¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ QuickDiag | g3n-h@ckm@n | 2_30.05.2016.1 ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤ XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ¤¤¤¤¤ - Start 01/06/2016 20:10:46 Updated 30/05/2016 | 20.00 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ [Quentin (Administrator)] - [JUSSI] SID = S-1-5-21-3236888767-1387239166-3031154320-1001 System : Windows 10 Home (64 bits) Core PC : ASUSTeK COMPUTER INC. - G771JW - ASUS-NotebookSKU Processor : X64 - 2594 Mhz - Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz Bios : American Megatrends Inc. - 02/02/2015 - V.G771JW.204 Boot: Normal boot CoreTemp : 63° C - Max : 103° C ---------- | CPU CPU #1 value:13 % CPU #2 value:7 % CPU #3 value:13 % CPU #4 value:1 % CPU #5 value:19 % CPU #6 value:7 % CPU #7 value:32 % CPU #8 value:1 % Total Overall CPU Usage value:12 % ---------- | Network isatap.home : SENT:0 bytes/sec / RECVD:0 bytes/sec SEND Maxium:336 bytes/sec, / RECEIVE Maximum:336 bytes/sec ----------> Quick Memory RAM = Total (MB) : 7503 | Free (MB) : 3442 Pagefile = Total (MB) : 11173 | Free (MB) : 5480 Virtual = Total (MB) : 4194 | Free (MB) : 3950 ¤¤¤¤¤¤¤¤¤¤ | Drives D:\ -> [Fixed] | [Data] | Total : 542.8 Go | Free : 394.76 Go -> NTFS [SATA] C:\ -> [Fixed] | [OS] | Total : 372.6 Go | Free : 93.05 Go -> NTFS [SATA] ¤¤¤¤¤¤¤¤¤¤ | Windows updates No detected update !!! Microsoft : + ¤¤¤¤¤¤¤¤¤¤ | Browsers IE : 11.0.10586.20 (© Microsoft Corporation. Tous droits réservés.) GC : 50.0.2661.102 (Copyright 2015 Google Inc.) Default : "C:\Program Files\Internet Explorer\iexplore.exe" %1 ¤¤¤¤¤¤¤¤¤¤ | FlashPlayer FlashPlayer ActiveX : 21.0.0.242 ¤¤¤¤¤¤¤¤¤¤ | Security AV : Windows Defender Enabled AS : Windows Defender Enabled AM : Malwarebytes' Anti-Malware ( 2.3.173.0) [Update : 11/09/2015 14:58:09] FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = Running AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ¤¤¤¤¤¤¤¤¤¤ | Running processes 428 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.10586.0) = C:\Windows\System32\smss.exe CPU Usage:0 % 716 | [Owner : | Parent : 580() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.10586.306) = C:\Windows\System32\wininit.exe CPU Usage:0 % 796 | [Owner : | Parent : 708() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.10586.306) = C:\Windows\System32\winlogon.exe CPU Usage:0 % 852 | [Owner : | Parent : 716(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.10586.71) = C:\Windows\System32\services.exe CPU Usage:0 % 860 | [Owner : | Parent : 716(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.10586.0) = C:\Windows\System32\lsass.exe CPU Usage:9 % 972 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 112 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 472 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 600 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1088 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1100 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1112 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1120 | [Owner : | Parent : 852(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 364.72.) - (8.17.13.6472) = C:\Windows\System32\nvvsvc.exe CPU Usage:0 % 1388 | [Owner : | Parent : 1120(nvvsvc.exe) | ?????] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.6472) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe CPU Usage:0 % 1396 | [Owner : | Parent : 1120(nvvsvc.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 364.72.) - (8.17.13.6472) = C:\Windows\System32\nvvsvc.exe CPU Usage:0 % 1512 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1776 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1824 | [Owner : | Parent : 852(services.exe) | ?????] - (.ASUSTek Computer Inc. - ASLDR Service.) - (1.0.81.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe CPU Usage:0 % 1884 | [Owner : | Parent : 852(services.exe) | ?????] - (.ASUS - GFNEXSrv.) - (1.0.11.1) = C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe CPU Usage:0 % 1892 | [Owner : | Parent : 852(services.exe) | ?????] - (.Intel Corporation - IntelCpHeciSvc Executable.) - (9.0.31.9000) = C:\Windows\SysWOW64\IntelCpHeciSvc.exe CPU Usage:0 % 1176 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.10586.122) = C:\Windows\System32\spoolsv.exe CPU Usage:0 % 2248 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 2256 | [Owner : | Parent : 852(services.exe) | ?????] - (.ASUSTek Computer Inc. - Driver MFT Service.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\ASUS Video DSP\DriverMFTService.exe CPU Usage:0 % 2268 | [Owner : | Parent : 852(services.exe) | ?????] - (.ASUS Cloud Corporation - Asus WebStorage Windows Service.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe CPU Usage:0 % 2296 | [Owner : | Parent : 852(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (7.1.2071.1338) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe CPU Usage:0 % 2376 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 2384 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 2392 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 2488 | [Owner : | Parent : 852(services.exe) | ?????] - (.Intel Corporation - Intel(R) Wireless Bluetooth(R) iBtSiva Service.) - (17.1.1531.1764) = C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe CPU Usage:0 % 2520 | [Owner : | Parent : 852(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Network Service.) - (2.4.13.69) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe CPU Usage:0 % 2540 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.9.10586.0) = C:\Program Files\Windows Defender\MsMpEng.exe CPU Usage:0 % 2556 | [Owner : | Parent : 852(services.exe) | ?????] - (.Razer Inc. - RzWizardService.) - (1.0.6.1000) = C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe CPU Usage:0 % 2820 | [Owner : | Parent : 852(services.exe) | ?????] - (.Adobe Systems Incorporated - Adobe Update Service.) - (3.5.0.205) = C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe CPU Usage:0 % 2828 | [Owner : | Parent : 852(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - (2.11.3.5) = C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe CPU Usage:0 % 2476 | [Owner : | Parent : 852(services.exe) | ?????] - (.Autodesk Inc. - Autodesk Application Manager.) - (5.0.142.5) = C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe CPU Usage:0 % 3996 | [Owner : | Parent : 1824(AsLdrSrv.exe) | ?????] - (.ASUSTek Computer Inc. - HControl.) - (1.0.83.4) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe CPU Usage:0 % 2244 | [Owner : | Parent : 4052(RAVCpl64.exe) | ?????] - (.Google Inc. - Google Crash Handler.) - (1.3.30.3) = C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe CPU Usage:0 % 2456 | [Owner : | Parent : 4052(RAVCpl64.exe) | ?????] - (.Google Inc. - Google Crash Handler.) - (1.3.30.3) = C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe CPU Usage:0 % 2012 | [Owner : Quentin | Parent : 1088(svchost.exe) | 15.9 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.10586.0) = C:\Windows\System32\sihost.exe CPU Usage:0 % 160 | [Owner : | Parent : 3996(HControl.exe) | ?????] - (.ASUSTek Computer Inc. - KBFiltr.) - (1.0.67.1) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe CPU Usage:0 % 4396 | [Owner : Quentin | Parent : 972(svchost.exe) | 5.96 Mo] - (.Microsoft Corporation - Reminders WinRT OOP Server.) - (10.0.10586.306) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe CPU Usage:0 % 4408 | [Owner : Quentin | Parent : 972(svchost.exe) | 40.38 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.10586.0) = C:\Windows\System32\RuntimeBroker.exe CPU Usage:0 % 4460 | [Owner : Quentin | Parent : 972(svchost.exe) | 5.41 Mo] - (.-.) - (10.1.2123.36) = C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe CPU Usage:0 % 4504 | [Owner : Quentin | Parent : 4480() | 113.19 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.10586.306) = C:\Windows\explorer.exe CPU Usage:0 % 4548 | [Owner : Quentin | Parent : 3496() | 2.24 Mo] - (.ASUSTek Computer Inc. - ATK Media.) - (2.0.20.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe CPU Usage:0 % 4556 | [Owner : Quentin | Parent : 3644() | 2.76 Mo] - (.ASUSTek Computer Inc. - ATKOSD2.) - (7.0.31.1) = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe CPU Usage:0 % 4852 | [Owner : Quentin | Parent : 972(svchost.exe) | 51.79 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.10586.306) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe CPU Usage:0 % 5036 | [Owner : Quentin | Parent : 972(svchost.exe) | 34.52 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.10586.306) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe CPU Usage:0 % 5076 | [Owner : Quentin | Parent : 1088(svchost.exe) | 12.11 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.10586.0) = C:\Windows\System32\taskhostw.exe CPU Usage:0 % 3852 | [Owner : Quentin | Parent : 1088(svchost.exe) | 1.53 Mo] - (.ASUS - ACMON.) - (1.0.8.0) = C:\Program Files (x86)\ASUS\Splendid\ACMON.exe CPU Usage:0 % 4156 | [Owner : | Parent : 852(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) - (7.1.2071.1338) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe CPU Usage:0 % 4140 | [Owner : Quentin | Parent : 1088(svchost.exe) | 1.38 Mo] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) - (4.0.2.0) = C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe CPU Usage:0 % 5664 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.10586.0) = C:\Windows\System32\SearchIndexer.exe CPU Usage:0 % 5712 | [Owner : Quentin | Parent : 852(services.exe) | 25.93 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 5688 | [Owner : Quentin | Parent : 6140(AsusTPCenter.exe) | 14.9 Mo] - (.NVIDIA Corporation - NVIDIA Backend.) - (20.16.5.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe CPU Usage:0 % 7124 | [Owner : Quentin | Parent : 972(svchost.exe) | 6.62 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.10586.306) = C:\Windows\System32\SettingSyncHost.exe CPU Usage:0 % 1620 | [Owner : Quentin | Parent : 1388(nvxdsync.exe) | 7.21 Mo] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.6472) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe CPU Usage:0 % 1812 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Network Realtime Inspection Service.) - (4.9.10586.0) = C:\Program Files\Windows Defender\NisSrv.exe CPU Usage:0 % 3096 | [Owner : Quentin | Parent : 4504(explorer.exe) | 15.6 Mo] - (.Microsoft Corporation - Microsoft OneDrive.) - (17.3.6390.509) = C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\OneDrive.exe CPU Usage:0 % 4052 | [Owner : Quentin | Parent : 1088(svchost.exe) | 2.11 Mo] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) - (1.0.0.961) = C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe CPU Usage:0 % 6916 | [Owner : Quentin | Parent : 972(svchost.exe) | 6.41 Mo] - (.NVIDIA Corporation - NVIDIA Capture Server.) - (2.11.3.5) = C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe CPU Usage:0 % 2336 | [Owner : Quentin | Parent : 4504(explorer.exe) | 17.75 Mo] - (.Scarlet.Crush Productions - ScpToolkit Tray Notifications.) - (1.6.205.15349) = C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe CPU Usage:0 % 7312 | [Owner : Quentin | Parent : 4308() | 3.55 Mo] - (.- ASUS ROG Gaming Mouse hid.) - (1.0.0.1) = C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe CPU Usage:0 % 7340 | [Owner : Quentin | Parent : 4308() | 8.75 Mo] - (.Razer Inc. - Razer Wizard.) - (1.0.6.1000) = C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe CPU Usage:0 % 7556 | [Owner : Quentin | Parent : 972(svchost.exe) | 16.73 Mo] - (.Microsoft Corporation - Microsoft Office Document Cache Sync Client Interface.) - (16.0.6868.2067) = C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE CPU Usage:0 % 7832 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Office Click-to-Run.) - (16.0.6828.1019) = C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe CPU Usage:0 % 3576 | [Owner : Quentin | Parent : 5236() | 1.3 Mo] - (.AsusTek - ASUS Smart Gesture Loader.) - (1.0.47.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe CPU Usage:0 % 7948 | [Owner : Quentin | Parent : 3032() | 0.82 Mo] - (.AsusTek - ASUS Smart Gesture Helper.) - (1.0.22.0) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe CPU Usage:0 % 7336 | [Owner : | Parent : 852(services.exe) | ?????] - (.WildTangent - WildTangent Games App Integration Service.) - (4.0.34.25) = C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe CPU Usage:0 % 6704 | [Owner : | Parent : 852(services.exe) | ?????] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (10.0.28.1000) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe CPU Usage:0 % 7392 | [Owner : | Parent : 852(services.exe) | ?????] - (.Intel Corporation - Intel(R) Local Management Service.) - (10.0.28.1000) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe CPU Usage:0 % 11668 | [Owner : Quentin | Parent : 8940() | 13.27 Mo] - (.Blizzard Entertainment - Battle.net Update Agent.) - (2.5.6.4949) = C:\ProgramData\Battle.net\Agent\Agent.4949\Agent.exe CPU Usage:0 % 12192 | [Owner : Quentin | Parent : 11668(Agent.exe) | 2.34 Mo] - (.Microsoft Corporation - Console Window Host.) - (10.0.10586.0) = C:\Windows\System32\conhost.exe CPU Usage:0 % 12128 | [Owner : Quentin | Parent : 12020() | 74 Mo] - (.Blizzard Entertainment - Battle.net desktop app.) - (1.4.1.7348) = C:\Program Files (x86)\Battle.net\Battle.net.7348\Battle.net.exe CPU Usage:0 % 12232 | [Owner : Quentin | Parent : 12128(Battle.net.exe) | 35.16 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\Battle.net\Battle.net.7348\Battle.net Helper.exe CPU Usage:2 % 8464 | [Owner : Quentin | Parent : 3024() | 19.26 Mo] - (.ASUS Cloud Corporation - .) - (1.0.0.0) = C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe CPU Usage:0 % 3368 | [Owner : Quentin | Parent : 4504(explorer.exe) | 6.95 Mo] - (.Microsoft Corporation - Outil Capture d’écran.) - (10.0.10586.0) = C:\Windows\System32\SnippingTool.exe CPU Usage:0 % 3396 | [Owner : Quentin | Parent : 3104() | 0.62 Mo] - (.Microsoft Corporation - Dism Host Servicing Process.) - (10.0.10586.0) = C:\Users\Quentin\AppData\Local\Temp\ACBEA4CE-2F74-4E54-AA85-62EB20555A2A\DismHost.exe CPU Usage:0 % 1052 | [Owner : Quentin | Parent : 9616() | 3.82 Mo] - (.Google - Google Drive.) - (1.30.2170.459) = C:\Program Files (x86)\Google\Drive\googledrivesync.exe CPU Usage:0 % 8360 | [Owner : Quentin | Parent : 1052(googledrivesync.exe) | 34.85 Mo] - (.Google - Google Drive.) - (1.30.2170.459) = C:\Program Files (x86)\Google\Drive\googledrivesync.exe CPU Usage:0 % 9260 | [Owner : | Parent : 2296(NvStreamService.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Streamer User Agent.) - (7.1.2071.1338) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe CPU Usage:0 % 7100 | [Owner : | Parent : 9260(NvStreamUserAgent.exe) | ?????] - (.Microsoft Corporation - Console Window Host.) - (10.0.10586.0) = C:\Windows\System32\conhost.exe CPU Usage:0 % 6140 | [Owner : Quentin | Parent : 3576(AsusTPLoader.exe) | 1.46 Mo] - (.AsusTek - ASUS Smart Gesture Center.) - (1.0.0.84) = C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe CPU Usage:0 % 2504 | [Owner : Quentin | Parent : 4504(explorer.exe) | 143.32 Mo] - (.Google Inc. - Google Chrome.) - (50.0.2661.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:1 % 8112 | [Owner : Quentin | Parent : 2504(chrome.exe) | 5.71 Mo] - (.Google Inc. - Google Chrome.) - (50.0.2661.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:0 % 5292 | [Owner : Quentin | Parent : 2504(chrome.exe) | 88.31 Mo] - (.Google Inc. - Google Chrome.) - (50.0.2661.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:2 % 5512 | [Owner : Quentin | Parent : 2504(chrome.exe) | 120.02 Mo] - (.Google Inc. - Google Chrome.) - (50.0.2661.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:0 % 7016 | [Owner : Quentin | Parent : 2504(chrome.exe) | 628.7 Mo] - (.Google Inc. - Google Chrome.) - (50.0.2661.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:0 % 8840 | [Owner : Quentin | Parent : 2504(chrome.exe) | 193.58 Mo] - (.Google Inc. - Google Chrome.) - (50.0.2661.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:0 % 3596 | [Owner : Quentin | Parent : 12128(Battle.net.exe) | 43.74 Mo] - (.-.) - (0.0.0.0) = C:\Program Files (x86)\Battle.net\Battle.net.7348\Battle.net Helper.exe CPU Usage:0 % 11344 | [Owner : Quentin | Parent : 1088(svchost.exe) | 11.38 Mo] - (.ASUSTeK Computer Inc. - ASUS Live Update.) - (3.3.4.0) = C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe CPU Usage:0 % 5400 | [Owner : | Parent : 1112(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.10586.218) = C:\Windows\System32\audiodg.exe CPU Usage:0 % 6020 | [Owner : Quentin | Parent : 2504(chrome.exe) | 223.16 Mo] - (.Google Inc. - Google Chrome.) - (50.0.2661.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:4 % 3292 | [Owner : Quentin | Parent : 11896() | 3.47 Mo] - (.Microsoft Corporation - Interpréteur de commandes Windows.) - (10.0.10586.0) = C:\Windows\SysWOW64\cmd.exe CPU Usage:0 % 1240 | [Owner : Quentin | Parent : 3292(cmd.exe) | 9.83 Mo] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) - (1.9.3.0) = C:\Users\Quentin\AppData\Local\Akamai\netsession_win.exe CPU Usage:0 % 6332 | [Owner : Quentin | Parent : 1240(netsession_win.exe) | 19.74 Mo] - (.Akamai Technologies, Inc. - Akamai NetSession Client.) - (1.9.3.0) = C:\Users\Quentin\AppData\Local\Akamai\netsession_win.exe CPU Usage:0 % 2060 | [Owner : | Parent : 852(services.exe) | ?????] - (.Adobe Systems, Incorporated - AGS Service.) - (2.6.0.81) = C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe CPU Usage:0 % 2944 | [Owner : Quentin | Parent : 2504(chrome.exe) | 138.48 Mo] - (.Google Inc. - Google Chrome.) - (50.0.2661.102) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:0 % 9128 | [Owner : | Parent : 5664(SearchIndexer.exe) | ?????] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.10586.0) = C:\Windows\System32\SearchProtocolHost.exe CPU Usage:0 % 5884 | [Owner : Système | Parent : 5664(SearchIndexer.exe) | 5.55 Mo] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.10586.0) = C:\Windows\System32\SearchFilterHost.exe CPU Usage:0 % 1612 | [Owner : Quentin | Parent : 4504(explorer.exe) | 34.06 Mo] - (.SosVirus - QuickDiag.) - (30.5.2016.1) = C:\Users\Quentin\Desktop\QuickDiag.exe CPU Usage:0 % 8956 | [Owner : | Parent : 852(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % ¤¤¤¤¤¤¤¤¤¤ | MD5 [MD5.2617877C5761B8A696FD0368861EE6E4] - [11/05/2016 19:57:31] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4409.43 Ko] - (10.0.10586.306) : C:\WINDOWS\Explorer.exe [MD5.41E25E514D90E9C8BC570484DBAFF62B] - [30/10/2015 09:17:49] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [228.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\cmd.exe [MD5.3E7CCD0F507877C50078205667CE8133] - [30/10/2015 09:18:03] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [17.72 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\csrss.exe [MD5.9513834DAC717444F04169EA5D120885] - [30/10/2015 09:17:51] - (.© Microsoft Corporation. - COM Surrogate.) - [18.34 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\dllhost.exe [MD5.1C9C6933A94C594DE7366124B4DD6075] - [30/10/2015 09:17:46] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [689.05 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Kernel32.dll [MD5.889459F1FDDC5EC58B437AA6C436F33F] - [30/10/2015 09:18:03] - (.© Microsoft Corporation. - Local Security Authority Process.) - [56.55 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\lsass.exe [MD5.B339861C6A2A86FBCA67C2006B461473] - [30/10/2015 09:17:51] - (.© Microsoft Corporation. - Distributed COM Services.) - [883.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\rpcss.dll [MD5.0DCB89B1F3689BC6262FF30BBD603171] - [30/10/2015 09:18:14] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [58 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\rundll32.exe [MD5.6FF8248F3A9D69A095C7F3F42BC29CB2] - [28/01/2016 16:09:07] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [429.84 Ko] - (10.0.10586.71) : C:\WINDOWS\System32\services.exe [MD5.8497852ED44AFF902D502015792D315D] - [30/10/2015 09:17:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [42.91 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\svchost.exe [MD5.F5F7CE3E32536F1A37FB3972F27A814F] - [11/05/2016 19:57:16] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1366.43 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\user32.dll [MD5.8F3ECCB5DC878FA14887B43CD148CBA9] - [30/10/2015 09:17:53] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\userinit.exe [MD5.C1C81AAF533552B3C4D9F11A5FF97700] - [11/05/2016 19:57:11] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [284.53 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\Wininit.exe [MD5.5C156EC4E44E30331BCC865A3B61D839] - [11/05/2016 19:57:22] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [572 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\Winlogon.exe [MD5.70148EFA9A562E7185B75BBE7D376BF7] - [05/12/2015 06:26:53] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [565.34 Ko] - (10.0.10586.3) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.84 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.B6664965BF346322BBDF286174851476] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [188.34 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.7F9C7226D743B232907ED2537B8A574F] - [30/10/2015 09:18:09] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.82D97776BF982AA143BDC7DFB5054EA8] - [30/10/2015 09:17:22] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [169.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.935823F79CBEDB91637B63D37E3A5A36] - [12/04/2016 21:13:54] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [145 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.84BC034B6BB763733C1949B7B9BAF976] - [30/10/2015 09:17:18] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [78 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [112 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.9E5E8F2A1996F23B7E9687846AA81B01] - [30/10/2015 09:17:43] - (.© Microsoft Corporation. - IP Network Address Translator.) - [140 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.0B3B0C1D86050355676640488FA897D3] - [02/03/2016 21:28:31] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [420.84 Ko] - (10.0.10586.122) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.E582DA849A58524E645545FB68B6625D] - [12/04/2016 21:13:58] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1125.84 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.F51C02D992A8D6BC5EC4D990F227D4C7] - [30/10/2015 09:18:08] - (.© Microsoft Corporation. - MBT Transport driver.) - [273 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.19BD8A88AAC580592668B070AC0727D9] - [12/04/2016 21:14:52] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2101.84 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [94.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.E3C82823B22463BC38AA4F8ADA852624] - [02/03/2016 21:28:23] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [102.5 Ko] - (10.0.10586.122) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - [30/10/2015 09:19:42] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [169 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.083A727D784009F9CCFB120C7841B7AF] - [12/04/2016 21:14:03] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2347.34 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.91D3F2A6253EF83EFBD7903028F58C4D] - [05/12/2015 06:26:53] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.84 Ko] - (10.0.10586.3) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - [30/10/2015 09:17:22] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [404.84 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\volsnap.sys ¤¤¤¤¤¤¤¤¤¤ | Locked Applications ¤¤¤¤¤¤¤¤¤¤ | Explorer.exe component call (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\System32\CoreUIComponents.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (10.18.15.4256) -- C:\WINDOWS\SYSTEM32\igd10iumd64.dll (.Intel Corporation.-.Unified Shader Compiler for Intel(R) Graphics Accelerator.) - (10.18.15.4256) -- C:\WINDOWS\SYSTEM32\igdusc64.dll (..-..) - (0.0.0.0) -- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll differs from file image: (..-..) - (0.0.0.0) -- : Tue May 17 22:10:16 2016 (..-..) - (0.0.0.0) -- : Tue Apr 26 07:16:59 2016 (.Google.-.Google Drive shell extension.) - (1.30.2170.459) -- C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (..-.Core Sync.) - (2.0.1.178) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll (..-..) - (1.2.502.0) -- C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll (.ASUS Cloud Corporation..-.AsusWSShellExt64.) - (1.1.0.27) -- C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.21.0.0) -- C:\Program Files (x86)\WinRAR\rarext64.dll (..-.fzshellext Dynamic Link Library.) - (3.16.0.0) -- C:\Program Files\FileZilla FTP Client\fzshellext_64.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 364.72.) - (10.18.13.6472) -- C:\WINDOWS\system32\nvapi64.dll (.NVIDIA Corporation.-.NVIDIA French language resource library.) - (8.17.13.6472) -- C:\WINDOWS\SYSTEM32\Nv3DAppShExtR.dll (.Malwarebytes.-.Malwarebytes Anti-Malware.) - (3.1.1.0) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll (.Google.-.Google Drive shell extension.) - (1.30.2170.459) -- C:\Program Files (x86)\Google\Drive\contextmenu64.dll (.Foxit Corporation.-.ConvertToPDFShellExtension.) - (6.0.4.1129) -- C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll (.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (8.17.13.6472) -- C:\WINDOWS\system32\nv3dappshext.dll ¤¤¤¤¤¤¤¤¤¤ | Svchost.exe component call (Microsoft Files Whitelisted) (.NVIDIA Corporation.-.NVIDIA Capture Server Proxy.) - (2.11.3.5) -- C:\WINDOWS\system32\nvspcap64.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 364.72.) - (10.18.13.6472) -- C:\WINDOWS\system32\nvapi64.dll (.Realtek Semiconductor Corp..-.Realtek(r) LFX/GFX DSP component.) - (11.0.6000.412) -- C:\WINDOWS\system32\RltkAPO64.dll ¤¤¤¤¤¤¤¤¤¤ | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ¤¤¤¤¤¤¤¤¤¤ | Startings up [HKU\S-1-5-18\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR "Steam"="C:\Program Files (x86)\Steam\steam.exe" -silent "Akamai NetSession Interface"="C:\Users\Quentin\AppData\Local\Akamai\netsession_win.exe" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"=C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" "Uninstall C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64"=C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64" "Uninstall C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"=C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" "Uninstall C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"=C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" "Uninstall C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"=C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64" [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "Steam"=0x0300000070677B9EE50FD101 "Akamai NetSession Interface"=0x020000000000000000000000 "CCleaner Monitoring"=0x030000009B3B5927D01BD101 "OneDrive"=0x020000000000000000000000 "GoogleDriveSync"=0x020000000000000000000000 "RESTART_STICKY_NOTES"=0x020000000000000000000000 [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"=C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "AuditSHD"=0x040000000000000000000000 "AdobeAAMUpdater-1.0"=0x03000000BFFF8F17D01BD101 "ShadowPlay"=0x020000000000000000000000 "NvBackend"=0x020000000000000000000000 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "WebStorage"=C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [20/08/2014 07:14:52] "ROGNB"="C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe" "Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime "ADSKAppManager"="C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun "RzWizard"=C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [23/03/2016 04:50:38] [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ¤¤¤¤¤¤¤¤¤¤ | Startings up registry ¦ Folder ¤¤¤¤¤¤¤¤¤¤ | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=56e3e7e1-a02b-4b07-b4fb-9bc2b42 "GlassSessionId"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "PendingFileRenameOperations"=\??