--------------- QuickDiag | g3n-h@ckm@n | V5_29.10.19.1 ---------------

----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 12/09/2022 10:06:33

Updated 29/10/2019 | 06:45 (GMT) by g3n-h@ckm@n
Contact : http://www.sosvirus.net/

Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris
[Compaq (Administrator)] - [DESKTOP-650T4C4] (S-1-5-21-3945783615-3853108761-1058730989-1001)

System: Microsoft Windows 10 Famille - - (10.0.19043) -  BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) -> (2009)
System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True
Boot : Microsoft Windows 10 Famille|C:\Windows|\Device\Harddisk0\Partition3
Boot : Normal boot
PC: CQ2904EF - Hewlett-Packard - IdNumber: 4CH3100VPJ - UUID: 2C238515-5AA2-7984-51F0-370493363EDB
Processor : X64 - 1397 Mhz - AMD E1-1200 APU with Radeon(tm) HD Graphics
8.17 - fra - AMI - S/N: 4CH3100VPJ - 8.17 - HPQOEM - 1072009
CoreTemp : ? Celsius

----------| Extended


---------- | SoundDevice

Realtek High Definition Audio - Status: OK - Manufacturer: Realtek - PNPDeviceID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0662&SUBSYS_103C2AE3&REV_1001\4&2070A159&0&0001

---------- | Video

AMD Radeon HD 7310 Graphics - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: aticfx64.dll,aticfx64.dll,aticfx64.dll - PNPDeviceID: PCI\VEN_1002&DEV_9809&SUBSYS_2AE3103C&REV_00\3&11583659&0&08 - AdapterCompatibility: Advanced Micro Devices, Inc. - RAM: 402653184
Inegrated Video Chipset DeviceName: AMD Radeon HD 7310 Graphics - DriverVersion: 8.14.01.6463 - SpecificationVersion: 1025

---------- | Codecs

C:\Windows\system32\TSBYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\MSGSM32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42904 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\IYUV_32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\L3CODECA.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 93184 -  Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK
C:\Windows\system32\MSG711.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25824 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\MSVIDC32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 39936 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\MSRLE32.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 18432 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\IMAADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 37440 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\MSADP32.ACM - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34600 -  Manufacturer: Microsoft Corporation - Status: OK
C:\Windows\system32\MSYUV.DLL - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27648 -  Manufacturer: Microsoft Corporation - Status: OK

---------- | Memory

RAM = Total (MB) : 3748 | Free (MB) : 663
Pagefile = Total (MB) : 6110 | Free (MB) : 1276
Virtual = Total (MB) : 4194 | Free (MB) : 3911

Physical Memory (MB)
--------------------
Total:     3659
Available: 647
Cached:    695
Free:      382

Kernel Memory (MB)
------------------
Paged:     252
Nonpaged:  130

System
------
Handles:   77684
Processes: 193
Threads:   2155

---------- | SID Users

Administrateur : [S-1-5-21-3945783615-3853108761-1058730989-500]
Compaq : [S-1-5-21-3945783615-3853108761-1058730989-1001]
DefaultAccount : [S-1-5-21-3945783615-3853108761-1058730989-503]
Invité : [S-1-5-21-3945783615-3853108761-1058730989-501]
WDAGUtilityAccount : [S-1-5-21-3945783615-3853108761-1058730989-504]
Administrateurs : [S-1-5-32-544]
Administrateurs Hyper-V : [S-1-5-32-578]
IIS_IUSRS : [S-1-5-32-568]
Invités : [S-1-5-32-546]
Lecteurs des journaux d’événements : [S-1-5-32-573]
Propriétaires d'appareils : [S-1-5-32-583]
System Managed Accounts Group : [S-1-5-32-581]
Utilisateurs : [S-1-5-32-545]
Utilisateurs de gestion à distance : [S-1-5-32-580]
Utilisateurs de l’Analyseur de performances : [S-1-5-32-558]
Utilisateurs du journal de performances : [S-1-5-32-559]
Utilisateurs du modèle COM distribué : [S-1-5-32-562]
AMD FUEL : [S-1-5-21-3945783615-3853108761-1058730989-1002]

---------- | Drives

C:\ -> [Fixed] | [] | Total : 930.89 Go | Free : 850.4 Go -> NTFS [SATA]
E:\ -> [Removable] | [cyberlink power2go recup] | Total : 58.59 Go | Free : 58.37 Go -> NTFS [USB]
F:\ -> [CDROM] | [EPSON] | Total : 0.4 Go | Free : 0 Go -> CDFS [SATA]
H:\ -> [Removable] | [] | Total : 14.63 Go | Free : 14.63 Go -> FAT32 [USB]
I:\ -> [Removable] | [] | Total : 29.28 Go | Free : 29.19 Go -> FAT32 [USB]

Drive: 0
Cylinders: 121601
Tracks per Cylinder: 255
Sectors per Track: 63
Bytes per Sector: 512
Total Space: 1000204886016 bytes


---------- | Windows updates - Activation - License


W.A.T : :)

Test 1 : Windows Is Activated

Volume License


---------- | Browsers

IE : 11.0.19041.1566     (© Microsoft Corporation. Tous droits réservés.)

Default : "C:\Program Files\Internet Explorer\iexplore.exe" 

---------- | FlashPlayer


---------- | Security

AS : 
FW : WINDOWS Firewall
WMI : OK
WU: Windows Update Service [Manual(3)] = stopped
AS: Windows Defender [Auto(2)] = Running
WMI: Windows Management Instrumentation [Auto(2)] = Running



---------- | Running processes

380 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.19041.964) = C:\Windows\System32\smss.exe     [12/06/2021 15:30:41]    CPU Usage:0 %
552 | [Owner : Système | Parent : 536() | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe     [09/04/2021 15:54:31]    CPU Usage:0 %
644 | [Owner : Système | Parent : 536() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.19041.1620) = C:\Windows\System32\wininit.exe     [01/09/2022 11:40:24]    CPU Usage:0 %
652 | [Owner : Système | Parent : 636(conhost.exe) | ?????] - (.Microsoft Corporation - Processus d’exécution client-serveur.) - (10.0.19041.546) = C:\Windows\System32\csrss.exe     [09/04/2021 15:54:31]    CPU Usage:3 %
724 | [Owner : Système | Parent : 636(conhost.exe) | 4.7 Mo] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.19041.1865) = C:\Windows\System32\winlogon.exe     [01/09/2022 11:40:45]    CPU Usage:0 %
784 | [Owner : Système | Parent : 644(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.19041.928) = C:\Windows\System32\services.exe     [09/04/2021 15:54:32]    CPU Usage:0 %
796 | [Owner : Système | Parent : 644(wininit.exe) | 11.57 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.19041.1586) = C:\Windows\System32\lsass.exe     [01/09/2022 11:40:39]    CPU Usage:0 %
908 | [Owner : Système | Parent : 784(services.exe) | 20.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
932 | [Owner : UMFD-1 | Parent : 724(winlogon.exe) | 6.06 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.1620) = C:\Windows\System32\fontdrvhost.exe     [01/09/2022 11:40:44]    CPU Usage:0 %
940 | [Owner : UMFD-0 | Parent : 644(wininit.exe) | 0.55 Mo] - (.Microsoft Corporation - Usermode Font Driver Host.) - (10.0.19041.1620) = C:\Windows\System32\fontdrvhost.exe     [01/09/2022 11:40:44]    CPU Usage:0 %
64 | [Owner : SERVICE RÉSEAU | Parent : 784(services.exe) | 14.36 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
496 | [Owner : Système | Parent : 784(services.exe) | 3.68 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
840 | [Owner : DWM-1 | Parent : 724(winlogon.exe) | 34.59 Mo] - (.Microsoft Corporation - Gestionnaire de fenêtres du Bureau.) - (10.0.19041.746) = C:\Windows\System32\dwm.exe     [09/04/2021 15:54:29]    CPU Usage:7 %
1044 | [Owner : Système | Parent : 784(services.exe) | 4.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1076 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 4.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1152 | [Owner : Système | Parent : 784(services.exe) | 2.19 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1188 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 6.59 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1212 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 13.42 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1300 | [Owner : Système | Parent : 784(services.exe) | 1.46 Mo] - (.AMD - AMD External Events Service Module.) - (6.14.11.1199) = C:\Windows\System32\atiesrxx.exe     [21/10/2015 02:14:46]    CPU Usage:0 %
1380 | [Owner : Système | Parent : 784(services.exe) | 5.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1400 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 4.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1412 | [Owner : Système | Parent : 784(services.exe) | 68.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1432 | [Owner : Système | Parent : 784(services.exe) | 1.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1492 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 3.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1592 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 3.41 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1644 | [Owner : SERVICE RÉSEAU | Parent : 784(services.exe) | 8.3 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1696 | [Owner : Système | Parent : 784(services.exe) | 4.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1712 | [Owner : Système | Parent : 784(services.exe) | 1.74 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1792 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 5.33 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1800 | [Owner : Système | Parent : 784(services.exe) | 2.61 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1876 | [Owner : Système | Parent : 784(services.exe) | 9.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1920 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 5.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1772 | [Owner : Système | Parent : 784(services.exe) | 6.66 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2068 | [Owner : SERVICE RÉSEAU | Parent : 784(services.exe) | 6.04 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2124 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 8.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2156 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 3.56 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2236 | [Owner : Système | Parent : 784(services.exe) | 1.75 Mo] - (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.0.48) = C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe     [14/06/2021 09:21:35]    CPU Usage:0 %
2264 | [Owner : Système | Parent : 2236(RtkAudioService64.exe) | 4.37 Mo] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.159) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe     [14/06/2021 09:21:34]    CPU Usage:0 %
2292 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 2.49 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2308 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 4.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2380 | [Owner : Système | Parent : 784(services.exe) | 7.9 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2472 | [Owner : Système | Parent : 784(services.exe) | 8.26 Mo] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.19041.1826) = C:\Windows\System32\spoolsv.exe     [01/09/2022 11:37:39]    CPU Usage:0 %
2564 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 9.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2608 | [Owner : Système | Parent : 784(services.exe) | 14.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2640 | [Owner : SERVICE RÉSEAU | Parent : 784(services.exe) | 2.69 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2780 | [Owner : Système | Parent : 784(services.exe) | 1.97 Mo] - (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - (1.0.0.0) = C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe     [21/08/2015 22:09:14]    CPU Usage:0 %
2788 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 1.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2796 | [Owner : SERVICE RÉSEAU | Parent : 784(services.exe) | 9.71 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2816 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 28.64 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2824 | [Owner : Système | Parent : 784(services.exe) | 21.98 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2832 | [Owner : Système | Parent : 784(services.exe) | 14.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2896 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 1.32 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2904 | [Owner : Système | Parent : 784(services.exe) | 12.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2920 | [Owner : Système | Parent : 784(services.exe) | 0.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2932 | [Owner : Système | Parent : 784(services.exe) | 4.85 Mo] - (.Seiko Epson Corporation - Epson Scanner Service (64bit).) - (1.1.0.1) = C:\Windows\System32\escsvc64.exe     [01/09/2022 11:13:51]    CPU Usage:0 %
2336 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 1.22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2708 | [Owner : Système | Parent : 784(services.exe) | 4.1 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
3160 | [Owner : Système | Parent : 784(services.exe) | 5.28 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
3192 | [Owner : Système | Parent : 784(services.exe) | 5.44 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
3752 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 1.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
508 | [Owner : Système | Parent : 784(services.exe) | 2.23 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1204 | [Owner : Système | Parent : 784(services.exe) | 7.89 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1760 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 7.7 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1808 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 3.6 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
3076 | [Owner : SERVICE RÉSEAU | Parent : 784(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1392 | [Owner : Système | Parent : 784(services.exe) | 6.81 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2416 | [Owner : Système | Parent : 784(services.exe) | ?????] - (.Microsoft Corporation - Service Broker du moniteur d'exécution System Guard.) - (10.0.19041.546) = C:\Windows\System32\SgrmBroker.exe     [09/04/2021 15:55:04]    CPU Usage:0 %
3144 | [Owner : Système | Parent : 784(services.exe) | 14.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1840 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
4572 | [Owner : Système | Parent : 1300(atiesrxx.exe) | 3.66 Mo] - (.AMD - AMD External Events Client Module.) - (6.14.11.1199) = C:\Windows\System32\atieclxx.exe     [21/10/2015 02:14:46]    CPU Usage:0 %
2144 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 2.95 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2984 | [Owner : Compaq | Parent : 1772(svchost.exe) | 28.11 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.19041.746) = C:\Windows\System32\sihost.exe     [09/04/2021 15:54:15]    CPU Usage:0 %
4604 | [Owner : Compaq | Parent : 784(services.exe) | 10.06 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
4852 | [Owner : Compaq | Parent : 784(services.exe) | 32.92 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2500 | [Owner : Compaq | Parent : 1876(svchost.exe) | 10.74 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.19041.1865) = C:\Windows\System32\taskhostw.exe     [01/09/2022 11:41:49]    CPU Usage:0 %
1140 | [Owner : Système | Parent : 784(services.exe) | 11.09 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2052 | [Owner : Système | Parent : 784(services.exe) | 1.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
4424 | [Owner : Compaq | Parent : 2052(svchost.exe) | 9.87 Mo] - (.Microsoft Corporation - Chargeur CTF.) - (10.0.19041.1) = C:\Windows\System32\ctfmon.exe     [07/12/2019 11:09:00]    CPU Usage:0 %
3052 | [Owner : Compaq | Parent : 4172() | 132.6 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.19041.1889) = C:\Windows\explorer.exe     [01/09/2022 11:37:54]    CPU Usage:0 %
6024 | [Owner : Compaq | Parent : 784(services.exe) | 9.97 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
4532 | [Owner : Compaq | Parent : 1876(svchost.exe) | 2.46 Mo] - (.iTop Inc. - iTop Screen Recorder.) - (3.1.0.1102) = C:\Program Files\iTop Screen Recorder\iScrRec.exe     [30/08/2022 10:07:39]    CPU Usage:0 %
4980 | [Owner : Compaq | Parent : 908(svchost.exe) | 40.56 Mo] - (.-.) - (0.0.0.0) = C:\Windows\SystemApps\Microsoft.Windows.StartMenuExperienceHost_cw5n1h2txyewy\StartMenuExperienceHost.exe     [01/09/2022 11:39:51]    CPU Usage:0 %
2316 | [Owner : Compaq | Parent : 908(svchost.exe) | 17.6 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe     [09/04/2021 15:53:59]    CPU Usage:0 %
6072 | [Owner : Compaq | Parent : 908(svchost.exe) | 11.22 Mo] - (.Microsoft Corporation -.) - (121.9202.4105.0) = C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TextInputHost.exe     [01/09/2022 11:47:56]    CPU Usage:0 %
4128 | [Owner : Compaq | Parent : 908(svchost.exe) | 18.1 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe     [09/04/2021 15:53:59]    CPU Usage:0 %
6720 | [Owner : Compaq | Parent : 3052(explorer.exe) | 8.87 Mo] - (.Microsoft Corporation - Windows Security notification icon.) - (10.0.19041.1) = C:\Windows\System32\SecurityHealthSystray.exe     [07/12/2019 11:08:41]    CPU Usage:0 %
1144 | [Owner : Compaq | Parent : 3052(explorer.exe) | 23.07 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (22.166.807.2) = C:\Users\Compaq\AppData\Local\Microsoft\OneDrive\OneDrive.exe     [12/06/2021 15:09:53]    CPU Usage:0 %
4196 | [Owner : Système | Parent : 784(services.exe) | ?????] - (.Microsoft Corporation - Windows Security Health Service.) - (4.18.1907.16384) = C:\Windows\System32\SecurityHealthService.exe     [01/09/2022 11:38:10]    CPU Usage:0 %
6296 | [Owner : Compaq | Parent : 3052(explorer.exe) | 3.06 Mo] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - (9.0.0.0) = C:\Windows\System32\spool\drivers\x64\3\E_YATIM1E.EXE     [01/09/2022 11:11:11]    CPU Usage:0 %
2096 | [Owner : Système | Parent : 784(services.exe) | 4.88 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
6308 | [Owner : Compaq | Parent : 784(services.exe) | 8.47 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
6004 | [Owner : Compaq | Parent : 2508() | 6.98 Mo] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe     [21/08/2015 22:38:30]    CPU Usage:0 %
2716 | [Owner : Compaq | Parent : 3644() | 5.01 Mo] - (.SEIKO EPSON CORPORATION - Fax Reception.) - (3.2.5.1) = C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe     [01/09/2022 11:17:12]    CPU Usage:0 %
7444 | [Owner : Compaq | Parent : 6004(MOM.exe) | 34.15 Mo] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Host application.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe     [21/08/2015 22:38:26]    CPU Usage:0 %
7652 | [Owner : Compaq | Parent : 908(svchost.exe) | 17 Mo] - (.Microsoft Corporation - Search application.) - (10.0.19041.1889) = C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe     [01/09/2022 11:48:17]    CPU Usage:0 %
4372 | [Owner : Système | Parent : 784(services.exe) | 5.5 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
1476 | [Owner : Compaq | Parent : 908(svchost.exe) | 4.29 Mo] - (.Microsoft Corporation - User OOBE Broker.) - (10.0.19041.746) = C:\Windows\System32\oobe\UserOOBEBroker.exe     [09/04/2021 15:54:39]    CPU Usage:0 %
2524 | [Owner : Compaq | Parent : 908(svchost.exe) | 34.41 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.19041.746) = C:\Windows\System32\ApplicationFrameHost.exe     [09/04/2021 15:54:22]    CPU Usage:0 %
4672 | [Owner : Compaq | Parent : 908(svchost.exe) | 2.36 Mo] - (.-.) - (10.22041.1009.0) = C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.22041.10091.0_x64__8wekyb3d8bbwe\Video.UI.exe     [31/08/2022 13:00:18]    CPU Usage:0 %
7164 | [Owner : Compaq | Parent : 908(svchost.exe) | 5.26 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe     [09/04/2021 15:53:59]    CPU Usage:0 %
3656 | [Owner : Compaq | Parent : 908(svchost.exe) | 26.65 Mo] - (.Microsoft Corporation - LockApp.exe.) - (10.0.19041.1741) = C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe     [01/09/2022 11:41:13]    CPU Usage:0 %
1984 | [Owner : Compaq | Parent : 908(svchost.exe) | 19.64 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe     [09/04/2021 15:53:59]    CPU Usage:0 %
5144 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 1.46 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
5852 | [Owner : Système | Parent : 908(svchost.exe) | 29.26 Mo] - (.Microsoft Corporation - MoUSO Core Worker Process.) - (10.0.19041.1865) = C:\Windows\System32\MoUsoCoreWorker.exe     [01/09/2022 11:39:46]    CPU Usage:0 %
9108 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 10.4 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
2256 | [Owner : Système | Parent : 784(services.exe) | 13.34 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
4668 | [Owner : Compaq | Parent : 908(svchost.exe) | 13.12 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe     [09/04/2021 15:53:59]    CPU Usage:0 %
7180 | [Owner : Système | Parent : 784(services.exe) | 2.76 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
3292 | [Owner : Compaq | Parent : 2984(sihost.exe) | 56.65 Mo] - (.Microsoft Corporation - PhoneExperienceHost.) - (1.22062.543.0) = C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.543.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe     [03/09/2022 08:54:58]    CPU Usage:0 %
8056 | [Owner : Compaq | Parent : 908(svchost.exe) | 2.38 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe     [09/04/2021 15:53:59]    CPU Usage:0 %
3840 | [Owner : Compaq | Parent : 908(svchost.exe) | 37.21 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.19041.1865) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe     [01/09/2022 11:46:27]    CPU Usage:0 %
8908 | [Owner : Compaq | Parent : 908(svchost.exe) | 12 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe     [09/04/2021 15:53:59]    CPU Usage:0 %
8700 | [Owner : Compaq | Parent : 908(svchost.exe) | 2.39 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.19041.546) = C:\Windows\System32\dllhost.exe     [09/04/2021 15:54:30]    CPU Usage:0 %
5900 | [Owner : Compaq | Parent : 784(services.exe) | 1.87 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
6816 | [Owner : Compaq | Parent : 908(svchost.exe) | 0.92 Mo] - (.Microsoft Corporation - Paramètres.) - (10.0.19041.1865) = C:\Windows\ImmersiveControlPanel\SystemSettings.exe     [01/09/2022 11:48:15]    CPU Usage:0 %
2340 | [Owner : Compaq | Parent : 908(svchost.exe) | 15.34 Mo] - (.-.) - (2022.30070.26007.0) = C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2022.30070.26007.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe     [31/08/2022 12:54:16]    CPU Usage:0 %
6364 | [Owner : Compaq | Parent : 908(svchost.exe) | 22.3 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.19041.746) = C:\Windows\System32\RuntimeBroker.exe     [09/04/2021 15:53:59]    CPU Usage:0 %
10860 | [Owner : Compaq | Parent : 908(svchost.exe) | 18.58 Mo] - (.Microsoft Corporation - Search application.) - (10.0.19041.1889) = C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe     [01/09/2022 11:48:17]    CPU Usage:0 %
5732 | [Owner : Système | Parent : 784(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.18.2207.7) = C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\MsMpEng.exe     [08/09/2022 15:05:33]    CPU Usage:0 %
1440 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 5.08 Mo] - (.Microsoft Corporation - Windows Driver Foundation - Processus hôte de l’infrastructure de pilotes en mode utilisateur.) - (10.0.19041.1865) = C:\Windows\System32\WUDFHost.exe     [01/09/2022 11:41:14]    CPU Usage:0 %
5964 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 5.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
4648 | [Owner : Compaq | Parent : 908(svchost.exe) | 7.24 Mo] - (.Microsoft Corporation - COM Surrogate.) - (10.0.19041.546) = C:\Windows\System32\dllhost.exe     [09/04/2021 15:54:30]    CPU Usage:0 %
9292 | [Owner : SERVICE LOCAL | Parent : 784(services.exe) | 9.59 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
8732 | [Owner : Compaq | Parent : 11864(SearchIndexer.exe) | 276.3 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
6992 | [Owner : Compaq | Parent : 8732(firefox.exe) | 120.81 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
11988 | [Owner : Compaq | Parent : 8732(firefox.exe) | 16.63 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
12044 | [Owner : Compaq | Parent : 8732(firefox.exe) | 41.39 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
9824 | [Owner : Compaq | Parent : 8732(firefox.exe) | 56.93 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
7856 | [Owner : Compaq | Parent : 8732(firefox.exe) | 47.8 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
9512 | [Owner : Compaq | Parent : 8732(firefox.exe) | 60.78 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
11864 | [Owner : Système | Parent : 784(services.exe) | 34.85 Mo] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.19041.1865) = C:\Windows\System32\SearchIndexer.exe     [01/09/2022 11:39:00]    CPU Usage:0 %
4104 | [Owner : Système | Parent : 784(services.exe) | 6.35 Mo] - (.Adobe Inc. - Adobe Acrobat Update Service.) - (1.824.460.1013) = C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe     [03/08/2022 19:22:54]    CPU Usage:0 %
6156 | [Owner : Compaq | Parent : 8732(firefox.exe) | 20.24 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
11176 | [Owner : Compaq | Parent : 8732(firefox.exe) | 12 Mo] - (.Microsoft Corporation - Installation de Windows 10.) - (10.0.19041.572) = C:\Users\Compaq\Downloads\MediaCreationTool21H2.exe     [12/09/2022 09:33:18]    CPU Usage:0 %
6496 | [Owner : Compaq | Parent : 11176(MediaCreationTool21H2.exe) | 38.5 Mo] - (.Microsoft Corporation - Modern Setup Host.) - (10.0.19041.572) = C:\$Windows.~WS\Sources\SetupHost.exe     [08/10/2020 00:43:16]    CPU Usage:7 %
9964 | [Owner : Système | Parent : 784(services.exe) | 22 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:4 %
9496 | [Owner : Compaq | Parent : 5584() | 76.14 Mo] - (.Microsoft Corporation - Microsoft Edge.) - (105.0.1343.33) = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe     [01/04/2021 21:18:23]    CPU Usage:0 %
7080 | [Owner : Compaq | Parent : 9496(msedge.exe) | 7.48 Mo] - (.Microsoft Corporation - Microsoft Edge.) - (105.0.1343.33) = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe     [01/04/2021 21:18:23]    CPU Usage:0 %
12160 | [Owner : Compaq | Parent : 9496(msedge.exe) | 25.98 Mo] - (.Microsoft Corporation - Microsoft Edge.) - (105.0.1343.33) = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe     [01/04/2021 21:18:23]    CPU Usage:0 %
9188 | [Owner : Compaq | Parent : 9496(msedge.exe) | 27.63 Mo] - (.Microsoft Corporation - Microsoft Edge.) - (105.0.1343.33) = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe     [01/04/2021 21:18:23]    CPU Usage:0 %
3392 | [Owner : Compaq | Parent : 9496(msedge.exe) | 18.31 Mo] - (.Microsoft Corporation - Microsoft Edge.) - (105.0.1343.33) = C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe     [01/04/2021 21:18:23]    CPU Usage:0 %
6168 | [Owner : Compaq | Parent : 8732(firefox.exe) | 171.3 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
9084 | [Owner : Compaq | Parent : 8732(firefox.exe) | 83.44 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
9664 | [Owner : Compaq | Parent : 8732(firefox.exe) | 119.65 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
6368 | [Owner : Compaq | Parent : 8732(firefox.exe) | 44.45 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
9380 | [Owner : Compaq | Parent : 8732(firefox.exe) | 41.76 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
7744 | [Owner : Compaq | Parent : 8732(firefox.exe) | 39.82 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
7684 | [Owner : Compaq | Parent : 908(svchost.exe) | 37.26 Mo] - (.Microsoft Corporation - Windows Defender SmartScreen.) - (10.0.19041.1682) = C:\Windows\System32\smartscreen.exe     [01/09/2022 11:38:20]    CPU Usage:0 %
7156 | [Owner : Système | Parent : 784(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
8288 | [Owner : Compaq | Parent : 8732(firefox.exe) | 17.3 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
5768 | [Owner : Compaq | Parent : 908(svchost.exe) | 47.37 Mo] - (.Microsoft Corporation - Windows Defender application.) - (10.0.19041.1741) = C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe     [01/09/2022 11:39:56]    CPU Usage:0 %
8976 | [Owner : Compaq | Parent : 908(svchost.exe) | 9.98 Mo] - (.Microsoft Corporation - Windows Security Health Host.) - (4.18.1907.16384) = C:\Windows\System32\SecurityHealthHost.exe     [01/09/2022 11:38:11]    CPU Usage:0 %
5208 | [Owner : Système | Parent : 784(services.exe) | 7.58 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
11268 | [Owner : Système | Parent : 784(services.exe) | 12.08 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.19041.1806) = C:\Windows\System32\svchost.exe     [01/09/2022 11:40:19]    CPU Usage:0 %
9716 | [Owner : Compaq | Parent : 908(svchost.exe) | 8.3 Mo] - (.Microsoft Corporation - Windows Security Health Host.) - (4.18.1907.16384) = C:\Windows\System32\SecurityHealthHost.exe     [01/09/2022 11:38:11]    CPU Usage:0 %
10284 | [Owner : Compaq | Parent : 1876(svchost.exe) | 4.86 Mo] - (.- Real Time Protection for UsbFix Anti-Malware Professionnal.) - (10.0.3.3) = C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe     [06/10/2021 23:11:22]    CPU Usage:0 %
11552 | [Owner : Compaq | Parent : 8732(firefox.exe) | 39.67 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
8380 | [Owner : Compaq | Parent : 8732(firefox.exe) | 36.73 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
5504 | [Owner : Compaq | Parent : 8732(firefox.exe) | 28.19 Mo] - (.Mozilla Corporation - Firefox.) - (104.0.2.8280) = C:\Program Files\Mozilla Firefox\firefox.exe     [08/09/2022 15:01:17]    CPU Usage:0 %
3988 | [Owner : Compaq | Parent : 8732(firefox.exe) | 62.98 Mo] - (.SosVirus - QuickDiag.) - (29.10.19.1) = C:\Users\Compaq\Downloads\quickdiag_V5_29.10.19.1.exe     [12/09/2022 09:55:19]    CPU Usage:4 %
11088 | [Owner : Système | Parent : 908(svchost.exe) | 9.92 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\System32\wbem\WmiPrvSE.exe     [09/04/2021 15:54:22]    CPU Usage:0 %
5572 | [Owner : SERVICE RÉSEAU | Parent : 908(svchost.exe) | 11.66 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (10.0.19041.546) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe     [09/04/2021 15:54:48]    CPU Usage:0 %

---------- | Locked Applications


---------- | Policy Restrictions


---------- | Explorer.exe Modules (Microsoft Files Whitelisted)

(..-..) - (0.0.0.0) -- C:\Windows\SYSTEM32\UMPDC.dll
(..-..) - (0.0.0.0) -- C:\Windows\SYSTEM32\TextShaping.dll
(..-..) - (0.0.0.0) -- C:\Windows\System32\WindowManagementAPI.dll
(.Advanced Micro Devices, Inc. .-.aticfx64.dll.) - (8.17.10.1404) -- C:\Windows\SYSTEM32\aticfx64.dll
(.Advanced Micro Devices, Inc. .-.atiuxpag.dll.) - (8.14.1.6463) -- C:\Windows\SYSTEM32\atiuxp64.dll
(.Advanced Micro Devices, Inc. .-.atidxx64.dll.) - (8.17.10.625) -- C:\Windows\SYSTEM32\atidxx64.dll
(..-..) - (0.0.0.0) -- C:\Windows\System32\VirtualMonitorManager.dll
(..-..) - (0.0.0.0) -- C:\Windows\System32\Windows.Internal.UI.Shell.WindowTabManager.dll
(..-..) - (0.0.0.0) -- C:\Windows\ShellExperiences\TileControl.dll
(..-..) - (0.0.0.0) -- C:\Windows\ShellComponents\TaskFlowUI.dll
(.Advanced Micro Devices, Inc..-.AMD Desktop Control Panel.) - (6.14.10.2001) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamfra.dll
(.The ICU Project.-.ICU Combined Library.) - (64.2.0.0) -- C:\Windows\System32\icu.dll

---------- | Winlogon.exe Modules (Microsoft Files Whitelisted)

(..-..) - (0.0.0.0) -- C:\Windows\system32\UMPDC.dll

---------- | svchost.exe Modules (Microsoft Files Whitelisted)

(..-..) - (0.0.0.0) -- c:\windows\system32\UMPDC.dll
(.Seiko Epson Corporation.-.Epson WIA Module.) - (1.0.8.1) -- C:\Windows\system32\esxw2ud.dll
(..-..) - (0.0.0.0) -- c:\windows\system32\TextShaping.dll
(.SQLite Development Team.-.SQLite is a software library that implements a self-contained, serverless, zero-configuration, transactional SQL database engine..) - (3.29.0.0) -- c:\windows\system32\winsqlite3.dll
(..-..) - (0.0.0.0) -- C:\Windows\System32\usocoreps.dll
(..-..) - (0.0.0.0) -- C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\FACEBOOTSTRAPADAPTER.DLL

---------- | ZeroAccess Check

[HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll
[HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll
[HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll

---------- | Startings up

OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE LOCAL
OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU
OneDrive - ("C:\Users\Compaq\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\...\Run]) - User: DESKTOP-650T4C4\Compaq
EPLTarget\P0000000000000000 - (C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIM1E.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-2760 Series" [HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\...\Run]) - User: DESKTOP-650T4C4\Compaq
MicrosoftEdgeAutoLaunch_85E88F0428ACC9F191E7458BDD0DB6C9 - ("C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\...\Run]) - User: DESKTOP-650T4C4\Compaq
SecurityHealth - (%windir%\system32\SecurityHealthSystray.exe [HKLM\SOFTWARE\...\Run]) - User: Public

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Compaq\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background   
"EPLTarget\P0000000000000000"=C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIM1E.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-2760 Series"   
"MicrosoftEdgeAutoLaunch_85E88F0428ACC9F191E7458BDD0DB6C9"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5   

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU]
"a"=notepad\1   
"MRUList"=a   

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"Device"=EPSON WF-2760 Series,winspool,Ne04:   
"IsMRUEstablished"=1   
"LegacyDefaultPrinterMode"=0   
"MenuDropAlignment"=0   

[HKLM\Software\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=9   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=%windir%\system32\SecurityHealthSystray.exe   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"SecurityHealth"=0x040000000000000000000000   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
""=mnmsrvc   
"AppInit_DLLs"=   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"DeviceNotSelectedTimeout"=15   
"DwmInputUsesIoCompletionPort"=1   
"EnableDwmInputProcessing"=7   
"GDIProcessHandleQuota"=10000   
"IconServiceLib"=IconCodecService.dll   
"LoadAppInit_DLLs"=0   
"NaturalInputHandler"=Ninput.dll   
"ShutdownWarningDialogTimeout"=4294967295   
"Spooler"=yes   
"ThreadUnresponsiveLogTimeout"=500   
"TransmissionRetryTimeout"=90   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   
"Win32kLastWriteTime"=1D8BDE6BBD725E1   

[HKLM\Software\WOW6432Node\Microsoft\Command Processor]
"CompletionChar"=9   
"DefaultColor"=0   
"EnableExtensions"=1   
"PathCompletionChar"=9   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun   
"FUFAXRCV"="C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"   
"FUFAXSTM"="C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
""=   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
""=mnmsrvc   
"AppInit_DLLs"=   
"DdeSendTimeout"=0   
"DesktopHeapLogging"=1   
"DeviceNotSelectedTimeout"=15   
"DwmInputUsesIoCompletionPort"=1   
"EnableDwmInputProcessing"=7   
"GDIProcessHandleQuota"=10000   
"IconServiceLib"=IconCodecService.dll   
"LoadAppInit_DLLs"=0   
"NaturalInputHandler"=Ninput.dll   
"ShutdownWarningDialogTimeout"=4294967295   
"Spooler"=yes   
"ThreadUnresponsiveLogTimeout"=500   
"TransmissionRetryTimeout"=90   
"USERNestedWindowLimit"=50   
"USERPostMessageLimit"=10000   
"USERProcessHandleQuota"=10000   

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED}   


---------- | Win.ini : 



---------- | System.ini : 



---------- | Tasks List

Adobe Acrobat Update Task
EPSON WF-2760 Series Update {47AF55B9-8E95-47EE-A3FA-BFB62C2029D9}
GoogleUpdateTaskMachineCore
GoogleUpdateTaskMachineUA
iTop Screen Recorder SkipUAC (Compaq)
iTop Screen Recorder Startup
iTop Screen Recorder UAC
iTop Screen Recorder Update
MicrosoftEdgeUpdateTaskMachineCore
MicrosoftEdgeUpdateTaskMachineUA
OneDrive Reporting Task-S-1-5-21-3945783615-3853108761-1058730989-1001
OneDrive Standalone Update Task-S-1-5-21-3945783615-3853108761-1058730989-1001
UsbFix Monitor

---------- | Startings up registry ¦ Folder


---------- | Control - lsa - SecurityProviders - Session Manager - Terminal Server


[HKLM\System\CurrentControlSet\Control]
"BootDriverFlags"=28   
"CurrentUser"=USERNAME   
"EarlyStartServices"=RpcSs
Power
BrokerInfrastructure
SystemEventsBroker
DcomLaunch
RpcEpMapper
LSM
AppIdSvc   
"PreshutdownOrder"=DeviceInstall
UsoSvc
gpsvc
trustedinstaller   
"SvcHostSplitThresholdInKB"=3670016   
"WaitToKillServiceTimeout"=2000   
"SystemStartOptions"= NOEXECUTE=OPTIN   
"SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(3)   
"FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1)   
"LastBootSucceeded"=1   
"LastBootShutdown"=1   
"DirtyShutdownCount"=3   

[HKLM\System\CurrentControlSet\Control\lsa]
"auditbasedirectories"=0   
"auditbaseobjects"=0   
"Bounds"=0x0030000000200000   
"crashonauditfail"=0   
"fullprivilegeauditing"=0x00   
"LimitBlankPasswordUse"=1   
"NoLmHash"=1   
"Security Packages"=""   [12/06/2021 13:03:44]
"Notification Packages"=scecli   
"Authentication Packages"=msv1_0   
"LsaPid"=796   
"SecureBoot"=1   
"ProductType"=3   
"disabledomaincreds"=0   
"everyoneincludesanonymous"=0   
"forceguest"=0   
"restrictanonymous"=0   
"restrictanonymoussam"=1   

[HKLM\System\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll   

[HKLM\System\CurrentControlSet\Control\Session Manager]
"AutoChkTimeout"=8   
"BootExecute"=autocheck autochk *   
"BootShell"=%SystemRoot%\system32\bootim.exe   
"CriticalSectionTimeout"=2592000   
"ExcludeFromKnownDlls"=   
"GlobalFlag"=0   
"GlobalFlag2"=0   
"HeapDeCommitFreeBlockThreshold"=0   
"HeapDeCommitTotalFreeThreshold"=0   
"HeapSegmentCommit"=0   
"HeapSegmentReserve"=0   
"InitConsoleFlags"=0   
"NumberOfInitialSessions"=2   
"ObjectDirectories"=\Windows
\RPC Control   
"ProcessorControl"=2   
"ProtectionMode"=1   
"ResourceTimeoutCount"=150   
"RunLevelExecute"=WinInit
ServiceControlManager   
"RunLevelValidate"=ServiceControlManager   
"SETUPEXECUTE"=   
"AutoChkSkipSystemPartition"=0   
"PendingFileRenameOperations"=\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\MXDWDRV.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\MXDWDRV.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\PJLMON.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\PJLMON.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\PS5UI.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\PS5UI.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\PSCRIPT5.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\PSCRIPT5.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\UNIDRV.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\UNIDRVUI.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\UNIDRVUI.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\UNIRES.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\UNIRES.DLL
\??\C:\Windows\system32\spool\DRIVERS\W32X86\3\New\mxdwdrv.dll
\??\C:\Windows\system32\spool\DRIVERS\W32X86\3\mxdwdrv.dll
\??\C:\Windows\system32\spool\DRIVERS\W32X86\3\New\PrintConfig.dll
\??\C:\Windows\system32\spool\DRIVERS\W32X86\3\PrintConfig.dll
\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\FXSDRV.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\FXSDRV.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\FXSUI.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\FXSUI.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\FXSUI.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\FXSUI.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\FXSWZRD.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\FXSWZRD.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\FXSTIFF.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\FXSTIFF.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\FXSRES.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\FXSRES.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\FXSAPI.DLL
\??\C:\Windows\system32\spool\DRIVERS\x64\3\FXSAPI.DLL
\??\C:\Windows\system32\spool\drivers\x64\3\Old\1\FXSDRV.DLL

\??\C:\Windows\system32\spool\drivers\x64\3\Old\1\FXSRES.DLL

\??\C:\Windows\system32\spool\drivers\x64\3\Old\1\FXSTIFF.DLL

\??\C:\Windows\system32\spool\drivers\x64\3\Old\1\FXSUI.DLL

\??\C:\Windows\system32\spool\drivers\x64\3\Old\1\FXSWZRD.DLL

\??\C:\Windows\system32\spool\DRIVERS\x64\3\New\PrintConfig.dll
\??\C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
\??\C:\Windows\Temp\b9015000-e29a-4172-ad9f-4c3e117d9c96.tmp

\??\C:\Program Files\Mozilla Firefox\tobedeleted\rep5da17267-7818-4959-b098-76eb860dcd35

\??\C:\Program Files\Mozilla Firefox\tobedeleted\rep5da17267-7818-4959-b098-76eb860dcd35

\??\C:\Program Files\Mozilla Firefox\tobedeleted\

\??\C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe

\??\C:\Config.Msi\21fd0ca5.rbf

\??\C:\Program Files (x86)\Microsoft\Edge\Temp\scoped_dir4472_484308889\old_msedge.exe

\??\C:\Program Files (x86)\Microsoft\Edge\Temp\scoped_dir4472_484308889

\??\C:\Program Files (x86)\Microsoft\Edge\Temp

\??\C:\Windows\Temp\ac49b72e-2688-486e-8a5c-70d148c8142d.tmp

\??\C:\Users\Compaq\AppData\Local\Temp\nsk3F7.tmp\nsProcess.dll

\??\C:\Users\Compaq\AppData\Local\Temp\nsk3F7.tmp\
   

[HKLM\System\CurrentControlSet\Control\Terminal Server]
"AllowRemoteRPC"=0   
"DelayConMgrTimeout"=0   
"DeleteTempDirsOnExit"=1   
"fDenyTSConnections"=1   
"fSingleSessionPerUser"=1   
"NotificationTimeOut"=0   
"PerSessionTempDir"=0   
"ProductVersion"=5.1   
"RCDependentServices"=CertPropSvc
SessionEnv   
"SnapshotMonitors"=1   
"StartRCM"=0   
"TSUserEnabled"=0   
"InstanceID"=e24c6a5b-7bf0-4a6a-8e44-bea893a   
"GlassSessionId"=1   


---------- | .LNK with Arguments


---------- | AppCertDlls


---------- | Dnsapi.dll

C:\Windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts
C:\Windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts

---------- | Policies | Registry

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Control Panel\Desktop]
"ActiveWndTrackTimeout"=0   
"BlockSendInputResets"=0   
"CaretTimeout"=5000   
"CaretWidth"=1   
"ClickLockTime"=1200   
"CoolSwitchColumns"=7   
"CoolSwitchRows"=3   
"CursorBlinkRate"=530   
"DockMoving"=1   
"DragFromMaximize"=1   
"DragFullWindows"=1   
"DragHeight"=4   
"DragWidth"=4   
"FocusBorderHeight"=1   
"FocusBorderWidth"=1   
"FontSmoothing"=2   
"FontSmoothingGamma"=0   
"FontSmoothingOrientation"=1   
"FontSmoothingType"=2   
"ForegroundFlashCount"=7   
"ForegroundLockTimeout"=200000   
"LeftOverlapChars"=3   
"MenuShowDelay"=400   
"MouseWheelRouting"=2   
"PaintDesktopVersion"=0   
"RightOverlapChars"=3   
"ScreenSaveActive"=1   
"SnapSizing"=1   
"TileWallpaper"=0   
"WallPaper"=C:\Windows\web\wallpaper\Windows\img0.jpg   [07/12/2019 11:09:54]
"WallpaperOriginX"=0   
"WallpaperOriginY"=0   
"WallpaperStyle"=10   
"WheelScrollChars"=3   
"WheelScrollLines"=3   
"WindowArrangementActive"=1   
"Win8DpiScaling"=0   
"DpiScalingVer"=4096   
"UserPreferencesMask"=0x9E1E078012000000   
"MaxVirtualDesktopDimension"=1920   
"MaxMonitorDimension"=1920   
"TranscodedImageCount"=1   
"LastUpdated"=4294967295   
"TranscodedImageCache"=0x7AC301009E01060080070000B0040000BED52517DEACD50143003A005C00570069006E0064006F00770073005C007700650062005C00770061006C006C00700061007000650072005C00570069006E0064006F00770073005C0069006D00670030002E006A007000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000   
"Pattern Upgrade"=TRUE   
"WaitToKillAppTimeout"=2000   
"HungAppTimeout"=2000   

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=0   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0   
"{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1   

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ExplorerStartupTraceRecorded"=1   
"ShellState"=0x240000003D28000000000000000000000000000001000000130000000000000062000000   
"UserSignedIn"=1   
"SlowContextMenuEntries"=0x6024B221EA3A6910A2DC08002B30309DDF29000062B06A59D2B415429F74E9109B0A8153E0070000EE21215E0003D4118D3B444553540000850400000114020000000000C000000000000046B910000044F8271D1F3A104485AC14651078412D56040000   
"SIDUpdatedOnLibraries"=1   
"LocalKnownFoldersMigrated"=1   
"TelemetrySalt"=2   
"GlobalAssocChangedCounter"=99   
"FirstRunTelemetryComplete"=1   
"AppReadinessLogonComplete"=1   
"EnableAutoTray"=0   
"PostAppInstallTasksCompleted"=1   
"ExcludedFromStableAnaheimDownloadPromotionSL"=1   
"DesktopReadyTimeout"=1   

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_SearchFiles"=2   
"ServerAdminUI"=0   
"Hidden"=1   
"ShowCompColor"=1   
"HideFileExt"=1   
"DontPrettyPath"=0   
"ShowInfoTip"=1   
"HideIcons"=0   
"MapNetDrvBtn"=0   
"WebView"=1   
"Filter"=0   
"ShowSuperHidden"=0   
"SeparateProcess"=0   
"AutoCheckSelect"=0   
"IconsOnly"=0   
"ShowTypeOverlay"=1   
"ShowStatusBar"=1   
"StoreAppsOnTaskbar"=1   
"ListviewAlphaSelect"=1   
"ListviewShadow"=1   
"TaskbarAnimations"=1   
"ShowCortanaButton"=1   
"StorePinningExperimentResult"=1   
"StartMenuInit"=13   
"TaskbarStateLastRun"=0x05B10C6300000000   
"ReindexedProfile"=1   
"StartMigratedBrowserPin"=1   

[HKLM\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"authenticodeenabled"=0   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"DSCAutomationHostEnabled"=2   
"EnableCursorSuppression"=1   
"EnableFullTrustStartupTasks"=2   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableUwpStartupTasks"=2   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=1   
"SupportFullTrustStartupTasks"=1   
"SupportUwpStartupTasks"=1   
"ValidateAdminCodeSignatures"=0   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"undockwithoutlogon"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"ForceActiveDesktopOn"=0   
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"NoRecentDocsHistory"=0   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=1   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"Id"=2   
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"ValueName"=Hidden   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ActiveSetupDisabled"=0   
"ActiveSetupTaskOverride"=1   
"AsyncRunOnce"=1   
"AsyncUpdatePCSettings"=1   
"DisableAppInstallsOnFirstLogon"=1   
"DisableResolveStoreCategories"=1   
"DisableUpgradeCleanup"=1   
"EarlyAppResolverStart"=1   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"FSIASleepTimeInMs"=60000   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"IconUnderline"=2   
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"MachineOobeUpdates"=1   
"NoWaitOnRoamingPayloads"=1   
"TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd}   
"GlobalAssocChangedCounter"=2   

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_TrackDocs"=1   
"TaskbarSizeMove"=0   

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   

[HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\Safer\CodeIdentifiers]
"authenticodeenabled"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5   
"ConsentPromptBehaviorUser"=3   
"DSCAutomationHostEnabled"=2   
"EnableCursorSuppression"=1   
"EnableFullTrustStartupTasks"=2   
"EnableInstallerDetection"=1   
"EnableLUA"=1   
"EnableSecureUIAPaths"=1   
"EnableUIADesktopToggle"=0   
"EnableUwpStartupTasks"=2   
"EnableVirtualization"=1   
"PromptOnSecureDesktop"=1   
"SupportFullTrustStartupTasks"=1   
"SupportUwpStartupTasks"=1   
"ValidateAdminCodeSignatures"=0   
"dontdisplaylastusername"=0   
"legalnoticecaption"=   
"legalnoticetext"=   
"scforceoption"=0   
"shutdownwithoutlogon"=1   
"undockwithoutlogon"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"ForceActiveDesktopOn"=0   
"NoActiveDesktop"=1   
"NoActiveDesktopChanges"=1   
"NoRecentDocsHistory"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1   
"NoComponents"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1   
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1   
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1   
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1   
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1   
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1   
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0   
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"CheckedValue"=1   
"DefaultValue"=2   
"HKeyRoot"=2147483649   
"Id"=2   
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced   
"Text"=@shell32.dll,-30500   
"Type"=radio   
"ValueName"=Hidden   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer]
"ActiveSetupDisabled"=0   
"ActiveSetupTaskOverride"=1   
"AsyncRunOnce"=1   
"AsyncUpdatePCSettings"=1   
"DisableAppInstallsOnFirstLogon"=1   
"DisableResolveStoreCategories"=1   
"DisableUpgradeCleanup"=1   
"EarlyAppResolverStart"=1   
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}   
"FSIASleepTimeInMs"=60000   
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}   
"IconUnderline"=2   
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}   
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}   
"MachineOobeUpdates"=1   
"NoWaitOnRoamingPayloads"=1   
"TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd}   
"GlobalAssocChangedCounter"=4   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_TrackDocs"=1   
"TaskbarSizeMove"=0   

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s   


---------- | Winlogon 

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders   
"BuildNumber"=19043   
"FirstLogon"=0   
"ParseAutoexec"=1   
"PUUActive"=0x23E86B57010003000A00210092730000E6760000E6760000D200000002000800D35710C800A01500FF950200AD3500009531000001050000000000000000000000000000E4F20000A106000088000000CD5A435D73C6D80192730000000000000100000092730000634A0000000000000000000000000000   
"DP"=0xD200E8000F0003000A00000023E86B570000000000000000CD5A435D73C6D801CD5A435D73C6D801000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000F03F80510100398F00800F110E050F118E05DF2400800524214495252144C40900C0218000422184404251B000807504047075048474949D00008205A34C8305A34C60900080086C182448EC1826FA5F00800016080046960C00974C0180A0088526A44A8526F89C00C00100082001000824463201C00A0100024B036002221101408004084090044A40   

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"AutoRestartShell"=1   
"Background"=0 0 0   
"CachedLogonsCount"=10   
"DebugServerCommand"=no   
"DefaultDomainName"=   
"DefaultUserName"=Compaq   
"DisableBackButton"=1   
"EnableSIHostIntegration"=1   
"ForceUnlockLogon"=0   
"LegalNoticeCaption"=   
"LegalNoticeText"=   
"PasswordExpiryWarning"=5   
"PowerdownAfterShutdown"=0   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"ReportBootOk"=1   
"Shell"=explorer.exe   
"ShellCritical"=0   
"ShellInfrastructure"=sihost.exe   
"SiHostCritical"=0   
"SiHostReadyTimeOut"=0   
"SiHostRestartCountLimit"=0   
"SiHostRestartTimeGap"=0   
"Userinit"=C:\Windows\system32\userinit.exe,   
"VMApplet"=SystemPropertiesPerformance.exe /pagefile   
"WinStationsDisabled"=0   
"scremoveoption"=0   
"DisableCAD"=1   
"LastLogOffEndTimePerfCounter"=1328747840846   
"ShutdownFlags"=8327   
"AutoAdminLogon"=0   
"DisableLockWorkstation"=0   
"EnableFirstLogonAnimation"=1   
"AutoLogonSID"=S-1-5-21-3945783615-3853108761-1058730989-1001   
"LastUsedUsername"=Compaq   
"ShellAppRuntime"=ShellAppRuntime.exe   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]
"DefaultDomainName"=   
"DefaultUserName"=   
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}   
"Shell"=explorer.exe   
"ShellCritical"=0   
"SiHostCritical"=0   
"SiHostReadyTimeOut"=0   
"SiHostRestartCountLimit"=0   
"SiHostRestartTimeGap"=0   


---------- | Associations

[HKLM\Software\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\Classes\.com]
""=comfile   

[HKLM\Software\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.reg]
""=regfile   

[HKLM\Software\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\Classes\.scr]
""=scrfile   

[HKLM\Software\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\Classes\.bat]
""=batfile   

[HKLM\Software\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.cmd]
""=cmdfile   

[HKLM\Software\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.pif]
""=piffile   

[HKLM\Software\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\Classes\.inf]
""=inffile   

[HKLM\Software\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\Classes\.url]
""=InternetShortcut   

[HKLM\Software\Classes\.lnk]
""=lnkfile   

[HKLM\Software\Classes\.hta]
""=htafile   
"Content Type"=application/hta   
"PerceivedType"=text   

[HKLM\Software\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %*   

[HKLM\Software\Classes\InternetShortcut]
"EditFlags"=2   
"FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"NeverShowExt"=   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   

[HKLM\Software\Classes\Application.Manifest]
""=Application Manifest   
"BrowserFlags"=4096   
"EditFlags"=4259840   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200   

[HKLM\Software\Classes\Application.Reference]
""=Application Reference   
"EditFlags"=131072   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201   
"IsShortcut"=   
"NeverShowExt"=   

[HKLM\Software\Classes\Folder]
""=Folder   
"AppUserModelID"=Microsoft.Windows.Explorer   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeLayoutPatternForSearch"=alpha   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.HomeGroupSharingStatus   

[HKLM\Software\WOW6432Node\Classes\.exe]
""=exefile   
"Content Type"=application/x-msdownload   

[HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command]
""="%1" %*   
"IsolatedCommand"="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.com]
""=comfile   

[HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.reg]
""=regfile   

[HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"   

[HKLM\Software\WOW6432Node\Classes\.scr]
""=scrfile   

[HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command]
""="%1" /S   

[HKLM\Software\WOW6432Node\Classes\.bat]
""=batfile   

[HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.cmd]
""=cmdfile   

[HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.pif]
""=piffile   

[HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command]
""="%1" %*   

[HKLM\Software\WOW6432Node\Classes\.inf]
""=inffile   

[HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1   

[HKLM\Software\WOW6432Node\Classes\.url]
""=InternetShortcut   

[HKLM\Software\WOW6432Node\Classes\.lnk]
""=lnkfile   

[HKLM\Software\WOW6432Node\Classes\.hta]
""=htafile   
"Content Type"=application/hta   
"PerceivedType"=text   

[HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %*   

[HKLM\Software\WOW6432Node\Classes\InternetShortcut]
"EditFlags"=2   
"FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046   
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment   
"IsShortcut"=   
"NeverShowExt"=   
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment   

[HKLM\Software\WOW6432Node\Classes\Application.Manifest]
""=Application Manifest   
"BrowserFlags"=4096   
"EditFlags"=4259840   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200   

[HKLM\Software\WOW6432Node\Classes\Application.Reference]
""=Application Reference   
"EditFlags"=131072   
"FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201   
"IsShortcut"=   
"NeverShowExt"=   

[HKLM\Software\WOW6432Node\Classes\Folder]
""=Folder   
"AppUserModelID"=Microsoft.Windows.Explorer   
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified   
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay   
"ContentViewModeLayoutPatternForBrowse"=delta   
"ContentViewModeLayoutPatternForSearch"=alpha   
"EditFlags"=0xD2030000   
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus   
"NoRecentDocs"=   
"ThumbnailCutoff"=0   
"TileInfo"=prop:System.Title;System.HomeGroupSharingStatus   

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command]
""="C:\Program Files\Mozilla Firefox\firefox.exe"   
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo]
"ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command]
""="C:\Program Files\Mozilla Firefox\firefox.exe"   
[HKLM\Software\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo]
"ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files\Internet Explorer\iexplore.exe   [01/09/2022 11:47:44]
[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM\Software\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command]
""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"   
[HKLM\Software\Clients\StartMenuInternet\Microsoft Edge\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\Shell\open\Command]
""="C:\Program Files\Mozilla Firefox\firefox.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Firefox-308046B0AF4A39CB\InstallInfo]
"ReinstallCommand"="C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files\Google\Chrome\Application\chrome.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files\Internet Explorer\iexplore.exe   [01/09/2022 11:47:44]
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\Shell\open\Command]
""="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"   
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Microsoft Edge\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --make-default-browser


---------- | AppcompatFlags

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\Compaq\AppData\Local\Microsoft\OneDrive\19.043.0304.0013\FileSyncConfig.exe"=0x534143500100000000000000070000002800000060AE040085EF040001000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"C:\Users\Compaq\AppData\Local\Microsoft\OneDrive\21.083.0425.0003\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000788B0700B2FA070001000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"C:\Program Files\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000F8040F00A5350F000100000000000000000000060001000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000D6FA0100000000000600000006000000
"C:\Program Files\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000A8342500CE89250001000000000000000000000A0021000050BB64EDDDACD5010000000000000000
"C:\Program Files (x86)\OpenOffice 4\program\soffice.exe"=0x534143500100000000000000070000002800000000AAA8008EB4A80001000000000000000000000A7122000050BB64EDDDACD5010000000000000000020000002800000000000000000000100000000000000000000000000000000014974213000000000200000002000000
"C:\Users\Compaq\AppData\Local\Microsoft\OneDrive\21.099.0516.0003\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000688B0700009F070001000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe"=0x5341435001000000000000000700000028000000C8DE0400FFE504000100000000000000000001050010000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000DE3E0000000000000200000002000000
"C:\Users\Compaq\Downloads\itop-screen-recorder-frseo_hp-setup.exe"=0x534143500100000000000000070000002800000018EF90050000000001000000000000000000000A0021000050BB64EDDDACD5010000000000000000
"C:\Users\Compaq\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000801FE7021FE3E70201000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"C:\Users\Compaq\AppData\Local\Microsoft\OneDrive\21.220.1024.0005_1\FileSyncConfig.exe"=0x534143500100000000000000070000002800000078BB090004430A0001000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"C:\Program Files\iTop Screen Recorder\iScrRec.exe"=0x534143500100000000000000070000002800000000D9E6008AB0E70001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000487E0000000000000200000002000000
"C:\Program Files\iTop Screen Recorder\AUpdate.exe"=0x5341435001000000000000000700000028000000D89C0200149E020001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000039710000000000000200000002000000
"C:\Program Files\iTop Screen Recorder\iScrEditer.exe"=0x53414350010000000000000007000000280000000053A2006CCBA20001000000000000000000000A0021000050BB64EDDDACD501000000000000000002000000280000000000000000000040000000000000000000000000000000008D3F0600000000000100000001000000
"C:\Users\Compaq\AppData\Local\Microsoft\OneDrive\22.161.0731.0002\FileSyncConfig.exe"=0x534143500100000000000000070000002800000090950B00EFE10B0001000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"C:\Users\Compaq\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x534143500100000000000000070000002800000098136303DCA0630301000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"C:\Users\Compaq\AppData\Local\Microsoft\OneDrive\22.166.0807.0002\FileSyncConfig.exe"=0x534143500100000000000000070000002800000090530B003DCD0B0001000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"SIGN.MEDIA=238562 InstallNavi.exe"=0x53414350010000000000000007000000280000002085230086AE23000100000000000000000003060001000050BB64EDDDACD50100000000000000000200000028000000000000000000004000000000000000000000000000000000DBCDDB02000000000300000003000000
"C:\Windows\twain_32\escndv\escndv.exe"=0x53414350010000000000000007000000280000002853030096C8030001000000000000000000000A7120000050BB64EDDDACD5010000000000000000020000002800000000000000000000000000000000000000000000000000000043BB1A00000000000600000006000000
"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"=0x5341435001000000000000000700000028000000C8243100F8C6310001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000001000000000000000000000000000000000DC1F0000000000000200000002000000
"C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNAVI.EXE"=0x5341435001000000000000000700000028000000502928005DC728000100000000000000000003060001000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000BAB50200000000000100000001000000
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.542.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe"=0x5341435001000000000000000700000028000000A893070057B9070001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000001000000000000000000000000000000000D424C50D000000000100000001000000
"C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.543.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe"=0x534143500100000000000000070000002800000098930700F632080001000000000000000000000A0021000050BB64EDDDACD5010000000000000000
"C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe"=0x5341435001000000000000000700000028000000D06E41002244420001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000000000000000000000000000000000000000B61B0000000000000100000001000000
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"=0x5341435001000000000000000700000028000000A0E9390040983A0001000000000000000000000A0021000050BB64EDDDACD50100000000000000000200000028000000000000000000001000000000000000000000000000000000790B0000000000000200000002000000
"C:\Program Files\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000502D0A003DCA0A0001000000000000000000000A0021000050BB64EDDDACD5010000000100000000
"C:\Users\Compaq\Downloads\MediaCreationTool21H2.exe"=0x534143500100000000000000070000002800000018FD28018008290101000000000000000000000A0021000050BB64EDDDACD5010000000000000000
"C:\Users\Compaq\Downloads\UsbFix_Premium.exe"=0x53414350010000000000000007000000280000002D2A4A000000000001000000000000000000000A0021000050BB64EDDDACD5010000000000000000020000002800000000000000000000400000000000000000000000000000000058CA0600000000000100000001000000
"SIGN.MEDIA=58379D1D FRST64.exe"=0x5341435001000000000000000700000028000000002E2400472D240001000000000000000000000A0021000050BB64EDDDACD5010000000000000000
"C:\Users\Compaq\Downloads\quickdiag_V5_29.10.19.1.exe"=0x534143500100000000000000070000002800000098315100F351510001000000000000000000000A0021000050BB64EDDDACD5010000000000000000


---------- | IFEO


---------- | Mountpoints2

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{142af379-cb6d-11eb-a544-806e6f6e6963}] : "F:\InstallNavi.exe"      (AutoRun)

---------- | Windows

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows   
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"Beep"=#USR:Control Panel\Sound   
"CoolSwitch"=USR:Control Panel\Desktop   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"Beep"=#USR:Control Panel\Sound   
"CoolSwitch"=USR:Control Panel\Desktop   
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW   
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"DoubleClickHeight"=#USR:Control Panel\Mouse   
"DoubleClickSpeed"=#USR:Control Panel\Mouse   
"DoubleClickWidth"=#USR:Control Panel\Mouse   
"DragFullWindows"=USR:Control Panel\Desktop   
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard   
"LowPowerActive"=#USR:Control Panel\Desktop   
"LowPowerTimeOut"=#USR:Control Panel\Desktop   
"MouseSpeed"=#USR:Control Panel\Mouse   
"MouseThreshold1"=#USR:Control Panel\Mouse   
"MouseThreshold2"=#USR:Control Panel\Mouse   
"PowerOffActive"=#USR:Control Panel\Desktop   
"PowerOffTimeOut"=#USR:Control Panel\Desktop   
"ScreenSaveActive"=#USR:Control Panel\Desktop   
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop   
"SnapToDefaultButton"=#USR:Control Panel\Mouse   
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   
"SwapMouseButtons"=#USR:Control Panel\Mouse   
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS   

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot   
"ScreenSaverActive"=USR:Control Panel\Desktop   
"ScreenSaverIsSecure"=USR:Control Panel\Desktop   
"SCRNSAVE.EXE"=USR:Control Panel\Desktop   
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon   

[HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

---------- | Security center

[HKLM\SOFTWARE\Microsoft\Security Center]
"cval"=1

[HKLM\SOFTWARE\Microsoft\Security Center\svc]
"VistaSp1"=132679657485289870

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender
"ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100
"ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000
"RemediationExe"=windowsdefender://
"ProductType"=2
"InstallTime"=0xEEA7EB91715FD701
"InstallLocation"=C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\
"ManagedDefenderProductType"=0
"ProductStatus"=0
"OOBEInstallTime"=0x917C817F8E5FD701
"DisableAntiSpyware"=0
"DisableAntiVirus"=0
"BackupLocation"=C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0
"PUAProtection"=1
"HybridModeEnabled"=0
"VerifiedAndReputableTrustModeEnabled"=0
"IsServiceRunning"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=1


---------- | Safeboot

[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CBDHSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcCtnrSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NgcSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CBDHSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MsQuic]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetSetupSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcCtnrSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NgcSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SerCx2.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

---------- | Winsock (Whitelist)


---------- | Hosts


---------- | Ping

Envoi d'une requ?te 'ping' sur google.com [2a00:1450:4007:80f::200e] avec 32 octets de donn?es?:
D?lai d'attente de la demande d?pass?.
R?ponse de 2a00:1450:4007:80f::200e?: temps=734 ms 
D?lai d'attente de la demande d?pass?.
R?ponse de 2a00:1450:4007:80f::200e?: temps=558 ms 

Statistiques Ping pour 2a00:1450:4007:80f::200e:
    Paquets?: envoy?s = 4, re?us = 2, perdus = 2 (perte 50%),
Dur?e approximative des boucles en millisecondes :
    Minimum = 558ms, Maximum = 734ms, Moyenne = 646ms

---------- | @

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Internet Explorer\Main]
"Anchor Underline"=yes
"Cache_Update_Frequency"=yes
"Disable Script Debugger"=yes
"DisableScriptDebuggerIE"=yes
"Display Inline Images"=yes
"Do404Search"=0x01000000
"Local Page"=%11%\blank.htm
"Save_Session_History_On_Exit"=no
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Show_FullURL"=no
"Show_StatusBar"=yes
"Show_ToolBar"=yes
"Show_URLinStatusBar"=yes
"Show_URLToolBar"=yes
"Use_DlgBox_Colors"=yes
"UseClearType"=no
"XMLHTTP"=1
"Enable Browser Extensions"=yes
"Play_Background_Sounds"=yes
"Play_Animations"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"ImageStoreRandomFolder"=ulqowyy

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Internet Explorer\TypedURLs]
"url1"=http://go.microsoft.com/fwlink/p/?LinkId=255141

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"CertificateRevocation"=1
"DisableCachingOfSSLPages"=0
"IE5_UA_Backup_Flag"=5.0
"PrivacyAdvanced"=1
"SecureProtocols"=2688
"User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32)
"ZonesSecurityUpgrade"=0xB81513F74BBED801
"WarnonZoneCrossing"=0
"EnableNegotiate"=1
"ProxyEnable"=0
"MigrateProxy"=1
"LockDatabase"=132679779685531175

[HKLM\Software\Microsoft\Internet Explorer\Main]
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"AutoHide"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\Windows\System32\blank.htm
"Placeholder_Height"=0x1A000000
"Placeholder_Width"=0x1A000000
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Use_Async_DNS"=yes
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

[HKLM\Software\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"Home"=270
"InPrivate"=res://ieframe.dll/inprivate.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"PostNotCached"=res://ieframe.dll/repost.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"ftp"=ftp://
"home"=http://
"mosaic"=http://
"www"=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"ActiveXCache"=C:\Windows\Downloaded Program Files
"CodeBaseSearchPath"=CODEBASE
"EnablePunycode"=1
"MinorVersion"=0
"WarnOnIntranet"=1

[HKLM\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings]
"CallLegacyWCMPolicies"=0

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main]
"ApplicationTileImmersiveActivation"=1
"AssociationActivationMode"=0
"AutoHide"=yes
"Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Secondary_Page_URL"=
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"Extensions Off Page"=about:NoAdd-ons
"Local Page"=C:\Windows\SysWOW64\blank.htm
"Placeholder_Height"=0x1A000000
"Placeholder_Width"=0x1A000000
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Security Risk Page"=about:SecurityRisk
"Use_Async_DNS"=yes
"x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"Home"=270
"InPrivate"=res://ieframe.dll/inprivate.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"PostNotCached"=res://ieframe.dll/repost.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"ftp"=ftp://
"home"=http://
"mosaic"=http://
"www"=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings]
"ActiveXCache"=C:\Windows\Downloaded Program Files
"CodeBaseSearchPath"=CODEBASE
"EnablePunycode"=1
"MinorVersion"=0
"WarnOnIntranet"=1

[HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\CurrentVersion\Internet Settings]
"CallLegacyWCMPolicies"=0


---------- | Proxy


---------- | reparsepoint


---------- | Detection of offsets


---------- | Notify 


---------- | Execution FileExts










---------- | SIOI | SEH | URLSH

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} --     
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} --  C:\Windows\System32\EhStorShell.dll   [09/04/2021 15:54:35]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6] - {9AA2F32D-362A-42D9-9328-24A483E2CCC3} --     
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7] - {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} --     

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"=   


---------- | Toolbar

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"Locked"=1   

[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}   


---------- | Extensions


---------- | SearchScopes

[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : 

---------- | ElevationPolicy

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - tabtip.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\System32) - wpcer.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\System32) - wuapp.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0935-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework64\v2.0.50727) - dfsvc.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{191DA03B-FBE7-4579-B64D-273DC8358F1B}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat) - Acrobat.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2391d819-9d17-44ec-9ac1-f6aa07549469}] - (%systemroot%\system32) - wermgr.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files\Internet Explorer) - ieinstal.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38f2c092-34df-4c12-9d9e-c9679bf0ab31}] - (C:\Windows\SysWOW64) - presentationhost.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39b0d944-c924-4540-8dd1-e25a54b95c10}] - (C:\Windows\system32\spool\DRIVERS\x64\3) - E_YJACM1E.EXE : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3baf9c97-ae34-4740-95f0-8e0102761498}] - (C:\Windows\system32\spool\DRIVERS\x64\3) - E_YARNM1E.EXE : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\System32) - RuntimeBroker.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files\Internet Explorer) - iedw.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\System32\) - CertEnrollCtrl.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\System32) - verclsid.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\system32\IME\SHARED\) - IMEPADSV.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\System32) - ctfmon.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\System32) - CredentialUIBroker.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89322207-5E2E-40CE-90ED-5957180E3B2C}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat\) - AcroBroker.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9423bbdc-5ae7-4bf6-9007-7a8d2d0378f3}] - (C:\Windows\system32\spool\DRIVERS\x64\3) - E_YPREM1E.EXE : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\System32\IME\SHARED\) - imesearch.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () -  : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\System32) - cmd.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE0A2BA1-1E09-4A59-BE36-AA32DC25931B}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat) - AdobeCollabSync.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}] - (C:\Program Files (x86)\Microsoft\Edge\Application\105.0.1343.33\BHO) - ie_to_edge_stub.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\System32) - notepad.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\System32) - presentationhost.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF27C7F4-B47A-4011-8177-6408DC5DDB1A}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroCEF) - AcroCEF.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : 
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{00FA007C-D99F-407F-B00B-5B3B0001D8AB}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{054aae20-4bea-4347-8a35-64a533254a9d}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - tabtip.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a}] - (C:\Windows\SysWOW64) - wpcer.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{08f24d68-9087-4b24-81ad-7b34af3e3ed5}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat Elements) - Acrobat Elements.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1138506a-b949-46a7-b6c0-ee26499fdeaf}] - (C:\Windows\SysWOW64) - wuapp.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{186e0934-aee9-11da-961b-0014223d2a70}] - (C:\Windows\microsoft.net\framework\v2.0.50727) - dfsvc.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{191DA03B-FBE7-4579-B64D-273DC8358F1B}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat) - Acrobat.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F1E561D-AF17-4510-B996-351BBA0862A7}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26fe7361-bd5a-4dcb-b309-c6f42dde661c}] - (C:\Program Files (x86)\Internet Explorer) - ieinstal.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2dec4925-1312-4d7f-a6f5-89272d848dcf}] - (%WINDIR%\system32\IME\IMEJP\) - IMJPUEX.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{357FBE87-6C8E-490D-A059-4746C864AE6F}] - (C:\Program Files (x86)\Common Files\Microsoft Shared\Ink) - InputPersonalization.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49E561B1-1091-4E65-98A0-AFCA4996CD1D}] - (C:\Windows\SysWOW64) - RuntimeBroker.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4becf16c-74f0-429b-8d3e-4fba507ac661}] - (C:\Program Files (x86)\adobe\acrobat 7.0\reader) - acrord32.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D256DB0-6C34-4EC1-9704-02182D6503A6}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FA8381C-2705-4DC2-ADF3-347D4D619350}] - (%WINDIR%\system32\IME\shared) - imecfmui.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61bd7005-d55e-4693-a191-0caa33601426}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}] - (%ProgramFiles%\Windows Media Player) - wmplayer.exe : %SystemRoot%\system32\wmp.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6bf52a52-394a-11d3-b153-00c04f79faa6}-32] - (%ProgramFiles(x86)%\Windows Media Player) - wmplayer.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999}] - (C:\Program Files (x86)\Internet Explorer) - iedw.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{734A9EB3-A34D-4fb7-9DB4-549C28F7EF97}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{76E2369A-75BA-41F9-8B9E-16059E5CF9A6}] - (C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\) - AdobeARM.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{78c7b664-c9bf-4ce9-8b3a-b05d442e451e}] - (C:\Windows\SysWOW64\) - CertEnrollCtrl.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7aaae723-5fb5-4b2d-9327-75519f336825}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7AC06A6F-4C88-4707-8DEC-61017CB50E1E}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat) - AcroRd32.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7eb01fb2-f185-445a-94e4-ec4e1ba2202c}] - (C:\Windows\SysWOW64) - verclsid.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f7bd411-f034-4ac0-9424-224bd7ab4e4e}] - (%WINDIR%\sysnative\IME\SHARED\) - IMEPADSV.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{812954F9-FAA2-4aee-A9E7-3C4FDE2166A6}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85fc331e-bb64-4c53-ba25-3d8a956c02fd}] - (C:\Windows\SysWOW64) - ctfmon.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{877467C0-F9E4-4561-84F0-65AA7539833C}] - (C:\Windows\SysWOW64) - CredentialUIBroker.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89322207-5E2E-40CE-90ED-5957180E3B2C}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat\) - AcroBroker.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}] - (C:\Windows) - helppane.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95a4104c-1c49-4c2a-9830-1be0f47e926c}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat) - acrobat.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{989F13EE-B25B-4FAB-9AED-C4336C8CCF0C}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{98E3C2D3-E92F-469F-87EB-76054F640517}] - (C:\Windows\SysWOW64\IME\SHARED\) - imesearch.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9da1d2cb-796d-4bec-bbaa-0aa9ccd80e15}] - (C:\Program Files (x86)\adobe\acrobat 7.0\Acrobat Elements) - Acrobat Elements.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a1ad1bbb-3b33-4260-a74c-5fd8bc1479fc}] - (C:\Windows) - splwow64.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a4fbcbc6-4be5-4c3d-8ab5-8b873357a23e}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a5a2d52a-4944-47c4-a3e0-8bd92e14d953}] - (C:\Windows\SysWOW64\xpsviewer) - xpsviewer.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{afe26134-8a16-4149-b798-242574f3f4a9}] - (%SystemRoot%\system32\IME\IMETC\) - IMTCPROP.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{aff735eb-cdf9-4894-aa69-3e3131128618}] - (C:\Windows\SysWOW64) - cmd.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01}] - (%systemroot%\system32) - TSWbPrxy.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE0A2BA1-1E09-4A59-BE36-AA32DC25931B}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat) - AdobeCollabSync.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AEC-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework\v4.0.30319\) - dfsvc.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8999AED-AECE-4E27-9BCB-5358B13F9FF9}] - (C:\Windows\Microsoft.NET\Framework64\v4.0.30319\) - dfsvc.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c9abcf16-8dc2-4a95-bae3-24fd98f2ed29}] - (C:\Program Files (x86)\Microsoft\Edge\Application\105.0.1343.33\BHO) - ie_to_edge_stub.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc6bf185-7ae4-444e-8c35-e447b0d2bd1e}] - (C:\Windows\SysWOW64) - notepad.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e5f90a07-7db7-4dcb-bd6d-d3fecd376ca3}] - (C:\Program Files (x86)\adobe\acrobat 6.0\reader) - acrord32.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{eee261cc-4b3e-46e7-affb-61f297155bf2}] - (C:\Windows\SysWOW64) - presentationhost.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF27C7F4-B47A-4011-8177-6408DC5DDB1A}] - (C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroCEF) - AcroCEF.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f5d04f46-b4b2-4202-a191-f780421b4200}] - (%WINDIR%\system32\IME\IMEJP\) - imjpdct.exe : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa6f0991-f729-4899-b095-d3fbca253cf6}] - () -  : 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fb9e068b-c612-4fa8-bdb9-d728a716a420}] - (C:\Program Files (x86)\adobe\acrobat 6.0\Acrobat) - acrobat.exe : 

---------- | Ext\Settings


---------- | Ext\Stats

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9BE31822-FDAD-461B-AD51-BE1D1C159921}] :  : 

---------- | Browser Helper Objects

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\105.0.1343.33\BHO\ie_to_edge_bho.dll  [12/09/2022 08:52:35]
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FD49718-1D00-4B19-AF5F-070AF6D5D54C}] -> (IEToEdge BHO) : C:\Program Files (x86)\Microsoft\Edge\Application\105.0.1343.33\BHO\ie_to_edge_bho.dll  [12/09/2022 08:52:35]

---------- | Chrome

C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi =  :     __MSG_extDesc__ -     __MSG_extName__ - https://clients2.google.com/service/update2/crx
C:\Users\Compaq\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]

---------- | Opera


---------- | Firefox


[HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=3.0.15] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll
[HKLM\Software\MozillaPlugins\Adobe Acrobat] - (Handles PDFs in-place in Firefox) : C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll


C:\Users\Compaq\AppData\Roaming\Mozilla\Firefox\Profiles\d5xlcjpi.default-release\Prefs.js

user_pref("browser.startup.homepage_override.buildID", "20220902153754");
user_pref("browser.startup.homepage_override.mstone", "104.0.2");
user_pref("browser.urlbar.resultGroups", "{\"children\":[{\"maxResultCount\":1,\"children\":[{\"group\":\"heuristicTest\"},{\"group\":\"heuristicExtension\"},{\"group\":\"heuristicSearchTip\"},{\"group\":\"heuristicOmnibox\"},{\"group\":\"heuristicEngineAlias\"},{\"group\":\"heuristicBookmarkKeyword\"},{\"group\":\"heuristicAutofill\"},{\"group\":\"heuristicPreloaded\"},{\"group\":\"heuristicTokenAliasEngine\"},{\"group\":\"heuristicFallback\"}]},{\"group\":\"extension\",\"availableSpan\":5},{\"flexChildren\":true,\"children\":[{\"children\":[{\"flexChildren\":true,\"children\":[{\"flex\":2,\"group\":\"formHistory\"},{\"flex\":4,\"group\":\"remoteSuggestion\"}]},{\"group\":\"tailSuggestion\"}],\"flex\":2},{\"group\":\"generalParent\",\"children\":[{\"availableSpan\":3,\"group\":\"inputHistory\"},{\"flexChildren\":true,\"children\":[{\"flex\":1,\"group\":\"remoteTab\"},{\"flex\":2,\"group\":\"general\"},{\"flex\":2,\"group\":\"aboutPages\"},{\"flex\":1,\"group\":\"preloaded\"}]},{\"group\":\"inputHistory\"}],\"flex\":1}]}]}");
user_pref("extensions.activeThemeID", "default-theme@mozilla.org");
user_pref("extensions.blocklist.pingCountVersion", -1);
user_pref("extensions.databaseSchema", 35);
user_pref("extensions.getAddons.cache.lastUpdate", 1662967049);
user_pref("extensions.getAddons.databaseSchema", 6);
user_pref("extensions.incognito.migrated", true);
user_pref("extensions.lastAppBuildId", "20220902153754");
user_pref("extensions.lastAppVersion", "104.0.2");
user_pref("extensions.lastPlatformVersion", "104.0.2");
user_pref("extensions.pendingOperations", false);
user_pref("extensions.pictureinpicture.enable_picture_in_picture_overrides", true);
user_pref("extensions.systemAddonSet", "{\"schema\":1,\"addons\":{}}");
user_pref("extensions.webcompat.enable_shims", true);
user_pref("extensions.webcompat.perform_injections", true);
user_pref("extensions.webcompat.perform_ua_overrides", true);
user_pref("extensions.webextensions.ExtensionStorageIDB.migrated.screenshots@mozilla.org", true);
user_pref("extensions.webextensions.uuids", "{\"doh-rollout@mozilla.org\":\"a5aa7c56-20f7-4263-b76d-42523fa9a136\",\"formautofill@mozilla.org\":\"7f2abf0f-8861-48ba-b2ec-9948d2cf124d\",\"pictureinpicture@mozilla.org\":\"1a6cc1ac-aca8-412a-9e95-d0b7c9817e4a\",\"screenshots@mozilla.org\":\"dcf39dd9-43d5-4fca-be36-ef7363abef2d\",\"webcompat-reporter@mozilla.org\":\"4b719a8f-338d-49d7-b0f9-edb919a1b148\",\"webcompat@mozilla.org\":\"6600eaa0-6ad0-478b-bace-3cde6f632f6a\",\"default-theme@mozilla.org\":\"3a63a8a2-c586-4c62-b43b-aedb273167f0\",\"google@search.mozilla.org\":\"e6d7396d-d362-4539-89f6-a28f33e5b990\",\"wikipedia@search.mozilla.org\":\"82f8cbfc-2081-4c80-ba62-9d00c6b51a9d\",\"bing@search.mozilla.org\":\"a4031c1b-89e9-4810-ab30-05511a6ec90d\",\"amazon@search.mozilla.org\":\"70c543ef-6f27-4ca6-bd7a-e41761da5f75\",\"ddg@search.mozilla.org\":\"f85b4bcb-9fa6-4c7b-bdb0-572e673c1009\",\"ebay@search.mozilla.org\":\"cce882d9-b461-44df-9c71-d892c07fa71b\",\"qwant@search.mozilla.org\":\"1f30ecdc-15ca-4774-bc2a-839a548428ac\",\"addons-search-detection@mozilla.com\":\"6ac170d7-3ce5-4c7a-87ca-73ea0fceef1c\"}");


[Profile0] - Name=default-release -> Profiles/d5xlcjpi.default-release

---------- | DNS

[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"DhcpNameServer"=192.168.1.1
[HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{cd19330c-c2ff-4b02-b1ac-c42783eaffb9}]
"DhcpNameServer"=192.168.1.1
[HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{cd19330c-c2ff-4b02-b1ac-c42783eaffb9}]
"DhcpNameServer"=192.168.1.1

---------- | ActiveX 

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - () - -> 
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - () - -> 
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - () - -> 
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> 
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> 
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - () - -> 
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}] - () - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] - (Themes Setup) - @%SystemRoot%\system32\themeui.dll,-2682 -> /UserInstall
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] - (Windows Desktop Update) - @%SystemRoot%\system32\shell32.dll,-32969 -> U
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - (Web Platform Customizations) - @C:\Windows\System32\ie4uinit.exe,-2000 -> C:\Windows\System32\ie4uinit.exe -UserConfig
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] - (Google Chrome) - -> "C:\Program Files\Google\Chrome\Application\105.0.5195.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{8F5D9E08-71EC-370E-BA96-36E6EF916DF2}] - (.NET Framework) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{9459C573-B17A-45AE-9F64-1857B5D58CEE}] - (Microsoft Edge) - -> "C:\Program Files (x86)\Microsoft\Edge\Application\105.0.1343.33\Installer\setup.exe" --configure-user-settings --verbose-logging --system-level --msedge --channel=stable
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> 
[HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /ShowWMP
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] - (Microsoft Windows Media Player 12.0) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{3af36230-a269-11d1-b5bf-0000f8051515}] - (Offline Browsing Pack) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{44BBA855-CC51-11CF-AAFA-00AA00B6015F}] - (DirectDrawEx) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{45ea75a0-a269-11d1-b5bf-0000f8051515}] - (Internet Explorer Help) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{4f645220-306d-11d2-995d-00c04f98bbc9}] - (Microsoft Windows Script 5.6) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{5fd399c0-a70a-11d1-9948-00c04f98bbc9}] - (Internet Explorer Setup Tools) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{630b1da0-b465-11d1-9948-00c04f98bbc9}] - (Browsing Enhancements) - -> %SystemRoot%\system32\msieftp.dll
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] - (Microsoft Windows Media Player) - @%SystemRoot%\system32\wmploc.dll,-128 -> %SystemRoot%\system32\unregmp2.exe /FirstLogon
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{6fab99d0-bab8-11d1-994a-00c04f98bbc9}] - (MSN Site Access) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] - (Address Book 7) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] - () - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] - () - -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{9381D8F2-0288-11D0-9501-00AA00B911A5}] - (Dynamic HTML Data Binding) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{990CB269-A600-38D0-B7D1-FBD392495F13}] - (.NET Framework) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{C9E9A340-D1F1-11D0-821E-444553540600}] - (Internet Explorer Core Fonts) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{de5aed00-a4bf-11d1-9948-00c04f98bbc9}] - (HTML Help) - -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Active Setup\Installed Components\{E92B03AB-B707-11d2-9CBD-0000F87A369E}] - (Active Directory Service Interface) - -> 


---------- | Applications

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1"
[HKLM\SOFTWARE\Classes\Applications\Acrobat.exe] : "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1"
[HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen
[HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Acrobat.exe] : "C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\firefox.exe] : "C:\Program Files\Mozilla Firefox\firefox.exe" -osint -url "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\iexplore.exe" %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" /source ShellOpen
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"

