |D| - [170] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[01/12/2016 00:36:19] - |D| - [3012] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMKV
[22/01/2017 19:00:58] - |D| - [13580] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxis
[09/09/2016 12:25:35] - |D| - [3045] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2015 Tools for Unity
[31/01/2017 16:16:18] - |D| - [2958] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OCCT
[31/08/2016 13:26:29] - |A| - [2485] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[14/12/2016 21:03:18] - |D| - [2720] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orange
[22/12/2016 01:28:07] - |D| - [4178] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
[08/09/2016 00:12:15] - |A| - [232] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Splinter Cell Blacklist.url
[14/09/2016 00:20:16] - |D| - [773] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Star Citizen Launcher
[31/08/2016 13:25:03] - |RD| - [174] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[01/09/2016 01:43:22] - |D| - [22637] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[22/12/2016 00:05:59] - |A| - [234] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steep.url
[12/06/2017 11:00:51] - |RD| - [3496] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[01/09/2016 00:13:56] - |A| - [233] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tom Clancy's Rainbow Six Siege.url
[31/08/2016 20:10:12] - |D| - [2701] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
[15/06/2017 09:44:57] - |D| - [4028] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UDPixel
[17/12/2016 10:46:51] - |A| - [234] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WATCH_DOGS® 2.url
[12/06/2017 11:00:51] - |RD| - [7790] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[01/09/2016 10:31:10] - |D| - [4377] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[31/08/2016 13:25:03] - |ASH| - [174] - C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | C:\ProgramData

[31/08/2016 14:56:46] - |D| - [369200877] - C:\ProgramData\Adobe
[02/06/2017 12:03:19] - |A| - [49525] - C:\ProgramData\agent.1496397796.bdinstall.bin
[14/12/2016 21:03:06] - |D| - [214339953] - C:\ProgramData\Apple
[16/01/2017 10:52:06] - |D| - [161939659] - C:\ProgramData\Apple Computer
[12/06/2017 11:08:49] - |SHD| - [147559214936] - C:\ProgramData\Application Data
[02/06/2017 13:11:58] - |D| - [0] - C:\ProgramData\BDLogging
[02/06/2017 13:10:00] - |D| - [4626974] - C:\ProgramData\Bitdefender
[02/06/2017 12:03:16] - |D| - [0] - C:\ProgramData\Bitdefender Agent
[02/06/2017 13:15:41] - |D| - [0] - C:\ProgramData\Bitdefender Device Management
[05/02/2016 18:07:00] - |SHD| - [45323] - C:\ProgramData\Bureau
[02/06/2017 13:12:24] - |A| - [460796] - C:\ProgramData\cl.1496401787.bdinstall.bin
[08/01/2017 16:50:41] - |D| - [0] - C:\ProgramData\Comms
[31/08/2016 14:45:50] - |D| - [145026] - C:\ProgramData\Creative
[28/09/2016 12:30:30] - |D| - [259] - C:\ProgramData\Crytek
[01/09/2016 15:43:40] - |D| - [1243] - C:\ProgramData\dbdata
[02/06/2017 13:15:48] - |A| - [56461] - C:\ProgramData\dm.1496402139.bdinstall.bin
[12/06/2017 11:21:23] - |A| - [40623] - C:\ProgramData\dm.update.1497259275.bdinstall.bin
[12/06/2017 11:08:49] - |SHD| - [9972] - C:\ProgramData\Documents
[31/08/2016 13:40:11] - |D| - [43108272] - C:\ProgramData\Downloaded Installations
[05/09/2016 23:07:17] - |D| - [2226] - C:\ProgramData\Electronic Arts
[01/09/2016 11:48:26] - |D| - [59769400] - C:\ProgramData\Epic
[28/09/2016 12:02:00] - |D| - [32097023] - C:\ProgramData\GFACE
[19/06/2017 20:45:26] - |D| - [325123588] - C:\ProgramData\GOG.com
[31/08/2016 14:09:59] - |D| - [63051845] - C:\ProgramData\Intel
[31/08/2016 13:42:03] - |D| - [2395083] - C:\ProgramData\Killer
[21/06/2017 16:17:48] - |D| - [91128082] - C:\ProgramData\Malwarebytes
[05/02/2016 18:07:00] - |SHD| - [659452] - C:\ProgramData\Menu Démarrer
[04/06/2017 12:17:03] - |SD| - [1455061778] - C:\ProgramData\Microsoft
[12/06/2017 11:11:01] - |D| - [0] - C:\ProgramData\Microsoft OneDrive
[05/02/2016 18:07:00] - |SHD| - [0] - C:\ProgramData\Modèles
[02/09/2016 17:30:05] - |D| - [700] - C:\ProgramData\NuGet
[24/05/2017 23:12:41] - |D| - [3764262] - C:\ProgramData\NVIDIA
[24/05/2017 23:12:38] - |D| - [1442882683] - C:\ProgramData\NVIDIA Corporation
[21/12/2016 15:28:36] - |A| - [5110] - C:\ProgramData\NvTelemetryContainer.log
[21/12/2016 15:28:36] - |A| - [5110] - C:\ProgramData\NvTelemetryContainer.log_backup1
[14/12/2016 21:03:08] - |D| - [36355] - C:\ProgramData\Orange
[05/09/2016 23:07:17] - |D| - [334414367] - C:\ProgramData\Origin
[31/08/2016 13:30:19] - |D| - [10570926203] - C:\ProgramData\Package Cache
[22/12/2016 01:09:44] - |D| - [732] - C:\ProgramData\PassMark
[02/09/2016 17:33:40] - |D| - [4390578] - C:\ProgramData\PreEmptive Solutions
[24/05/2017 23:13:17] - |D| - [26000] - C:\ProgramData\Razer
[04/06/2017 12:17:03] - |D| - [7391] - C:\ProgramData\regid.1991-06.com.microsoft
[20/06/2017 00:08:52] - |D| - [708223] - C:\ProgramData\RogueKiller
[04/06/2017 12:17:03] - |D| - [0] - C:\ProgramData\SoftwareDistribution
[09/09/2016 12:29:03] - |D| - [6778] - C:\ProgramData\Unity
[04/06/2017 12:17:03] - |D| - [1540] - C:\ProgramData\USOPrivate
[12/06/2017 11:03:39] - |D| - [880640] - C:\ProgramData\USOShared
[02/09/2016 17:38:44] - |AD| - [1619200] - C:\ProgramData\Windows App Certification Kit
[05/06/2017 09:00:07] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices

---------- | C:\ProgramData\Microsoft\Windows\Start Menu

[04/06/2017 12:17:07] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[05/02/2016 18:07:00] - |SHD| - [329639] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
[04/06/2017 12:17:03] - |RD| - [329639] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs

[31/08/2016 14:53:29] - |D| - [2095] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[13/09/2016 09:32:27] - |A| - [2514] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
[04/06/2017 12:17:03] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
[04/06/2017 12:17:03] - |RD| - [14299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[25/05/2017 17:22:20] - |A| - [2505] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[31/08/2016 14:57:02] - |A| - [2457] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
[19/11/2016 15:39:02] - |D| - [1259] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Action Replay PowerSaves 3DS
[04/06/2017 12:17:03] - |RD| - [24294] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[16/01/2017 10:51:54] - |A| - [2583] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[25/09/2016 21:31:24] - |D| - [17356] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
[02/09/2016 10:15:38] - |D| - [2447] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
[09/09/2016 14:31:38] - |D| - [1619] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda.net Launcher
[02/06/2017 13:11:55] - |D| - [7747] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
[09/09/2016 12:11:15] - |A| - [1498] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
[22/12/2016 01:09:44] - |D| - [3324] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnInTest
[22/12/2016 16:35:48] - |D| - [999] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[28/09/2016 23:30:34] - |D| - [10800] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5.1
[31/08/2016 14:45:26] - |D| - [7038] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[28/09/2016 12:01:43] - |D| - [1477] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CRYENGINE Launcher
[04/06/2017 12:17:07] - |ASH| - [530] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
[01/09/2016 11:48:33] - |A| - [1384] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
[05/02/2016 18:15:40] - |A| - [2487] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
[03/10/2016 16:19:43] - |D| - [3051] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 17
[05/12/2016 16:44:18] - |D| - [2013] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[04/06/2017 16:58:24] - |A| - [1215] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Five Multiplayer.lnk
[07/09/2016 23:25:27] - |D| - [3961] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameMaker Player
[22/12/2016 01:21:32] - |D| - [3181] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
[19/06/2017 20:45:32] - |D| - [1170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
[31/08/2016 14:57:24] - |A| - [2330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[22/12/2016 16:42:09] - |D| - [871] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
[04/06/2017 12:12:56] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
[31/08/2016 14:44:10] - |RD| - [2471] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[06/06/2017 11:31:02] - |D| - [4175] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[31/08/2016 13:42:03] - |D| - [5141] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Killer Networking
[08/09/2016 12:58:23] - |D| - [4368] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Les Sims 4
[31/08/2016 14:59:09] - |D| - [8213] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
[31/08/2016 14:24:31] - |D| - [2346] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logiciel Thunderbolt(TM)
[16/10/2016 20:27:52] - |D| - [3074] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lumberyard
[04/06/2017 12:17:03] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[21/06/2017 16:17:52] - |D| - [3980] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[02/09/2016 17:28:48] - |D| - [1773] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
[02/09/2016 17:40:27] - |D| - [2338] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[02/09/2016 17:40:10] - |D| - [868] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
[02/09/2016 17:45:24] - |D| - [6466] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
[20/06/2017 10:23:05] - |A| - [1041] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[08/09/2016 23:16:18] - |D| - [2157] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
[10/09/2016 10:57:49] - |D| - [1106] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[24/09/2016 00:03:54] - |D| - [1479] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[05/02/2016 18:15:40] - |A| - [2487] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
[05/09/2016 23:07:17] - |D| - [1872] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[18/10/2016 09:57:19] - |D| - [5195] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016
[05/02/2016 18:15:40] - |A| - [2535] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
[04/11/2016 16:36:31] - |A| - [1140] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
[13/09/2016 13:18:36] - |D| - [4412] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Power & Revolution (français)
[05/02/2016 18:15:40] - |A| - [2514] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
[13/09/2016 09:32:27] - |A| - [2437] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
[31/08/2016 22:37:37] - |D| - [9102] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
[20/06/2017 00:08:48] - |D| - [953] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
[30/11/2016 22:27:50] - |D| - [2893] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Singles2
[22/12/2016 16:35:45] - |D| - [935] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
[04/06/2017 12:17:03] - |RD| - [3219] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
[31/08/2016 19:29:13] - |D| - [1108] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[04/06/2017 12:17:03] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
[30/10/2015 11:07:42] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[20/06/2017 15:12:00] - |D| - [2707] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher® 3 - Wild Hunt [GOG.com]
[09/09/2016 11:52:18] - |D| - [2305] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.4.0f3 (64-bit)
[31/08/2016 14:57:29] - |D| - [7188] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[02/09/2016 17:24:26] - |D| - [3913] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
[09/09/2016 12:09:57] - |D| - [7287] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
[09/09/2016 12:07:42] - |A| - [1507] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
[07/06/2017 13:21:11] - |D| - [941] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WhoCrashed
[02/09/2016 17:37:10] - |D| - [16988] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
[12/06/2017 11:02:21] - |A| - [1576] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[02/09/2016 17:42:59] - |D| - [4769] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Phone SDK 8.1
[01/09/2016 10:31:10] - |D| - [4305] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[05/02/2016 18:15:40] - |A| - [2497] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
[02/09/2016 10:04:06] - |D| - [37408] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wwise v2015.2_LTX build 5495
[13/09/2016 13:18:57] - |D| - [10355] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

[04/06/2017 12:17:07] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
[31/08/2016 13:42:03] - |A| - [2299] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
[31/08/2016 14:09:26] - |A| - [746] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NewShortcut1.lnk

---------- | C:\Program Files (x86)

[31/08/2016 14:53:28] - |D| - [3511045] - C:\Program Files (x86)\7-Zip
[19/11/2016 15:39:01] - |AD| - [10083448] - C:\Program Files (x86)\Action Replay PowerSaves 3DS
[31/08/2016 14:56:58] - |D| - [264625236] - C:\Program Files (x86)\Adobe
[31/08/2016 14:14:13] - |AD| - [3027111] - C:\Program Files (x86)\AirplaneModeInstaller
[02/09/2016 17:41:53] - |D| - [7582698] - C:\Program Files (x86)\AppInsights
[06/06/2017 11:29:01] - |AD| - [2767262] - C:\Program Files (x86)\Apple Software Update
[02/09/2016 17:38:50] - |AD| - [311234] - C:\Program Files (x86)\Application Verifier
[02/09/2016 10:04:06] - |D| - [2309389073] - C:\Program Files (x86)\Audiokinetic
[16/01/2017 10:51:49] - |AD| - [631713] - C:\Program Files (x86)\Bonjour
[28/09/2016 23:30:29] - |AD| - [38259424] - C:\Program Files (x86)\Cheat Engine 6.5.1
[04/06/2017 12:17:03] - |D| - [404969969] - C:\Program Files (x86)\Common Files
[31/08/2016 14:45:09] - |D| - [86234177] - C:\Program Files (x86)\Creative
[04/06/2017 12:17:06] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini
[04/06/2017 16:58:20] - |AD| - [151454501] - C:\Program Files (x86)\Five Multiplayer
[22/12/2016 01:21:32] - |D| - [7343571] - C:\Program Files (x86)\Geeks3D
[19/06/2017 20:45:26] - |D| - [249073820] - C:\Program Files (x86)\GOG Galaxy
[31/08/2016 14:57:13] - |D| - [424798480] - C:\Program Files (x86)\Google
[09/09/2016 11:52:37] - |D| - [71525890] - C:\Program Files (x86)\GtkSharp
[31/08/2016 14:09:26] - |AD| - [291667758] - C:\Program Files (x86)\Hotkey
[02/09/2016 17:27:14] - |AD| - [217744] - C:\Program Files (x86)\HTML Help Workshop
[02/09/2016 17:29:49] - |D| - [1182443] - C:\Program Files (x86)\IIS
[02/09/2016 17:30:16] - |AD| - [17563722] - C:\Program Files (x86)\IIS Express
[31/08/2016 13:42:07] - |HD| - [379602481] - C:\Program Files (x86)\InstallShield Installation Information
[31/08/2016 14:09:57] - |D| - [122091899] - C:\Program Files (x86)\Intel
[04/06/2017 12:17:03] - |D| - [2005059] - C:\Program Files (x86)\Internet Explorer
[31/08/2016 14:58:58] - |AD| - [452868622] - C:\Program Files (x86)\LibreOffice 5
[01/12/2016 00:36:16] - |D| - [123319380] - C:\Program Files (x86)\MakeMKV
[22/01/2017 18:57:54] - |D| - [3515646128] - C:\Program Files (x86)\Maxis
[02/09/2016 17:31:26] - |D| - [267762914] - C:\Program Files (x86)\Microsoft ASP.NET
[02/09/2016 15:11:55] - |D| - [25269676] - C:\Program Files (x86)\Microsoft Help Viewer
[05/02/2016 18:15:21] - |AD| - [2187774757] - C:\Program Files (x86)\Microsoft Office
[09/09/2016 12:12:36] - |D| - [19600882] - C:\Program Files (x86)\Microsoft Office365 Tools
[02/09/2016 15:11:53] - |AD| - [1180413973] - C:\Program Files (x86)\Microsoft SDKs
[02/09/2016 17:40:18] - |AD| - [55907910] - C:\Program Files (x86)\Microsoft Silverlight
[02/09/2016 15:11:41] - |AD| - [54045208] - C:\Program Files (x86)\Microsoft SQL Server
[02/09/2016 15:11:28] - |D| - [9709348] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[02/09/2016 17:45:24] - |AD| - [886564366] - C:\Program Files (x86)\Microsoft Visual Studio 11.0
[02/09/2016 17:03:04] - |D| - [7920470] - C:\Program Files (x86)\Microsoft Visual Studio 12.0
[09/09/2016 12:05:59] - |AD| - [1757176664] - C:\Program Files (x86)\Microsoft Visual Studio 14.0
[09/09/2016 12:25:35] - |D| - [922251] - C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity
[02/09/2016 17:29:54] - |D| - [87329395] - C:\Program Files (x86)\Microsoft WCF Data Services
[02/09/2016 17:31:01] - |AD| - [142836334] - C:\Program Files (x86)\Microsoft Web Tools
[02/09/2016 17:42:36] - |D| - [16952184] - C:\Program Files (x86)\Microsoft XDE
[04/06/2017 12:17:03] - |D| - [44326103] - C:\Program Files (x86)\Microsoft.NET
[20/06/2017 10:23:05] - |D| - [285127] - C:\Program Files (x86)\Mozilla Maintenance Service
[11/06/2017 03:23:09] - |D| - [140143960] - C:\Program Files (x86)\MSBuild
[10/09/2016 10:57:47] - |D| - [6954101] - C:\Program Files (x86)\Notepad++
[02/09/2016 17:30:05] - |D| - [9313914] - C:\Program Files (x86)\NuGet
[24/05/2017 23:12:41] - |D| - [447969631] - C:\Program Files (x86)\NVIDIA Corporation
[31/01/2017 16:16:15] - |D| - [83364171] - C:\Program Files (x86)\OCCTPT
[14/12/2016 21:03:00] - |D| - [157970276] - C:\Program Files (x86)\Orange
[05/09/2016 23:07:02] - |AD| - [343456268] - C:\Program Files (x86)\Origin
[05/09/2016 23:09:35] - |D| - [0] - C:\Program Files (x86)\Origin Games
[24/05/2017 23:13:15] - |D| - [9023490] - C:\Program Files (x86)\Razer
[31/08/2016 13:43:58] - |D| - [1373151855] - C:\Program Files (x86)\Realtek
[11/06/2017 03:23:09] - |D| - [1285503411] - C:\Program Files (x86)\Reference Assemblies
[31/08/2016 22:40:38] - |D| - [5133642257] - C:\Program Files (x86)\Rockstar Games
[22/12/2016 01:28:07] - |D| - [9510049] - C:\Program Files (x86)\SpeedFan
[31/08/2016 19:29:12] - |D| - [128284555756] - C:\Program Files (x86)\Steam
[31/08/2016 14:25:09] - |HD| - [319488] - C:\Program Files (x86)\Temp
[31/08/2016 20:10:06] - |D| - [318746185] - C:\Program Files (x86)\Ubisoft
[15/06/2017 09:44:57] - |D| - [109864] - C:\Program Files (x86)\UDPixel
[24/05/2017 23:12:40] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information
[31/08/2016 14:57:23] - |D| - [126263314] - C:\Program Files (x86)\VideoLAN
[13/10/2016 09:59:30] - |AD| - [333] - C:\Program Files (x86)\Virtual Router
[12/06/2017 11:00:07] - |D| - [1099146] - C:\Program Files (x86)\VulkanRT
[04/06/2017 12:17:03] - |D| - [1720976] - C:\Program Files (x86)\Windows Defender
[02/09/2016 15:12:21] - |D| - [571721638] - C:\Program Files (x86)\Windows Kits
[04/06/2017 12:17:03] - |D| - [626688] - C:\Program Files (x86)\Windows Mail
[05/06/2017 08:58:30] - |D| - [3295897] - C:\Program Files (x86)\Windows Media Player
[04/06/2017 12:17:03] - |D| - [38784] - C:\Program Files (x86)\Windows Multimedia Platform
[04/06/2017 12:17:03] - |D| - [7569602] - C:\Program Files (x86)\Windows NT
[02/09/2016 17:27:22] - |D| - [168022172] - C:\Program Files (x86)\Windows Phone Kits
[02/09/2016 17:43:02] - |D| - [118655720] - C:\Program Files (x86)\Windows Phone Silverlight Kits
[04/06/2017 12:17:03] - |D| - [5347168] - C:\Program Files (x86)\Windows Photo Viewer
[04/06/2017 12:17:03] - |D| - [38784] - C:\Program Files (x86)\Windows Portable Devices
[04/06/2017 12:17:03] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar
[04/06/2017 12:17:03] - |D| - [2244361] - C:\Program Files (x86)\WindowsPowerShell
[13/09/2016 13:18:55] - |D| - [11261204] - C:\Program Files (x86)\Xvid

---------- | C:\Program Files

[02/09/2016 17:38:50] - |AD| - [352338] - C:\Program Files\Application Verifier
[02/06/2017 13:09:58] - |D| - [599900458] - C:\Program Files\Bitdefender
[02/06/2017 12:03:16] - |AD| - [33210335] - C:\Program Files\Bitdefender Agent
[16/01/2017 10:51:49] - |AD| - [615066] - C:\Program Files\Bonjour
[22/12/2016 01:09:39] - |AD| - [69576052] - C:\Program Files\BurnInTest
[22/12/2016 16:35:46] - |AD| - [21315776] - C:\Program Files\CCleaner
[04/06/2017 12:17:03] - |D| - [1257863204] - C:\Program Files\Common Files
[04/06/2017 12:17:06] - |ASH| - [174] - C:\Program Files\desktop.ini
[05/02/2016 18:07:00] - |SHD| - [1257863204] - C:\Program Files\Fichiers communs
[05/12/2016 16:44:16] - |AD| - [23502188] - C:\Program Files\FileZilla FTP Client
[22/12/2016 16:42:08] - |AD| - [4208793] - C:\Program Files\HWiNFO64
[02/09/2016 17:29:49] - |AD| - [5476315] - C:\Program Files\IIS
[02/09/2016 17:30:16] - |AD| - [18302026] - C:\Program Files\IIS Express
[24/05/2017 23:12:48] - |D| - [1162360] - C:\Program Files\Insyde
[31/08/2016 13:30:22] - |D| - [39056419] - C:\Program Files\Intel
[04/06/2017 12:17:03] - |D| - [2630702] - C:\Program Files\Internet Explorer
[06/06/2017 11:30:43] - |D| - [1369059] - C:\Program Files\iPod
[06/06/2017 11:30:43] - |AD| - [432195919] - C:\Program Files\iTunes
[31/08/2016 13:41:39] - |D| - [45594850] - C:\Program Files\Killer Networking
[21/06/2017 16:17:48] - |D| - [137646462] - C:\Program Files\Malwarebytes
[05/02/2016 18:15:20] - |D| - [8751504] - C:\Program Files\Microsoft Office 15
[02/09/2016 15:11:41] - |AD| - [424485402] - C:\Program Files\Microsoft SQL Server
[02/09/2016 15:11:29] - |AD| - [10320164] - C:\Program Files\Microsoft SQL Server Compact Edition
[02/09/2016 17:17:46] - |D| - [2300078] - C:\Program Files\Microsoft Visual Studio 12.0
[20/06/2017 10:23:04] - |D| - [107434680] - C:\Program Files\Mozilla Firefox
[11/06/2017 03:23:09] - |D| - [25757] - C:\Program Files\MSBuild
[24/05/2017 23:12:35] - |D| - [1891399114] - C:\Program Files\NVIDIA Corporation
[04/11/2016 16:36:29] - |AD| - [59812904] - C:\Program Files\paint.net
[24/05/2017 23:12:52] - |D| - [37392384] - C:\Program Files\Realtek
[11/06/2017 03:23:09] - |D| - [36850857] - C:\Program Files\Reference Assemblies
[31/08/2016 20:14:57] - |D| - [75856494422] - C:\Program Files\Rockstar Games
[20/06/2017 00:08:46] - |D| - [51729550] - C:\Program Files\RogueKiller
[22/12/2016 16:35:44] - |AD| - [15197840] - C:\Program Files\Speccy
[24/05/2017 23:13:12] - |AD| - [96603243] - C:\Program Files\Synaptics
[05/02/2016 18:07:21] - |HD| - [0] - C:\Program Files\Uninstall Information
[07/06/2017 13:21:11] - |AD| - [13365484] - C:\Program Files\WhoCrashed
[04/06/2017 12:17:03] - |D| - [13884963] - C:\Program Files\Windows Defender
[05/06/2017 09:00:06] - |D| - [6941696] - C:\Program Files\Windows Defender Advanced Threat Protection
[04/06/2017 12:17:03] - |D| - [637952] - C:\Program Files\Windows Mail
[05/06/2017 08:58:30] - |D| - [4825789] - C:\Program Files\Windows Media Player
[04/06/2017 12:17:03] - |D| - [45512] - C:\Program Files\Windows Multimedia Platform
[04/06/2017 12:17:03] - |D| - [7834818] - C:\Program Files\Windows NT
[04/06/2017 12:17:03] - |D| - [6126432] - C:\Program Files\Windows Photo Viewer
[04/06/2017 12:17:03] - |D| - [45512] - C:\Program Files\Windows Portable Devices
[04/06/2017 12:17:03] - |D| - [92712] - C:\Program Files\Windows Security
[04/06/2017 12:17:03] - |SHD| - [0] - C:\Program Files\Windows Sidebar
[04/06/2017 12:17:03] - |HD| - [144403178789] - C:\Program Files\WindowsApps
[04/06/2017 12:17:03] - |D| - [2494131] - C:\Program Files\WindowsPowerShell
[14/12/2016 21:02:59] - |D| - [189003] - C:\Program Files\WinPcap
[01/09/2016 10:31:01] - |AD| - [6299307] - C:\Program Files\WinRAR