\C:\Config.Msi\225ed67.rbf [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc gpsvc trustedinstaller "WaitToKillServiceTimeout"=5000 "SystemStartOptions"= MAXMEM=8589934592 NOEXECUTE=OPTIN NUMPROC=8 NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(4) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=6 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [01/09/2015 23:13:21] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=860 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 ¤¤¤¤¤¤¤¤¤¤ | .LNK C:\Users\Quentin\AppData\Local\Ankama\Dofus\Uninstall Dofus.lnk ("--uninstall-or-repair") C:\Users\Quentin\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk (shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}) C:\Users\Quentin\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk (shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Quentin\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk (shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Quentin\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk (/e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}) C:\Users\Quentin\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk (/0) C:\Users\Quentin\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk (::{7007ACC7-3202-11D1-AAD2-00805FC1270E}) C:\Users\Quentin\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk (/name Microsoft.DeviceManager) C:\Users\Quentin\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk (/name Microsoft.System) C:\Users\Quentin\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk (/name Microsoft.PowerOptions) C:\Users\Quentin\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk (/name Microsoft.ProgramsAndFeatures) C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk (/SendTo) C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk\Installer Autodesk 3ds Max 2016 maintenant.lnk (/URL "http://edutrial.autodesk.com/NET16SWDLD/2016/3DSMAX/WI/Autodesk_3ds_Max_2016_EFGJKS_Win_64bit_wi_fr-FR_Setup.exe" /skipPI /SN 900-63333401 /PK 128H1 /akamai) C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender\Uninstall Blender.lnk (/x {EA3C8A99-1565-44FF-89FC-926CEEB623B5}) C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Devices.lnk (page=SettingsPagePCSystemDevices) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk (-sta {C90FB8CA-3295-4462-A721-2935E83694BA}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk (/src gamesmenu /dp asus) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk (-SpeechUX) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk (/prefetch:1) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk (/res) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk (/s) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk 3ds Max 2016\3ds Max 2016 - Brazilian Portuguese.lnk (/Language=PTB) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk 3ds Max 2016\3ds Max 2016 - English.lnk (/Language=ENU) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk 3ds Max 2016\3ds Max 2016 - French.lnk (/Language=FRA) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk 3ds Max 2016\3ds Max 2016 - German.lnk (/Language=DEU) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk 3ds Max 2016\3ds Max 2016 - Japanese.lnk (/Language=JPN) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk 3ds Max 2016\3ds Max 2016 - Korean.lnk (/Language=KOR) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk 3ds Max 2016\3ds Max 2016 - Simplified Chinese.lnk (/Language=CHS) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk\Autodesk 3ds Max 2016\Change Graphics Mode.lnk (-h) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON WF-3520 Series\Comment acheter.lnk (/T "MENU" /D "EPSON WF-3520 Series" /M "WF-3520 Series" /A) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON WF-3520 Series\Désinstallation du pilote d'impression EPSON.lnk (/R /APD /P:"EPSON WF-3520 Series") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON WF-3520 Series\Mise à jour du logiciel.lnk (/RUN /D "EPSON WF-3520 Series") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON WF-3520 Series\Support technique.lnk (C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YGEPJJE.DLL,GE_OpenELINK "WF-3520 Series") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\WildTangent Games App - asus.lnk (/src gamesmenu /dp asus) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk (--new_document) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk (--new_spreadsheet) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk (--new_presentation) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016\Centre de téléchargement Office 2016.lnk ("C:\Program Files (x86)\Microsoft Office\Root\Office16\MSOUC.EXE") C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Désinstaller QuickTime.lnk (/i {3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E} /qf) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\ScpToolkit Tray Notifications.lnk () s^1�H��SCPTOO~1F ᄍH���H��.��\ScpToolkitj2&�Gv� SCPTRA~1.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk (/name Microsoft.DefaultPrograms) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk (/7) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk (--reset-config --reset-plugins-cache vlc://quit) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk (-Iskins) ¤¤¤¤¤¤¤¤¤¤ | AppCertDlls | AppInit_DLLs ¤¤¤¤¤¤¤¤¤¤ | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ¤¤¤¤¤¤¤¤¤¤ | Policies | Registry [HKU\S-1-5-18\Control Panel\Desktop] "DragFullWindows"=1 "FontSmoothing"=2 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "UserPreferencesMask"=0x9E3E038012000000 "LockScreenAutoLockActive"=0 [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer] "TelemetrySalt"=2 [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "EnableStartMenu"=0 "AutoCheckSelect"=0 [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=1698940 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "ScreenSaveActive"=1 "MouseMonitorEscapeSpeed"=0 "Win8DpiScaling"=0 "UserPreferencesMask"=0x9E1E078012000000 "AutoColorization"=1 "MaxVirtualDesktopDimension"=3840 "MaxMonitorDimension"=1920 "TranscodedImageCount"=1 "LastUpdated"=4294967295 "TranscodedImageCache"=0x7AC30100DA9600008007000038040000FF2BB0B28987D10143003A005C00550073006500720073005C005100750065006E00740069006E005C00500069006300740075007200650073005C006D0061007800720065007300640065006600610075006C00740020002800310029002E006A007000670000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ImageColor"=2184822402 "DpiScalingVer"=4096 "PreferredUILanguages"=fr-FR "Wallpaper"=C:\Users\Quentin\Pictures\maxresdefault (1).jpg [26/03/2016 20:02:44] "ActiveWndTrkTimeout"=0 [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 "{0E270DAA-1BE6-48F2-AC49-6AF09121BDCE}"=1 [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ShellState"=0x240000003428000000000000000000000000000001000000130000000000000062000000 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "AllowStartMenuToDefaultOn"=1 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "LastClockSize"=0x270000000F000000460000000F000000410000000F000000 "TelemetrySalt"=1 "GlobalAssocChangedCounter"=526 "AppReadinessLogonComplete"=1 "FirstRunTelemetryComplete"=1 "SlowContextMenuEntries"=0x206BB9B11DDA3C4A92C17229B32F232619230000CEC429A936FD7042B4F534ECAC5BD63C4D080000119826C5294A1848A4BB111F9FC63A5F090E00006024B221EA3A6910A2DC08002B30309DF9080000AF75193DC6488E4FA182BE0E08FA86A9A1070000 "Reason Setting"=255 "Browse For Folder Width"=347 "Browse For Folder Height"=346 "link"=0x16000000 [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "StoreAppsOnTaskbar"=1 "ServerAdminUI"=0 "Hidden"=1 "ShowCompColor"=1 "HideFileExt"=0 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=11 "ReindexedProfile"=1 "RTStartMenuNotificationDisplayCount"=0 "EnableStartMenu"=1 [HKU\S-1-5-20\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "ScreenSaveActive"=1 [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 [HKU\S-1-5-19\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=10 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "ScreenSaveActive"=1 [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "SmartScreenEnabled"=RequireAdmin "GlobalAssocChangedCounter"=8 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "PromptOnSecureDesktop"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=26 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ¤¤¤¤¤¤¤¤¤¤ | Winlogon [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=10586 "FirstLogon"=0 "PUUActive"=0x9F506719080000002200910070E80500E4CD0600CA111500D00000002E003600AF275822B3931900C07D09006AC203002CFC0200038A0100000000000CCE0700581B0000D102000047D9B1B829BCD101 "ParseAutoexec"=1 [HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders [HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DefaultDomainName"= "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "ShutdownStartTime"=131091717642253952 "UserSessionShutdownStopTime"=131091717642410212 "ShutdownFlags"=2147483687 "Userinit"=C:\Windows\system32\userinit.exe, "scremoveoption"=0 "AutoAdminLogon"=0 "DefaultUserName"=MicrosoftAccount\quentin.n7@outlook.fr "ShutdownWithoutLogon"=0 "DisableCad"=1 "EnableFirstLogonAnimation"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe, ¤¤¤¤¤¤¤¤¤¤ | Associations [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [09/12/2015 12:12:53] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [09/12/2015 12:12:53] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ¤¤¤¤¤¤¤¤¤¤ | AppcompatFlags [HKU\S-1-5-18\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Windows\System32\Dism.exe"=0x5341435001000000000000000700000028000000003404005F16050001000000000000000000030673200000B395E7CF049FCE010000000000000000 "C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install_all.bat"=0x5341435001000000000000000700000028000000001603006BCF03000100000000000000000001050010000019B4C529E312D1010000000000000000 "C:\ProgramData\SetupTPDriver\auto_install.bat"=0x5341435001000000000000000700000028000000001603006BCF03000100000000000000000001050010000019B4C529E312D1010000000000000000 "C:\Program Files (x86)\ASUS\ASUS Smart Gesture\uninstall_all.bat"=0x5341435001000000000000000700000028000000001603006BCF03000100000000000000000001050010000019B4C529E312D1010000000000000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.6366.2062\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000F04E2A0082952A0001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000AD6A0400000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.6568.2025\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000F0CC2A00F84C2B0001000000000000000000000A0021000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000068A10500000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.6568.2036\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000F0CC2A002C1C2B0001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000E3CD0900000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.6741.2017\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000F0162B0029742B0001000000000000000000000A0021000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000015450700000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.6741.2021\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000F0162B0064F12B0001000000000000000000000A0021000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000006DD20B00000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.6769.2015\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000F0502B0010C82B0001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000B9710900000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.6769.2017\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000F0502B008CD02B0001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000E54D0600000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.6769.2040\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000E8502B009F812B0001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000CFCB0600000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.6868.2060\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000E86C2C00E6652D0001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F95B0700000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.6868.2062\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000F06C2C00B2D62C0001000000000000000000000A0021000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000090D20700000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.6868.2067\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000F06C2C007A442D0001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000534C0500000000000100000001000000 [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"=0x534143500100000000000000070000002800000038330600FEA306000100000000000000000003060021000019B4C529E312D1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000059207616000000007801000078010000 "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"=0x5341435001000000000000000700000028000000383303007B4503000100000000000000000003067122000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000003A207616000000007801000078010000 "C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"=0x534143500100000000000000070000002800000018BD2D00C0602E00010000000000000000000306F1220000975FD891C99ECE01000000800000000002000000280000000000000000000000000000000000000000000000000000000BA84100000000000100000001000000 "C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe"=0x53414350010000000000000007000000280000007846C200A774C20001000000000000000000000A7322000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000DBD80000000000000200000002000000 "C:\Program Files (x86)\WinRAR\WinRAR.exe"=0x5341435001000000000000000700000028000000D0771500358615000100000000000000000003060001000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000500000000000000000000000000000000000000000000000000000008AAF6B0300000000250000000C00000000000000000000400000000000000000000000000000000032020000000000000100000000000000 "C:\Program Files\Adobe\Adobe Premiere Pro CC 2015\Adobe Premiere Pro.exe"=0x5341435001000000000000000700000028000000D84A1A00D2361B0001000000000000000000000A7322000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000073514A0B000000005200000052000000 "\\192.168.1.43\Wilfried\Installation - Maintenance\Lecteurs réseaux\cubestation.bat"=0x5341435001000000000000000700000028000000008C030022EE030001000000000000000000010500100000078CBF8EFFBAD0010000000000000000 "\\cubestation\Wilfried\Installation - Maintenance\Lecteurs réseaux\cubestation.bat"=0x5341435001000000000000000700000028000000008C030022EE030001000000000000000000010500100000078CBF8EFFBAD0010000000000000000 "C:\Program Files\Adobe\Adobe After Effects CC 2015\Support Files\AfterFX.exe"=0x5341435001000000000000000700000028000000D8CE0C00E6440D000100000000000000000001060001000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000058798F09000000003F0000003F000000 "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe"=0x5341435001000000000000000700000028000000C01702006E31020001000000000000000000000A6122000019B4C529E312D1010000000000000000020000002800000000000000000000101000000000000000000000000000000029C9A805000000004D0400004D040000 "C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe"=0x5341435001000000000000000700000028000000D0C64207C69E43070100000000000000000003060001000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000012907805000000002700000027000000 "C:\Program Files\Blender Foundation\Blender\blender.exe"=0x5341435001000000000000000700000028000000006807000000000001000000000000000000000A73220000078CBF8EFFBAD00100000000000000000200000028000000000000000000000000000000000000000000000000000000A6ED5A00000000000200000002000000 "C:\Program Files\Adobe\Adobe Illustrator CC 2015\Support Files\Contents\Windows\Illustrator.exe"=0x5341435001000000000000000700000028000000D8D031021567320201000000000000000000000A7322000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000003202B404000000001C0000001C000000 "C:\Autodesk\Autodesk_3ds_Max_2016_EFGJKS_Win_64bit_wi_fr-FR\Setup.exe"=0x534143500100000000000000070000002800000088F90E00DB850F00010000000000000000000106000100000261329FFFBAD00100000000000000000200000028000000000000000000004000000000000000000000000000000000ED424000000000000100000001000000 "C:\Program Files\Autodesk\3ds Max 2016\3dsmax.exe"=0x534143500100000000000000070000002800000028CFA2009402A30001000000000000000000000AF322000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000007E234A00000000000800000008000000 "C:\Program Files (x86)\OpenOffice 4\program\swriter.exe"=0x534143500100000000000000070000002800000000960100A61902000100000000000000000003067102000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000029C85705000000000C0000000C000000 "C:\Riot Games\League of Legends\lol.launcher.exe"=0x5341435001000000000000000700000028000000B87C010083C101000100000000000000000001067100000019B4C529E312D10100000000000000000200000050000000000000008000000010000000000000000000000000000000C715D000000000000C0000000100000000000000800000400000000000000000000000000000000031176600000000000100000000000000 "C:\Program Files (x86)\Foxit PhantomPDF\FoxitPhantomPDF.exe"=0x53414350010000000000000007000000280000006826270202BA2702010000000000000000000306710200000261329FFFBAD001000000000000000002000000280000000000000000000000040000000000000000000000000000009C549006000000000600000006000000 "C:\Program Files (x86)\OpenOffice 4\program\soffice.exe"=0x5341435001000000000000000700000028000000001A96007C5396000100000000000000000003067102000019B4C529E312D10100000000000000000200000028000000000000000000001000000000000000000000000000000000ED89550F000000000B0000000B000000 "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"=0x5341435001000000000000000700000028000000D8B4D3001B8CD40001000000000000000000030600010000078CBF8EFFBAD00100000000000000000200000028000000000000000000000000000000000000000000000000000000FA000000000000000200000002000000 "C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe"=0x5341435001000000000000000700000028000000F8C47A009B727B00010000000000000000000106000100000261329FFFBAD0010000000000000000020000002800000000000000800000000000000000000000000000000000000057BC6E01000000000B0000000B000000 "C:\Program Files (x86)\Skype\Phone\Skype.exe"=0x534143500100000000000000070000002800000060544A018FCA4A010100000000000000000003060021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000083E9F101000000001000000010000000 "C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe"=0x534143500100000000000000070000002800000058D9120011F512000100000000000000000003067100000019B4C529E312D1010000000000000000020000002800000000000000000000100000000000000000000000000000000029922901000000002B0000002B000000 "C:\Program Files (x86)\Google\Drive\googledrivesync.exe"=0x534143500100000000000000070000002800000078C25B01805F5C010100000000000000000001067102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F5B1FE05000000001100000011000000 "C:\Program Files (x86)\Intel Driver Update Utility\DriverUpdateUI.exe"=0x534143500100000000000000070000002800000090A41500518C160001000000000000000000000A8021000019B4C529E312D10100000080000000000200000028000000000000000000004000000000000000000000000000000000FBD70800000000000200000002000000 "C:\Program Files\Adobe\Adobe Audition CC 2015\Adobe Audition CC.exe"=0x5341435001000000000000000700000028000000C8241800D9E318000100000000000000000001060001000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000061E68F00000000000200000002000000 "C:\ProgramData\Ableton\Live 9 Suite\Program\Ableton Live 9 Suite.exe"=0x5341435001000000000000000700000028000000C889EA03F8C2EA0301000000000000000000000A73220000078CBF8EFFBAD00100000000000000000200000028000000000000000000001000000000000000000000000000000000B25C0E00000000000100000001000000 "C:\Users\Quentin\Downloads\audacity-win-2.1.0.exe"=0x5341435001000000000000000700000028000000B86C710100000000010000000000000000000306000100000261329FFFBAD00100000000000000000200000028000000000000000000004000000000000000000000000000000000F8510000000000000100000001000000 "C:\Program Files (x86)\Audacity\audacity.exe"=0x534143500100000000000000070000002800000000547E000000000001000000000000000000000A712200000261329FFFBAD0010000000000000000020000002800000000000000000000000000000000000000000000000000000033C70B00000000000300000003000000 "C:\Users\Quentin\Downloads\MovaviVideoConverterSetupC.exe"=0x534143500100000000000000070000002800000098FDCA02085FCB020100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000000B660700000000000100000001000000 "C:\Users\Quentin\Downloads\Hearthstone-Setup (1).exe"=0x534143500100000000000000070000002800000038F42F00F4F72F000100000000000000000003060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000093284900000000000100000001000000 "C:\Program Files (x86)\OpenOffice 4\program\scalc.exe"=0x5341435001000000000000000700000028000000009601003E9701000100000000000000000003067102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000617EAC05000000000400000004000000 "C:\Program Files (x86)\OpenOffice 4\program\smath.exe"=0x53414350010000000000000007000000280000000096010040AB01000100000000000000000003067102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000B384B501000000000500000005000000 "C:\Users\Quentin\Downloads\flstudio_12.2.exe"=0x5341435001000000000000000700000028000000E822B5258913B6250100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000049A30900000000000100000001000000 "C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe"=0x53414350010000000000000007000000280000009EAE0000000000000100000000000000000000067102000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000084130400000000000100000001000000 "C:\Program Files (x86)\Image-Line\FL Studio ASIO\uninstall.exe"=0x5341435001000000000000000700000028000000B07E0E005BFB0E000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000680E0000000000000100000001000000 "C:\Program Files (x86)\Image-Line\FL Studio 12\uninstall.exe"=0x5341435001000000000000000700000028000000403F3C0020D73C000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000598B0300000000000100000001000000 "C:\Users\Quentin\Downloads\NeatPRSetupDemo64.exe"=0x534143500100000000000000070000002800000018887E009DA07E000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000AF4B0000000000000100000001000000 "C:\Users\Quentin\Downloads\uTorrent.exe"=0x534143500100000000000000070000002800000018EC1E0085A81F0001000000000000000000000A0021000019B4C529E312D1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000001260100000000000100000001000000 "C:\Users\Quentin\AppData\Roaming\uTorrent\uTorrent.exe"=0x534143500100000000000000070000002800000018EC1E0085A81F0001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000CB5E1A00000000000100000001000000 "D:\Torrent\ABSoft NeatVideo Pro et NeatImage Pro Plugins pour Adobe AE - PR et PS\ABSoft NeatVideo Pro v3.5.0 (x64)_Premiere Pro\NeatPRSetup_3.5.CE.exe"=0x53414350010000000000000007000000280000008F9D7000000000000100000000000000000002060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000B54A0000000000000100000001000000 "D:\Torrent\ABSoft NeatVideo Pro et NeatImage Pro Plugins pour Adobe AE - PR et PS\ABSoft NeatVideo Pro v3.0 (x64)_After Effects\NeatAESetup64.exe"=0x534143500100000000000000070000002800000021354C00000000000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000CA2F0000000000000100000001000000 "D:\Torrent\Image-Line Fl Studio 12.0.2 (Producer Edition 32 & 64 bit)-NEOSOFT\flstudio_12.0.2.exe"=0x5341435001000000000000000700000028000000C8211C1BFB8B1C1B0100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000006E810800000000000100000001000000 "C:\Program Files (x86)\Image-Line\FL Studio 12\FL.exe"=0x534143500100000000000000070000002800000038CD05004C6106000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000947C0300000000000400000004000000 "C:\Users\Quentin\AppData\Local\Ankama\Dofus\Dofus.exe"=0x534143500100000000000000070000002800000060866200295563000100000000000000000002060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F5FD7700000000000100000001000000 "C:\Users\Quentin\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe"=0x5341435001000000000000000700000028000000A8F8D301BC98D4010100000000000000000003060001000019B4C529E312D10100000000000000000200000050000000000000000000004000000000000000000000000000000000ED0A0000000000000100000001000000000000000000000000000000000000000000000000000000EA000000000000000100000000000000 "C:\Program Files\CCleaner\CCleaner64.exe"=0x5341435001000000000000000700000028000000A815830095B5830001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000562B0000000000000900000009000000 "C:\Users\Quentin\Downloads\GeForce_Experience_v2.9.1.22.exe"=0x5341435001000000000000000700000028000000D0307B0278C77B020100000000000000000002060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000F1BB0900000000000100000001000000 "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe"=0x5341435001000000000000000700000028000000C07148005D11490001000000000000000000000AF122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000033020000000000000100000001000000 "C:\Users\Quentin\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones.exe"=0x534143500100000000000000070000002800000078EA6F019F5070010100000000000000000000067100000019B4C529E312D1010000000000000000020000002800000000000000000800400000000000000000000000000000000070170000000000000100000001000000 "SIGN.IE=030E8C0 Setup.X86.fr-FR_O365HomePremRetail_519b8c9d-ad31-490b-9d72-b59f0043001a_TX_DB_.exe"=0x5341435001000000000000000700000028000000C0E830005952310001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000B5F00400000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe"=0x5341435001000000000000000700000028000000C8025D00A5585D0001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000CD640500000000000100000001000000 "C:\Users\Quentin\Downloads\focusrite-usb-2-driver-2.5.1.exe"=0x5341435001000000000000000700000028000000E82F0E003C760E000100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000009EA90000000000000100000001000000 "C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"=0x5341435001000000000000000700000028000000F0BD02007657030001000000000000000000000A7322000059193B14E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000002B4BBA0C000000008D0000008D000000 "C:\Users\Quentin\Desktop\Cinema 4D R16 by Traylix\w_ccompxe_redist_intel64_2013.5.198.msi"=0x53414350010000000000000007000000280000000002010066CD01000100000000000000000001050010000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000E5D90000000000000100000001000000 "\\CUBESTATION\Wilfried\UNESCO\Plugins & scripts\All Trapcode\TCSuite_Win_Full\Trapcode Suite Setup.exe"=0x5341435001000000000000000700000028000000F0BF4E0372394F030100000000000000000002060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000CA1D0300000000000100000001000000 "C:\Program Files\Adobe\Adobe Media Encoder CC 2015\Adobe Media Encoder.exe"=0x5341435001000000000000000700000028000000D81675001540750001000000000000000000000A7322000059193B14E312D1010000000000000000 "C:\Users\Quentin\Desktop\Cinema 4D R16 by Traylix\CINEMA 4D R16\CineWare.exe"=0x5341435001000000000000000700000028000000288F4800BA9248000100000000000000000003067320000059193B14E312D101000000000000000002000000280000000000000000000000001000000000000000000000000000002E080000000000000100000001000000 "C:\Users\Quentin\Desktop\Cinema 4D R16 by Traylix\CINEMA 4D R16\CINEMA 4D.exe"=0x534143500100000000000000070000002800000028874800BE6D490001000000000000000000000A7322000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000070BF3204000000001800000018000000 "C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE"=0x5341435001000000000000000700000028000000C81EC70169D9C70101000000000000000000000A0021000019B4C529E312D1010000009100000000 "C:\Program Files (x86)\Microsoft Office\root\Office16\POWERPNT.EXE"=0x5341435001000000000000000700000028000000C8601C001F9E1C0001000000000000000000000A0021000019B4C529E312D1010000009100000000 "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe"=0x5341435001000000000000000700000028000000C04A2300E669230001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000015070000000000000100000001000000 "C:\Program Files\FileZilla FTP Client\filezilla.exe"=0x5341435001000000000000000700000028000000B0C8B90044A0BA0001000000000000000000000A0021000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000075FF4101000000000700000007000000 "C:\Program Files\Adobe\Adobe InDesign CC 2015\InDesign.exe"=0x5341435001000000000000000700000028000000D00E5C008D665C0001000000000000000000000A7322000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F1706105000000000600000006000000 "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"=0x5341435001000000000000000700000028000000E0759700E487970001000000000000000000000A7122000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000A632EA00000000000A0000000A000000 "C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe"=0x5341435001000000000000000700000028000000E8D330003ABE310001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000008000000000000000000000000000000000000000E742A400000000000900000009000000 "C:\Users\Quentin\Downloads\codeblocks-16.01mingw-setup.exe"=0x53414350010000000000000007000000280000000271FE040000000001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000DE8A1300000000000100000001000000 "C:\Program Files (x86)\CodeBlocks\codeblocks.exe"=0x53414350010000000000000007000000280000000EF21F006740200001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000005A342500000000000100000001000000 "C:\Program Files (x86)\4KDownload\4kvideodownloader\4kvideodownloader.exe"=0x534143500100000000000000070000002800000060BFCF002740D00001000000000000000000000A6120000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000075055E00000000000A0000000A000000 "C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe"=0x5341435001000000000000000700000028000000E8E12D00A7282E000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000008000000000000000000000000000000000000000AE5B4C01000000000500000005000000 "C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe"=0x5341435001000000000000000700000028000000C80304001B58040001000000000000000000000A8021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000001D919900000000000100000001000000 "C:\Program Files (x86)\Overwatch\Overwatch Launcher.exe"=0x534143500100000000000000070000002800000030602D00CBBA2D000100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000080000000001000000000000000000000000000000629B303000000001C0000001C000000 "C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe"=0x5341435001000000000000000700000028000000C06B0600C351070001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000080000040000000000000000000000000000000007B702B00000000000100000001000000 "C:\Program Files\NVIDIA Corporation\Display\nvtray.exe"=0x5341435001000000000000000700000028000000387C25009CE4250001000000000000000000000A7322000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000E7402300000000000100000001000000 "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe"=0x534143500100000000000000070000002800000038481000389510000100000000000000000003060001000019B4C529E312D1010000000000000000 "C:\Users\Quentin\Downloads\TeamSpeak3-Client-win64-3.0.19.1.exe"=0x534143500100000000000000070000002800000058E6E1016B0CE2010100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000D6C94C00000000000100000001000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x534143500100000000000000070000002800000098720D006E360E0001000000000000000000000A0021000019B4C529E312D1010000000100000000 "C:\Program Files (x86)\Steam\Steam.exe"=0x534143500100000000000000070000002800000050F62E00B50E2F0001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000009986A700000000000100000001000000 "C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000C8F0890013408A0001000000000000000000000A0021000019B4C529E312D1010000000100000000 "C:\Users\Quentin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C8BA020001D3020001000000000000000000000A0021000019B4C529E312D1010000000100000000 "C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE"=0x5341435001000000000000000700000028000000C88C1D00BD301E0001000000000000000000000A0021000019B4C529E312D1010000009100000000 "D:\Torrent\x64\setup.exe"=0x534143500100000000000000070000002800000030FD020098BE030001000000000000000000000A0021000019B4C529E312D1010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000081123E00000000000200000002000000 "C:\Program Files\MATLAB\R2015b\bin\matlab.exe"=0x534143500100000000000000070000002800000088BC0300FC0D040001000000000000000000000A7122000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000006F0BC603000000001200000012000000 "C:\Users\Quentin\Downloads\4kyoutubetomp3_3.0.exe"=0x53414350010000000000000007000000280000008023AD016DC4AD0101000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000082500000000000000100000001000000 "C:\Users\Quentin\Desktop\Anniv tr\setup.exe"=0x534143500100000000000000070000002800000080B20D000000000001000000000000000000000A4122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000097A50000000000000100000001000000 "C:\Program Files (x86)\HxD\HxD.exe"=0x534143500100000000000000070000002800000000AA19001B4D1A000100000000000000000000066122000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000077AE0200000000000100000001000000 "C:\Program Files (x86)\4KDownload\4kyoutubetomp3\4kyoutubetomp3.exe"=0x5341435001000000000000000700000028000000D0F4B500592BB60001000000000000000000000A6120000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000032B73D00000000000100000001000000 "C:\Users\Quentin\Downloads\dotNetFx40_Full_setup.exe"=0x534143500100000000000000070000002800000048920D0061380E000100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000007F310000000000000100000001000000 "C:\Users\Quentin\Downloads\vcredist_x86.exe"=0x534143500100000000000000070000002800000058694D00687A4D000100000000000000000000067102000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000B31E0000000000000100000001000000 "C:\Users\Quentin\Downloads\vcredist_x64.exe"=0x534143500100000000000000070000002800000058435700873358000100000000000000000000067102000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000BF290000000000000100000001000000 "C:\Users\Quentin\Downloads\ScpToolkit_Setup.exe"=0x5341435001000000000000000700000028000000825C48010000000001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000DCBE0000000000000100000001000000 "C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpDriverInstaller.exe"=0x534143500100000000000000070000002800000000540C000000000001000000000000000000000A8021000059193B14E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000F7700400000000000400000004000000 "C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpSettings.exe"=0x534143500100000000000000070000002800000000C00C000000000001000000000000000000000AF522000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000D0010100000000000100000001000000 "C:\Users\Quentin\Downloads\DxtorySetup20134.exe"=0x534143500100000000000000070000002800000068D55A00C76F5B0001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000D6900000000000000100000001000000 "C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe"=0x5341435001000000000000000700000028000000F06C2C00B2D62C0001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000632DC000000000000100000001000000 "C:\Users\Quentin\AppData\Local\Temp\RarSFX0\installer_msi_win.msi"=0x534143500100000000000000070000002800000000E400006BAB01000100000000000000000001050010000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000621C0000000000000A0000000A000000 "C:\Users\Quentin\Desktop\QuickDiag.exe"=0x534143500100000000000000070000002800000010602000CE5A210001000000000000000000000A0021000019B4C529E312D1010000000000000000 ¤¤¤¤¤¤¤¤¤¤ | IFEO ¤¤¤¤¤¤¤¤¤¤ | Mountpoints2 [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{fe2d93c6-1466-11e6-829a-acfdce83df19}] : "F:\Setup.exe" (AutoRun) ¤¤¤¤¤¤¤¤¤¤ | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ¤¤¤¤¤¤¤¤¤¤ | Security center [HKU\S-1-5-20\SOFTWARE\Microsoft\Windows Defender] "CachedProxyAccessType "=1 "CachedProxy"= "CachedProxyBypass"= "LastKnownGoodProxy"=1 "DssCounter "=3 [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=130937654945524244 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "DisableAntiSpyware"=0 "ProductType"=2 "ManagedDefenderProductType"=0 "ProductStatus"=0 "InstallTime"=0x8194D93DB0AFD001 "DisableAntiVirus"=0 "OOBEInstallTime"=0x49E116AC332FD101 "OneTimeSqmDataSent"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ¤¤¤¤¤¤¤¤¤¤ | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ¤¤¤¤¤¤¤¤¤¤ | Winsock (Whitelist) [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011] : Hyper-V RAW [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000011] : Hyper-V RAW [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011] : Hyper-V RAW [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000011] : Hyper-V RAW ¤¤¤¤¤¤¤¤¤¤ | Hosts 192.168.1.43 cubestation 192.168.1.43 CUBESTATION ¤¤¤¤¤¤¤¤¤¤ | @ [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main] "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet settings] "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "IE5_UA_Backup_Flag"=5.0 "ZonesSecurityUpgrade"=0x44D0D95A162FD101 "EnableNegotiate"=1 "ProxyEnable"=0 [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Cache_Update_Frequency"=Once_Per_Session "Local Page"=C:\Windows\system32\blank.htm "NoUpdateCheck"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://asus13.msn.com/?pc=ASJB "Default_Page_URL"=http://asus13.msn.com/?pc=ASJB "DisableFirstRunCustomize"=3 "OperationalData"=13 "ApplicationTileImmersiveActivation"=0 "AssociationActivationMode"=2 "EdgeSwitchingOSBuildNumber"=10586.th2_release.160104-1513 "ImageStoreRandomFolder"=yac0awk "AutoHide"=yes "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000000000001000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF2400000024000000D4040000C7020000 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0xF62265549C33D101 "Start Page_TIMESTAMP"=0x9B5BA373EF56D101 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x01000000220000005DFEB73DC423D2518568AEB0F5F69D880282B1C45EB083155EAB266449A3D1440FAE020000000E0000005A65634D5173587971756F253364 "DownloadWindowPlacement"=0x0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "CertificateRevocation"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0xF62265549C33D101 "EmailName"=User@ "AutoConfigProxy"=wininet.dll "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "WarnOnPost"=0x01000000 "UseSchannelDirectly"=0x01000000 "EnableHttp1_1"=1 "UrlEncoding"=0 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 "ProxyOverride"= [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "User Agent"=Mozilla/5.0 (compatible; MSIE 9.0; Win32) "CertificateRevocation"=1 [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Cache_Update_Frequency"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Local Page"=%11%\blank.htm "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "User Agent"=Mozilla/5.0 (compatible; MSIE 9.0; Win32) "CertificateRevocation"=1 [HKLM\Software\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "DisableRandomFlighting"=0 "EnableLegacyEdgeSwitching"=1 "TabProcGrowth"=Medium "DoNotTrack"=1 [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ¤¤¤¤¤¤¤¤¤¤ | reparsepoint ¤¤¤¤¤¤¤¤¤¤ | Detection of offsets ¤¤¤¤¤¤¤¤¤¤ | Notify ¤¤¤¤¤¤¤¤¤¤ | SSODL | SEH | URLSH | STS ¤¤¤¤¤¤¤¤¤¤ | Toolbar [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 "ShowDiscussionButton"=Yes [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ¤¤¤¤¤¤¤¤¤¤ | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Lync Click to Call) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] ¤¤¤¤¤¤¤¤¤¤ | SearchScopes [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB : ¤¤¤¤¤¤¤¤¤¤ | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}] -> (Adblock Plus for IE Browser Helper Object) : C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [25/02/2015 17:30:48] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}] -> (Adblock Plus for IE Browser Helper Object) : C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [25/02/2015 17:30:48] ¤¤¤¤¤¤¤¤¤¤ | Chrome C:\Users\Quentin\AppData\Local\Google\Chrome\User Data\Default\extensions\aapocclcgogkmnckokdopfmhonfmgoek = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Quentin\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Quentin\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf = : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - https://clients2.google.com/service/update2/crx C:\Users\Quentin\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com - Google & co - http://clients2.google.com/service/update2/crx C:\Users\Quentin\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx C:\Users\Quentin\AppData\Local\Google\Chrome\User Data\Default\extensions\felcaaldnbdncclmgdcncolpebgiejap = : Google & co - Google & co - https://clients2.google.com/service/update2/crx C:\Users\Quentin\AppData\Local\Google\Chrome\User Data\Default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi = : __MSG_extDesc__ - __MSG_extName__ - https://clients2.google.com/service/update2/crx C:\Users\Quentin\AppData\Local\Google\Chrome\User Data\Default\extensions\gighmmpiobklfepjocnamgkkbiglidom = : __MSG_description2__ - AdBlock - https://clients2.google.com/service/update2/crx C:\Users\Quentin\AppData\Local\Google\Chrome\User Data\Default\extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh = : Open Drive files directly from your browser in compatible applications installed on your computer. - short_name: Google Drive App Launcher - https://clients2.google.com/service/update2/crx C:\Users\Quentin\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx C:\Users\Quentin\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Google\Chrome\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh] ¤¤¤¤¤¤¤¤¤¤ | Opera ¤¤¤¤¤¤¤¤¤¤ | Firefox [HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect] - () : C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf] - () : C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf] - () : C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56] - (Intel IPT WebApi plugin) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1] - (VLC Multimedia Plugin) : C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (WildTangent Games App V2 Presence Detector Plugin) : C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [HKLM\Software\WOW6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect] - () : C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll ¤¤¤¤¤¤¤¤¤¤ | Active Connections TCP 127.0.0.1:1120 JUSSI:64003 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64005 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64006 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64007 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64008 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64011 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64012 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64013 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64014 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64015 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64017 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64018 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64019 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64020 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64021 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64022 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64023 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64024 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64025 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64026 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64027 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64028 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64029 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64030 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64031 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64032 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64033 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64034 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64036 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64037 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64038 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64039 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64041 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64044 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64047 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64049 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64050 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64051 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64054 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64055 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64056 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64057 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64059 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64060 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64062 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64064 TIME_WAIT 0 TCP 127.0.0.1:1120 JUSSI:64065 TIME_WAIT 0 TCP 127.0.0.1:49881 JUSSI:49882 ESTABLISHED 12128 TCP 127.0.0.1:49882 JUSSI:49881 ESTABLISHED 12128 TCP 127.0.0.1:51998 JUSSI:65001 ESTABLISHED 4156 TCP 127.0.0.1:65001 JUSSI:51998 ESTABLISHED 4156 TCP 192.168.1.22:60018 msnbot-191-232-139-68.search.msn.com:https ESTABLISHED 4504 TCP 192.168.1.22:60029 msnbot-191-232-139-136.search.msn.com:https ESTABLISHED 3096 TCP 192.168.1.22:60278 dub410-m.hotmail.com:https ESTABLISHED 5712 TCP 192.168.1.22:60880 80-239-208-193.customer.teliacarrier.com:1119 ESTABLISHED 12128 TCP 192.168.1.22:61522 24.105.29.75:http CLOSE_WAIT 11668 TCP 192.168.1.22:62451 217.212.238.119:https ESTABLISHED 6332 TCP 192.168.1.22:62845 104.244.42.200:https ESTABLISHED 2504 TCP 192.168.1.22:63914 192.229.233.55:https ESTABLISHED 2504 TCP 192.168.1.22:63915 192.229.233.55:https ESTABLISHED 2504 TCP 192.168.1.22:63952 ec2-52-3-8-5.compute-1.amazonaws.com:https TIME_WAIT 0 TCP 192.168.1.22:63989 213.139.127.144:https ESTABLISHED 2504 TCP 192.168.1.22:63993 213.139.127.144:https TIME_WAIT 0 TCP 192.168.1.22:64004 104.210.212.243:https TIME_WAIT 0 TCP 192.168.1.22:64009 livebox.home:60001 TIME_WAIT 0 TCP 192.168.1.22:64010 livebox.home:60001 TIME_WAIT 0 TCP 192.168.1.22:64035 13.107.3.128:https ESTABLISHED 7832 TCP 192.168.1.22:64058 13.107.3.128:https ESTABLISHED 7556 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:51880 wn-in-x7d.1e100.net:5222 ESTABLISHED 8360 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:59261 par10s21-in-x0d.1e100.net:https CLOSE_WAIT 8360 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:59615 par10s21-in-x0a.1e100.net:https CLOSE_WAIT 8360 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:60062 [2a00:1450:400c:c0c::7d]:5222 ESTABLISHED 8360 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:62510 edge-star-mini6-shv-01-mad1.facebook.com:https ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:62777 edge-star6-shv-01-cdg2.facebook.com:https ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:63846 par10s22-in-x0e.1e100.net:https TIME_WAIT 0 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:63855 par03s13-in-x0e.1e100.net:https TIME_WAIT 0 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:63857 par10s10-in-x01.1e100.net:https TIME_WAIT 0 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:63902 wb-in-x8b.1e100.net:https ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:63912 [2a02:26f0:e1:298::247f]:http ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:63913 [2a02:26f0:e1:2a8::25eb]:http ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:63920 [2a02:26f0:e1:2a8::25eb]:https ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:63927 par10s09-in-x02.1e100.net:http ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:63930 lhr25s09-in-x04.1e100.net:http ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:63938 lhr26s01-in-x2003.1e100.net:http ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:63943 par10s21-in-x0e.1e100.net:https ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:63997 ams15s21-in-x0e.1e100.net:https ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:64040 par10s21-in-x05.1e100.net:https ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:64042 [2a00:1450:4007:2::7]:https TIME_WAIT 0 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:64043 [2a00:1450:4007:2::7]:https TIME_WAIT 0 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:64045 par10s21-in-x0e.1e100.net:https ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:64048 par10s09-in-x02.1e100.net:https ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:64053 par10s22-in-x03.1e100.net:https ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:64061 par03s15-in-x0e.1e100.net:https ESTABLISHED 2504 TCP [2a01:cb19:8c1b:3c00:9560:314d:6686:cce4]:64063 [2a00:1450:401f:27::c]:https TIME_WAIT 0 ¤¤¤¤¤¤¤¤¤¤ | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{8d720d5a-ba49-4f3b-b3b9-fa814905e0fb}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{effc5bc2-1af1-493d-8b94-4938c1fc5071}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{8d720d5a-ba49-4f3b-b3b9-fa814905e0fb}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{effc5bc2-1af1-493d-8b94-4938c1fc5071}] "DhcpNameServer"=192.168.1.1 ¤¤¤¤¤¤¤¤¤¤ | Applications [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\SOFTWARE\Classes\Applications\matlab.exe] : "C:\Program Files\MATLAB\R2015b\bin\matlab.exe" "%1" [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\SOFTWARE\Classes\Applications\swriter.exe] : "C:\Program Files (x86)\OpenOffice 4\program\swriter.exe" "%1" [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\SOFTWARE\Classes\Applications\uTorrent.exe] : "%APPDATA%\uTorrent\uTorrent.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\Adobe Audition CC.exe] : "C:\Program Files\Adobe\Adobe Audition CC 2015\Adobe Audition CC.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\Illustrator.exe] : "C:\Program Files\Adobe\Adobe Illustrator CC 2015\Support Files\Contents\Windows\Illustrator.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Adobe Audition CC.exe] : "C:\Program Files\Adobe\Adobe Audition CC 2015\Adobe Audition CC.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Illustrator.exe] : "C:\Program Files\Adobe\Adobe Illustrator CC 2015\Support Files\Contents\Windows\Illustrator.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLED.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ¤¤¤¤¤¤¤¤¤¤ | Svchost - Netsvcs (Whitelisted) NetSetupSvc - %SystemRoot%\System32\NetSetupSvc.dll : %SystemRoot%\System32\svchost.exe -k netsvcs UserManager - %SystemRoot%\System32\usermgr.dll : %SystemRoot%\system32\svchost.exe -k netsvcs ¤¤¤¤¤¤¤¤¤¤ | Software [HKU\S-1-5-18\Software\Apple Computer, Inc.] [HKU\S-1-5-18\Software\ECAREME] [HKU\S-1-5-18\Software\Foxit Software] [HKU\S-1-5-18\Software\Hewlett-Packard] [HKU\S-1-5-18\Software\Intel] [HKU\S-1-5-18\Software\McAfee] [HKU\S-1-5-18\Software\Microsoft] [HKU\S-1-5-18\Software\NVIDIA Corporation] [HKU\S-1-5-18\Software\Piriform] [HKU\S-1-5-18\Software\Policies] [HKU\S-1-5-18\Software\RegisteredApplications] [HKU\S-1-5-18\Software\Trolltech] [HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-18\Software\Microsoft\Windows\DWM] [HKU\S-1-5-18\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001_Classes\Software\Piriform] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\4kdownload.com] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Ableton] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\ABSoft] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\AdblockPlus] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Adobe] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Akamai] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Ankama] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\AppDataLow] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Apple Computer, Inc.] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Apple Inc.] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\ASUS] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Autodesk] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\BitTorrent] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Blender Foundation] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Blizzard Entertainment] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\BugSplat] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\CodeBlocks] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\ECAREME] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\EPSON] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Foxit Software] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Google] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Hewlett-Packard] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\IM Providers] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Image-Line] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Imagineer Systems Ltd] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Intel] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Kyle Seeley] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Logitech] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Macromedia] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Mathworks] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\MC4D] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Mootools] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Motion Analysis] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\MOVAVI] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\MozillaPlugins] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Netscape] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\NVIDIA Corporation] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\ODBC] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\OpenOffice] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Piriform] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Policies] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\QtProject] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Realtek] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\RegisteredApplications] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\SimonTatham] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Skype] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\SoftVoice] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\SyncEngines] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\sysinternals] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Trolltech] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Unity] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Unknown Worlds] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Valve] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\WinRAR] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\WinRAR SFX] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Wintertree] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Wow6432Node] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows\Roaming] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-20\Software\Microsoft] [HKU\S-1-5-20\Software\Piriform] [HKU\S-1-5-20\Software\Policies] [HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-20\Software\Microsoft\Windows\DWM] [HKU\S-1-5-20\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-20\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion] [HKU\S-1-5-19\Software\Microsoft] [HKU\S-1-5-19\Software\Piriform] [HKU\S-1-5-19\Software\Policies] [HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-19\Software\Microsoft\Windows\DWM] [HKU\S-1-5-19\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-19\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\ABSoft] [HKLM\Software\Adblock Plus for IE] [HKLM\Software\Adobe] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Agere] [HKLM\Software\ASIO] [HKLM\Software\ASUS] [HKLM\Software\Autodesk] [HKLM\Software\Caphyon] [HKLM\Software\Clients] [HKLM\Software\Dell] [HKLM\Software\Dolby] [HKLM\Software\DTS] [HKLM\Software\ECAREME] [HKLM\Software\EPSON] [HKLM\Software\FileZilla 3] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\ICEpower] [HKLM\Software\IM Providers] [HKLM\Software\Image-Line] [HKLM\Software\Intel] [HKLM\Software\Intel Corporation] [HKLM\Software\Khronos] [HKLM\Software\Knowles] [HKLM\Software\LSI] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\MathWorks] [HKLM\Software\Microsoft] [HKLM\Software\Minnetonka Audio Software] [HKLM\Software\MozillaPlugins] [HKLM\Software\Nahimic] [HKLM\Software\Network Associates] [HKLM\Software\Nuance] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Partner] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Propellerhead Software] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\SAMSUNG] [HKLM\Software\SoftVoice] [HKLM\Software\SonicFocus] [HKLM\Software\SRS Labs] [HKLM\Software\Synaptics] [HKLM\Software\sysinternals] [HKLM\Software\TeamSpeak 3 Client] [HKLM\Software\VideoCopilot] [HKLM\Software\Waves Audio] [HKLM\Software\WOW6432Node] [HKLM\Software\Yamaha APO] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\Configuration] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\DWM] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wswpnservice] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\Apple Computer, Inc.] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\ASIO] [HKLM\Software\WOW6432Node\ASIO4ALL] [HKLM\Software\WOW6432Node\AsLdr] [HKLM\Software\WOW6432Node\ASUS] [HKLM\Software\WOW6432Node\Autodesk] [HKLM\Software\WOW6432Node\BioWare] [HKLM\Software\WOW6432Node\Blizzard Entertainment] [HKLM\Software\WOW6432Node\Caphyon] [HKLM\Software\WOW6432Node\Dxtory Software] [HKLM\Software\WOW6432Node\ECAREME] [HKLM\Software\WOW6432Node\EPSON] [HKLM\Software\WOW6432Node\FileZilla 3] [HKLM\Software\WOW6432Node\FileZilla Client] [HKLM\Software\WOW6432Node\Foxit Software] [HKLM\Software\WOW6432Node\Fraps] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\ICEpower] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\Image-Line] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\McAfee] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Nefarius Software Solutions] [HKLM\Software\WOW6432Node\Network Associates] [HKLM\Software\WOW6432Node\Nuance] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenOffice] [HKLM\Software\WOW6432Node\Piriform] [HKLM\Software\WOW6432Node\Propellerhead Software] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Riot Games] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\SoftVoice] [HKLM\Software\WOW6432Node\SRS Labs] [HKLM\Software\WOW6432Node\SyncIntegrationClients] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\VideoLAN] [HKLM\Software\WOW6432Node\WildTangent] [HKLM\Software\WOW6432Node\WinRAR] [HKLM\Software\WOW6432Node\Wow6432Node] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ¤¤¤¤¤¤¤¤¤¤ | Drives D: ¤¤¤¤¤¤¤¤¤¤ | C: [22/08/2013 17:36:31] - |SHD| - [3348315929] - C:\$Recycle.Bin [16/09/2015 16:01:36] - |D| - [5644409764] - C:\Autodesk [29/10/2014 16:13:20] - |SHD| - [18508556] - C:\Boot [MD5.0B17239B2E03F5AEA96929003CA22337] - [22/08/2013 17:44:03] - (.-.) - [404250] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [22/08/2013 17:44:04] - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [01/06/2016 00:37:59] - |SHD| - [774104] - C:\Config.Msi [16/12/2015 11:29:59] - |D| - [0] - C:\Data [10/07/2015 14:21:38] - |SHD| - [0] - C:\Documents and Settings [MD5.D41D8CD98F00B204E9800998ECF8427E] - [25/10/2015 15:18:23] - (.-.) - [0] - (0.0.0.0) - C:\end [26/06/2015 11:32:51] - |D| - [3626244504] - C:\eSupport [MD5.D41D8CD98F00B204E9800998ECF8427E] - [05/12/2015 06:49:27] - (.-.) - [3073196032] - (0.0.0.0) - C:\hiberfil.sys [26/06/2015 03:43:25] - |HD| - [1583488] - C:\Intel [06/05/2016 20:03:58] - |D| - [0] - C:\MoTemp [31/05/2016 14:37:59] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/06/2015 03:33:58] - (.-.) - [3758096384] - (0.0.0.0) - C:\pagefile.sys [30/10/2015 09:24:24] - |D| - [0] - C:\PerfLogs [30/10/2015 08:28:30] - |RD| - [30930830862] - C:\Program Files [30/10/2015 08:28:30] - |RD| - [78071928964] - C:\Program Files (x86) [30/10/2015 09:24:24] - |HD| - [4393968172] - C:\ProgramData [01/06/2016 20:10:31] - |D| - [262073] - C:\QuickDiag [MD5.93EC7E0CC2B5C7A1E7208897FAD5508B] - [01/06/2016 20:10:46] - (.-.) - [169070] - (0.0.0.0) - C:\QuickDiag.txt [07/01/2016 22:40:37] - |D| - [1302596] - C:\rads [05/12/2015 06:29:18] - |SHD| - [971] - C:\Recovery [22/09/2015 17:34:23] - |D| - [5750111049] - C:\Riot Games [MD5.D41D8CD98F00B204E9800998ECF8427E] - [26/06/2015 03:33:58] - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [26/06/2015 11:21:36] - |SHD| - [0] - C:\System Volume Information [30/10/2015 08:28:30] - |RD| - [147945999852] - C:\Users [30/10/2015 08:28:30] - |D| - [22836844495] - C:\Windows ¤¤¤¤¤¤¤¤¤¤ | C:\WINDOWS [30/10/2015 09:24:24] - |D| - [802] - C:\WINDOWS\addins [22/08/2013 17:36:31] - |D| - [0] - C:\WINDOWS\ADFS [30/10/2015 09:24:24] - |D| - [30115931] - C:\WINDOWS\appcompat [30/10/2015 09:24:24] - |D| - [12359156] - C:\WINDOWS\AppPatch [30/10/2015 09:24:24] - |D| - [0] - C:\WINDOWS\AppReadiness [MD5.F0A54A1D963F28563BB1B1174FDA720C] - [26/06/2015 04:21:21] - (.-.) - [27572] - (0.0.0.0) - C:\WINDOWS\AsChkDev.txt [MD5.AF1A1A46667F78AFD62244E8A4AF361D] - [17/04/2015 05:15:22] - (.-.) - [23] - (0.0.0.0) - C:\WINDOWS\AsDCDVer.txt [MD5.6A75971FCC5C48AF2AE474C78072008B] - [29/10/2014 14:38:57] - (.-.) - [28] - (0.0.0.0) - C:\WINDOWS\AsHDIVer.txt [MD5.8C0D444A0789E33ED9326364CEDCF58E] - [26/06/2015 11:30:11] - (.-.) - [90] - (0.0.0.0) - C:\WINDOWS\AsPEToolVer.txt [30/10/2015 09:24:24] - |RSD| - [1060038331] - C:\WINDOWS\assembly [MD5.BDDD18A78ECC52FA2F90F8FBF20A033E] - [26/06/2015 11:30:11] - (.-.) - [54] - (0.0.0.0) - C:\WINDOWS\AsToolCDVer.txt [29/10/2014 13:43:39] - |AD| - [12337267] - C:\WINDOWS\ASUS [30/10/2015 09:24:24] - |D| - [212740] - C:\WINDOWS\bcastdvr [MD5.DE3C720C11A91557E1DFDFF0DB2AA3C2] - [30/10/2015 09:17:47] - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [61952] - (10.0.10586.0) - C:\WINDOWS\bfsvc.exe [30/10/2015 09:24:24] - |D| - [32716675] - C:\WINDOWS\Boot [MD5.5E7CD104365FF449D7B84EC6835C994F] - [05/12/2015 06:31:12] - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [30/10/2015 09:24:24] - |D| - [2380376] - C:\WINDOWS\Branding [MD5.96AB5888BC087FACFDB69D0956738724] - [26/12/2015 01:34:29] - (.-.) - [434] - (0.0.0.0) - C:\WINDOWS\BRWMARK.INI [30/10/2015 09:11:39] - |D| - [0] - C:\WINDOWS\CbsTemp [MD5.F59060E298148DE24DEBB3E8321C4407] - [30/10/2015 21:03:30] - (.-.) - [31816] - (0.0.0.0) - C:\WINDOWS\Core.xml [MD5.1E3D09CADD189E79160EBB9A7BABA3E4] - [29/10/2014 08:23:30] - (.-.) - [10] - (0.0.0.0) - C:\WINDOWS\csup.txt [30/10/2015 09:24:24] - |D| - [8970858] - C:\WINDOWS\Cursors [30/10/2015 09:24:24] - |D| - [13106826] - C:\WINDOWS\debug [30/10/2015 09:24:24] - |RD| - [20934] - C:\WINDOWS\DesktopTileResources [30/10/2015 09:24:24] - |RD| - [3032320] - C:\WINDOWS\DevicesFlow [MD5.F955ACDA319098480A9387D86E179232] - [02/09/2015 10:08:09] - (.-.) - [19053] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [30/10/2015 09:24:24] - |D| - [4217368] - C:\WINDOWS\diagnostics [MD5.F955ACDA319098480A9387D86E179232] - [02/09/2015 10:08:09] - (.-.) - [19053] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [30/10/2015 21:00:07] - |D| - [0] - C:\WINDOWS\DigitalLocker [30/10/2015 09:24:24] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [30/10/2015 09:24:24] - |HD| - [44568] - C:\WINDOWS\ELAMBKUP [30/10/2015 21:00:07] - |D| - [0] - C:\WINDOWS\en-US [MD5.2617877C5761B8A696FD0368861EE6E4] - [11/05/2016 19:57:31] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4515256] - (10.0.10586.306) - C:\WINDOWS\explorer.exe [MD5.E1FD9DE48AF5D7652AA31BBE914F54B8] - [26/02/2009 08:50:32] - (.-.) - [176] - (0.0.0.0) - C:\WINDOWS\explorer.exe.config [30/10/2015 09:24:24] - |RSD| - [597220451] - C:\WINDOWS\Fonts [30/10/2015 21:00:07] - |D| - [134144] - C:\WINDOWS\fr-FR [30/10/2015 09:24:24] - |D| - [20813694] - C:\WINDOWS\Globalization [MD5.0D165CD5C9711FA2276DFBFC37B7FF44] - [26/06/2015 04:07:48] - (.-.) - [433] - (0.0.0.0) - C:\WINDOWS\gx850nbuninst.iss [30/10/2015 09:24:24] - |D| - [70788856] - C:\WINDOWS\Help [MD5.80F394B72E22F1186996459AE86709BA] - [30/10/2015 09:17:55] - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [994816] - (10.0.10586.0) - C:\WINDOWS\HelpPane.exe [MD5.C7228F24B9130C64DCF4C390A04A775C] - [30/10/2015 09:17:54] - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.10586.0) - C:\WINDOWS\hh.exe [30/10/2015 09:24:24] - |D| - [173196894] - C:\WINDOWS\IME [30/10/2015 09:24:24] - |RD| - [6839829] - C:\WINDOWS\ImmersiveControlPanel [30/10/2015 09:21:47] - |D| - [72683523] - C:\WINDOWS\INF [30/10/2015 09:24:24] - |D| - [931024796] - C:\WINDOWS\InfusedApps [30/10/2015 09:24:24] - |D| - [36258450] - C:\WINDOWS\InputMethod [30/10/2015 09:24:24] - |SHDC| - [1640948527] - C:\WINDOWS\Installer [30/10/2015 09:24:24] - |D| - [89407] - C:\WINDOWS\L2Schemas [29/05/2016 16:33:23] - |D| - [323632] - C:\WINDOWS\LastGood.Tmp [30/10/2015 09:24:24] - |D| - [14742887] - C:\WINDOWS\LiveKernelReports [29/10/2014 13:24:07] - |D| - [10491772] - C:\WINDOWS\Log [30/10/2015 08:31:03] - |D| - [22765009] - C:\WINDOWS\Logs [30/10/2015 09:24:24] - |RSD| - [20145669] - C:\WINDOWS\Media [22/08/2013 17:36:31] - |D| - [1619968] - C:\WINDOWS\MediaViewer [MD5.23AF90D2355D8C83AA4567EF1763B467] - [30/10/2015 09:17:40] - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [30/10/2015 09:24:24] - |D| - [808663359] - C:\WINDOWS\Microsoft.NET [30/10/2015 09:24:24] - |D| - [2371] - C:\WINDOWS\Migration [11/05/2016 13:45:57] - |D| - [0] - C:\WINDOWS\Minidump [30/10/2015 09:24:24] - |RD| - [470257] - C:\WINDOWS\MiracastView [30/10/2015 09:24:24] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.60336413E419C2EA5E215F1A32061E40] - [30/10/2015 09:19:28] - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [244736] - (10.0.10586.0) - C:\WINDOWS\notepad.exe [30/10/2015 21:00:47] - |D| - [199124] - C:\WINDOWS\OCR [30/10/2015 09:24:24] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [05/12/2015 06:29:14] - |DC| - [187884698] - C:\WINDOWS\Panther [30/10/2015 09:24:24] - |D| - [29572356] - C:\WINDOWS\Performance [30/10/2015 09:24:24] - |D| - [1136442] - C:\WINDOWS\PLA [30/10/2015 09:24:24] - |D| - [2564793] - C:\WINDOWS\PolicyDefinitions [05/12/2015 06:30:32] - |D| - [22522192] - C:\WINDOWS\Prefetch [30/10/2015 09:24:24] - |RD| - [1963312] - C:\WINDOWS\PrintDialog [30/10/2015 09:24:24] - |D| - [1297393] - C:\WINDOWS\Provisioning [24/12/2015 20:43:35] - |D| - [98304] - C:\WINDOWS\pss [30/10/2015 09:24:24] - |RD| - [774927] - C:\WINDOWS\PurchaseDialog [MD5.D9D56AFAA121BD6B4206F7FF3DA84BBA] - [30/10/2015 09:17:48] - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [320512] - (10.0.10586.0) - C:\WINDOWS\regedit.exe [30/10/2015 09:24:24] - |D| - [1117876] - C:\WINDOWS\Registration [30/10/2015 09:24:24] - |D| - [6030819] - C:\WINDOWS\rescache [30/10/2015 09:24:24] - |D| - [4846207] - C:\WINDOWS\Resources [MD5.2C23C5BF869BC22114BD873D096DB291] - [26/06/2015 03:57:02] - (.Copyright (C) 2015 Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) - [2825944] - (1.0.6.1) - C:\WINDOWS\RtlExUpd.dll [30/10/2015 09:24:24] - |D| - [0] - C:\WINDOWS\SchCache [30/10/2015 09:24:24] - |D| - [121229] - C:\WINDOWS\schemas [30/10/2015 09:24:24] - |D| - [3653632] - C:\WINDOWS\security [30/10/2015 21:07:12] - |D| - [74672268] - C:\WINDOWS\ServiceProfiles [30/10/2015 08:28:30] - |D| - [142693432] - C:\WINDOWS\servicing [30/10/2015 09:26:37] - |D| - [42] - C:\WINDOWS\Setup [MD5.99C17000EB07F9BA3320E6B2FBA1D144] - [31/05/2016 13:55:11] - (.-.) - [778] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [31/05/2016 13:55:11] - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [30/10/2015 21:03:03] - |D| - [4544] - C:\WINDOWS\ShellNew [30/10/2015 21:00:30] - |D| - [3070736] - C:\WINDOWS\SKB [26/06/2015 03:48:31] - |D| - [284020108] - C:\WINDOWS\SoftwareDistribution [30/10/2015 09:24:24] - |D| - [103543755] - C:\WINDOWS\Speech [30/10/2015 09:24:24] - |D| - [50814701] - C:\WINDOWS\Speech_OneCore [MD5.3BB80AF91D069F97006DCCC031164903] - [30/10/2015 09:18:09] - (.© Microsoft Corporation. - Print driver host for applications.) - [128000] - (10.0.10586.0) - C:\WINDOWS\splwow64.exe [30/10/2015 09:24:24] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [22/08/2013 15:25:43] - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [30/10/2015 08:28:30] - |D| - [7859568742] - C:\WINDOWS\System32 [30/10/2015 09:24:25] - |D| - [155461342] - C:\WINDOWS\SystemApps [30/10/2015 09:24:25] - |D| - [18159741] - C:\WINDOWS\SystemResources [30/10/2015 08:28:37] - |D| - [1600787736] - C:\WINDOWS\SysWOW64 [30/10/2015 09:24:25] - |D| - [0] - C:\WINDOWS\TAPI [22/08/2013 17:36:30] - |D| - [2178] - C:\WINDOWS\Tasks [30/10/2015 09:24:25] - |D| - [2163327] - C:\WINDOWS\Temp [22/08/2013 17:36:30] - |RD| - [0] - C:\WINDOWS\ToastData [30/10/2015 09:24:25] - |D| - [0] - C:\WINDOWS\tracing [30/10/2015 09:24:25] - |D| - [2411529] - C:\WINDOWS\twain_32 [MD5.669A44C0BCA67D8CDE111F7FBA91EE86] - [30/10/2015 09:19:30] - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [60416] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [22/08/2013 17:36:30] - |D| - [0] - C:\WINDOWS\vpnplugins [30/10/2015 09:24:25] - |D| - [12420] - C:\WINDOWS\Vss [30/10/2015 09:24:25] - |D| - [15729830] - C:\WINDOWS\Web [MD5.60CDAF0811BF825164C0E246F4F5620D] - [22/08/2013 15:25:43] - (.-.) - [124] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [30/10/2015 09:18:16] - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.038356387332650843BCB352BB89A101] - [31/05/2016 14:25:02] - (.-.) - [275] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.8C459D003560EA9817F7CDB29AA55382] - [30/10/2015 09:18:29] - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [10240] - (10.0.10586.0) - C:\WINDOWS\winhlp32.exe [30/10/2015 08:28:30] - |D| - [6641416213] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [30/10/2015 09:18:41] - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.E9C22DCE95A6E5B6C37FED42B3749E32] - [30/10/2015 09:18:14] - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.10586.0) - C:\WINDOWS\write.exe ¤¤¤¤¤¤¤¤¤¤ | Systemroot\System ¤¤¤¤¤¤¤¤¤¤ | Systemroot\Installer [15/08/2012 08:42:50] - C:\WINDOWS\Installer\10f25953.msi : (Blank Project Template - InstallShield) [15/08/2012 08:42:56] - C:\WINDOWS\Installer\10f25958.msi : (Blank Project Template - InstallShield) [25/11/2015 15:20:07] - C:\WINDOWS\Installer\127d8503.msi : (Ableton Live 9 Suite - Ableton) [13/08/2014 11:16:04] - C:\WINDOWS\Installer\13eaa90e.msi : (OpenOffice 4.1.1 - OpenOffice) [24/07/2014 03:22:22] - C:\WINDOWS\Installer\19336.msi : ( - ASUS) [13/08/2014 09:29:30] - C:\WINDOWS\Installer\1a036.msi : ( - ASUS) [29/10/2014 09:21:16] - C:\WINDOWS\Installer\1a03b.msi : ( - ASUS) [07/08/2014 12:50:20] - C:\WINDOWS\Installer\1a084.msi : (Intel(R) Wireless Bluetooth(R) - Intel Corporation) [03/09/2014 12:05:20] - C:\WINDOWS\Installer\1a70c.msi : (Intel(R) ME UninstallLegacy - Intel Corporation) [03/09/2014 12:05:42] - C:\WINDOWS\Installer\1a711.msi : (Intel(R) Management Engine Components - Intel Corporation) [03/09/2014 12:05:58] - C:\WINDOWS\Installer\1a716.msi : (Intel(R) Management Engine Components - Intel Corporation) [03/09/2014 12:03:26] - C:\WINDOWS\Installer\1a71b.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation) [16/03/2016 19:11:16] - C:\WINDOWS\Installer\1a914e94.msi : (Apple Software Update Installer - Apple Inc.) [11/09/2014 10:48:42] - C:\WINDOWS\Installer\1b8df.msi : ( - ASUS) [23/09/2014 04:59:10] - C:\WINDOWS\Installer\1bcad.msi : ( - ASUS) [05/11/2014 06:45:30] - C:\WINDOWS\Installer\1bcb2.msi : ( - ASUS) [24/11/2014 06:31:40] - C:\WINDOWS\Installer\1c5ef.msi : (Intel® WiFi - Intel Corporation) [24/11/2014 06:31:42] - C:\WINDOWS\Installer\1c5f4.msi : (Intel® WiFi - Intel Corporation) [05/10/2015 12:23:48] - C:\WINDOWS\Installer\1c99fb0.msi : (Intel(R) Driver Update Utility 2.2.0.5 - Intel) [01/06/2016 00:37:04] - C:\WINDOWS\Installer\225ed6d.msi : (Google Drive - Google, Inc.) [03/03/2016 02:42:05] - C:\WINDOWS\Installer\22e9c920.msi : (Intel(R) C++ Redistributables on Intel(R) 64 - Intel Corporation) [07/01/2016 22:39:04] - C:\WINDOWS\Installer\2e36bdde.msi : (League of Legends - Riot Games) [26/06/2015 04:03:33] - C:\WINDOWS\Installer\2f324.msi : (AudioWizard - ICEpower a/s) [10/09/2015 20:15:32] - C:\WINDOWS\Installer\345e4128.msi : ( - Akamai Technologies, Inc.) [06/08/2015 04:30:24] - C:\WINDOWS\Installer\3469799f.msi : (Intel(R) Wireless Bluetooth(R) Patch/Audio Package Installation - Intel Corporation) [14/12/2015 15:30:32] - C:\WINDOWS\Installer\44c9b7c3.msi : ( - ASUS) [24/03/2015 09:08:54] - C:\WINDOWS\Installer\4742b4.msi : ( - ASUS) [25/05/2016 18:51:31] - C:\WINDOWS\Installer\6429685.msi : (ScpToolkit - Nefarius Software Solutions) [25/02/2015 17:36:28] - C:\WINDOWS\Installer\673ef07.msi : (Adblock Plus for IE - Eyeo GmbH) [02/09/2014 11:02:06] - C:\WINDOWS\Installer\796c4.msi : (Device Setup - ASUSTek Computer Inc.) [29/10/2014 08:25:50] - C:\WINDOWS\Installer\796ca.msi : (Skype - Skype Technologies S.A.) [29/10/2014 08:26:10] - C:\WINDOWS\Installer\796d0.msi : (Foxit PhantomPDF - Foxit Corporation) [11/05/2016 10:32:49] - C:\WINDOWS\Installer\91d282b.msi : (Google Update Helper - Google Inc.) [07/10/2014 15:36:14] - C:\WINDOWS\Installer\df8eaf.msi : (Apple Application Support Installer - Apple Inc.) [07/10/2014 17:12:54] - C:\WINDOWS\Installer\df8eb2.msi : (QuickTime Installer - Apple Inc.) [09/09/2015 16:19:39] - C:\WINDOWS\Installer\e696d4.msi : (Blender - Blender Foundation) [21/02/2015 09:58:51] - C:\WINDOWS\Installer\e71cc7b.msi : (Autodesk Material Library 2016 - Autodesk) [21/02/2015 09:59:14] - C:\WINDOWS\Installer\e71cc81.msi : (Autodesk Material Library Base Resolution Image Library 2016 - Autodesk) [21/02/2015 10:01:53] - C:\WINDOWS\Installer\e71cc87.msi : (Autodesk Material Library Medium Resolution Image Library 2016 - Autodesk) [21/02/2015 09:58:25] - C:\WINDOWS\Installer\e71cc8e.msi : (Autodesk Advanced Material Library Image Library 2016 - Autodesk) [21/02/2015 10:09:17] - C:\WINDOWS\Installer\e71cc98.msi : (3ds Max 2016 - Autodesk) [21/02/2015 10:04:36] - C:\WINDOWS\Installer\e71cc9e.msi : (3ds Max 2016 Populate Data 2016 - Autodesk) [13/02/2015 19:56:15] - C:\WINDOWS\Installer\e71cca3.msi : (Autodesk Backburner 2016 - Autodesk) ¤¤¤¤¤¤¤¤¤¤ | %System%\*.in* [30/10/2015 09:18:41] - [3458] - C:\WINDOWS\System32\ieuinit.inf [02/09/2015 11:19:13] - [1848398] - C:\WINDOWS\System32\PerfStringBackup.INI [30/10/2015 09:18:09] - [60124] - C:\WINDOWS\System32\tcpmon.ini [30/10/2015 09:17:49] - [2269] - C:\WINDOWS\System32\WimBootCompress.ini [30/10/2015 09:19:39] - [3458] - C:\WINDOWS\Syswow64\ieuinit.inf [30/10/2015 09:18:25] - [2269] - C:\WINDOWS\Syswow64\WimBootCompress.ini ¤¤¤¤¤¤¤¤¤¤ | [Public] [02/09/2015 07:04:15] - |RHD| - [196] - C:\Users\Public\AccountPictures [22/08/2013 17:36:30] - |RHD| - [18093] - C:\Users\Public\Desktop [30/10/2015 09:24:29] - |ASH| - [174] - C:\Users\Public\desktop.ini [22/08/2013 17:36:30] - |RD| - [1928439] - C:\Users\Public\Documents [22/08/2013 17:36:30] - |RD| - [174] - C:\Users\Public\Downloads [29/10/2014 08:26:31] - |D| - [2703374] - C:\Users\Public\Foxit Software [30/10/2015 09:24:24] - |RHD| - [1135] - C:\Users\Public\Libraries [22/08/2013 17:36:30] - |RD| - [380] - C:\Users\Public\Music [13/09/2015 20:33:57] - |A| - [8192] - C:\Users\Public\NTUSER.DAT [13/09/2015 20:33:57] - |ASH| - [16384] - C:\Users\Public\NTUSER.DAT.LOG1 [13/09/2015 20:33:57] - |ASH| - [0] - C:\Users\Public\NTUSER.DAT.LOG2 [13/09/2015 20:33:57] - |ASH| - [65536] - C:\Users\Public\NTUSER.DAT{b4b25043-588a-11e5-8266-acfdce83df19}.TM.blf [13/09/2015 20:33:57] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{b4b25043-588a-11e5-8266-acfdce83df19}.TMContainer00000000000000000001.regtrans-ms [13/09/2015 20:33:57] - |ASH| - [524288] - C:\Users\Public\NTUSER.DAT{b4b25043-588a-11e5-8266-acfdce83df19}.TMContainer00000000000000000002.regtrans-ms [22/08/2013 17:36:30] - |RD| - [380] - C:\Users\Public\Pictures [26/06/2015 03:54:13] - |D| - [0] - C:\Users\Public\Roaming [22/08/2013 17:36:30] - |RD| - [380] - C:\Users\Public\Videos ¤¤¤¤¤¤¤¤¤¤ | [Quentin] [16/01/2016 21:53:41] - |D| - [2424] - C:\Users\Quentin\.android [14/12/2015 18:26:10] - |D| - [1195980] - C:\Users\Quentin\.fontconfig [09/09/2015 16:21:27] - |D| - [0] - C:\Users\Quentin\.thumbnails [05/12/2015 06:38:40] - |HD| - [22362368571] - C:\Users\Quentin\AppData [05/12/2015 06:38:40] - |SHD| - [0] - C:\Users\Quentin\Application Data [17/09/2015 14:21:52] - |D| - [972575] - C:\Users\Quentin\Autodesk [01/09/2015 23:16:04] - |RD| - [412] - C:\Users\Quentin\Contacts [05/12/2015 06:38:40] - |SHD| - [0] - C:\Users\Quentin\Cookies [14/03/2016 19:16:22] - |RD| - [159] - C:\Users\Quentin\Creative Cloud Files [01/09/2015 23:13:21] - |RD| - [31455116046] - C:\Users\Quentin\Desktop [01/09/2015 23:13:21] - |RD| - [969903287] - C:\Users\Quentin\Documents [01/09/2015 23:13:21] - |RD| - [58599554688] - C:\Users\Quentin\Downloads [21/11/2015 21:50:02] - |A| - [248465] - C:\Users\Quentin\enseeiht.png [01/09/2015 23:13:21] - |RD| - [914] - C:\Users\Quentin\Favorites [30/11/2015 12:22:10] - |RD| - [1709543312] - C:\Users\Quentin\Google Drive [21/11/2015 21:49:57] - |A| - [64325] - C:\Users\Quentin\inp-enseeiht.jpg [01/09/2015 23:15:45] - |SHD| - [25308] - C:\Users\Quentin\IntelGraphicsProfiles [05/04/2016 23:22:29] - |A| - [6247484719] - C:\Users\Quentin\JT Vendredi sans watermark.mp4 [01/09/2015 23:13:21] - |RD| - [4410] - C:\Users\Quentin\Links [05/12/2015 06:38:40] - |SHD| - [0] - C:\Users\Quentin\Local Settings [23/11/2015 02:38:44] - |A| - [389287] - C:\Users\Quentin\Logo TVn7 avec les blancs.png [16/03/2016 01:12:29] - |A| - [167852] - C:\Users\Quentin\logo_AE_couleur_orange.png [05/04/2016 23:21:53] - |A| - [1302057320] - C:\Users\Quentin\Master jeudi final.mp4 [27/01/2016 20:36:20] - |A| - [4219820860] - C:\Users\Quentin\Master_LJC1.mp4 [27/01/2016 20:36:22] - |A| - [4291024165] - C:\Users\Quentin\Master_LJC2.mp4 [11/09/2015 15:02:39] - |A| - [5716397414] - C:\Users\Quentin\MAster_show_ae.mp4 [30/04/2016 20:11:47] - |D| - [6273237346] - C:\Users\Quentin\Maxon Cinema 4D R16 [MUMBAI-TPB] [05/12/2015 06:38:40] - |SHD| - [0] - C:\Users\Quentin\Menu Démarrer [05/12/2015 06:38:40] - |SHD| - [0] - C:\Users\Quentin\Mes documents [05/12/2015 06:38:40] - |SHD| - [0] - C:\Users\Quentin\Modèles [01/09/2015 23:13:21] - |RD| - [96099748] - C:\Users\Quentin\Music [05/12/2015 06:38:40] - |ASH| - [6815744] - C:\Users\Quentin\NTUSER.DAT [05/12/2015 06:38:40] - |ASH| - [1245184] - C:\Users\Quentin\ntuser.dat.LOG1 [05/12/2015 06:38:40] - |ASH| - [1245184] - C:\Users\Quentin\ntuser.dat.LOG2 [05/12/2015 06:38:40] - |ASH| - [65536] - C:\Users\Quentin\NTUSER.DAT{c6619701-9b08-11e5-ac77-b9f4a593f362}.TM.blf [05/12/2015 06:38:40] - |ASH| - [524288] - C:\Users\Quentin\NTUSER.DAT{c6619701-9b08-11e5-ac77-b9f4a593f362}.TMContainer00000000000000000001.regtrans-ms [05/12/2015 06:38:40] - |ASH| - [524288] - C:\Users\Quentin\NTUSER.DAT{c6619701-9b08-11e5-ac77-b9f4a593f362}.TMContainer00000000000000000002.regtrans-ms [05/12/2015 10:05:10] - |SH| - [20] - C:\Users\Quentin\ntuser.ini [01/09/2015 23:21:31] - |RAD| - [480285] - C:\Users\Quentin\OneDrive [09/05/2016 17:12:20] - |D| - [0] - C:\Users\Quentin\Overwatch [27/01/2016 19:16:27] - |A| - [1976875] - C:\Users\Quentin\Photo TVn7 2014-2015 1 IMG_8478.jpg [27/01/2016 19:15:32] - |A| - [11613005] - C:\Users\Quentin\Photo_TVn7_du_feu.jpg [01/09/2015 23:13:21] - |RD| - [166490564] - C:\Users\Quentin\Pictures [21/10/2015 11:39:34] - |A| - [600] - C:\Users\Quentin\PUTTY.RND [05/09/2015 16:59:46] - |RD| - [159] - C:\Users\Quentin\quentin.del87@gmail.com Creative Cloud Files [13/03/2016 01:33:12] - |A| - [2086] - C:\Users\Quentin\READ NOW.txt [05/12/2015 06:38:40] - |SHD| - [0] - C:\Users\Quentin\Recent [01/09/2015 23:13:21] - |D| - [0] - C:\Users\Quentin\Roaming [01/09/2015 23:13:21] - |RD| - [282] - C:\Users\Quentin\Saved Games [01/09/2015 23:16:04] - |RD| - [2823] - C:\Users\Quentin\Searches [05/12/2015 06:38:40] - |SHD| - [0] - C:\Users\Quentin\SendTo [21/11/2015 22:22:21] - |A| - [106042185] - C:\Users\Quentin\Teaser_IAs.mp4 [01/09/2015 23:13:21] - |RD| - [694] - C:\Users\Quentin\Videos [05/12/2015 06:38:40] - |SHD| - [0] - C:\Users\Quentin\Voisinage d'impression [05/12/2015 06:38:40] - |SHD| - [0] - C:\Users\Quentin\Voisinage réseau [09/11/2015 15:25:08] - |D| - [343040] - C:\Users\Quentin\AppData\Local\4kdownload.com [05/12/2015 10:07:14] - |D| - [0] - C:\Users\Quentin\AppData\Local\ActiveSync [05/09/2015 16:48:42] - |D| - [50730711] - C:\Users\Quentin\AppData\Local\Adobe [16/09/2015 16:01:49] - |D| - [47315175] - C:\Users\Quentin\AppData\Local\Akamai [25/11/2015 02:26:44] - |D| - [2007994370] - C:\Users\Quentin\AppData\Local\Ankama [09/09/2015 16:12:13] - |D| - [0] - C:\Users\Quentin\AppData\Local\Apple [02/11/2015 18:18:18] - |D| - [0] - C:\Users\Quentin\AppData\Local\Apple Computer [05/12/2015 06:38:40] - |SHD| - [0] - C:\Users\Quentin\AppData\Local\Application Data [16/09/2015 16:36:11] - |D| - [290241623] - C:\Users\Quentin\AppData\Local\Autodesk [16/12/2015 11:26:57] - |D| - [38201109] - C:\Users\Quentin\AppData\Local\Battle.net [16/12/2015 11:40:20] - |D| - [84490] - C:\Users\Quentin\AppData\Local\Blizzard [16/12/2015 11:27:04] - |D| - [264] - C:\Users\Quentin\AppData\Local\Blizzard Entertainment [15/09/2015 14:50:06] - |D| - [8185973] - C:\Users\Quentin\AppData\Local\CEF [03/09/2015 16:27:49] - |D| - [23293800] - C:\Users\Quentin\AppData\Local\Comms [14/12/2015 18:25:34] - |D| - [0] - C:\Users\Quentin\AppData\Local\converter [11/09/2015 15:44:27] - |D| - [0] - C:\Users\Quentin\AppData\Local\CrashDumps [11/09/2015 15:35:57] - |D| - [886946] - C:\Users\Quentin\AppData\Local\Diagnostics [27/05/2016 16:26:52] - |D| - [0] - C:\Users\Quentin\AppData\Local\Dxtory Software [16/01/2016 20:51:37] - |D| - [0] - C:\Users\Quentin\AppData\Local\ElevatedDiagnostics [08/09/2015 00:08:33] - |D| - [1433482802] - C:\Users\Quentin\AppData\Local\Google [01/09/2015 23:24:00] - |D| - [71] - C:\Users\Quentin\AppData\Local\GWX [05/12/2015 06:38:40] - |SHD| - [0] - C:\Users\Quentin\AppData\Local\Historique [05/12/2015 11:20:33] - |AH| - [155966] - C:\Users\Quentin\AppData\Local\IconCache.db [06/05/2016 20:03:58] - |D| - [8490] - C:\Users\Quentin\AppData\Local\Imagineer Systems Ltd [22/11/2015 01:03:39] - |D| - [524] - C:\Users\Quentin\AppData\Local\Intel [18/05/2016 18:31:38] - |D| - [3659169] - C:\Users\Quentin\AppData\Local\MathWorks [05/12/2015 06:38:40] - |D| - [274120660] - C:\Users\Quentin\AppData\Local\Microsoft [03/09/2015 18:34:02] - |D| - [86487] - C:\Users\Quentin\AppData\Local\MicrosoftEdge [14/12/2015 18:25:34] - |D| - [16128] - C:\Users\Quentin\AppData\Local\Movavi [03/09/2015 16:33:35] - |D| - [0] - C:\Users\Quentin\AppData\Local\NetworkTiles [01/09/2015 23:15:46] - |D| - [92305436] - C:\Users\Quentin\AppData\Local\NVIDIA [01/09/2015 23:15:46] - |D| - [29462] - C:\Users\Quentin\AppData\Local\NVIDIA Corporation [01/09/2015 23:15:57] - |D| - [215248069] - C:\Users\Quentin\AppData\Local\Packages [07/09/2015 00:40:30] - |D| - [0] - C:\Users\Quentin\AppData\Local\Programs [03/09/2015 16:29:21] - |D| - [0] - C:\Users\Quentin\AppData\Local\Publishers [11/09/2015 15:01:56] - |A| - [600] - C:\Users\Quentin\AppData\Local\PUTTY.RND [06/05/2016 