---------- | DCOMApplications

Name: User Notification - AppID: {0010890e-8789-413c-adbc-48f5b511b3af}
Name: PhotoAcquire - AppID: {00f22b16-589e-4982-a172-a51d9dcceb68}
Name: PhotoAcqHWEventHandler - AppID: {00f2b433-44e4-4d88-b2b0-2698a0a91dba}
Name: TabTip - AppID: {01419581-4d63-4d43-ac26-6e2fc976c1f3}
Name: LogViewer2 - AppID: {01D17912-1791-47FF-8C89-F0F8E9409A86}
Name: lfsvc - AppID: {020FB939-2C8B-4DB7-9E90-9527966E38E5}
Name: PLA - AppID: {03837503-098b-11d8-9414-505054503030}
Name: CTapiLuaLib Class - AppID: {03e15b2e-cca6-451c-8fb0-1e2ee37a27dd}
Name: InstallServiceUserBroker - AppID: {0450178e-e3ee-46d8-9130-c0b84f169f53}
Name: DevicesFlowExperienceFlow - AppID: {046AEAD9-5A27-4D3C-8A67-F82552E0A91B}
Name: COpenControlPanel - AppID: {06622D85-6856-4460-8DE1-A81921B41C4B}
Name: SMLUA - AppID: {0671E064-7C24-4AC0-AF10-0F3055707C32}
Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {06C792F8-6212-4F39-BF70-E8C0AC965C23}
Name: OOBE Bio Enrollment - AppID: {0771f7af-8de6-4bce-9528-2d4a12cb8168}
Name: sppui - AppID: {0868DC9B-D9A2-4f64-9362-133CEA201299}
Name: Retail Demo User COM Agent - AppID: {0886dae5-13ba-49d6-a6ef-d0922e502d96}
Name: RtkApoApi - AppID: {08B039CA-84AA-40EA-8E9C-1D9537DC415B}
Name: WIA Extension Host for 64 bit extensions - AppID: {08F646B3-5E7F-4B7A-A5CB-F95445F9F67A}
Name: Proximity Sharing - AppID: {08FC06E4-C6B5-40BE-97B0-B80F943C615B}
Name: PersistentZoneIdentifier - AppID: {0968e258-16c7-4dba-aa86-462dd61e31a3}
Name: Windows Media Player Rich Preview Handler - AppID: {09C5C2B5-1D32-4598-B87E-203F32BB08E3}
Name: AxInstSv - AppID: {0B15AFD8-3A99-4A6E-9975-30D66F70BD94}
Name: MainController App ID - AppID: {0B789C73-D8DA-416D-B665-C1603676CEB1}
Name: RASDLGLUA - AppID: {0C3B05FB-3498-40C3-9C03-4B22D735550C}
Name: %SystemRoot%\system32\appwiz.cpl - AppID: {0da7bfdf-c0a0-44eb-be82-b7a82c4721de}
Name: MpUx Agent Host - AppID: {1111A26D-EF95-4A45-9F55-21E52ADF9887}
Name: Sync Center Client - AppID: {1202DB60-1DAC-42C5-AED5-1ABDD432248E}
Name: Virtual Factory for DiagCpl - AppID: {12C21EA7-2EB8-4B55-9249-AC243DA8C666}
Name: Shell Create Object Task Server - AppID: {133eac4f-5891-4d04-bada-d84870380a80}
Name: Shell Create Object Handler - AppID: {135fd325-45b7-4c30-89f8-4386961669f0}
Name: TPM Virtual Smart Card VCard Module Manager - AppID: {150F28F1-49A5-4C28-BE1A-CFA854A1D04B}
Name: Remote TPM Virtual Smart Card Manager - AppID: {152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}
Name: PerAppRuntimeBroker - AppID: {15c20b67-12e7-4bb6-92bb-7aff07997402}
Name: TPM Virtual Smart Card Manager - AppID: {16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}
Name: Speech Runtime COM - AppID: {1725704B-A716-4E04-8EF6-87ED4F0A180A}
Name: Immersive TPM Virtual Smart Card Manager - AppID: {19833350-BF9B-42A1-BDF0-BD1FCBE1FD31}
Name: Sync Center Control - AppID: {1A1F4206-0688-4E7F-BE03-D82EC69DF9A5}
Name: GIDS Smart Card Simulator Manager - AppID: {1AC32B1A-E379-4CAD-B655-F978A30856EC}
Name: PerceptionSimulation - AppID: {1B162A5B-B67A-4468-9613-C3F9765B353B}
Name: DebugTargetAdapters Class - AppID: {1b7778f3-fe54-443c-8729-1e78b0715299}
Name: %systemroot%\system32\lpksetup.exe - AppID: {1C749B87-568C-4865-8E73-6413F8372CE6}
Name: rshx32.dll - AppID: {1f2e5c40-9550-11ce-99d2-00aa006e086c}
Name: ThirdPartyEapDispatcherPeerConfig - AppID: {1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}
Name: Microsoft WMI Provider Subsystem Secured Host - AppID: {1F87137D-0E7C-44d5-8C73-4EFFB68962F2}
Name: DetectionAndSharing - AppID: {1fda955b-61ff-11da-978c-0008744faab7}
Name: Microsoft Software Protection Platform Admin Object (Inner) - AppID: {205609B7-5E08-443E-B0A7-A7AED3F3A717}
Name: Microsoft Windows WSMan Provider Host With User Settings - AppID: {209444d2-2540-495e-962c-a61ad3243526}
Name: Provisioning Core - AppID: {217700E0-0000-11DF-ADB9-F4CE462D9137}
Name: MSDAINITIALIZE - AppID: {2206CDB0-19C1-11D1-89E0-00C04FD7A829}
Name: CortanaExperienceFlow - AppID: {24AC8F2B-4D4A-4C17-9607-6A4B14068F97}
Name: Experimentation Broker - AppID: {2568BFC5-CDBE-4585-B8AE-C403A2A5B84A}
Name: Update Notification Component Com Handler - AppID: {25d6d937-1fa3-4a22-8875-8680943b3f29}
Name: Microsoft WBEM Active Scripting Event Consumer Provider - AppID: {266C72E7-62E8-11D1-AD89-00C04FD8FDFF}
Name: IMAPI2 - AppID: {273541FF-7F64-5B0F-8F00-5D77AFBE261E}
Name: WInRTDesktopBroker - AppID: {27550CA0-E9DE-4186-A566-37A59BB6CA69}
Name: Cloud Change Wnf Monitor - AppID: {276D4FD3-C41D-465F-8CA9-A82A7762DF32}
Name: netman - AppID: {27AF75ED-20D9-11D1-B1CE-00805FC1270E}
Name: WalletService - AppID: {27D6B72D-094D-445A-9ACE-8298CBA0611A}
Name: AERTACap - AppID: {288E7ECC-EB53-45df-8EBD-72EAF9AFCB00}
Name: RasMobilityManager - AppID: {292bed96-e9ce-40f8-b71b-c313defa3a78}
Name: faultrep.dll - AppID: {2C256447-3F0D-4CBB-9D12-575BB20CDA0A}
Name: FileSystemImage - AppID: {2C941FD1-975B-59BE-A960-9A2A262853A5}
Name: WalletService - AppID: {2EA38040-0B9C-4379-87FD-4D38BB892F37}
Name: Windows Security Health Service - AppID: {2EB6D15C-5239-41CF-82FB-353D20B816CF}
Name: WaaSMedicSvc - AppID: {2ED83BAA-B2FD-43B1-99BF-E6149C622692}
Name: DevicesFlow - AppID: {2F93C02D-77F9-46B4-95FB-8CBB81EEB62C}
Name: ImmersiveShellBrokers - AppID: {2FD08A73-D1F1-43EB-B888-24C2496F95FD}
Name: ShellServiceHostBrokerProvider - AppID: {30AD8C8E-AE85-42FA-B9E8-7E99E3DFBFC5}
Name: Identity Store - AppID: {30d49246-d217-465f-b00b-ac9ddd652eb7}
Name: AuthHost - AppID: {31337EC7-5767-11CF-BEAB-00AA006C3606}
Name: ie_to_edge_bho - AppID: {31575964-95F7-414B-85E4-0E9A93699E13}
Name: Immersive Shell - AppID: {316CDED5-E4AE-4B15-9113-7055D84DCC97}
Name: UiaManagerCrossMachineProxyAppId - AppID: {31b965c2-d4a3-4d8e-ac40-a76d466cd0b7}
Name: Delivery Optimization User - AppID: {338B40F9-9D68-4B53-A793-6B9AA0C5F63B}
Name: Language Components Installer Com Handler - AppID: {33ADC7D5-BAF1-4661-9822-1FD23E63B39F}
Name: wpnservice - AppID: {34E76A18-223B-4E23-BEAD-F59358CC0A90}
Name: TrayAppIdentityResolver - AppID: {35BC523D-8BE9-496E-8257-026E8B4750FC}
Name: CoreDpuWapSvr - AppID: {36234D6F-D9B8-404B-91C9-736BD2EE3040}
Name: Windows Push Notification Platform - AppID: {362cc086-4d81-4824-bbb5-666d34b3197d}
Name: TabTip - AppID: {36938566-B1AA-4E77-9B3F-730CF4E996AB}
Name: Security Health Agent Activate As Activator Host - AppID: {37096FBE-2F09-4FF6-8507-C6E4E1179893}
Name: AppServiceContainerBroker - AppID: {37399c92-dc3f-4b55-ae5b-811ee82398ad}
Name: Delivery Optimization - AppID: {379001DE-7108-4A45-8A74-6CD0A9FBEF2C}
Name: Microsoft Portable Workspace Launcher - AppID: {37B73D7B-A976-43AE-97E4-BD4977B241F2}
Name: MiracastTestRemoteCommandSender - AppID: {39214908-5362-44b4-97f4-1aa724d3e0da}
Name: WorkspacePolicyProcessor - AppID: {3C3F40BC-60EB-4567-B90C-480C87C21AC1}
Name: EEL64A - AppID: {3D5781D9-B2FF-4396-8478-395412020995}
Name: CMLUAUTIL - AppID: {3E000D72-A845-4CD9-BD83-80C07C3B881F}
Name: PFReceiveFax - AppID: {3E445191-CE33-487e-8569-AB639246B4F7}
Name: Microsoft Windows Remote Shell Host - AppID: {3e5ca495-8d6a-4d1f-ad99-177b426c8b8e}
Name: CMSTPLUA - AppID: {3E5FC7F9-9A51-4367-9063-A120244FBEC7}
Name: WinInetCacheServer - AppID: {3eb3c877-1f16-487c-9050-104dbcd66683}
Name: Out Of Proc Mapi Handler - AppID: {3F5E4B87-C907-4f76-82E4-6FDF0CE90E25}
Name: Microsoft Windows WSMan Provider Host - AppID: {3feb2f63-0eec-4b96-84ab-da1307e0117c}
Name: HTML Application - AppID: {40AEEAB6-8FDA-41e3-9A5F-8350D4CFCA91}
Name: Connected User Store - AppID: {40AFA0B6-3B2F-4654-8C3F-161DE85CF80E}
Name: NaturalAuthentication - AppID: {412E0F20-6C5B-43EC-879F-DA444A416EAC}
Name: Core Shell Broker Provider - AppID: {41928E27-7275-491C-A5A1-4FDC791BF609}
Name: AERTARen - AppID: {41C98373-FE7F-4a42-B694-34CC4F979E61}
Name: EntAppSvc - AppID: {42C21DF5-FB58-4102-90E9-96A213DC7CE8}
Name: AccessibilityCplAdmin - AppID: {434A6274-C539-4E99-88FC-44206D942775}
Name: SPP External COM Object - AppID: {44831FEC-DC51-4716-A7E1-E898FDF83C85}
Name: Thumbnail Extraction Host Class - AppID: {4545dea0-2dfc-4906-a728-6d986ba399a9}
Name: Add to Windows Media Player list - AppID: {45597c98-80f6-4549-84ff-752cf55e2d29}
Name: Application Activation Manager - AppID: {45BA127D-10A8-46EA-8AB7-56EA9078943C}
Name: Set Network Location Elevated Virtual Factory - AppID: {46B988E8-BEC2-401F-A1C5-16C694F26D3E}
Name: Radio Management Service - AppID: {478B41E6-3257-4519-BDA8-E971F9843849}
Name: EEG64A - AppID: {47EC1E17-F30B-430b-B9C4-DF60ED501A4B}
Name: ShellServiceHost - AppID: {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
Name: IASDataStoreComServer - AppID: {48da6741-1bf0-4a44-8325-293086c79077}
Name: COM_SRS_HP360 - AppID: {49611624-F1A3-4AA7-8A06-0209D7D6BA92}
Name: Microsoft WBEM Unsecured Apartment - AppID: {49BD2028-1523-11D1-AD79-00C04FD8FDFF}
Name: Telephony App Launcher - AppID: {49EBD8BE-1A92-4A86-A651-70AC565E0FEB}
Name: UIAutomationCrossBitnessHook64 Class - AppID: {49f171dd-b51a-40d3-9a6c-52d674cc729d}
Name: RASGCWLUA - AppID: {4A6B8BAD-9872-4525-A812-71A52367DC17}
Name: wercplsupport.dll - AppID: {4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}
Name: Shell Security Editor - AppID: {4D111E08-CBF7-4f12-A926-2C7920AF52FC}
Name: Microsoft Volume Shadow Copy Service software provider - AppID: {4db9c793-c48d-449c-9754-46027ee45c94}
Name: COM+ Event System - AppID: {4E14FBA2-2E22-11D1-9964-00C04FBBB345}
Name: ServiceModule - AppID: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
Name: upnpcont.exe - AppID: {4F0AC159-5804-4aa7-AE91-117D6E67BB9B}
Name: Shell Computer Accounts - AppID: {4f6bcd94-c2a5-42ce-8dbc-31e794be4630}
Name: WkspRT.exe - AppID: {4FCDA643-B15B-41C6-84F8-5E447F6F6D25}
Name: Security Health Agent Interactive User Host for WDSP only - AppID: {4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}
Name: HomeGroup CPL Advanced Settings Writer - AppID: {50a9ab2a-20f8-4d71-9f32-9fd305b49601}
Name: Microsoft Windows Font Folder - AppID: {50d69d24-961d-4828-9d1c-5f4717f226d1}
Name: wuapihost - AppID: {50E1C3FD-EC35-490E-9CCF-C68F9AE91919}
Name: acppage.dll - AppID: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}
Name: %systemroot%\system32\intl.cpl - AppID: {514B5E31-5596-422F-BE58-D804464683B5}
Name: Telephony Service UI Toast - AppID: {52B65EB7-907C-4D83-A535-283BE9104DE4}
Name: RemoteProxyFactory32 Class - AppID: {53362C32-A296-4F2D-A2F8-FD984D08340B}
Name: RemoteProxyFactory32 Class - AppID: {53362C64-A296-4F2D-A2F8-FD984D08340B}
Name: 32-bit Preview Handler Surrogate Host - AppID: {534A1E02-D58F-44f0-B58B-36CBED287C7C}
Name: Virtual Disk Service Loader - AppID: {5364ED0E-493F-4B16-9DBF-AE486CF22660}
Name: LockScreenContentServer Out of Proc Helper for LockScreenContent Clients - AppID: {536AACFB-5238-4314-B4D4-5B0A2E8B968E}
Name: ShareFlow - AppID: {549e57e9-b362-49d1-b679-b64d510efe4b}
Name: SRS_APO_Universal - AppID: {553C48B2-BA6B-412B-9F8D-2B62B1B912AA}
Name: ShapeCollector - AppID: {56676660-4A4D-45B0-B24E-9CF6B35E9ABF}
Name: Volume Shadow Copy Service - AppID: {56BE716B-2F76-4dfa-8702-67AE10044F0B}
Name: Elevated System Settings COM Host - AppID: {57360832-5F9B-4190-8467-000D2D510212}
Name: PrintNotify - AppID: {588E10FA-0618-48A1-BE2F-0AD93E899FCC}
Name: FaxCommon Class - AppID: {59347292-B72D-41F2-98C5-E9ACA1B247A2}
Name: Authentication UI Terminal Services Bump Dialog - AppID: {59c7f6ec-7d18-412f-a68e-877982768e61}
Name: Docking.VirtualInput Create Object Server - AppID: {5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}
Name: WalletService - AppID: {5BC7A3A1-E905-414B-9790-E511346F5CA6}
Name: Microsoft Maps Background Transfer Service - AppID: {5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}
Name: EED64A - AppID: {5C73574D-FC7B-4747-8352-143F011923A0}
Name: WiaWow64 - AppID: {5E1395B2-B685-44e3-8AED-E2304D85ACD1}
Name: Splash screen - AppID: {5EAD00DC-0E8B-497C-BDE8-B9153058CBEF}
Name: User OOBE Create User Object Server - AppID: {5f7f3f7b-1177-4d4b-b1db-bc6f671b8f25}
Name: UIAutomationCrossBitnessHook32 Class - AppID: {60a90a2f-858d-42af-8929-82be9d99e8a1}
Name: PDFPrevHndlr - AppID: {6236FF8C-E747-4173-86D3-99F511B61DF3}
Name: wlidcli - AppID: {623D5F5E-2F09-427d-8BD7-64495CD9835D}
Name: Sync Center (Private) - AppID: {6295DF2D-35EE-11D1-8707-00C04FD93327}
Name: CoreShellHost - AppID: {64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}
Name: Windows Update Agent - AppID: {653C5148-4DCE-4905-9CFD-1B23662D3D9E}
Name: FwCplLUA - AppID: {6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}
Name: Background Intelligent Transfer Service - AppID: {69AD4AEE-51BE-439b-A92C-86AE490E8B30}
Name: Sync Center Isolation Collection (Private) - AppID: {69F9CB25-25E2-4BE1-AB8F-07AA7CB535E8}
Name: MsRdpSessionManager - AppID: {6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}
Name: Preview Handler Surrogate Host - AppID: {6d2b5079-2f0b-48dd-ab7f-97cec514d30b}
Name: UPnPContainer - AppID: {6d8ff8e0-730d-11d4-bf42-00b0d0118b56}
Name: UPnPContainer64 - AppID: {6d8ff8e8-730d-11d4-bf42-00b0d0118b56}
Name: SPPComApi - AppID: {6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}
Name: Recommended Troubleshooting Service - AppID: {6de5dc63-3c0c-4dda-9220-1028a37298ba}
Name: TieringEngineService - AppID: {6DF5BCF4-22E9-446D-8763-A2C7677ECF7D}
Name: HomeGroup UI Status - AppID: {6f33340d-8a01-473a-b75f-ded88c8360ce}
Name: SEMgrSvc - AppID: {6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}
Name: IEWindows - AppID: {6f5bad87-9d5e-459f-bd03-3957407051ca}
Name: EditionUpgradeHelper - AppID: {6F65B602-F798-4094-8A41-A2A61961E5E8}
Name: HomeGroup Provider Object - AppID: {6F7C8E8F-DC69-4e3f-BC05-439962A05FD5}
Name: Windows Insider Service - AppID: {7006698d-2974-4091-a424-85dd0b909e23}
Name: workfolderssvc - AppID: {712cedb9-16a4-4f79-801d-7de24d8c706e}
Name: Sharing Elevated Virtual Factory - AppID: {72A7994A-3092-4054-B6BE-08FF81AEEFFC}
Name: User Profile Service DCOM server - AppID: {72E3272B-4EEA-4104-B358-1A282E4FC1AD}
Name: Microsoft WMI Provider Subsystem Host - AppID: {73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}
Name: Trusted Installer Service - AppID: {752073A2-23F2-4396-85F0-8FDB879ED0ED}
Name: PrintFilterPipelineSvc - AppID: {76db1bf3-e820-4765-a1b2-0b16a86b1950}
Name: XWizard Virtual Factory - AppID: {777BA81A-2498-4875-933A-3067DE883070}
Name: WebPlatStorageBrokerServer - AppID: {7966b4d8-4fdc-4126-a10b-39a3209ad251}
Name: Network and Sharing Center Cpl Elevated Virtual Factory - AppID: {7A076CE1-4B31-452a-A4F1-0304C8738100}
Name: Shell FMIFS Wrapper - AppID: {7aa7790d-75d7-484b-98a1-3913d022091d}
Name: EapThirdPartyDllHost - AppID: {7B130458-E09C-4823-A8AF-2583DCD9AEC7}
Name: Internet Explorer Add-on Installer - AppID: {7B29F495-0F55-49F7-8885-9E8A22CE3829}
Name: Shell Create Object Local Server - AppID: {7B6EA1D5-03C2-4AE4-B21C-8D0515CC91B7}
Name: WlanPrefLUA - AppID: {7C8AB6D9-8764-4033-8F62-2FE896E54B32}
Name: Microsoft Windows Remote Shell Host With User Settings - AppID: {7d378de6-ed8d-426d-91df-0273d07cd7f6}
Name: HomeGroup Printing Device Class - AppID: {7DF8EF76-D449-485f-B4EB-58DC96B31EDB}
Name: MMC Application Class - AppID: {7e0423cd-1119-0928-900c-e6d4a52a0715}
Name: Security Health Agent Interactive User Host - AppID: {7E55A26D-EF95-4A45-9F55-21E52ADF9887}
Name: Battery Notification Manager - AppID: {7EAD5C10-8B3F-11E6-AE22-56B6B6499611}
Name: wisptis - AppID: {7F429620-16D1-471E-A81A-114992148034}
Name: Authentication UI CredUI Out of Proc Helper for AppContainer Clients - AppID: {7FC12E96-4CB7-4ABD-ADAA-EF7845B10629}
Name: OpenOffice Service Manager (Ver 1.0) - AppID: {82154420-0FBF-11d4-8313-005004526AB4}
Name: CFmIfsEngine host - AppID: {82D94FB3-7FE6-4797-BB72-9A886C66073B}
Name: UsoCoreWorker Class - AppID: {831EF03D-BAF2-46AD-81B6-6AA5C9E30317}
Name: CustReg Class - AppID: {84D586C4-A423-11D2-B943-00C04F79D22F}
Name: Virtual Factory for Usercpl - AppID: {86d5eb8a-859f-4c7b-a76b-2bd819b7a850}
Name: CElevateWlanUi - AppID: {86F80216-5DD6-4F43-953B-35EF40A35AEE}
Name: ThirdPartyEapDispatcherPeerRuntime - AppID: {87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}
Name: AppReadiness Service - AppID: {88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}
Name: Activation Manager Shim - AppID: {8A9AE632-CB07-4A11-8872-358A2A271A24}
Name: Desktop Wallpaper Factory - AppID: {8B30085D-A3E3-44e3-AE7F-B03A1340EBED}
Name: Windows Management and Instrumentation - AppID: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
Name: TSTheme - AppID: {8be0366c-8522-40be-8b08-cb26557f2854}
Name: IASExtensionHost - AppID: {8C334A55-DDB9-491C-817E-35A6B85D2ECB}
Name: AP Client HxHelpPaneServer Class - AppID: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee}
Name: TiWorker - AppID: {8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}
Name: Sync Center Schedule Wizard - AppID: {8D8B8E30-C451-421B-8553-D2976AFA648C}
Name: WalletService - AppID: {8E44A57C-5638-44D3-9B83-34DF70EB57F2}
Name: RdpSa - AppID: {8e7fae4d-cff0-41d3-a326-5a80470264bb}
Name: Shell Computer Groups - AppID: {8f3080a6-af99-4f2e-a806-f3d5702a0444}
Name: SDRSVC service - AppID: {9037e3cf-1794-4af6-9c8d-92838d7a23db}
Name: Virtual Factory for Recovery - AppID: {9200689A-F979-4eea-8830-0E1D6B74821F}
Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients - AppID: {924DC564-16A6-42EB-929A-9A61FA7DA06F}
Name: RtkPgExt - AppID: {92842063-1ECC-4a1a-9343-9A8E1C972E60}
Name: HtmlLocalFileResolver - AppID: {93AAD2A0-036A-4B11-A078-DA8776B38139}
Name: Wwan Service Toast Notification - AppID: {941C53C2-D2D7-4C74-84EA-28F8F6438D4B}
Name: ServiceModule - AppID: {9465B4B4-5216-4042-9A2C-754D3BCDC410}
Name: UiaManager - AppID: {94a38670-983b-459c-87c8-bb6ad617fd74}
Name: PenIMC4v2 - AppID: {953E4863-7AD1-4DAE-B2BD-108F1D57967B}
Name: WebPlatformStorageServer - AppID: {973d20d7-562d-44b9-b70b-5a0f49ccdf3f}
Name: PrintIsolationHost - AppID: {98a89e0c-1fde-4c2a-a373-b04831e6aa60}
Name: Telephony Incoming Call Toast - AppID: {990F07C7-78DC-4BD2-B145-5F791410BDDE}
Name: Shell Hardware Mixed Content Handler - AppID: {995C996E-D918-4a8c-A302-45719A6F4EA7}
Name: Bluetooth User Service - AppID: {9980CAAB-B154-408C-B5FD-29A701E40825}
Name: ShellWindows - AppID: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Name: RuntimeBroker - AppID: {9CA88EE3-ACB7-47c8-AFC4-AB702511C276}
Name: timedate.cpl - AppID: {9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}
Name: WSearch - AppID: {9E175B9C-F52A-11D8-B9A5-505054503030}
Name: WMLSS - AppID: {9E88EF3C-E2BB-4E5E-AFBA-565B81069D7D}
Name: RtkCfg - AppID: {A11009A7-DC01-48F8-B6AA-C4613FC5CB15}
Name: WIA Device Manager - AppID: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Name: TrayNotify - AppID: {a2b77517-6d12-4c60-b0c6-725e971ec8fe}
Name: rundll32.exe - AppID: {a2d9ca22-a492-400c-b875-78ac25c0a6f3}
Name: Xhr2OOP - AppID: {a3a81ee7-be13-4dd8-89f7-26aba705d81d}
Name: Virtual Factory for Windows Defender Firewall Cpl - AppID: {A4B07E49-6567-4FB8-8D39-01920E3B2357}
Name: Shell ChkdskEx Dialog - AppID: {a4c31131-ff70-4984-afd6-0609ced53ad6}
Name: DsmAdminApi - AppID: {A5065670-136D-4FD6-A45F-00C85B90359C}
Name: WPDShextAutoplay - AppID: {A55803CC-4D53-404c-8557-FD63DBA95D24}
Name: Core Shell Service Provider - AppID: {A67168DB-418E-4087-B63E-852E822BB1ED}
Name: WLIDSvc - AppID: {A6721677-BA21-44E9-9E2A-76466D24D121}
Name: ServiceModule - AppID: {A6B716CB-028B-404D-B72C-50E153DD68DA}
Name: Virtual Factory for MaintenanceUI - AppID: {A6BFEA43-501F-456F-A845-983D3AD7B8F0}
Name: Microsoft Windows Defender - AppID: {A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}
Name: %SystemRoot%\System32\fveui.dll - AppID: {A7A63E5C-3877-4840-8727-C1EA9D7A4D50}
Name: SysFxUi - AppID: {A7D2EC8B-B70F-434C-A0CE-0DF324805F7D}
Name: Core Shell LPAC Broker Provider - AppID: {A7E84C44-F0C0-44F9-A4F2-68B5EA50B200}
Name: SwapAPODll - AppID: {A85F41D6-156B-470D-B505-110388968D5A}
Name: Delivery Optimization Managment - AppID: {AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}
Name: Core Shell COM Server Registrar - AppID: {AA8F1F23-D819-4E95-9B36-7FD68D5218F9}
Name: F12AppFrameClient Class - AppID: {AABAA6AA-5398-4C08-AE60-6321A7F05E9C}
Name: QuietHours App ID - AppID: {AB7BDC53-0BB5-44F5-9E25-C444313D4686}
Name: DEFRAGSVC service - AppID: {ab7c873b-eb14-49a6-be60-a602f80e6d22}
Name: Thumbnail Cache Out of Proc Server - AppID: {AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}
Name: BDEUILauncher Class - AppID: {AB93B6F1-BE76-4185-A488-A9001B105B94}
Name: PaymentsSvc - AppID: {AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}
Name: RetailDemo Service - AppID: {ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}
Name: Microsoft Volumetric Audio Compositor - AppID: {AD829705-CCA8-44D4-88E0-331E48336059}
Name: WPN Srumon Server - AppID: {ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}
Name: PFStatusManager2 - AppID: {AF2F6F23-AC73-48FB-B200-2C037AA0E26C}
Name: TrayToastActivator - AppID: {AFC732E2-BA57-4B3E-A70A-71371F99B871}
Name: WorkspaceBroker Class - AppID: {B06FF84E-0A77-4DD2-A919-0EABD8979DC1}
Name: TabIps - AppID: {B1445657-5A98-11d9-A4E5-00301BB132BA}
Name: DockInterface COM server - AppID: {b21858c6-9711-4257-99c8-5c0084bebce1}
Name: WpcMonSvc - AppID: {B34F88D1-F26B-42D5-8DD5-A442303A05D7}
Name: Windows Update Agent - Remote Access - AppID: {B366DEBE-645B-43A5-B865-DDD82C345492}
Name: AppActivationFailedHandler - AppID: {B3AADFEA-8404-4CBE-A62E-B0B715412C9E}
Name: Found New Hardware Wizard - AppID: {B6A32FE6-E29D-AEAE-A608-D273E40CA34C}
Name: WIA Device Manager 2 - AppID: {B6C292BC-7C88-41EE-8B54-8EC92617E599}
Name: Com_SRS_TruSurroundHD - AppID: {B6D5C1B8-6F68-4A82-8E20-2D0F3A52BD6A}
Name: Sync Center (Private) - AppID: {B8558612-DF5E-4F95-BB81-8E910B327FB2}
Name: Windows Media Player - AppID: {B8C54A54-355E-11D3-83EB-00A0C92A2F2D}
Name: ApplicationActivationImpl - AppID: {B9305506-D05B-4C36-81C5-0E50886C1755}
Name: Bluetooth AVCTP Service - AppID: {B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B}
Name: Application Frame Host - AppID: {B9B05098-3E30-483F-87F7-027CA78DA287}
Name: Event Object Change 2 - AppID: {BB07BACD-CD56-4E63-A8FF-CBF0355FB9F4}
Name: AcroPDF - AppID: {BBAA0E44-3862-490C-8E63-AC2D2D6EF733}
Name: SyncHost - AppID: {BBC4356A-F004-4628-A27A-E13D70412B70}
Name: Virtual Factory for Power Options Control Panel - AppID: {BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}
Name: Setting Sync Task Factory - AppID: {bcbb3f8c-2889-474f-8fb7-904d4a416145}
Name: LxpSvc - AppID: {BCE82FB7-43F4-4827-A503-69E561667293}
Name: DfsShlEx.dll - AppID: {BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}
Name: EditionUpgradeManagerObj - AppID: {BD54C901-076B-434E-B6C7-17C531F4AB41}
Name: VM IC Heartbeat Service - AppID: {be0fc7f0-f248-4091-a123-34ca29a6901b}
Name: VailAudioProxy.exe - AppID: {BEEE3226-ECC5-464E-981B-BC123674C8DE}
Name: Shell AutoPlay Direct - AppID: {BF8841C9-378A-4CAD-B4FC-5091366CBC0D}
Name: ShellBrowserWindow - AppID: {c08afd90-f2a1-11d1-8455-00a0c91f3880}
Name: LockAppHost Out of Proc Helper for Lock Apps - AppID: {C08B030B-E91C-479D-BEFD-02DDA7FF1BCF}
Name: Universal Print Management Service - AppID: {C08E4363-9771-4955-A002-09932AE4874B}
Name: Spectrum - AppID: {C0E1CE99-C981-44A2-AC4C-41036FAC6593}
Name: provsvc.dll - AppID: {c2a71820-3463-498f-bab7-4798795a2ff6}
Name: DataExchangeHost - AppID: {C2E9756F-8155-4EAC-9ED5-0B690169D412}
Name: RetailCoreSystemAgent Service - AppID: {C2EA2356-994C-45AF-BDAE-10796F73BC47}
Name: cttunesvr - AppID: {C3A34354-660F-41EE-B072-2AEA5E3A80AF}
Name: Microsoft Block Level Backup Service - AppID: {C3B65D83-FB15-4e3f-BA04-097D1E2B5AC1}
Name: Microsoft IMAPI - AppID: {C49F2185-50A7-11D3-9144-00104BA11C5E}
Name: BdeUISrv - AppID: {C4AB7CB7-E735-48FF-AADD-39D09668F444}
Name: HomeGroup Listener Service - AppID: {C4CDC408-581C-4480-9FFE-3B1C78D5C20D}
Name: Xbox Live Game Saves - AppID: {C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}
Name: Input Switch Toast Handler - AppID: {C5DFE802-CE61-11E8-A8D5-F2801F1B9FD1}
Name: EntAppSvc - AppID: {C63261E4-6052-41FF-B919-496FECF4C4E5}
Name: EmailClient Class - AppID: {C6E0A4C8-A933-411E-8068-406C2391665F}
Name: JumpViewExecuteHelper - AppID: {c82192ee-6cb5-4bc0-9ef0-fb818773790a}
Name: FamilySafetyRefreshTask - AppID: {C844C79D-AED8-4DCE-AB25-4D359BED84F8}
Name: TSWbPrxy.exe - AppID: {C92A9617-0EAE-4235-BD2B-84540EF1FFA9}
Name: DictationHost Class - AppID: {C945AD06-534F-460C-8CB4-17C33099AF81}
Name: Sync Infrastructure - AppID: {C947D50F-378E-4FF6-8835-FCB50305244D}
Name: netprofm - AppID: {C96887DA-A652-4426-905E-4A37546F847C}
Name: editionupgradebroker - AppID: {C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}
Name: RCM - AppID: {C9F65BA8-1F8F-4382-AE27-C91FFB29275F}
Name: User OOBE Create Elevated Object Server - AppID: {ca8c87c1-929d-45ba-94db-ef8e6cb346ad}
Name: OpenSearch Description Create Search Connector Verb Handler - AppID: {CB1DFE3A-EDFF-4d1f-867D-8ADB02926F4B}
Name: PrintIsolationSessionHost - AppID: {CB363445-F453-4C1E-8EE4-BD123C5E394F}
Name: EnhancedStorageShell - AppID: {CC70FEAD-94B9-4F76-88CC-004BB068ACDF}
Name: sppui - AppID: {CCFDD24D-CEAB-458B-A4F1-F884973395DF}
Name: GraphicsPerfSvc - AppID: {cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}
Name: Windows Media Player Burn Audio CD Handler - AppID: {cdc32574-7521-4124-90c3-8d5605a34933}
Name: Elevated-Unelevated Explorer Factory - AppID: {CDCBCFCA-3CDC-436f-A4E2-0E02075250C2}
Name: ServiceModule - AppID: {CECDDD22-2E72-4832-9606-A9B0E5E344B2}
Name: PNPXAssoc.dll - AppID: {cee8ccc9-4f6b-4469-a235-5a22869eef03}
Name: sdchange - AppID: {CF254B00-1986-4b24-A92D-463D01F7E395}
Name: Event Object Change - AppID: {D0565000-9DF4-11D1-A281-00C04FCA0AA7}
Name: Winmgmt MOF Compiler OOP - AppID: {D215781D-019E-4FA0-903D-0CDCDE13A4F5}
Name: Color Management - AppID: {D2E7041B-2927-42fb-8E9F-7CE93B6DC937}
Name: Bitmap Image - AppID: {D3E34B21-9D75-101A-8C3D-00AA001A1652}
Name: Sync Center User Profile Notification Handler - AppID: {D63AA156-D534-4BAC-9BF1-55359CF5EC30}
Name: MoUsoCoreWorker Class - AppID: {D726464B-98F1-4627-86CD-4A082A1E5307}
Name: Microsoft Software Protection Platform Admin Object (outer) - AppID: {D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}
Name: BrowserBrokerServer - AppID: {DD9C53BC-8441-4B94-BD0E-36E6E02A6D61}
Name: Srumon Server - AppID: {ddcfd26b-feed-44cd-b71d-79487d2e5e5a}
Name: rundll32.exe - AppID: {de5d803e-5d2a-4b5f-9c63-af25a465cc44}
Name: AccStore Class - AppID: {DE5DBCDC-104A-4cbc-A4D5-0C2104A142C5}
Name: LockScreen Call Broker - AppID: {DE7D3D65-5454-4EF5-9518-776739DAB39F}
Name: OneSetttings Broker - AppID: {E055B85B-22BD-4E15-A34D-46C58AB320AD}
Name: Profile Notification Host - AppID: {E10F6C3A-F1AE-4adc-AA9D-2FE65525666E}
Name: RtkAPODll - AppID: {E1D2965E-D32B-4e1c-B9F1-159ACB984258}
Name: Windows Update Agent User Interface for Published Applications - AppID: {e30984f1-b02b-4c27-a40f-23d11b8c1212}
Name: Scan - AppID: {E32549C4-C2B8-4BCC-90D7-0FC3511092BB}
Name: WinRTNet MUA hostserver AppID - AppID: {E4422CBC-05DF-4AF1-A84E-A5638479CDE7}
Name: Execute Unknown - AppID: {e44e9428-bdbc-4987-a099-40dc8fd255e7}
Name: Authentication UI CredUI Out of Proc Helper for Non-AppContainer Clients (Failed Mouse In Pointer) - AppID: {E45A56CE-399C-45F0-9E6F-BFAACD3C711F}
Name: COM_SRS_WOWHD2 - AppID: {E46D2660-D86E-4B0A-BB61-F0FFE9BBDEB5}
Name: upnphost - AppID: {E495081B-BBA5-4b89-BA3C-3B86A686B87A}
Name: ContainerHostActivation - AppID: {e53cd6ee-5c5c-4701-9ff2-c204bfed819d}
Name: TrayDesktopBand - AppID: {E6442437-6C68-4f52-94DD-2CFED267EFB9}
Name: Orchestrator Service - AppID: {E7299E79-75E5-47BB-A03D-6D319FB7F886}
Name: UICOM - AppID: {E8054D20-497D-4E16-BF41-6E69FCD381A5}
Name: wscui.cpl - AppID: {E9495B87-D950-4ab5-87A5-FF6D70BF3E90}
Name: Remove Device elevation surrogate - AppID: {E95186C7-7D80-4311-843D-0702CBC8B1E4}
Name: File Prop Sheet Page Helper - AppID: {E96767E0-7EAA-45E1-8E7D-64414AFF281A}
Name: Exchange Active Sync Policy Manager Broker - AppID: {E9DD849F-B3CF-4614-94BB-CB2696BD34FB}
Name: HomeGroup Provider Service - AppID: {EA022610-0748-4c24-B229-6C507EBDFDBB}
Name: %systemroot%\System32\UserAccountControlSettings.dll - AppID: {EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}
Name: Feature Usage Listener - AppID: {EAB99738-0ADF-4A53-856C-DE58AFDE7682}
Name: SuspendablePerAppRuntimeBroker - AppID: {eadbb044-2aed-4aba-bab5-1f8ae07a4a0c}
Name: Convert VHD - AppID: {eae61b75-98d8-4af9-94e6-84b1c6f77c8a}
Name: Remote Desktop Services Message Server - AppID: {EB521D7D-4095-4E61-88FB-BF25700F142A}
Name: ComEvents.ComServiceEvents - AppID: {ECABB0C3-7F19-11D2-978E-0000F8757E2A}
Name: ComEvents.ComSystemAppEventData - AppID: {ECABB0C6-7F19-11D2-978E-0000F8757E2A}
Name: Play with Windows Media Player - AppID: {ed1d0fdf-4414-470a-a56d-cfb68623fc58}
Name: Windows Media Player Launch - AppID: {ED6BB178-B06A-47ad-98B3-6066E0CF0147}
Name: Share Manager - AppID: {edb5f444-cb8d-445a-a523-ec5ab6ea33c7}
Name: MixedRealityCapture - AppID: {EE3C7093-A852-49BA-8AC8-7DFBEC469F72}
Name: CloudExperienceHostAppManager - AppID: {EEABBBC4-12D0-48F4-A9C5-9AB471806C29}
Name: CloudExperienceHost Broker AppID - AppID: {efe2d6d8-a81b-41e7-ae77-e5244ab80522}
Name: Microsoft Audio Device Graph Server - AppID: {F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}
Name: AcroBroker - AppID: {F2383816-917A-46CC-AD2A-5013BED3800F}
Name: AvailableNetworksExperienceFlow - AppID: {F2506CD7-82C2-43D9-A1D3-F85F5EFE7D09}
Name: Virtual Disk Service - AppID: {F290BFB2-1864-45B1-8804-2654194A87E7}
Name: FodHelper - AppID: {F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}
Name: SPPSurrogate - AppID: {f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}
Name: NDFAPI - AppID: {F3D3AA8D-EF96-4470-848E-BD70B803047A}
Name: PerfCenter Enabler - AppID: {f4be747e-45c4-4701-90f1-d49d9ac30248}
Name: sdclt - AppID: {f56b7b2a-5b5a-46d8-b6f9-d927ce34b717}
Name: ActivatableApplicationRegistrar - AppID: {f59bbec1-0907-4464-b04d-1da329585370}
Name: Pen Workspace Discover Broker - AppID: {F5A6ACF4-FFE0-4934-AE1D-5F960EA0AAD9}
Name: WMPNSSCI - AppID: {F74BCE98-9EB4-4022-8317-11C723E5CCF8}
Name: Account Manager Service - AppID: {f7f34f79-6791-4d4e-9f15-9eaecd50bd78}
Name: CloudExperienceHost Create System Object Server - AppID: {f7fa3149-91e7-43b7-8040-b707688ced1a}
Name: logagent - AppID: {F808DF63-6049-11D1-BA20-006097D2898E}
Name: WLIDFDP - AppID: {F828BB1A-2FAE-4AC4-AE6F-CAC9B529F996}
Name: RAServer - AppID: {F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}
Name: WinInetBrokerServer - AppID: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Name: NCLUA - AppID: {FA1456D3-4B97-4f9c-8511-2786161DC333}
Name: VssEvent - AppID: {FAF53CC4-BD73-4E36-83F1-2B23F46E513E}
Name: Shell Hardware Mixed Content Handler Cancelled - AppID: {fb479c02-9ec4-4fed-8599-debe037452cb}
Name: RegisterControl - AppID: {FC38B7C8-9E50-497d-A387-7DEBDAD14160}
Name: Hotspot Auth Module - AppID: {FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}
Name: appwiz.cpl - AppID: {FCC74B77-EC3E-4dd8-A80B-008A702075A9}
Name: Wordpad - AppID: {fd6c8b29-e936-4a61-8da6-b0c12ad3ba00}
Name: Proximity UX Host - AppID: {FDA74D11-C4A6-4577-9F73-D7CA8586E10C}
Name: Shell Execute Hardware Event Handler - AppID: {FFB8655F-81B9-4fce-B89C-9A6BA76D13E7}
Name: EntAppSvc - AppID: {FFE1E5FE-F1F0-48C8-953E-72BA272F2744}

Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{00021401-0000-0000-C000-000000000046}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-15-3-3215430884-1339816292-89257616-1145831019"
Win32_DCOMApplication.AppID="{020FB939-2C8B-4DB7-9E90-9527966E38E5}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{03837503-098b-11d8-9414-505054503030}" - Win32_SID.SID="S-1-5-32-559"
Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0671E064-7C24-4AC0-AF10-0F3055707C32}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{0771f7af-8de6-4bce-9528-2d4a12cb8168}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0868DC9B-D9A2-4f64-9362-133CEA201299}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0A886F29-465A-4aea-8B8E-BE926BFAE83E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0C3B05FB-3498-40C3-9C03-4B22D735550C}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0CA545C6-37AD-4A6C-BF92-9F7610067EF5}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{0da7bfdf-c0a0-44eb-be82-b7a82c4721de}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1111A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1111A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1111A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1111A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{12C21EA7-2EB8-4B55-9249-AC243DA8C666}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{133eac4f-5891-4d04-bada-d84870380a80}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{135fd325-45b7-4c30-89f8-4386961669f0}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{136A0DC7-DF5C-4271-A2AC-15DF1A1323F2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{150F28F1-49A5-4C28-BE1A-CFA854A1D04B}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{152EA2A8-70DC-4C59-8B2A-32AA3CA0DCAC}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522"
Win32_DCOMApplication.AppID="{1538524A-8AC3-4C33-BF0C-C2F9CE51DD50}" - Win32_SID.SID="S-1-5-84-0-0-0-0-0"
Win32_DCOMApplication.AppID="{15c653f2-77f1-4cac-9644-656982d12f12}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{15c653f2-77f1-4cac-9644-656982d12f12}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{15c653f2-77f1-4cac-9644-656982d12f12}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{15c653f2-77f1-4cac-9644-656982d12f12}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{16A18E86-7F6E-4C20-AD89-4FFC0DB7A96A}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1725704B-A716-4E04-8EF6-87ED4F0A180A}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-547"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{19BCA967-D266-436f-B2D4-CBE4D4B42F96}" - Win32_SID.SID="S-1-5-32-556"
Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1AC32B1A-E379-4CAD-B655-F978A30856EC}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{1B162A5B-B67A-4468-9613-C3F9765B353B}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522"
Win32_DCOMApplication.AppID="{1B162A5B-B67A-4468-9613-C3F9765B353B}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{1B162A5B-B67A-4468-9613-C3F9765B353B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1B162A5B-B67A-4468-9613-C3F9765B353B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1BA783C1-2A30-4ad3-B928-A9A46C604C28}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1C749B87-568C-4865-8E73-6413F8372CE6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1f2e5c40-9550-11ce-99d2-00aa006e086c}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1F7D1BE9-7A50-40B6-A605-C4F3696F49C0}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1fb2a002-4c6c-4de7-85c2-cb8db9a4f728}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{1fda955b-61ff-11da-978c-0008744faab7}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628"
Win32_DCOMApplication.AppID="{205609B7-5E08-443E-B0A7-A7AED3F3A717}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{217700E0-0000-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556"
Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{27170d71-7a40-4c8b-a3d1-64f7cbe81c66}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{27550CA0-E9DE-4186-A566-37A59BB6CA69}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{292bed96-e9ce-40f8-b71b-c313defa3a78}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{2A81FE91-95D7-487E-BBF8-B03308E54207}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{2A81FE91-95D7-487E-BBF8-B03308E54207}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422"
Win32_DCOMApplication.AppID="{2A81FE91-95D7-487E-BBF8-B03308E54207}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{2A81FE91-95D7-487E-BBF8-B03308E54207}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{2A81FE91-95D7-487E-BBF8-B03308E54207}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{2A947841-0594-48CF-9C53-A08C95C22B55}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{2C256447-3F0D-4CBB-9D12-575BB20CDA0A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{2C5BC43E-3369-4C33-AB0C-BE9469677AF4}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-15-3-1024-1314380931-3989923313-3249193833-1963115619-3940350845-1282913705-2904921893-3519892189"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1212"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{2EA38040-0B9C-4379-87FD-4D38BB892F37}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{2ED83BAA-B2FD-43B1-99BF-E6149C622692}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{304CE942-6E39-40D8-943A-B913C40C9CD4}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{338B40F9-9D68-4B53-A793-6B9AA0C5F63B}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{34E76A18-223B-4E23-BEAD-F59358CC0A90}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{354ff91b-5e49-4bdc-a8e6-1cb6c6877182}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{354ff91b-5e49-4bdc-a8e6-1cb6c6877182}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{354ff91b-5e49-4bdc-a8e6-1cb6c6877182}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{354ff91b-5e49-4bdc-a8e6-1cb6c6877182}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{36234D6F-D9B8-404B-91C9-736BD2EE3040}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{37096FBE-2F09-4FF6-8507-C6E4E1179893}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{379001DE-7108-4A45-8A74-6CD0A9FBEF2C}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{37B73D7B-A976-43AE-97E4-BD4977B241F2}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{38E441FB-3D16-422F-8750-B2DACEC5CEFC}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{39214908-5362-44b4-97f4-1aa724d3e0da}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{3ad05575-8857-4850-9277-11b85bdb8e09}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3E000D72-A845-4CD9-BD83-80C07C3B881F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3E5FC7F9-9A51-4367-9063-A120244FBEC7}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-1"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-2"
Win32_DCOMApplication.AppID="{3eb3c877-1f16-487c-9050-104dbcd66683}" - Win32_SID.SID="S-1-15-3-3"
Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{3F4D7BB8-4F38-4526-8CD3-C44D68689C5F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{412E0F20-6C5B-43EC-879F-DA444A416EAC}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{42C21DF5-FB58-4102-90E9-96A213DC7CE8}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-15-3-1024-3153509613-960666767-3724611135-2725662640-12138253-543910227-1950414635-4190290187"
Win32_DCOMApplication.AppID="{42CBFAA7-A4A7-47BB-B422-BD10E9D02700}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{434A6274-C539-4E99-88FC-44206D942775}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{46B988E8-BEC2-401F-A1C5-16C694F26D3E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{46C166AA-3108-11D4-9348-00C04F8EEB71}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{48da6741-1bf0-4a44-8325-293086c79077}" - Win32_SID.SID="S-1-5-80-611605672-2879557022-2206624263-4029342278-3129212340"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{4963f89b-261e-4ffa-ac2e-71a7d5a17071}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{49EBD8BE-1A92-4A86-A651-70AC565E0FEB}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4A6B8BAD-9872-4525-A812-71A52367DC17}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4BC67F23-D805-4384-BCA3-6F1EDFF50E2C}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4D111E08-CBF7-4f12-A926-2C7920AF52FC}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{4FCDA643-B15B-41C6-84F8-5E447F6F6D25}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{4FE95D37-3459-4ECC-AC3E-F7ABBE4E8AED}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{50a9ab2a-20f8-4d71-9f32-9fd305b49601}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{50d69d24-961d-4828-9d1c-5f4717f226d1}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-5-32-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412"
Win32_DCOMApplication.AppID="{50E1C3FD-EC35-490E-9CCF-C68F9AE91919}" - Win32_SID.SID="S-1-15-3-1024-2707581722-3970398075-3301609242-3412871183-2565310287-2959982868-2531230773-2372594412"
Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{514B5E31-5596-422F-BE58-D804464683B5}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{51a1467f-96a2-4b1c-9632-4b4d950fe216}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{52B65EB7-907C-4D83-A535-283BE9104DE4}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{52B65EB7-907C-4D83-A535-283BE9104DE4}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{52B65EB7-907C-4D83-A535-283BE9104DE4}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{57360832-5F9B-4190-8467-000D2D510212}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{588E10FA-0618-48A1-BE2F-0AD93E899FCC}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{59347292-B72D-41F2-98C5-E9ACA1B247A2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{59c7f6ec-7d18-412f-a68e-877982768e61}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708"
Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-15-2-460998419-1048838040-1306765847-3036341007-2963401754-1630001092-3310782549"
Win32_DCOMApplication.AppID="{5A4ED3BD-2F40-44B4-93DA-2B5ECC197B26}" - Win32_SID.SID="S-1-15-3-1024-2152139330-3124897132-671935159-3762809077-3273429135-2233686478-1435376800-2420532691"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-3-1024-3625662137-2682091254-856171984-2868379045-3001028726-1009205972-4175949866-684286152"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1031"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{5BC7A3A1-E905-414B-9790-E511346F5CA6}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{5C03E1B1-EB13-4DF1-8943-2FE8E7D5F309}" - Win32_SID.SID="S-1-5-80-3028837079-3186095147-955107200-3701964851-1150726376"
Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{5E1395B2-B685-44e3-8AED-E2304D85ACD1}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{5E176815-9A63-4A69-810F-62E90D36612A}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{60173D16-A550-47f0-A14B-C6F9E4DA0831}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{642ef9d6-48a5-476b-919a-a507cfd02c0f}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{64bb4bed-73f6-4d74-a048-035b4f63ec98}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991"
Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{64D4882D-CB4E-4ea2-95B5-CD77F8ED8AB2}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{653C5148-4DCE-4905-9CFD-1B23662D3D9E}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{6571503D-D0FB-4D98-BBC3-1FBB2B3F344E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{6B1DE8B3-DFB1-4C0E-9D9A-89CA730DE93F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{6D9A7A40-DDCA-414E-B48E-DFB032C03C1B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{6F4B8D94-91FE-4665-B1E7-A34AE3F299F6}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{6F65B602-F798-4094-8A41-A2A61961E5E8}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7007ACC5-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7007ACD1-3202-11D1-AAD2-00805FC1270E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{72A7994A-3092-4054-B6BE-08FF81AEEFFC}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{730BFCEC-E4BF-4D3A-9FBB-01DD132467A4}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{752073A2-23F2-4396-85F0-8FDB879ED0ED}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{7578dea3-a321-4d03-8b60-fc6749ae7385}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-32-546"
Win32_DCOMApplication.AppID="{76db1bf3-e820-4765-a1b2-0b16a86b1950}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{777BA81A-2498-4875-933A-3067DE883070}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{7966b4d8-4fdc-4126-a10b-39a3209ad251}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331"
Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7A076CE1-4B31-452a-A4F1-0304C8738100}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7aa7790d-75d7-484b-98a1-3913d022091d}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7C8AB6D9-8764-4033-8F62-2FE896E54B32}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7DF8EF76-D449-485f-B4EB-58DC96B31EDB}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{7E55A26D-EF95-4A45-9F55-21E52ADF9887}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{7EAD5C10-8B3F-11E6-AE22-56B6B6499611}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{82D94FB3-7FE6-4797-BB72-9A886C66073B}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{831EF03D-BAF2-46AD-81B6-6AA5C9E30317}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{831EF03D-BAF2-46AD-81B6-6AA5C9E30317}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{831EF03D-BAF2-46AD-81B6-6AA5C9E30317}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{831EF03D-BAF2-46AD-81B6-6AA5C9E30317}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{831EF03D-BAF2-46AD-81B6-6AA5C9E30317}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{831EF03D-BAF2-46AD-81B6-6AA5C9E30317}" - Win32_SID.SID="S-1-5-80-223807737-1693445485-119162242-1977420160-1403034029"
Win32_DCOMApplication.AppID="{84D586C4-A423-11D2-B943-00C04F79D22F}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{86d5eb8a-859f-4c7b-a76b-2bd819b7a850}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{86F80216-5DD6-4F43-953B-35EF40A35AEE}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{87BB326B-E4A0-4DE1-94F0-B9F41D0C6059}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{87df41c9-cb91-4709-849c-f8f3c7058b50}" - Win32_SID.SID="S-1-15-3-1024-79080987-3398622760-2608912076-1085899501-4039864605-4024366022-736258278-368603348"
Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{88283d7c-46f4-47d5-8fc2-db0b5cf0cb54}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8be0366c-8522-40be-8b08-cb26557f2854}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8C334A55-DDB9-491C-817E-35A6B85D2ECB}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8C482DCE-2644-4419-AEFF-189219F916B9}" - Win32_SID.SID="S-1-5-80-4155767994-3874329934-3800885181-2130851812-726865888"
Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8cec58ae-07a1-11d9-b15e-000d56bfe6ee}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8D02CEE1-70BC-449A-B873-70AC08B2676A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8D02CEE1-70BC-449A-B873-70AC08B2676A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{8D15A4F3-1BE5-4120-8A4D-2EF92A5DD58D}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{8DF61FB6-3223-4E2D-8A92-D937DDB0DF4C}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-15-3-1024-1701033769-137094913-3738083205-577272984-1204217555-1180762924-3352773070-2589626690"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1030"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-21-2702878673-795188819-444038987-1210"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{8E44A57C-5638-44D3-9B83-34DF70EB57F2}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{8e7fae4d-cff0-41d3-a326-5a80470264bb}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{9200689A-F979-4eea-8830-0E1D6B74821F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{924DC564-16A6-42EB-929A-9A61FA7DA06F}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{941C53C2-D2D7-4C74-84EA-28F8F6438D4B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{941C53C2-D2D7-4C74-84EA-28F8F6438D4B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{941C53C2-D2D7-4C74-84EA-28F8F6438D4B}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{973d20d7-562d-44b9-b70b-5a0f49ccdf3f}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331"
Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{98a89e0c-1fde-4c2a-a373-b04831e6aa60}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{990F07C7-78DC-4BD2-B145-5F791410BDDE}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{9980CAAB-B154-408C-B5FD-29A701E40825}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{9980CAAB-B154-408C-B5FD-29A701E40825}" - Win32_SID.SID="S-1-5-80-2586557155-168560303-1373426920-983201488-1499765686"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{9D73451F-6BFC-47C7-95FB-46598431BC19}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{9df523b0-a6c0-4ea9-b5f1-f4565c3ac8b8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A1F4E726-8CF1-11D1-BF92-0060081ED811}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{a2d9ca22-a492-400c-b875-78ac25c0a6f3}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{a3a81ee7-be13-4dd8-89f7-26aba705d81d}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{a463fcb9-6b1c-4e0d-a80b-a2ca7999e25d}" - Win32_SID.SID="S-1-15-3-1024-3623855041-1826999956-3747069818-3525260223-3747374510-1746272624-950601168-56556331"
Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{A4B07E49-6567-4FB8-8D39-01920E3B2357}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{a4c31131-ff70-4984-afd6-0609ced53ad6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-2165721414-884371012-2773947476-2437641138-4209659587-972658821-4033014341-190168586"
Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-2152139330-3124897132-671935159-3762809077-3273429135-2233686478-1435376800-2420532691"
Win32_DCOMApplication.AppID="{A67168DB-418E-4087-B63E-852E822BB1ED}" - Win32_SID.SID="S-1-15-3-1024-3167453650-624722384-889205278-321484983-714554697-3592933102-807660695-1632717421"
Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{A6BFEA43-501F-456F-A845-983D3AD7B8F0}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{A79DB36D-6218-48e6-9EC9-DCBA9A39BF0F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{A7A63E5C-3877-4840-8727-C1EA9D7A4D50}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{AA0B85DA-FDDF-4272-8D1D-FF9B966D75B0}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{AA65DD7C-83AC-48C0-A6FD-9B61FEBF8800}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{AC05815A-A8D5-434B-B9A8-2FFD162F2B7D}" - Win32_SID.SID="S-1-15-3-1024-2922296261-1647482768-2017091146-3858667068-4135663662-2931985894-1627820925-818366431"
Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{ac793c1d-eb2f-4ffd-b1ec-7af1aaaf3325}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{AD829705-CCA8-44D4-88E0-331E48336059}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{AD829705-CCA8-44D4-88E0-331E48336059}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{AD829705-CCA8-44D4-88E0-331E48336059}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{ada41b3c-c6fd-4a08-8cc1-d6efde67be7d}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{b0316d0c-da2f-40e0-9f91-f600caf042dc}" - Win32_SID.SID="S-1-15-3-1024-79080987-3398622760-2608912076-1085899501-4039864605-4024366022-736258278-368603348"
Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{B06FF84E-0A77-4DD2-A919-0EABD8979DC1}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{b21858c6-9711-4257-99c8-5c0084bebce1}" - Win32_SID.SID="S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708"
Win32_DCOMApplication.AppID="{B366DEBE-645B-43A5-B865-DDD82C345492}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{B6C292BC-7C88-41EE-8B54-8EC92617E599}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{B8C54A54-355E-11D3-83EB-00A0C92A2F2D}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{B98C6EB5-6AA7-471E-B5C5-D04FD677DB3B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BA126F01-2166-11D1-B1D0-00805FC1270E}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{BBD8C065-5E6C-4e88-BFD7-BE3E6D1C063B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{BCEA735B-4DAC-4B71-9C47-1D560AFD2A9B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{BD54C901-076B-434E-B6C7-17C531F4AB41}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{BEEE3226-ECC5-464E-981B-BC123674C8DE}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{BEEE3226-ECC5-464E-981B-BC123674C8DE}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{BEEE3226-ECC5-464E-981B-BC123674C8DE}" - Win32_SID.SID="S-1-5-7"
Win32_DCOMApplication.AppID="{C08E4363-9771-4955-A002-09932AE4874B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C08E4363-9771-4955-A002-09932AE4874B}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{C08E4363-9771-4955-A002-09932AE4874B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C08E4363-9771-4955-A002-09932AE4874B}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C08E4363-9771-4955-A002-09932AE4874B}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C08E4363-9771-4955-A002-09932AE4874B}" - Win32_SID.SID="S-1-15-3-1024-4044835139-2658482041-3127973164-329287231-3865880861-1938685643-461067658-1087000422"
Win32_DCOMApplication.AppID="{C08E4363-9771-4955-A002-09932AE4874B}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{C08E4363-9771-4955-A002-09932AE4874B}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-2731152606-4244467407-1946816704-3721569673-479255522"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-5-80-3246321066-2451215914-3422911474-2201726393-166328789"
Win32_DCOMApplication.AppID="{C0E1CE99-C981-44A2-AC4C-41036FAC6593}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C100BEBB-D33A-4a4b-BF23-BBEF4663D017}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{c2a71820-3463-498f-bab7-4798795a2ff6}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C2E9756F-8155-4EAC-9ED5-0B690169D412}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{C2EA2356-994C-45AF-BDAE-10796F73BC47}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C3A34354-660F-41EE-B072-2AEA5E3A80AF}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C5D3C0E1-DC41-4F83-8BA8-CC0D46BCCDE3}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C63261E4-6052-41FF-B919-496FECF4C4E5}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-11"
Win32_DCOMApplication.AppID="{C844C79D-AED8-4DCE-AB25-4D359BED84F8}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{C92A9617-0EAE-4235-BD2B-84540EF1FFA9}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{C945AD06-534F-460C-8CB4-17C33099AF81}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991"
Win32_DCOMApplication.AppID="{C97E2AEF-AB0E-4FA6-BA29-1A1A7CCBA125}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{ca8c87c1-929d-45ba-94db-ef8e6cb346ad}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{CB363445-F453-4C1E-8EE4-BD123C5E394F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{CCFDD24D-CEAB-458B-A4F1-F884973395DF}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{cd93979b-c14e-4c29-87a4-75e4f9fa5e0a}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{CE0E0BE8-CF56-4577-9577-34CC96AC087C}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{cee8ccc9-4f6b-4469-a235-5a22869eef03}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{CF254B00-1986-4b24-A92D-463D01F7E395}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{D215781D-019E-4FA0-903D-0CDCDE13A4F5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{D726464B-98F1-4627-86CD-4A082A1E5307}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{D726464B-98F1-4627-86CD-4A082A1E5307}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{D726464B-98F1-4627-86CD-4A082A1E5307}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{D726464B-98F1-4627-86CD-4A082A1E5307}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{D726464B-98F1-4627-86CD-4A082A1E5307}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{D726464B-98F1-4627-86CD-4A082A1E5307}" - Win32_SID.SID="S-1-5-80-223807737-1693445485-119162242-1977420160-1403034029"
Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-123231216-2592883651-3715271367-3753151631-4175906628"
Win32_DCOMApplication.AppID="{D8D4249F-A8FB-44A7-8AA0-564E8C385BD6}" - Win32_SID.SID="S-1-5-80-956008885-3418522649-1831038044-1853292631-2271478464"
Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{DCED8DB0-11A5-4b16-AB9D-4E28CA38C99F}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{ddcfd26b-feed-44cd-b71d-79487d2e5e5a}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{de5d803e-5d2a-4b5f-9c63-af25a465cc44}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E2B3C97F-6AE1-41AC-817A-F6F92166D7DD}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{e30984f1-b02b-4c27-a40f-23d11b8c1212}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E4422CBC-05DF-4AF1-A84E-A5638479CDE7}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E4422CBC-05DF-4AF1-A84E-A5638479CDE7}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{E4422CBC-05DF-4AF1-A84E-A5638479CDE7}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{E4422CBC-05DF-4AF1-A84E-A5638479CDE7}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E4422CBC-05DF-4AF1-A84E-A5638479CDE7}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{E4422CBC-05DF-4AF1-A84E-A5638479CDE7}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{E45A56CE-399C-45F0-9E6F-BFAACD3C711F}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E45A56CE-399C-45F0-9E6F-BFAACD3C711F}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{E45A56CE-399C-45F0-9E6F-BFAACD3C711F}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E45A56CE-399C-45F0-9E6F-BFAACD3C711F}" - Win32_SID.SID="S-1-5-6"
Win32_DCOMApplication.AppID="{E45A56CE-399C-45F0-9E6F-BFAACD3C711F}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{E45A56CE-399C-45F0-9E6F-BFAACD3C711F}" - Win32_SID.SID="S-1-15-3-1024-1502825166-1963708345-2616377461-2562897074-4192028372-3968301570-1997628692-1435953622"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{e53cd6ee-5c5c-4701-9ff2-c204bfed819d}" - Win32_SID.SID="S-1-5-7"
Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E7299E79-75E5-47BB-A03D-6D319FB7F886}" - Win32_SID.SID="S-1-5-32-545"
Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E8054D20-497D-4E16-BF41-6E69FCD381A5}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E9495B87-D950-4ab5-87A5-FF6D70BF3E90}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{E95186C7-7D80-4311-843D-0702CBC8B1E4}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EA022610-0748-4c24-B229-6C507EBDFDBB}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{EA2C6B24-C590-457B-BAC8-4A0F9B13B5B8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EB521D7D-4095-4E61-88FB-BF25700F142A}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{EC9846B3-2762-4A6B-A214-6ACB603462D2}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{EE3C7093-A852-49BA-8AC8-7DFBEC469F72}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{EE3C7093-A852-49BA-8AC8-7DFBEC469F72}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{efe2d6d8-a81b-41e7-ae77-e5244ab80522}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-5-7"
Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F135BE18-BF34-4CBD-B1D5-55D49F0DEDCC}" - Win32_SID.SID="S-1-15-3-1024-1692970155-4054893335-185714091-3362601943-3526593181-1159816984-2199008581-497492991"
Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F1425A67-1545-44A2-AB59-8DF1020452D9}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-32-551"
Win32_DCOMApplication.AppID="{F290BFB2-1864-45B1-8804-2654194A87E7}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{F2F94BB3-595C-4509-B7EE-243FA2BDEA5B}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{f32d97df-e3e5-4cb9-9e3e-0eb5b4e49801}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{F3D3AA8D-EF96-4470-848E-BD70B803047A}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{f4be747e-45c4-4701-90f1-d49d9ac30248}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-3433512109-503559027-1389316256-1766580070-2256751264"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-1260278928-804197538-2066346633-4268302704-2216462912"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-345135819-4012009209-3062012967-1747265747-3674605950"
Win32_DCOMApplication.AppID="{F72671A9-012C-4725-9D2F-2A4D32D65169}" - Win32_SID.SID="S-1-5-80-951620777-1059631183-2804607755-3010024351-809615488"
Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-80-364023826-931424190-487969545-1024119571-74567675"
Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{f735e733-d681-4aef-83c1-7ec82cac5ecc}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{f8842f8e-dafe-4b37-9d38-4e0714a61149}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F8FD03A6-DDD9-4C1B-84EE-58159476A0D7}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-2-1"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-1"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-2"
Win32_DCOMApplication.AppID="{F9717507-6651-4EDB-BFF7-AE615179BCCF}" - Win32_SID.SID="S-1-15-3-3"
Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{FA1456D3-4B97-4f9c-8511-2786161DC333}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{FBF23B40-E3F0-101B-8488-00AA003E56F8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-544"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-19"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-20"
Win32_DCOMApplication.AppID="{FC5EEAF6-0002-11DF-ADB9-F4CE462D9137}" - Win32_SID.SID="S-1-5-32-556"
Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{FCC74B77-EC3E-4dd8-A80B-008A702075A9}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-4"
Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{ff9e6131-a8c1-4188-aa03-82e9f10a05a8}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-1-0"
Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-10"
Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-18"
Win32_DCOMApplication.AppID="{FFE1E5FE-F1F0-48C8-953E-72BA272F2744}" - Win32_SID.SID="S-1-5-32-544"

---------- | SvcHost (Whitelist)

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"DcomLaunch"=Power
LSM
BrokerInfrastructure
PlugPlay
DcomLaunch
SystemEventsBroker
DeviceInstall
"rdxgroup"=RetailDemo
"Camera"=FrameS
"LocalServiceNoNetworkFirewall"=BFE
mpssvc
"diagnostics"=DiagSvc
"AarSvcGroup"=AarSvc
"PrintWorkflow"=PrintWorkflowUserSvc
"wusvcs"=WaaSMedicSvc
"BcastDVRUserService"=BcastDVRUserService
"GraphicsPerfSvcGroup"=GraphicsPerfSvc
"autoTimeSvc"=autoTimeSvc
"ClipboardSvcGroup"=cbdhsvc
"BthAppGroup"=BluetoothUserService
"smbsvcs"=lanmanserver
browser
"UdkSvcGroup"=UdkUserSvc
"DevicesFlow"=DeviceAssociationBrokerSvc
DevicesFlowUserSvc
ConsentUxUserSvc
DevicePickerUserSvc
"McpManagementServiceGroup"=McpManagementService

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost]
"DcomLaunch"=DcomLaunch
DeviceInstall
"PrintWorkflow"=PrintWorkflowUserSvc
"AarSvcGroup"=AarSvc
"DevicesFlow"=DeviceAssociationBrokerSvc
"smbsvcs"=lanmanserver


---------- | SvcHost - Netsvcs (Whitelist)


---------- | Software

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Adobe]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\AppDataLow]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\ATI]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Chromium]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Clients]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\EPSON]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\EPSON Software Updater]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Google]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\iTop Screen Recorder]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Mozilla]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Netscape]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\OpenOffice]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Policies]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\RegisteredApplications]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Seiko Epson Corporation]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\UsbFix]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Wow6432Node]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\AppDataLow\Software\Microsoft]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Accessibility]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Active Setup]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\ActiveMovie]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\ActiveSync]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Assistance]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\AuthCookies]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Avalon.Graphics]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Clipboard]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\CommsAPHost]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\CTF]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\DirectInput]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Edge]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\EdgeUpdate]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\EventSystem]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\F12]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Fax]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Feeds]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\FTP]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\GameBar]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\GameBarApi]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\IdentityCRL]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\IME]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Input]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\InputMethod]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\InputPersonalization]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Internet Connection Wizard]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Internet Explorer]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Keyboard]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\LanguageOverlay]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\MediaPlayer]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Microsoft Management Console]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\MSF]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Multimedia]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Narrator]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\NGC]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Notepad]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Nucleus]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\OneDrive]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Osk]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\PeerNet]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Personalization]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Phone]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Pim]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Poom]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\RAS AutoDial]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Remote Assistance]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\ScreenMagnifier]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Sensors]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\SkyDrive]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Speech]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Speech Virtual]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Speech_OneCore]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Spelling]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\SQMClient]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\StorageLibrary]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\SystemCertificates]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\TabletTip]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\TPG]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Unified Store]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Unistore]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\UserData]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\WAB]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\WcmSvc]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\wfs]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Windows]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Windows Media]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Windows NT]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Windows Script]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Windows Script Host]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Windows Search]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Windows Security Health]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Wisp]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\XboxLive]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\RestartManager]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows\AssignedAccessConfiguration]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows\DWM]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows\Shell]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows\TabletPC]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows\Windows Error Reporting]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows\Winlogon]
[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\Adobe]
[HKLM\Software\AMD]
[HKLM\Software\ATI]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Clients]
[HKLM\Software\CVSM]
[HKLM\Software\DefaultUserEnvironment]
[HKLM\Software\EPSON]
[HKLM\Software\g3n-h@ckm@n]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\Khronos]
[HKLM\Software\Microsoft]
[HKLM\Software\Mozilla]
[HKLM\Software\mozilla.org]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Nuance]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]
[HKLM\Software\OpenSSH]
[HKLM\Software\Partner]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\VideoLAN]
[HKLM\Software\Windows]
[HKLM\Software\WOW6432Node]
[HKLM\SOFTWARE\Microsoft\.NETFramework]
[HKLM\SOFTWARE\Microsoft\AccountsControl]
[HKLM\SOFTWARE\Microsoft\Active Setup]
[HKLM\SOFTWARE\Microsoft\ActiveSync]
[HKLM\SOFTWARE\Microsoft\ADs]
[HKLM\SOFTWARE\Microsoft\Advanced INF Setup]
[HKLM\SOFTWARE\Microsoft\ALG]
[HKLM\SOFTWARE\Microsoft\AllUserInstallAgent]
[HKLM\SOFTWARE\Microsoft\AMSI]
[HKLM\SOFTWARE\Microsoft\Analog]
[HKLM\SOFTWARE\Microsoft\AppServiceProtocols]
[HKLM\SOFTWARE\Microsoft\Assistance]
[HKLM\SOFTWARE\Microsoft\AuthHost]
[HKLM\SOFTWARE\Microsoft\BidInterface]
[HKLM\SOFTWARE\Microsoft\BitLockerCsp]
[HKLM\SOFTWARE\Microsoft\CallAndMessagingEnhancement]
[HKLM\SOFTWARE\Microsoft\Cellular]
[HKLM\SOFTWARE\Microsoft\Chkdsk]
[HKLM\SOFTWARE\Microsoft\Clipboard]
[HKLM\SOFTWARE\Microsoft\ClipboardServer]
[HKLM\SOFTWARE\Microsoft\CloudManagedUpdate]
[HKLM\SOFTWARE\Microsoft\COM3]
[HKLM\SOFTWARE\Microsoft\Command Processor]
[HKLM\SOFTWARE\Microsoft\CommsAPHost]
[HKLM\SOFTWARE\Microsoft\CoreShell]
[HKLM\SOFTWARE\Microsoft\Cryptography]
[HKLM\SOFTWARE\Microsoft\CTF]
[HKLM\SOFTWARE\Microsoft\DataAccess]
[HKLM\SOFTWARE\Microsoft\DataCollection]
[HKLM\SOFTWARE\Microsoft\DataSharing]
[HKLM\SOFTWARE\Microsoft\DDDS]
[HKLM\SOFTWARE\Microsoft\DevDiv]
[HKLM\SOFTWARE\Microsoft\Device Association Framework]
[HKLM\SOFTWARE\Microsoft\DeviceReg]
[HKLM\SOFTWARE\Microsoft\Dfrg]
[HKLM\SOFTWARE\Microsoft\DFS]
[HKLM\SOFTWARE\Microsoft\DiagnosticLogCSP]
[HKLM\SOFTWARE\Microsoft\DirectDraw]
[HKLM\SOFTWARE\Microsoft\DirectInput]
[HKLM\SOFTWARE\Microsoft\DirectMusic]
[HKLM\SOFTWARE\Microsoft\DirectPlay8]
[HKLM\SOFTWARE\Microsoft\DirectPlayNATHelp]
[HKLM\SOFTWARE\Microsoft\DirectShow]
[HKLM\SOFTWARE\Microsoft\DirectX]
[HKLM\SOFTWARE\Microsoft\DownloadManager]
[HKLM\SOFTWARE\Microsoft\Driver Signing]
[HKLM\SOFTWARE\Microsoft\DRM]
[HKLM\SOFTWARE\Microsoft\DusmSvc]
[HKLM\SOFTWARE\Microsoft\DVDNavigator]
[HKLM\SOFTWARE\Microsoft\DVR]
[HKLM\SOFTWARE\Microsoft\DXP]
[HKLM\SOFTWARE\Microsoft\EAPSIMMethods]
[HKLM\SOFTWARE\Microsoft\Edge]
[HKLM\SOFTWARE\Microsoft\Enrollment]
[HKLM\SOFTWARE\Microsoft\Enrollments]
[HKLM\SOFTWARE\Microsoft\EnterpriseCertificates]
[HKLM\SOFTWARE\Microsoft\EnterpriseDataProtection]
[HKLM\SOFTWARE\Microsoft\EnterpriseResourceManager]
[HKLM\SOFTWARE\Microsoft\EventSounds]
[HKLM\SOFTWARE\Microsoft\EventSystem]
[HKLM\SOFTWARE\Microsoft\F12]
[HKLM\SOFTWARE\Microsoft\FamilyStore]
[HKLM\SOFTWARE\Microsoft\Fax]
[HKLM\SOFTWARE\Microsoft\FaxServer]
[HKLM\SOFTWARE\Microsoft\Feeds]
[HKLM\SOFTWARE\Microsoft\FilePicker]
[HKLM\SOFTWARE\Microsoft\FilterDS]
[HKLM\SOFTWARE\Microsoft\FingerKB]
[HKLM\SOFTWARE\Microsoft\FTH]
[HKLM\SOFTWARE\Microsoft\Function Discovery]
[HKLM\SOFTWARE\Microsoft\Fusion]
[HKLM\SOFTWARE\Microsoft\FuzzyDS]
[HKLM\SOFTWARE\Microsoft\GameOverlay]
[HKLM\SOFTWARE\Microsoft\HTMLHelp]
[HKLM\SOFTWARE\Microsoft\IdentityCRL]
[HKLM\SOFTWARE\Microsoft\IdentityStore]
[HKLM\SOFTWARE\Microsoft\IHDS]
[HKLM\SOFTWARE\Microsoft\ImageTimeSettings]
[HKLM\SOFTWARE\Microsoft\IMAPI]
[HKLM\SOFTWARE\Microsoft\IME]
[HKLM\SOFTWARE\Microsoft\IMEJP]
[HKLM\SOFTWARE\Microsoft\IMEKR]
[HKLM\SOFTWARE\Microsoft\IMETC]
[HKLM\SOFTWARE\Microsoft\InProcLogger]
[HKLM\SOFTWARE\Microsoft\Input]
[HKLM\SOFTWARE\Microsoft\InputMethod]
[HKLM\SOFTWARE\Microsoft\InputPersonalization]
[HKLM\SOFTWARE\Microsoft\Internet Account Manager]
[HKLM\SOFTWARE\Microsoft\Internet Domains]
[HKLM\SOFTWARE\Microsoft\Internet Explorer]
[HKLM\SOFTWARE\Microsoft\IsoBurn]
[HKLM\SOFTWARE\Microsoft\KGL]
[HKLM\SOFTWARE\Microsoft\LanguageOverlay]
[HKLM\SOFTWARE\Microsoft\LexiconUpdate]
[HKLM\SOFTWARE\Microsoft\Managed Desktop]
[HKLM\SOFTWARE\Microsoft\MdmCommon]
[HKLM\SOFTWARE\Microsoft\MdmDiagnostics]
[HKLM\SOFTWARE\Microsoft\MediaEngine]
[HKLM\SOFTWARE\Microsoft\MediaPlayer]
[HKLM\SOFTWARE\Microsoft\MemoryDiagnostic]
[HKLM\SOFTWARE\Microsoft\Messaging]
[HKLM\SOFTWARE\Microsoft\MessengerService]
[HKLM\SOFTWARE\Microsoft\Microsoft Camera Codec Pack]
[HKLM\SOFTWARE\Microsoft\MiracastReceiver]
[HKLM\SOFTWARE\Microsoft\MMC]
[HKLM\SOFTWARE\Microsoft\Mobile]
[HKLM\SOFTWARE\Microsoft\MpSigStub]
[HKLM\SOFTWARE\Microsoft\MSBuild]
[HKLM\SOFTWARE\Microsoft\MSDE]
[HKLM\SOFTWARE\Microsoft\MSDRM]
[HKLM\SOFTWARE\Microsoft\MSDTC]
[HKLM\SOFTWARE\Microsoft\MSF]
[HKLM\SOFTWARE\Microsoft\MSIME]
[HKLM\SOFTWARE\Microsoft\MSLicensing]
[HKLM\SOFTWARE\Microsoft\MSMQ]
[HKLM\SOFTWARE\Microsoft\MSN Apps]
[HKLM\SOFTWARE\Microsoft\MTF]
[HKLM\SOFTWARE\Microsoft\MTFFuzzyFactors]
[HKLM\SOFTWARE\Microsoft\MTFInputType]
[HKLM\SOFTWARE\Microsoft\MTFKeyboardMappings]
[HKLM\SOFTWARE\Microsoft\Multimedia]
[HKLM\SOFTWARE\Microsoft\Multivariant]
[HKLM\SOFTWARE\Microsoft\NET Framework Setup]
[HKLM\SOFTWARE\Microsoft\NetSh]
[HKLM\SOFTWARE\Microsoft\Network]
[HKLM\SOFTWARE\Microsoft\Non-Driver Signing]
[HKLM\SOFTWARE\Microsoft\Notepad]
[HKLM\SOFTWARE\Microsoft\ODBC]
[HKLM\SOFTWARE\Microsoft\OEM]
[HKLM\SOFTWARE\Microsoft\OfficeCSP]
[HKLM\SOFTWARE\Microsoft\Ole]
[HKLM\SOFTWARE\Microsoft\OnlineProviders]
[HKLM\SOFTWARE\Microsoft\Outlook Express]
[HKLM\SOFTWARE\Microsoft\Palm]
[HKLM\SOFTWARE\Microsoft\PCHC]
[HKLM\SOFTWARE\Microsoft\PCHealthCheck]
[HKLM\SOFTWARE\Microsoft\Personalization]
[HKLM\SOFTWARE\Microsoft\Phone]
[HKLM\SOFTWARE\Microsoft\Photos]
[HKLM\SOFTWARE\Microsoft\Pim]
[HKLM\SOFTWARE\Microsoft\PLA]
[HKLM\SOFTWARE\Microsoft\PlayToReceiver]
[HKLM\SOFTWARE\Microsoft\PointOfService]
[HKLM\SOFTWARE\Microsoft\Policies]
[HKLM\SOFTWARE\Microsoft\PolicyManager]
[HKLM\SOFTWARE\Microsoft\Poom]
[HKLM\SOFTWARE\Microsoft\PowerShell]
[HKLM\SOFTWARE\Microsoft\Print]
[HKLM\SOFTWARE\Microsoft\Provisioning]
[HKLM\SOFTWARE\Microsoft\PushRouter]
[HKLM\SOFTWARE\Microsoft\RADAR]
[HKLM\SOFTWARE\Microsoft\Ras]
[HKLM\SOFTWARE\Microsoft\RAS AutoDial]
[HKLM\SOFTWARE\Microsoft\RcsPresence]
[HKLM\SOFTWARE\Microsoft\Reliability Analysis]
[HKLM\SOFTWARE\Microsoft\Remediation]
[HKLM\SOFTWARE\Microsoft\RemovalTools]
[HKLM\SOFTWARE\Microsoft\RendezvousApps]
[HKLM\SOFTWARE\Microsoft\Router]
[HKLM\SOFTWARE\Microsoft\Rpc]
[HKLM\SOFTWARE\Microsoft\SchedulingAgent]
[HKLM\SOFTWARE\Microsoft\Security Center]
[HKLM\SOFTWARE\Microsoft\SecurityManager]
[HKLM\SOFTWARE\Microsoft\SEMgr]
[HKLM\SOFTWARE\Microsoft\Sensors]
[HKLM\SOFTWARE\Microsoft\Shared Tools]
[HKLM\SOFTWARE\Microsoft\Shared Tools Location]
[HKLM\SOFTWARE\Microsoft\Shell]
[HKLM\SOFTWARE\Microsoft\SIH]
[HKLM\SOFTWARE\Microsoft\Siuf]
[HKLM\SOFTWARE\Microsoft\SMB1Uninstall]
[HKLM\SOFTWARE\Microsoft\Software]
[HKLM\SOFTWARE\Microsoft\Speech]
[HKLM\SOFTWARE\Microsoft\Speech_OneCore]
[HKLM\SOFTWARE\Microsoft\SQMClient]
[HKLM\SOFTWARE\Microsoft\Sync Framework]
[HKLM\SOFTWARE\Microsoft\Sysprep]
[HKLM\SOFTWARE\Microsoft\SystemCertificates]
[HKLM\SOFTWARE\Microsoft\SystemSettings]
[HKLM\SOFTWARE\Microsoft\TableTextService]
[HKLM\SOFTWARE\Microsoft\TabletTip]
[HKLM\SOFTWARE\Microsoft\TaskFlowDataEngine]
[HKLM\SOFTWARE\Microsoft\Tcpip]
[HKLM\SOFTWARE\Microsoft\TelemetryClient]
[HKLM\SOFTWARE\Microsoft\Terminal Server Client]
[HKLM\SOFTWARE\Microsoft\TermServLicensing]
[HKLM\SOFTWARE\Microsoft\TMM]
[HKLM\SOFTWARE\Microsoft\TouchPrediction]
[HKLM\SOFTWARE\Microsoft\TPG]
[HKLM\SOFTWARE\Microsoft\Tpm]
[HKLM\SOFTWARE\Microsoft\Tracing]
[HKLM\SOFTWARE\Microsoft\Transaction Server]
[HKLM\SOFTWARE\Microsoft\TV System Services]
[HKLM\SOFTWARE\Microsoft\uDRM]
[HKLM\SOFTWARE\Microsoft\Unified Store]
[HKLM\SOFTWARE\Microsoft\UNP]
[HKLM\SOFTWARE\Microsoft\UPnP Control Point]
[HKLM\SOFTWARE\Microsoft\UPnP Device Host]
[HKLM\SOFTWARE\Microsoft\UserData]
[HKLM\SOFTWARE\Microsoft\UserManager]
[HKLM\SOFTWARE\Microsoft\Virtual Machine]
[HKLM\SOFTWARE\Microsoft\WAB]
[HKLM\SOFTWARE\Microsoft\Wallet]
[HKLM\SOFTWARE\Microsoft\Wbem]
[HKLM\SOFTWARE\Microsoft\WcmSvc]
[HKLM\SOFTWARE\Microsoft\WIMMount]
[HKLM\SOFTWARE\Microsoft\Windows]
[HKLM\SOFTWARE\Microsoft\Windows Defender]
[HKLM\SOFTWARE\Microsoft\Windows Defender Security Center]
[HKLM\SOFTWARE\Microsoft\Windows Desktop Search]
[HKLM\SOFTWARE\Microsoft\Windows Mail]
[HKLM\SOFTWARE\Microsoft\Windows Media Device Manager]
[HKLM\SOFTWARE\Microsoft\Windows Media Foundation]
[HKLM\SOFTWARE\Microsoft\Windows Media Player NSS]
[HKLM\SOFTWARE\Microsoft\Windows Messaging Subsystem]
[HKLM\SOFTWARE\Microsoft\Windows NT]
[HKLM\SOFTWARE\Microsoft\Windows Photo Viewer]
[HKLM\SOFTWARE\Microsoft\Windows Portable Devices]
[HKLM\SOFTWARE\Microsoft\Windows Script Host]
[HKLM\SOFTWARE\Microsoft\Windows Search]
[HKLM\SOFTWARE\Microsoft\Windows Security Health]
[HKLM\SOFTWARE\Microsoft\WindowsRuntime]
[HKLM\SOFTWARE\Microsoft\WindowsSelfHost]
[HKLM\SOFTWARE\Microsoft\WindowsUpdate]
[HKLM\SOFTWARE\Microsoft\Wisp]
[HKLM\SOFTWARE\Microsoft\WlanSvc]
[HKLM\SOFTWARE\Microsoft\Wlpasvc]
[HKLM\SOFTWARE\Microsoft\Wow64]
[HKLM\SOFTWARE\Microsoft\WSDAPI]
[HKLM\SOFTWARE\Microsoft\WwanSvc]
[HKLM\SOFTWARE\Microsoft\XAML]
[HKLM\Software\Microsoft\Windows\Autopilot]
[HKLM\Software\Microsoft\Windows\ClickNote]
[HKLM\Software\Microsoft\Windows\CurrentVersion]
[HKLM\Software\Microsoft\Windows\Dwm]
[HKLM\Software\Microsoft\Windows\DynamicManagement]
[HKLM\Software\Microsoft\Windows\EnterpriseResourceManager]
[HKLM\Software\Microsoft\Windows\Heat]
[HKLM\Software\Microsoft\Windows\HTML Help]
[HKLM\Software\Microsoft\Windows\ITStorage]
[HKLM\Software\Microsoft\Windows\NcsiUwpApp]
[HKLM\Software\Microsoft\Windows\Notepad]
[HKLM\Software\Microsoft\Windows\ScheduledDiagnostics]
[HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\Microsoft\Windows\Shell]
[HKLM\Software\Microsoft\Windows\Tablet PC]
[HKLM\Software\Microsoft\Windows\TabletPC]
[HKLM\Software\Microsoft\Windows\UpdateApi]
[HKLM\Software\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\Microsoft\Windows\Windows Search]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\autotimesvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BcastDVRUserService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\btagservice]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\BthAppGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\Camera]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ClipboardSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DevicesFlow]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\diagnostics]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\GraphicsPerfSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\McpManagementServiceGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\rdxgroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\RmSvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UdkSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs]
[HKLM\Software\WOW6432Node\Adobe]
[HKLM\Software\WOW6432Node\AMD]
[HKLM\Software\WOW6432Node\ATI]
[HKLM\Software\WOW6432Node\ATI Technologies]
[HKLM\Software\WOW6432Node\EPSON]
[HKLM\Software\WOW6432Node\Google]
[HKLM\Software\WOW6432Node\InstallShield]
[HKLM\Software\WOW6432Node\Intel]
[HKLM\Software\WOW6432Node\iTop Screen Recorder]
[HKLM\Software\WOW6432Node\Khronos]
[HKLM\Software\WOW6432Node\Microsoft]
[HKLM\Software\WOW6432Node\Mozilla]
[HKLM\Software\WOW6432Node\Nuance]
[HKLM\Software\WOW6432Node\ODBC]
[HKLM\Software\WOW6432Node\OpenOffice]
[HKLM\Software\WOW6432Node\SEIKO EPSON Corp.]
[HKLM\Software\WOW6432Node\Seiko Epson Corporation]
[HKLM\Software\WOW6432Node\Wow6432Node]
[HKLM\Software\WOW6432Node\Clients]
[HKLM\Software\WOW6432Node\Policies]
[HKLM\Software\WOW6432Node\RegisteredApplications]
[HKLM\Software\WOW6432Node\Microsoft\.NETFramework]
[HKLM\Software\WOW6432Node\Microsoft\Active Setup]
[HKLM\Software\WOW6432Node\Microsoft\ADs]
[HKLM\Software\WOW6432Node\Microsoft\Advanced INF Setup]
[HKLM\Software\WOW6432Node\Microsoft\AMSI]
[HKLM\Software\WOW6432Node\Microsoft\AppServiceProtocols]
[HKLM\Software\WOW6432Node\Microsoft\Assistance]
[HKLM\Software\WOW6432Node\Microsoft\AuthHost]
[HKLM\Software\WOW6432Node\Microsoft\BidInterface]
[HKLM\Software\WOW6432Node\Microsoft\BitLockerCsp]
[HKLM\Software\WOW6432Node\Microsoft\ClipboardServer]
[HKLM\Software\WOW6432Node\Microsoft\Command Processor]
[HKLM\Software\WOW6432Node\Microsoft\Cryptography]
[HKLM\Software\WOW6432Node\Microsoft\CTF]
[HKLM\Software\WOW6432Node\Microsoft\DataAccess]
[HKLM\Software\WOW6432Node\Microsoft\DevDiv]
[HKLM\Software\WOW6432Node\Microsoft\Device Association Framework]
[HKLM\Software\WOW6432Node\Microsoft\Direct3D]
[HKLM\Software\WOW6432Node\Microsoft\DirectDraw]
[HKLM\Software\WOW6432Node\Microsoft\DirectInput]
[HKLM\Software\WOW6432Node\Microsoft\DirectMusic]
[HKLM\Software\WOW6432Node\Microsoft\DirectPlay]
[HKLM\Software\WOW6432Node\Microsoft\DirectPlay8]
[HKLM\Software\WOW6432Node\Microsoft\DirectPlayNATHelp]
[HKLM\Software\WOW6432Node\Microsoft\DirectShow]
[HKLM\Software\WOW6432Node\Microsoft\DirectX]
[HKLM\Software\WOW6432Node\Microsoft\DownloadManager]
[HKLM\Software\WOW6432Node\Microsoft\DRM]
[HKLM\Software\WOW6432Node\Microsoft\DVDNavigator]
[HKLM\Software\WOW6432Node\Microsoft\DVR]
[HKLM\Software\WOW6432Node\Microsoft\EAPSIMMethods]
[HKLM\Software\WOW6432Node\Microsoft\Edge]
[HKLM\Software\WOW6432Node\Microsoft\EdgeUpdate]
[HKLM\Software\WOW6432Node\Microsoft\ENROLLMENTS]
[HKLM\Software\WOW6432Node\Microsoft\EnterpriseResourceManager]
[HKLM\Software\WOW6432Node\Microsoft\Exchange]
[HKLM\Software\WOW6432Node\Microsoft\F12]
[HKLM\Software\WOW6432Node\Microsoft\Fax]
[HKLM\Software\WOW6432Node\Microsoft\Feeds]
[HKLM\Software\WOW6432Node\Microsoft\FilePicker]
[HKLM\Software\WOW6432Node\Microsoft\Function Discovery]
[HKLM\Software\WOW6432Node\Microsoft\Fusion]
[HKLM\Software\WOW6432Node\Microsoft\GameOverlay]
[HKLM\Software\WOW6432Node\Microsoft\HTMLHelp]
[HKLM\Software\WOW6432Node\Microsoft\IdentityCRL]
[HKLM\Software\WOW6432Node\Microsoft\IdentityStore]
[HKLM\Software\WOW6432Node\Microsoft\IMAPI]
[HKLM\Software\WOW6432Node\Microsoft\IME]
[HKLM\Software\WOW6432Node\Microsoft\IMEJP]
[HKLM\Software\WOW6432Node\Microsoft\IMEKR]
[HKLM\Software\WOW6432Node\Microsoft\IMETC]
[HKLM\Software\WOW6432Node\Microsoft\InputMethod]
[HKLM\Software\WOW6432Node\Microsoft\InputPersonalization]
[HKLM\Software\WOW6432Node\Microsoft\Internet Account Manager]
[HKLM\Software\WOW6432Node\Microsoft\Internet Domains]
[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer]
[HKLM\Software\WOW6432Node\Microsoft\IsoBurn]
[HKLM\Software\WOW6432Node\Microsoft\Jet]
[HKLM\Software\WOW6432Node\Microsoft\MediaEngine]
[HKLM\Software\WOW6432Node\Microsoft\MediaPlayer]
[HKLM\Software\WOW6432Node\Microsoft\MessengerService]
[HKLM\Software\WOW6432Node\Microsoft\Microsoft Camera Codec Pack]
[HKLM\Software\WOW6432Node\Microsoft\MiracastReceiver]
[HKLM\Software\WOW6432Node\Microsoft\MMC]
[HKLM\Software\WOW6432Node\Microsoft\MSBuild]
[HKLM\Software\WOW6432Node\Microsoft\MSDE]
[HKLM\Software\WOW6432Node\Microsoft\MSDRM]
[HKLM\Software\WOW6432Node\Microsoft\MSDTC]
[HKLM\Software\WOW6432Node\Microsoft\MSF]
[HKLM\Software\WOW6432Node\Microsoft\MSLicensing]
[HKLM\Software\WOW6432Node\Microsoft\MSN Apps]
[HKLM\Software\WOW6432Node\Microsoft\Multimedia]
[HKLM\Software\WOW6432Node\Microsoft\NET Framework Setup]
[HKLM\Software\WOW6432Node\Microsoft\NetSh]
[HKLM\Software\WOW6432Node\Microsoft\Network]
[HKLM\Software\WOW6432Node\Microsoft\Notepad]
[HKLM\Software\WOW6432Node\Microsoft\ODBC]
[HKLM\Software\WOW6432Node\Microsoft\OEM]
[HKLM\Software\WOW6432Node\Microsoft\Office Server]
[HKLM\Software\WOW6432Node\Microsoft\OnlineProviders]
[HKLM\Software\WOW6432Node\Microsoft\Outlook Express]
[HKLM\Software\WOW6432Node\Microsoft\Palm]
[HKLM\Software\WOW6432Node\Microsoft\Personalization]
[HKLM\Software\WOW6432Node\Microsoft\Photos]
[HKLM\Software\WOW6432Node\Microsoft\PLA]
[HKLM\Software\WOW6432Node\Microsoft\Policies]
[HKLM\Software\WOW6432Node\Microsoft\PowerShell]
[HKLM\Software\WOW6432Node\Microsoft\Print]
[HKLM\Software\WOW6432Node\Microsoft\Provisioning]
[HKLM\Software\WOW6432Node\Microsoft\RADAR]
[HKLM\Software\WOW6432Node\Microsoft\RendezvousApps]
[HKLM\Software\WOW6432Node\Microsoft\SchedulingAgent]
[HKLM\Software\WOW6432Node\Microsoft\Security Center]
[HKLM\Software\WOW6432Node\Microsoft\Sensors]
[HKLM\Software\WOW6432Node\Microsoft\Shared Tools]
[HKLM\Software\WOW6432Node\Microsoft\Shared Tools Location]
[HKLM\Software\WOW6432Node\Microsoft\Software]
[HKLM\Software\WOW6432Node\Microsoft\SPEECH]
[HKLM\Software\WOW6432Node\Microsoft\Speech_OneCore]
[HKLM\Software\WOW6432Node\Microsoft\SQMClient]
[HKLM\Software\WOW6432Node\Microsoft\Sync Framework]
[HKLM\Software\WOW6432Node\Microsoft\SystemSettings]
[HKLM\Software\WOW6432Node\Microsoft\TableTextService]
[HKLM\Software\WOW6432Node\Microsoft\TabletTip]
[HKLM\Software\WOW6432Node\Microsoft\Tcpip]
[HKLM\Software\WOW6432Node\Microsoft\Terminal Server Client]
[HKLM\Software\WOW6432Node\Microsoft\TouchPrediction]
[HKLM\Software\WOW6432Node\Microsoft\TPG]
[HKLM\Software\WOW6432Node\Microsoft\Tpm]
[HKLM\Software\WOW6432Node\Microsoft\Tracing]
[HKLM\Software\WOW6432Node\Microsoft\TV System Services]
[HKLM\Software\WOW6432Node\Microsoft\uDRM]
[HKLM\Software\WOW6432Node\Microsoft\Updates]
[HKLM\Software\WOW6432Node\Microsoft\UPnP Control Point]
[HKLM\Software\WOW6432Node\Microsoft\UPnP Device Host]
[HKLM\Software\WOW6432Node\Microsoft\VisualStudio]
[HKLM\Software\WOW6432Node\Microsoft\WAB]
[HKLM\Software\WOW6432Node\Microsoft\WBEM]
[HKLM\Software\WOW6432Node\Microsoft\WIMMount]
[HKLM\Software\WOW6432Node\Microsoft\Windows]
[HKLM\Software\WOW6432Node\Microsoft\Windows Desktop Search]
[HKLM\Software\WOW6432Node\Microsoft\Windows Mail]
[HKLM\Software\WOW6432Node\Microsoft\Windows Media Device Manager]
[HKLM\Software\WOW6432Node\Microsoft\Windows Media Foundation]
[HKLM\Software\WOW6432Node\Microsoft\Windows Media Player NSS]
[HKLM\Software\WOW6432Node\Microsoft\Windows Messaging Subsystem]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT]
[HKLM\Software\WOW6432Node\Microsoft\Windows Photo Viewer]
[HKLM\Software\WOW6432Node\Microsoft\Windows Portable Devices]
[HKLM\Software\WOW6432Node\Microsoft\Windows Script Host]
[HKLM\Software\WOW6432Node\Microsoft\WindowsRuntime]
[HKLM\Software\WOW6432Node\Microsoft\WindowsUpdate]
[HKLM\Software\WOW6432Node\Microsoft\Wisp]
[HKLM\Software\WOW6432Node\Microsoft\WlanSvc]
[HKLM\Software\WOW6432Node\Microsoft\WSDAPI]
[HKLM\Software\WOW6432Node\Microsoft\Cellular]
[HKLM\Software\WOW6432Node\Microsoft\COM3]
[HKLM\Software\WOW6432Node\Microsoft\DeviceReg]
[HKLM\Software\WOW6432Node\Microsoft\DFS]
[HKLM\Software\WOW6432Node\Microsoft\Driver Signing]
[HKLM\Software\WOW6432Node\Microsoft\EnterpriseCertificates]
[HKLM\Software\WOW6432Node\Microsoft\EventSystem]
[HKLM\Software\WOW6432Node\Microsoft\FingerKB]
[HKLM\Software\WOW6432Node\Microsoft\FuzzyDS]
[HKLM\Software\WOW6432Node\Microsoft\Input]
[HKLM\Software\WOW6432Node\Microsoft\LanguageOverlay]
[HKLM\Software\WOW6432Node\Microsoft\Messaging]
[HKLM\Software\WOW6432Node\Microsoft\MSMQ]
[HKLM\Software\WOW6432Node\Microsoft\MTF]
[HKLM\Software\WOW6432Node\Microsoft\MTFFuzzyFactors]
[HKLM\Software\WOW6432Node\Microsoft\MTFInputType]
[HKLM\Software\WOW6432Node\Microsoft\MTFKeyboardMappings]
[HKLM\Software\WOW6432Node\Microsoft\Non-Driver Signing]
[HKLM\Software\WOW6432Node\Microsoft\Ole]
[HKLM\Software\WOW6432Node\Microsoft\Phone]
[HKLM\Software\WOW6432Node\Microsoft\Pim]
[HKLM\Software\WOW6432Node\Microsoft\Poom]
[HKLM\Software\WOW6432Node\Microsoft\Ras]
[HKLM\Software\WOW6432Node\Microsoft\Rpc]
[HKLM\Software\WOW6432Node\Microsoft\SecurityManager]
[HKLM\Software\WOW6432Node\Microsoft\Semgr]
[HKLM\Software\WOW6432Node\Microsoft\Shell]
[HKLM\Software\WOW6432Node\Microsoft\SystemCertificates]
[HKLM\Software\WOW6432Node\Microsoft\TermServLicensing]
[HKLM\Software\WOW6432Node\Microsoft\Transaction Server]
[HKLM\Software\WOW6432Node\Microsoft\Unified Store]
[HKLM\Software\WOW6432Node\Microsoft\UserData]
[HKLM\Software\WOW6432Node\Microsoft\Windows Search]
[HKLM\Software\WOW6432Node\Microsoft\XAML]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Dwm]
[HKLM\Software\WOW6432Node\Microsoft\Windows\EnterpriseResourceManager]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Heat]
[HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC]
[HKLM\Software\WOW6432Node\Microsoft\Windows\UpdateApi]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\AarSvc]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceHttp]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestrictedDhcpLmHosts]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetworkFirewall]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceDnsNla]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\PrintWorkflow]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wusvcs]

---------- | FeatureControl

[HKU\S-1-5-21-3945783615-3853108761-1058730989-1001\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
"AcroRd32.exe"="11000"
"OneDrive.exe"="11000"
"Acrobat.exe"="11000"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]
"*"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
"infopath.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]
"HelpPane.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
"HelpPane.exe"="10000"
"prevhost.exe"="8000"
"UNPUXHost.exe"="11000"
"AASIapp.exe"="11000"
"Acrobat.exe"="11000"
"AcroDist.exe"="11000"
"AcroLicApp.exe"="11000"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_IE_SHELLEXECUTE_CALLS]
"*"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]
"*"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
"SAPfewgsrv.exe"="0"
"SAPGUI.exe"="0"
"SAPGuiIT.exe"="0"
"SAPLgPad.exe"="0"
"SAPLOGON.exe"="0"
"Scale_for_R3.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]
"ieuser.exe"="1"
"iexplore.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]
"YahooMusicEngine.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE]
"HelpPane.exe"="100000"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]
"devenv.exe"="1"
"dexplore.exe"="1"
"helppane.exe"="1"
"PresentationHost.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]
"msfeedssync.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]
"HelpPane.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]
""=""
"msiexec.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]
"cs.exe"="1"
"waol.exe"="1"
"wm.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]
"iexplore.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]
"helppane.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]
"wlmail.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]
"explorer.exe"="4"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]
"explorer.exe"="2"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]
"mshta.exe"="1"
"outlook.exe"="1"
"sidebar.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]
"explorer.exe"="0"
"iexplore.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]
"communicator.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]
"msimn.exe"="1"
"prevhost.exe"="1"
"winmail.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]
"HelpPane.exe"="0"
"prevhost.exe"="0"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]
"msimn.exe"="1"
"outlook.exe"="1"
"winmail.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]
"HelpPane.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]
"infopath.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE]
"HelpPane.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]
"msn.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]
"iexplore.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]
"explorer.exe"="1"
"iexplore.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ACTIVEX_REPURPOSEDETECTION]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ADDON_MANAGEMENT]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BEHAVIORS]
"*"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
"infopath.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_INPUT_PROMPTS]
"HelpPane.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_IMG]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_OBJECT]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BLOCK_LMZ_SCRIPT]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION]
"HelpPane.exe"="10000"
"prevhost.exe"="8000"
"Acrodist.exe"="11000"
"AcroLicApp.exe"="11000"
"Acrobat.exe"="11000"
"AASIapp.exe"="11000"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_IE_SHELLEXECUTE_CALLS]
"*"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_LEGACY_COMPRESSION]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_MK_PROTOCOL]
"*"="1"
"explorer.exe"="1"
"iexplore.exe"="1"
"SAPfewgsrv.exe"="0"
"SAPGUI.exe"="0"
"SAPGuiIT.exe"="0"
"SAPLgPad.exe"="0"
"SAPLOGON.exe"="0"
"Scale_for_R3.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_SQM_UPLOAD_FOR_APP]
"ieuser.exe"="1"
"iexplore.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_TELNET_PROTOCOL]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DISABLE_UNICODE_HANDLE_CLOSING_CALLBACK]
"YahooMusicEngine.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_DOCUMENT_COMPATIBLE_MODE]
"HelpPane.exe"="100000"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT]
"devenv.exe"="1"
"dexplore.exe"="1"
"helppane.exe"="1"
"PresentationHost.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FEEDS]
"msfeedssync.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_FORCE_ADDR_AND_STATUS]
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_HTTP_USERNAME_PASSWORD_DISABLE]
"HelpPane.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IGNORE_XML_PROLOG]
""=""
"msiexec.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_IMAGING_USE_ART]
"cs.exe"="1"
"waol.exe"="1"
"wm.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_INTERNET_SHELL_FOLDERS]
"iexplore.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DISPPARAMS]
"helppane.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LEGACY_DLCONTROL_BEHAVIORS]
"wlmail.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_LOCALMACHINE_LOCKDOWN]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPER1_0SERVER]
"explorer.exe"="4"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MAXCONNECTIONSPERSERVER]
"explorer.exe"="2"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_HANDLING]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MIME_SNIFFING]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_MSHTML_AUTOLOAD_IEFRAME]
"mshta.exe"="1"
"outlook.exe"="1"
"sidebar.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_OBJECT_CACHING]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_PROTOCOL_LOCKDOWN]
"explorer.exe"="0"
"iexplore.exe"="0"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RELEASE_CALLBACK_ON_STOP_BINDING]
"communicator.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ABOUT_PROTOCOL_IE7]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_ACTIVEXINSTALL]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_FILEDOWNLOAD]
"msimn.exe"="1"
"prevhost.exe"="1"
"winmail.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_OBJECT_DATA_ATTRIBUTE]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_RESTRICT_RES_TO_LMZ]
"HelpPane.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SAFE_BINDTOOBJECT]
"explorer.exe"="1"
"HelpPane.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SECURITYBAND]
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHIM_MSHELP_COMBINE]
"HelpPane.exe"="0"
"prevhost.exe"="0"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SHOW_APP_PROTOCOL_WARN_DIALOG]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SSLUX]
"PresentationHost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_SUBDOWNLOAD_LOCKDOWN]
"msimn.exe"="1"
"outlook.exe"="1"
"winmail.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_UNC_SAVEDFILECHECK]
"HelpPane.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_USE_WINDOWEDSELECTCONTROL]
"infopath.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VALIDATE_NAVIGATE_URL]
"HelpPane.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_VIEWLINKEDWEBOC_IS_UNSAFE]
"HelpPane.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD]
"msn.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WEBOC_POPUPMANAGEMENT]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_WINDOW_RESTRICTIONS]
"explorer.exe"="1"
"iexplore.exe"="1"
"wmplayer.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_XSSFILTER]
"iexplore.exe"="1"
"prevhost.exe"="1"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ZONE_ELEVATION]
"explorer.exe"="1"
"iexplore.exe"="1"
"PresentationHost.exe"="1"
"prevhost.exe"="1"
"wmplayer.exe"="1"