---------- | C:\Program Files (x86)\Common Files

[31/08/2016 14:56:58] - |AD| - [9328571] - C:\Program Files (x86)\Common Files\Adobe
[14/12/2016 21:02:26] - |AD| - [48275661] - C:\Program Files (x86)\Common Files\Adobe AIR
[16/01/2017 10:51:30] - |D| - [140484035] - C:\Program Files (x86)\Common Files\Apple
[01/09/2016 12:16:58] - |D| - [5855776] - C:\Program Files (x86)\Common Files\BattlEye
[31/08/2016 14:21:08] - |AD| - [47976] - C:\Program Files (x86)\Common Files\DESIGNER
[08/09/2016 12:58:22] - |HD| - [9930416] - C:\Program Files (x86)\Common Files\EAInstaller
[31/08/2016 14:44:49] - |D| - [8220068] - C:\Program Files (x86)\Common Files\InstallShield
[31/08/2016 14:44:54] - |D| - [251197] - C:\Program Files (x86)\Common Files\Intel Corporation
[02/09/2016 17:20:22] - |AD| - [41639936] - C:\Program Files (x86)\Common Files\Merge Modules
[02/09/2016 17:37:06] - |D| - [2221] - C:\Program Files (x86)\Common Files\Microsoft
[04/06/2017 12:17:03] - |D| - [126445898] - C:\Program Files (x86)\Common Files\Microsoft Shared
[29/09/2016 21:21:21] - |D| - [662081] - C:\Program Files (x86)\Common Files\PocketSoft
[31/08/2016 14:21:43] - |D| - [204796] - C:\Program Files (x86)\Common Files\PostureAgent
[04/06/2017 12:17:03] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services
[31/08/2016 19:29:13] - |D| - [3767360] - C:\Program Files (x86)\Common Files\Steam
[04/06/2017 12:17:03] - |D| - [9527691] - C:\Program Files (x86)\Common Files\System
[13/09/2016 13:17:46] - |D| - [323584] - C:\Program Files (x86)\Common Files\Thraex Software

---------- | C:\Program Files\Common files

[16/01/2017 10:51:37] - |D| - [158806340] - C:\Program Files\Common files\Apple
[24/05/2017 23:12:31] - |D| - [422] - C:\Program Files\Common files\Atheros
[02/06/2017 13:09:42] - |D| - [929188121] - C:\Program Files\Common files\Bitdefender
[03/10/2016 16:19:42] - |HD| - [1043666] - C:\Program Files\Common files\EAInstaller
[04/06/2017 12:17:03] - |D| - [158616886] - C:\Program Files\Common files\microsoft shared
[04/06/2017 12:17:03] - |D| - [2702] - C:\Program Files\Common files\Services
[04/06/2017 12:17:03] - |D| - [10205067] - C:\Program Files\Common files\System

---------- | Tasks

[MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [12/06/2017 11:04:38] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT
[MD5.CFC20C5FD1AF643C1D07514DA7DFFE6F] - [12/06/2017 11:04:38] - |A| - [3482] - C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task         :   C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[MD5.00000000000000000000000000000000] - [12/06/2017 11:04:38] - |D| - [2606] - C:\WINDOWS\System32\Tasks\Apple
[MD5.909C31F9DECBF4D28D2681B64B4E10CB] - [12/06/2017 11:04:38] - |A| - [2668] - C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864         :   C:\Program Files\Bitdefender Agent\WatchDog.exe
[MD5.75537AF89FF28162661A14F9EE367EE6] - [12/06/2017 11:04:38] - |A| - [2388] - C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C         :   C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
[MD5.4D817BD6DC4E816E092F60141807ECB7] - [12/06/2017 11:04:38] - |A| - [2218] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC         :   "C:\Program Files\CCleaner\CCleaner.exe"
[MD5.AE67C509A7071B8B905D61BA239A51B1] - [12/06/2017 11:04:38] - |A| - [3290] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.40A900AA01F275C94FB01C77B5CE0E40] - [12/06/2017 11:04:38] - |A| - [3514] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] - [12/06/2017 11:04:38] - |D| - [11100] - C:\WINDOWS\System32\Tasks\Intel
[MD5.09650088CE3965E8EB34EB949C199736] - [12/06/2017 11:04:38] - |A| - [3118] - C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification         :   "C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe"
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [555252] - C:\WINDOWS\System32\Tasks\Microsoft
[MD5.C18BCF8C6336505D5915A80EE95C47D2] - [12/06/2017 11:04:38] - |A| - [3398] - C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
[MD5.D271B57C704ED9FE8F7BDF6C46E504F6] - [12/06/2017 11:04:38] - |A| - [3176] - C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
[MD5.B8FC6CCCF9BB0C866D8776CB00C01F1C] - [12/06/2017 11:04:38] - |A| - [2968] - C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe
[MD5.F51E0D33C44156DBFB6432F11B308A7A] - [12/06/2017 11:04:38] - |A| - [2984] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
[MD5.A416713998B405C15DF29DC980393AF6] - [12/06/2017 11:04:38] - |A| - [2744] - C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
[MD5.1A919F03C70ACB361EBE07E705BA7845] - [12/06/2017 11:04:38] - |A| - [2838] - C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
[MD5.9173F2CE9E5535610FEDA93AA2FBA706] - [12/06/2017 11:04:38] - |A| - [2786] - C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
[MD5.30DF4287C7842184041D1D65DD2C55ED] - [12/06/2017 11:04:38] - |A| - [2956] - C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}         :   C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
[MD5.0C20D8B77DAA1A35F354E7C361A70572] - [12/06/2017 11:04:38] - |A| - [3302] - C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2         :   %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
[MD5.00000000000000000000000000000000] - [04/06/2017 12:17:04] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft

---------- | Firewall

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]
"WiFiDirect-KM-Driver-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-Out-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-In-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-Out-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"DeliveryOptimization-TCP-In"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE|
"DeliveryOptimization-UDP-In"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE|
"Netlogon-NamedPipe-In"=v2.27|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010|
"Netlogon-TCP-RPC-In"=v2.27|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010|
"WirelessDisplay-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Out-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Out-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Infra-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100|
"Wininit-Shutdown-In-Rule-TCP-RPC"=v2.27|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36753|Desc=@firewallapi.dll,-36754|EmbedCtxt=@firewallapi.dll,-36751|
"Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper"=v2.27|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC-EPMap|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36755|Desc=@firewallapi.dll,-36756|EmbedCtxt=@firewallapi.dll,-36751|
"MDNS-In-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort2_24=mDNS|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37303|Desc=@%SystemRoot%\system32\firewallapi.dll,-37304|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302|
"MDNS-Out-UDP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=5353|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37305|Desc=@%SystemRoot%\system32\firewallapi.dll,-37306|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302|
"{443FEFA6-59A9-4FFB-AC29-210F09E204B6}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ|
"{57EEFA6A-663B-4576-91E1-F30C4290BCA5}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ|
"{4A54A865-A2F3-4B88-93FC-9E928AC49A35}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Dododex Taming Calculator for Ark: Survival Evolved|Desc=Dododex Taming Calculator for Ark: Survival Evolved|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-2269949195-3939652191-1188738508-3357411355-3203514927-3430353469-3027853318|EmbedCtxt=Dododex Taming Calculator for Ark: Survival Evolved|Platform=2:6:2|Platform2=GTEQ|
"{DE565150-7744-4836-9688-6E5EF0977F74}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Name=Forza Hub|Desc=Forza Hub|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-1393333600-1512676117-1933989848-3941882286-3705629185-3519201258-4031779555|EmbedCtxt=Forza Hub|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{5AB31A47-0EC9-4C03-B867-7E9C5A5B913E}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Forza Hub|Desc=Forza Hub|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-1393333600-1512676117-1933989848-3941882286-3705629185-3519201258-4031779555|EmbedCtxt=Forza Hub|Platform=2:6:2|Platform2=GTEQ|
"{EAD352FA-37B0-4938-933E-51DB3273E632}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{0C2F0608-2A4B-429D-B09D-58EE069C5BDD}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|
"{4B0621FC-74A9-49E4-A9E6-D6569F5832D5}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=D:\Games\Uplay\Tom Clancy's Ghost Recon Wildlands\GRW.exe|Name=Ghost Recon Wildlands|
"{D9714544-44A9-4B11-B480-98F4CA8408A8}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Name=Xbox One SmartGlass|Desc=Xbox One SmartGlass|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-2214089197-971179125-4124359169-283697964-1336710732-3555069067-437187921|EmbedCtxt=Xbox One SmartGlass|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{A4C77D3F-58C4-458F-95E7-FF4760AC5FEF}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Xbox One SmartGlass|Desc=Xbox One SmartGlass|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-2214089197-971179125-4124359169-283697964-1336710732-3555069067-437187921|EmbedCtxt=Xbox One SmartGlass|Platform=2:6:2|Platform2=GTEQ|
"{8304E8D6-8780-42CB-A383-EF95F48CD8B1}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Wallet|Desc=Wallet|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Wallet|Platform=2:6:2|Platform2=GTEQ|
"compositor-In-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=48862|Name=compositor_Allow_In_TCP|Desc=Allow inbound TCP traffic on port 48862 for ShellCompositor.|EmbedCtxt=shellcompositor|
"compositor-Out-TCP"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|LPort=48862|Name=compositor_Allow_Out_TCP|Desc=Allow outbound TCP traffic for ShellCompositor.|EmbedCtxt=shellcompositor|
"UDP Query User{5C3337D3-7147-449C-844E-F70D7A65561D}E:\unreal engine\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=E:\unreal engine\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User|
"TCP Query User{3454AFF0-B704-426A-8861-8A7559B51369}E:\unreal engine\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=E:\unreal engine\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User|
"{090BC5FF-1744-4211-BF8C-AF81E4929CA2}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Orange\ma Livebox\dedicarz\PluginLivebox.exe|Name=PluginLivebox.exe|EmbedCtxt=@firewallapi.dll,-23255|
"{94089908-9B5F-46FB-8656-1D49E961D681}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Orange\ma Livebox\dedicarz\PluginLivebox.exe|Name=PluginLivebox.exe|EmbedCtxt=@firewallapi.dll,-23255|
"{722C3FF3-D91E-4B09-B68F-AF81ED64296B}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Orange\ma Livebox\dedicarz\LiveboxManager.exe|Name=LiveboxManager.exe|EmbedCtxt=@firewallapi.dll,-23255|
"{3DE25257-4BC3-47C3-B822-824367B1C237}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Orange\ma Livebox\dedicarz\LiveboxManager.exe|Name=LiveboxManager.exe|EmbedCtxt=@firewallapi.dll,-23255|
"{F87CB22B-6DF0-4908-AAB2-446326CF2ADC}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe|Name=Dedicarz Service|EmbedCtxt=@firewallapi.dll,-23255|
"{AC360BE1-41F2-4646-8032-D86E15B24954}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files (x86)\Orange\ma Livebox\dedicarz\DedicarzService.exe|Name=Dedicarz Service|EmbedCtxt=@firewallapi.dll,-23255|
"{AD83078C-6772-496B-9950-C33F7AC5694D}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour|EmbedCtxt=@firewallapi.dll,-23255|
"{7539569A-E61D-4DFE-9CEF-5B6ABAC350BD}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour|EmbedCtxt=@firewallapi.dll,-23255|
"UDP Query User{0FB96178-A26F-4705-BB6D-1AF4840D686F}D:\crytek\cryengine launcher\crytek\cryengine_5.2\bin\win_x64\sandbox.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\crytek\cryengine launcher\crytek\cryengine_5.2\bin\win_x64\sandbox.exe|Name=sandbox|Desc=sandbox|Defer=User|
"TCP Query User{023B1B4B-5412-48CF-9327-C066A68F674D}D:\crytek\cryengine launcher\crytek\cryengine_5.2\bin\win_x64\sandbox.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\crytek\cryengine launcher\crytek\cryengine_5.2\bin\win_x64\sandbox.exe|Name=sandbox|Desc=sandbox|Defer=User|
"{2D0D2691-C076-4259-BFE2-C6DD6907BF42}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=47995|LPort=47998|LPort=47999|LPort=48000|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming NvStreamer UDP Exception|Desc=UDP exceptions for SHIELD Streaming NvStreamer (RTSP/RI/A/V)|
"{7A093264-D8E6-43C9-B657-7D98490FEC00}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=35043|LPort=47995|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming NvStreamer TCP Exception|Desc=TCP exceptions for SHIELD Streaming NvStreamer (RTSP/RI)|
"{2E01C6C0-B0D1-41CF-9105-E12ED092DE9A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=47998|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe|Name=SHIELD Streaming SSAU UDP Exception|Desc=UDP exceptions for SHIELD Streaming SSAU (NWT)|
"{9F50E102-0C1F-4A28-9876-9002A9F0B654}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=47984|LPort=47989|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe|Name=SHIELD Streaming NSS TCP Exception|Desc=TCP exceptions for SHIELD Streaming NSS (HTTP)|
"UDP Query User{406BC71A-3869-40CE-9574-A0FF952A0C58}D:\games\cloud imperium games\patcher\cigpatcher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\games\cloud imperium games\patcher\cigpatcher.exe|Name=cigpatcher|Desc=cigpatcher|Edge=TRUE|Defer=App|
"TCP Query User{E6724033-9514-48DC-9249-0DF4A78A4659}D:\games\cloud imperium games\patcher\cigpatcher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\games\cloud imperium games\patcher\cigpatcher.exe|Name=cigpatcher|Desc=cigpatcher|Edge=TRUE|Defer=App|
"WebManagement-In-Https"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=50443|App=System|Name=WebManagement_Allow_In_HTTPS|Desc=Allow inbound TCP traffic on dynamic HTTPS port for device web management|EmbedCtxt=WebManagement|
"WebManagement-In-Http"=v2.26|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=50080|App=System|Name=WebManagement_Allow_In_HTTP|Desc=Allow inbound TCP traffic on dynamic HTTP port for device web management|EmbedCtxt=WebManagement|
"SshProxy-Service"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=22|App=%SystemRoot%\system32\svchost.exe|Svc=SshProxy|Name=@%SystemRoot%\system32\SshProxy.dll,-5|Desc=@%SystemRoot%\system32\SshProxy.dll,-6|EmbedCtxt=Ssh Server|
"WebManagement-Out"=v2.26|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=WebManagement_Allow_Out|Desc=Allow outbound TCP traffic from device web management|EmbedCtxt=WebManagement|
"UDP Query User{C1E1D1D4-A7A3-410E-ADAC-FD8EFBCD2ACC}C:\program files\rockstar games\grand theft auto v\gta5.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\rockstar games\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V|Defer=User|
"TCP Query User{CB7C2CCF-7F79-47BF-B0B1-5FE6A293D650}C:\program files\rockstar games\grand theft auto v\gta5.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\rockstar games\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V|Defer=User|
"UDP Query User{2757C87F-89E5-4BC6-91AD-04B4DEA6DB89}D:\games\steam\steamapps\common\fallout 4\creationkit.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\games\steam\steamapps\common\fallout 4\creationkit.exe|Name=Creation Kit 2.0|Desc=Creation Kit 2.0|Defer=User|
"TCP Query User{3A7D554B-0CBF-4002-AA3E-2C358544E7E4}D:\games\steam\steamapps\common\fallout 4\creationkit.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\games\steam\steamapps\common\fallout 4\creationkit.exe|Name=Creation Kit 2.0|Desc=Creation Kit 2.0|Defer=User|
"UDP Query User{100521AB-6B35-4C96-AA3C-8EEE29847836}D:\games\steam\steamapps\common\assettocorsa\acs.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\games\steam\steamapps\common\assettocorsa\acs.exe|Name=acs|Desc=acs|Defer=User|
"TCP Query User{D7939791-83B6-47DD-9D84-568522CF0491}D:\games\steam\steamapps\common\assettocorsa\acs.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\games\steam\steamapps\common\assettocorsa\acs.exe|Name=acs|Desc=acs|Defer=User|
"{ED8E3A03-3A5C-431C-A25A-9ECD833EE42A}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe|Name=devenv.exe|Edge=TRUE|
"{29FD062C-6879-4E5E-AEC1-5C682848DD9B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=D:\Unity\Editor\Unity.exe|Name=Unity.exe|Edge=TRUE|
"{2A0E6AFA-7659-494D-9269-EF26A0F469E4}"=v2.26|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe|Name=UnityVS.OpenFile.exe|Edge=TRUE|
"{E884BD7F-BFE4-4C4E-8047-F483557EB1DD}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=3702|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe|Name=Visual Studio 2015 Remote Debugger Discovery (devenv.exe)|Desc=Inbound rule to allow Visual Studio to discover remote debuggers running on the local network [UDP 3702]|Edge=TRUE|
"UDP Query User{69F2B612-E129-40B2-AA13-F3D4D260E29D}E:\amazon\lumberyard\1.4.0.1\dev\bin64\assetprocessor_tmp.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=E:\amazon\lumberyard\1.4.0.1\dev\bin64\assetprocessor_tmp.exe|Name=assetprocessor_tmp|Desc=assetprocessor_tmp|Defer=User|
"TCP Query User{90EAED2C-BF5E-47D5-BA3E-44685B450D6C}E:\amazon\lumberyard\1.4.0.1\dev\bin64\assetprocessor_tmp.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=E:\amazon\lumberyard\1.4.0.1\dev\bin64\assetprocessor_tmp.exe|Name=assetprocessor_tmp|Desc=assetprocessor_tmp|Defer=User|
"UDP Query User{582E68B2-4904-42C4-8319-AC426ED4AAFB}C:\program files (x86)\google\chrome\application\chrome.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\google\chrome\application\chrome.exe|Name=Google Chrome|Desc=Google Chrome|Defer=User|
"TCP Query User{DBB25BBC-C5B5-4EB2-8B1D-95E055DB6885}C:\program files (x86)\google\chrome\application\chrome.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\google\chrome\application\chrome.exe|Name=Google Chrome|Desc=Google Chrome|Defer=User|
"{F0C62AEC-3750-452D-BC7A-FB8E414D7FFC}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\Games\Uplay\Tom Clancy's Rainbow Six Siege\RainbowSix.exe|Name=Rainbow Six - Siege: Launcher|
"{9E0B0135-C650-4398-BE41-68A219F5670E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\Games\Uplay\Tom Clancy's Rainbow Six Siege\RainbowSix.exe|Name=Rainbow Six - Siege: Launcher|
"{8AE00CA3-7C00-4F18-B1BA-75134FBC902B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\Games\Uplay\Far Cry 4\bin\FarCry4.exe|Name=FarCry4|
"{F605F346-F3E4-4E19-8F12-741A71CDCFF2}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\Games\Uplay\Far Cry 4\bin\FarCry4.exe|Name=FarCry4|
"{9C41C774-38F4-4F13-8252-3E6A582978AF}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\Games\Uplay\Far Cry 4\bin\IGE_WPF64.exe|Name=FarCry4-IGE|
"{89497182-3429-4EB4-98B7-F740854C0B57}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\Games\Uplay\Far Cry 4\bin\IGE_WPF64.exe|Name=FarCry4-IGE|
"{6D832701-FABF-45F2-8493-24AA199ADA6B}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\Games\Uplay\Assassin's Creed Rogue\ACC.exe|Name=AC Rogue|
"{0840267A-50E8-4F5A-8D9C-0A5C609D0C87}"=v2.26|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\Games\Uplay\Assassin's Creed Rogue\ACC.exe|Name=AC Rogue|
"TCP Query User{61409B0D-8305-4540-9D39-731502A1E071}D:\games\origin\fifa 17\fifa17.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=D:\games\origin\fifa 17\fifa17.exe|Name=FIFA 17|Desc=FIFA 17|Defer=User|
"UDP Query User{E48C5D2E-B8B1-477B-9B18-AC0B241FE12F}D:\games\origin\fifa 17\fifa17.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=D:\games\origin\fifa 17\fifa17.exe|Name=FIFA 17|Desc=FIFA 17|Defer=User|
"{1F814DC5-072B-4A70-9B01-FA6235C379F8}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Holograms|Desc=Holograms|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-1602109543-489299846-2933479085-1573170910-173486505-4040315008-997329221|EmbedCtxt=Holograms|Platform=2:6:2|Platform2=GTEQ|
"{104B34CF-408E-4B45-A5BD-7991A15C54B7}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe|Name=SHIELD Streaming SSAS UDP Exception|Desc=UDP exceptions for SHIELD Streaming SSAS (mDNS)|
"{2435F8D6-C1FC-4F63-AFF7-6F8A91BFE67F}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Forza Motorsport 6: Apex|Desc=Forza Motorsport 6: Apex|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-659367499-3410908210-3321606304-2202737211-3639351877-388867530-2978036834|EmbedCtxt=Forza Motorsport 6: Apex|Platform=2:6:2|Platform2=GTEQ|
"{4AD0649E-F942-4F21-97B6-F25D52674CAF}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Name=Forza Motorsport 6: Apex|Desc=Forza Motorsport 6: Apex|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-659367499-3410908210-3321606304-2202737211-3639351877-388867530-2978036834|EmbedCtxt=Forza Motorsport 6: Apex|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{29FB823A-925C-4613-81C0-ADEBC71C9971}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=D:\Games\Uplay\WATCH_DOGS2\bin\WatchDogs2.exe|Name=WatchDogs2-TCP|
"{E0A0826B-8077-4758-B665-A1AC2D6438D1}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=D:\Games\Uplay\WATCH_DOGS2\bin\WatchDogs2.exe|Name=WatchDogs2-UDP|
"TCP Query User{600BAE1D-6754-4C05-94F3-567A077D80D2}E:\ark dev kit\arkdevkit\engine\binaries\win64\ue4editor.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=E:\ark dev kit\arkdevkit\engine\binaries\win64\ue4editor.exe|Name=Unreal Engine|Desc=Unreal Engine|Defer=User|
"UDP Query User{5087E294-EBCD-4849-B695-7ACB39AFE8EB}E:\ark dev kit\arkdevkit\engine\binaries\win64\ue4editor.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=E:\ark dev kit\arkdevkit\engine\binaries\win64\ue4editor.exe|Name=Unreal Engine|Desc=Unreal Engine|Defer=User|
"TCP Query User{89115A52-759E-4603-8B44-F3A2D5DD464B}E:\unreal engine\epic games\4.14\engine\binaries\win64\ue4editor.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=E:\unreal engine\epic games\4.14\engine\binaries\win64\ue4editor.exe|Name=Unreal Engine|Desc=Unreal Engine|Defer=User|
"UDP Query User{B67FDCAF-87A5-4EF9-9FEB-9E92BA64B71A}E:\unreal engine\epic games\4.14\engine\binaries\win64\ue4editor.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=E:\unreal engine\epic games\4.14\engine\binaries\win64\ue4editor.exe|Name=Unreal Engine|Desc=Unreal Engine|Defer=User|
"{59E85198-50FF-445B-AD98-876670505654}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=9103|App=D:\Games\Uplay\Steep\steep.exe|Name=STEEP|
"{164B0284-274E-4777-B243-8F792A269C71}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{E794D79E-A3DA-41C0-BABC-90A2E5D23455}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{23B817EA-D0CE-499B-8617-58D12AFBF5DB}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{5B1A022C-932C-4BC4-94AF-990D5CD742D4}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour|
"{D813F581-6A41-4CD5-A75E-225FA06FF72A}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=Holographic Item Player|Desc=Holographic Item Player|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-2848169271-1944770290-2690789639-3499139168-2840136067-3338101526-125811250|EmbedCtxt=Holographic Item Player|Platform=2:6:2|Platform2=GTEQ|
"{4352AC87-A036-450C-8010-EB7CF9C70AB7}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome|
"{B6C81BF6-7FAA-4E8B-AAE2-0AFEC8EBD7B5}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Name=HP All-in-One Printer Remote|Desc=HP All-in-One Printer Remote|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP All-in-One Printer Remote|Platform=2:6:2|Platform2=GTEQ|
"{154BF8B5-3721-445F-BBBE-1065174F2055}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Name=HP All-in-One Printer Remote|Desc=HP All-in-One Printer Remote|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP All-in-One Printer Remote|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{5B0FD435-FE01-4A1A-810C-E252190582F6}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ|
"{CDDAD587-1760-4760-95FA-DA102ACD1B60}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shell Input Application|Desc=Shell Input Application|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-3945102849-3632965805-3846928828-240845225-3300287824-62672950-817265009|EmbedCtxt=Shell Input Application|Platform=2:6:2|Platform2=GTEQ|
"{2B425E62-7D44-4886-96D1-FB88B40544D0}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ|
"{D0453F74-65F5-49A9-AF4D-CF4382AD4B65}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ|
"{4A6D40BB-38EE-4D54-9538-3546DC6C5045}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Print 3D|Desc=Print 3D|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-4177018473-2823706547-3652141868-2730301309-560159678-43221128-488844051|EmbedCtxt=Print 3D|Platform=2:6:2|Platform2=GTEQ|
"{BF371F00-D91E-413E-9AEF-3E3D6DCB3E36}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ|
"{B1A70F10-DAE4-476D-99F1-3A8701704D96}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Sticky Notes|Desc=Microsoft Sticky Notes|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-3539788797-2700867667-1432428195-1581642-2885308443-3834444517-2495346167|EmbedCtxt=Microsoft Sticky Notes|Platform=2:6:2|Platform2=GTEQ|
"{50CFAC02-0325-41F1-8CAD-A589AC37C8FE}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|
"{1159F440-19E3-4EAE-A2AA-F1DFA27D5182}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{58082319-3AC1-419A-8E4C-A1C99B43FE6C}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Candy Crush Soda Saga|Desc=Candy Crush Soda Saga|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-3055884410-2067824683-223899546-422323478-2359388318-2114876276-1379654078|EmbedCtxt=Candy Crush Soda Saga|Platform=2:6:2|Platform2=GTEQ|
"{C7F5FD71-2341-423D-9C85-B0376A7163E8}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game bar|Desc=Xbox Game bar|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game bar|Platform=2:6:2|Platform2=GTEQ|
"{661A8FB9-D80C-4B15-A5E6-43F10D7E5B05}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\Games\Origin\The Sims 4\Game\Bin\TS4.exe|Name=Les Sims™ 4 32 Bit|
"{EF66A4D0-4E86-4C85-9F18-9D87ABA35FDC}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\Games\Origin\The Sims 4\Game\Bin\TS4.exe|Name=Les Sims™ 4 32 Bit|
"{B7FFBFBF-5CFB-46F7-AD8A-8764D36F42DD}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\Games\Origin\The Sims 4\Game\Bin\TS4_x64.exe|Name=Les Sims™ 4 64 Bit|
"{74A5C2AE-0F4C-4572-853B-824465B76EE2}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\Games\Origin\The Sims 4\Game\Bin\TS4_x64.exe|Name=Les Sims™ 4 64 Bit|
"{DF38E022-0059-4E6B-94E3-99855C4B4861}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\Games\Origin\FIFA 17\FIFASetup\fifaconfig.exe|Name=FIFA 17|
"{A452DD6C-C526-4CE2-B726-A9F6CAA9295A}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\Games\Origin\FIFA 17\FIFASetup\fifaconfig.exe|Name=FIFA 17|
"{54E3ACDA-7D12-4F04-904D-E9B7E22A14AA}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ|
"{CFF802E6-37B1-441C-B7FA-0E29C694E766}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ|
"{2426CFC5-6CCC-4968-A8BE-3916A8C0E6A9}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files\Mozilla Firefox)|
"{1057366A-9FC3-4EDD-9B9A-A0F237F33C39}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files\Mozilla Firefox)|
"{23B6BD49-79DF-4A98-8D70-F304B15AFEE6}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ|
"{1A56D2F6-C00A-4E54-9A2A-A155A9D69B2A}"=v2.27|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Forza Horizon 3|Desc=Forza Horizon 3|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-1987231219-3494637732-3076478737-3503969843-3465841799-2831659819-1889736820|EmbedCtxt=Forza Horizon 3|Platform=2:6:2|Platform2=GTEQ|
"{ABD21D42-A7DD-4016-9B12-C60170E9BA29}"=v2.27|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Forza Horizon 3|Desc=Forza Horizon 3|LUOwn=S-1-5-21-533811266-1534692092-1485993985-1002|AppPkgId=S-1-15-2-1987231219-3494637732-3076478737-3503969843-3465841799-2831659819-1889736820|EmbedCtxt=Forza Horizon 3|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|