21:35:29] - |D| - [8202] - C:\Users\Quentin\AppData\Local\Razer_Inc [16/01/2016 21:16:05] - |A| - [17] - C:\Users\Quentin\AppData\Local\resmon.resmoncfg [31/10/2015 03:10:07] - |D| - [4878095] - C:\Users\Quentin\AppData\Local\Skype [15/09/2015 14:50:06] - |D| - [192214092] - C:\Users\Quentin\AppData\Local\Steam [25/10/2015 23:20:48] - |D| - [92709] - C:\Users\Quentin\AppData\Local\SWTOR [25/10/2015 15:22:10] - |D| - [65] - C:\Users\Quentin\AppData\Local\SWTORPerf [05/12/2015 06:38:40] - |D| - [316249138] - C:\Users\Quentin\AppData\Local\Temp [05/12/2015 06:38:40] - |SHD| - [0] - C:\Users\Quentin\AppData\Local\Temporary Internet Files [03/09/2015 16:27:02] - |D| - [12722176] - C:\Users\Quentin\AppData\Local\TileDataLayer [01/09/2015 23:15:56] - |D| - [28672] - C:\Users\Quentin\AppData\Local\VirtualStore [01/09/2015 23:16:04] - |ASH| - [174] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini [25/11/2015 02:27:04] - |A| - [1163] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Dofus.lnk [05/12/2015 06:38:40] - |SHD| - [0] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes [05/12/2015 06:38:40] - |RD| - [52091] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [25/11/2015 15:23:15] - |A| - [861] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ableton Live 9 Suite.lnk [05/12/2015 06:38:40] - |RD| - [3888] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility [05/12/2015 06:38:40] - |RD| - [2931] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [01/09/2015 23:16:04] - |RD| - [174] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [22/12/2015 17:48:12] - |D| - [3344] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2 [01/09/2015 23:21:38] - |A| - [1543] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk [16/09/2015 16:36:13] - |D| - [2326] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk [09/09/2015 16:20:28] - |D| - [2182] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender [28/03/2016 18:34:49] - |D| - [6149] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks [05/12/2015 10:05:20] - |ASH| - [174] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini [17/12/2015 20:42:06] - |D| - [8642] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line [05/12/2015 06:38:40] - |D| - [170] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [03/09/2015 16:32:20] - |A| - [2456] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk [01/09/2015 23:16:04] - |RD| - [174] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [05/12/2015 06:38:40] - |RD| - [5318] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools [05/12/2015 06:38:40] - |RSD| - [7238] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell [05/09/2015 18:00:25] - |D| - [4521] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR [01/09/2015 23:16:04] - |ASH| - [174] - C:\Users\Quentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData [15/03/2016 22:49:37] - |D| - [0] - C:\ProgramData\.mono [25/11/2015 15:23:37] - |D| - [1089215004] - C:\ProgramData\Ableton [05/09/2015 16:53:52] - |D| - [541739378] - C:\ProgramData\Adobe [05/09/2015 18:05:55] - |D| - [0] - C:\ProgramData\ALM [09/09/2015 16:12:12] - |D| - [23782400] - C:\ProgramData\Apple [09/09/2015 16:12:42] - |D| - [28567040] - C:\ProgramData\Apple Computer [05/12/2015 07:05:09] - |SHD| - [46777957017] - C:\ProgramData\Application Data [25/02/2016 14:18:24] - |D| - [3078] - C:\ProgramData\ASUS Smart Gesture [29/10/2014 08:25:41] - |D| - [2282] - C:\ProgramData\ASUS WebStorage [29/10/2014 08:25:13] - |D| - [12618] - C:\ProgramData\ASUSLogos [16/09/2015 16:02:29] - |AD| - [5619568] - C:\ProgramData\Autodesk [16/12/2015 11:25:38] - |D| - [19189083] - C:\ProgramData\Battle.net [25/10/2015 15:22:33] - |D| - [11174453] - C:\ProgramData\BitRaider [16/12/2015 11:26:57] - |D| - [361813] - C:\ProgramData\Blizzard Entertainment [05/09/2015 16:53:52] - |D| - [12] - C:\ProgramData\boost_interprocess [02/09/2015 11:27:11] - |SHD| - [18093] - C:\ProgramData\Bureau [30/10/2015 09:24:24] - |D| - [0] - C:\ProgramData\Comms [05/12/2015 07:05:09] - |SHD| - [1928439] - C:\ProgramData\Documents [05/12/2015 06:34:00] - |AH| - [0] - C:\ProgramData\DP45977C.lfl [13/11/2015 19:44:28] - |D| - [8235011] - C:\ProgramData\EPSON [17/09/2015 14:16:15] - |D| - [43436] - C:\ProgramData\FLEXnet [25/10/2015 12:53:16] - |D| - [37050] - C:\ProgramData\Hewlett-Packard [26/06/2015 03:51:32] - |D| - [38013127] - C:\ProgramData\Intel [26/06/2015 03:54:02] - |D| - [37982681] - C:\ProgramData\Intel.sav [22/11/2015 01:05:17] - |D| - [1170] - C:\ProgramData\IntelDLM [11/09/2015 14:58:09] - |D| - [55792788] - C:\ProgramData\Malwarebytes [26/06/2015 04:10:16] - |D| - [1368] - C:\ProgramData\McAfee [02/09/2015 11:27:11] - |SHD| - [269238] - C:\ProgramData\Menu Démarrer [30/10/2015 09:24:24] - |SD| - [1360063346] - C:\ProgramData\Microsoft [03/09/2015 16:30:41] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [14/12/2015 18:15:18] - |A| - [16] - C:\ProgramData\mntemp [02/09/2015 11:27:11] - |SHD| - [31386] - C:\ProgramData\Modèles [14/12/2015 18:17:44] - |D| - [5389] - C:\ProgramData\Movavi [14/12/2015 18:15:19] - |D| - [64] - C:\ProgramData\Movavi Video Converter 16 [25/05/2016 18:57:20] - |RASH| - [290] - C:\ProgramData\ntuser.pol [05/12/2015 06:35:32] - |D| - [259] - C:\ProgramData\NVIDIA [05/12/2015 06:35:16] - |D| - [957332454] - C:\ProgramData\NVIDIA Corporation [29/10/2014 08:25:55] - |D| - [97726627] - C:\ProgramData\Package Cache [06/05/2016 20:12:44] - |D| - [59168] - C:\ProgramData\Razer [03/03/2016 19:10:46] - |D| - [821430] - C:\ProgramData\Red Giant [03/03/2016 19:08:59] - |D| - [188] - C:\ProgramData\RedGiant [05/09/2015 17:11:15] - |D| - [5126] - C:\ProgramData\regid.1986-12.com.adobe [30/10/2015 09:24:24] - |AD| - [4211] - C:\ProgramData\regid.1991-06.com.microsoft [22/09/2015 17:37:16] - |D| - [39] - C:\ProgramData\Riot Games [26/06/2015 03:54:13] - |D| - [0] - C:\ProgramData\Roaming [16/01/2016 21:53:10] - |D| - [12947] - C:\ProgramData\Samsung [29/10/2014 08:25:14] - |A| - [256] - C:\ProgramData\SetStretch.cmd [29/10/2014 08:25:14] - |A| - [24576] - C:\ProgramData\SetStretch.exe [29/10/2014 08:25:14] - |A| - [103] - C:\ProgramData\SetStretch.VBS [02/09/2015 12:44:01] - |D| - [53483172] - C:\ProgramData\SetupTPDriver [29/10/2014 08:25:50] - |D| - [26509312] - C:\ProgramData\Skype [30/10/2015 09:24:24] - |D| - [0] - C:\ProgramData\SoftwareDistribution [01/09/2015 23:18:16] - |D| - [2628] - C:\ProgramData\USBChargerPlus [30/10/2015 09:24:24] - |D| - [4398] - C:\ProgramData\USOPrivate [10/07/2015 14:22:45] - |D| - [2019328] - C:\ProgramData\USOShared [09/09/2015 18:43:09] - |D| - [35980870] - C:\ProgramData\VideoCopilot [29/10/2014 08:25:41] - |D| - [2282] - C:\ProgramData\WebStorage [29/10/2014 08:26:52] - |D| - [372079] - C:\ProgramData\WildTangent ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu [30/10/2015 09:24:28] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [02/09/2015 11:27:11] - |SHD| - [269064] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [30/10/2015 09:24:24] - |RD| - [269064] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [09/11/2015 15:12:56] - |D| - [2678] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download [24/01/2016 23:41:54] - |A| - [2516] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk [30/10/2015 09:24:24] - |RD| - [1614] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [30/10/2015 09:24:24] - |RD| - [15666] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [30/10/2015 09:24:24] - |RD| - [20488] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [05/09/2015 17:10:55] - |A| - [1273] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2015.lnk [05/09/2015 18:09:42] - |A| - [1120] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition CC 2015.lnk [05/09/2015 17:09:31] - |A| - [1379] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Character Animator (Preview).lnk [14/03/2016 19:16:03] - |A| - [1304] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk [05/09/2015 18:05:57] - |A| - [1542] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Illustrator CC 2015.lnk [14/03/2016 19:41:22] - |A| - [1075] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2015.lnk [05/09/2015 17:14:33] - |A| - [1165] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.lnk [05/09/2015 17:52:08] - |A| - [1087] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk [05/09/2015 18:31:32] - |A| - [1153] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk [09/09/2015 16:12:12] - |A| - [2535] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [29/10/2014 08:25:42] - |D| - [15524] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS [26/06/2015 04:07:49] - |D| - [1896] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Gaming Mouse [04/12/2015 03:14:07] - |A| - [1094] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk [16/09/2015 16:06:10] - |D| - [24161] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk [16/09/2015 16:35:44] - |D| - [3634] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk Backburner 2016 [16/12/2015 11:26:55] - |D| - [1171] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net [11/09/2015 15:09:27] - |D| - [965] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [28/03/2016 18:34:49] - |D| - [1184] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks [30/10/2015 09:24:28] - |ASH| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [30/10/2015 09:18:13] - |RAS| - [853] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk [30/10/2015 09:19:28] - |RAS| - [2197] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk [25/10/2015 15:18:39] - |D| - [6327] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA [13/11/2015 19:45:30] - |D| - [5033] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON [24/01/2016 23:41:54] - |A| - [2489] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk [11/09/2015 14:57:31] - |D| - [2171] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client [11/02/2016 16:00:28] - |D| - [2403] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focusrite [29/10/2014 08:26:30] - |D| - [978] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF [29/10/2014 08:26:55] - |RD| - [2726] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [08/09/2015 00:08:53] - |A| - [2272] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [17/11/2015 16:21:42] - |D| - [7546] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive [16/12/2015 11:34:48] - |D| - [1206] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone [20/05/2016 22:34:51] - |D| - [4024] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor [26/06/2015 04:03:36] - |D| - [2685] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICEpower [17/12/2015 20:42:06] - |D| - [4191] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image-Line [30/10/2015 09:19:28] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [21/12/2015 21:49:10] - |D| - [1259] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility [26/06/2015 03:46:06] - |A| - [728] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk [07/01/2016 22:39:21] - |D| - [1851] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends [30/10/2015 09:24:24] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [11/09/2015 14:58:11] - |D| - [5250] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [30/10/2015 09:17:57] - |RAS| - [2219] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk [22/12/2015 02:22:56] - |D| - [11013] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat Video for After Effects [22/12/2015 02:22:34] - |D| - [10663] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neat Video for Premiere [26/06/2015 03:49:19] - |D| - [1474] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [24/01/2016 23:41:54] - |A| - [2489] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk [17/09/2015 17:34:25] - |SD| - [7392] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 [24/01/2016 23:41:54] - |D| - [5199] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016 [24/01/2016 23:41:54] - |A| - [2501] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk [08/05/2016 16:11:26] - |D| - [1157] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch [24/01/2016 23:41:54] - |A| - [2516] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk [30/10/2015 09:19:28] - |RAS| - [2199] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk [24/01/2016 23:41:54] - |A| - [2439] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk [09/09/2015 16:12:45] - |D| - [6801] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [26/06/2015 03:57:29] - |D| - [1923] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek [03/03/2016 19:10:45] - |D| - [2324] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Red Giant [25/05/2016 18:52:40] - |D| - [9037] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ScpToolkit [30/10/2015 09:18:07] - |RAS| - [1588] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk [29/10/2014 08:25:54] - |D| - [1985] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [30/10/2015 09:24:24] - |RD| - [1450] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [15/09/2015 14:48:25] - |D| - [1114] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [30/10/2015 09:24:24] - |RD| - [4033] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [30/10/2015 21:03:03] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [09/05/2016 20:59:13] - |A| - [972] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk [09/09/2015 03:22:28] - |D| - [7224] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [09/05/2016 16:02:24] - |D| - [2048] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan [29/10/2014 08:26:56] - |A| - [2522] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - asus.lnk [05/12/2015 06:47:19] - |A| - [1576] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [05/09/2015 18:00:25] - |D| - [4449] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [24/01/2016 23:41:54] - |A| - [2499] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [30/10/2015 09:24:28] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini [25/05/2016 18:52:42] - |A| - [1276] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86) [09/11/2015 15:12:52] - |D| - [211679375] - C:\Program Files (x86)\4KDownload [05/09/2015 16:51:00] - |D| - [163297731] - C:\Program Files (x86)\Adobe [16/03/2016 19:11:19] - |AD| - [2476622] - C:\Program Files (x86)\Apple Software Update [22/12/2015 17:48:12] - |D| - [560977] - C:\Program Files (x86)\ASIO4ALL v2 [29/10/2014 08:25:15] - |D| - [184893869] - C:\Program Files (x86)\ASUS [26/06/2015 04:07:48] - |AD| - [21752117] - C:\Program Files (x86)\ASUS Gaming Mouse [04/12/2015 03:13:58] - |AD| - [52589709] - C:\Program Files (x86)\Audacity [16/09/2015 16:35:40] - |D| - [22610011] - C:\Program Files (x86)\Autodesk [16/12/2015 11:26:31] - |AD| - [280055526] - C:\Program Files (x86)\Battle.net [26/06/2015 03:54:04] - |D| - [0] - C:\Program Files (x86)\Cisco [16/01/2016 21:52:59] - |D| - [0] - C:\Program Files (x86)\ClockworkMod [28/03/2016 18:34:47] - |D| - [238762110] - C:\Program Files (x86)\CodeBlocks [30/10/2015 08:28:30] - |D| - [1779749599] - C:\Program Files (x86)\Common Files [30/10/2015 09:24:28] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [25/10/2015 15:18:34] - |D| - [34300062914] - C:\Program Files (x86)\Electronic Arts [29/10/2014 08:26:17] - |AD| - [506767512] - C:\Program Files (x86)\Foxit PhantomPDF [08/09/2015 00:08:36] - |D| - [586930812] - C:\Program Files (x86)\Google [16/12/2015 11:29:59] - |AD| - [1705699806] - C:\Program Files (x86)\Hearthstone [20/05/2016 22:34:51] - |AD| - [2417308] - C:\Program Files (x86)\HxD [26/06/2015 04:03:35] - |D| - [8703664] - C:\Program Files (x86)\ICEpower [17/12/2015 20:37:14] - |D| - [1392884566] - C:\Program Files (x86)\Image-Line [26/06/2015 03:57:03] - |HD| - [23281134] - C:\Program Files (x86)\InstallShield Installation Information [26/06/2015 03:43:28] - |AD| - [42053808] - C:\Program Files (x86)\Intel [21/12/2015 21:49:10] - |AD| - [10664016] - C:\Program Files (x86)\Intel Driver Update Utility [30/10/2015 09:24:24] - |D| - [2155509] - C:\Program Files (x86)\Internet Explorer [11/09/2015 14:58:09] - |AD| - [59634247] - C:\Program Files (x86)\Malwarebytes Anti-Malware [29/10/2014 08:19:44] - |AD| - [1914558752] - C:\Program Files (x86)\Microsoft Office [30/10/2015 09:24:24] - |D| - [8210119] - C:\Program Files (x86)\Microsoft.NET [05/12/2015 06:24:09] - |D| - [25757] - C:\Program Files (x86)\MSBuild [05/09/2015 18:09:23] - |D| - [0] - C:\Program Files (x86)\My Company Name [26/06/2015 03:49:03] - |D| - [245657358] - C:\Program Files (x86)\NVIDIA Corporation [17/09/2015 17:33:37] - |AD| - [327250814] - C:\Program Files (x86)\OpenOffice 4 [08/05/2016 15:56:34] - |AD| - [6388994627] - C:\Program Files (x86)\Overwatch [09/09/2015 16:12:42] - |AD| - [73606896] - C:\Program Files (x86)\QuickTime [06/05/2016 20:12:33] - |D| - [9023490] - C:\Program Files (x86)\Razer [26/06/2015 03:57:03] - |D| - [146873450] - C:\Program Files (x86)\Realtek [03/03/2016 19:10:38] - |AD| - [839859] - C:\Program Files (x86)\Red Giant [03/03/2016 19:10:46] - |AD| - [100341279] - C:\Program Files (x86)\Red Giant Link [05/12/2015 06:24:09] - |D| - [38450433] - C:\Program Files (x86)\Reference Assemblies [29/10/2014 08:25:53] - |RD| - [25319419] - C:\Program Files (x86)\Skype [15/09/2015 14:48:24] - |D| - [27025033876] - C:\Program Files (x86)\Steam [26/06/2015 03:57:03] - |HD| - [0] - C:\Program Files (x86)\Temp [05/12/2015 06:35:22] - |HD| - [0] - C:\Program Files (x86)\Uninstall Information [09/09/2015 03:22:04] - |D| - [117733384] - C:\Program Files (x86)\VideoLAN [22/12/2015 17:44:20] - |D| - [3059312] - C:\Program Files (x86)\VstPlugins [09/05/2016 16:02:23] - |D| - [598440] - C:\Program Files (x86)\VulkanRT [29/10/2014 08:26:52] - |D| - [14326058] - C:\Program Files (x86)\WildTangent Games [30/10/2015 09:24:24] - |D| - [1465856] - C:\Program Files (x86)\Windows Defender [30/10/2015 09:24:24] - |D| - [5961728] - C:\Program Files (x86)\Windows Mail [30/10/2015 09:24:24] - |D| - [3342927] - C:\Program Files (x86)\Windows Media Player [30/10/2015 09:24:24] - |D| - [220064] - C:\Program Files (x86)\Windows Multimedia Platform [30/10/2015 09:24:24] - |D| - [7575610] - C:\Program Files (x86)\Windows NT [30/10/2015 09:24:24] - |D| - [5484224] - C:\Program Files (x86)\Windows Photo Viewer [30/10/2015 09:24:24] - |D| - [220064] - C:\Program Files (x86)\Windows Portable Devices [30/10/2015 09:24:24] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [30/10/2015 09:24:24] - |SD| - [3591532] - C:\Program Files (x86)\WindowsPowerShell [05/09/2015 18:00:13] - |AD| - [4480520] - C:\Program Files (x86)\WinRAR ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files [07/09/2015 00:41:03] - |AD| - [6912660] - C:\Program Files\Adblock Plus for IE [05/09/2015 17:07:41] - |AD| - [10329478924] - C:\Program Files\Adobe [26/06/2015 04:10:00] - |AD| - [5447184] - C:\Program Files\Asus [16/09/2015 16:15:40] - |D| - [3699331650] - C:\Program Files\Autodesk [09/09/2015 16:19:57] - |D| - [306715752] - C:\Program Files\Blender Foundation [11/09/2015 15:09:25] - |AD| - [18324752] - C:\Program Files\CCleaner [30/10/2015 08:28:30] - |D| - [924727769] - C:\Program Files\Common Files [30/10/2015 09:24:28] - |ASH| - [174] - C:\Program Files\desktop.ini [26/06/2015 04:03:44] - |D| - [5248256] - C:\Program Files\DIFX [02/09/2015 11:27:11] - |SHD| - [924727769] - C:\Program Files\Fichiers communs [11/09/2015 14:57:30] - |AD| - [22913525] - C:\Program Files\FileZilla FTP Client [11/02/2016 16:00:28] - |D| - [1313873] - C:\Program Files\Focusrite [17/12/2015 20:42:07] - |D| - [6320083] - C:\Program Files\Image-Line [05/12/2015 06:34:21] - |D| - [100113082] - C:\Program Files\Intel [30/10/2015 09:24:24] - |D| - [3579216] - C:\Program Files\Internet Explorer [18/05/2016 17:10:26] - |D| - [11792546322] - C:\Program Files\MATLAB [24/01/2016 23:38:27] - |D| - [2235856] - C:\Program Files\Microsoft Office 15 [05/12/2015 06:24:09] - |D| - [25757] - C:\Program Files\MSBuild [22/12/2015 02:22:55] - |D| - [12277213] - C:\Program Files\Neat Video for After Effects [22/12/2015 02:22:33] - |AD| - [12582577] - C:\Program Files\Neat Video for Premiere [25/05/2016 18:52:40] - |D| - [26202403] - C:\Program Files\Nefarius Software Solutions [05/12/2015 06:35:09] - |D| - [1643459788] - C:\Program Files\NVIDIA Corporation [05/12/2015 06:33:49] - |D| - [41764053] - C:\Program Files\Realtek [05/12/2015 06:24:09] - |D| - [36850857] - C:\Program Files\Reference Assemblies [09/05/2016 20:59:08] - |AD| - [69113697] - C:\Program Files\TeamSpeak 3 Client [10/07/2015 14:21:54] - |HD| - [0] - C:\Program Files\Uninstall Information [30/10/2015 09:24:24] - |D| - [11400154] - C:\Program Files\Windows Defender [30/10/2015 21:03:03] - |D| - [8974456] - C:\Program Files\Windows Journal [30/10/2015 09:24:24] - |D| - [6322176] - C:\Program Files\Windows Mail [30/10/2015 09:24:24] - |D| - [5394547] - C:\Program Files\Windows Media Player [30/10/2015 09:24:24] - |D| - [258280] - C:\Program Files\Windows Multimedia Platform [30/10/2015 09:24:24] - |D| - [7862330] - C:\Program Files\Windows NT [30/10/2015 09:24:24] - |D| - [6381248] - C:\Program Files\Windows Photo Viewer [30/10/2015 09:24:24] - |D| - [258280] - C:\Program Files\Windows Portable Devices [30/10/2015 09:24:24] - |SHD| - [0] - C:\Program Files\Windows Sidebar [30/10/2015 09:24:24] - |HD| - [1812729941] - C:\Program Files\WindowsApps [30/10/2015 09:24:24] - |SD| - [3764027] - C:\Program Files\WindowsPowerShell ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files (x86)\Common Files [05/09/2015 16:50:59] - |D| - [471728130] - C:\Program Files (x86)\Common Files\Adobe [09/09/2015 16:12:17] - |D| - [66304366] - C:\Program Files (x86)\Common Files\Apple [16/09/2015 16:05:58] - |AD| - [1114739090] - C:\Program Files (x86)\Common Files\Autodesk Shared [29/10/2014 08:25:38] - |D| - [4072970] - C:\Program Files (x86)\Common Files\AWS [25/10/2015 15:18:34] - |D| - [905920] - C:\Program Files (x86)\Common Files\BioWare [28/05/2016 12:01:10] - |AD| - [23832] - C:\Program Files (x86)\Common Files\DESIGNER [05/12/2015 06:34:15] - |D| - [85521947] - C:\Program Files (x86)\Common Files\Intel [30/10/2015 09:24:24] - |AD| - [21375957] - C:\Program Files (x86)\Common Files\Microsoft Shared [26/06/2015 03:51:34] - |D| - [200044] - C:\Program Files (x86)\Common Files\PostureAgent [17/12/2015 20:42:23] - |D| - [1435256] - C:\Program Files (x86)\Common Files\Propellerhead Software [05/09/2015 18:09:27] - |AD| - [205744] - C:\Program Files (x86)\Common Files\PX Storage Engine [30/10/2015 09:24:24] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [29/10/2014 08:25:53] - |AD| - [2399872] - C:\Program Files (x86)\Common Files\Skype [05/09/2015 18:09:27] - |D| - [321422] - C:\Program Files (x86)\Common Files\Sonic Shared [15/09/2015 14:48:26] - |D| - [835664] - C:\Program Files (x86)\Common Files\Steam [30/10/2015 09:24:24] - |D| - [9676683] - C:\Program Files (x86)\Common Files\System ¤¤¤¤¤¤¤¤¤¤ | C:\Program Files\Common files [05/09/2015 17:07:44] - |D| - [146474224] - C:\Program Files\Common files\Adobe [16/09/2015 16:15:40] - |AD| - [657560955] - C:\Program Files\Common files\Autodesk Shared [13/11/2015 19:45:30] - |D| - [160384] - C:\Program Files\Common files\EPSON [26/06/2015 03:54:04] - |D| - [0] - C:\Program Files\Common files\Intel [16/09/2015 16:25:27] - |D| - [1370089] - C:\Program Files\Common files\Macrovision Shared [30/10/2015 09:24:24] - |D| - [99098860] - C:\Program Files\Common files\microsoft shared [25/11/2015 15:26:31] - |D| - [2507776] - C:\Program Files\Common files\Propellerhead Software [30/10/2015 09:24:24] - |D| - [2702] - C:\Program Files\Common files\Services [30/10/2015 09:24:24] - |D| - [10505611] - C:\Program Files\Common files\System [17/12/2015 20:42:23] - |D| - [7047168] - C:\Program Files\Common files\VST2 ¤¤¤¤¤¤¤¤¤¤ | Tasks [MD5.52418DEF050A9B5D4426E85D92074ECA] - [08/09/2015 00:08:36] - |A| - [1084] - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [MD5.73151B2049DFC6ADB05A258139C8FD1A] - [08/09/2015 00:08:37] - |A| - [1088] - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [05/12/2015 06:58:15] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.6F71FA8A5C6634019DA762B8F3C4FB91] - [05/09/2015 18:51:17] - |A| - [2808] - C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-quentin.n7@outlook.fr : C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [MD5.00000000000000000000000000000000] - [16/03/2016 19:11:20] - |D| - [3514] - C:\WINDOWS\System32\Tasks\Apple [MD5.00000000000000000000000000000000] - [29/10/2014 08:25:15] - |D| - [2108] - C:\WINDOWS\System32\Tasks\ASUS [MD5.B3F109D5F01E0C271C33FD111E4E0F8F] - [20/09/2015 21:28:43] - |A| - [3544] - C:\WINDOWS\System32\Tasks\ASUS Live Update1 : C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [MD5.62C9726573EFE295E7E212C7C933CFBA] - [02/09/2015 00:32:38] - |A| - [3534] - C:\WINDOWS\System32\Tasks\ASUS Live Update2 : C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [MD5.2D4599678A36E8CEA60ADF754F0E8A8B] - [24/02/2016 21:49:13] - |A| - [3628] - C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher : C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [MD5.9610FCE21F744A9CAC6B3C867A0F938D] - [26/06/2015 04:13:57] - |A| - [2250] - C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON : C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [MD5.7A3310C2136C98AE3194E31A87F217CF] - [26/06/2015 04:07:57] - |A| - [2188] - C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus : "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe" [MD5.4D5372F1ABDED2F632DF41AA548AA9C6] - [26/06/2015 04:05:45] - |A| - [2950] - C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3 : "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" [MD5.1194DCFC5728008C35EF264ACDAEFB2F] - [11/09/2015 15:09:27] - |A| - [2164] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.C12B006EA784CEDC34F686B31CF1DA02] - [08/09/2015 00:08:37] - |A| - [3914] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.D1DFF5EBC27756F08A220B9E11AC8A85] - [08/09/2015 00:08:37] - |A| - [4146] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [03/09/2015 21:07:20] - |D| - [0] - C:\WINDOWS\System32\Tasks\McAfee [MD5.00000000000000000000000000000000] - [30/10/2015 09:24:25] - |D| - [500430] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.55100C591DF89757E37FFA1F0233C7E9] - [01/09/2015 23:21:39] - |A| - [2940] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3236888767-1387239166-3031154320-1001 : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.1ABD91DAC757097A83B402A2704FB3D8] - [03/03/2016 19:10:56] - |A| - [3732] - C:\WINDOWS\System32\Tasks\Red Giant Link : "C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe" [MD5.FB3F9E0087F3A8306E7AA01F4E4915C0] - [26/06/2015 03:57:27] - |A| - [2342] - C:\WINDOWS\System32\Tasks\RTKCPL : "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" [MD5.AA92F05CE67A7E1F28A09300896B128C] - [02/09/2015 00:32:25] - |A| - [2658] - C:\WINDOWS\System32\Tasks\Update Checker : C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [MD5.A3A34A1B8B67330B7BC2A6FEE0834EA8] - [24/01/2016 23:37:41] - |A| - [4162] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2FE2DCF3-F13E-478E-98A7-B243A3CB2557} : C:\WINDOWS\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [30/10/2015 09:24:25] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ¤¤¤¤¤¤¤¤¤¤ | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "vm-monitoring-dcom"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=RpcSs|Name=@icsvc.dll,-709|Desc=@icsvc.dll,-710|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv4"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=1|Name=@icsvc.dll,-701|Desc=@icsvc.dll,-702|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv6"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Name=@icsvc.dll,-703|Desc=@icsvc.dll,-704|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-nb-session"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=139|Name=@icsvc.dll,-705|Desc=@icsvc.dll,-706|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-rpc"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\system32\svchost.exe|Svc=Schedule|Name=@icsvc.dll,-707|Desc=@icsvc.dll,-708|EmbedCtxt=@icsvc.dll,-700| "Wininit-Shutdown-In-Rule-TCP-RPC"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36753|Desc=@firewallapi.dll,-36754|EmbedCtxt=@firewallapi.dll,-36751| "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC-EPMap|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36755|Desc=@firewallapi.dll,-36756|EmbedCtxt=@firewallapi.dll,-36751| "DeliveryOptimization-TCP-In"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "MDNS-In-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort2_24=mDNS|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37303|Desc=@%SystemRoot%\system32\firewallapi.dll,-37304|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "MDNS-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=5353|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37305|Desc=@%SystemRoot%\system32\firewallapi.dll,-37306|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "{10141CF4-91B8-4FD1-A160-8625D5F7239B}"=v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|App=C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe|Name=Star Wars - The Old Republic| "{31C2F1EE-9D43-4D5B-8A89-4B025359F62E}"=v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|App=C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe|Name=Star Wars - The Old Republic| "{22B41C6D-0DEA-45C7-87C5-1109FA0C8C20}"=v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe|Name=Star Wars - The Old Republic| "{F1F01174-A673-49F9-AD9F-BFCA3FBA8974}"=v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe|Name=Star Wars - The Old Republic| "UDP Query User{F08F7029-1347-44C3-9B52-D14E7CEDD588}C:\users\quentin\appdata\local\akamai\netsession_win.