---------- | The Created last ones ¦ Modified

[MD5.00000000000000000000000000000000] - [01/09/2022 11:13:45] - |D| - [83237309] - C:\Program Files (x86)\epson
[MD5.00000000000000000000000000000000] - [01/09/2022 11:17:10] - |D| - [76408616] - C:\Program Files (x86)\Epson Software
[MD5.00000000000000000000000000000000] - [01/09/2022 11:14:16] - |HD| - [10138216] - C:\Program Files (x86)\InstallShield Installation Information
[MD5.00000000000000000000000000000000] - [12/09/2022 10:04:01] - |D| - [8539811] - C:\Program Files (x86)\UsbFix
[MD5.820B97429E4153A743708B376807EE69] - [01/09/2022 11:37:33] - |A| - [81408] - C:\Windows\bfsvc.exe
[MD5.7A413DDD10E81ADB6BB5D5E38F399D08] - [01/09/2022 11:37:54] - |A| - [5126256] - C:\Windows\explorer.exe
[MD5.7E8FAEC2E175C8B45B6D380A6A4C9503] - [01/09/2022 11:44:15] - |A| - [1075712] - C:\Windows\HelpPane.exe
[MD5.27F71B12CB585541885A31BE22F61C83] - [01/09/2022 11:47:45] - |A| - [201216] - C:\Windows\notepad.exe
[MD5.44BC415D7316FE784EB7FA9A395229F3] - [01/09/2022 11:37:39] - |A| - [163840] - C:\Windows\splwow64.exe
[MD5.00000000000000000000000000000000] - [02/09/2022 00:33:02] - |D| - [0] - C:\Windows\SystemTemp
[MD5.1CD24E06912C1C7FEB057AE23322787F] - [08/09/2022 15:02:49] - |A| - [1063424] - C:\Windows\Installer\21fd0ca8.msi
[MD5.372536BF13E51B494DCA602533FF613F] - [08/09/2022 04:24:49] - |RA| - [65650688] - C:\Windows\Installer\3564b0f8.msp
[MD5.057009FC96F0C7DA072149B832D52024] - [01/09/2022 11:18:30] - |A| - [20480] - C:\Windows\Installer\SourceHash{26A9B753-4B5D-46D8-A329-5CEF96FC22D2}
[MD5.5B5B1F3946FB1CAFAA28D27E4B6469B2] - [01/09/2022 10:54:53] - |A| - [20480] - C:\Windows\Installer\SourceHash{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}
[MD5.D0843C6CCA6AE01442C4021B26A411B1] - [01/09/2022 11:18:42] - |A| - [20480] - C:\Windows\Installer\SourceHash{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}
[MD5.5219072799A8860EAA5C1627450CD269] - [01/09/2022 10:43:32] - |A| - [20480] - C:\Windows\Installer\SourceHash{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}
[MD5.0749F8DF06452AA0AEEAF5ABEA34158F] - [08/09/2022 15:03:15] - |A| - [20480] - C:\Windows\Installer\SourceHash{AC76BA86-0804-1033-1959-018244601013}
[MD5.172B7834E8D1A92D747737C9865A5873] - [01/09/2022 12:22:01] - |A| - [20480] - C:\Windows\Installer\SourceHash{AC76BA86-1036-1033-7760-BC15014EA700}
[MD5.00000000000000000000000000000000] - [01/09/2022 11:18:33] - |D| - [50659] - C:\Windows\Installer\{26A9B753-4B5D-46D8-A329-5CEF96FC22D2}
[MD5.00000000000000000000000000000000] - [01/09/2022 11:18:59] - |D| - [72888] - C:\Windows\Installer\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}
[MD5.00000000000000000000000000000000] - [01/09/2022 10:43:37] - |D| - [61683] - C:\Windows\Installer\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}
[MD5.00000000000000000000000000000000] - [08/09/2022 15:03:31] - |D| - [10134] - C:\Windows\Installer\{AC76BA86-0804-1033-1959-018244601013}
[MD5.00000000000000000000000000000000] - [01/09/2022 12:24:08] - |D| - [5406720] - C:\Windows\Installer\{AC76BA86-1036-1033-7760-BC15014EA700}
[MD5.C20B9D20821988CA2EE4425E114D6E30] - [01/09/2022 11:41:40] - |A| - [13168] - C:\Windows\system32\6bea57fb-8dfb-4177-9ae8-42e8b3529933_RuntimeDeviceInstall.dll
[MD5.136058E77989B77D2F7A70BA2A90621A] - [01/09/2022 11:38:17] - |A| - [459264] - C:\Windows\system32\aadauthhelper.dll
[MD5.97FC79C1EECA63CD9627D5E1D07E454E] - [01/09/2022 11:38:17] - |A| - [1002496] - C:\Windows\system32\aadcloudap.dll
[MD5.C5CB3A7026CE5912B631FBFBB18B0D31] - [01/09/2022 11:39:31] - |A| - [98816] - C:\Windows\system32\aadjcsp.dll
[MD5.B1EA0E42A9E086E94DB8ED2ACA81A0E6] - [01/09/2022 11:38:17] - |A| - [1419776] - C:\Windows\system32\aadtb.dll
[MD5.3A38BF7309985C771DB5622CFF0BCCF8] - [01/09/2022 11:38:15] - |A| - [170824] - C:\Windows\system32\aadWamExtension.dll
[MD5.439278CCDD4A601E78ECC4B67E19A761] - [01/09/2022 11:37:30] - |A| - [461824] - C:\Windows\system32\AarSvc.dll
[MD5.5ABD9787F77D0F41B5F3FBBC3DBB6967] - [01/09/2022 11:41:32] - |A| - [442224] - C:\Windows\system32\AboutSettingsHandlers.dll
[MD5.5F071F46BFDAFB8BDCD10350BD6B0782] - [01/09/2022 11:41:13] - |A| - [418816] - C:\Windows\system32\AboveLockAppHost.dll
[MD5.143807FB2A68E6BDC04B45CBA2F4E602] - [01/09/2022 11:44:51] - |A| - [415232] - C:\Windows\system32\AcGenral.dll
[MD5.564EB5C79EE59C862F1B7EF6F7E37AB8] - [01/09/2022 11:44:51] - |A| - [326144] - C:\Windows\system32\AcLayers.dll
[MD5.94773502964A0B14763CC05756A59A50] - [01/09/2022 11:40:04] - |A| - [479560] - C:\Windows\system32\acmigration.dll
[MD5.13A4D24146BFCE2EB28DA451FED24876] - [01/09/2022 11:38:11] - |A| - [220160] - C:\Windows\system32\ACPBackgroundManagerPolicy.dll
[MD5.4430F8FED37BFBB1334E930EF36AAA07] - [01/09/2022 11:38:21] - |A| - [797696] - C:\Windows\system32\ActivationManager.dll
[MD5.92518FCFC72E121851DC015F2C30C9C6] - [01/09/2022 11:44:51] - |A| - [68608] - C:\Windows\system32\AcWinRT.dll
[MD5.81E347CE0B7935706D50FC6028042D21] - [01/09/2022 11:44:51] - |A| - [15872] - C:\Windows\system32\AcXtrnal.dll
[MD5.7B773BE60DC01D6A363E689B341794BF] - [01/09/2022 11:44:04] - |A| - [262144] - C:\Windows\system32\adsldp.dll
[MD5.C2EE35D8FA31F5DAF1988387243D2818] - [01/09/2022 11:40:36] - |A| - [865280] - C:\Windows\system32\adtschema.dll
[MD5.7EBC4745686496918EF54660CB9640DE] - [01/09/2022 11:37:53] - |A| - [699872] - C:\Windows\system32\advapi32.dll
[MD5.B00AD717EC6A1C418FDDB4F1E2FE3B4F] - [01/09/2022 11:40:03] - |A| - [852296] - C:\Windows\system32\aeinv.dll
[MD5.AEABEC26904C2D5EA0CD1DEB690B78D1] - [01/09/2022 11:40:20] - |A| - [598344] - C:\Windows\system32\aepic.dll
[MD5.982FDAAF4B6E4FC9361CA32B8AF4F6A5] - [01/09/2022 11:37:30] - |A| - [908800] - C:\Windows\system32\agentactivationruntime.dll
[MD5.52951788F7EA87C93EDBACC201AE0D1C] - [01/09/2022 11:37:30] - |A| - [884224] - C:\Windows\system32\agentactivationruntimewindows.dll
[MD5.64ED2D2C45644C1CD48904BF39E5E5F6] - [01/09/2022 11:40:02] - |A| - [3232056] - C:\Windows\system32\aitstatic.exe
[MD5.335571FC8936677DC1942BFD2E14A8CF] - [01/09/2022 11:37:58] - |A| - [111104] - C:\Windows\system32\amsi.dll
[MD5.C84B4D2F95200B4C4C2999449E5A9515] - [01/09/2022 11:37:58] - |A| - [14848] - C:\Windows\system32\amsiproxy.dll
[MD5.19C8917F6832B77DAFE1CE5E9E1C1A00] - [01/09/2022 11:38:19] - |A| - [111616] - C:\Windows\system32\ApiSetHost.AppExecutionAlias.dll
[MD5.7B3AFDCC55C6E426E344009A68148956] - [01/09/2022 11:41:41] - |A| - [1640960] - C:\Windows\system32\APMon.dll
[MD5.EFEACAC739C8D9A283F50D61ED03C87E] - [01/09/2022 11:41:41] - |A| - [57344] - C:\Windows\system32\APMonUI.dll
[MD5.572243910F7471B6272CA066A8CE9CA5] - [01/09/2022 11:38:18] - |A| - [910632] - C:\Windows\system32\AppContracts.dll
[MD5.20001393B469DFFA4349E76E787ED83A] - [01/09/2022 11:40:11] - |A| - [570880] - C:\Windows\system32\apphelp.dll
[MD5.63C81F28D73C0DD890BFBE4BEFC1C715] - [01/09/2022 11:40:11] - |A| - [69744] - C:\Windows\system32\appidapi.dll
[MD5.5A694E6E4EEBFD88E6EAFE39E8A8A60F] - [01/09/2022 11:40:12] - |A| - [49664] - C:\Windows\system32\appidcertstorecheck.exe
[MD5.747A12463FC90DCAFA0246FCCAEBD3C1] - [01/09/2022 11:40:12] - |A| - [160768] - C:\Windows\system32\appidpolicyconverter.exe
[MD5.E77EEABBECF7F3E761A3665E2D55A9B8] - [01/09/2022 11:40:11] - |A| - [85504] - C:\Windows\system32\appidsvc.dll
[MD5.6C47814EA80761AC40C362F1C98C8F4D] - [01/09/2022 11:40:11] - |A| - [25600] - C:\Windows\system32\appidtel.exe
[MD5.200EAA2A0B8170C7C59004943B252608] - [01/09/2022 11:38:22] - |A| - [217600] - C:\Windows\system32\appinfo.dll
[MD5.9E48A897AC962C28171755BF27809661] - [01/09/2022 11:41:13] - |A| - [12288] - C:\Windows\system32\appinfoext.dll
[MD5.B8EFB80709AA42B1A1C839737A62CF35] - [01/09/2022 11:39:54] - |A| - [669184] - C:\Windows\system32\ApplicationFrame.dll
[MD5.8EED4807802AA917617396880212E36C] - [01/09/2022 11:37:30] - |A| - [92672] - C:\Windows\system32\AppListBackupLauncher.dll
[MD5.8E25143719CFC3787A82E3B2508F222E] - [01/09/2022 11:40:11] - |A| - [390144] - C:\Windows\system32\AppLockerCSP.dll
[MD5.658ED57DCCFD6EEF294664769262C3D1] - [01/09/2022 11:41:18] - |A| - [1206528] - C:\Windows\system32\ApplyTrustOffline.exe
[MD5.E681795DB5F6AADABE35E4B962E56499] - [01/09/2022 11:44:56] - |A| - [118784] - C:\Windows\system32\AppMon.dll
[MD5.C57E86F849BCDE16DD9E157C944D0D7C] - [01/09/2022 11:39:18] - |A| - [147456] - C:\Windows\system32\AppointmentActivation.dll
[MD5.FA6CB01E90DC12BBF4B03084C6A25BBC] - [01/09/2022 11:40:03] - |A| - [2072888] - C:\Windows\system32\appraiser.dll
[MD5.6B7C1DC7E1964AB975664EF8EC218465] - [01/09/2022 11:39:50] - |A| - [583120] - C:\Windows\system32\AppResolver.dll
[MD5.26A5BEF5D8A351B4B34C2DD461EDE759] - [01/09/2022 11:41:17] - |A| - [382800] - C:\Windows\system32\AppxAllUserStore.dll
[MD5.82A099831A7208028FB082F95AA46E04] - [01/09/2022 11:41:18] - |A| - [210944] - C:\Windows\system32\AppXApplicabilityBlob.dll
[MD5.AC345D8F221B366D2CE56E99386595F6] - [01/09/2022 11:39:21] - |A| - [1011280] - C:\Windows\system32\AppXDeploymentClient.dll
[MD5.57ADB7E2194C061EB53BFE062AA21DF7] - [01/09/2022 11:41:18] - |A| - [1772544] - C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
[MD5.37C99CB47DDC809421EA88AD192245AE] - [01/09/2022 11:41:17] - |A| - [2493440] - C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
[MD5.7FB465CA4CE1512DC02F1EF12693E8A1] - [01/09/2022 11:41:17] - |A| - [3906560] - C:\Windows\system32\AppXDeploymentServer.dll
[MD5.0BC58A81F0D9110B1E3812462406B5FF] - [01/09/2022 11:39:22] - |A| - [1829208] - C:\Windows\system32\AppxPackaging.dll
[MD5.1F989866D845D19EBE7AA55C87C2C161] - [01/09/2022 11:41:17] - |A| - [131072] - C:\Windows\system32\AppxSysprep.dll
[MD5.7605725C6464C7272BF3115901DF5776] - [01/09/2022 11:44:03] - |A| - [681472] - C:\Windows\system32\archiveint.dll
[MD5.7F66B1C1D5A8407ECC1DCC2BF8AEC856] - [01/09/2022 11:38:11] - |A| - [59904] - C:\Windows\system32\AssignedAccessRuntime.dll
[MD5.9652B3854B1D93052970E902ACC1DAA4] - [01/09/2022 11:40:44] - |A| - [48640] - C:\Windows\system32\atmlib.dll
[MD5.627DEA21175691FDE4495877C53B4C87] - [01/09/2022 11:37:32] - |A| - [632808] - C:\Windows\system32\audiodg.exe
[MD5.F24380B661B49849D377686D13687B4B] - [01/09/2022 11:37:32] - |A| - [745984] - C:\Windows\system32\AudioEndpointBuilder.dll
[MD5.675CE18846E1513862F3066DABD76C21] - [01/09/2022 11:37:31] - |A| - [2108912] - C:\Windows\system32\AudioEng.dll
[MD5.E98568FBC069F9FA9C657D36D111A4A1] - [01/09/2022 11:37:32] - |A| - [421032] - C:\Windows\system32\AUDIOKSE.dll
[MD5.C689351A093E0E2DDC31871CCA37093C] - [01/09/2022 11:37:32] - |A| - [56320] - C:\Windows\system32\audioresourceregistrar.dll
[MD5.6738C87D2738AE21FB972F9338B22B86] - [01/09/2022 11:37:32] - |A| - [1568192] - C:\Windows\system32\AudioSes.dll
[MD5.89E85F2EB9FE117F62138AD462D5F531] - [01/09/2022 11:37:31] - |A| - [1836544] - C:\Windows\system32\audiosrv.dll
[MD5.A2CD00F30BCD91624B7ED4CAECE9219C] - [01/09/2022 11:37:32] - |A| - [349136] - C:\Windows\system32\AudioSrvPolicyManager.dll
[MD5.617C796943A8A8BEE803C0CED2262E5C] - [01/09/2022 11:44:33] - |A| - [561152] - C:\Windows\system32\authfwcfg.dll
[MD5.0F4CBB748916370DD8ED7DE01857A2D5] - [01/09/2022 11:41:07] - |A| - [5107712] - C:\Windows\system32\AuthFWSnapin.dll
[MD5.49790F10885D36F83791FC9832F502D1] - [01/09/2022 11:42:02] - |A| - [286208] - C:\Windows\system32\authui.dll
[MD5.46F0F84A467BCE90E26670FDFEC2941A] - [01/09/2022 11:40:23] - |A| - [296960] - C:\Windows\system32\authz.dll
[MD5.B41A9A2A0CC73A59DBB97ADC7A47240D] - [01/09/2022 11:40:16] - |A| - [972800] - C:\Windows\system32\autochk.exe
[MD5.0FAE9437F45C390F9896B108450771E7] - [01/09/2022 11:44:05] - |A| - [947200] - C:\Windows\system32\autoconv.exe
[MD5.8A2C32A06803D05E93F21C935E4051E5] - [01/09/2022 11:44:05] - |A| - [921088] - C:\Windows\system32\autofmt.exe
[MD5.A308A4DBBE54AE97CE6E7797556F017E] - [01/09/2022 11:37:28] - |A| - [192000] - C:\Windows\system32\autopilot.dll
[MD5.97F312F5C39B54EB7B93D3B99E917DB0] - [01/09/2022 11:37:29] - |A| - [26624] - C:\Windows\system32\autopilotdiag.dll
[MD5.B76DC7AFA2279049700F80B288FD7074] - [01/09/2022 11:40:47] - |A| - [1952256] - C:\Windows\system32\AzureSettingSyncProvider.dll
[MD5.2BFDBA470909D8243EB20083648E34E8] - [01/09/2022 11:37:47] - |A| - [92160] - C:\Windows\system32\BarcodeProvisioningPlugin.dll
[MD5.D8B686D3C74602B2D0A13F7C5D095EE8] - [01/09/2022 11:43:52] - |A| - [1384960] - C:\Windows\system32\bcastdvruserservice.dll
[MD5.238D661D9F978588C3FFFF5DDBE10C3D] - [01/09/2022 11:37:33] - |A| - [248320] - C:\Windows\system32\bcdboot.exe
[MD5.74F7B84B0A547592CA63A00A8C4AD583] - [01/09/2022 11:37:33] - |A| - [491864] - C:\Windows\system32\bcdedit.exe
[MD5.72C65E4770BE939696D2A4A2F80BFE19] - [01/09/2022 11:39:22] - |A| - [362080] - C:\Windows\system32\BCP47Langs.dll
[MD5.616FD7FFDF58BC3CDE5D45F6254DBAB4] - [01/09/2022 11:39:22] - |A| - [176672] - C:\Windows\system32\BCP47mrm.dll
[MD5.997827CE8AEFAC419ED1880C1F58E718] - [01/09/2022 11:40:41] - |A| - [526848] - C:\Windows\system32\bcryptprimitives.dll
[MD5.20CDEDDAA8576E873A7835B3FBCCC128] - [01/09/2022 11:48:30] - |A| - [559616] - C:\Windows\system32\bdesvc.dll
[MD5.2C8E5B6D0F7D02B0A6FEA06F93CAD4C8] - [01/09/2022 11:48:29] - |A| - [35840] - C:\Windows\system32\bdeui.dll
[MD5.1E5BEA3BBDA2D7BD0EA7BB239961B7A1] - [01/09/2022 11:48:30] - |A| - [55808] - C:\Windows\system32\BdeUISrv.exe
[MD5.6630876BA18225AC064B3756572BDA02] - [01/09/2022 11:39:25] - |A| - [892928] - C:\Windows\system32\BFE.DLL
[MD5.4CB7B557D8A831A08385037A78507D80] - [01/09/2022 11:37:39] - |A| - [67072] - C:\Windows\system32\bidispl.dll
[MD5.881B6878AB6238AB9821255C89EC61F8] - [01/09/2022 11:39:30] - |A| - [103936] - C:\Windows\system32\bindfltapi.dll
[MD5.54A91B73859C834F6C4D9C218AA74FA4] - [01/09/2022 11:41:14] - |A| - [358400] - C:\Windows\system32\BingASDS.dll
[MD5.49C550C44B4770EEA99FCD9C090B36F2] - [01/09/2022 11:41:15] - |A| - [99328] - C:\Windows\system32\BingFilterDS.dll
[MD5.D0E12507528B31819255E336FC41C63B] - [01/09/2022 11:39:03] - |A| - [9037312] - C:\Windows\system32\BingMaps.dll
[MD5.E0957FFB9E2D71CE411E33AA449AB02C] - [01/09/2022 11:39:32] - |A| - [378368] - C:\Windows\system32\BioCredProv.dll
[MD5.A6CF19D44ED3E7B17CF1568577DED266] - [01/09/2022 11:43:53] - |A| - [745952] - C:\Windows\system32\BioIso.exe
[MD5.49319DB881D83455C5833317FA47C512] - [01/09/2022 11:38:29] - |A| - [847872] - C:\Windows\system32\bisrv.dll
[MD5.34FA6AA939A714340AB220E19BF8A199] - [01/09/2022 11:41:06] - |A| - [268288] - C:\Windows\system32\BitLockerCsp.dll
[MD5.5887B5CA2EBF9B220BB509C0264E2961] - [01/09/2022 11:48:30] - |A| - [178176] - C:\Windows\system32\BitLockerDeviceEncryption.exe
[MD5.9A32F938847A559CC0B69D11559946A8] - [01/09/2022 11:48:30] - |A| - [102400] - C:\Windows\system32\BitLockerWizardElev.exe
[MD5.54FE01064F173D3DAAF7E7A9D9388DCB] - [01/09/2022 11:38:29] - |A| - [333696] - C:\Windows\system32\biwinrt.dll
[MD5.F18035945A275F59681473F521AA4B18] - [01/09/2022 11:41:16] - |A| - [352768] - C:\Windows\system32\BootMenuUX.dll
[MD5.1D08FA00D1F8A1EBC045D960967506D3] - [01/09/2022 11:39:25] - |A| - [276480] - C:\Windows\system32\BrokerLib.dll
[MD5.93B92990F09794CEE0A33315C63848F6] - [01/09/2022 11:37:48] - |A| - [58880] - C:\Windows\system32\browcli.dll
[MD5.7BA6EDC4B6C3EF293A59E3C4161859E6] - [01/09/2022 11:45:55] - |A| - [140800] - C:\Windows\system32\browser.dll
[MD5.CE43EF455E238036B73128A8B38D021E] - [01/09/2022 11:37:26] - |A| - [391168] - C:\Windows\system32\BthAvctpSvc.dll
[MD5.3817557C10CA65DC4C1BF4FD41C64824] - [01/09/2022 11:39:21] - |A| - [82432] - C:\Windows\system32\ByteCodeGenerator.exe
[MD5.5F3ACB8671A17C6B8F8B1892CAE04B3C] - [01/09/2022 11:38:27] - |A| - [65024] - C:\Windows\system32\CapabilityAccessHandlers.dll
[MD5.37A8837CC731399AE7B3D141CF4ABF87] - [01/09/2022 11:44:02] - |A| - [1025024] - C:\Windows\system32\CBDHSvc.dll
[MD5.9B684213A399B4E286982BDAD6CF3D07] - [01/09/2022 11:38:28] - |A| - [267264] - C:\Windows\system32\cdd.dll
[MD5.6504A4E1991C688E6C1CBD8B8F52C0F0] - [01/09/2022 11:48:15] - |A| - [4999680] - C:\Windows\system32\cdp.dll
[MD5.E1BE894BE3186895D18F9C3B8E51F5EC] - [01/09/2022 11:38:11] - |A| - [1764864] - C:\Windows\system32\cdprt.dll
[MD5.6B63D9B10FA9DB29E21CF24704A1D31A] - [01/09/2022 11:38:11] - |A| - [611840] - C:\Windows\system32\cdpsvc.dll
[MD5.6BC246E784720DD3221114372CB56E0A] - [01/09/2022 11:38:11] - |A| - [503296] - C:\Windows\system32\cdpusersvc.dll
[MD5.E812C0B132D1E0758D37FA457DBF66F4] - [01/09/2022 11:37:54] - |A| - [45568] - C:\Windows\system32\cellulardatacapabilityhandler.dll
[MD5.3DD0C143AFAD89AE391266C273318732] - [01/09/2022 11:38:25] - |A| - [819200] - C:\Windows\system32\certca.dll
[MD5.958BE98006C365B820C4848CEAA51F8E] - [01/09/2022 11:38:25] - |A| - [494592] - C:\Windows\system32\certcli.dll
[MD5.6BB3FC3684D47D309B28F0874A0AAE85] - [01/09/2022 11:38:25] - |A| - [3350528] - C:\Windows\system32\CertEnroll.dll
[MD5.664ACBA9037125641395D3AFF0B996B7] - [01/09/2022 11:38:26] - |A| - [66048] - C:\Windows\system32\CertEnrollCtrl.exe
[MD5.2A007F8042F260247D9FA5B3C86B784A] - [01/09/2022 11:40:16] - |A| - [168960] - C:\Windows\system32\CertPolEng.dll
[MD5.1D37A159FA772CFB819F6887F59C5259] - [01/09/2022 11:44:45] - |A| - [564224] - C:\Windows\system32\certreq.exe
[MD5.F17616EC0522FC5633151F7CAA278CAA] - [01/09/2022 11:44:45] - |A| - [1651712] - C:\Windows\system32\certutil.exe
[MD5.3920EB35838E799211B211ED21FE48E2] - [01/09/2022 11:40:25] - |A| - [306312] - C:\Windows\system32\cfgmgr32.dll
[MD5.66995E4891606A03F0D2B76430E304AC] - [01/09/2022 11:44:26] - |A| - [7769088] - C:\Windows\system32\Chakra.dll
[MD5.2905E7A1E6222F197A8400441934AFE7] - [01/09/2022 11:44:27] - |A| - [150528] - C:\Windows\system32\Chakradiag.dll
[MD5.1439A69548877454D3806C9077E63D87] - [01/09/2022 11:44:27] - |A| - [140288] - C:\Windows\system32\Chakrathunk.dll
[MD5.33395C4732A49065EA72590B14B64F32] - [01/09/2022 11:44:05] - |A| - [14848] - C:\Windows\system32\chcp.com
[MD5.03CF7163B4837A001BD4667A8880D6CD] - [01/09/2022 11:44:33] - |A| - [30208] - C:\Windows\system32\CheckNetIsolation.exe
[MD5.70FAFC8CD910E3D517E6DA761A2184FE] - [01/09/2022 11:40:20] - |A| - [925720] - C:\Windows\system32\ci.dll
[MD5.23DEE82638C08F19B853A744904D1103] - [01/09/2022 11:44:32] - |A| - [209920] - C:\Windows\system32\cic.dll
[MD5.FCE494855F3C9373357791CEEDEA74D3] - [01/09/2022 11:39:30] - |A| - [185856] - C:\Windows\system32\cimfs.dll
[MD5.3F541F1ACC33701EC66025D21D0EB23F] - [01/09/2022 11:40:13] - |A| - [115200] - C:\Windows\system32\cldapi.dll
[MD5.CD0D99EBE88D11F55136EAE39CCF8F6E] - [01/09/2022 11:44:04] - |A| - [299008] - C:\Windows\system32\cleanmgr.exe
[MD5.4D92D59B274B107580DD80705EC40AEC] - [01/09/2022 11:38:26] - |A| - [187520] - C:\Windows\system32\Clipc.dll
[MD5.EE6A0B310561A4DADA8C50CDCE6C09AB] - [01/09/2022 11:37:20] - |A| - [189296] - C:\Windows\system32\ClipRenew.exe
[MD5.0A2BBAF6E255DBCD4F11DEA440E5D687] - [01/09/2022 11:38:26] - |A| - [1119256] - C:\Windows\system32\ClipSVC.dll
[MD5.CB7D28BCE24509EFBD435D254A5AB24A] - [01/09/2022 11:44:01] - |A| - [1129592] - C:\Windows\system32\ClipUp.exe
[MD5.D51E1DC01C90735E89341AFD706018FA] - [01/09/2022 11:38:26] - |A| - [2220376] - C:\Windows\system32\clipwinrt.dll
[MD5.AD3CA02F4235AEF49348B1BD1182300B] - [01/09/2022 11:38:19] - |A| - [592896] - C:\Windows\system32\cloudAP.dll
[MD5.B9C05972EFD10A39D9D2B04EF823DBF0] - [01/09/2022 11:39:31] - |A| - [471040] - C:\Windows\system32\CloudDomainJoinDataModelServer.dll
[MD5.F072EEF1F6E25ED5C0BBAC77E2736444] - [01/09/2022 11:40:16] - |A| - [414048] - C:\Windows\system32\CloudExperienceHost.dll
[MD5.8370CD9866CF0119C027518A36959BE6] - [01/09/2022 11:40:16] - |A| - [332624] - C:\Windows\system32\CloudExperienceHostBroker.dll
[MD5.17510E3630D9629BDE5E1F05E0DC0DBC] - [01/09/2022 11:38:22] - |A| - [1187160] - C:\Windows\system32\CloudExperienceHostCommon.dll
[MD5.AFA3E600190547AC16125A0EBBBB97E9] - [01/09/2022 11:43:57] - |A| - [1066496] - C:\Windows\system32\clusapi.dll
[MD5.F28C417124ACCD9616C60BD10BA7EF0A] - [01/09/2022 11:41:45] - |A| - [581632] - C:\Windows\system32\cmdial32.dll
[MD5.93E90BB61A3A6CE0C6D0DA3F258E57E3] - [01/09/2022 11:39:26] - |A| - [47616] - C:\Windows\system32\cmintegrator.dll
[MD5.2147769F9DFCF3A1CD7AEC119E6DE3FD] - [01/09/2022 11:46:04] - |A| - [203536] - C:\Windows\system32\COLORCNV.DLL
[MD5.B71D1CB2EF24FC68499D2D92560AEB79] - [01/09/2022 11:40:20] - |A| - [3503400] - C:\Windows\system32\combase.dll
[MD5.8E577CD10DF39DC52B7CF16BE83D1EB0] - [01/09/2022 11:40:46] - |A| - [702792] - C:\Windows\system32\comctl32.dll
[MD5.C548EDB78D281877E07D5C5DC954721E] - [01/09/2022 11:40:46] - |A| - [858112] - C:\Windows\system32\comdlg32.dll
[MD5.4CFB22803C925FD7E87F5FEE21514880] - [01/09/2022 11:40:11] - |A| - [160056] - C:\Windows\system32\CompatTelRunner.exe
[MD5.023F102155A079326ACF4B7139FB6CB1] - [01/09/2022 11:41:44] - |A| - [125440] - C:\Windows\system32\compstui.dll
[MD5.24AAB82DED2380637BDA47AB36FB21D5] - [01/09/2022 11:44:01] - |A| - [678760] - C:\Windows\system32\computecore.dll
[MD5.2059EDF102B47F409DD4B94145017F13] - [01/09/2022 11:44:01] - |A| - [308584] - C:\Windows\system32\computestorage.dll
[MD5.CEAA9D6B987D2D2A734638E13C88B08E] - [01/09/2022 11:40:17] - |A| - [1696256] - C:\Windows\system32\comsvcs.dll
[MD5.C8E6C9A51F288AA574C176CF84C07561] - [01/09/2022 11:41:03] - |A| - [703488] - C:\Windows\system32\configmanager2.dll
[MD5.0D698AF330FD17BEE3BF90011D49251D] - [01/09/2022 11:40:19] - |A| - [862208] - C:\Windows\system32\conhost.exe
[MD5.DD5032EF160209E470E2612A8A3D5F59] - [01/09/2022 11:41:13] - |A| - [186704] - C:\Windows\system32\consent.exe
[MD5.D02F01DA1023FDA3BA6D56B6AE27CCA8] - [01/09/2022 11:48:27] - |A| - [387072] - C:\Windows\system32\ConsoleLogon.dll
[MD5.92483654F94CE6F92D7A9C34AEADF0FB] - [01/09/2022 11:40:01] - |A| - [1570304] - C:\Windows\system32\ConstraintIndex.Search.dll
[MD5.D1A8D194DE8E57D12862ECACEF9F37CE] - [01/09/2022 11:39:30] - |A| - [232288] - C:\Windows\system32\containerdevicemanagement.dll
[MD5.78FB2CA16FF027D39DAD7C66EDC88026] - [01/09/2022 11:37:34] - |A| - [1787232] - C:\Windows\system32\ContentDeliveryManager.Utilities.dll
[MD5.11C18DBF352D81C9532A8EF442151CB1] - [01/09/2022 11:37:55] - |A| - [164352] - C:\Windows\system32\control.exe
[MD5.8516BDA6E77AD4C392FED508A76E5F25] - [01/09/2022 11:39:49] - |A| - [230240] - C:\Windows\system32\convertvhd.exe
[MD5.2D8165E9490A71BA7271075BA03B459C] - [01/09/2022 11:39:19] - |A| - [215896] - C:\Windows\system32\coreglobconfig.dll
[MD5.A24C4A24DE9683F29FF8BD0C5CE7522C] - [01/09/2022 11:42:00] - |A| - [2048512] - C:\Windows\system32\CoreShell.dll
[MD5.A376C250002BB7D39659B31A9094860D] - [01/09/2022 11:42:00] - |A| - [479744] - C:\Windows\system32\CoreShellAPI.dll
[MD5.291CB72BBCE2C61478C2F409F3627C01] - [01/09/2022 11:42:00] - |A| - [105984] - C:\Windows\system32\CoreShellExtFramework.dll
[MD5.87E38C5272D20488007D7E840099F906] - [01/09/2022 11:44:51] - |A| - [520704] - C:\Windows\system32\CPFilters.dll
[MD5.3FEBB9C1A010BFB58ED9A7C608BECB7D] - [01/09/2022 11:40:13] - |A| - [137216] - C:\Windows\system32\CredDialogBroker.dll
[MD5.33915D0533AE7883BD50657C99EA45A4] - [01/09/2022 11:37:58] - |A| - [382696] - C:\Windows\system32\CredentialEnrollmentManager.exe
[MD5.418E888AC87FD73A17738F80A12BB641] - [01/09/2022 11:37:58] - |A| - [77504] - C:\Windows\system32\CredentialEnrollmentManagerForUser.dll
[MD5.91C44D67C5881747F02785101CEB5369] - [01/09/2022 11:41:02] - |A| - [149296] - C:\Windows\system32\CredentialUIBroker.exe
[MD5.9845DA3117B29FF18A432689E3701F82] - [01/09/2022 11:41:02] - |A| - [378368] - C:\Windows\system32\credprovs.dll
[MD5.7BB3ADF52A403A5850F343D7700F5303] - [01/09/2022 11:42:03] - |A| - [24064] - C:\Windows\system32\credssp.dll
[MD5.C1CF4F0F39EA77BCA0E08AE5A14E11CC] - [01/09/2022 11:41:02] - |A| - [84992] - C:\Windows\system32\credui.dll
[MD5.207B60E9E5D5B34EA08FDFF19C05D987] - [01/09/2022 11:40:21] - |A| - [1384192] - C:\Windows\system32\crypt32.dll
[MD5.D85A940D51E1C5A594D9731FD33C4AD4] - [01/09/2022 11:38:28] - |A| - [449536] - C:\Windows\system32\cryptngc.dll
[MD5.257529194B198E4A5B35AE4C7F9D1DA9] - [01/09/2022 11:38:19] - |A| - [102912] - C:\Windows\system32\crypttpmeksvc.dll
[MD5.59195C2410AA403A9E9CD021ABC263DF] - [01/09/2022 11:40:46] - |A| - [364544] - C:\Windows\system32\cryptui.dll
[MD5.24590BF74BBBBFD7D7AC070F4E3C44FD] - [01/09/2022 11:41:48] - |A| - [161280] - C:\Windows\system32\cscript.exe
[MD5.3641BCE868E67C8038360588AC0B956B] - [01/09/2022 11:39:25] - |A| - [23040] - C:\Windows\system32\CSystemEventsBrokerClient.dll
[MD5.EAC53DDAFB5CC9E780A7CC086CE7B2B1] - [01/09/2022 11:44:03] - |A| - [530944] - C:\Windows\system32\curl.exe
[MD5.AE1ABAF1E486D022CDEA4EA7001B245D] - [01/09/2022 11:41:18] - |A| - [138752] - C:\Windows\system32\CustomInstallExec.exe
[MD5.A4033A8462ACA57901BFB7AB4103A5C8] - [01/09/2022 11:38:57] - |A| - [2505032] - C:\Windows\system32\d3d11.dll
[MD5.DCF433FED21EBEF377572CED584199E2] - [01/09/2022 11:38:58] - |A| - [595504] - C:\Windows\system32\d3d11on12.dll
[MD5.2FBB6E41A6D5F6108F7FC2AA1ECA40E5] - [01/09/2022 11:38:27] - |A| - [117232] - C:\Windows\system32\D3D12.dll
[MD5.7F831565F926588976BCA839585621BC] - [01/09/2022 11:38:27] - |A| - [1855312] - C:\Windows\system32\D3D12Core.dll
[MD5.36272661213306CCDA35089D46E57413] - [01/09/2022 11:41:05] - |A| - [14336] - C:\Windows\system32\d3d8thk.dll
[MD5.BEB700D9F9AC16E4947CC86B76E39B91] - [01/09/2022 11:41:05] - |A| - [1876952] - C:\Windows\system32\d3d9.dll
[MD5.35BFE2765929AE49AF98F739E4B650F3] - [01/09/2022 11:38:58] - |A| - [741888] - C:\Windows\system32\d3d9on12.dll
[MD5.53BA03283C3BF93C438CAA6F42C09659] - [01/09/2022 11:40:34] - |A| - [112640] - C:\Windows\system32\dab.dll
[MD5.409DF64A1362E05079C503C8FFA923C0] - [01/09/2022 11:40:35] - |A| - [17408] - C:\Windows\system32\dabapi.dll
[MD5.F801790BD2B8F0D1BC785412D915E9CE] - [01/09/2022 11:44:02] - |A| - [243712] - C:\Windows\system32\DAFESCL.dll
[MD5.28A0A93740720B3BE53341FD2F4224B4] - [01/09/2022 11:44:35] - |A| - [382464] - C:\Windows\system32\DAFIPP.dll
[MD5.EDAA5A88A5CF1FA5DB9C87B7F2658254] - [01/09/2022 11:44:35] - |A| - [260608] - C:\Windows\system32\DAFMCP.dll
[MD5.0237B621B4BDD421927782712F27651C] - [01/09/2022 11:37:57] - |A| - [123392] - C:\Windows\system32\DafPrintProvider.dll
[MD5.D3182F0080EC058788D9C1038A9E0E66] - [01/09/2022 11:43:52] - |A| - [182784] - C:\Windows\system32\dafupnp.dll
[MD5.28F79CCD92CA3D95A13D44F3008D9C60] - [01/09/2022 11:43:53] - |A| - [120832] - C:\Windows\system32\DAFWiProv.dll
[MD5.B28D30A62288C24FA6AB35860567F493] - [01/09/2022 11:39:32] - |A| - [305152] - C:\Windows\system32\DAFWSD.dll
[MD5.8AF8D1A8ACFBFFD65406193CFA4B9B37] - [01/09/2022 11:39:34] - |A| - [489472] - C:\Windows\system32\das.dll
[MD5.2857A196985FC58A74C337B5E95B2174] - [01/09/2022 11:39:34] - |A| - [98816] - C:\Windows\system32\dasHost.exe
[MD5.904D7DC20BBFC3357265F5480FB50990] - [01/09/2022 11:44:04] - |A| - [62976] - C:\Windows\system32\dataclen.dll
[MD5.243647ECA191AAF6C56934732E3526C3] - [01/09/2022 11:38:12] - |A| - [237568] - C:\Windows\system32\DataExchange.dll
[MD5.82F250E5CF9F7C63194FC7CA6E4C3F8D] - [01/09/2022 11:38:07] - |A| - [162304] - C:\Windows\system32\DataStoreCacheDumpTool.exe
[MD5.DEEB507CB0A6C155F566851BD56E0366] - [01/09/2022 11:39:30] - |A| - [686592] - C:\Windows\system32\daxexec.dll
[MD5.64FF7FB26A8353034CC15CFE3353BEFA] - [01/09/2022 11:40:34] - |A| - [6570496] - C:\Windows\system32\dbgeng.dll
[MD5.9BCBA572BDCC5BF0F3695C994D224B3C] - [01/09/2022 11:40:34] - |A| - [720896] - C:\Windows\system32\DbgModel.dll
[MD5.07101D022BCDA881D2590CF315D51ACF] - [01/09/2022 11:40:44] - |A| - [14848] - C:\Windows\system32\dciman32.dll
[MD5.34A0C0CEEE88CC435A273253CAC4EC07] - [01/09/2022 11:40:22] - |A| - [786760] - C:\Windows\system32\dcntel.dll
[MD5.B1E757C1ED9CC53C601F6079ED445ED6] - [01/09/2022 11:40:19] - |A| - [1974056] - C:\Windows\system32\dcomp.dll
[MD5.27B06BB1D8A5A9F19C6A158B7CE7FA4D] - [01/09/2022 11:41:15] - |A| - [501760] - C:\Windows\system32\DDDS.dll
[MD5.802F833B982AEB49F9EFA1FA8E446E5D] - [01/09/2022 11:41:05] - |A| - [27136] - C:\Windows\system32\DefaultPrinterProvider.dll
[MD5.22EA538FCFD9F0521526CA03871D4CCF] - [01/09/2022 11:44:13] - |A| - [20480] - C:\Windows\system32\defragproxy.dll
[MD5.6B5922B81555C976480CB0EB82855EB6] - [01/09/2022 11:44:13] - |A| - [4096] - C:\Windows\system32\defragres.dll
[MD5.F58B99912057ED256C3331D964CEF2BC] - [01/09/2022 11:44:13] - |A| - [543232] - C:\Windows\system32\defragsvc.dll
[MD5.AEF193F2195ECF8E755F689F95D96718] - [01/09/2022 11:38:26] - |A| - [250000] - C:\Windows\system32\deviceaccess.dll
[MD5.94628F853DADE86BFF183A16135272D3] - [01/09/2022 11:39:34] - |A| - [61000] - C:\Windows\system32\deviceassociation.dll
[MD5.FBC69EF5F6A34C29925AF764ABB24D4F] - [01/09/2022 11:40:22] - |A| - [58736] - C:\Windows\system32\DeviceCensus.exe
[MD5.B65F38D1454535267762200E2955FC67] - [01/09/2022 11:37:35] - |A| - [287744] - C:\Windows\system32\DeviceDirectoryClient.dll
[MD5.7B0D68FB740B10C24262684205CE21F6] - [01/09/2022 11:41:02] - |A| - [448512] - C:\Windows\system32\DeviceEnroller.exe
[MD5.97424D35E1B9964EE73A4F92DFAD25E2] - [01/09/2022 11:41:02] - |A| - [237056] - C:\Windows\system32\devicengccredprov.dll
[MD5.E5F6F807ADA1472818BA7DA21ACC6DF1] - [01/09/2022 11:39:56] - |A| - [108032] - C:\Windows\system32\DevicePairingExperienceMEM.dll
[MD5.3910E435B9E3F25AED6A12242533870F] - [01/09/2022 11:40:53] - |A| - [93032] - C:\Windows\system32\DeviceReactivation.dll
[MD5.93FCB143DA58CCDE02D4C1ADC058E0C5] - [01/09/2022 11:37:35] - |A| - [231936] - C:\Windows\system32\deviceregistration.dll
[MD5.807C54C667F7FFD0F150B311168608C3] - [01/09/2022 11:39:59] - |A| - [597504] - C:\Windows\system32\DevicesFlowBroker.dll
[MD5.86C58E464E8B088613354AA1A5FE831C] - [01/09/2022 11:40:03] - |A| - [672056] - C:\Windows\system32\devinv.dll
[MD5.AAFFEDFED503C7EF609CCB1659C0F07F] - [01/09/2022 11:41:40] - |A| - [886272] - C:\Windows\system32\devmgr.dll
[MD5.E0321EF29B88DA13C5D0FD6335B6090C] - [01/09/2022 11:40:26] - |A| - [166888] - C:\Windows\system32\devobj.dll
[MD5.8BE20C9DBC008087C6259644D0971B7E] - [01/09/2022 11:40:26] - |A| - [63488] - C:\Windows\system32\devrtl.dll
[MD5.203D633A29AFE938842968E6D736C72E] - [01/09/2022 11:44:13] - |A| - [223744] - C:\Windows\system32\dhcpsapi.dll
[MD5.61FE75D02ADBC4E40F4B0ECF2F7E3F3A] - [01/09/2022 11:46:14] - |A| - [4283904] - C:\Windows\system32\DHolographicDisplay.dll
[MD5.B424738D12EDA0BE680B718E4C20B671] - [01/09/2022 11:40:26] - |A| - [55296] - C:\Windows\system32\diagnosticdataquery.dll
[MD5.6F20FCD5999505FD9B80AE747E0521A1] - [01/09/2022 11:38:22] - |A| - [105472] - C:\Windows\system32\DiagnosticInvoker.dll
[MD5.D8A7DFB2D76CC2208449BFB840AECB69] - [01/09/2022 11:43:56] - |A| - [1353216] - C:\Windows\system32\diagperf.dll
[MD5.83697F18D13EAE3557EE2A4DEB43C6B0] - [01/09/2022 11:43:52] - |A| - [205824] - C:\Windows\system32\DiagSvc.dll
[MD5.013BCD493672B00CEBF8885696DF9895] - [01/09/2022 11:40:26] - |A| - [3819520] - C:\Windows\system32\diagtrack.dll
[MD5.94CF6B8ECB744FBD5D57EC634D9F3D92] - [01/09/2022 11:44:04] - |A| - [186368] - C:\Windows\system32\dialserver.dll
[MD5.B6F6B5EFDE2C79E2AAA74BE88CC39D5B] - [01/09/2022 11:38:12] - |A| - [629160] - C:\Windows\system32\directmanipulation.dll
[MD5.AE370399CAC30BE08D796484A2424195] - [01/09/2022 11:38:59] - |A| - [293888] - C:\Windows\system32\directxdatabaseupdater.exe
[MD5.33118DD254D2E8C1018072A6299401AA] - [01/09/2022 11:44:35] - |A| - [25600] - C:\Windows\system32\diskperf.exe
[MD5.C2425E2246C0CBB2FCA050B2D667D791] - [01/09/2022 11:39:34] - |A| - [85504] - C:\Windows\system32\DiskSnapshot.exe
[MD5.88A37D67ACA845EE72E9A07E15273EB1] - [01/09/2022 11:44:14] - |A| - [379392] - C:\Windows\system32\DispBroker.Desktop.dll
[MD5.84AD5844E6E2C9D92A8E4E38440A7738] - [01/09/2022 11:38:58] - |A| - [369664] - C:\Windows\system32\DispBroker.dll
[MD5.AD27965C2103B93E4A3A21EF659801AE] - [01/09/2022 11:41:48] - |A| - [29696] - C:\Windows\system32\dispex.dll
[MD5.FF5C38DD0921A67DF289F72F8F761E51] - [01/09/2022 11:41:28] - |A| - [75776] - C:\Windows\system32\djoin.exe
[MD5.317E7B52EAB4A0278A89C80485BD0BF4] - [01/09/2022 11:46:06] - |A| - [329216] - C:\Windows\system32\dlnashext.dll
[MD5.EAA422F198CCC40AC27D0E724C74655E] - [01/09/2022 11:41:04] - |A| - [10752] - C:\Windows\system32\DMAlertListener.ProxyStub.dll
[MD5.089F4E97F91C19126DD86A247C75120C] - [01/09/2022 11:37:36] - |A| - [83456] - C:\Windows\system32\DmApiSetExtImplDesktop.dll
[MD5.EFDD88D6EDE6680B26F5B7B0F237EC27] - [01/09/2022 11:41:02] - |A| - [182784] - C:\Windows\system32\dmcertinst.exe
[MD5.2210FE3B3E1B85A401749FACEF6E4958] - [01/09/2022 11:37:53] - |A| - [120320] - C:\Windows\system32\dmclient.exe
[MD5.5FBD760B280F8F11084FD42F05C33ADA] - [01/09/2022 11:41:03] - |A| - [229880] - C:\Windows\system32\dmcmnutils.dll
[MD5.B174F89DD08EEF07A99FB8488A0A50D0] - [01/09/2022 11:41:03] - |A| - [215552] - C:\Windows\system32\dmcsps.dll
[MD5.2DC8A4BB7296A7B773CD1EE38542DFEE] - [01/09/2022 11:41:04] - |A| - [681984] - C:\Windows\system32\dmenrollengine.dll
[MD5.2E37C0DC6ADE84C28D0CB8F803148B3B] - [01/09/2022 11:41:03] - |A| - [330752] - C:\Windows\system32\dmenterprisediagnostics.dll
[MD5.C328414B627465024586358684664918] - [01/09/2022 11:41:40] - |A| - [53248] - C:\Windows\system32\dmocx.dll
[MD5.56B8745E6451BACC095FAF6A9AD2D027] - [01/09/2022 11:41:03] - |A| - [35328] - C:\Windows\system32\DmOmaCpMo.exe
[MD5.2CD6B246D8E43D413E7923164ABA8AD4] - [01/09/2022 11:41:03] - |A| - [545280] - C:\Windows\system32\DMPushRouterCore.dll
[MD5.73F1706EC292D1F190A2882E0E104614] - [01/09/2022 11:39:08] - |A| - [2295296] - C:\Windows\system32\DMRCDecoder.dll
[MD5.A8844876F81FCD131B02A3D2C2C2C1FA] - [01/09/2022 11:46:06] - |A| - [560880] - C:\Windows\system32\DMRServer.dll
[MD5.C34BA7E91B599463DA4E7B6FA5207BE7] - [01/09/2022 11:40:19] - |A| - [821272] - C:\Windows\system32\dnsapi.dll
[MD5.082A4CA4629513C8BB1D9C26013C3B0B] - [01/09/2022 11:40:20] - |A| - [349696] - C:\Windows\system32\dnsrslvr.dll
[MD5.0EB5153CDA26F5FA83830AC096590561] - [01/09/2022 11:46:15] - |A| - [1136408] - C:\Windows\system32\DolbyDecMFT.dll
[MD5.39B22794298B8E746EEB8D426FD34E25] - [01/09/2022 11:38:56] - |A| - [491520] - C:\Windows\system32\domgmt.dll
[MD5.63B49A5C32F8D64213DA76E825C11FCC] - [01/09/2022 11:44:02] - |A| - [294400] - C:\Windows\system32\dosettings.dll
[MD5.F6D134052BCB12103B729E4D2EA15B91] - [01/09/2022 11:44:05] - |A| - [20480] - C:\Windows\system32\doskey.exe
[MD5.02E4C3D7D82F758439B51D01C486B0A7] - [01/09/2022 11:38:56] - |A| - [1503232] - C:\Windows\system32\dosvc.dll
[MD5.EDCB7C73EB3BBDB73EEF67CE03A984A6] - [01/09/2022 11:37:55] - |A| - [94208] - C:\Windows\system32\dot3api.dll
[MD5.98F9B5D3C10E3332E717ECA2E7583AE5] - [01/09/2022 11:37:57] - |A| - [76288] - C:\Windows\system32\dot3cfg.dll
[MD5.C8D22DCE3A1D5FCDD763DAE98FAD1422] - [01/09/2022 11:37:55] - |A| - [106496] - C:\Windows\system32\dot3msm.dll
[MD5.AF66F57D975333E819A8BD166E0F4A75] - [01/09/2022 11:37:55] - |A| - [329728] - C:\Windows\system32\dot3svc.dll
[MD5.2D706E2C7EDF05881578588C180E0FC7] - [01/09/2022 11:40:22] - |A| - [270848] - C:\Windows\system32\dpapisrv.dll
[MD5.F252D38D2350DF9FDEE52EF308698834] - [01/09/2022 11:43:56] - |A| - [11803] - C:\Windows\system32\DrtmAuthTxt.wim
[MD5.294990C88B9D1FE0A54A1FA8BF4324D9] - [01/09/2022 11:41:40] - |A| - [337920] - C:\Windows\system32\drvinst.exe
[MD5.4FBAE7B1D25AB51C35766B1BC1689F77] - [01/09/2022 11:41:40] - |A| - [172032] - C:\Windows\system32\drvsetup.dll
[MD5.E00750E04B4FF028D95937CFCFF50CF0] - [01/09/2022 11:41:39] - |A| - [1327448] - C:\Windows\system32\drvstore.dll
[MD5.95BBA061493FC3A7CA6466255C901489] - [01/09/2022 11:44:13] - |A| - [48640] - C:\Windows\system32\dsauth.dll
[MD5.4BA9FC355BFB2056EA688A4205810D79] - [01/09/2022 11:44:35] - |A| - [485376] - C:\Windows\system32\DscCore.dll
[MD5.89A0BA829C80DBB58C1D6C7CB01E9AC7] - [01/09/2022 11:37:52] - |A| - [1292800] - C:\Windows\system32\dsreg.dll
[MD5.866989AA656CF67780143376C12DF510] - [01/09/2022 11:45:04] - |A| - [468992] - C:\Windows\system32\dsregcmd.exe
[MD5.493A756C503A4077BA284DDB09A16D24] - [01/09/2022 11:37:53] - |A| - [23552] - C:\Windows\system32\dsregtask.dll
[MD5.AC5B38F8CE32CA717EB751CF975CAF20] - [01/09/2022 11:40:18] - |A| - [3575296] - C:\Windows\system32\dwmcore.dll
[MD5.4E5602774E4964C1BD32E434BA1406C0] - [01/09/2022 11:40:18] - |A| - [66048] - C:\Windows\system32\dwmghost.dll
[MD5.B9BD863D619BBEF81090D23FEF3C21B8] - [01/09/2022 11:40:18] - |A| - [161792] - C:\Windows\system32\dwmredir.dll
[MD5.9F3FA96F301CBE828AA9E98F13506F4A] - [01/09/2022 11:40:19] - |A| - [2254336] - C:\Windows\system32\dwmscene.dll
[MD5.CF0CD597BCF7573208EAA2A0350A5CA0] - [01/09/2022 11:38:57] - |A| - [2569216] - C:\Windows\system32\DWrite.dll
[MD5.2170EEF3B5995F7453B9CED16D755B50] - [01/09/2022 11:44:14] - |A| - [235008] - C:\Windows\system32\DWWIN.EXE
[MD5.166978C4950EE3BBA6121F5D72C37F3F] - [01/09/2022 11:44:13] - |A| - [565760] - C:\Windows\system32\dxdiagn.dll
[MD5.2CAAE1E040BB68689F7FDB84B31E3CF0] - [01/09/2022 11:38:58] - |A| - [979792] - C:\Windows\system32\dxgi.dll
[MD5.9E0D2CDEB2C4716C83A6EE6FA738EC18] - [01/09/2022 11:38:58] - |A| - [237056] - C:\Windows\system32\dxgiadaptercache.exe
[MD5.9B5D7B7EBA994FFBC019C815A3D85B38] - [01/09/2022 11:48:37] - |A| - [7168] - C:\Windows\system32\dxmasf.dll
[MD5.798555DE2CE984770232EB9A9F5A3FE8] - [01/09/2022 11:37:35] - |A| - [369664] - C:\Windows\system32\eapp3hst.dll
[MD5.8508BAD5343223121A72B72734BD5927] - [01/09/2022 11:37:36] - |A| - [283136] - C:\Windows\system32\eappcfg.dll
[MD5.844636D63F7B27399DE49B95F215D45E] - [01/09/2022 11:41:05] - |A| - [363520] - C:\Windows\system32\eappcfgui.dll
[MD5.848E4A59F47E321057FFD75BAB82C9DD] - [01/09/2022 11:37:36] - |A| - [107008] - C:\Windows\system32\eappgnui.dll
[MD5.F14281C21436C2F6DA02B3A9903C5C06] - [01/09/2022 11:37:36] - |A| - [352256] - C:\Windows\system32\eapphost.dll
[MD5.1A4C6A56B0FCC19261290D3059774902] - [01/09/2022 11:37:35] - |A| - [222720] - C:\Windows\system32\EapTeapAuth.dll
[MD5.0EDE7E47888514756183995F9F157770] - [01/09/2022 11:37:35] - |A| - [186368] - C:\Windows\system32\EapTeapConfig.dll
[MD5.16EEAFAA4E5DF7F153F98DDE02BF0EB2] - [01/09/2022 11:38:56] - |A| - [3749888] - C:\Windows\system32\EdgeContent.dll
[MD5.0AAAF65BB7762209814E80FEA8D221AF] - [01/09/2022 11:44:18] - |A| - [26268672] - C:\Windows\system32\edgehtml.dll
[MD5.5C2AAEB1839D9149FC01F48D054F579C] - [01/09/2022 11:41:11] - |A| - [448000] - C:\Windows\system32\edgeIso.dll
[MD5.AC4AD6BB788E1C5CDB97199BBFC045AA] - [01/09/2022 11:44:22] - |A| - [944640] - C:\Windows\system32\EdgeManager.dll
[MD5.026350D969B409BDB6D63E5F94817C70] - [01/09/2022 11:39:02] - |A| - [88576] - C:\Windows\system32\EditBufferTestHook.dll
[MD5.8F41A19A3572000A8C5208C804F6F41E] - [01/09/2022 11:40:53] - |A| - [190592] - C:\Windows\system32\EditionUpgradeHelper.dll
[MD5.C4239B40C1A69C2F517D21031E842CE5] - [01/09/2022 11:40:53] - |A| - [241200] - C:\Windows\system32\EditionUpgradeManagerObj.dll
[MD5.F0ACAC6E106E1A9E4E75D1E125DBB90D] - [01/09/2022 11:41:06] - |A| - [62976] - C:\Windows\system32\edpnotify.exe
[MD5.952DD639EB590FFEFF99C5E37E1C09E3] - [01/09/2022 11:41:06] - |A| - [1185112] - C:\Windows\system32\efscore.dll
[MD5.AB950196101E8A56F6F6EBB778A9ECB4] - [01/09/2022 11:41:06] - |A| - [92160] - C:\Windows\system32\efslsaext.dll
[MD5.F5558BB3AAD05B47D85686872137985A] - [01/09/2022 11:41:06] - |A| - [96256] - C:\Windows\system32\efssvc.dll
[MD5.5791C9BAFD81676678065529F9031F8C] - [01/09/2022 11:42:03] - |A| - [887296] - C:\Windows\system32\efswrt.dll
[MD5.C4B100A23B3578D5989C82DCD087EF0C] - [01/09/2022 11:37:51] - |A| - [671928] - C:\Windows\system32\EM.exe
[MD5.45C2654A474AB085160BB9A790CA105A] - [01/09/2022 11:39:17] - |A| - [1145856] - C:\Windows\system32\EmailApis.dll
[MD5.E1598EB14D563B7EC0D94B224A156CFF] - [01/09/2022 11:41:04] - |A| - [56320] - C:\Windows\system32\enrollmentapi.dll
[MD5.E255D5DDF59DCE37A69625F0E49F713B] - [01/09/2022 11:39:34] - |A| - [601600] - C:\Windows\system32\EnterpriseAppMgmtSvc.dll
[MD5.40D6E7F20D668FCC92BD284564A75164] - [01/09/2022 11:41:03] - |A| - [1793536] - C:\Windows\system32\enterprisecsps.dll
[MD5.4DEF90FDBB41735D7E8776278DC58499] - [01/09/2022 11:44:02] - |A| - [95232] - C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
[MD5.8FFD8CB98EB38E534DC7C2609D11278B] - [01/09/2022 11:38:22] - |A| - [203264] - C:\Windows\system32\ErrorDetails.dll
[MD5.05A5DD3CE32301182B329D837D245A67] - [01/09/2022 11:40:17] - |A| - [414720] - C:\Windows\system32\es.dll
[MD5.EB3A99D13728A247AFC1F00945957920] - [01/09/2022 11:44:15] - |A| - [152064] - C:\Windows\system32\EsclProtocol.dll
[MD5.275449781C0D992E92F7B1D6F1E458D2] - [01/09/2022 11:44:02] - |A| - [270848] - C:\Windows\system32\EsclScan.dll
[MD5.7067FEA4439370C901BBBCFC1DC0FBCB] - [01/09/2022 11:44:16] - |A| - [170496] - C:\Windows\system32\EsclWiaDriver.dll
[MD5.D315FF43E23DF424ECEC2F6C930203E4] - [01/09/2022 11:13:51] - |A| - [144560] - C:\Windows\system32\escsvc64.exe
[MD5.DC3005CE64B01CF399085E240568FF55] - [01/09/2022 11:39:19] - |A| - [3283456] - C:\Windows\system32\esent.dll
[MD5.7ADE737FFEA5A12CA7B82E4D149AA89B] - [01/09/2022 11:13:51] - |A| - [466944] - C:\Windows\system32\esxw2ud.dll
[MD5.110409AA67D9E6FD8ACBFF037475F4EC] - [01/09/2022 11:39:25] - |A| - [79360] - C:\Windows\system32\EventAggregation.dll
[MD5.05F7A12872F69758C7C1FF77023D2296] - [01/09/2022 11:38:15] - |A| - [382256] - C:\Windows\system32\ExecModelClient.dll
[MD5.BAC5074667751F72A9CE48CDC31BAC48] - [01/09/2022 11:11:14] - |A| - [10752] - C:\Windows\system32\E_GCINST.DLL
[MD5.7AA0F9D84EDB66DA876ED06093726AD6] - [01/09/2022 11:11:09] - |A| - [83968] - C:\Windows\system32\E_YD4BM1E.DLL
[MD5.B263640A24AE011BE745A7864AB00E75] - [01/09/2022 11:11:10] - |A| - [187392] - C:\Windows\system32\E_YLMBM1E.DLL
[MD5.7D94BE84A8F5F7BD1621F42C3176FFF8] - [01/09/2022 11:43:53] - |A| - [601088] - C:\Windows\system32\facecredentialprovider.dll
[MD5.A631A76ED076822C9CAFAF3A3B1E5C81] - [01/09/2022 11:41:16] - |A| - [1023824] - C:\Windows\system32\Facilitator.dll
[MD5.B3B2F7CE4EDDD54BC25CF90022C6120E] - [01/09/2022 11:40:27] - |A| - [496352] - C:\Windows\system32\Faultrep.dll
[MD5.877F1A4B1CCDBAE8E64896F438A1F420] - [01/09/2022 11:37:40] - |A| - [31744] - C:\Windows\system32\FaxPrinterInstaller.dll
[MD5.01CCAB18E509C0A6C4004EE7B8B40653] - [01/09/2022 11:37:27] - |A| - [265728] - C:\Windows\system32\fcon.dll
[MD5.D19B4B9EF92DB5797646E5B01036332C] - [01/09/2022 11:41:41] - |A| - [222208] - C:\Windows\system32\fdprint.dll
[MD5.46B61E5B52B258E4929FEA420390EA20] - [01/09/2022 11:43:54] - |A| - [106496] - C:\Windows\system32\fdSSDP.dll
[MD5.C6B573DC1BB048217950E5FAFC9844E3] - [01/09/2022 11:44:03] - |A| - [132608] - C:\Windows\system32\fdWSD.dll
[MD5.59949EECA54D5CD21A0EDE97E76056F6] - [01/09/2022 11:41:06] - |A| - [252928] - C:\Windows\system32\feclient.dll
[MD5.5CB7D42374CA8C561300DA86AD391F6B] - [01/09/2022 11:44:53] - |A| - [301056] - C:\Windows\system32\fhcat.dll
[MD5.BD94C6EA1730CA3806CBD6CB16CCB4CC] - [01/09/2022 11:44:53] - |A| - [441344] - C:\Windows\system32\fhcfg.dll
[MD5.A6C35566735FAEDB1799242A41724667] - [01/09/2022 11:44:53] - |A| - [56832] - C:\Windows\system32\fhcleanup.dll
[MD5.2A16321BD78B94FA6036B83F976BA082] - [01/09/2022 11:44:53] - |A| - [381952] - C:\Windows\system32\fhcpl.dll
[MD5.C171FA2EB18548C1B905011B6D4F533E] - [01/09/2022 11:44:53] - |A| - [248320] - C:\Windows\system32\fhengine.dll
[MD5.27D667968A08C58B493AF9A34D0B568F] - [01/09/2022 11:44:53] - |A| - [73728] - C:\Windows\system32\fhevents.dll
[MD5.99250C4B72326697DA62330F9B88CB2E] - [01/09/2022 11:44:53] - |A| - [67584] - C:\Windows\system32\fhlisten.dll
[MD5.B57991DDF566C9F467945FD73BA9B38B] - [01/09/2022 11:44:53] - |A| - [140800] - C:\Windows\system32\fhmanagew.exe
[MD5.E772C91ED673FBFFDE20C49C7214BE0A] - [01/09/2022 11:44:53] - |A| - [453120] - C:\Windows\system32\fhsettingsprovider.dll
[MD5.B36ADE2CCE977FB498913285C6270BD1] - [01/09/2022 11:44:53] - |A| - [156672] - C:\Windows\system32\fhshl.dll
[MD5.CB956D2DE064058597535EF615429E11] - [01/09/2022 11:44:53] - |A| - [82432] - C:\Windows\system32\fhsrchapi.dll
[MD5.F3CCE030AFF2A3AD52227352C6199FFA] - [01/09/2022 11:44:53] - |A| - [71680] - C:\Windows\system32\fhsrchph.dll
[MD5.3AA883D460D1A6169A2A654C9596172F] - [01/09/2022 11:44:53] - |A| - [124416] - C:\Windows\system32\fhsvc.dll
[MD5.33BC987949F2F2F3EA51BC48BE3FA599] - [01/09/2022 11:44:53] - |A| - [31232] - C:\Windows\system32\fhsvcctl.dll
[MD5.86477E76C2CDC310EAF5D41A6C59DD38] - [01/09/2022 11:44:53] - |A| - [61952] - C:\Windows\system32\fhtask.dll
[MD5.7E3ED122F8473096DFDB7375D7EF5FC4] - [01/09/2022 11:39:09] - |A| - [236032] - C:\Windows\system32\fidocredprov.dll
[MD5.A778EA99722EA29EDE1107687B9DE0C3] - [01/09/2022 11:41:15] - |A| - [170496] - C:\Windows\system32\FilterDS.dll
[MD5.4BF76A28D31FC73AA9FC970B22D056AF] - [01/09/2022 11:44:05] - |A| - [17920] - C:\Windows\system32\find.exe
[MD5.99C8F47FCFFAFB769C63A81197BD29CE] - [01/09/2022 11:41:44] - |A| - [68608] - C:\Windows\system32\findnetprinters.dll
[MD5.33FB1C9EA2DA6FBE244C8C30E4F1AC00] - [01/09/2022 11:44:04] - |A| - [106496] - C:\Windows\system32\fingerprintcredential.dll
[MD5.C44E68FACFD8EDF4D294DA90B12390B7] - [01/09/2022 11:39:24] - |A| - [635904] - C:\Windows\system32\FirewallAPI.dll
[MD5.FE058B560099EDCD19BD6963BC5BA179] - [01/09/2022 11:42:01] - |A| - [21504] - C:\Windows\system32\fixmapi.exe
[MD5.3B6890538B7C7C5FF1198713AC97FB42] - [01/09/2022 11:37:37] - |A| - [940480] - C:\Windows\system32\FlightSettings.dll
[MD5.2E1928C2ABCB280C22AACB4B37AA3936] - [01/09/2022 11:38:57] - |A| - [1423872] - C:\Windows\system32\FntCache.dll
[MD5.BBCB897697B3442657C7D6E3EDDBD25F] - [01/09/2022 11:40:44] - |A| - [827408] - C:\Windows\system32\fontdrvhost.exe
[MD5.22353660D1A6F515FEBF60923D688B88] - [01/09/2022 11:40:44] - |A| - [126976] - C:\Windows\system32\fontsub.dll
[MD5.72C761C91A4361AE3224AAA6D0E39300] - [01/09/2022 11:37:49] - |A| - [312832] - C:\Windows\system32\framedynos.dll
[MD5.A3CCAE333F3637080D5E3DD984EA4985] - [01/09/2022 11:44:46] - |A| - [988672] - C:\Windows\system32\FrameServer.dll
[MD5.18E5274E6BC75839BCBEEDBAACEEDC66] - [01/09/2022 11:44:46] - |A| - [422912] - C:\Windows\system32\FrameServerClient.dll
[MD5.694DD481772ECF2B90E6A6FB268C652C] - [01/09/2022 11:44:46] - |A| - [101280] - C:\Windows\system32\FsIso.exe
[MD5.9382C62D98C8B7467E3272F8DB061DB3] - [01/09/2022 11:44:46] - |A| - [693248] - C:\Windows\system32\FsNVSDeviceSource.dll
[MD5.F419CFE7C4F0A0F85D3A367782D58473] - [01/09/2022 11:48:30] - |A| - [982528] - C:\Windows\system32\fveapi.dll
[MD5.EE5E477D7234599451ACAAF8AFC1EAB0] - [01/09/2022 11:48:30] - |A| - [424960] - C:\Windows\system32\fveapibase.dll
[MD5.E1AAA847EF94672FE64F2873E12A5771] - [01/09/2022 11:48:29] - |A| - [409600] - C:\Windows\system32\fvecpl.dll
[MD5.68555568BD875BEB20B89DEE3783BD98] - [01/09/2022 11:48:29] - |A| - [351232] - C:\Windows\system32\fveui.dll
[MD5.A7F28AADBD1995B194178A4034ADD1F2] - [01/09/2022 11:48:30] - |A| - [817152] - C:\Windows\system32\fvewiz.dll
[MD5.0529E26D97250FBE5A4B500653D03C5F] - [01/09/2022 11:39:24] - |A| - [215552] - C:\Windows\system32\fwbase.dll
[MD5.6C0BA7FDE11E9C5A65B2907911154C6A] - [01/09/2022 11:44:33] - |A| - [58880] - C:\Windows\system32\fwcfg.dll
[MD5.1D6541EC936B7384466D6E4E9B3D7DFC] - [01/09/2022 11:39:24] - |A| - [184320] - C:\Windows\system32\fwmdmcsp.dll
[MD5.C2EF69F85959E537786A09A77D41EBD0] - [01/09/2022 11:39:24] - |A| - [312320] - C:\Windows\system32\fwpolicyiomgr.dll
[MD5.3EFB7AEC28835D1B0CA1104086846458] - [01/09/2022 11:39:26] - |A| - [506368] - C:\Windows\system32\FWPUCLNT.DLL
[MD5.ABA4948C5E8A9DF3F02F282CC9577EF7] - [01/09/2022 11:41:06] - |A| - [101888] - C:\Windows\system32\FwRemoteSvr.dll
[MD5.09E540A81347DF7A9E85EC78ED7C38A0] - [01/09/2022 11:48:52] - |A| - [292864] - C:\Windows\system32\FXSAPI.dll
[MD5.70554778CC60A6A84CCA6031C1617139] - [01/09/2022 11:48:52] - |A| - [94208] - C:\Windows\system32\FXSCOM.dll
[MD5.53B8F6DED6CCA54C35A3ED1958542ED8] - [01/09/2022 11:48:52] - |A| - [619520] - C:\Windows\system32\FXSCOMEX.dll
[MD5.1090421AFE315A865FF2A07FF3CB728C] - [01/09/2022 11:48:38] - |A| - [434176] - C:\Windows\system32\FXSCOMPOSE.dll
[MD5.1A65F6353190453298237DC0630AAD59] - [01/09/2022 11:48:38] - |A| - [35328] - C:\Windows\system32\FXSCOMPOSERES.dll
[MD5.E84D823AA60FD10AAFE453CB5F9D8871] - [01/09/2022 11:48:38] - |A| - [248320] - C:\Windows\system32\FXSCOVER.exe
[MD5.0F0798C74E9EC67ECB4ED7262CB97F58] - [01/09/2022 11:48:53] - |A| - [8192] - C:\Windows\system32\FXSEVENT.dll
[MD5.8E31CA8C8955F0ADACBB15D7DF824FEA] - [01/09/2022 11:48:53] - |A| - [49152] - C:\Windows\system32\FXSMON.dll
[MD5.3993DAA80161F83FEE97386013AD28EA] - [01/09/2022 11:48:52] - |A| - [925696] - C:\Windows\system32\FXSRESM.dll
[MD5.CCCF2803C018618EE2214D9077E13A90] - [01/09/2022 11:48:53] - |A| - [83968] - C:\Windows\system32\FXSROUTE.dll
[MD5.28D46D9A6AAA6D9431599A2C8A0E2A50] - [01/09/2022 11:48:53] - |A| - [860160] - C:\Windows\system32\FXSST.dll
[MD5.8C6D3BF6997E02544BE68D43DABE2F39] - [01/09/2022 11:48:52] - |A| - [663552] - C:\Windows\system32\FXSSVC.exe
[MD5.90659ED63FF6957C90F118327AA1C80E] - [01/09/2022 11:48:52] - |A| - [258560] - C:\Windows\system32\FXST30.dll
[MD5.510C0E289F485A2D2705613148BF6B3C] - [01/09/2022 11:48:52] - |A| - [416256] - C:\Windows\system32\FXSTIFF.dll
[MD5.22A40CA140D386270306B208CFE1DBE0] - [01/09/2022 11:48:53] - |A| - [19968] - C:\Windows\system32\FXSUNATD.exe
[MD5.066A075DE7FA63F00EA77EBC074FD1FC] - [01/09/2022 11:48:38] - |A| - [186368] - C:\Windows\system32\FXSUTILITY.dll
[MD5.A7CD388AF6F1F88AA46607A60EE59A01] - [01/09/2022 11:44:47] - |A| - [60928] - C:\Windows\system32\g711codc.ax
[MD5.844ACA5CF399BB64E3577360A423E7D8] - [01/09/2022 11:43:52] - |A| - [342016] - C:\Windows\system32\GameBarPresenceWriter.exe
[MD5.2704E1C2E26211C3403E6AFC20C44381] - [01/09/2022 11:43:52] - |A| - [13824] - C:\Windows\system32\GameBarPresenceWriter.proxy.dll
[MD5.AFC991E2E7DDE699F79007F7E13E0665] - [01/09/2022 11:38:19] - |A| - [72016] - C:\Windows\system32\GameInput.dll
[MD5.9AADC5F610CD646176451D8EE2473090] - [01/09/2022 11:38:59] - |A| - [162232] - C:\Windows\system32\gdi32.dll
[MD5.6FBAC88CF94C949841DCFFF4AB3B2AC2] - [01/09/2022 11:41:08] - |A| - [1076928] - C:\Windows\system32\gdi32full.dll
[MD5.48136ABACB217C3DBFA2058FF21AE0FA] - [01/09/2022 11:41:08] - |A| - [1709056] - C:\Windows\system32\GdiPlus.dll
[MD5.C1A2B9A4B36DFC53E1577C1B00EDDEC2] - [01/09/2022 11:40:11] - |A| - [602424] - C:\Windows\system32\generaltel.dll
[MD5.C34D67C0837017E1FD34409F842A19A4] - [01/09/2022 11:40:53] - |A| - [674040] - C:\Windows\system32\GenValObj.exe
[MD5.00AB858F0E52C1D053BFD6A4A5D6385C] - [01/09/2022 11:39:19] - |A| - [129024] - C:\Windows\system32\globinputhost.dll
[MD5.81EA9BE027AAAE78E677D9474EF0FE00] - [01/09/2022 11:44:34] - |A| - [164352] - C:\Windows\system32\glu32.dll
[MD5.C125B42B9DC94474F599A9978BC4F41F] - [01/09/2022 11:40:42] - |A| - [39936] - C:\Windows\system32\gmsaclient.dll
[MD5.C005D92F0978D8E707630C81D7020735] - [01/09/2022 11:41:09] - |A| - [134776] - C:\Windows\system32\gpapi.dll
[MD5.5B2684688E6C1A9DFCEDA829C36333CE] - [01/09/2022 11:44:14] - |A| - [622080] - C:\Windows\system32\gpedit.dll
[MD5.D774A669E6B6A2928FC6C88E8F42CD91] - [01/09/2022 11:37:47] - |A| - [40960] - C:\Windows\system32\gpprnext.dll
[MD5.702B98FF114A37CC0AE57F8810829F2F] - [01/09/2022 11:44:15] - |A| - [227840] - C:\Windows\system32\gpresult.exe
[MD5.9ECFE5A93EDF579F493A30B0A6BC1EDA] - [01/09/2022 11:41:09] - |A| - [1335808] - C:\Windows\system32\gpsvc.dll
[MD5.049BA4E058B12E67629694974ECAF919] - [01/09/2022 11:40:35] - |A| - [18288] - C:\Windows\system32\hal.dll
[MD5.DD5F5B0B69A30E2F6B556CE1FDDB38BB] - [01/09/2022 11:41:09] - |A| - [671744] - C:\Windows\system32\hgcpl.dll
[MD5.D339A7577044066E6E09B3D6C4F85FB1] - [01/09/2022 11:45:03] - |A| - [229376] - C:\Windows\system32\hgprint.dll
[MD5.7EA041FD0D79B908E43EF23202DD59EB] - [01/09/2022 11:41:12] - |A| - [143872] - C:\Windows\system32\hlink.dll
[MD5.94B3097B3F07FBEE7CE79C57712B7850] - [01/09/2022 11:44:15] - |A| - [402432] - C:\Windows\system32\hnetcfg.dll
[MD5.6352E488D684C02B9D86F451AFFD533F] - [01/09/2022 11:46:07] - |A| - [18767872] - C:\Windows\system32\HologramWorld.dll
[MD5.3687B34E8F5C671C2ECECD813EAB41AB] - [01/09/2022 11:46:07] - |A| - [849408] - C:\Windows\system32\HolographicExtensions.dll
[MD5.DA73E6BC24D989A496468EB5F74B0FCA] - [01/09/2022 11:46:14] - |A| - [488960] - C:\Windows\system32\HolographicRuntimes.dll
[MD5.906040442960C9748A2B65278CC4A36A] - [01/09/2022 11:46:14] - |A| - [1092096] - C:\Windows\system32\HoloSI.PCShell.dll
[MD5.C4D58F803EDA0F7F3256C8D5259F89C3] - [01/09/2022 11:37:30] - |A| - [474112] - C:\Windows\system32\HrtfApo.dll
[MD5.6C272DCADCBC07ED049912155C7EB44F] - [01/09/2022 11:40:25] - |A| - [36864] - C:\Windows\system32\httpapi.dll
[MD5.301F615A7F442B1336B7E8CF07ABF544] - [01/09/2022 11:39:34] - |A| - [261632] - C:\Windows\system32\HttpsDataSource.dll
[MD5.3695836CDC446F50E642AC276D435651] - [01/09/2022 11:43:54] - |A| - [1270120] - C:\Windows\system32\hvax64.exe
[MD5.EAAE4ACF3FA197D6780B4BED13A9EC4D] - [01/09/2022 11:43:55] - |A| - [1573224] - C:\Windows\system32\hvix64.exe
[MD5.2A01B6EE60E50A4C31966A90458CD2AC] - [01/09/2022 11:43:54] - |A| - [119136] - C:\Windows\system32\hvloader.dll
[MD5.87DA4F54D3A2AE506D3AE6A0E89CABEA] - [01/09/2022 11:46:10] - |A| - [24272384] - C:\Windows\system32\Hydrogen.dll
[MD5.1028F4E595E11FD497722792D88516B8] - [01/09/2022 11:44:15] - |A| - [32768] - C:\Windows\system32\ias.dll
[MD5.D6AD87EEDBDE44FB32805B91E9592FAC] - [01/09/2022 11:44:15] - |A| - [87552] - C:\Windows\system32\iasacct.dll
[MD5.81AF3FFB94D52C1977416FC5B1ACD19F] - [01/09/2022 11:44:15] - |A| - [78848] - C:\Windows\system32\iasads.dll
[MD5.6E91C4FB00E4DFE3E62340CCCA283E31] - [01/09/2022 11:44:15] - |A| - [50176] - C:\Windows\system32\iaspolcy.dll
[MD5.B92DCA73F7B46026483F633E8D073FA3] - [01/09/2022 11:44:15] - |A| - [238592] - C:\Windows\system32\iasrad.dll
[MD5.A198873CAB1F3F03A13164187497D525] - [01/09/2022 11:44:15] - |A| - [144384] - C:\Windows\system32\iassvcs.dll
[MD5.52EF5DDD0019C445708DBD8D99B1C5A3] - [01/09/2022 11:39:24] - |A| - [165728] - C:\Windows\system32\icfupgd.dll
[MD5.86183A9A93B3D3293357B626015A99FD] - [01/09/2022 11:44:54] - |A| - [304640] - C:\Windows\system32\icsvcext.dll
[MD5.84336F23ECE1890658B044FEF7CFC4A2] - [01/09/2022 11:44:18] - |A| - [254464] - C:\Windows\system32\ie4uinit.exe
[MD5.A9983D679B70D3DC9299D94907A96ACA] - [01/09/2022 11:44:18] - |A| - [95232] - C:\Windows\system32\ie4ushowIE.exe
[MD5.62CF1B960087CB1229882667D4EE782C] - [01/09/2022 11:44:18] - |A| - [886784] - C:\Windows\system32\ieapfltr.dll
[MD5.4D8865E142927E57CEA9CF0568FA57D5] - [01/09/2022 11:44:17] - |A| - [413184] - C:\Windows\system32\iedkcs32.dll
[MD5.C02F5839AB6F63D9E9DF1797E1C1DF60] - [01/09/2022 11:44:28] - |A| - [7716864] - C:\Windows\system32\ieframe.dll
[MD5.E4EADC9B6E3AA50C20674BAAFC6F298F] - [01/09/2022 11:44:30] - |A| - [65536] - C:\Windows\system32\iemigplugin.dll
[MD5.31425A5CE86E608925C9D3E7631634EA] - [01/09/2022 11:44:17] - |A| - [187392] - C:\Windows\system32\iepeers.dll
[MD5.9E3BD9E32111576C2059D6D43BE7D371] - [01/09/2022 11:44:26] - |A| - [935424] - C:\Windows\system32\ieproxy.dll
[MD5.9A4F3278CDED79FF34DEE2FA6491405A] - [01/09/2022 11:41:11] - |A| - [2812928] - C:\Windows\system32\iertutil.dll
[MD5.F19B25F69E0DAE067C678EBECED32AC8] - [01/09/2022 11:44:30] - |A| - [544256] - C:\Windows\system32\IESettingSync.exe
[MD5.4D7A9FEE75518B68D079E9A72815404A] - [01/09/2022 11:39:31] - |A| - [226632] - C:\Windows\system32\ifsutil.dll
[MD5.21E731F728B53314F6C21156067036EE] - [01/09/2022 11:39:26] - |A| - [1054208] - C:\Windows\system32\IKEEXT.DLL
[MD5.01578D9FA0167F1547C6F0459A6D53E7] - [01/09/2022 11:40:35] - |A| - [107408] - C:\Windows\system32\imagehlp.dll
[MD5.1ED9E664C57C8E4AD1282F77BDBCF44F] - [01/09/2022 11:44:16] - |A| - [1005568] - C:\Windows\system32\imapi2fs.dll
[MD5.611B8C8AB6C3310834A085ADF08BA5BA] - [01/09/2022 11:44:26] - |A| - [237056] - C:\Windows\system32\IndexedDbLegacy.dll
[MD5.3A4EB489127284FF8E8FAC0D9DC2D1CA] - [01/09/2022 11:44:17] - |A| - [553472] - C:\Windows\system32\inetcpl.cpl
[MD5.6EC5E666C499175F2BD29620A3A988ED] - [01/09/2022 11:44:55] - |A| - [184320] - C:\Windows\system32\inetpp.dll
[MD5.1FCF3B83EB5797362AAE976C7F031C9A] - [01/09/2022 11:44:55] - |A| - [35328] - C:\Windows\system32\inetppui.dll
[MD5.37752F8B76D69C752817970374E3CD45] - [01/09/2022 11:41:49] - |A| - [273920] - C:\Windows\system32\InkEd.dll
[MD5.234670046FBD5952C79AE25E1612B12B] - [01/09/2022 11:41:50] - |A| - [378680] - C:\Windows\system32\input.dll
[MD5.A1D993FE84DBB6B25FC273E48A4EDDCA] - [01/09/2022 11:40:00] - |A| - [154112] - C:\Windows\system32\InputCloudStore.dll
[MD5.0B54EE679B6E08BC59E680E9E187475D] - [01/09/2022 11:39:05] - |A| - [1379112] - C:\Windows\system32\InputHost.dll
[MD5.DF08DB143A03B9E2E78CEA1221355B59] - [01/09/2022 11:39:03] - |A| - [142336] - C:\Windows\system32\InputLocaleManager.dll
[MD5.9EA182AF039326A5A7B4B671F3A5D691] - [01/09/2022 11:39:01] - |A| - [4730880] - C:\Windows\system32\InputService.dll
[MD5.72F522FA7ED3AE75CF8A7F445A3719FD] - [01/09/2022 11:41:50] - |A| - [540672] - C:\Windows\system32\InputSwitch.dll
[MD5.FEE6E088AC7F69A20E4FD09C745DED20] - [01/09/2022 11:39:09] - |A| - [2430464] - C:\Windows\system32\InstallService.dll
[MD5.E2FF57CC40821E7718C6BAC76C313F73] - [01/09/2022 11:39:10] - |A| - [231936] - C:\Windows\system32\InstallServiceTasks.dll
[MD5.5E8CC5E374272D23A718F8DDD7DD796B] - [01/09/2022 11:40:03] - |A| - [581968] - C:\Windows\system32\invagent.dll
[MD5.86018413EDD46079D6FF4763B52185FC] - [01/09/2022 11:40:20] - |A| - [231440] - C:\Windows\system32\IPHLPAPI.DLL
[MD5.2CD8DD9B82DA2684E41C5786F00040AF] - [01/09/2022 11:41:27] - |A| - [841216] - C:\Windows\system32\iphlpsvc.dll
[MD5.5095EF2C7ECB1DD81522DA66C92C45E7] - [01/09/2022 11:41:47] - |A| - [619008] - C:\Windows\system32\ipnathlp.dll
[MD5.D3B2C1F78FC5098996F93325D457DD1F] - [01/09/2022 11:41:41] - |A| - [111616] - C:\Windows\system32\IppCommon.dll
[MD5.0C497AAFB51193CC924677905BBC1CC1] - [01/09/2022 11:41:41] - |A| - [17920] - C:\Windows\system32\IppCommonProxy.dll
[MD5.ECD04E8CE2AB35107A7C22A35C79B845] - [01/09/2022 11:41:46] - |A| - [11776] - C:\Windows\system32\iprtprio.dll
[MD5.80B50D097F1C909AD42E0A72E923FB44] - [01/09/2022 11:41:46] - |A| - [628224] - C:\Windows\system32\iprtrmgr.dll
[MD5.4372FC65DAF6A5912DBA10118A20A386] - [01/09/2022 11:41:06] - |A| - [463360] - C:\Windows\system32\IPSECSVC.DLL
[MD5.C4F015FCB892FE9449D0C84018304F61] - [01/09/2022 11:44:30] - |A| - [50688] - C:\Windows\system32\iscsicli.exe
[MD5.4BBA97A4E53831CB6FE7940183945987] - [01/09/2022 11:44:30] - |A| - [79872] - C:\Windows\system32\iscsidsc.dll
[MD5.C8E543FA3FD1B5D4C7AE8B742DE1B318] - [01/09/2022 11:44:30] - |A| - [12800] - C:\Windows\system32\iscsied.dll
[MD5.D81EC229265DBD93FB14DBA5A6A9B0EF] - [01/09/2022 11:44:30] - |A| - [160768] - C:\Windows\system32\iscsiexe.dll
[MD5.B515197CBA5AF535B88263EA004334C6] - [01/09/2022 11:37:09] - |A| - [16896] - C:\Windows\system32\iscsilog.dll
[MD5.0DFFB111E98983FAA3C52BB53BED19FE] - [01/09/2022 11:44:30] - |A| - [37376] - C:\Windows\system32\iscsium.dll
[MD5.02A630E2C9F4FA15A1050866B04CD5E6] - [01/09/2022 11:44:30] - |A| - [84480] - C:\Windows\system32\iscsiwmi.dll
[MD5.1E0167FB7F83B7F5DAD9AE80FF7541ED] - [01/09/2022 11:44:30] - |A| - [131072] - C:\Windows\system32\iscsiwmiv2.dll
[MD5.DB0DD9D03F83D4E664765DE63FD62C5C] - [01/09/2022 11:39:06] - |A| - [2250240] - C:\Windows\system32\ISM.dll
[MD5.DD8099360BA97FE4A021D1250ABABB6F] - [01/09/2022 11:43:55] - |A| - [26904] - C:\Windows\system32\iumbase.dll
[MD5.913816F99319B9E36FEE0297695F52B8] - [01/09/2022 11:42:03] - |A| - [70792] - C:\Windows\system32\iumcrypt.dll
[MD5.38B37935061EAD87B3D3D09E3ECA4F39] - [01/09/2022 11:43:55] - |A| - [16584] - C:\Windows\system32\iumdll.dll
[MD5.8AEF24FBB26AF5C8EA379FFEEA73911C] - [01/09/2022 11:41:28] - |A| - [151552] - C:\Windows\system32\joinutil.dll
[MD5.0D9592069D35A99EEEB9B9A68746E36E] - [01/09/2022 11:41:15] - |A| - [245760] - C:\Windows\system32\JpnServiceDS.dll
[MD5.B6398A7E72F8EE1A5D4EE25A3D94E31C] - [01/09/2022 11:44:17] - |A| - [853504] - C:\Windows\system32\jscript.dll
[MD5.5E93E3CC8E744197EAF79FFDD7B9F3CA] - [01/09/2022 11:44:28] - |A| - [4889088] - C:\Windows\system32\jscript9.dll
[MD5.0BD9B151437AF22655213F6C596D269D] - [01/09/2022 11:44:28] - |A| - [714240] - C:\Windows\system32\jscript9diag.dll
[MD5.12178BB53DF5A386E1C47807C0981DEE] - [01/09/2022 11:41:10] - |A| - [53248] - C:\Windows\system32\jsproxy.dll
[MD5.68FC68923652FF9763AC2782B46A806B] - [01/09/2022 11:37:35] - |A| - [27136] - C:\Windows\system32\kdcpw.dll
[MD5.780CC73953D72C199180DFCC05FB129A] - [01/09/2022 11:43:55] - |A| - [22352] - C:\Windows\system32\kdhvcom.dll
[MD5.0AAB8CB957E967F33EB48668CF35EF60] - [01/09/2022 11:40:35] - |A| - [125776] - C:\Windows\system32\kdnet.dll
[MD5.7568586A5A7FCF7FEEE015B3530EFE1A] - [01/09/2022 11:39:25] - |A| - [72192] - C:\Windows\system32\keepaliveprovider.dll
[MD5.989147FF11F6B77EFA8CF40EA2BAE52A] - [01/09/2022 11:39:24] - |A| - [203568] - C:\Windows\system32\KerbClientShared.dll
[MD5.6BBF04BC0F5ACE4613A3DB4D0095E6ED] - [01/09/2022 11:39:24] - |A| - [1099776] - C:\Windows\system32\kerberos.dll
[MD5.F7110F4E43AF6DA3F8313467BF27B336] - [01/09/2022 11:42:02] - |A| - [766000] - C:\Windows\system32\kernel32.dll
[MD5.9335D316145DB1C9C13A8C7E19313B4F] - [01/09/2022 11:40:41] - |A| - [2949192] - C:\Windows\system32\KernelBase.dll
[MD5.682836A5CCC91E4FA58751BF007D21AC] - [01/09/2022 11:41:02] - |A| - [71680] - C:\Windows\system32\KeyCredMgr.dll
[MD5.835F59798F70A101F7AD472D191E183C] - [01/09/2022 11:42:03] - |A| - [59904] - C:\Windows\system32\keymgr.dll
[MD5.6A01577D9E9E9B8518C89189370E74F7] - [01/09/2022 11:44:45] - |A| - [75264] - C:\Windows\system32\klist.exe
[MD5.411E447F220E24E4EFFEE47C9B4EF1DD] - [01/09/2022 11:37:47] - |A| - [237568] - C:\Windows\system32\KnobsCore.dll
[MD5.6F3FE28A8448DC3191EB3D94238B272D] - [01/09/2022 11:37:47] - |A| - [125952] - C:\Windows\system32\KnobsCsp.dll
[MD5.3D547B8C756973B61A634DB99ACA74D8] - [01/09/2022 11:44:45] - |A| - [40448] - C:\Windows\system32\ksetup.exe
[MD5.92A772ED7910DF7FC55D812C6A258A1E] - [01/09/2022 11:37:57] - |A| - [203264] - C:\Windows\system32\L2SecHC.dll
[MD5.C1748DC6152554D5E8962795DCDC5619] - [01/09/2022 11:40:02] - |A| - [11776] - C:\Windows\system32\LaunchTM.exe
[MD5.4909B18ED06BD50446891875FAE90A00] - [01/09/2022 11:42:00] - |A| - [45056] - C:\Windows\system32\LaunchWinApp.exe
[MD5.09B941269603EF9375246272DBF3A6AD] - [01/09/2022 11:39:35] - |A| - [243712] - C:\Windows\system32\LegacyNetUXHost.exe
[MD5.6BD0D140634FF04A6AC76370B661BFD9] - [01/09/2022 11:39:10] - |A| - [1070936] - C:\Windows\system32\LicenseManager.dll
[MD5.EDE13EBEB28FACF2EB4CDC6A279D1110] - [01/09/2022 11:37:58] - |A| - [160768] - C:\Windows\system32\LicensingCSP.dll
[MD5.DFE3BDBECDF06B62A3D69EB946E44B60] - [01/09/2022 11:38:26] - |A| - [395776] - C:\Windows\system32\licensingdiag.exe
[MD5.37C67867B913474F441C30209FF93E35] - [01/09/2022 11:40:52] - |A| - [402944] - C:\Windows\system32\LicensingDiagSpp.dll
[MD5.95948519B4C1678865CB6B86941C45C8] - [01/09/2022 11:40:53] - |A| - [757088] - C:\Windows\system32\LicensingWinRT.dll
[MD5.687A9883ABC6C7EBCC002C295932EFDD] - [01/09/2022 11:45:03] - |A| - [286208] - C:\Windows\system32\ListSvc.dll
[MD5.947BE290BD16FC788E2CCAB1EDA3E599] - [01/09/2022 11:37:40] - |A| - [1272320] - C:\Windows\system32\localspl.dll
[MD5.310A802775D575DB23930D349408A2CE] - [01/09/2022 11:37:58] - |A| - [19968] - C:\Windows\system32\localui.dll
[MD5.C274526BF431F9121D90CEF1850391A2] - [01/09/2022 11:41:09] - |A| - [2028032] - C:\Windows\system32\LocationFramework.dll
[MD5.423B4D68FEFBA70668980F5547DF25BF] - [01/09/2022 11:41:09] - |A| - [83456] - C:\Windows\system32\LocationFrameworkInternalPS.dll
[MD5.3518894E19561A82CC6D3EBE7BB97187] - [01/09/2022 11:41:09] - |A| - [41328] - C:\Windows\system32\LocationFrameworkPS.dll
[MD5.5C75C2A44DD289C3A74D1F910DD7FA7F] - [01/09/2022 11:41:13] - |A| - [455680] - C:\Windows\system32\LockAppBroker.dll
[MD5.0638A435B0CB9D457FE38E42C5859863] - [01/09/2022 11:41:12] - |A| - [679424] - C:\Windows\system32\LockController.dll
[MD5.9534680C0F46FF864BC827ED1F6E1198] - [01/09/2022 11:41:13] - |A| - [457216] - C:\Windows\system32\LockHostingFramework.dll
[MD5.109DC942A24F990ABBCE7FAC6806AC4F] - [01/09/2022 11:44:35] - |A| - [120320] - C:\Windows\system32\logman.exe
[MD5.89174072E17CA4E75DCED882E95C6A31] - [01/09/2022 11:40:23] - |A| - [271672] - C:\Windows\system32\logoncli.dll
[MD5.8E0C81AA713EE087F8DACF724E559D95] - [01/09/2022 11:41:02] - |A| - [873984] - C:\Windows\system32\LogonController.dll
[MD5.00000000000000000000000000000000] - [01/09/2022 10:54:54] - |D| - [131072] - C:\Windows\system32\Logs
[MD5.D8A42A8A2B3D9083E26CA9736C351CD7] - [01/09/2022 11:40:44] - |A| - [3072] - C:\Windows\system32\lpk.dll
[MD5.FB44B6DD5D4EC676635A2B0DDCDEF52D] - [01/09/2022 11:41:12] - |A| - [745472] - C:\Windows\system32\lpksetup.exe
[MD5.A1C3FBEAEF40F5B93E12DCAAAED7C013] - [01/09/2022 11:42:02] - |A| - [311984] - C:\Windows\system32\LsaIso.exe
[MD5.E4237855212B3E89A113DFDF334D11CE] - [01/09/2022 11:40:25] - |A| - [1658880] - C:\Windows\system32\lsasrv.dll
[MD5.A1CC00332BBF370654EE3DC8CDC8C95A] - [01/09/2022 11:40:39] - |A| - [59456] - C:\Windows\system32\lsass.exe
[MD5.4B8DE1149157F411D068FE486CCA15CD] - [01/09/2022 11:41:51] - |A| - [846848] - C:\Windows\system32\lsm.dll
[MD5.7900F284E2839378CA5FB862D1BF3960] - [01/09/2022 11:40:01] - |A| - [650752] - C:\Windows\system32\Magnify.exe
[MD5.598A7971584ADC125887F813865D246D] - [01/09/2022 11:37:27] - |A| - [215040] - C:\Windows\system32\ManageCI.dll
[MD5.58731E644CC174D39C337919B88DD797] - [01/09/2022 11:39:05] - |A| - [2632192] - C:\Windows\system32\MapGeocoder.dll
[MD5.38B93DD0A29E44F8A8A7F0AD8DF43648] - [01/09/2022 11:42:01] - |A| - [159744] - C:\Windows\system32\mapi32.dll
[MD5.38B93DD0A29E44F8A8A7F0AD8DF43648] - [01/09/2022 11:42:01] - |A| - [159744] - C:\Windows\system32\mapistub.dll
[MD5.478505DD0F822B8DC49AD47D27C14502] - [01/09/2022 11:39:04] - |A| - [3182080] - C:\Windows\system32\MapRouter.dll
[MD5.BC6196DD2C1DE75FAF9397D9097A4652] - [01/09/2022 11:39:07] - |A| - [1201152] - C:\Windows\system32\MbaeApiPublic.dll
[MD5.2E59C2CBEDD2A2170F4C067FA4ECFF58] - [01/09/2022 11:39:43] - |A| - [747008] - C:\Windows\system32\MBMediaManager.dll
[MD5.4BFD587C99FE34EEA0E74622C798B3BE] - [01/09/2022 11:42:07] - |A| - [1164288] - C:\Windows\system32\MBR2GPT.EXE
[MD5.BB7EA093FE2A8ED319204859CC3C05BB] - [01/09/2022 11:44:35] - |A| - [24576] - C:\Windows\system32\McpManagementProxy.dll
[MD5.3CF9322793BD7F2D7234D72327A98BFF] - [01/09/2022 11:44:35] - |A| - [258048] - C:\Windows\system32\McpManagementService.dll
[MD5.44D47A8338E5EE314312F793775CC93F] - [01/09/2022 11:44:04] - |A| - [1094144] - C:\Windows\system32\MCRecvSrc.dll
[MD5.1FEE6B08CBFDA86EDC72B9FFF3DB36EA] - [01/09/2022 11:37:36] - |A| - [155648] - C:\Windows\system32\MDMAgent.exe
[MD5.71E577CD07D21F059253806DE8A9641E] - [01/09/2022 11:44:02] - |A| - [155136] - C:\Windows\system32\MDMAppInstaller.exe
[MD5.FE0C7450DC89F2D872FF34D7671065CF] - [01/09/2022 11:41:04] - |A| - [2146304] - C:\Windows\system32\MdmDiagnostics.dll
[MD5.C24ED186631F05C5619C3FFF5C92209D] - [01/09/2022 11:39:31] - |A| - [52736] - C:\Windows\system32\MdmDiagnosticsTool.exe
[MD5.B63D890B3A351DB919554DCFBCCEFC47] - [01/09/2022 11:41:04] - |A| - [169984] - C:\Windows\system32\mdmmigrator.dll
[MD5.AF416015BB7C0ECCAFAC7A644AECFE83] - [01/09/2022 11:39:31] - |A| - [330752] - C:\Windows\system32\mdmregistration.dll
[MD5.259A83115996DBA489D8C0943ACDCD4C] - [01/09/2022 11:45:58] - |A| - [532008] - C:\Windows\system32\mf.dll
[MD5.5D4EDB80A933F63DEF63AE3E46C0AAB6] - [01/09/2022 11:40:44] - |A| - [64512] - C:\Windows\system32\mf3216.dll
[MD5.05260C0F3C2FAB51D6C5DAE1E93C28FE] - [01/09/2022 11:45:58] - |A| - [1957576] - C:\Windows\system32\mfasfsrcsnk.dll
[MD5.5F4C496DCC4D061C10416FC9ACEC41C4] - [01/09/2022 11:45:59] - |A| - [4799856] - C:\Windows\system32\mfcore.dll
[MD5.2555CA538CFA951B193896509B847730] - [01/09/2022 11:46:03] - |A| - [963264] - C:\Windows\system32\mfds.dll
[MD5.1DAF81E5B5D90FE9AC0F947DD1463A9A] - [01/09/2022 11:46:04] - |A| - [581120] - C:\Windows\system32\mfh264enc.dll
[MD5.B11066D04AAC664FB999BB7C5783A3C0] - [01/09/2022 11:46:02] - |A| - [4305920] - C:\Windows\system32\MFMediaEngine.dll
[MD5.18FE72E56F87E41637E50B882072FC73] - [01/09/2022 11:46:05] - |A| - [100864] - C:\Windows\system32\mfmjpegdec.dll
[MD5.080BBF7A96E762F51E14296E265BF0DB] - [01/09/2022 11:46:03] - |A| - [1250816] - C:\Windows\system32\mfmkvsrcsnk.dll
[MD5.855A26A9D43D553F07E65EBF2980FFAB] - [01/09/2022 11:45:59] - |A| - [2115616] - C:\Windows\system32\mfmp4srcsnk.dll
[MD5.35DC6AEC10C5D8C968C8EE064E656A4A] - [01/09/2022 11:46:03] - |A| - [1353304] - C:\Windows\system32\mfmpeg2srcsnk.dll
[MD5.926B9D431AB74C4693665206F035395D] - [01/09/2022 11:46:00] - |A| - [1819616] - C:\Windows\system32\mfnetsrc.dll
[MD5.5CA197797897C1F2CE319A487370BF78] - [01/09/2022 11:45:59] - |A| - [268056] - C:\Windows\system32\mfps.dll
[MD5.8C1EFC877B65A1B7A16DA5E380405B63] - [01/09/2022 11:44:46] - |A| - [413680] - C:\Windows\system32\mfsensorgroup.dll
[MD5.ECBADB765C5C7C3323E2163FF84A4CB0] - [01/09/2022 11:46:03] - |A| - [1532456] - C:\Windows\system32\mfsvr.dll
[MD5.4A885F6F37A3C47DCE4EB7EA62F49F49] - [01/09/2022 11:44:56] - |A| - [119296] - C:\Windows\system32\mgmtrefreshcredprov.dll
[MD5.9392BA94EFB9ED737221DB2B7736E5E4] - [01/09/2022 11:37:55] - |A| - [188416] - C:\Windows\system32\Microsoft-Windows-Internal-Shell-NearShareExperience.dll
[MD5.58E8B0D5A51183DA6CE2A4FF48DE288D] - [01/09/2022 11:40:24] - |A| - [496464] - C:\Windows\system32\microsoft-windows-system-events.dll
[MD5.453E51EABA49E9054C174AA80F635B97] - [01/09/2022 11:39:32] - |A| - [3769344] - C:\Windows\system32\Microsoft.Bluetooth.Service.dll
[MD5.1E96BF3FC79D1DE67CB92D8B6D5D5C57] - [01/09/2022 11:38:15] - |A| - [551424] - C:\Windows\system32\MicrosoftAccountWAMExtension.dll
[MD5.011031428364E54E2E2DFC47EF80119B] - [01/09/2022 11:44:04] - |A| - [74240] - C:\Windows\system32\MiracastReceiverExt.dll
[MD5.266194E2736B2A7C190BC5DA47EC9A7A] - [01/09/2022 11:44:03] - |A| - [3164488] - C:\Windows\system32\mispace.dll
[MD5.AEDC07787B52536F45303E8A141B6D6E] - [01/09/2022 11:37:28] - |A| - [487936] - C:\Windows\system32\MitigationClient.dll
[MD5.241B6E372C7CB16F5F54AEC634D0C955] - [01/09/2022 11:42:03] - |A| - [86528] - C:\Windows\system32\MitigationConfiguration.dll
[MD5.DA883B5558357CA5FAFA49D105A85375] - [01/09/2022 11:46:14] - |A| - [421888] - C:\Windows\system32\MixedReality.Broker.dll
[MD5.46486277EDD78D83308E16CE27254B5F] - [01/09/2022 11:44:32] - |A| - [1953792] - C:\Windows\system32\mmc.exe
[MD5.DB5C46656E90FF3B509508140A0FE140] - [01/09/2022 11:44:32] - |A| - [186368] - C:\Windows\system32\mmcbase.dll
[MD5.5E2D4B5CCDE584DD884C4429A2409319] - [01/09/2022 11:44:32] - |A| - [2415104] - C:\Windows\system32\mmcndmgr.dll
[MD5.6293F86E320E2B8C85EF8CF244412956] - [01/09/2022 11:44:32] - |A| - [136192] - C:\Windows\system32\mmcshext.dll
[MD5.8123FCED22F5424445BAA833E790ABE8] - [01/09/2022 11:37:31] - |A| - [529416] - C:\Windows\system32\MMDevAPI.dll
[MD5.C05B74F8099FF88FF1FEC697AADA2530] - [01/09/2022 11:40:12] - |A| - [544256] - C:\Windows\system32\mmsys.cpl
[MD5.BEA7464830980BF7C0490307DB4FC875] - [01/09/2022 11:44:05] - |A| - [33280] - C:\Windows\system32\mode.com
[MD5.4BE2D3914A38A55107212E6FE10D84A2] - [01/09/2022 11:38:16] - |A| - [487936] - C:\Windows\system32\modernexecserver.dll
[MD5.929C20D5B38C2B08EE5FD4DA9A05A5CB] - [01/09/2022 11:39:46] - |A| - [1688064] - C:\Windows\system32\MoUsoCoreWorker.exe
[MD5.8B999F92C6E9CA91967C18C23F9BA502] - [01/09/2022 11:46:05] - |A| - [240200] - C:\Windows\system32\MP43DECD.DLL
[MD5.2A5C4BCF87470A0CF8C8D4E49EFFE05F] - [01/09/2022 11:46:04] - |A| - [363128] - C:\Windows\system32\MP4SDECD.DLL
[MD5.C6FB48FBA9E9C29AF829C6F9FA4E854C] - [01/09/2022 11:46:05] - |A| - [240696] - C:\Windows\system32\MPG4DECD.DLL
[MD5.80118FD65755C2EED8775C895A4C2B43] - [01/09/2022 11:40:42] - |A| - [110560] - C:\Windows\system32\mpr.dll
[MD5.54CD312E60461A2E4B8EE946FFECF088] - [01/09/2022 11:41:46] - |A| - [526336] - C:\Windows\system32\mprapi.dll
[MD5.AA6C7B6257F5C9175979A36A29B66BE7] - [01/09/2022 11:41:45] - |A| - [914432] - C:\Windows\system32\mprddm.dll
[MD5.E70B77E333B22F06EC68DFE3E55E5E28] - [01/09/2022 11:41:45] - |A| - [551936] - C:\Windows\system32\mprdim.dll
[MD5.0244E873ECACD316DE98F07F2B845BF0] - [01/09/2022 11:41:46] - |A| - [115200] - C:\Windows\system32\mprmsg.dll
[MD5.3B1BEE8A81742F2512BFCB23294FCDB9] - [01/09/2022 11:39:24] - |A| - [1173504] - C:\Windows\system32\MPSSVC.dll
[MD5.70DE544084543D469CFCC6BE89DF18E6] - [01/09/2022 11:39:20] - |A| - [994272] - C:\Windows\system32\MrmCoreR.dll
[MD5.2B755FEE98EE21E6532F6E41835F9AF8] - [01/09/2022 11:46:04] - |A| - [424272] - C:\Windows\system32\MSAudDecMFT.dll
[MD5.149312751BC1ED648AEBB947CA2E209F] - [01/09/2022 11:40:36] - |A| - [155648] - C:\Windows\system32\msaudite.dll
[MD5.39009536CAFE30C6EF2501FE46C9DF5E] - [01/09/2022 11:44:32] - |A| - [197632] - C:\Windows\system32\msconfig.exe
[MD5.978548F0A2DF3BF00019B87B6D8805FC] - [01/09/2022 11:40:44] - |A| - [1130112] - C:\Windows\system32\msctf.dll
[MD5.3AE6BFDF0257B303EDD695DA183C8462] - [01/09/2022 11:44:47] - |A| - [499200] - C:\Windows\system32\msdt.exe
[MD5.533B560D27B88AAC55068B8C33799B33] - [01/09/2022 11:44:04] - |A| - [882176] - C:\Windows\system32\msdtcprx.dll
[MD5.D47FF95CC778C84E6679C8ACD1755E86] - [01/09/2022 11:44:04] - |A| - [15872] - C:\Windows\system32\msdtcspoffln.dll
[MD5.32574ED88AE4FF6CC87B4155CA76EC24] - [01/09/2022 11:44:05] - |A| - [1618432] - C:\Windows\system32\msdtctm.dll
[MD5.1F81C67634D71607AF40B39CDF271682] - [01/09/2022 11:44:05] - |A| - [329728] - C:\Windows\system32\msdtcuiu.dll
[MD5.9B5D7B7EBA994FFBC019C815A3D85B38] - [01/09/2022 11:48:37] - |A| - [7168] - C:\Windows\system32\msdxm.ocx
[MD5.CE19B6192D3A3C17E52128D87EAADFA5] - [01/09/2022 11:44:17] - |A| - [791552] - C:\Windows\system32\msfeeds.dll
[MD5.8B581423673E4FD9D0F075A3439A4997] - [01/09/2022 11:46:04] - |A| - [463872] - C:\Windows\system32\MSFlacDecoder.dll
[MD5.AD8D5B57063DDA8523C2F653FC8E93E9] - [01/09/2022 11:38:16] - |A| - [3407360] - C:\Windows\system32\msftedit.dll
[MD5.7A13DC045491B106E1A4719A24651188] - [01/09/2022 11:44:22] - |A| - [23448576] - C:\Windows\system32\mshtml.dll
[MD5.3125BF7DFF116DB4DC3C9597A969A008] - [01/09/2022 11:44:22] - |A| - [2755584] - C:\Windows\system32\mshtml.tlb
[MD5.A8BDFF45179AADF927010A1A02CB9CB6] - [01/09/2022 11:44:32] - |A| - [3336192] - C:\Windows\system32\msi.dll
[MD5.605A2773EB23BE4393F1A6938DFB34AF] - [01/09/2022 11:37:55] - |A| - [280064] - C:\Windows\system32\msieftp.dll
[MD5.D44EE076735FC850ECA92787B3E70B54] - [01/09/2022 11:40:44] - |A| - [8192] - C:\Windows\system32\msimg32.dll
[MD5.0F1D708D804827019AF4A71BD9215A17] - [01/09/2022 11:44:33] - |A| - [26112] - C:\Windows\system32\msimsg.dll
[MD5.0AED91DA63713BF9F881B03A604A1C9D] - [01/09/2022 11:44:55] - |A| - [385024] - C:\Windows\system32\msinfo32.exe
[MD5.0447FFC6918AA3B9F02708EC481E0B7A] - [01/09/2022 11:44:33] - |A| - [70656] - C:\Windows\system32\msisip.dll
[MD5.6F6B5EFF66AB230035129B3B4FCB9D5B] - [01/09/2022 11:41:11] - |A| - [333824] - C:\Windows\system32\msIso.dll
[MD5.44BD08248CB6BC3B37134B211C72EF3C] - [01/09/2022 11:38:25] - |A| - [66560] - C:\Windows\system32\mskeyprotect.dll
[MD5.29DDFADA6E0809296DA436B477C52B11] - [01/09/2022 11:46:04] - |A| - [944128] - C:\Windows\system32\MSMPEG2ENC.DLL
[MD5.EEEF5711DB2A0020F23A092AB4CDBF23] - [01/09/2022 11:46:04] - |A| - [2522120] - C:\Windows\system32\msmpeg2vdec.dll
[MD5.8C2B9B5A7365FA1A3E7943C53CD49CD3] - [01/09/2022 11:40:36] - |A| - [63488] - C:\Windows\system32\msobjs.dll
[MD5.DCDA3B7B8EB0BFBCCB54B4D6A6844AD6] - [01/09/2022 11:48:29] - |A| - [592896] - C:\Windows\system32\msra.exe
[MD5.AE91239E0F6757BBFDF73CE35A94383C] - [01/09/2022 11:48:29] - |A| - [137216] - C:\Windows\system32\msrahc.dll
[MD5.757737BE00B229E9F2E17FF665A5DBBB] - [01/09/2022 11:48:29] - |A| - [7680] - C:\Windows\system32\MsraLegacy.tlb
[MD5.C459ACDDDAA2453E572F96C0B1B8CDA5] - [01/09/2022 11:38:59] - |A| - [66048] - C:\Windows\system32\msscntrs.dll
[MD5.660925D2BD83F4EDE61E0F00D8BEE64A] - [01/09/2022 11:38:59] - |A| - [131072] - C:\Windows\system32\mssitlb.dll
[MD5.72BD7C0A4EB09B3E685E27F221C02C08] - [01/09/2022 11:39:00] - |A| - [214528] - C:\Windows\system32\mssph.dll
[MD5.74F8774A2EA40AC0EB0C0E430949FE58] - [01/09/2022 11:39:00] - |A| - [145408] - C:\Windows\system32\mssprxy.dll
[MD5.FBA0F7F41179E7964E0A3E16F6A2B848] - [01/09/2022 11:39:00] - |A| - [2975232] - C:\Windows\system32\mssrch.dll
[MD5.CB662DC83CAC323E6025E6C748380D4A] - [01/09/2022 11:39:00] - |A| - [381952] - C:\Windows\system32\mssvp.dll
[MD5.4988A6CC3CAB9C16C0ADE8003208F4F8] - [01/09/2022 11:44:50] - |A| - [1543680] - C:\Windows\system32\mstsc.exe
[MD5.45A04A34CADA0F4F5F3BE8C79128D8C7] - [01/09/2022 11:44:49] - |A| - [8251904] - C:\Windows\system32\mstscax.dll
[MD5.E3D3831F0A87DF322C7613E75629D9C9] - [01/09/2022 11:40:23] - |A| - [543576] - C:\Windows\system32\msv1_0.dll
[MD5.04646934ECBD50D88F87909C7DFAFDB0] - [01/09/2022 11:46:02] - |A| - [1440504] - C:\Windows\system32\msvproc.dll
[MD5.AE8CADE3708E064FF670A24881F9A87C] - [01/09/2022 11:44:05] - |A| - [434176] - C:\Windows\system32\mtxclu.dll
[MD5.0324A3345B966E6DBEB21A871A8A3972] - [01/09/2022 11:39:48] - |A| - [169472] - C:\Windows\system32\musdialoghandlers.dll
[MD5.4983B9BBDE18B7B9E613E4033BEE2379] - [01/09/2022 11:39:47] - |A| - [692736] - C:\Windows\system32\MusNotification.exe
[MD5.C9E58F124B44D428139B2C45D69285A5] - [01/09/2022 11:39:47] - |A| - [630784] - C:\Windows\system32\MusNotificationUx.exe
[MD5.291760926D8A3F1316EA578F366D5555] - [01/09/2022 11:39:47] - |A| - [645640] - C:\Windows\system32\MusNotifyIcon.exe
[MD5.172CE4329D71D4A6A13606ECF874C0EE] - [01/09/2022 11:39:47] - |A| - [1162752] - C:\Windows\system32\MusUpdateHandlers.dll
[MD5.9CC607630F19847E887D4846D8AF9BEC] - [01/09/2022 11:39:25] - |A| - [382464] - C:\Windows\system32\ncbservice.dll
[MD5.138018AD3F626E3B51FDBBBC31FCCF86] - [01/09/2022 11:37:50] - |A| - [75264] - C:\Windows\system32\ncobjapi.dll
[MD5.95246E71CB2766C1FE52FAEDD656B4C0] - [01/09/2022 11:40:23] - |A| - [354816] - C:\Windows\system32\ncryptprov.dll
[MD5.5F1B86875F20FF00A77A4CFDF2F95E11] - [01/09/2022 11:41:30] - |A| - [529920] - C:\Windows\system32\ncsi.dll
[MD5.41E2DFD081CEBBBFDC834D27137CF524] - [01/09/2022 11:41:39] - |A| - [69632] - C:\Windows\system32\ndadmin.exe
[MD5.F2694E6563EB36FF1C162C3F3D9F5595] - [01/09/2022 11:38:25] - |A| - [119296] - C:\Windows\system32\negoexts.dll
[MD5.55693DF2BB3CBE2899DFDDF18B4EB8C9] - [01/09/2022 11:44:02] - |A| - [183808] - C:\Windows\system32\net1.exe
[MD5.EA99DD3365754F6BADDC06C53435DD6A] - [01/09/2022 11:39:34] - |A| - [94072] - C:\Windows\system32\netapi32.dll
[MD5.0D9D85BFF954CE33F16911162A33135B] - [01/09/2022 11:41:27] - |A| - [181760] - C:\Windows\system32\netid.dll
[MD5.AFAC39019B50D06746E342E8474E0921] - [01/09/2022 11:41:28] - |A| - [179200] - C:\Windows\system32\netjoin.dll
[MD5.926D9095B825D1EA44B874CB1C65BF79] - [01/09/2022 11:40:42] - |A| - [884736] - C:\Windows\system32\netlogon.dll
[MD5.BAEB467E6F9153DA94154737DC84BCC4] - [01/09/2022 11:40:20] - |A| - [2560] - C:\Windows\system32\netmsg.dll
[MD5.D6B8250906489E0516C2909879EF38F4] - [01/09/2022 11:42:00] - |A| - [319488] - C:\Windows\system32\netplwiz.dll
[MD5.20FC2B0CC00B738AED1A98E12A62AAC1] - [01/09/2022 11:41:29] - |A| - [878080] - C:\Windows\system32\netprofmsvc.dll
[MD5.0B69E2573978C5F2ED3B15D581D94F7A] - [01/09/2022 11:41:28] - |A| - [68096] - C:\Windows\system32\netprovfw.dll
[MD5.3E080956CC2A9060350FA4A0DD711ACF] - [01/09/2022 11:40:42] - |A| - [329216] - C:\Windows\system32\NetSetupSvc.dll
[MD5.CD8EE04E6B131D37E764CD92060482C6] - [01/09/2022 11:41:29] - |A| - [568832] - C:\Windows\system32\netshell.dll
[MD5.F8D13A8DCAECC522C3B991CC7A00BFF5] - [01/09/2022 11:44:48] - |A| - [104448] - C:\Windows\system32\nettraceex.dll
[MD5.782D30567F9B5C5C6E37F282FF29CA41] - [01/09/2022 11:39:45] - |A| - [3143168] - C:\Windows\system32\NetworkMobileSettings.dll
[MD5.45CE03ADF28FFF23862779492C962AA4] - [01/09/2022 11:41:38] - |A| - [318464] - C:\Windows\system32\newdev.dll
[MD5.47183ED3CEBE5BCFE46FE37D42502390] - [01/09/2022 11:41:39] - |A| - [72192] - C:\Windows\system32\newdev.exe
[MD5.7C41701857377A57500328FC1F3CCD3A] - [01/09/2022 11:37:47] - |A| - [107008] - C:\Windows\system32\NFCProvisioningPlugin.dll
[MD5.1ED4F3E1A8E9255441388647A8D257F9] - [01/09/2022 11:38:28] - |A| - [664064] - C:\Windows\system32\ngccredprov.dll
[MD5.6069DEE164E07E9AD3282F31B2476CE6] - [01/09/2022 11:38:28] - |A| - [543744] - C:\Windows\system32\NgcCtnr.dll
[MD5.A7191145E8AF90DE2F58342A063416CD] - [01/09/2022 11:40:45] - |A| - [460800] - C:\Windows\system32\NgcCtnrGidsHandler.dll
[MD5.9FEBF6D3CEE2C984D87E144854DF989E] - [01/09/2022 11:38:28] - |A| - [771072] - C:\Windows\system32\NgcCtnrSvc.dll
[MD5.99548DAC5C7B32532B04CB714557CE88] - [01/09/2022 11:43:54] - |A| - [670208] - C:\Windows\system32\NgcIsoCtnr.dll
[MD5.FBA0205E8E0CFE312D424BB9F6F664C4] - [01/09/2022 11:38:28] - |A| - [204288] - C:\Windows\system32\ngckeyenum.dll
[MD5.1423DDBD639A9EF09CDF0F816E7A441D] - [01/09/2022 11:41:02] - |A| - [74752] - C:\Windows\system32\ngclocal.dll
[MD5.F76C669444BA7D3A874794DD6AAC1636] - [01/09/2022 11:38:29] - |A| - [250880] - C:\Windows\system32\ngcpopkeysrv.dll
[MD5.545B9179B8A7006BAF24E57377913769] - [01/09/2022 11:38:28] - |A| - [170496] - C:\Windows\system32\NgcProCsp.dll
[MD5.256C6D9F2E536B7092E39F13E6769F20] - [01/09/2022 11:38:29] - |A| - [264192] - C:\Windows\system32\ngcrecovery.dll
[MD5.979910115C717566A3FA84687E852943] - [01/09/2022 11:38:28] - |A| - [927744] - C:\Windows\system32\ngcsvc.dll
[MD5.26565771305349EF983E18B28089AB7D] - [01/09/2022 11:42:03] - |A| - [256512] - C:\Windows\system32\ngctasks.dll
[MD5.CE312D122D84520C6520A015B7709F7C] - [01/09/2022 11:41:30] - |A| - [97280] - C:\Windows\system32\nlaapi.dll
[MD5.EDB7CF6CBECE6558E23159E68E690B71] - [01/09/2022 11:41:30] - |A| - [388608] - C:\Windows\system32\nlasvc.dll
[MD5.5B44455D42EB3CA68972B61A114956DB] - [01/09/2022 11:44:45] - |A| - [545280] - C:\Windows\system32\nltest.exe
[MD5.27F71B12CB585541885A31BE22F61C83] - [01/09/2022 11:47:45] - |A| - [201216] - C:\Windows\system32\notepad.exe
[MD5.9F560023652AF7646639EF1D19F1A0F4] - [01/09/2022 11:39:55] - |A| - [1223168] - C:\Windows\system32\NotificationController.dll
[MD5.34B0ED459ECD1FD1BE104C52B4A8029A] - [01/09/2022 11:39:55] - |A| - [380416] - C:\Windows\system32\NotificationControllerPS.dll
[MD5.FC48683D1539FB5D71B133657D4C6D58] - [01/09/2022 11:44:33] - |A| - [793088] - C:\Windows\system32\nshwfp.dll
[MD5.D7A09DAAC7837FD98561E1272035577B] - [01/09/2022 11:40:36] - |A| - [2028456] - C:\Windows\system32\ntdll.dll
[MD5.63FD0F7B41E16F0A370443ADD3BFEF62] - [01/09/2022 11:40:45] - |A| - [108032] - C:\Windows\system32\ntlanman.dll
[MD5.2136A27E4F8B4DDF74DB9DDB8E21A75E] - [01/09/2022 11:40:23] - |A| - [70296] - C:\Windows\system32\NtlmShared.dll
[MD5.17C2576F690786C4667732DA3301B586] - [01/09/2022 11:40:37] - |A| - [10849104] - C:\Windows\system32\ntoskrnl.exe
[MD5.10C1085BFC1DDB1F857646484E425096] - [01/09/2022 11:41:44] - |A| - [379904] - C:\Windows\system32\ntprint.dll
[MD5.25832E142FCAF637F5F9F191E31BA735] - [01/09/2022 11:41:44] - |A| - [64000] - C:\Windows\system32\ntprint.exe
[MD5.E3551BB2E540B1A9F942DD2F56784562] - [01/09/2022 11:40:48] - |A| - [489984] - C:\Windows\system32\ntshrui.dll
[MD5.33C7B0322C9A0ADBD56CCA2AACC3233A] - [01/09/2022 11:40:16] - |A| - [202240] - C:\Windows\system32\ocsetapi.dll
[MD5.9DFCDD432B43EC090E05F993EDD090F1] - [01/09/2022 11:44:31] - |A| - [724992] - C:\Windows\system32\odbc32.dll
[MD5.F7B6042D75C20D6EFAB9EA40379478B7] - [01/09/2022 11:38:26] - |A| - [134496] - C:\Windows\system32\oemlicense.dll
[MD5.221CA7D9E5CFEFED80912E7F13939EA6] - [01/09/2022 11:40:25] - |A| - [136040] - C:\Windows\system32\offlinelsa.dll
[MD5.A65117756BE3DACB40202A3DCD5F57EB] - [01/09/2022 11:40:22] - |A| - [272720] - C:\Windows\system32\offlinesam.dll
[MD5.A013736D2734D8AC359C796B6FD8EC45] - [01/09/2022 11:44:44] - |A| - [88576] - C:\Windows\system32\offreg.dll
[MD5.7D78ADDFCB5040857FE4576A9F4AE8FB] - [01/09/2022 11:40:17] - |A| - [1214264] - C:\Windows\system32\ole32.dll
[MD5.EB28588A79F2B69B84BFE5E956C3C9CC] - [01/09/2022 11:37:36] - |A| - [211456] - C:\Windows\system32\OmaDmAgent.dll
[MD5.C3EBA38231853B0ADC10A0649A285180] - [01/09/2022 11:41:03] - |A| - [215920] - C:\Windows\system32\omadmapi.dll
[MD5.F79A9A3B2129957020DAEB55F9AFD210] - [01/09/2022 11:41:04] - |A| - [432128] - C:\Windows\system32\omadmclient.exe
[MD5.2352D547E852E029E7A50E015C635CA8] - [01/09/2022 11:37:27] - |A| - [493568] - C:\Windows\system32\OneCoreCommonProxyStub.dll
[MD5.1D4C46A92EF94B18A3BD2A974F650FAF] - [01/09/2022 11:38:23] - |A| - [8230392] - C:\Windows\system32\OneCoreUAPCommonProxyStub.dll
[MD5.E26DD8E35E53015F71DFB2285DC9C192] - [01/09/2022 11:40:47] - |A| - [709632] - C:\Windows\system32\OneDriveSettingSyncProvider.dll
[MD5.78CBC49D11234B7E2CCF201D79855E18] - [01/09/2022 11:40:26] - |A| - [182784] - C:\Windows\system32\OneSettingsClient.dll
[MD5.18E0E4D12942671B87343CF03D73998F] - [01/09/2022 11:41:43] - |A| - [2191360] - C:\Windows\system32\OpcServices.dll
[MD5.1105078D8C66FDEC10A644FA522C0BE5] - [01/09/2022 11:44:34] - |A| - [1068032] - C:\Windows\system32\opengl32.dll
[MD5.EAC5988AC331CA82F46BABE6363F9A81] - [01/09/2022 11:44:55] - |A| - [439808] - C:\Windows\system32\p2psvc.dll
[MD5.1B6136D8977EDC037610FFF204AB65C6] - [01/09/2022 11:40:24] - |A| - [12288] - C:\Windows\system32\pacjsworker.exe
[MD5.089B7DCB5E8502BA0CDA6D9E086B2BC6] - [01/09/2022 11:38:16] - |A| - [66048] - C:\Windows\system32\PackageStateChangeHandler.dll
[MD5.03AA75056914DE58AF468F1B085FC982] - [01/09/2022 11:39:55] - |A| - [269312] - C:\Windows\system32\PasswordEnrollmentManager.dll
[MD5.35D7C95B762B779EE552CEBFC1E3DE2B] - [01/09/2022 11:43:53] - |A| - [973312] - C:\Windows\system32\PayloadRestrictions.dll
[MD5.36D0165849FD3CA11C2BD281EE4D7C29] - [01/09/2022 11:40:03] - |A| - [67072] - C:\Windows\system32\pcadm.dll
[MD5.76F46D829CFA488EAFD95867313DE9CC] - [01/09/2022 11:40:03] - |A| - [12800] - C:\Windows\system32\pcaevts.dll
[MD5.5F7CDE105E9679FF88B3B6A3DCD129DB] - [01/09/2022 11:40:03] - |A| - [53760] - C:\Windows\system32\pcalua.exe
[MD5.34B4E3B3E24177A942060608162F2F9F] - [01/09/2022 11:40:02] - |A| - [876344] - C:\Windows\system32\pcasvc.dll
[MD5.48B6039D533D848619B81A23F0EDFFE2] - [01/09/2022 11:37:52] - |A| - [1149744] - C:\Windows\system32\PCPKsp.dll
[MD5.446132C1607575C71B1A78555F0E5838] - [01/09/2022 11:39:50] - |A| - [57344] - C:\Windows\system32\PCShellCommonProxyStub.dll
[MD5.CA01951C3320758133D16E542FD6AFC0] - [01/09/2022 11:44:48] - |A| - [16384] - C:\Windows\system32\pcwrun.exe
[MD5.9B034C127AFAA1FDAC83228FA26C5995] - [01/09/2022 11:44:48] - |A| - [138240] - C:\Windows\system32\pcwutl.dll
[MD5.6AFC5282C1F31AD2FE2A6DB1210CFA02] - [01/09/2022 11:41:05] - |A| - [283648] - C:\Windows\system32\pdh.dll
[MD5.B4C6A5060D1F2853E9017A5FDE706C13] - [01/09/2022 11:39:50] - |A| - [226304] - C:\Windows\system32\PeopleBand.dll
[MD5.C17BBBB7048021756C2E6862987EAD30] - [01/09/2022 11:44:50] - |A| - [82944] - C:\Windows\system32\perfts.dll
[MD5.B7329E4A5F0FF0F9E660B36446A35983] - [01/09/2022 11:39:09] - |A| - [465920] - C:\Windows\system32\PhoneOm.dll
[MD5.9674584DFA425657C562C3C2BDF6ACCA] - [01/09/2022 11:37:29] - |A| - [964096] - C:\Windows\system32\PhoneService.dll
[MD5.7E3D09D1B036E59FC3932A44E210505A] - [01/09/2022 11:37:29] - |A| - [2560] - C:\Windows\system32\PhoneServiceRes.dll
[MD5.15DA8BEAAA98D96CF73B77F1627D24F1] - [01/09/2022 11:45:44] - |A| - [581120] - C:\Windows\system32\PhotoScreensaver.scr
[MD5.26685C6F474D09F2DEF63FF459EB0AF1] - [01/09/2022 11:38:16] - |A| - [128056] - C:\Windows\system32\PickerHost.exe
[MD5.5EBA179619E31D4DA138A98370C0DB4C] - [01/09/2022 11:39:43] - |A| - [389120] - C:\Windows\system32\PickerPlatform.dll
[MD5.6F6A74D46BA225261488DBDF32CAA69B] - [01/09/2022 11:40:52] - |A| - [1088872] - C:\Windows\system32\pidgenx.dll
[MD5.BF22C802EE5AF15C9136877146CBBA4B] - [01/09/2022 11:39:17] - |A| - [196096] - C:\Windows\system32\PimIndexMaintenance.dll
[MD5.238434FBE07D0531D82E432D2D586451] - [01/09/2022 11:37:38] - |A| - [191488] - C:\Windows\system32\PinEnrollmentHelper.dll
[MD5.9341CC3A529E5C74C8D790717B7CE0CA] - [01/09/2022 11:37:58] - |A| - [861496] - C:\Windows\system32\pkeyhelper.dll
[MD5.6127AA63D8A517953F34CCE4C43A2DC1] - [01/09/2022 11:42:04] - |A| - [250368] - C:\Windows\system32\PkgMgr.exe
[MD5.478018D0678600FA89BD62E1818412A4] - [01/09/2022 11:44:48] - |A| - [681272] - C:\Windows\system32\PktMon.exe
[MD5.83FCD6323DEF6C154FE115945BB18098] - [01/09/2022 11:44:48] - |A| - [41472] - C:\Windows\system32\PktMonApi.dll
[MD5.D92712FF31A2D03F33B376823A608B4E] - [01/09/2022 11:42:03] - |A| - [292864] - C:\Windows\system32\pku2u.dll
[MD5.C2AF5D349BAC0776BF279FE96E53B210] - [01/09/2022 11:44:04] - |A| - [614400] - C:\Windows\system32\PlayToManager.dll
[MD5.CA655221FB4E26A6BD2FD79D38C542C6] - [01/09/2022 11:41:27] - |A| - [2177024] - C:\Windows\system32\pnidui.dll
[MD5.19AF4D77806E8A290DD8F0D97F353461] - [01/09/2022 11:41:38] - |A| - [63488] - C:\Windows\system32\pnppolicy.dll
[MD5.DE03AC6962C0655E6F769F881295DE3F] - [01/09/2022 11:41:39] - |A| - [301568] - C:\Windows\system32\pnputil.exe
[MD5.BCD77D0E06A6E2EBB22B3106E2AB67A3] - [01/09/2022 11:41:03] - |A| - [649232] - C:\Windows\system32\policymanager.dll
[MD5.2D77E61E63036CA7ECFF946B32981E08] - [01/09/2022 11:39:31] - |A| - [290304] - C:\Windows\system32\policymanagerprecheck.dll
[MD5.95453885DE649714730982851C9A1A5A] - [01/09/2022 11:41:06] - |A| - [354304] - C:\Windows\system32\polstore.dll
[MD5.AAB132A3DFD8F2D8E72E598C100F1E81] - [01/09/2022 10:55:10] - |A| - [497664] - C:\Windows\system32\poqexec.exe
[MD5.310FC41439BCA3B28DB522AD24F200C8] - [01/09/2022 11:46:07] - |A| - [159232] - C:\Windows\system32\PortableDeviceWiaCompat.dll
[MD5.49423F8B294D0EF58A1B86405B4ADEF3] - [01/09/2022 11:41:04] - |A| - [70656] - C:\Windows\system32\prauthproviders.dll
[MD5.49D25B46BB713E88FD0CB25543CBB606] - [01/09/2022 11:44:05] - |A| - [17408] - C:\Windows\system32\print.exe
[MD5.F0914B67458CA8F1182389C697F9B76F] - [01/09/2022 11:41:41] - |A| - [380928] - C:\Windows\system32\Print.PrintSupport.Source.dll
[MD5.07EEDB5609613F9A5DFE07A0D05999F9] - [01/09/2022 11:41:40] - |A| - [93184] - C:\Windows\system32\Print.Workflow.Source.dll
[MD5.D97486249B5EAA7CBCC8EC4B18002F8D] - [01/09/2022 11:37:40] - |A| - [86528] - C:\Windows\system32\PrinterCleanupTask.dll
[MD5.F23B8CFCF3BF551B3CBE6A91DA25A390] - [01/09/2022 11:37:40] - |A| - [92672] - C:\Windows\system32\printfilterpipelineprxy.dll
[MD5.138944970E8008726C9539180AF2EE71] - [01/09/2022 11:37:40] - |A| - [744448] - C:\Windows\system32\printfilterpipelinesvc.exe
[MD5.6770F8087D1E082ACFCF610CD078CDC6] - [01/09/2022 11:37:39] - |A| - [77312] - C:\Windows\system32\PrintIsolationHost.exe
[MD5.B805BD10DD71193C560C3551C5387163] - [01/09/2022 11:37:39] - |A| - [97280] - C:\Windows\system32\PrintIsolationProxy.dll
[MD5.24A06E1E158D1B090C8124AC7844C853] - [01/09/2022 11:41:42] - |A| - [73216] - C:\Windows\system32\PrintPlatformConfig.dll
[MD5.B6A23785DCEEA13673D3B503F38F6198] - [01/09/2022 11:41:43] - |A| - [752128] - C:\Windows\system32\PrintRenderAPIHost.DLL
[MD5.AF80656F82093397635886D014FD2C1C] - [01/09/2022 11:41:43] - |A| - [61952] - C:\Windows\system32\printticketvalidation.dll
[MD5.39E595BD7E4E9AFDB4BCD27EB7B3CA8F] - [01/09/2022 11:41:44] - |A| - [757760] - C:\Windows\system32\printui.dll
[MD5.2FC3530F3E05667F8240FC77F7486E7E] - [01/09/2022 11:41:44] - |A| - [64000] - C:\Windows\system32\printui.exe
[MD5.FD2B0B7A3121D240874288D66409151C] - [01/09/2022 11:41:40] - |A| - [463360] - C:\Windows\system32\PrintWorkflowService.dll
[MD5.A6FBDFB1ED45EBCA555D5F6078B7622D] - [01/09/2022 11:44:42] - |A| - [145920] - C:\Windows\system32\PrintWSDAHost.dll
[MD5.6CDB8306E79F0E0FDB68B1E0134F0871] - [01/09/2022 11:41:41] - |A| - [183808] - C:\Windows\system32\prncache.dll
[MD5.18FFF5AD0D5FD47689BF86B193761127] - [01/09/2022 11:41:44] - |A| - [239104] - C:\Windows\system32\prnfldr.dll