---------- | Control\Class

[HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{091BC97E-2352-4362-A539-10A6D8FF7596}] : (RDPDR) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem21.inf,%ClassName%;SAMSUNG Android Phone
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4532C9EB-FEF9-43AC-83DA-D5DE1F9A2BFF}] : (nvpciflt) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{57465043-616c-6c6f-7574-5f636c617373}] : (WFPCALLOUTS) [] -> @oem57.inf,%ClassName%;WFPCALLOUTS
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs)
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{CC41EBA2-AB57-4F4E-8C3D-1BC33B1E74E3}] : (RDPDR) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f72fe0d4-cbcb-407d-8814-9ed673d0dd6b}] : (USB) [] -> @oem52.inf,%ClassName%;ADB Interface
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)

---------- | Loaded modules (whitelist)

[02/06/2017 13:09:58] - (2.4.986.68) - (BitDefender S.R.L. - Trufos Kernel Module) - C:\WINDOWS\system32\DRIVERS\trufos.sys
[02/06/2017 13:09:59] - (2.0.0.75) - (BitDefender LLC - BitDefender Gonzales FileSystem Driver) - C:\WINDOWS\system32\DRIVERS\gzflt.sys
[02/06/2017 13:11:03] - (3.13.17482.6533) - (BitDefender - Active Virus Control filter driver) - C:\WINDOWS\system32\DRIVERS\avc3.sys
[02/06/2017 13:10:56] - (1.1.0.719) - (Bitdefender - IGNIS filter driver) - C:\WINDOWS\system32\DRIVERS\ignis.sys
[23/03/2016 10:46:52] - (4.1.4.54) - (Rivet Networks, LLC. - Killer Bandwidth Control Filter Driver) - C:\WINDOWS\system32\DRIVERS\bwcW10x64.sys
[22/12/2016 16:42:16] - (8.98.0.0) - (REALiX(tm) - HWiNFO AMD64 Kernel Driver) - C:\WINDOWS\system32\drivers\HWiNFO64A.SYS
[02/06/2017 13:11:05] - (13.1.1.4) - (BitDefender - FileVault Disk Driver) - C:\WINDOWS\system32\DRIVERS\bdvedisk.sys
[02/06/2017 13:10:56] - (7.0.0.31) - (BitDefender LLC - BitDefender Firewall WFP Filter Driver) - C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
[24/10/2016 00:44:40] - (4.21.0.9613) - (PureVPN - PureStealth) - C:\WINDOWS\System32\drivers\neo_vpn.sys
[25/05/2017 01:06:52] - (22.21.13.8233) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 382.33) - C:\WINDOWS\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvlddmkm.sys
[04/06/2017 12:08:33] - (9.0.0.42) - (Qualcomm Atheros, Inc. - Killer e2400 PCI-E Gigabit Ethernet Controller) - C:\WINDOWS\System32\drivers\e2xw10x64.sys
[31/08/2016 13:45:04] - (10.0.10586.21288) - (Realsil Semiconductor Corporation - RTS PCIE READER Driver) - C:\WINDOWS\system32\DRIVERS\RtsPer.sys
[04/06/2017 12:08:28] - (4.0.2.262) - (Qualcomm Atheros, Inc. - Qualcomm Atheros Extensible Wireless LAN device driver) - C:\WINDOWS\System32\drivers\Qcamain10x64.sys
[07/03/2017 11:30:05] - (19.3.4.66) - (Synaptics Incorporated - Synaptics Touchpad Win64 Driver) - C:\WINDOWS\system32\DRIVERS\SynTP.sys
[31/08/2016 14:09:43] - (1.0.0.13) - (Insyde Software Corp. - HotKey Keyboard Class Filter Driver) - C:\WINDOWS\system32\DRIVERS\HKKbdFltr.sys
[31/08/2016 14:09:43] - (1.0.0.13) - (Insyde Software Corp. - HotKey Mouse Class Filter Driver) - C:\WINDOWS\system32\DRIVERS\HKMouFltr.sys
[07/03/2017 11:30:05] - (19.3.4.66) - (Synaptics Incorporated - Synaptics SMBus Driver) - C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
[02/10/2015 06:19:48] - (1.4.0.3) - (Insyde Corporation - Insyde Airplane Mode HID Mini-driver) - C:\WINDOWS\system32\DRIVERS\AirplaneModeHid.sys
[24/05/2017 23:30:45] - (3.60.2.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys
[25/05/2017 01:06:53] - (202.0.0.0) - (NVIDIA Corporation - Virtual USB Host Controller driver) - C:\WINDOWS\System32\drivers\nvvhci.sys
[25/04/2017 19:23:06] - (1.3.34.26) - (NVIDIA Corporation - NVIDIA HDMI Audio Driver) - C:\WINDOWS\system32\drivers\nvhda64v.sys
[12/01/2017 08:22:26] - (6.10.0.8) - (Creative Technology Ltd. - Creative Audio Driver) - C:\WINDOWS\system32\drivers\MBfilt64.sys
[11/07/2016 10:20:00] - (10.0.0.265) - (Qualcomm Atheros - Qualcomm Atheros BtFilter Driver) - C:\WINDOWS\system32\DRIVERS\btfilter.sys
[11/02/2011 23:23:34] - (4.1.0.2001) - (CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver) - C:\WINDOWS\system32\drivers\npf.sys
[29/12/2012 22:59:38] - (2.3.11.0) - (Almico Software - SpeedFan x64 Driver) - C:\WINDOWS\SysWOW64\speedfan.sys
[02/06/2017 13:11:03] - (3.13.17482.6533) - (BitDefender - Active Virus Control Kernel Filtering driver) - C:\WINDOWS\system32\DRIVERS\avckf.sys
[21/06/2017 16:17:51] - (0.0.0.0) - ( -) - C:\WINDOWS\system32\drivers\mbae64.sys

---------- | LoadOrderGroup

Name: System Reserved - DriverEnabled: True - GroupOrder: 1 - Status: OK
Name: EMS - DriverEnabled: True - GroupOrder: 2 - Status: OK
Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 3 - Status: OK
Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 4 - Status: OK
Name: System Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK
Name: SCSI miniport - DriverEnabled: True - GroupOrder: 6 - Status: OK
Name: Port - DriverEnabled: True - GroupOrder: 7 - Status: OK
Name: Primary Disk - DriverEnabled: True - GroupOrder: 8 - Status: OK
Name: SCSI Class - DriverEnabled: True - GroupOrder: 9 - Status: OK
Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 10 - Status: OK
Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 11 - Status: OK
Name: FSFilter System - DriverEnabled: True - GroupOrder: 12 - Status: OK
Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 13 - Status: OK
Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 14 - Status: OK
Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 15 - Status: OK
Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 16 - Status: OK
Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 17 - Status: OK
Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 18 - Status: OK
Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 19 - Status: OK
Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 20 - Status: OK
Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 21 - Status: OK
Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 22 - Status: OK
Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 23 - Status: OK
Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 24 - Status: OK
Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 25 - Status: OK
Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 26 - Status: OK
Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 27 - Status: OK
Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 28 - Status: OK
Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 29 - Status: OK
Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 30 - Status: OK
Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 31 - Status: OK
Name: FSFilter Top - DriverEnabled: True - GroupOrder: 32 - Status: OK
Name: Filter - DriverEnabled: True - GroupOrder: 33 - Status: OK
Name: Boot File System - DriverEnabled: True - GroupOrder: 34 - Status: OK
Name: Base - DriverEnabled: True - GroupOrder: 35 - Status: OK
Name: Pointer Port - DriverEnabled: True - GroupOrder: 36 - Status: OK
Name: Keyboard Port - DriverEnabled: True - GroupOrder: 37 - Status: OK
Name: Pointer Class - DriverEnabled: True - GroupOrder: 38 - Status: OK
Name: Keyboard Class - DriverEnabled: True - GroupOrder: 39 - Status: OK
Name: Video Init - DriverEnabled: True - GroupOrder: 40 - Status: OK
Name: Video - DriverEnabled: True - GroupOrder: 41 - Status: OK
Name: Video Save - DriverEnabled: True - GroupOrder: 42 - Status: OK
Name: File System - DriverEnabled: True - GroupOrder: 43 - Status: OK
Name: Streams Drivers - DriverEnabled: True - GroupOrder: 44 - Status: OK
Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 45 - Status: OK
Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 46 - Status: OK
Name: Event Log - DriverEnabled: True - GroupOrder: 47 - Status: OK
Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 48 - Status: OK
Name: AudioGroup - DriverEnabled: True - GroupOrder: 49 - Status: OK
Name: UIGroup - DriverEnabled: True - GroupOrder: 50 - Status: OK
Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 51 - Status: OK
Name: PlugPlay - DriverEnabled: True - GroupOrder: 52 - Status: OK
Name: Cryptography - DriverEnabled: True - GroupOrder: 53 - Status: OK
Name: PNP_TDI - DriverEnabled: True - GroupOrder: 54 - Status: OK
Name: NDIS - DriverEnabled: True - GroupOrder: 55 - Status: OK
Name: TDI - DriverEnabled: True - GroupOrder: 56 - Status: OK
Name: iSCSI - DriverEnabled: True - GroupOrder: 57 - Status: OK
Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 58 - Status: OK
Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK
Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK
Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK
Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK
Name: NetworkProvider - DriverEnabled: True - GroupOrder: 63 - Status: OK
Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 64 - Status: OK
Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 65 - Status: OK
Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 66 - Status: OK
Name: Extended Base - DriverEnabled: True - GroupOrder: 67 - Status: OK
Name: PCI Configuration - DriverEnabled: True - GroupOrder: 68 - Status: OK
Name: MS Transactions - DriverEnabled: True - GroupOrder: 69 - Status: OK
Name: Core - DriverEnabled: False - GroupOrder: 70 - Status: OK
Name: Early-Launch - DriverEnabled: False - GroupOrder: 71 - Status: OK
Name: Network - DriverEnabled: False - GroupOrder: 72 - Status: OK
Name: PNP Filter - DriverEnabled: False - GroupOrder: 73 - Status: OK
Name: Core Security Extensions - DriverEnabled: False - GroupOrder: 74 - Status: OK
Name: NetworkService - DriverEnabled: False - GroupOrder: 75 - Status: OK
Name: _Early-Launch - DriverEnabled: False - GroupOrder: 76 - Status: OK
Name: LocalService - DriverEnabled: False - GroupOrder: 77 - Status: OK

---------- | LoadOrderGroupServiceDependencies

LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess"
LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs"

---------- | LoadOrderGroupServiceMembers

LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc"
LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder"
LoadOrderGroup.Name="AudioGroup" - Service.Name="Audiosrv"
LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="BrokerInfrastructure"
LoadOrderGroup.Name="NetworkProvider" - Service.Name="Browser"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="CscService"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch"
LoadOrderGroup.Name="PlugPlay" - Service.Name="DeviceInstall"
LoadOrderGroup.Name="TDI" - Service.Name="Dhcp"
LoadOrderGroup.Name="TDI" - Service.Name="Dnscache"
LoadOrderGroup.Name="TDI" - Service.Name="dot3svc"
LoadOrderGroup.Name="TDI" - Service.Name="DusmSvc"
LoadOrderGroup.Name="Event Log" - Service.Name="EventLog"
LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc"
LoadOrderGroup.Name="TDI" - Service.Name="icssvc"
LoadOrderGroup.Name="TDI" - Service.Name="irmon"
LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation"
LoadOrderGroup.Name="TDI" - Service.Name="lmhosts"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="LSM"
LoadOrderGroup.Name="NetworkService" - Service.Name="MapsBroker"
LoadOrderGroup.Name="NetworkProvider" - Service.Name="MpsSvc"
LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI"
LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon"
LoadOrderGroup.Name="Cryptography" - Service.Name="NgcCtnrSvc"
LoadOrderGroup.Name="Cryptography" - Service.Name="NgcSvc"
LoadOrderGroup.Name="Video" - Service.Name="NVDisplay.ContainerLocalSystem"
LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay"
LoadOrderGroup.Name="Plugplay" - Service.Name="Power"
LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs"
LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs"
LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr"
LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS"
LoadOrderGroup.Name="Event Log" - Service.Name="ServiceDevMgmt"
LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection"
LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler"
LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="UevAgentService"
LoadOrderGroup.Name="System Reserved" - Service.Name="VSSERV"
LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc"
LoadOrderGroup.Name="TDI" - Service.Name="Wcmsvc"
LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient"
LoadOrderGroup.Name="TDI" - Service.Name="WlanSvc"
LoadOrderGroup.Name="TDI" - Service.Name="wlpasvc"
LoadOrderGroup.Name="LocalService" - Service.Name="workfolderssvc"
LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="3ware"
LoadOrderGroup.Name="Core" - SystemDriver.Name="ACPI"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AcpiDev"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="acpiex"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="acpitime"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ADP80XX"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsbs"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata"
LoadOrderGroup.Name="FSFilter HSM" - SystemDriver.Name="AppvStrm"
LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="AppvVemgr"
LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="AppvVfs"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi"
LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="avc3"
LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="avckf"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="b06bdrv"
LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicDisplay"
LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicRender"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn2"
LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="bdelam"
LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="BfLwf"
LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthAvrcpTg"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthHFEnum"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="BthPan"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHPORT"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHUSB"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs"
LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="cht4iscsi"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="cht4vbd"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass"
LoadOrderGroup.Name="FSFilter HSM" - SystemDriver.Name="CldFlt"
LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS"
LoadOrderGroup.Name="Core" - SystemDriver.Name="CNG"
LoadOrderGroup.Name="Base" - SystemDriver.Name="cnghwassist"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus"
LoadOrderGroup.Name="Base" - SystemDriver.Name="condrv"
LoadOrderGroup.Name="network" - SystemDriver.Name="CSC"
LoadOrderGroup.Name="Network" - SystemDriver.Name="Dfsc"
LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="ebdrv"
LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorClass"
LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorTcgDrv"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat"
LoadOrderGroup.Name="FSFilter Encryption" - SystemDriver.Name="FileCrypt"
LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo"
LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace"
LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr"
LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="FsDepends"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol"
LoadOrderGroup.Name="Base" - SystemDriver.Name="genericusbfn"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="GPIOClx0101"
LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="gzflt"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus"
LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidi2c"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidinterrupt"
LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr"
LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hvservice"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hyperkbd"
LoadOrderGroup.Name="Video" - SystemDriver.Name="HyperVideo"
LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iai2c"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2_BXT_P"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C_BXT_P"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSSi_GPIO"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSSi_I2C"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAV"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="ibbus"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ignis"
LoadOrderGroup.Name="Base" - SystemDriver.Name="IndirectKmd"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide"
LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="intelpep"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="iorate"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="irda"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="kdnic"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="KillerEth"
LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD"
LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2i"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS3i"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SSS"
LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv"
LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbhost"
LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbip"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas2i"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasr"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MEIx64"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="mlx4_bus"
LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr"
LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv"
LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb"
LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb10"
LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsBridge"
LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="msgpiowin32"
LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidkmdf"
LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidumdf"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsLldp"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM"
LoadOrderGroup.Name="Filter" - SystemDriver.Name="MsSecFlt"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig"
LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="mvumis"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ndfltr"
LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisTapi"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="ndiswanlegacy"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ndproxy"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Neo_VPN"
LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="netvsc"
LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="NTFS"
LoadOrderGroup.Name="Base" - SystemDriver.Name="Null"
LoadOrderGroup.Name="Video" - SystemDriver.Name="nvlddmkm"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="nvvhci"
LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia"
LoadOrderGroup.Name="System Reserved" - SystemDriver.Name="pcw"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pdc"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas2i"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas3i"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Qcamain10x64"
LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd"
LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFS"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFSv1"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="RFCOMM"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="rhproxy"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr"
LoadOrderGroup.Name="Video" - SystemDriver.Name="s3cap"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="sdbus"
LoadOrderGroup.Name="Base" - SystemDriver.Name="SensorsSimulatorDriver"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum"
LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial"
LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4"
LoadOrderGroup.Name="Base" - SystemDriver.Name="SmbDrvI"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="spaceport"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="SpatialGraphFilter"
LoadOrderGroup.Name="Network" - SystemDriver.Name="srv"
LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2"
LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="storahci"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="storflt"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stornvme"
LoadOrderGroup.Name="FSFilter Quota Management" - SystemDriver.Name="storqosflt"
LoadOrderGroup.Name="Base" - SystemDriver.Name="storvsc"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="swenum"
LoadOrderGroup.Name="Video Init" - SystemDriver.Name="Synth3dVsc"
LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="SynTP"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tap0901"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="terminpt"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="TPM"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="trufos"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="TsUsbGD"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="tsusbhub"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmCx0101"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmTcpciCx0101"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Ucx01000"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs"
LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="UevAgentDriver"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="Ufx01000"
LoadOrderGroup.Name="Base" - SystemDriver.Name="UfxChipidea"
LoadOrderGroup.Name="Base" - SystemDriver.Name="ufxsynopsys"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass"
LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsChipidea"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UrsCx01000"
LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsSynopsys"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub"
LoadOrderGroup.Name="Base" - SystemDriver.Name="USBHUB3"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci"
LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot"
LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="VerifierExt"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp"
LoadOrderGroup.Name="Base" - SystemDriver.Name="vhf"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vmbus"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="VMBusHID"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vpci"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="VSTXRAID"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwififlt"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwifimp"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarp"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarpv6"
LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="wcifs"
LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="wcnfs"
LoadOrderGroup.Name="_Early-Launch" - SystemDriver.Name="WdBoot"
LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000"
LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="WdFilter"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="WFPLWFS"
LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="WIMMount"
LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRT"
LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRTProxy"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinMad"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinVerbs"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi"
LoadOrderGroup.Name="FSFilter Compression" - SystemDriver.Name="Wof"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="WpdUpFltr"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl"
LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf"
LoadOrderGroup.Name="base" - SystemDriver.Name="WUDFRd"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="xboxgip"
LoadOrderGroup.Name="Base" - SystemDriver.Name="xinputhid"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="XtuAcpiDriver"
LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="MBAMSwissArmy"
LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="MBAMProtection"
LoadOrderGroup.Name="FSFilter Content Screener" - SystemDriver.Name="MBAMFarflt"
LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="MBAMChameleon"