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\quentin\appdata\local\akamai\netsession_win.exe|Name=netsession_win.exe|Desc=netsession_win.exe|Defer=User| "TCP Query User{A494ECDE-AF42-4761-8D02-9218F9FF0A9D}C:\users\quentin\appdata\local\akamai\netsession_win.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\quentin\appdata\local\akamai\netsession_win.exe|Name=netsession_win.exe|Desc=netsession_win.exe|Defer=User| "{4C62097A-FCCD-4682-8C11-2F07FEB307B4}"=v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe|Name=mental ray satellite for Autodesk 3ds Max 2016| "{5339652C-D134-4288-AD1A-7E8712F04392}"=v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe|Name=mental ray satellite for Autodesk 3ds Max 2016| "{46CB340B-B003-4531-878B-4479BD38BA02}"=v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe|Name=mental ray satellite server for Autodesk 3ds Max 2016| "{53D9FB3D-32DF-4216-9946-4100E9FE8520}"=v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe|Name=mental ray satellite server for Autodesk 3ds Max 2016| "UDP Query User{2A3E3789-5D0C-431A-AC6E-7CB282B507F9}C:\users\quentin\appdata\local\akamai\netsession_win.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\quentin\appdata\local\akamai\netsession_win.exe|Name=netsession_win.exe|Desc=netsession_win.exe|Defer=User| "TCP Query User{F41E00AC-0958-4DFD-8FAE-82BBDB1FA221}C:\users\quentin\appdata\local\akamai\netsession_win.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\quentin\appdata\local\akamai\netsession_win.exe|Name=netsession_win.exe|Desc=netsession_win.exe|Defer=User| "{592F92F5-C6A3-4374-AE91-66C4B288C54A}"=v2.24|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe|Name=WebKit|Edge=TRUE| "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ| "{560448D6-095C-4907-B046-AC7F710701A7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D6980480-941A-4DF6-AB81-3734ECD3D779}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ| "{EC799E33-72BA-42D7-9127-DEFE68F9799D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F64300AD-D559-4000-BD45-0997BCC8E70A}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ| "{F77E5446-4378-4E99-8B7A-7061AAAEA193}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{9E3D57FC-7C37-4424-9352-4831E97D029D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ| "{4282FE99-8560-4BC7-9576-5F3ED84E263F}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{7599D70E-1709-432E-B9A5-143C9C8C8B8C}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{D48F6F7F-BD46-41F0-BD6B-37F58504FF32}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files (x86)\Skype\Phone\Skype.exe|Name=Skype| "{E0898B12-B189-4A10-9559-141C33FDA4EC}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{101E8CDE-933C-4820-872E-F6FB927F4CAE}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=80|App=C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe|Name=NVIDIA Network Service TCP Exception (HTTP)|Desc=TCP exceptions for NVIDIA Network Service| "{F3D305E3-647C-442F-83F2-5805FA41E503}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=443|App=C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe|Name=NVIDIA Network Service TCP Exception (HTTPS)|Desc=TCP exceptions for NVIDIA Network Service| "{F26D8C95-BEDF-4531-969F-EE5BEEB0A714}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{90C6745F-8887-48F2-AA23-4C854868057E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{123FCF89-7DB1-44EE-9F7F-95B274333D2E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{9E586FF9-5210-41EA-B303-157225B4F3FF}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{484CD064-2062-467D-9A6C-F8908DBFC02D}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{E8DAA57C-4167-4245-9A42-94FAD66D2BD7}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{7548EF34-FF53-4405-AEEE-6670D81C007B}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{82C2EB7B-F562-4F90-89C1-B31A3658BA7A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Desc=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-969871995-3242822759-583047763-1618006129-3578262429-3647035748-2471858633|EmbedCtxt=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{32B4433C-0568-495E-9BC5-3DD22656A7BF}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Desc=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312|EmbedCtxt=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{79AAEAC6-128C-47BE-8D65-B07AFD031851}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{CB3D8DC3-9547-4D3C-81B3-DF02B23595C9}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{A14BC17F-DDEE-411C-8358-1F134380BB80}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Desc=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723|EmbedCtxt=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{E388EEE3-9918-4A95-9C00-C3451E9516FD}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Desc=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3072599432-1607568789-957273504-856596282-71567818-1546726304-1084662928|EmbedCtxt=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{70603F6A-00C0-495C-800F-2C3DD92EF220}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Desc=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1322174799-1054373777-2441082058-564842223-2721992343-4124100487-3261661085|EmbedCtxt=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Platform=2:6:2|Platform2=GTEQ| "{105454C3-9DA1-41B9-836A-BDF429CBC7A0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Desc=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-957941444-2271171641-4049211970-804197638-2225746618-2474488012-4131196493|EmbedCtxt=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{3E8CCDEA-A3F5-4126-A14D-B29CBB1B4B98}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Desc=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3833609522-3861047620-3675164185-1739081557-594447883-3111017752-456581032|EmbedCtxt=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{25069B21-1D09-4F23-B68E-5CC2A57ADD29}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{BDCA034E-3DE2-4ACD-9571-DA40AED6AB81}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{BCF1DF70-899C-4666-BF93-D6ED8DE650DE}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Desc=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/Description}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3137318289-415437605-3491609480-3741388289-878520165-689859088-69748861|EmbedCtxt=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{6EC789C0-BC58-4EDD-9529-829A291A699B}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=ASUS Welcome|Desc=ASUS Welcome|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1791334737-3644637894-912171476-726613620-3748997741-2897954968-3492054033|EmbedCtxt=ASUS Welcome|Platform=2:6:2|Platform2=GTEQ| "{1FED6201-7E44-4E7F-872C-EFC7FB93C4C4}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=ASUS WebStorage|Desc=ASUS WebStorage|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2379699041-582217313-309184701-132115402-2983263408-230732246-1589285292|EmbedCtxt=ASUS WebStorage|Platform=2:6:2|Platform2=GTEQ| "{640F5477-8438-4980-AD83-01C82949EEB2}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=ASUS WebStorage|Desc=ASUS WebStorage|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2379699041-582217313-309184701-132115402-2983263408-230732246-1589285292|EmbedCtxt=ASUS WebStorage|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "TCP Query User{C512EA6E-8199-4202-B364-FC545082917D}C:\program files (x86)\hearthstone\hearthstone.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\hearthstone\hearthstone.exe|Name=hearthstone|Desc=hearthstone|Defer=User| "UDP Query User{39A66A5C-B700-4713-BB36-513954695F5C}C:\program files (x86)\hearthstone\hearthstone.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\hearthstone\hearthstone.exe|Name=hearthstone|Desc=hearthstone|Defer=User| "{8CBAF08D-8F5B-4C8E-993F-7755E1AD6137}"=v2.25|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\hearthstone\hearthstone.exe|Name=hearthstone|Desc=hearthstone| "{F905286A-48D1-4346-8B7A-43C0362ACB85}"=v2.25|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\hearthstone\hearthstone.exe|Name=hearthstone|Desc=hearthstone| "TCP Query User{157D1DD4-4264-4A73-85DF-1BB768FF8EF9}C:\users\quentin\appdata\roaming\utorrent\utorrent.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\quentin\appdata\roaming\utorrent\utorrent.exe|Name=utorrent.exe|Desc=utorrent.exe|Edge=TRUE|Defer=App| "UDP Query User{E60B9987-426D-4517-BE1E-EB0566F96A42}C:\users\quentin\appdata\roaming\utorrent\utorrent.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\quentin\appdata\roaming\utorrent\utorrent.exe|Name=utorrent.exe|Desc=utorrent.exe|Edge=TRUE|Defer=App| "{2A685949-04ED-415A-9CE3-74AEB73F489C}"=v2.25|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\quentin\appdata\roaming\utorrent\utorrent.exe|Name=utorrent.exe|Desc=utorrent.exe| "{2863578B-C6B7-4A37-8C9C-2909EB1AFE5F}"=v2.25|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\quentin\appdata\roaming\utorrent\utorrent.exe|Name=utorrent.exe|Desc=utorrent.exe| "{4E436743-D335-4CCE-80AA-E75E49F22A45}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Fresh Paint|Desc=Fresh Paint|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-753205055-3642759886-2300710532-466079404-1496176425-3605778055-1481226570|EmbedCtxt=Fresh Paint|Platform=2:6:2|Platform2=GTEQ| "{635B342D-2B22-4740-B1B1-7E51075F9EE1}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=47984|LPort=47989|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe|Name=SHIELD Streaming NSS TCP Exception|Desc=TCP exceptions for SHIELD Streaming NSS (HTTP)| "{66135387-55F5-4670-8D13-A1DDC655CCA6}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe|Name=SHIELD Streaming NSS UDP Exception|Desc=UDP exceptions for SHIELD Streaming NSS (mDNS)| "{B5A26588-8FA3-417C-B29A-D5EC72954AD7}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=47998|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe|Name=SHIELD Streaming SSAU UDP Exception|Desc=UDP exceptions for SHIELD Streaming SSAU (NWT)| "{A581DE23-342F-4209-BAC2-34CCBA830E35}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=35043|LPort=47995|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming NvStreamer TCP Exception|Desc=TCP exceptions for SHIELD Streaming NvStreamer (RTSP/RI)| "{07BB2095-7185-4077-89E3-A539FA403FB1}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=47995|LPort=47998|LPort=47999|LPort=48000|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming NvStreamer UDP Exception|Desc=UDP exceptions for SHIELD Streaming NvStreamer (RTSP/RI/A/V)| "{985699AD-0D9A-4C50-88BB-791C78209EEF}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxCompanion/resources/33279}|Desc=@{Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxCompanion/resources/33280}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3527726330-3522182257-2334271119-3281136672-3282358426-2206330294-2522200992|EmbedCtxt=@{Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxCompanion/resources/33279}|Platform=2:6:2|Platform2=GTEQ| "{A2155BFC-F3C9-4ED7-971E-BCFF5178D809}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxCompanion/resources/33279}|Desc=@{Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxCompanion/resources/33280}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3527726330-3522182257-2334271119-3281136672-3282358426-2206330294-2522200992|EmbedCtxt=@{Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxCompanion/resources/33279}|Platform=2:6:2|Platform2=GTEQ| "{B0B16891-462E-4518-B9BF-63AAA76C9199}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=HP All-in-One Printer Remote|Desc=HP All-in-One Printer Remote|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP All-in-One Printer Remote|Platform=2:6:2|Platform2=GTEQ| "{A56FED67-7704-4EA2-9F87-17707A1C4F8C}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=HP All-in-One Printer Remote|Desc=HP All-in-One Printer Remote|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-744533573-2444454674-265863901-3215465728-4115286053-1341080355-789689510|EmbedCtxt=HP All-in-One Printer Remote|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{C45D6571-7559-4D99-A924-80D95E6E105C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsPhone_10.1602.3010.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Desc=@{Microsoft.WindowsPhone_10.1602.3010.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1227535392-783678415-19788749-859698564-2515149781-2716591593-3518111838|EmbedCtxt=@{Microsoft.WindowsPhone_10.1602.3010.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{F45058F2-B6C4-4376-941C-C0198A5E74A7}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Zinio|Desc=Zinio|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-720185855-2675332291-2976434075-758544043-626028312-300598871-2309835828|EmbedCtxt=Zinio|Platform=2:6:2|Platform2=GTEQ| "{13636AF2-B6FC-4454-9B88-020D607A1219}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Zinio|Desc=Zinio|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-720185855-2675332291-2976434075-758544043-626028312-300598871-2309835828|EmbedCtxt=Zinio|Platform=2:6:2|Platform2=GTEQ| "{BCDAF6F4-51C4-48C0-92A2-D93D25EC0768}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Skype WiFi|Desc=Skype WiFi|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1130433679-1990454374-3129277160-3980110769-2827371475-140345195-2323808612|EmbedCtxt=Skype WiFi|Platform=2:6:2|Platform2=GTEQ| "{EECB2E45-7C6A-4180-9CA3-6DEE3C19ED77}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=- Games App -|Desc=- Games App -|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-54699281-1271618622-4162202136-1802718980-1937042405-523788449-2466384431|EmbedCtxt=- Games App -|Platform=2:6:2|Platform2=GTEQ| "{3438B1AF-2576-41E5-A362-71ACC957A774}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/BrandedAppTitle}|Desc=@{Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/AppDescription}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2870191891-2241688837-171142518-109998219-184790337-3361571429-3188846544|EmbedCtxt=@{Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/BrandedAppTitle}|Platform=2:6:2|Platform2=GTEQ| "{C5665F46-6A86-45E0-80F7-7FF85DBFD29C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppTitleWithBranding}|Desc=@{Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppDescription}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1986440118-1442771495-871113684-214194731-1452296882-3170903903-2224822735|EmbedCtxt=@{Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{A5AB2250-3AAD-4E82-A647-47D16E9CAFC8}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingHealthAndFitness/resources/apptitle}|Desc=HealthAndFitness|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1138804039-612586356-661925973-101396967-3526483782-2490177615-3594119953|EmbedCtxt=@{Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingHealthAndFitness/resources/apptitle}|Platform=2:6:2|Platform2=GTEQ| "{6686E62A-7C14-4E0C-AA74-A7212EC0D052}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Getstarted_3.5.11.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Desc=@{Microsoft.Getstarted_3.5.11.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1930852602-715273891-2259524165-1460409268-4224052142-2029744616-1797406285|EmbedCtxt=@{Microsoft.Getstarted_3.5.11.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{0ABCBB05-2453-4FAD-8D81-5F28E80887B2}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingFinance_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{2A2A594C-04D0-4E71-898D-9C029D7F5A9B}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingFinance_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{DA0234B2-4E86-40B6-92B6-288189D9B59C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingSports_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{4B392D57-1474-425F-84AC-5CF5B572D3B6}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingSports_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{146BF3B2-6028-48C9-B401-60A3DA87E626}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingWeather_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{F5ABCD39-0B97-4607-ABC9-C90193F14611}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingWeather_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{65F74966-CDCD-4328-891A-0CDD24F4D862}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingNews_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{FECCF230-B37C-4BC1-BE57-E0F0FBA31D2B}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingNews_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.9.51.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{8829F8BA-9F2E-419B-AA49-57E3CF8E4EDC}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{MAGIX.MusicMakerJam_2.3.1050.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Desc=@{MAGIX.MusicMakerJam_2.3.1050.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-914775309-424825794-3355368112-487557154-2084386389-537045334-2498513562|EmbedCtxt=@{MAGIX.MusicMakerJam_2.3.1050.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Platform=2:6:2|Platform2=GTEQ| "{39DAD8C1-512D-41BB-825A-3F384C2CD63E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{MAGIX.MusicMakerJam_2.3.1050.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Desc=@{MAGIX.MusicMakerJam_2.3.1050.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-914775309-424825794-3355368112-487557154-2084386389-537045334-2498513562|EmbedCtxt=@{MAGIX.MusicMakerJam_2.3.1050.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{C65A3A29-F786-479B-BF33-188CE755192C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{296C5825-488F-4794-8124-F0B500087168}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "TCP Query User{D8C3BF01-4798-4EFE-8EF8-E50D33D71702}C:\program files (x86)\overwatch\overwatch.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\overwatch\overwatch.exe|Name=Overwatch Application|Desc=Overwatch Application|Defer=User| "UDP Query User{2F264B4F-E1F9-4049-879B-33E0AF21B077}C:\program files (x86)\overwatch\overwatch.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\overwatch\overwatch.exe|Name=Overwatch Application|Desc=Overwatch Application|Defer=User| "{055F98D2-0CDE-407B-A3E6-F5DDA5C1DBAC}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=TripAdvisor Hotels Flights Restaurants|Desc=TripAdvisor Hotels Flights Restaurants|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3043548224-2235967549-1382791125-3168413616-1702302935-4247438294-2497735402|EmbedCtxt=TripAdvisor Hotels Flights Restaurants|Platform=2:6:2|Platform2=GTEQ| "{200A2110-EF27-4CED-A52A-6C97EBF572BB}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Desc=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3232211935-909325347-210818523-1333736584-3758124246-283266685-1557978965|EmbedCtxt=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Platform=2:6:2|Platform2=GTEQ| "{1C365E75-5DF4-445F-AF9E-99F201AEBB37}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{F75A5B39-E555-4CD0-9DC1-436F800C34D4}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{212518EC-2FA4-4B14-ADCB-5A2A22CDA788}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Desc=@{Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3981118486-977731610-4260702232-2292029000-2544493239-2660358776-1526570402|EmbedCtxt=@{Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{96D6127D-54D2-4970-AF50-022A458F5FC7}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Desc=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{9F437BA7-F23B-4154-93A1-4C8606866FBD}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Desc=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{3EB3936B-868C-4C83-A0C4-612D641A8596}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{D83F35C7-11A3-4477-A75F-60A6C02BB753}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_2.15.28004.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{B10D149E-1C87-48C6-9ABF-CC44C920C77A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Desc=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1485202841-4094060947-262313417-955497226-1243708313-1027065603-2694978511|EmbedCtxt=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{145555A5-8749-4E8B-9A54-46BAF5681C0F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ| "{AA685B88-CD3A-4527-9514-A9DB6DCA9605}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D7E955FB-143F-45F7-97DB-37CEB1CAD882}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{C7D2DD51-252F-4D51-9AE1-3BF573FF3ABC}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{2D512B9B-554F-4061-A93D-86FCCCD79DB9}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{7C9AE348-26FB-40E6-BAC3-87A6198D876F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsMaps_4.1603.1190.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Desc=@{Microsoft.WindowsMaps_4.1603.1190.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1239072475-3687740317-1842961305-3395936705-4023953123-1525404051-2779347315|EmbedCtxt=@{Microsoft.WindowsMaps_4.1603.1190.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{6FAA4C99-1A9F-41EB-857D-D077507AA556}C:\program files\matlab\r2015b\bin\win64\matlab.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\matlab\r2015b\bin\win64\matlab.exe|Name=MATLAB (R2015b)|Desc=MATLAB (R2015b)|Defer=User| "UDP Query User{0625F491-5CBE-4915-87AB-CB8E89D9A595}C:\program files\matlab\r2015b\bin\win64\matlab.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\matlab\r2015b\bin\win64\matlab.exe|Name=MATLAB (R2015b)|Desc=MATLAB (R2015b)|Defer=User| "{39F2008B-FA5E-42A6-BA28-C4D108DC5A5F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ| "{96C5DC42-8476-4096-9D1B-B129EC07523E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Flipboard|Desc=Flipboard|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-864994224-3030340628-3329202063-153121207-2255414721-17657611-2370319705|EmbedCtxt=Flipboard|Platform=2:6:2|Platform2=GTEQ| "{6A532FCC-AACA-485F-8742-FAE31B928251}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{C996173B-D3D1-4DF9-8E54-5D056201DF66}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{55EC9032-F7A1-41F4-8F43-8D669E0790FD}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneVideo_3.6.20961.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.20961.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.20961.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{6B0DF357-FD71-4BBB-B071-D4CB469AE617}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneVideo_3.6.20961.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.20961.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.20961.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{572E7E8E-3166-47A9-A805-E08C6CE7CA0F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{6399607E-2006-4E97-A96F-F7C44F91A6F0}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{D91D6624-C5CF-4DE2-9156-A2A00B48DA4C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.6868.41111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.6868.41111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.6868.41111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{DA400382-3D1D-4F5C-8F2E-57D546A576A7}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.6868.41111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.6868.41111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.6868.41111.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{EBBECF5D-55EB-4999-A243-59D311CBAB65}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.3DBuilder_11.1.8.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Desc=@{Microsoft.3DBuilder_11.1.8.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=@{Microsoft.3DBuilder_11.1.8.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{1F7AD844-A215-4E71-A9D7-FA4747FFBD61}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{E4EBD274-E6DD-45CB-986C-230BED4FF884}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{E968522D-D06A-4FF4-B530-7998DE516A7F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=LINE|Desc=LINE|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3154901008-2849271269-1294263849-4111868753-1430083361-3789501531-791294240|EmbedCtxt=LINE|Platform=2:6:2|Platform2=GTEQ| "{903F4189-17C8-4897-8061-AE85D25702C2}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=LINE|Desc=LINE|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3154901008-2849271269-1294263849-4111868753-1430083361-3789501531-791294240|EmbedCtxt=LINE|Platform=2:6:2|Platform2=GTEQ| "{DAB3D19E-7ABD-4538-BD60-B8DB25C742A4}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Candy Crush Saga|Desc=Candy Crush Saga|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-2599857031-3789198952-3515498744-3120614410-3826243417-3816649221-455961092|EmbedCtxt=Candy Crush Saga|Platform=2:6:2|Platform2=GTEQ| "{DDBD94F9-A02A-40AE-97F0-B030A8878A07}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsReadingList_6.3.9654.21199_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Desc=@{Microsoft.WindowsReadingList_6.3.9654.21199_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-253023354-1127976746-3906962265-362626003-4127939218-3835539868-2341249685|EmbedCtxt=@{Microsoft.WindowsReadingList_6.3.9654.21199_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Platform=2:6:2|Platform2=GTEQ| "{43642320-C821-436D-BAEA-650FE4E6B854}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.WindowsReadingList_6.3.9654.21199_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Desc=@{Microsoft.WindowsReadingList_6.3.9654.21199_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-253023354-1127976746-3906962265-362626003-4127939218-3835539868-2341249685|EmbedCtxt=@{Microsoft.WindowsReadingList_6.3.9654.21199_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Platform=2:6:2|Platform2=GTEQ| "{27677828-B765-45FE-AC59-B777437B5B2E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneMusic_3.6.20961.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_3.6.20961.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_3.6.20961.