[MD5.BF65772C3DBABA016829FFDC30692425] - [01/09/2022 11:41:44] - |A| - [294400] - C:\Windows\system32\prnntfy.dll
[MD5.3F3FC7DBBD583D9E8A2B153E8F008C78] - [01/09/2022 11:41:40] - |A| - [190464] - C:\Windows\system32\prntvpt.dll
[MD5.A651E5D98FA658BDB637019428FA26C8] - [01/09/2022 11:39:48] - |A| - [37888] - C:\Windows\system32\ProductEnumerator.dll
[MD5.CF1F2A8511D0786CD100A708C4B709FA] - [01/09/2022 11:39:22] - |A| - [160120] - C:\Windows\system32\profext.dll
[MD5.D026E30C18C752C5C9F16264C324A5D0] - [01/09/2022 11:40:23] - |A| - [486400] - C:\Windows\system32\profsvc.dll
[MD5.48C40F29E7A9356B64BC70506EAA5999] - [01/09/2022 11:41:09] - |A| - [181760] - C:\Windows\system32\profsvcext.dll
[MD5.96B558215F1DA4374E31EF45B235902A] - [01/09/2022 11:39:21] - |A| - [1004104] - C:\Windows\system32\propsys.dll
[MD5.73A9DB35423EC62F017158089F9B676D] - [01/09/2022 11:37:48] - |A| - [99840] - C:\Windows\system32\provdatastore.dll
[MD5.B08901AF3F4AFBB677377422F98DA7FA] - [01/09/2022 11:37:48] - |A| - [382464] - C:\Windows\system32\provengine.dll
[MD5.F17E74A105AD9D49452251C7E3C30D55] - [01/09/2022 11:37:48] - |A| - [279040] - C:\Windows\system32\provhandlers.dll
[MD5.02F34D987C3DBED604D5738F5C8C3569] - [01/09/2022 11:44:56] - |A| - [78336] - C:\Windows\system32\provisioningcommandscsp.dll
[MD5.01D8C6092E9FBC3BC045065422EBC479] - [01/09/2022 11:37:48] - |A| - [261632] - C:\Windows\system32\provisioningcsp.dll
[MD5.26892B4CFF344533D2DF58E5764E23BA] - [01/09/2022 11:45:02] - |A| - [62976] - C:\Windows\system32\provlaunch.exe
[MD5.5F5995C9B668653B4FD9195CD6370AA8] - [01/09/2022 11:45:02] - |A| - [110592] - C:\Windows\system32\provmigrate.dll
[MD5.0AE62A60A4763EB0A7C75BC058A23DE2] - [01/09/2022 11:37:48] - |A| - [295424] - C:\Windows\system32\provops.dll
[MD5.1037472FA5476D5F7DCD3462516837E0] - [01/09/2022 11:44:56] - |A| - [416256] - C:\Windows\system32\provplatformdesktop.dll
[MD5.2ABDDD7D634656662A13002631CFFC65] - [01/09/2022 11:37:48] - |A| - [93696] - C:\Windows\system32\ProvPluginEng.dll
[MD5.D92A63D5D5DB613DDB5F615D16650626] - [01/09/2022 11:45:03] - |A| - [486912] - C:\Windows\system32\provsvc.dll
[MD5.A3F16DFE0D27A9ABC5EA7DB446D023DC] - [01/09/2022 11:37:47] - |A| - [87040] - C:\Windows\system32\provtool.exe
[MD5.CC9360A685DDAD6D4FB4DACC9789EBE1] - [01/09/2022 11:39:27] - |A| - [763392] - C:\Windows\system32\PsmServiceExtHost.dll
[MD5.7F9CFFB2F6D51FD71AF9FAC75DD5DD8D] - [01/09/2022 11:37:53] - |A| - [217088] - C:\Windows\system32\ptpprov.dll
[MD5.342A6C69A9EF0C2F65008DB588FCC4E5] - [01/09/2022 11:41:44] - |A| - [204800] - C:\Windows\system32\puiapi.dll
[MD5.C1CADC76DDE324CC58C167F49816A3F5] - [01/09/2022 11:41:44] - |A| - [462848] - C:\Windows\system32\puiobj.dll
[MD5.C1F787876FD293226ED816E2DC21E080] - [01/09/2022 11:39:10] - |A| - [333824] - C:\Windows\system32\PushToInstall.dll
[MD5.3BDAEF58FB1CE7B0A4580E59BD7D6911] - [01/09/2022 11:38:22] - |A| - [1481216] - C:\Windows\system32\qmgr.dll
[MD5.6C7C0EB46E02EDC0D20E2658DB7BF6DC] - [01/09/2022 10:54:54] - |A| - [483664] - C:\Windows\system32\QualityUpdateAssistant.dll
[MD5.A1D7412004065CE9DED0D7003013ED79] - [01/09/2022 11:39:55] - |A| - [367616] - C:\Windows\system32\QuickActionsDataModel.dll
[MD5.121EC2BF4DAE2A0F06BD9CB50D81C501] - [01/09/2022 11:47:45] - |A| - [672256] - C:\Windows\system32\quickassist.exe
[MD5.D9EFE0BAE3F762FE1EA1359602A93C5C] - [01/09/2022 11:39:55] - |A| - [495616] - C:\Windows\system32\QuietHours.dll
[MD5.F7918495DF1CA8168C76AC44B44DBCEE] - [01/09/2022 11:41:29] - |A| - [287232] - C:\Windows\system32\qwave.dll
[MD5.CAB457EA2ECC29F0E884F3AB2E23EF4E] - [01/09/2022 11:48:29] - |A| - [133632] - C:\Windows\system32\racpldlg.dll
[MD5.7EF6E88D288D4EE33C8685F422F609D1] - [01/09/2022 11:41:46] - |A| - [1016320] - C:\Windows\system32\rasapi32.dll
[MD5.E1FA36A3C0BEE409AD0196DC2456DCDB] - [01/09/2022 11:41:44] - |A| - [161792] - C:\Windows\system32\raschap.dll
[MD5.90E61A451D6011CB7BBB6CAACE966E6A] - [01/09/2022 11:41:47] - |A| - [506880] - C:\Windows\system32\rascustom.dll
[MD5.63E72A854C787371CB26590269C1E93E] - [01/09/2022 11:41:45] - |A| - [20992] - C:\Windows\system32\rasdial.exe
[MD5.D1841C6EE4EA45794CED131D4B68B60E] - [01/09/2022 11:48:29] - |A| - [135168] - C:\Windows\system32\raserver.exe
[MD5.FBBC12575848CEC6333B7325BB2BE7BC] - [01/09/2022 11:41:47] - |A| - [188928] - C:\Windows\system32\rasman.dll
[MD5.8965983F683F94BCC59C71A0FBA5A39A] - [01/09/2022 11:41:47] - |A| - [1055744] - C:\Windows\system32\rasmans.dll
[MD5.2CD0700C4A8EC7B48CC4E80A7E7F3797] - [01/09/2022 11:39:43] - |A| - [382976] - C:\Windows\system32\RasMediaManager.dll
[MD5.E7CD615613875EA223AB051B0DAA62AE] - [01/09/2022 11:41:45] - |A| - [360960] - C:\Windows\system32\rasmontr.dll
[MD5.5174813F9F3E623835046EF3288AEEC7] - [01/09/2022 11:48:27] - |A| - [329216] - C:\Windows\system32\rasppp.dll
[MD5.B5A18E38047E74BB72F7840A62E6844F] - [01/09/2022 11:41:47] - |A| - [253952] - C:\Windows\system32\rastapi.dll
[MD5.D147955622CC4653FFD20BA6B93EABB2] - [01/09/2022 11:41:45] - |A| - [396800] - C:\Windows\system32\rastls.dll
[MD5.3CC8E5BE7EDCBDD0F85A24214A187139] - [01/09/2022 11:41:46] - |A| - [233472] - C:\Windows\system32\rastlsext.dll
[MD5.EEBA3CF7975AACFB7E94E15EF19637FA] - [01/09/2022 11:39:28] - |A| - [1488720] - C:\Windows\system32\rdpbase.dll
[MD5.6FFE9134F2A12C4FA04B579F30035C0E] - [01/09/2022 11:44:45] - |A| - [1287680] - C:\Windows\system32\rdpcore.dll
[MD5.13FF5F80E9BD86B513133A8184B44989] - [01/09/2022 11:44:44] - |A| - [1639936] - C:\Windows\system32\rdpcorets.dll
[MD5.7852D37790807E55BD71A65183E0F1ED] - [01/09/2022 11:44:44] - |A| - [2371072] - C:\Windows\system32\rdpnano.dll
[MD5.F12CE400045F9826AD478454A962DDEC] - [01/09/2022 11:39:29] - |A| - [1856360] - C:\Windows\system32\rdpserverbase.dll
[MD5.A243B6962102D4E21BD0BEFD62C0375B] - [01/09/2022 11:39:08] - |A| - [1516032] - C:\Windows\system32\rdpsharercom.dll
[MD5.500BE758652EC51BB271974FF793A5C0] - [01/09/2022 11:44:44] - |A| - [98136] - C:\Windows\system32\rdpudd.dll
[MD5.B04CDEC85CED161361E561AC46C183B0] - [01/09/2022 11:44:51] - |A| - [228864] - C:\Windows\system32\rdsdwmdr.dll
[MD5.1B03DF884811CD1F73DBD292CB792F75] - [01/09/2022 11:45:03] - |A| - [417792] - C:\Windows\system32\RDXTaskFactory.dll
[MD5.B9B3DC6F2EB89E41FF27400952602C74] - [01/09/2022 11:44:13] - |A| - [932864] - C:\Windows\system32\RecoveryDrive.exe
[MD5.C4636DFA42440BE31DDB67B2835A6B77] - [01/09/2022 11:40:14] - |A| - [1028608] - C:\Windows\system32\refsutil.exe
[MD5.C879748EE73AE7E4EA1E9894EC454C6D] - [01/09/2022 11:41:51] - |A| - [219136] - C:\Windows\system32\regapi.dll
[MD5.A24EFFD38DDC2FFAB4F0592CA2CC585E] - [01/09/2022 11:41:06] - |A| - [122880] - C:\Windows\system32\rekeywiz.exe
[MD5.F445286ECB5A74AAF2C103D05879F1C1] - [01/09/2022 11:44:35] - |A| - [53760] - C:\Windows\system32\relog.exe
[MD5.DE6BE08AC2F803E72725219B50F5B579] - [01/09/2022 11:37:31] - |A| - [91976] - C:\Windows\system32\remoteaudioendpoint.dll
[MD5.D2F7DADC4C51DD561C22F9CB3990BA00] - [01/09/2022 11:37:48] - |A| - [68608] - C:\Windows\system32\RemovableMediaProvisioningPlugin.dll
[MD5.39870CDCF6DC77F9F6889146499DE476] - [01/09/2022 11:48:29] - |A| - [6656] - C:\Windows\system32\rendezvousSession.tlb
[MD5.685E423981111DF5DD45A254DD1A9007] - [01/09/2022 11:44:05] - |A| - [22528] - C:\Windows\system32\replace.exe
[MD5.377E55764D3E311EC23D52CA6ADC0507] - [01/09/2022 11:44:44] - |A| - [1257472] - C:\Windows\system32\reseteng.dll
[MD5.93D3E54FAF69440D2CC3D520C8FA1EA2] - [01/09/2022 11:44:43] - |A| - [2430832] - C:\Windows\system32\ResetEngine.dll
[MD5.829B0013DC3949FFC4CDFCE0E7F805C7] - [01/09/2022 11:44:44] - |A| - [21360] - C:\Windows\system32\ResetEngine.exe
[MD5.3125D71F31636D41843AD1090F5CC5A8] - [01/09/2022 11:44:43] - |A| - [192512] - C:\Windows\system32\ResetEngOnline.dll
[MD5.D923648AEFD0FAA6D436218A4F12318F] - [01/09/2022 11:43:57] - |A| - [615424] - C:\Windows\system32\resutils.dll
[MD5.9D940C1331A6B94E6237E6A283373F8F] - [01/09/2022 11:37:36] - |A| - [142336] - C:\Windows\system32\RjvMDMConfig.dll
[MD5.D127DA4689927D8F7934B0F9CBF8EE66] - [01/09/2022 11:37:49] - |A| - [579584] - C:\Windows\system32\RMActivate.exe
[MD5.07107862093B0FD41C79AB23F7FCC44F] - [01/09/2022 11:37:49] - |A| - [607744] - C:\Windows\system32\RMActivate_isv.exe
[MD5.BD0286D43F3BBE29B80A69383AE998CF] - [01/09/2022 11:37:49] - |A| - [501760] - C:\Windows\system32\RMActivate_ssp.exe
[MD5.DA42CED400B7D2121E76655B4CB3D95E] - [01/09/2022 11:38:20] - |A| - [104960] - C:\Windows\system32\RMSRoamingSecurity.dll
[MD5.A4044E84AA1B75389DAA08398D90DFFD] - [01/09/2022 11:44:05] - |A| - [172032] - C:\Windows\system32\Robocopy.exe
[MD5.7706E6B63269C9668FB714E5772AC10D] - [01/09/2022 11:40:40] - |A| - [1196256] - C:\Windows\system32\rpcrt4.dll
[MD5.55CFA0278C257DD337DCB07C073EB5E7] - [01/09/2022 11:40:21] - |A| - [1325056] - C:\Windows\system32\rpcss.dll
[MD5.553B9558F7E6457260647E511E7D862A] - [01/09/2022 11:41:45] - |A| - [185344] - C:\Windows\system32\rtm.dll
[MD5.DAD6B7678C876B21895E9EAB092DCC44] - [01/09/2022 11:41:46] - |A| - [69632] - C:\Windows\system32\rtutils.dll
[MD5.1197C0A478D0483F7952FBFC324324AE] - [01/09/2022 11:37:31] - |A| - [184960] - C:\Windows\system32\RTWorkQ.dll
[MD5.9DB13DADD1F105CDB739A3243A1463CF] - [01/09/2022 11:44:51] - |A| - [20480] - C:\Windows\system32\runas.exe
[MD5.937C342E7EEA29A39E435E02F251C327] - [01/09/2022 11:40:26] - |A| - [60928] - C:\Windows\system32\runexehelper.exe
[MD5.9ADEF025B168447C1E8514D919CB5DC0] - [01/09/2022 11:41:12] - |A| - [61952] - C:\Windows\system32\runonce.exe
[MD5.1EE506BA169756B2BC933BD5A4D5B7A2] - [01/09/2022 11:40:22] - |A| - [82944] - C:\Windows\system32\samcli.dll
[MD5.70F9087DABBE6AE839B1A2E7D51A2569] - [01/09/2022 11:40:22] - |A| - [137728] - C:\Windows\system32\samlib.dll
[MD5.7A3D80B678FA39DE08DC0A9F05A4ADB1] - [01/09/2022 11:40:22] - |A| - [897024] - C:\Windows\system32\samsrv.dll
[MD5.2E8F76C0EC198B219C7230DB744A867D] - [01/09/2022 11:39:25] - |A| - [23040] - C:\Windows\system32\sbservicetrigger.dll
[MD5.BDE089CECA915F8D83307C34E20C3173] - [01/09/2022 11:44:02] - |A| - [113664] - C:\Windows\system32\ScanPlugin.dll
[MD5.D241CCA84F2EEBB047DD03308DFD2CFE] - [01/09/2022 11:44:15] - |A| - [297472] - C:\Windows\system32\scansetting.dll
[MD5.CA167C5FE4B319ADD7E4A8C75F5B477F] - [01/09/2022 11:41:48] - |A| - [345600] - C:\Windows\system32\scecli.dll
[MD5.0697FFB83D355D81638E91FB9BB6DEE5] - [01/09/2022 11:41:47] - |A| - [580096] - C:\Windows\system32\scesrv.dll
[MD5.CBDC9EFBDD1531EC9EF8E60F8692FFE7] - [01/09/2022 11:40:23] - |A| - [600576] - C:\Windows\system32\schannel.dll
[MD5.99BE30191729C6828DADCC418513A2D4] - [01/09/2022 11:40:24] - |A| - [23040] - C:\Windows\system32\schedcli.dll
[MD5.1AFC01C57C5538D313BB7BE93B56A82D] - [01/09/2022 11:41:50] - |A| - [814592] - C:\Windows\system32\schedsvc.dll
[MD5.76CD6626DD8834BD4A42E6A565104DC2] - [01/09/2022 11:41:49] - |A| - [235008] - C:\Windows\system32\schtasks.exe
[MD5.3BAC5E5C39B9787E3672ACBFABE438D1] - [01/09/2022 11:41:48] - |A| - [228864] - C:\Windows\system32\scrobj.dll
[MD5.8A6D4A4E788D30298A8885AAA5EF5E50] - [01/09/2022 11:41:48] - |A| - [228864] - C:\Windows\system32\scrrun.dll
[MD5.C7A89EBB555EC70BE32F147E6857FD09] - [01/09/2022 11:40:11] - |A| - [24576] - C:\Windows\system32\sdbinst.exe
[MD5.26FF03D565D4D68BF80602A8D21F46EE] - [01/09/2022 11:48:29] - |A| - [51712] - C:\Windows\system32\sdchange.exe
[MD5.4B1F72930DB66EEB8F140CCF7C8717BA] - [01/09/2022 11:43:56] - |A| - [1265152] - C:\Windows\system32\sdclt.exe
[MD5.DD42CDAD6AFA8F513D4DD7C21FEEF4D9] - [01/09/2022 11:41:15] - |A| - [430592] - C:\Windows\system32\SDDS.dll
[MD5.E299824ED9FF00FF6EC8CB4EB69CBE07] - [01/09/2022 11:44:49] - |A| - [233472] - C:\Windows\system32\sdiageng.dll
[MD5.3A161A0124CE64840140D6A9943A5DD3] - [01/09/2022 11:44:49] - |A| - [40448] - C:\Windows\system32\sdiagnhost.exe
[MD5.FB3A03717BCD18FB221C00C2F96BA0F7] - [01/09/2022 11:44:49] - |A| - [68096] - C:\Windows\system32\sdiagschd.dll
[MD5.0DF317B9E48F9251716AF121BD346994] - [01/09/2022 11:43:56] - |A| - [154112] - C:\Windows\system32\sdrsvc.dll
[MD5.6C457B13042FDB046009F57252AB31AC] - [01/09/2022 11:39:00] - |A| - [402944] - C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
[MD5.0F423D1F8CB44280566E7248EB0AD4DA] - [01/09/2022 11:39:00] - |A| - [272384] - C:\Windows\system32\SearchFilterHost.exe
[MD5.AA9DE2372B472A8BDA55FAFB24FF852F] - [01/09/2022 11:41:48] - |A| - [412672] - C:\Windows\system32\SearchFolder.dll
[MD5.3FD0112D247D9B151971E3BF6E34BFAE] - [01/09/2022 11:39:00] - |A| - [935424] - C:\Windows\system32\SearchIndexer.exe
[MD5.0AE82E02F55E74E1F7FAFFE7FACCB287] - [01/09/2022 11:38:59] - |A| - [418816] - C:\Windows\system32\SearchProtocolHost.exe
[MD5.61BCF4DDBCE3B3B82FFAA23F79F974BF] - [01/09/2022 11:43:56] - |A| - [1316704] - C:\Windows\system32\SecConfig.efi
[MD5.38FE2E2B7171FBDEA5A166FAA0F5D8C8] - [01/09/2022 11:40:40] - |A| - [630696] - C:\Windows\system32\sechost.dll
[MD5.DE1E733158DD8F78654DCE2CDA2180B9] - [01/09/2022 11:37:49] - |A| - [402432] - C:\Windows\system32\secproc.dll
[MD5.38A6CC58C08C0FC34277874F3D983151] - [01/09/2022 11:37:49] - |A| - [399872] - C:\Windows\system32\secproc_isv.dll
[MD5.333C0531F016468DEBB59AC1D3B34DF1] - [01/09/2022 11:37:49] - |A| - [112128] - C:\Windows\system32\secproc_ssp.dll
[MD5.E7C45048469054EDFBDF3CD6390929BB] - [01/09/2022 11:43:55] - |A| - [922448] - C:\Windows\system32\securekernel.exe
[MD5.0E666FCC73944455155AA7CE982ED53C] - [01/09/2022 11:37:53] - |A| - [133120] - C:\Windows\system32\SecureTimeAggregator.dll
[MD5.16B3C197E2E9835A55BD5817B55212C6] - [01/09/2022 11:38:10] - |A| - [443216] - C:\Windows\system32\SecurityHealthAgent.dll
[MD5.0F6FB7C2C061B307F165E49C5AFF51CA] - [01/09/2022 11:38:11] - |A| - [99168] - C:\Windows\system32\SecurityHealthHost.exe
[MD5.EABD752097F4C2F140E249E6A4251C16] - [01/09/2022 11:38:10] - |A| - [120144] - C:\Windows\system32\SecurityHealthProxyStub.dll
[MD5.F5D2559BE41874ECF79D507689B53717] - [01/09/2022 11:38:10] - |A| - [988104] - C:\Windows\system32\SecurityHealthService.exe
[MD5.DD4DD7652D5B793677DB58AC57B0E400] - [01/09/2022 11:39:54] - |A| - [961536] - C:\Windows\system32\SecurityHealthSSO.dll
[MD5.46702E54B6F5D9C4313A67CC5FDCE05F] - [01/09/2022 10:54:54] - |A| - [601432] - C:\Windows\system32\sedplugins.dll
[MD5.9A0F874FF0FE0099A83706E6015DA522] - [01/09/2022 11:38:55] - |A| - [1223680] - C:\Windows\system32\SEMgrSvc.dll
[MD5.E8F390109332233F0D58D30675916306] - [01/09/2022 11:44:30] - |A| - [147968] - C:\Windows\system32\sendmail.dll
[MD5.D11023704D2AF17C84EA9C51518A33F4] - [01/09/2022 11:39:33] - |A| - [107976] - C:\Windows\system32\SensorsNativeApi.dll
[MD5.3232EFE51CF71F356873C194EB5DA976] - [01/09/2022 11:39:33] - |A| - [221592] - C:\Windows\system32\SensorsNativeApi.V2.dll
[MD5.329E908BDDDCEA24C2B16B3D4E3C10A4] - [01/09/2022 11:42:04] - |A| - [212312] - C:\Windows\system32\ServicingUAPI.dll
[MD5.E8CDDA28622354ADC80AA9B9E7B165FF] - [01/09/2022 11:37:51] - |A| - [167424] - C:\Windows\system32\SettingMonitor.dll
[MD5.C9E7E07A8A93454E66E61450CDDC0017] - [01/09/2022 11:39:50] - |A| - [549376] - C:\Windows\system32\SettingsEnvironment.Desktop.dll
[MD5.FB6E7963AB64368E265FD83966FC169B] - [01/09/2022 11:41:32] - |A| - [150016] - C:\Windows\system32\SettingsExtensibilityHandlers.dll
[MD5.99A69C7ED32960E49F858F808FDB85E4] - [01/09/2022 11:46:14] - |A| - [240128] - C:\Windows\system32\SettingsHandlers_AnalogShell.dll
[MD5.DA936E74C3A13C6EA81B746D0B96F54A] - [01/09/2022 11:38:20] - |A| - [159232] - C:\Windows\system32\SettingsHandlers_AppExecutionAlias.dll
[MD5.70655A047C868B03C0EBE2D373E50126] - [01/09/2022 11:39:46] - |A| - [331776] - C:\Windows\system32\SettingsHandlers_Authentication.dll
[MD5.2CDB7422B76EA0D770B6F8208BC7B4EE] - [01/09/2022 11:38:17] - |A| - [155136] - C:\Windows\system32\SettingsHandlers_BackgroundApps.dll
[MD5.944C61E90F5CABDAFBD587E024E02F47] - [01/09/2022 11:39:51] - |A| - [151552] - C:\Windows\system32\SettingsHandlers_BrowserDeclutter.dll
[MD5.7C50A87035A25F9EBD54729076EA6016] - [01/09/2022 11:38:27] - |A| - [302080] - C:\Windows\system32\SettingsHandlers_CapabilityAccess.dll
[MD5.5FE755112A498605B5B1B9E6D175FE0D] - [01/09/2022 11:39:59] - |A| - [177664] - C:\Windows\system32\SettingsHandlers_ContentDeliveryManager.dll
[MD5.B44DED23CD0266123F52105A619EC7FD] - [01/09/2022 11:39:59] - |A| - [446976] - C:\Windows\system32\SettingsHandlers_Display.dll
[MD5.F20458A30B675C33A3113854A2D169F2] - [01/09/2022 11:41:31] - |A| - [371712] - C:\Windows\system32\SettingsHandlers_Fonts.dll
[MD5.CF5A86AB2DF3C35EAE65DDF310B16BE7] - [01/09/2022 11:41:31] - |A| - [248320] - C:\Windows\system32\SettingsHandlers_Gpu.dll
[MD5.54F1B6A9B709C64AA80F1D911335D0B4] - [01/09/2022 11:41:31] - |A| - [1237504] - C:\Windows\system32\SettingsHandlers_IME.dll
[MD5.E8B01BA78D76CCA7FDB5334109AD59C3] - [01/09/2022 11:39:44] - |A| - [194560] - C:\Windows\system32\SettingsHandlers_InkingTypingPrivacy.dll
[MD5.3690ECDC3BBF89B63E93B41060A1B8E1] - [01/09/2022 11:39:59] - |A| - [753664] - C:\Windows\system32\SettingsHandlers_Language.dll
[MD5.9B78A2D9FBBFA079B05B10E48B07C3AF] - [01/09/2022 11:39:59] - |A| - [246272] - C:\Windows\system32\SettingsHandlers_ManagePhone.dll
[MD5.F41B68B711BA05389DBE1E51E7EA7C97] - [01/09/2022 11:39:59] - |A| - [502272] - C:\Windows\system32\SettingsHandlers_Notifications.dll
[MD5.316A4400AB7C79044B202B02BBC4E68A] - [01/09/2022 11:41:32] - |A| - [3947520] - C:\Windows\system32\SettingsHandlers_nt.dll
[MD5.7B0D42982B30AC6E675BC4E99B95FAD5] - [01/09/2022 11:39:51] - |A| - [557568] - C:\Windows\system32\SettingsHandlers_PCDisplay.dll
[MD5.59A5645EA1C8895F91FFD160A8E062D7] - [01/09/2022 11:39:59] - |A| - [235008] - C:\Windows\system32\SettingsHandlers_Region.dll
[MD5.C4396EE821A05269008C9CA39A600298] - [01/09/2022 11:37:52] - |A| - [239960] - C:\Windows\system32\SettingsHandlers_SIUF.dll
[MD5.792092C113181644222B9A02E5EA728B] - [01/09/2022 11:39:44] - |A| - [401920] - C:\Windows\system32\SettingsHandlers_SpeechPrivacy.dll
[MD5.C737377D6B22B8BB5CDB71D0A6314A84] - [01/09/2022 11:37:51] - |A| - [797512] - C:\Windows\system32\SettingsHandlers_StorageSense.dll
[MD5.57DA437190CEAD7E0253477F4A671007] - [01/09/2022 11:44:49] - |A| - [195776] - C:\Windows\system32\SettingsHandlers_Troubleshoot.dll
[MD5.FECBB4ACF29EB5EE8B8C5AAB10308766] - [01/09/2022 11:39:51] - |A| - [402432] - C:\Windows\system32\SettingsHandlers_User.dll
[MD5.74F3AFA0B433EEF23D1824F276339D35] - [01/09/2022 11:37:52] - |A| - [457216] - C:\Windows\system32\SettingsHandlers_WorkAccess.dll
[MD5.DBA5942D06D3F0C8E8157549810F98E3] - [01/09/2022 11:37:51] - |A| - [713216] - C:\Windows\system32\SettingSync.dll
[MD5.65F99C4316C5215DFA6E5418131BFDB2] - [01/09/2022 11:40:48] - |A| - [1129472] - C:\Windows\system32\SettingSyncCore.dll
[MD5.744543DBBA5C491AE27CF179293DF046] - [01/09/2022 11:37:51] - |A| - [640512] - C:\Windows\system32\SettingSyncDownloadHelper.dll
[MD5.129ADE294D4895680F3AC25F5C41119F] - [01/09/2022 11:40:48] - |A| - [971096] - C:\Windows\system32\SettingSyncHost.exe
[MD5.D1C0F959C73E57A2DD19158E4D98BEE9] - [01/09/2022 11:41:39] - |A| - [4677448] - C:\Windows\system32\setupapi.dll
[MD5.664372EA388BF075EE566D310D1B9955] - [01/09/2022 11:40:17] - |A| - [152912] - C:\Windows\system32\setupcl.dll
[MD5.261A335680EA40D1C29AD24F91052EB2] - [01/09/2022 11:42:05] - |A| - [209408] - C:\Windows\system32\setupcln.dll
[MD5.6092D64232E96C86388224BE71A9CDC2] - [01/09/2022 11:42:01] - |A| - [12848] - C:\Windows\system32\sfc.dll
[MD5.5F914B60FFD44227FCD3C53F7B3A8D9D] - [01/09/2022 11:42:01] - |A| - [59480] - C:\Windows\system32\sfc_os.dll
[MD5.C63B36D418804BA40E4972481C5AAC51] - [01/09/2022 11:43:54] - |A| - [419440] - C:\Windows\system32\SgrmEnclave.dll
[MD5.28C386D5D679573F0D96B49D8C10791A] - [01/09/2022 11:43:54] - |A| - [415344] - C:\Windows\system32\SgrmEnclave_secure.dll
[MD5.EA57DAABED46F3695F2AE2771CE03DDD] - [01/09/2022 11:40:13] - |A| - [145408] - C:\Windows\system32\shacct.dll
[MD5.73355EA986F9B1D3C31460ED854B77A1] - [01/09/2022 11:44:54] - |A| - [307200] - C:\Windows\system32\SharedRealitySvc.dll
[MD5.5CA917B4EEAD0168C48B0A3DFE7855CD] - [01/09/2022 11:38:11] - |A| - [1117696] - C:\Windows\system32\ShareHost.dll
[MD5.4AC9F60DF9723AE393130668E1E15440] - [01/09/2022 11:45:03] - |A| - [237056] - C:\Windows\system32\sharemediacpl.dll
[MD5.230260C7B7C79E11EE1ED24C93AB5304] - [01/09/2022 11:39:44] - |A| - [700896] - C:\Windows\system32\SHCore.dll
[MD5.311053420AF145AD868888230B59474F] - [01/09/2022 11:40:48] - |A| - [7647832] - C:\Windows\system32\shell32.dll
[MD5.F4022DC4F32857D34486FEE2EB35D7CF] - [01/09/2022 11:39:54] - |A| - [868192] - C:\Windows\system32\ShellAppRuntime.exe
[MD5.DA9E3257A2C0904A341B3C3E3C1A035D] - [01/09/2022 11:37:59] - |A| - [829440] - C:\Windows\system32\ShellCommonCommonProxyStub.dll
[MD5.108E947C746A2BA732049061A316C89A] - [01/09/2022 11:40:11] - |A| - [7680] - C:\Windows\system32\shimeng.dll
[MD5.13EF6F7E64605548F3E832697423AFD6] - [01/09/2022 11:40:47] - |A| - [343488] - C:\Windows\system32\shlwapi.dll
[MD5.66BC5712F8BCED56437B312F36076417] - [01/09/2022 11:44:13] - |A| - [283136] - C:\Windows\system32\shsvcs.dll
[MD5.E2AF377BAAAE19823BB8F8D81F527425] - [01/09/2022 11:41:02] - |A| - [319488] - C:\Windows\system32\shutdownux.dll
[MD5.CF7543702E1F032CBCB9DABB2755C2D5] - [01/09/2022 11:44:55] - |A| - [55296] - C:\Windows\system32\signdrv.dll
[MD5.48ECF883719184E90CD348BE6AD4A547] - [01/09/2022 11:44:52] - |A| - [387464] - C:\Windows\system32\SIHClient.exe
[MD5.C2ECE3CAE97345194DDCC5A8F2BB3F2E] - [01/09/2022 11:43:56] - |A| - [307984] - C:\Windows\system32\skci.dll
[MD5.B3549BFD5E300EFE8C67EAB647901B8D] - [01/09/2022 11:40:53] - |A| - [146944] - C:\Windows\system32\slc.dll
[MD5.85F49514237A1E8D874C678099138B71] - [01/09/2022 11:40:52] - |A| - [22528] - C:\Windows\system32\slcext.dll
[MD5.F82F4AAE1215418D43B0F9274CB19EA3] - [01/09/2022 11:40:53] - |A| - [547328] - C:\Windows\system32\slui.exe
[MD5.751E544C920EE97AE93A2302623878EB] - [01/09/2022 11:40:51] - |A| - [820224] - C:\Windows\system32\SmartcardCredentialProvider.dll
[MD5.02FB7069B8D8426DC72C9D8A495AF55A] - [01/09/2022 11:38:20] - |A| - [2378752] - C:\Windows\system32\smartscreen.exe
[MD5.E699A226406BAB47F67BB57B7057BE05] - [01/09/2022 11:42:04] - |A| - [876872] - C:\Windows\system32\SmiEngine.dll
[MD5.67C32A981B42CD5243D4B5EA54A29734] - [01/09/2022 11:44:03] - |A| - [36176] - C:\Windows\system32\smphost.dll
[MD5.AA35F8D0001485C5F56439A806F57F52] - [01/09/2022 11:43:53] - |A| - [643072] - C:\Windows\system32\SmsRouterSvc.dll
[MD5.B817EA9E3E5A7A1A6F9920C15661298A] - [01/09/2022 11:40:12] - |A| - [276904] - C:\Windows\system32\SndVol.exe
[MD5.2123361B9D8D40D8A2D74DB6F2ABCD9A] - [01/09/2022 11:40:12] - |A| - [309248] - C:\Windows\system32\SndVolSSO.dll
[MD5.65D50425AADE95774AF4BDFC5142A3AA] - [01/09/2022 11:41:12] - |A| - [74432] - C:\Windows\system32\SortWindows62.dll
[MD5.106E32133B8684B6D7B7FA46B579C4A8] - [01/09/2022 11:41:12] - |A| - [74416] - C:\Windows\system32\SortWindows64.dll
[MD5.286C1D5D1B02059FD4DDFC52D1CDD0F1] - [01/09/2022 11:44:02] - |A| - [180736] - C:\Windows\system32\spacebridge.dll
[MD5.95707963917EBB501C576AB249E87815] - [01/09/2022 11:44:03] - |A| - [80752] - C:\Windows\system32\spaceman.exe
[MD5.110CC882EE845CAC0E6F036D4CEC82AD] - [01/09/2022 11:37:31] - |A| - [152064] - C:\Windows\system32\SpatialAudioLicenseSrv.exe
[MD5.522A6CDFDFD5874840C0CD83E4B6F987] - [01/09/2022 11:37:30] - |A| - [224256] - C:\Windows\system32\SpatializerApo.dll
[MD5.C58DCAFC964531F322A0AD2BF8FE68D9] - [01/09/2022 11:41:01] - |A| - [110592] - C:\Windows\system32\spbcd.dll
[MD5.877D0CF65C2966F3602F7CCD0E6B5C39] - [01/09/2022 11:44:54] - |A| - [877056] - C:\Windows\system32\Spectrum.exe
[MD5.CE3DD54573DA32716852A06FFEBCB87B] - [01/09/2022 11:37:26] - |A| - [1580544] - C:\Windows\system32\SpeechPal.dll
[MD5.E88EA96938E8B5C9F816BAF3D8F500BF] - [01/09/2022 11:41:39] - |A| - [113152] - C:\Windows\system32\spfileq.dll
[MD5.97EA00E1B73E6B8B3B4D045DD4B22334] - [01/09/2022 11:37:39] - |A| - [101376] - C:\Windows\system32\spoolss.dll
[MD5.998BE400D876EB5B2EC7144DA0CD4ED1] - [01/09/2022 11:37:39] - |A| - [836608] - C:\Windows\system32\spoolsv.exe
[MD5.47C1DDD85FCBC468391E089C6DE487C3] - [01/09/2022 11:40:53] - |A| - [130048] - C:\Windows\system32\sppc.dll
[MD5.62F5F5FAFF9F297172F7BF237BD4B1BB] - [01/09/2022 11:40:51] - |A| - [608768] - C:\Windows\system32\sppcext.dll
[MD5.E6C31BCDFB65E2DB98AD082E5DABD164] - [01/09/2022 11:40:53] - |A| - [316416] - C:\Windows\system32\sppcomapi.dll
[MD5.40F9FB27E09B4811A1224DCF19AF3C5A] - [01/09/2022 11:40:52] - |A| - [572928] - C:\Windows\system32\SppExtComObj.Exe
[MD5.8557EB5DEC4C37B89072DAFDC082150E] - [01/09/2022 11:40:52] - |A| - [1752480] - C:\Windows\system32\sppobjs.dll
[MD5.7A22059F8EEE68D4514E523BEFABE653] - [01/09/2022 11:40:51] - |A| - [4630384] - C:\Windows\system32\sppsvc.exe
[MD5.8213C5AEEEF8C229F7C606A5477C712B] - [01/09/2022 11:40:52] - |A| - [363064] - C:\Windows\system32\sppwinob.dll
[MD5.1DF10C32B05F9E7FDE220B48E1A93DE4] - [01/09/2022 11:48:37] - |A| - [11264] - C:\Windows\system32\spwmp.dll
[MD5.7F924D8C45F8AD8AB667E74C48B454A2] - [01/09/2022 11:40:01] - |A| - [3852800] - C:\Windows\system32\SRH.dll
[MD5.F7EF3EDD14597E5ADE2B004749AA0CFF] - [01/09/2022 11:40:11] - |A| - [162304] - C:\Windows\system32\srpapi.dll
[MD5.09E0A9CEDD7E27E413DC7B79B793F328] - [01/09/2022 11:40:24] - |A| - [118848] - C:\Windows\system32\srvcli.dll
[MD5.8E7EFB150C042EDA763FEAD76A874693] - [01/09/2022 11:40:42] - |A| - [302592] - C:\Windows\system32\srvsvc.dll
[MD5.7CE55494ED981CE882809548ADD51AD0] - [01/09/2022 11:40:42] - |A| - [48128] - C:\Windows\system32\sscore.dll
[MD5.6542467BB7C3F7F363B82C590BEE5E49] - [01/09/2022 11:43:54] - |A| - [67584] - C:\Windows\system32\ssdpapi.dll
[MD5.3B111F9787071EC66F4CC226574C2D8B] - [01/09/2022 11:43:54] - |A| - [276480] - C:\Windows\system32\ssdpsrv.dll
[MD5.869BBCC3D381349C64B34BC03325E338] - [01/09/2022 11:40:39] - |A| - [188568] - C:\Windows\system32\sspicli.dll
[MD5.6A60CAC5D90CF214701CEADAA995CD0C] - [01/09/2022 11:40:39] - |A| - [29184] - C:\Windows\system32\sspisrv.dll
[MD5.55B9A3FBA790FB6CF009C645F4B3B235] - [01/09/2022 11:38:06] - |A| - [5751776] - C:\Windows\system32\StartTileData.dll
[MD5.E469E26D9612D97B05A279BB36D1A582] - [01/09/2022 11:39:23] - |A| - [726672] - C:\Windows\system32\StateRepository.Core.dll
[MD5.C74B90DD7B083CAD2B88A88EDA0A143D] - [01/09/2022 11:44:16] - |A| - [332800] - C:\Windows\system32\sti.dll
[MD5.908C2038D25436F9E8BC71418DEBEC37] - [01/09/2022 11:44:15] - |A| - [234496] - C:\Windows\system32\sti_ci.dll
[MD5.EB37729B447C90FC81DF94BCFDE7097C] - [01/09/2022 11:37:55] - |A| - [313856] - C:\Windows\system32\stobject.dll
[MD5.E188B91D1A9262E84990A88B3EAB86C9] - [01/09/2022 11:44:14] - |A| - [161792] - C:\Windows\system32\StorageUsage.dll
[MD5.94D9BF2C59C0361EA39A5A70348F4E54] - [01/09/2022 11:39:11] - |A| - [296960] - C:\Windows\system32\storewuauth.dll
[MD5.D60F2B0B87D8CA3A41CBBD0ACCC303ED] - [01/09/2022 11:44:14] - |A| - [1071616] - C:\Windows\system32\StorSvc.dll
[MD5.47AA8C473BDD2B3AC6D380CD453A5353] - [01/09/2022 11:44:05] - |A| - [17408] - C:\Windows\system32\subst.exe
[MD5.26D2D82E2DD08761EAACF5BB5099D65B] - [01/09/2022 11:39:47] - |A| - [1296045] - C:\Windows\system32\SvBannerBackground.png
[MD5.B7F884C1B74A263F746EE12A5F7C9F6A] - [01/09/2022 11:40:19] - |A| - [55320] - C:\Windows\system32\svchost.exe
[MD5.983E28818E8754A18812EF9AAB681AAA] - [01/09/2022 11:39:50] - |A| - [500224] - C:\Windows\system32\swprv.dll
[MD5.2AFB69BAE20EA44D2615EDD6557FFB5F] - [01/09/2022 11:40:54] - |A| - [661120] - C:\Windows\system32\sxs.dll
[MD5.0C4077F52410D4FB984BD7565DE314E7] - [01/09/2022 11:40:54] - |A| - [35840] - C:\Windows\system32\sxssrv.dll
[MD5.E06FFF42F709CA723ADAB4A0163EE8D0] - [01/09/2022 11:40:54] - |A| - [37376] - C:\Windows\system32\sxstrace.exe
[MD5.6AA0FDA62C5A4A304487080DFEC80A0B] - [01/09/2022 11:37:51] - |A| - [329728] - C:\Windows\system32\SyncSettings.dll
[MD5.6C608C28F3469A3FBB1FC762945AED44] - [01/09/2022 11:45:03] - |A| - [1005568] - C:\Windows\system32\sysmain.dll
[MD5.AD006F052620FC9AC455F97ADA1C40DA] - [01/09/2022 11:44:44] - |A| - [42824] - C:\Windows\system32\SysResetErr.exe
[MD5.5F6906ACDE5A3D8AE63161B090EC57BB] - [01/09/2022 11:39:25] - |A| - [30208] - C:\Windows\system32\SystemEventsBrokerClient.dll
[MD5.423D06D055EF34814B8670C69452A6BD] - [01/09/2022 11:39:25] - |A| - [251904] - C:\Windows\system32\SystemEventsBrokerServer.dll
[MD5.76DBA13A60C6D4954940DD4F724D7460] - [01/09/2022 11:44:43] - |A| - [521096] - C:\Windows\system32\systemreset.exe
[MD5.BF3DD30B5A58E32C4EC533DC55811D11] - [01/09/2022 11:48:30] - |A| - [183296] - C:\Windows\system32\SystemSettings.DeviceEncryptionHandlers.dll
[MD5.649BA795CD8C2CDE8D92DD7C53F09F42] - [01/09/2022 11:41:32] - |A| - [1378304] - C:\Windows\system32\SystemSettings.Handlers.dll
[MD5.5FA3EEF00388ED6344B4C35BA7CAA460] - [01/09/2022 11:39:51] - |A| - [519080] - C:\Windows\system32\SystemSettingsAdminFlows.exe
[MD5.74CEBC1BA772C0BAB71179ECF39961C5] - [01/09/2022 11:39:51] - |A| - [4009472] - C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
[MD5.119826C7A917D572E1A73076E85CE710] - [01/09/2022 11:38:11] - |A| - [86016] - C:\Windows\system32\SystemUWPLauncher.exe
[MD5.234D38FEEC3ABDB7D938DA1FA4125BCF] - [01/09/2022 11:44:47] - |A| - [997888] - C:\Windows\system32\tapi3.dll
[MD5.3596DC15B6F6CBBB6EC8B143CBD57F24] - [01/09/2022 11:44:03] - |A| - [54784] - C:\Windows\system32\tar.exe
[MD5.5F61FCECBE4F60BA9878D2C22B5477F7] - [01/09/2022 11:37:55] - |A| - [1094656] - C:\Windows\system32\taskbarcpl.dll
[MD5.1A7FFCA6152F5ACA41069794B88E48D2] - [01/09/2022 11:41:50] - |A| - [420864] - C:\Windows\system32\taskcomp.dll
[MD5.F0948E7BD20B50F3097123C35CCC779D] - [01/09/2022 11:37:29] - |A| - [1543168] - C:\Windows\system32\TaskFlowDataEngine.dll
[MD5.A00BF82660835224CD6606A248321C5D] - [01/09/2022 11:41:49] - |A| - [98144] - C:\Windows\system32\taskhostw.exe
[MD5.58D5BC7895F7F32EE308E34F06F25DD5] - [01/09/2022 11:40:02] - |A| - [1213232] - C:\Windows\system32\Taskmgr.exe
[MD5.49E93FA14D4E09AAFD418AB616AD1BB1] - [01/09/2022 11:41:49] - |A| - [707544] - C:\Windows\system32\taskschd.dll
[MD5.EC5B46D106E8D92B2C23069B4174DC66] - [01/09/2022 11:38:20] - |A| - [75776] - C:\Windows\system32\tbauth.dll
[MD5.D6DF8A2912244491CC7EBF4397473AB3] - [01/09/2022 11:43:55] - |A| - [809320] - C:\Windows\system32\tcblaunch.exe
[MD5.1D47F0BC9822AD864EABD4E888176D7D] - [01/09/2022 11:43:56] - |A| - [223552] - C:\Windows\system32\tcbloader.dll
[MD5.776B80BA6ACBF1B2534CA0F6D74E6A9B] - [01/09/2022 11:41:41] - |A| - [38912] - C:\Windows\system32\tcpmib.dll
[MD5.47E8470A2025CF5E94AF09EFF8742543] - [01/09/2022 11:41:41] - |A| - [248832] - C:\Windows\system32\tcpmon.dll
[MD5.0B9A8B0F4FA7F3F43BBAD53323239E76] - [01/09/2022 11:41:41] - |A| - [74752] - C:\Windows\system32\tcpmonui.dll
[MD5.BF74759C6581B5EA2F3D7D72BFD969C8] - [01/09/2022 11:41:05] - |A| - [1127424] - C:\Windows\system32\tdh.dll
[MD5.FDB9784F251F6B77CB9F746749176AA9] - [01/09/2022 11:39:18] - |A| - [299008] - C:\Windows\system32\TDLMigration.dll
[MD5.49B3BD9D186443CDD2BFC0F1D74E4B21] - [01/09/2022 11:44:51] - |A| - [1265152] - C:\Windows\system32\termsrv.dll
[MD5.6BC8C4D3E338A626873D566954CB5C53] - [01/09/2022 11:39:03] - |A| - [1015456] - C:\Windows\system32\TextInputFramework.dll
[MD5.A1B4F24EDEA24557BA309125FC5ED47F] - [01/09/2022 11:39:02] - |A| - [2260480] - C:\Windows\system32\TextInputMethodFormatter.dll
[MD5.4C528AE5D512E3901BACAA5D75240381] - [01/09/2022 11:38:58] - |A| - [706536] - C:\Windows\system32\TextShaping.dll
[MD5.6A42D0DD7339B4F9F166A735A4AF1811] - [01/09/2022 11:44:47] - |A| - [420864] - C:\Windows\system32\themecpl.dll
[MD5.1F5DA0D4CE9C62C6F596A4BD6FF27811] - [01/09/2022 11:37:51] - |A| - [141824] - C:\Windows\system32\Themes.SsfDownload.ScheduledTask.dll
[MD5.1DE89867F80A481C72DBAE69DC66D91F] - [01/09/2022 11:41:50] - |A| - [399872] - C:\Windows\system32\themeui.dll
[MD5.370A415F8FF045C8DAE8EDA3D6A813C9] - [01/09/2022 11:38:18] - |A| - [402776] - C:\Windows\system32\thumbcache.dll
[MD5.B170F7CC57C4DA7B5FA57CD7D4674DB1] - [01/09/2022 11:40:02] - |A| - [2560] - C:\Windows\system32\tier2punctuations.dll
[MD5.2FA9C9E36D5ADE28949076D1E9AD2E04] - [01/09/2022 11:39:09] - |A| - [606720] - C:\Windows\system32\TileDataRepository.dll
[MD5.667698B4CA27F560125F74090602F16F] - [01/09/2022 11:38:20] - |A| - [1522176] - C:\Windows\system32\TokenBroker.dll
[MD5.111AA9CDB7434D48C4D1DEF07E5CB9A3] - [01/09/2022 11:38:20] - |A| - [48128] - C:\Windows\system32\TokenBrokerCookies.exe
[MD5.F4CEF8F2CEBDF24FC38B7C366C3FD180] - [01/09/2022 11:41:50] - |A| - [78848] - C:\Windows\system32\TokenBrokerUI.dll
[MD5.E6CE109406C0D707F659C71BA07F17CF] - [01/09/2022 11:37:52] - |A| - [3584] - C:\Windows\system32\TpmCertResources.dll
[MD5.93C6CF99F7D4C8AE778AB5D459C50874] - [01/09/2022 11:37:52] - |A| - [1171968] - C:\Windows\system32\TpmCoreProvisioning.dll
[MD5.1364B106ECDDB8A48A3D905F801EEB50] - [01/09/2022 11:37:52] - |A| - [296960] - C:\Windows\system32\TpmTasks.dll
[MD5.25551715B57E10FAFFAAA72B07641075] - [01/09/2022 11:37:52] - |A| - [272896] - C:\Windows\system32\TpmTool.exe
[MD5.AA2E750D959F6BEFAAFACD542B9EC7C8] - [01/09/2022 11:39:01] - |A| - [3307008] - C:\Windows\system32\tquery.dll
[MD5.A29A93D4FEC75038326C3C67C370DAC5] - [01/09/2022 11:44:35] - |A| - [463360] - C:\Windows\system32\tracerpt.exe
[MD5.9EB969EF56718A6243BF60350CD065F0] - [01/09/2022 11:44:05] - |A| - [20992] - C:\Windows\system32\tree.com
[MD5.6B7A6ABB160045852805449227F4F93D] - [01/09/2022 11:40:18] - |A| - [115200] - C:\Windows\system32\trkwks.dll
[MD5.9E5EF05DF59D544D1F8BBC570701CD04] - [01/09/2022 11:39:03] - |A| - [1362944] - C:\Windows\system32\tsf3gip.dll
[MD5.5D5F9A2C4662B2A1E8466D5E6BF34A14] - [01/09/2022 11:44:50] - |A| - [71168] - C:\Windows\system32\tsgqec.dll
[MD5.332D5118902EB9ABA09A134BF6ADADEF] - [01/09/2022 11:42:03] - |A| - [153600] - C:\Windows\system32\TSpkg.dll
[MD5.FAE58055EECC4CDDA9BEA6C45AEB9FA4] - [01/09/2022 11:37:08] - |A| - [41472] - C:\Windows\system32\TsUsbGDCoInstaller.dll
[MD5.A6DD5E0DDD265A97F0C659746A732087] - [01/09/2022 11:39:09] - |A| - [283544] - C:\Windows\system32\ttdinject.exe
[MD5.C7136F1899F6960CA9300920A9E6AF9C] - [01/09/2022 11:39:09] - |A| - [648736] - C:\Windows\system32\ttdrecord.dll
[MD5.952EFC3D9CF0990D2E5B5D7D2B38D07D] - [01/09/2022 11:39:09] - |A| - [86864] - C:\Windows\system32\tttracer.exe
[MD5.6FC12DDBB15C3F2588B44AE193C45D53] - [01/09/2022 11:40:47] - |A| - [186368] - C:\Windows\system32\twext.dll
[MD5.5248CFCD276AE3E4D341436B2224CBAF] - [01/09/2022 11:38:24] - |A| - [2100592] - C:\Windows\system32\twinapi.appcore.dll
[MD5.946DDC86A8119C79086063522904A363] - [01/09/2022 11:41:51] - |A| - [669696] - C:\Windows\system32\twinapi.dll
[MD5.6557479AF3649AE36BC8B7FCE66C2F23] - [01/09/2022 11:38:18] - |A| - [659968] - C:\Windows\system32\twinui.appcore.dll
[MD5.6819697EAA91762B01C3F1352D5775A8] - [01/09/2022 11:41:58] - |A| - [6191616] - C:\Windows\system32\twinui.dll
[MD5.28275DD9A65528C6BA612E32C5EA710A] - [01/09/2022 11:39:52] - |A| - [6424064] - C:\Windows\system32\twinui.pcshell.dll
[MD5.82F163348C344E3687E0EA5D821D74CB] - [01/09/2022 11:44:35] - |A| - [49664] - C:\Windows\system32\typeperf.exe
[MD5.6E044C7A68AAC63AA0CC883C7FF3DAEC] - [01/09/2022 11:40:23] - |A| - [2560] - C:\Windows\system32\tzres.dll
[MD5.D1C70F3CB0D222827C4AF61C5F198C0A] - [01/09/2022 11:41:50] - |A| - [280576] - C:\Windows\system32\ubpm.dll
[MD5.14CE2A5D5F26FF5009AC12C25A4D4FDD] - [01/09/2022 11:43:55] - |A| - [502024] - C:\Windows\system32\ucrtbase_enclave.dll
[MD5.8EF9FBC620E9B5F03DBA9B9AE5F57395] - [01/09/2022 11:40:18] - |A| - [1009664] - C:\Windows\system32\uDWM.dll
[MD5.36BF738F457FA848F2DBCCF5C688DE8C] - [01/09/2022 11:38:21] - |A| - [3062784] - C:\Windows\system32\UIAutomationCore.dll
[MD5.7237E6C7A2667C17653BD42956FD1C0C] - [01/09/2022 11:39:31] - |A| - [185656] - C:\Windows\system32\ulib.dll
[MD5.AF280B2E4C410E4264BD7DB283F96E84] - [01/09/2022 11:41:40] - |A| - [173056] - C:\Windows\system32\umpoext.dll
[MD5.F15F32CEED183A2A2CE80132EF6B547B] - [01/09/2022 11:44:47] - |A| - [396800] - C:\Windows\system32\umrdp.dll
[MD5.151F499802C7B8968CB518996C4CB6D2] - [01/09/2022 11:39:17] - |A| - [1191936] - C:\Windows\system32\Unistore.dll
[MD5.56122B0B263D383D4F38DBCFDD6B224E] - [01/09/2022 11:39:34] - |A| - [595968] - C:\Windows\system32\untfs.dll
[MD5.E7AEE76778BA6AA5511B555FB67DBCCE] - [01/09/2022 11:39:48] - |A| - [2624848] - C:\Windows\system32\UpdateAgent.dll
[MD5.9D0542EEFD7E2D5B0D479AC8CFEC519B] - [01/09/2022 11:39:47] - |A| - [119296] - C:\Windows\system32\updatecsp.dll
[MD5.5D70487167083D1265F1ED6526F3D803] - [01/09/2022 11:39:48] - |A| - [327168] - C:\Windows\system32\UpdateDeploymentProvider.dll
[MD5.D496A178842407E892733BD3993AD185] - [01/09/2022 11:38:29] - |A| - [205312] - C:\Windows\system32\updatepolicy.dll
[MD5.299B48B36CD8337467DBDA3741E08BF5] - [01/09/2022 11:43:54] - |A| - [433152] - C:\Windows\system32\upnp.dll
[MD5.595CAFE404987B6CD6546E54B49FDE1F] - [01/09/2022 11:44:56] - |A| - [52224] - C:\Windows\system32\UPPrinterInstaller.exe
[MD5.72759D4B4AA5D8C0313F3005967684A5] - [01/09/2022 11:44:56] - |A| - [107520] - C:\Windows\system32\UPPrinterInstallsCSP.dll
[MD5.897ACE7D9EDD2C8B43064977A2882587] - [01/09/2022 11:39:47] - |A| - [716600] - C:\Windows\system32\upshared.dll
[MD5.40EB45C3F0D14A82D91C79B5CEB2DB9A] - [01/09/2022 11:40:13] - |A| - [808448] - C:\Windows\system32\uReFS.dll
[MD5.5680C87656D718C65E56E8E5D54646C2] - [01/09/2022 11:44:05] - |A| - [32768] - C:\Windows\system32\ureg.dll
[MD5.9755DCAA596EED9CCF629157E3417F23] - [01/09/2022 11:41:11] - |A| - [1948160] - C:\Windows\system32\urlmon.dll
[MD5.E665FDFA4A39D67D0D6431A3D23D6F19] - [01/09/2022 11:37:57] - |A| - [1172480] - C:\Windows\system32\usbmon.dll
[MD5.3D2A6411D06E658A2AB3C893CA691EA3] - [01/09/2022 11:39:29] - |A| - [1701896] - C:\Windows\system32\user32.dll
[MD5.FE678395D86234EAA8E8D93A8F4F3C60] - [01/09/2022 11:42:01] - |A| - [784384] - C:\Windows\system32\usercpl.dll
[MD5.66ECE7F6EFB169609D1819B2CBEDF11B] - [01/09/2022 11:39:18] - |A| - [1554944] - C:\Windows\system32\UserDataService.dll
[MD5.8773C400628EAC6DEA7C76D568613E79] - [01/09/2022 11:39:18] - |A| - [122368] - C:\Windows\system32\UserDataTimeUtil.dll
[MD5.3BD1198E215E7E7148EB36B70348E835] - [01/09/2022 11:37:53] - |A| - [221184] - C:\Windows\system32\UserDeviceRegistration.dll
[MD5.D439AD0CBEBD26F1458EFAC54B3CA9D8] - [01/09/2022 11:37:53] - |A| - [346624] - C:\Windows\system32\UserDeviceRegistration.Ngc.dll
[MD5.47BBDBE152A597F4A840C5269ED961E8] - [01/09/2022 11:40:24] - |A| - [58368] - C:\Windows\system32\userinit.exe
[MD5.C20BEAB4BB4B3F6ADECB235681AF4301] - [01/09/2022 11:41:09] - |A| - [30208] - C:\Windows\system32\userinitext.dll
[MD5.ED79FB2050D1191553E8814C8F59B3C9] - [01/09/2022 11:39:19] - |A| - [61440] - C:\Windows\system32\UserLanguageProfileCallback.dll
[MD5.1DAB06E458435934618DF0D67692A4FE] - [01/09/2022 11:40:45] - |A| - [1483264] - C:\Windows\system32\usermgr.dll
[MD5.3143896D3AE0C81757C3B96BCFB050C9] - [01/09/2022 11:40:45] - |A| - [323072] - C:\Windows\system32\UserMgrProxy.dll
[MD5.8EA95EFFA963F439318BE519E2C5B2B1] - [01/09/2022 11:39:46] - |A| - [140288] - C:\Windows\system32\usoapi.dll
[MD5.F24349A080B1E9C920EA1539520852EC] - [01/09/2022 11:39:47] - |A| - [90624] - C:\Windows\system32\UsoClient.exe
[MD5.6A3CE6970FDF46CEA6796734D6A3E5DB] - [01/09/2022 11:39:46] - |A| - [1413120] - C:\Windows\system32\usocoreworker.exe
[MD5.089BE54F367AE4C97571777A36AC1A98] - [01/09/2022 11:39:46] - |A| - [570368] - C:\Windows\system32\usosvc.dll
[MD5.BA0422CCB92C557E2D54A826242CDD08] - [01/09/2022 11:37:52] - |A| - [132096] - C:\Windows\system32\UtcDecoderHost.exe
[MD5.FBBBB0BF1BAF09C6F8765B07EC80C1C0] - [01/09/2022 11:40:26] - |A| - [105984] - C:\Windows\system32\utcutil.dll
[MD5.F4668867B3E1152D2D89E99C40AC93E1] - [01/09/2022 11:41:50] - |A| - [116224] - C:\Windows\system32\UXInit.dll
[MD5.9025C9A5A1355F0EE3FB1A11536E6DF4] - [01/09/2022 11:41:50] - |A| - [628736] - C:\Windows\system32\uxtheme.dll
[MD5.D2BFC41E404C1B0E5073C9DA4FD65405] - [01/09/2022 11:38:17] - |A| - [148480] - C:\Windows\system32\VaultCDS.dll
[MD5.89574C3971184D691E0AD3989227D2BB] - [01/09/2022 11:38:29] - |A| - [321536] - C:\Windows\system32\vaultcli.dll
[MD5.3A5D103EDF683313AED7EDADEA7DF3D9] - [01/09/2022 11:38:29] - |A| - [370688] - C:\Windows\system32\vaultsvc.dll
[MD5.7605F07418C880F209C3C09136F9B278] - [01/09/2022 11:41:48] - |A| - [607232] - C:\Windows\system32\vbscript.dll
[MD5.0781CE7ECCD9F6318BA72CD96B5B8992] - [01/09/2022 11:42:01] - |A| - [723968] - C:\Windows\system32\vds.exe
[MD5.F82423FABDE3B816987A01D87892DBF6] - [01/09/2022 11:42:01] - |A| - [256000] - C:\Windows\system32\vdsbas.dll
[MD5.472A05A6ADC167E9E5D2328AD98E3067] - [01/09/2022 11:42:01] - |A| - [27136] - C:\Windows\system32\vdsldr.exe
[MD5.15CBE461375505D8EF85A160A9B10817] - [01/09/2022 11:42:01] - |A| - [135168] - C:\Windows\system32\vdsutil.dll
[MD5.543DCE5EEDAAA113B7B2AFD160EA7CAB] - [01/09/2022 11:42:01] - |A| - [109056] - C:\Windows\system32\vds_ps.dll
[MD5.9D859919FA195DABE2057BAD15C89C10] - [01/09/2022 11:43:55] - |A| - [173144] - C:\Windows\system32\vertdll.dll
[MD5.276BD1F83BA8C202A5029DB06DAAF1AF] - [01/09/2022 11:39:49] - |A| - [68936] - C:\Windows\system32\virtdisk.dll
[MD5.0E3F920B606AF22DE3865BD5C593179B] - [01/09/2022 11:37:18] - |A| - [29448] - C:\Windows\system32\vmbuspipe.dll
[MD5.F3C270F61548CCC3050F2D63BB961024] - [01/09/2022 11:44:01] - |A| - [219648] - C:\Windows\system32\vmdevicehost.dll
[MD5.91DFD0FE59214F867DB11709714E97D9] - [01/09/2022 11:41:47] - |A| - [737280] - C:\Windows\system32\vpnike.dll
[MD5.DFAF88006D456BF81E33DA030297B554] - [01/09/2022 11:39:26] - |A| - [265728] - C:\Windows\system32\VPNv2CSP.dll
[MD5.505D349264B832496448D1333F9CE21B] - [01/09/2022 11:39:49] - |A| - [1674240] - C:\Windows\system32\vssapi.dll
[MD5.875046AD4755396636A68F4A9EDB22A4] - [01/09/2022 11:39:50] - |A| - [1495040] - C:\Windows\system32\VSSVC.exe
[MD5.BC5568C7E6AC6C38FC9F2150BBB1927C] - [01/09/2022 11:37:53] - |A| - [526336] - C:\Windows\system32\w32time.dll
[MD5.E004D80375FBC7E0733FA543F1E1EF25] - [01/09/2022 11:39:18] - |A| - [154112] - C:\Windows\system32\WaaSAssessment.dll
[MD5.5B4A3E3C1990714E038B25A3B4AFB581] - [01/09/2022 11:39:18] - |A| - [112128] - C:\Windows\system32\WaaSMedicAgent.exe
[MD5.23E86697A35392530067A61C8D467FEA] - [01/09/2022 11:39:18] - |A| - [366592] - C:\Windows\system32\WaaSMedicCapsule.dll
[MD5.F922ED7403E8845B8BE46A479AEA5410] - [01/09/2022 11:39:18] - |A| - [29184] - C:\Windows\system32\WaaSMedicPS.dll
[MD5.A3C2986D4A40F30775BCC521B72E2CD5] - [01/09/2022 11:39:18] - |A| - [433152] - C:\Windows\system32\WaaSMedicSvc.dll
[MD5.68C7BBA5CE358F2B73CBD59804ABC2C9] - [01/09/2022 11:44:47] - |A| - [265216] - C:\Windows\system32\wavemsp.dll
[MD5.F2AA55885A2C014DA99F1355F3F71E4A] - [01/09/2022 11:48:28] - |A| - [329728] - C:\Windows\system32\wbadmin.exe
[MD5.CC5B39D4D84945F4F12A35F56BDD32EA] - [01/09/2022 11:37:50] - |A| - [561152] - C:\Windows\system32\wbemcomn.dll
[MD5.9E2D304905CA820DFB0F00A52AD0ED89] - [01/09/2022 11:39:31] - |A| - [880128] - C:\Windows\system32\wbiosrvc.dll
[MD5.F61272FCA0A11ED411686AA7A4A42988] - [01/09/2022 11:39:30] - |A| - [26112] - C:\Windows\system32\wci.dll
[MD5.FFAC41426EF4646C672C8037D4924491] - [01/09/2022 11:39:30] - |A| - [136192] - C:\Windows\system32\wcimage.dll
[MD5.68CFD9DE98F04C25FD453F6A2496652F] - [01/09/2022 11:37:54] - |A| - [252416] - C:\Windows\system32\wcmcsp.dll
[MD5.7807A4EFDF77E3D94A835A5C1B8AB5E0] - [01/09/2022 11:37:53] - |A| - [995328] - C:\Windows\system32\wcmsvc.dll
[MD5.40118B0E8213A8E512B5474256ECDCBF] - [01/09/2022 11:39:30] - |A| - [295936] - C:\Windows\system32\wc_storage.dll
[MD5.2349D3F791BAE1208F54C17F4FB099BC] - [01/09/2022 11:39:09] - |A| - [506368] - C:\Windows\system32\webauthn.dll
[MD5.F8C7B8D8C499589E6EDBAB5A418A9745] - [01/09/2022 11:46:07] - |A| - [992768] - C:\Windows\system32\WebcamUi.dll
[MD5.125E37627FA664B417DCD1EC8CA381FA] - [01/09/2022 11:45:04] - |A| - [236544] - C:\Windows\system32\WebClnt.dll
[MD5.1EFFEEFBFCFF001DA791ED4CC90F0AB8] - [01/09/2022 11:40:24] - |A| - [595456] - C:\Windows\system32\webio.dll
[MD5.DFC0EC6676D3D882E69C610A75996171] - [01/09/2022 11:44:22] - |A| - [1234944] - C:\Windows\system32\webplatstorageserver.dll
[MD5.06D70039E7B7D9E2D3EC5CD96D5F6266] - [01/09/2022 11:41:05] - |A| - [2573824] - C:\Windows\system32\WebRuntimeManager.dll
[MD5.C315D40174B3966ECE568344FDE42319] - [01/09/2022 11:40:27] - |A| - [889424] - C:\Windows\system32\wer.dll
[MD5.63C980C461E4AE90A17CAB8653D0F962] - [01/09/2022 11:44:14] - |A| - [892928] - C:\Windows\system32\werconcpl.dll
[MD5.709E33220A2BA7CCD36993B7CEE6D1AA] - [01/09/2022 11:44:14] - |A| - [128000] - C:\Windows\system32\wercplsupport.dll
[MD5.06CBCFFF8ED0BD55BE1030AFE601701C] - [01/09/2022 11:40:27] - |A| - [47104] - C:\Windows\system32\werdiagcontroller.dll
[MD5.D1A69EE635017C07C5FCFC020DD0E1D5] - [01/09/2022 11:40:27] - |A| - [254056] - C:\Windows\system32\weretw.dll
[MD5.CC43D35144E0095491FCCA175C7C70F0] - [01/09/2022 11:40:27] - |A| - [576336] - C:\Windows\system32\WerFault.exe
[MD5.C86F71DAFB6589DC711DD2BC27373F5A] - [01/09/2022 11:40:27] - |A| - [172072] - C:\Windows\system32\WerFaultSecure.exe
[MD5.9EFBC658DD79307924C8BF534CC6275B] - [01/09/2022 11:40:27] - |A| - [229712] - C:\Windows\system32\wermgr.exe
[MD5.733D7C71763D93B5E56C7EC30F345A33] - [01/09/2022 11:40:34] - |A| - [246272] - C:\Windows\system32\wersvc.dll
[MD5.44B5DF07896E7D2272E092ABA2F4902D] - [01/09/2022 11:44:14] - |A| - [249344] - C:\Windows\system32\werui.dll
[MD5.648486085C1FCA20FDC514E5F781E652] - [01/09/2022 11:39:34] - |A| - [403936] - C:\Windows\system32\wevtapi.dll
[MD5.2BD5C7C9528010AE2CE26BCA568789BB] - [01/09/2022 11:39:34] - |A| - [1879552] - C:\Windows\system32\wevtsvc.dll
[MD5.1AAE26BD68B911D0420626A27070EB8D] - [01/09/2022 11:39:34] - |A| - [278016] - C:\Windows\system32\wevtutil.exe
[MD5.D77EE9BABD9015F7D099231632B6D56C] - [01/09/2022 11:39:24] - |A| - [25088] - C:\Windows\system32\wfapigp.dll
[MD5.38A6BA42C5192CC9FA3CB086351BC7FD] - [01/09/2022 11:37:56] - |A| - [41472] - C:\Windows\system32\wfdprov.dll
[MD5.0B82A5E82CB96CDCFAE97C0F5DCB1B13] - [01/09/2022 11:37:56] - |A| - [677888] - C:\Windows\system32\WFDSConMgrSvc.dll
[MD5.163F836A9FD3D59CD9359C5CC3B6DAF2] - [01/09/2022 11:48:38] - |A| - [966656] - C:\Windows\system32\WFS.exe
[MD5.96797320981971F844E1E640530F1499] - [01/09/2022 11:48:38] - |A| - [669696] - C:\Windows\system32\WFSR.dll
[MD5.2D503489FAB3B1D5CD826B6CA5D43418] - [01/09/2022 11:44:16] - |A| - [98816] - C:\Windows\system32\wiaacmgr.exe
[MD5.969985AA04A8A58D991A995239974011] - [01/09/2022 11:44:16] - |A| - [813056] - C:\Windows\system32\wiaaut.dll
[MD5.D9CCF8920B776241D3847C50ACA73935] - [01/09/2022 11:44:16] - |A| - [253440] - C:\Windows\system32\wiadefui.dll
[MD5.6244DC684D5DEC346D98827E0FD6EC29] - [01/09/2022 11:44:16] - |A| - [173056] - C:\Windows\system32\wiadss.dll
[MD5.79F49C7543FC31AAB0CB431B8D8E74F7] - [01/09/2022 11:44:16] - |A| - [94208] - C:\Windows\system32\wiarpc.dll
[MD5.F55CD01B082A635A1620422033DD39F4] - [01/09/2022 11:44:15] - |A| - [102912] - C:\Windows\system32\wiascanprofiles.dll
[MD5.4B6B76BEFA3C00BF87877D5B43F17696] - [01/09/2022 11:44:16] - |A| - [781312] - C:\Windows\system32\wiaservc.dll
[MD5.84C0799D8AAFD762343B585F9779FBEB] - [01/09/2022 11:44:16] - |A| - [90624] - C:\Windows\system32\wiashext.dll
[MD5.8C69916B912F2AD79F4ACB553A3E28AD] - [01/09/2022 11:44:16] - |A| - [18944] - C:\Windows\system32\wiatrace.dll
[MD5.355FA9E7F2F63E3596BAAC45810B8AC4] - [01/09/2022 11:37:57] - |A| - [282624] - C:\Windows\system32\WiFiCloudStore.dll
[MD5.313D0B1D3A5DE2F216840D6CAA95C377] - [01/09/2022 11:37:56] - |A| - [41984] - C:\Windows\system32\WiFiConfigSP.dll
[MD5.72BC21D181DEFAD9E9080E67599C2696] - [01/09/2022 11:37:54] - |A| - [45568] - C:\Windows\system32\wifidatacapabilityhandler.dll
[MD5.BD52C8966CB60356D48EF1FC233C38E2] - [01/09/2022 11:37:54] - |A| - [804864] - C:\Windows\system32\wifinetworkmanager.dll
[MD5.78B1247CFFA609AFBA2F7BC22C0AC8E1] - [01/09/2022 11:40:17] - |A| - [764728] - C:\Windows\system32\wimgapi.dll
[MD5.7477F87C3C1D7633A0E003BE6AA01020] - [01/09/2022 11:40:17] - |A| - [522064] - C:\Windows\system32\wimserv.exe
[MD5.84AC8C0D9FF3B2F23F898ECE7AE78B6D] - [01/09/2022 11:40:03] - |A| - [102736] - C:\Windows\system32\win32appinventorycsp.dll
[MD5.534ED51587B9598A4D123CDB3B708F17] - [01/09/2022 11:40:04] - |A| - [214528] - C:\Windows\system32\Win32CompatibilityAppraiserCSP.dll
[MD5.61532C7E284B7E76FE7909EEC95745DD] - [01/09/2022 11:39:29] - |A| - [596992] - C:\Windows\system32\win32k.sys
[MD5.07FC54A9C97E9E6CC43186338A11F4C1] - [01/09/2022 11:38:59] - |A| - [2892800] - C:\Windows\system32\win32kbase.sys
[MD5.92825CD6F071E8337F60197BA72D24CF] - [01/09/2022 11:39:29] - |A| - [3813376] - C:\Windows\system32\win32kfull.sys
[MD5.3F2EDD334B9360447CA108E2842F93F5] - [01/09/2022 11:37:47] - |A| - [1320448] - C:\Windows\system32\win32spl.dll
[MD5.0DE18167973A22F1F81B169CADA114D2] - [01/09/2022 11:39:29] - |A| - [133792] - C:\Windows\system32\win32u.dll
[MD5.8050475B85CF9357C858305182EEE18F] - [01/09/2022 11:39:31] - |A| - [182272] - C:\Windows\system32\winbio.dll
[MD5.BD4453B1EE5BA45D687E606C6FCF7D24] - [01/09/2022 11:48:27] - |A| - [516608] - C:\Windows\system32\WinBioDataModel.dll
[MD5.13E44978D635CAD7A4F898CA053E0969] - [01/09/2022 11:40:16] - |A| - [205640] - C:\Windows\system32\winbrand.dll
[MD5.2D95CF99AB0DE2B1210F54610332CC5F] - [01/09/2022 11:40:21] - |A| - [437248] - C:\Windows\system32\wincorlib.dll
[MD5.57243BDBBBBF166F45E1FA83496C9240] - [01/09/2022 11:41:02] - |A| - [216064] - C:\Windows\system32\wincredui.dll
[MD5.6729615D151F7CB62F1A9D577E291AB5] - [01/09/2022 11:38:21] - |A| - [1074176] - C:\Windows\system32\Windows.AccountsControl.dll
[MD5.B545F628AE337CACFDA5E7F38E48E7A6] - [01/09/2022 11:39:25] - |A| - [122880] - C:\Windows\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
[MD5.2E5AF9C41965C8FE4F57E6662CF1F3E6] - [01/09/2022 11:37:30] - |A| - [781824] - C:\Windows\system32\Windows.ApplicationModel.ConversationalAgent.dll
[MD5.146DEBD438FAA28D998EB6DF27354D86] - [01/09/2022 11:37:30] - |A| - [73216] - C:\Windows\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
[MD5.ED385C2C063A4169B263C61394657CAB] - [01/09/2022 11:37:30] - |A| - [89088] - C:\Windows\system32\windows.applicationmodel.conversationalagent.proxystub.dll
[MD5.269CE682923E465F8A40FB69225C12B9] - [01/09/2022 11:38:18] - |A| - [223744] - C:\Windows\system32\Windows.ApplicationModel.Core.dll
[MD5.DE2E0BFE96D5CA72A3DA15FA10DF7BA6] - [01/09/2022 11:38:21] - |A| - [936448] - C:\Windows\system32\Windows.ApplicationModel.dll
[MD5.C7451EA93FDA41E39CE9A21F125FE40D] - [01/09/2022 11:39:10] - |A| - [2312008] - C:\Windows\system32\Windows.ApplicationModel.Store.dll
[MD5.CE22D8E10D56EE7D827861F80BE705DB] - [01/09/2022 11:38:56] - |A| - [68096] - C:\Windows\system32\Windows.ApplicationModel.Store.Preview.DOSettings.dll
[MD5.33AE3B6126BC48DC29492F1EED146F08] - [01/09/2022 11:38:12] - |A| - [2008576] - C:\Windows\system32\Windows.CloudStore.dll
[MD5.48568D55B22C1B8CE3375F26A6F0C333] - [01/09/2022 11:38:01] - |A| - [809984] - C:\Windows\system32\Windows.CloudStore.Schema.Shell.dll
[MD5.A79B30FA772F627A99282B74002C9445] - [01/09/2022 11:41:48] - |A| - [591360] - C:\Windows\system32\Windows.Cortana.Desktop.dll
[MD5.A33C1B04462B9E4CE92B53BE88608FB8] - [01/09/2022 11:40:01] - |A| - [354816] - C:\Windows\system32\Windows.Cortana.OneCore.dll
[MD5.6A0BBACFE43D7683969A81BECE3177F1] - [01/09/2022 11:40:01] - |A| - [134144] - C:\Windows\system32\Windows.Cortana.ProxyStub.dll
[MD5.09C043B28DC1438DA7BC256484EE4710] - [01/09/2022 11:39:55] - |A| - [534528] - C:\Windows\system32\Windows.Data.Activities.dll
[MD5.8BAC08F4830480082A1D1FC57640B1F0] - [01/09/2022 11:38:22] - |A| - [540312] - C:\Windows\system32\Windows.Devices.Enumeration.dll
[MD5.86A5DA296D19467F2936E5EAF76C5F4E] - [01/09/2022 11:38:26] - |A| - [288768] - C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
[MD5.AE4106F444D85331A8B95A865A1545C5] - [01/09/2022 11:39:28] - |A| - [392192] - C:\Windows\system32\Windows.Devices.Lights.dll
[MD5.14279A4BD2CC0F1F5C5AE77A3EFCD604] - [01/09/2022 11:48:15] - |A| - [484352] - C:\Windows\system32\Windows.Devices.Picker.dll
[MD5.6FAE5D9725AFC3299B2EE0454F71FFDE] - [01/09/2022 11:39:08] - |A| - [2078208] - C:\Windows\system32\Windows.Devices.PointOfService.dll
[MD5.FA3CA70AE3C8B09B42E129B041522C55] - [01/09/2022 11:38:12] - |A| - [154112] - C:\Windows\system32\Windows.Devices.Printers.dll
[MD5.D8853AE0975F62A0243310564B66288E] - [01/09/2022 11:41:42] - |A| - [45056] - C:\Windows\system32\Windows.Devices.Printers.Extensions.dll
[MD5.5B871FCA9E36B4933EDA1DC3C505A92B] - [01/09/2022 11:44:02] - |A| - [219648] - C:\Windows\system32\Windows.Devices.Scanners.dll
[MD5.63DDE1ACD204C8A1A2952489B8C58808] - [01/09/2022 11:41:14] - |A| - [1290208] - C:\Windows\system32\Windows.Devices.Sensors.dll
[MD5.9E086A3F8D8531C53BE3E4DA469ED964] - [01/09/2022 11:38:22] - |A| - [206848] - C:\Windows\system32\Windows.Energy.dll
[MD5.8024354770D0478A13BF5420A8E9F69A] - [01/09/2022 11:40:48] - |A| - [373248] - C:\Windows\system32\Windows.FileExplorer.Common.dll
[MD5.3632E22C696F33D0FCEE0619B6E676FF] - [01/09/2022 11:38:18] - |A| - [826880] - C:\Windows\system32\Windows.Gaming.Input.dll
[MD5.FCADEA3A6A45D367E482F1A53DBCABDA] - [01/09/2022 11:38:57] - |A| - [389120] - C:\Windows\system32\Windows.Gaming.Preview.dll
[MD5.494CE623ADA1A98EB5E161542D1FCBFD] - [01/09/2022 11:38:22] - |A| - [1712128] - C:\Windows\system32\Windows.Globalization.dll
[MD5.29BBE29EAEFBC1FD7DF09E5730619AF0] - [01/09/2022 11:38:29] - |A| - [567112] - C:\Windows\system32\Windows.Graphics.dll
[MD5.8C5F9C4AC57C334C619C23F20FBD27D6] - [01/09/2022 11:38:17] - |A| - [2308096] - C:\Windows\system32\Windows.Graphics.Printing.3D.dll
[MD5.A29961E106AF14DA64B72326ACAA6BB5] - [01/09/2022 11:38:16] - |A| - [877056] - C:\Windows\system32\Windows.Graphics.Printing.dll
[MD5.3A62EB878531DB05952515B140A7E0BE] - [01/09/2022 11:41:40] - |A| - [1245184] - C:\Windows\system32\Windows.Graphics.Printing.Workflow.dll
[MD5.84B18FE969345EF1C781564FAE2D6D46] - [01/09/2022 11:41:41] - |A| - [19968] - C:\Windows\system32\Windows.Graphics.Printing.Workflow.Native.dll
[MD5.0DF046064E3E77D37C1500D4ACB0F892] - [01/09/2022 11:39:29] - |A| - [752128] - C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
[MD5.57A3BD9ECC2A47DA08C1B58BC76B2FB0] - [01/09/2022 11:39:56] - |A| - [174080] - C:\Windows\system32\Windows.Internal.CapturePicker.dll
[MD5.B4FFB0354BAF30DD6E0C732323EFC3E1] - [01/09/2022 11:39:03] - |A| - [253440] - C:\Windows\system32\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
[MD5.66DD6E2282E1219524E23178CEC81EAD] - [01/09/2022 11:41:04] - |A| - [1015808] - C:\Windows\system32\Windows.Internal.Management.dll
[MD5.D5DF7DAA348D10B2C564C2F3402D2723] - [01/09/2022 11:44:28] - |A| - [48640] - C:\Windows\system32\Windows.Internal.SecurityMitigationsBroker.dll
[MD5.344B88A81EC3F2597410C697D0B31DAF] - [01/09/2022 11:41:12] - |A| - [885784] - C:\Windows\system32\Windows.Internal.Shell.Broker.dll
[MD5.E0B4A4750D98520E3A0E824F25EC0608] - [01/09/2022 11:38:01] - |A| - [136888] - C:\Windows\system32\Windows.Internal.ShellCommon.Broker.dll
[MD5.A2B7CF3698E1F24F979B0C75C5852BAA] - [01/09/2022 11:38:06] - |A| - [317440] - C:\Windows\system32\windows.internal.shellcommon.shareexperience.dll
[MD5.73D26267EA3C6FFBC45A519BD8247D14] - [01/09/2022 11:37:51] - |A| - [1064448] - C:\Windows\system32\Windows.Internal.Signals.dll
[MD5.73A732054684421088762992CD67CDEF] - [01/09/2022 11:37:29] - |A| - [226816] - C:\Windows\system32\Windows.Internal.System.UserProfile.dll
[MD5.039E066D0AD61759A7F201AFA5CAB71D] - [01/09/2022 11:37:28] - |A| - [71168] - C:\Windows\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
[MD5.6C66C4CF094E39A9C2BF44604C114520] - [01/09/2022 11:37:28] - |A| - [288768] - C:\Windows\system32\Windows.Management.InprocObjects.dll
[MD5.35D63836B3490C4CE5342CFE3EEFD841] - [01/09/2022 11:37:28] - |A| - [111616] - C:\Windows\system32\Windows.Management.ModernDeployment.ConfigProviders.dll
[MD5.A9E2A4B266638AE5EF5282ACBC8DFA6C] - [01/09/2022 11:37:48] - |A| - [34304] - C:\Windows\system32\Windows.Management.Provisioning.ProxyStub.dll
[MD5.2FC4068866845DEF1D0171E2EEDAFF51] - [01/09/2022 11:37:28] - |A| - [824320] - C:\Windows\system32\Windows.Management.Service.dll
[MD5.09613B65DBEF86FFC63F4E300408682D] - [01/09/2022 11:46:02] - |A| - [1339392] - C:\Windows\system32\Windows.Media.Audio.dll
[MD5.68E338F631268561C88972B4174493D0] - [01/09/2022 11:38:08] - |A| - [919040] - C:\Windows\system32\Windows.Media.BackgroundMediaPlayback.dll
[MD5.35BA9788D7414F995A05C2552DD627C6] - [01/09/2022 11:37:31] - |A| - [591904] - C:\Windows\system32\Windows.Media.Devices.dll
[MD5.AEA80673CC218CC9A2DD282BC7B5BA50] - [01/09/2022 11:46:01] - |A| - [7550760] - C:\Windows\system32\Windows.Media.dll
[MD5.DAF8A03D5DE35714CC76AE4639225C00] - [01/09/2022 11:38:08] - |A| - [915968] - C:\Windows\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
[MD5.580544F2834E8A25C0E0368958445340] - [01/09/2022 11:38:08] - |A| - [894464] - C:\Windows\system32\Windows.Media.Playback.MediaPlayer.dll
[MD5.97E62CADEBEFEDE9A411D1D07CC0A52D] - [01/09/2022 11:38:08] - |A| - [10352944] - C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
[MD5.16EF80AE0CE0D169893863F801F26168] - [01/09/2022 11:39:45] - |A| - [1867264] - C:\Windows\system32\Windows.Media.Speech.dll
[MD5.6F00EF6E3525ED29E74264671EF9AA19] - [01/09/2022 11:46:06] - |A| - [1135104] - C:\Windows\system32\Windows.Media.Streaming.dll
[MD5.D2257A65541B6FC7499CA0A7FD845697] - [01/09/2022 11:44:53] - |A| - [4374224] - C:\Windows\system32\Windows.Mirage.dll
[MD5.998CACFFDE5145FB771A322FCBDF9DED] - [01/09/2022 11:44:54] - |A| - [867328] - C:\Windows\system32\Windows.Mirage.Internal.dll
[MD5.181B7FC060B9445CCBBAAB7945EEB0A4] - [01/09/2022 11:38:23] - |A| - [736256] - C:\Windows\system32\Windows.Networking.Connectivity.dll
[MD5.97FC4FF605965B6E78387ABBC317FC93] - [01/09/2022 11:39:35] - |A| - [630272] - C:\Windows\system32\Windows.Networking.UX.EapRequestHandler.dll
[MD5.A743100820B372C79075E0C53EC69C80] - [01/09/2022 11:39:26] - |A| - [1523712] - C:\Windows\system32\Windows.Networking.Vpn.dll
[MD5.C990AF3CD3C5C932158DB2AFD06BF7F0] - [01/09/2022 11:39:08] - |A| - [588800] - C:\Windows\system32\Windows.Payments.dll
[MD5.E7C277051BAD806A1F5D7BB38F98D11F] - [01/09/2022 11:38:19] - |A| - [1146368] - C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
[MD5.88CC3046E4477319C983747021BB840B] - [01/09/2022 11:38:20] - |A| - [143360] - C:\Windows\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
[MD5.364AD0FBFEDC2050E4963E5F9C0D889F] - [01/09/2022 11:39:28] - |A| - [1184568] - C:\Windows\system32\Windows.Services.TargetedContent.dll
[MD5.D2A2FDF78F17AD1008EDC20F1D2105FB] - [01/09/2022 11:39:58] - |A| - [223232] - C:\Windows\system32\Windows.SharedPC.AccountManager.dll
[MD5.903BA96A8535F1893C20E08965615126] - [01/09/2022 11:39:59] - |A| - [320000] - C:\Windows\system32\Windows.Shell.BlueLightReduction.dll
[MD5.5F753A28D314C0081AE23BACBBB02501] - [01/09/2022 11:39:22] - |A| - [5858656] - C:\Windows\system32\Windows.StateRepository.dll
[MD5.ABB2731F16A7B1E69804CB38B5CC96C2] - [01/09/2022 11:39:23] - |A| - [117560] - C:\Windows\system32\Windows.StateRepositoryBroker.dll
[MD5.5EA9E6A63DB7D535DB11F76FB046F6AF] - [01/09/2022 11:39:23] - |A| - [249656] - C:\Windows\system32\Windows.StateRepositoryClient.dll
[MD5.2DC323B6AC688A544BBEEB13CFDBDBC0] - [01/09/2022 11:39:23] - |A| - [59440] - C:\Windows\system32\Windows.StateRepositoryCore.dll
[MD5.98535DE16DA23159539178D8F3F2B8B0] - [01/09/2022 11:39:23] - |A| - [1337680] - C:\Windows\system32\Windows.StateRepositoryPS.dll
[MD5.17440FA532F22CA36B43FCFB6FBB0B62] - [01/09/2022 11:39:23] - |A| - [268800] - C:\Windows\system32\Windows.StateRepositoryUpgrade.dll
[MD5.B88D985DBFD4084E3542268C0DF9ACC0] - [01/09/2022 11:38:25] - |A| - [417368] - C:\Windows\system32\Windows.Storage.ApplicationData.dll
[MD5.E9CA1BCF46363322BA8651EA50859296] - [01/09/2022 11:39:20] - |A| - [7983568] - C:\Windows\system32\windows.storage.dll
[MD5.2FF075C8E683F7A6B08A274A2BA5B8D3] - [01/09/2022 11:39:22] - |A| - [203264] - C:\Windows\system32\Windows.Storage.OneCore.dll
[MD5.4217D25D5EBD21943811948348876B3C] - [01/09/2022 11:38:24] - |A| - [791552] - C:\Windows\system32\Windows.Storage.Search.dll
[MD5.49722A0CCD372DA2C91B530C8CCD8A07] - [01/09/2022 11:38:19] - |A| - [756736] - C:\Windows\system32\Windows.System.Launcher.dll
[MD5.30F82D6166A9574B819ABDD7CB74CD48] - [01/09/2022 11:44:46] - |A| - [150832] - C:\Windows\system32\Windows.System.Profile.HardwareId.dll
[MD5.B03E21F328F8DBADB8002BC4F57CF485] - [01/09/2022 11:38:25] - |A| - [72192] - C:\Windows\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
[MD5.7DB0F6E0D407DC9D4283FBB10F53E3C5] - [01/09/2022 11:37:58] - |A| - [285184] - C:\Windows\system32\Windows.UI.AppDefaults.dll
[MD5.475DF975A818CCB2349DE6A4B2AD285C] - [01/09/2022 11:39:02] - |A| - [1039872] - C:\Windows\system32\Windows.UI.Core.TextInput.dll
[MD5.CE43B70D8A7125DF5EF59A62FB966444] - [01/09/2022 11:40:47] - |A| - [274432] - C:\Windows\system32\Windows.UI.FileExplorer.dll
[MD5.ADAFD8AA23F40931BF067EFA37F1CA25] - [01/09/2022 11:41:10] - |A| - [1262080] - C:\Windows\system32\Windows.UI.Immersive.dll
[MD5.6DA1035AFD9051A1E72E8442EEA8E707] - [01/09/2022 11:40:12] - |A| - [3093504] - C:\Windows\system32\Windows.UI.Logon.dll
[MD5.5D17921F16F3F0A47DD9C22BDAD58797] - [01/09/2022 11:41:49] - |A| - [911360] - C:\Windows\system32\Windows.UI.Search.dll
[MD5.07603F95EA0448F0E97402B4346FB85A] - [01/09/2022 11:37:58] - |A| - [140288] - C:\Windows\system32\Windows.UI.Storage.dll
[MD5.C9CD57488884CCF3A821346C0DB4D941] - [01/09/2022 11:38:12] - |A| - [17561600] - C:\Windows\system32\Windows.UI.Xaml.dll
[MD5.7911517A17DC0DB9138058794EC29063] - [01/09/2022 11:38:15] - |A| - [44032] - C:\Windows\system32\Windows.UI.Xaml.Resources.Common.dll
[MD5.5B7AE2640B9318E1CE39EF4125E379F3] - [01/09/2022 11:38:59] - |A| - [1785544] - C:\Windows\system32\WindowsCodecs.dll
[MD5.A55EF54F6E788EF419F42B4D9451F363] - [01/09/2022 11:45:45] - |A| - [32608744] - C:\Windows\system32\WindowsCodecsRaw.dll
[MD5.88E591FA5B582E6B7D11BDDBC01465B4] - [01/09/2022 11:37:28] - |A| - [82136] - C:\Windows\system32\WindowsManagementServiceWinRt.ProxyStub.dll
[MD5.6292A6E76DDEF0A7592C15E78C382D66] - [01/09/2022 11:42:00] - |A| - [2240000] - C:\Windows\system32\windowsudk.shellcommon.dll
[MD5.00BDC8B6E1674933C94E4ACCE21E5A11] - [01/09/2022 11:48:52] - |A| - [31744] - C:\Windows\system32\WinFax.dll
[MD5.9CB035E4505B5B69EF0D91F8F8F9773C] - [01/09/2022 11:40:24] - |A| - [1087736] - C:\Windows\system32\winhttp.dll
[MD5.3F3492409E426FE998E31AD9E9EF246B] - [01/09/2022 11:43:53] - |A| - [102912] - C:\Windows\system32\winhttpcom.dll
[MD5.499FC0678390418A0350546A190E6FF4] - [01/09/2022 11:44:01] - |A| - [134656] - C:\Windows\system32\WinHvPlatform.dll
[MD5.11F7419009AF2874C4B0E4505D185D79] - [01/09/2022 11:41:10] - |A| - [5038592] - C:\Windows\system32\wininet.dll
[MD5.3588C1AC44DCE86A043310B07679C508] - [01/09/2022 11:40:24] - |A| - [420472] - C:\Windows\system32\wininit.exe
[MD5.FD69CA9209589D4B0A9507C903E77914] - [01/09/2022 11:40:44] - |A| - [46408] - C:\Windows\system32\wininitext.dll
[MD5.2ED387ED12B22F83D9FDE67B2540F88C] - [01/09/2022 11:39:33] - |A| - [513024] - C:\Windows\system32\winipcfile.dll
[MD5.32B70301B30D10BA95135DB1A6FE8877] - [01/09/2022 11:39:33] - |A| - [904704] - C:\Windows\system32\winipcsecproc.dll
[MD5.8ECA001F717FA962A61E1E1F34CB4B99] - [01/09/2022 11:41:07] - |A| - [101888] - C:\Windows\system32\winipsec.dll
[MD5.54B821F3C253A90476651257F13CC4A3] - [01/09/2022 11:39:19] - |A| - [190464] - C:\Windows\system32\Winlangdb.dll
[MD5.8369AD104D9241530435FA21A1802ABD] - [01/09/2022 11:40:15] - |A| - [1828960] - C:\Windows\system32\winload.efi
[MD5.0D9D1DC21773C12FB5290C098BDE5469] - [01/09/2022 11:40:14] - |A| - [1561856] - C:\Windows\system32\winload.exe
[MD5.F8B41A1B3E569E7E6F990567F21DCE97] - [01/09/2022 11:40:45] - |A| - [906240] - C:\Windows\system32\winlogon.exe
[MD5.9BA7ECF5D7201B25D7FD2A913ECDDBB8] - [01/09/2022 11:42:02] - |A| - [83456] - C:\Windows\system32\winlogonext.dll
[MD5.2F6EEC666FCF2A5A81DDD5D7C3CB69A1] - [01/09/2022 11:46:06] - |A| - [1770576] - C:\Windows\system32\winmde.dll
[MD5.E47FEC059B5C5B98D9D6494E40B0BFE7] - [01/09/2022 11:39:33] - |A| - [2343936] - C:\Windows\system32\winmsipc.dll
[MD5.92B911C6AC1AA9653DCFAB95B7F7EA2C] - [01/09/2022 11:41:16] - |A| - [267096] - C:\Windows\system32\WinREAgent.dll
[MD5.2739EE10D0A3CC257A00048A9A4B0068] - [01/09/2022 11:40:15] - |A| - [1396640] - C:\Windows\system32\winresume.efi
[MD5.F0D8CF7EBD78D2C0FBE00556B7DABE95] - [01/09/2022 11:40:15] - |A| - [1200872] - C:\Windows\system32\winresume.exe
[MD5.5326C7A84E36703AA3E04E45C68CCC29] - [01/09/2022 11:41:16] - |A| - [122368] - C:\Windows\system32\winrscmd.dll
[MD5.FC2414F108B613366BDE7AE897AB53A1] - [01/09/2022 11:44:52] - |A| - [2810880] - C:\Windows\system32\WinSAT.exe
[MD5.CD97B2153B549C47E4FDD29E163BD869] - [01/09/2022 11:44:52] - |A| - [377344] - C:\Windows\system32\WinSATAPI.dll
[MD5.35E87EE5E1FAE4A684889E3665A4AEA0] - [01/09/2022 11:40:17] - |A| - [334336] - C:\Windows\system32\winsku.dll
[MD5.6CC4468FD76F81B6E82EC73AAB74760A] - [01/09/2022 11:37:39] - |A| - [600064] - C:\Windows\system32\winspool.drv
[MD5.E076735314AED847057E5726A96EB9CA] - [01/09/2022 11:39:22] - |A| - [420400] - C:\Windows\system32\wintrust.dll
[MD5.4C8650D543C823C12DB9D22F92AC52EF] - [01/09/2022 11:40:21] - |A| - [1395040] - C:\Windows\system32\WinTypes.dll
[MD5.C61139B3B1E4C7D9F9D9D0D005C91057] - [01/09/2022 11:37:55] - |A| - [45568] - C:\Windows\system32\WiredNetworkCSP.dll
[MD5.26AB14E81458CCF0CFFFBB6C770564B7] - [01/09/2022 11:40:24] - |A| - [91960] - C:\Windows\system32\wkscli.dll
[MD5.3D9A9C3057AF37051042832A77F97E52] - [01/09/2022 11:44:51] - |A| - [284584] - C:\Windows\system32\wkspbroker.exe
[MD5.8AEE351D8B37FB53D6C3EE485175CD4E] - [01/09/2022 11:40:42] - |A| - [302080] - C:\Windows\system32\wkssvc.dll
[MD5.F9DEF9FFD0412EACA1D3A367864C5405] - [01/09/2022 11:37:56] - |A| - [470560] - C:\Windows\system32\wlanapi.dll
[MD5.638D47B67CFDC6924E4B3242EF24A349] - [01/09/2022 11:37:57] - |A| - [310784] - C:\Windows\system32\wlancfg.dll
[MD5.F5E1731F8FE4F21A04171E3D51397C0B] - [01/09/2022 11:37:56] - |A| - [16896] - C:\Windows\system32\wlanhlp.dll
[MD5.A4654183B64E00FFEA59632851F11686] - [01/09/2022 11:39:35] - |A| - [755712] - C:\Windows\system32\WlanMediaManager.dll
[MD5.9278530A2E21C5D8FE6DD4FD530F372E] - [01/09/2022 11:37:56] - |A| - [435712] - C:\Windows\system32\wlanmsm.dll
[MD5.3A393D16A3F74D718F0458B4FBA809F1] - [01/09/2022 11:37:56] - |A| - [480768] - C:\Windows\system32\wlansec.dll
[MD5.BE165D45512459D601048D7DECCB75A4] - [01/09/2022 11:37:56] - |A| - [2657792] - C:\Windows\system32\wlansvc.dll
[MD5.B77F868AEFEEB4617285D9A6BEB6DF17] - [01/09/2022 11:37:56] - |A| - [36352] - C:\Windows\system32\wlansvcpal.dll
[MD5.B028E116DD52AB3E9FB58DD242E8003A] - [01/09/2022 11:37:57] - |A| - [422400] - C:\Windows\system32\wlanui.dll
[MD5.71A4060783605DA844B48C3C57C0FEC9] - [01/09/2022 11:40:23] - |A| - [327680] - C:\Windows\system32\Wldap32.dll
[MD5.E8D91D24C0F6937A4A9DEB2A199EC115] - [01/09/2022 11:40:20] - |A| - [192640] - C:\Windows\system32\wldp.dll
[MD5.6DAEF6C6D68F922B07C0B9334E233238] - [01/09/2022 11:38:18] - |A| - [2244608] - C:\Windows\system32\wlidsvc.dll
[MD5.4D3EFF4F6AD195D6BBE4D47C6DD48C85] - [01/09/2022 11:46:05] - |A| - [760296] - C:\Windows\system32\WMADMOD.DLL
[MD5.76C84B27A12F4F9F48BBF19968000FA5] - [01/09/2022 11:37:49] - |A| - [360760] - C:\Windows\system32\wmicmiplugin.dll
[MD5.5FDE141631B1787D1F67D3B39A8061D2] - [01/09/2022 11:48:35] - |A| - [11445248] - C:\Windows\system32\wmp.dll
[MD5.15F46D77FF4C97EE316E0AD33AC360C9] - [01/09/2022 11:48:37] - |A| - [221696] - C:\Windows\system32\wmpdxm.dll
[MD5.9EE32C4F5B44794430C0BA822E199C2F] - [01/09/2022 11:48:38] - |A| - [311456] - C:\Windows\system32\wmpeffects.dll
[MD5.570E9CD9F2B9ADCBC1D6A8987BFDB598] - [01/09/2022 11:48:37] - |A| - [2560] - C:\Windows\system32\wmploc.DLL
[MD5.7297506741F6114B7796F34885C3B98E] - [01/09/2022 11:48:38] - |A| - [129024] - C:\Windows\system32\wmpshell.dll
[MD5.DD37A6E1769FF91FE73754690E2ECE67] - [01/09/2022 11:40:24] - |A| - [20480] - C:\Windows\system32\wmsgapi.dll
[MD5.BE28DA3D4368A29296757773AB8358BD] - [01/09/2022 11:46:05] - |A| - [2454432] - C:\Windows\system32\WMVCORE.DLL
[MD5.983BDFEBC42DEDB12C8F25250C6EBAA1] - [01/09/2022 11:46:05] - |A| - [2523624] - C:\Windows\system32\WMVDECOD.DLL
[MD5.757B63EC0B58DC605DDD8847054DC77E] - [01/09/2022 11:39:02] - |A| - [44032] - C:\Windows\system32\WordBreakers.dll
[MD5.FBEE46CE1F216E470EED5E2B451162B7] - [01/09/2022 11:44:53] - |A| - [105472] - C:\Windows\system32\WorkFolders.exe
[MD5.07F6AC37DE7515AE3D72047929EF1582] - [01/09/2022 11:44:52] - |A| - [893952] - C:\Windows\system32\WorkfoldersControl.dll
[MD5.E49889110AD82BCF5EBD83B7EB94659A] - [01/09/2022 11:44:52] - |A| - [230400] - C:\Windows\system32\WorkFoldersShell.dll
[MD5.C996632C873B749EF0ECA1A3F5318BD8] - [01/09/2022 11:44:52] - |A| - [2233176] - C:\Windows\system32\workfolderssvc.dll
[MD5.BB716C92572C7500AA2347FB7005431E] - [01/09/2022 11:37:28] - |A| - [273920] - C:\Windows\system32\wosc.dll
[MD5.57B64CFD13053DFF78319859D898556B] - [01/09/2022 11:41:39] - |A| - [17920] - C:\Windows\system32\wowreg32.exe
[MD5.65DB5A308895F1A67562107018EB82A5] - [01/09/2022 11:37:38] - |A| - [1643008] - C:\Windows\system32\Wpc.dll
[MD5.18D607A0D31C459E34488ED99AD10A18] - [01/09/2022 11:37:37] - |A| - [1870848] - C:\Windows\system32\WpcDesktopMonSvc.dll
[MD5.88185C8D032E74E3445203579459ABB8] - [01/09/2022 11:37:38] - |A| - [1173472] - C:\Windows\system32\WpcMon.exe
[MD5.0C8C114AB0FE11A5A54D5A2406C88492] - [01/09/2022 11:37:37] - |A| - [1034240] - C:\Windows\system32\WpcRefreshTask.dll
[MD5.6C299E4A91637294BB70D84835F0926A] - [01/09/2022 11:37:37] - |A| - [258560] - C:\Windows\system32\WpcTok.exe
[MD5.672F886C8D6D5148269C31D257A4900F] - [01/09/2022 11:46:06] - |A| - [101376] - C:\Windows\system32\wpdbusenum.dll
[MD5.8A6C701713B570F7B824E8F2B089F2BA] - [01/09/2022 11:46:06] - |A| - [636416] - C:\Windows\system32\wpdshext.dll
[MD5.F322A50B566E42D1A65CFCB7E96163F6] - [01/09/2022 11:46:07] - |A| - [230912] - C:\Windows\system32\wpd_ci.dll
[MD5.58610B14A93CE9307BB3C2F4575CBDE6] - [01/09/2022 11:39:27] - |A| - [1378816] - C:\Windows\system32\wpnapps.dll
[MD5.D0D011A140115AE9860E3EB97569C175] - [01/09/2022 11:39:27] - |A| - [368640] - C:\Windows\system32\wpnclient.dll
[MD5.59426F44F4A755DFE5E2D69EAB17688A] - [01/09/2022 11:39:27] - |A| - [1506816] - C:\Windows\system32\wpncore.dll
[MD5.BA33571C148659B9003B11C838E68E2A] - [01/09/2022 11:44:55] - |A| - [22528] - C:\Windows\system32\wpnpinst.exe
[MD5.D929BC77E6B5C18E13DE8BF1351A0587] - [01/09/2022 11:39:26] - |A| - [650240] - C:\Windows\system32\wpnprv.dll
[MD5.4D26D8373AAC26780D51CA3E8D8D0592] - [01/09/2022 11:37:48] - |A| - [1328464] - C:\Windows\system32\wpx.dll
[MD5.F8B2E89F5A87C629A9D99EC555FEF0CA] - [01/09/2022 11:37:49] - |A| - [9216] - C:\Windows\system32\wscadminui.exe
[MD5.38EF6B87B69D044919A3D45329AC3453] - [01/09/2022 11:37:48] - |A| - [299064] - C:\Windows\system32\wscapi.dll
[MD5.1C8A6364AE06379283776A843F8DC7F0] - [01/09/2022 11:45:03] - |A| - [223744] - C:\Windows\system32\wscinterop.dll
[MD5.7752554A0736A8AA767C3D558639A324] - [01/09/2022 11:37:48] - |A| - [28160] - C:\Windows\system32\wscisvif.dll
[MD5.2915899E4AD13024EC0BEB9CDC1C8632] - [01/09/2022 11:37:48] - |A| - [18944] - C:\Windows\system32\wscproxystub.dll
[MD5.A47CBE969EA935BDD3AB568BB126BC80] - [01/09/2022 11:41:48] - |A| - [170496] - C:\Windows\system32\wscript.exe
[MD5.1C2144B4B20C26446E7DCCCEC73FDE68] - [01/09/2022 11:37:48] - |A| - [332664] - C:\Windows\system32\wscsvc.dll
[MD5.338577F79EEB2C12205F1BF587782626] - [01/09/2022 11:45:03] - |A| - [84992] - C:\Windows\system32\wscui.cpl
[MD5.7843DBC704408233289D3AE9B50B4167] - [01/09/2022 11:39:32] - |A| - [692736] - C:\Windows\system32\WSDApi.dll
[MD5.5E8B0CC3C692161E5A65DA93FE1F170F] - [01/09/2022 11:44:42] - |A| - [92672] - C:\Windows\system32\WSDPrintProxy.DLL
[MD5.3777A39635D6016118A552D1BAE3F86F] - [01/09/2022 11:39:32] - |A| - [24576] - C:\Windows\system32\WsdProviderUtil.dll
[MD5.6F0A7949B96E11B72566EA3CC6B79D44] - [01/09/2022 11:44:15] - |A| - [70656] - C:\Windows\system32\WSDScanProxy.dll
[MD5.6ED26EB99845C26452CC761B644D31B7] - [01/09/2022 11:41:48] - |A| - [25088] - C:\Windows\system32\wshcon.dll
[MD5.B895515F04EFE82BAEFF4439D04566B6] - [01/09/2022 11:41:48] - |A| - [147456] - C:\Windows\system32\wshom.ocx
[MD5.BE4FD4A5C9D79E155E61FAB533975B4B] - [01/09/2022 11:45:04] - |A| - [107520] - C:\Windows\system32\wsl.exe
[MD5.639DD0E9696B0BD1198228AAA00639FA] - [01/09/2022 11:45:04] - |A| - [170496] - C:\Windows\system32\wslapi.dll
[MD5.93F46E8E2E89E789335113C80B31D443] - [01/09/2022 11:41:16] - |A| - [32768] - C:\Windows\system32\WsmAgent.dll
[MD5.5F84AA9945ACF47015A2A454B659616D] - [01/09/2022 11:41:16] - |A| - [43008] - C:\Windows\system32\WSManHTTPConfig.exe
[MD5.0A48F9CE684A0C839A089E85E810703B] - [01/09/2022 11:41:16] - |A| - [88576] - C:\Windows\system32\WSManMigrationPlugin.dll
[MD5.0907B17409FD9263C27E278DC902D71A] - [01/09/2022 11:41:15] - |A| - [180224] - C:\Windows\system32\WsmAuto.dll
[MD5.CDA66CE87C9C7A110634E962A220FF03] - [01/09/2022 11:41:16] - |A| - [16384] - C:\Windows\system32\wsmplpxy.dll
[MD5.FF46DECB93C6D676A37E87DE57BAE196] - [01/09/2022 11:41:16] - |A| - [46592] - C:\Windows\system32\wsmprovhost.exe
[MD5.18D57C45F60217716B5B10904603EA51] - [01/09/2022 11:41:16] - |A| - [61952] - C:\Windows\system32\WsmRes.dll
[MD5.77AE35D123F52E5D079A95DD04DE5F18] - [01/09/2022 11:41:15] - |A| - [2818560] - C:\Windows\system32\WsmSvc.dll
[MD5.A6CD222A1C046FABCE93854B0E7A90D5] - [01/09/2022 11:41:16] - |A| - [322048] - C:\Windows\system32\WsmWmiPl.dll
[MD5.42C3A0A3B2A391EDB076E150ABF0A9B2] - [01/09/2022 11:44:46] - |A| - [2031976] - C:\Windows\system32\wsp_fs.dll
[MD5.CC8C175C61AB506CA87302E899F82B1D] - [01/09/2022 11:44:47] - |A| - [1762664] - C:\Windows\system32\wsp_health.dll
[MD5.E4D551673C774949E1AD760EF7BC1A9A] - [01/09/2022 11:40:53] - |A| - [112640] - C:\Windows\system32\wsqmcons.exe
[MD5.52706A6AF79DB07F5B1793DDDBE1F61F] - [01/09/2022 11:39:48] - |A| - [962048] - C:\Windows\system32\wuapi.dll
[MD5.AE0133BEE50685C4F3BABB3FA91583F8] - [01/09/2022 11:39:11] - |A| - [11264] - C:\Windows\system32\wuapihost.exe
[MD5.ECD6E47310C5CEB6BD5F642DEB34596C] - [01/09/2022 11:39:49] - |A| - [65056] - C:\Windows\system32\wuauclt.exe
[MD5.9DB05247FE1E92B6FAF0DEBB1DA1BB3E] - [01/09/2022 11:39:48] - |A| - [3407360] - C:\Windows\system32\wuaueng.dll
[MD5.DC2EFDEFA151F7F38F9979A42CD77FA2] - [01/09/2022 11:41:14] - |A| - [161720] - C:\Windows\system32\WUDFCompanionHost.exe
[MD5.00E2EF3D2C9309CA4135195A049CC79C] - [01/09/2022 11:41:14] - |A| - [271872] - C:\Windows\system32\WUDFHost.exe
[MD5.D651651382362D2DC393562E63A57FE0] - [01/09/2022 11:41:14] - |A| - [196808] - C:\Windows\system32\WUDFPlatform.dll
[MD5.F1AE80A2C7C28CF5EABE20867414256E] - [01/09/2022 11:41:14] - |A| - [765400] - C:\Windows\system32\WUDFx02000.dll
[MD5.6A3AC1609A7E5E2109B1E51BCBB09809] - [01/09/2022 11:42:00] - |A| - [110592] - C:\Windows\system32\wudriver.dll
[MD5.4552548E7468E5D21D5E797404D127F9] - [01/09/2022 11:39:48] - |A| - [85504] - C:\Windows\system32\wups.dll
[MD5.00D98EAAEA59187555E3C990F7E7CCE9] - [01/09/2022 11:39:49] - |A| - [64000] - C:\Windows\system32\wups2.dll
[MD5.FBDA2B8987895780375FE0E6254F6198] - [01/09/2022 11:38:08] - |A| - [345088] - C:\Windows\system32\wusa.exe
[MD5.81040815FAB14D381F9F426324EBBB47] - [01/09/2022 11:40:46] - |A| - [529920] - C:\Windows\system32\wuuhext.dll
[MD5.5A4F85AF6F71909C74D43AE44C88977B] - [01/09/2022 11:39:49] - |A| - [273920] - C:\Windows\system32\wuuhosdeployment.dll
[MD5.11A385B24888791235AF48F58405DB82] - [01/09/2022 11:39:19] - |A| - [569344] - C:\Windows\system32\WwaApi.dll
[MD5.69318AE264A1E45ED570CEDCDC4B7B69] - [01/09/2022 11:39:18] - |A| - [995672] - C:\Windows\system32\WWAHost.exe
[MD5.CD5678A5BB529A8E06C691814D562762] - [01/09/2022 11:37:27] - |A| - [112128] - C:\Windows\system32\wwanprotdim.dll
[MD5.0D8B1067D589EC26E90C9B39A90207DB] - [01/09/2022 11:37:27] - |A| - [1517056] - C:\Windows\system32\wwansvc.dll
[MD5.782D98220D8C8E1CA7FD2C9C05C22A88] - [01/09/2022 11:37:31] - |A| - [644608] - C:\Windows\system32\XAudio2_9.dll
[MD5.B62C41E672194A919028786E4A480541] - [01/09/2022 11:37:29] - |A| - [1049088] - C:\Windows\system32\XblAuthManager.dll
[MD5.881D21ED9FF52A89C3D74620A79AE0B0] - [01/09/2022 11:37:29] - |A| - [93696] - C:\Windows\system32\XblAuthManagerProxy.dll
[MD5.AB8CE3D296086C887FFF2C182565B8C5] - [01/09/2022 11:37:29] - |A| - [114688] - C:\Windows\system32\XblAuthTokenBrokerExt.dll
[MD5.411923E5B7992764DDB6BEADF7E7DEA6] - [01/09/2022 11:37:28] - |A| - [1291264] - C:\Windows\system32\XblGameSave.dll
[MD5.2FA3C87DE83757A8EA712B012F7F4CD3] - [01/09/2022 11:37:28] - |A| - [33792] - C:\Windows\system32\XblGameSaveTask.exe
[MD5.6B74883B9DD9F539663AE27E6A759653] - [01/09/2022 11:44:04] - |A| - [64512] - C:\Windows\system32\xolehlp.dll
[MD5.42870C3047D81746E7A893609A114032] - [01/09/2022 11:41:43] - |A| - [405504] - C:\Windows\system32\XpsDocumentTargetPrint.dll
[MD5.C063777BF6D183ADE9C81B319EE41BF5] - [01/09/2022 11:41:41] - |A| - [456192] - C:\Windows\system32\XpsGdiConverter.dll
[MD5.A297E013F48809B06E29CB46732F4CB5] - [01/09/2022 11:41:42] - |A| - [1514496] - C:\Windows\system32\XpsPrint.dll
[MD5.31D7397D789E3D293D759075B3AA29DD] - [01/09/2022 11:41:42] - |A| - [379392] - C:\Windows\system32\xpspushlayer.dll
[MD5.DAB28347B4C5AA4D0FD34BEF693B3F00] - [01/09/2022 11:41:42] - |A| - [581120] - C:\Windows\system32\XpsRasterService.dll
[MD5.D47CAB32A451BA3019B7A6CCEEFF24D9] - [01/09/2022 11:41:42] - |A| - [2844672] - C:\Windows\system32\xpsservices.dll
[MD5.2757F65CBC5E117C99F106075141E24A] - [01/09/2022 11:41:40] - |A| - [268288] - C:\Windows\system32\XpsToPclmConverter.dll
[MD5.45CFE14F476B359B923F07BF6A472480] - [01/09/2022 11:41:40] - |A| - [78336] - C:\Windows\system32\XpsToPwgrConverter.dll
[MD5.644498BD614668D4E43160BCEADED841] - [01/09/2022 11:37:08] - |A| - [810344] - C:\Windows\system32\Drivers\acpi.sys
[MD5.494072BF9EC1FDFFD54C47A80821FE6E] - [01/09/2022 11:37:35] - |A| - [694272] - C:\Windows\system32\Drivers\Acx01000.sys
[MD5.AADECAAEE10B5A45E75A9E4DACB49259] - [01/09/2022 11:40:41] - |A| - [651104] - C:\Windows\system32\Drivers\afd.sys
[MD5.21266728FF51F5AE872678783C6EAB78] - [01/09/2022 11:41:29] - |A| - [44032] - C:\Windows\system32\Drivers\afunix.sys
[MD5.7618B7A9D387C5883F6772819C4D5D9E] - [01/09/2022 11:41:46] - |A| - [114176] - C:\Windows\system32\Drivers\agilevpn.sys
[MD5.0F1012F6A0E4A81D51F60B2A5F86BA9E] - [01/09/2022 11:37:08] - |A| - [209760] - C:\Windows\system32\Drivers\amdk8.sys
[MD5.0D5334CEBD138065DE26E1859CE3FE5F] - [01/09/2022 11:37:08] - |A| - [213856] - C:\Windows\system32\Drivers\amdppm.sys
[MD5.DC8CBB4F2043A24701459BAB12389D6A] - [01/09/2022 11:40:11] - |A| - [210776] - C:\Windows\system32\Drivers\appid.sys
[MD5.71705326222CCA5BAEFDABB27FF0EDE6] - [01/09/2022 11:40:11] - |A| - [18432] - C:\Windows\system32\Drivers\applockerfltr.sys
[MD5.B2C716CEBC11930E3C1E38C3B6B9DDED] - [01/09/2022 11:37:09] - |A| - [31064] - C:\Windows\system32\Drivers\atapi.sys
[MD5.2B1A0E457A9823283F0090D2C023716F] - [01/09/2022 11:37:09] - |A| - [225104] - C:\Windows\system32\Drivers\ataport.sys
[MD5.D254ECC59DECE4C5D2C42A4CAFE9C050] - [01/09/2022 11:39:30] - |A| - [145768] - C:\Windows\system32\Drivers\bindflt.sys
[MD5.55A234D0C8BBDDD400214AEF7A2EC69C] - [01/09/2022 11:37:48] - |A| - [117760] - C:\Windows\system32\Drivers\bowser.sys
[MD5.2E526401D693B6F1533EB281D505C37D] - [01/09/2022 11:37:11] - |A| - [113664] - C:\Windows\system32\Drivers\bthenum.sys
[MD5.2540446D33997D647FB6174ADC6BE277] - [01/09/2022 11:37:11] - |A| - [45568] - C:\Windows\system32\Drivers\BthMini.SYS
[MD5.E3433B0850882790180D1408020B1B8E] - [01/09/2022 11:37:11] - |A| - [1560064] - C:\Windows\system32\Drivers\bthport.sys
[MD5.CCDFF72A41C00A1A149E7AEDC2038825] - [01/09/2022 11:37:11] - |A| - [110592] - C:\Windows\system32\Drivers\BTHUSB.SYS
[MD5.054ABC6C64AE969D033B7876C04D52B4] - [01/09/2022 11:37:08] - |A| - [175616] - C:\Windows\system32\Drivers\cdrom.sys
[MD5.4BD838194BDF7B73C2ADA829CDC4A040] - [01/09/2022 11:39:25] - |A| - [82256] - C:\Windows\system32\Drivers\CEA.sys
[MD5.78FDC6DA54888C279262BE8C80977577] - [01/09/2022 11:39:30] - |A| - [93696] - C:\Windows\system32\Drivers\cimfs.sys
[MD5.A429FC6E54A127E33414F82540131229] - [01/09/2022 11:40:35] - |A| - [432472] - C:\Windows\system32\Drivers\Classpnp.sys
[MD5.D978414DF3721D3BB030088C335213F1] - [01/09/2022 11:40:16] - |A| - [496128] - C:\Windows\system32\Drivers\cldflt.sys
[MD5.11AFDD400DEA1A56D60BBEB9965703C6] - [01/09/2022 11:40:44] - |A| - [409432] - C:\Windows\system32\Drivers\clfs.sys
[MD5.F0240787884345B5C3F3F2E2B5F36DD9] - [01/09/2022 11:38:27] - |A| - [1104216] - C:\Windows\system32\Drivers\ClipSp.sys
[MD5.770EA637733278A115E730F335C34DBD] - [01/09/2022 11:40:25] - |A| - [746416] - C:\Windows\system32\Drivers\cng.sys
[MD5.37BAC4413D147BAC2C0DDA67890F0F10] - [01/09/2022 11:39:31] - |A| - [57144] - C:\Windows\system32\Drivers\condrv.sys
[MD5.C2CD2E320BEA17B20791308621B38278] - [01/09/2022 11:40:43] - |A| - [105320] - C:\Windows\system32\Drivers\crashdmp.sys
[MD5.1D066E3118C64B59DEDA8B5DD6277146] - [01/09/2022 11:37:03] - |A| - [47104] - C:\Windows\system32\Drivers\devauthe.sys
[MD5.953F239FFD563AFA513DBD9BAAF517A9] - [01/09/2022 11:37:08] - |A| - [106336] - C:\Windows\system32\Drivers\disk.sys
[MD5.015CAEEC9148194054B5B1DE64762A43] - [01/09/2022 11:40:46] - |A| - [41296] - C:\Windows\system32\Drivers\Diskdump.sys
[MD5.74D351531733C76E4BF267E0830C80EF] - [01/09/2022 11:40:46] - |A| - [20480] - C:\Windows\system32\Drivers\Dmpusbstor.sys
[MD5.103A22590A5E401F34AAFF1F0BCB97DF] - [01/09/2022 11:40:13] - |A| - [40784] - C:\Windows\system32\Drivers\Dumpata.sys
[MD5.CF2B40F26303A94E5B4D9AA5DD5ADA23] - [01/09/2022 11:48:30] - |A| - [95176] - C:\Windows\system32\Drivers\dumpfve.sys
[MD5.99508DE5962EABE3BE612800212AB090] - [01/09/2022 11:37:15] - |A| - [198496] - C:\Windows\system32\Drivers\dumpsd.sys
[MD5.88970377E082C9EF53210D9FB06D6691] - [01/09/2022 11:39:33] - |A| - [32768] - C:\Windows\system32\Drivers\dumpsdport.sys
[MD5.C9D6CCB33C23B446C0473DCBAA1355AF] - [01/09/2022 11:40:46] - |A| - [38240] - C:\Windows\system32\Drivers\Dumpstorport.sys
[MD5.D22F42EA2E3CDA8F75C594DB1CA69A75] - [01/09/2022 11:38:27] - |A| - [3814744] - C:\Windows\system32\Drivers\dxgkrnl.sys
[MD5.F8936B8EA186AAEB1DF64E5C74E4A969] - [01/09/2022 11:38:28] - |A| - [456024] - C:\Windows\system32\Drivers\dxgmms1.sys
[MD5.D65C4D8BC0D93F8017FD69D6088FB148] - [01/09/2022 11:38:28] - |A| - [904024] - C:\Windows\system32\Drivers\dxgmms2.sys
[MD5.FED99A20C3FCDA25A9877802D141092B] - [01/09/2022 11:37:27] - |A| - [418648] - C:\Windows\system32\Drivers\exfat.sys
[MD5.A3F919FCE55CA04BC5C970E217B155D7] - [01/09/2022 11:37:27] - |A| - [426320] - C:\Windows\system32\Drivers\fastfat.sys
[MD5.CDE9E75A5A330689B0E888D2949892D1] - [01/09/2022 11:40:35] - |A| - [429928] - C:\Windows\system32\Drivers\fltMgr.sys
[MD5.4FBD03B730CC1F857EFEDE115D0D5E05] - [01/09/2022 11:48:30] - |A| - [803664] - C:\Windows\system32\Drivers\fvevol.sys
[MD5.5918C9019C39D478261791129AC73E32] - [01/09/2022 11:40:42] - |A| - [503632] - C:\Windows\system32\Drivers\FWPKCLNT.SYS
[MD5.4F39254C6E087D4789D2C3EBD3C7F744] - [01/09/2022 11:37:03] - |A| - [134656] - C:\Windows\system32\Drivers\hdaudbus.sys
[MD5.04ED39F4A34EAFCCAEAA43D0783C4291] - [01/09/2022 11:40:25] - |A| - [1577320] - C:\Windows\system32\Drivers\http.sys
[MD5.54348AE1FFEF9AEA84E0BEFE3642EC46] - [01/09/2022 11:43:54] - |A| - [96088] - C:\Windows\system32\Drivers\hvservice.sys
[MD5.F5E57EC489AAC6476A569D3BC4FE0EE2] - [01/09/2022 11:44:54] - |A| - [149328] - C:\Windows\system32\Drivers\hvsocket.sys
[MD5.1C05B2A3D4698256421A4B35D9DDFBAE] - [01/09/2022 11:37:09] - |A| - [20816] - C:\Windows\system32\Drivers\intelide.sys
[MD5.4B8355CFE8040201551215F760B051A8] - [01/09/2022 11:37:07] - |A| - [418800] - C:\Windows\system32\Drivers\intelpep.sys
[MD5.17F028925F5AF7AA0DADBAE008507366] - [01/09/2022 11:37:08] - |A| - [234344] - C:\Windows\system32\Drivers\intelppm.sys
[MD5.D6A22C40F0331323A8BC03E5FE21CCA3] - [01/09/2022 11:41:45] - |A| - [95232] - C:\Windows\system32\Drivers\ipfltdrv.sys
[MD5.7DAAF580A2C442BF7542C5CD43205AE8] - [01/09/2022 11:39:31] - |A| - [230400] - C:\Windows\system32\Drivers\ipnat.sys
[MD5.7CD67E281BAAA6FB6509B1383BE5C8A9] - [01/09/2022 11:37:09] - |A| - [22864] - C:\Windows\system32\Drivers\isapnp.sys
[MD5.D329C9DE0CC5251416BF545A018337FE] - [01/09/2022 11:37:27] - |A| - [32256] - C:\Windows\system32\Drivers\KNetPwrDepBroker.sys
[MD5.C91301A4A0DB622768FAE019F871A613] - [01/09/2022 11:40:40] - |A| - [148312] - C:\Windows\system32\Drivers\ksecdd.sys
[MD5.D2843939E03A5A7152D38DE93E6940C2] - [01/09/2022 11:40:25] - |A| - [181088] - C:\Windows\system32\Drivers\ksecpkg.sys
[MD5.079D1EC6462AEA1BD9D6122F0514232D] - [01/09/2022 11:37:27] - |A| - [386048] - C:\Windows\system32\Drivers\MbbCx.sys
[MD5.D279BFB856809EB1C2E1CED379DF897A] - [01/09/2022 11:37:07] - |A| - [83968] - C:\Windows\system32\Drivers\monitor.sys
[MD5.27295840589657BE557D7F5801B5989A] - [01/09/2022 11:45:04] - |A| - [165888] - C:\Windows\system32\Drivers\mrxdav.sys
[MD5.3D1E941BD603AE4BE39215E9F30C3DF3] - [01/09/2022 11:40:45] - |A| - [586592] - C:\Windows\system32\Drivers\mrxsmb.sys
[MD5.6819BCFC0BC73DAA99A728562ED3E245] - [01/09/2022 11:45:47] - |A| - [307712] - C:\Windows\system32\Drivers\mrxsmb10.sys
[MD5.15FF2A929C19C817E7294F0D622C6BF4] - [01/09/2022 11:40:45] - |A| - [268640] - C:\Windows\system32\Drivers\mrxsmb20.sys
[MD5.0C95F1C9D1ABF88CB82E5831E8CCE9AF] - [01/09/2022 11:37:09] - |A| - [20280] - C:\Windows\system32\Drivers\msisadrv.sys
[MD5.FB464357FD21D4931B84AD1DB6933FBA] - [01/09/2022 11:37:09] - |A| - [293176] - C:\Windows\system32\Drivers\msiscsi.sys
[MD5.CED8FF3BBF5E7F652515D4FE1BB251EB] - [01/09/2022 11:40:40] - |A| - [376688] - C:\Windows\system32\Drivers\msrpc.sys
[MD5.BE9D5B1670123A10905DE3CF80563F1E] - [01/09/2022 11:40:40] - |A| - [1476944] - C:\Windows\system32\Drivers\ndis.sys
[MD5.2E37D4EDEA5E5B6F3151D38700FAFC09] - [01/09/2022 11:41:47] - |A| - [208384] - C:\Windows\system32\Drivers\ndiswan.sys
[MD5.E60A2396F71BF2052429A5EF7DCC138E] - [01/09/2022 11:40:41] - |A| - [210944] - C:\Windows\system32\Drivers\NetAdapterCx.sys
[MD5.12A95FD79B8FF669C28C5B1FE699EA69] - [01/09/2022 11:40:40] - |A| - [601944] - C:\Windows\system32\Drivers\netio.sys
[MD5.A26CBC8D37237B5E0BC439507F008ADE] - [01/09/2022 11:37:18] - |A| - [252264] - C:\Windows\system32\Drivers\netvsc.sys
[MD5.833D836C1589DCB023382FA1178EADB2] - [01/09/2022 11:40:36] - |A| - [87368] - C:\Windows\system32\Drivers\npfs.sys
[MD5.9603F0504DA583B5F04628591BA0AC97] - [01/09/2022 11:40:36] - |A| - [2846552] - C:\Windows\system32\Drivers\ntfs.sys
[MD5.8CA2DD9A18327EFBD5D7E8E099E36BD4] - [01/09/2022 11:37:55] - |A| - [757760] - C:\Windows\system32\Drivers\nwifi.sys
[MD5.4A468541CAC91394555777882EC6342E] - [01/09/2022 11:40:39] - |A| - [186728] - C:\Windows\system32\Drivers\partmgr.sys
[MD5.199E6550DC5832D94461BBA23C0D2C17] - [01/09/2022 11:37:10] - |A| - [478048] - C:\Windows\system32\Drivers\pci.sys
[MD5.5252320118508123B9902521CD70A8BA] - [01/09/2022 11:37:09] - |A| - [17752] - C:\Windows\system32\Drivers\pciide.sys
[MD5.DD328F28E16536EFE0659A66B329FA3E] - [01/09/2022 11:37:09] - |A| - [57680] - C:\Windows\system32\Drivers\pciidex.sys
[MD5.81D246AE6AA07A244F77883F6D4B84D7] - [01/09/2022 11:40:19] - |A| - [60232] - C:\Windows\system32\Drivers\pcw.sys
[MD5.3C76317D046F1CB772972346106C7D8E] - [01/09/2022 11:37:38] - |A| - [825344] - C:\Windows\system32\Drivers\PEAuth.sys
[MD5.FA35E6864526D4B3B501033B1578A973] - [01/09/2022 11:44:48] - |A| - [131424] - C:\Windows\system32\Drivers\PktMon.sys
[MD5.C775F57CBA3E6A3CBC3612D26FE1471E] - [01/09/2022 11:37:10] - |A| - [142184] - C:\Windows\system32\Drivers\pmem.sys
[MD5.7EECEAD543F5EBE53D4679892B1819C2] - [01/09/2022 11:37:08] - |A| - [218464] - C:\Windows\system32\Drivers\processr.sys
[MD5.28CF6FF4491D57F4DD00682C157BAD40] - [01/09/2022 11:41:47] - |A| - [110080] - C:\Windows\system32\Drivers\rasl2tp.sys
[MD5.413A31013E1F9827888CFEFB5B42045D] - [01/09/2022 11:41:47] - |A| - [102400] - C:\Windows\system32\Drivers\raspptp.sys
[MD5.0E44B1AB6F445F4B5ED46D581550CB3A] - [01/09/2022 11:41:47] - |A| - [86528] - C:\Windows\system32\Drivers\rassstp.sys
[MD5.9F9326A4CF8F4E4F1BCBA494F308CF4B] - [01/09/2022 11:40:45] - |A| - [457568] - C:\Windows\system32\Drivers\rdbss.sys
[MD5.3B5CCEF1B8997DD64E66C0F76084A4F6] - [01/09/2022 11:44:44] - |A| - [32592] - C:\Windows\system32\Drivers\rdpvideominiport.sys
[MD5.AD2E45EF88AC710CC8C75EC9391F9895] - [01/09/2022 11:40:13] - |A| - [2009952] - C:\Windows\system32\Drivers\refs.sys
[MD5.986822649671559AC722746CE9A37E3D] - [01/09/2022 11:40:13] - |A| - [990536] - C:\Windows\system32\Drivers\refsv1.sys
[MD5.4CA372523A260F7DF3D9B3A931FB0ADC] - [01/09/2022 11:37:08] - |A| - [118088] - C:\Windows\system32\Drivers\sbp2port.sys
[MD5.7CA616D43C32CA2608D826EB8AB0D5C5] - [01/09/2022 11:37:10] - |A| - [158520] - C:\Windows\system32\Drivers\scmbus.sys
[MD5.766DC6855F4E28F455964D13F83DFF4B] - [01/09/2022 11:40:53] - |A| - [188232] - C:\Windows\system32\Drivers\scsiport.sys
[MD5.82024166E5E10E806A3E972192F141B5] - [01/09/2022 11:37:15] - |A| - [306512] - C:\Windows\system32\Drivers\sdbus.sys
[MD5.F4D4A58BED60E5FFDBDD0ECE14F9F026] - [01/09/2022 11:37:35] - |A| - [106344] - C:\Windows\system32\Drivers\sdport.sys
[MD5.7688976856AB4B99BAA49C6D9FD54CFF] - [01/09/2022 11:37:15] - |A| - [104264] - C:\Windows\system32\Drivers\sdstor.sys
[MD5.9D62792D153C4DAE9B4EAF403025CA63] - [01/09/2022 11:37:09] - |A| - [220008] - C:\Windows\system32\Drivers\spacedump.sys
[MD5.E5B63348EDBBC1082B3C84EA1C23C5BB] - [01/09/2022 11:37:09] - |A| - [680784] - C:\Windows\system32\Drivers\spaceport.sys
[MD5.92667811F485105A92FF642E9EFF376A] - [01/09/2022 11:40:45] - |A| - [787968] - C:\Windows\system32\Drivers\srv2.sys
[MD5.EDC2883E3E07A4974A08F85A8994CB03] - [01/09/2022 11:40:45] - |A| - [318976] - C:\Windows\system32\Drivers\srvnet.sys
[MD5.25BB6274EC9795A04AC3C08C8156D084] - [01/09/2022 11:37:10] - |A| - [187240] - C:\Windows\system32\Drivers\storahci.sys
[MD5.1FC81435649AE146D10A14ECE4BACF65] - [01/09/2022 11:37:10] - |A| - [162128] - C:\Windows\system32\Drivers\stornvme.sys
[MD5.536861016D15CE4C41F22C2A021027DF] - [01/09/2022 11:37:35] - |A| - [725344] - C:\Windows\system32\Drivers\storport.sys
[MD5.58B787208AE774AE53F367CAFD653155] - [01/09/2022 11:37:10] - |A| - [64848] - C:\Windows\system32\Drivers\storufs.sys
[MD5.A6F837207A6FC8574D5DF55BD6514982] - [01/09/2022 11:40:41] - |A| - [2991456] - C:\Windows\system32\Drivers\tcpip.sys
[MD5.2A8B28579A4964AA7EA8CEB1AC121243] - [01/09/2022 11:43:53] - |A| - [117584] - C:\Windows\system32\Drivers\tdx.sys
[MD5.D69ACB8D64F8AF665A623D91342FFC16] - [01/09/2022 11:40:44] - |A| - [142136] - C:\Windows\system32\Drivers\tm.sys
[MD5.7845DD22FA7B91FDF0522344B1BDA012] - [01/09/2022 11:37:08] - |A| - [37888] - C:\Windows\system32\Drivers\TsUsbGD.sys
[MD5.E51FEC42B4820C74BB75DAAE3A49C3F2] - [01/09/2022 11:37:10] - |A| - [83792] - C:\Windows\system32\Drivers\uaspstor.sys
[MD5.1020E0CEB0EC9FB54F0A2C8E8D4CDA62] - [01/09/2022 11:39:33] - |A| - [160256] - C:\Windows\system32\Drivers\UcmCx.sys
[MD5.01951AA29AC2A4E4EB957BA167044C27] - [01/09/2022 11:39:33] - |A| - [324432] - C:\Windows\system32\Drivers\ufx01000.sys
[MD5.D515F6E614AE8672243EE8CA9DCED1DF] - [01/09/2022 11:37:03] - |A| - [205312] - C:\Windows\system32\Drivers\USBAUDIO.sys
[MD5.FA7720E0E1249DB96904AA00F6FF512B] - [01/09/2022 11:37:11] - |A| - [190288] - C:\Windows\system32\Drivers\usbccgp.sys
[MD5.2FCA9E51CFD11C0734D76013B6493C22] - [01/09/2022 11:37:11] - |A| - [648016] - C:\Windows\system32\Drivers\USBHUB3.SYS
[MD5.7DA3D3715DFB90A171651FDBDED4E787] - [01/09/2022 11:37:07] - |A| - [43008] - C:\Windows\system32\Drivers\usbprint.sys
[MD5.4AB215BA4A9E258CDC06407940B72F95] - [01/09/2022 11:37:07] - |A| - [49664] - C:\Windows\system32\Drivers\usbscan.sys