---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service

S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: False
R0 - [File System Driver] - avc3 (avc3) -> system32\DRIVERS\avc3.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - bdelam (bdelam) -> system32\drivers\bdelam.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False
R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - gzflt (gzflt) -> system32\DRIVERS\gzflt.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - MsSecFlt (@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001) -> system32\drivers\mssecflt.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - nvpciflt () -> system32\DRIVERS\nvpciflt.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - trufos (trufos) -> system32\DRIVERS\trufos.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - bdfwfpf (bdfwfpf) -> \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - BDVEDISK (BDVEDISK) -> \SystemRoot\system32\DRIVERS\bdvedisk.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - BfLwf (@oem11.inf,%BfLwf_Desc%;Killer Bandwidth Control) -> \SystemRoot\system32\DRIVERS\bwcW10x64.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - CSC (@%systemroot%\system32\cscsvc.dll,-202) -> system32\drivers\csc.sys - AcceptPause: False - AcceptStop: True
S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False
R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - HWiNFO32 (HWiNFO32/64 Kernel Driver) -> \??\C:\WINDOWS\system32\drivers\HWiNFO64A.SYS - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - ESProtectionDriver (Malwarebytes Anti-Exploit) -> \??\C:\WINDOWS\system32\drivers\mbae64.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - iocbios2 (iocbios2) -> \??\C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - npf (NetGroup Packet Filter Driver) -> system32\drivers\npf.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - speedfan (speedfan) -> \??\C:\WINDOWS\SysWOW64\speedfan.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - MBAMChameleon (MBAMChameleon) -> \SystemRoot\system32\drivers\MBAMChameleon.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - 1394ohci (@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\1394ohci.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - AcpiDev (@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver) -> \SystemRoot\System32\drivers\AcpiDev.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - acpipagr (@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver) -> \SystemRoot\System32\drivers\acpipagr.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - AcpiPmi (@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver) -> \SystemRoot\System32\drivers\acpipmi.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - acpitime (@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver) -> \SystemRoot\System32\drivers\acpitime.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - AirplaneModeHid (@oem14.inf,%AirplaneModeHid%;Insyde Airplane Mode HID Mini-Driver) -> \SystemRoot\system32\DRIVERS\AirplaneModeHid.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - AmdK8 (@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver) -> \SystemRoot\System32\drivers\amdk8.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - AmdPPM (@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver) -> \SystemRoot\System32\drivers\amdppm.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - AppID (@%systemroot%\system32\srpapi.dll,-100) -> system32\drivers\appid.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - applockerfltr (@%systemroot%\system32\srpapi.dll,-102) -> system32\drivers\applockerfltr.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - AppvStrm (@%systemroot%\system32\drivers\AppvStrm.sys,-101) -> \SystemRoot\system32\drivers\AppvStrm.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - AppvVemgr (@%systemroot%\system32\drivers\AppvVemgr.sys,-101) -> \SystemRoot\system32\drivers\AppvVemgr.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - AppvVfs (@%systemroot%\system32\drivers\AppvVfs.sys,-101) -> \SystemRoot\system32\drivers\AppvVfs.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - AsyncMac (@%systemroot%\system32\mprmsg.dll,-32000) -> \SystemRoot\System32\drivers\asyncmac.sys - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - avckf (avckf) -> system32\DRIVERS\avckf.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - bcmfn2 (@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service) -> \SystemRoot\System32\drivers\bcmfn2.sys - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - bowser (@%systemroot%\system32\browser.dll,-102) -> system32\DRIVERS\bowser.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - BtFilter (BtFilter) -> \SystemRoot\system32\DRIVERS\btfilter.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - BthAvrcpTg (@bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID) -> \SystemRoot\System32\drivers\BthAvrcpTg.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - BthEnum (@bth.inf,%BthEnum.SVCDESC%;Service d’énumérateur Bluetooth) -> \SystemRoot\System32\drivers\BthEnum.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - BthHFEnum (@bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator) -> \SystemRoot\System32\drivers\bthhfenum.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - bthhfhid (@bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID) -> \SystemRoot\System32\drivers\BthHFHid.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - bthl2cap (@bthl2cap.inf,%bthl2cap_desc%;Pilote de prise en charge du protocole Microsoft Bluetooth) -> \SystemRoot\system32\DRIVERS\bthl2cap.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - BthLEEnum (@bthleenum.inf,%BthLEEnum.SVCDESC%;Pilote Bluetooth Low Energy) -> \SystemRoot\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - BTHMODEM (@mdmbtmdm.inf,%BthModem.DisplayName%;Bluetooth Modem Communications Driver) -> \SystemRoot\System32\drivers\bthmodem.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - BthPan (@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network)) -> \SystemRoot\System32\drivers\bthpan.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - BTHPORT (@bth.inf,%BTHPORT.SvcDesc%;Pilote de port Bluetooth) -> \SystemRoot\system32\DRIVERS\BTHport.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - BTHUSB (@bth.inf,%BTHUSB.SvcDesc%;Pilote USB radio Bluetooth) -> \SystemRoot\system32\DRIVERS\BTHUSB.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - buttonconverter (@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices) -> \SystemRoot\System32\drivers\buttonconverter.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - CAD (@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver) -> \SystemRoot\System32\drivers\CAD.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - CapImg (@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen) -> \SystemRoot\System32\drivers\capimg.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - cht4vbd (@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver) -> \SystemRoot\System32\drivers\cht4vx64.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - circlass (@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices) -> \SystemRoot\System32\drivers\circlass.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - CmBatt (@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver) -> \SystemRoot\System32\drivers\CmBatt.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - CompositeBus (@compositebus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver) -> \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_75b67d649f3bc0f6\CompositeBus.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - condrv (Console Driver) -> System32\drivers\condrv.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - dmvsc () -> \SystemRoot\System32\drivers\dmvsc.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - drmkaud (@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers) -> \SystemRoot\System32\drivers\drmkaud.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - ErrDev (@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver) -> \SystemRoot\System32\drivers\errdev.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - exfat (exFAT File System Driver) -> (?) - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - fastfat (FAT12/16/32 File System Driver) -> (?) - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - fdc (@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver) -> \SystemRoot\System32\drivers\fdc.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - flpydisk (@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver) -> \SystemRoot\System32\drivers\flpydisk.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - gencounter (@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter) -> \SystemRoot\System32\drivers\vmgencounter.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - genericusbfn (@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class) -> \SystemRoot\System32\drivers\genericusbfn.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - GPIOClx0101 (Microsoft GPIO Class Extension Driver) -> System32\Drivers\msgpioclx.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - HDAudBus (@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio) -> \SystemRoot\System32\drivers\HDAudBus.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - HidBatt (@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver) -> \SystemRoot\System32\drivers\HidBatt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - HidBth (@hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport) -> \SystemRoot\System32\drivers\hidbth.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - hidi2c (@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver) -> \SystemRoot\System32\drivers\hidi2c.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - hidinterrupt (@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts) -> \SystemRoot\System32\drivers\hidinterrupt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - HidIr (@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver) -> \SystemRoot\System32\drivers\hidir.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - HidUsb (@input.inf,%HID.SvcDesc%;Pilote de classe HID Microsoft) -> \SystemRoot\System32\drivers\hidusb.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - HKKbdFltr (HotKey Keyboard Class Filter Service) -> \SystemRoot\system32\DRIVERS\HKKbdFltr.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - HKMouFltr (HotKey Mouse Class Filter Service) -> \SystemRoot\system32\DRIVERS\HKMouFltr.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - hvservice (@%SystemRoot%\system32\drivers\hvservice.sys,-16) -> system32\drivers\hvservice.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - hyperkbd () -> \SystemRoot\System32\drivers\hyperkbd.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - HyperVideo () -> \SystemRoot\System32\drivers\HyperVideo.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - i8042prt (@msmouse.inf,%i8042prt.SvcDesc%;Pilote de port clavier et souris PS/2) -> \SystemRoot\System32\drivers\i8042prt.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - iagpio (@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iagpio.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iai2c (@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller) -> \SystemRoot\System32\drivers\iai2c.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_GPIO2 (@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_GPIO2_BXT_P (@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_I2C (@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_I2C_BXT_P (@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C_BXT_P.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSSi_GPIO (@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSSi_I2C (@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_I2C.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - ibbus (@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver)) -> \SystemRoot\System32\drivers\ibbus.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - ICCWDT (@oem12.inf,%ICCWDT.SVCDESC%;Intel(R) Watchdog Timer Driver (Intel(R) WDT)) -> \SystemRoot\System32\drivers\ICCWDT.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - IndirectKmd (@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100) -> \SystemRoot\System32\drivers\IndirectKmd.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - IntcAzAudAddService (Service for Realtek HD Audio (WDM)) -> \SystemRoot\system32\drivers\RTKVHD64.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - intelppm (@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver) -> \SystemRoot\System32\drivers\intelppm.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - IpFilterDriver (@%systemroot%\system32\mprmsg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - IPMIDRV () -> \SystemRoot\System32\drivers\IPMIDrv.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - IPT () -> \SystemRoot\System32\drivers\ipt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - irda (IrDA) -> \SystemRoot\system32\drivers\irda.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - IRENUM (@%SystemRoot%\system32\drivers\irenum.sys,-100) -> system32\drivers\irenum.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iScsiPrt (@iscsi.inf,%iScsiPortName%;iScsiPort Driver) -> \SystemRoot\System32\drivers\msiscsi.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - kbdclass (@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver) -> \SystemRoot\System32\drivers\kbdclass.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - kbdhid (@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver) -> \SystemRoot\System32\drivers\kbdhid.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - kdnic (@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20)) -> \SystemRoot\System32\drivers\kdnic.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - KillerEth (@e2xw10x64.inf,%RIVET.Service.DispName%;NDIS Miniport Driver for Killer PCI-E Gigabit Ethernet Controller) -> \SystemRoot\System32\drivers\e2xw10x64.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - mausbhost (@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver) -> \SystemRoot\System32\drivers\mausbhost.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - mausbip (@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver) -> \SystemRoot\System32\drivers\mausbip.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - MBfilt () -> \SystemRoot\system32\drivers\MBfilt64.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - MEIx64 (@oem60.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface) -> \SystemRoot\System32\drivers\TeeDriverW8x64.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - mlx4_bus (@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator) -> \SystemRoot\System32\drivers\mlx4_bus.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Modem () -> system32\drivers\modem.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - monitor (@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service) -> \SystemRoot\System32\drivers\monitor.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - mouclass (@msmouse.inf,%mouclass.SvcDesc%;Pilote de la classe Souris) -> \SystemRoot\System32\drivers\mouclass.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - mouhid (@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver) -> \SystemRoot\System32\drivers\mouhid.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - mpsdrv (@%SystemRoot%\system32\drivers\mpsdrv.sys,-23092) -> System32\drivers\mpsdrv.sys - AcceptPause: False - AcceptStop: True
S3 - [File System Driver] - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys - AcceptPause: False - AcceptStop: True
R3 - [File System Driver] - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - MsBridge (@%SystemRoot%\system32\bridgeres.dll,-1) -> System32\drivers\bridge.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - msgpiowin32 (@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator) -> \SystemRoot\System32\drivers\msgpiowin32.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - mshidkmdf (@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100) -> \SystemRoot\System32\drivers\mshidkmdf.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - mshidumdf (@%SystemRoot%\system32\drivers\mshidumdf.sys,-100) -> \SystemRoot\System32\drivers\mshidumdf.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MSKSSRV (@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy) -> \SystemRoot\System32\drivers\MSKSSRV.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MSPCLOCK (@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy) -> \SystemRoot\System32\drivers\MSPCLOCK.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MSPQM (@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy) -> \SystemRoot\System32\drivers\MSPQM.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MsRPC () -> (?) - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MSTEE (@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter) -> \SystemRoot\System32\drivers\MSTEE.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - MTConfig (@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver) -> \SystemRoot\System32\drivers\MTConfig.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - NativeWifiP (@%SystemRoot%\System32\drivers\nwifi.sys,-101) -> system32\DRIVERS\nwifi.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - ndfltr (@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service) -> \SystemRoot\System32\drivers\ndfltr.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - NdisCap (@%SystemRoot%\System32\drivers\ndiscap.sys,-5000) -> System32\drivers\ndiscap.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - NdisImPlatform (@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501) -> System32\drivers\NdisImPlatform.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - NdisTapi (@%systemroot%\system32\mprmsg.dll,-32001) -> System32\DRIVERS\ndistapi.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - Ndisuio (NDIS Usermode I/O Protocol) -> system32\drivers\ndisuio.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - NdisVirtualBus (@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200) -> \SystemRoot\System32\drivers\NdisVirtualBus.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - NdisWan (@%systemroot%\system32\mprmsg.dll,-32002) -> \SystemRoot\System32\drivers\ndiswan.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - ndiswanlegacy (@%systemroot%\system32\mprmsg.dll,-32014) -> System32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - ndproxy (@%SystemRoot%\system32\drivers\todo.sys,-101;NDIS Proxy) -> System32\DRIVERS\NDProxy.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - Neo_VPN (@oem51.inf,%Neo.Service.DispName%;VPN Client Device Driver - VPN) -> \SystemRoot\System32\drivers\neo_vpn.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - NetAdapterCx (Network Adapter Wdf Class Extension Library) -> system32\drivers\NetAdapterCx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - netvsc () -> \SystemRoot\System32\drivers\netvsc.sys - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - NTFS () -> (?) - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - nvdimmn (@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver) -> \SystemRoot\System32\drivers\nvdimmn.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - NVHDA (@oem17.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver) -> \SystemRoot\system32\drivers\nvhda64v.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - nvlddmkm () -> \SystemRoot\System32\DriverStore\FileRepository\nvcvi.inf_amd64_5a93b359bc8bcc04\nvlddmkm.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - NvStreamKms (NVIDIA KMS) -> \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - nvvad_WaveExtensible (@oem43.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM)) -> \SystemRoot\system32\drivers\nvvad64v.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - nvvhci (@oem23.inf,%ServiceDesc%;NVVHCI Enumerator Service) -> \SystemRoot\System32\drivers\nvvhci.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - Parport (@msports.inf,%Parport.SVCDESC%;Parallel port driver) -> \SystemRoot\System32\drivers\parport.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - pmem (@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver) -> \SystemRoot\System32\drivers\pmem.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - PNPMEM (@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver) -> \SystemRoot\System32\drivers\pnpmem.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - PptpMiniport (@%systemroot%\system32\mprmsg.dll,-32006) -> \SystemRoot\System32\drivers\raspptp.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - Processor (@cpu.inf,%Processor.SvcDesc%;Processor Driver) -> \SystemRoot\System32\drivers\processr.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - Qcamain10x64 (@netathr10x.inf,%ATHR.Service.DispName%;Qualcomm Extensible Wireless LAN 11AC device driver) -> \SystemRoot\System32\drivers\Qcamain10x64.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - RasAgileVpn (@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2)) -> \SystemRoot\System32\drivers\AgileVpn.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - Rasl2tp (@%systemroot%\system32\mprmsg.dll,-32005) -> \SystemRoot\System32\drivers\rasl2tp.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - RasPppoe (@%systemroot%\system32\mprmsg.dll,-32007) -> System32\DRIVERS\raspppoe.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> \SystemRoot\System32\drivers\rassstp.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - rdpbus (@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver) -> \SystemRoot\System32\drivers\rdpbus.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - RDPDR (@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100) -> System32\drivers\rdpdr.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys - AcceptPause: False - AcceptStop: True
S3 - [File System Driver] - ReFS () -> (?) - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - ReFSv1 () -> (?) - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - RFCOMM (@tdibth.inf,%RFCOMM.DisplayName%;Périphérique Bluetooth (TDI protocole RFCOMM)) -> \SystemRoot\System32\drivers\rfcomm.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - rhproxy (@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver) -> \SystemRoot\System32\drivers\rhproxy.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - RTSPER (@oem20.inf,%Rts5227PER%;Realtek PCIE Card Reader - PER) -> \SystemRoot\system32\DRIVERS\RtsPer.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - s3cap () -> \SystemRoot\System32\drivers\vms3cap.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - sdbus () -> \SystemRoot\System32\drivers\sdbus.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - SDFRd (@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector) -> \SystemRoot\System32\drivers\SDFRd.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - sdstor (@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver) -> \SystemRoot\System32\drivers\sdstor.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - SensorsSimulatorDriver (@oem2.inf,%WudfSensorsSimulatorDriverDisplayName%;UMDF Reflector service for SensorsSimulatorDriver) -> \SystemRoot\System32\drivers\WUDFRd.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - SerCx (Serial UART Support Library) -> system32\drivers\SerCx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - SerCx2 (Serial UART Support Library) -> system32\drivers\SerCx2.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Serenum (@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver) -> \SystemRoot\System32\drivers\serenum.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Serial (@msports.inf,%Serial.SVCDESC%;Serial port driver) -> \SystemRoot\System32\drivers\serial.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - sermouse (@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver) -> \SystemRoot\System32\drivers\sermouse.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - sfloppy (@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive) -> \SystemRoot\System32\drivers\sfloppy.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - SmbDrvI () -> \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - SpatialGraphFilter (Holographic Spatial Graph Filter) -> System32\drivers\SpatialGraphFilter.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - SpbCx (Simple Peripheral Bus Support Library) -> system32\drivers\SpbCx.sys - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys - AcceptPause: False - AcceptStop: True
R3 - [File System Driver] - srvnet () -> System32\DRIVERS\srvnet.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - swenum (@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver) -> \SystemRoot\System32\drivers\swenum.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - Synth3dVsc () -> \SystemRoot\System32\drivers\Synth3dVsc.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - SynTP (@oem61.inf,%SynHIDMini%;Synaptics TouchPad HID Mini Driver) -> \SystemRoot\system32\DRIVERS\SynTP.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - tap0901 (TAP-Windows Adapter V9) -> \SystemRoot\System32\drivers\tap0901.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Tcpip6 (@todo.dll,-100;Microsoft IPv6 Protocol Driver) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - terminpt (@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver) -> \SystemRoot\System32\drivers\terminpt.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - TPM (@tpm.inf,%TPM%;TPM) -> \SystemRoot\System32\drivers\tpm.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - tsusbflt (@%SystemRoot%\system32\drivers\tsusbflt.sys,-1000) -> System32\drivers\TsUsbFlt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - TsUsbGD (@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device) -> \SystemRoot\System32\drivers\TsUsbGD.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - tsusbhub (@%SystemRoot%\system32\drivers\tsusbhub.sys,-1) -> system32\drivers\tsusbhub.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - tunnel (@nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver) -> \SystemRoot\System32\drivers\tunnel.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UASPStor (@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver) -> \SystemRoot\System32\drivers\uaspstor.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UcmCx0101 (USB Connector Manager KMDF Class Extension) -> System32\Drivers\UcmCx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UcmTcpciCx0101 (UCM-TCPCI KMDF Class Extension) -> System32\Drivers\UcmTcpciCx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UcmUcsi (@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client) -> \SystemRoot\System32\drivers\UcmUcsi.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - Ucx01000 (USB Host Support Library) -> system32\drivers\ucx01000.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - UdeCx (USB Device Emulation Support Library) -> system32\drivers\udecx.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - UEFI (@uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver) -> \SystemRoot\System32\drivers\UEFI.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - Ufx01000 (USB Function Class Extension) -> system32\drivers\ufx01000.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UfxChipidea (@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller) -> \SystemRoot\System32\drivers\UfxChipidea.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - ufxsynopsys (@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller) -> \SystemRoot\System32\drivers\ufxsynopsys.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - umbus (@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver) -> \SystemRoot\System32\drivers\umbus.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - UmPass (@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver) -> \SystemRoot\System32\drivers\umpass.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UrsChipidea (@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urschipidea.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UrsCx01000 (USB Role-Switch Support Library) -> system32\drivers\urscx01000.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UrsSynopsys (@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver) -> \SystemRoot\System32\drivers\urssynopsys.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - usbccgp (@usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver) -> \SystemRoot\System32\drivers\usbccgp.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - usbcir (@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR)) -> \SystemRoot\System32\drivers\usbcir.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - usbehci (@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbehci.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - usbhub (@usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver) -> \SystemRoot\System32\drivers\usbhub.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - USBHUB3 (@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub) -> \SystemRoot\System32\drivers\UsbHub3.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - usbohci (@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbohci.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - usbprint (@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class) -> \SystemRoot\System32\drivers\usbprint.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - usbser (@usbser.inf,%UsbSerial.DriverDesc%;Microsoft USB Serial Driver) -> \SystemRoot\System32\drivers\usbser.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - USBSTOR (@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver) -> \SystemRoot\System32\drivers\USBSTOR.SYS - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - usbuhci (@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbuhci.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - usbvideo (@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM)) -> \SystemRoot\System32\Drivers\usbvideo.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - USBXHCI (@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\USBXHCI.SYS - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - VerifierExt (@%SystemRoot%\system32\drivers\VerifierExt.sys,-1000) -> system32\drivers\VerifierExt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - vhdmp () -> \SystemRoot\System32\drivers\vhdmp.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - vhf (@%SystemRoot%\system32\drivers\vhf.sys,-100) -> \SystemRoot\System32\drivers\vhf.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - VMBusHID () -> \SystemRoot\System32\drivers\VMBusHID.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - vmgid (@wvmgid.inf,%VmGid.SVCDESC%;Microsoft Hyper-V Guest Infrastructure Driver) -> \SystemRoot\System32\drivers\vmgid.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - vpci (@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus) -> \SystemRoot\System32\drivers\vpci.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - vwifimp (@%SystemRoot%\System32\drivers\vwifimp.sys,-261) -> \SystemRoot\System32\drivers\vwifimp.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - WacomPen (@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver) -> \SystemRoot\System32\drivers\wacompen.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - wanarpv6 (@%systemroot%\system32\mprmsg.dll,-32012) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - wcnfs (@%systemroot%\system32\drivers\wcnfs.sys,-100) -> \SystemRoot\system32\drivers\wcnfs.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> \SystemRoot\system32\drivers\WdBoot.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> \SystemRoot\system32\drivers\WdFilter.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - wdiwifi (WDI Driver Framework) -> system32\DRIVERS\wdiwifi.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - WdNisDrv (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370) -> system32\Drivers\WdNisDrv.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - WIMMount (@%SystemRoot%\system32\drivers\wimmount.sys,-101) -> system32\drivers\wimmount.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WinMad (@mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service) -> \SystemRoot\System32\drivers\winmad.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WinNat (@%SystemRoot%\system32\drivers\winnat.sys,-10001) -> system32\drivers\winnat.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - WINUSB (@winusb.inf,%WINUSB_SvcDesc%;WinUsb Driver) -> \SystemRoot\System32\drivers\WinUSB.SYS - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - WinVerbs (@mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service) -> \SystemRoot\System32\drivers\winverbs.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - WmiAcpi (@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI) -> \SystemRoot\System32\drivers\wmiacpi.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - WpdUpFltr (@%systemroot%\System32\drivers\WpdUpFltr.sys,-100) -> System32\drivers\WpdUpFltr.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - WUDFRd (@%SystemRoot%\system32\drivers\WudfRd.sys,-1000) -> \SystemRoot\System32\drivers\WUDFRd.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - WUDFWpdFs () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - xboxgip (@xboxgip.inf,%XBOXGIP_Desc%;Xbox Game Input Protocol Driver) -> \SystemRoot\System32\drivers\xboxgip.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - xinputhid (@xinputhid.inf,%xinputhid.SvcDesc%;XINPUT HID Filter Driver) -> \SystemRoot\System32\drivers\xinputhid.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - XtuAcpiDriver (@oem10.inf,%XtuAcpiDriver.SVCDESC%;Intel(R) Extreme Tuning Utility Device Driver) -> \SystemRoot\System32\drivers\XtuAcpiDriver.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - xusb22 (@xusb22.inf,%XUSB22.ServiceName%;Xbox 360 Wireless Receiver Driver Service 22) -> \SystemRoot\System32\drivers\xusb22.sys - AcceptPause: False - AcceptStop: True
R3 - [File System Driver] - MBAMSwissArmy (MBAMSwissArmy) -> \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys - AcceptPause: False - AcceptStop: True
R3 - [File System Driver] - MBAMProtection () -> \??\C:\WINDOWS\system32\drivers\mbam.sys - AcceptPause: False - AcceptStop: True
R3 - [File System Driver] - MBAMFarflt () -> \??\C:\WINDOWS\system32\drivers\farflt.sys - AcceptPause: False - AcceptStop: True
R3 - [File System Driver] - MBAMWebProtection () -> \??\C:\WINDOWS\system32\drivers\mwac.sys - AcceptPause: False - AcceptStop: True
S4 - [File System Driver] - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys - AcceptPause: False - AcceptStop: False
S4 - [Kernel Driver] - cnghwassist (@%SystemRoot%\system32\drivers\cnghwassist.sys,-100) -> System32\DRIVERS\cnghwassist.sys - AcceptPause: False - AcceptStop: False
S4 - [File System Driver] - udfs (udfs) -> system32\DRIVERS\udfs.sys - AcceptPause: False - AcceptStop: False
S4 - [File System Driver] - UevAgentDriver (@%systemroot%\system32\drivers\UevAgentDriver.sys,-101) -> \SystemRoot\system32\drivers\UevAgentDriver.sys - AcceptPause: False - AcceptStop: False
S4 - [Kernel Driver] - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: False