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{5849EA71-3D63-4463-BE42-372C7630F751}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneMusic_3.6.20961.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_3.6.20961.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-3236888767-1387239166-3031154320-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_3.6.20961.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{A80137C5-6CBA-412B-A1EC-D72343F79773}C:\Users\Quentin\Desktop\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Quentin\Desktop\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| "UDP Query User{8086F52E-78FA-489A-B2C4-2168ADE624EB}C:\Users\Quentin\Desktop\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Quentin\Desktop\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Users\Quentin\Desktop\QuickDiag.exe"=C:\Users\Quentin\Desktop\QuickDiag.exe:*:Enabled:QuickDiag ¤¤¤¤¤¤¤¤¤¤ | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%ClassName%;Security Accelerator [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem51.inf,%ClassName%;SAMSUNG Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ecfb0cfd-74c4-4f52-bbf7-343461cd72ac}] : (libusbk devices) [] -> libusbK USB Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ¤¤¤¤¤¤¤¤¤¤ | Loaded modules (Microsoft Files whitelisted) [17/04/2015 05:14:43] - (13.2.5.1012) - (Intel Corporation - Intel(R) Rapid Storage Technology driver - x64) - C:\WINDOWS\System32\drivers\iaStorA.sys [05/09/2015 18:09:27] - (3.1.1.0) - (Corel Corporation - Px Engine Device Driver for 64-bit (x86-64) Windows) - C:\WINDOWS\System32\Drivers\PxHlpa64.sys [17/04/2015 05:11:43] - (1.0.0.1018) - (Intel Corporation - Intel Collaborative Processor Performance Control (CPPC) Driver) - C:\WINDOWS\System32\drivers\IntelPcc.sys [02/07/2013 17:45:52] - (1.0.6.1) - (ASUSTek Computer Inc. - ATK WMIACPI Utility) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [03/09/2015 16:34:34] - (10.18.13.6472) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 364.72) - C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [18/11/2015 23:08:04] - (10.18.15.4256) - (Intel Corporation - Intel Graphics Kernel Mode Driver) - C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [11/09/2014 17:48:20] - (6.1.7600.16385) - (ASUSTek Computer Inc. - ASUS Charger driver) - C:\WINDOWS\system32\DRIVERS\AiCharger.sys [03/09/2014 12:03:32] - (10.0.28.1000) - (Intel Corporation - Intel(R) Management Engine Interface) - C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [30/10/2015 09:17:19] - (17.15.0.5) - (Intel Corporation - Intel® Wireless WiFi Link Driver) - C:\WINDOWS\System32\drivers\Netwbw02.sys [14/05/2015 11:44:38] - (6.3.9600.21275) - (Realsil Semiconductor Corporation - RTS PCIE READER Driver) - C:\WINDOWS\system32\DRIVERS\RtsPer.sys [07/07/2015 23:25:38] - (10.1.505.2015) - (Realtek - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Driver ) - C:\WINDOWS\System32\drivers\rt640x64.sys [23/09/2015 20:52:58] - (1.0.0.262) - (ASUS Corporation - Asus TP Filter Driver(X64)) - C:\WINDOWS\System32\drivers\AsusTP.sys [17/04/2015 05:14:43] - (1.0.0.1) - ( - Keyboard Filter Driver) - C:\WINDOWS\System32\drivers\kbfiltr.sys [13/05/2015 05:44:24] - (1.0.0.4) - (ASUS - HID driver for ASUS Wireless Radio Control) - C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [26/06/2015 03:48:35] - (1.2.40.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys [26/06/2015 22:54:13] - (4.5.61.0) - (Intel Corporation - Intel® WiDi Solution) - C:\WINDOWS\System32\drivers\iwdbus.sys [19/05/2013 08:02:52] - (1.0.0.103) - (Scarlet.Crush Productions - Scp Virtual Bus Driver) - C:\WINDOWS\System32\drivers\ScpVBus.sys [26/06/2015 03:57:08] - (6.0.1.7427) - (Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver) - C:\WINDOWS\system32\drivers\RTKVHD64.sys [14/07/2015 20:27:40] - (17.1.1531.1764) - (Intel Corporation - Intel(R) Wireless Bluetooth(R) USB Driver) - C:\WINDOWS\system32\DRIVERS\ibtusb.sys [12/04/2016 21:14:54] - (5.1.2.247) - (Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver) - C:\WINDOWS\System32\ATMFD.DLL [02/07/2009 18:36:14] - (1.0.9.1) - (ASUS - Memory mapping Driver) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [26/06/2015 03:49:19] - (7.1.2071.761) - (NVIDIA Corporation - Nvidia Streaming Kernel Service) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys ¤¤¤¤¤¤¤¤¤¤ | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - 3ware () -> System32\drivers\3ware.sys R0 - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys R0 - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys S0 - ADP80XX () -> System32\drivers\ADP80XX.SYS S0 - agp440 (@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter) -> System32\drivers\agp440.sys S0 - amdsata () -> System32\drivers\amdsata.sys S0 - amdsbs () -> System32\drivers\amdsbs.sys S0 - amdxata () -> System32\drivers\amdxata.sys S0 - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys S0 - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys S0 - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD) -> System32\drivers\bxvbda.sys R0 - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys R0 - CNG () -> System32\Drivers\cng.sys R0 - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys S0 - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys S0 - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys S0 - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys S0 - gagp30kx (@agp.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) -> System32\drivers\gagp30kx.sys S0 - HpSAMD () -> System32\drivers\HpSAMD.sys S0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys R0 - iaStorA () -> System32\drivers\iaStorA.sys S0 - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys S0 - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys R0 - IntelHSWPcc () -> System32\drivers\IntelPcc.sys S0 - intelide () -> System32\drivers\intelide.sys S0 - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys S0 - isapnp () -> System32\drivers\isapnp.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys S0 - LSI_SAS () -> System32\drivers\lsi_sas.sys S0 - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys S0 - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys S0 - LSI_SSS () -> System32\drivers\lsi_sss.sys S0 - megasas () -> System32\drivers\megasas.sys S0 - megasr () -> System32\drivers\megasr.sys S0 - mfeelamk (McAfee Inc. mfeelamk) -> system32\drivers\mfeelamk.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msisadrv () -> System32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys S0 - mvumis () -> System32\drivers\mvumis.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys S0 - nvraid () -> System32\drivers\nvraid.sys S0 - nvstor () -> System32\drivers\nvstor.sys S0 - nv_agp (@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter) -> System32\drivers\nv_agp.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys S0 - pciide () -> System32\drivers\pciide.sys S0 - pcmcia () -> System32\drivers\pcmcia.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys S0 - percsas2i () -> System32\drivers\percsas2i.sys S0 - percsas3i () -> System32\drivers\percsas3i.sys R0 - PxHlpa64 (PxHlpa64) -> System32\Drivers\PxHlpa64.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys S0 - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys S0 - SiSRaid2 () -> System32\drivers\SiSRaid2.sys S0 - SiSRaid4 () -> System32\drivers\sisraid4.sys R0 - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys S0 - stexstor () -> System32\drivers\stexstor.sys S0 - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys S0 - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys S0 - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys S0 - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys S0 - storvsc () -> System32\drivers\storvsc.sys R0 - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys S0 - uagp35 (@agp.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter) -> System32\drivers\uagp35.sys S0 - uliagpkx (@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter) -> System32\drivers\uliagpkx.sys R0 - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys S0 - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys R0 - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (@volume.inf,%VolumeClassName%;Storage volumes) -> System32\drivers\volsnap.sys S0 - vsmraid () -> System32\drivers\vsmraid.sys S0 - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys S0 - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\WdBoot.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys R0 - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\WdFilter.sys R0 - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys R0 - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys R0 - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys R0 - Wof (Windows Overlay File System Filter Driver) -> (?) R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys R1 - ATKWMIACPIIO (ATKWMIACPI Driver) -> \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys R1 - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys R1 - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys R1 - Beep (Beep) -> (?) R1 - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys S1 - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys R1 - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys R1 - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys R1 - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys R1 - Msfs () -> (?) R1 - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys R1 - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) R1 - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys R1 - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys R2 - AdAppMgrSvc (Autodesk Application Manager Service) -> "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe" R2 - AdobeUpdateService () -> C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe R2 - AGSService (Adobe Genuine Software Integrity Service) -> "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe" R2 - ASLDRService (ASLDR Service) -> C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe R2 - ASMMAP64 (ASMMAP64) -> \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys R2 - Asus WebStorage Windows Service (Asus WebStorage Windows Service) -> "C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe" R2 - ATKGFNEXSrv (ATKGFNEX Service) -> C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe R2 - AudioEndpointBuilder (@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - Audiosrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - BrokerInfrastructure (@%windir%\system32\bisrv.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - CertPropSvc (@%SystemRoot%\System32\certprop.dll,-11) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - ClickToRunSvc (Service Microsoft Office « Démarrer en un clic ») -> "C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service R2 - CoreMessagingRegistrar (@%SystemRoot%\system32\coremessaging.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DcomLaunch (@combase.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - DeviceAssociationService (@%SystemRoot%\system32\das.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - DiagTrack (@%SystemRoot%\system32\diagtrack.dll,-3001) -> %SystemRoot%\System32\svchost.exe -k utcsvc R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DoSvc (@%systemroot%\system32\dosvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R2 - DriverMFTService (DriverMFTService) -> "C:\Program Files (x86)\Asus\ASUS Video DSP\DriverMFTService.exe" S2 - Ds3Service (SCP DSx Service) -> "C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe" R2 - EventLog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - GamesAppIntegrationService (GamesAppIntegrationService) -> "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" R2 - GfExperienceService (NVIDIA GeForce Experience Service) -> "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe" R2 - gpsvc (@gpapi.dll,-112) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc R2 - ibtsiva (Intel Bluetooth Service) -> "C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe" R2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs R2 - jhi_service (Intel(R) Dynamic Application Loader Host Interface Service) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys R2 - LMS (Intel(R) Management and Security Application Local Management Service) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" R2 - LSM (@%windir%\system32\lsm.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys S2 - MapsBroker (@%SystemRoot%\System32\moshost.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys R2 - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys R2 - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService R2 - NvNetworkService (NVIDIA Network Service) -> "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" R2 - NvStreamSvc (NVIDIA Streamer Service) -> "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" R2 - nvsvc (NVIDIA Display Driver Service) -> "C:\WINDOWS\system32\nvvsvc.exe" S2 - OneSyncSvc (@%SystemRoot%\system32\APHostRes.dll,-10002) -> %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_110416 (Hôte de synchronisation_110416) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_308cc3a (Hôte de synchronisation_308cc3a) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_374b591 (Hôte de synchronisation_374b591) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup R2 - OneSyncSvc_3ac63 (Hôte de synchronisation_3ac63) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_4df27c4 (Hôte de synchronisation_4df27c4) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_6b25669 (Hôte de synchronisation_6b25669) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_9939cd6 (Hôte de synchronisation_9939cd6) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup R2 - PcaSvc (@%SystemRoot%\system32\pcasvc.dll,-1) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@combase.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss R2 - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys R2 - RzWizardService (Razer Wizard Service) -> C:\Program Files (x86)\Razer\RzWizard\RzWizardService.exe R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe S2 - SCardSvr (@%SystemRoot%\System32\SCardSvr.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs S2 - SkypeUpdate (Skype Updater) -> "C:\Program Files (x86)\Skype\Updater\Updater.exe" R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe S2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe R2 - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys R2 - stisvc (@%SystemRoot%\system32\wiaservc.dll,-9) -> %SystemRoot%\system32\svchost.exe -k imgsvc R2 - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys R2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - SystemEventsBroker (@%windir%\system32\SystemEventsBrokerServer.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - tiledatamodelsvc (@%SystemRoot%\system32\tileobjserver.dll,-1) -> %systemroot%\system32\svchost.exe -k appmodel R2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - UserManager (@%systemroot%\system32\usermgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - wanarp (@%systemroot%\system32\rascfg.dll,-32011) -> System32\DRIVERS\wanarp.sys S2 - WbioSrvc (@%systemroot%\system32\wbiosrvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k WbioSvcGroup R2 - Wcmsvc (@%SystemRoot%\System32\wcmsvc.dll,-4097) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - WinDefend (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310) -> "%ProgramFiles%\Windows Defender\MsMpEng.exe" R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - WlanSvc (@%SystemRoot%\System32\wlansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding ¤¤¤¤¤¤¤¤¤¤ | System files (Microsoft Files whitelisted) [MD5.2C5B3035B86770ADD2FE9BFBAF5B35A4] - [30/10/2015 09:17:22] - (.Copyright (c) 2011 LSI - LSI 3ware SCSI Storport Driver.) - [104.84 Ko] - (5.1.0.51) - C:\WINDOWS\System32\Drivers\3ware.sys [MD5.F7D0CD345D2DA42E7042ABCD73662403] - [30/10/2015 09:17:22] - (.Copyright (C) PMC-Sierra 2001-2014 - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) - [1108.84 Ko] - (1.3.0.10769) - C:\WINDOWS\System32\Drivers\adp80xx.sys [MD5.16F6F6B7903B913AB41AB848C8BB5658] - [11/09/2014 17:48:20] - (.Copyright (c) ASUSTek Computer Inc. - ASUS Charger driver.) - [16.75 Ko] - (6.1.7600.16385) - C:\WINDOWS\System32\Drivers\AiCharger.sys [MD5.5B30BCFE6E02E45D3EE268FF001BC5E0] - [30/10/2015 09:17:22] - (.Copyright © 2008-2015 AMD, Inc. - AHCI 1.3 Device Driver.) - [81.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdsata.sys [MD5.F20B30F35A5C7888441B4DCA001ECF8E] - [30/10/2015 09:17:22] - (.2012 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [253.34 Ko] - (3.7.1540.43) - C:\WINDOWS\System32\Drivers\amdsbs.sys [MD5.AFE838D7576C581D6483529621AB10CC] - [30/10/2015 09:17:22] - (.Copyright © 2008-2015 AMD, Inc. - Storage Filter Driver.) - [26.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdxata.sys [MD5.E3FE8F610B1CC12BC3B2E6BC43DC97E2] - [30/10/2015 09:17:22] - (.Copyright 2014 PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) - [128.84 Ko] - (7.5.0.32048) - C:\WINDOWS\System32\Drivers\arcsas.sys [MD5.7222DC0F811BBD1B4B4A7C28B7C31AE5] - [13/05/2015 05:44:24] - (.Copyright (C) 2013 ASUS - HID driver for ASUS Wireless Radio Control.) - [19.51 Ko] - (1.0.0.4) - C:\WINDOWS\System32\Drivers\AsHIDSwitch64.sys [MD5.21CE3EA457B9E07D762CE8A9BF64AA57] - [23/09/2015 20:52:58] - (.Copyright ASUS Corporation - Asus TP Filter Driver(X64).) - [98.99 Ko] - (1.0.0.262) - C:\WINDOWS\System32\Drivers\AsusTP.sys [MD5.3F5523DCEFE42B385659C5CB46A6B810] - [30/10/2015 09:17:22] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9477.0) - C:\WINDOWS\System32\Drivers\bcmfn.sys [MD5.0B750A6A6D847E73CA48ADD7A0F5A393] - [30/10/2015 09:17:22] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9391.6) - C:\WINDOWS\System32\Drivers\bcmfn2.sys [MD5.6447BA6FA709514B6C803D159B4C7D1E] - [30/10/2015 09:17:22] - (.(c) COPYRIGHT 2001-2012 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [518.84 Ko] - (7.4.14.0) - C:\WINDOWS\System32\Drivers\bxvbda.sys [MD5.13E531377E9BAA6E37F6471E0E8277AC] - [05/09/2015 18:09:27] - (.Corel Corporation - CDR4 64-bit CD and DVD Place Holder Driver (see PxHelp).) - [10.61 Ko] - (14.4.0.76) - C:\WINDOWS\System32\Drivers\cdr4_xp.sys [MD5.DAEF5180E390E56F354FE6D69D354EBC] - [05/09/2015 18:09:27] - (.Corel Corporation - CDRAL 64-bit Place Holder Driver (see PxHelp).) - [11.11 Ko] - (14.4.0.76) - C:\WINDOWS\System32\Drivers\cdralw2k.sys [MD5.491275B864B704B54EC08168344E0F38] - [30/10/2015 09:17:22] - (.(c) COPYRIGHT 2014-2015 QLogic Corporation - QLogic 10 GigE VBD.) - [3356.34 Ko] - (7.12.2.3) - C:\WINDOWS\System32\Drivers\evbda.sys [MD5.2E1FBB0769DF4C56B527A4000820A8D0] - [11/02/2016 16:00:28] - (.2010 - 2013 Copyright Focusrite Audio Engineering Limited. - Focusrite USB 2.0 Audio Driver.) - [124.3 Ko] - (2.5.128.1) - C:\WINDOWS\System32\Drivers\ffusb2audio.sys [MD5.FF442DCDCE1F6E9FAA9C8AD0CD1D199B] - [30/10/2015 09:17:22] - (.Copyright (c) 2004-2011 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [62.84 Ko] - (8.0.4.0) - C:\WINDOWS\System32\Drivers\HpSAMD.sys [MD5.9A2A2F3C69B9A30B6E78536F6D258BAD] - [30/10/2015 09:17:18] - (.Copyright (C) 2013. - Intel(R) Serial IO I2C Driver.) - [79.5 Ko] - (604.10146.2643.2818) - C:\WINDOWS\System32\Drivers\iai2c.sys [MD5.59A20F5AD9F4AE54098154359519408E] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Driver v2.) - [162 Ko] - (30.63.1519.7) - C:\WINDOWS\System32\Drivers\iaLPSS2i_I2C.sys [MD5.16A10CCEDCF5AC4CAAE43DC9FC40392F] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO GPIO Controller Driver.) - [37.23 Ko] - (1.1.250.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_GPIO.sys [MD5.EB82A11613326691508D9ED9A4FE29E7] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Controller Driver.) - [110.5 Ko] - (1.1.253.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_I2C.sys [MD5.D87E782C0EAF4B3A376DE82236EC0FE9] - [17/04/2015 05:14:43] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology driver - x64.) - [657.73 Ko] - (13.2.5.1012) - C:\WINDOWS\System32\Drivers\iaStorA.sys [MD5.6B0029A0253098CCE28EACCFDB9E7208] - [30/10/2015 09:17:22] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology driver (inbox) - x64.) - [657.34 Ko] - (13.2.0.1022) - C:\WINDOWS\System32\Drivers\iaStorAV.sys [MD5.9652E1E35A92D8C75710C17A63B15796] - [30/10/2015 09:17:22] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [402.34 Ko] - (8.6.2.1019) - C:\WINDOWS\System32\Drivers\iaStorV.sys [MD5.FFADF691F7BF727AF5C863454A372723] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - InfiniBand Fabric Bus Driver.) - [414.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\ibbus.sys [MD5.BA1383ACCEA350636DB8A01ED97B04CE] - [14/07/2015 20:27:40] - (.Intel Corporation (C) 2013 - Intel(R) Wireless Bluetooth(R) USB Driver.) - [253.23 Ko] - (17.1.1531.1764) - C:\WINDOWS\System32\Drivers\ibtusb.sys [MD5.CB9D75626663F9D5964C081F3A0E1607] - [18/11/2015 23:08:04] - (.Copyright (c) 1998-2014 Intel Corporation. - Intel Graphics Kernel Mode Driver.) - [6249.95 Ko] - (10.18.15.4256) - C:\WINDOWS\System32\Drivers\igdkmd64.sys [MD5.42777B7BE4946135578E5C3BC1D2E4AD] - [16/07/2015 19:04:28] - (.Intel(R) Corporation. - Intel(R) Display Audio Driver.) - [461.79 Ko] - (6.16.0.3179) - C:\WINDOWS\System32\Drivers\IntcDAud.sys [MD5.87E738E189EB31E2EB07F609C930D068] - [26/06/2015 22:54:13] - (.Copyright © 2013-2013, Intel Corporation. - Intel® WiDi Solution.) - [49.05 Ko] - (4.5.61.0) - C:\WINDOWS\System32\Drivers\intelaud.sys [MD5.2159516F6832CE0ABF237DF5B018EE2E] - [17/04/2015 05:11:43] - (.Copyright(C) 2010 Intel Corporation - Intel Collaborative Processor Performance Control (CPPC) Driver.) - [77.66 Ko] - (1.0.0.1018) - C:\WINDOWS\System32\Drivers\IntelPcc.sys [MD5.56D480702478880805F4E74F2BA02382] - [26/06/2015 22:54:13] - (.Copyright © 2013-2013, Intel Corporation. - Intel® WiDi Solution.) - [38.55 Ko] - (4.5.61.0) - C:\WINDOWS\System32\Drivers\iwdbus.sys [MD5.6C6F4A5FC5A2343995D1B0F111D5CF06] - [17/04/2015 05:14:43] - (. - Keyboard Filter Driver.) - [16.88 Ko] - (1.0.0.1) - C:\WINDOWS\System32\Drivers\kbfiltr.sys [MD5.C4AB79ACB70AAF0AC8B68A9018AA9625] - [25/05/2016 18:57:19] - (.© T. Robinson 2010-2012 - libusbK(lusbk) WDF USB Driver.) - [46.09 Ko] - (3.0.5.16) - C:\WINDOWS\System32\Drivers\libusbK.sys [MD5.961F28D879D345BFA50AF51285C90F2E] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2010 - LSI Fusion-MPT SAS Driver (StorPort).) - [106.34 Ko] - (1.34.3.83) - C:\WINDOWS\System32\Drivers\lsi_sas.sys [MD5.6BFB8D1B3407518BE06B6F81F92FA0F5] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2012 - LSI SAS Gen2 Driver (StorPort).) - [102.34 Ko] - (2.0.76.80) - C:\WINDOWS\System32\Drivers\lsi_sas2i.sys [MD5.BE0E47988D78F731DEC2C0CB03E765CB] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies 2015 - Avago SAS Gen3 Driver (StorPort).) - [96.84 Ko] - (2.50.96.80) - C:\WINDOWS\System32\Drivers\lsi_sas3i.sys [MD5.F99BF02BE9219986817BF094981EEB18] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2012 - LSI SSS PCIe/Flash Driver (StorPort).) - [80.84 Ko] - (2.10.61.81) - C:\WINDOWS\System32\Drivers\lsi_sss.sys [MD5.78BFF5425E044086E74E78650A359FBB] - [11/09/2015 14:58:09] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [26.38 Ko] - (0.1.16.0) - C:\WINDOWS\System32\Drivers\mbam.sys [MD5.1239597BAB7EED2BB16D035AF87E65D9] - [11/09/2015 14:58:09] - (.© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [137.38 Ko] - (1.1.22.0) - C:\WINDOWS\System32\Drivers\mbamchameleon.sys [MD5.78488AF2AB2111D67B3C4044707A519B] - [11/09/2015 14:58:17] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [187.71 Ko] - (0.3.0.4) - C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys [MD5.2ED29B635F35E31A1C0D3DDB7DD2AD03] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [58.34 Ko] - (6.706.6.0) - C:\WINDOWS\System32\Drivers\megasas.sys [MD5.22E3CB85870879CBAE13C5095A8B12E3] - [30/10/2015 09:17:23] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [562.34 Ko] - (15.2.2013.129) - C:\WINDOWS\System32\Drivers\megasr.sys [MD5.D1780DF54D9DB0DF6801F8657D5F0A14] - [03/04/2014 17:43:16] - (.Copyright© 1995-2015 McAfee, Inc. - McAfee ELAM Driver.) - [79.02 Ko] - (15.4.0.674) - C:\WINDOWS\System32\Drivers\mfeelamk.sys [MD5.D41920FBFFF2BBCBBC69A5B383AD022E] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - MLX4 Bus Driver.) - [688.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\mlx4_bus.sys [MD5.218705233D02776AE4D19CC37D985C1B] - [30/10/2015 09:17:23] - (.Copyright (c) Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) - [62.34 Ko] - (1.0.5.1016) - C:\WINDOWS\System32\Drivers\mvumis.sys [MD5.898415AC0B5F1D2A9A48ABCB68A6DC4B] - [11/09/2015 14:58:09] - (.© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [63.88 Ko] - (1.0.6.0) - C:\WINDOWS\System32\Drivers\mwac.sys [MD5.B57CE307DA101C739885B7CC0678077F] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - NetworkDirect Support Filter Driver.) - [74.34 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\ndfltr.sys [MD5.1F91B1E5FD41BDC3DF8AFFB81C8AA277] - [30/10/2015 09:17:19] - (.Copyright © Intel Corporation 2011 - Intel® Wireless WiFi Link Driver.) - [3404 Ko] - (17.15.0.5) - C:\WINDOWS\System32\Drivers\Netwbw02.sys [MD5.931D4A31CCF9C9C2D3C0DB1A64A06590] - [03/09/2015 16:34:34] - (.(C) 2016 NVIDIA Corporation. - NVIDIA Windows Kernel Mode Driver, Version 364.72.) - [12362.44 Ko] - (10.18.13.6472) - C:\WINDOWS\System32\Drivers\nvlddmkm.sys [MD5.604D27CC38CC23493F218D0BB834B3FF] - [30/10/2015 09:17:23] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [146.84 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvraid.sys [MD5.8B50D897657AB4A15FD9E251BBF7D107] - [30/10/2015 09:17:23] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.34 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvstor.sys [MD5.F37FE6B15A987AEEC08EEF531F2FAED7] - [26/06/2015 03:48:35] - (.(C) NVIDIA Corporation. - NVIDIA Virtual Audio Driver.) - [55.06 Ko] - (1.2.40.0) - C:\WINDOWS\System32\Drivers\nvvad64v.sys [MD5.1398A85E59698067CBBE1D66A9C13ADF] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2014 - MEGASAS RAID Controller Driver for Windows.) - [56.84 Ko] - (6.803.21.0) - C:\WINDOWS\System32\Drivers\percsas2i.sys [MD5.35F7C7AD709D909D618D9EDF987FC3ED] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [57.34 Ko] - (6.602.12.0) - C:\WINDOWS\System32\Drivers\percsas3i.sys [MD5.07D57B890DD5693A6AB660CBAE8F91B4] - [05/09/2015 18:09:27] - (.Copyright © Corel Corporation or its subsidiaries. - Px Engine Device Driver for 64-bit (x86-64) Windows.) - [55.02 Ko] - (3.1.1.0) - C:\WINDOWS\System32\Drivers\PxHlpa64.sys [MD5.DFE1602D6A08A0C27C48DD8C4EFB11CA] - [07/07/2015 23:25:38] - (.Copyright (C) 2015 Realtek Semiconductor Corporation. All Right Reserved. - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Driver .) - [874.27 Ko] - (10.1.505.2015) - C:\WINDOWS\System32\Drivers\rt640x64.sys [MD5.01E1A06E738C0EBF3F31D782B345B2BD] - [26/06/2015 03:57:08] - (.Copyright (c) Realtek Semiconductor Corp.1998-2013 - Realtek(r) High Definition Audio Function Driver.) - [4270.46 Ko] - (6.0.1.7427) - C:\WINDOWS\System32\Drivers\RTKVHD64.sys [MD5.53FC65C60661B26BB8A47750306FEDF5] - [14/05/2015 11:44:38] - (.Copyright © Realtek Semiconductor Corporation 2013 - RTS PCIE READER Driver.) - [734.02 Ko] - (6.3.9600.21275) - C:\WINDOWS\System32\Drivers\RtsPer.sys [MD5.0447065A6E10774EFCECFDD0EB970A79] - [19/05/2013 08:02:52] - (.Copyright © 2012, 2013 Scarlet.Crush Productions. - Scp Virtual Bus Driver.) - [38.25 Ko] - (1.0.0.103) - C:\WINDOWS\System32\Drivers\ScpVBus.sys [MD5.ABBE803FE0BDAE0E5BE74DDEFBE62F23] - [30/10/2015 09:17:23] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [43.84 Ko] - (5.1.1039.2600) - C:\WINDOWS\System32\Drivers\sisraid2.sys [MD5.6043DF55CFE3C7ACF477645FA64DEA98] - [30/10/2015 09:17:23] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [79.84 Ko] - (5.1.1039.3600) - C:\WINDOWS\System32\Drivers\sisraid4.sys [MD5.D722BC26F7431A4DA9A183E56CA9FEE3] - [24/09/2015 15:50:45] - (.Copyright ⓒ SAMSUNG - SAMSUNG USB Composite Device Driver (MSS Ver.3).) - [126.13 Ko] - (2.12.2.0) - C:\WINDOWS\System32\Drivers\ssudbus.sys [MD5.36C3697CA09B23C77BDF95A6B0B57310] - [24/09/2015 15:51:43] - (.Copyright ⓒ SAMSUNG - SAMSUNG Android Modem Device Driver (MSS Ver.3).) - [216.63 Ko] - (2.12.2.0) - C:\WINDOWS\System32\Drivers\ssudmdm.sys [MD5.CCDA497C880AD16D87EDFAEFCFB2EDF5] - [30/10/2015 09:17:23] - (.© Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) - [30.34 Ko] - (5.1.0.10) - C:\WINDOWS\System32\Drivers\stexstor.sys [MD5.A37A2ED3321A7A7BC85FA05221051A7F] - [03/09/2014 12:03:32] - (.Copyright © 2006-2014, Intel Corporation. - Intel(R) Management Engine Interface.) - [124 Ko] - (10.0.28.1000) - C:\WINDOWS\System32\Drivers\TeeDriverx64.sys [MD5.D48ED0A08BD2FD25A833E6AC99623091] - [30/10/2015 09:17:23] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [162.84 Ko] - (7.0.9600.6352) - C:\WINDOWS\System32\Drivers\vsmraid.sys [MD5.6990D4AFDF545669D4E6C232F26DE1FB] - [30/10/2015 09:17:23] - (.Copyright (C) 2008 VIA Corporation - VIA StorX RAID Controller Driver.) - [298.34 Ko] - (8.0.9200.8110) - C:\WINDOWS\System32\Drivers\VSTXRAID.SYS [MD5.4A53441C1C4D2878BEF27E381138BB2D] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinMad.) - [26.34 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\winmad.sys [MD5.40A3E8D729F458B2C9A8BD9380FF83D5] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinVerbs.) - [57.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\winverbs.sys ¤¤¤¤¤¤¤¤¤¤ | Uninstall [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\2744A393-554C-4E35-A24F-DEF0392B4484-2] : (Dofus.-.Ankama) -> C:\Users\Quentin\AppData\Local\Ankama\Dofus\Dofus.exe --uninstall-or-repair [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Akamai] : (Akamai NetSession Interface.-.Akamai Technologies, Inc) -> "C:\Users\Quentin\AppData\Local\Akamai\uninstall.exe" [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CodeBlocks] : (CodeBlocks.-.The Code::Blocks Team) -> C:\Program Files (x86)\CodeBlocks\uninstall.exe [HKU\S-1-5-21-3236888767-1387239166-3031154320-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\uTorrent] : (µTorrent.-.BitTorrent Inc.) -> "%APPDATA%\uTorrent\uTorrent.exe" /UNINSTALL [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Autodesk 3ds Max 2016] : (Autodesk 3ds Max 2016.-.Autodesk) -> C:\Program Files\Autodesk\3ds Max 2016\Setup\Setup.exe /P {52B37EC7-D836-0410-0464-3C24BCED2010} /M MAX /LANG fr-fr [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Autodesk 3ds Max 2016 Populate Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CF1FC201D237269A9CD51A3A6B14ADBF67175C32] : (Package de pilotes Windows - Focusrite USB 2.0 Audio Driver (09/25/2013 2.5.128.1).-.Focusrite) -> C:\PROGRA~1\DIFX\4A7292F75FEBBD3C\dpinst.exe /u C:\WINDOWS\System32\DriverStore\FileRepository\ffusb2audio.inf_amd64_dc63e000f42fc052\ffusb2audio.inf [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\EPSON WF-3520 Series] : (EPSON WF-3520 Series Printer Uninstall.-.SEIKO EPSON Corporation) -> C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YINSJJE.EXE /R /APD /P:"EPSON WF-3520 Series" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\F84E8769D448654402782673214DE63760BE04A7] : (Package de pilotes Windows - ASUS (ATP) Mouse (10/21/2015 1.0.0.262).-.ASUS) -> C:\PROGRA~1\DIFX\87C0B7EB44E4384E\dpinst.exe /u C:\WINDOWS\System32\DriverStore\FileRepository\asustp.inf_amd64_46181b5d7cbb1b3a\asustp.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Focusrite USB 2.0 Audio Driver_is1] : (Focusrite USB 2.0 Audio Driver 2.5.1.-.Focusrite Audio Engineering Limited.) -> "C:\Program Files\Focusrite\USB 2.0 Audio Driver\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Matlab R2015b] : (MATLAB R2015b.-.MathWorks) -> C:\Program Files\MATLAB\R2015b\uninstall\bin\win64\uninstall.exe C:\Program Files\MATLAB\R2015b [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Neat Video for After Effects_is1] : (Neat Video for After Effects (64-bit).-.ABSoft) -> "C:\Program Files\Neat Video for After Effects\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Neat Video for Premiere_is1] : (Neat Video for Premiere.-.ABSoft) -> "C:\Program Files\Neat Video for Premiere\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\TeamSpeak 3 Client] : (TeamSpeak 3 Client.-.TeamSpeak Systems GmbH) -> "C:\Program Files\TeamSpeak 3 Client\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.5.1] : (Vulkan Run Time Libraries 1.0.5.1.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.5.1\UninstallVulkanRT.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1B444AF9-1DBE-4884-8F35-969BEFCF69A8}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{1B444AF9-1DBE-4884-8F35-969BEFCF69A8} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1CEAC85D-2590-4760-800F-8DE5E91F3700}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> "C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe" -uninstall [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{209A9505-AEA6-4D2E-ACFB-F9905CE89AE0}] : (Ableton Live 9 Suite.-.Ableton) -> MsiExec.exe /X{209A9505-AEA6-4D2E-ACFB-F9905CE89AE0} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2ABB66D0-7921-46E4-AF7D-CF40323A10BB}] : (Intel® PROSet/Wireless WiFi Software.-.Intel Corporation) -> MsiExec.exe /I{2ABB66D0-7921-46E4-AF7D-CF40323A10BB} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{302600C1-6BDF-4FD1-1407-148929CC1385}] : (Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1).-.Intel Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{33d748b9-4100-4fef-bcdc-33e69f098c38}] : (Intel(R) PRO/Wireless Driver.-.Intel Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4034E489-D0E9-41C4-A0DA-865D3881FE3F}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{4034E489-D0E9-41C4-A0DA-865D3881FE3F} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{4A7EE59E-C97F-4EC6-A607-7E2CDEC24092}] : (Intel(R) ME UninstallLegacy.-.Intel Corporation) -> MsiExec.exe /I{4A7EE59E-C97F-4EC6-A607-7E2CDEC24092} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{52B37EC7-D836-0410-0464-3C24BCED2010}] : (Autodesk 3ds Max 2016.-.Autodesk) -> MsiExec.exe /I{52B37EC7-D836-0410-0464-3C24BCED2010} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{57E92DED-DC7C-41E5-B9E1-76D83BD2EABE}] : (Autodesk 3ds Max 2016 Populate Data.-.Autodesk) -> MsiExec.exe /I{57E92DED-DC7C-41E5-B9E1-76D83BD2EABE} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{65302154-AAF6-4020-A070-76CAA9CEC8D3}] : (PixelMaster Video HDR.-.ASUS) -> MsiExec.exe /I{65302154-AAF6-4020-A070-76CAA9CEC8D3} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{92E167CC-3D19-47EB-AE7F-A135427C3220}] : (Adblock Plus pour IE (32-bits et 64-bits).-.Eyeo GmbH) -> MsiExec.exe /X{92E167CC-3D19-47EB-AE7F-A135427C3220} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 364.72.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 364.72.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 2.11.3.5.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 2.11.3.5.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA Logiciel système PhysX 9.15.0428.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 2.11.3.5.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer] : (NVIDIA LED Visualizer 1.0.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (SHIELD Streaming.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService] : (NVIDIA GeForce Experience Service.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service] : (NVIDIA Network Service.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 2.11.3.5.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 1.2.40.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{BACDF5CE-C53E-43FD-ADB8-CFBEC19FF50E}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> MsiExec.exe /I{BACDF5CE-C53E-43FD-ADB8-CFBEC19FF50E} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CF24D0BD-319A-42E5-8188-6ECC26B4BCC6}] : (ScpToolkit.-.Nefarius Software Solutions) -> MsiExec.exe /I{CF24D0BD-319A-42E5-8188-6ECC26B4BCC6} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{EA3C8A99-1565-44FF-89FC-926CEEB623B5}] : (Blender.-.Blender Foundation) -> MsiExec.exe /I{EA3C8A99-1565-44FF-89FC-926CEEB623B5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\0E7DAF70-FB54-4B91-B192-7E771C25AEEB] : (Intel Collaborative Processor Performance Control.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel Collaborative Processor Performance Control\Uninstall\setup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\4K Video Downloader_is1] : (4K Video Downloader 3.6.-.Open Media LLC) -> "C:\Program Files (x86)\4KDownload\4kvideodownloader\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\4K YouTube to MP3_is1] : (4K YouTube to MP3 3.0.-.Open Media LLC) -> "C:\Program Files (x86)\4KDownload\4kyoutubetomp3\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Creative Cloud] : (Adobe Creative Cloud.-.Adobe Systems Incorporated) -> "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ASIO4ALL] : (ASIO4ALL.-.Michael Tippach) -> C:\Program Files (x86)\ASIO4ALL v2\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Audacity_is1] : (Audacity 2.1.0.-.Audacity Team) -> "C:\Program Files (x86)\Audacity\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Autodesk Advanced Material Library Image Library 2016] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Autodesk Application Manager] : (Autodesk Application Manager.-.Autodesk) -> C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\removeAdAppMgr.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Autodesk Material Library 2016] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Autodesk Material Library Base Resolution Image Library 2016] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Autodesk Material Library Medium Resolution Image Library 2016] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Battle.net] : (Battle.net.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=battle.net --displayname="Battle.net" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\BitRaider Streaming Client] : (BitRaider Streaming Client.-.BitRaider, LLC) -> C:\ProgramData\BitRaider\common\brwc.exe -brremoveclient [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FileZilla Client] : (FileZilla Client 3.16.0.-.Tim Kosse) -> C:\Program Files\FileZilla FTP Client\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FL Studio 12] : (FL Studio 12.-.Image-Line) -> C:\Program Files (x86)\Image-Line\FL Studio 12\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FL Studio ASIO] : (FL Studio ASIO.-.Image-Line) -> C:\Program Files (x86)\Image-Line\FL Studio ASIO\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\Installer\setup.exe" --uninstall --multi-install --chrome --system-level [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Hearthstone] : (Hearthstone.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=hs_beta --displayname="Hearthstone" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\HxD Hex Editor_is1] : (HxD Hex Editor version 1.7.7.0.-.Maël Hörz) -> "C:\Program Files (x86)\HxD\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IL Download Manager] : (IL Download Manager.-.Image-Line) -> C:\Program Files (x86)\Image-Line\Downloader\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\League of Legends 3.0.1] : (League of Legends.-.Riot Games) -> msiexec.exe /x {3E75652D-99B1-417E-B163-BEF33CAD3F16} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.2.1.1043.-.Malwarebytes) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Overwatch] : (Overwatch.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=prometheus --displayname="Overwatch" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam] : (Steam.-.Valve Corporation) -> C:\Program Files (x86)\Steam\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 264710] : (Subnautica.-.Unknown Worlds Entertainment) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/264710 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 730] : (Counter-Strike: Global Offensive.-.Valve) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/730 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\swtor_swtor] : (Star Wars The Old Republic.-.Bioware/EA) -> c:\program files (x86)\electronic arts\bioware\star wars - the old republic\BitRaider\bin\brwc.exe id=swtor_swtor -bruninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> C:\Program Files (x86)\VideoLAN\VLC\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WebStorage] : (WebStorage.-.ASUS Cloud Corporation) -> C:\Program Files (x86)\ASUS\WebStorage\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 5.21 (32-bit).-.win.rar GmbH) -> C:\Program Files (x86)\WinRAR\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}] : (ASUS Splendid Video Enhancement Technology.-.ASUS) -> MsiExec.exe /X{0969AF05-4FF6-4C00-9406-43599238DE0D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}] : (Adobe Media Encoder CC 2015.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{0FAC7130-BEC5-47A5-8813-1D339B8326ED}" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{10F82E5B-B611-4C65-8F29-666A9EC5680A}_is1] : (Red Giant Link.-.Red Giant, LLC) -> "C:\ProgramData\Red Giant\uninstall\Link\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{121727D5-FDF3-4723-BA57-EB383440ED72}] : (OpenOffice 4.1.1.-.Apache Software Foundation) -> MsiExec.exe /I{121727D5-FDF3-4723-BA57-EB383440ED72} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}] : (Adobe After Effects CC 2015.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{147EC100-14BE-45EF-AB42-35BAEE7D02F0}" [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{185F9795-9663-4F13-9EF9-307A282ADB5A}] : (ph.-.Your Company Name) -> MsiExec.exe /I{185F9795-9663-4F13-9EF9-307A282ADB5A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}] : (Device Setup.-.ASUSTek Computer Inc.) -> MsiExec.exe /I{1F07F2C7-596F-4F34-B805-2C61A3E50E5A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{240E5DBF-63FA-4331-BC9D-1705B3C33E38}] : (Intel(R) Wireless Bluetooth(R).-.Intel Corporation) -> MsiExec.exe /I{240E5DBF-63FA-4331-BC9D-1705B3C33E38} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}] : (Autodesk Material Library 2016.-.Autodesk) -> MsiExec.exe /X{29A7D6EC-63C2-42FD-8143-5812ABD2923F} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}] : (bl.-.Your Company Name) -> MsiExec.exe /I{2A075BB4-E976-4278-BF3F-E5C6945D84C0} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App] : (Update Installer for WildTangent Games App.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{38C72D42-0672-43B1-9E05-E7631684F9A1}] : (Adobe Premiere Pro CC 2015.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{38C72D42-0672-43B1-9E05-E7631684F9A1}" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}] : (Star Wars: The Old Republic.-.Electronic Arts, Inc.) -> C:\Program Files (x86)\Common Files\BioWare\Uninstall Star Wars - The Old Republic.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3B9E171F-A955-4834-B877-447C0A437260}] : (ASUS ROG Gaming Mouse.-.ASUS) -> C:\Program Files (x86)\InstallShield Installation Information\{3B9E171F-A955-4834-B877-447C0A437260}\setup.exe -runfromtemp -l0x0009 -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}] : (QuickTime 7.-.Apple Inc.) -> MsiExec.exe /I{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3E75652D-99B1-417E-B163-BEF33CAD3F16}] : (League of Legends.-.Riot Games) -> MsiExec.exe /X{3E75652D-99B1-417E-B163-BEF33CAD3F16} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{415A5A54-325E-4815-9940-62A889CA3877}] : (Autodesk Material Library Medium Resolution Image Library 2016.-.Autodesk) -> MsiExec.exe /X{415A5A54-325E-4815-9940-62A889CA3877} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{46F044A5-CE8B-4196-984E-5BD6525E361D}] : (Apple Application Support.-.Apple Inc.) -> MsiExec.exe /I{46F044A5-CE8B-4196-984E-5BD6525E361D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}] : (ASUS Smart Gesture.-.ASUS) -> MsiExec.exe /I{4D3286A6-F6AB-498A-82A4-E4F040529F3D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5680D629-B263-49CC-821E-3CEBD4507B51}] : (Adobe Illustrator CC 2015.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{5680D629-B263-49CC-821E-3CEBD4507B51}" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}] : (AudioWizard.-.ICEpower a/s) -> MsiExec.exe /X{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] : (Realtek Card Reader.-.Realtek Semiconductor Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}\setup.exe" -runfromtemp -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}] : (Autodesk Material Library Base Resolution Image Library 2016.-.Autodesk) -> MsiExec.exe /X{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{709316AD-161C-4D5C-9AE7-0B3A822DA271}] : (Google Drive.-.Google, Inc.) -> MsiExec.exe /X{709316AD-161C-4D5C-9AE7-0B3A822DA271} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus] : (WildTangent Games App.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\Touchpoints\asus\Uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{793C2BF7-A4FE-4608-91C9-9282C5801C21}] : (Adobe Photoshop CC 2015.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{793C2BF7-A4FE-4608-91C9-9282C5801C21}" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}] : (Skype™ 6.18.-.Skype Technologies S.A.) -> MsiExec.exe /X{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}] : (Adobe Audition CC 2015.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{839A3566-AED6-4787-A849-5CBE2B1DC6AE}" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver.-.Realtek) -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{895D0391-459F-4D45-B8DD-13F0DE70C66E}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168}] : (Autodesk Backburner 2016.-.Autodesk) -> MsiExec.exe /I{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F21291E-0444-4B1D-B9F9-4370A73E346D}] : (WinFlash.-.ASUS) -> MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{90150000-0138-0409-0000-0000000FF1CE}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{94AD53E7-493B-4291-8714-7A3B761D2783}] : (Autodesk Advanced Material Library Image Library 2016.-.Autodesk) -> MsiExec.exe /X{94AD53E7-493B-4291-8714-7A3B761D2783} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}] : (Intel® PROSet/Wireless Software.-.Intel Corporation) -> "C:\ProgramData\Package Cache\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}\Setup.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}] : (ASUS USB Charger Plus.-.ASUS) -> MsiExec.exe /X{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AA67D612-0BE5-44D6-9A91-592958F754A1}] : (Intel(R) C++ Redistributables on Intel(R) 64.-.Intel Corporation) -> MsiExec.exe /X{AA67D612-0BE5-44D6-9A91-592958F754A1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}] : (ATK Package.-.ASUS) -> MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B0F1B758-60D6-41F7-93D9-212A448813FE}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C4FB3CF4-C845-4746-A9F5-476908266433}] : (Intel(R) Driver Update Utility 2.2.0.5.-.Intel) -> MsiExec.exe /X{C4FB3CF4-C845-4746-A9F5-476908266433} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D7269C20-B3CE-4CD0-8E88-3D307D3BD41A}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DBFD0312-6E55-1014-8952-E78D43BC0147}] : (Adobe InDesign CC 2015.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{DBFD0312-6E55-1014-8952-E78D43BC0147}" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DFD2DC6B-C634-4C1C-81CC-5EF852E71CEE}_is1] : (Trapcode Suite v12.1.6.-.Red Giant, LLC) -> "C:\Program Files (x86)\Red Giant\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}] : (ASUS Virtual Camera.-.ASUS) -> MsiExec.exe /I{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{EF61675D-9BBC-4EC7-B906-F13BE8D3BD20}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] : (Intel(R) Processor Graphics.-.Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe" -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] : (Realtek High Definition Audio Driver.-.Realtek Semiconductor Corp.) -> C:\Program Files\Realtek\Audio\HDA\RtlUpd64.exe -r -m -nrg2709 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}] : (ASUS Live Update.-.ASUS) -> MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}] : (Foxit PhantomPDF.-.Foxit Corporation) -> MsiExec.exe /X{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{fe92d390-13ee-4660-a2f8-39a066fdffe0}] : (Intel Driver Update Utility.-.Intel) -> "C:\ProgramData\Package Cache\{fe92d390-13ee-4660-a2f8-39a066fdffe0}\Intel Driver Update Utility Installer.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}] : (Apple Software Update.-.Apple Inc.) -> MsiExec.exe /I{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF} ¤¤¤¤¤¤¤¤¤¤ | Installer [HKCR\Installer\Products\00006109C80000000000000000F01FEC] : Office 16 Click-to-Run Extensibility Component [HKCR\Installer\Products\00006109C800C0400000000000F01FEC] : Office 16 Click-to-Run Localization Component [HKCR\Installer\Products\00006109F80000000100000000F01FEC] : Office 16 Click-to-Run Licensing Component [HKCR\Installer\Products\0D66BBA212974E64FAD7FC0423A301BB] : Intel® PROSet/Wireless WiFi Software -> C:\Windows\Installer\{2ABB66D0-7921-46E4-AF7D-CF40323A10BB}\ARPPRODUCTICON.exe [HKCR\Installer\Products\1C006203FDB61DF44170419892CC3158] : Intel(R) Wireless Bluetooth(R)(patch version 17.1.1431.1) -> C:\Windows\Installer\{302600C1-6BDF-4FD1-1407-148929CC1385}\IntelBluetoothICO [HKCR\Installer\Products\1F7F1DFF9CA14CB49A8060686D53BAFA] : Apple Software Update -> C:\WINDOWS\Installer\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}\Installer.ico [HKCR\Installer\Products\216D76AA5EB06D44A9199592857F451A] : Intel(R) C++ Redistributables on Intel(R) 64 [HKCR\Installer\Products\2A077E75FAB2AAC4AB3ADB98E622453D] : AudioWizard -> C:\Windows\Installer\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}\ARPPRODUCTICON.exe [HKCR\Installer\Products\2D83F5C8EFE94A943B5FFB2301EF1D86] : Autodesk Backburner 2016 -> C:\WINDOWS\Installer\{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168}\arp.ico [HKCR\Installer\Products\451203566FAA02040A0767AC9AEC8C3D] : PixelMaster Video HDR -> C:\Windows\Installer\{65302154-AAF6-4020-A070-76CAA9CEC8D3}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\45A5A514E52351849904268A98AC8377] : Autodesk Material Library Medium Resolution Image Library 2016 -> C:\WINDOWS\Installer\{415A5A54-325E-4815-9940-62A889CA3877}\MaterialsIcon [HKCR\Installer\Products\4BB570A2679E8724FBF35E6C49D5480C] : bl -> C:\WINDOWS\Installer\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}\ARPPRODUCTICON.exe [HKCR\Installer\Products\4FC3BF4C548C64749A5F749680624633] : Intel(R) Driver Update Utility 2.2.0.5 -> C:\WINDOWS\Installer\{C4FB3CF4-C845-4746-A9F5-476908266433}\ProductIcon [HKCR\Installer\Products\5059A9026AEAE2D4CABF9F09C58EA90E] : Ableton Live 9 Suite [HKCR\Installer\Products\50E7C3A773EE6D74991EE20BA5D33A7F] : Skype™ 6.18 -> C:\windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe [HKCR\Installer\Products\50FA96906FF400C4496034952983EDD0] : ASUS Splendid Video Enhancement Technology -> C:\Windows\Installer\{0969AF05-4FF6-4C00-9406-43599238DE0D}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\5979F581366931F4E99F03A782A2BDA5] : ph -> C:\WINDOWS\Installer\{185F9795-9663-4F13-9EF9-307A282ADB5A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\5A440F64B8EC691489E4B56D25E563D1] : Apple Application Support -> C:\WINDOWS\Installer\{46F044A5-CE8B-4196-984E-5BD6525E361D}\WinInstall.ico [HKCR\Installer\Products\5D7271213FDF3274AB75BE834304DE27] : OpenOffice 4.1.1 -> C:\WINDOWS\Installer\{121727D5-FDF3-4723-BA57-EB383440ED72}\soffice.ico [HKCR\Installer\Products\5E3E958AF26CAFB4FAD1B2590E1366FA] : ASUS USB Charger Plus -> C:\Windows\Installer\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\6A6823D4BA6FA894284A4E0F0425F9D3] : ASUS Smart Gesture -> C:\WINDOWS\Installer\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\76E045AFC590B1A479ABD445D7CEA94F] : ASUS Live Update -> C:\Windows\Installer\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}\MyIcon2 [HKCR\Installer\Products\7C2F70F1F69543F48B50C2163A5EE0A5] : Device Setup -> C:\windows\Installer\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\7CE73B25638D01404046C342CBDE0201] : Autodesk 3ds Max 2016 -> C:\WINDOWS\Installer\{52B37EC7-D836-0410-0464-3C24BCED2010}\max.ico [HKCR\Installer\Products\7E35DA49B39419247841A7B367D17238] : Autodesk Advanced Material Library Image Library 2016 -> C:\WINDOWS\Installer\{94AD53E7-493B-4291-8714-7A3B761D2783}\MaterialsIcon [HKCR\Installer\Products\984E43049E0D4C140AAD68D58318EFF3] : Intel(R) Management Engine Components [HKCR\Installer\Products\99E80CA9B0328e74791254777B1F42AE] : [HKCR\Installer\Products\9B847D330014FEF4CBCD336EF990C883] : Intel(R) PRO/Wireless Driver -> C:\Windows\Installer\{33D748B9-4100-4FEF-BCDC-33E69F098C38}\ARPPRODUCTICON.exe [HKCR\Installer\Products\9FA444B1EBD14884F85369B9FEFC968A] : Intel® Trusted Connect Service Client [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\BB6E67CFBBC76DC41887B3ACCD50623C] : Foxit PhantomPDF -> C:\windows\Installer\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}\IconName.exe [HKCR\Installer\Products\C2CBC2D34D56364478BABBC258C9F1E3] : QuickTime 7 -> C:\WINDOWS\Installer\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}\Installer.ico [HKCR\Installer\Products\CC761E2991D3BE74EAF71A5324C72302] : Adblock Plus pour IE (32-bits et 64-bits) -> C:\WINDOWS\Installer\{92E167CC-3D19-47EB-AE7F-A135427C3220}\program_icon [HKCR\Installer\Products\CE6D7A922C36DF2418348521BA2D29F3] : Autodesk Material Library 2016 -> C:\WINDOWS\Installer\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}\MaterialsIcon [HKCR\Installer\Products\D25657E31B99E7141B36EB3FC3DAF361] : League of Legends -> C:\WINDOWS\Installer\{3E75652D-99B1-417E-B163-BEF33CAD3F16}\lol.launcher_1.exe [HKCR\Installer\Products\DA613907C161C5D4A97EB0A328D22A17] : Google Drive -> C:\WINDOWS\Installer\{709316AD-161C-4D5C-9AE7-0B3A822DA271}\DriveIcon [HKCR\Installer\Products\DB0D42FCA9135E241888E6CC624BCB6C] : ScpToolkit -> C:\WINDOWS\Installer\{CF24D0BD-319A-42E5-8188-6ECC26B4BCC6}\DualShock3.exe [HKCR\Installer\Products\DED29E75C7CD5E149B1E678DB32DAEEB] : Autodesk 3ds Max 2016 Populate Data -> C:\WINDOWS\Installer\{57E92DED-DC7C-41E5-B9E1-76D83BD2EABE}\arp.ico [HKCR\Installer\Products\E19212F84440D1B49B9F34077AE343D6] : WinFlash -> C:\Windows\Installer\{8F21291E-0444-4B1D-B9F9-4370A73E346D}\MyIcon [HKCR\Installer\Products\E339C5BAD7C503D43B41C9384AB949EB] : ATK Package -> C:\Windows\Installer\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\E6CFC4B60BCEEF74593D566C08DE6078] : Autodesk Material Library Base Resolution Image Library 2016 -> C:\WINDOWS\Installer\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}\MaterialsIcon [HKCR\Installer\Products\E95EE7A4F79C6CE46A70E7C2ED2C0429] : Intel(R) ME UninstallLegacy [HKCR\Installer\Products\EC5FDCABE35CDF34DA8BFCEB1CF95FE0] : Intel(R) Management Engine Components [HKCR\Installer\Products\F12DB8CE0AC0FBB4799DA4253B00141A] : ASUS Virtual Camera -> C:\Windows\Installer\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\FBD5E042AF361334CBD971503B3CE383] : Intel(R) Wireless Bluetooth(R) -> C:\WINDOWS\Installer\{240E5DBF-63FA-4331-BC9D-1705B3C33E38}\IntelBluetooth.ico ¤¤¤¤¤¤¤¤¤¤ | ADS ¤¤¤¤¤¤¤¤¤¤ | Drives Disk: 0 Size=954G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 EE-UNKNWN 21.0T No No 1 294,967,295 ¤¤¤¤¤¤¤¤¤¤ | MBR Windows Version: Windows Information: (build 9200), 64-bit Base Board Manufacturer: ASUSTeK COMPUTER INC. BIOS Manufacturer: American Megatrends Inc. System Manufacturer: ASUSTeK COMPUTER INC. System Product Name: G771JW Logical Drives Mask: 0x0000001c Analysis of file "C:\QuickDiag\MBR.bin": Unknown MBR code 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ¤¤¤¤¤¤¤¤¤¤( EOF)¤¤¤¤¤¤¤¤¤¤ - 3776 | 20:33:45