--------------- QuickDiag | g3n-h@ckm@n | 2_01.07.2016.4 --------------- ----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 17/07/2016 04:24:48 Updated 01/07/2016 | 14.30 by g3n-h@ckm@n Contact : http://www.sosvirus.net/ Time Zone : (UTC+01:00) Bruxelles, Copenhague, Madrid, Paris [Cedric (Administrator)] - [PC-CED] (S-1-5-21-4256550607-910914473-3542436597-1001) System: Microsoft Windows 10 Famille - - (10.0.10586) - BuildType: Multiprocessor Free - OSLanguage: 1036 (040c) System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True Boot : Microsoft Windows 10 Famille|C:\WINDOWS|\Device\Harddisk0\Partition4 Boot : Normal boot PC: X550JK - ASUSTeK COMPUTER INC. - IdNumber: E9N0CV310467383 - UUID: 6CE0A820-3DA8-81E4-3892-382C4A201B31 Processor : X64 - 2794 Mhz - Intel(R) Core(TM) i5-4200H CPU @ 2.80GHz X550JK.302 - en|US|iso8859-1 - American Megatrends Inc. - S/N: E9N0CV310467383 - X550JK.302 - _ASUS_ - 1072009 CoreTemp : 57 Celsius ----------| Quick ---------- | SoundDevice Conexant SmartAudio HD - Status: OK - Manufacturer: Conexant - PNPDeviceID: HDAUDIO\FUNC_01&VEN_14F1&DEV_510F&SUBSYS_1043178D&REV_1001\4&48E2ED5&0&0001 NVIDIA Virtual Audio Device (Wave Extensible) (WDM) - Status: OK - Manufacturer: NVIDIA - PNPDeviceID: ROOT\UNNAMED_DEVICE\0000 ---------- | Video NVIDIA GeForce GTX 850M - Resolution: x - Colors: - RefreshRate: - Bits Per Pixel - DeviceID: VideoController1 - Drivers: nvd3dumx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvwgf2umx.dll,nvd3dum,nvwgf2um,nvwgf2um,nvwgf2um - PNPDeviceID: PCI\VEN_10DE&DEV_1391&SUBSYS_178D1043&REV_A2\4&23373F3C&0&0008 - AdapterCompatibility: NVIDIA - RAM: -2147483648 Intel(R) HD Graphics 4600 - Resolution: 1920x1080 - Colors: 4294967296 - RefreshRate: 60 - 32 Bits Per Pixel - DeviceID: VideoController2 - Drivers: igdumdim64.dll,igd10iumd64.dll,igd10iumd64.dll,igd12umd64.dll,igdumdim32,igd10iumd32,igd10iumd32,igd12umd32 - PNPDeviceID: PCI\VEN_8086&DEV_0416&SUBSYS_178D1043&REV_06\3&11583659&1&10 - AdapterCompatibility: Intel Corporation - RAM: 1073741824 Inegrated Video Chipset DeviceName: NVIDIA GeForce GTX 850M - DriverVersion: 10.18.13.6881 - SpecificationVersion: 1025 ---------- | Codecs c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 87040 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25344 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 35696 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16896 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 53760 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\frapsv64.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 71680 - Manufacturer: Beepa P/L - Status: OK c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 17920 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 34632 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 42936 - Manufacturer: Microsoft Corporation - Status: OK c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 27136 - Manufacturer: Microsoft Corporation - Status: OK ---------- | CPU CPU #1 value:15 % CPU #2 value:3 % CPU #3 value:21 % CPU #4 value:33 % Total Overall CPU Usage value:18 % ---------- | Network Realtek PCIe GBE Family Controller : SENT:0 bytes/sec / RECVD:0 bytes/sec Carte réseau Broadcom 802.11n : SENT:259 bytes/sec / RECVD:259 bytes/sec Overall -> SEND Maxium:18 bytes/sec, / RECEIVE Maximum:259 bytes/sec Microsoft Kernel Debug Network Adapter - - Microsoft - Status: - PnPID : ROOT\KDNIC\0000 - - - Status: - PnPID : Carte réseau Broadcom 802.11n - Ethernet 802.3 - Broadcom - Status: - PnPID : PCI\VEN_14E4&DEV_4365&SUBSYS_660511AD&REV_01\0000B3FFFF30301000 Microsoft Wi-Fi Direct Virtual Adapter - Ethernet 802.3 - Microsoft - Status: - PnPID : {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&D1576B9&2&13 Realtek PCIe GBE Family Controller - Ethernet 802.3 - Realtek - Status: - PnPID : PCI\VEN_10EC&DEV_8168&SUBSYS_200F1043&REV_12\31046738684CE00001 ---------- | Memory RAM = Total (MB) : 8269 | Free (MB) : 4470 Pagefile = Total (MB) : 10104 | Free (MB) : 5829 Virtual = Total (MB) : 4194 | Free (MB) : 3956 Physical Memory 0 : Capacity: 4294967296 - ChannelA-DIMM0 - Posit.: - Manufacturer: Elpida - PartNumber: EDJ4208EFBG-GNL-F - S/N: 00000000 Physical Memory 2 : Capacity: 4294967296 - ChannelB-DIMM0 - Posit.: - Manufacturer: Hynix/Hyundai - PartNumber: HMT451S6BFR8A-PB - S/N: 2AC1402B ---------- | SID Users Administrateur : [S-1-5-21-4256550607-910914473-3542436597-500] Cedric : [S-1-5-21-4256550607-910914473-3542436597-1001] DefaultAccount : [S-1-5-21-4256550607-910914473-3542436597-503] Invité : [S-1-5-21-4256550607-910914473-3542436597-501] Administrateurs : [S-1-5-32-544] IIS_IUSRS : [S-1-5-32-568] Invités : [S-1-5-32-546] Lecteurs des journaux d’événements : [S-1-5-32-573] System Managed Accounts Group : [S-1-5-32-581] Utilisateurs : [S-1-5-32-545] Utilisateurs de gestion à distance : [S-1-5-32-580] Utilisateurs de l’Analyseur de performances : [S-1-5-32-558] Utilisateurs du journal de performances : [S-1-5-32-559] Utilisateurs du modèle COM distribué : [S-1-5-32-562] WinRMRemoteWMIUsers__ : [S-1-5-21-4256550607-910914473-3542436597-1000] ---------- | Drives D:\ -> [Fixed] | [Data] | Total : 537.8 Go | Free : 35.12 Go -> NTFS [SATA] C:\ -> [Fixed] | [OS] | Total : 372.6 Go | Free : 162.19 Go -> NTFS [SATA] Disk Usage Information [1 total Physical Disks] Physical Drive #0 [C:, D:] : Read:0 bytes/sec, Written:0 bytes/sec Max Read:0 bytes/sec, Max Write:0 bytes/sec Overall - Read Maximum:0 bytes/sec, Write Maximum:0 bytes/sec DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 5 Part. - PnPID : SCSI\DISK&VEN_HGST&PROD_HTS721010A9E630\4&257A40C&0&040000 ---------- | Windows updates No detected update !!! Microsoft : + Windows Is Activated Possible Fixed Windows (Notification Mode) ---------- | Browsers IE : 11.0.10586.494 (© Microsoft Corporation. Tous droits réservés.) FF : 44.0.1.5879 (©Firefox and Mozilla Developers; available under the MPL 2 license.) GC : 52.0.2743.75 (Copyright 2016 Google Inc.) Default : "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" -osint -url "%1" ---------- | FlashPlayer FlashPlayer ActiveX : 22.0.0.209 FlashPlayer Plugin : 22.0.0.209 ---------- | Security AM : Malwarebytes' Anti-Malware ( 2.3.173.0) [Update : 17/07/2016 00:24:35] FW : WINDOWS Firewall WMI : OK WU: Windows Update Service [Manual(3)] = stopped AS: Windows Defender [Auto(2)] = Running WMI: Windows Management Instrumentation [Auto(2)] = Running ---------- | Running processes 364 | [Owner : Système | Parent : 4(System) | ?????] - (.Microsoft Corporation - Gestionnaire de sessions Windows.) - (10.0.10586.0) = C:\Windows\System32\smss.exe CPU Usage:0 % 628 | [Owner : | Parent : 496() | ?????] - (.Microsoft Corporation - Application de démarrage de Windows.) - (10.0.10586.306) = C:\Windows\System32\wininit.exe CPU Usage:0 % 660 | [Owner : | Parent : 596() | ?????] - (.Microsoft Corporation - Application d’ouverture de session Windows.) - (10.0.10586.306) = C:\Windows\System32\winlogon.exe CPU Usage:0 % 744 | [Owner : | Parent : 628(wininit.exe) | ?????] - (.Microsoft Corporation - Applications Services et Contrôleur.) - (10.0.10586.71) = C:\Windows\System32\services.exe CPU Usage:0 % 756 | [Owner : | Parent : 628(wininit.exe) | ?????] - (.Microsoft Corporation - Local Security Authority Process.) - (10.0.10586.0) = C:\Windows\System32\lsass.exe CPU Usage:0 % 860 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 920 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 288 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 524 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 492 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 940 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1040 | [Owner : | Parent : 744(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 368.81.) - (8.17.13.6881) = C:\Windows\System32\nvvsvc.exe CPU Usage:0 % 1144 | [Owner : | Parent : 744(services.exe) | ?????] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.4256) = C:\Windows\System32\igfxCUIService.exe CPU Usage:0 % 1240 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1320 | [Owner : | Parent : 1040(nvvsvc.exe) | ?????] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) - (8.17.13.6881) = C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe CPU Usage:0 % 1372 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1524 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 1596 | [Owner : | Parent : 744(services.exe) | ?????] - (.ASUSTek Computer Inc. - ASLDR Service.) - (1.0.81.2) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe CPU Usage:0 % 1604 | [Owner : | Parent : 744(services.exe) | ?????] - (.ASUS - GFNEXSrv.) - (1.0.11.1) = C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe CPU Usage:0 % 1688 | [Owner : | Parent : 744(services.exe) | ?????] - (.Intel Corporation - IntelCpHeciSvc Executable.) - (9.0.31.9000) = C:\Windows\SysWOW64\IntelCpHeciSvc.exe CPU Usage:0 % 1744 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Application sous-système spouleur.) - (10.0.10586.122) = C:\Windows\System32\spoolsv.exe CPU Usage:0 % 2080 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 2088 | [Owner : | Parent : 744(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA GeForce ExperienceService.) - (2.11.4.0) = C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe CPU Usage:0 % 2096 | [Owner : | Parent : 744(services.exe) | ?????] - (.ASUS Cloud Corporation - Asus WebStorage Windows Service.) - (1.0.0.0) = C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe CPU Usage:0 % 2104 | [Owner : | Parent : 744(services.exe) | ?????] - (.Broadcom Corporation. - Bluetooth Support Server.) - (12.0.1.940) = C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe CPU Usage:0 % 2116 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Microsoft Office Click-to-Run.) - (15.0.4833.1001) = C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe CPU Usage:0 % 2128 | [Owner : | Parent : 744(services.exe) | ?????] - (.Western Digital Technologies, Inc. - WD Drive Service.) - (2.3.1.4) = C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe CPU Usage:0 % 2136 | [Owner : | Parent : 744(services.exe) | ?????] - (.Malwarebytes - Malwarebytes Anti-Malware.) - (3.1.7.0) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe CPU Usage:0 % 2256 | [Owner : | Parent : 744(services.exe) | ?????] - (.Intel(R) Corporation - Intel(R) Capability Licensing Service Interface.) - (1.31.8.1) = C:\Program Files\Intel\iCLS Client\HeciServer.exe CPU Usage:0 % 2312 | [Owner : | Parent : 744(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Streamer Service.) - (7.1.2084.9592) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe CPU Usage:0 % 2332 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 2360 | [Owner : | Parent : 744(services.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Windows\SysWOW64\PnkBstrA.exe CPU Usage:0 % 2408 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 2416 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 2424 | [Owner : | Parent : 744(services.exe) | ?????] - (.- Intel(R) System Usage Report.) - (1.2.1.1313) = C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe CPU Usage:0 % 2436 | [Owner : | Parent : 744(services.exe) | ?????] - (.-.) - (0.0.0.0) = C:\Windows\SysWOW64\PnkBstrB.exe CPU Usage:0 % 2448 | [Owner : | Parent : 744(services.exe) | ?????] - (.ELAN Microelectronics Corp. - Elan Service.) - (11.10.8.3) = C:\Program Files\Elantech\ETDService.exe CPU Usage:0 % 2484 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Antimalware Service Executable.) - (4.9.10586.494) = C:\Program Files\Windows Defender\MsMpEng.exe CPU Usage:0 % 2492 | [Owner : | Parent : 744(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Network Service.) - (2.4.13.69) = C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe CPU Usage:0 % 2544 | [Owner : | Parent : 744(services.exe) | ?????] - (.DEVGURU Co., LTD. - MSS CS Connectivity Service.) - (2.5.5.0) = C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe CPU Usage:0 % 2600 | [Owner : | Parent : 744(services.exe) | ?????] - (.Broadcom Corporation. - Bluetooth Radio Management Support.) - (12.0.0.8048) = C:\Windows\System32\BtwRSupportService.exe CPU Usage:0 % 2708 | [Owner : | Parent : 744(services.exe) | ?????] - (.Malwarebytes - Malwarebytes Anti-Malware.) - (3.2.21.0) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe CPU Usage:0 % 2728 | [Owner : | Parent : 744(services.exe) | ?????] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe CPU Usage:0 % 3008 | [Owner : | Parent : 744(services.exe) | ?????] - (.Western Digital Technologies, Inc. - WD Backup Engine.) - (2.0.0.15) = C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe CPU Usage:0 % 3552 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 3756 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Service de la passerelle de la couche Application.) - (10.0.10586.0) = C:\Windows\System32\alg.exe CPU Usage:0 % 2692 | [Owner : | Parent : 744(services.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Network Stream Service.) - (7.1.2084.9592) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe CPU Usage:0 % 4864 | [Owner : | Parent : 1596(AsLdrSrv.exe) | ?????] - (.ASUSTek Computer Inc. - HControl.) - (1.0.82.1) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe CPU Usage:0 % 4984 | [Owner : Cedric | Parent : 2448(ETDService.exe) | 9.75 Mo] - (.ELAN Microelectronics Corp. - ETD Control Center.) - (11.66.8.7) = C:\Program Files\Elantech\ETDCtrl.exe CPU Usage:0 % 5060 | [Owner : Cedric | Parent : 2708(mbamservice.exe) | 62.7 Mo] - (.Malwarebytes - Malwarebytes Anti-Malware.) - (2.3.173.0) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe CPU Usage:0 % 2532 | [Owner : Cedric | Parent : 940(svchost.exe) | 20.47 Mo] - (.Microsoft Corporation - Shell Infrastructure Host.) - (10.0.10586.0) = C:\Windows\System32\sihost.exe CPU Usage:0 % 4712 | [Owner : Cedric | Parent : 940(svchost.exe) | 33.29 Mo] - (.Microsoft Corporation - Processus hôte pour Tâches Windows.) - (10.0.10586.0) = C:\Windows\System32\taskhostw.exe CPU Usage:0 % 4772 | [Owner : Cedric | Parent : 940(svchost.exe) | 0.79 Mo] - (.ASUS - Power4Gear Hybrid.) - (2.2.0.0) = C:\Program Files\ASUS\P4G\BatteryLife.exe CPU Usage:0 % 4932 | [Owner : Cedric | Parent : 940(svchost.exe) | 0.59 Mo] - (.ASUS - ACMON.) - (1.0.8.0) = C:\Program Files (x86)\ASUS\Splendid\ACMON.exe CPU Usage:0 % 5020 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.8693) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe CPU Usage:0 % 4908 | [Owner : Cedric | Parent : 940(svchost.exe) | 0.94 Mo] - (.ASUSTek Computer Inc. - ASUS USB Charger Plus.) - (3.1.9.4) = C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe CPU Usage:0 % 4860 | [Owner : | Parent : 4864(HControl.exe) | ?????] - (.ASUSTek Computer Inc. - KBFiltr.) - (1.0.67.1) = C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe CPU Usage:0 % 5692 | [Owner : Cedric | Parent : 860(svchost.exe) | 40.02 Mo] - (.Microsoft Corporation - Runtime Broker.) - (10.0.10586.0) = C:\Windows\System32\RuntimeBroker.exe CPU Usage:0 % 5992 | [Owner : Cedric | Parent : 5672() | 133.74 Mo] - (.Microsoft Corporation - Explorateur Windows.) - (10.0.10586.494) = C:\Windows\explorer.exe CPU Usage:0 % 4732 | [Owner : | Parent : 2312(NvStreamService.exe) | ?????] - (.NVIDIA Corporation - NVIDIA Streamer User Agent.) - (7.1.2084.9592) = C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe CPU Usage:0 % 5588 | [Owner : | Parent : 4732(NvStreamUserAgent.exe) | ?????] - (.Microsoft Corporation - Console Window Host.) - (10.0.10586.0) = C:\Windows\System32\conhost.exe CPU Usage:0 % 5860 | [Owner : Cedric | Parent : 860(svchost.exe) | 15.1 Mo] - (.Microsoft Corporation - Reminders WinRT OOP Server.) - (10.0.10586.494) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe CPU Usage:0 % 5148 | [Owner : Cedric | Parent : 5168() | 10.28 Mo] - (.Intel Corporation - igfxEM Module.) - (6.15.10.4256) = C:\Windows\System32\igfxEM.exe CPU Usage:0 % 4780 | [Owner : Cedric | Parent : 5168() | 7.79 Mo] - (.Intel Corporation - igfxHK Module.) - (6.15.10.4256) = C:\Windows\System32\igfxHK.exe CPU Usage:0 % 2468 | [Owner : Cedric | Parent : 2464() | 6.25 Mo] - (.ASUSTek Computer Inc. - ATK Media.) - (2.0.19.3) = C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe CPU Usage:0 % 5316 | [Owner : Cedric | Parent : 2516() | 8.17 Mo] - (.ASUSTek Computer Inc. - ATKOSD2.) - (7.0.30.3) = C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe CPU Usage:0 % 4852 | [Owner : | Parent : 5248() | ?????] - (.Google Inc. - Google Crash Handler.) - (1.3.30.3) = C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe CPU Usage:0 % 5388 | [Owner : | Parent : 5248() | ?????] - (.Google Inc. - Google Crash Handler.) - (1.3.30.3) = C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe CPU Usage:0 % 6636 | [Owner : Cedric | Parent : 860(svchost.exe) | 65.69 Mo] - (.Microsoft Corporation - Windows Shell Experience Host.) - (10.0.10586.494) = C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe CPU Usage:0 % 6968 | [Owner : Cedric | Parent : 1320(nvxdsync.exe) | 11.55 Mo] - (.NVIDIA Corporation - NVIDIA Settings.) - (7.17.13.6881) = C:\Program Files\NVIDIA Corporation\Display\nvtray.exe CPU Usage:0 % 6652 | [Owner : Cedric | Parent : 860(svchost.exe) | 124.64 Mo] - (.Microsoft Corporation - Search and Cortana application.) - (10.0.10586.494) = C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe CPU Usage:0 % 6804 | [Owner : Cedric | Parent : 6968(nvtray.exe) | 16.67 Mo] - (.NVIDIA Corporation - NVIDIA Backend.) - (20.16.6.0) = C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe CPU Usage:0 % 6508 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Indexeur Microsoft Windows Search.) - (7.0.10586.494) = C:\Windows\System32\SearchIndexer.exe CPU Usage:0 % 7832 | [Owner : Cedric | Parent : 860(svchost.exe) | 8.16 Mo] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (10.0.10586.494) = C:\Windows\System32\SettingSyncHost.exe CPU Usage:0 % 8080 | [Owner : Cedric | Parent : 5992(explorer.exe) | 4.97 Mo] - (.© 2015 Microsoft Corporation - Microsoft Bing Service.) - (1.0.6.0) = C:\Users\Cédric\AppData\Local\Microsoft\BingSvc\BingSvc.exe CPU Usage:0 % 2800 | [Owner : Cedric | Parent : 5992(explorer.exe) | 7.58 Mo] - (.Spotify Ltd - SpotifyWebHelper.) - (1.0.33.106) = C:\Users\Cédric\AppData\Roaming\Spotify\SpotifyWebHelper.exe CPU Usage:0 % 5012 | [Owner : Cedric | Parent : 5992(explorer.exe) | 14.94 Mo] - (.Flux Software LLC - f.lux.) - (3.10.0.1) = C:\Users\Cédric\AppData\Local\FluxSoftware\Flux\flux.exe CPU Usage:0 % 5552 | [Owner : Cedric | Parent : 5992(explorer.exe) | 227.73 Mo] - (.Google Inc. - Google Chrome.) - (52.0.2743.75) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:0 % 1332 | [Owner : Cedric | Parent : 5552(chrome.exe) | 5.38 Mo] - (.Google Inc. - Google Chrome.) - (52.0.2743.75) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:0 % 6368 | [Owner : Cedric | Parent : 7460() | 20.14 Mo] - (.Western Digital Technologies, Inc. - WD Quick View.) - (3.2.4.23) = C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe CPU Usage:0 % 8076 | [Owner : Cedric | Parent : 5552(chrome.exe) | 7.3 Mo] - (.Google Inc. - Google Chrome.) - (52.0.2743.75) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:0 % 3060 | [Owner : Cedric | Parent : 5552(chrome.exe) | 118.03 Mo] - (.Google Inc. - Google Chrome.) - (52.0.2743.75) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:0 % 9100 | [Owner : Cedric | Parent : 5992(explorer.exe) | 21.9 Mo] - (. - .) - (0.0.0.0) = C:\Users\Cédric\AppData\Roaming\Osmegim Jevroce\Osmegim.exe CPU Usage:0 % 8436 | [Owner : Cedric | Parent : 5552(chrome.exe) | 123.53 Mo] - (.Google Inc. - Google Chrome.) - (52.0.2743.75) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:0 % 8380 | [Owner : Cedric | Parent : 5552(chrome.exe) | 37.29 Mo] - (.Google Inc. - Google Chrome.) - (52.0.2743.75) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:0 % 8612 | [Owner : Cedric | Parent : 9100(Osmegim.exe) | 12.08 Mo] - (. - .) - (0.0.0.0) = C:\Users\Cédric\AppData\Roaming\Osmegim Jevroce\Osmegim.exe CPU Usage:0 % 8948 | [Owner : Cedric | Parent : 6936() | 80.72 Mo] - (.Blizzard Entertainment - Battle.net desktop app.) - (1.4.2.7575) = D:\Jeux\Battle.net\Battle.net.7575\Battle.net.exe CPU Usage:0 % 7812 | [Owner : Cedric | Parent : 744(services.exe) | 31.2 Mo] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 8756 | [Owner : Cedric | Parent : 8668() | 19.98 Mo] - (.Blizzard Entertainment - Battle.net Update Agent.) - (2.6.3.5065) = C:\ProgramData\Battle.net\Agent\Agent.5065\Agent.exe CPU Usage:0 % 8632 | [Owner : Cedric | Parent : 8756(Agent.exe) | 6.59 Mo] - (.Microsoft Corporation - Console Window Host.) - (10.0.10586.0) = C:\Windows\System32\conhost.exe CPU Usage:0 % 7668 | [Owner : Cedric | Parent : 7652() | 26.74 Mo] - (.Intel Corporation - IAStorIcon.) - (14.10.0.1016) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe CPU Usage:0 % 7492 | [Owner : | Parent : 744(services.exe) | ?????] - (.Intel Corporation - IAStorDataSvc.) - (14.10.0.1016) = C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe CPU Usage:0 % 3056 | [Owner : | Parent : 744(services.exe) | ?????] - (.Intel Corporation - Intel(R) ME Service.) - (9.5.10.1628) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe CPU Usage:0 % 9160 | [Owner : | Parent : 744(services.exe) | ?????] - (.Intel Corporation - Intel(R) Dynamic Application Loader Host Interface.) - (9.5.12.1682) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe CPU Usage:0 % 7648 | [Owner : | Parent : 744(services.exe) | ?????] - (.Intel Corporation - Intel(R) Local Management Service.) - (9.5.10.1628) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe CPU Usage:0 % 9940 | [Owner : Cedric | Parent : 8948(Battle.net.exe) | 42.23 Mo] - (.-.) - (0.0.0.0) = D:\Jeux\Battle.net\Battle.net.7575\Battle.net Helper.exe CPU Usage:0 % 9272 | [Owner : Cedric | Parent : 5552(chrome.exe) | 352.39 Mo] - (.Google Inc. - Google Chrome.) - (52.0.2743.75) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe CPU Usage:0 % 13268 | [Owner : Cedric | Parent : 8948(Battle.net.exe) | 59.88 Mo] - (.-.) - (0.0.0.0) = D:\Jeux\Battle.net\Battle.net.7575\Battle.net Helper.exe CPU Usage:0 % 11912 | [Owner : Cedric | Parent : 5992(explorer.exe) | 89.18 Mo] - (.Valve Corporation - Steam Client Bootstrapper.) - (3.53.1.42) = D:\Jeux\Steam\Steam.exe CPU Usage:0 % 11084 | [Owner : Cedric | Parent : 11912(Steam.exe) | 54.22 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (3.53.1.42) = D:\Jeux\Steam\bin\steamwebhelper.exe CPU Usage:0 % 9268 | [Owner : | Parent : 744(services.exe) | ?????] - (.Valve Corporation - Steam Client Service.) - (3.53.1.42) = C:\Program Files (x86)\Common Files\Steam\SteamService.exe CPU Usage:0 % 6528 | [Owner : Cedric | Parent : 11084(steamwebhelper.exe) | 83.68 Mo] - (.Valve Corporation - Steam Client WebHelper.) - (3.53.1.42) = D:\Jeux\Steam\bin\steamwebhelper.exe CPU Usage:0 % 13156 | [Owner : | Parent : 6508(SearchIndexer.exe) | ?????] - (.Microsoft Corporation - Microsoft Windows Search Protocol Host.) - (7.0.10586.494) = C:\Windows\System32\SearchProtocolHost.exe CPU Usage:0 % 12740 | [Owner : Système | Parent : 6508(SearchIndexer.exe) | 5.5 Mo] - (.Microsoft Corporation - Microsoft Windows Search Filter Host.) - (7.0.10586.494) = C:\Windows\System32\SearchFilterHost.exe CPU Usage:0 % 8392 | [Owner : | Parent : 1240(svchost.exe) | ?????] - (.Microsoft Corporation - Isolation graphique de périphérique audio Windows.) - (10.0.10586.218) = C:\Windows\System32\audiodg.exe CPU Usage:0 % 8812 | [Owner : Cedric | Parent : 5992(explorer.exe) | 27.39 Mo] - (.Microsoft Corporation - Windows Defender User Interface.) - (4.9.10586.494) = C:\Program Files\Windows Defender\MSASCui.exe CPU Usage:0 % 6612 | [Owner : Cedric | Parent : 860(svchost.exe) | 23.28 Mo] - (.Microsoft Corporation - Application Frame Host.) - (10.0.10586.0) = C:\Windows\System32\ApplicationFrameHost.exe CPU Usage:0 % 12252 | [Owner : Cedric | Parent : 860(svchost.exe) | 51.92 Mo] - (.Microsoft Corporation - Paramètres.) - (10.0.10586.11) = C:\Windows\ImmersiveControlPanel\SystemSettings.exe CPU Usage:0 % 5268 | [Owner : | Parent : 744(services.exe) | ?????] - (.Microsoft Corporation - Processus hôte pour les services Windows.) - (10.0.10586.0) = C:\Windows\System32\svchost.exe CPU Usage:0 % 11532 | [Owner : Cedric | Parent : 5992(explorer.exe) | 28.96 Mo] - (.SosVirus - QuickDiag.) - (1.7.2016.4) = C:\Users\Cédric\Downloads\QuickDiag.exe CPU Usage:0 % ---------- | MD5 [MD5.E396258CFD8F84E8F2C24930E6D88C67] - [13/07/2016 13:48:15] - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4409.43 Ko] - (10.0.10586.494) : C:\WINDOWS\Explorer.exe [MD5.41E25E514D90E9C8BC570484DBAFF62B] - [30/10/2015 09:17:49] - (.© Microsoft Corporation. Tous droits réservés. - Interpréteur de commandes Windows.) - [228.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\cmd.exe [MD5.3E7CCD0F507877C50078205667CE8133] - [30/10/2015 09:18:03] - (.