---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted)

[MD5.07F7F501AD50DE2BA2D5842D9B6D6155] - [22/01/2017 19:01:13] - (.© 2004 Macrovision Corporation - Macrovision SECURITY Driver.) - [159.81 Ko] - (4.0.60.0) - C:\WINDOWS\Syswow64\Drivers\SECDRV.SYS

---------- | Uninstall

[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\GameMaker-Studio14] : (GameMaker-Studio 1.4.-.YoYo Games Ltd.) -> "D:\GameMaker-Studio 1.4\uninstall.exe"
[HKU\S-1-5-21-533811266-1534692092-1485993985-1002\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Star Citizen Launcher] : (Star Citizen Launcher.-.Cloud Imperium Games) -> D:\Games\Cloud Imperium Games\uninstall.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\6af12c54-643b-4752-87d0-8335503010de_is1] : (Nexus Mod Manager.-.Black Tree Gaming) -> "D:\Nexus Mod Manager\uninstall\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\8B3D7924-ED89-486B-8322-E8594065D5CB_is1] : (RogueKiller version 12.11.3.0.-.Adlice Software) -> "C:\Program Files\RogueKiller\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AirplaneModeHid] : (Insyde Airplane Mode HID Mini-Driver.-.Insyde Corporation) -> C:\Program Files\Insyde\AirplaneModeDriver\uninstall.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Bitdefender] : (Bitdefender Total Security 2017.-.Bitdefender) -> C:\Program Files\Common Files\Bitdefender\SetupInformation\{C12EDCD9-A219-4778-A5FC-0D0F1F219F12}\installer.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Bitdefender Agent] : (Bitdefender Agent.-.Bitdefender) -> C:\Program Files\Bitdefender Agent\installer\installer.exe /uninstall
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Bitdefender Device Management] : (Bitdefender Device Management.-.Bitdefender) -> "C:\Program Files\Bitdefender\Bitdefender Device Management\installer\installer.exe" /uninstall
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BurnInTest_is1] : (BurnInTest v8.1 Pro.-.Passmark Software) -> "C:\Program Files\BurnInTest\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe"
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\HWiNFO64_is1] : (HWiNFO64 Version 5.42.-.Martin Malík - REALiX) -> "C:\Program Files\HWiNFO64\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 54.0 (x64 fr)] : (Mozilla Firefox 54.0 (x64 fr).-.Mozilla) -> "C:\Program Files\Mozilla Firefox\uninstall\helper.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Speccy] : (Speccy.-.Piriform) -> "C:\Program Files\Speccy\uninst.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 10220] : (Postal 3.-.Trashmasters) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10220
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 10500] : (Empire: Total War.-.The Creative Assembly) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/10500
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 107410] : (Arma 3.-.Bohemia Interactive) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/107410
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 110800] : (L.A. Noire.-.Team Bondi) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/110800
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 12110] : (Grand Theft Auto: Vice City.-.Rockstar Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/12110
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 12120] : (Grand Theft Auto: San Andreas.-.Rockstar Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/12120
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 12210] : (Grand Theft Auto IV.-.Rockstar North) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/12210
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 12220] : (Grand Theft Auto: Episodes from Liberty City.-.Rockstar North / Toronto) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/12220
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 17390] : (Spore.-.Maxis™) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/17390
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 17440] : (Spore: Creepy & Cute Parts Pack.-.Maxis™) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/17440
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 203140] : (Hitman: Absolution.-.IO Interactive) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/203140
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 203160] : (Tomb Raider.-.Crystal Dynamics) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/203160
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 204100] : (Max Payne 3.-.Rockstar Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/204100
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 205930] : (Hitman: Sniper Challenge.-.IO Interactive) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/205930
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 213670] : (South Park™: The Stick of Truth™.-.Obsidian Entertainment) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/213670
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 214950] : (Total War: ROME II - Emperor Edition.-.Creative Assembly) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/214950
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 216250] : (Dead Island Riptide.-.Techland) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/216250
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 220240] : (Far Cry® 3.-.Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/220240
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 220980] : (CRYENGINE.-.Crytek) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/220980
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 22100] : (Mount & Blade.-.TaleWorlds Entertainment) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/22100
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 221380] : (Age of Empires II: HD Edition.-.Skybox Labs) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/221380
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 223100] : (Homefront: The Revolution.-.Dambuster Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/223100
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 22320] : (The Elder Scrolls III: Morrowind.-.Bethesda Game Studios®) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/22320
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 22330] : (The Elder Scrolls IV: Oblivion .-.Bethesda Game Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/22330
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 223470] : (POSTAL 2.-.Running With Scissors) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/223470
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 22370] : (Fallout 3 - Game of the Year Edition.-.Bethesda Game Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/22370
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 22380] : (Fallout: New Vegas.-.Obsidian Entertainment) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/22380
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 224440] : (Folk Tale.-.Games Foundry) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/224440
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 232890] : (Stronghold Crusader 2.-.FireFly Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/232890
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 233450] : (Prison Architect.-.Introversion Software) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/233450
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 234630] : (Project CARS.-.Slightly Mad Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/234630
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 236850] : (Europa Universalis IV.-.Paradox Development Studio) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/236850
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 239820] : (Game Dev Tycoon.-.Greenheart Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/239820
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 24010] : (Train Simulator.-.Dovetail Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/24010
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 242050] : (Assassin's Creed IV Black Flag.-.Ubisoft Montreal) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/242050
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 242760] : (The Forest.-.Endnight Games Ltd) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/242760
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 244210] : (Assetto Corsa.-.Kunos Simulazioni) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/244210
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 244850] : (Space Engineers.-.Keen Software House) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/244850
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 245470] : (Democracy 3.-.Positech Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/245470
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 245620] : (Tropico 5.-.Haemimont Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/245620
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 246620] : (Plague Inc: Evolved.-.Ndemic Creations) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/246620
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 24720] : (Spore: Galactic Adventures.-.EA - Maxis) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/24720
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 24780] : (SimCity 4 Deluxe.-.EA - Maxis) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/24780
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 248170] : (Clickteam Fusion 2.5.-.Clickteam) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/248170
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 251570] : (7 Days to Die.-.The Fun Pimps) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/251570
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 252490] : (Rust.-.Facepunch Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/252490
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 254700] : (resident evil 4 / biohazard 4.-.Capcom) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/254700
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 266840] : (Age of Mythology: Extended Edition.-.SkyBox Labs) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/266840
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 281990] : (Stellaris.-.Paradox Development Studio) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/281990
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 282070] : (This War of Mine.-.11 bit studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/282070
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 285310] : (RollerCoaster Tycoon: Deluxe.-.Chris Sawyer Productions) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/285310
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 285330] : (RollerCoaster Tycoon 2: Triple Thrill Pack.-.Chris Sawyer Productions) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/285330
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 286860] : (Kingdom Come: Deliverance (Beta Access).-.) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/286860
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 287700] : (METAL GEAR SOLID V: THE PHANTOM PAIN.-.Konami Digital Entertainment) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/287700
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 289070] : (Sid Meier's Civilization VI.-.Firaxis) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/289070
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 294100] : (RimWorld.-.Ludeon Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/294100
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 299740] : (Miscreated.-.Entrada Interactive LLC) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/299740
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 304220] : (CRYENGINE Sandbox.-.) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/304220
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 304240] : (Resident Evil / biohazard HD REMASTER.-.CAPCOM Co., Ltd.) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/304240
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 307690] : (Sleeping Dogs: Definitive Edition.-.United Front Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/307690
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 307880] : (Savage Lands.-.Signal Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/307880
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 313120] : (Stranded Deep.-.Beam Team Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/313120
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 314520] : (Euro Fishing.-.Dovetail Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/314520
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 320300] : (Car Mechanic Simulator 2015.-.Red Dot Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/320300
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 34330] : (Total War: SHOGUN 2.-.The Creative Assembly) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/34330
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 344850] : (Big Pharma.-.Twice Circled) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/344850
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 346110] : (ARK: Survival Evolved.-.Studio Wildcard) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/346110
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 354140] : (Five Nights at Freddy's 3.-.Scott Cawthon) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/354140
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 360430] : (Mafia III.-.Hangar 13) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/360430
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 365720] : (Skyrim Script Extender (SKSE).-.The SKSE Team) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/365720
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 373420] : (Divinity: Original Sin Enhanced Edition.-.Larian Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/373420
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 376030] : (ARK: Survival Evolved Dedicated Server.-.) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/376030
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 376040] : (ARK Dev Kit.-.) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/376040
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 377160] : (Fallout 4.-.Bethesda Game Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/377160
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 378120] : (Football Manager 2016.-.SPORTS INTERACTIVE) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/378120
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 386590] : (Novus Inceptio.-.McMagic Productions) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/386590
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 394310] : (Punch Club.-.Lazy Bear Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/394310
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 4000] : (Garry's Mod.-.Facepunch Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/4000
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 402430] : (Out of the Park Baseball 17.-.Out of the Park Developments) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/402430
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 404730] : (Wasteland 2: Director's Cut.-.inXile Entertainment) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/404730
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 415200] : (Motorsport Manager.-.Playsport Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/415200
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 418030] : (Subsistence.-.ColdGames) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/418030
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 418370] : (RESIDENT EVIL 7 biohazard / BIOHAZARD 7 resident evil.-.CAPCOM Co., Ltd.) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/418370
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 428690] : (Youtubers Life.-.U-Play Online) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/428690
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 440900] : (Conan Exiles.-.Funcom) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/440900
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 467520] : (Power & Revolution.-.Eversim) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/467520
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 47870] : (Need for Speed: Hot Pursuit.-.Criterion Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/47870
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 482730] : (Football Manager 2017.-.Sports Interactive) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/482730
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 48700] : (Mount & Blade: Warband.-.TaleWorlds Entertainment) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/48700
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 48720] : (Mount & Blade: With Fire and Sword.-.TaleWorlds Entertainment) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/48720
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 489830] : (The Elder Scrolls V: Skyrim Special Edition.-.Bethesda Game Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/489830
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 50130] : (Mafia II.-.2K Czech) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/50130
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 55230] : (Saints Row: The Third.-.Volition) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/55230
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 65980] : (Sid Meier's Civilization: Beyond Earth.-.Firaxis Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/65980
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 71240] : (SEGA Bass Fishing.-.SEGA) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/71240
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 72850] : (The Elder Scrolls V: Skyrim.-.Bethesda Game Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/72850
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 8930] : (Sid Meier's Civilization V.-.Firaxis Games) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/8930
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 91310] : (Dead Island.-.Techland) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/91310
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SynTPDeinstKey] : (Synaptics Pointing Device Driver.-.Synaptics Incorporated) -> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\UDK-508c3337-8c9a-4b87-8f5c-ee1e0cc9e207] : (My Game Long Name.-.Epic Games, Inc.) -> D:\Games\Steam\steamapps\common\Subsistence\Binaries\UnSetup.exe /uninstall
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.42.1] : (Vulkan Run Time Libraries 1.0.42.1.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.42.1\UninstallVulkanRT.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WhoCrashed_is1] : (WhoCrashed 5.54.-.Resplendence Software Projects Sp.) -> "C:\Program Files\WhoCrashed\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 5.40 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0A596141-97D5-45FA-9281-98DFAF48D579}] : (Apple Mobile Device Support.-.Apple Inc.) -> MsiExec.exe /I{0A596141-97D5-45FA-9281-98DFAF48D579}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1CEAC85D-2590-4760-800F-8DE5E91F3700}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> "C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe" -uninstall
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{28303E4F-8C2B-408C-B0C2-7EAA74564665}] : (Synaptics WBF USB Fingerprint Reader.-.Synaptics Incorporated) -> MsiExec.exe /X{28303E4F-8C2B-408C-B0C2-7EAA74564665}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{335F9123-9306-4DB0-AF07-9C636317EE9D}] : (Intel(R) ME UninstallLegacy.-.Intel Corporation) -> MsiExec.exe /I{335F9123-9306-4DB0-AF07-9C636317EE9D}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1] : (Malwarebytes version 3.1.2.1733.-.Malwarebytes) -> "C:\Program Files\Malwarebytes\Anti-Malware\unins000.exe"
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}] : (UE4 Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3973721B-C2ED-4505-98B6-752897ECF2F1}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{3973721B-C2ED-4505-98B6-752897ECF2F1}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{3AE6FD56-D431-4B53-94F0-95E844206ADF}] : (Intel(R) Chipset Device Software.-.Intel Corporation) -> MsiExec.exe /I{3AE6FD56-D431-4B53-94F0-95E844206ADF}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{409CB30E-E457-4008-9B1A-ED1B9EA21140}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> "C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{437221A8-91D1-42A0-9E04-0AD64B502374}] : (Blender.-.Blender Foundation) -> MsiExec.exe /I{437221A8-91D1-42A0-9E04-0AD64B502374}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4BDD142A-2CC4-4C7A-8F17-342FFC2D82CD}] : (Killer Wireless-AC Drivers.-.Rivet Networks) -> MsiExec.exe /X{4BDD142A-2CC4-4C7A-8F17-342FFC2D82CD}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{54EC951C-4197-4AA4-803B-101F127BBB38}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{54EC951C-4197-4AA4-803B-101F127BBB38}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{62BBB3D7-6209-48DA-8931-2EC3383EA36F}] : (Killer E240x Drivers.-.Rivet Networks) -> MsiExec.exe /X{62BBB3D7-6209-48DA-8931-2EC3383EA36F}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}] : (paint.net.-.dotPDN LLC) -> MsiExec.exe /X{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}] : (Apple Application Support (64 bits).-.Apple Inc.) -> MsiExec.exe /I{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb] : (IIS Express Application Compatibility Database for x64.-.) -> %windir%\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\CustomSDB\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb"
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AF427A50-7D39-4FF3-BD0B-28D08E2873F4}] : (Killer Network Manager.-.Rivet Networks) -> MsiExec.exe /X{AF427A50-7D39-4FF3-BD0B-28D08E2873F4}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (Ansel.-.NVIDIA Corporation) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision] : (NVIDIA Pilote 3D Vision 382.33.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.3DVision
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 382.33.-.NVIDIA Corporation) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 382.33.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 3.6.0.74.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA Logiciel système PhysX 9.17.0329.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 25.0.0.0.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (SHIELD Streaming.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvBackend] : (NVIDIA Backend.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer] : (NVIDIA Container.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.LocalSystem] : (NVIDIA LocalSystem Container.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.MessageBus] : (NVIDIA Message Bus for NvContainer.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NetworkService] : (NVIDIA NetworkService Container.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.Session] : (NVIDIA Session Container.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.User] : (NVIDIA User Container.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainer] : (NVIDIA Display Container.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayContainerLS] : (NVIDIA Display Container LS.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplayPluginWatchdog] : (NVIDIA Display Watchdog Plugin.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVDisplaySessionContainer] : (NVIDIA Display Session Container.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs] : (NvNodejs.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvPlugin.Watchdog] : (NVIDIA Watchdog Plugin for NvContainer.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry] : (NvTelemetry.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetryContainer] : (NVIDIA Telemetry Container.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci] : (NvvHci.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_OSC] : (Nvidia Share.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 3.6.0.74.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 3.70.2.-.NVIDIA Corporation) -> 
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B66F70B4-34E5-429A-9F55-7129E0833A45}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{B66F70B4-34E5-429A-9F55-7129E0833A45}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BD135157-92CB-471A-9BFF-BB04E6ECF25B}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{BD135157-92CB-471A-9BFF-BB04E6ECF25B}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CF54C187-E49A-4D74-BBC6-345A29C6ADEC}] : (Killer Bandwidth Control Filter Driver.-.Rivet Networks) -> MsiExec.exe /X{CF54C187-E49A-4D74-BBC6-345A29C6ADEC}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F0C7385A-9D20-45F3-8101-05D383885180}] : (iTunes.-.Apple Inc.) -> MsiExec.exe /I{F0C7385A-9D20-45F3-8101-05D383885180}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb] : (IIS Express Application Compatibility Database for x86.-.) -> %windir%\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\CustomSDB\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\1495134320_is1] : (The Witcher 3 - Wild Hunt - Game of the Year Edition.-.GOG.com) -> "D:\Games\GOG\The Witcher 3 Wild Hunt GOTY\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\7-Zip] : (7-Zip 9.20.-.) -> "C:\Program Files (x86)\7-Zip\Uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe AIR] : (Adobe AIR.-.Adobe Systems Incorporated) -> c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ALchemy] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x40c  /remove
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Autodesk FBX SDK 2016.1.2] : (Autodesk FBX SDK 2016.1.2.-.Autodesk) -> "E:\Amazon\Lumberyard\1.4.0.1\3rdParty\FbxSdk\2016.1.2\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Cheat Engine 6.5.1_is1] : (Cheat Engine 6.5.1.-.Cheat Engine) -> "C:\Program Files (x86)\Cheat Engine 6.5.1\unins000.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Creation Kit: Fallout 4] : (Creation Kit: Fallout 4.-.Bethesda Softworks) -> "d:\games\bethesda.net launcher\bethesdanetlauncher.exe" bethesdanet://uninstall/7