[MD5.C21F9951C7B603A27FB2C76917024337] - [01/09/2022 11:37:10] - |A| - [81408] - C:\Windows\system32\Drivers\usbser.sys
[MD5.FE9BA629CA927C9A4DE2DA8D6BC11B3E] - [01/09/2022 11:37:11] - |A| - [139600] - C:\Windows\system32\Drivers\USBSTOR.SYS
[MD5.7C9187D075A31CB888C421B6B54C79F5] - [01/09/2022 11:37:11] - |A| - [624984] - C:\Windows\system32\Drivers\USBXHCI.SYS
[MD5.0761865C44CB46E538D09FACF7C91C35] - [01/09/2022 11:37:10] - |A| - [822096] - C:\Windows\system32\Drivers\vhdmp.sys
[MD5.B061B0986AE9946E4E19D9200F446C66] - [01/09/2022 11:37:17] - |A| - [641352] - C:\Windows\system32\Drivers\Vid.sys
[MD5.6C6D746376A0660C0AD36B3AC0B2DBCA] - [01/09/2022 11:44:54] - |A| - [120168] - C:\Windows\system32\Drivers\vmbkmcl.sys
[MD5.8E58CC58C95EF60E07BB6CB64F5C0D26] - [01/09/2022 11:37:18] - |A| - [160072] - C:\Windows\system32\Drivers\vmbus.sys
[MD5.E152E9D68BC2EFB5C15107DE96EEDEE6] - [01/09/2022 11:37:09] - |A| - [92000] - C:\Windows\system32\Drivers\volmgr.sys
[MD5.C111EE25F5130811A398B1F1496AD1C1] - [01/09/2022 11:37:56] - |A| - [77824] - C:\Windows\system32\Drivers\vwififlt.sys
[MD5.418302F3916FEB31C6F9312D91DDE11C] - [01/09/2022 11:39:30] - |A| - [202568] - C:\Windows\system32\Drivers\wcifs.sys
[MD5.33436DD2AA122E09A06FCD2A73B4E719] - [01/09/2022 11:39:30] - |A| - [93184] - C:\Windows\system32\Drivers\wcnfs.sys
[MD5.256DEFB7A885F44D076D7E0984BA0EF3] - [01/09/2022 11:40:39] - |A| - [828240] - C:\Windows\system32\Drivers\Wdf01000.sys
[MD5.2CD9A4C3833DB93370C2020123F344EB] - [01/09/2022 11:40:39] - |A| - [59192] - C:\Windows\system32\Drivers\WdfLdr.sys
[MD5.B3B359E1793F3B8F8421382011B3D9AD] - [01/09/2022 11:37:55] - |A| - [967168] - C:\Windows\system32\Drivers\WdiWiFi.sys
[MD5.58371B85ACCFC1C407E9EF9C0176D64D] - [01/09/2022 11:39:26] - |A| - [181592] - C:\Windows\system32\Drivers\wfplwfs.sys
[MD5.416B0938189ED0D4A8B5BBBE3F045269] - [01/09/2022 11:40:17] - |A| - [39760] - C:\Windows\system32\Drivers\wimmount.sys
[MD5.E959DDD0BD1DE2D67591DA89B4D5C65F] - [01/09/2022 11:37:29] - |A| - [261120] - C:\Windows\system32\Drivers\winnat.sys
[MD5.CF3D269E543296FC0E3EB09FA3F535F5] - [01/09/2022 11:41:14] - |A| - [136192] - C:\Windows\system32\Drivers\WUDFPf.sys
[MD5.0B7A5464602DA68DA6BEFC2A1B5BE4C5] - [01/09/2022 11:41:14] - |A| - [315392] - C:\Windows\system32\Drivers\WUDFRd.sys
[MD5.6E6E28D046627693CF1D2E905DC69BD1] - [01/09/2022 11:37:03] - |A| - [332288] - C:\Windows\system32\Drivers\xboxgip.sys
[MD5.C73809EA08CF05A9A78E7F65F63D3294] - [01/09/2022 11:37:03] - |A| - [51712] - C:\Windows\system32\Drivers\xinputhid.sys
[MD5.003861D0AB784474769CFE0E94E31339] - [01/09/2022 11:42:31] - |A| - [334336] - C:\Windows\syswow64\aadauthhelper.dll
[MD5.597A49DAD21C9502ED662FFF2878D59A] - [01/09/2022 11:42:32] - |A| - [1116672] - C:\Windows\syswow64\aadtb.dll
[MD5.DF59FDFECBD7608691FB3453DF509999] - [01/09/2022 11:42:30] - |A| - [132968] - C:\Windows\syswow64\aadWamExtension.dll
[MD5.C77C6EEE380A4BE4C2F7B1D2DEE2023F] - [01/09/2022 11:42:07] - |A| - [352256] - C:\Windows\syswow64\AarSvc.dll
[MD5.CE23D35A79294BAA6F3AD6F923FD4367] - [01/09/2022 11:43:34] - |A| - [331264] - C:\Windows\syswow64\AboveLockAppHost.dll
[MD5.6AC0E96D729B50AA7605134C85CD35F6] - [01/09/2022 11:45:39] - |A| - [2432000] - C:\Windows\syswow64\AcGenral.dll
[MD5.538557FDED5D12D2C2BDD2C385784291] - [01/09/2022 11:45:39] - |A| - [381440] - C:\Windows\syswow64\AcLayers.dll
[MD5.A5601F861A0DD0A0D18B224286E89EB7] - [01/09/2022 11:42:41] - |A| - [653824] - C:\Windows\syswow64\ActivationManager.dll
[MD5.EB845D9853D097A5713393490AA79D60] - [01/09/2022 11:45:40] - |A| - [68608] - C:\Windows\syswow64\AcWinRT.dll
[MD5.DAC3C009E6E84BFA745C048BBEE4F03D] - [01/09/2022 11:45:39] - |A| - [86528] - C:\Windows\syswow64\AcXtrnal.dll
[MD5.969F22FB7BBC76DE3014FD818359FAF9] - [01/09/2022 11:45:12] - |A| - [198656] - C:\Windows\syswow64\adsldp.dll
[MD5.2C89D189AA23A8CC41448A6A33C4934A] - [01/09/2022 11:42:10] - |A| - [865280] - C:\Windows\syswow64\adtschema.dll
[MD5.DDE0A7C9AC38A37EB4E50E0EE631007B] - [01/09/2022 11:42:12] - |A| - [496360] - C:\Windows\syswow64\advapi32.dll
[MD5.BE986DA67AC6EFD520FBE10F18663840] - [01/09/2022 11:43:17] - |A| - [475448] - C:\Windows\syswow64\aepic.dll
[MD5.616A5279536851ECF9EB6CC788A55910] - [01/09/2022 11:42:07] - |A| - [671744] - C:\Windows\syswow64\agentactivationruntime.dll
[MD5.697CB709DBD17E9C3491FF046C15BD75] - [01/09/2022 11:42:07] - |A| - [646144] - C:\Windows\syswow64\agentactivationruntimewindows.dll
[MD5.3F5A9AB40BCB48FE75AD52BDF8D4A49F] - [01/09/2022 11:42:20] - |A| - [82944] - C:\Windows\syswow64\amsi.dll
[MD5.4341AE6E9FC41C68483330F39D8DFF49] - [01/09/2022 11:42:33] - |A| - [83456] - C:\Windows\syswow64\ApiSetHost.AppExecutionAlias.dll
[MD5.CD0200DB53BC5380B35749B108292B95] - [01/09/2022 11:42:32] - |A| - [769600] - C:\Windows\syswow64\AppContracts.dll
[MD5.0A044F3B2538E48E4CCCA93F175A8BB2] - [01/09/2022 11:43:14] - |A| - [639488] - C:\Windows\syswow64\apphelp.dll
[MD5.2C04FB942B2735073D75063E9FFBF50C] - [01/09/2022 11:43:14] - |A| - [20992] - C:\Windows\syswow64\appidtel.exe
[MD5.57017E7E40B78AE0CDA2A52176BF83BD] - [01/09/2022 11:43:14] - |A| - [272896] - C:\Windows\syswow64\AppLockerCSP.dll
[MD5.5D1C52E37B45A0672E5F453FDFBB7308] - [01/09/2022 11:42:50] - |A| - [114688] - C:\Windows\syswow64\AppointmentActivation.dll
[MD5.BEBEF744AF5499A547809E072CC544BF] - [01/09/2022 11:43:13] - |A| - [453528] - C:\Windows\syswow64\AppResolver.dll
[MD5.2E710DE285A65D3BDB1D62E7B43DE468] - [01/09/2022 11:42:29] - |A| - [295280] - C:\Windows\syswow64\AppxAllUserStore.dll
[MD5.4C44201E3DA020E30C78AA0E6A231C70] - [01/09/2022 11:42:53] - |A| - [752520] - C:\Windows\syswow64\AppXDeploymentClient.dll
[MD5.D91355DC8DB1D540125729051CEBD88D] - [01/09/2022 11:42:53] - |A| - [1634672] - C:\Windows\syswow64\AppxPackaging.dll
[MD5.DD0F04B43362A7C7660C1DF405D416F0] - [01/09/2022 11:45:12] - |A| - [576512] - C:\Windows\syswow64\archiveint.dll
[MD5.0F76AD6838CAF809205E8BC74825F7BF] - [01/09/2022 11:42:30] - |A| - [47104] - C:\Windows\syswow64\AssignedAccessRuntime.dll
[MD5.C5CC6BA0D413BF346689307C2C118302] - [01/09/2022 11:43:21] - |A| - [39936] - C:\Windows\syswow64\atmlib.dll
[MD5.9039978242EB6E05607D6B256D6ACE8E] - [01/09/2022 11:42:09] - |A| - [1883704] - C:\Windows\syswow64\AudioEng.dll
[MD5.8EDE5F75F1F8F840E3A44BFA003D2204] - [01/09/2022 11:42:09] - |A| - [374480] - C:\Windows\syswow64\AUDIOKSE.dll
[MD5.8353344042A351B6DCDCDE46EF6D94C2] - [01/09/2022 11:42:09] - |A| - [1259320] - C:\Windows\syswow64\AudioSes.dll
[MD5.C4AAB8FD782896E0C2422333EC164FEB] - [01/09/2022 11:45:34] - |A| - [373248] - C:\Windows\syswow64\authfwcfg.dll
[MD5.0FF9FEBCA789BD2C7BC74296C184C213] - [01/09/2022 11:43:29] - |A| - [5107712] - C:\Windows\syswow64\AuthFWSnapin.dll
[MD5.7BB46997610A935067A3F9F25C2FC154] - [01/09/2022 11:42:25] - |A| - [185856] - C:\Windows\syswow64\authui.dll
[MD5.E0BADC82C7CE14887F13E726DF429771] - [01/09/2022 11:43:18] - |A| - [186880] - C:\Windows\syswow64\authz.dll
[MD5.FC398299F54290D5F35C69E865FD7CC2] - [01/09/2022 11:43:15] - |A| - [863232] - C:\Windows\syswow64\autochk.exe
[MD5.A705C2ACED7DDB71AFB87C4ED384BED6] - [01/09/2022 11:45:13] - |A| - [842752] - C:\Windows\syswow64\autoconv.exe
[MD5.C72D80A976B7EB40534E8464957A979F] - [01/09/2022 11:45:13] - |A| - [822272] - C:\Windows\syswow64\autofmt.exe
[MD5.91A9DFE5F5235787101B8F437AC3A33B] - [01/09/2022 11:43:50] - |A| - [1297920] - C:\Windows\syswow64\AzureSettingSyncProvider.dll
[MD5.CDFD85CB84AA750708A52C1CE47C4D82] - [01/09/2022 11:42:53] - |A| - [287176] - C:\Windows\syswow64\BCP47Langs.dll
[MD5.0D522E21A32F63E392BC2C81817B7C95] - [01/09/2022 11:42:53] - |A| - [128624] - C:\Windows\syswow64\BCP47mrm.dll
[MD5.D3836E31C326513F7C034987A5F3854E] - [01/09/2022 11:40:43] - |A| - [383264] - C:\Windows\syswow64\bcryptprimitives.dll
[MD5.CB19BDA5749D48FFBE425F5E3DFE36D3] - [01/09/2022 11:42:11] - |A| - [53248] - C:\Windows\syswow64\bidispl.dll
[MD5.68CC661FAA0D8905E24D830DCDC4F4C8] - [01/09/2022 11:42:46] - |A| - [6920704] - C:\Windows\syswow64\BingMaps.dll
[MD5.59756A45605EED6CC6DED611CFD1D941] - [01/09/2022 11:45:12] - |A| - [300544] - C:\Windows\syswow64\BioCredProv.dll
[MD5.82F2C2101D6F46D45C584D3D6825DD5D] - [01/09/2022 11:43:23] - |A| - [171008] - C:\Windows\syswow64\BitLockerCsp.dll
[MD5.C619A5EB1B57D96B5396DEE9D7565B9E] - [01/09/2022 11:43:00] - |A| - [261368] - C:\Windows\syswow64\biwinrt.dll
[MD5.25FBC519206717BF805E4FBCEEDD0B0A] - [01/09/2022 11:42:11] - |A| - [43520] - C:\Windows\syswow64\browcli.dll
[MD5.49D810BEB22592C4A703AD47AED806F3] - [01/09/2022 11:42:29] - |A| - [62976] - C:\Windows\syswow64\ByteCodeGenerator.exe
[MD5.11D2616C6A773415B39B6AC4AEB71C7A] - [01/09/2022 11:48:27] - |A| - [4408832] - C:\Windows\syswow64\cdp.dll
[MD5.302AAB4931FC80764DEC390EC515ACCA] - [01/09/2022 11:42:29] - |A| - [1375232] - C:\Windows\syswow64\cdprt.dll
[MD5.8426BABD867F0D6F2D28B85A57E440B7] - [01/09/2022 11:42:58] - |A| - [654336] - C:\Windows\syswow64\certca.dll
[MD5.78C6905EA558B77BF6039A61C10A0461] - [01/09/2022 11:42:58] - |A| - [355328] - C:\Windows\syswow64\certcli.dll
[MD5.332E66810CF3FCA23D11C4BE5E5DA1D3] - [01/09/2022 11:42:58] - |A| - [2863616] - C:\Windows\syswow64\CertEnroll.dll
[MD5.697EE257E705276754C7259CF982A5AC] - [01/09/2022 11:42:59] - |A| - [51200] - C:\Windows\syswow64\CertEnrollCtrl.exe
[MD5.0D9183791FECF21D3536D419DB958A95] - [01/09/2022 11:43:15] - |A| - [137216] - C:\Windows\syswow64\CertPolEng.dll
[MD5.A18A70A77AAC4E9D59CFD65C969AF959] - [01/09/2022 11:45:35] - |A| - [439296] - C:\Windows\syswow64\certreq.exe
[MD5.0DDA4F16AE041578B4E250AE12E06EB1] - [01/09/2022 11:45:35] - |A| - [1277440] - C:\Windows\syswow64\certutil.exe
[MD5.497688495651F10C18B9E144BF77F263] - [01/09/2022 11:43:19] - |A| - [237568] - C:\Windows\syswow64\cfgmgr32.dll
[MD5.7F1A77EF0876EBAD01B54FEADBAE879B] - [01/09/2022 11:45:29] - |A| - [5820928] - C:\Windows\syswow64\Chakra.dll
[MD5.94BD95148914D47C9B04454246C46684] - [01/09/2022 11:45:30] - |A| - [114688] - C:\Windows\syswow64\Chakradiag.dll
[MD5.FD2D4BFA7B8500FA283B004D7172621E] - [01/09/2022 11:45:30] - |A| - [105472] - C:\Windows\syswow64\Chakrathunk.dll
[MD5.20A59FB950D8A191F7D35C4CA7DA9CAF] - [01/09/2022 11:45:13] - |A| - [12800] - C:\Windows\syswow64\chcp.com
[MD5.712F673ACF999A475D49976CC0ADE71E] - [01/09/2022 11:45:34] - |A| - [26112] - C:\Windows\syswow64\CheckNetIsolation.exe
[MD5.82EEDE5E717D16A174D34865272F9141] - [01/09/2022 11:45:33] - |A| - [162304] - C:\Windows\syswow64\cic.dll
[MD5.CAD235E1A5F0BDFE627B1FB61EEFD781] - [01/09/2022 11:43:14] - |A| - [99328] - C:\Windows\syswow64\cldapi.dll
[MD5.527CCDB339E5A54F4B37B6FAD08A44B5] - [01/09/2022 11:45:12] - |A| - [273920] - C:\Windows\syswow64\cleanmgr.exe
[MD5.E93BFFAE23EAF288044F35D911DDAE33] - [01/09/2022 11:42:41] - |A| - [1011040] - C:\Windows\syswow64\CloudExperienceHostCommon.dll
[MD5.C53884F8B98619F65B7B79B0AB196D41] - [01/09/2022 11:45:11] - |A| - [826368] - C:\Windows\syswow64\clusapi.dll
[MD5.9E1D26DC740640257BCACECE1E4EC04C] - [01/09/2022 11:43:40] - |A| - [491008] - C:\Windows\syswow64\cmdial32.dll
[MD5.9A8977D055802F1382D4E823C04FDF4B] - [01/09/2022 11:42:56] - |A| - [30208] - C:\Windows\syswow64\cmintegrator.dll
[MD5.A6D60C9E3B29F9C3EA618A53C28EA20B] - [01/09/2022 11:46:19] - |A| - [176632] - C:\Windows\syswow64\COLORCNV.DLL
[MD5.C7C79E0C7D5BE85D8839A9089E951CC0] - [01/09/2022 11:43:17] - |A| - [2630472] - C:\Windows\syswow64\combase.dll
[MD5.0B594D32C2425A1E8DA1AB8323888DF0] - [01/09/2022 11:43:50] - |A| - [568144] - C:\Windows\syswow64\comctl32.dll
[MD5.3BF2F5AA908CAD7A3062CEF7D9DE33E3] - [01/09/2022 11:43:50] - |A| - [688128] - C:\Windows\syswow64\comdlg32.dll
[MD5.BA62403B8836268520B2A66148E07297] - [01/09/2022 11:43:39] - |A| - [97280] - C:\Windows\syswow64\compstui.dll
[MD5.ED863840169E66F975FCA668DFFF0F9A] - [01/09/2022 11:43:16] - |A| - [1352192] - C:\Windows\syswow64\comsvcs.dll
[MD5.579CC3898EC84DA17C27BF5CDA71F8B5] - [01/09/2022 11:48:28] - |A| - [289280] - C:\Windows\syswow64\ConsoleLogon.dll
[MD5.A71207A742DD8EE75E5CCD5154AD2F3C] - [01/09/2022 11:42:09] - |A| - [1331544] - C:\Windows\syswow64\ContentDeliveryManager.Utilities.dll
[MD5.EBC29AA32C57A54018089CFC9CACAFE8] - [01/09/2022 11:42:19] - |A| - [149504] - C:\Windows\syswow64\control.exe
[MD5.6FE3ED2A224E5C055951082AC635B972] - [01/09/2022 11:42:50] - |A| - [164792] - C:\Windows\syswow64\coreglobconfig.dll
[MD5.AE27C6933748B23E8E215C55E2DA4658] - [01/09/2022 11:45:39] - |A| - [408576] - C:\Windows\syswow64\CPFilters.dll
[MD5.22ED4485934E03AADF2428E70B370BB2] - [01/09/2022 11:43:22] - |A| - [114152] - C:\Windows\syswow64\CredentialUIBroker.exe
[MD5.87853F652385FD17580437291E63AC08] - [01/09/2022 11:43:22] - |A| - [272384] - C:\Windows\syswow64\credprovs.dll
[MD5.581C134A303983E42D518027D535E549] - [01/09/2022 11:43:49] - |A| - [19456] - C:\Windows\syswow64\credssp.dll
[MD5.37ED2FC92571C5DBE71FEAD952B45DF6] - [01/09/2022 11:43:22] - |A| - [63488] - C:\Windows\syswow64\credui.dll
[MD5.04FB2778AF4AEE7C07B22996C6BE650C] - [01/09/2022 11:43:18] - |A| - [1014368] - C:\Windows\syswow64\crypt32.dll
[MD5.65CC5760095AB5160F6013EB3D3769C9] - [01/09/2022 11:42:59] - |A| - [337920] - C:\Windows\syswow64\cryptngc.dll
[MD5.13B427F23D4D432BB0FB75BEA45E09F9] - [01/09/2022 11:42:33] - |A| - [72704] - C:\Windows\syswow64\crypttpmeksvc.dll
[MD5.29CD9243304BE61F802E692A12C4846E] - [01/09/2022 11:43:22] - |A| - [274944] - C:\Windows\syswow64\cryptui.dll
[MD5.CB601B41D4C8074BE8A84AED564A94DC] - [01/09/2022 11:43:48] - |A| - [144896] - C:\Windows\syswow64\cscript.exe
[MD5.44E5BAEEE864F1E9EDBE3986246AB37A] - [01/09/2022 11:45:12] - |A| - [470528] - C:\Windows\syswow64\curl.exe
[MD5.3D0F2F21B94083239A38AA6078DA7D38] - [01/09/2022 11:42:41] - |A| - [1965288] - C:\Windows\syswow64\d3d11.dll
[MD5.0DA1CAD59563D63A525655D414603E98] - [01/09/2022 11:42:42] - |A| - [462784] - C:\Windows\syswow64\d3d11on12.dll
[MD5.125B0F6BF378358E4F9C837FF6682D94] - [01/09/2022 11:42:59] - |A| - [83128] - C:\Windows\syswow64\D3D12.dll
[MD5.8D86608781D5D8D8C406925A7080940A] - [01/09/2022 11:42:59] - |A| - [1463272] - C:\Windows\syswow64\D3D12Core.dll
[MD5.37745BBBBAAA6B31A0CB88752ECC58CB] - [01/09/2022 11:43:23] - |A| - [12800] - C:\Windows\syswow64\d3d8thk.dll
[MD5.9463EF481F05B2CCC001A0C178ED09B5] - [01/09/2022 11:43:23] - |A| - [1623304] - C:\Windows\syswow64\d3d9.dll
[MD5.16519B50C6E8CD1BE194164094079326] - [01/09/2022 11:42:42] - |A| - [554496] - C:\Windows\syswow64\d3d9on12.dll
[MD5.F706621ED5222D6F2B8CA4F3D3231609] - [01/09/2022 11:43:21] - |A| - [11264] - C:\Windows\syswow64\dabapi.dll
[MD5.4A6A62404B14D2CDA1861549BDB830E7] - [01/09/2022 11:45:12] - |A| - [48128] - C:\Windows\syswow64\dataclen.dll
[MD5.3AAC2703924BFEA0823A061E579BF797] - [01/09/2022 11:42:30] - |A| - [183808] - C:\Windows\syswow64\DataExchange.dll
[MD5.54AA8643086206D4AC28A417FA54380F] - [01/09/2022 11:43:02] - |A| - [508928] - C:\Windows\syswow64\daxexec.dll
[MD5.298EEF543CD9B67BDCC2203A513DDC79] - [01/09/2022 11:43:20] - |A| - [5299712] - C:\Windows\syswow64\dbgeng.dll
[MD5.2F195DDAA4D4BF87ED872D67F2E8EE3C] - [01/09/2022 11:43:21] - |A| - [519680] - C:\Windows\syswow64\DbgModel.dll
[MD5.70C038BB7A83577685F82A561EF609E3] - [01/09/2022 11:43:21] - |A| - [11776] - C:\Windows\syswow64\dciman32.dll
[MD5.BF4777C52B018976E65AEA002ACBB558] - [01/09/2022 11:43:16] - |A| - [1450328] - C:\Windows\syswow64\dcomp.dll
[MD5.0266B624FA3DEE4A74251A1C8291CD32] - [01/09/2022 11:43:23] - |A| - [21504] - C:\Windows\syswow64\DefaultPrinterProvider.dll
[MD5.6A14E231247EF06AF2BDD01FA23A2771] - [01/09/2022 11:42:59] - |A| - [195240] - C:\Windows\syswow64\deviceaccess.dll
[MD5.A796D89FDF1F48E5852F825D1D1D3978] - [01/09/2022 11:43:22] - |A| - [177152] - C:\Windows\syswow64\devicengccredprov.dll
[MD5.D0A33D1484D167ACF416E3C6A423794C] - [01/09/2022 11:42:21] - |A| - [70496] - C:\Windows\syswow64\DeviceReactivation.dll
[MD5.264D35E7BEF134C30D0DCCC2B3887F44] - [01/09/2022 11:43:37] - |A| - [792064] - C:\Windows\syswow64\devmgr.dll
[MD5.9654619A3B0EA8AD1E59D5337BA2C395] - [01/09/2022 11:43:19] - |A| - [139976] - C:\Windows\syswow64\devobj.dll
[MD5.BDF58045E9A843F82F91A4DF0DFBE7BA] - [01/09/2022 11:43:19] - |A| - [56832] - C:\Windows\syswow64\devrtl.dll
[MD5.D3400BB02A12DCD679D59E055282CDB9] - [01/09/2022 11:45:13] - |A| - [141824] - C:\Windows\syswow64\dhcpsapi.dll
[MD5.82F0D52909C1A128517BB2D7B773A0C3] - [01/09/2022 11:42:56] - |A| - [78848] - C:\Windows\syswow64\DiagnosticInvoker.dll
[MD5.5CE86A3D71CB8746E4E4EB7DFC397A64] - [01/09/2022 11:42:30] - |A| - [537184] - C:\Windows\syswow64\directmanipulation.dll
[MD5.D0AA6FDA67FA6017FBB59E601BD942D1] - [01/09/2022 11:45:35] - |A| - [21504] - C:\Windows\syswow64\diskperf.exe
[MD5.A1ECA82E1C71A11F00CADA2CEC845FB2] - [01/09/2022 11:42:42] - |A| - [275456] - C:\Windows\syswow64\DispBroker.dll
[MD5.4CECD3A5E56FB68DE94353640E7153F7] - [01/09/2022 11:43:48] - |A| - [16896] - C:\Windows\syswow64\dispex.dll
[MD5.111142289DB49E76D8F621B9C034BF3A] - [01/09/2022 11:46:21] - |A| - [257536] - C:\Windows\syswow64\dlnashext.dll
[MD5.C13DB7B79FCF9D9F9A35476A3BFEDB12] - [01/09/2022 11:43:23] - |A| - [7680] - C:\Windows\syswow64\DMAlertListener.ProxyStub.dll
[MD5.7442E498801D30406214434CEF8FA58F] - [01/09/2022 11:42:10] - |A| - [60928] - C:\Windows\syswow64\DmApiSetExtImplDesktop.dll
[MD5.C544D77EF857250F75A9D1448C7702CE] - [01/09/2022 11:43:22] - |A| - [164232] - C:\Windows\syswow64\dmcmnutils.dll
[MD5.E7A1316099EFE2A49F60722AF2ED1CFD] - [01/09/2022 11:43:23] - |A| - [556544] - C:\Windows\syswow64\dmenrollengine.dll
[MD5.EA043854DD939F751A9AA9F382799EBC] - [01/09/2022 11:43:37] - |A| - [44544] - C:\Windows\syswow64\dmocx.dll
[MD5.32357EA18AF0EEF85FAF2EDD17E1BFC8] - [01/09/2022 11:42:48] - |A| - [2111488] - C:\Windows\syswow64\DMRCDecoder.dll
[MD5.1849E5C84B6EB6EB56EEB842D8CD467E] - [01/09/2022 11:43:16] - |A| - [583144] - C:\Windows\syswow64\dnsapi.dll
[MD5.06470CAA463E3B083ECAB64C3ECBB27F] - [01/09/2022 11:46:21] - |A| - [961704] - C:\Windows\syswow64\DolbyDecMFT.dll
[MD5.7CCE8117AC4D452677222A4C1C7EFB6E] - [01/09/2022 11:45:13] - |A| - [16896] - C:\Windows\syswow64\doskey.exe
[MD5.8CB0AEC3313CA0F67D42F2362AD021F0] - [01/09/2022 11:42:20] - |A| - [60928] - C:\Windows\syswow64\dot3cfg.dll
[MD5.DEADC5FF6EDAD17E409EDD51C03F1452] - [01/09/2022 11:43:37] - |A| - [134144] - C:\Windows\syswow64\drvsetup.dll
[MD5.AC57A851A1A5B6B1A8528521FB072CA5] - [01/09/2022 11:43:37] - |A| - [1038680] - C:\Windows\syswow64\drvstore.dll
[MD5.83CCEEB07C033F965BE5E9822E233E33] - [01/09/2022 11:42:33] - |A| - [1061400] - C:\Windows\syswow64\dsreg.dll
[MD5.54A63A65A6F3033890C83ABFC278D7FC] - [01/09/2022 11:42:34] - |A| - [18944] - C:\Windows\syswow64\dsregtask.dll
[MD5.90DF44C2894F38D81CDDCE83095E452E] - [01/09/2022 11:43:19] - |A| - [91648] - C:\Windows\syswow64\dtdump.exe
[MD5.44B76E057AD71E56071CADDB95FE2DA4] - [01/09/2022 11:42:41] - |A| - [2104320] - C:\Windows\syswow64\DWrite.dll
[MD5.57A4F3E9F6F5AA7AFA57FAACBF578453] - [01/09/2022 11:45:14] - |A| - [189440] - C:\Windows\syswow64\DWWIN.EXE
[MD5.70E1C21E84FD71AAF1F943E0216FBFAD] - [01/09/2022 11:45:13] - |A| - [464896] - C:\Windows\syswow64\dxdiagn.dll
[MD5.4C6412495367E3868FCA8A521D684E42] - [01/09/2022 11:42:42] - |A| - [786624] - C:\Windows\syswow64\dxgi.dll
[MD5.C466E2DA32A2D9748D19651F7A7BABE8] - [01/09/2022 11:48:51] - |A| - [5632] - C:\Windows\syswow64\dxmasf.dll
[MD5.D845A7E1FBF8DD00F1045847292F1E35] - [01/09/2022 11:42:09] - |A| - [265216] - C:\Windows\syswow64\eapp3hst.dll
[MD5.74D9EB4FE895F4F0AC80DAE96E7A6F7A] - [01/09/2022 11:42:09] - |A| - [224256] - C:\Windows\syswow64\eappcfg.dll
[MD5.4A084D26B564634B9016072E3E779831] - [01/09/2022 11:42:10] - |A| - [89600] - C:\Windows\syswow64\eappgnui.dll
[MD5.26C537A2C8151E9A82E70E6D4123994D] - [01/09/2022 11:42:10] - |A| - [258560] - C:\Windows\syswow64\eapphost.dll
[MD5.4EECF69819974F70D2CF7207F8FE0F9B] - [01/09/2022 11:42:09] - |A| - [133120] - C:\Windows\syswow64\EapTeapConfig.dll
[MD5.76DF7B55BEA0858F2396BBE4A66FFEDF] - [01/09/2022 11:45:24] - |A| - [19865600] - C:\Windows\syswow64\edgehtml.dll
[MD5.5F5645EC790D7DD0D695ED94F61D2F2D] - [01/09/2022 11:43:32] - |A| - [402944] - C:\Windows\syswow64\edgeIso.dll
[MD5.6162379773BF1E4B7290575DAC53371D] - [01/09/2022 11:45:26] - |A| - [805888] - C:\Windows\syswow64\EdgeManager.dll
[MD5.C53B6A00BBBAA42C6371B5CD7C3B6830] - [01/09/2022 11:42:45] - |A| - [67072] - C:\Windows\syswow64\EditBufferTestHook.dll
[MD5.30A45E43D23595634DE1394FA94EB473] - [01/09/2022 11:42:20] - |A| - [176608] - C:\Windows\syswow64\EditionUpgradeHelper.dll
[MD5.205D5754A3AB131600F8D1792324D95B] - [01/09/2022 11:42:20] - |A| - [214344] - C:\Windows\syswow64\EditionUpgradeManagerObj.dll
[MD5.BB9B06D34E5656FFB171482B87A0FFE2] - [01/09/2022 11:43:23] - |A| - [49152] - C:\Windows\syswow64\edpnotify.exe
[MD5.B72E3D9E87BD0AAF21D157A2BB28F007] - [01/09/2022 11:43:49] - |A| - [617984] - C:\Windows\syswow64\efswrt.dll
[MD5.FD7A9C8E752329AFE11D980599AA142D] - [01/09/2022 11:43:23] - |A| - [40960] - C:\Windows\syswow64\enrollmentapi.dll
[MD5.C8747FDB530CF264227A1A8B2A7FFFC2] - [01/09/2022 11:42:56] - |A| - [155648] - C:\Windows\syswow64\ErrorDetails.dll
[MD5.5E16EC414402E68B01F9CE8C3B63CD96] - [01/09/2022 11:43:16] - |A| - [335360] - C:\Windows\syswow64\es.dll
[MD5.ADBBBC2334ECCFD37FBB8004D9A0C628] - [01/09/2022 11:42:51] - |A| - [2872832] - C:\Windows\syswow64\esent.dll
[MD5.E4845AA27485797C99C8C69A48A4B319] - [01/09/2022 11:42:30] - |A| - [288200] - C:\Windows\syswow64\ExecModelClient.dll
[MD5.0941E61FF4B1C20B183843C66A939B3F] - [01/09/2022 11:42:18] - |A| - [4500768] - C:\Windows\syswow64\explorer.exe
[MD5.D31BFD41A902721B3BBAB1D8EC8B1191] - [01/09/2022 11:43:20] - |A| - [416840] - C:\Windows\syswow64\Faultrep.dll
[MD5.213802BC4512ABE106389F59E53BFDA9] - [01/09/2022 11:43:38] - |A| - [171008] - C:\Windows\syswow64\fdprint.dll
[MD5.42A2D36182A52A42188B82C64FBA9CC1] - [01/09/2022 11:45:11] - |A| - [83456] - C:\Windows\syswow64\fdSSDP.dll
[MD5.32BF4D6C11F48105B20AC72F07299C0C] - [01/09/2022 11:45:12] - |A| - [107520] - C:\Windows\syswow64\fdWSD.dll
[MD5.02627FAA9EF51ED138431A2DBCA53DE6] - [01/09/2022 11:43:24] - |A| - [195584] - C:\Windows\syswow64\feclient.dll
[MD5.FCDF204AA16B46F880A7343B9E55D996] - [01/09/2022 11:42:49] - |A| - [183808] - C:\Windows\syswow64\fidocredprov.dll
[MD5.15B158BC998EEF74CFDD27C44978AEA0] - [01/09/2022 11:45:13] - |A| - [14848] - C:\Windows\syswow64\find.exe
[MD5.702D1CEF3E3D34ED3105B7A8C7EF1311] - [01/09/2022 11:43:39] - |A| - [53760] - C:\Windows\syswow64\findnetprinters.dll
[MD5.BCC6DA70A38F174E2C6DEC02C04A5E16] - [01/09/2022 11:45:12] - |A| - [86528] - C:\Windows\syswow64\fingerprintcredential.dll
[MD5.9D3781D113A16511B563F590466429F7] - [01/09/2022 11:42:55] - |A| - [431104] - C:\Windows\syswow64\FirewallAPI.dll
[MD5.D9B2CF927C1FEEBF61DC40C4BFC1EBE4] - [01/09/2022 11:42:24] - |A| - [16384] - C:\Windows\syswow64\fixmapi.exe
[MD5.3A8885627A2BEA9FA844431212E8AD7B] - [01/09/2022 11:42:10] - |A| - [753568] - C:\Windows\syswow64\FlightSettings.dll
[MD5.8D0DA0C5DCF1A14F9D65F5C0BEA53F3D] - [01/09/2022 11:43:21] - |A| - [676584] - C:\Windows\syswow64\fontdrvhost.exe
[MD5.9F5BD61E1978780DD7778908B78E6924] - [01/09/2022 11:43:21] - |A| - [99328] - C:\Windows\syswow64\fontsub.dll
[MD5.45C97A3B62309F437379F035BCCA5F2E] - [01/09/2022 11:42:26] - |A| - [239616] - C:\Windows\syswow64\framedynos.dll
[MD5.4E5F0D80FE3F7C74AF92162AC0A98C94] - [01/09/2022 11:45:36] - |A| - [343552] - C:\Windows\syswow64\FrameServerClient.dll
[MD5.F78033F50821A85AC11B5AC2E685969B] - [01/09/2022 11:48:31] - |A| - [756736] - C:\Windows\syswow64\fveapi.dll
[MD5.CDB23DE8E59CD1855335C14E51CD6779] - [01/09/2022 11:48:30] - |A| - [354816] - C:\Windows\syswow64\fveapibase.dll
[MD5.087EFD291C603C8B5CD4ED1AAFED4577] - [01/09/2022 11:42:55] - |A| - [173056] - C:\Windows\syswow64\fwbase.dll
[MD5.778B2DD1EE310415850AAE62469529D6] - [01/09/2022 11:45:34] - |A| - [46080] - C:\Windows\syswow64\fwcfg.dll
[MD5.5E23C1E8D463C849095730F0C075C462] - [01/09/2022 11:42:55] - |A| - [244224] - C:\Windows\syswow64\fwpolicyiomgr.dll
[MD5.870B6B076744FAD46CB649EE00FB35DC] - [01/09/2022 11:42:55] - |A| - [347648] - C:\Windows\syswow64\FWPUCLNT.DLL
[MD5.C74641C1613502C9BAAF9179031BDE5B] - [01/09/2022 11:43:29] - |A| - [58880] - C:\Windows\syswow64\FwRemoteSvr.dll
[MD5.43DBD3374FA2169B60A0735B613F329E] - [01/09/2022 11:48:53] - |A| - [229888] - C:\Windows\syswow64\FXSAPI.dll
[MD5.83FE3C83B3ADA47622A18D4DEB6314FE] - [01/09/2022 11:48:38] - |A| - [37376] - C:\Windows\syswow64\FXSEXT32.dll
[MD5.C2C93DBC8BEDBE14521C92EF417B85D5] - [01/09/2022 11:48:38] - |A| - [105472] - C:\Windows\syswow64\FXSXP32.dll
[MD5.601D7F19E4FFBE593E555B3363B581D8] - [01/09/2022 11:45:37] - |A| - [50688] - C:\Windows\syswow64\g711codc.ax
[MD5.CD91C7584672A65B599EE932A67FFE62] - [01/09/2022 11:45:10] - |A| - [231424] - C:\Windows\syswow64\GameBarPresenceWriter.exe
[MD5.59C92D78B897651DD985255C29279160] - [01/09/2022 11:45:10] - |A| - [10752] - C:\Windows\syswow64\GameBarPresenceWriter.proxy.dll
[MD5.F4E7F6386BECD4FF97407349E875C0EB] - [01/09/2022 11:42:33] - |A| - [62816] - C:\Windows\syswow64\GameInput.dll
[MD5.873692EF0C70675F179C190CDC45CB09] - [01/09/2022 11:42:43] - |A| - [136336] - C:\Windows\syswow64\gdi32.dll
[MD5.807A366CA2873DD3DF87CCF122198A78] - [01/09/2022 11:43:30] - |A| - [896096] - C:\Windows\syswow64\gdi32full.dll
[MD5.D36B1D084D56A45EC6BB96080711C6F4] - [01/09/2022 11:43:30] - |A| - [1449984] - C:\Windows\syswow64\GdiPlus.dll
[MD5.77D38D69C7AF928A2D53BF3CFB282B74] - [01/09/2022 11:42:51] - |A| - [98816] - C:\Windows\syswow64\globinputhost.dll
[MD5.FC5B5CD8BF6C833E0F03E77D5CBFFB0E] - [01/09/2022 11:45:35] - |A| - [245248] - C:\Windows\syswow64\glu32.dll
[MD5.8FCAC5054AC3750D1C92C8C26710E2DE] - [01/09/2022 11:43:21] - |A| - [32768] - C:\Windows\syswow64\gmsaclient.dll
[MD5.75E025B43A13B9804AA0B57D325587A0] - [01/09/2022 11:45:14] - |A| - [536576] - C:\Windows\syswow64\gpedit.dll
[MD5.2435853FD57821D4B1CC8B2CAB0B88E7] - [01/09/2022 11:42:11] - |A| - [32256] - C:\Windows\syswow64\gpprnext.dll
[MD5.1D6E5778DBBCDC59F094702D9D8CC06D] - [01/09/2022 11:43:30] - |A| - [582656] - C:\Windows\syswow64\hgcpl.dll
[MD5.46560483B8D0C18FD8BCE8A916FB605B] - [01/09/2022 11:43:33] - |A| - [132608] - C:\Windows\syswow64\hlink.dll
[MD5.CFBE70FDD7D6510869BF4FD26A7AFD02] - [01/09/2022 11:42:08] - |A| - [343552] - C:\Windows\syswow64\HrtfApo.dll
[MD5.981A3D2D74F053BDB9910F501FC09D10] - [01/09/2022 11:43:19] - |A| - [26624] - C:\Windows\syswow64\httpapi.dll
[MD5.99E79BCDD66B8D1D2F5AA1026A156FA7] - [01/09/2022 11:45:14] - |A| - [23552] - C:\Windows\syswow64\ias.dll
[MD5.F5354C2CCAD95C5C77E58D0A16E7D7E1] - [01/09/2022 11:45:14] - |A| - [65536] - C:\Windows\syswow64\iasacct.dll
[MD5.9BCE2E10917A77BBADDA7B80ABE3B025] - [01/09/2022 11:45:14] - |A| - [57344] - C:\Windows\syswow64\iasads.dll
[MD5.7B3AAF1B0AA78D633A645C10EF5FEEAC] - [01/09/2022 11:45:14] - |A| - [40448] - C:\Windows\syswow64\iaspolcy.dll
[MD5.04E9C2C23EF9C67F19F785D17E26ECDA] - [01/09/2022 11:45:14] - |A| - [190464] - C:\Windows\syswow64\iasrad.dll
[MD5.FCD396A9051D9D298C25F9D6ED66C0A7] - [01/09/2022 11:45:14] - |A| - [198144] - C:\Windows\syswow64\iassam.dll
[MD5.2495FF0B4087CA99D7C65EFE54BB0021] - [01/09/2022 11:45:14] - |A| - [124416] - C:\Windows\syswow64\iassvcs.dll
[MD5.3BEBB2A747BED1C43F398E2D1B301281] - [01/09/2022 11:45:23] - |A| - [742400] - C:\Windows\syswow64\ieapfltr.dll
[MD5.FEB816BE69CCC8F8903DCFB460EBB04C] - [01/09/2022 11:45:23] - |A| - [345088] - C:\Windows\syswow64\iedkcs32.dll
[MD5.BC796B1A58A0CD77DD2132A81A68DFB2] - [01/09/2022 11:45:31] - |A| - [6502400] - C:\Windows\syswow64\ieframe.dll
[MD5.09D9264AE1ECE1E4A4524ADDF115DD3E] - [01/09/2022 11:45:32] - |A| - [62976] - C:\Windows\syswow64\iemigplugin.dll
[MD5.7DAE7B54CE72AF6387BC97C38E9B8236] - [01/09/2022 11:45:22] - |A| - [160256] - C:\Windows\syswow64\iepeers.dll
[MD5.B695813B49F251FBD37A18EE737DD408] - [01/09/2022 11:45:29] - |A| - [398336] - C:\Windows\syswow64\ieproxy.dll
[MD5.8E42164593EB30F4F9655A65A145175A] - [01/09/2022 11:43:32] - |A| - [2272664] - C:\Windows\syswow64\iertutil.dll
[MD5.BA78A3EE43B864ACA8BF82454A98E06E] - [01/09/2022 11:43:02] - |A| - [188728] - C:\Windows\syswow64\ifsutil.dll
[MD5.2B25F430DC3946971CC590A410B06E84] - [01/09/2022 11:40:42] - |A| - [95496] - C:\Windows\syswow64\imagehlp.dll
[MD5.CC21372398D19487AC3B7E1521442F58] - [01/09/2022 11:45:21] - |A| - [859648] - C:\Windows\syswow64\imapi2fs.dll
[MD5.D6A239F2463A908A4B4FD0EDA9B2D431] - [01/09/2022 11:45:29] - |A| - [176640] - C:\Windows\syswow64\IndexedDbLegacy.dll
[MD5.2DCA3B088A7753CF6EECDF9FBFDD30C3] - [01/09/2022 11:45:23] - |A| - [438784] - C:\Windows\syswow64\inetcpl.cpl
[MD5.F0D9F95E3155AE3BC31D2D9F195A3DB9] - [01/09/2022 11:42:21] - |A| - [232448] - C:\Windows\syswow64\InkEd.dll
[MD5.4BDD537A8C2156A7C813809F89004A98] - [01/09/2022 11:42:22] - |A| - [312128] - C:\Windows\syswow64\input.dll
[MD5.4001D9C359641765EC50BCCFB950C504] - [01/09/2022 11:42:48] - |A| - [968952] - C:\Windows\syswow64\InputHost.dll
[MD5.C820A039E6B2EFFB521F09FC61B698AB] - [01/09/2022 11:42:22] - |A| - [430592] - C:\Windows\syswow64\InputSwitch.dll
[MD5.3B9E125979EBC5086838EE143A4F3762] - [01/09/2022 11:42:49] - |A| - [1839104] - C:\Windows\syswow64\InstallService.dll
[MD5.B87F8443C60A8B07A436242A1C2F3A3D] - [01/09/2022 11:42:50] - |A| - [186880] - C:\Windows\syswow64\InstallServiceTasks.dll
[MD5.BAC52328C7E3752C02001BF070F38955] - [01/09/2022 11:43:40] - |A| - [9216] - C:\Windows\syswow64\iprtprio.dll
[MD5.07EB8AD8686F11F647299ADCCBE408AA] - [01/09/2022 11:43:40] - |A| - [516096] - C:\Windows\syswow64\iprtrmgr.dll
[MD5.842A026C1F8448499552BFE3B12AA911] - [01/09/2022 11:45:32] - |A| - [44032] - C:\Windows\syswow64\iscsicli.exe
[MD5.CF6BAAE10ACD9D8DDDE0440772176D9A] - [01/09/2022 11:45:32] - |A| - [55296] - C:\Windows\syswow64\iscsidsc.dll
[MD5.5946DC401B78DC71325642255A69F6B3] - [01/09/2022 11:45:32] - |A| - [9728] - C:\Windows\syswow64\iscsied.dll
[MD5.D31CFEB383D51363335D0D36815D639B] - [01/09/2022 11:45:32] - |A| - [29184] - C:\Windows\syswow64\iscsium.dll
[MD5.CAFD7E2A79154CB903AE34F2662DCB36] - [01/09/2022 11:45:32] - |A| - [68096] - C:\Windows\syswow64\iscsiwmi.dll
[MD5.161BAF86B2A0127E7290B653C3720A4A] - [01/09/2022 11:45:32] - |A| - [94720] - C:\Windows\syswow64\iscsiwmiv2.dll
[MD5.5A1D53FE41BE38E4ABC5D65143CB7239] - [01/09/2022 11:43:36] - |A| - [138752] - C:\Windows\syswow64\joinutil.dll
[MD5.6459C0BFEA6852BF86CD72A429EB7CA8] - [01/09/2022 11:45:22] - |A| - [676864] - C:\Windows\syswow64\jscript.dll
[MD5.5B5FD17D8BF0E53B93337DE23ECB1846] - [01/09/2022 11:45:30] - |A| - [3858432] - C:\Windows\syswow64\jscript9.dll
[MD5.659B0A4AC589AA2F69C1A247EC8021EA] - [01/09/2022 11:45:31] - |A| - [562688] - C:\Windows\syswow64\jscript9diag.dll
[MD5.4A955928F31941CD38CFF37559CFBD5E] - [01/09/2022 11:43:31] - |A| - [45568] - C:\Windows\syswow64\jsproxy.dll
[MD5.E89FEEB18803102389818EDB7ED52D67] - [01/09/2022 11:42:55] - |A| - [150320] - C:\Windows\syswow64\KerbClientShared.dll
[MD5.47C6D400B839911545380BEA0548816E] - [01/09/2022 11:42:55] - |A| - [835584] - C:\Windows\syswow64\kerberos.dll
[MD5.C9FDF863B56CCA2A80726CEEC54F7D7F] - [01/09/2022 11:42:24] - |A| - [637712] - C:\Windows\syswow64\kernel32.dll
[MD5.FBAC7D207021DE590A9F1C75B9222464] - [01/09/2022 11:40:43] - |A| - [2202864] - C:\Windows\syswow64\KernelBase.dll
[MD5.BEAD56C3C3B9B0BB7F766FE81BC169F3] - [01/09/2022 11:43:22] - |A| - [54272] - C:\Windows\syswow64\KeyCredMgr.dll
[MD5.8EC64A6BBD4F06DADF193B6BE300F74C] - [01/09/2022 11:42:20] - |A| - [162304] - C:\Windows\syswow64\L2SecHC.dll
[MD5.0666AA7B9B945F1CFB7357B26347DB6A] - [01/09/2022 11:43:14] - |A| - [10240] - C:\Windows\syswow64\LaunchTM.exe
[MD5.74B62F989B84BE02CE98E982FC5BF445] - [01/09/2022 11:42:24] - |A| - [34304] - C:\Windows\syswow64\LaunchWinApp.exe
[MD5.F502D812DD74EDF4F7952C5A889E8BC4] - [01/09/2022 11:42:50] - |A| - [874336] - C:\Windows\syswow64\LicenseManager.dll
[MD5.0AE37A1A9EF36E55C45854B2C06A7CEA] - [01/09/2022 11:42:20] - |A| - [356864] - C:\Windows\syswow64\LicensingDiagSpp.dll
[MD5.D0A64A6A1D31DDE8DE4560ECB07DEEDA] - [01/09/2022 11:42:21] - |A| - [641896] - C:\Windows\syswow64\LicensingWinRT.dll
[MD5.DE51332BB204B9094012525D8702BA75] - [01/09/2022 11:43:34] - |A| - [354816] - C:\Windows\syswow64\LockAppBroker.dll
[MD5.AE108F4DAAB2DD68470AC41F91A7A4E9] - [01/09/2022 11:45:35] - |A| - [98816] - C:\Windows\syswow64\logman.exe
[MD5.3A6E57BBA1B6173F0906AB1DEE465B2E] - [01/09/2022 11:43:18] - |A| - [199368] - C:\Windows\syswow64\logoncli.dll
[MD5.F525A5AF6CBBC9A6EBEBB8EFBB092A97] - [01/09/2022 11:43:21] - |A| - [2560] - C:\Windows\syswow64\lpk.dll
[MD5.4E5E8AB7FDC1933F43031B9CC13E7198] - [01/09/2022 11:43:13] - |A| - [516096] - C:\Windows\syswow64\Magnify.exe
[MD5.46C40DFF27394348C343DD4347C62EF6] - [01/09/2022 11:42:24] - |A| - [122880] - C:\Windows\syswow64\mapi32.dll
[MD5.46C40DFF27394348C343DD4347C62EF6] - [01/09/2022 11:42:24] - |A| - [122880] - C:\Windows\syswow64\mapistub.dll
[MD5.ED8A99E8217E9A7499B749AF74232BDE] - [01/09/2022 11:42:47] - |A| - [2433024] - C:\Windows\syswow64\MapRouter.dll
[MD5.8BD3572F1B06575EA2C5266C9D26CC34] - [01/09/2022 11:42:48] - |A| - [906752] - C:\Windows\syswow64\MbaeApiPublic.dll
[MD5.5F38A880350665016DE3DD78539C36F2] - [01/09/2022 11:45:12] - |A| - [890368] - C:\Windows\syswow64\MCRecvSrc.dll
[MD5.EAF036FF8B0B0494A22422E1C6479E3F] - [01/09/2022 11:43:02] - |A| - [264192] - C:\Windows\syswow64\mdmregistration.dll
[MD5.EA8C295B96BD904AAC2EA7A17762C205] - [01/09/2022 11:46:15] - |A| - [539200] - C:\Windows\syswow64\mf.dll
[MD5.1490DA3D16EDF027FBD05F2AF2F615F6] - [01/09/2022 11:43:21] - |A| - [46592] - C:\Windows\syswow64\mf3216.dll
[MD5.9CF4F4FE8D2EA33FB009EA7A1AE978E6] - [01/09/2022 11:46:15] - |A| - [1302648] - C:\Windows\syswow64\mfasfsrcsnk.dll
[MD5.46FE2B74201CDB9E069A7B9E1A266E18] - [01/09/2022 11:46:15] - |A| - [601168] - C:\Windows\syswow64\MFCaptureEngine.dll
[MD5.78CC7E9BC80246651A10520B8D6E2D0A] - [01/09/2022 11:46:15] - |A| - [3560224] - C:\Windows\syswow64\mfcore.dll
[MD5.087911A23CE8452D52C6EAA9168B8225] - [01/09/2022 11:46:19] - |A| - [748904] - C:\Windows\syswow64\mfds.dll
[MD5.3D4326BCA470CE81F8237ED3C6DDD2EB] - [01/09/2022 11:46:19] - |A| - [603136] - C:\Windows\syswow64\mfh264enc.dll
[MD5.97D3F54CBA238FF56F49A8477BAB6D1E] - [01/09/2022 11:46:18] - |A| - [3656704] - C:\Windows\syswow64\MFMediaEngine.dll
[MD5.A94652C04942EB7875C1FDE7192B7D98] - [01/09/2022 11:46:20] - |A| - [83968] - C:\Windows\syswow64\mfmjpegdec.dll
[MD5.AA8B60F13050A9D0BC611FBADC925416] - [01/09/2022 11:46:19] - |A| - [985600] - C:\Windows\syswow64\mfmkvsrcsnk.dll
[MD5.9EB94FF65A2B603978DCB8F26B7E6FC7] - [01/09/2022 11:46:16] - |A| - [1882648] - C:\Windows\syswow64\mfmp4srcsnk.dll
[MD5.1D2B29BA9834B9D259C8627A2481D390] - [01/09/2022 11:46:19] - |A| - [1015952] - C:\Windows\syswow64\mfmpeg2srcsnk.dll
[MD5.F538B257E14F7041A0767469ECB4EE84] - [01/09/2022 11:46:16] - |A| - [914168] - C:\Windows\syswow64\mfnetcore.dll
[MD5.537DA7BF513B169AD25A737ED3D3FD7A] - [01/09/2022 11:46:16] - |A| - [1330504] - C:\Windows\syswow64\mfnetsrc.dll
[MD5.7834617F2A0EBE7E40A881D88E250C32] - [01/09/2022 11:46:16] - |A| - [1542304] - C:\Windows\syswow64\mfplat.dll
[MD5.8099A4D87EA5AE4E1814F17007B3A9D1] - [01/09/2022 11:46:16] - |A| - [130160] - C:\Windows\syswow64\mfps.dll
[MD5.B108C99F438CEA1AD8DB4C9B38555933] - [01/09/2022 11:45:36] - |A| - [354312] - C:\Windows\syswow64\mfsensorgroup.dll
[MD5.D3EBAD745B95BF4A02B909B86F6FC544] - [01/09/2022 11:46:18] - |A| - [1176584] - C:\Windows\syswow64\mfsvr.dll
[MD5.4D538B307CA38F80E03FE3E6C18482AA] - [01/09/2022 11:42:31] - |A| - [379904] - C:\Windows\syswow64\MicrosoftAccountWAMExtension.dll
[MD5.7453CEC433503D9E91D48ED9A9A27F79] - [01/09/2022 11:45:12] - |A| - [58368] - C:\Windows\syswow64\MiracastReceiverExt.dll
[MD5.FBC1965E727100F011D58CFFD4E70C91] - [01/09/2022 11:45:11] - |A| - [2485608] - C:\Windows\syswow64\mispace.dll
[MD5.49A80D29C980FE2D6D70CD8FFE004340] - [01/09/2022 11:43:49] - |A| - [72192] - C:\Windows\syswow64\MitigationConfiguration.dll
[MD5.8E1D7774295F0B9599C40659A01F1E8B] - [01/09/2022 11:45:33] - |A| - [1439744] - C:\Windows\syswow64\mmc.exe
[MD5.2B5749687D574D551B0AF3FE072BF49C] - [01/09/2022 11:45:33] - |A| - [138752] - C:\Windows\syswow64\mmcbase.dll
[MD5.995EE8BBB4D151A2AC593295B9319E6D] - [01/09/2022 11:45:33] - |A| - [1704960] - C:\Windows\syswow64\mmcndmgr.dll
[MD5.EC15E7C1D9648E03DC642201AE28B937] - [01/09/2022 11:45:33] - |A| - [118784] - C:\Windows\syswow64\mmcshext.dll
[MD5.748AE38662CAE71679F1C420BDBD81BA] - [01/09/2022 11:42:08] - |A| - [421488] - C:\Windows\syswow64\MMDevAPI.dll
[MD5.7976FB10F9F2F7B90A9EF8BAAE3FA780] - [01/09/2022 11:43:14] - |A| - [446464] - C:\Windows\syswow64\mmsys.cpl
[MD5.FB615848338231CEBC16E32A3035C3F8] - [01/09/2022 11:45:13] - |A| - [26624] - C:\Windows\syswow64\mode.com
[MD5.FE32F1DA6AD8802F8BD05CE2B1D9CA29] - [01/09/2022 11:46:20] - |A| - [263920] - C:\Windows\syswow64\MP43DECD.DLL
[MD5.F0825E2B4AFB6293C6B2C6666AFF7F75] - [01/09/2022 11:46:20] - |A| - [344456] - C:\Windows\syswow64\MP4SDECD.DLL
[MD5.252E0C93A70DEC81F53D36CA971A3EC2] - [01/09/2022 11:46:20] - |A| - [264432] - C:\Windows\syswow64\MPG4DECD.DLL
[MD5.BCF21EB78B9EE680119A882C97418756] - [01/09/2022 11:43:21] - |A| - [94536] - C:\Windows\syswow64\mpr.dll
[MD5.D04B78F8F9F1D69536ECD588A2C0940E] - [01/09/2022 11:43:40] - |A| - [436224] - C:\Windows\syswow64\mprapi.dll
[MD5.13DF002E3059FD19AA32B62576A698A5] - [01/09/2022 11:43:40] - |A| - [770560] - C:\Windows\syswow64\mprddm.dll
[MD5.DFAEC8926C34C040090562438E66FDCC] - [01/09/2022 11:43:40] - |A| - [425472] - C:\Windows\syswow64\mprdim.dll
[MD5.B41AC16C2E7F9D2A17B8C9818A708398] - [01/09/2022 11:43:48] - |A| - [113664] - C:\Windows\syswow64\mprmsg.dll
[MD5.F18F2279B53EAC9B673BB834478A3C7F] - [01/09/2022 11:42:51] - |A| - [778848] - C:\Windows\syswow64\MrmCoreR.dll
[MD5.864F81FC241F7E7AD9B5F09FAC7A42C8] - [01/09/2022 11:42:10] - |A| - [155648] - C:\Windows\syswow64\msaudite.dll
[MD5.5C7E22D31AA76FA5CE44C327EE5ACFAA] - [01/09/2022 11:42:22] - |A| - [863056] - C:\Windows\syswow64\msctf.dll
[MD5.BAA4458E429E7C906560FE4541ADFCFB] - [01/09/2022 11:45:37] - |A| - [389632] - C:\Windows\syswow64\msdt.exe
[MD5.E35DFA464B0D5DB2286C6D075225BB2F] - [01/09/2022 11:45:13] - |A| - [707072] - C:\Windows\syswow64\msdtcprx.dll
[MD5.D6B8BD501B25D63A4D0E882F4AE3F525] - [01/09/2022 11:45:13] - |A| - [12800] - C:\Windows\syswow64\msdtcspoffln.dll
[MD5.C466E2DA32A2D9748D19651F7A7BABE8] - [01/09/2022 11:48:51] - |A| - [5632] - C:\Windows\syswow64\msdxm.ocx
[MD5.0A09859C0A29AE9C6A82D16E5479D711] - [01/09/2022 11:45:23] - |A| - [667648] - C:\Windows\syswow64\msfeeds.dll
[MD5.D90121D5F9145C9091187D430381ADF0] - [01/09/2022 11:46:20] - |A| - [385024] - C:\Windows\syswow64\MSFlacDecoder.dll
[MD5.9200116406086C21A5BAAFFCC4041A47] - [01/09/2022 11:42:31] - |A| - [2734592] - C:\Windows\syswow64\msftedit.dll
[MD5.8ADD868580B1B9809A2FDDA312263E0C] - [01/09/2022 11:45:27] - |A| - [18082304] - C:\Windows\syswow64\mshtml.dll
[MD5.28AAEC44C2A29266D345D7591B3B8553] - [01/09/2022 11:45:27] - |A| - [2755584] - C:\Windows\syswow64\mshtml.tlb
[MD5.8BF15E660B8A5A779B2E4A6C91C3CB7D] - [01/09/2022 11:45:33] - |A| - [2692096] - C:\Windows\syswow64\msi.dll
[MD5.09FBED87DD0227BDF95AD8E18EBE2BCF] - [01/09/2022 11:42:19] - |A| - [232960] - C:\Windows\syswow64\msieftp.dll
[MD5.476DF2229E9A260A736F431198B1C152] - [01/09/2022 11:43:21] - |A| - [7168] - C:\Windows\syswow64\msimg32.dll
[MD5.AB382FB0077F8DD35CA43EF1609119AF] - [01/09/2022 11:45:34] - |A| - [26112] - C:\Windows\syswow64\msimsg.dll
[MD5.5C49B7B55D4AF40DB1047E08484D6656] - [01/09/2022 11:45:40] - |A| - [338432] - C:\Windows\syswow64\msinfo32.exe
[MD5.FD2208F6280E43FC80C4157CB368D1BA] - [01/09/2022 11:45:34] - |A| - [52224] - C:\Windows\syswow64\msisip.dll
[MD5.0971B57C707898E1C87F08E2879A39AB] - [01/09/2022 11:43:32] - |A| - [265728] - C:\Windows\syswow64\msIso.dll
[MD5.3D9D4123816A830C1A3EB30992A318CA] - [01/09/2022 11:45:33] - |A| - [1317376] - C:\Windows\syswow64\msjet40.dll
[MD5.380363F8D005571D22DE2AA82A860F9D] - [01/09/2022 11:42:58] - |A| - [49664] - C:\Windows\syswow64\mskeyprotect.dll
[MD5.C2B228DB37E968C8540FC00252F6A064] - [01/09/2022 11:46:19] - |A| - [801792] - C:\Windows\syswow64\MSMPEG2ENC.DLL
[MD5.2AC8E084AD981D79C701906F9268B1FD] - [01/09/2022 11:46:19] - |A| - [2341816] - C:\Windows\syswow64\msmpeg2vdec.dll
[MD5.4AAEB21801CC65648917D76912C78A7D] - [01/09/2022 11:42:10] - |A| - [63488] - C:\Windows\syswow64\msobjs.dll
[MD5.DAE6D5681EAFB97B23DC1C4E08A848C6] - [01/09/2022 11:48:40] - |A| - [76800] - C:\Windows\syswow64\msra.exe
[MD5.E7E1182828EF8AA54BC7FA1F2DF31262] - [01/09/2022 11:48:40] - |A| - [7680] - C:\Windows\syswow64\MsraLegacy.tlb
[MD5.2B4FCB013F80309D452DAE2DDB4DC027] - [01/09/2022 11:42:43] - |A| - [49664] - C:\Windows\syswow64\msscntrs.dll
[MD5.1A1FD4F12C8FE1F3DC13F99F451418D0] - [01/09/2022 11:42:43] - |A| - [114176] - C:\Windows\syswow64\mssitlb.dll
[MD5.666B4F54AFB81B76C6815A2D76C4D15D] - [01/09/2022 11:42:44] - |A| - [164352] - C:\Windows\syswow64\mssph.dll
[MD5.A20AA55FDECCAFDE81CC680E6C546397] - [01/09/2022 11:42:44] - |A| - [59904] - C:\Windows\syswow64\mssprxy.dll
[MD5.5BED6906D8D4DACE2742100B5B5DE3BF] - [01/09/2022 11:42:44] - |A| - [2314752] - C:\Windows\syswow64\mssrch.dll
[MD5.C95CBBC92987760C2AA472A822C0F610] - [01/09/2022 11:42:44] - |A| - [303616] - C:\Windows\syswow64\mssvp.dll
[MD5.EA4A02BE14C405327EEBA8D9AD2BD42C] - [01/09/2022 11:45:39] - |A| - [1264640] - C:\Windows\syswow64\mstsc.exe
[MD5.80B3AA89CE35DDE75851E52F4A24D1F1] - [01/09/2022 11:45:37] - |A| - [7123968] - C:\Windows\syswow64\mstscax.dll
[MD5.7B5ABA8D63B887490E51282495C88B1F] - [01/09/2022 11:43:18] - |A| - [447832] - C:\Windows\syswow64\msv1_0.dll
[MD5.0DC737CD74911420DD848C4EB93A849F] - [01/09/2022 11:46:17] - |A| - [1262296] - C:\Windows\syswow64\msvproc.dll
[MD5.6F670463DB0C8EC92BB74EC5C4D9B4DE] - [01/09/2022 11:43:00] - |A| - [1951384] - C:\Windows\syswow64\msxml6.dll
[MD5.874DEC19051D7356460D1F0F78232CE6] - [01/09/2022 11:45:13] - |A| - [367616] - C:\Windows\syswow64\mtxclu.dll
[MD5.9BBC69D72A97EF97DE46B93F001E3BF6] - [01/09/2022 11:42:26] - |A| - [58880] - C:\Windows\syswow64\ncobjapi.dll
[MD5.C9E0531936F3F6E8F1EB5E817C8D25C3] - [01/09/2022 11:43:18] - |A| - [276992] - C:\Windows\syswow64\ncryptprov.dll
[MD5.F4481F2D0DB8BCAB4432D8B3A40F0083] - [01/09/2022 11:43:36] - |A| - [65536] - C:\Windows\syswow64\ndadmin.exe
[MD5.63947B6791E1A62A57C838D96DC4D6CB] - [01/09/2022 11:42:58] - |A| - [100864] - C:\Windows\syswow64\negoexts.dll
[MD5.2EFE6ED4C294AB8A39EB59C80813FEC1] - [01/09/2022 11:45:12] - |A| - [139776] - C:\Windows\syswow64\net1.exe
[MD5.90DDFE20329359AB6A4228A46F11B92B] - [01/09/2022 11:42:25] - |A| - [78024] - C:\Windows\syswow64\netapi32.dll
[MD5.96F00980313961C8FD89C8524D6E1B43] - [01/09/2022 11:43:35] - |A| - [126976] - C:\Windows\syswow64\netid.dll
[MD5.DE2270267448DEBDF56404155A6BD3DE] - [01/09/2022 11:43:36] - |A| - [147968] - C:\Windows\syswow64\netjoin.dll
[MD5.CE980EFFE396D9B80418BC65548F56F5] - [01/09/2022 11:43:21] - |A| - [687104] - C:\Windows\syswow64\netlogon.dll
[MD5.16E499CE348E2636D474E72FE2B70B23] - [01/09/2022 11:43:17] - |A| - [2560] - C:\Windows\syswow64\netmsg.dll
[MD5.93E6CB2818939D32E6D96BB6D6530404] - [01/09/2022 11:42:24] - |A| - [223744] - C:\Windows\syswow64\netplwiz.dll
[MD5.D7E429AF737BA9860BBB448058DB55B8] - [01/09/2022 11:43:36] - |A| - [54272] - C:\Windows\syswow64\netprovfw.dll
[MD5.1539548E31469019C5963F5A1095ADFB] - [01/09/2022 11:43:36] - |A| - [400896] - C:\Windows\syswow64\netshell.dll
[MD5.BF8876BCF653CBBBE25B9F839714EDEE] - [01/09/2022 11:43:18] - |A| - [38232] - C:\Windows\syswow64\netutils.dll
[MD5.D4699E3DA95D1875F97D497A0F354118] - [01/09/2022 11:43:36] - |A| - [242176] - C:\Windows\syswow64\newdev.dll
[MD5.4C2EACBE19E43DCEC83534AE1A8738B8] - [01/09/2022 11:43:36] - |A| - [67584] - C:\Windows\syswow64\newdev.exe
[MD5.DD131EB75AD23F6CFAA21CC90582848B] - [01/09/2022 11:42:59] - |A| - [514048] - C:\Windows\syswow64\ngccredprov.dll
[MD5.4F79977B992888BC9887F8AE76C774BA] - [01/09/2022 11:42:59] - |A| - [154624] - C:\Windows\syswow64\ngckeyenum.dll
[MD5.38A48296684E56B85556DBBC7DF66CA9] - [01/09/2022 11:43:22] - |A| - [54272] - C:\Windows\syswow64\ngclocal.dll
[MD5.1750E0BB62636149823804492668CEF6] - [01/09/2022 11:45:34] - |A| - [617984] - C:\Windows\syswow64\nshwfp.dll
[MD5.C5F857B04FDF7775285AB3B78F1BF8CA] - [01/09/2022 11:42:10] - |A| - [1699368] - C:\Windows\syswow64\ntdll.dll
[MD5.C0B54D00D98F8280727EC0DD982A7C84] - [01/09/2022 11:43:21] - |A| - [84480] - C:\Windows\syswow64\ntlanman.dll
[MD5.34465041B76388CCCD284DA81184F001] - [01/09/2022 11:43:18] - |A| - [54264] - C:\Windows\syswow64\NtlmShared.dll
[MD5.1BD24DB163D5F9E76C967FAE14B100BD] - [01/09/2022 11:43:39] - |A| - [322048] - C:\Windows\syswow64\ntprint.dll
[MD5.0794DE56DD49EB0DFA1D23EB7363A44F] - [01/09/2022 11:43:39] - |A| - [62464] - C:\Windows\syswow64\ntprint.exe
[MD5.011F06A475F910DE689BF801661A4851] - [01/09/2022 11:43:15] - |A| - [188416] - C:\Windows\syswow64\ocsetapi.dll
[MD5.A8B9E3C295970417D8146647DF7A9982] - [01/09/2022 11:45:32] - |A| - [604160] - C:\Windows\syswow64\odbc32.dll
[MD5.733012855AD7A6C78A2298298C689866] - [01/09/2022 11:43:19] - |A| - [115000] - C:\Windows\syswow64\offlinelsa.dll
[MD5.36DD44C941E22D6AFB34FFAA61A4AB50] - [01/09/2022 11:43:18] - |A| - [236904] - C:\Windows\syswow64\offlinesam.dll
[MD5.F7F2BA30DA054993D22C2F597A20167A] - [01/09/2022 11:45:35] - |A| - [64000] - C:\Windows\syswow64\offreg.dll
[MD5.1A66350961455C2D9A83440D69F8F20A] - [01/09/2022 11:43:16] - |A| - [926560] - C:\Windows\syswow64\ole32.dll
[MD5.1FFA938F058ADDE3ABED651404427552] - [01/09/2022 11:42:11] - |A| - [115712] - C:\Windows\syswow64\oleprn.dll
[MD5.21302BBF6B700946E4EAD33DD3D7B539] - [01/09/2022 11:43:22] - |A| - [168376] - C:\Windows\syswow64\omadmapi.dll
[MD5.96AB098A241C1BBAC7E2916327DBA105] - [01/09/2022 11:42:07] - |A| - [231936] - C:\Windows\syswow64\OneCoreCommonProxyStub.dll
[MD5.FF5F67F017F3EC358F4C02AE1963C593] - [01/09/2022 11:42:57] - |A| - [3926496] - C:\Windows\syswow64\OneCoreUAPCommonProxyStub.dll
[MD5.F6F4EE3359B47D0074DFF02ADAAAA20D] - [01/09/2022 11:43:50] - |A| - [546304] - C:\Windows\syswow64\OneDriveSettingSyncProvider.dll
[MD5.43853D3A2961E01E9E085CC72F56102A] - [01/09/2022 11:43:19] - |A| - [141312] - C:\Windows\syswow64\OneSettingsClient.dll
[MD5.6B6BE7AAA62DE0769335F99B9EE2AE41] - [01/09/2022 11:43:39] - |A| - [1345024] - C:\Windows\syswow64\OpcServices.dll
[MD5.2621CC95CD0DD97AD4637E2E0B0D14E0] - [01/09/2022 11:45:34] - |A| - [926208] - C:\Windows\syswow64\opengl32.dll
[MD5.CD261FFEEA401ADC2F48208432B25ADB] - [01/09/2022 11:45:10] - |A| - [707072] - C:\Windows\syswow64\PayloadRestrictions.dll
[MD5.0038CC75C1474670E79BBCD48D7EAF3A] - [01/09/2022 11:42:12] - |A| - [765432] - C:\Windows\syswow64\PCPKsp.dll
[MD5.401B56594AE2757F5180EE52F13131B4] - [01/09/2022 11:43:13] - |A| - [29696] - C:\Windows\syswow64\PCShellCommonProxyStub.dll
[MD5.3ED41CB7CC48EE2EFD1CCEA8E1CFF720] - [01/09/2022 11:43:23] - |A| - [244736] - C:\Windows\syswow64\pdh.dll
[MD5.493EEDA3AF5B44FE7F4A8B78CA5EC3E8] - [01/09/2022 11:45:38] - |A| - [61952] - C:\Windows\syswow64\perfts.dll
[MD5.47AEAC81E56C721FA857528FC333A80F] - [01/09/2022 11:42:49] - |A| - [351744] - C:\Windows\syswow64\PhoneOm.dll
[MD5.7286CDE4C97B4B6DFE57A0B4E6E9E1DC] - [01/09/2022 11:45:55] - |A| - [499200] - C:\Windows\syswow64\PhotoScreensaver.scr
[MD5.C77290F0A578999ED8F6B4AEDF86DE28] - [01/09/2022 11:42:31] - |A| - [98104] - C:\Windows\syswow64\PickerHost.exe
[MD5.E0BA0220D980E92777B5B3CBE450339F] - [01/09/2022 11:43:11] - |A| - [276992] - C:\Windows\syswow64\PickerPlatform.dll
[MD5.138E66F4DC593E3AE8F896847E8DA902] - [01/09/2022 11:40:52] - |A| - [889696] - C:\Windows\syswow64\pidgenx.dll
[MD5.465B95D900CA768F86932E393B11EFBE] - [01/09/2022 11:42:04] - |A| - [229888] - C:\Windows\syswow64\PkgMgr.exe
[MD5.8B0B5B2D703FE64D17317E1723A6C0F6] - [01/09/2022 11:43:49] - |A| - [229376] - C:\Windows\syswow64\pku2u.dll
[MD5.07C7985E05D700394E00AD57D7AFF10C] - [01/09/2022 11:45:12] - |A| - [425472] - C:\Windows\syswow64\PlayToManager.dll
[MD5.21F972585696C204A08ADC8CF269B05A] - [01/09/2022 11:43:22] - |A| - [533552] - C:\Windows\syswow64\policymanager.dll
[MD5.22C476CFE6ABC19A9A89B9EEBA2FF258] - [01/09/2022 11:43:29] - |A| - [296448] - C:\Windows\syswow64\polstore.dll
[MD5.7EF627BD5B558EF2978B0BBB62BEB561] - [01/09/2022 10:55:12] - |A| - [392704] - C:\Windows\syswow64\poqexec.exe
[MD5.892D59073D8C2D714264FC575866EB0E] - [01/09/2022 11:46:21] - |A| - [131584] - C:\Windows\syswow64\PortableDeviceWiaCompat.dll
[MD5.B6B0D7357995EFA5F07CEBD4593C7A9C] - [01/09/2022 11:45:13] - |A| - [14848] - C:\Windows\syswow64\print.exe
[MD5.A8DD6E99FC7390DE88612F46490C817E] - [01/09/2022 11:43:37] - |A| - [285696] - C:\Windows\syswow64\Print.PrintSupport.Source.dll
[MD5.E0578BABD9F09635F09860EE988C6B54] - [01/09/2022 11:43:37] - |A| - [71680] - C:\Windows\syswow64\Print.Workflow.Source.dll
[MD5.B074597BFDE2081766870293827A2E16] - [01/09/2022 11:43:38] - |A| - [51712] - C:\Windows\syswow64\PrintPlatformConfig.dll
[MD5.AD59B57199C7C4651ADF3C9613AFC1D4] - [01/09/2022 11:43:38] - |A| - [525824] - C:\Windows\syswow64\PrintRenderAPIHost.DLL
[MD5.87ED90F4D1FBFE694DED6BC58F02DC44] - [01/09/2022 11:43:39] - |A| - [606720] - C:\Windows\syswow64\printui.dll
[MD5.D39EFE3FAAF079EAD278F86FB1FCA8C0] - [01/09/2022 11:43:39] - |A| - [62464] - C:\Windows\syswow64\printui.exe
[MD5.AA7C5585997EE9A7D9EBB03001CB7E6B] - [01/09/2022 11:43:37] - |A| - [372224] - C:\Windows\syswow64\PrintWorkflowService.dll
[MD5.EE56C891B0BEE72D7E0A4DFB1DF71A89] - [01/09/2022 11:45:35] - |A| - [109568] - C:\Windows\syswow64\PrintWSDAHost.dll
[MD5.D811AAA8E93D662C978ACE5A873B1083] - [01/09/2022 11:43:38] - |A| - [125952] - C:\Windows\syswow64\prncache.dll
[MD5.CDFC36BF0CC6C7A006393BFFB8C099AD] - [01/09/2022 11:43:39] - |A| - [212992] - C:\Windows\syswow64\prnfldr.dll
[MD5.883A67FDE8374AE67425A9D2F04D13BA] - [01/09/2022 11:43:39] - |A| - [247296] - C:\Windows\syswow64\prnntfy.dll
[MD5.CAF16D99E3A8F309DFDEC6B7B5DF6F20] - [01/09/2022 11:43:37] - |A| - [138752] - C:\Windows\syswow64\prntvpt.dll
[MD5.4D313E20326786153787B4206E7287F7] - [01/09/2022 11:42:53] - |A| - [129136] - C:\Windows\syswow64\profext.dll
[MD5.D0BE9998E409F4A9F626B32C920F7D0E] - [01/09/2022 11:42:52] - |A| - [792832] - C:\Windows\syswow64\propsys.dll
[MD5.0AC2B19E26876134BBDEFCF800DE8BDF] - [01/09/2022 11:45:41] - |A| - [56832] - C:\Windows\syswow64\provisioningcommandscsp.dll
[MD5.5496AB091A5CA80CDF4A3B9B26792AE6] - [01/09/2022 11:45:41] - |A| - [45056] - C:\Windows\syswow64\provlaunch.exe
[MD5.C529F5F079B137B76F2C593037FB9AD2] - [01/09/2022 11:45:41] - |A| - [77824] - C:\Windows\syswow64\provmigrate.dll
[MD5.718B8A6A04CB945263A94C08187AC811] - [01/09/2022 11:45:41] - |A| - [273408] - C:\Windows\syswow64\provplatformdesktop.dll
[MD5.8D35734183BE6F29088A75ABA28A5508] - [01/09/2022 11:45:41] - |A| - [384512] - C:\Windows\syswow64\provsvc.dll
[MD5.A88B52F6942BDB4B781304A0381CA5E0] - [01/09/2022 11:43:39] - |A| - [172032] - C:\Windows\syswow64\puiapi.dll
[MD5.89653D78D47AF08107F8CA86FDD56C4A] - [01/09/2022 11:43:39] - |A| - [367616] - C:\Windows\syswow64\puiobj.dll
[MD5.AE0567B03F1D60EF23623AB83612D112] - [01/09/2022 11:47:45] - |A| - [521728] - C:\Windows\syswow64\quickassist.exe
[MD5.86AA9138F21A727B282EE4C9FE49FF19] - [01/09/2022 11:43:36] - |A| - [228864] - C:\Windows\syswow64\qwave.dll
[MD5.0805F2455A6BE87E2B9431940C61A1CE] - [01/09/2022 11:48:40] - |A| - [116736] - C:\Windows\syswow64\racpldlg.dll
[MD5.9E46B41BD79CBA1341A1FA01BC835469] - [01/09/2022 11:43:48] - |A| - [899584] - C:\Windows\syswow64\rasapi32.dll
[MD5.8EE1DA9D4AD31D9F633635408B7B5C5C] - [01/09/2022 11:43:39] - |A| - [134144] - C:\Windows\syswow64\raschap.dll
[MD5.A280B0F42A83064C41CFFDC1CD35136E] - [01/09/2022 11:43:40] - |A| - [19456] - C:\Windows\syswow64\rasdial.exe
[MD5.D1053D114847677185F248FF98C3F255] - [01/09/2022 11:48:40] - |A| - [107520] - C:\Windows\syswow64\raserver.exe
[MD5.F1F775DE0F107F1A4BE6FDE1C01CD757] - [01/09/2022 11:43:48] - |A| - [156672] - C:\Windows\syswow64\rasman.dll
[MD5.C6A20E5EF38885389C0DB071A312E3B1] - [01/09/2022 11:43:40] - |A| - [295936] - C:\Windows\syswow64\rasmontr.dll
[MD5.CAD9B258A451048D390FF6483B1FC284] - [01/09/2022 11:48:28] - |A| - [283136] - C:\Windows\syswow64\rasppp.dll
[MD5.B113077CDD3AD47FF33817499E5F6842] - [01/09/2022 11:43:48] - |A| - [232448] - C:\Windows\syswow64\rastapi.dll
[MD5.AB33AD4E1509B51F883A7244001374DC] - [01/09/2022 11:43:39] - |A| - [321536] - C:\Windows\syswow64\rastls.dll
[MD5.D6E7E681A5F146AD1E0BC50E7FB1B813] - [01/09/2022 11:43:40] - |A| - [178176] - C:\Windows\syswow64\rastlsext.dll
[MD5.A1E112D8AD06806EFF841F25BA942A3A] - [01/09/2022 11:43:00] - |A| - [1236808] - C:\Windows\syswow64\rdpbase.dll
[MD5.6F4661D51453925284DC96F3C3BB48D7] - [01/09/2022 11:45:35] - |A| - [1075712] - C:\Windows\syswow64\rdpcore.dll
[MD5.F7CF4BE76188A9EA3F15210F061BD304] - [01/09/2022 11:43:00] - |A| - [1611616] - C:\Windows\syswow64\rdpserverbase.dll
[MD5.1D3DD752BDAF11DE7E026DB482B290C1] - [01/09/2022 11:42:49] - |A| - [1271808] - C:\Windows\syswow64\rdpsharercom.dll
[MD5.3E33CEC1EA32E7F12AE8000A1BB3337C] - [01/09/2022 11:42:23] - |A| - [189440] - C:\Windows\syswow64\regapi.dll
[MD5.89AF1348B5D168DE820BD37C3A263D85] - [01/09/2022 11:43:29] - |A| - [111104] - C:\Windows\syswow64\rekeywiz.exe
[MD5.DA20D543A130003B427AEB18AE2FE094] - [01/09/2022 11:45:35] - |A| - [45568] - C:\Windows\syswow64\relog.exe
[MD5.32368D7FEBD5E880AA75E5A8B356C69F] - [01/09/2022 11:42:08] - |A| - [73336] - C:\Windows\syswow64\remoteaudioendpoint.dll
[MD5.6C59D7BCB042F58FD8B15A0C88D2F894] - [01/09/2022 11:48:40] - |A| - [6656] - C:\Windows\syswow64\rendezvousSession.tlb
[MD5.A7F2E9DD9DE1396B1250F413DA2F6C08] - [01/09/2022 11:45:13] - |A| - [18944] - C:\Windows\syswow64\replace.exe
[MD5.3B092BD3421FB4A340FE64E02B354D82] - [01/09/2022 11:45:11] - |A| - [481792] - C:\Windows\syswow64\resutils.dll
[MD5.5030DB8398D1B1E9275AA1C3F51AAA90] - [01/09/2022 11:42:12] - |A| - [541184] - C:\Windows\syswow64\RMActivate.exe
[MD5.CB999CC05F196DCF7300A5D534B3BE7B] - [01/09/2022 11:42:12] - |A| - [558080] - C:\Windows\syswow64\RMActivate_isv.exe
[MD5.6599A09C160036131E4A933168DA245F] - [01/09/2022 11:42:12] - |A| - [478720] - C:\Windows\syswow64\RMActivate_ssp.exe
[MD5.0A1AA3D138103ED9FB645F6B02E41A2F] - [01/09/2022 11:45:13] - |A| - [131072] - C:\Windows\syswow64\Robocopy.exe
[MD5.0BAD28A4D78585E109D907B498EA05E3] - [01/09/2022 11:42:10] - |A| - [776824] - C:\Windows\syswow64\rpcrt4.dll
[MD5.6C562EC7D2832FD901471FB5EAB2C8CC] - [01/09/2022 11:43:40] - |A| - [161792] - C:\Windows\syswow64\rtm.dll
[MD5.FE8D48D2235BD83C849CFC9A82EE8D6F] - [01/09/2022 11:43:48] - |A| - [55296] - C:\Windows\syswow64\rtutils.dll
[MD5.4548B8143E51FBD1490949AF2D4EFE0D] - [01/09/2022 11:42:08] - |A| - [153392] - C:\Windows\syswow64\RTWorkQ.dll
[MD5.13646BC81C39130487DA538B2DED5B28] - [01/09/2022 11:45:39] - |A| - [17920] - C:\Windows\syswow64\runas.exe
[MD5.9E16655119DDE1B24A741C4FD4AD08FC] - [01/09/2022 11:43:33] - |A| - [47104] - C:\Windows\syswow64\runonce.exe
[MD5.6B8C961C03948F17792BC64A881A96B9] - [01/09/2022 11:43:18] - |A| - [70144] - C:\Windows\syswow64\samcli.dll
[MD5.37CE8D55ADEDA0702C6ED8CA1893A5DD] - [01/09/2022 11:43:18] - |A| - [93184] - C:\Windows\syswow64\samlib.dll
[MD5.080B0FFB81594C737F64E2978D3E633D] - [01/09/2022 11:45:14] - |A| - [244224] - C:\Windows\syswow64\scansetting.dll
[MD5.A63BC7D7E4917E997960D48B84602670] - [01/09/2022 11:43:48] - |A| - [255488] - C:\Windows\syswow64\scecli.dll
[MD5.6DD6EC4367BC16EC3E5F7B568485595C] - [01/09/2022 11:43:48] - |A| - [413184] - C:\Windows\syswow64\scesrv.dll
[MD5.80CEF8C0B4EDBA0E90E97ECA63DA917C] - [01/09/2022 11:43:18] - |A| - [493568] - C:\Windows\syswow64\schannel.dll
[MD5.D7AB2202434237D06BC80AF9C274B3AA] - [01/09/2022 11:43:19] - |A| - [17408] - C:\Windows\syswow64\schedcli.dll
[MD5.48C2FE20575769DE916F48EF0676A965] - [01/09/2022 11:42:21] - |A| - [187904] - C:\Windows\syswow64\schtasks.exe
[MD5.B481FFC8ED92221B660CD5C5B76F9F2E] - [01/09/2022 11:43:48] - |A| - [207360] - C:\Windows\syswow64\scrobj.dll
[MD5.D2B6E78A63A8D55A892CC4A0676243F4] - [01/09/2022 11:43:48] - |A| - [186368] - C:\Windows\syswow64\scrrun.dll
[MD5.E594E2B361FC6EB218344500AFB7EBB6] - [01/09/2022 11:43:14] - |A| - [20992] - C:\Windows\syswow64\sdbinst.exe
[MD5.8E93B557363D8400A8B9F2D70AEB222B] - [01/09/2022 11:48:40] - |A| - [40960] - C:\Windows\syswow64\sdchange.exe
[MD5.73BFCE3F9A7754DD764251900BDBF397] - [01/09/2022 11:45:37] - |A| - [195072] - C:\Windows\syswow64\sdiageng.dll
[MD5.76676F0A21E6AF109845151B3CEFE211] - [01/09/2022 11:45:37] - |A| - [31744] - C:\Windows\syswow64\sdiagnhost.exe
[MD5.2EE28B1338DFADE1381BAE61B3E4AC71] - [01/09/2022 11:42:44] - |A| - [286720] - C:\Windows\syswow64\Search.ProtocolHandler.MAPI2.dll
[MD5.1D221E674AC34BC114C91B8D56468315] - [01/09/2022 11:42:43] - |A| - [229376] - C:\Windows\syswow64\SearchFilterHost.exe
[MD5.EDE872047534D5DEC0F58CC017DC2031] - [01/09/2022 11:43:49] - |A| - [324608] - C:\Windows\syswow64\SearchFolder.dll
[MD5.CF7BEFBA5E20F2F4C7851D016067B89C] - [01/09/2022 11:42:43] - |A| - [711680] - C:\Windows\syswow64\SearchIndexer.exe
[MD5.727FE964E574EEAF8917308FFF0880DE] - [01/09/2022 11:42:43] - |A| - [340992] - C:\Windows\syswow64\SearchProtocolHost.exe
[MD5.B68B7D84B8A216E6219A65F7961FA219] - [01/09/2022 11:42:10] - |A| - [477808] - C:\Windows\syswow64\sechost.dll
[MD5.E874D44F1E83C9C9B379C6950610D36C] - [01/09/2022 11:42:12] - |A| - [350208] - C:\Windows\syswow64\secproc.dll
[MD5.0C7CF2CFBA51DD179D89271D53E2B17C] - [01/09/2022 11:42:12] - |A| - [348160] - C:\Windows\syswow64\secproc_isv.dll
[MD5.AFDD52FB1E595A999C1B6FC654243E90] - [01/09/2022 11:42:12] - |A| - [88576] - C:\Windows\syswow64\secproc_ssp.dll
[MD5.F13535BD430669ED1161452EA9FBE7F4] - [01/09/2022 11:43:02] - |A| - [85232] - C:\Windows\syswow64\SensorsNativeApi.dll
[MD5.C0A0C6E45237B17A51A304423A63957D] - [01/09/2022 11:43:02] - |A| - [184368] - C:\Windows\syswow64\SensorsNativeApi.V2.dll
[MD5.F0982BDDC058F080C375D5C18F1C0DF9] - [01/09/2022 11:42:12] - |A| - [139264] - C:\Windows\syswow64\SettingMonitor.dll
[MD5.D0C9C738C8DD97EB1B7B29AB68954F20] - [01/09/2022 11:42:12] - |A| - [517120] - C:\Windows\syswow64\SettingSync.dll
[MD5.ACF7AC4594092E0DBEE3618D2DD09B94] - [01/09/2022 11:43:51] - |A| - [763392] - C:\Windows\syswow64\SettingSyncCore.dll
[MD5.8F69BEB6743BE45D3542D44D5AA6FFEE] - [01/09/2022 11:43:51] - |A| - [792928] - C:\Windows\syswow64\SettingSyncHost.exe
[MD5.D751863E135606C079094CDCA4CB37CA] - [01/09/2022 11:43:36] - |A| - [4456888] - C:\Windows\syswow64\setupapi.dll
[MD5.E6DE71FBDA4B7951BA8567E12A8ACE07] - [01/09/2022 11:43:15] - |A| - [132936] - C:\Windows\syswow64\setupcl.dll
[MD5.8BAD0C9295820398882377F3B1971313] - [01/09/2022 11:43:49] - |A| - [171008] - C:\Windows\syswow64\setupcln.dll
[MD5.AE3012342D5ED40A83916A69D760A1E8] - [01/09/2022 11:42:24] - |A| - [12328] - C:\Windows\syswow64\sfc.dll
[MD5.F7C113A0453D9C8157BCCD52A722103C] - [01/09/2022 11:42:24] - |A| - [51184] - C:\Windows\syswow64\sfc_os.dll
[MD5.1E512D9793F0390A1A2F1F348681EFF2] - [01/09/2022 11:43:14] - |A| - [58368] - C:\Windows\syswow64\shacctprofile.dll
[MD5.0B4E3715994BFEF6845B6F2FBBA2D210] - [01/09/2022 11:42:30] - |A| - [878080] - C:\Windows\syswow64\ShareHost.dll
[MD5.2CE82BD239A502E5317D78978FCE3671] - [01/09/2022 11:43:11] - |A| - [545984] - C:\Windows\syswow64\SHCore.dll
[MD5.8ECF317B3123E44C8E53FA650DCA5400] - [01/09/2022 11:43:51] - |A| - [6015704] - C:\Windows\syswow64\shell32.dll
[MD5.5A201C420D9F8E7717E8763484279162] - [01/09/2022 11:42:20] - |A| - [412160] - C:\Windows\syswow64\ShellCommonCommonProxyStub.dll
[MD5.A404268AEBFA7B2831ADC39DC1D81D74] - [01/09/2022 11:43:14] - |A| - [5632] - C:\Windows\syswow64\shimeng.dll
[MD5.9C1F7CB888C87EC00146BA0EAA6A9A1F] - [01/09/2022 11:43:50] - |A| - [276864] - C:\Windows\syswow64\shlwapi.dll
[MD5.5CAA1FBE265DA1D732AF575E6762DE59] - [01/09/2022 11:45:13] - |A| - [209408] - C:\Windows\syswow64\shsvcs.dll
[MD5.D246E03FEBD33DE6EE27EA66D0DDC8D7] - [01/09/2022 11:45:41] - |A| - [43008] - C:\Windows\syswow64\signdrv.dll
[MD5.AA1C585C3059A69EADA53F6C7D38E55D] - [01/09/2022 11:42:20] - |A| - [114176] - C:\Windows\syswow64\slc.dll
[MD5.86F96074BB1CFE5B014A711601CFAB36] - [01/09/2022 11:42:20] - |A| - [19968] - C:\Windows\syswow64\slcext.dll
[MD5.F9D3530BF0B580DD5F16E4AA27B759C6] - [01/09/2022 11:43:52] - |A| - [640512] - C:\Windows\syswow64\SmartcardCredentialProvider.dll
[MD5.F7BFE846F2A5D7ED25B316D891B76BE1] - [01/09/2022 11:42:33] - |A| - [232960] - C:\Windows\syswow64\smartscreenps.dll
[MD5.3909BF330EEE8A708A5D52238AFC9E3F] - [01/09/2022 11:45:11] - |A| - [33104] - C:\Windows\syswow64\smphost.dll
[MD5.BD4A1CC3429ED1251E5185A72501839B] - [01/09/2022 11:43:14] - |A| - [226712] - C:\Windows\syswow64\SndVol.exe
[MD5.1B72D1A14575D8276909B667129FE019] - [01/09/2022 11:43:14] - |A| - [246272] - C:\Windows\syswow64\SndVolSSO.dll
[MD5.49C91516B5F4C8B74E26BBA0E1DD39FA] - [01/09/2022 11:43:34] - |A| - [68728] - C:\Windows\syswow64\SortWindows62.dll
[MD5.4279AF414A208CB40DC000C767479A5F] - [01/09/2022 11:43:34] - |A| - [68720] - C:\Windows\syswow64\SortWindows64.dll
[MD5.56976013D516F98713F6D4327B57D0CA] - [01/09/2022 11:45:11] - |A| - [166912] - C:\Windows\syswow64\spacebridge.dll
[MD5.78BF809EE23CE9E1E366FF383D7D8FE5] - [01/09/2022 11:42:09] - |A| - [132096] - C:\Windows\syswow64\SpatialAudioLicenseSrv.exe
[MD5.2FF8F4F9B6E2F07DD8C8257544880336] - [01/09/2022 11:42:08] - |A| - [176128] - C:\Windows\syswow64\SpatializerApo.dll
[MD5.585D182E4C717324F99AB3689B5B13C2] - [01/09/2022 11:42:21] - |A| - [86528] - C:\Windows\syswow64\spbcd.dll
[MD5.1DA54CD6B2CA43E666DFA1043AFA5912] - [01/09/2022 11:43:36] - |A| - [92160] - C:\Windows\syswow64\spfileq.dll
[MD5.A464BF8D0ECE8433AD40B8C5C7813D27] - [01/09/2022 11:42:20] - |A| - [98816] - C:\Windows\syswow64\sppc.dll
[MD5.A8BDF94C08434D388B40E0F5B39EC744] - [01/09/2022 11:42:20] - |A| - [546816] - C:\Windows\syswow64\sppcext.dll
[MD5.0033D501E189EA6DEC689F8C6AC784D3] - [01/09/2022 11:42:20] - |A| - [283648] - C:\Windows\syswow64\sppcomapi.dll
[MD5.BC7128319F995F91A266187113067FE8] - [01/09/2022 11:48:51] - |A| - [9216] - C:\Windows\syswow64\spwmp.dll
[MD5.85A2589F4C806548C5733F7021792A1E] - [01/09/2022 11:43:14] - |A| - [136704] - C:\Windows\syswow64\srpapi.dll
[MD5.D1A8F24CCDA93E237AB52C21702C8FC3] - [01/09/2022 11:43:19] - |A| - [78016] - C:\Windows\syswow64\srvcli.dll
[MD5.ACFB0F1F7FEC2A9B76B10ACEF957F5B0] - [01/09/2022 11:43:21] - |A| - [37376] - C:\Windows\syswow64\sscore.dll
[MD5.8ADEE638A4F96E455E908AE153A54C58] - [01/09/2022 11:42:10] - |A| - [123984] - C:\Windows\syswow64\sspicli.dll
[MD5.E65C7A80C3595EDEB3053C55B1F41EBC] - [01/09/2022 11:42:55] - |A| - [583608] - C:\Windows\syswow64\StateRepository.Core.dll
[MD5.B028566E8AFF35773B8CA56EB8C554E3] - [01/09/2022 11:45:14] - |A| - [241664] - C:\Windows\syswow64\sti.dll
[MD5.E843144732A5BB909D7CBBA62F00D065] - [01/09/2022 11:42:19] - |A| - [258048] - C:\Windows\syswow64\stobject.dll
[MD5.0EAC8241D39176E0FA48B57C76C54742] - [01/09/2022 11:45:13] - |A| - [14848] - C:\Windows\syswow64\subst.exe
[MD5.1ED18311E3DA35942DB37D15FA40CC5B] - [01/09/2022 11:43:16] - |A| - [46504] - C:\Windows\syswow64\svchost.exe
[MD5.B870C50021A219AC69BCF14415F70086] - [01/09/2022 11:42:21] - |A| - [549056] - C:\Windows\syswow64\sxs.dll
[MD5.209969CD31095C47FFB25959B10917F3] - [01/09/2022 11:42:21] - |A| - [29696] - C:\Windows\syswow64\sxstrace.exe
[MD5.68284AAA20EA3D23E1B8C698E93240CF] - [01/09/2022 11:42:12] - |A| - [233984] - C:\Windows\syswow64\SyncSettings.dll
[MD5.009EFBF38D9C906AA9A9C39963D01ACB] - [01/09/2022 11:42:29] - |A| - [21504] - C:\Windows\syswow64\SystemEventsBrokerClient.dll
[MD5.841744BE9F65E06C70ABC730865E40CD] - [01/09/2022 11:42:30] - |A| - [66560] - C:\Windows\syswow64\SystemUWPLauncher.exe
[MD5.5DAAAB71DBA19E32E6C16B6A7EC70E1F] - [01/09/2022 11:45:36] - |A| - [843776] - C:\Windows\syswow64\tapi3.dll
[MD5.D7128869A4759CCBDC5D4BC55A40D4CC] - [01/09/2022 11:45:12] - |A| - [44544] - C:\Windows\syswow64\tar.exe
[MD5.533378A8B9357CEAA421914F03115600] - [01/09/2022 11:42:22] - |A| - [366592] - C:\Windows\syswow64\taskcomp.dll
[MD5.61A8F02536AB07E430715B98BAD49CAB] - [01/09/2022 11:43:14] - |A| - [964776] - C:\Windows\syswow64\Taskmgr.exe
[MD5.747A04CE944BBA175A7E63E9284AFC0D] - [01/09/2022 11:42:21] - |A| - [509232] - C:\Windows\syswow64\taskschd.dll
[MD5.79CFA467E3B4CBE6D2762E3008F0F708] - [01/09/2022 11:42:23] - |A| - [56832] - C:\Windows\syswow64\tbauth.dll
[MD5.490E3AEC2C9C6E946DA03708ABC9102B] - [01/09/2022 11:43:38] - |A| - [31744] - C:\Windows\syswow64\tcpmib.dll
[MD5.E24A877D0B7CAD9C57A6C457A05CABA6] - [01/09/2022 11:43:37] - |A| - [58368] - C:\Windows\syswow64\tcpmonui.dll
[MD5.C8F9AE0EA1E137C632F53040260FB89F] - [01/09/2022 11:43:23] - |A| - [885248] - C:\Windows\syswow64\tdh.dll
[MD5.D47E4E5E7D7285F40562B1BE5DE87719] - [01/09/2022 11:42:45] - |A| - [754104] - C:\Windows\syswow64\TextInputFramework.dll
[MD5.24112B33D937AB7721EBEF4231D53667] - [01/09/2022 11:42:45] - |A| - [1333760] - C:\Windows\syswow64\TextInputMethodFormatter.dll
[MD5.4C58C812BB19C065CB0ED7FC8FBBAC12] - [01/09/2022 11:42:42] - |A| - [611960] - C:\Windows\syswow64\TextShaping.dll
[MD5.308A569C11B97443CCD4B89367E4CFA3] - [01/09/2022 11:45:37] - |A| - [347648] - C:\Windows\syswow64\themecpl.dll
[MD5.16E8A4FA5B6C4CC931E31CDEE7865E2D] - [01/09/2022 11:42:32] - |A| - [290672] - C:\Windows\syswow64\thumbcache.dll
[MD5.0B26EEA18F348C4223F15D2336E6BB81] - [01/09/2022 11:42:49] - |A| - [436224] - C:\Windows\syswow64\TileDataRepository.dll
[MD5.0781E144681F4D90902FFECED1BD1CBA] - [01/09/2022 11:42:22] - |A| - [1234944] - C:\Windows\syswow64\TokenBroker.dll
[MD5.D43AF505CC055D80827B515D6B1DEBDF] - [01/09/2022 11:42:23] - |A| - [36352] - C:\Windows\syswow64\TokenBrokerCookies.exe
[MD5.6A34D994F6EB318F65059AB1B74A18D8] - [01/09/2022 11:42:23] - |A| - [58880] - C:\Windows\syswow64\TokenBrokerUI.dll
[MD5.9BE04FE13BAAAB98B799B22097F665D4] - [01/09/2022 11:42:12] - |A| - [3584] - C:\Windows\syswow64\TpmCertResources.dll
[MD5.B161A917D17A6271BBFC6E5C84953199] - [01/09/2022 11:42:12] - |A| - [941056] - C:\Windows\syswow64\TpmCoreProvisioning.dll
[MD5.CE4E73FA1555E59A16BEE1DFF1EE353A] - [01/09/2022 11:42:12] - |A| - [223744] - C:\Windows\syswow64\TpmTool.exe
[MD5.2C960CAD79A88DB1F05D240CA2CC150A] - [01/09/2022 11:42:44] - |A| - [2606592] - C:\Windows\syswow64\tquery.dll
[MD5.FE3E7B9067E346EA17D2A4508032EE3F] - [01/09/2022 11:45:35] - |A| - [399360] - C:\Windows\syswow64\tracerpt.exe
[MD5.7E896B29B309DE74A72DEC7D59715EFD] - [01/09/2022 11:45:13] - |A| - [17920] - C:\Windows\syswow64\tree.com
[MD5.AABCCEFCEA9A8243B526B3FF6188BBF2] - [01/09/2022 11:45:38] - |A| - [54784] - C:\Windows\syswow64\tsgqec.dll
[MD5.E1E5ABA38588EA57905BF7851EEE835D] - [01/09/2022 11:43:49] - |A| - [120320] - C:\Windows\syswow64\TSpkg.dll
[MD5.59DF870A360EEA9555C1B74901AB50EA] - [01/09/2022 11:42:49] - |A| - [213776] - C:\Windows\syswow64\ttdinject.exe
[MD5.8EE3EB39095B3CA24A5754AC921B664B] - [01/09/2022 11:42:49] - |A| - [448312] - C:\Windows\syswow64\ttdrecord.dll
[MD5.4EDD9BD12A7B1EACD6426282C6DEA10C] - [01/09/2022 11:42:49] - |A| - [72544] - C:\Windows\syswow64\tttracer.exe
[MD5.A88B20DABDA28A87D3C9FFA453ED2205] - [01/09/2022 11:13:51] - |A| - [147472] - C:\Windows\syswow64\twaindsm.dll
[MD5.4FD10BA2019A04EAFCDAF7600737E60A] - [01/09/2022 11:43:50] - |A| - [150016] - C:\Windows\syswow64\twext.dll
[MD5.CF6EEE0545C6E0CD0DCC1DBF5C5A7C16] - [01/09/2022 11:42:57] - |A| - [1635248] - C:\Windows\syswow64\twinapi.appcore.dll
[MD5.DE39184E9F18AF56D6AEA77CF2FDAB75] - [01/09/2022 11:42:23] - |A| - [512000] - C:\Windows\syswow64\twinapi.dll
[MD5.F0DF59D6684AA00CD32211622129A835] - [01/09/2022 11:42:32] - |A| - [502272] - C:\Windows\syswow64\twinui.appcore.dll
[MD5.8F44D3E980C85B3A21364CF7A8B62BFC] - [01/09/2022 11:42:23] - |A| - [4749824] - C:\Windows\syswow64\twinui.dll
[MD5.93925D4F55465CFC73C4CDF7F8B1F375] - [01/09/2022 11:45:35] - |A| - [41984] - C:\Windows\syswow64\typeperf.exe
[MD5.26C098D744AADDC06FBA2B3BB4E5507B] - [01/09/2022 11:43:18] - |A| - [2560] - C:\Windows\syswow64\tzres.dll
[MD5.92299C99F17CC2EF888BEA1342442D14] - [01/09/2022 11:42:33] - |A| - [2538496] - C:\Windows\syswow64\UIAutomationCore.dll
[MD5.65BC5B43287C202E343C2B94E980B159] - [01/09/2022 11:43:02] - |A| - [149816] - C:\Windows\syswow64\ulib.dll
[MD5.79C54F094075D6D9ADFEF623B5A92FA3] - [01/09/2022 11:43:11] - |A| - [514560] - C:\Windows\syswow64\untfs.dll
[MD5.60D6F8BF08ACDEB02E706FC81C2C4FD0] - [01/09/2022 11:42:59] - |A| - [167424] - C:\Windows\syswow64\updatepolicy.dll
[MD5.DA2A384F3E83914F40E3F7D47EB0F04D] - [01/09/2022 11:45:11] - |A| - [346112] - C:\Windows\syswow64\upnp.dll
[MD5.75259A320FAC92DAD1F0DD6CB51D798A] - [01/09/2022 11:43:14] - |A| - [686592] - C:\Windows\syswow64\uReFS.dll
[MD5.BDC9D330060F94502A160DBAD60327AA] - [01/09/2022 11:45:13] - |A| - [24064] - C:\Windows\syswow64\ureg.dll
[MD5.AB4328FC15C3296C8798E3BF7641BC5C] - [01/09/2022 11:43:32] - |A| - [1679872] - C:\Windows\syswow64\urlmon.dll
[MD5.EF8B92D396945E045A3A9CFFBA7D2E67] - [01/09/2022 11:43:01] - |A| - [1681208] - C:\Windows\syswow64\user32.dll
[MD5.D1008B3C9452BD0FEFC9AC42F4C07545] - [01/09/2022 11:42:24] - |A| - [593920] - C:\Windows\syswow64\usercpl.dll
[MD5.A6905DACE8275089D2AB046CFF5E8F9F] - [01/09/2022 11:42:50] - |A| - [96256] - C:\Windows\syswow64\UserDataTimeUtil.dll
[MD5.F8D8EF5EF468E2894B2064FAC2B713A1] - [01/09/2022 11:42:34] - |A| - [163328] - C:\Windows\syswow64\UserDeviceRegistration.dll
[MD5.CDDA9A5B55101348C13AEF4EF6128868] - [01/09/2022 11:42:33] - |A| - [267264] - C:\Windows\syswow64\UserDeviceRegistration.Ngc.dll
[MD5.24892AC6E39679E3BD3B0154DE97C53A] - [01/09/2022 11:43:19] - |A| - [45568] - C:\Windows\syswow64\userinit.exe
[MD5.5A1B5C95F87CB5F47EFA8F6FC4041A0A] - [01/09/2022 11:43:30] - |A| - [25088] - C:\Windows\syswow64\userinitext.dll
[MD5.CC515D47401C82B58F5C27F719B51573] - [01/09/2022 11:42:51] - |A| - [45056] - C:\Windows\syswow64\UserLanguageProfileCallback.dll
[MD5.16E2EDE4B57D68E676B8CD6944413F72] - [01/09/2022 11:43:22] - |A| - [203776] - C:\Windows\syswow64\UserMgrProxy.dll
[MD5.E4824A65AC5E1B895C9800D10D53638E] - [01/09/2022 11:43:13] - |A| - [84480] - C:\Windows\syswow64\usoapi.dll
[MD5.97D2E879ED128255496045660A70E98E] - [01/09/2022 11:42:22] - |A| - [82944] - C:\Windows\syswow64\UXInit.dll
[MD5.37F9D66D2B3491B9D8D0FD4B77760BAB] - [01/09/2022 11:42:22] - |A| - [454656] - C:\Windows\syswow64\uxtheme.dll
[MD5.D726550142BF1D098D0E9F65EE58A05F] - [01/09/2022 11:43:49] - |A| - [535040] - C:\Windows\syswow64\vbscript.dll
[MD5.C62C836C48879150BE7D8195CBA9B342] - [01/09/2022 11:43:13] - |A| - [59248] - C:\Windows\syswow64\virtdisk.dll
[MD5.C8854B26693147C44BA45DEC36A4075B] - [01/09/2022 11:43:13] - |A| - [1160704] - C:\Windows\syswow64\vssapi.dll
[MD5.16ABD5EBBF8C7E3E41CEFC979EBAC77B] - [01/09/2022 11:45:36] - |A| - [225280] - C:\Windows\syswow64\wavemsp.dll
[MD5.0A6718691DE6BB4F82D78A7757782838] - [01/09/2022 11:42:26] - |A| - [434688] - C:\Windows\syswow64\wbemcomn.dll
[MD5.B4C26692337532CFD94715A3C548EE34] - [01/09/2022 11:42:49] - |A| - [402432] - C:\Windows\syswow64\webauthn.dll
[MD5.960D300DDCE0AE6AE27D87A4F84F3423] - [01/09/2022 11:46:21] - |A| - [815104] - C:\Windows\syswow64\WebcamUi.dll
[MD5.4BFC4599B7E56EE368EAFB9E87A7588E] - [01/09/2022 11:45:41] - |A| - [194048] - C:\Windows\syswow64\WebClnt.dll
[MD5.9A11529B494FA4D2C81B9DD080C2ACAA] - [01/09/2022 11:43:19] - |A| - [452096] - C:\Windows\syswow64\webio.dll
[MD5.CEF5CDCC970B56EDC0776D50E672E22D] - [01/09/2022 11:45:26] - |A| - [839168] - C:\Windows\syswow64\webplatstorageserver.dll
[MD5.52395EBB8C09CF2CC5B7F25E8CB9F735] - [01/09/2022 11:43:20] - |A| - [706568] - C:\Windows\syswow64\wer.dll
[MD5.7DA7B6BC6EFDA7DAB8CBF61D93266E09] - [01/09/2022 11:43:20] - |A| - [38912] - C:\Windows\syswow64\werdiagcontroller.dll
[MD5.DA3DFD73548E51D51A7632D638ECB4A9] - [01/09/2022 11:43:20] - |A| - [196736] - C:\Windows\syswow64\weretw.dll
[MD5.BF6DEE7F5F743B8637D3E1970822DC89] - [01/09/2022 11:43:20] - |A| - [489320] - C:\Windows\syswow64\WerFault.exe
[MD5.639F77D5FB30839A5ED188281452E7C8] - [01/09/2022 11:43:20] - |A| - [152936] - C:\Windows\syswow64\WerFaultSecure.exe
[MD5.5C77CE474D9FE5A3E5CD81FB4D35344B] - [01/09/2022 11:43:20] - |A| - [202600] - C:\Windows\syswow64\wermgr.exe
[MD5.5BDB697ED6DF4D34833F310A8876D8FA] - [01/09/2022 11:45:14] - |A| - [209920] - C:\Windows\syswow64\werui.dll
[MD5.07408CC879313E83A173F79B67FA8301] - [01/09/2022 11:43:11] - |A| - [294920] - C:\Windows\syswow64\wevtapi.dll
[MD5.3C0E48DA02447863279B0FE3CE7FE5E8] - [01/09/2022 11:43:11] - |A| - [208384] - C:\Windows\syswow64\wevtutil.exe
[MD5.6E32E1BB563A05EB9E6A7B6393598B42] - [01/09/2022 11:42:55] - |A| - [18944] - C:\Windows\syswow64\wfapigp.dll
[MD5.B88B01FA195EBD117E447658A07DF4F0] - [01/09/2022 11:42:19] - |A| - [33792] - C:\Windows\syswow64\wfdprov.dll
[MD5.2F1D379CE47E920BDDD2C50214457E0F] - [01/09/2022 11:45:21] - |A| - [84480] - C:\Windows\syswow64\wiaacmgr.exe
[MD5.5EE57B5683B21990F64D3C49DD9F69F9] - [01/09/2022 11:45:14] - |A| - [689664] - C:\Windows\syswow64\wiaaut.dll
[MD5.5CF79090752A90EB619E6C4523152CF7] - [01/09/2022 11:45:14] - |A| - [188928] - C:\Windows\syswow64\wiadefui.dll
[MD5.4547024B9BF578C603BB2099803C2A19] - [01/09/2022 11:45:21] - |A| - [143872] - C:\Windows\syswow64\wiadss.dll
[MD5.5E39B942FB0F51720E4358821DBD5B7F] - [01/09/2022 11:45:14] - |A| - [89600] - C:\Windows\syswow64\wiascanprofiles.dll
[MD5.BBF3A72778864C9BFB53D436F6B06D77] - [01/09/2022 11:45:21] - |A| - [67072] - C:\Windows\syswow64\wiashext.dll
[MD5.06A8287F0063D3A1BCCD83A7E0FBB72D] - [01/09/2022 11:45:14] - |A| - [15360] - C:\Windows\syswow64\wiatrace.dll
[MD5.195669D7064BA66E155A5899735E0156] - [01/09/2022 11:43:15] - |A| - [603984] - C:\Windows\syswow64\wimgapi.dll
[MD5.F06E878B83AD84FBA8C00345641BCF84] - [01/09/2022 11:43:01] - |A| - [329728] - C:\Windows\syswow64\win32k.sys
[MD5.55688D25BD6D00FE4AC5B036CF2F73FE] - [01/09/2022 11:43:01] - |A| - [2752512] - C:\Windows\syswow64\win32kfull.sys
[MD5.041C07776D97AA2802AAF7003051F7D0] - [01/09/2022 11:43:01] - |A| - [94008] - C:\Windows\syswow64\win32u.dll
[MD5.D49E5ED35D13CDCDB89E5FF1151661C0] - [01/09/2022 11:43:02] - |A| - [129024] - C:\Windows\syswow64\winbio.dll
[MD5.AB889B4B9A8558857B43315B896AB9D8] - [01/09/2022 11:43:15] - |A| - [152384] - C:\Windows\syswow64\winbrand.dll
[MD5.1B3994968DEC657CA560E256DC717D66] - [01/09/2022 11:43:17] - |A| - [297984] - C:\Windows\syswow64\wincorlib.dll
[MD5.219A47A3DDA3DE55E284128653633B3F] - [01/09/2022 11:43:22] - |A| - [163840] - C:\Windows\syswow64\wincredui.dll
[MD5.4C5C27F44B2A1BA6478B13930BF17A93] - [01/09/2022 11:42:41] - |A| - [723456] - C:\Windows\syswow64\Windows.AccountsControl.dll
[MD5.FD6C0B19B2C5F84E6FB4384582766EB2] - [01/09/2022 11:42:29] - |A| - [91648] - C:\Windows\syswow64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
[MD5.452374815B4F5C651E92040537950BCB] - [01/09/2022 11:42:08] - |A| - [615424] - C:\Windows\syswow64\Windows.ApplicationModel.ConversationalAgent.dll
[MD5.558826F5D3BB01E16AC47126A4DBE3AB] - [01/09/2022 11:42:29] - |A| - [160768] - C:\Windows\syswow64\Windows.ApplicationModel.Core.dll
[MD5.CDC0F7D0CD0E14CF7824F2C778599602] - [01/09/2022 11:42:34] - |A| - [721576] - C:\Windows\syswow64\Windows.ApplicationModel.dll
[MD5.AA54C30DFDB176017FB5FC192D4C532D] - [01/09/2022 11:42:50] - |A| - [1687536] - C:\Windows\syswow64\Windows.ApplicationModel.Store.dll
[MD5.E2BD0FAB9948FD54A8A8B99B4497C755] - [01/09/2022 11:42:41] - |A| - [52736] - C:\Windows\syswow64\Windows.ApplicationModel.Store.Preview.DOSettings.dll
[MD5.6EDE3E89F1C3E962B7D15B10126185FD] - [01/09/2022 11:42:30] - |A| - [67072] - C:\Windows\syswow64\Windows.Devices.Background.dll
[MD5.9188F617FFA416D9C90DA33E7DF22CC2] - [01/09/2022 11:42:56] - |A| - [409096] - C:\Windows\syswow64\Windows.Devices.Enumeration.dll
[MD5.118F6F6EC737FD6B152A168034ECF236] - [01/09/2022 11:42:59] - |A| - [190464] - C:\Windows\syswow64\Windows.Devices.HumanInterfaceDevice.dll
[MD5.43E01BE671E372CC10ADBD31C574488B] - [01/09/2022 11:43:00] - |A| - [276992] - C:\Windows\syswow64\Windows.Devices.Lights.dll
[MD5.2CA750FF8C5AAEDE4CBCAFB0421EDC4D] - [01/09/2022 11:48:28] - |A| - [342016] - C:\Windows\syswow64\Windows.Devices.Picker.dll
[MD5.A7E205FAF80CCC2E47C75D8D1DB1BA0D] - [01/09/2022 11:42:48] - |A| - [1475584] - C:\Windows\syswow64\Windows.Devices.PointOfService.dll
[MD5.F89F78FF6505D63E6E34D3431AB252B7] - [01/09/2022 11:42:30] - |A| - [94208] - C:\Windows\syswow64\Windows.Devices.Printers.dll
[MD5.D40A3641F53823C2DB5F195241E20955] - [01/09/2022 11:43:38] - |A| - [35328] - C:\Windows\syswow64\Windows.Devices.Printers.Extensions.dll
[MD5.BBD5456773FE514685AC8963D8C07B8C] - [01/09/2022 11:45:21] - |A| - [161792] - C:\Windows\syswow64\Windows.Devices.Scanners.dll
[MD5.85890074E76358307BA2942158878454] - [01/09/2022 11:43:35] - |A| - [1010264] - C:\Windows\syswow64\Windows.Devices.Sensors.dll
[MD5.C824C3600CB70FC93539AF68D5512ABB] - [01/09/2022 11:42:56] - |A| - [151040] - C:\Windows\syswow64\Windows.Energy.dll
[MD5.F29733F4509CCA775B5B24EF291F67EA] - [01/09/2022 11:43:51] - |A| - [279040] - C:\Windows\syswow64\Windows.FileExplorer.Common.dll
[MD5.96A803A270BD6FAB30FE502FE59F08BD] - [01/09/2022 11:42:32] - |A| - [569856] - C:\Windows\syswow64\Windows.Gaming.Input.dll
[MD5.87C0127C07E00E68C7443C79545EABFE] - [01/09/2022 11:42:41] - |A| - [291840] - C:\Windows\syswow64\Windows.Gaming.Preview.dll
[MD5.068F1B257587890132518A16DA21583E] - [01/09/2022 11:42:57] - |A| - [1315328] - C:\Windows\syswow64\Windows.Globalization.dll
[MD5.776A01296F5E5D79D6F8E7F288596C24] - [01/09/2022 11:43:00] - |A| - [436424] - C:\Windows\syswow64\Windows.Graphics.dll
[MD5.2DBC92D7D86CD946453CAC3559974A50] - [01/09/2022 11:42:31] - |A| - [1550848] - C:\Windows\syswow64\Windows.Graphics.Printing.3D.dll
[MD5.3B034DEDEC669D956CA55F3D9019A621] - [01/09/2022 11:42:31] - |A| - [622592] - C:\Windows\syswow64\Windows.Graphics.Printing.dll
[MD5.8D50D30E73E0A0609A7A8D98D8620F2D] - [01/09/2022 11:43:37] - |A| - [957952] - C:\Windows\syswow64\Windows.Graphics.Printing.Workflow.dll
[MD5.9570AFB0F6B2C278820703C9E2F8267A] - [01/09/2022 11:43:37] - |A| - [14336] - C:\Windows\syswow64\Windows.Graphics.Printing.Workflow.Native.dll
[MD5.C1960653D95585D49FF20F662E95AA33] - [01/09/2022 11:42:46] - |A| - [183296] - C:\Windows\syswow64\Windows.Internal.Graphics.Display.DisplayColorManagement.dll
[MD5.53F4B95961234DF211A6349A0EC2943D] - [01/09/2022 11:43:23] - |A| - [712192] - C:\Windows\syswow64\Windows.Internal.Management.dll
[MD5.B9D33EA811CD87B5F9510EA4385D9EB6] - [01/09/2022 11:45:31] - |A| - [40960] - C:\Windows\syswow64\Windows.Internal.SecurityMitigationsBroker.dll
[MD5.6CD671B7F93D6655658D01A37024E96F] - [01/09/2022 11:46:18] - |A| - [1241600] - C:\Windows\syswow64\Windows.Media.Audio.dll
[MD5.D20A1ABD31093CC1070B6A1FC601FC54] - [01/09/2022 11:43:33] - |A| - [740352] - C:\Windows\syswow64\Windows.Media.BackgroundMediaPlayback.dll
[MD5.1836609D0CC39DB2A1745B5273486F88] - [01/09/2022 11:42:08] - |A| - [460200] - C:\Windows\syswow64\Windows.Media.Devices.dll
[MD5.4C55CFD64654641DF4D9505DF086612C] - [01/09/2022 11:46:17] - |A| - [5357144] - C:\Windows\syswow64\Windows.Media.dll
[MD5.9A706CB7E7A44824B7414D7E368D746B] - [01/09/2022 11:43:33] - |A| - [738816] - C:\Windows\syswow64\Windows.Media.Playback.BackgroundMediaPlayer.dll
[MD5.59D1DB3758F7A5CD838C0E7E6B0B44C4] - [01/09/2022 11:43:33] - |A| - [721408] - C:\Windows\syswow64\Windows.Media.Playback.MediaPlayer.dll
[MD5.F451003460ED0E38D21B9111D9EB5B35] - [01/09/2022 11:43:33] - |A| - [8903416] - C:\Windows\syswow64\Windows.Media.Protection.PlayReady.dll
[MD5.72EC246BC36D77CCA47E5CC95EA11572] - [01/09/2022 11:43:12] - |A| - [1260544] - C:\Windows\syswow64\Windows.Media.Speech.dll
[MD5.EBD15F3F6D137AE96CFF0EDDB823D072] - [01/09/2022 11:46:21] - |A| - [856064] - C:\Windows\syswow64\Windows.Media.Streaming.dll
[MD5.050BF41F73329A9650E4F06CB46A5613] - [01/09/2022 11:45:40] - |A| - [3380000] - C:\Windows\syswow64\Windows.Mirage.dll
[MD5.C1617536B82200D847F8CDB7E59462BB] - [01/09/2022 11:45:40] - |A| - [580608] - C:\Windows\syswow64\Windows.Mirage.Internal.dll
[MD5.2E5A6D10F2B4DD63844479C498195436] - [01/09/2022 11:42:55] - |A| - [1148416] - C:\Windows\syswow64\Windows.Networking.Vpn.dll
[MD5.C9F81B32AF62B7BDEA7204128CE09DA8] - [01/09/2022 11:42:48] - |A| - [409600] - C:\Windows\syswow64\Windows.Payments.dll
[MD5.DD3B18F7A800D473419E9F288523976D] - [01/09/2022 11:42:22] - |A| - [1001472] - C:\Windows\syswow64\Windows.Security.Authentication.Web.Core.dll
[MD5.934C9C18848F1AD91514B53658430726] - [01/09/2022 11:42:29] - |A| - [104960] - C:\Windows\syswow64\Windows.Security.Credentials.UI.UserConsentVerifier.dll
[MD5.493BE10C200BABC0ADE9F1C2A529B5B9] - [01/09/2022 11:42:56] - |A| - [775992] - C:\Windows\syswow64\Windows.Services.TargetedContent.dll
[MD5.C5E63F3E29625818BFA92FB946857062] - [01/09/2022 11:42:54] - |A| - [5420640] - C:\Windows\syswow64\Windows.StateRepository.dll
[MD5.B09D18FAEF78F7CA0669EFB6FCEBAFA3] - [01/09/2022 11:42:55] - |A| - [99656] - C:\Windows\syswow64\Windows.StateRepositoryBroker.dll
[MD5.136A2BB563620F60B4814AF92E166517] - [01/09/2022 11:42:55] - |A| - [176952] - C:\Windows\syswow64\Windows.StateRepositoryClient.dll
[MD5.B1057A6EB7696DCB67B302066FA6BDF1] - [01/09/2022 11:42:55] - |A| - [42320] - C:\Windows\syswow64\Windows.StateRepositoryCore.dll
[MD5.FF57A8B057156A80415C3ED25426BABB] - [01/09/2022 11:42:55] - |A| - [602184] - C:\Windows\syswow64\Windows.StateRepositoryPS.dll
[MD5.31D0B0B33B1B73219E6272B3C2CBD5BC] - [01/09/2022 11:42:55] - |A| - [223744] - C:\Windows\syswow64\Windows.StateRepositoryUpgrade.dll
[MD5.4CF999F77DD438A0FB9514A851C293E8] - [01/09/2022 11:42:58] - |A| - [324880] - C:\Windows\syswow64\Windows.Storage.ApplicationData.dll
[MD5.DB896CFBE576F12B939DE2E46C2B240D] - [01/09/2022 11:42:51] - |A| - [6374128] - C:\Windows\syswow64\windows.storage.dll
[MD5.F28BC4D21AB1AEAFA5F7F10456A36A76] - [01/09/2022 11:42:53] - |A| - [151552] - C:\Windows\syswow64\Windows.Storage.OneCore.dll
[MD5.56D50A90D5E53C77C3FC9D26BFE3EEC5] - [01/09/2022 11:42:32] - |A| - [521216] - C:\Windows\syswow64\Windows.System.Launcher.dll
[MD5.FCF4EA7CB7E835CACAD893289C384472] - [01/09/2022 11:42:58] - |A| - [54784] - C:\Windows\syswow64\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
[MD5.1F7D251A83290747E2186D9D936AA480] - [01/09/2022 11:42:31] - |A| - [41472] - C:\Windows\syswow64\Windows.System.Profile.SystemManufacturers.dll
[MD5.B3B68CFEDE434FCC8FD785FCDC94AD1D] - [01/09/2022 11:42:45] - |A| - [702976] - C:\Windows\syswow64\Windows.UI.Core.TextInput.dll
[MD5.F86902C6CDA1664953BA0E6EA613BA19] - [01/09/2022 11:43:50] - |A| - [229888] - C:\Windows\syswow64\Windows.UI.FileExplorer.dll
[MD5.7BAE00C7F1228C8B34C7268835C3E7CE] - [01/09/2022 11:43:30] - |A| - [953344] - C:\Windows\syswow64\Windows.UI.Immersive.dll
[MD5.7C78414BA60BE142132CC3632B643983] - [01/09/2022 11:43:49] - |A| - [682496] - C:\Windows\syswow64\Windows.UI.Search.dll
[MD5.A421A355EB03C1C8E06BF5E86FA6E9E7] - [01/09/2022 11:42:27] - |A| - [14778880] - C:\Windows\syswow64\Windows.UI.Xaml.dll
[MD5.763E01B81AA83CF7EE34F25E3F3DF4B3] - [01/09/2022 11:42:42] - |A| - [1511344] - C:\Windows\syswow64\WindowsCodecs.dll
[MD5.9121E9AB046BEF69A1C89032031DA9B4] - [01/09/2022 11:45:56] - |A| - [31595328] - C:\Windows\syswow64\WindowsCodecsRaw.dll
[MD5.500ECF121C86ED389782A966B2FFA091] - [01/09/2022 11:48:53] - |A| - [25600] - C:\Windows\syswow64\WinFax.dll
[MD5.3AC770E4634D0DA7A962A2C191F9D145] - [01/09/2022 11:43:19] - |A| - [822224] - C:\Windows\syswow64\winhttp.dll
[MD5.D9B5820DCA350922B41F7C3AB7308DAE] - [01/09/2022 11:45:10] - |A| - [82432] - C:\Windows\syswow64\winhttpcom.dll
[MD5.F6153E803F1533042AC7E6988237C2C3] - [01/09/2022 11:43:31] - |A| - [4509696] - C:\Windows\syswow64\wininet.dll
[MD5.36ED66C26940900CB9B0D6355B768B92] - [01/09/2022 11:43:21] - |A| - [38744] - C:\Windows\syswow64\wininitext.dll
[MD5.3CBE973862C46BE931EC15A46D98C224] - [01/09/2022 11:43:11] - |A| - [355328] - C:\Windows\syswow64\winipcfile.dll
[MD5.B58385938B555140D9C0BDFECF7BE293] - [01/09/2022 11:43:11] - |A| - [800256] - C:\Windows\syswow64\winipcsecproc.dll
[MD5.E6B626770283A9C1A06CA3AFFF26E193] - [01/09/2022 11:43:29] - |A| - [69632] - C:\Windows\syswow64\winipsec.dll
[MD5.830D68E216DA84F26F6DBF94F82F6C36] - [01/09/2022 11:42:51] - |A| - [144384] - C:\Windows\syswow64\Winlangdb.dll
[MD5.455351D5B99264B931963735A85CD7C7] - [01/09/2022 11:43:02] - |A| - [1651712] - C:\Windows\syswow64\winmsipc.dll
[MD5.AEB8BD81428791E234FD2C307ACDF1D7] - [01/09/2022 11:42:25] - |A| - [98304] - C:\Windows\syswow64\winrscmd.dll
[MD5.DC63C3963CE6E03DD4501406DB841E76] - [01/09/2022 11:45:40] - |A| - [303616] - C:\Windows\syswow64\WinSATAPI.dll
[MD5.04C8C22CDF3188624B57BF1235611C91] - [01/09/2022 11:43:15] - |A| - [265216] - C:\Windows\syswow64\winsku.dll
[MD5.806A02E6E2AFCD180A196981EFF851B1] - [01/09/2022 11:42:11] - |A| - [449536] - C:\Windows\syswow64\winspool.drv
[MD5.E983E303DB56679887EA6EC195729116] - [01/09/2022 11:42:54] - |A| - [316584] - C:\Windows\syswow64\wintrust.dll
[MD5.08329746D747163F01116B4C122722A8] - [01/09/2022 11:43:17] - |A| - [897112] - C:\Windows\syswow64\WinTypes.dll
[MD5.25C5EF4053C55D758714C90DD6BA9B5D] - [01/09/2022 11:43:19] - |A| - [64552] - C:\Windows\syswow64\wkscli.dll
[MD5.25D4A033E10AD0EE215CAFF1047C84BD] - [01/09/2022 11:42:19] - |A| - [366672] - C:\Windows\syswow64\wlanapi.dll
[MD5.968E5ADB77DC73C6F0E7A07E94999E62] - [01/09/2022 11:42:19] - |A| - [249344] - C:\Windows\syswow64\wlancfg.dll
[MD5.909974F47327354D3CDF855B140903B1] - [01/09/2022 11:42:19] - |A| - [16384] - C:\Windows\syswow64\wlanhlp.dll
[MD5.0D94372351073C542835C68BC2F14CA5] - [01/09/2022 11:42:20] - |A| - [364544] - C:\Windows\syswow64\wlanui.dll
[MD5.ADF8700ECD668D43116F626371D09DBD] - [01/09/2022 11:43:18] - |A| - [335872] - C:\Windows\syswow64\Wldap32.dll
[MD5.9129FF190C88527B1E6431B1BCB9E81C] - [01/09/2022 11:43:17] - |A| - [153912] - C:\Windows\syswow64\wldp.dll
[MD5.914F71519E0870AD87CEB5119B8D02CB] - [01/09/2022 11:46:20] - |A| - [665272] - C:\Windows\syswow64\WMADMOD.DLL
[MD5.1F987297D316E55D3E6D1460B7B22F9D] - [01/09/2022 11:48:50] - |A| - [9486848] - C:\Windows\syswow64\wmp.dll
[MD5.C59B046EDB2689882B71449A973FC53D] - [01/09/2022 11:48:52] - |A| - [167424] - C:\Windows\syswow64\wmpdxm.dll
[MD5.2815C825C02F1C9F598DF0ADD93CD522] - [01/09/2022 11:48:52] - |A| - [242736] - C:\Windows\syswow64\wmpeffects.dll
[MD5.722239683052C9440CE9200BAE922199] - [01/09/2022 11:48:51] - |A| - [2560] - C:\Windows\syswow64\wmploc.DLL
[MD5.3B7C4F5A5E1160EC6957C699102ED330] - [01/09/2022 11:48:52] - |A| - [96768] - C:\Windows\syswow64\wmpshell.dll
[MD5.9D1F73F84286DC33F83364812DA27D2F] - [01/09/2022 11:46:20] - |A| - [2138288] - C:\Windows\syswow64\WMVCORE.DLL
[MD5.5DEF3A245C6EE1A2AC861D4C175D2E0E] - [01/09/2022 11:46:20] - |A| - [2254544] - C:\Windows\syswow64\WMVDECOD.DLL
[MD5.BE260E7EA1890C76AACF8DB42D9701B3] - [01/09/2022 11:42:45] - |A| - [33792] - C:\Windows\syswow64\WordBreakers.dll
[MD5.BCB6AB94A7F844C08E625290F4C50E80] - [01/09/2022 11:43:36] - |A| - [15360] - C:\Windows\syswow64\wowreg32.exe
[MD5.0105BE005BD0B87809ED02A7E4DDEAFA] - [01/09/2022 11:42:11] - |A| - [1369600] - C:\Windows\syswow64\Wpc.dll
[MD5.026F00ECD35ED9E103D893B3913EFD4F] - [01/09/2022 11:46:21] - |A| - [548352] - C:\Windows\syswow64\wpdshext.dll
[MD5.DA96B8BDCD6A494622ED36C031AF27F2] - [01/09/2022 11:42:56] - |A| - [1083392] - C:\Windows\syswow64\wpnapps.dll
[MD5.F66A407FF36EF51F2DD3C9C1D9A3293C] - [01/09/2022 11:42:56] - |A| - [304128] - C:\Windows\syswow64\wpnclient.dll
[MD5.E9959435884B6385687BF7A33A9FD1C1] - [01/09/2022 11:42:11] - |A| - [8192] - C:\Windows\syswow64\wscadminui.exe
[MD5.BF7D33CB853ECAFE150A401F7AAE29B5] - [01/09/2022 11:42:11] - |A| - [250976] - C:\Windows\syswow64\wscapi.dll
[MD5.C71D1812A80F643FF25B97E72900F149] - [01/09/2022 11:45:41] - |A| - [162304] - C:\Windows\syswow64\wscinterop.dll
[MD5.CB3D90E3B527A66396A2F6338B75D8E1] - [01/09/2022 11:42:11] - |A| - [22016] - C:\Windows\syswow64\wscisvif.dll
[MD5.D185CD61194889CA023F64BD0661237C] - [01/09/2022 11:42:11] - |A| - [12800] - C:\Windows\syswow64\wscproxystub.dll
[MD5.FF00E0480075B095948000BDC66E81F0] - [01/09/2022 11:43:48] - |A| - [147456] - C:\Windows\syswow64\wscript.exe
[MD5.9603865E331CE074F08826608B240A16] - [01/09/2022 11:45:41] - |A| - [67584] - C:\Windows\syswow64\wscui.cpl
[MD5.BFCB7B3A6CB2E78812AC504DD080993A] - [01/09/2022 11:43:02] - |A| - [566272] - C:\Windows\syswow64\WSDApi.dll
[MD5.FECEF7E35453020055761689843F11AC] - [01/09/2022 11:45:11] - |A| - [18944] - C:\Windows\syswow64\WsdProviderUtil.dll
[MD5.F2F4137BF5745D92BDA5C1A61FB9B9FC] - [01/09/2022 11:43:49] - |A| - [21504] - C:\Windows\syswow64\wshcon.dll
[MD5.F58923FAAFCB20984857287C32D828EC] - [01/09/2022 11:43:49] - |A| - [122880] - C:\Windows\syswow64\wshom.ocx
[MD5.C8BA0AFD817EC2F71D83F83E93967DFD] - [01/09/2022 11:42:25] - |A| - [26112] - C:\Windows\syswow64\WsmAgent.dll
[MD5.878B0B8CEF37FEEB6EC7FE072AA2D875] - [01/09/2022 11:42:25] - |A| - [35840] - C:\Windows\syswow64\WSManHTTPConfig.exe
[MD5.5A58420ECDB25E3C8F804A079DDF04FB] - [01/09/2022 11:42:25] - |A| - [66560] - C:\Windows\syswow64\WSManMigrationPlugin.dll
[MD5.B6B3CF456F51642B1A80C97F29C8932F] - [01/09/2022 11:42:25] - |A| - [144896] - C:\Windows\syswow64\WsmAuto.dll
[MD5.635660284341DA1501C890AF069D9AA9] - [01/09/2022 11:42:25] - |A| - [11776] - C:\Windows\syswow64\wsmplpxy.dll
[MD5.F09C8E9B7E8A6481FA7D27D15232E090] - [01/09/2022 11:42:25] - |A| - [37376] - C:\Windows\syswow64\wsmprovhost.exe
[MD5.75A24BAC738BF5BA3A733D9AA7147895] - [01/09/2022 11:42:25] - |A| - [61952] - C:\Windows\syswow64\WsmRes.dll
[MD5.4149DBAC84C5DF6677082AD149824BB5] - [01/09/2022 11:42:25] - |A| - [2342400] - C:\Windows\syswow64\WsmSvc.dll
[MD5.50C267BED1D5D9569ACC4328B1F72599] - [01/09/2022 11:42:25] - |A| - [235008] - C:\Windows\syswow64\WsmWmiPl.dll
[MD5.62EA38D7EAFEC73157DC07CE4DE37ACE] - [01/09/2022 11:45:36] - |A| - [1542480] - C:\Windows\syswow64\wsp_fs.dll
[MD5.ECF387552FCC58AB9BC2C20A297ABB65] - [01/09/2022 11:45:36] - |A| - [1345376] - C:\Windows\syswow64\wsp_health.dll
[MD5.BAC18BD67993C302F9C69B69E6E82A13] - [01/09/2022 11:43:13] - |A| - [762880] - C:\Windows\syswow64\wuapi.dll
[MD5.7B6B8061F0BB90B4C08EEAF6EC0EC28C] - [01/09/2022 11:42:24] - |A| - [88064] - C:\Windows\syswow64\wudriver.dll
[MD5.41F9C078F7B48BFD0CD22357C11CD6FD] - [01/09/2022 11:43:13] - |A| - [36864] - C:\Windows\syswow64\wups.dll
[MD5.EB96F0F207F203DD0B6D8A2625270495] - [01/09/2022 11:43:33] - |A| - [325120] - C:\Windows\syswow64\wusa.exe
[MD5.7C23EE43C52E50FCE24AD05A80209655] - [01/09/2022 11:42:29] - |A| - [436736] - C:\Windows\syswow64\WwaApi.dll
[MD5.FECA8FBDED44ABF53A67842D19BCF6BA] - [01/09/2022 11:42:08] - |A| - [606720] - C:\Windows\syswow64\XAudio2_9.dll
[MD5.5183DC4CF0423FD421FF01D18B17470D] - [01/09/2022 11:42:07] - |A| - [55296] - C:\Windows\syswow64\XblAuthManagerProxy.dll
[MD5.9DF13894BB2B0AB8890DA8AF0AA4FF7C] - [01/09/2022 11:42:07] - |A| - [89088] - C:\Windows\syswow64\XblAuthTokenBrokerExt.dll
[MD5.132865A4BB734E9520E4FB209AA9B767] - [01/09/2022 11:45:13] - |A| - [50176] - C:\Windows\syswow64\xolehlp.dll
[MD5.2BA7E1CC1AAAEDDDE4A27F70BE6C29AF] - [01/09/2022 11:43:38] - |A| - [286208] - C:\Windows\syswow64\XpsDocumentTargetPrint.dll
[MD5.78A0AA46DFB1C4D3EED17CE5CF05F9A0] - [01/09/2022 11:43:38] - |A| - [324608] - C:\Windows\syswow64\XpsGdiConverter.dll
[MD5.359F50815C2F2EA45908BD2F5B76C6B3] - [01/09/2022 11:43:38] - |A| - [963584] - C:\Windows\syswow64\XpsPrint.dll
[MD5.EB3201D35EBB17636EA037115C8E77E8] - [01/09/2022 11:43:38] - |A| - [240128] - C:\Windows\syswow64\xpspushlayer.dll
[MD5.5FE44444473D39A02B2BE40BE292AD07] - [01/09/2022 11:43:38] - |A| - [483840] - C:\Windows\syswow64\XpsRasterService.dll
[MD5.D8339065AF14AFD516147A53B4D98C8D] - [01/09/2022 11:43:38] - |A| - [1831424] - C:\Windows\syswow64\xpsservices.dll
[MD5.E4557809539C6DC61BE502203CC976CC] - [01/09/2022 11:43:37] - |A| - [194560] - C:\Windows\syswow64\XpsToPclmConverter.dll
[MD5.9AD1C9648562BF57B0AF4C654BA7E586] - [01/09/2022 11:43:37] - |A| - [57856] - C:\Windows\syswow64\XpsToPwgrConverter.dll
[MD5.9C7B635D80EFA3E1EF9AAE2684C498CB] - [01/09/2022 11:43:36] - |A| - [30720] - C:\Windows\syswow64\Drivers\afunix.sys