© Microsoft Corporation. Tous droits réservés. - Processus d’exécution client-serveur.) - [17.72 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\csrss.exe [MD5.9513834DAC717444F04169EA5D120885] - [30/10/2015 09:17:51] - (.© Microsoft Corporation. - COM Surrogate.) - [18.34 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\dllhost.exe [MD5.1C9C6933A94C594DE7366124B4DD6075] - [30/10/2015 09:17:46] - (.© Microsoft Corporation. Tous droits réservés. - DLL du client API BASE Windows NT.) - [689.05 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Kernel32.dll [MD5.889459F1FDDC5EC58B437AA6C436F33F] - [30/10/2015 09:18:03] - (.© Microsoft Corporation. - Local Security Authority Process.) - [56.55 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\lsass.exe [MD5.B339861C6A2A86FBCA67C2006B461473] - [30/10/2015 09:17:51] - (.© Microsoft Corporation. - Distributed COM Services.) - [883.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\rpcss.dll [MD5.0DCB89B1F3689BC6262FF30BBD603171] - [30/10/2015 09:18:14] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte Windows (Rundll32).) - [58 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\rundll32.exe [MD5.6FF8248F3A9D69A095C7F3F42BC29CB2] - [28/01/2016 20:44:43] - (.© Microsoft Corporation. Tous droits réservés. - Applications Services et Contrôleur.) - [429.84 Ko] - (10.0.10586.71) : C:\WINDOWS\System32\services.exe [MD5.8497852ED44AFF902D502015792D315D] - [30/10/2015 09:17:49] - (.© Microsoft Corporation. Tous droits réservés. - Processus hôte pour les services Windows.) - [42.91 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\svchost.exe [MD5.F5F7CE3E32536F1A37FB3972F27A814F] - [10/05/2016 19:42:37] - (.© Microsoft Corporation. Tous droits réservés. - DLL client de l’API uilisateur de Windows multi-utilisateurs.) - [1366.43 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\user32.dll [MD5.8F3ECCB5DC878FA14887B43CD148CBA9] - [30/10/2015 09:17:53] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Userinit.) - [30 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\userinit.exe [MD5.C1C81AAF533552B3C4D9F11A5FF97700] - [10/05/2016 19:42:31] - (.© Microsoft Corporation. Tous droits réservés. - Application de démarrage de Windows.) - [284.53 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\Wininit.exe [MD5.5C156EC4E44E30331BCC865A3B61D839] - [10/05/2016 19:42:46] - (.© Microsoft Corporation. Tous droits réservés. - Application d’ouverture de session Windows.) - [572 Ko] - (10.0.10586.306) : C:\WINDOWS\System32\Winlogon.exe [MD5.70148EFA9A562E7185B75BBE7D376BF7] - [16/11/2015 23:33:13] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de fonction connexe pour WinSock.) - [565.34 Ko] - (10.0.10586.3) : C:\WINDOWS\System32\Drivers\afd.sys [MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [27.84 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\atapi.sys [MD5.B6664965BF346322BBDF286174851476] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [188.34 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\ataport.sys [MD5.7F9C7226D743B232907ED2537B8A574F] - [30/10/2015 09:18:09] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\cdfs.sys [MD5.82D97776BF982AA143BDC7DFB5054EA8] - [30/10/2015 09:17:22] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [169.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\cdrom.sys [MD5.935823F79CBEDB91637B63D37E3A5A36] - [12/04/2016 19:44:33] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [145 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\dfsc.sys [MD5.84BC034B6BB763733C1949B7B9BAF976] - [30/10/2015 09:17:18] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [78 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\hdaudbus.sys [MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port i8042.) - [112 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\i8042prt.sys [MD5.9E5E8F2A1996F23B7E9687846AA81B01] - [30/10/2015 09:17:43] - (.© Microsoft Corporation. - IP Network Address Translator.) - [140 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\ipnat.sys [MD5.0B3B0C1D86050355676640488FA897D3] - [02/03/2016 20:40:16] - (.© Microsoft Corporation. Tous droits réservés. - Minirdr SMB Windows NT.) - [420.84 Ko] - (10.0.10586.122) : C:\WINDOWS\System32\Drivers\mrxsmb.sys [MD5.E582DA849A58524E645545FB68B6625D] - [12/04/2016 19:45:26] - (.© Microsoft Corporation. Tous droits réservés. - NDIS (Network Driver Interface Specification).) - [1125.84 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\ndis.sys [MD5.C03E926B0E7D66D68994067231DC3246] - [15/06/2016 18:32:16] - (.© Microsoft Corporation. - MBT Transport driver.) - [272 Ko] - (10.0.10586.420) : C:\WINDOWS\System32\Drivers\netbt.sys [MD5.19BD8A88AAC580592668B070AC0727D9] - [12/04/2016 19:45:28] - (.© Microsoft Corporation. Tous droits réservés. - Pilote du système de fichiers NT.) - [2101.84 Ko] - (10.0.10586.212) : C:\WINDOWS\System32\Drivers\ntfs.sys [MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - [30/10/2015 09:17:23] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de port parallèle.) - [94.5 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\parport.sys [MD5.E3C82823B22463BC38AA4F8ADA852624] - [02/03/2016 20:40:37] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [102.5 Ko] - (10.0.10586.122) : C:\WINDOWS\System32\Drivers\rasl2tp.sys [MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - [30/10/2015 09:19:42] - (.© Microsoft Corporation. Tous droits réservés. - Redirecteur de périphérique de Microsoft RDP.) - [169 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\rdpdr.sys [MD5.CF63BF6AAEDF721E37F9E216FD321B8E] - [13/07/2016 13:46:38] - (.© Microsoft Corporation. Tous droits réservés. - Pilote TCP/IP.) - [2346.84 Ko] - (10.0.10586.494) : C:\WINDOWS\System32\Drivers\tcpip.sys [MD5.91D3F2A6253EF83EFBD7903028F58C4D] - [16/11/2015 23:33:13] - (.© Microsoft Corporation. - TDI Translation Driver.) - [115.84 Ko] - (10.0.10586.3) : C:\WINDOWS\System32\Drivers\tdx.sys [MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - [30/10/2015 09:17:22] - (.© Microsoft Corporation. Tous droits réservés. - Pilote de cliché instantané du volume.) - [404.84 Ko] - (10.0.10586.0) : C:\WINDOWS\System32\Drivers\volsnap.sys ---------- | Locked Applications ---------- | Explorer.exe component call (Microsoft Files Whitelisted) (..-..) - (0.0.0.0) -- C:\WINDOWS\System32\CoreUIComponents.dll (.Apple Inc..-.Bonjour Namespace Provider.) - (3.0.0.10) -- C:\Program Files\Bonjour\mdnsNSP.dll (.Intel Corporation.-.User Mode Driver for Intel(R) Graphics Technology.) - (10.18.15.4256) -- C:\WINDOWS\SYSTEM32\igd10iumd64.dll (.Intel Corporation.-.Unified Shader Compiler for Intel(R) Graphics Accelerator.) - (10.18.15.4256) -- C:\WINDOWS\SYSTEM32\igdusc64.dll (.ASUS Cloud Corporation..-.AsusWSShellExt64.) - (1.1.0.27) -- C:\Program Files (x86)\Common Files\AWS\2.1.2.301\ASUSWSShellExt64.dll (.Broadcom Corporation..-.BTNCopy Module.) - (12.0.1.940) -- C:\Program Files\WIDCOMM\Bluetooth Software\btncopy.dll (.Alexander Roshal.-.WinRAR shell extension.) - (5.30.0.0) -- C:\Program Files\WinRAR\rarext.dll (.Western Digital Technologies, Inc..-.WD ContextMenu Handler.) - (2.0.0.3) -- C:\Program Files\Western Digital\WD SmartWare\WDContextMenuHandler.dll (.Western Digital Technologies, Inc..-.WD Collections (64-bit).) - (1.6.1.2) -- C:\Program Files\Western Digital\WD SmartWare\WDCollections.dll (.Malwarebytes.-.Malwarebytes Anti-Malware.) - (3.1.1.0) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll (..-.ShellHandler for Notepad++ (64 bit).) - (0.1.0.0) -- C:\Program Files (x86)\Notepad++\NppShell_06.dll (.NVIDIA Corporation.-.NVIDIA Shell Extensions.) - (8.17.13.6881) -- C:\WINDOWS\system32\nv3dappshext.dll (.NVIDIA Corporation.-.NVIDIA NVAPI Library, Version 368.81.) - (10.18.13.6881) -- C:\WINDOWS\system32\nvapi64.dll (.NVIDIA Corporation.-.NVIDIA French language resource library.) - (8.17.13.6881) -- C:\WINDOWS\SYSTEM32\Nv3DAppShExtR.dll ---------- | Svchost.exe component call (Microsoft Files Whitelisted) (.Apple Inc..-.Bonjour Namespace Provider.) - (3.0.0.10) -- C:\Program Files\Bonjour\mdnsNSP.dll (.Conexant Systems Inc..-.Conexant Audio Processing Objects.) - (4.81.18.0) -- C:\WINDOWS\system32\CX64BP18.dll (..-..) - (0.0.0.0) -- C:\windows\system32\WerEtw.dll ---------- | ZeroAccess Check [HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll [HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\windows.storage.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll [HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll ---------- | Startings up OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-19\...\Run]) - User: AUTORITE NT\SERVICE LOCAL OneDriveSetup - (C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup [HKU\S-1-5-20\...\Run]) - User: AUTORITE NT\SERVICE RÉSEAU Osmegim - (Osmegim.lnk [Startup]) - User: PC-CED\Cedric CCleaner Monitoring - ("C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\...\Run]) - User: PC-CED\Cedric OneDrive - ("C:\Users\Cédric\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\...\Run]) - User: PC-CED\Cedric BingSvc - (C:\Users\Cédric\AppData\Local\Microsoft\BingSvc\BingSvc.exe [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\...\Run]) - User: PC-CED\Cedric Spotify Web Helper - ("C:\Users\Cédric\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\...\Run]) - User: PC-CED\Cedric Steam - ("D:\Jeux\Steam\steam.exe" -silent [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\...\Run]) - User: PC-CED\Cedric Skype - ("C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\...\Run]) - User: PC-CED\Cedric Spotify - ("C:\Users\Cédric\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\...\Run]) - User: PC-CED\Cedric f.lux - ("C:\Users\Cédric\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\...\Run]) - User: PC-CED\Cedric Battle.net - ("D:\Jeux\Battle.net\Battle.net Launcher.exe" --autostarted [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\...\Run]) - User: PC-CED\Cedric DAEMON Tools Lite Automount - ("C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\...\Run]) - User: PC-CED\Cedric Bluetooth - (C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [Common Startup]) - User: Public NvBackend - ("C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [HKLM\...\Run]) - User: Public ShadowPlay - ("C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart [HKLM\...\Run]) - User: Public Launch LCore - (C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [HKLM\...\Run]) - User: Public AdobeAAMUpdater-1.0 - ("C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [HKLM\...\Run]) - User: Public ETDCtrl - (%ProgramFiles%\Elantech\ETDCtrl.exe [HKLM\...\Run]) - User: Public IAStorIcon - ("C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [HKLM\...