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Creation Kit: Skyrim] : (Creation Kit: Skyrim.-.Bethesda Softworks) -> "d:\games\bethesda.net launcher\bethesdanetlauncher.exe" bethesdanet://uninstall/10
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Creative Software AutoUpdate] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x40c  /remove
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FileZilla Client] : (FileZilla Client 3.22.2.2.-.Tim Kosse) -> C:\Program Files\FileZilla FTP Client\uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\GameMakerPlayer] : (GameMaker: Player.-.YoYo Games Ltd.) -> "C:\Users\Utilisateur\GameMakerPlayer\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\Installer\setup.exe" --uninstall --system-level --verbose-logging
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Host OpenAL] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x40c  /remove
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\HOST_AUDIO_SOUNDCORE_MANAGER] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1F561AD0-55E0-4B00-9429-C727DD525977}\setup.exe" -l0x9  /remove
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ma Livebox] : (ma Livebox.-.Orange) -> C:\Program Files (x86)\Orange\ma Livebox\uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MakeMKV] : (MakeMKV v1.10.2.-.GuinpinSoft inc) -> C:\Program Files (x86)\MakeMKV\uninst.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Notepad++] : (Notepad++ (32-bit x86).-.Notepad++ Team) -> C:\Program Files (x86)\Notepad++\uninstall.exe
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NVIDIAStereo] : (NVIDIA Stereoscopic 3D Driver.-.NVIDIA Corporation) -> "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe" /uninstall /ask
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\OCCT] : (OCCT 4.4.1.-.Ocbase.com) -> C:\Program Files (x86)\OCCTPT\uninst.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Origin] : (Origin.-.Electronic Arts, Inc.) -> C:\Program Files (x86)\Origin\OriginUninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\PAR FRENCH DL] : (Power & Revolution (français).-.Eversim) -> "C:\WINDOWS\PAR FRENCH DL Uninstaller.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rockstar Games Social Club] : (Rockstar Games Social Club.-.Rockstar Games) -> C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SBXFiMB5] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{99892855-6CBD-4B0D-970F-DC53D3AA4103}\setup.exe" -l0x9  /remove
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Sound Blaster X-Fi MB5] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SpeedFan] : (SpeedFan (remove only).-.) -> "C:\Program Files (x86)\SpeedFan\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SpkEQCV] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A81B1C4F-354C-4339-A492-3B839068C9AA}\setup.exe" -l0x9  /remove
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SpkEQOEM] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A11DFDF1-93CD-40DD-84AB-ECEB55A766F4}\setup.exe" -l0x9  /remove
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam] : (Steam.-.Valve Corporation) -> C:\Program Files (x86)\Steam\uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\UDPixel] : (UDPixel.exe.-.) -> "C:\Program Files (x86)\UDPixel\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Unity] : (Unity.-.Unity Technologies ApS) -> D:\Unity\Editor\Uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay] : (Uplay.-.Ubisoft) -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay Install 1771] : (Tom Clancy's Ghost Recon Wildlands.-.Ubisoft) -> "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe" uplay://uninstall/1771
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay Install 2010] : (Far Cry Primal.-.Ubisoft) -> "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe" uplay://uninstall/2010
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay Install 2688] : (WATCH_DOGS2.-.Ubisoft) -> "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe" uplay://uninstall/2688
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay Install 3279] : (Steep.-.Ubisoft) -> "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\upc.exe" uplay://uninstall/3279
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay Install 420] : (Far Cry 4.-.Ubisoft) -> "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe" uplay://uninstall/420
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay Install 635] : (Tom Clancy's Rainbow Six Siege.-.Ubisoft Montreal) -> "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe" uplay://uninstall/635
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay Install 895] : (Assassin's Creed Rogue.-.Ubisoft) -> "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe" uplay://uninstall/895
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay Install 91] : (Splinter Cell Blacklist.-.Ubisoft) -> "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe" uplay://uninstall/91
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinPcapInst] : (WinPcap 4.1.2.-.CACE Technologies) -> "C:\Program Files\WinPcap\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Xvid Video Codec 1.3.4] : (Xvid Video Codec.-.Xvid Team) -> C:\Program Files (x86)\Xvid\uninstall.exe
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{059E7155-66AB-3160-AB87-82552612FC2F}] : (Lumberyard 1.5.0.0 - mikkelsen.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{059E7155-66AB-3160-AB87-82552612FC2F}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{069E43BE-F438-31EC-8B1C-BBA981CBFD1C}] : (Lumberyard 1.5.0.0 - Lua.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{069E43BE-F438-31EC-8B1C-BBA981CBFD1C}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0A85B7A1-58E4-39B8-ACB8-0E59F100A702}] : (Lumberyard 1.5.0.0 - BigDigits.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{0A85B7A1-58E4-39B8-ACB8-0E59F100A702}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0CD57CEB-2FA9-3E0D-B8EE-7840C33571DF}] : (Lumberyard 1.5.0.0 - PVRTexTool.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{0CD57CEB-2FA9-3E0D-B8EE-7840C33571DF}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0E609BE1-6B8D-3134-BA1A-4E63608BC052}] : (Lumberyard 1.5.0.0 - pdcurses.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{0E609BE1-6B8D-3134-BA1A-4E63608BC052}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{12321490-F573-4815-B6CC-7ABEF18C9AC4}] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{12321490-F573-4815-B6CC-7ABEF18C9AC4}\setup.exe" -l0x40c 
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{123D0698-1DC5-3873-B475-789413BD605D}] : (Lumberyard 1.5.0.0 - jansson.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{123D0698-1DC5-3873-B475-789413BD605D}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{154C563D-5AC1-3CE9-A03C-6685D2893074}] : (Lumberyard 1.5.0.0 - Substance.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{154C563D-5AC1-3CE9-A03C-6685D2893074}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1BFB9476-C0EB-3B6D-951C-73912749A454}] : (Lumberyard 1.5.0.0 - AWS.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{1BFB9476-C0EB-3B6D-951C-73912749A454}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1E23A732-2707-3695-B12F-CDAED398A67D}] : (Lumberyard 1.5.0.0 - dev.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{1E23A732-2707-3695-B12F-CDAED398A67D}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1E242E7E-56AD-38C7-8142-04F0873CB8F6}] : (Lumberyard 1.5.0.0 - szip.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{1E242E7E-56AD-38C7-8142-04F0873CB8F6}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1F561AD0-55E0-4B00-9429-C727DD525977}] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{1F561AD0-55E0-4B00-9429-C727DD525977}\setup.exe" -l0x9 
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2386192E-D6DB-4AD2-9564-65586A0AE53E}] : (Dotfuscator and Analytics Community Edition.-.PreEmptive Solutions) -> MsiExec.exe /X{2386192E-D6DB-4AD2-9564-65586A0AE53E}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1] : (Geeks3D FurMark 1.11.0.-.Geeks3D) -> "C:\Program Files (x86)\Geeks3D\Benchmarks\FurMark_1.11.0\unins000.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}] : (UE4 Prerequisites (x64).-.Epic Games, Inc.) -> "C:\ProgramData\Package Cache\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}\UE4PrereqSetup_x64.exe"  /uninstall
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{290DE303-2C66-3D6E-ABD9-DA595F78440B}] : (Lumberyard 1.5.0.0 - rapidxml.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{290DE303-2C66-3D6E-ABD9-DA595F78440B}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2A463353-1949-31DE-900A-2B921693651A}] : (Lumberyard 1.5.0.0 - zlib.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{2A463353-1949-31DE-900A-2B921693651A}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2E02EF9C-61EE-3302-BAF3-37C16D7F5B47}] : (Lumberyard 1.5.0.0 - LibTomCrypt.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{2E02EF9C-61EE-3302-BAF3-37C16D7F5B47}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2E2755E4-D293-3FCF-99F3-980092607E10}] : (Lumberyard 1.5.0.0 - 3rdParty.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{2E2755E4-D293-3FCF-99F3-980092607E10}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2F385B5D-5F23-4513-B3CE-9F5E4F4B882A}] : (Control Center 5.0001.0.71.-.) -> "C:\Program Files (x86)\InstallShield Installation Information\{2F385B5D-5F23-4513-B3CE-9F5E4F4B882A}\setup.exe" -runfromtemp -l0x040c -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1] : (Bethesda.net Launcher.-.Bethesda Softworks) -> "D:\Games\Bethesda.net Launcher\unins000.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{34A16C27-E72F-3B55-AD1C-A978882800DC}] : (Lumberyard 1.5.0.0 - AMD.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{34A16C27-E72F-3B55-AD1C-A978882800DC}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3DEF22C9-BF50-4118-9D30-535FF6B60D47}] : (Audiokinetic Wwise v2015.2_LTX build 5495 - SDK (Windows_vc120).-.Audiokinetic Inc.) -> MsiExec.exe /X{3DEF22C9-BF50-4118-9D30-535FF6B60D47}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}] : (PreEmptive Analytics Visual Studio Components.-.PreEmptive Solutions) -> MsiExec.exe /X{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{43A59234-01E9-3097-B1F7-B19323E85148}] : (Lumberyard 1.5.0.0 - OculusSDK.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{43A59234-01E9-3097-B1F7-B19323E85148}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{45f26b39-e102-4c6e-b38e-9e8c23cc00ba}] : (Audiokinetic Wwise v2015.2_LTX build 5495.-.Audiokinetic Inc.) -> "C:\ProgramData\Package Cache\{45f26b39-e102-4c6e-b38e-9e8c23cc00ba}\WwiseLTX_v2015.2_Setup.exe"  /uninstall
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{476EAD44-D344-3335-BF54-91A062A1CBB7}] : (Lumberyard 1.5.0.0 - Wwise.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{476EAD44-D344-3335-BF54-91A062A1CBB7}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{48EBEBBF-B9F8-4520-A3CF-89A730721917}] : (Les Sims™ 4.-.Electronic Arts Inc.) -> "C:\Program Files (x86)\Common Files\EAInstaller\The Sims 4\Cleanup.exe" uninstall_game -autologging
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{49FAD7D7-9F20-38A9-9E53-31776B411A3C}] : (Lumberyard 1.5.0.0 - ilmbase.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{49FAD7D7-9F20-38A9-9E53-31776B411A3C}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A6A8D3F-BD6B-31BD-8169-38EA3B1C277D}] : (Lumberyard 1.5.0.0 - nvapi.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{4A6A8D3F-BD6B-31BD-8169-38EA3B1C277D}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A9EB787-B476-4A86-B3BE-E86109687D2F}] : (Audiokinetic Wwise v2015.2_LTX build 5495 - SDK (Common).-.Audiokinetic Inc.) -> MsiExec.exe /X{4A9EB787-B476-4A86-B3BE-E86109687D2F}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4BB1AE41-A135-3F29-BB58-51FA43B1844F}] : (Lumberyard 1.5.0.0 - alembic.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{4BB1AE41-A135-3F29-BB58-51FA43B1844F}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4C5D15D2-5351-4F05-A96E-56C20554F977}] : (RollerCoaster Tycoon 2 Triple Thrill Pack.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{4C5D15D2-5351-4F05-A96E-56C20554F977}\setup.exe" -l0x9 
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4E695C21-C785-3D3C-B93F-9AAB0B1EFAB6}] : (Lumberyard 1.5.0.0 - Lzma.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{4E695C21-C785-3D3C-B93F-9AAB0B1EFAB6}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{52D87F32-70E4-4348-8148-C0B9F35B1314}] : (Apple Software Update.-.Apple Inc.) -> MsiExec.exe /I{52D87F32-70E4-4348-8148-C0B9F35B1314}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{56289068-B524-3051-B901-A178A9CFD78A}] : (Lumberyard 1.5.0.0 - OpenEXR.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{56289068-B524-3051-B901-A178A9CFD78A}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] : (Realtek Card Reader.-.Realtek Semiconduct Corp.) -> C:\WINDOWS\RtCRU64.exe /u
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5E5B067F-52A4-447E-A3F1-D6DD10565E73}] : (Airplane Mode Hid Installer.-.) -> "C:\Program Files (x86)\InstallShield Installation Information\{5E5B067F-52A4-447E-A3F1-D6DD10565E73}\setup.exe" -runfromtemp -l0x0409 -removeonly
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60018889-9E0F-43E8-9B89-29E8C828B40A}] : (Dotfuscator and Analytics Community Edition 5.22.0.-.PreEmptive Solutions) -> MsiExec.exe /X{60018889-9E0F-43E8-9B89-29E8C828B40A}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{63cb26c8-5146-4a1c-b321-4fa49a7d7118}] : (Lumberyard v1.5.0.0.-.Amazon Web Services, Inc.) -> "C:\ProgramData\Package Cache\{63cb26c8-5146-4a1c-b321-4fa49a7d7118}\tempLumberyardInstaller1.5.0.0.exe"  /uninstall
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{63DDE690-7963-3A50-8A9C-6C506D9C8347}] : (Lumberyard 1.5.0.0 - p4api.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{63DDE690-7963-3A50-8A9C-6C506D9C8347}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6CF61819-EB0A-3267-8A6C-1724C6AB9878}] : (Lumberyard 1.5.0.0 - expat.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{6CF61819-EB0A-3267-8A6C-1724C6AB9878}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7258BA11-600C-430E-A759-27E2C691A335}_is1] : (GOG Galaxy.-.GOG.com) -> "C:\Program Files (x86)\GOG Galaxy\unins000.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{73B3EFFA-DEC7-348F-B478-269DC3B1AF54}] : (Lumberyard 1.5.0.0 - Qt.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{73B3EFFA-DEC7-348F-B478-269DC3B1AF54}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{73E9DEBE-C26E-45FD-A453-F43059BC47A2}] : (Audiokinetic Wwise v2015.2_LTX build 5495 - SDK (Linux).-.Audiokinetic Inc.) -> MsiExec.exe /X{73E9DEBE-C26E-45FD-A453-F43059BC47A2}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{75FC89A3-8B23-4609-BF5C-090E58D6B390}] : (Killer Performance Suite.-.Rivet Networks) -> "C:\Program Files (x86)\InstallShield Installation Information\{75FC89A3-8B23-4609-BF5C-090E58D6B390}\setup.exe" -remove -runfromtemp
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{777B0A2F-CA68-3EEA-A4B7-740702825590}] : (Lumberyard 1.5.0.0 - Qwt.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{777B0A2F-CA68-3EEA-A4B7-740702825590}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{78F98E93-382F-3802-A8F1-64CB5C5DEECD}] : (Lumberyard 1.5.0.0 - tiff.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{78F98E93-382F-3802-A8F1-64CB5C5DEECD}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7A5444DE-335A-403C-8907-7A662F1722E2}] : (Audiokinetic Wwise v2015.2_LTX build 5495 - Authoring Binaries 64-bit.-.Audiokinetic Inc.) -> MsiExec.exe /X{7A5444DE-335A-403C-8907-7A662F1722E2}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7C71BEEB-2D74-34CF-9518-0E4DEBDF6435}] : (Lumberyard 1.5.0.0 - LZSS.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{7C71BEEB-2D74-34CF-9518-0E4DEBDF6435}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{886069FC-F4D0-3696-999F-9776EF25DA37}] : (Lumberyard 1.5.0.0 - boost.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{886069FC-F4D0-3696-999F-9776EF25DA37}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{88B1984E-36F0-47B8-B8DC-728966807A9C}] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\setup.exe" -l0x40c 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}] : (FIFA 17.-.Electronic Arts) -> "C:\Program Files\Common Files\EAInstaller\FIFA 17\Cleanup.exe" uninstall_game -autologging
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F11A561-4D8B-3FCA-B409-1124C9DC9575}] : (Lumberyard 1.5.0.0 - rapidjson.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{8F11A561-4D8B-3FCA-B409-1124C9DC9575}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{900D9036-4EDA-45EC-A095-E8AFB25D807A}] : (LibreOffice 5.0.6.3.-.The Document Foundation) -> MsiExec.exe /I{900D9036-4EDA-45EC-A095-E8AFB25D807A}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90208999-EB52-388B-8032-C2201B582E05}] : (Lumberyard 1.5.0.0 - SQLite.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{90208999-EB52-388B-8032-C2201B582E05}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{907B4640-266B-4A21-92FB-CD1A86CD0F63}] : (RollerCoaster Tycoon 3.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{907B4640-266B-4A21-92FB-CD1A86CD0F63}\Setup.exe" -l0x40c 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{918A4598-866C-4B8F-8901-13F8593EBED6}] : (Sound Blaster X-Fi MB5.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{918A4598-866C-4B8F-8901-13F8593EBED6}\Setup.exe" -l0x40c  /remove
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9200FDDE-ADE6-314A-BB39-C10C44AFC2F5}] : (Lumberyard 1.5.0.0 - SDL2.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{9200FDDE-ADE6-314A-BB39-C10C44AFC2F5}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}] : (PreEmptive Analytics Visual Studio Components.-.PreEmptive Solutions) -> MsiExec.exe /X{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{94D9D8FF-5ACB-3172-BFA8-61928770E950}] : (Lumberyard 1.5.0.0 - OSVR.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{94D9D8FF-5ACB-3172-BFA8-61928770E950}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{99892855-6CBD-4B0D-970F-DC53D3AA4103}] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{99892855-6CBD-4B0D-970F-DC53D3AA4103}\setup.exe" -l0x9 
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A090E296-9B54-3F95-9450-F9CE6E6B51E5}] : (Lumberyard 1.5.0.0 - OpenVR.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{A090E296-9B54-3F95-9450-F9CE6E6B51E5}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A11DFDF1-93CD-40DD-84AB-ECEB55A766F4}] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A11DFDF1-93CD-40DD-84AB-ECEB55A766F4}\setup.exe" -l0x9 
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A4795FC7-E73B-3DB9-A3DF-B83E4332317E}] : (Lumberyard 1.5.0.0 - dyad.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{A4795FC7-E73B-3DB9-A3DF-B83E4332317E}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A81B1C4F-354C-4339-A492-3B839068C9AA}] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{A81B1C4F-354C-4339-A492-3B839068C9AA}\setup.exe" -l0x9 
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}] : (Logiciel pour périphérique à chipset Intel®.-.Intel(R) Corporation) -> "C:\ProgramData\Package Cache\{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}\SetupChipset.exe"  /uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AAEF329E-F353-46C9-933D-24A571986093}] : (.-.Creative Technology Limited) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{AAEF329E-F353-46C9-933D-24A571986093}\setup.exe" -l0x40c 
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC536F45-B431-37C2-9BF2-A8FDCFDD48A6}] : (Lumberyard 1.5.0.0 - OpenSSL.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{AC536F45-B431-37C2-9BF2-A8FDCFDD48A6}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-001824225037}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-001824225037}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}] : (Adobe Acrobat Reader DC - Français.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-AC0F074E4100}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AD415450-3266-4713-B9EA-1C40BB8D7BFF}] : (Control Center 5.0001.0.71.-.Default Company Name) -> 
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AE21E1EE-4902-34E9-BBFB-B94CD559DCE3}] : (Lumberyard 1.5.0.0 - markupsafe.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{AE21E1EE-4902-34E9-BBFB-B94CD559DCE3}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B0AE8717-CE8D-3843-B898-C47C9B7F14FD}] : (Lumberyard 1.5.0.0 - jinja2.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{B0AE8717-CE8D-3843-B898-C47C9B7F14FD}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B29CDF64-5F33-3086-B45E-E0E71C2F7462}] : (Lumberyard 1.5.0.0 - Codejock Software.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{B29CDF64-5F33-3086-B45E-E0E71C2F7462}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B8D2AD05-64BC-4BC2-BB76-1B9793394BF3}] : (Audiokinetic Wwise v2015.2_LTX build 5495 - Authoring Data.-.Audiokinetic Inc.) -> MsiExec.exe /X{B8D2AD05-64BC-4BC2-BB76-1B9793394BF3}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B92C2C6C-F70E-497B-88A7-1FEF9888272B}] : (Adobe AIR.-.Adobe Systems Incorporated) -> MsiExec.exe /I{B92C2C6C-F70E-497B-88A7-1FEF9888272B}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BAC04CF9-480E-3708-9DAF-0531041AED28}] : (Lumberyard 1.5.0.0 - hdf5.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{BAC04CF9-480E-3708-9DAF-0531041AED28}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}] : (Gtk# for .Net 2.12.26.-.Xamarin, Inc.) -> MsiExec.exe /X{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C0F25560-AA35-31FB-AB44-E47ED145151E}] : (Lumberyard 1.5.0.0 - lz4.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{C0F25560-AA35-31FB-AB44-E47ED145151E}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C6034033-D022-3808-BDC8-DBCA38E2847E}] : (Lumberyard 1.5.0.0 - packageRoot.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{C6034033-D022-3808-BDC8-DBCA38E2847E}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}] : (Launcher Prerequisites (x64).-.Epic Games, Inc.) -> "C:\ProgramData\Package Cache\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}\LauncherPrereqSetup_x64.exe"  /uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CD24B06F-0A4D-410A-AEF2-DFE6A28AB4C0}_is1] : (Action Replay PowerSaves 3DS version 1.45.-.Datel Design & Development) -> "C:\Program Files (x86)\Action Replay PowerSaves 3DS\unins000.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CFB784AC-3B33-3D52-B07C-54F1871F1381}] : (Lumberyard 1.5.0.0 - jsmn.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{CFB784AC-3B33-3D52-B07C-54F1871F1381}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D17EAAF2-F0CD-35B0-9D41-4A4537324DEB}] : (Lumberyard 1.5.0.0 - docs.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{D17EAAF2-F0CD-35B0-9D41-4A4537324DEB}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}] : (GTA San Andreas.-.Rockstar Games) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x40c -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D57270AA-D9AB-4D7C-BC08-09F2B5DEF815}_is1] : (Five Multiplayer version (PRE-RELEASE) 0.2a.-.Five Multiplayer) -> "C:\Program Files (x86)\Five Multiplayer\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}] : (Grand Theft Auto V.-.Rockstar Games) -> "C:\Program Files (x86)\InstallShield Installation Information\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}\Setup.exe" -runfromtemp -l0x040c -removeonly
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E1020D5D-1DE6-3AAF-9C71-0D7E827795DA}] : (Lumberyard 1.5.0.0 - LibTomMath.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{E1020D5D-1DE6-3AAF-9C71-0D7E827795DA}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E579D583-FBA3-3E6D-9461-B5374F386A38}] : (Lumberyard 1.5.0.0 - LiveMocap.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{E579D583-FBA3-3E6D-9461-B5374F386A38}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}] : (Apple Application Support (32 bits).-.Apple Inc.) -> MsiExec.exe /I{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}] : (RCT3 Soaked.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}\Setup.exe" -l0x40c 
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0FA7AEB-3FB6-3F48-9EE9-62F1E0801C2E}] : (Lumberyard 1.5.0.0 - GoogleMock.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{F0FA7AEB-3FB6-3F48-9EE9-62F1E0801C2E}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}] : (Les Sims(tm) : L'intégrale.-.) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}\Setup.exe" -l0x40c -l040c
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F4851D03-553C-4ACE-ADBD-CA6BE8451072}] : (Singles2.-.Deep Silver) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{F4851D03-553C-4ACE-ADBD-CA6BE8451072}\setup.exe" -l0x40c -removeonly
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F4E271EF-BAED-33A7-8368-9A1233EAE501}] : (Lumberyard 1.5.0.0 - squish-ccr.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{F4E271EF-BAED-33A7-8368-9A1233EAE501}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F752DACC-57CF-323F-AFB5-5A3CB13072CE}] : (Lumberyard 1.5.0.0 - md5.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{F752DACC-57CF-323F-AFB5-5A3CB13072CE}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F7916573-4BDD-4A9F-9E2F-CC8107845DC3}] : (Launcher CRYENGINE.-.Crytek GmbH) -> MsiExec.exe /X{F7916573-4BDD-4A9F-9E2F-CC8107845DC3}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F9B4014E-6C94-423C-88AC-C9FE953B70A4}] : (Audiokinetic Wwise v2015.2_LTX build 5495 - Wwise LTX License.-.Audiokinetic Inc.) -> MsiExec.exe /X{F9B4014E-6C94-423C-88AC-C9FE953B70A4}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FBD934F4-FC23-4044-8392-3551DC8D972F}] : (Logiciel Thunderbolt(TM).-.Intel Corporation) -> MsiExec.exe /X{FBD934F4-FC23-4044-8392-3551DC8D972F}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC832B0F-C308-3F30-B6A7-4833FC5E200C}] : (Lumberyard 1.5.0.0 - FreeType2.-.Amazon Web Services, Inc.) -> MsiExec.exe /I{FC832B0F-C308-3F30-B6A7-4833FC5E200C}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{{4E7BB653-2585-4138-95F3-3455FCA04354}}] : (.-.) -> 