---------- | Drives


E:


H:


I:

[12/09/2022 09:17:35] - |A| - (.© iTop Inc.                                                                    - iTop Screen Recorder                                     .) - [93384472] - (3.1.0.1102) - I:\itop-screen-recorder-frseo_hp-setup.exe
[12/09/2022 09:17:46] - |A| - (.Copyright (C) 2009 Secure By Design Inc - Ninite.) - [425304] - (0.1.1.1183) - I:\Ninite Chrome Firefox OpenOffice VLC Installer.exe
[12/09/2022 09:17:46] - |A| - (.©Farbar - Farbar Recovery Scan Tool.) - [2371072] - (30.8.2022.0) - I:\FRST64.exe

---------- | C:

[07/12/2019 11:14:52] - |SHD| - [3918156941] - C:\$Recycle.Bin
[12/09/2022 09:34:40] - |D| - [13367] - C:\$WINDOWS.~BT
[12/09/2022 09:34:33] - |HD| - [37277250] - C:\$Windows.~WS
[01/09/2022 10:55:50] - |HD| - [0] - C:\$WinREAgent
[12/06/2021 14:31:54] - |D| - [126954006] - C:\AMD
[08/09/2022 15:03:16] - |SHD| - [1564424] - C:\Config.Msi
[12/06/2021 12:08:12] - |SHD| - [0] - C:\Documents and Settings
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/06/2021 11:58:25] - |ASH| - (.-.) - [8192] - (0.0.0.0) - C:\DumpStack.log.tmp
[12/09/2022 09:43:03] - |D| - [3913408159] - C:\ESD
[12/09/2022 10:05:24] - |D| - [130453517] - C:\FRST
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/06/2021 12:07:54] - |ASH| - (.-.) - [1535000576] - (0.0.0.0) - C:\hiberfil.sys
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/06/2021 11:58:25] - |ASH| - (.-.) - [2854193152] - (0.0.0.0) - C:\pagefile.sys
[07/12/2019 11:14:52] - |D| - [0] - C:\PerfLogs
[07/12/2019 11:14:52] - |RD| - [6178309078] - C:\Program Files
[07/12/2019 11:14:52] - |RD| - [2121346948] - C:\Program Files (x86)
[07/12/2019 11:14:52] - |HD| - [958035085] - C:\ProgramData
[12/09/2022 10:06:22] - |D| - [68685] - C:\QuickDiag
[MD5.955607323DC2420FDD6CDC0E53DC4BFA] - [12/09/2022 10:06:33] - |A| - (.-.) - [597261] - (0.0.0.0) - C:\QuickDiag.txt
[12/06/2021 12:08:20] - |SHD| - [2957] - C:\Recovery
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/06/2021 11:58:25] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys
[12/06/2021 11:58:20] - |SHD| - [0] - C:\System Volume Information
[07/12/2019 11:03:44] - |RD| - [42146673123] - C:\Users
[07/12/2019 11:03:44] - |D| - [22477143933] - C:\Windows

---------- | C:\Windows

[07/12/2019 16:51:10] - |D| - [802] - C:\Windows\addins
[07/12/2019 11:14:52] - |D| - [11031258] - C:\Windows\appcompat
[07/12/2019 11:14:52] - |D| - [9920370] - C:\Windows\apppatch
[07/12/2019 11:14:52] - |D| - [0] - C:\Windows\AppReadiness
[07/12/2019 11:14:52] - |RD| - [522883398] - C:\Windows\assembly
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/06/2021 14:31:50] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\ativpsrm.bin
[07/12/2019 11:14:52] - |D| - [785153] - C:\Windows\bcastdvr
[MD5.820B97429E4153A743708B376807EE69] - [01/09/2022 11:37:33] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [81408] - (10.0.19041.1237) - C:\Windows\bfsvc.exe
[07/12/2019 11:14:52] - |D| - [40903722] - C:\Windows\Boot
[MD5.E46C90A5CB1F93507921CEE00BC42937] - [12/06/2021 11:59:39] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\Windows\bootstat.dat
[07/12/2019 11:14:52] - |D| - [2451496] - C:\Windows\Branding
[07/12/2019 11:03:44] - |D| - [0] - C:\Windows\CbsTemp
[07/12/2019 11:14:52] - |D| - [34727066] - C:\Windows\Containers
[MD5.C6C52AF48A75DCC59644DC894D2F524E] - [07/12/2019 16:53:23] - |A| - (.-.) - [29857] - (0.0.0.0) - C:\Windows\Core.xml
[07/12/2019 11:14:52] - |D| - [11501377] - C:\Windows\Cursors
[07/12/2019 11:14:52] - |D| - [10431472] - C:\Windows\debug
[07/12/2019 11:14:52] - |D| - [4306623] - C:\Windows\diagnostics
[07/12/2019 11:14:52] - |D| - [1702804] - C:\Windows\DiagTrack
[07/12/2019 16:49:55] - |D| - [0] - C:\Windows\DigitalLocker
[07/12/2019 11:14:52] - |SD| - [65] - C:\Windows\Downloaded Program Files
[MD5.0E122E985E7CAE731E743E2335737B2A] - [07/12/2019 11:17:33] - |A| - (.-.) - [1947] - (0.0.0.0) - C:\Windows\DtcInstall.log
[07/12/2019 11:14:52] - |HD| - [46688] - C:\Windows\ELAMBKUP
[07/12/2019 16:49:55] - |D| - [0] - C:\Windows\en-US
[MD5.7A413DDD10E81ADB6BB5D5E38F399D08] - [01/09/2022 11:37:54] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [5126256] - (10.0.19041.1889) - C:\Windows\explorer.exe
[07/12/2019 11:14:52] - |RSD| - [375744300] - C:\Windows\Fonts
[07/12/2019 16:49:55] - |D| - [112128] - C:\Windows\fr-FR
[07/12/2019 11:14:52] - |D| - [0] - C:\Windows\GameBarPresenceWriter
[07/12/2019 11:14:52] - |D| - [60392872] - C:\Windows\Globalization
[07/12/2019 11:14:52] - |D| - [1315831] - C:\Windows\Help
[MD5.7E8FAEC2E175C8B45B6D380A6A4C9503] - [01/09/2022 11:44:15] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [1075712] - (10.0.19041.1151) - C:\Windows\HelpPane.exe
[MD5.2C8FE78D53C8CA27523A71DFD2938241] - [07/12/2019 11:09:39] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.19041.1) - C:\Windows\hh.exe
[07/12/2019 11:14:52] - |D| - [30327] - C:\Windows\IdentityCRL
[07/12/2019 11:14:52] - |D| - [28822470] - C:\Windows\IME
[07/12/2019 11:14:52] - |RD| - [8211501] - C:\Windows\ImmersiveControlPanel
[07/12/2019 11:13:02] - |D| - [77265048] - C:\Windows\INF
[07/12/2019 11:14:52] - |D| - [38193580] - C:\Windows\InputMethod
[07/12/2019 11:14:52] - |SHD| - [957698395] - C:\Windows\Installer
[07/12/2019 11:14:52] - |D| - [109650] - C:\Windows\L2Schemas
[07/12/2019 11:14:52] - |HD| - [0] - C:\Windows\LanguageOverlayCache
[07/12/2019 11:14:52] - |D| - [0] - C:\Windows\LiveKernelReports
[07/12/2019 11:14:52] - |D| - [16804399] - C:\Windows\Logs
[MD5.5922445F419F709B91D4392FE507AFD9] - [12/06/2021 11:58:27] - |A| - (.-.) - [1380] - (0.0.0.0) - C:\Windows\lsasetup.log
[07/12/2019 11:14:52] - |RSD| - [20063519] - C:\Windows\Media
[MD5.23AF90D2355D8C83AA4567EF1763B467] - [07/12/2019 11:08:58] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\Windows\mib.bin
[07/12/2019 11:14:52] - |RD| - [626604081] - C:\Windows\Microsoft.NET
[07/12/2019 11:14:52] - |D| - [3323] - C:\Windows\Migration
[07/12/2019 11:14:52] - |D| - [0] - C:\Windows\ModemLogs
[MD5.27F71B12CB585541885A31BE22F61C83] - [01/09/2022 11:47:45] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [201216] - (10.0.19041.1865) - C:\Windows\notepad.exe
[07/12/2019 16:51:57] - |D| - [199472] - C:\Windows\OCR
[07/12/2019 11:14:52] - |RD| - [65] - C:\Windows\Offline Web Pages
[12/06/2021 12:57:35] - |D| - [9749106] - C:\Windows\Panther
[07/12/2019 11:14:52] - |D| - [368995] - C:\Windows\Performance
[MD5.6E55D398B84075DCC36589F78182C825] - [12/06/2021 17:08:49] - |A| - (.-.) - [6210] - (0.0.0.0) - C:\Windows\PFRO.log
[07/12/2019 11:14:52] - |D| - [1136442] - C:\Windows\PLA
[07/12/2019 11:14:52] - |D| - [2939011] - C:\Windows\PolicyDefinitions
[12/06/2021 11:58:20] - |D| - [20837835] - C:\Windows\Prefetch
[07/12/2019 11:14:52] - |RD| - [1903609] - C:\Windows\PrintDialog
[07/12/2019 11:14:52] - |D| - [6128885] - C:\Windows\Provisioning
[MD5.999A30979F6195BF562068639FFC4426] - [09/04/2021 15:55:14] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [370176] - (10.0.19041.746) - C:\Windows\regedit.exe
[07/12/2019 11:14:52] - |D| - [22588] - C:\Windows\Registration
[07/12/2019 11:14:52] - |D| - [5422008] - C:\Windows\rescache
[07/12/2019 11:14:52] - |D| - [3471899] - C:\Windows\Resources
[07/12/2019 11:14:52] - |D| - [0] - C:\Windows\SchCache
[07/12/2019 11:14:52] - |D| - [126782] - C:\Windows\schemas
[07/12/2019 11:14:52] - |D| - [6380514] - C:\Windows\security
[12/06/2021 11:58:32] - |D| - [1331153932] - C:\Windows\ServiceProfiles
[07/12/2019 11:14:52] - |D| - [4096] - C:\Windows\ServiceState
[07/12/2019 11:03:44] - |D| - [1987796423] - C:\Windows\servicing
[07/12/2019 11:18:25] - |D| - [42] - C:\Windows\Setup
[MD5.8830E932811DFB9C9851734145B8D528] - [29/08/2022 17:37:04] - |A| - (.-.) - [6803] - (0.0.0.0) - C:\Windows\setupact.log
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [12/06/2021 11:59:09] - |A| - (.-.) - [0] - (0.0.0.0) - C:\Windows\setuperr.log
[07/12/2019 11:14:52] - |D| - [5526528] - C:\Windows\ShellComponents
[07/12/2019 11:14:52] - |D| - [19039744] - C:\Windows\ShellExperiences
[07/12/2019 11:14:52] - |D| - [3070736] - C:\Windows\SKB
[12/06/2021 12:06:54] - |D| - [60046628] - C:\Windows\SoftwareDistribution
[07/12/2019 11:14:52] - |D| - [86037697] - C:\Windows\Speech
[07/12/2019 11:14:52] - |D| - [64508236] - C:\Windows\Speech_OneCore
[MD5.44BC415D7316FE784EB7FA9A395229F3] - [01/09/2022 11:37:39] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [163840] - (10.0.19041.1826) - C:\Windows\splwow64.exe
[07/12/2019 11:14:52] - |D| - [31039] - C:\Windows\System
[MD5.286A9EDB379DC3423A528B0864A0F111] - [07/12/2019 11:14:54] - |A| - (.-.) - [219] - (0.0.0.0) - C:\Windows\system.ini
[07/12/2019 11:03:44] - |D| - [4339311022] - C:\Windows\System32
[07/12/2019 11:14:52] - |D| - [152708417] - C:\Windows\SystemApps
[07/12/2019 11:14:52] - |D| - [167710305] - C:\Windows\SystemResources
[02/09/2022 00:33:02] - |D| - [0] - C:\Windows\SystemTemp
[07/12/2019 11:14:52] - |D| - [1211462937] - C:\Windows\SysWOW64
[07/12/2019 11:14:52] - |D| - [0] - C:\Windows\TAPI
[07/12/2019 11:14:52] - |D| - [957] - C:\Windows\Tasks
[07/12/2019 11:14:52] - |D| - [7422388] - C:\Windows\Temp
[07/12/2019 11:14:52] - |D| - [0] - C:\Windows\tracing
[07/12/2019 11:14:52] - |D| - [82042614] - C:\Windows\twain_32
[MD5.AFE119DD4E17891B227684F38AA25D4D] - [07/12/2019 11:10:00] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [65024] - (1.7.1.3) - C:\Windows\twain_32.dll
[07/12/2019 11:14:52] - |D| - [12420] - C:\Windows\Vss
[07/12/2019 11:14:52] - |D| - [33198] - C:\Windows\WaaS
[07/12/2019 11:14:52] - |D| - [16568315] - C:\Windows\Web
[MD5.23CF8138F49416231807E6DE371FB9E6] - [07/12/2019 11:14:54] - |A| - (.-.) - [92] - (0.0.0.0) - C:\Windows\win.ini
[MD5.C844CA459F3B209329984772269B6E56] - [07/12/2019 11:09:09] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\Windows\WindowsShell.Manifest
[MD5.2CC83D93DD1DDE691158CF5E9882420B] - [12/06/2021 12:06:54] - |A| - (.-.) - [276] - (0.0.0.0) - C:\Windows\WindowsUpdate.log
[MD5.0629E6D130F226C009EA9AB329F37ACC] - [07/12/2019 11:10:00] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [11776] - (10.0.19041.1) - C:\Windows\winhlp32.exe
[07/12/2019 11:03:44] - |D| - [10014315951] - C:\Windows\WinSxS
[MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [07/12/2019 11:10:11] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\Windows\WMSysPr9.prx
[MD5.B947CCA7F485F6C1156F4D02E8C9874F] - [07/12/2019 16:52:21] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.19041.1) - C:\Windows\write.exe

---------- | C:\Windows\System32\GroupPolicy


---------- | Systemroot\System


---------- | Systemroot\Installer (Microsoft Files Whitelisted)

[08/09/2022 15:02:49] - C:\Windows\Installer\21fd0ca8.msi : (Adobe ARM Installer - Adobe Systems Incorporated)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[12/06/2021 16:30:41] - C:\Windows\Installer\259cbc.msi : (Google Chrome Installer - Google LLC)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/04/2021 09:34:20] - C:\Windows\Installer\259cc7.msi : (OpenOffice 4.1.10 - OpenOffice)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[22/07/2022 15:57:16] - C:\Windows\Installer\51906dd.msi : (Epson Software Updater - Seiko Epson Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[17/01/2020 15:53:16] - C:\Windows\Installer\51906ea.msi : (EPSON Manuals - Seiko Epson Corporation)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[03/08/2022 03:17:45] - C:\Windows\Installer\5531340.msi : (Installers - Adobe)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:06:24] - C:\Windows\Installer\bd1941.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[11/11/2014 10:49:56] - C:\Windows\Installer\bd1945.msi : (Branding - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:06:16] - C:\Windows\Installer\bd1949.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:03:22] - C:\Windows\Installer\bd194d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:03:30] - C:\Windows\Installer\bd1951.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:03:36] - C:\Windows\Installer\bd1955.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:03:44] - C:\Windows\Installer\bd1959.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:03:52] - C:\Windows\Installer\bd195d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:04:00] - C:\Windows\Installer\bd1961.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:04:06] - C:\Windows\Installer\bd1965.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:04:16] - C:\Windows\Installer\bd1969.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:04:22] - C:\Windows\Installer\bd196d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:04:30] - C:\Windows\Installer\bd1971.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:04:38] - C:\Windows\Installer\bd1975.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:04:46] - C:\Windows\Installer\bd1979.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:04:54] - C:\Windows\Installer\bd197d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:05:02] - C:\Windows\Installer\bd1981.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:05:10] - C:\Windows\Installer\bd1985.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:05:18] - C:\Windows\Installer\bd1989.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:05:26] - C:\Windows\Installer\bd198d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:05:34] - C:\Windows\Installer\bd1991.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:05:42] - C:\Windows\Installer\bd1995.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:05:50] - C:\Windows\Installer\bd1999.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:05:58] - C:\Windows\Installer\bd199d.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:06:06] - C:\Windows\Installer\bd19a1.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:06:40] - C:\Windows\Installer\bd19a5.msi : (Catalyst Control Center Utility 64 - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:07:30] - C:\Windows\Installer\bd19a9.msi : (AMD Fuel - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/08/2015 20:03:12] - C:\Windows\Installer\bd19ad.msi : (Catalyst Control Center - Advanced Micro Devices, Inc.)          [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[08/09/2022 04:24:49] - [65650688] - (.().-. - ()) - C:\Windows\Installer\3564b0f8.msp
[12/06/2021 14:33:40] - [88102] - C:\Windows\Installer\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:24] - [88102] - C:\Windows\Installer\{07326A3E-02B3-1078-25D7-B8666BA8FE15}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:16] - [88102] - C:\Windows\Installer\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:00] - [10134] - C:\Windows\Installer\{11087D24-567D-7D88-69C6-D7A08B5F4C47}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:03] - [88102] - C:\Windows\Installer\{1AD99E77-37CC-744E-39CA-67F6FD34565A}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:11] - [88102] - C:\Windows\Installer\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:17] - [88102] - C:\Windows\Installer\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:31] - [88102] - C:\Windows\Installer\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:19] - [88102] - C:\Windows\Installer\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:12] - [88102] - C:\Windows\Installer\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:37] - [88102] - C:\Windows\Installer\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:32:58] - [88102] - C:\Windows\Installer\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:08] - [88102] - C:\Windows\Installer\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:39] - [88102] - C:\Windows\Installer\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:20] - [88102] - C:\Windows\Installer\{82CA1714-13EA-F419-91FE-12834424745E}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:36] - [88102] - C:\Windows\Installer\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:33] - [88102] - C:\Windows\Installer\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:27] - [88102] - C:\Windows\Installer\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:34] - [88102] - C:\Windows\Installer\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}\ARPPRODUCTICON.exe     () - ()
[08/09/2022 15:03:31] - [10134] - C:\Windows\Installer\{AC76BA86-0804-1033-1959-018244601013}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:57] - [88102] - C:\Windows\Installer\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:29] - [88102] - C:\Windows\Installer\{B839153C-D4D2-F89C-5033-0A160C62706B}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:22] - [88102] - C:\Windows\Installer\{C1EA3764-1138-AE27-AD63-549BAD99BA15}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:04] - [88102] - C:\Windows\Installer\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:25] - [88102] - C:\Windows\Installer\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:43] - [4846] - C:\Windows\Installer\{E7366CA8-7179-77AE-E712-BA18D70A0A07}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:28] - [88102] - C:\Windows\Installer\{E817E580-6318-AFC8-2102-322C73117EC4}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:09] - [88102] - C:\Windows\Installer\{F77474EE-EB6C-C87B-88AF-3310C848E068}\ARPPRODUCTICON.exe     () - ()
[12/06/2021 14:33:06] - [88102] - C:\Windows\Installer\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}\ARPPRODUCTICON.exe     () - ()

---------- | %System%\*.in*

[07/12/2019 11:09:39] - [3329] - C:\Windows\System32\ieuinit.inf
[12/06/2021 12:12:39] - [1681370] - C:\Windows\System32\PerfStringBackup.INI
[07/12/2019 11:09:05] - [60124] - C:\Windows\System32\tcpmon.ini
[07/12/2019 11:08:46] - [2404] - C:\Windows\System32\WimBootCompress.ini
[07/12/2019 11:10:00] - [3329] - C:\Windows\Syswow64\ieuinit.inf
[07/12/2019 11:09:22] - [2404] - C:\Windows\Syswow64\WimBootCompress.ini

---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan

[MD5.3EF4C83F926093D92541C3D114BA5A18] - |A| - [12/09/2022 09:28:38] - (.-.) - [1.61 Ko] - (0.0.0.0) - C:\Windows\Temp\AdobeARM.log
[MD5.457400CAE9E2DA9F252383279721C10C] - |A| - [29/08/2022 16:00:24] - (.-.) - [2.48 Ko] - (0.0.0.0) - C:\Windows\Temp\AdobeARM_Helper.log
[MD5.36A0D271A957F13C5551013B85E339A9] - |A| - [12/09/2022 09:29:30] - (.-.) - [246.38 Ko] - (0.0.0.0) - C:\Windows\Temp\ArmUI.ini
[MD5.DF70C49643DEF7D3E7A06C9D89867512] - |A| - [12/09/2022 08:51:40] - (.-.) - [23.93 Ko] - (0.0.0.0) - C:\Windows\Temp\chrome_installer.log
[MD5.00000000000000000000000000000000] - |D| - [29/08/2022 16:02:40] - [0.04 Ko] - C:\Windows\Temp\Crashpad
[MD5.B9C478BDBCAE2602BE4E576D4C3C2C0E] - |A| - [12/06/2021 11:59:52] - (.-.) - [111.11 Ko] - (0.0.0.0) - C:\Windows\Temp\MpCmdRun.log
[MD5.181F0ECCAD1F83A19A8BCAEDCB5B342E] - |A| - [29/08/2022 16:13:50] - (.-.) - [218.36 Ko] - (0.0.0.0) - C:\Windows\Temp\MpSigStub.log
[MD5.34871839D47052A8B3890E6E20E90F1D] - |A| - [30/08/2022 20:02:46] - (.-.) - [175.19 Ko] - (0.0.0.0) - C:\Windows\Temp\msedge_installer.log
[MD5.00000000000000000000000000000000] - |D| - [29/08/2022 15:04:20] - [13 Ko] - C:\Windows\Temp\SDIAG_7c65b5a1-c077-4718-9532-bf2214b20d26
[MD5.00000000000000000000000000000000] - |D| - [29/08/2022 15:06:44] - [0 Ko] - C:\Windows\Temp\SDIAG_b0399ab0-7db6-4126-b898-c29640c88d0b
[MD5.00000000000000000000000000000000] - |D| - [30/08/2022 10:30:16] - [0 Ko] - C:\Windows\Temp\WebInstaller
[MD5.00000000000000000000000000000000] - |D| - [29/08/2022 20:38:54] - [0 Ko] - C:\Windows\Temp\WinSAT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [0 Ko] - C:\Windows\System32\0409
[MD5.C652A5EA6545C98CE71684018E0640E7] - |A| - [07/12/2019 11:09:00] - (.-.) - [3.1 Ko] - (0.0.0.0) - C:\Windows\System32\@AdvancedKeySettingsNotification.png
[MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 11:08:44] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\Windows\System32\@AppHelpToast.png
[MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 11:08:45] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\Windows\System32\@AudioToastIcon.png
[MD5.8E4B25CC8E98F63DBD54176DFAB539E0] - |A| - [07/12/2019 11:08:21] - (.-.) - [0.44 Ko] - (0.0.0.0) - C:\Windows\System32\@BackgroundAccessToastIcon.png
[MD5.3937359E324E15F6A7A7092D4DAEBD64] - |A| - [07/12/2019 11:08:52] - (.-.) - [0.19 Ko] - (0.0.0.0) - C:\Windows\System32\@bitlockertoastimage.png
[MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 11:08:52] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\Windows\System32\@EnrollmentToastIcon.png
[MD5.C2A332DE50FE519DA21AFB8BD6E134F4] - |A| - [07/12/2019 11:08:58] - (.-.) - [0.55 Ko] - (0.0.0.0) - C:\Windows\System32\@language_notification_icon.png
[MD5.A119D69B4C29845D3F8CE2E5638C8E65] - |A| - [07/12/2019 11:09:45] - (.-.) - [0.47 Ko] - (0.0.0.0) - C:\Windows\System32\@optionalfeatures.png
[MD5.A3437673F5766635A8378F67645B81C0] - |A| - [07/12/2019 11:09:37] - (.-.) - [0.35 Ko] - (0.0.0.0) - C:\Windows\System32\@StorageSenseToastIcon.png
[MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 11:09:07] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\System32\@VpnToastIcon.png
[MD5.79166EAF65485F1432DD72B72870026B] - |A| - [07/12/2019 11:09:32] - (.-.) - [190.86 Ko] - (0.0.0.0) - C:\Windows\System32\@windows-hello-V4.1.gif
[MD5.13EF2C8D799F7B6E9D8E3D6BACB9C779] - |A| - [07/12/2019 11:09:32] - (.-.) - [0.7 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsHelloFaceToastIcon.png
[MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-black.png
[MD5.DAD405CBDE259DE527EBF71BCC28099C] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.79 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.contrast-white.png
[MD5.F553B252FEC3134D4F5303D9B25298B3] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\@WindowsUpdateToastIcon.png
[MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 11:08:19] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\System32\@WirelessDisplayToast.png
[MD5.147B047B46B79A91CC34499D4F89119E] - |A| - [07/12/2019 11:09:05] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\System32\@WLOGO_48x48.png
[MD5.31A16C523B62500F83C82217F056A538] - |A| - [07/12/2019 11:08:39] - (.-.) - [8.13 Ko] - (0.0.0.0) - C:\Windows\System32\ActiveHours.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2786.8 Ko] - C:\Windows\System32\AdvancedInstallers
[MD5.A49C26AA0CADD994DE158F51CB7EEFBC] - |A| - [12/06/2021 15:29:05] - (.-.) - [13 Ko] - (0.0.0.0) - C:\Windows\System32\agentactivationruntimestarter.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.97 Ko] - C:\Windows\System32\am-et
[MD5.4B10D8998C824DD84AD597F9E058F6F0] - |A| - [30/07/2015 21:58:04] - (.-.) - [171.53 Ko] - (0.0.0.0) - C:\Windows\System32\amde31a.dat
[MD5.C7628FE6341B7919D2F62DB9057DB4FC] - |A| - [21/10/2015 02:14:42] - (.-.) - [208.48 Ko] - (0.0.0.0) - C:\Windows\System32\amdgfxinfo64.dll
[MD5.AF1928F5E15921A29877C2E18626F80E] - |A| - [21/10/2015 02:14:42] - (.-.) - [139.98 Ko] - (0.0.0.0) - C:\Windows\System32\amdhdl64.dll
[MD5.DDEB20626133878B0CE79CCE29B031B9] - |A| - [23/07/2015 11:52:32] - (.-.) - [814.26 Ko] - (0.0.0.0) - C:\Windows\System32\amdicdxx.dat
[MD5.82CAB4EAF1E1CBA85AE5DEBB4C068EE2] - |A| - [21/10/2015 02:14:42] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [616.48 Ko] - (1.0.3.8) - C:\Windows\System32\amdlvr64.dll
[MD5.C366C5A2EE8F1F586691E4511AB56040] - |A| - [21/10/2015 02:14:42] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [6529.48 Ko] - (9.1.10.83) - C:\Windows\System32\amdmantle64.dll
[MD5.3960C946E67311C9831550AEDC649C3A] - |A| - [21/10/2015 02:14:54] - (.-.) - [460.27 Ko] - (0.0.0.0) - C:\Windows\System32\amdmiracast.dll
[MD5.4CA9A0DF33972919623BBFF8FBD1A501] - |A| - [21/10/2015 02:14:42] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [57.98 Ko] - (1.6.0.0) - C:\Windows\System32\amdmmcl6.dll
[MD5.7BA9A6BBF176D945D7B201865897E158] - |A| - [21/10/2015 02:14:46] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD COMPILER OpenCL 1.1 Compiler.) - [26898.98 Ko] - (0.8.0.0) - C:\Windows\System32\amdocl12cl64.dll
[MD5.AFF92249DA8E62FF8C6D2B89977D3245] - |A| - [21/10/2015 02:14:48] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [46673.98 Ko] - (10.0.1800.11) - C:\Windows\System32\amdocl64.dll
[MD5.8305AA2FEBE5CAD45AB8D208C17DA930] - |A| - [21/10/2015 02:14:44] - (.-.) - [1168 Ko] - (0.0.0.0) - C:\Windows\System32\amdocl_as64.exe
[MD5.187EB6A72565FAAF01AAE0CDD63DE56F] - |A| - [21/10/2015 02:14:44] - (.-.) - [1045.5 Ko] - (0.0.0.0) - C:\Windows\System32\amdocl_ld64.exe
[MD5.2B79CD2445F85D54959702583ECBCC04] - |A| - [21/10/2015 02:14:54] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [85.94 Ko] - (8.14.10.23) - C:\Windows\System32\amdpcom64.dll
[MD5.EFEACAC739C8D9A283F50D61ED03C87E] - |A| - [01/09/2022 11:41:41] - (.-.) - [56 Ko] - (0.0.0.0) - C:\Windows\System32\APMonUI.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\AppLocker
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2894.22 Ko] - C:\Windows\System32\appraiser
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [279.5 Ko] - C:\Windows\System32\ar-SA
[MD5.7605725C6464C7272BF3115901DF5776] - |A| - [01/09/2022 11:44:03] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [665.5 Ko] - (3.5.1.0) - C:\Windows\System32\archiveint.dll
[MD5.28DF09388444100467873AC906FD6CB2] - |A| - [21/10/2015 02:14:44] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [1226.98 Ko] - (7.15.20.1301) - C:\Windows\System32\atiadlxx.dll
[MD5.53650482B8E621276DC55E50C9FB2FEE] - |A| - [22/08/2015 01:53:34] - (.-.) - [646.87 Ko] - (0.0.0.0) - C:\Windows\System32\atiapfxx.blb
[MD5.CC2470CA903EA355A24F05520D79BDB8] - |A| - [21/10/2015 02:14:44] - (.Copyright (C) 2009 Advanced Micro Devices, Inc. - atiapfxx Application.) - [366.98 Ko] - (6.14.10.1001) - C:\Windows\System32\atiapfxx.exe
[MD5.279066332FA267076E3BEE81C4297F87] - |A| - [21/10/2015 02:14:44] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [62.98 Ko] - (6.14.10.1848) - C:\Windows\System32\aticalcl64.dll
[MD5.3A0F17C7C8E37DCEAE1DA76B7D761702] - |A| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [15356.98 Ko] - (6.14.10.1848) - C:\Windows\System32\aticaldd64.dll
[MD5.D22A08EE217DE15B6A41AE518B4F4FBE] - |A| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [69.48 Ko] - (6.14.10.1848) - C:\Windows\System32\aticalrt64.dll
[MD5.BE92AD0155D4A23D0073AF51BE808B29] - |A| - [21/10/2015 02:14:54] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx64.dll.) - [1445.13 Ko] - (8.17.10.1404) - C:\Windows\System32\aticfx64.dll
[MD5.B565601728AF96EEFCF7E9CDE3CDD2BE] - |A| - [21/10/2015 02:14:46] - (.2002-2012 - Graphics DEM.) - [440.48 Ko] - (4.5.5711.37472) - C:\Windows\System32\atidemgy.dll
[MD5.8700278344BED8D4A3A5AC2875359584] - |A| - [21/10/2015 02:14:56] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx64.dll.) - [11804.69 Ko] - (8.17.10.625) - C:\Windows\System32\atidxx64.dll
[MD5.69F82C40A189962A65F6D5A02DF8599F] - |A| - [21/10/2015 02:14:46] - (.-.) - [164.98 Ko] - (0.0.0.0) - C:\Windows\System32\atieah64.exe
[MD5.B96BD9F5B2B0CD6549EE59FD242A6D56] - |A| - [21/10/2015 02:14:46] - (.Copyright © 2008-2009 AMD - AMD External Events Client Module.) - [667.48 Ko] - (6.14.11.1199) - C:\Windows\System32\atieclxx.exe
[MD5.521248FA26458669BAAE6AB7DB21F3AC] - |A| - [21/10/2015 02:14:46] - (.Copyright © 2008-2009 AMD - AMD External Events Service Module.) - [249.48 Ko] - (6.14.11.1199) - C:\Windows\System32\atiesrxx.exe
[MD5.E4F96DFF0501430BF7C6E90841A7282D] - |A| - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [81.98 Ko] - (8.14.1.6463) - C:\Windows\System32\atig6pxx.dll
[MD5.86F2AE002AF9222F34937823B98753C2] - |A| - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [161.48 Ko] - (8.14.1.6463) - C:\Windows\System32\atig6txx.dll
[MD5.0C3156664885AF41100B63853EBCE037] - |A| - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [76.48 Ko] - (8.14.1.6463) - C:\Windows\System32\atiglpxx.dll
[MD5.079EFFD5BECB418FE6596229B28D7324] - |A| - [06/11/2014 10:53:26] - (.-.) - [720.13 Ko] - (0.0.0.0) - C:\Windows\System32\atiicdxx.dat
[MD5.FE4E7138E51DA7EF01E51F28128A7F53] - |A| - [21/10/2015 02:14:54] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [85.94 Ko] - (8.14.10.23) - C:\Windows\System32\atimpc64.dll
[MD5.C84C24F13663EF5A59C1E598A350C8C3] - |A| - [21/10/2015 02:14:46] - (.Copyright ? 2009 AMD - Multi-language DPPE DLL.) - [37.48 Ko] - (6.14.10.1002) - C:\Windows\System32\atimuixx.dll
[MD5.7D9CCB5DD8837D6AC954956A5812112C] - |A| - [21/10/2015 02:14:48] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [30054.98 Ko] - (6.14.10.13399) - C:\Windows\System32\atio6axx.dll
[MD5.0E89795F721B2BC02D0A12C470750DF6] - |A| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 - ATIODCLI Application.) - [58.48 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODCLI.exe
[MD5.C7A506822BE45CD42415710979CDAE7F] - |A| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 - ATIODE Application.) - [333.48 Ko] - (1.0.0.1) - C:\Windows\System32\ATIODE.exe
[MD5.3FE40633FC3BC5AE41EACDA0E1BA72FE] - |A| - [21/10/2015 02:14:46] - (.Copy Right © 2012 Advanced Micro Devices, Inc - TMM Clone Control Module.) - [194.98 Ko] - (6.14.11.25) - C:\Windows\System32\atitmm64.dll
[MD5.067CED045532C58B46E6527BCE3CB47F] - |A| - [21/10/2015 02:14:54] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [127.02 Ko] - (8.14.1.6463) - C:\Windows\System32\atiu9p64.dll
[MD5.AC6970C74B7457B291BB2C0035AA7DAE] - |A| - [21/10/2015 02:14:56] - (.Copyright (C) 1998-2011 AMD Inc. - atiumd64.dll.) - [8657.15 Ko] - (9.14.10.1128) - C:\Windows\System32\atiumd64.dll
[MD5.486D6985E7B7826DBBEAE12755851027] - |A| - [22/08/2015 01:55:34] - (.-.) - [3357.06 Ko] - (0.0.0.0) - C:\Windows\System32\atiumd6a.cap
[MD5.0A9CA09952D768F768D2903F984102DC] - |A| - [21/10/2015 02:14:56] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [8771.91 Ko] - (8.14.10.513) - C:\Windows\System32\atiumd6a.dll
[MD5.AE81C76C930DD6875E5D9C6BEA2F0966] - |A| - [21/10/2015 02:14:56] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [158.43 Ko] - (8.14.1.6463) - C:\Windows\System32\atiuxp64.dll
[MD5.EFA5E3D55F1CC185BC690B7D79D015A9] - |A| - [24/07/2015 21:44:06] - (.-.) - [98.45 Ko] - (0.0.0.0) - C:\Windows\System32\ativce02.dat
[MD5.B974290EEE645249EE212FF62DD0824A] - |A| - [30/07/2015 22:00:06] - (.-.) - [173.19 Ko] - (0.0.0.0) - C:\Windows\System32\ativce03.dat
[MD5.5EBC73A78E5903E7CE6F6B25E4A6BE8F] - |A| - [29/05/2015 01:00:42] - (.-.) - [228.93 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cik.dat
[MD5.C55D2CBC17AAE1FBAC9135E7C31A4D31] - |A| - [29/05/2015 00:58:32] - (.-.) - [227.3 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cik_nd.dat
[MD5.0770A5AB5218E6D3134A7A7239B9A216] - |A| - [29/05/2015 01:21:32] - (.-.) - [249.81 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_cz_nd.dat
[MD5.A81F68A0D3387A06182EFA3880D3F0BD] - |A| - [29/05/2015 01:17:24] - (.-.) - [245 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_FJ.dat
[MD5.7EE8F6853798F7A900DB15F3054A0277] - |A| - [29/05/2015 01:15:12] - (.-.) - [243.25 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_FJ_nd.dat
[MD5.11355CAC5334C8999211C09CAAE194EF] - |A| - [29/05/2015 01:10:58] - (.-.) - [315.3 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_vi.dat
[MD5.3544D6AF6E0C9783C2CF6FA9CE42D520] - |A| - [29/05/2015 01:08:18] - (.-.) - [313.67 Ko] - (0.0.0.0) - C:\Windows\System32\ativvaxy_vi_nd.dat
[MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [22/08/2015 01:54:10] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsva.dat
[MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [22/08/2015 01:54:10] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\System32\ativvsvl.dat
[MD5.C03F0062C0749CDB59A4D60862C3E83E] - |A| - [07/12/2019 11:08:07] - (.-.) - [134.86 Ko] - (0.0.0.0) - C:\Windows\System32\AverageRoom.bin
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [259 Ko] - C:\Windows\System32\bg-BG
[MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-black.png
[MD5.F63C615733A3337BF2BEA96C6EE9B568] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.53 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-high.png
[MD5.705628497C0012302212A46ADD463E6E] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.3 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.contrast-white.png
[MD5.DAF1DCB4AEE839A1965F4CC160C49A53] - |A| - [07/12/2019 11:08:05] - (.-.) - [8.34 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothPairingSystemToastIcon.png
[MD5.28ECA83D7F9D10D69E969675D1FF6725] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.29 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothSystemToastIcon.contrast-white.png
[MD5.A620186FF1CDE4EE117FC4CAD648B9CC] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.2 Ko] - (0.0.0.0) - C:\Windows\System32\BluetoothSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5958.89 Ko] - C:\Windows\System32\Boot
[MD5.3149A16CF39B9A49BD9A1EF98A1C527B] - |A| - [09/04/2021 15:54:27] - (.Copyright (C) 2008 - Gestionnaire de contexte pour réseau personnel Bluetooth.) - [186.5 Ko] - (1.0.0.1) - C:\Windows\System32\BthpanContextHandler.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.1 Ko] - C:\Windows\System32\Bthprops
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [54514.61 Ko] - C:\Windows\System32\CatRoot
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [47396.06 Ko] - C:\Windows\System32\catroot2
[MD5.F2D598B11C294EE360FDA0D3E81DA7EC] - |A| - [21/10/2015 02:14:48] - (.-.) - [237.98 Ko] - (0.0.0.0) - C:\Windows\System32\clinfo.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [26.38 Ko] - C:\Windows\System32\CodeIntegrity
[MD5.A0E91D21C945781D03EA0BA1C95F821E] - |A| - [21/10/2015 02:14:48] - (.AMD. - CoInstaller DLL.) - [853.98 Ko] - (1.0.5.9) - C:\Windows\System32\coinst_15.20.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [377.5 Ko] - C:\Windows\System32\Com
[MD5.535884123FABC2C15AA7DEC9834B55D4] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\System32\ComputerToastIcon.contrast-white.png
[MD5.89F92266DFC6F93961DFFBB2D6C61A15] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.38 Ko] - (0.0.0.0) - C:\Windows\System32\ComputerToastIcon.png
[MD5.A797EED94B22B29D3974CB20B66BE6C6] - |A| - [14/06/2021 09:21:28] - (.2012 © Real Sound Lab SIA, iSoft Solutions - CONEQ™ Media Suite APO GUI Library.) - [108 Ko] - (1.0.0.2) - C:\Windows\System32\CONEQMSAPOGUILibrary.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [260574.37 Ko] - C:\Windows\System32\config
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [53.11 Ko] - C:\Windows\System32\Configuration
[MD5.D1A8D194DE8E57D12862ECACEF9F37CE] - |A| - [01/09/2022 11:39:30] - (.-.) - [226.84 Ko] - (0.0.0.0) - C:\Windows\System32\containerdevicemanagement.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.34 Ko] - C:\Windows\System32\ContainerSettingsProviders
[MD5.A41C1754A956E37B5E7D06D5167548E7] - |A| - [12/06/2021 15:29:05] - (.-.) - [280.5 Ko] - (0.0.0.0) - C:\Windows\System32\CoreMas.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [318 Ko] - C:\Windows\System32\cs-CZ
[MD5.EAC53DDAFB5CC9E780A7CC086CE7B2B1] - |A| - [01/09/2022 11:44:03] - (.© 1996 - 2022 Daniel Stenberg, <daniel@haxx.se>. - The curl executable.) - [518.5 Ko] - (7.83.1.0) - C:\Windows\System32\curl.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [321.5 Ko] - C:\Windows\System32\da-DK
[MD5.82F250E5CF9F7C63194FC7CA6E4C3F8D] - |A| - [01/09/2022 11:38:07] - (.-.) - [158.5 Ko] - (0.0.0.0) - C:\Windows\System32\DataStoreCacheDumpTool.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [280.36 Ko] - C:\Windows\System32\DDFs
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [359 Ko] - C:\Windows\System32\de-DE
[MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 11:08:21] - (.-.) - [28.83 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultAccountTile.png
[MD5.057C75B5735EEF2A75ABF8F6770BCA34] - |A| - [09/04/2021 15:53:49] - (.-.) - [4128.04 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultHrtfs.bin
[MD5.664AA698FC0106A2B075A641E8DC6302] - |A| - [07/12/2019 11:14:56] - (.-.) - [0.84 Ko] - (0.0.0.0) - C:\Windows\System32\DefaultQuestions.json
[MD5.041A7B079E9776721847031A7CF533E1] - |A| - [07/12/2019 11:09:34] - (.-.) - [15.97 Ko] - (0.0.0.0) - C:\Windows\System32\DeliveryOptimizationMIProv.mof
[MD5.59D5500F74109D59522F5A9457B8D9A2] - |A| - [07/12/2019 11:09:34] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\Windows\System32\DeliveryOptimizationMIProvUninstall.mof
[MD5.B924F1A7DE5ED8331B3375A778B3FE38] - |A| - [07/12/2019 11:08:52] - (.-.) - [35.5 Ko] - (0.0.0.0) - C:\Windows\System32\deploymentcsphelper.exe
[MD5.851A9305E14B348CA0D9C7FB75391FDB] - |A| - [07/12/2019 11:08:39] - (.-.) - [272.34 Ko] - (0.0.0.0) - C:\Windows\System32\DesktopKeepOnToastImg.gif
[MD5.4A6FA3C0EFD237F104E09A22883D9388] - |A| - [07/12/2019 11:08:43] - (.-.) - [3.85 Ko] - (0.0.0.0) - C:\Windows\System32\DetailedReading-Default.xml
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [886 Ko] - C:\Windows\System32\DiagSvcs
[MD5.037DF43BCC9F9A4DF6548FED8F4503AF] - |A| - [07/12/2019 11:08:37] - (.-.) - [82.96 Ko] - (0.0.0.0) - C:\Windows\System32\DiskSnapshot.conf
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [9930.13 Ko] - C:\Windows\System32\Dism
[MD5.6AB2B935BF38EB13CFCB9506223FD6E7] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.59 Ko] - (0.0.0.0) - C:\Windows\System32\DisplaySystemToastIcon.contrast-white.png
[MD5.FF004E0B30E5E4EC747B3D8EF6E3B89E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.34 Ko] - (0.0.0.0) - C:\Windows\System32\DisplaySystemToastIcon.png
[MD5.F252D38D2350DF9FDEE52EF308698834] - |A| - [01/09/2022 11:43:56] - (.-.) - [11.53 Ko] - (0.0.0.0) - C:\Windows\System32\DrtmAuthTxt.wim
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [161.5 Ko] - C:\Windows\System32\dsc
[MD5.9F3FA96F301CBE828AA9E98F13506F4A] - |A| - [01/09/2022 11:40:19] - (.-.) - [2201.5 Ko] - (0.0.0.0) - C:\Windows\System32\dwmscene.dll
[MD5.DF84EB7B44D1414284BA384F0061D1DC] - |A| - [07/12/2019 11:08:07] - (.-.) - [728.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicLong.bin
[MD5.346870077DFD18867A9693C7A59AA3E6] - |A| - [07/12/2019 11:08:07] - (.-.) - [503.08 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicMedium.bin
[MD5.2BEC13D68312ADE8C0065D8BCC146D2F] - |A| - [07/12/2019 11:08:07] - (.-.) - [315.58 Ko] - (0.0.0.0) - C:\Windows\System32\DynamicShort.bin
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [361.5 Ko] - C:\Windows\System32\el-GR
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [0 Ko] - C:\Windows\System32\en
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [244 Ko] - C:\Windows\System32\en-GB
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1587.53 Ko] - C:\Windows\System32\en-US
[MD5.1D0A840D731A2C1F2E1FB5B8596B4C34] - |A| - [09/04/2021 15:54:24] - (.-.) - [148.5 Ko] - (0.0.0.0) - C:\Windows\System32\EoAExperiences.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [342.5 Ko] - C:\Windows\System32\es-ES
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [270.5 Ko] - C:\Windows\System32\es-MX
[MD5.EB3A99D13728A247AFC1F00945957920] - |A| - [01/09/2022 11:44:15] - (.-.) - [148.5 Ko] - (0.0.0.0) - C:\Windows\System32\EsclProtocol.dll
[MD5.275449781C0D992E92F7B1D6F1E458D2] - |A| - [01/09/2022 11:44:02] - (.-.) - [264.5 Ko] - (0.0.0.0) - C:\Windows\System32\EsclScan.dll
[MD5.BAC5074667751F72A9CE48CDC31BAC48] - |A| - [01/09/2022 11:11:14] - (.Copyright (C) 2007 SEIKO EPSON CORP. - E_GCINST.) - [10.5 Ko] - (1.0.0.6) - C:\Windows\System32\E_GCINST.DLL
[MD5.4DED57BD7ACB9B0EBBE82034EC44645A] - |A| - [07/12/2019 11:08:41] - (.-.) - [43.22 Ko] - (0.0.0.0) - C:\Windows\System32\FeatureToastBulldogImg.png
[MD5.7F65C93283F31EB39E311DDDC00DFBA6] - |A| - [09/04/2021 15:54:29] - (.-.) - [16.54 Ko] - (0.0.0.0) - C:\Windows\System32\FeatureToastDlpImg.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7.11 Ko] - C:\Windows\System32\ff-Adlm-SN
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [326 Ko] - C:\Windows\System32\fi-FI
[MD5.065BD93186039717E5AF8B23B2C1E12A] - |A| - [12/06/2021 11:58:26] - (.-.) - [288.09 Ko] - (0.0.0.0) - C:\Windows\System32\FNTCACHE.DAT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:55] - [3403.5 Ko] - C:\Windows\System32\fr
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [279 Ko] - C:\Windows\System32\fr-CA
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [46668.25 Ko] - C:\Windows\System32\fr-FR
[MD5.9382C62D98C8B7467E3272F8DB061DB3] - |A| - [01/09/2022 11:44:46] - (.-.) - [677 Ko] - (0.0.0.0) - C:\Windows\System32\FsNVSDeviceSource.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:10] - [0 Ko] - C:\Windows\System32\FxsTmp
[MD5.41FD64AE28A0C932CA7B2A250993D675] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\Windows\System32\GameSystemToastIcon.contrast-white.png
[MD5.6DC77FD8B062264AF1C6DA325ABB7010] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.11 Ko] - (0.0.0.0) - C:\Windows\System32\GameSystemToastIcon.png
[MD5.2E6AF4D5BF6E31E728F409984C3045D4] - |A| - [07/12/2019 11:09:48] - (.-.) - [86.7 Ko] - (0.0.0.0) - C:\Windows\System32\gatherNetworkInfo.vbs
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\GroupPolicyUsers
[MD5.EA99A87E98D995DE6E280CF85CEAD413] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.21 Ko] - (0.0.0.0) - C:\Windows\System32\HandwritingSystemToastIcon.contrast-white.png
[MD5.B8E586ED92DB703FFA480E254996160E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.89 Ko] - (0.0.0.0) - C:\Windows\System32\HandwritingSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [256.5 Ko] - C:\Windows\System32\he-IL
[MD5.6E9E9D56B192B2995493E529CFF2BBFE] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.43 Ko] - (0.0.0.0) - C:\Windows\System32\HeadphoneSystemToastIcon.contrast-white.png
[MD5.7F1E9502267F778F3A8139C35A352190] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.09 Ko] - (0.0.0.0) - C:\Windows\System32\HeadphoneSystemToastIcon.png
[MD5.202A07E4526B050E22624328E64E0470] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.52 Ko] - (0.0.0.0) - C:\Windows\System32\HeadsetSystemToastIcon.contrast-white.png
[MD5.1892ACC10CAC009BCAC146AD650ABA58] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.17 Ko] - (0.0.0.0) - C:\Windows\System32\HeadsetSystemToastIcon.png
[MD5.031713BFD5F30E63336D3CA5D2767BE9] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.79 Ko] - (0.0.0.0) - C:\Windows\System32\HealthSystemToastIcon.contrast-white.png
[MD5.C1BD7976C99830E33A713D02374054EC] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.62 Ko] - (0.0.0.0) - C:\Windows\System32\HealthSystemToastIcon.png
[MD5.6D2BA2902199292D57806E3C53C587BF] - |A| - [09/04/2021 15:54:12] - (.-.) - [299.5 Ko] - (0.0.0.0) - C:\Windows\System32\HeatCore.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [250.5 Ko] - C:\Windows\System32\hr-HR
[MD5.77071BF934BEF16D5F02E31624258A91] - |A| - [21/10/2015 02:14:48] - (.-.) - [108.98 Ko] - (0.0.0.0) - C:\Windows\System32\hsa-thunk64.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [324.5 Ko] - C:\Windows\System32\hu-HU
[MD5.871CA2345825E86D1D2D2A2E9E475D4F] - |A| - [09/04/2021 15:55:17] - (.-.) - [44.8 Ko] - (0.0.0.0) - C:\Windows\System32\HvSocket.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:53:03] - [149.55 Ko] - C:\Windows\System32\Hydrogen
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.36 Ko] - C:\Windows\System32\ias
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [36.27 Ko] - C:\Windows\System32\icsxml
[MD5.947D07FA32ABB13DB520016769EB901B] - |A| - [12/06/2021 15:29:53] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [2207.5 Ko] - (64.2.0.0) - C:\Windows\System32\icu.dll
[MD5.A7B574704574F326B92DCEA872F1E9E1] - |A| - [09/04/2021 15:54:16] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N Forwarder DLL.) - [24.5 Ko] - (64.2.0.0) - C:\Windows\System32\icuin.dll
[MD5.4A85A9DEA3D47D95CEF5525586756EA6] - |A| - [09/04/2021 15:54:16] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common Forwarder DLL.) - [29 Ko] - (64.2.0.0) - C:\Windows\System32\icuuc.dll
[MD5.388BE35F952EC7F057CDD79E8EDF9A18] - |A| - [09/04/2021 15:53:47] - (.-.) - [193 Ko] - (0.0.0.0) - C:\Windows\System32\IHDS.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [26854.04 Ko] - C:\Windows\System32\IME
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\inetsrv
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6943 Ko] - C:\Windows\System32\InputMethod
[MD5.8DE9AE82152650C178BF1E24014E8503] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\Windows\System32\InputSystemToastIcon.contrast-white.png
[MD5.0B9FBD6F3ED617CD36D042D3422F1C2B] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\InputSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\Ipmi
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [346 Ko] - C:\Windows\System32\it-IT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [261.84 Ko] - C:\Windows\System32\ja-jp
[MD5.23AC7515B6D8A794BCC01B582F044078] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\Windows\System32\KeyboardSystemToastIcon.contrast-white.png
[MD5.3DF873E16CCEA9B42857FB5FA085CB00] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.51 Ko] - (0.0.0.0) - C:\Windows\System32\KeyboardSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10192.95 Ko] - C:\Windows\System32\Keywords
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [234.5 Ko] - C:\Windows\System32\ko-KR
[MD5.9451D4436E2EA67EB33FCC764E4AABED] - |A| - [07/12/2019 11:08:39] - (.-.) - [186.29 Ko] - (0.0.0.0) - C:\Windows\System32\LaptopPlugInToastImg.gif
[MD5.F0CC83E1BA7E24F9B3292160C28AECD7] - |A| - [07/12/2019 11:08:07] - (.-.) - [145.56 Ko] - (0.0.0.0) - C:\Windows\System32\LargeRoom.bin
[MD5.14BE6A1C21780D85AD3F1D09283C56DA] - |A| - [12/06/2021 15:33:30] - (.-.) - [1647.5 Ko] - (3.0.2.0) - C:\Windows\System32\libcrypto.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [454.91 Ko] - C:\Windows\System32\Licenses
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [33834.19 Ko] - C:\Windows\System32\LogFiles
[MD5.00000000000000000000000000000000] - |D| - [01/09/2022 10:54:54] - [128 Ko] - C:\Windows\System32\Logs
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [246.5 Ko] - C:\Windows\System32\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [247.5 Ko] - C:\Windows\System32\lv-LV
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:52:05] - [32.68 Ko] - C:\Windows\System32\MailContactsCalendarSync
[MD5.D3F4E00C322EDA78873848BE75ACC8A4] - |A| - [21/10/2015 02:14:48] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [132.98 Ko] - (9.1.10.83) - C:\Windows\System32\mantle64.dll
[MD5.EA33454E28EE1F3CA432DA87203DA24F] - |A| - [21/10/2015 02:14:48] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [100.98 Ko] - (9.1.10.83) - C:\Windows\System32\mantleaxl64.dll
[MD5.4BFD587C99FE34EEA0E74622C798B3BE] - |A| - [01/09/2022 11:42:07] - (.-.) - [1137 Ko] - (0.0.0.0) - C:\Windows\System32\MBR2GPT.EXE
[MD5.F23EB28468FC8B62AF941308EC30387F] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.25 Ko] - (0.0.0.0) - C:\Windows\System32\MediaSystemToastIcon.contrast-white.png
[MD5.6E27512E38D598E0A60F8E5ADCF032CD] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.83 Ko] - (0.0.0.0) - C:\Windows\System32\MediaSystemToastIcon.png
[MD5.69D04DE701CF1E8CE69C65D1671D2B3F] - |A| - [07/12/2019 11:08:07] - (.-.) - [107.46 Ko] - (0.0.0.0) - C:\Windows\System32\MediumRoom.bin
[MD5.00000000000000000000000000000000] - |SD| - [12/06/2021 11:58:28] - [2.79 Ko] - C:\Windows\System32\Microsoft
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5649.42 Ko] - C:\Windows\System32\migration
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45395.58 Ko] - C:\Windows\System32\migwiz
[MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 11:10:11] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\Windows\System32\MixedRealityRuntime.json
[MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 11:14:56] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\Windows\System32\mmc.exe.config
[MD5.B43E43FFFDD0F06A6925C7C89594042B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.35 Ko] - (0.0.0.0) - C:\Windows\System32\MouseSystemToastIcon.contrast-white.png
[MD5.5D2F0D3E50BF1129D260AC1405FF2A18] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.06 Ko] - (0.0.0.0) - C:\Windows\System32\MouseSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [12/06/2021 14:35:22] - [0 Ko] - C:\Windows\System32\MRT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.5 Ko] - C:\Windows\System32\MSDRM
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [4148.28 Ko] - C:\Windows\System32\MsDtc
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6 Ko] - C:\Windows\System32\MUI
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.64 Ko] - C:\Windows\System32\my-mm
[MD5.74FDEEAC0C0C0F62F4D0D484A36DA23A] - |A| - [07/12/2019 11:08:44] - (.-.) - [30.09 Ko] - (0.0.0.0) - C:\Windows\System32\NarratorControlTemplates.xml
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [314.5 Ko] - C:\Windows\System32\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\NDF
[MD5.C146E873B22C3B300B21A859FE66C27A] - |A| - [07/12/2019 11:09:48] - (.-.) - [21.15 Ko] - (0.0.0.0) - C:\Windows\System32\NetTrace.PLA.Diagnostics.xml
[MD5.F8D13A8DCAECC522C3B991CC7A00BFF5] - |A| - [01/09/2022 11:44:48] - (.-.) - [102 Ko] - (0.0.0.0) - C:\Windows\System32\nettraceex.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51 Ko] - C:\Windows\System32\networklist
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [339 Ko] - C:\Windows\System32\nl-NL
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [3781.5 Ko] - C:\Windows\System32\Nui
[MD5.D55B689DF6269B40E170EAFBCC0C34C4] - |A| - [07/12/2019 16:53:03] - (.-.) - [20.42 Ko] - (0.0.0.0) - C:\Windows\System32\OEMDefaultAssociations.xml
[MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-black.png
[MD5.BFE1CCA08FEFC8A3422F7DA615567D75] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.43 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.contrast-white.png
[MD5.F3DC097E834C1A11F2BEDFD429C644A9] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.41 Ko] - (0.0.0.0) - C:\Windows\System32\OkDone_80.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [15188.54 Ko] - C:\Windows\System32\oobe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:51:03] - [3625 Ko] - C:\Windows\System32\OpenSSH
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [3.81 Ko] - C:\Windows\System32\osa-Osge-001
[MD5.459FB33AA2114A28C5932FEAA115B072] - |A| - [07/12/2019 11:08:07] - (.-.) - [45.82 Ko] - (0.0.0.0) - C:\Windows\System32\OutdoorAudioEnvironment.bin
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1724.83 Ko] - C:\Windows\System32\PerceptionSimulation
[MD5.CC8F29AB113288CD4089ADA81C8E4637] - |A| - [07/12/2019 11:17:25] - (.-.) - [122.36 Ko] - (0.0.0.0) - C:\Windows\System32\perfc009.dat
[MD5.F3E0CA7367BFB140E2ADABE24D9E72D2] - |A| - [07/12/2019 16:49:57] - (.-.) - [138.65 Ko] - (0.0.0.0) - C:\Windows\System32\perfc00C.dat
[MD5.1E60BC5E525063B96078DF17FBD3C4E1] - |A| - [07/12/2019 11:17:25] - (.-.) - [32.64 Ko] - (0.0.0.0) - C:\Windows\System32\perfd009.dat
[MD5.9F9AF8517189B0D61B2615007E071084] - |A| - [07/12/2019 16:49:57] - (.-.) - [39.74 Ko] - (0.0.0.0) - C:\Windows\System32\perfd00C.dat
[MD5.A803D89E07E2E0E2D2194312D5B50F57] - |A| - [07/12/2019 11:17:25] - (.-.) - [650.33 Ko] - (0.0.0.0) - C:\Windows\System32\perfh009.dat
[MD5.89463E16EC6C566F89807F383ED9D9FC] - |A| - [07/12/2019 16:49:57] - (.-.) - [737.47 Ko] - (0.0.0.0) - C:\Windows\System32\perfh00C.dat
[MD5.528F128DBDF632010B1E44CEC1141055] - |A| - [12/06/2021 12:12:39] - (.-.) - [1641.96 Ko] - (0.0.0.0) - C:\Windows\System32\PerfStringBackup.INI
[MD5.79D34E3B62076D4C875C748F5BE71ECA] - |A| - [07/12/2019 11:08:05] - (.-.) - [2.21 Ko] - (0.0.0.0) - C:\Windows\System32\PhoneSystemToastIcon.contrast-white.png
[MD5.4D9495349D00D9AD907F227FF51F289F] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.92 Ko] - (0.0.0.0) - C:\Windows\System32\PhoneSystemToastIcon.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [339 Ko] - C:\Windows\System32\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [456 Ko] - C:\Windows\System32\PointOfService
[MD5.7700A1F5ECACFB07A92C5960448AFAB8] - |A| - [07/12/2019 11:08:28] - (.-.) - [43 Ko] - (0.0.0.0) - C:\Windows\System32\pospaymentsworker.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [420.74 Ko] - C:\Windows\System32\Printing_Admin_Scripts
[MD5.AF80656F82093397635886D014FD2C1C] - |A| - [01/09/2022 11:41:43] - (.-.) - [60.5 Ko] - (0.0.0.0) - C:\Windows\System32\printticketvalidation.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\ProximityToast
[MD5.007893E8374C766471239EB291BA8C17] - |A| - [07/12/2019 11:08:19] - (.-.) - [4.05 Ko] - (0.0.0.0) - C:\Windows\System32\psmodulediscoveryprovider.mof
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [332 Ko] - C:\Windows\System32\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [335 Ko] - C:\Windows\System32\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.75 Ko] - C:\Windows\System32\ras
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\System32\RasToast
[MD5.7852D37790807E55BD71A65183E0F1ED] - |A| - [01/09/2022 11:44:44] - (.-.) - [2315.5 Ko] - (1.0.2104.14003) - C:\Windows\System32\rdpnano.dll
[MD5.42577ED1BA5199ADD53E1186EC4E28A4] - |A| - [09/04/2021 15:53:49] - (.-.) - [72.5 Ko] - (0.0.0.0) - C:\Windows\System32\rdsxvmaudio.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1.08 Ko] - C:\Windows\System32\Recovery
[MD5.826549DF7B1333179BA8CA939B12DAD3] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.58 Ko] - (0.0.0.0) - C:\Windows\System32\RemoteSystemToastIcon.contrast-white.png
[MD5.B4DEEC96F9DF6961D5DE054F11BF9C2B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.1 Ko] - (0.0.0.0) - C:\Windows\System32\RemoteSystemToastIcon.png
[MD5.19B5EEEC29F044451D5E8E89B1BE6F5E] - |A| - [07/12/2019 11:09:33] - (.-.) - [110.5 Ko] - (0.0.0.0) - C:\Windows\System32\ResBParser.dll
[MD5.31924C8E78CDBD81DA7905E87B185387] - |A| - [07/12/2019 11:09:54] - (.-.) - [9.35 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriHMImageList
[MD5.5504F7F27D0AB178346D643D444A612C] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.98 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriHMImageListLowCost
[MD5.85CF16AF388AE12AAE3E48A883C17A06] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.77 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriImageList
[MD5.1391FB4E005C208A35E77DF6F3F055E2] - |A| - [07/12/2019 11:09:54] - (.-.) - [8.49 Ko] - (0.0.0.0) - C:\Windows\System32\ResPriImageListLowCost
[MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-black.png
[MD5.DF286186041C6BF73C5DC21CEEEFFED5] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.77 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.contrast-white.png
[MD5.831C579709F4761E4AB7053FCF4176EC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\RestartNowPower_80.png
[MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 11:08:39] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80.png
[MD5.AE9FE55FED83149715734CB83339055A] - |A| - [07/12/2019 11:08:39] - (.-.) - [1.07 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80_contrast-black.png
[MD5.891AD355AB777A95695FC8A8A623A614] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.98 Ko] - (0.0.0.0) - C:\Windows\System32\RestartTonight_80_contrast-white.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.07 Ko] - C:\Windows\System32\restore
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [262 Ko] - C:\Windows\System32\ro-RO
[MD5.E9D4A333DF15D06C68AC4BFB9B6581CB] - |A| - [14/06/2021 09:21:34] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DAA Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DAA64.dll
[MD5.B6FE01558CC03F3866C9AD0ED19261D8] - |A| - [14/06/2021 09:21:34] - (.© 2008,2009 Dolby Laboratories, Inc. - PCEE3 DHT Control Panel x64.) - [302.84 Ko] - (6.0.6001.18) - C:\Windows\System32\RP3DHT64.dll
[MD5.A6286A6C7A1BBFCBA17AA54384A21D1C] - |A| - [14/06/2021 09:21:34] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 COM DLL x64.) - [199.34 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEED64A.dll
[MD5.6F4CD493196100EEF349D7132CECAFD9] - |A| - [14/06/2021 09:21:34] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 GFX APO x64.) - [76.84 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEG64A.dll
[MD5.ECAEC5FBBBEF8612AF0A866AFA5F7EF2] - |A| - [14/06/2021 09:21:34] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 LFX APO x64.) - [98.84 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEL64A.dll
[MD5.D0D0D82B7366E691275E433CD34F89B2] - |A| - [14/06/2021 09:21:34] - (.©2009 Dolby Laboratories, Inc. - Dolby PCEE3 Control Panel x64.) - [366.34 Ko] - (6.1.6001.33) - C:\Windows\System32\RTEEP64A.dll
[MD5.937C342E7EEA29A39E435E02F251C327] - |A| - [01/09/2022 11:40:26] - (.-.) - [59.5 Ko] - (0.0.0.0) - C:\Windows\System32\runexehelper.exe
[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [07/12/2019 11:10:32] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\Windows\System32\ScavengeSpace.xml
[MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-black.png
[MD5.E72B1B6800DE45AA9AE7E10F899E5999] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.54 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.contrast-white.png
[MD5.2F24BC74DCB28FE032C1596755385917] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.53 Ko] - (0.0.0.0) - C:\Windows\System32\ScheduleTime_80.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [13.46 Ko] - C:\Windows\System32\SecureBootUpdates
[MD5.A8308D2F3DDE0745E8B678BF69A2ECD0] - |A| - [07/12/2019 11:08:41] - (.-.) - [8 Ko] - (0.0.0.0) - C:\Windows\System32\settings.dat
[MD5.744543DBBA5C491AE27CF179293DF046] - |A| - [01/09/2022 11:37:51] - (.-.) - [625.5 Ko] - (0.0.0.0) - C:\Windows\System32\SettingSyncDownloadHelper.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [78.59 Ko] - C:\Windows\System32\Sgrm
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1845 Ko] - C:\Windows\System32\ShellExperiences
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.7 Ko] - C:\Windows\System32\si-lk
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [254.5 Ko] - C:\Windows\System32\sk-SK
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [252 Ko] - C:\Windows\System32\sl-SI
[MD5.00000000000000000000000000000000] - |D| - [12/06/2021 11:58:32] - [10146.95 Ko] - C:\Windows\System32\SleepStudy
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [52.14 Ko] - C:\Windows\System32\slmgr
[MD5.DAC275ABAAD2B689D7BB3685E4032072] - |A| - [07/12/2019 11:08:07] - (.-.) - [68.15 Ko] - (0.0.0.0) - C:\Windows\System32\SmallRoom.bin
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:03:44] - [13385.02 Ko] - C:\Windows\System32\SMI
[MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-black.png
[MD5.E30B7D226E7B5B0EC2B9FC2316694ECC] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.contrast-white.png
[MD5.55121989BE7B289813D419BA0FDEE8B7] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.9 Ko] - (0.0.0.0) - C:\Windows\System32\Snooze_80.png
[MD5.DE3EAAF17BC934C77C4FC0C626EEA03B] - |A| - [07/12/2019 11:08:05] - (.-.) - [1.48 Ko] - (0.0.0.0) - C:\Windows\System32\SpeakersSystemToastIcon.contrast-white.png
[MD5.3308374DB8D20CFDA4D4204E2B5E559E] - |A| - [07/12/2019 11:08:05] - (.-.) - [0.88 Ko] - (0.0.0.0) - C:\Windows\System32\SpeakersSystemToastIcon.png
[MD5.6DB032025BD266E5A3A52259F57F9247] - |A| - [07/12/2019 11:09:51] - (.-.) - [40 Ko] - (0.0.0.0) - C:\Windows\System32\SpectrumSyncClient.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7625.3 Ko] - C:\Windows\System32\Speech
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [12464.68 Ko] - C:\Windows\System32\Speech_OneCore
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [126470.08 Ko] - C:\Windows\System32\spool
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7068.44 Ko] - C:\Windows\System32\spp
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.63 Ko] - C:\Windows\System32\sppui
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [254 Ko] - C:\Windows\System32\sr-Latn-RS
[MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 11:09:54] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\Windows\System32\srms-apr-v.dat
[MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 11:09:54] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\Windows\System32\srms-apr.dat
[MD5.67894C70461ABD4EF6C116637EBB218A] - |A| - [07/12/2019 11:09:45] - (.-.) - [58.16 Ko] - (0.0.0.0) - C:\Windows\System32\srms.dat
[MD5.A88BE9A6C4E646A2B2A1BD3A7F4B58E7] - |A| - [14/06/2021 09:21:36] - (.(c) 2007 SRS Labs, Inc. - COM object implementing SRS Headphone 360.) - [194.23 Ko] - (1.1.0.0) - C:\Windows\System32\SRSHP64.dll
[MD5.00000000000000000000000000000000] - |D| - [14/06/2021 09:22:52] - [2126.38 Ko] - C:\Windows\System32\SRSLabs
[MD5.A028717B791416182959B325D5B40679] - |A| - [14/06/2021 09:21:36] - (.Copyright (c) 2006 SRS Labs, Inc.. - TruSurround HD and HD4 COM object for Windows.) - [206.23 Ko] - (1.1.4.0) - C:\Windows\System32\SRSTSH64.dll
[MD5.018D3D2478754AA411DE6DA6DE5F8F21] - |A| - [14/06/2021 09:21:36] - (.Copyright 2002 SRS Labs, Inc. - TruSurroundXT Module.) - [506.73 Ko] - (3.2.0.0) - C:\Windows\System32\SRSTSX64.dll
[MD5.2FCADCC14F8E540F6ADE4BF92BD8AEDD] - |A| - [14/06/2021 09:21:36] - (.(c) 2006 SRS Labs, Inc. - WOW HD COM object for Windows.) - [152.23 Ko] - (1.1.3.0) - C:\Windows\System32\SRSWOW64.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [9944 Ko] - C:\Windows\System32\sru
[MD5.862E9C75593E9BB1A90961975276F7FE] - |A| - [09/04/2021 15:53:48] - (.-.) - [444.5 Ko] - (0.0.0.0) - C:\Windows\System32\ssdm.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [320.5 Ko] - C:\Windows\System32\sv-SE
[MD5.26D2D82E2DD08761EAACF5BB5099D65B] - |A| - [01/09/2022 11:39:47] - (.-.) - [1265.67 Ko] - (0.0.0.0) - C:\Windows\System32\SvBannerBackground.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1418.57 Ko] - C:\Windows\System32\Sysprep
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [938.28 Ko] - C:\Windows\System32\SystemResetPlatform
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [8.16 Ko] - C:\Windows\System32\ta-in
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10.73 Ko] - C:\Windows\System32\ta-lk
[MD5.3596DC15B6F6CBBB6EC8B143CBD57F24] - |A| - [01/09/2022 11:44:03] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [53.5 Ko] - (3.5.1.0) - C:\Windows\System32\tar.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [659.63 Ko] - C:\Windows\System32\Tasks
[MD5.D602CA245CC6774A0981B607F0675609] - |A| - [07/12/2019 11:09:05] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\Windows\System32\tcpmon.ini
[MD5.A1B4F24EDEA24557BA309125FC5ED47F] - |A| - [01/09/2022 11:39:02] - (.-.) - [2207.5 Ko] - (0.0.0.0) - C:\Windows\System32\TextInputMethodFormatter.dll
[MD5.4C528AE5D512E3901BACAA5D75240381] - |A| - [01/09/2022 11:38:58] - (.-.) - [689.98 Ko] - (0.0.0.0) - C:\Windows\System32\TextShaping.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [240 Ko] - C:\Windows\System32\th-TH
[MD5.CF7677327BE3C6395B9F3333CC0F1C15] - |A| - [09/04/2021 15:54:29] - (.-.) - [1.34 Ko] - (0.0.0.0) - C:\Windows\System32\ThirdPartyNoticesBySHS.txt
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [5.97 Ko] - C:\Windows\System32\ti-et
[MD5.25551715B57E10FAFFAAA72B07641075] - |A| - [01/09/2022 11:37:52] - (.-.) - [266.5 Ko] - (0.0.0.0) - C:\Windows\System32\TpmTool.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [308.5 Ko] - C:\Windows\System32\tr-TR
[MD5.B88B8D017386A00D7724519F475317A0] - |A| - [07/12/2019 11:08:13] - (.-.) - [10.33 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlan.xslt
[MD5.2F05390B798363D51EBE65D6320CD45E] - |A| - [07/12/2019 11:08:13] - (.-.) - [1.65 Ko] - (0.0.0.0) - C:\Windows\System32\TransformPPSToWlanCredentials.xslt
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [249 Ko] - C:\Windows\System32\uk-UA
[MD5.8CDD866E0707A71952FBA8BE899B7512] - |A| - [09/04/2021 15:53:49] - (.-.) - [63.04 Ko] - (0.0.0.0) - C:\Windows\System32\umpdc.dll
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [2208.2 Ko] - C:\Windows\System32\UNP
[MD5.8ADD5935D83D0A425C39E369520C4095] - |A| - [07/12/2019 11:08:37] - (.-.) - [48 Ko] - (0.0.0.0) - C:\Windows\System32\UsbPmApi.dll
[MD5.46A6DF60907700A148D42CCF1219522E] - |A| - [07/12/2019 11:08:39] - (.-.) - [38.5 Ko] - (0.0.0.0) - C:\Windows\System32\usocoreps.dll
[MD5.1E630731AFDFC63DEC4074301D342E4B] - |A| - [07/12/2019 11:08:09] - (.-.) - [36.5 Ko] - (0.0.0.0) - C:\Windows\System32\VhfUm.dll
[MD5.A10725A4632FFFEAE250E09ADA553F94] - |A| - [09/04/2021 15:55:30] - (.-.) - [93.5 Ko] - (0.0.0.0) - C:\Windows\System32\VirtualMonitorManager.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [85235.83 Ko] - C:\Windows\System32\wbem
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\Windows\System32\WCN
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [93845.1 Ko] - C:\Windows\System32\WDI
[MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [07/12/2019 11:08:46] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\Windows\System32\WdsUnattendTemplate.xml
[MD5.1D64ACF3675288CC086E6361EAC748C4] - |A| - [07/12/2019 11:08:52] - (.-.) - [144.51 Ko] - (0.0.0.0) - C:\Windows\System32\Win32AppSettingsProvider.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1.12 Ko] - C:\Windows\System32\WinBioDatabase
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57685.69 Ko] - C:\Windows\System32\WinBioPlugIns
[MD5.3F376202BE6A0EC0C866D97ED2E0F16D] - |A| - [12/06/2021 15:29:52] - (.-.) - [642.05 Ko] - (0.0.0.0) - C:\Windows\System32\WindowManagementAPI.dll
[MD5.E9CA21D71E952448B75C45B2467E4DE7] - |A| - [07/12/2019 11:08:27] - (.-.) - [123 Ko] - (0.0.0.0) - C:\Windows\System32\WindowsDefaultHeatProcessor.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10783.11 Ko] - C:\Windows\System32\WindowsPowerShell
[MD5.28E98ED0B6B08B7F1D163FFD184B28AF] - |A| - [07/12/2019 11:08:41] - (.-.) - [0.74 Ko] - (0.0.0.0) - C:\Windows\System32\WindowsSecurityIcon.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [93684 Ko] - C:\Windows\System32\winevt
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6326.64 Ko] - C:\Windows\System32\WinMetadata
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [107.56 Ko] - C:\Windows\System32\winrm
[MD5.1B46E2E85D401A629966A8F62D9B0775] - |A| - [07/12/2019 11:08:12] - (.-.) - [9.91 Ko] - (0.0.0.0) - C:\Windows\System32\wpcatltoast.png
[MD5.C30C621748C66CE751B19B2788559A3E] - |A| - [07/12/2019 11:08:12] - (.-.) - [4.58 Ko] - (0.0.0.0) - C:\Windows\System32\wpcmon.png
[MD5.69FEC1494F4C454E994D27CA6750832B] - |A| - [07/12/2019 11:08:49] - (.-.) - [0.71 Ko] - (0.0.0.0) - C:\Windows\System32\wpr.config.xml
[MD5.3777A39635D6016118A552D1BAE3F86F] - |A| - [01/09/2022 11:39:32] - (.-.) - [24 Ko] - (0.0.0.0) - C:\Windows\System32\WsdProviderUtil.dll
[MD5.C8A7EAA0B83E05DDD11F37A833F754AC] - |A| - [07/12/2019 11:08:21] - (.-.) - [83 Ko] - (0.0.0.0) - C:\Windows\System32\xboxgipsynthetic.dll
[MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.contrast-black.png
[MD5.6FF92221AF9D6CDF0966C4E44C367975] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.57 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.contrast-white.png
[MD5.F7B865265606C41B0E07779D3317E0A8] - |A| - [07/12/2019 11:08:39] - (.-.) - [0.61 Ko] - (0.0.0.0) - C:\Windows\System32\X_80.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [234.99 Ko] - C:\Windows\System32\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [204.5 Ko] - C:\Windows\System32\zh-TW
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\Windows\SysWOW64\0409
[MD5.D6F8DD9F561B8A67FFAC2BAD7E989770] - |A| - [07/12/2019 11:09:21] - (.-.) - [0.23 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@AppHelpToast.png
[MD5.82C37C3E27020AF6C2E018E944284676] - |A| - [07/12/2019 11:09:21] - (.-.) - [0.3 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@AudioToastIcon.png
[MD5.495C1F072039B434827A5FE0D9761E4D] - |A| - [07/12/2019 11:09:26] - (.-.) - [0.32 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@EnrollmentToastIcon.png
[MD5.1622DE67156496C78D6B7BE9B471645B] - |A| - [07/12/2019 11:09:32] - (.-.) - [0.39 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@VpnToastIcon.png
[MD5.DB71001FC261F6685BE410527DAE3942] - |A| - [07/12/2019 11:09:15] - (.-.) - [0.67 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\@WirelessDisplayToast.png
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1864.83 Ko] - C:\Windows\SysWOW64\AdvancedInstallers
[MD5.E556115BD4E751178310F842E457CA22] - |A| - [09/04/2021 15:54:45] - (.-.) - [10.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\agentactivationruntimestarter.exe
[MD5.7D4761FD5A02353C9BD70C1F5B15AA4F] - |A| - [21/10/2015 02:14:42] - (.-.) - [193.98 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdgfxinfo32.dll
[MD5.F12467373381C72FAE9CA7C08ED6C919] - |A| - [21/10/2015 02:14:42] - (.-.) - [128.98 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdhdl32.dll
[MD5.87882BCCDF63B74B675ECCE6B6609DC2] - |A| - [21/10/2015 02:14:42] - (.Advanced Micro Devices, Inc. Copyright (C) 2015 - LiquidVR SDK 1.0.) - [511.98 Ko] - (1.0.3.8) - C:\Windows\SysWOW64\amdlvr32.dll
[MD5.8F2144D05F41DD27308548B5D9D19101] - |A| - [21/10/2015 02:14:42] - (.Copyright (C) 2013 AMD Inc. - Mantle driver, support for SI family and above.) - [5093.98 Ko] - (9.1.10.83) - C:\Windows\SysWOW64\amdmantle32.dll
[MD5.F9F99EA40AF48C716C2E823F2B6FD2D8] - |A| - [21/10/2015 02:14:42] - (.Copyright (c) 2013 Advanced Micro Devices, Inc. - Radeon MMOCL Universal Driver.) - [46.98 Ko] - (1.6.0.0) - C:\Windows\SysWOW64\amdmmcl.dll
[MD5.E30B1D883DC886016C38FDEE6755CCC6] - |A| - [21/10/2015 02:14:46] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD Accelerated Parallel Processing OpenCL 2.0 Runtime.) - [38790.48 Ko] - (10.0.1800.11) - C:\Windows\SysWOW64\amdocl.dll
[MD5.5F0F6073A243FC8C4C190E3F06D1247E] - |A| - [21/10/2015 02:14:46] - (.Copyright (C) 2011 Advanced Micro Devices Inc. - AMD COMPILER OpenCL 1.1 Compiler.) - [21803.98 Ko] - (0.8.0.0) - C:\Windows\SysWOW64\amdocl12cl.dll
[MD5.40A2E4C2933EB5DE99C06F00A9E2C589] - |A| - [21/10/2015 02:14:44] - (.-.) - [980.49 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdocl_as32.exe
[MD5.985589A3C4BB14ED23A15D9477475F7B] - |A| - [21/10/2015 02:14:42] - (.-.) - [788.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\amdocl_ld32.exe
[MD5.170EA2F4A32130BBF7EABD2D94B235AE] - |A| - [21/10/2015 02:14:54] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [79.26 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\amdpcom32.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\AppLocker
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [97.5 Ko] - C:\Windows\SysWOW64\ar-SA
[MD5.DD0F04B43362A7C7660C1DF405D416F0] - |A| - [01/09/2022 11:45:12] - (.Copyright (c) libarchive authors - Windows-internal libarchive library.) - [563 Ko] - (3.5.1.0) - C:\Windows\SysWOW64\archiveint.dll
[MD5.546E937838E7D9FD945D6505529F2209] - |A| - [21/10/2015 02:14:44] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [913.48 Ko] - (7.15.20.1301) - C:\Windows\SysWOW64\atiadlxx.dll
[MD5.546E937838E7D9FD945D6505529F2209] - |A| - [21/10/2015 02:14:44] - (.Copyright (C) 2008-2014 Advanced Micro Devices, Inc. - ADL.) - [913.48 Ko] - (7.15.20.1301) - C:\Windows\SysWOW64\atiadlxy.dll
[MD5.53650482B8E621276DC55E50C9FB2FEE] - |A| - [22/08/2015 01:53:34] - (.-.) - [646.87 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiapfxx.blb
[MD5.4A8BC73F07C13E602B573BE723BFB360] - |A| - [21/10/2015 02:14:44] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL compiler runtime.) - [56.48 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticalcl.dll
[MD5.64E261847856C53DE5A3007682707290] - |A| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL DD.) - [13975.48 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticaldd.dll
[MD5.F1E925DE8ECC7BE99BCC380BBA3F477E] - |A| - [21/10/2015 02:14:46] - (.Copyright (C) 2008 Advanced Micro Devices Inc. - ATI CAL runtime.) - [59.48 Ko] - (6.14.10.1848) - C:\Windows\SysWOW64\aticalrt.dll
[MD5.DCE2F09D2DF45938DB476B287D6F560B] - |A| - [21/10/2015 02:14:54] - (.Copyright (C) 1998-2012 AMD Inc. - aticfx32.dll.) - [1194.88 Ko] - (8.17.10.1404) - C:\Windows\SysWOW64\aticfx32.dll
[MD5.194B36603ED7BB93290F4A3C73B94764] - |A| - [21/10/2015 02:14:56] - (.Copyright (C) 1998-2011 AMD Inc. - atidxx32.dll.) - [9971.7 Ko] - (8.17.10.625) - C:\Windows\SysWOW64\atidxx32.dll
[MD5.B84EF06D0D8192F33EE5BC12B2BA3702] - |A| - [21/10/2015 02:14:46] - (.-.) - [148.98 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atieah32.exe
[MD5.B728F7B42DA61395F43C86BDDE5196E5] - |A| - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atigktxx.dll.) - [146.98 Ko] - (8.14.1.6463) - C:\Windows\SysWOW64\atigktxx.dll
[MD5.0C3156664885AF41100B63853EBCE037] - |A| - [21/10/2015 02:14:46] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiglpxx.dll.) - [76.48 Ko] - (8.14.1.6463) - C:\Windows\SysWOW64\atiglpxx.dll
[MD5.B344A7D717211B7DF53E369FC58290DF] - |A| - [21/10/2015 02:14:54] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon PCOM Universal Driver.) - [79.26 Ko] - (8.14.10.23) - C:\Windows\SysWOW64\atimpc32.dll
[MD5.6557A2BB671495C8F7E127FCD23FAF3E] - |A| - [21/10/2015 02:14:48] - (.Copyright (C) 1998-2011 Advanced Micro Devices, Inc. - AMD OpenGL driver.) - [24726.98 Ko] - (6.14.10.13399) - C:\Windows\SysWOW64\atioglxx.dll
[MD5.E183E40B75E742A6E597A922168C2405] - |A| - [21/10/2015 02:14:56] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiu9pag.dll.) - [109.73 Ko] - (8.14.1.6463) - C:\Windows\SysWOW64\atiu9pag.dll
[MD5.E638384DCD47CEA8F0DF2B6BAFB11F57] - |A| - [21/10/2015 02:14:56] - (.Copyright (C) 1998-2011 AMD Inc. - atiumdag.dll.) - [7307.19 Ko] - (9.14.10.1128) - C:\Windows\SysWOW64\atiumdag.dll
[MD5.A98DA23A524803615B083CFCED1CE362] - |A| - [22/08/2015 01:50:46] - (.-.) - [3390.02 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\atiumdva.cap
[MD5.34438A391DADBD03940AF0760E2932CB] - |A| - [21/10/2015 02:14:56] - (.Copyright (c) 2009 Advanced Micro Devices, Inc. - Radeon Video Acceleration Universal Driver.) - [7821.64 Ko] - (8.14.10.513) - C:\Windows\SysWOW64\atiumdva.dll
[MD5.C62336798199A3705424A6708445DD11] - |A| - [21/10/2015 02:14:56] - (.Copyright (C) 2007 Advanced Micro Devices, Inc. - atiuxpag.dll.) - [139.7 Ko] - (8.14.1.6463) - C:\Windows\SysWOW64\atiuxpag.dll
[MD5.7C163EDE63854539828F5B2C1BC529FD] - |A| - [22/08/2015 01:54:10] - (.-.) - [153.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsva.dat
[MD5.219D7091DD1D93728392337FE9C7ADD6] - |A| - [22/08/2015 01:54:10] - (.-.) - [200.15 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ativvsvl.dat
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [59 Ko] - C:\Windows\SysWOW64\bg-BG
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.1 Ko] - C:\Windows\SysWOW64\Bthprops
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\catroot
[MD5.49AE90FEBF9B3D30FDE471D1D4E3192C] - |A| - [12/06/2021 14:34:30] - (.-.) - [60.47 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\CCCInstall_202106121434300244.log
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [316.5 Ko] - C:\Windows\SysWOW64\Com
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2.99 Ko] - C:\Windows\SysWOW64\config
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [53.11 Ko] - C:\Windows\SysWOW64\Configuration
[MD5.6545DE4EF5217AA2FFC7FFD27725A971] - |A| - [09/04/2021 15:54:45] - (.-.) - [235 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\CoreMas.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [118.5 Ko] - C:\Windows\SysWOW64\cs-CZ
[MD5.44E5BAEEE864F1E9EDBE3986246AB37A] - |A| - [01/09/2022 11:45:12] - (.© 1996 - 2022 Daniel Stenberg, <daniel@haxx.se>. - The curl executable.) - [459.5 Ko] - (7.83.1.0) - C:\Windows\SysWOW64\curl.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [119.5 Ko] - C:\Windows\SysWOW64\da-DK
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [131.5 Ko] - C:\Windows\SysWOW64\de-DE
[MD5.C1684AACAAD62889ACFCA988AA46562D] - |A| - [07/12/2019 11:09:15] - (.-.) - [28.83 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\DefaultAccountTile.png
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [188 Ko] - C:\Windows\SysWOW64\DiagSvcs
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [7630.09 Ko] - C:\Windows\SysWOW64\Dism
[MD5.B873A5ABCFBC42B1BAC9EBE8741C6162] - |A| - [07/12/2019 16:50:56] - (.Copyright (C) 2019 - Gracenote SDK component.) - [244 Ko] - (3.9.511.0) - C:\Windows\SysWOW64\gnsdk_fp.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [93 Ko] - C:\Windows\SysWOW64\he-IL
[MD5.DF0C9C776F8367E213210FB256AC30EC] - |A| - [09/04/2021 15:54:52] - (.-.) - [230 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\HeatCore.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [56 Ko] - C:\Windows\SysWOW64\hr-HR
[MD5.506C5BE8B184615F7F35A85C00A16E76] - |A| - [21/10/2015 02:14:48] - (.-.) - [108.48 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\hsa-thunk.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [123 Ko] - C:\Windows\SysWOW64\hu-HU
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [36.27 Ko] - C:\Windows\SysWOW64\icsxml
[MD5.8226A1A91F01432A0CB10CAABF1B9C6D] - |A| - [12/06/2021 15:31:31] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Combined Library.) - [1820.5 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icu.dll
[MD5.FB475B41189AACF1C607C1E9DC0EBB0B] - |RA| - [07/12/2019 11:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU I18N Forwarder DLL.) - [24 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icuin.dll
[MD5.B17445D0DF2C22C924899B5DF8E84475] - |RA| - [07/12/2019 11:09:18] - (.Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html - ICU Common Forwarder DLL.) - [28.5 Ko] - (64.2.0.0) - C:\Windows\SysWOW64\icuuc.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [21636.82 Ko] - C:\Windows\SysWOW64\IME
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\inetsrv
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [215 Ko] - C:\Windows\SysWOW64\InputMethod
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [1160 Ko] - C:\Windows\SysWOW64\InstallShield
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\Ipmi
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [125 Ko] - C:\Windows\SysWOW64\it-IT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [89 Ko] - C:\Windows\SysWOW64\ja-JP
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [10192.95 Ko] - C:\Windows\SysWOW64\Keywords
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [90.5 Ko] - C:\Windows\SysWOW64\ko-KR
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [454.91 Ko] - C:\Windows\SysWOW64\Licenses
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\LogFiles
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [56.5 Ko] - C:\Windows\SysWOW64\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [56 Ko] - C:\Windows\SysWOW64\lv-LV
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:52:05] - [32.68 Ko] - C:\Windows\SysWOW64\MailContactsCalendarSync
[MD5.39CE334A6E1CBED62462A0CCCC080A5C] - |A| - [21/10/2015 02:14:48] - (.Copyright (C) 2013 AMD Inc. - Mantle loader.) - [119.48 Ko] - (9.1.10.83) - C:\Windows\SysWOW64\mantle32.dll
[MD5.890CD0E80FA4CA7728FF49E372D789F2] - |A| - [21/10/2015 02:14:48] - (.Copyright (C) 2013 AMD Inc. - Mantle extension library.) - [94.48 Ko] - (9.1.10.83) - C:\Windows\SysWOW64\mantleaxl32.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [2853.21 Ko] - C:\Windows\SysWOW64\migration
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [816.8 Ko] - C:\Windows\SysWOW64\migwiz
[MD5.08749DCC252AE1148E3BEA32B3FFFBFC] - |A| - [07/12/2019 11:10:14] - (.-.) - [0.11 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\MixedRealityRuntime.json
[MD5.C8BF077B236ED2803347BD95DE29BF68] - |A| - [07/12/2019 11:15:00] - (.-.) - [3.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\mmc.exe.config
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [45.5 Ko] - C:\Windows\SysWOW64\MSDRM
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [52.28 Ko] - C:\Windows\SysWOW64\Msdtc
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6 Ko] - C:\Windows\SysWOW64\MUI
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [116 Ko] - C:\Windows\SysWOW64\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\NDF
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [51 Ko] - C:\Windows\SysWOW64\networklist
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [122.5 Ko] - C:\Windows\SysWOW64\nl-NL
[MD5.00000000000000000000000000000000] - |SD| - [07/12/2019 11:14:52] - [3781.5 Ko] - C:\Windows\SysWOW64\Nui
[MD5.B3B9C8925432FDA674ACCA908FE3CFDE] - |A| - [07/12/2019 11:10:14] - (.-.) - [36.79 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\OneDrive.ico
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [764.83 Ko] - C:\Windows\SysWOW64\oobe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [79.5 Ko] - C:\Windows\SysWOW64\PerceptionSimulation
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [124 Ko] - C:\Windows\SysWOW64\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [420.74 Ko] - C:\Windows\SysWOW64\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [122 Ko] - C:\Windows\SysWOW64\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [123 Ko] - C:\Windows\SysWOW64\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [23.75 Ko] - C:\Windows\SysWOW64\ras
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\RasToast
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0.82 Ko] - C:\Windows\SysWOW64\Recovery
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\restore
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57.5 Ko] - C:\Windows\SysWOW64\ro-RO
[MD5.BA7D4E5FAE64BD0403C7F7E91CD93F77] - |A| - [07/12/2019 11:10:05] - (.-.) - [11.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\srms-apr-v.dat
[MD5.DC9450258D80F46AEF8EF063A7C629B0] - |A| - [07/12/2019 11:10:05] - (.-.) - [19.03 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\srms-apr.dat
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\sru
[MD5.BDC53957962AFBEBE6A25EF941C261B3] - |A| - [09/04/2021 15:54:45] - (.-.) - [323 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\ssdm.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [117.5 Ko] - C:\Windows\SysWOW64\sv-SE
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\Windows\SysWOW64\sysprep
[MD5.D7128869A4759CCBDC5D4BC55A40D4CC] - |A| - [01/09/2022 11:45:12] - (.Copyright (c) libarchive authors - bsdtar archive tool.) - [43.5 Ko] - (3.5.1.0) - C:\Windows\SysWOW64\tar.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [0 Ko] - C:\Windows\SysWOW64\Tasks
[MD5.24112B33D937AB7721EBEF4231D53667] - |A| - [01/09/2022 11:42:45] - (.-.) - [1302.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TextInputMethodFormatter.dll
[MD5.4C58C812BB19C065CB0ED7FC8FBBAC12] - |A| - [01/09/2022 11:42:42] - (.-.) - [597.62 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TextShaping.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [50.5 Ko] - C:\Windows\SysWOW64\th-TH
[MD5.CE4E73FA1555E59A16BEE1DFF1EE353A] - |A| - [01/09/2022 11:42:12] - (.-.) - [218.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\TpmTool.exe
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [115.5 Ko] - C:\Windows\SysWOW64\tr-TR
[MD5.A88B20DABDA28A87D3C9FFA453ED2205] - |A| - [01/09/2022 11:13:51] - (.(C) 1993-2009 TWAIN Working Group. - TWAIN 32 Source Manager (Image Acquisition Interface).) - [144.02 Ko] - (2.1.4.0) - C:\Windows\SysWOW64\twaindsm.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [57 Ko] - C:\Windows\SysWOW64\uk-UA
[MD5.7E0273A51BDD51DFB58F905C8F501061] - |A| - [09/04/2021 15:54:55] - (.-.) - [46.36 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\umpdc.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [15627.45 Ko] - C:\Windows\SysWOW64\wbem
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [0 Ko] - C:\Windows\SysWOW64\WCN
[MD5.A22B636328327A4EA6F6AB3F48A5B5B1] - |A| - [12/06/2021 15:31:30] - (.-.) - [457.46 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WindowManagementAPI.dll
[MD5.BEDEDB102316C696D36F0D4331E1C2AE] - |A| - [07/12/2019 11:09:17] - (.-.) - [104.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WindowsDefaultHeatProcessor.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [9347.33 Ko] - C:\Windows\SysWOW64\WindowsPowerShell
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [6327.03 Ko] - C:\Windows\SysWOW64\WinMetadata
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 16:49:56] - [107.56 Ko] - C:\Windows\SysWOW64\winrm
[MD5.FECEF7E35453020055761689843F11AC] - |A| - [01/09/2022 11:45:11] - (.-.) - [18.5 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\WsdProviderUtil.dll
[MD5.7A015A6F199516A06C5AFB56FEE7AC51] - |A| - [07/12/2019 11:09:17] - (.-.) - [59 Ko] - (0.0.0.0) - C:\Windows\SysWOW64\xboxgipsynthetic.dll
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [82 Ko] - C:\Windows\SysWOW64\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [07/12/2019 11:14:52] - [82 Ko] - C:\Windows\SysWOW64\zh-TW

---------- | [Compaq]

[30/08/2022 10:28:40] - |D| - [0] - C:\Users\Compaq\.ms-ad
[12/06/2021 15:23:40] - |RD| - [298] - C:\Users\Compaq\3D Objects
[12/06/2021 13:03:44] - |HD| - [1533670559] - C:\Users\Compaq\AppData
[12/06/2021 13:03:45] - |SHD| - [0] - C:\Users\Compaq\Application Data
[12/06/2021 15:23:41] - |RD| - [412] - C:\Users\Compaq\Contacts
[12/06/2021 13:03:45] - |SHD| - [0] - C:\Users\Compaq\Cookies
[12/06/2021 13:03:44] - |RD| - [39519068297] - C:\Users\Compaq\Desktop
[12/06/2021 13:03:44] - |RD| - [2887121] - C:\Users\Compaq\Documents
[12/06/2021 13:03:44] - |RD| - [126502187] - C:\Users\Compaq\Downloads
[12/06/2021 13:03:44] - |RD| - [690] - C:\Users\Compaq\Favorites
[12/06/2021 13:03:44] - |RD| - [1955] - C:\Users\Compaq\Links
[12/06/2021 13:03:45] - |SHD| - [0] - C:\Users\Compaq\Local Settings
[12/06/2021 13:03:45] - |SHD| - [0] - C:\Users\Compaq\Menu Démarrer
[12/06/2021 13:03:45] - |SHD| - [0] - C:\Users\Compaq\Mes documents
[12/06/2021 13:03:45] - |SHD| - [0] - C:\Users\Compaq\Modèles
[12/06/2021 13:03:44] - |RD| - [504] - C:\Users\Compaq\Music
[12/06/2021 13:03:44] - |AH| - [1572864] - C:\Users\Compaq\NTUSER.DAT
[12/06/2021 13:03:44] - |ASH| - [435200] - C:\Users\Compaq\ntuser.dat.LOG1
[12/06/2021 13:03:44] - |ASH| - [196608] - C:\Users\Compaq\ntuser.dat.LOG2
[12/06/2021 13:03:45] - |ASH| - [65536] - C:\Users\Compaq\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TM.blf
[12/06/2021 13:03:45] - |ASH| - [524288] - C:\Users\Compaq\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TMContainer00000000000000000001.regtrans-ms
[12/06/2021 13:03:45] - |ASH| - [524288] - C:\Users\Compaq\NTUSER.DAT{53b39e88-18c4-11ea-a811-000d3aa4692b}.TMContainer00000000000000000002.regtrans-ms
[12/06/2021 13:03:45] - |SH| - [20] - C:\Users\Compaq\ntuser.ini
[12/06/2021 15:09:59] - |RD| - [97] - C:\Users\Compaq\OneDrive
[12/06/2021 13:03:44] - |RD| - [995653] - C:\Users\Compaq\Pictures
[12/06/2021 13:03:45] - |SHD| - [0] - C:\Users\Compaq\Recent
[12/06/2021 13:03:44] - |RD| - [282] - C:\Users\Compaq\Saved Games
[12/06/2021 15:23:41] - |RD| - [1879] - C:\Users\Compaq\Searches
[12/06/2021 13:03:45] - |SHD| - [0] - C:\Users\Compaq\SendTo
[01/09/2022 11:50:39] - |A| - [3661] - C:\Users\Compaq\Sti_Trace.log
[12/06/2021 13:03:44] - |RD| - [694] - C:\Users\Compaq\Videos
[12/06/2021 13:03:45] - |SHD| - [0] - C:\Users\Compaq\Voisinage d'impression
[12/06/2021 13:03:45] - |SHD| - [0] - C:\Users\Compaq\Voisinage réseau
[12/06/2021 13:03:44] - |D| - [1198462231] - C:\Users\Compaq\AppData\Local
[12/06/2021 13:03:45] - |D| - [273100596] - C:\Users\Compaq\AppData\LocalLow
[12/06/2021 13:03:44] - |D| - [62107769] - C:\Users\Compaq\AppData\Roaming
[12/06/2021 16:50:14] - |D| - [1448484] - C:\Users\Compaq\AppData\Local\Adobe
[12/06/2021 15:59:15] - |D| - [478591] - C:\Users\Compaq\AppData\Local\AMD
[12/06/2021 13:03:45] - |SHD| - [0] - C:\Users\Compaq\AppData\Local\Application Data
[12/06/2021 15:58:22] - |D| - [66105] - C:\Users\Compaq\AppData\Local\ATI
[30/08/2022 10:28:48] - |D| - [0] - C:\Users\Compaq\AppData\Local\CEF
[12/06/2021 16:01:31] - |D| - [18571268] - C:\Users\Compaq\AppData\Local\Comms
[12/06/2021 15:23:24] - |D| - [3234436] - C:\Users\Compaq\AppData\Local\ConnectedDevicesPlatform
[30/08/2022 10:27:53] - |D| - [66500] - C:\Users\Compaq\AppData\Local\D3DSCache
[29/08/2022 15:05:35] - |D| - [1209016] - C:\Users\Compaq\AppData\Local\ElevatedDiagnostics
[12/06/2021 16:36:56] - |D| - [192737949] - C:\Users\Compaq\AppData\Local\Google
[12/06/2021 13:03:45] - |SHD| - [0] - C:\Users\Compaq\AppData\Local\Historique
[12/06/2021 15:24:12] - |AH| - [27904] - C:\Users\Compaq\AppData\Local\IconCache.db
[12/06/2021 13:03:44] - |D| - [470469337] - C:\Users\Compaq\AppData\Local\Microsoft
[12/06/2021 16:34:52] - |D| - [327706776] - C:\Users\Compaq\AppData\Local\Mozilla
[12/06/2021 15:23:32] - |D| - [75317502] - C:\Users\Compaq\AppData\Local\Packages
[12/06/2021 16:04:12] - |D| - [9105] - C:\Users\Compaq\AppData\Local\PlaceholderTileLogoFolder
[30/08/2022 10:05:48] - |D| - [0] - C:\Users\Compaq\AppData\Local\Programs
[12/06/2021 15:24:31] - |D| - [0] - C:\Users\Compaq\AppData\Local\Publishers
[02/09/2022 00:59:19] - |D| - [0] - C:\Users\Compaq\AppData\Local\SolidDocuments
[12/06/2021 13:03:44] - |D| - [107119258] - C:\Users\Compaq\AppData\Local\Temp
[12/06/2021 13:03:45] - |SHD| - [0] - C:\Users\Compaq\AppData\Local\Temporary Internet Files
[12/06/2021 15:23:33] - |D| - [0] - C:\Users\Compaq\AppData\Local\VirtualStore
[12/06/2021 16:54:59] - |D| - [6640026] - C:\Users\Compaq\AppData\LocalLow\Adobe
[30/08/2022 10:09:52] - |D| - [262690404] - C:\Users\Compaq\AppData\LocalLow\iTop Screen Recorder
[12/06/2021 14:26:15] - |SD| - [3770166] - C:\Users\Compaq\AppData\LocalLow\Microsoft
[12/06/2021 16:34:54] - |D| - [0] - C:\Users\Compaq\AppData\LocalLow\Mozilla
[12/06/2021 15:23:38] - |D| - [77613] - C:\Users\Compaq\AppData\Roaming\Adobe
[12/06/2021 15:58:22] - |D| - [0] - C:\Users\Compaq\AppData\Roaming\ATI
[01/09/2022 11:17:30] - |D| - [348146] - C:\Users\Compaq\AppData\Roaming\Epson
[01/09/2022 11:14:10] - |D| - [0] - C:\Users\Compaq\AppData\Roaming\InstallShield
[30/08/2022 10:06:38] - |D| - [3665074] - C:\Users\Compaq\AppData\Roaming\iTop Screen Recorder
[12/06/2021 13:03:44] - |SD| - [525901] - C:\Users\Compaq\AppData\Roaming\Microsoft
[12/06/2021 16:34:52] - |D| - [45043991] - C:\Users\Compaq\AppData\Roaming\Mozilla
[12/06/2021 16:40:33] - |D| - [12413613] - C:\Users\Compaq\AppData\Roaming\OpenOffice
[12/06/2021 16:36:49] - |D| - [98967] - C:\Users\Compaq\AppData\Roaming\vlc
[12/06/2021 15:23:41] - |SH| - [174] - C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
[12/06/2021 13:03:45] - |SHD| - [0] - C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
[12/06/2021 13:03:44] - |RD| - [18763] - C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[12/06/2021 13:03:44] - |RD| - [3888] - C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[12/06/2021 13:03:44] - |RD| - [1678] - C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[12/06/2021 15:23:42] - |RD| - [174] - C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[12/06/2021 13:03:44] - |SH| - [264] - C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
[12/06/2021 13:03:44] - |D| - [170] - C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[12/06/2021 13:03:44] - |A| - [2424] - C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[12/06/2021 15:23:42] - |RD| - [174] - C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[12/06/2021 13:03:44] - |RD| - [4913] - C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[12/06/2021 13:03:44] - |D| - [5078] - C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[12/06/2021 15:23:42] - |SH| - [174] - C:\Users\Compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | [Public]

[12/06/2021 15:23:41] - |RHD| - [196] - C:\Users\Public\AccountPictures
[07/12/2019 11:14:52] - |RHD| - [16101] - C:\Users\Public\Desktop
[07/12/2019 11:14:54] - |ASH| - [174] - C:\Users\Public\desktop.ini
[07/12/2019 11:14:52] - |RD| - [278] - C:\Users\Public\Documents
[07/12/2019 11:14:52] - |RD| - [174] - C:\Users\Public\Downloads
[07/12/2019 11:14:52] - |RHD| - [1174] - C:\Users\Public\Libraries
[07/12/2019 11:14:52] - |RD| - [380] - C:\Users\Public\Music
[07/12/2019 11:14:52] - |RD| - [380] - C:\Users\Public\Pictures
[07/12/2019 11:14:52] - |RD| - [380] - C:\Users\Public\Videos

---------- | C:\ProgramData

[12/06/2021 16:51:50] - |D| - [0] - C:\ProgramData\Adobe
[12/06/2021 15:51:18] - |D| - [152] - C:\ProgramData\AMD
[12/06/2021 12:08:12] - |SHD| - [0] - C:\ProgramData\Application Data
[12/06/2021 15:58:22] - |D| - [186] - C:\ProgramData\ATI
[12/06/2021 12:08:12] - |SHD| - [0] - C:\ProgramData\Bureau
[12/06/2021 12:08:12] - |SHD| - [0] - C:\ProgramData\Documents
[01/09/2022 11:08:03] - |D| - [16417538] - C:\ProgramData\Epson
[30/08/2022 10:08:32] - |D| - [506] - C:\ProgramData\iTop
[12/06/2021 12:08:12] - |SHD| - [0] - C:\ProgramData\Menu Démarrer
[07/12/2019 11:14:52] - |SD| - [898501934] - C:\ProgramData\Microsoft
[12/06/2021 15:26:18] - |D| - [25] - C:\ProgramData\Microsoft OneDrive
[12/06/2021 12:08:12] - |SHD| - [0] - C:\ProgramData\Modèles
[29/08/2022 17:39:29] - |D| - [6683994] - C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
[12/06/2021 14:32:40] - |D| - [14060333] - C:\ProgramData\Package Cache
[12/06/2021 15:24:02] - |D| - [57344] - C:\ProgramData\Packages
[07/12/2019 11:14:52] - |D| - [1001] - C:\ProgramData\regid.1991-06.com.microsoft
[07/12/2019 11:14:52] - |D| - [0] - C:\ProgramData\SoftwareDistribution
[09/04/2021 15:59:36] - |D| - [0] - C:\ProgramData\ssh
[07/12/2019 11:14:52] - |D| - [12181504] - C:\ProgramData\USOPrivate
[07/12/2019 11:14:52] - |D| - [10223616] - C:\ProgramData\USOShared
[07/12/2019 16:53:03] - |D| - [0] - C:\ProgramData\WindowsHolographicDevices

---------- | C:\ProgramData\Microsoft\Windows\Start Menu

[07/12/2019 11:14:54] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[12/06/2021 12:08:12] - |SHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes
[07/12/2019 11:14:52] - |RD| - [80636] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs

[07/12/2019 11:14:52] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
[07/12/2019 11:14:52] - |RD| - [14467] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[07/12/2019 11:14:52] - |RD| - [22956] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[01/09/2022 12:24:09] - |A| - [2073] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
[12/06/2021 14:33:59] - |D| - [4369] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[07/12/2019 11:14:54] - |SH| - [522] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
[01/09/2022 11:13:51] - |D| - [2178] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[01/09/2022 11:17:10] - |D| - [3413] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
[12/06/2021 16:31:35] - |A| - [1005] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
[12/06/2021 16:33:52] - |A| - [2245] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[07/12/2019 11:10:31] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk
[30/08/2022 10:08:11] - |D| - [2013] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTop Screen Recorder
[07/12/2019 11:14:52] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[12/06/2021 12:00:31] - |A| - [2442] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
[12/06/2021 16:39:26] - |SD| - [7392] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.10
[01/09/2022 10:43:37] - |A| - [1146] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
[07/12/2019 11:14:52] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
[07/12/2019 11:14:52] - |RD| - [1458] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
[12/06/2021 16:35:18] - |D| - [5850] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[07/12/2019 16:52:28] - |RD| - [2800] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows PowerShell

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

[07/12/2019 11:14:54] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | C:\Program Files (x86)

[12/06/2021 16:53:23] - |D| - [196404230] - C:\Program Files (x86)\Adobe
[12/06/2021 14:32:58] - |D| - [106367910] - C:\Program Files (x86)\ATI Technologies
[07/12/2019 11:14:52] - |D| - [27530483] - C:\Program Files (x86)\Common Files
[07/12/2019 11:14:54] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini
[01/09/2022 11:13:45] - |D| - [83237309] - C:\Program Files (x86)\epson
[01/09/2022 11:17:10] - |D| - [76408616] - C:\Program Files (x86)\Epson Software
[12/06/2021 16:32:04] - |D| - [190218512] - C:\Program Files (x86)\Google
[01/09/2022 11:14:16] - |HD| - [10138216] - C:\Program Files (x86)\InstallShield Installation Information
[07/12/2019 11:14:52] - |D| - [1996367] - C:\Program Files (x86)\Internet Explorer
[30/08/2022 09:56:43] - |D| - [0] - C:\Program Files (x86)\jesaigeduez
[09/04/2021 15:59:51] - |D| - [1067348127] - C:\Program Files (x86)\Microsoft
[07/12/2019 11:14:52] - |D| - [23935] - C:\Program Files (x86)\Microsoft.NET
[12/06/2021 16:31:33] - |D| - [590605] - C:\Program Files (x86)\Mozilla Maintenance Service
[12/06/2021 16:38:26] - |D| - [333203924] - C:\Program Files (x86)\OpenOffice 4
[12/09/2022 10:04:01] - |D| - [8539811] - C:\Program Files (x86)\UsbFix
[07/12/2019 11:14:52] - |D| - [1823008] - C:\Program Files (x86)\Windows Defender
[07/12/2019 11:14:52] - |D| - [625664] - C:\Program Files (x86)\Windows Mail
[07/12/2019 16:53:03] - |D| - [3238298] - C:\Program Files (x86)\Windows Media Player
[07/12/2019 16:53:03] - |D| - [40232] - C:\Program Files (x86)\Windows Multimedia Platform
[07/12/2019 11:14:52] - |D| - [6058840] - C:\Program Files (x86)\Windows NT
[07/12/2019 16:53:03] - |D| - [5261760] - C:\Program Files (x86)\Windows Photo Viewer
[07/12/2019 16:53:03] - |D| - [40232] - C:\Program Files (x86)\Windows Portable Devices
[07/12/2019 11:14:52] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar
[07/12/2019 11:14:52] - |D| - [2250695] - C:\Program Files (x86)\WindowsPowerShell

---------- | C:\Program Files

[01/09/2022 12:22:37] - |D| - [815332690] - C:\Program Files\Adobe
[12/06/2021 14:31:28] - |D| - [96636696] - C:\Program Files\AMD
[12/06/2021 14:33:43] - |D| - [5595872] - C:\Program Files\ATI Technologies
[07/12/2019 11:14:52] - |D| - [890939840] - C:\Program Files\Common Files
[07/12/2019 11:14:54] - |ASH| - [174] - C:\Program Files\desktop.ini
[12/06/2021 12:08:12] - |SHD| - [0] - C:\Program Files\Fichiers communs
[12/06/2021 16:33:25] - |D| - [601855055] - C:\Program Files\Google
[07/12/2019 11:14:52] - |D| - [2676834] - C:\Program Files\Internet Explorer
[30/08/2022 10:06:38] - |D| - [329565206] - C:\Program Files\iTop Screen Recorder
[01/09/2022 10:54:54] - |D| - [1918104] - C:\Program Files\Microsoft Update Health Tools
[07/12/2019 11:14:52] - |D| - [0] - C:\Program Files\ModifiableWindowsApps
[08/09/2022 15:00:50] - |D| - [222535092] - C:\Program Files\Mozilla Firefox
[01/09/2022 10:43:35] - |D| - [11810226] - C:\Program Files\PCHealthCheck
[14/06/2021 09:22:47] - |D| - [35377120] - C:\Program Files\Realtek
[12/06/2021 11:59:52] - |HD| - [0] - C:\Program Files\Uninstall Information
[12/06/2021 16:34:01] - |D| - [177217567] - C:\Program Files\VideoLAN
[07/12/2019 11:14:52] - |D| - [13853950] - C:\Program Files\Windows Defender
[07/12/2019 11:14:52] - |D| - [639488] - C:\Program Files\Windows Mail
[07/12/2019 16:53:03] - |D| - [4604350] - C:\Program Files\Windows Media Player
[07/12/2019 16:53:03] - |D| - [48536] - C:\Program Files\Windows Multimedia Platform
[07/12/2019 11:14:52] - |D| - [6403928] - C:\Program Files\Windows NT
[07/12/2019 16:53:03] - |D| - [6179784] - C:\Program Files\Windows Photo Viewer
[07/12/2019 16:53:03] - |D| - [48528] - C:\Program Files\Windows Portable Devices
[07/12/2019 11:14:52] - |D| - [112213] - C:\Program Files\Windows Security
[07/12/2019 11:14:52] - |SHD| - [0] - C:\Program Files\Windows Sidebar
[07/12/2019 11:14:52] - |HD| - [2952411842] - C:\Program Files\WindowsApps
[07/12/2019 11:14:52] - |D| - [2545983] - C:\Program Files\WindowsPowerShell

---------- | C:\Program Files (x86)\Common Files

[12/06/2021 16:51:54] - |D| - [3192536] - C:\Program Files (x86)\Common Files\Adobe
[07/12/2019 11:14:52] - |D| - [14761474] - C:\Program Files (x86)\Common Files\Microsoft Shared
[07/12/2019 11:14:52] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services
[07/12/2019 11:14:52] - |D| - [9573771] - C:\Program Files (x86)\Common Files\System

---------- | C:\Program Files\Common files

[01/09/2022 12:20:08] - |D| - [845509658] - C:\Program Files\Common files\Adobe
[01/09/2022 11:29:09] - |D| - [152152] - C:\Program Files\Common files\EPSON
[07/12/2019 11:14:52] - |D| - [34693429] - C:\Program Files\Common files\microsoft shared
[07/12/2019 11:14:52] - |D| - [2702] - C:\Program Files\Common files\Services
[07/12/2019 11:14:52] - |D| - [10581899] - C:\Program Files\Common files\System

---------- | Tasks

[MD5.FFBAEF523A48D7E8FCC4B7DE9D07E3A6] - [01/09/2022 11:29:13] - |A| - [951] - C:\Windows\Tasks\EPSON WF-2760 Series Update {47AF55B9-8E95-47EE-A3FA-BFB62C2029D9}.job
[MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [12/06/2021 11:58:53] - |AH| - [6] - C:\Windows\Tasks\SA.DAT
[MD5.C8FE39A7A0367D7219D5E7CB8E459F27] - [12/06/2021 16:54:51] - |A| - [4562] - C:\Windows\System32\Tasks\Adobe Acrobat Update Task         :   C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
[MD5.E5BDDCD682BF628275958C440DA232CE] - [01/09/2022 11:29:14] - |A| - [4150] - C:\Windows\System32\Tasks\EPSON WF-2760 Series Update {47AF55B9-8E95-47EE-A3FA-BFB62C2029D9}         :   C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSM1E.EXE
[MD5.6DAFA558E17D0AF539972B6B4789108E] - [12/06/2021 16:32:59] - |A| - [3466] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.73C320B7FA2213CAC0B3220FEC8C9C1B] - [12/06/2021 16:32:59] - |A| - [3590] - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA         :   C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.72FFFC56A44F3080D675F7784DB4D35B] - [30/08/2022 10:08:32] - |A| - [3100] - C:\Windows\System32\Tasks\iTop Screen Recorder SkipUAC (Compaq)         :   "C:\Program Files\iTop Screen Recorder\IScrRec.exe"
[MD5.897E97020EAFE73E9A550F35D93EF6AD] - [30/08/2022 10:09:52] - |A| - [3338] - C:\Windows\System32\Tasks\iTop Screen Recorder Startup         :   "C:\Program Files\iTop Screen Recorder\IScrRec.exe"
[MD5.ADD584CD343FC13185F85242C1DDDBDF] - [30/08/2022 10:08:32] - |A| - [3068] - C:\Windows\System32\Tasks\iTop Screen Recorder UAC         :   "C:\Program Files\iTop Screen Recorder\iScrInit.exe"
[MD5.5D3307AD178BF5ADC1259C26ED873C83] - [30/08/2022 10:08:28] - |A| - [3336] - C:\Windows\System32\Tasks\iTop Screen Recorder Update         :   "C:\Program Files\iTop Screen Recorder\AutoUpdate.exe"
[MD5.00000000000000000000000000000000] - [07/12/2019 11:14:52] - |D| - [620818] - C:\Windows\System32\Tasks\Microsoft
[MD5.92A1EA8C33A96FE433097D492935FF0B] - [12/06/2021 12:00:07] - |A| - [3566] - C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineCore         :   C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
[MD5.4A7EC2E2FFA050E4DF2FDF4EDEBF5C22] - [12/06/2021 12:00:08] - |A| - [3690] - C:\Windows\System32\Tasks\MicrosoftEdgeUpdateTaskMachineUA         :   C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
[MD5.00000000000000000000000000000000] - [29/08/2022 17:39:27] - |D| - [8528] - C:\Windows\System32\Tasks\Mozilla
[MD5.91825FA5DF6965C225881FCC00C45379] - [30/08/2022 10:10:22] - |A| - [3592] - C:\Windows\System32\Tasks\OneDrive Reporting Task-S-1-5-21-3945783615-3853108761-1058730989-1001         :   %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
[MD5.BE569B990FB05F3DDA6C1F4B08236EB4] - [12/06/2021 15:09:59] - |A| - [3382] - C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3945783615-3853108761-1058730989-1001         :   %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
[MD5.BF5AA3EC5F1D816486DABD678982C5EF] - [12/09/2022 10:04:18] - |A| - [3270] - C:\Windows\System32\Tasks\UsbFix Monitor         :   "C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe"
[MD5.00000000000000000000000000000000] - [07/12/2019 11:14:52] - |D| - [0] - C:\Windows\Syswow64\Tasks\Microsoft

---------- | Firewall

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]
"WiFiDirect-KM-Driver-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=System|Name=@wlansvc.dll,-37378|Desc=@wlansvc.dll,-37890|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=System|Name=@wlansvc.dll,-37379|Desc=@wlansvc.dll,-37891|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-In-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=System|Name=@wlansvc.dll,-37380|Desc=@wlansvc.dll,-37892|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"WiFiDirect-KM-Driver-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=System|Name=@wlansvc.dll,-37381|Desc=@wlansvc.dll,-37893|EmbedCtxt=@wlansvc.dll,-36865|TTK2_27=WFDKmDriver|
"DeliveryOptimization-TCP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE|
"DeliveryOptimization-UDP-In"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE|
"WirelessDisplay-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Out-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Out-UDP"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay|
"WirelessDisplay-Infra-In-TCP"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7250|App=%systemroot%\system32\CastSrv.exe|Name=@wifidisplay.dll,-10206|Desc=@wifidisplay.dll,-10207|EmbedCtxt=@wifidisplay.dll,-100|
"{60DC0692-D093-4A44-BC8E-FFA4B2B7D475}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Pay|Desc=Microsoft Pay|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-567501097-281763132-502764112-1855211022-3143306454-2372101908-561929011|EmbedCtxt=Microsoft Pay|Platform=2:6:2|Platform2=GTEQ|
"{8F52658E-B38B-4C3E-9872-A814E3E13569}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=NcsiUwpApp|Desc=NcsiUwpApp|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-138780814-3997110584-2874353029-2041838810-3659441231-3169655024-3643974355|EmbedCtxt=NcsiUwpApp|Platform=2:6:2|Platform2=GTEQ|
"{F0A05164-32D4-4043-98D7-4A2ACC4BA5FC}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar Plugin|Desc=Xbox Game Bar Plugin|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-1823635404-1364722122-2170562666-1762391777-2399050872-3465541734-3732476201|EmbedCtxt=Xbox Game Bar Plugin|Platform=2:6:2|Platform2=GTEQ|
"{AB5875A1-FDFE-43E0-A791-6519F514962B}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox TCUI|Desc=Xbox TCUI|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-2603511428-3224021693-1028932517-3941269705-3349582775-2312504883-4057327947|EmbedCtxt=Xbox TCUI|Platform=2:6:2|Platform2=GTEQ|
"{58009DDC-6AC0-4835-A977-064C1499AA26}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Cortana|Desc=Cortana|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-1880626798-2296700190-2192216202-2581987570-949377748-777141861-2889999867|EmbedCtxt=Cortana|Platform=2:6:2|Platform2=GTEQ|
"{A5C10B5A-C911-4A6D-B5E1-6E4A22D321D4}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Cortana|Desc=Cortana|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-1880626798-2296700190-2192216202-2581987570-949377748-777141861-2889999867|EmbedCtxt=Cortana|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{B9E01691-F7B9-409F-A9FC-F014D4E0F1B5}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar|Desc=Xbox Game Bar|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox Game Bar|Platform=2:6:2|Platform2=GTEQ|
"{13BF556D-27D6-4635-90AA-0D9AFB5A4730}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox Game Bar|Desc=Xbox Game Bar|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-1714399563-1326177402-2048222277-143663168-2151391019-765408921-4098702777|EmbedCtxt=Xbox Game Bar|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{34933326-61E8-4E8B-8102-F4CAB88C813C}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote for Windows 10|Desc=OneNote for Windows 10|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote for Windows 10|Platform=2:6:2|Platform2=GTEQ|
"{DEFC7407-EECD-40A1-BC36-54F6AADFC7DF}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote for Windows 10|Desc=OneNote for Windows 10|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote for Windows 10|Platform=2:6:2|Platform2=GTEQ|
"{2AB9050F-C530-4549-813D-959369185C70}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Store|Desc=Microsoft Store|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=Microsoft Store|Platform=2:6:2|Platform2=GTEQ|
"{79C86E1D-4FE0-49AA-9D0A-1CFE30965746}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Store|Desc=Microsoft Store|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=Microsoft Store|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE|
"{EFA195E7-A7A2-4B44-A7E3-3CF00E0D984D}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Edge|Desc=Microsoft Edge|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=Microsoft Edge|Platform=2:6:2|Platform2=GTEQ|
"{D0FEEC7F-2354-4B9E-A407-B7BB35F70574}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Edge|Desc=Microsoft Edge|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=Microsoft Edge|Platform=2:6:2|Platform2=GTEQ|
"{D79BF627-D959-44F9-BB2B-FAD82D1822FF}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4371-4379|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{1B952743-1CFB-4A1C-8F01-E72F252C55DA}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=4381-4389|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{06BDC923-D4D6-4235-A13F-ADB7F05DBE3B}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{230570BB-F16E-49AA-8F71-8ABEB5C28A7B}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=8088|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{BA94D673-65C8-41CC-80D0-97748A33A380}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=57621|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{9163750B-06E0-42DC-8B20-B9DF45279FE7}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort2_10=57621-57631|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{C041EC2D-F2ED-48F3-A92C-9126D217B171}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{FC2F01ED-30D6-4E09-94A7-BAEDE56AA26B}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|App=C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.193.898.0_x86__zpdnekdrzrea0\Spotify.exe|Name=Spotify Music|Desc=Spotify Music|EmbedCtxt={78E1CD88-49E3-476E-B926-580E596AD309}|
"{D5DCC2DA-7B66-4EF3-AC0C-72D705DEA590}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Spotify Music|Desc=Spotify Music|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-557819504-3144503769-3460048582-2468406004-2969798954-3397036932-4166026031|EmbedCtxt=Spotify Music|Platform=2:6:2|Platform2=GTEQ|
"{7E0C4EEC-A192-4005-A6DA-6EA4E67137C8}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe|Name=Microsoft Edge (mDNS-In)|Desc=Règle de trafic entrant pour Microsoft Edge pour autoriser le trafic mDNS.|EmbedCtxt=Microsoft Edge|
"{A0E8D6F0-1A35-497A-AEF5-F7127774A420}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome|
"{1AEF687A-AE16-48CD-B7C6-FB708192CFC8}"=v2.30|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ|
"{E7914198-6D86-4698-892E-07D99977B391}"=v2.30|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-3945783615-3853108761-1058730989-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ|





---------- | Control\Class

[HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760f-a5c8-4bfe-b314-d56a7b44a362}] : (DXGKrnl) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (SecurityAccelerator) [] -> @c_sslaccel.inf,%ClassName%;Security accelerators
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{2db15374-706e-4131-a0c7-d7c78eb0289a}] : (SystemRecovery) [] -> @c_fssystemrecovery.inf,%ClassDesc%;FS System recovery filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b648}] : (fvevol) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163c566-d381-4467-87bc-a65a18d5b649}] : (fvevol) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{3e3f0674-c83c-4558-bb26-9820e1eba5c5}] : (ContentScreener) [] -> @c_fscontentscreener.inf,%ClassDesc%;FS Content screener filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @c_mcx.inf,%ClassDesc%;Media Center Extenders
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48d3ebc4-4cf8-48ff-b869-9c68ad42eb9f}] : (Replication) [] -> @c_fsreplication.inf,%ClassDesc%;FS Replication filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @c_diskdrive.inf,%ClassDesc%;Disk drives
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @c_display.inf,%ClassDesc%;Display adapters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (FDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (HDC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @c_media.inf,%ClassDesc%;Sound, video and game controllers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4fc9541c-0fe6-4480-a4f6-9495a0d17cd2}] : (HidLineDisplay) [] -> @c_linedisplay.inf,%ClassName%;POS Line Display
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53487c23-680f-4585-acc3-1f10d6777e82}] : (SmrDisk) [] -> @c_smrdisk.inf,%ClassDesc%;Shingled magnetic recording disks
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53966cb1-4d46-4166-bf23-c522403cd495}] : (ScmDisk) [] -> @c_scmdisk.inf,%ClassDesc%;Persistent memory disks
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53b3cf03-8f5a-4788-91b6-d19ed9fcccbf}] : (SmrVolume) [] -> @c_smrvolume.inf,%ClassDesc%;Shingled magnetic recording volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53ccb149-e543-4c84-b6e0-bce4f6b7e806}] : (ScmVolume) [] -> @c_scmvolume.inf,%ClassDesc%;Storage Class Memory volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5989fce8-9cd0-467d-8a6a-5419e31529d4}] : (AudioProcessingObject) [] -> @c_apo.inf,%ClassDesc%;Audio Processing Objects (APOs)
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5aea001d-9372-4ed7-97f3-b79bf15a53c5}] : (OposLegacyDevice) [] -> @oposdrv.inf,%ClassName%;OPOS Legacy Device
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5c4c3332-344d-483c-8739-259e934c9cc8}] : (SoftwareComponent) [] -> @c_swcomponent.inf,%ClassDesc%;Software components
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5d1b9aaa-01e2-46af-849f-272b3f324c46}] : (FSFilterSystem) [] -> @c_fssystem.inf,%ClassDesc%;FS System filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{645ad99b-1344-4316-837a-08a3e73db222}] : (PerceptionSimulation) [] -> @PerceptionSimulationSixDof.inf,%ClassName%;Perception Simulation Controllers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6a0a8e78-bba6-4fc4-a709-1e33cd09d67e}] : (PhysicalQuotaManagement) [] -> @c_fsphysicalquotamgmt.inf,%ClassDesc%;FS Physical quota management filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6fae73b7-b735-4b50-a0da-0dc2484b1f1a}] : (BasicDisplay) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @c_volume.inf,%ClassDesc%;Storage volumes
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71aa14f8-6fad-4622-ad77-92bb9d7e6947}] : (ContinuousBackup) [] -> @c_fscontinuousbackup.inf,%ClassDesc%;FS Continuous backup filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{81c87465-de07-4efc-9d93-61e891d52fd2}] : (RdpVideoMiniport) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8503c911-a6c7-4919-8f79-5028f5866b0c}] : (QuotaManagement) [] -> @c_fsquotamgmt.inf,%ClassDesc%;FS Quota management filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{87ef9ad1-8f70-49ee-b215-ab1fcadcbe3c}] : (NetDriver) [] -> @c_netdriver.inf,%ClassDesc%;Universal Network Drivers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{89786ff1-9c12-402f-9c9e-17753c7f4375}] : (CopyProtection) [] -> @c_fscopyprotection.inf,%ClassDesc%;FS Copy protection filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a701c0-a511-42ff-aa6c-06dc0395576f}] : (Encryption) [] -> @c_fsencryption.inf,%ClassDesc%;FS Encryption filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{a3e32dba-ba89-4f17-8386-2d0127fbd4cc}] : (rdpbus) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b1d1a169-c54f-4379-81db-bee7d88d7454}] : (AntiVirus) [] -> @c_fsantivirus.inf,%ClassDesc%;FS Anti-virus filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b2728d24-ac56-42db-9e02-8edaf5db652f}] : (RDCamera) [] -> @rdcameradriver.inf,%ClassName%;Remote Desktop Camera devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{b86dff51-a31e-4bac-b3cf-e8cfe75c9fc2}] : (ActivityMonitor) [] -> @c_fsactivitymonitor.inf,%ClassDesc%;FS Activity monitor filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{ca3e7ab9-b4c3-4ae6-8251-579ef933890f}] : (Camera) [] -> @c_camera.inf,%ClassDesc%;Cameras
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{cdcf0939-b75b-4630-bf76-80f7ba655884}] : (CFSMetadataServer) [] -> @c_fscfsmetadataserver.inf,%ClassDesc%;FS CFS metadata server filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d02bc3da-0c8e-4945-9bd5-f1883c226c8c}] : (SecurityEnhancer) [] -> @c_fssecurityenhancer.inf,%ClassDesc%;FS Security enhancer filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d546500a-2aeb-45f6-9482-f4b1799c3177}] : (HSM) [] -> @c_fshsm.inf,%ClassDesc%;FS HSM filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d612553d-06b1-49ca-8938-e39ef80eb16f}] : (Holographic) [] -> @c_holographic.inf,%ClassName%;Mixed Reality devices
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e004269c-d387-4461-b955-25a64cfe23ce}] : (amdkmdag) [] -> 
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e55fa6f9-128c-4d04-abab-630c74b1453a}] : (Infrastructure) [] -> @c_fsinfrastructure.inf,%ClassDesc%;FS Infrastructure filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{e6f1aa1c-7f3b-4473-b2e8-c97d8ac71d53}] : (UCM) [] -> @c_ucm.inf,%ClassDesc%;USB Connector Managers
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f01a9d53-3ff6-48d2-9f97-c8a7004be10c}] : (ComputeAccelerator) [] -> @c_computeaccelerator.inf,%ClassDesc%;Compute accelerators
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f3586baf-b5aa-49b5-8d6c-0569284c639f}] : (Compression) [] -> @c_fscompression.inf,%ClassDesc%;FS Compression filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f75a86c0-10d8-4c3a-b233-ed60e4cdfaac}] : (Virtualization) [] -> @c_fsvirtualization.inf,%ClassDesc%;FS Virtualization filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{f8ecafa6-66d1-41a5-899b-66585d7216b7}] : (OpenFileBackup) [] -> @c_fsopenfilebackup.inf,%ClassDesc%;FS Open file backup filters
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{fe8f1572-c67a-48c0-bbac-0b5c6d66cafb}] : (Undelete) [] -> @c_fsundelete.inf,%ClassDesc%;FS Undelete filters
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)

---------- | Loaded modules (whitelist)

[01/09/2022 11:39:30] - (0.0.0.0) - ( -) - C:\Windows\System32\Drivers\CimFS.SYS
[07/12/2019 11:07:53] - (2.1.0.16) - (Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabit Ethernet Controller) - C:\Windows\System32\drivers\L1C63x64.sys
[06/11/2018 23:06:20] - (10.0.16299.31241) - (Realsil Semiconductor Corporation - RTS USB READER Driver) - C:\Windows\system32\Drivers\RtsUer.sys

---------- | LoadOrderGroup

Name: System Reserved - DriverEnabled: True - GroupOrder: 1 - Status: OK
Name: EMS - DriverEnabled: True - GroupOrder: 2 - Status: OK
Name: WdfLoadGroup - DriverEnabled: True - GroupOrder: 3 - Status: OK
Name: Boot Bus Extender - DriverEnabled: True - GroupOrder: 4 - Status: OK
Name: System Bus Extender - DriverEnabled: True - GroupOrder: 5 - Status: OK
Name: SCSI miniport - DriverEnabled: True - GroupOrder: 6 - Status: OK
Name: Port - DriverEnabled: True - GroupOrder: 7 - Status: OK
Name: Primary Disk - DriverEnabled: True - GroupOrder: 8 - Status: OK
Name: SCSI Class - DriverEnabled: True - GroupOrder: 9 - Status: OK
Name: SCSI CDROM Class - DriverEnabled: True - GroupOrder: 10 - Status: OK
Name: FSFilter Infrastructure - DriverEnabled: True - GroupOrder: 11 - Status: OK
Name: FSFilter System - DriverEnabled: True - GroupOrder: 12 - Status: OK
Name: FSFilter Bottom - DriverEnabled: True - GroupOrder: 13 - Status: OK
Name: FSFilter Copy Protection - DriverEnabled: True - GroupOrder: 14 - Status: OK
Name: FSFilter Security Enhancer - DriverEnabled: True - GroupOrder: 15 - Status: OK
Name: FSFilter Open File - DriverEnabled: True - GroupOrder: 16 - Status: OK
Name: FSFilter Physical Quota Management - DriverEnabled: True - GroupOrder: 17 - Status: OK
Name: FSFilter Virtualization - DriverEnabled: True - GroupOrder: 18 - Status: OK
Name: FSFilter Encryption - DriverEnabled: True - GroupOrder: 19 - Status: OK
Name: FSFilter Compression - DriverEnabled: True - GroupOrder: 20 - Status: OK
Name: FSFilter Imaging - DriverEnabled: True - GroupOrder: 21 - Status: OK
Name: FSFilter HSM - DriverEnabled: True - GroupOrder: 22 - Status: OK
Name: FSFilter Cluster File System - DriverEnabled: True - GroupOrder: 23 - Status: OK
Name: FSFilter System Recovery - DriverEnabled: True - GroupOrder: 24 - Status: OK
Name: FSFilter Quota Management - DriverEnabled: True - GroupOrder: 25 - Status: OK
Name: FSFilter Content Screener - DriverEnabled: True - GroupOrder: 26 - Status: OK
Name: FSFilter Continuous Backup - DriverEnabled: True - GroupOrder: 27 - Status: OK
Name: FSFilter Replication - DriverEnabled: True - GroupOrder: 28 - Status: OK
Name: FSFilter Anti-Virus - DriverEnabled: True - GroupOrder: 29 - Status: OK
Name: FSFilter Undelete - DriverEnabled: True - GroupOrder: 30 - Status: OK
Name: FSFilter Activity Monitor - DriverEnabled: True - GroupOrder: 31 - Status: OK
Name: FSFilter Top - DriverEnabled: True - GroupOrder: 32 - Status: OK
Name: Filter - DriverEnabled: True - GroupOrder: 33 - Status: OK
Name: Boot File System - DriverEnabled: True - GroupOrder: 34 - Status: OK
Name: Base - DriverEnabled: True - GroupOrder: 35 - Status: OK
Name: Pointer Port - DriverEnabled: True - GroupOrder: 36 - Status: OK
Name: Keyboard Port - DriverEnabled: True - GroupOrder: 37 - Status: OK
Name: Pointer Class - DriverEnabled: True - GroupOrder: 38 - Status: OK
Name: Keyboard Class - DriverEnabled: True - GroupOrder: 39 - Status: OK
Name: Video Init - DriverEnabled: True - GroupOrder: 40 - Status: OK
Name: Video - DriverEnabled: True - GroupOrder: 41 - Status: OK
Name: Video Save - DriverEnabled: True - GroupOrder: 42 - Status: OK
Name: File System - DriverEnabled: True - GroupOrder: 43 - Status: OK
Name: Streams Drivers - DriverEnabled: True - GroupOrder: 44 - Status: OK
Name: NDIS Wrapper - DriverEnabled: True - GroupOrder: 45 - Status: OK
Name: COM Infrastructure - DriverEnabled: True - GroupOrder: 46 - Status: OK
Name: Event Log - DriverEnabled: True - GroupOrder: 47 - Status: OK
Name: PerceptionGroup - DriverEnabled: True - GroupOrder: 48 - Status: OK
Name: ProfSvc_Group - DriverEnabled: True - GroupOrder: 49 - Status: OK
Name: AudioGroup - DriverEnabled: True - GroupOrder: 50 - Status: OK
Name: UIGroup - DriverEnabled: True - GroupOrder: 51 - Status: OK
Name: MS_WindowsLocalValidation - DriverEnabled: True - GroupOrder: 52 - Status: OK
Name: PlugPlay - DriverEnabled: True - GroupOrder: 53 - Status: OK
Name: Cryptography - DriverEnabled: True - GroupOrder: 54 - Status: OK
Name: PNP_TDI - DriverEnabled: True - GroupOrder: 55 - Status: OK
Name: NDIS - DriverEnabled: True - GroupOrder: 56 - Status: OK
Name: TDI - DriverEnabled: True - GroupOrder: 57 - Status: OK
Name: iSCSI - DriverEnabled: True - GroupOrder: 58 - Status: OK
Name: NetBIOSGroup - DriverEnabled: True - GroupOrder: 59 - Status: OK
Name: ShellSvcGroup - DriverEnabled: True - GroupOrder: 60 - Status: OK
Name: SchedulerGroup - DriverEnabled: True - GroupOrder: 61 - Status: OK
Name: SpoolerGroup - DriverEnabled: True - GroupOrder: 62 - Status: OK
Name: SmartCardGroup - DriverEnabled: True - GroupOrder: 63 - Status: OK
Name: NetworkProvider - DriverEnabled: True - GroupOrder: 64 - Status: OK
Name: MS_WindowsRemoteValidation - DriverEnabled: True - GroupOrder: 65 - Status: OK
Name: NetDDEGroup - DriverEnabled: True - GroupOrder: 66 - Status: OK
Name: Parallel arbitrator - DriverEnabled: True - GroupOrder: 67 - Status: OK
Name: Extended Base - DriverEnabled: True - GroupOrder: 68 - Status: OK
Name: PCI Configuration - DriverEnabled: True - GroupOrder: 69 - Status: OK
Name: MS Transactions - DriverEnabled: True - GroupOrder: 70 - Status: OK
Name: Core - DriverEnabled: False - GroupOrder: 71 - Status: OK
Name: Network - DriverEnabled: False - GroupOrder: 72 - Status: OK
Name: PNP Filter - DriverEnabled: False - GroupOrder: 73 - Status: OK
Name: System - DriverEnabled: False - GroupOrder: 74 - Status: OK
Name: Core Security Extensions - DriverEnabled: False - GroupOrder: 75 - Status: OK
Name: NetworkService - DriverEnabled: False - GroupOrder: 76 - Status: OK
Name: Hyper-V Parsers - DriverEnabled: False - GroupOrder: 77 - Status: OK
Name: Early-Launch - DriverEnabled: False - GroupOrder: 78 - Status: OK
Name: LocalService - DriverEnabled: False - GroupOrder: 79 - Status: OK

---------- | LoadOrderGroupServiceDependencies

LoadOrderGroup.Name="NetBIOSGroup" - Service.Name="RemoteAccess"
LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdfs"

---------- | LoadOrderGroupServiceMembers

LoadOrderGroup.Name="Event log" - Service.Name="AMD External Events Utility"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="AppIDSvc"
LoadOrderGroup.Name="AudioGroup" - Service.Name="AudioEndpointBuilder"
LoadOrderGroup.Name="AudioGroup" - Service.Name="Audiosrv"
LoadOrderGroup.Name="NetworkProvider" - Service.Name="BFE"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="BrokerInfrastructure"
LoadOrderGroup.Name="NetworkProvider" - Service.Name="Browser"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="DcomLaunch"
LoadOrderGroup.Name="PlugPlay" - Service.Name="DeviceInstall"
LoadOrderGroup.Name="TDI" - Service.Name="Dhcp"
LoadOrderGroup.Name="TDI" - Service.Name="Dnscache"
LoadOrderGroup.Name="TDI" - Service.Name="dot3svc"
LoadOrderGroup.Name="TDI" - Service.Name="DusmSvc"
LoadOrderGroup.Name="Event Log" - Service.Name="EventLog"
LoadOrderGroup.Name="AudioGroup" - Service.Name="FontCache"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="gpsvc"
LoadOrderGroup.Name="TDI" - Service.Name="icssvc"
LoadOrderGroup.Name="NetworkProvider" - Service.Name="LanmanWorkstation"
LoadOrderGroup.Name="TDI" - Service.Name="lmhosts"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="LSM"
LoadOrderGroup.Name="NetworkService" - Service.Name="MapsBroker"
LoadOrderGroup.Name="NetworkProvider" - Service.Name="mpssvc"
LoadOrderGroup.Name="iSCSI" - Service.Name="MSiSCSI"
LoadOrderGroup.Name="MS_WindowsRemoteValidation" - Service.Name="Netlogon"
LoadOrderGroup.Name="Cryptography" - Service.Name="NgcCtnrSvc"
LoadOrderGroup.Name="Cryptography" - Service.Name="NgcSvc"
LoadOrderGroup.Name="PlugPlay" - Service.Name="PlugPlay"
LoadOrderGroup.Name="Plugplay" - Service.Name="Power"
LoadOrderGroup.Name="profsvc_group" - Service.Name="ProfSvc"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcEptMapper"
LoadOrderGroup.Name="COM Infrastructure" - Service.Name="RpcSs"
LoadOrderGroup.Name="PlugPlay" - Service.Name="RtkAudioService"
LoadOrderGroup.Name="MS_WindowsLocalValidation" - Service.Name="SamSs"
LoadOrderGroup.Name="SmartCardGroup" - Service.Name="SCardSvr"
LoadOrderGroup.Name="SchedulerGroup" - Service.Name="Schedule"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="SENS"
LoadOrderGroup.Name="ShellSvcGroup" - Service.Name="ShellHWDetection"
LoadOrderGroup.Name="SpoolerGroup" - Service.Name="Spooler"
LoadOrderGroup.Name="profsvc_group" - Service.Name="SysMain"
LoadOrderGroup.Name="PlugPlay" - Service.Name="TabletInputService"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="Themes"
LoadOrderGroup.Name="ProfSvc_Group" - Service.Name="TrustedInstaller"
LoadOrderGroup.Name="AudioGroup" - Service.Name="VacSvc"
LoadOrderGroup.Name="SmartCardGroup" - Service.Name="WbioSrvc"
LoadOrderGroup.Name="TDI" - Service.Name="Wcmsvc"
LoadOrderGroup.Name="NetworkProvider" - Service.Name="WebClient"
LoadOrderGroup.Name="TDI" - Service.Name="WlanSvc"
LoadOrderGroup.Name="TDI" - Service.Name="wlpasvc"
LoadOrderGroup.Name="LocalService" - Service.Name="workfolderssvc"
LoadOrderGroup.Name="TDI" - Service.Name="WwanSvc"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="3ware"
LoadOrderGroup.Name="Core" - SystemDriver.Name="ACPI"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AcpiDev"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="acpiex"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="acpitime"
LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Acx01000"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ADP80XX"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="AFD"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="afunix"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="amdgpio2"
LoadOrderGroup.Name="Base" - SystemDriver.Name="amdi2c"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdK8"
LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdag"
LoadOrderGroup.Name="Video" - SystemDriver.Name="amdkmdap"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="AmdPPM"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsata"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdsbs"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="amdxata"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="arcsas"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="atapi"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="b06bdrv"
LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicDisplay"
LoadOrderGroup.Name="Video" - SystemDriver.Name="BasicRender"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="bcmfn2"
LoadOrderGroup.Name="Base" - SystemDriver.Name="Beep"
LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="bindflt"
LoadOrderGroup.Name="Network" - SystemDriver.Name="bowser"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="BthHFEnum"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BthMini"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHPORT"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="BTHUSB"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="bttflt"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="cdfs"
LoadOrderGroup.Name="SCSI CDROM Class" - SystemDriver.Name="cdrom"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="cht4iscsi"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="cht4vbd"
LoadOrderGroup.Name="File system" - SystemDriver.Name="CimFS"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="circlass"
LoadOrderGroup.Name="FSFilter HSM" - SystemDriver.Name="CldFlt"
LoadOrderGroup.Name="Filter" - SystemDriver.Name="CLFS"
LoadOrderGroup.Name="Core" - SystemDriver.Name="CNG"
LoadOrderGroup.Name="Base" - SystemDriver.Name="cnghwassist"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="CompositeBus"
LoadOrderGroup.Name="Base" - SystemDriver.Name="condrv"
LoadOrderGroup.Name="Network" - SystemDriver.Name="Dfsc"
LoadOrderGroup.Name="Video Init" - SystemDriver.Name="DXGKrnl"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="ebdrv"
LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorClass"
LoadOrderGroup.Name="SCSI Class" - SystemDriver.Name="EhStorTcgDrv"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="ErrDev"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="exfat"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="fastfat"
LoadOrderGroup.Name="FSFilter Encryption" - SystemDriver.Name="FileCrypt"
LoadOrderGroup.Name="FSFilter Bottom" - SystemDriver.Name="FileInfo"
LoadOrderGroup.Name="FSFilter Activity Monitor" - SystemDriver.Name="Filetrace"
LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="FltMgr"
LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="FsDepends"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="fvevol"
LoadOrderGroup.Name="Base" - SystemDriver.Name="genericusbfn"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="GPIOClx0101"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="HDAudBus"
LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidBth"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidi2c"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidinterrupt"
LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidIr"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hidspi"
LoadOrderGroup.Name="extended base" - SystemDriver.Name="HidUsb"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="HpSAMD"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hvservice"
LoadOrderGroup.Name="System" - SystemDriver.Name="HwNClx0101"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="hyperkbd"
LoadOrderGroup.Name="Video" - SystemDriver.Name="HyperVideo"
LoadOrderGroup.Name="Keyboard Port" - SystemDriver.Name="i8042prt"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iai2c"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2_BXT_P"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2_CNL"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSS2i_GPIO2_GLK"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C_BXT_P"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C_CNL"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSS2i_I2C_GLK"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="iaLPSSi_GPIO"
LoadOrderGroup.Name="Base" - SystemDriver.Name="iaLPSSi_I2C"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="iaStorAVC"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="iaStorV"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="ibbus"
LoadOrderGroup.Name="Base" - SystemDriver.Name="IndirectKmd"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="intelide"
LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="intelpep"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelpmax"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="intelppm"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="iorate"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="isapnp"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="ItSas35i"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="kdnic"
LoadOrderGroup.Name="Base" - SystemDriver.Name="KSecDD"
LoadOrderGroup.Name="Cryptography" - SystemDriver.Name="KSecPkg"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ksthunk"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="L1C"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="lltdio"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS2i"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SAS3i"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="LSI_SSS"
LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="luafv"
LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbhost"
LoadOrderGroup.Name="Base" - SystemDriver.Name="mausbip"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas2i"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasas35i"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="megasr"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="mlx4_bus"
LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Modem"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="mountmgr"
LoadOrderGroup.Name="network" - SystemDriver.Name="mpsdrv"
LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb"
LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb10"
LoadOrderGroup.Name="Network" - SystemDriver.Name="mrxsmb20"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsBridge"
LoadOrderGroup.Name="File system" - SystemDriver.Name="Msfs"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="msgpiowin32"
LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidkmdf"
LoadOrderGroup.Name="Base" - SystemDriver.Name="mshidumdf"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="msisadrv"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSKSSRV"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="MsLldp"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPCLOCK"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSPQM"
LoadOrderGroup.Name="Network" - SystemDriver.Name="MsQuic"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MSTEE"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="MTConfig"
LoadOrderGroup.Name="Network" - SystemDriver.Name="Mup"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="mvumis"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NativeWifiP"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="ndfltr"
LoadOrderGroup.Name="NDIS Wrapper" - SystemDriver.Name="NDIS"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisCap"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="NdisTapi"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Ndisuio"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="ndiswanlegacy"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ndproxy"
LoadOrderGroup.Name="NetBIOSGroup" - SystemDriver.Name="NetBIOS"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="NetBT"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="netvsc"
LoadOrderGroup.Name="File system" - SystemDriver.Name="Npfs"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="Ntfs"
LoadOrderGroup.Name="Base" - SystemDriver.Name="Null"
LoadOrderGroup.Name="Primary Disk" - SystemDriver.Name="nvdimm"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="nvraid"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="nvstor"
LoadOrderGroup.Name="Parallel arbitrator" - SystemDriver.Name="Parport"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="partmgr"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pci"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pciide"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="pcmcia"
LoadOrderGroup.Name="System Reserved" - SystemDriver.Name="pcw"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="pdc"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas2i"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="percsas3i"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="portcfg"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Processor"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="Psched"
LoadOrderGroup.Name="Streams Drivers" - SystemDriver.Name="RasAcd"
LoadOrderGroup.Name="Network" - SystemDriver.Name="rdbss"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="rdyboost"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFS"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="ReFSv1"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="RFCOMM"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="rhproxy"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="rspndr"
LoadOrderGroup.Name="Video" - SystemDriver.Name="s3cap"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="scfilter"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="sdbus"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="Serenum"
LoadOrderGroup.Name="Extended base" - SystemDriver.Name="Serial"
LoadOrderGroup.Name="Pointer Port" - SystemDriver.Name="sermouse"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid2"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SiSRaid4"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="SmartSAMD"
LoadOrderGroup.Name="Hyper-V Parsers" - SystemDriver.Name="spaceparser"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="spaceport"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="SpatialGraphFilter"
LoadOrderGroup.Name="Network" - SystemDriver.Name="srv2"
LoadOrderGroup.Name="Network" - SystemDriver.Name="srvnet"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stexstor"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="storahci"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="storflt"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="stornvme"
LoadOrderGroup.Name="FSFilter Quota Management" - SystemDriver.Name="storqosflt"
LoadOrderGroup.Name="Base" - SystemDriver.Name="storvsc"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="swenum"
LoadOrderGroup.Name="Video Init" - SystemDriver.Name="Synth3dVsc"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="Tcpip"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="tdx"
LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="Telemetry"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="terminpt"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="TPM"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="TsUsbGD"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="tunnel"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmCx0101"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmTcpciCx0101"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UcmUcsiCx0101"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="Ucx01000"
LoadOrderGroup.Name="Boot File System" - SystemDriver.Name="udfs"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="Ufx01000"
LoadOrderGroup.Name="Base" - SystemDriver.Name="UfxChipidea"
LoadOrderGroup.Name="Base" - SystemDriver.Name="ufxsynopsys"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="umbus"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="UmPass"
LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsChipidea"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="UrsCx01000"
LoadOrderGroup.Name="Base" - SystemDriver.Name="UrsSynopsys"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbccgp"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="usbcir"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbehci"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbhub"
LoadOrderGroup.Name="Base" - SystemDriver.Name="USBHUB3"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbohci"
LoadOrderGroup.Name="extended base" - SystemDriver.Name="usbprint"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbscan"
LoadOrderGroup.Name="Base" - SystemDriver.Name="usbuhci"
LoadOrderGroup.Name="Boot Bus Extender" - SystemDriver.Name="vdrvroot"
LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="VerifierExt"
LoadOrderGroup.Name="SCSI miniport" - SystemDriver.Name="vhdmp"
LoadOrderGroup.Name="Base" - SystemDriver.Name="vhf"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="Vid"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vmbus"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="VMBusHID"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgr"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="volmgrx"
LoadOrderGroup.Name="System Bus Extender" - SystemDriver.Name="vpci"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="vsmraid"
LoadOrderGroup.Name="SCSI Miniport" - SystemDriver.Name="VSTXRAID"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="vwififlt"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WacomPen"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarp"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="wanarpv6"
LoadOrderGroup.Name="FSFilter Virtualization" - SystemDriver.Name="wcifs"
LoadOrderGroup.Name="FSFilter Top" - SystemDriver.Name="wcnfs"
LoadOrderGroup.Name="Early-Launch" - SystemDriver.Name="WdBoot"
LoadOrderGroup.Name="WdfLoadGroup" - SystemDriver.Name="Wdf01000"
LoadOrderGroup.Name="FSFilter Anti-Virus" - SystemDriver.Name="WdFilter"
LoadOrderGroup.Name="base" - SystemDriver.Name="WdmCompanionFilter"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="WFPLWFS"
LoadOrderGroup.Name="FSFilter Infrastructure" - SystemDriver.Name="WIMMount"
LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRT"
LoadOrderGroup.Name="Core Security Extensions" - SystemDriver.Name="WindowsTrustedRTProxy"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinMad"
LoadOrderGroup.Name="PNP Filter" - SystemDriver.Name="WinVerbs"
LoadOrderGroup.Name="Extended Base" - SystemDriver.Name="WmiAcpi"
LoadOrderGroup.Name="FSFilter Compression" - SystemDriver.Name="Wof"
LoadOrderGroup.Name="PnP Filter" - SystemDriver.Name="WpdUpFltr"
LoadOrderGroup.Name="PNP_TDI" - SystemDriver.Name="ws2ifsl"
LoadOrderGroup.Name="base" - SystemDriver.Name="WudfPf"
LoadOrderGroup.Name="base" - SystemDriver.Name="WUDFRd"
LoadOrderGroup.Name="NDIS" - SystemDriver.Name="xboxgip"
LoadOrderGroup.Name="Base" - SystemDriver.Name="xinputhid"

---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service

S0 - [Kernel Driver] - 3ware () -> System32\drivers\3ware.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - ADP80XX () -> System32\drivers\ADP80XX.SYS - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdsata () -> System32\drivers\amdsata.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdsbs () -> System32\drivers\amdsbs.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - amdxata () -> System32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;QLogic Network Adapter VBD) -> System32\drivers\bxvbda.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - bttflt (@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter) -> System32\drivers\bttflt.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - cht4iscsi () -> System32\drivers\cht4sx64.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys - AcceptPause: False - AcceptStop: False
R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - HpSAMD () -> System32\drivers\HpSAMD.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - iaStorAVC (@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller) -> System32\drivers\iaStorAVC.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - intelide () -> System32\drivers\intelide.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - iorate (@%SystemRoot%\system32\drivers\iorate.sys,-101) -> system32\drivers\iorate.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - isapnp () -> System32\drivers\isapnp.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - ItSas35i () -> System32\drivers\ItSas35i.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - LSI_SAS () -> System32\drivers\lsi_sas.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - LSI_SSS () -> System32\drivers\lsi_sss.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasas () -> System32\drivers\megasas.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasas2i () -> System32\drivers\MegaSas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasas35i () -> System32\drivers\megasas35i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - megasr () -> System32\drivers\megasr.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - msisadrv () -> System32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - mvumis () -> System32\drivers\mvumis.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - nvdimm (@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver) -> System32\drivers\nvdimm.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - nvraid () -> System32\drivers\nvraid.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - nvstor () -> System32\drivers\nvstor.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pci (@pci.inf,%pci_svcdesc%;PCI Bus Driver) -> System32\drivers\pci.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pciide () -> System32\drivers\pciide.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - pcmcia () -> System32\drivers\pcmcia.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - percsas2i () -> System32\drivers\percsas2i.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - percsas3i () -> System32\drivers\percsas3i.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - pmem (@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver) -> System32\drivers\pmem.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - Ramdisk (Windows RAM Disk Driver) -> system32\DRIVERS\ramdisk.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - scmbus (@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver) -> System32\drivers\scmbus.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - SgrmAgent (@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001) -> system32\drivers\SgrmAgent.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - SiSRaid2 () -> System32\drivers\SiSRaid2.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - SiSRaid4 () -> System32\drivers\sisraid4.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - SmartSAMD () -> System32\drivers\SmartSAMD.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - stexstor () -> System32\drivers\stexstor.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - storvsc () -> System32\drivers\storvsc.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Telemetry (@intelta.inf,%Telemetry.SVCDESC%;Intel(R) Telemetry Service) -> System32\drivers\IntelTA.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volsnap (@%SystemRoot%\system32\drivers\volsnap.sys,-100) -> System32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volume (@volume.inf,%VolumeServiceDesc%;Volume driver) -> System32\drivers\volume.sys - AcceptPause: False - AcceptStop: True
S0 - [Kernel Driver] - vpci (@wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus) -> System32\drivers\vpci.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - vsmraid () -> System32\drivers\vsmraid.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys - AcceptPause: False - AcceptStop: False
S0 - [Kernel Driver] - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\wd\WdBoot.sys - AcceptPause: False - AcceptStop: False
R0 - [Kernel Driver] - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\wd\WdFilter.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Wof (Windows Overlay File System Filter Driver) -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - afunix (afunix) -> \SystemRoot\system32\drivers\afunix.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - bam (@%SystemRoot%\system32\drivers\bam.sys,-100) -> system32\drivers\bam.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - BasicDisplay () -> \SystemRoot\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_65ab9a260dbf7467\BasicDisplay.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - BasicRender () -> \SystemRoot\System32\DriverStore\FileRepository\basicrender.inf_amd64_df49c4daa6251397\BasicRender.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - CimFS () -> (?) - AcceptPause: False - AcceptStop: True
S1 - [Kernel Driver] - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys - AcceptPause: False - AcceptStop: False
R1 - [File System Driver] - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - DXGKrnl (LDDM Graphics Subsystem) -> \SystemRoot\System32\drivers\dxgkrnl.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - NdisCap (@%SystemRoot%\System32\drivers\ndiscap.sys,-5000) -> System32\drivers\ndiscap.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Vid () -> \SystemRoot\System32\drivers\Vid.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - bindflt (@%systemroot%\system32\drivers\bindflt.sys,-100) -> \SystemRoot\system32\drivers\bindflt.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - CldFlt (Windows Cloud Files Filter Driver) -> system32\drivers\cldflt.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - wanarp (@%systemroot%\system32\mprmsg.dll,-32011) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - wcifs (@%systemroot%\system32\drivers\wcifs.sys,-100) -> \SystemRoot\system32\drivers\wcifs.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - 1394ohci (@1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\1394ohci.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - AcpiDev (@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver) -> \SystemRoot\System32\drivers\AcpiDev.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - acpipagr (@acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver) -> \SystemRoot\System32\drivers\acpipagr.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - AcpiPmi (@acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver) -> \SystemRoot\System32\drivers\acpipmi.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - acpitime (@acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver) -> \SystemRoot\System32\drivers\acpitime.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Acx01000 (@%SystemRoot%\system32\drivers\Acx01000.sys,-1000) -> system32\drivers\Acx01000.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - amdgpio2 (@amdgpio2.inf,%GPIO.SvcDesc%;AMD GPIO Client Driver) -> \SystemRoot\System32\drivers\amdgpio2.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - amdi2c (@amdi2c.inf,%amdi2c.SVCDESC%;AMD I2C Controller Service) -> \SystemRoot\System32\drivers\amdi2c.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - AmdK8 (@cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver) -> \SystemRoot\System32\drivers\amdk8.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - amdkmdag () -> \SystemRoot\system32\DRIVERS\atikmdag.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - amdkmdap () -> \SystemRoot\system32\DRIVERS\atikmpag.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - AmdPPM (@cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver) -> \SystemRoot\System32\drivers\amdppm.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - AppID (@%systemroot%\system32\srpapi.dll,-100) -> system32\drivers\appid.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - AppleLowerFilter (@oem7.inf,%AppleLowerFilterDisplayName%;Apple Lower Filter Driver) -> \SystemRoot\System32\drivers\AppleLowerFilter.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - applockerfltr (@%systemroot%\system32\srpapi.dll,-102) -> system32\drivers\applockerfltr.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - AsyncMac (@%systemroot%\system32\mprmsg.dll,-32000) -> \SystemRoot\System32\drivers\asyncmac.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - bcmfn2 (@bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service) -> \SystemRoot\System32\drivers\bcmfn2.sys - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - bowser (@%systemroot%\system32\wkssvc.dll,-2001) -> system32\DRIVERS\bowser.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - BthA2dp (@microsoft_bluetooth_a2dp.inf,%BthA2dp.ServiceDescription%;Microsoft Bluetooth A2dp driver) -> \SystemRoot\System32\drivers\BthA2dp.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BthEnum (@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service) -> \SystemRoot\System32\drivers\BthEnum.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BthHFEnum (@microsoft_bluetooth_hfp.inf,%BTHHFENUM_DISPLAY_NAME%;Microsoft Bluetooth Hands-Free Profile driver) -> \SystemRoot\System32\drivers\bthhfenum.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BthLEEnum (@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver) -> \SystemRoot\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BthMini (@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver) -> \SystemRoot\System32\drivers\BTHMINI.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BTHMODEM (@mdmbtmdm.inf,%BthModem.DisplayName%;Bluetooth Modem Communications Driver) -> \SystemRoot\System32\drivers\bthmodem.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BTHPORT (@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver) -> \SystemRoot\System32\drivers\BTHport.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - BTHUSB (@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver) -> \SystemRoot\System32\drivers\BTHUSB.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - buttonconverter (@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices) -> \SystemRoot\System32\drivers\buttonconverter.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - CAD (@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver) -> \SystemRoot\System32\drivers\CAD.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - cht4vbd (@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver) -> \SystemRoot\System32\drivers\cht4vx64.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - circlass (@circlass.inf,%circlass.SVCDESC%;Consumer IR Devices) -> \SystemRoot\System32\drivers\circlass.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - CmBatt (@cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver) -> \SystemRoot\System32\drivers\CmBatt.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - CompositeBus (@compositebus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver) -> \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_7500cffa210c6946\CompositeBus.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - condrv (Console Driver) -> System32\drivers\condrv.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - dmvsc () -> \SystemRoot\System32\drivers\dmvsc.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - drmkaud (@wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers) -> \SystemRoot\System32\drivers\drmkaud.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - ErrDev (@errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver) -> \SystemRoot\System32\drivers\errdev.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - exfat (exFAT File System Driver) -> (?) - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - fastfat (FAT12/16/32 File System Driver) -> (?) - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - fdc (@fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver) -> \SystemRoot\System32\drivers\fdc.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - Filetrace (@%SystemRoot%\system32\drivers\filetrace.sys,-10001) -> system32\drivers\filetrace.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - flpydisk (@flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver) -> \SystemRoot\System32\drivers\flpydisk.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - FsDepends (@%SystemRoot%\system32\drivers\fsdepends.sys,-10001) -> System32\drivers\FsDepends.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - gencounter (@wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter) -> \SystemRoot\System32\drivers\vmgencounter.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - genericusbfn (@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class) -> \SystemRoot\System32\DriverStore\FileRepository\genericusbfn.inf_amd64_53931f0ae21d6d2c\genericusbfn.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - GPIOClx0101 (Microsoft GPIO Class Extension Driver) -> System32\Drivers\msgpioclx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - HdAudAddService (@hdaudio.inf,%UAAFunctionDriverForHdAudio.SvcDesc%;Microsoft 1.1 UAA Function Driver for High Definition Audio Service) -> \SystemRoot\System32\drivers\HdAudio.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - HDAudBus (@hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio) -> \SystemRoot\System32\drivers\HDAudBus.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - HidBatt (@hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver) -> \SystemRoot\System32\drivers\HidBatt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - HidBth (@hidbth.inf,%HIDBTH.SvcDesc%;Miniport IHM Microsoft Bluetooth) -> \SystemRoot\System32\drivers\hidbth.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - hidi2c (@hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver) -> \SystemRoot\System32\drivers\hidi2c.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - hidinterrupt (@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts) -> \SystemRoot\System32\drivers\hidinterrupt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - HidIr (@hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver) -> \SystemRoot\System32\drivers\hidir.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - hidspi (@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver) -> \SystemRoot\System32\drivers\hidspi.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - HidUsb (@input.inf,%HID.SvcDesc%;Microsoft HID Class Driver) -> \SystemRoot\System32\drivers\hidusb.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - HTTP (@%SystemRoot%\system32\drivers\http.sys,-1) -> system32\drivers\HTTP.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - hvservice (@%SystemRoot%\system32\drivers\hvservice.sys,-16) -> system32\drivers\hvservice.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - HwNClx0101 (Microsoft Hardware Notifications Class Extension Driver) -> System32\Drivers\mshwnclx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - hyperkbd () -> \SystemRoot\System32\drivers\hyperkbd.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - HyperVideo () -> \SystemRoot\System32\drivers\HyperVideo.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - i8042prt (@keyboard.inf,%i8042prt.SvcDesc%;i8042 Keyboard and PS/2 Mouse Port Driver) -> \SystemRoot\System32\drivers\i8042prt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iagpio (@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iagpio.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iai2c (@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller) -> \SystemRoot\System32\drivers\iai2c.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_GPIO2 (@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_GPIO2_BXT_P (@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_GPIO2_CNL (@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_CNL.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_GPIO2_GLK (@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_GPIO2_GLK.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_I2C (@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_I2C_BXT_P (@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C_BXT_P.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_I2C_CNL (@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C_CNL.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSS2i_I2C_GLK (@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2) -> \SystemRoot\System32\drivers\iaLPSS2i_I2C_GLK.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSSi_GPIO (@ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel(R) Serial IO GPIO Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iaLPSSi_I2C (@ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel(R) Serial IO I2C Controller Driver) -> \SystemRoot\System32\drivers\iaLPSSi_I2C.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - ibbus (@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver)) -> \SystemRoot\System32\drivers\ibbus.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - IndirectKmd (@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100) -> \SystemRoot\System32\drivers\IndirectKmd.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - IntcAzAudAddService (Service for Realtek HD Audio (WDM)) -> \SystemRoot\system32\drivers\RTKVHD64.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - intelpmax (@intelpmax.inf,%SvcDesc%;Intel(R) Dynamic Device Peak Power Manager Driver) -> \SystemRoot\System32\drivers\intelpmax.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - intelppm (@cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver) -> \SystemRoot\System32\drivers\intelppm.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - IpFilterDriver (@%systemroot%\system32\mprmsg.dll,-32013) -> system32\DRIVERS\ipfltdrv.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - IPMIDRV () -> \SystemRoot\System32\drivers\IPMIDrv.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - IPNAT (IP Network Address Translator) -> System32\drivers\ipnat.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - IPT () -> \SystemRoot\System32\drivers\ipt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - iScsiPrt (@iscsi.inf,%iScsiPortName%;iScsiPort Driver) -> \SystemRoot\System32\drivers\msiscsi.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - kbdclass (@keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver) -> \SystemRoot\System32\drivers\kbdclass.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - kbdhid (@keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver) -> \SystemRoot\System32\drivers\kbdhid.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - kdnic (@kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20)) -> \SystemRoot\System32\drivers\kdnic.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - ksthunk (Kernel Streaming Thunks) -> \SystemRoot\system32\drivers\ksthunk.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - L1C (@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller) -> \SystemRoot\System32\drivers\L1C63x64.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - mausbhost (@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver) -> \SystemRoot\System32\drivers\mausbhost.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - mausbip (@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver) -> \SystemRoot\System32\drivers\mausbip.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MbbCx (MBB Network Adapter Class Extension) -> system32\drivers\MbbCx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Microsoft_Bluetooth_AvrcpTransport (@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver) -> \SystemRoot\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - mlx4_bus (@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator) -> \SystemRoot\System32\drivers\mlx4_bus.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Modem () -> system32\drivers\modem.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - monitor (@monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service) -> \SystemRoot\System32\drivers\monitor.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - mouclass (@msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver) -> \SystemRoot\System32\drivers\mouclass.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - mouhid (@msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver) -> \SystemRoot\System32\drivers\mouhid.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - mpsdrv (@%SystemRoot%\system32\drivers\mpsdrv.sys,-23092) -> System32\drivers\mpsdrv.sys - AcceptPause: False - AcceptStop: True
S3 - [File System Driver] - MRxDAV (@%systemroot%\system32\webclnt.dll,-104) -> \SystemRoot\system32\drivers\mrxdav.sys - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - mrxsmb (@%systemroot%\system32\wkssvc.dll,-1002) -> system32\DRIVERS\mrxsmb.sys - AcceptPause: False - AcceptStop: True
R3 - [File System Driver] - mrxsmb20 (@%systemroot%\system32\wkssvc.dll,-1006) -> system32\DRIVERS\mrxsmb20.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - MsBridge (@%SystemRoot%\system32\bridgeres.dll,-1) -> System32\drivers\bridge.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - msgpiowin32 (@msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator) -> \SystemRoot\System32\drivers\msgpiowin32.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - mshidkmdf (@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100) -> \SystemRoot\System32\drivers\mshidkmdf.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - mshidumdf (@%SystemRoot%\system32\drivers\mshidumdf.sys,-100) -> \SystemRoot\System32\drivers\mshidumdf.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MSKSSRV (@ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy) -> \SystemRoot\System32\drivers\MSKSSRV.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MSPCLOCK (@ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy) -> \SystemRoot\System32\drivers\MSPCLOCK.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MSPQM (@ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy) -> \SystemRoot\System32\drivers\MSPQM.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - MsQuic (@%SystemRoot%\system32\drivers\msquic.sys,-1) -> system32\drivers\msquic.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - MsRPC () -> (?) - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MSTEE (@ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter) -> \SystemRoot\System32\drivers\MSTEE.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - MTConfig (@mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver) -> \SystemRoot\System32\drivers\MTConfig.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - NativeWifiP (@%SystemRoot%\System32\drivers\nwifi.sys,-101) -> system32\DRIVERS\nwifi.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - ndfltr (@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service) -> \SystemRoot\System32\drivers\ndfltr.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - NdisImPlatform (@%SystemRoot%\System32\drivers\ndisimplatform.sys,-501) -> System32\drivers\NdisImPlatform.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - NdisTapi (@%systemroot%\system32\mprmsg.dll,-32001) -> System32\DRIVERS\ndistapi.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - Ndisuio (NDIS Usermode I/O Protocol) -> system32\drivers\ndisuio.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - NdisVirtualBus (@%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200) -> \SystemRoot\System32\drivers\NdisVirtualBus.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - NdisWan (@%systemroot%\system32\mprmsg.dll,-32002) -> \SystemRoot\System32\drivers\ndiswan.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - ndiswanlegacy (@%systemroot%\system32\mprmsg.dll,-32014) -> System32\DRIVERS\ndiswan.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - NDKPing (NDKPing Driver) -> system32\drivers\NDKPing.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - ndproxy (@%SystemRoot%\system32\drivers\ndproxy.sys,-6000) -> System32\DRIVERS\NDProxy.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - NetAdapterCx (Network Adapter Wdf Class Extension Library) -> system32\drivers\NetAdapterCx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - netvsc () -> \SystemRoot\System32\drivers\netvsc.sys - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - Ntfs () -> (?) - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - Parport (@msports.inf,%Parport.SVCDESC%;Parallel port driver) -> \SystemRoot\System32\drivers\parport.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - PktMon (Packet Monitor Driver) -> system32\drivers\PktMon.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - PNPMEM (@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver) -> \SystemRoot\System32\drivers\pnpmem.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - portcfg () -> \SystemRoot\System32\drivers\portcfg.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - PptpMiniport (@%systemroot%\system32\mprmsg.dll,-32006) -> \SystemRoot\System32\drivers\raspptp.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - Processor (@cpu.inf,%Processor.SvcDesc%;Processor Driver) -> \SystemRoot\System32\drivers\processr.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - QWAVEdrv (@%SystemRoot%\system32\drivers\qwavedrv.sys,-1) -> \SystemRoot\system32\drivers\qwavedrv.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - RasAcd (Remote Access Auto Connection Driver) -> System32\DRIVERS\rasacd.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - RasAgileVpn (@netavpna.inf,%Svc-Mp-AgileVpn-DispName%;WAN Miniport (IKEv2)) -> \SystemRoot\System32\drivers\AgileVpn.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - Rasl2tp (@%systemroot%\system32\mprmsg.dll,-32005) -> \SystemRoot\System32\drivers\rasl2tp.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - RasPppoe (@%systemroot%\system32\mprmsg.dll,-32007) -> System32\DRIVERS\raspppoe.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - RasSstp (@%systemroot%\system32\sstpsvc.dll,-202) -> \SystemRoot\System32\drivers\rassstp.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - rdpbus (@rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver) -> \SystemRoot\System32\drivers\rdpbus.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - RDPDR (@%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100) -> System32\drivers\rdpdr.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - RdpVideoMiniport (Remote Desktop Video Miniport Driver) -> System32\drivers\rdpvideominiport.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - ReFS () -> (?) - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - ReFSv1 () -> (?) - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - RFCOMM (@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI)) -> \SystemRoot\System32\drivers\rfcomm.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - rhproxy (@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver) -> \SystemRoot\System32\drivers\rhproxy.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - RTSUER (@oem5.inf,%RtsUER%;Realtek USB Card Reader - UER) -> \SystemRoot\system32\Drivers\RtsUer.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - s3cap () -> \SystemRoot\System32\drivers\vms3cap.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - scfilter (@%SystemRoot%\System32\drivers\scfilter.sys,-11) -> System32\DRIVERS\scfilter.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - sdbus () -> \SystemRoot\System32\drivers\sdbus.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - SDFRd (@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector) -> \SystemRoot\System32\drivers\SDFRd.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - sdstor (@sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver) -> \SystemRoot\System32\drivers\sdstor.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - SerCx (Serial UART Support Library) -> system32\drivers\SerCx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - SerCx2 (Serial UART Support Library) -> system32\drivers\SerCx2.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Serenum (@msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver) -> \SystemRoot\System32\drivers\serenum.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Serial (@msports.inf,%Serial.SVCDESC%;Serial port driver) -> \SystemRoot\System32\drivers\serial.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - sermouse (@msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver) -> \SystemRoot\System32\drivers\sermouse.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - sfloppy (@flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive) -> \SystemRoot\System32\drivers\sfloppy.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - spaceparser (@%systemroot%\system32\drivers\spaceparser.sys,-1001) -> system32\drivers\spaceparser.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - SpatialGraphFilter (Holographic Spatial Graph Filter) -> System32\drivers\SpatialGraphFilter.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - SpbCx (Simple Peripheral Bus Support Library) -> system32\drivers\SpbCx.sys - AcceptPause: False - AcceptStop: False
R3 - [File System Driver] - srv2 (@%systemroot%\system32\srvsvc.dll,-104) -> System32\DRIVERS\srv2.sys - AcceptPause: False - AcceptStop: True
R3 - [File System Driver] - srvnet () -> System32\DRIVERS\srvnet.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - swenum (@swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver) -> \SystemRoot\System32\DriverStore\FileRepository\swenum.inf_amd64_16a14542b63c02af\swenum.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - Synth3dVsc () -> \SystemRoot\System32\drivers\Synth3dVsc.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Tcpip6 (@todo.dll,-100;Microsoft IPv6 Protocol Driver) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - terminpt (@termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver) -> \SystemRoot\System32\drivers\terminpt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - TPM (@tpm.inf,%TPM%;TPM) -> \SystemRoot\System32\drivers\tpm.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - TsUsbFlt (@%SystemRoot%\system32\drivers\tsusbflt.sys,-1000) -> system32\drivers\tsusbflt.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - TsUsbGD (@tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device) -> \SystemRoot\System32\drivers\TsUsbGD.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - tunnel (@%SystemRoot%\System32\drivers\tunnel.sys,-500) -> System32\drivers\tunnel.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - UASPStor (@uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver) -> \SystemRoot\System32\drivers\uaspstor.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - UcmCx0101 (USB Connector Manager KMDF Class Extension) -> System32\Drivers\UcmCx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UcmTcpciCx0101 (UCM-TCPCI KMDF Class Extension) -> System32\Drivers\UcmTcpciCx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UcmUcsiAcpiClient (@UcmUcsiAcpiClient.inf,%UcmUcsiAcpiClient.ServiceName%;UCM-UCSI ACPI Client) -> \SystemRoot\System32\drivers\UcmUcsiAcpiClient.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UcmUcsiCx0101 (UCM-UCSI KMDF Class Extension) -> System32\Drivers\UcmUcsiCx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Ucx01000 (USB Host Support Library) -> system32\drivers\ucx01000.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UdeCx (USB Device Emulation Support Library) -> system32\drivers\udecx.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UEFI (@uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver) -> \SystemRoot\System32\DriverStore\FileRepository\uefi.inf_amd64_c1628ffa62c8e54c\UEFI.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - Ufx01000 (USB Function Class Extension) -> system32\drivers\ufx01000.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UfxChipidea (@ufxchipidea.inf,%UfxChipidea.ServiceName%;USB Chipidea Controller) -> \SystemRoot\System32\DriverStore\FileRepository\ufxchipidea.inf_amd64_1c78775fffab6a0a\UfxChipidea.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - ufxsynopsys (@ufxsynopsys.inf,%ufxsynopsys.ServiceName%;USB Synopsys Controller) -> \SystemRoot\System32\drivers\ufxsynopsys.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - umbus (@umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver) -> \SystemRoot\System32\DriverStore\FileRepository\umbus.inf_amd64_b78a9c5b6fd62c27\umbus.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - UmPass (@umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver) -> \SystemRoot\System32\drivers\umpass.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UrsChipidea (@urschipidea.inf,%UrsChipidea.ServiceName%;Chipidea USB Role-Switch Driver) -> \SystemRoot\System32\DriverStore\FileRepository\urschipidea.inf_amd64_78ad1c14e33df968\urschipidea.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UrsCx01000 (USB Role-Switch Support Library) -> system32\drivers\urscx01000.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - UrsSynopsys (@urssynopsys.inf,%UrsSynopsys.ServiceName%;Synopsys USB Role-Switch Driver) -> \SystemRoot\System32\DriverStore\FileRepository\urssynopsys.inf_amd64_057fa37902020500\urssynopsys.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - usbaudio (@wdma_usb.inf,%USBAudio.SvcDesc%;USB Audio Driver (WDM)) -> \SystemRoot\system32\drivers\usbaudio.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - usbaudio2 (@usbaudio2.inf,%usbaudio2.SVCDESC%;USB Audio 2.0 Service) -> \SystemRoot\System32\drivers\usbaudio2.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - usbccgp (@usb.inf,%GenericParent.SvcDesc%;Pilote parent générique USB Microsoft) -> \SystemRoot\System32\drivers\usbccgp.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - usbcir (@usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR)) -> \SystemRoot\System32\drivers\usbcir.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - usbehci (@usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbehci.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - usbhub (@usbport.inf,%ROOTHUB.SvcDesc%;Pilote de concentrateur standard USB Microsoft) -> \SystemRoot\System32\drivers\usbhub.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - USBHUB3 (@usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub) -> \SystemRoot\System32\drivers\UsbHub3.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - usbohci (@usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbohci.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - usbprint (@usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class) -> \SystemRoot\System32\drivers\usbprint.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - usbscan (@sti.inf,%usbscan.SvcDesc%;Pilote de scanneur USB) -> \SystemRoot\System32\drivers\usbscan.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - usbser (@usbser.inf,%UsbSerial.DriverDesc%;Pilote série USB Microsoft) -> \SystemRoot\System32\drivers\usbser.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - USBSTOR (@usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver) -> \SystemRoot\System32\drivers\USBSTOR.SYS - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - usbuhci (@usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver) -> \SystemRoot\System32\drivers\usbuhci.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - USBXHCI (@usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller) -> \SystemRoot\System32\drivers\USBXHCI.SYS - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - vhdmp () -> \SystemRoot\System32\drivers\vhdmp.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - vhf (@hidvhf.inf,%VhfService%;Virtual HID Framework (VHF) Driver) -> \SystemRoot\System32\drivers\vhf.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - VirtualRender () -> \SystemRoot\System32\DriverStore\FileRepository\vrd.inf_amd64_81fbd405ff2470fc\vrd.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - VMBusHID () -> \SystemRoot\System32\drivers\VMBusHID.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - vmgid (@wvmgid.inf,%VmGid.SVCDESC%;Microsoft Hyper-V Guest Infrastructure Driver) -> \SystemRoot\System32\drivers\vmgid.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - vwifibus (@%SystemRoot%\System32\drivers\vwifibus.sys,-257) -> \SystemRoot\System32\drivers\vwifibus.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WacomPen (@hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver) -> \SystemRoot\System32\drivers\wacompen.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - wanarpv6 (@%systemroot%\system32\mprmsg.dll,-32012) -> System32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - wcnfs (@%systemroot%\system32\drivers\wcnfs.sys,-100) -> \SystemRoot\system32\drivers\wcnfs.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - wdiwifi (WDI Driver Framework) -> system32\DRIVERS\wdiwifi.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WdmCompanionFilter (@%SystemRoot%\system32\drivers\WdmCompanionFilter.sys,-1000) -> system32\drivers\WdmCompanionFilter.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WdNisDrv (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-370) -> system32\drivers\wd\WdNisDrv.sys - AcceptPause: False - AcceptStop: False
S3 - [File System Driver] - WIMMount (@%SystemRoot%\system32\drivers\wimmount.sys,-101) -> system32\drivers\wimmount.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WinMad (@mlx4_bus.inf,%WinMad.ServiceDesc%;WinMad Service) -> \SystemRoot\System32\drivers\winmad.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WinNat (@%SystemRoot%\system32\drivers\winnat.sys,-10001) -> system32\drivers\winnat.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WINUSB (@winusb.inf,%WINUSB_SvcName%;WinUsb Driver) -> \SystemRoot\System32\drivers\WinUSB.SYS - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WinVerbs (@mlx4_bus.inf,%WinVerbs.ServiceDesc%;WinVerbs Service) -> \SystemRoot\System32\drivers\winverbs.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - WmiAcpi (@wmiacpi.inf,%WMIMAP.SvcDesc%;Microsoft Windows Management Interface for ACPI) -> \SystemRoot\System32\drivers\wmiacpi.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - WpdUpFltr (@%systemroot%\System32\drivers\WpdUpFltr.sys,-100) -> System32\drivers\WpdUpFltr.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - WudfPf (@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000) -> system32\drivers\WudfPf.sys - AcceptPause: False - AcceptStop: False
R3 - [Kernel Driver] - WUDFRd (@%SystemRoot%\system32\drivers\WudfRd.sys,-1000) -> \SystemRoot\System32\drivers\WUDFRd.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - WUDFWpdFs (@wpdfs.inf,%WPDFS_SvcName%;Pilote du système de fichiers WPD) -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: True
R3 - [Kernel Driver] - WUDFWpdMtp () -> \SystemRoot\system32\DRIVERS\WUDFRd.sys - AcceptPause: False - AcceptStop: True
S3 - [Kernel Driver] - xboxgip (@xboxgip.inf,%XBOXGIP_Desc%;Xbox Game Input Protocol Driver) -> \SystemRoot\System32\drivers\xboxgip.sys - AcceptPause: False - AcceptStop: False
S3 - [Kernel Driver] - xinputhid (@xinputhid.inf,%xinputhid.SvcDesc%;XINPUT HID Filter Driver) -> \SystemRoot\System32\drivers\xinputhid.sys - AcceptPause: False - AcceptStop: False
R4 - [File System Driver] - cdfs (CD/DVD File System Reader) -> system32\DRIVERS\cdfs.sys - AcceptPause: False - AcceptStop: True
S4 - [Kernel Driver] - cnghwassist (@%SystemRoot%\system32\drivers\cnghwassist.sys,-100) -> System32\DRIVERS\cnghwassist.sys - AcceptPause: False - AcceptStop: False
S4 - [Kernel Driver] - hvcrash () -> \SystemRoot\System32\drivers\hvcrash.sys - AcceptPause: False - AcceptStop: False
S4 - [File System Driver] - udfs (udfs) -> system32\DRIVERS\udfs.sys - AcceptPause: False - AcceptStop: False
S4 - [Kernel Driver] - VerifierExt (@%SystemRoot%\System32\drivers\VerifierExt.sys,-1000) -> System32\drivers\VerifierExt.sys - AcceptPause: False - AcceptStop: False
S4 - [Kernel Driver] - ws2ifsl (@%systemroot%\System32\drivers\ws2ifsl.sys,-1000) -> \SystemRoot\system32\drivers\ws2ifsl.sys - AcceptPause: False - AcceptStop: False

---------- | System files (Microsoft|Avast|Atheros|Adaptec|Brother|Intel Files whitelisted)


---------- | Uninstall (Whitelist)

[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}] : (ccc-utility64.-.Advanced Micro Devices, Inc.) -> 
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-1036-1033-7760-BC15014EA700}] : (Adobe Acrobat DC (64-bit).-.Adobe) -> MsiExec.exe /I{AC76BA86-1036-1033-7760-BC15014EA700}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D1875373-FF1B-3CE7-AFDD-11D59D6C8AD0}] : (Google Chrome.-.Google LLC) -> MsiExec.exe /X{D1875373-FF1B-3CE7-AFDD-11D59D6C8AD0}
----------[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E7366CA8-7179-77AE-E712-BA18D70A0A07}] : (AMD Fuel.-.Advanced Micro Devices, Inc.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\EPSON PC-FAX Driver 2] : (Epson PC-FAX Driver.-.Seiko Epson Corporation) -> C:\Windows\system32\spool\DRIVERS\x64\3\EFXIJRMV.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\iTop Screen Recorder_is1] : (iTop Screen Recorder.-.iTop Inc.) -> "C:\Program Files\iTop Screen Recorder\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Microsoft Edge Update] : (Microsoft Edge Update.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{07326A3E-02B3-1078-25D7-B8666BA8FE15}] : (CCC Help Korean.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}] : (CCC Help Finnish.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{11087D24-567D-7D88-69C6-D7A08B5F4C47}] : (Catalyst Control Center - Branding.-.Advanced Micro Devices, Inc.) -> MsiExec.exe /I{11087D24-567D-7D88-69C6-D7A08B5F4C47}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1AD99E77-37CC-744E-39CA-67F6FD34565A}] : (Catalyst Control Center Localization All.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}] : (CCC Help English.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}] : (CCC Help French.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}] : (CCC Help Russian.-.Advanced Micro Devices, Inc.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A9B753-4B5D-46D8-A329-5CEF96FC22D2}] : (Epson Software Updater.-.Seiko Epson Corporation) -> MsiExec.exe /X{26A9B753-4B5D-46D8-A329-5CEF96FC22D2}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}] : (CCC Help Hungarian.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}] : (CCC Help Spanish.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}] : (CCC Help Chinese Standard.-.Advanced Micro Devices, Inc.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3EEBF9B9-FBD1-4717-8FFC-57E28D441132}] : (OpenOffice 4.1.10.-.Apache Software Foundation) -> MsiExec.exe /I{3EEBF9B9-FBD1-4717-8FFC-57E28D441132}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}] : (Catalyst Control Center InstallProxy.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}] : (CCC Help German.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}] : (CCC Help Chinese Traditional.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{82CA1714-13EA-F419-91FE-12834424745E}] : (CCC Help Italian.-.Advanced Micro Devices, Inc.) -> 
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}] : (Manuels EPSON.-.Seiko Epson Corporation) -> MsiExec.exe /I{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}] : (CCC Help Turkish.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}] : (CCC Help Swedish.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}] : (CCC Help Norwegian.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}] : (CCC Help Thai.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-0804-1033-1959-018244601013}] : (Adobe Refresh Manager.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-0804-1033-1959-018244601013}
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}] : (AMD Catalyst Control Center.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B839153C-D4D2-F89C-5033-0A160C62706B}] : (CCC Help Portuguese.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C1EA3764-1138-AE27-AD63-549BAD99BA15}] : (CCC Help Japanese.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}] : (CCC Help Czech.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}] : (CCC Help Dutch.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E817E580-6318-AFC8-2102-322C73117EC4}] : (CCC Help Polish.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F77474EE-EB6C-C87B-88AF-3310C848E068}] : (CCC Help Greek.-.Advanced Micro Devices, Inc.) -> 
----------[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}] : (CCC Help Danish.-.Advanced Micro Devices, Inc.) -> 

---------- | Ports 


---------- | Microsoft Specifications

CheckID: fr_FR0{AC76BA86-1036-1033-7760-BC15014EA700} - ENABLE_fr_FR="0" -> fr_FR
CheckID: fr_FR100{AC76BA86-1036-1033-7760-BC15014EA700} - ENABLE_fr_FR="1" -> fr_FR
CheckID: fr_FR102{AC76BA86-1036-1033-7760-BC15014EA700} - ENABLE_fr_FR="2" -> fr_FR
CheckID: AcroHelp_Professional0{AC76BA86-1036-1033-7760-BC15014EA700} - DISABLE_HELP="YES" -> AcroHelp_Professional
CheckID: AcrobatBrowserIntegration0{AC76BA86-1036-1033-7760-BC15014EA700} - DISABLE_BROWSER_INTEGRATION="YES" -> AcrobatBrowserIntegration
CheckID: AcrobatPDFIntegration0{AC76BA86-1036-1033-7760-BC15014EA700} - SETUP_PDF_INTEGRATION="NO" -> AcrobatPDFIntegration
CheckID: ThumbnailPreviewHandler1{AC76BA86-1036-1033-7760-BC15014EA700} - ADD_THUMBNAILPREVIEW="YES" -> ThumbnailPreviewHandler

---------- | CLSID (Whitelist)

[HKCR\CLSID\{043B13A3-C479-48AF-9E98-E9F08A411670}] - (.-.) - C:\Windows\SysWOW64\UpdateDeploymentProvider.dll   
[HKCR\CLSID\{15FD01A3-6E5D-4ECD-9EBD-1813CB3887A1}] - (.-.) - %windir%\system32\btpanui.dll   
[HKCR\CLSID\{179F3D56-1B0B-42B2-A962-59B7EF59FE1B}] - (.-.) - C:\Windows\SysWOW64\speech_onecore\engines\tts\MSTTSEngine_OneCore.dll   [01/09/2022 11:43:11]
[HKCR\CLSID\{181A38F4-6CE6-4edc-8DB0-6E5631963A1E}] - (.-.) - C:\Windows\SysWOW64\LocationFramework.dll   
[HKCR\CLSID\{1965FEA3-3896-438B-B789-F5981797E7E7}] - (.-.) - C:\Windows\SysWOW64\MapsBtSvcProxy.dll   
[HKCR\CLSID\{1CEBDE3E-6B91-484A-AF48-5E4F4ED6B1E1}] - (.-.) - C:\Windows\System32\dmscript.dll   
[HKCR\CLSID\{206FA6D0-A493-41FA-943D-3F655088F7B9}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{2781761E-28E0-4109-99FE-B9D127C57AFE}] - (.-.) - "C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2207.7-0\X86\MpOav.dll"   
[HKCR\CLSID\{2C5F9B72-7148-4D97-BFC9-68A0E076BEBD}] - (.-.) - C:\Windows\System32\dmscript.dll   
[HKCR\CLSID\{2FE8F810-B2A5-11d0-A787-0000F803ABFC}] - (.-.) - C:\Windows\system32\dplayx.dll   
[HKCR\CLSID\{363BE3C0-DDD4-4B21-BC6D-7E9DF8CE19CB}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{3F052B8E-512B-419D-9E06-9B9ADDC7118C}] - (.-.) - C:\Windows\SysWOW64\MapsCSP.dll   
[HKCR\CLSID\{4062C116-0270-11D3-8BCB-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll   
[HKCR\CLSID\{4108FA85-3586-11D3-8BD7-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll   
[HKCR\CLSID\{4516EC43-8F20-11D0-9B6D-0000C0781BC3}] - (.-.) - C:\Windows\system32\d3dxof.dll   
[HKCR\CLSID\{4EE17959-931E-49E4-A2C6-977ECF3628F3}] - (.-.) - C:\Windows\System32\dmscript.dll   
[HKCR\CLSID\{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}] - (.-.) - %windir%\system32\acppage.dll   
[HKCR\CLSID\{5DE7918B-BFD7-4C1E-B4E0-B16D0A3EA76B}] - (.-.) - C:\Windows\SysWOW64\AuthHostProxy.dll   
[HKCR\CLSID\{5EB699B3-9296-41BA-9258-DE70F03B7D6C}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{640167b4-59b0-47a6-b335-a6b3c0695aea}] - (.-.) - C:\Windows\system32\audiodev.dll   
[HKCR\CLSID\{663e1a94-a37e-4e8a-9e55-5354b2139790}] - (.-.) - C:\Windows\SysWOW64\EsclWiaDriver.dll   
[HKCR\CLSID\{79BA9E00-B6EE-11D1-86BE-00C04FBF8FEF}] - (.-.) - C:\Windows\System32\dmband.dll   
[HKCR\CLSID\{7E53D66F-70CE-41CD-97AF-ECB4FC7D0670}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.36.82\psmachine.dll   
[HKCR\CLSID\{810B5013-E88D-11D2-8BC1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll   
[HKCR\CLSID\{8685C4A9-D0E4-444C-87A0-D9FB858235A7}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{882BC1E4-C79E-475D-8CC7-CC8D112FDB17}] - (.-.) - C:\Windows\SysWOW64\RMSRoamingSecurity.dll   
[HKCR\CLSID\{95BD18C1-D7FB-4BD3-839A-1C37C90131B1}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{994B3B2F-2880-4318-A583-15C38A01F571}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{A020FAD9-D661-4857-AA43-E6A86FF1163E}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{A533BCB1-6D33-41FC-8C3B-63223FCCE9D2}] - (.-.) - C:\Program Files (x86)\Microsoft\EdgeUpdate\1.3.143.57\psmachine.dll   
[HKCR\CLSID\{A6098E79-9C50-4F87-8973-5FB4532C93D8}] - (.-.) - %windir%\system32\btpanui.dll   
[HKCR\CLSID\{A6B5068B-8F3E-4850-B5C8-B004AFE2B38B}] - (.-.) - C:\Program Files (x86)\Google\Update\1.3.36.132\psmachine.dll   
[HKCR\CLSID\{A82536D7-C8E6-4CEF-AA66-11E97EDDFC6D}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{A861C6E2-FCFC-11D2-8BC9-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll   
[HKCR\CLSID\{C05D20C2-15E5-4567-95C7-1546EF9C52F3}] - (.-.) - C:\Windows\SysWOW64\windows.applicationmodel.conversationalagent.proxystub.dll   [07/12/2019 11:09:11]
[HKCR\CLSID\{C5621364-87CC-4731-8947-929CAE75323E}] - (.-.) - %windir%\system32\F12\msdbg2.dll   
[HKCR\CLSID\{C64501F6-E6E6-451f-A150-25D0839BC510}] - (.-.) - C:\Windows\SysWOW64\speech\engines\tts\MSTTSEngine.dll   [01/09/2022 11:42:20]
[HKCR\CLSID\{C70EB77F-EFD4-4678-A27B-BF1648F30D04}] - (.-.) - C:\Windows\System32\dmscript.dll   
[HKCR\CLSID\{CDAEB70C-E686-4299-93EB-7D63D77B7F63}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{D1EB6D20-8923-11d0-9D97-00A0C90A43CB}] - (.-.) - C:\Windows\system32\dplayx.dll   
[HKCR\CLSID\{D2AC2894-B39B-11D1-8704-00600893B1BD}] - (.-.) - C:\Windows\System32\dmband.dll   
[HKCR\CLSID\{D3075F87-A7BD-4231-9F6A-60C5E07374A7}] - (.-.) - %windir%\system32\acppage.dll   
[HKCR\CLSID\{D6FCA954-F7AE-4EAC-8783-85F5E4ABD840}] - (.-.) - %windir%\system32\F12\pdmproxy100.dll   
[HKCR\CLSID\{D8E090A5-4149-467D-8103-BFB8F51E8BCB}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{DACE006F-9846-4D70-A0BE-6EF90FA99392}] - (.-.) - C:\Windows\SysWOW64\windows.applicationmodel.conversationalagent.internal.proxystub.dll   [07/12/2019 11:09:11]
[HKCR\CLSID\{e8cc4cbe-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll   
[HKCR\CLSID\{e8cc4cbf-fdff-11d0-b865-00a0c9081c1d}] - (.-.) - C:\Program Files\Common Files\System\Ole DB\msdaora.dll   
[HKCR\CLSID\{EBF2320A-2502-11D3-8BD1-00600893B1B6}] - (.-.) - C:\Windows\System32\dmscript.dll   
[HKCR\CLSID\{FA6C507D-A9AF-4385-86C0-80115F0AE20B}] - (.-.) - C:\Windows\SysWOW64\PerceptionSimulationExtensions.dll   
[HKCR\CLSID\{fdb00e52-a214-4aa1-8fba-4357bb0072ec}] - (.-.) - %windir%\system32\amsi.dll   

---------- | Installer

[HKCR\Installer\Products\085E718E81368CFA122023C23711E74C] : CCC Help Polish -> C:\Windows\Installer\{E817E580-6318-AFC8-2102-322C73117EC4}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\0D4A6A5A500250A2E212948580FC59DE] : CCC Help Norwegian -> C:\Windows\Installer\{A5A6A4D0-2005-2A05-2E21-495808CF95ED}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\0F76E360892CA2A8F06A481C35224A0E] : ccc-utility64 -> C:\Windows\Installer\{063E67F0-C298-8A2A-0FA6-84C15322A4E0}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\1D5F27E1E3559FFC603AC8A55F70DDC1] : CCC Help French -> C:\Windows\Installer\{1E72F5D1-553E-CFF9-06A3-8C5AF507DD1C}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\241A5D4605DBE627DEE92D05D8A2712E] : Catalyst Control Center InstallProxy -> C:\Windows\Installer\{64D5A142-BD50-726E-ED9E-D2508D2A17E2}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\357B9A62D5B48D643A92C5FE69CF222D] : Epson Software Updater -> C:\Windows\Installer\{26A9B753-4B5D-46D8-A329-5CEF96FC22D2}\icon.ico
[HKCR\Installer\Products\3735781DB1FF7EC3FADD115DD9C6A80D] : Google Chrome -> C:\Windows\Installer\{D1875373-FF1B-3CE7-AFDD-11D59D6C8AD0}\icon.ico
[HKCR\Installer\Products\37E58BB129D0A406A0FA7CAA5D3E3A6C] : CCC Help English -> C:\Windows\Installer\{1BB85E73-0D92-604A-0AAF-C7AAD5E3A3C6}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\3A56CBC8BA0456EDC21B99A7DB8ADF86] : CCC Help Turkish -> C:\Windows\Installer\{8CBC65A3-40AB-DE65-2CB1-997ABDA8FD68}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\3C1BCDF6CDE9CBC374C3DD58DEE54049] : CCC Help German -> C:\Windows\Installer\{6FDCB1C3-9EDC-3CBC-473C-DD85ED5E0494}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\4171AC28AE31914F19EF2138444247E5] : CCC Help Italian -> C:\Windows\Installer\{82CA1714-13EA-F419-91FE-12834424745E}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\42D78011D76588D7966C7D0AB8F5C474] : Catalyst Control Center - Branding -> C:\Windows\Installer\{11087D24-567D-7D88-69C6-D7A08B5F4C47}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\4673AE1C831172EADA3645B9DA99AB51] : CCC Help Japanese -> C:\Windows\Installer\{C1EA3764-1138-AE27-AD63-549BAD99BA15}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\59EBDD8FEBCD5B303595ED631041E612] : CCC Help Danish -> C:\Windows\Installer\{F8DDBE95-DCBE-03B5-5359-DE3601146E21}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\5E16E053C2C6C3F2A341E790A46B3D0A] : CCC Help Spanish -> C:\Windows\Installer\{350E61E5-6C2C-2F3C-3A14-7E094AB6D3A0}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\66122D971C874DA2407EDB22DB85DF64] : CCC Help Chinese Traditional -> C:\Windows\Installer\{79D22166-78C1-2AD4-04E7-BD22BD58FD46}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\68AB67CA408033019195102844060131] : Adobe Refresh Manager -> C:\Windows\Installer\{AC76BA86-0804-1033-1959-018244601013}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\68AB67CA630133017706CB5110E47A00] : Adobe Acrobat DC (64-bit) -> C:\Windows\Installer\{AC76BA86-1036-1033-7760-BC15014EA700}\_SC_Acrobat.ico
[HKCR\Installer\Products\68ADF0FAB7E6C6A1154D34FA0581E12D] : AMD Catalyst Control Center -> C:\Windows\Installer\{AF0FDA86-6E7B-1A6C-51D4-43AF50181ED2}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\72BCCFF8D2EEF85DA5DBDEC5609BE118] : CCC Help Swedish -> C:\Windows\Installer\{8FFCCB27-EE2D-D58F-5ABD-ED5C06B91E81}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\77E99DA1CC73E44793AC766FDF4365A5] : Catalyst Control Center Localization All -> C:\Windows\Installer\{1AD99E77-37CC-744E-39CA-67F6FD34565A}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\797ECA52ADBEB4E090F6F99EA7E1A2F6] : CCC Help Russian -> C:\Windows\Installer\{25ACE797-EBDA-0E4B-096F-9FE97A1E2A6F}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\8AC6637E9717EA777E21AB817DA0A070] : AMD Fuel -> C:\Windows\Installer\{E7366CA8-7179-77AE-E712-BA18D70A0A07}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\8BA31D3CA8644710D160BDA9EAA831B1] : CCC Help Czech -> C:\Windows\Installer\{C3D13AB8-468A-0174-1D06-DB9AAE8A131B}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\9B9FBEE31DBF7174F8CF752ED8441123] : OpenOffice 4.1.10 -> C:\Windows\Installer\{3EEBF9B9-FBD1-4717-8FFC-57E28D441132}\soffice.ico
[HKCR\Installer\Products\A748067A9D4CFE7E17F6706CBC6F1B74] : CCC Help Thai -> C:\Windows\Installer\{A760847A-C4D9-E7EF-716F-07C6CBF6B147}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\B1CCEC48FE121B14A919E327E4D5993D] : Manuels EPSON -> C:\Windows\Installer\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}\EPSMICO.ICO
[HKCR\Installer\Products\C0DBE580E42F49BED633A222FE465CFC] : CCC Help Finnish -> C:\Windows\Installer\{085EBD0C-F24E-EB94-6D33-2A22EF64C5CF}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\C351938B2D4DC98F0533A061C02607B6] : CCC Help Portuguese -> C:\Windows\Installer\{B839153C-D4D2-F89C-5033-0A160C62706B}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\C51E70D24A9A6D8D3D1729CE78975E78] : CCC Help Hungarian -> C:\Windows\Installer\{2D07E15C-A9A4-D8D6-D371-92EC8779E587}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\DED17A5318AD313153A2CEA8B072FDB3] : CCC Help Chinese Standard -> C:\Windows\Installer\{35A71DED-DA81-1313-352A-EC8A0B27DF3B}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\E3A623703B208701527D8B66B68AEF51] : CCC Help Korean -> C:\Windows\Installer\{07326A3E-02B3-1078-25D7-B8666BA8FE15}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\EE47477FC6BEB78C88FA33018C840E86] : CCC Help Greek -> C:\Windows\Installer\{F77474EE-EB6C-C87B-88AF-3310C848E068}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\F1796C091FBAFBF4DB89421FC4F5A54B] : Contrôle d’intégrité du PC Windows -> C:\Windows\Installer\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}\ArpIcon.ico
[HKCR\Installer\Products\F75D59AC3CF97DD0C76363F2478D0CE4] : CCC Help Dutch -> C:\Windows\Installer\{CA95D57F-9FC3-0DD7-7C36-362F74D8C04E}\ARPPRODUCTICON.exe

---------- | ADS


---------- | Drives


---------- | MBR


64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin

---------- | 20 LastEventLog

Le programme SearchApp.exe version 10.0.19041.1889 a cessé d'interagir avec Windows et a été fermé. Pour voir si plus d'informations sur le problème sont disponibles, vérifiez l'historique des problèmes dans le Panneau de configuration Sécurité et maintenance.
 ID de processus : 1f8c
 Heure de début : 01d8be55178c1b43
 Heure d'arrêt : 4294967295
 Chemin d'accès à l'application : C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
 ID de rapport : 6f16c10a-eb73-46f9-aab0-6fc5a770de07
 Nom complet du package défectueux : Microsoft.Windows.Search_1.14.6.19041_neutral_neutral_cw5n1h2txyewy
 ID de l'application relative à un package défectueux : ShellFeedsUI
 Type de blocage : Quiesce

------------

L’optimiseur de stockage n’a pas pu terminer réoptimisation sur (C:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A)
------------

Nom de l’application défaillante ADelRCP.exe, version : 22.1.20142.0, horodatage : 0x629bce6a
Nom du module défaillant : ucrtbase.dll, version : 10.0.19041.789, horodatage : 0x2bd748bf
Code d’exception : 0xc0000409
Décalage d’erreur : 0x0000000000071208
ID du processus défaillant : 0x1cc
Heure de début de l’application défaillante : 0x01d8bded28c57227
Chemin d’accès de l’application défaillante : C:\Program Files\Adobe\Acrobat DC\Acrobat\ADelRCP.exe
Chemin d’accès du module défaillant: C:\Windows\System32\ucrtbase.dll
ID de rapport : 337a8d22-c0e0-4813-af10-f9b8fb101f15
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

Nom de l’application défaillante splwow64.exe, version : 10.0.19041.1052, horodatage : 0xd4ce171b
Nom du module défaillant : ntdll.dll, version : 10.0.19041.1023, horodatage : 0x7977b9de
Code d’exception : 0xc0000374
Décalage d’erreur : 0x00000000000ff199
ID du processus défaillant : 0x2b5c
Heure de début de l’application défaillante : 0x01d8bde53f8e31ed
Chemin d’accès de l’application défaillante : C:\Windows\splwow64.exe
Chemin d’accès du module défaillant: C:\Windows\SYSTEM32\ntdll.dll
ID de rapport : 91f7a241-9fbb-4c15-a99e-c99a31fae764
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

Nom de l’application défaillante iScrPaint.exe, version : 3.0.0.938, horodatage : 0x62f34077
Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1023, horodatage : 0xcbf6f7d1
Code d’exception : 0xc0000409
Décalage d’erreur : 0x0012a6f2
ID du processus défaillant : 0x798
Heure de début de l’application défaillante : 0x01d8bc492f13d9b6
Chemin d’accès de l’application défaillante : C:\Program Files\iTop Screen Recorder\iScrPaint.exe
Chemin d’accès du module défaillant: C:\Windows\System32\KERNELBASE.dll
ID de rapport : d33d4088-903a-476e-a84e-78d4a75d6666
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

Nom de l’application défaillante iScrPaint.exe, version : 3.0.0.938, horodatage : 0x62f34077
Nom du module défaillant : KERNELBASE.dll, version : 10.0.19041.1023, horodatage : 0xcbf6f7d1
Code d’exception : 0xc0000409
Décalage d’erreur : 0x0012a6f2
ID du processus défaillant : 0x1a94
Heure de début de l’application défaillante : 0x01d8bc48cc8766c7
Chemin d’accès de l’application défaillante : C:\Program Files\iTop Screen Recorder\iScrPaint.exe
Chemin d’accès du module défaillant: C:\Windows\System32\KERNELBASE.dll
ID de rapport : 0c8bb8c0-9f4b-426f-954c-6dc45501cf00
Nom complet du package défaillant : 
ID de l’application relative au package défaillant : 
------------

L’optimiseur de stockage n’a pas pu terminer réoptimisation sur (C:) car : L’opération demandée n’est pas prise en charge par le matériel sous-jacent au volume. (0x8900002A)
------------

Le service Services de chiffrement n’a pas réussi à initialiser la base de données du catalogue. L’erreur ESENT était : -543.
------------

Catalog Database (2796,R,98) Catalog Database: La récupération/restauration de la base de données a échoué en raison d’une erreur inattendue -543.
------------

Catalog Database (2796,R,98) Catalog Database: La base de données C:\Windows\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb requiert les fichiers journaux 1-6 (C:\Windows\system32\CatRoot2\edb00001.log - C:\Windows\system32\CatRoot2\edb.log) pour récupérer. Le processus de récupération a seulement pu repérer les fichiers journaux à partir de 5(C:\Windows\system32\CatRoot2\edb00005.log).
------------

Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x800704CF
Arguments de la ligne de commande :
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=UserLogon;SessionId=2
------------

Échec de l’activation des licences (slui.exe) avec le code d’erreur suivant :
hr=0x800704CF
Arguments de la ligne de commande :
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2b1f36bb-c1cd-4306-bf5c-a0367c2d97d8;NotificationInterval=1440;Trigger=TimerEvent
------------

Erreur lors de la mise à jour du statut Windows Defender vers SECURITY_PRODUCT_STATE_ON.
------------

Le service Services de chiffrement n’a pas réussi à initialiser la base de données du catalogue. L’erreur ESENT était : -1409.
------------

Le service suivant a cessé de répondre de façon répétée aux demandes de contrôle de service : Windows Search

Contactez le fournisseur du service ou l’administrateur système pour savoir s’il convient de désactiver le service jusqu’à ce que le problème ait été identifié.

Vous serez peut-être amené à redémarrer l’ordinateur en mode sans échec pour pouvoir désactiver le service.
------------

Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service WSearch.
------------

Le pilote a détecté une erreur du contrôleur sur \Device\Harddisk3\DR10.
------------

Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service WSearch.
------------

Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la réponse transactionnelle du service WSearch.
------------


----------( EOF)---------- - 8891 | 11:12:18