---------- | Ports 


---------- | Microsoft Specifications

CheckID: Access_PIA0{90160000-008C-0000-0000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT ACCESSC2RINSTALLED) -> Access_PIA
CheckID: Ace_PIA0{90160000-008C-0000-0000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> Ace_PIA
CheckID: dummy_MSCOMCTL_PIA0{90160000-008C-0000-0000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> dummy_MSCOMCTL_PIA
CheckID: dummy_Office_PIA0{90160000-008C-0000-0000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> dummy_Office_PIA
CheckID: Excel_PIA0{90160000-008C-0000-0000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT EXCELC2RINSTALLED) -> Excel_PIA
CheckID: Forms_PIA0{90160000-008C-0000-0000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> Forms_PIA
CheckID: Graph_PIA0{90160000-008C-0000-0000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT (ACCESSC2RINSTALLED OR EXCELC2RINSTALLED OR POWERPOINTC2RINSTALLED OR WORDC2RINSTALLED)) -> Graph_PIA
CheckID: OneNotePIA0{90160000-008C-0000-0000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT ONENOTEC2RINSTALLED) -> OneNotePIA
CheckID: Outlook_PIA0{90160000-008C-0000-0000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT OUTLOOKC2RINSTALLED) -> Outlook_PIA
CheckID: PowerPoint_PIA0{90160000-008C-0000-0000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT POWERPOINTC2RINSTALLED) -> PowerPoint_PIA
CheckID: Publisher_PIA0{90160000-008C-0000-0000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT PUBLISHERC2RINSTALLED) -> Publisher_PIA
CheckID: SmartTag_PIA0{90160000-008C-0000-0000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT (ACCESSC2RINSTALLED OR EXCELC2RINSTALLED OR WORDC2RINSTALLED)) -> SmartTag_PIA
CheckID: VSCommonPIAHidden0{90160000-008C-0000-0000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT C2RINSTALLED) -> VSCommonPIAHidden
CheckID: Word_PIA0{90160000-008C-0000-0000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT WORDC2RINSTALLED) -> Word_PIA
CheckID: VSTO0{90160000-008C-0000-0000-0000000FF1CE} - CLICK2RUN -> VSTO
CheckID: VSTOCLR350{90160000-008C-0000-0000-0000000FF1CE} - CLICK2RUN -> VSTOCLR35
CheckID: VSTOCLR400{90160000-008C-0000-0000-0000000FF1CE} - CLICK2RUN -> VSTOCLR40
CheckID: VSTOIntl_10360{90160000-008C-040C-0000-0000000FF1CE} - CLICK2RUN -> VSTOIntl_1036
CheckID: VSTOCLR35Intl_10360{90160000-008C-040C-0000-0000000FF1CE} - CLICK2RUN -> VSTOCLR35Intl_1036
CheckID: VSTOCLR40Intl_10360{90160000-008C-040C-0000-0000000FF1CE} - CLICK2RUN -> VSTOCLR40Intl_1036
CheckID: AccessPiaReg640{90160000-00DD-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT ACCESSC2RINSTALLED) -> AccessPiaReg64
CheckID: ExcelPiaReg640{90160000-00DD-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT EXCELC2RINSTALLED) -> ExcelPiaReg64
CheckID: GraphPiaReg640{90160000-00DD-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT (ACCESSC2RINSTALLED OR EXCELC2RINSTALLED OR POWERPOINTC2RINSTALLED OR WORDC2RINSTALLED)) -> GraphPiaReg64
CheckID: OneNotePIAReg640{90160000-00DD-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT ONENOTEC2RINSTALLED) -> OneNotePIAReg64
CheckID: OutlookPiaReg640{90160000-00DD-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT OUTLOOKC2RINSTALLED) -> OutlookPiaReg64
CheckID: PowerPointPiaReg640{90160000-00DD-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT POWERPOINTC2RINSTALLED) -> PowerPointPiaReg64
CheckID: PublisherPiaReg640{90160000-00DD-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT PUBLISHERC2RINSTALLED) -> PublisherPiaReg64
CheckID: SmartTagPiaReg640{90160000-00DD-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT (ACCESSC2RINSTALLED OR EXCELC2RINSTALLED OR WORDC2RINSTALLED)) -> SmartTagPiaReg64
CheckID: WordPiaReg640{90160000-00DD-0000-1000-0000000FF1CE} - REMOVE~<>"ALL" AND C2RINT AND (NOT WORDC2RINSTALLED) -> WordPiaReg64
CheckID: ExtensionsFeature0{093F1701-E0CB-3506-9366-07B69773A78B} - NOT VISUALSTUDIO_INSTALLDIR -> ExtensionsFeature
CheckID: fe8d43ddda40eb4501ac9a210b9fef59db1{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe8d43ddda40eb4501ac9a210b9fef59db
CheckID: fef6533c84d9a64bdc891c52a0f48f35ac1{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fef6533c84d9a64bdc891c52a0f48f35ac
CheckID: fe9875c59842204b6fa47918bb767b67e11{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe9875c59842204b6fa47918bb767b67e1
CheckID: fe9e983757cc744f3fb740aad43d105baf1{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe9e983757cc744f3fb740aad43d105baf
CheckID: fe61aa8a41a16e4120a270e3524a2162261{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe61aa8a41a16e4120a270e3524a216226
CheckID: fe755daa407b5749778172fd57c7b861b71{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe755daa407b5749778172fd57c7b861b7
CheckID: FT_VisualStudio12_WebFXTools0{4E7BB653-2585-4138-95F3-3455FCA04354} - NOT VS_INSTALL_DIR -> FT_VisualStudio12_WebFXTools
CheckID: febfb1c23d04574f599dcb3967175a40811{492498A3-F88C-FE2F-755C-9B1B91724CA5} - REG_SEARCH_FOR_VSDEV12ROOT OR REMOVE -> febfb1c23d04574f599dcb3967175a4081
CheckID: Application0{FBD934F4-FC23-4044-8392-3551DC8D972F} - (EXTRACTDRIVERS) -> Application
CheckID: Drivers0{FBD934F4-FC23-4044-8392-3551DC8D972F} - (EXTRACTDRIVERS) OR (NO_DRIVERS="TRUE") -> Drivers
CheckID: FT_Mvc_VisualStudio120{979C7495-FB42-484E-92EA-7F2A59DD7718} - NOT VS_INSTALL_DIR -> FT_Mvc_VisualStudio12
CheckID: FT_TestTemplates_VisualStudio120{979C7495-FB42-484E-92EA-7F2A59DD7718} - NOT VS_INSTALL_DIR OR NOT VISUALSTUDIO_TEST_PROJECTS -> FT_TestTemplates_VisualStudio12
CheckID: FT_WebPages_VisualStudio120{64297226-2B81-4588-89BD-76440BC0BCFC} - NOT VS_INSTALL_DIR -> FT_WebPages_VisualStudio12
CheckID: ThumbnailPreviewHandler1{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - ADD_THUMBNAILPREVIEW="YES" -> ThumbnailPreviewHandler
CheckID: Accessibility_Plugins0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_ACCESSIBILITY="YES" -> Accessibility_Plugins
CheckID: AdobeCommonLinguistics_Big0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_LINGUISTICS="YES" -> AdobeCommonLinguistics_Big
CheckID: Atmosphere_3D0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_3D="YES" -> Atmosphere_3D
CheckID: MultimediaPlugin0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_MULTIMEDIA="YES" -> MultimediaPlugin
CheckID: ReaderAIRIntegration0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_AIR_INTEGRATION="YES" -> ReaderAIRIntegration
CheckID: ReaderBrowserIntegration0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_BROWSER_INTEGRATION="YES" -> ReaderBrowserIntegration
CheckID: ReaderPDFIntegration0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_PDF_INTEGRATION="YES" -> ReaderPDFIntegration
CheckID: SearchAndIndex0{AC76BA86-7AD7-1036-7B44-AC0F074E4100} - DISABLE_SEARCH5="YES" -> SearchAndIndex
CheckID: fe51c800d4f6194327a47d593a59ba20c11{B1C38F27-D377-8C98-D98D-29B67C0B978D} - REG_SEARCH_FOR_VSDEV12ROOT -> fe51c800d4f6194327a47d593a59ba20c1
CheckID: BuildTools0{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600} - SERVER -> BuildTools
CheckID: VS12_Tools1{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600} - (VS12_INSTALL_DIR AND (NOT SERVER)) OR (REMOVE ~= "ALL") -> VS12_Tools
CheckID: ClientPiece0{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600} - SERVER -> ClientPiece
CheckID: FT_VC_Libraries_Core3{FFC6E93A-B9AD-3F20-9B06-EE20E24AAEAF} - VC_LIBRARIES_CORE_VERSION > "51106" -> FT_VC_Libraries_Core
CheckID: FT_VC_Libraries_Core_X863{FFC6E93A-B9AD-3F20-9B06-EE20E24AAEAF} - VC_LIBRARIES_CORE_X86_VERSION > "51106" -> FT_VC_Libraries_Core_X86
CheckID: FT_VC_Libraries_Core_X643{FFC6E93A-B9AD-3F20-9B06-EE20E24AAEAF} - VC_LIBRARIES_CORE_X64_VERSION > "51106" -> FT_VC_Libraries_Core_X64
CheckID: FT_VC_Libraries_Core_ARM3{2F8F489A-0476-3129-857B-A553F38B192D} - VC_LIBRARIES_CORE_ARM_VERSION > "51106" -> FT_VC_Libraries_Core_ARM
CheckID: GAC_NGEN_ALL_Feature0{B536762B-1047-4B51-8ECF-46D5686E5416} - NOT VersionNT64 -> GAC_NGEN_ALL_Feature
CheckID: GAC_NGEN_ALL_Feature0{EB25848D-AADC-40D7-914E-CB2E25AB5E59} - NOT VersionNT64 -> GAC_NGEN_ALL_Feature
CheckID: fe691cf2e12069492d90ac31389ed768161{5247E16E-BCF8-95AB-1653-B3F8FBF8B3F1} - ("AMD64" ~= %PROCESSOR_ARCHITECTURE) AND ("x64" ~= ProductArchitecture) -> fe691cf2e12069492d90ac31389ed76816
CheckID: fea721edbfa1174f728a639dbb8a6660b11{F395FD4F-40E5-7B56-2BCB-B3CF52B3B52C} - NOT VersionNT64 -> fea721edbfa1174f728a639dbb8a6660b1
CheckID: fe572c9f1eae3546679166fececef16dc61{F395FD4F-40E5-7B56-2BCB-B3CF52B3B52C} - VersionNT64 -> fe572c9f1eae3546679166fececef16dc6
CheckID: fe1559e6e1022144a8b5b0ae14281475a31{F395FD4F-40E5-7B56-2BCB-B3CF52B3B52C} - "AMD64" ~= %PROCESSOR_ARCHITECTURE -> fe1559e6e1022144a8b5b0ae14281475a3

---------- | CLSID


---------- | Installer

[HKCR\Installer\Products\00006109C80000000000000000F01FEC] : Office 16 Click-to-Run Extensibility Component
[HKCR\Installer\Products\00006109C800C0400000000000F01FEC] : Office 16 Click-to-Run Localization Component
[HKCR\Installer\Products\00006109DD0000000100000000F01FEC] : Office 16 Click-to-Run Extensibility Component 64-bit Registration
[HKCR\Installer\Products\00006109F80000000100000000F01FEC] : Office 16 Click-to-Run Licensing Component
[HKCR\Installer\Products\00058CD18F0BF523DA1072073D56715D] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\008BB29E5CCB52C41820CAC2B3C7C7E1] : Apple Application Support (32 bits) -> C:\WINDOWS\Installer\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}\WinInstall.ico
[HKCR\Installer\Products\04FE16E415A899D3AAC4232F30730038] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\054514DA662331749BAEC104BBD8B7FF] : Control Center 5.0001.0.71
[HKCR\Installer\Products\05A724FA93D73FF4DBB0820DE882374F] : Killer Network Manager -> C:\Windows\Installer\{AF427A50-7D39-4FF3-BD0B-28D08E2873F4}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\060DED06B6B01CC39B550DDC04F1F0AB] : Visual C++ IDE x64 Package
[HKCR\Installer\Products\06552F0C53AABF13BA444EE71D5451E1] : Lumberyard 1.5.0.0 - lz4
[HKCR\Installer\Products\066ED7F9EFB62AB39AD3F431DB311EB0] : VS Update core components
[HKCR\Installer\Products\070DA1A8F96251A4AA5B67BA98E61F59] : Azure AD Authentication Connected Service
[HKCR\Installer\Products\07E464739B0BFFD946A9BC1E96AB6D75] : Windows Software Development Kit for Windows Store Apps
[HKCR\Installer\Products\08735E734493A6A448F22717828E16E6] : Blend for Visual Studio SDK for .NET 4.5 -> C:\Windows\Installer\{37E53780-3944-4A6A-842F-727128E8616E}\Application
[HKCR\Installer\Products\09179CA7CD7686D47B34347F1ECF93A3] : Windows Phone 8.1 SDK - ARM
[HKCR\Installer\Products\096EDD36369705A3A8C9C605D6C93874] : Lumberyard 1.5.0.0 - p4api
[HKCR\Installer\Products\0B8AF8CDABE92F8339D400B12DE1CA6B] : Windows Phone SDK 8.0 Assemblies
[HKCR\Installer\Products\0BFD0160AECC0CE63E3C0A61A07DDF89] : Windows Runtime Intellisense Content - en-us
[HKCR\Installer\Products\12B30EFE5A8ADCC318DBF74C07701FAB] : Visual C++ IDE Common Resource Package
[HKCR\Installer\Products\12C596E4587CC3D39BF3A9BAB0E1AF6B] : Lumberyard 1.5.0.0 - Lzma
[HKCR\Installer\Products\141695A05D79AF54291889FDFA845D97] : Apple Mobile Device Support -> C:\WINDOWS\Installer\{0A596141-97D5-45FA-9281-98DFAF48D579}\Installer.ico
[HKCR\Installer\Products\14EA1BB4531A92F3BB8515AF341B48F4] : Lumberyard 1.5.0.0 - alembic
[HKCR\Installer\Products\165A11F8B8D4ACF34B9011429CCD5957] : Lumberyard 1.5.0.0 - rapidjson
[HKCR\Installer\Products\16CEC2D10F3CE72C27089F6D1B3087EB] : Windows App Certification Kit Native Components
[HKCR\Installer\Products\1A7B58A04E858B93CA8BE0951F007A20] : Lumberyard 1.5.0.0 - BigDigits
[HKCR\Installer\Products\1BF3F349C9F37BF44A2ED6351607863C] : PreEmptive Analytics Visual Studio Components -> C:\Windows\Installer\{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}\icon.ico
[HKCR\Installer\Products\1EB906E0D8B64313ABA1E43606B80C25] : Lumberyard 1.5.0.0 - pdcurses
[HKCR\Installer\Products\237A32E1707259631BF2DCEA3D896AD7] : Lumberyard 1.5.0.0 - dev
[HKCR\Installer\Products\23F78D254E07843418840C9B3FB53141] : Apple Software Update -> C:\WINDOWS\Installer\{52D87F32-70E4-4348-8148-C0B9F35B1314}\Installer.ico
[HKCR\Installer\Products\263AC5E16B930DB49B0C96FC510FEF2A] : AzureTools.Notifications
[HKCR\Installer\Products\26A859D1089C7BC3CA9504FED0F18AE0] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\270EEE60165B5E83589D84A5CBEB3824] : Visual F# 3.1 SDK
[HKCR\Installer\Products\2E4D4D948E1264334A69A141511B5849] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\2F181B388B0200F4E8176CE659A1D8F4] : Visual Studio 2015 Prerequisites - ENU Language Pack
[HKCR\Installer\Products\2F220489ACB9D14AA683A16E850F4151] : Windows Software Development Kit
[HKCR\Installer\Products\2FAAE71DDC0F0B53D914A4547323D4BE] : Lumberyard 1.5.0.0 - docs
[HKCR\Installer\Products\3017D53AEA0E1244899EF3E5EEDEB3D7] : Windows Phone 8.1 Tools for Visual Studio 2013 - ENU
[HKCR\Installer\Products\303ED09266C2E6D3BA9DAD95F58744B0] : Lumberyard 1.5.0.0 - rapidxml
[HKCR\Installer\Products\317725EEA8EBA8438845ADBCEC35612F] : Visual C++ MSBuild X64 Package
[HKCR\Installer\Products\31F3525824EE05843A5A979BE0297DCA] : Entity Framework 6.1.1 Tools  for Visual Studio 2013 -> C:\Windows\Installer\{85253F13-EE42-4850-A3A5-79B90E92D7AC}\setup.ico
[HKCR\Installer\Products\3219F53360390BD4FA70C9363671EED9] : Intel(R) ME UninstallLegacy
[HKCR\Installer\Products\3304306C220D8083DB8CBDAC832E48E7] : Lumberyard 1.5.0.0 - packageRoot
[HKCR\Installer\Products\34DFCB3A6D8523137AFD61EC40763227] : Visual Studio 2012 Verification SDK
[HKCR\Installer\Products\353364A29491ED1309A0B229613956A1] : Lumberyard 1.5.0.0 - zlib
[HKCR\Installer\Products\3756197FDDB4F9A4E9F2CC187048D53C] : Launcher CRYENGINE -> C:\WINDOWS\Installer\{F7916573-4BDD-4A9F-9E2F-CC8107845DC3}\launcher.ico
[HKCR\Installer\Products\3785BBEA6FD10914898D9DCF1544BEB3] : Windows Phone 8.1 SDK - Desktop
[HKCR\Installer\Products\385D975E3ABFD6E349165B73F483A683] : Lumberyard 1.5.0.0 - LiveMocap
[HKCR\Installer\Products\39E89F87F28320838A1F46BCC5D5EEDC] : Lumberyard 1.5.0.0 - tiff
[HKCR\Installer\Products\3A894294C88FF2EF57C5B9B11927C45A] : LocalESPC Dev12
[HKCR\Installer\Products\3FD1021D439FA2435A68B252C58B2B51] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\4003DA6594B0F7696F280B65056BA187] : Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
[HKCR\Installer\Products\40EF163FE9873F24BBBA7E3B08AAE560] : Windows XP Targeting with C++
[HKCR\Installer\Products\42113BF95DF1B413B8194ECE4C131E7D] : Visual Studio 2012-Verifizierungs-SDK - deu
[HKCR\Installer\Products\42ACA5646D8BCEF44AD2E9CF9BC25D06] : TypeScript Power Tool -> C:\WINDOWS\Installer\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}\TypeScriptIcon.ico
[HKCR\Installer\Products\43295A349E1079031B7F1B39328E1584] : Lumberyard 1.5.0.0 - OculusSDK
[HKCR\Installer\Products\44DAE674443D5333FB45190A261ABC7B] : Lumberyard 1.5.0.0 - Wwise
[HKCR\Installer\Products\454D8906B7BC2C4468518D96DF69557C] : TypeScript Power Tool -> C:\Windows\Installer\{6098D454-CB7B-44C2-8615-D869FD9655C7}\TypeScriptIcon.ico
[HKCR\Installer\Products\4561C821E9B39594B8BFECF6900C0AD1] : MSBuild/NuGet Integration 14.0 (x86)
[HKCR\Installer\Products\4603731259DABD843AE2D0E980FE3755] : Prerequisites for SSDT -> C:\Windows\Installer\{21373064-AD95-48DB-A32E-0D9E08EF7355}\ARPIco
[HKCR\Installer\Products\4631232B829ED5239A4539D35332B95E] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\46FDC92B33F568034BE50E7EC1F24726] : Lumberyard 1.5.0.0 - Codejock Software
[HKCR\Installer\Products\495334533A58AEE369E3E0E568B0286D] : Visual C++ MSBuild Base Package
[HKCR\Installer\Products\4B07F66B5E43A924F95517920E38A354] : Intel(R) Rapid Storage Technology
[HKCR\Installer\Products\4BFC18829F177C042882365911C7E0AD] : Python Tools Redirection Template
[HKCR\Installer\Products\4D2F1236B6634EA378A7E835E93C33A1] : Visual F# 3.1 VS
[HKCR\Installer\Products\4E5572E2392DFCF3993F89002906E701] : Lumberyard 1.5.0.0 - 3rdParty
[HKCR\Installer\Products\4E75276CC42F53C368BB9E7B5D4D9DBF] : Visual C++ IDE Professional Core Package
[HKCR\Installer\Products\4F439DBF32CF440438295315CDD879F2] : Logiciel Thunderbolt(TM) -> C:\Windows\Installer\{FBD934F4-FC23-4044-8392-3551DC8D972F}\MainIcon
[HKCR\Installer\Products\50DA2D8BCB462CB4BB67B1793993B43F] : Audiokinetic Wwise v2015.2_LTX build 5495 - Authoring Data
[HKCR\Installer\Products\5122AD3302FA12F31A17750F35A3C5FA] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\54D9CEFB4DABC7D36B7A88D7126E2CA5] : Visual C++ Compiler/Tools X86 Base Package
[HKCR\Installer\Products\54F635CA134B2C73B92F8ADFFCDD846A] : Lumberyard 1.5.0.0 - OpenSSL
[HKCR\Installer\Products\5517E950BA660613BA7828556221CFF2] : Lumberyard 1.5.0.0 - mikkelsen
[HKCR\Installer\Products\575C7E8CAFCF2B64F80C8ECA56053105] : Epic Games Launcher -> C:\Windows\Installer\{C8E7C575-FCFA-46B2-8FC0-E8AC65501350}\UnrealEngineLauncher.ico
[HKCR\Installer\Products\575ED8F29FEAF4E4AB03562BFD7D6AAD] : Windows Phone 8.1 Tools for Visual Studio Professionald 2013 - ENU
[HKCR\Installer\Products\5BB48B7C178B0204C9D0BC809D7B5762] : Windows Phone 8.1 Tools for Visual Studio Professional 2013
[HKCR\Installer\Products\5C894BC8B276C6F31934480BBB1CAE3B] : Visual C++ MSBuild X86 Package
[HKCR\Installer\Products\5CBAC779B4B74EA3E8B1656C371C6D83] : ????? Visual Studio 2012 Verification SDK - rus
[HKCR\Installer\Products\5E014BAE816379C4E8AE54A0578F56DF] : Windows Phone 8.1 SDK - x64
[HKCR\Installer\Products\6309D009ADE4CE540A598EFA2BD508A7] : LibreOffice 5.0.6.3 -> C:\Windows\Installer\{900D9036-4EDA-45EC-A095-E8AFB25D807A}\soffice.ico
[HKCR\Installer\Products\644EC92151360BD3EA2FE30EACC413EA] : Visual Studio 2012 Verification SDK - enu
[HKCR\Installer\Products\659BFB78D1CDCF838A949A99A781F336] : Roslyn Language Services - x86
[HKCR\Installer\Products\65DF6EA3134D35B4490F598E4402A6FD] : Intel(R) Chipset Device Software
[HKCR\Installer\Products\65EC0961132295E409600A78D649E98A] :  Tools for .Net 3.5
[HKCR\Installer\Products\6749BFB1BE0CD6B359C1371972944A45] : Lumberyard 1.5.0.0 - AWS
[HKCR\Installer\Products\67916EA72EF656B4E9C1D44E248877B2] : Visual Studio Extensions for Windows Library for JavaScript
[HKCR\Installer\Products\6828BC1A3BFC589A7D9927A1F0A2723F] : Windows Software Development Kit DirectX x86 Remote
[HKCR\Installer\Products\68701964CA4E4E144A0A0C68AE5842D2] : WCF Data Services 5.6.0 Runtime
[HKCR\Installer\Products\68AB67CA408033019195008142220573] : Adobe Refresh Manager -> C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824225037}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\68AB67CA7DA76301B744CAF070E41400] : Adobe Acrobat Reader DC - Français -> C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}\SC_Reader.ico
[HKCR\Installer\Products\692E090A45B959F349059FECE6B6155E] : Lumberyard 1.5.0.0 - OpenVR
[HKCR\Installer\Products\6A098CBEC7ED4B44AA3011B916093D1E] : Blend for Visual Studio 2013 -> C:\Windows\Installer\{EBC890A6-DE7C-44B4-AA03-119B6190D3E1}\Application
[HKCR\Installer\Products\6D32A5DBF9E1873398FC9E968070D835] : Visual C++ IDE Common Package
[HKCR\Installer\Products\6D9D1C530C783A641B4BDECB0C3622C1] : Prerequisites for SSDT -> C:\Windows\Installer\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}\ARPIco
[HKCR\Installer\Products\7178EA0BD8EC34838B894CC7B9F741DF] : Lumberyard 1.5.0.0 - jinja2
[HKCR\Installer\Products\72C61A43F27E55B3DAC19A87888200CD] : Lumberyard 1.5.0.0 - AMD
[HKCR\Installer\Products\72DDB6B079031EF4DB6ED1E57C935936] : Visual Studio 2013 Prerequisites
[HKCR\Installer\Products\72F83C1B773D89C89DD8926BC7B079D8] : LocalESPCui for en-us Dev12
[HKCR\Installer\Products\751531DBBC29A174B9FFBB406ECE2FB5] : Intel(R) Management Engine Components
[HKCR\Installer\Products\761CF1F288D2A8E358EAD232AD61FDFA] : Visual Studio 2012 Verification SDK - ita
[HKCR\Installer\Products\7685C02EA360FF636B039A9CC65E8DFA] : Visual C++ IDE Debugger Resource Package
[HKCR\Installer\Products\781C45FCA94E47D4BB6C43A5926CDACE] : Killer Bandwidth Control Filter Driver -> C:\Windows\Installer\{CF54C187-E49A-4D74-BBC6-345A29C6ADEC}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\787BE9A4674B68A43BEB8E169086D7F2] : Audiokinetic Wwise v2015.2_LTX build 5495 - SDK (Common)
[HKCR\Installer\Products\7CF5974AB37E9BD33AFD8BE3342313E7] : Lumberyard 1.5.0.0 - dyad
[HKCR\Installer\Products\7D3BBB269026AD849813E23C83E33AF6] : Killer E240x Drivers -> C:\Windows\Installer\{62BBB3D7-6209-48DA-8931-2EC3383EA36F}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\7D7DAF9402F99A83E9351377B614A1C3] : Lumberyard 1.5.0.0 - ilmbase
[HKCR\Installer\Products\7E5891C65C1E59A368FEC22664F5513C] : Roslyn Language Services - x86
[HKCR\Installer\Products\7EA4744407776763CA369CDD1D0511FF] : Windows Phone SDK 8.0 Assemblies for Visual Studio 2015
[HKCR\Installer\Products\7FD222613158E194190F4F98BAD2C30B] : Visual Studio 2013 Prerequisites - ENU Language Pack
[HKCR\Installer\Products\83285658F384841369E7CE5D33EAF67E] : Visual C++ Compiler/Tools X86 Base Resource Package
[HKCR\Installer\Products\83BFD8DEB78C3B243AE32BD09F530C55] : PowreShellIntegration.Notifications
[HKCR\Installer\Products\86098265425B15039B101A879AFC7DA8] : Lumberyard 1.5.0.0 - OpenEXR
[HKCR\Installer\Products\865E370D852CC1839BBD6945431BFD35] : Visual C++ MSBuild Base Resource Package
[HKCR\Installer\Products\881D49CF80E17073D9324F11874D6446] : Windows Espc Resource Package
[HKCR\Installer\Products\88F200A0D5DFB9733A052AD548FA21B8] : Visual C++ IDE Base Package
[HKCR\Installer\Products\8960D3215CD137834B57874931DB06D5] : Lumberyard 1.5.0.0 - jansson
[HKCR\Installer\Products\8A6DD8D57D4C4554399F1FCC827C6200] : WCF RIA Services V1.0 SP2 -> C:\Windows\Installer\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}\icon.ico
[HKCR\Installer\Products\8BFDDD6597F70844985D521E5FA22BF8] : Bonjour -> C:\WINDOWS\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\Bonjour.ico
[HKCR\Installer\Products\8E805F506CD221B46B9A1500506312A6] : Application Insights Tools for Visual Studio 2013
[HKCR\Installer\Products\8E96EC9DA77D49C39A0146612297E44D] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\91816FC6A0BE7623A8C671426CBA8987] : Lumberyard 1.5.0.0 - expat
[HKCR\Installer\Products\91F50526A2D70DF31B2A8D2EAFF2693B] : Visual C++ Compiler/Tools X86 Base Resource Package
[HKCR\Installer\Products\93799D213DFF1673A86A9F920EEF04E7] : Multi-Device Hybrid Apps using C# - Templates - ENU
[HKCR\Installer\Products\9767203404DF6E239A0FB73BDCBE4E61] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\98881006F0E98E34B998928E8C824BA0] : Dotfuscator and Analytics Community Edition 5.22.0 -> C:\WINDOWS\Installer\{60018889-9E0F-43E8-9B89-29E8C828B40A}\DfIcon.ico
[HKCR\Installer\Products\9947451521A46CC3EAD3C3E5787D9290] : Visual C++ MSBuild ARM Package
[HKCR\Installer\Products\9998020925BEB88308232C02B185E250] : Lumberyard 1.5.0.0 - SQLite
[HKCR\Installer\Products\99E80CA9B0328e74791254777B1F42AE] : 
[HKCR\Installer\Products\9A8D949DFEC07993AB6757AE916E1273] : vs_update3notification
[HKCR\Installer\Products\9AF16FB7BFDB365489DACF0BAD82CC7C] : IIS 8.0 Express -> C:\Windows\Installer\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}\Icon_IisExpress
[HKCR\Installer\Products\9C22FED305FB8114D90335F56F6BD074] : Audiokinetic Wwise v2015.2_LTX build 5495 - SDK (Windows_vc120)
[HKCR\Installer\Products\9EB5FF13618FE9839AA5F76382870A93] : Visual Studio 2012 Verification SDK - chs
[HKCR\Installer\Products\9EE39CB71F443873DA676FDBC6F8B685] : Visual C++ Compiler/Tools X86 Base Package
[HKCR\Installer\Products\9EFB902DADE36063FAB6CDDA8AA72258] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\9F2683A8785FAFD3AACF1C0F1E610FC5] : Kit SDK de vérification de Visual Studio 2012 - fra
[HKCR\Installer\Products\9FC40CABE0848073D9FA501340A1DE82] : Lumberyard 1.5.0.0 - hdf5
[HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper
[HKCR\Installer\Products\A241DDB44CC2A7C4F87143F2CFD228DC] : Killer Wireless-AC Drivers -> C:\Windows\Installer\{4BDD142A-2CC4-4C7A-8F17-342FFC2D82CD}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\A5254F69D074C51F97E6859D89C8E3F5] : Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
[HKCR\Installer\Products\A5837C0F02D93F541810503D38881508] : iTunes -> C:\WINDOWS\Installer\{F0C7385A-9D20-45F3-8101-05D383885180}\Installer.ico
[HKCR\Installer\Products\AAE8AD66DC4DCD039B39E0FD27E81D6F] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\AFFE3B377CEDF8434B8762D93C1BFA45] : Lumberyard 1.5.0.0 - Qt
[HKCR\Installer\Products\B1273793DE2C5054896B578279CE2F1F] : Intel® Trusted Connect Service Client
[HKCR\Installer\Products\B8BEA88A5C6ACB14F8177F40DDE1D000] : Memory Profiler
[HKCR\Installer\Products\BB0423CD63198793E83F0F14CAAE11FB] : Visual C++ IDE Base Resource Package
[HKCR\Installer\Products\BEA7AF0F6BF384F3E99E261F0E08C1E2] : Lumberyard 1.5.0.0 - GoogleMock
[HKCR\Installer\Products\BEABB34E41946C44880C7E1ABD2DA019] : Build Tools Language Resources - amd64
[HKCR\Installer\Products\BEC75DC09AF2D0E38BEE87043C5317FD] : Lumberyard 1.5.0.0 - PVRTexTool
[HKCR\Installer\Products\BEEB17C747D2FC435981E0D4BEFD4653] : Lumberyard 1.5.0.0 - LZSS
[HKCR\Installer\Products\C14E23FDDA4278A44BA33B58351B08E6] : Visual Studio 2015 Prerequisites
[HKCR\Installer\Products\C159CE4579144AA408B301F121B7BB83] : Intel(R) Management Engine Components
[HKCR\Installer\Products\C2FCFBF3A29323644924413C504BD4E5] : AzureTools.Notifications
[HKCR\Installer\Products\C4361DE917E429941AABC7B46EEE931E] : Blend for Visual Studio 2013 ENU resources -> C:\Windows\Installer\{9ED1634C-4E71-4992-A1BA-7C4BE6EE39E1}\Application
[HKCR\Installer\Products\C4D1A74C1B3118E33A7638BFF8F4FBE8] : Visual Studio 2012 Verification SDK - jpn
[HKCR\Installer\Products\C6C2C29BE07FB794887AF1FE898872B2] : Adobe AIR
[HKCR\Installer\Products\C6D67F453CE09D34B8CC373EA10BFB60] : Memory Profiler
[HKCR\Installer\Products\C8A2FA24BBE6E2D3B91F165373F9ABCB] : Windows Espc Package
[HKCR\Installer\Products\C975B53DDE1EA734692EDC183E4CDADC] : Windows Phone 8.1 Tools for Visual Studio 2013
[HKCR\Installer\Products\C9FE20E2EE162033AB3F731CD6F7B574] : Lumberyard 1.5.0.0 - LibTomCrypt
[HKCR\Installer\Products\CA487BFC33B325D30BC7451F78F13118] : Lumberyard 1.5.0.0 - jsmn
[HKCR\Installer\Products\CCAD257FFC75F323FA5BA5C31B0327EC] : Lumberyard 1.5.0.0 - md5
[HKCR\Installer\Products\CDD6F3998F36DCB4B9829D1479A1C9CA] : Windows XP Targeting with C++
[HKCR\Installer\Products\CF35EAF295889BE3ABAAA3B92E9613CB] : VS Update core components
[HKCR\Installer\Products\CF9606880D4F696399F97967FE52AD73] : Lumberyard 1.5.0.0 - boost
[HKCR\Installer\Products\D08BFDF01E191F635B32B00924F1DD1C] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\D139E7FE48CDB174D86B8A3385904547] : 
[HKCR\Installer\Products\D1ACF320195E9FA3D9F2896736A915A1] : Visual C++ Library PGO X86 Package
[HKCR\Installer\Products\D2361BDEB4EFB5F42A4319AD180BC314] : Windows Phone 8.1 SDK - x86
[HKCR\Installer\Products\D365C4511CA59EC30AC366582D980347] : Lumberyard 1.5.0.0 - Substance
[HKCR\Installer\Products\D5D0201E6ED1FAA3C917D0E7287759AD] : Lumberyard 1.5.0.0 - LibTomMath
[HKCR\Installer\Products\D75BD4951D853AA4EAC6FB9984F4258F] : Behaviors SDK (Windows Phone) for Visual Studio 2013
[HKCR\Installer\Products\D8130315AEF76E5329D710639801DBCF] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\DB7E58BDDD2B4D343B0C327D5B725B79] : WCF Data Services 5.6.4 Runtime
[HKCR\Installer\Products\DBE4EEF20BEC62E34950FCD018C2AFC3] : Visual C++ IDE Core Professional Plus Resource Package
[HKCR\Installer\Products\DD81A634C2F5C3B489E5DAC3310BCC52] : PreEmptive Analytics Visual Studio Components -> C:\WINDOWS\Installer\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}\icon.ico
[HKCR\Installer\Products\DD81FBED153F3CF3B94FB802CAE25FFE] : Visual Studio 2012 ??? ?? SDK - kor
[HKCR\Installer\Products\DE75FC3A1DFF4CA39B7D0960B9B2E5AD] : Visual C++ IDE Base Resource Package
[HKCR\Installer\Products\E1011CA616579C34EBAEA41B2D028DFF] : paint.net -> C:\WINDOWS\Installer\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}\_853F67D554F05449430E7E.exe
[HKCR\Installer\Products\E197C4E0E87BD774DBA5DC0D89B56ACE] : Application Insights Tools for Visual Studio 2015
[HKCR\Installer\Products\E1B219C9DD60FE34BBB254BCC288ABEA] : Apple Application Support (64 bits) -> C:\WINDOWS\Installer\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}\WinInstall.ico
[HKCR\Installer\Products\E2916832BD6D2DA459465685A6A05EE3] : Dotfuscator and Analytics Community Edition -> C:\Windows\Installer\{2386192E-D6DB-4AD2-9564-65586A0AE53E}\DfIcon.ico
[HKCR\Installer\Products\E4104B9F49C6C32488CA9CEF59B3074A] : Audiokinetic Wwise v2015.2_LTX build 5495 - Wwise LTX License
[HKCR\Installer\Products\E488FE093525C423C911369CAD61FBC0] : SDK de comprobación de Visual Studio 2012 - esn
[HKCR\Installer\Products\E61E74258FCBBA5961353B8FBF8F3B1F] : Windows Software Development Kit DirectX x64 Remote
[HKCR\Installer\Products\E751CA102F62E393B819F3BE4DA1E4D5] : Visual C++ IDE Core Package
[HKCR\Installer\Products\E7B7011E260CCD44FA1990B5D4FCBEC5] : Visual C++ MFC MBCS Library for Visual Studio 2013
[HKCR\Installer\Products\E7E242E1DA657C831824400F78C38B6F] : Lumberyard 1.5.0.0 - szip
[HKCR\Installer\Products\EB34E960834FCE13B8C1BB9A18BCDFC1] : Lumberyard 1.5.0.0 - Lua
[HKCR\Installer\Products\EB4BB95A6B2A4633284C8F71A8BB39C9] : Visual C++ IDE Debugger Package
[HKCR\Installer\Products\EBED9E37E62CDF544A354F0395CB742A] : Audiokinetic Wwise v2015.2_LTX build 5495 - SDK (Linux)
[HKCR\Installer\Products\ED1EAC4C8C777A233A7425BD37F8D01E] : Visual Studio 2012 Verification SDK
[HKCR\Installer\Products\ED4445A7A533C3049870A766F271222E] : Audiokinetic Wwise v2015.2_LTX build 5495 - Authoring Binaries 64-bit
[HKCR\Installer\Products\EDDF00296EDAA413BB931CC044FA2C5F] : Lumberyard 1.5.0.0 - SDL2
[HKCR\Installer\Products\EE1E12EA20949E43BBBF9BC45D95CD3E] : Lumberyard 1.5.0.0 - markupsafe
[HKCR\Installer\Products\F088552BE5C8FAF4F8C9D7AB36B56251] : Build Tools - x86
[HKCR\Installer\Products\F0B238CF803C03F36B7A8433CFE502C0] : Lumberyard 1.5.0.0 - FreeType2
[HKCR\Installer\Products\F28962C8543B78C3D871E588DAADFF6F] : Visual Studio Graphics Analyzer
[HKCR\Installer\Products\F2A0B77786ACAEE34A7B477020285509] : Lumberyard 1.5.0.0 - Qwt
[HKCR\Installer\Products\F2FDF73D6678FDB40A3E6AB0BD6B03DE] : Build Tools Language Resources - x86
[HKCR\Installer\Products\F3D8A6A4B6DBDB13189683AEB3C172D7] : Lumberyard 1.5.0.0 - nvapi
[HKCR\Installer\Products\F4437C82498E5FC4D850DE7CDE1797C6] : Behaviors SDK (Windows) for Visual Studio 2013
[HKCR\Installer\Products\F4DF593F5E0465B7B2BC3BFC253B5BC2] : Windows App Certification Kit x64
[HKCR\Installer\Products\F4E30382B2C8C8040B2CE7AA47656456] : Synaptics WBF USB Fingerprint Reader -> C:\Windows\Installer\{28303E4F-8C2B-408C-B0C2-7EAA74564665}\SynapticsLogo.ico
[HKCR\Installer\Products\F56A96135AD9A133CAEC9D079F204040] : Visual Studio 2012 ?? SDK - cht
[HKCR\Installer\Products\F66A30C00FF19F54D876D008E6FBBF1A] : Blend for Visual Studio SDK for Silverlight 5 -> C:\Windows\Installer\{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}\Application
[HKCR\Installer\Products\FC5DAE63FE44FCF4B81E9DC684537D4A] : UE4 Prerequisites (x64) -> C:\Windows\Installer\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}\Setup.ico
[HKCR\Installer\Products\FD47F1CCF850C604CBD71FD4E6F5C7DB] : Build Tools - amd64
[HKCR\Installer\Products\FE172E4FDEAB7A333886A92133AE5E10] : Lumberyard 1.5.0.0 - squish-ccr
[HKCR\Installer\Products\FF8D9D49BCA52713FB8A162978079E05] : Lumberyard 1.5.0.0 - OSVR

---------- | ADS


---------- | Drives

 Disk: 0   Size=954G
 Pos MBRndx Type/Name  Size Active Hide Start Sector   Sectors
 --- ------ ---------- ---- ------ ---- ------------ ------------
  0    0    EE-UNKNWN  21.0T   No    No             1  294,967,295

---------- | MBR

Windows Version:		Professional
Windows Information:		 (build 9200), 64-bit
Base Board Manufacturer:	Notebook
BIOS Manufacturer:		American Megatrends Inc.
System Manufacturer:		Notebook
System Product Name:		P870KM_KM1
Logical Drives Mask:		0x0000001c

Analysis of file "C:\QuickDiag\MBR.bin":
Windows 7 MBR code detected

64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin

---------- | 20 LastEventLog

Valeur inattendue ou absente (nom : ‘PackageName’, valeur : ‘’) dans la clé ‘HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList’
------------

Nom de l’application défaillante WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.e, version : 10.0.16215.1000, horodatage : 0x5933abef
Nom du module défaillant : windows.ui.core.textinput.dll, version : 10.0.16215.1000, horodatage : 0xcedc9264
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000004a7e0
ID du processus défaillant : 0x2974
Heure de début de l’application défaillante : 0x01d2ea827a8a9b2d
Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\windows.ui.core.textinput.dll
ID de rapport : 11378945-6e66-4d1d-8e45-453facf32ded
Nom complet du package défaillant : InputApp_1000.16215.1000.0_neutral_neutral_cw5n1h2txyewy
ID de l’application relative au package défaillant : App
------------

Nom de l’application défaillante bdtkexec.exe, version : 21.0.25.76, horodatage : 0x58f8c5ee
Nom du module défaillant : sciter.dll, version : 4.0.0.7, horodatage : 0x59146bc0
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000018da1b
ID du processus défaillant : 0x2044
Heure de début de l’application défaillante : 0x01d2ea9140c8fe50
Chemin d’accès de l’application défaillante : C:\Program Files\Bitdefender\Bitdefender 2017\bdtkexec.exe
Chemin d’accès du module défaillant: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll
ID de rapport : 5612d16f-eaab-4c00-bef8-6246812adf86
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

Nom de l’application défaillante ODSW.exe, version : 21.0.25.92, horodatage : 0x5926cd09
Nom du module défaillant : sciter.dll, version : 4.0.0.7, horodatage : 0x59146bc0
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000018da1b
ID du processus défaillant : 0x3558
Heure de début de l’application défaillante : 0x01d2ea9105170e7d
Chemin d’accès de l’application défaillante : C:\Program Files\Bitdefender\Bitdefender 2017\ODSW.exe
Chemin d’accès du module défaillant: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll
ID de rapport : 95698446-3c60-4347-a2b6-a2bc66bd68f1
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

Nom de l’application défaillante ctfmon.exe, version : 10.0.16215.1000, horodatage : 0x7a10e7c0
Nom du module défaillant : InputService.dll, version : 10.0.16215.1000, horodatage : 0x8e0f5d4c
Code d’exception : 0x00000675
Décalage d’erreur : 0x000000000018882d
ID du processus défaillant : 0x1660
Heure de début de l’application défaillante : 0x01d2ea8abc337d5e
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\ctfmon.exe
Chemin d’accès du module défaillant: C:\WINDOWS\system32\InputService.dll
ID de rapport : 1b6f2a94-0ce9-4637-b17b-2db1ca6ca084
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

Nom de l’application défaillante ctfmon.exe, version : 10.0.16215.1000, horodatage : 0x7a10e7c0
Nom du module défaillant : InputService.dll, version : 10.0.16215.1000, horodatage : 0x8e0f5d4c
Code d’exception : 0x00000675
Décalage d’erreur : 0x000000000018882d
ID du processus défaillant : 0x2530
Heure de début de l’application défaillante : 0x01d2ea8938697b72
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\ctfmon.exe
Chemin d’accès du module défaillant: C:\WINDOWS\system32\InputService.dll
ID de rapport : 764c3cde-3e74-4a71-8a4b-efdc088d4eb1
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

Nom de l’application défaillante ctfmon.exe, version : 10.0.16215.1000, horodatage : 0x7a10e7c0
Nom du module défaillant : InputService.dll, version : 10.0.16215.1000, horodatage : 0x8e0f5d4c
Code d’exception : 0x00000675
Décalage d’erreur : 0x000000000018882d
ID du processus défaillant : 0x21a4
Heure de début de l’application défaillante : 0x01d2ea6dae26b3e4
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\ctfmon.exe
Chemin d’accès du module défaillant: C:\WINDOWS\system32\InputService.dll
ID de rapport : 555bea48-1d32-4cff-9d37-8cfe89d45ad1
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

Nom de l’application défaillante WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.e, version : 10.0.16215.1000, horodatage : 0x5933abef
Nom du module défaillant : windows.ui.core.textinput.dll, version : 10.0.16215.1000, horodatage : 0xcedc9264
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000004a7e0
ID du processus défaillant : 0x22e8
Heure de début de l’application défaillante : 0x01d2ea6daee279c3
Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\windows.ui.core.textinput.dll
ID de rapport : 0f71a36e-5377-4b0c-b04c-316c743dd7ef
Nom complet du package défaillant : InputApp_1000.16215.1000.0_neutral_neutral_cw5n1h2txyewy
ID de l’application relative au package défaillant : App
------------

Échec de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-CJSUH9G$ via https://IFX-KeyId-5c2920742179bc704db1d8c54c34ca94405617ca.microsoftaik.azure.net/templates/Aik/scep :

SubmitDone
GetCACertChain: OK
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Wed, 21 Jun 2017 09:06:20 GMT
Pragma: no-cache
Content-Length: 5185
Content-Type: application/x-x509-ca-ra-cert
Expires: -1
Server: Microsoft-IIS/8.5
x-ms-request-id: 3023c6e0-25af-4129-a3c8-8e2e6acc07e0
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET

Méthode : POST(5187ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
------------

Le service ne peut pas être démarré. System.NullReferenceException: La référence d'objet n'est pas définie à une instance d'un objet.
   à SetupAfterRebootService.SetupARService.OnStart(String[] args)
   à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
------------

Échec de l’inscription du certificat SCEP pour WORKGROUP\DESKTOP-CJSUH9G$ via https://IFX-KeyId-5c2920742179bc704db1d8c54c34ca94405617ca.microsoftaik.azure.net/templates/Aik/scep :

SubmitDone
GetCACertChain: OK
HTTP/1.1 200 OK
Cache-Control: no-cache
Date: Tue, 20 Jun 2017 20:51:45 GMT
Pragma: no-cache
Content-Length: 5185
Content-Type: application/x-x509-ca-ra-cert
Expires: -1
Server: Microsoft-IIS/8.5
x-ms-request-id: 43d3ec73-7fe8-4523-8855-fe3ee32e16cc
Strict-Transport-Security: max-age=31536000;includeSubDomains
X-Content-Type-Options: nosniff
X-Powered-By: ASP.NET

Méthode : POST(11844ms)
Étape : SubmitDone
Demande incorrecte (400). 0x80190190 (-2145844848 HTTP_E_STATUS_BAD_REQUEST)
------------

Le service ne peut pas être démarré. System.NullReferenceException: La référence d'objet n'est pas définie à une instance d'un objet.
   à SetupAfterRebootService.SetupARService.OnStart(String[] args)
   à System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
------------

Nom de l’application défaillante vsserv.exe, version : 21.0.25.92, horodatage : 0x5926cd41
Nom du module défaillant : ntdll.dll, version : 10.0.16215.1000, horodatage : 0xedb02080
Code d’exception : 0xc000000d
Décalage d’erreur : 0x0000000000107030
ID du processus défaillant : 0x6d8
Heure de début de l’application défaillante : 0x01d2e996bae2558d
Chemin d’accès de l’application défaillante : C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\ntdll.dll
ID de rapport : d7ca1167-e625-4f9f-a0eb-f09cf312d445
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

Nom de l’application défaillante WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.e, version : 10.0.16215.1000, horodatage : 0x5933abef
Nom du module défaillant : windows.ui.core.textinput.dll, version : 10.0.16215.1000, horodatage : 0xcedc9264
Code d’exception : 0xc0000005
Décalage d’erreur : 0x00000000000215ce
ID du processus défaillant : 0x3784
Heure de début de l’application défaillante : 0x01d2e9c9baeb1187
Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\windows.ui.core.textinput.dll
ID de rapport : ff976ef2-48d4-4322-a106-ed727bce8b85
Nom complet du package défaillant : InputApp_1000.16215.1000.0_neutral_neutral_cw5n1h2txyewy
ID de l’application relative au package défaillant : App
------------

Nom de l’application défaillante WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.e, version : 10.0.16215.1000, horodatage : 0x5933abef
Nom du module défaillant : windows.ui.core.textinput.dll, version : 10.0.16215.1000, horodatage : 0xcedc9264
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000004a7e0
ID du processus défaillant : 0x1880
Heure de début de l’application défaillante : 0x01d2e9c9a60a31e9
Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\windows.ui.core.textinput.dll
ID de rapport : ffad7602-5c01-4e6e-8cdd-d0e55dfb5441
Nom complet du package défaillant : InputApp_1000.16215.1000.0_neutral_neutral_cw5n1h2txyewy
ID de l’application relative au package défaillant : App
------------

Nom de l’application défaillante WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.e, version : 10.0.16215.1000, horodatage : 0x5933abef
Nom du module défaillant : windows.ui.core.textinput.dll, version : 10.0.16215.1000, horodatage : 0xcedc9264
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000004a7e0
ID du processus défaillant : 0x91c
Heure de début de l’application défaillante : 0x01d2e9c96f8e7559
Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\windows.ui.core.textinput.dll
ID de rapport : b937ccff-f915-44ad-b4f6-f33829ca2329
Nom complet du package défaillant : InputApp_1000.16215.1000.0_neutral_neutral_cw5n1h2txyewy
ID de l’application relative au package défaillant : App
------------

Nom de l’application défaillante WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.e, version : 10.0.16215.1000, horodatage : 0x5933abef
Nom du module défaillant : windows.ui.core.textinput.dll, version : 10.0.16215.1000, horodatage : 0xcedc9264
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000004a7e0
ID du processus défaillant : 0x3068
Heure de début de l’application défaillante : 0x01d2e9c8fbab38eb
Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\windows.ui.core.textinput.dll
ID de rapport : bd05be70-3bf8-4c15-9f90-b55a21f90c11
Nom complet du package défaillant : InputApp_1000.16215.1000.0_neutral_neutral_cw5n1h2txyewy
ID de l’application relative au package défaillant : App
------------

Nom de l’application défaillante WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.e, version : 10.0.16215.1000, horodatage : 0x5933abef
Nom du module défaillant : windows.ui.core.textinput.dll, version : 10.0.16215.1000, horodatage : 0xcedc9264
Code d’exception : 0xc0000005
Décalage d’erreur : 0x000000000004a7e0
ID du processus défaillant : 0xfd0
Heure de début de l’application défaillante : 0x01d2e9c8bad4150e
Chemin d’accès de l’application défaillante : C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
Chemin d’accès du module défaillant: C:\WINDOWS\SYSTEM32\windows.ui.core.textinput.dll
ID de rapport : c0b7d93f-db51-4abd-a69a-a40dbd03d801
Nom complet du package défaillant : InputApp_1000.16215.1000.0_neutral_neutral_cw5n1h2txyewy
ID de l’application relative au package défaillant : App
------------

Nom de l’application défaillante NOTEPAD.EXE, version : 10.0.16215.1000, horodatage : 0x53482bf4
Nom du module défaillant : TextInputFramework.dll, version : 10.0.16215.1000, horodatage : 0x3ff38b6a
Code d’exception : 0x00000675
Décalage d’erreur : 0x000000000005ad34
ID du processus défaillant : 0x39f4
Heure de début de l’application défaillante : 0x01d2e9c8508494e3
Chemin d’accès de l’application défaillante : C:\WINDOWS\system32\NOTEPAD.EXE
Chemin d’accès du module défaillant: C:\WINDOWS\System32\TextInputFramework.dll
ID de rapport : ee69d3b7-2b9b-48d0-9342-fad130fcc192
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------


----------( EOF)---------- - 15278 | 00:05:29