\Run]) - User: Public [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR "OneDrive"="C:\Users\Cédric\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "BingSvc"=C:\Users\Cédric\AppData\Local\Microsoft\BingSvc\BingSvc.exe [07/08/2015 22:55:41] "Spotify Web Helper"="C:\Users\Cédric\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Steam"="D:\Jeux\Steam\steam.exe" -silent "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun "Spotify"="C:\Users\Cédric\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized "f.lux"="C:\Users\Cédric\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow "Battle.net"="D:\Jeux\Battle.net\Battle.net Launcher.exe" --autostarted "DAEMON Tools Lite Automount"="C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Cédric\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"=C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Cédric\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Command Processor] "CompletionChar"=9 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=9 [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "Bitdefender Wallet Agent"=0x020000000000000000000000 "GoogleChromeAutoLaunch_9D4B83A9B6B9CF0904575A433DCFD890"=0x0300000080C3F2C3AD4ED001 "Mobile Partner"=0x020000000000000000000000 "uTorrent"=0x03000000605B2CC2AD4ED001 "Spotify"=0x030000007A7E7802FB85D101 "CCleaner Monitoring"=0x03000000BF880F07FB85D101 "Clownfish"=0x020000000000000000000000 "DAEMON Tools Lite Automount"=0x0300000014B67782C4D3D001 "BingSvc"=0x020000000000000000000000 "OneDrive"=0x03000000A0B4BB989840D101 "Skype"=0x03000000A05E3A6EC4D3D001 "Spotify Web Helper"=0x020000000000000000000000 "Steam"=0x03000000901EB7446572D101 "Uninstall C:\Users\Cédric\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"=0x030000002084608B9840D101 "f.lux"=0x020000000000000000000000 [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\RunMRU] "a"=%appdata%\1 "MRUList"=a [HKLM\Software\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart "Launch LCore"=C:\Program Files\Logitech Gaming Software\LCore.exe /minimized "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "ETDCtrl"=%ProgramFiles%\Elantech\ETDCtrl.exe "IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [HKLM\Software\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run] "AuditSHD"=0x040000000000000000000000 "cAudioFilterAgent"=0x020000000000000000000000 "ShadowPlay"=0x0300000020E7AEB2AD4ED001 "NvBackend"=0x020000000000000000000000 "SmartAudio"=0x020000000000000000000000 "Launch LCore"=0x030000009017EFB8AD4ED001 "AdobeAAMUpdater-1.0"=0x020000000000000000000000 "Bdagent"=0x020000000000000000000000 "InstallerLauncher"=0x020000000000000000000000 "ETDCtrl"=0x020000000000000000000000 "IAStorIcon"=0x020000000000000000000000 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run] "ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" "amd_dc_opt"=C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [22/07/2008 14:53:10] "WD Quick View"=C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [20/07/2015 18:52:04] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce] "Malwarebytes Anti-Malware (cleanup)"="C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" [HKLM\Software\WOW6432Node\Microsoft\Command Processor] "CompletionChar"=64 "DefaultColor"=0 "EnableExtensions"=1 "PathCompletionChar"=64 ---------- | Startings up registry ¦ Folder ---------- | Other keys [HKLM\System\CurrentControlSet\Control\SecurityProviders] "SecurityProviders"=credssp.dll [HKLM\System\CurrentControlSet\Control\Terminal Server] "AllowRemoteRPC"=0 "DelayConMgrTimeout"=0 "DeleteTempDirsOnExit"=1 "fDenyTSConnections"=1 "fSingleSessionPerUser"=1 "NotificationTimeOut"=0 "PerSessionTempDir"=0 "ProductVersion"=5.1 "RCDependentServices"=CertPropSvc SessionEnv "SnapshotMonitors"=1 "StartRCM"=0 "TSUserEnabled"=0 "InstanceID"=c9d738f7-8065-4b3d-ad6f-6bc8716 "GlassSessionId"=1 [HKLM\System\CurrentControlSet\Control\Session Manager] "AutoChkTimeout"=8 "BootExecute"=autocheck autochk * "BootShell"=%SystemRoot%\system32\bootim.exe "CriticalSectionTimeout"=2592000 "ExcludeFromKnownDlls"= "GlobalFlag"=0 "HeapDeCommitFreeBlockThreshold"=0 "HeapDeCommitTotalFreeThreshold"=0 "HeapSegmentCommit"=0 "HeapSegmentReserve"=0 "InitConsoleFlags"=0 "NumberOfInitialSessions"=2 "ObjectDirectories"=\Windows \RPC Control "ProcessorControl"=2 "ProtectionMode"=1 "ResourceTimeoutCount"=648000 "RunLevelExecute"=WinInit ServiceControlManager "RunLevelValidate"=ServiceControlManager "SETUPEXECUTE"= "PendingFileRenameOperations"=\??\C:\Users\Cédric\AppData\Local\dsisetup420609212.exe [HKLM\System\CurrentControlSet\Control] "BootDriverFlags"=28 "CurrentUser"=USERNAME "EarlyStartServices"=RpcSs Power BrokerInfrastructure SystemEventsBroker DcomLaunch RpcEpMapper LSM AppIdSvc "PreshutdownOrder"=UsoSvc gpsvc trustedinstaller "WaitToKillServiceTimeout"=200 "SystemStartOptions"= NOEXECUTE=OPTIN NOVGA "SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(4) "FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1) "LastBootSucceeded"=1 "LastBootShutdown"=1 "DirtyShutdownCount"=48 [HKLM\System\CurrentControlSet\Control\lsa] "auditbasedirectories"=0 "auditbaseobjects"=0 "Bounds"=0x0030000000200000 "crashonauditfail"=0 "fullprivilegeauditing"=0x00 "LimitBlankPasswordUse"=1 "NoLmHash"=1 "Security Packages"="" [25/12/2014 10:35:41] "Notification Packages"=scecli "Authentication Packages"=msv1_0 "disabledomaincreds"=0 "everyoneincludesanonymous"=0 "forceguest"=0 "LsaPid"=756 "ProductType"=3 "restrictanonymous"=0 "restrictanonymoussam"=1 "SamConnectedAccountsExist"=1 "SecureBoot"=1 ---------- | .LNK C:\Users\Cédric\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk (shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}) C:\Users\Cédric\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk (shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Cédric\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk (shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}) C:\Users\Cédric\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk (/e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}) C:\Users\Cédric\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk (/0) C:\Users\Cédric\AppData\Local\Microsoft\Windows\WinX\Group3\04-1 - Network Connections.lnk (::{7007ACC7-3202-11D1-AAD2-00805FC1270E}) C:\Users\Cédric\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk (/name Microsoft.DeviceManager) C:\Users\Cédric\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk (/name Microsoft.System) C:\Users\Cédric\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk (/name Microsoft.PowerOptions) C:\Users\Cédric\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk (/name Microsoft.ProgramsAndFeatures) C:\Users\Cédric\AppData\Roaming\Microsoft\Windows\SendTo\Destinataire de télécopie.lnk (/SendTo) C:\Users\Cédric\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk (/SendTo) C:\Users\Cédric\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk (/sendto:) C:\Users\Cédric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Osmegim.lnk () �H�e�H�e.e8��Osmegim Jevroceb2^SxH�B Osmegim.exeH ��H�e�H�e.f8 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk (-sta {C90FB8CA-3295-4462-A721-2935E83694BA}) C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\Bluetooth.lnk () Bluetooth Software"`2BTTray.exeF �.BTTr ---------- | AppCertDlls | AppInit_DLLs ---------- | Dnsapi.dll C:\WINDOWS\System32\dnsapi.dll -> OK : \drivers\etc\hosts C:\WINDOWS\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts ---------- | Policies | Registry [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Control Panel\Desktop] "ActiveWndTrackTimeout"=0 "BlockSendInputResets"=0 "CaretWidth"=1 "ClickLockTime"=1200 "CoolSwitchColumns"=7 "CoolSwitchRows"=3 "CursorBlinkRate"=530 "DockMoving"=1 "DragFromMaximize"=1 "DragFullWindows"=1 "DragHeight"=4 "DragWidth"=4 "FocusBorderHeight"=1 "FocusBorderWidth"=1 "FontSmoothing"=2 "FontSmoothingGamma"=0 "FontSmoothingOrientation"=1 "FontSmoothingType"=2 "ForegroundFlashCount"=7 "ForegroundLockTimeout"=200000 "LeftOverlapChars"=3 "MenuShowDelay"=400 "MouseWheelRouting"=2 "PaintDesktopVersion"=0 "Pattern"=0 "RightOverlapChars"=3 "SnapSizing"=1 "TileWallpaper"=0 "WallpaperOriginX"=0 "WallpaperOriginY"=0 "WallpaperStyle"=6 "WheelScrollChars"=3 "WheelScrollLines"=3 "WindowArrangementActive"=1 "ScreenSaveActive"=1 "MouseMonitorEscapeSpeed"=0 "Win8DpiScaling"=0 "UserPreferencesMask"=0x9E1E078012000000 "AutoColorization"=1 "MaxVirtualDesktopDimension"=3840 "MaxMonitorDimension"=1920 "TranscodedImageCount"=1 "LastUpdated"=0 "TranscodedImageCache"=0x7AC30100A02512008007000038040000BC6D69163382D10143003A005C00550073006500720073005C004300E90064007200690063005C00500069006300740075007200650073005C0046006F006E006400200064002700E9006300720061006E005C003300390032003200380039002E006A00700067000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ImageColor"=2940310746 "Pattern Upgrade"=TRUE "LockScreenAutoLockActive"=1 "DelayLockInterval"=0 "LogicalDPIOverride"=0 "DpiScalingVer"=4096 "PreferredUILanguages"=fr-FR "TranscodedImageCache_003"=0x7AC30100A86B0100A70400009E020000FB0332949947D00143003A005C00550073006500720073005C004300E90064007200690063005C00500069006300740075007200650073005C0046006F006E006400200064002700E9006300720061006E005C00770069006E0074006500720066006F0072006500730074005F00620079005F006C0061007A006500730075006D006D0065007200730074006F006E0065002D00640035006C003100380066006A002E006A0070006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005C005C003F005C0044004900530050004C00410059002300410055004F003300360045004400230034002600380039006600390031003700320026003000260055004900440032003600350039003800380023007B00650036006600300037006200350066002D0065006500390037002D0034006100390030002D0062003000370036002D003300330066003500370062006600340065006100610037007D00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "ScreenSaverIsSecure"=0 "ScreenSaveTimeOut"=60 "Wallpaper"=C:\Users\Cédric\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper [17/11/2015 19:04:16] "ActiveWndTrkTimeout"=0 "LowLevelHooksTimeout"=5000 "TranscodedImageCache_000"=0x7AC30100A02512008007000038040000BC6D69163382D10143003A005C00550073006500720073005C004300E90064007200690063005C00500069006300740075007200650073005C0046006F006E006400200064002700E9006300720061006E005C003300390032003200380039002E006A0070006700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005C005C003F005C0044004900530050004C00410059002300410055004F003300360045004400230034002600380039006600390031003700320026003000260055004900440032003600350039003800380023007B00650036006600300037006200350066002D0065006500390037002D0034006100390030002D0062003000370036002D003300330066003500370062006600340065006100610037007D00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 "WaitToKillAppTimeout"=200 [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{018D5C66-4533-4307-9B53-224DE2ED1FE6}"=1 [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=0 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=0 [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\CurrentVersion\Explorer] "ShellState"=0x240000003C28000000000000000000000000000001000000130000000000000062000000 "IconUnderline"=3 "ExplorerStartupTraceRecorded"=1 "UserSignedIn"=1 "AllowStartMenuToDefaultOn"=1 "SIDUpdatedOnLibraries"=1 "LocalKnownFoldersMigrated"=1 "GlobalAssocChangedCounter"=266 "LastClockSize"=0x33000000140000005C000000140000005100000014000000 "TelemetrySalt"=1 "AppReadinessLogonComplete"=1 "FirstRunTelemetryComplete"=1 "SlowContextMenuEntries"=0x0114020000000000C0000000000000465A470000206BB9B11DDA3C4A92C17229B32F2326AB6B0000AA54F70B67C95C44AB3DD8FDA9BAE7EF9F1700006024B221EA3A6910A2DC08002B30309DE82A000082BC52C79AC127489C150996BA85C18044840000 "link"=0x1E000000 "Browse For Folder Width"=404 "Browse For Folder Height"=360 [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_SearchFiles"=2 "StoreAppsOnTaskbar"=1 "ServerAdminUI"=0 "Hidden"=2 "ShowCompColor"=1 "HideFileExt"=1 "DontPrettyPath"=0 "ShowInfoTip"=1 "HideIcons"=0 "MapNetDrvBtn"=0 "WebView"=1 "Filter"=0 "ShowSuperHidden"=0 "SeparateProcess"=0 "AutoCheckSelect"=0 "IconsOnly"=0 "ShowTypeOverlay"=1 "ShowStatusBar"=1 "ListviewAlphaSelect"=1 "ListviewShadow"=1 "TaskbarAnimations"=1 "StartMenuInit"=11 "ReindexedProfile"=1 "SuperHidden"=1 "TaskbarSizeMove"=0 "EnableBalloonTips"=1 "DisablePreviewDesktop"=0 "TaskbarSmallIcons"=0 "TaskbarGlomLevel"=0 "DontUsePowerShellOnWinX"=1 "Start_JumpListItems"=10 "EnableStartMenu"=1 "ShowTaskViewButton"=1 [HKLM\Software\Policies\Microsoft\Windows\System] "DisableCMD"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "DisableTaskMgr"=0 "DisableRegistryTools"=0 "SoftwareSASGeneration"=1 "ConsentPromptBehaviorAdmin"=5 "PromptOnSecureDesktop"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 "NoRun"=0 "NoFolderOptions"=0 "NoControlPanel"=0 [HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "SmartScreenEnabled"=RequireAdmin "GlobalAssocChangedCounter"=16 ""= [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s [HKLM\Software\WOW6432Node\Policies\Microsoft\Windows\System] "DisableCMD"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorUser"=3 "DSCAutomationHostEnabled"=2 "EnableCursorSuppression"=1 "EnableInstallerDetection"=1 "EnableLUA"=1 "EnableSecureUIAPaths"=1 "EnableUIADesktopToggle"=0 "EnableVirtualization"=1 "ValidateAdminCodeSignatures"=0 "undockwithoutlogon"=1 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "scforceoption"=0 "shutdownwithoutlogon"=1 "DisableTaskMgr"=0 "DisableRegistryTools"=0 "SoftwareSASGeneration"=1 "ConsentPromptBehaviorAdmin"=5 "PromptOnSecureDesktop"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer] "ForceActiveDesktopOn"=0 "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "NoRecentDocsHistory"=0 "NoRun"=0 "NoFolderOptions"=0 "NoControlPanel"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop] "NoAddingComponents"=1 "NoComponents"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel] "{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1 "{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1 "{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1 "{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1 "{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1 "{871C5380-42A0-1069-A2EA-08002B30309D}"=1 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 "{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1 "{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu] "{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0 "{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] "CheckedValue"=1 "DefaultValue"=2 "HKeyRoot"=2147483649 "Id"=2 "RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced "Text"=@shell32.dll,-30500 "Type"=radio "ValueName"=Hidden [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer] "ActiveSetupDisabled"=0 "ActiveSetupTaskOverride"=1 "AsyncRunOnce"=1 "AsyncUpdatePCSettings"=1 "DisableAppInstallsOnFirstLogon"=1 "DisableResolveStoreCategories"=1 "DisableUpgradeCleanup"=1 "EarlyAppResolverStart"=1 "FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} "FSIASleepTimeInMs"=60000 "GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} "IconUnderline"=2 "ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed} "LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff} "MachineOobeUpdates"=1 "NoWaitOnRoamingPayloads"=1 "TaskScheduler"={0f87369f-a4e5-4cfc-bd3e-73e6154572dd} "GlobalAssocChangedCounter"=24 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced] "Start_TrackDocs"=1 "TaskbarSizeMove"=0 [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations] "Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s ---------- | Winlogon [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin;OneDrive;Work Folders "BuildNumber"=10586 "FirstLogon"=0 "PUUActive"=0x53A5712D0B00000002001700160E0100AE510100AA790200D0000000620063006AE3349A233403000E7E020040860000D97000009B2E0000000000002D5F020063060000B700000096917A16D2DFD101 "ParseAutoexec"=1 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "AutoRestartShell"=1 "Background"=0 0 0 "CachedLogonsCount"=10 "DebugServerCommand"=no "DefaultDomainName"= "DisableBackButton"=1 "EnableSIHostIntegration"=1 "ForceUnlockLogon"=0 "LegalNoticeCaption"= "LegalNoticeText"= "PasswordExpiryWarning"=5 "PowerdownAfterShutdown"=0 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "ReportBootOk"=1 "Shell"=explorer.exe "ShellCritical"=0 "ShellInfrastructure"=sihost.exe "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "VMApplet"=SystemPropertiesPerformance.exe /pagefile "WinStationsDisabled"=0 "ShutdownStartTime"=131131833490841697 "UserSessionShutdownStopTime"=131131833533086337 "ShutdownFlags"=7 "Userinit"=C:\Windows\system32\userinit.exe, "scremoveoption"=0 "AutoAdminLogon"=0 "DefaultUserName"=MicrosoftAccount\cedric.roveda@live.fr "ShutdownWithoutLogon"=0 "DisableCad"=1 "EnableFirstLogonAnimation"=1 [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon] "DefaultDomainName"= "DefaultUserName"= "EnableSIHostIntegration"=1 "PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16} "Shell"=explorer.exe "ShellCritical"=0 "SiHostCritical"=0 "SiHostReadyTimeOut"=0 "SiHostRestartCountLimit"=0 "SiHostRestartTimeGap"=0 "Userinit"=C:\WINDOWS\system32\userinit.exe, ---------- | Associations [HKLM\Software\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\Classes\.com] ""=comfile [HKLM\Software\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.reg] ""=regfile [HKLM\Software\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\Classes\.scr] ""=scrfile [HKLM\Software\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\Classes\.bat] ""=batfile [HKLM\Software\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.cmd] ""=cmdfile [HKLM\Software\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.pif] ""=piffile [HKLM\Software\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\Classes\.inf] ""=inffile [HKLM\Software\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\Classes\.url] ""=InternetShortcut [HKLM\Software\Classes\.lnk] ""=lnkfile [HKLM\Software\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKLM\Software\WOW6432Node\Classes\.exe] ""=exefile "Content Type"=application/x-msdownload [HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command] ""="%1" %* "IsolatedCommand"="%1" %* [HKLM\Software\WOW6432Node\Classes\.com] ""=comfile [HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.reg] ""=regfile [HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command] ""=regedit.exe "%1" [HKLM\Software\WOW6432Node\Classes\.scr] ""=scrfile [HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command] ""="%1" /S [HKLM\Software\WOW6432Node\Classes\.bat] ""=batfile [HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.cmd] ""=cmdfile [HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.pif] ""=piffile [HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command] ""="%1" %* [HKLM\Software\WOW6432Node\Classes\.inf] ""=inffile [HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command] ""=%SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\Software\WOW6432Node\Classes\.url] ""=InternetShortcut [HKLM\Software\WOW6432Node\Classes\.lnk] ""=lnkfile [HKLM\Software\WOW6432Node\Classes\InternetShortcut] "EditFlags"=2 "FriendlyTypeName"=@C:\WINDOWS\system32\ieframe.dll,-10046 "FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment "IsShortcut"= "NeverShowExt"= "PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment ""=Raccourci Internet [HKLM\Software\WOW6432Node\Classes\Application.Manifest] ""=Application Manifest "BrowserFlags"=4096 "EditFlags"=4259840 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-200 [HKLM\Software\WOW6432Node\Classes\Application.Reference] ""=Application Reference "EditFlags"=131072 "FriendlyTypeName"=@C:\Windows\System32\dfshim.dll,-201 "IsShortcut"= "NeverShowExt"= [HKLM\Software\WOW6432Node\Classes\Folder] ""=Folder "ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified "ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay "ContentViewModeLayoutPatternForBrowse"=delta "ContentViewModeLayoutPatternForSearch"=alpha "EditFlags"=0xD2030000 "FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size;System.HomeGroupSharingStatus "NoRecentDocs"= "ThumbnailCutoff"=0 "TileInfo"=prop:System.Title;System.HomeGroupSharingStatus [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [13/07/2016 13:47:43] [HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\Shell\open\Command] ""="C:\Program Files (x86)\Mozilla Firefox\firefox.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\FIREFOX.EXE\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command] ""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo] "ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command] ""=C:\Program Files\Internet Explorer\iexplore.exe [13/07/2016 13:47:43] [HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo] "ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall ---------- | AppcompatFlags [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe"=32 "C:\Program Files (x86)\Wi-Fi Modem\AutoRun\AutoRunSetup.exe"=1 "C:\Program Files (x86)\Wi-Fi Modem\AutoRun\AutoRunUninstall.exe"=1 "C:\Users\Cédric\Desktop\Install_Win10_10006_10132015\setup.exe"=1 "C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe"=33 "C:\Program Files (x86)\Realtek\NICDRV_8169\RTINSTALLER64.EXE"=1 "C:\Users\Cédric\Downloads\Install_Win10_10007_02192016\setup.exe"=1 "C:\Users\Cédric\Downloads\0010-Install_Win10_10008_04212016\Install_Win10_10008_04212016\setup.exe"=1 "C:\Users\Cédric\Downloads\BTW 12.0.1.940 Retail Package\Setup.exe"=1 "C:\Users\Cédric\Downloads\BTW 12.0.1.940 Retail Package\Win64\setup.exe"=1 [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store] "C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"=0x534143500100000000000000070000002800000038330600887906000100000000000000000003060021000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000BA8B1C10000000004302000043020000 "C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"=0x534143500100000000000000070000002800000038330300A79E03000100000000000000000003067122000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000006C8B1C10000000004502000045020000 "C:\eSupport\Manual\eManual.exe"=0x5341435001000000000000000700000028000000386F1A004DE41A0001000000000000000000020671020000975FD891C99ECE010000000000000000020000002800000000000000000000000010000000000000000000000000000079060000000000000200000002000000 "C:\Program Files\mcafee\msc\mcuihost.exe"=0x5341435001000000000000000700000028000000B85C0E0025080F0003000000000000000000030600210000B395E7CF049FCE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000A4880100000000000100000001000000 "C:\Program Files\ASUS\P4G\Power4Gear.exe"=0x53414350010000000000000007000000280000003825300092DB30000100000000000000000003068021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000E88F0400000000004400000044000000 "C:\Program Files (x86)\ASUS\ASUS Screen Saver\ASUS Screen Saver.exe"=0x534143500100000000000000070000002800000018C50400C5600500010000000000000000000306F5220000B395E7CF049FCE0100000000000000000200000028000000000000000000004000000000000000000000000000000000627E0100000000000300000003000000 "C:\Users\Cédric\AppData\Local\Apps\2.0\EVZY8T9A.CLL\KTRRLYOD.TDL\prog...app_4fe91ede9f9bdca3_0001.0003_9125133394ccc181\clickonce_bootstrap.exe"=0x534143500100000000000000070000002800000088270000F601010001000000000000000000030680210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000302E0100000000000100000001000000 "C:\Users\Cédric\Downloads\ccleaner_5_fr_14492.exe"=0x5341435001000000000000000700000028000000C01F0B00B0E275C701000000000000000000010600010000975FD891C99ECE010000000000000000 "C:\Users\Cédric\AppData\Local\Vosteran\Application\31.0.1650.23\Installer\setup.exe"=0x534143500100000000000000070000002800000000C60F00E8EE0F0003000000000000000000030600210000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000000000000000000000000000000000000064330000000000000100000001000000 "C:\Program Files\CCleaner\uninst.exe"=0x5341435001000000000000000700000028000000585502003A5E020003000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000021120000000000000100000001000000 "C:\Users\Cédric\Downloads\Battle.net-Setup-frFR.exe"=0x534143500100000000000000070000002800000038C62B0051F12B0001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000FA7D0000000000000100000001000000 "C:\Users\Cédric\Downloads\OriginThinSetup.exe"=0x534143500100000000000000070000002800000010F804018659050101000000000000000000010600010000975FD891C99ECE010000000000000000 "C:\Program Files (x86)\ASUS\Splendid\ACVT.exe"=0x534143500100000000000000070000002800000040DA1400D7621500010000000000000000000306F12200000261329FFFBAD0010000000000000000020000002800000000000000000000000000000000000000000000000000000053FB0100000000000900000009000000 "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"=0x534143500100000000000000070000002800000070F62C01D8282D0101000000000000000000030671220000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000087010000000000000400000004000000 "C:\Program Files (x86)\Blur(TM)\Blur.exe"=0x53414350010000000000000007000000280000000004B3012CE0D10001000000000000000000010661220000975FD891C99ECE010000000000000000010000000400000001000000020000005000000000000000100000200000000000000000000000000000000049F12A0000000000040000000400000000000000000000000000000001000000000000000100000033971300000000000300000000000000 "C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe"=0x53414350010000000000000007000000280000005833FB01D78AFB0101000000000000000000020671220000975FD891C99ECE0100000000000000000200000050000000000000001000002000000000000000000000000000000000441F84020000000013000000130000000000000000000000000000000000000000000000000000008A030000000000000100000000000000 "C:\Users\Cédric\Downloads\battlelog-web-plugins_2.6.2_154.exe"=0x5341435001000000000000000700000028000000106B17009B69180001000000000000000000010600010000975FD891C99ECE0100000000000000000200000050000000000000000000004000000000000000000000000000000000E50E000000000000010000000100000000000000100000C000000000000000000000000000000000CF0F0000000000000100000000000000 "C:\Program Files\mcafee.com\agent\mcagent.exe"=0x5341435001000000000000000700000028000000883508003746080001000000000000000000030600210000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000055040000000000000100000001000000 "C:\Program Files (x86)\DigiHelp\DigiHelpUninstall.exe"=0x534143500100000000000000070000002800000040F4030071A1040003000000000000000000000671000000975FD891C99ECE010000000000000000020000002800000000000000000800000000000000000000000000000000000028930000000000000100000001000000 "C:\eSupport\eDriver\AsInsWiz.exe"=0x534143500100000000000000070000002800000080183E00B6F13E00010000000000000000000206F1020000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000100000000000000000000000000000B5E80100000000000300000003000000 "C:\Users\Cédric\Downloads\MaConfigx64_7_1_5_0.exe"=0x5341435001000000000000000700000028000000B8A65C0099EC5C0001000000000000000000010671000000975FD891C99ECE0100000000000000000200000028000000000000000008004000000000000000000000000000000000E89A0000000000000100000001000000 "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe"=0x534143500100000000000000070000002800000090B24900257D4A00010000000000000000000306F1220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000F3670300000000000100000001000000 "C:\Program Files\CONEXANT\MaxxAudio\MaxxAudioControl64.exe"=0x5341435001000000000000000700000028000000580039008AC339000100000000000000000003067322000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000002F87F00000000001600000016000000 "C:\Program Files (x86)\ASUS\WinFlash\WinFlash.exe"=0x534143500100000000000000070000002800000038430900E5AB090001000000000000000000020671220000975FD891C99ECE010000000000000000020000002800000000000000000000400000020000000000000000000000000064330000000000000100000001000000 "C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - casual\provider.exe"=0x534143500100000000000000070000002800000008090500A9D8050001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000100000000000000000000000000000A67E0000000000000100000001000000 "C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe"=0x534143500100000000000000070000002800000040FA1F00448B200001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000100000000000000000000000000000C8260200000000000200000002000000 "C:\Users\Cédric\Downloads\Maniaplanet_Setup_SMStorm.exe"=0x5341435001000000000000000700000028000000C88E96071F39970701000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000002D613E00000000000200000002000000 "C:\Program Files (x86)\ManiaPlanet\ManiaPlanetLauncher.exe"=0x534143500100000000000000070000002800000000C046000000000001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000008000000000000000000000000000000000000000DE537300000000000800000008000000 "C:\Users\Cédric\Downloads\pixelrea.exe"=0x534143500100000000000000070000002800000000802E00825C760001000000000000000000030600210000975FD891C99ECE0100000000000000000200000050000000000000001000008000000000000000000000000000000000F21E000000000000030000000100000000000000000000000000000000000000000000000000000011050000000000000100000000000000 "C:\Program Files (x86)\WildTangent Games\Touchpoints\asus\Uninstall.exe"=0x5341435001000000000000000700000028000000F0750300995D040003000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000004D150000000000000100000001000000 "C:\Program Files (x86)\ASUS\MediaStory\MediaStory.exe"=0x5341435001000000000000000700000028000000403E07003FB3070001000000000000000000030671220000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000074BD0000000000000100000001000000 "C:\Program Files (x86)\InstallShield Installation Information\{55762F9A-FCE3-45d5-817B-051218658423}\Setup.exe"=0x5341435001000000000000000700000028000000D0E30400FB92050003000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000003C170100000000000100000001000000 "C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSDMgr.exe"=0x534143500100000000000000070000002800000038A30D00B8E50D000100000000000000000003060021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000AB220000000000000400000004000000 "D:\Jeux\dirt 3\gfwlivesetup.exe"=0x534143500100000000000000070000002800000098BC0900E9C4090001000000000000000000010600210000975FD891C99ECE01000000000000000002000000500000000000000000000000000000000000000000000000000000009BCE240000000000050000000500000000000000000000100000000000000000000000000000000052AE0D00000000000100000000000000 "C:\Users\Cédric\Downloads\vlc-media-player_2-1-3_fr_10829_64.exe"=0x53414350010000000000000007000000280000007C037E01F41C010001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000009AB21300000000000100000001000000 "C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - touch\provider.exe"=0x53414350010000000000000007000000280000000809050030DB050001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000005E000000000000000100000001000000 "C:\Users\Cédric\Downloads\runtime\jre-x64\1.8.0_25\bin\java.exe"=0x5341435001000000000000000700000028000000A8E90200B83A030001000000000000000000030600210000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000160C0000000000000100000001000000 "C:\Program Files\ma-config.com\MCDetection.exe"=0x5341435001000000000000000700000028000000484F1000B5BC10000100000000000000000003060021000059193B14E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000078230600000000000200000002000000 "C:\Users\Cédric\Downloads\CubeSetup3.exe"=0x5341435001000000000000000700000028000000DAB918000000000001000000000000000000020600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000473F0400000000000200000002000000 "C:\Program Files (x86)\Cube World\CubeLauncher.exe"=0x5341435001000000000000000700000028000000008002000000000001000000000000000000020671220000975FD891C99ECE01000000000000000002000000280000000000000080000000000000000300000000000000000000002C0C7500000000000A0000000A000000 "C:\Program Files (x86)\Origin Games\Need for Speed World\GameLauncher.exe"=0x534143500100000000000000070000002800000040157F004C9C7F00010000000000000000000206F1020000975FD891C99ECE0100000000000000000200000028000000000000008000000000000000010000000000000000000000B2213B00000000000200000002000000 "C:\Program Files\CONEXANT\SAII\SmartAudio.exe"=0x5341435001000000000000000700000028000000D8980F006880100001000000000000000000030680210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000007B100000000000000300000003000000 "C:\Users\Cédric\Downloads\LGS_8.57.145_x64_Logitech.exe"=0x534143500100000000000000070000002800000018B10304FB26040401000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000007F881900000000000100000001000000 "C:\Users\Cédric\Desktop\Jeux\Minecraft.exe"=0x534143500100000000000000070000002800000008B51300C961140001000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000311F0000000000000200000002000000 "C:\Users\Cédric\Downloads\Popcorn-Time-0.3.6-Setup.exe"=0x5341435001000000000000000700000028000000F0DB61018EED010001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000006DDC0500000000000100000001000000 "C:\Users\Cédric\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe"=0x534143500100000000000000070000002800000000646D02F7CF6D020100000000000000000003060021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000EF47B00000000000700000007000000 "C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - casual\Uninstall.exe"=0x5341435001000000000000000700000028000000F1AA0500936E0A0003000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000008C080000000000000100000001000000 "C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - enthusiast\Uninstall.exe"=0x5341435001000000000000000700000028000000F8AA0500DE130A0003000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000046040000000000000100000001000000 "C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - family\Uninstall.exe"=0x5341435001000000000000000700000028000000F2AA0500376C0A0003000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000084040000000000000100000001000000 "C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - kids\Uninstall.exe"=0x5341435001000000000000000700000028000000F7AA050043420A0003000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000B3040000000000000100000001000000 "C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - touch\Uninstall.exe"=0x5341435001000000000000000700000028000000FCAA0500EF580A0003000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000046040000000000000100000001000000 "C:\Users\Cédric\Downloads\uTorrent.exe"=0x5341435001000000000000000700000028000000509A190079231A0001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000001000000000000000000000000000000000F8453000000000000100000001000000 "C:\Users\Cédric\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe"=0x5341435001000000000000000700000028000000986302009E14030001000000000000000000030671220000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000009E0C2F00000000000100000001000000 "C:\Users\Cédric\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe"=0x534143500100000000000000070000002800000098810200F353030001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000500C2F00000000000100000001000000 "C:\Users\Cédric\Downloads\Adobe Photoshop CC 2014 (64 bit) (Crack) [ChingLiu]\Adobe CC 2014\Set-up.exe"=0x5341435001000000000000000700000028000000C8342B001A482B0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000DF3E0300000000000600000006000000 "C:\Users\Cédric\Downloads\winrar-x64-520fr.exe"=0x5341435001000000000000000700000028000000C01D1F0017FE1F0001000000000000000000030600210000B395E7CF049FCE0100000000000000000200000028000000000000000000004000000000000000000000000000000000D5420000000000000200000002000000 "C:\Users\Cédric\Desktop\Adobe.Photoshop.CC.v15.0.0.58.x64.www.Download.ir\Setup\Set-up.exe"=0x5341435001000000000000000700000028000000C8342B001A482B0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A6540700000000000400000004000000 "C:\Users\Cédric\Desktop\Adobe.Photoshop.CC.v15.0.0.58.x64.www.Download.ir\Crack\AAMv8_P7_for_cc2014OA.exe"=0x534143500100000000000000070000002800000099D242000187010001000000000000000000010600010000975FD891C99ECE0100000000000000000200000050000000000000000000004000000000000000000000000000000000F21E00000000000003000000010000000000000000000000000000000000000000000000000000004D730D00000000000C00000000000000 "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe"=0x5341435001000000000000000700000028000000B01C29009B182A0001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000EAB90000000000000100000001000000 "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"=0x5341435001000000000000000700000028000000B0182C00EFCB2C0003000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000C7200000000000000100000001000000 "C:\Users\Cédric\Desktop\Adobe.Photoshop.CC.v15.0.0.58.x64.www.Download.ir\Crack\Check_Disable.cmd"=0x5341435001000000000000000700000028000000006E05001C90050001000000000000000000010500100000B395E7CF049FCE010000000000000000 "C:\Users\Cédric\Desktop\Adobe.Photoshop.CC.v15.0.0.58.x64.www.Download.ir\Crack\AAMv8_P7_for_cc2014OA_restore.exe"=0x5341435001000000000000000700000028000000199547000187010001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000C0360000000000000100000001000000 "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe"=0x534143500100000000000000070000002800000080012A00C1E62A0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000050000000000000000000000000000000000000000000000000000000B1AB0A00000000000700000006000000000000000000004000000000000000000000000000000000681B0000000000000100000000000000 "C:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe"=0x5341435001000000000000000700000028000000C86A470772FF47070100000000000000000003060021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000A87B4F00000000002600000026000000 "C:\Users\Cédric\Downloads\xb1usb.11059.0.140526x64.msi"=0x534143500100000000000000070000002800000000DA0000D0AF010001000000000000000000010500100000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000058D90000000000000100000001000000 "C:\Program Files (x86)\Steam\steamapps\common\The Crew\TheCrewLauncher.exe"=0x534143500100000000000000070000002800000090560C0016B60C0001000000000000000000030671220000975FD891C99ECE010000000000000000 "C:\Program Files (x86)\ASUS\WebStorage\uninst.exe"=0x5341435001000000000000000700000028000000095103002FD2E50001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000020000000000000000000000000000DF0F0000000000000100000001000000 "C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe"=0x5341435001000000000000000700000028000000704DA9006DDAA90001000000000000000000000671000000975FD891C99ECE0100000000000000000200000078000000000000061000002000000000000000000000000000000000C6010000000000000100000001000000000000001000002000000000000000000000000000000000BF02000000000000010000000000000000000000000000000000000000000000000000000000000030050000000000000100000000000000 "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\delegate_execute.exe"=0x534143500100000000000000070000002800000048651F00C7E81F0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000F4010000000000000100000001000000 "C:\Users\Cédric\Downloads\Minecraft.exe"=0x534143500100000000000000070000002800000008BF13008EAB140001000000000000000000030671200000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000008BC11700000000000100000001000000 "C:\Users\Cédric\Downloads\minecraft_server.1.8.1.exe"=0x5341435001000000000000000700000028000000119D7E00FA05060001000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000BD2C0000000000000600000006000000 "C:\Users\Cédric\Desktop\Serveur\minecraft_server.1.8.1.exe"=0x5341435001000000000000000700000028000000119D7E00FA05060001000000000000000000030671200000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000500000000000000000000000000000000000000000000000000000007656F800000000002F000000220000000000000000000040000000000000000000000000000000009E270300000000000200000000000000 "C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe"=0x5341435001000000000000000700000028000000A80B01006103020001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000100000000000000000000000000000A90C0200000000000200000002000000 "C:\Users\Cédric\Downloads\jre-8u25-windows-x64.exe"=0x5341435001000000000000000700000028000000A8D985058635860501000000000000000000030673220000B395E7CF049FCE01000000000000000002000000280000000000000000000040000000000000000000000000000000005ADE0000000000000100000001000000 "C:\Program Files\Java\jre1.8.0_25\bin\javacpl.exe"=0x5341435001000000000000000700000028000000A82D0100987B010001000000000000000000010600010000B395E7CF049FCE0100000000000000000200000028000000000000000000000000100000000000000000000000000000CF090100000000000100000001000000 "C:\Program Files (x86)\WSE_Vosteran\uninstall.exe"=0x534143500100000000000000070000002800000000CC06007F34070003000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000CC750000000000000100000001000000 "C:\Users\Cédric\Downloads\bitdefender_ts_18_64b.exe"=0x534143500100000000000000070000002800000058D1E6169712E71601000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000008000004000000000000000000000000000000000B7147200000000000200000002000000 "C:\Program Files (x86)\Steam\steamapps\common\Fable 3\Fable3.exe"=0x53414350010000000000000007000000280000001087BB016242BC0101000000000000000000010671020000975FD891C99ECE0100000000000000000200000050000000000000001000002000020200000000000000000000000000FBE602000000000007000000030000000000000010000060000000000000000000000000000000003E080000000000000100000000000000 "C:\Program Files (x86)\Steam\steamapps\common\Fable 3\F3Secu.exe"=0x534143500100000000000000070000002800000058F584004913850001000000000000000000010671020000975FD891C99ECE01000000C00000000002000000280000000000000000000010000000000000000000000000000000007EBE0000000000000200000002000000 "C:\Program Files (x86)\Steam\steamapps\common\Fable 3\FableLauncher.exe"=0x5341435001000000000000000700000028000000102105006621050001000000000000000000010671020000975FD891C99ECE010000000000000000020000002800000000000000800000001010000000000000000000000000000061F20600000000000200000002000000 "C:\Program Files (x86)\Steam\steamapps\common\Fable 3\PCVideoOptionsApplet\PCVideoOptionsApplet.exe"=0x534143500100000000000000070000002800000010DB060012040700010000000000000000000106F1020000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000C43D0000000000000200000002000000 "C:\Users\Cédric\Downloads\Game for Windows LIVE Setup.exe"=0x5341435001000000000000000700000028000000EC95BE01B9B0BE0101000000000000000000000671020000975FD891C99ECE0100000000000000000200000028000000000000008001004000000000000000000000000000000000B0300100000000000300000003000000 "C:\Program Files\Bitdefender\Bitdefender 2015\bdtkexec.exe"=0x53414350010000000000000007000000280000002064000094D6000001000000000000000000030673220000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000045A40200000000000100000001000000 "C:\Windows\System32\GfxUIEx.exe"=0x5341435001000000000000000700000028000000D82F0E00E2DC0E0001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A3010400000000000100000001000000 "C:\Users\Cédric\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\17.12.8.0\setup.exe"=0x53414350010000000000000007000000280000004851060040FB060001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000028F81100000000000100000001000000 "C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe"=0x534143500100000000000000070000002800000050291D0034911D0001000000000000000000010671020000975FD891C99ECE010000000000000000020000002800000000000000800000000000000000000000000000000000000036040000000000000600000006000000 "C:\Users\Cédric\AppData\Roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe"=0x5341435001000000000000000700000028000000A8E90200B83A03000100000000000000000003060021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000AB080000000000006E0000006E000000 "C:\Users\Cédric\Downloads\jre-8u31-windows-x64.exe"=0x5341435001000000000000000700000028000000A89591058CEE910501000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000004000000000000000000000000000000000FAE70100000000000600000006000000 "C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe"=0x534143500100000000000000070000002800000080EF1200B4C7130001000000000000000000030671220000975FD891C99ECE01000000800000000002000000280000000000000000000000000000000000000000000000000000004A180000000000000100000001000000 "C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe"=0x534143500100000000000000070000002800000080170600E5A1060001000000000000000000030671220000975FD891C99ECE01000000800000000002000000280000000000000000000000000000000000000000000000000000006D000000000000000100000001000000 "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"=0x534143500100000000000000070000002800000080C30700A958080001000000000000000000030671220000975FD891C99ECE010000008000000000 "C:\Program Files\Java\jre1.8.0_31\bin\javaw.exe"=0x5341435001000000000000000700000028000000A8EB02006CD3030001000000000000000000030600210000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000F85E0000000000000400000004000000 "C:\Program Files\Logitech Gaming Software\LU_1\LogitechUpdate.exe"=0x5341435001000000000000000700000028000000188D1F00D466200001000000000000000000020671220000975FD891C99ECE010000008000000000020000002800000000000000000000000000000000000000000000000000000010270000000000000100000001000000 "C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.16\delegate_execute.exe"=0x5341435001000000000000000700000028000000486F0B0092C70B0001000000000000000000030600210000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A6010000000000000100000001000000 "C:\Users\Cédric\Downloads\VoidLauncher.exe"=0x5341435001000000000000000700000028000000C5890F01A790040001000000000000000000030671200000975FD891C99ECE01000000000000000002000000280000000000000080000000000000000000000000000000000000000EBB0100000000000100000001000000 "SIGN.MEDIA=10C50C AutoRun.exe"=0x5341435001000000000000000700000028000000604302009BC1020001000000000000000000010600210000975FD891C99ECE0100000000000000000200000028000000000000008000000000000000000000000000000000000000DD950200000000000100000001000000 "C:\Users\Cédric\Desktop\Jeux\VoidLauncher.exe"=0x5341435001000000000000000700000028000000C5890F01A790040001000000000000000000030671200000975FD891C99ECE01000000000000000002000000280000000000000080000000000000000000000000000000000000004AEFFF00000000000C0000000C000000 "C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe"=0x534143500100000000000000070000002800000000201D000000000001000000000000000000000671020000975FD891C99ECE0100000000000000000500000010000000000000000000000000030105800000000200000050000000000301058000006000000000000000000000000000000000F089000000000000040000000400000000000006800000200000000000000000000000000000000036040000000000000200000000000000 "C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe"=0x5341435001000000000000000700000028000000B88DE5002895E50001000000000000000000000671000000975FD891C99ECE01000000000000000005000000100000000000000000000000000301050000000002000000500000000003010500000060100000000000000000000000000000002E2F0000000000000A0000000A000000000000060000002000000000000000000000000000000000AC270000000000000100000000000000 "C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\GFWLive\xliveredist.msi"=0x534143500100000000000000070000002800000000F400008396010001000000000000000000010500100000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000034210000000000000100000001000000 "C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\GFWLive\XLiveRedist01.02.0241.00.msi"=0x534143500100000000000000070000002800000000F400008396010001000000000000000000010500100000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000F3160000000000000100000001000000 "C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\G4WL Disabler\Games for Windows LIVE Disabler.exe"=0x5341435001000000000000000700000028000000C0CA04000000000001000000000000000000000671220000975FD891C99ECE010000000000000000010000000400000001000000060000000800000000820200000000000500000010000000000000000000000000030105000000000200000078000000000301050000006000000000000000000000000000000000CD6000000000000005000000050000000002000600000020008202000000000000800000000000004F0D000000000000010000000000000000000000000000000082020000000000008000000000000014290000000000000100000000000000 "C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\Games for Windows LIVE Disabler.exe"=0x5341435001000000000000000700000028000000C0CA04000000000001000000000000000000000671220000975FD891C99ECE0100000000000000000100000004000000010000000500000010000000000000000000000000000000000000000200000028000000000000000000000000820200000000000080000000000000276C0000000000000200000002000000 "C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.43\delegate_execute.exe"=0x5341435001000000000000000700000028000000486F0B0051210C0001000000000000000000030600210000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000014020000000000000100000001000000 "C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe"=0x5341435001000000000000000700000028000000A82D0100B4E0010001000000000000000000010600010000B395E7CF049FCE010000000000000000020000002800000000000000000000000010000000000000000000000000000073740700000000000500000005000000 "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\installer.exe"=0x5341435001000000000000000700000028000000102309007F91090003000000000000000000030600210000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000CAB80800000000000200000002000000 "C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe"=0x5341435001000000000000000700000028000000D0BB19007B321A0001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000471F0200000000000100000001000000 "C:\Users\Cédric\Downloads\avast_free_antivirus_setup_online.exe"=0x534143500100000000000000070000002800000010664C000000000001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000DD9C2400000000000100000001000000 "C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe"=0x5341435001000000000000000700000028000000901E16002296160001000000000000000000030671220000975FD891C99ECE010000000000000000 "C:\Users\Cédric\Downloads\dolphin-x64-4.0.2.exe"=0x534143500100000000000000070000002800000099E39A000000000001000000000000000000000671000000975FD891C99ECE01000000000000000002000000280000000000000000080040000000000000000000000000000000004D020100000000000100000001000000 "C:\Program Files\Dolphin\Dolphin.exe"=0x534143500100000000000000070000002800000000B0CD0018C8CD0001000000000000000000020673020000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000064235600000000000400000004000000 "C:\Users\Cédric\AppData\Roaming\uTorrent\uTorrent.exe"=0x5341435001000000000000000700000028000000509E190024471A0001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000001000000000000000000000000000000000E6471700000000000300000003000000 "C:\Users\Cédric\Downloads\ccsetup502.exe"=0x534143500100000000000000070000002800000098415100709B510001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000029111503000000000100000001000000 "C:\Users\Cédric\Downloads\codeblocks-13.12mingw-setup.exe"=0x534143500100000000000000070000002800000077B81D060000000001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000F4E20200000000000100000001000000 "C:\Users\Cédric\Desktop\Serveur\minecraft_server.1.8.3.exe"=0x53414350010000000000000007000000280000001E389B000F44060001000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000FD1C9801000000002E0000002E000000 "C:\ProgramData\Package Cache\{8409c4f7-2340-4933-a304-5d37db4fb48b}\Intel® Driver Update Utility Installer.exe"=0x5341435001000000000000000700000028000000B8540800F6C2080003000000000000000000030600210000975FD891C99ECE010000008000000000020000002800000000000000000000000000000000000000000000000000000010270000000000000100000001000000 "C:\Program Files (x86)\Wi-Fi Modem\uninst.exe"=0x534143500100000000000000070000002800000062B80100D107090003000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000001060000002000000000000000000000000000000000D7AF0000000000000100000001000000 "C:\Users\Cédric\Downloads\win64_153614.exe"=0x53414350010000000000000007000000280000002874440744DE440701000000000000000000010571000000975FD891C99ECE0100000000000000000200000028000000000000000008004000000000000000000000000000000000CCE50000000000000200000002000000 "C:\Program Files\CCleaner\CCleaner.exe"=0x534143500100000000000000070000002800000018DF5300F75B540001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A7060000000000000100000001000000 "C:\Program Files\Logitech Gaming Software\LCore.exe"=0x534143500100000000000000070000002800000018BFC100701BC2000100000000000000000003067322000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000BA4D6501000000000A0000000A000000 "C:\Users\Cédric\Downloads\ChromeSetup.exe"=0x5341435001000000000000000700000028000000506E0D00B6790D0001000000000000000000030600210000975FD891C99ECE010000000100000000 "C:\Users\Cédric\Desktop\Nouveau dossier\minecraft_server.1.8.3.exe"=0x53414350010000000000000007000000280000001E389B000F44060001000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000FE160100000000000300000003000000 "C:\Users\Cédric\Downloads\rcsetup151.exe"=0x5341435001000000000000000700000028000000E84040000463400001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000003FB41D00000000000200000002000000 "C:\Program Files\Recuva\recuva64.exe"=0x53414350010000000000000007000000280000001875490014F5490001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000004000000000000000000000000000000000692D0000000000000100000001000000 "C:\Program Files (x86)\Steam\steamapps\common\nosgoth\Binaries\Win32\Nosgoth.exe"=0x5341435001000000000000000700000028000000F01161010000000001000000000000000000030671220000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000500000000000000000000000000000000000000000000000000000003AB203000000000002000000010000000000000000000040000000000000000000000000000000005C030000000000000100000000000000 "C:\Program Files\Recuva\uninst.exe"=0x5341435001000000000000000700000028000000602C020089DC020003000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000AE460000000000000100000001000000 "C:\Program Files (x86)\Microsoft Office\Office15\FIRSTRUN.EXE"=0x5341435001000000000000000700000028000000A83E0E000CD70E0001000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000153B0000000000000300000003000000 "C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe"=0x5341435001000000000000000700000028000000584C2900EFC1290001000000000000000000000671020000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000E0480000000000000200000002000000 "C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe"=0x5341435001000000000000000700000028000000607F04002FDA040001000000000000000000010671220000975FD891C99ECE01000000000000000002000000280000000000000010000010000000000000000000000000000000007FA70103000000000300000003000000 "C:\Users\Cédric\Downloads\BitTorrent.exe"=0x5341435001000000000000000700000028000000589E1A00E0261B0001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000BA9BC400000000000200000002000000 "C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe"=0x5341435001000000000000000700000028000000009401000000000001000000000000000000020600010000975FD891C99ECE01000000000000000002000000280000000000000000000090000200000000000000000000000000000F220000000000000200000002000000 "C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.50\delegate_execute.exe"=0x534143500100000000000000070000002800000048090C0083530C0001000000000000000000030600210000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000C9030000000000000100000001000000 "C:\Users\Cédric\AppData\Local\Temp\NVIDIA\GeForceExperienceSelfUpdate\18.4.1.0\setup.exe"=0x53414350010000000000000007000000280000009050060054AC060001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000004EE00000000000000100000001000000 "C:\Users\Cédric\Downloads\Setup.X86.fr-FR_O365HomePremRetail_162fa936-3f1a-4df6-930d-966f78cfa68a_TX_DB_.exe"=0x5341435001000000000000000700000028000000C0741000732C110001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000CFFE0400000000000100000001000000 "C:\Program Files\Microsoft Office 15\root\office15\perfboost.exe"=0x5341435001000000000000000700000028000000A8600100F1F2010001000000000000000000020671000000975FD891C99ECE010000000000000000020000002800000000000000000000000010000000000000000000000000000032520100000000000400000004000000 "C:\Program Files\Microsoft Office 15\root\office15\FIRSTRUN.EXE"=0x5341435001000000000000000700000028000000A8400E005E610E0001000000000000000000030671200000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000005B1E0C00000000000100000001000000 "C:\Users\Cédric\AppData\Local\Microsoft\SkyDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000A0066E00A39D6E0001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000001D4C0000000000000100000001000000 "C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.68\delegate_execute.exe"=0x534143500100000000000000070000002800000048090C00AB1F0C0001000000000000000000030600210000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000078060000000000000100000001000000 "C:\Program Files (x86)\Heroes of the Storm\Heroes of the Storm.exe"=0x534143500100000000000000070000002800000030FE2E0082EC2F0001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000005F050000000000000100000001000000 "C:\Users\Cédric\AppData\Local\Temp\NVIDIA\DisplayDriver\GeForceGameReadyDriverforGrandTheftAutoV\setup.exe"=0x53414350010000000000000007000000280000009050060054AC060001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000800000400000000000000000000000000000000067520300000000000100000001000000 "C:\Program Files (x86)\Origin\Origin.exe"=0x5341435001000000000000000700000028000000586D37001851380001000000000000000000020600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000CCE20700000000000100000001000000 "C:\Users\Cédric\Downloads\battlelog-web-plugins_2.6.2_157.exe"=0x5341435001000000000000000700000028000000906617002B78170001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000065040000000000000400000004000000 "C:\Users\Cédric\Downloads\battlelog-web-plugins_2.6.2_157 (1).exe"=0x5341435001000000000000000700000028000000906617002B78170001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000023020000000000000100000001000000 "C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe"=0x53414350010000000000000007000000280000008D5C05002B78170003000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000008D0D0000000000000100000001000000 "C:\Program Files (x86)\Steam\Steam.exe"=0x5341435001000000000000000700000028000000C0162C0087D72C0001000000000000000000030600210000975FD891C99ECE01000000000000000002000000780000000000000020000060000000000000000000000000000000000B5A45070000000036000000340000000000000000000040000000000000000000000000000000000E76450100000000010000000000000000000000000000000000000000000000000000000000000011BF6207000000001C00000000000000 "C:\Fraps\fraps.exe"=0x5341435001000000000000000700000028000000B87E24004E3A250001000000000000000000020671220000975FD891C99ECE0100000000000000000200000028000000000000000000004000100000000000000000000000000000B2DE0100000000000700000007000000 "C:\Users\Cédric\Downloads\CheatEngine64.exe"=0x534143500100000000000000070000002800000010328A005C0C8B0001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000020992800000000000100000001000000 "C:\Program Files (x86)\Cheat Engine 6.4\Cheat Engine.exe"=0x534143500100000000000000070000002800000018090500DD7B050001000000000000000000030661220000975FD891C99ECE0100000000000000000200000028000000000000000000004002000000000000000000000000000000AD400100000000000100000001000000 "C:\Program Files (x86)\Cheat Engine 6.4\unins000.exe"=0x534143500100000000000000070000002800000018D50A00F2530B0003000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000083190000000000000100000001000000 "C:\Program Files (x86)\Steam\steamapps\downloading\271590\GTAVLauncher.exe"=0x5341435001000000000000000700000028000000886D2601C5D6260101000000000000000000030673220000B395E7CF049FCE01000000000000000002000000280000000000000000000000100000000000000000000000000000006A660000000000000100000001000000 "C:\Fraps\uninstall.exe"=0x5341435001000000000000000700000028000000EF8C000030E2230001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000D10C0000000000000200000002000000 "C:\Program Files (x86)\Cube World\Cube.exe"=0x5341435001000000000000000700000028000000004A3B000000000001000000000000000000020671020000975FD891C99ECE010000000000000000020000002800000000000000100000200000000000000000000000000000000085874400000000000100000001000000 "C:\Program Files (x86)\Rockstar Games\Social Club\subprocess.exe"=0x5341435001000000000000000700000028000000D8DB0C00CA730D0001000000000000000000030671220000975FD891C99ECE01000000000000000005000000100000000000000000000000000000000000000002000000500000000000000000000040000000000000000000000000000000004E000000000000000100000001000000000000000000000000000000000000000000000000000000BB000000000000000100000000000000 "C:\Users\Cédric\Downloads\Social Club v1.1.5.5 Setup.exe"=0x5341435001000000000000000700000028000000783D2903BB71290301000000000000000000010671000000975FD891C99ECE01000000000000000002000000280000000000000000080040000000000000000000000000000000008B5E0000000000000200000002000000 "C:\Program Files (x86)\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe"=0x5341435001000000000000000700000028000000C0000300F087030001000000000000000000010671000000975FD891C99ECE010000000000000000020000002800000000000000000800400000000000000000000000000000000028B40100000000000100000001000000 "C:\Users\Cédric\Downloads\Social Club v1.1.5.6 Setup.exe"=0x534143500100000000000000070000002800000090525C037CF15C0301000000000000000000010671000000975FD891C99ECE0100000000000000000200000028000000000000000008004000000000000000000000000000000000E2400000000000000100000001000000 "C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe"=0x534143500100000000000000070000002800000030A82B00BF7B2C0001000000000000000000030600210000975FD891C99ECE0100000000000000000200000028000000000000008000000000000000000000000000000000000000AE7E5502000000000700000007000000 "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe"=0x534143500100000000000000070000002800000088A5010008CB010001000000000000000000030600210000975FD891C99ECE01000000800000000002000000280000000000000000000000000000000000000000000000000000006D000000000000000200000002000000 "C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdate.exe"=0x534143500100000000000000070000002800000048A50100E80E020001000000000000000000030600210000975FD891C99ECE01000000800000000002000000280000000000000000000000000000000000000000000000000000001F000000000000000200000002000000 "C:\Program Files (x86)\Hearthstone\Hearthstone.exe"=0x5341435001000000000000000700000028000000307EB100F301B20001000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000C5672107000000000E0000000E000000 "C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.37\delegate_execute.exe"=0x534143500100000000000000070000002800000048BB0B0011240C0001000000000000000000030600210000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000980B0000000000000100000001000000 "SIGN.MEDIA=113C299B setup_HoMM2.exe"=0x53414350010000000000000007000000280000009B293C110000000001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000002C3F0000000000000100000001000000 "C:\Users\Cédric\Desktop\setup_HoMM2.exe"=0x53414350010000000000000007000000280000009B293C110000000001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000011190100000000000200000002000000 "C:\Program Files\WajWebE\WWE_uninstall.exe"=0x5341435001000000000000000700000028000000CA6E07000000000003000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A49C0200000000000100000001000000 "C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.52\delegate_execute.exe"=0x534143500100000000000000070000002800000048BD0B00CEEE0B0001000000000000000000030600210000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000002F01EF00000000000300000003000000 "C:\Users\Cédric\Downloads\adwcleaner_4.203.exe"=0x534143500100000000000000070000002800000000A221000000000001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000009DCC0200000000000500000005000000 "C:\Program Files (x86)\Common Files\EAInstaller\Need for Speed World\Cleanup.exe"=0x5341435001000000000000000700000028000000608D08005869090003000000000000000000010600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000002B7B0000000000000100000001000000 "D:\Jeux\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe"=0x534143500100000000000000010000000400000001000000070000002800000000209C0000000000010000000000000000000006710200000261329FFFBAD0010000000000000000020000005000000000000000100000200000000000000000000000000000000084040000000000000200000002000000000000000000000000000000010000000000000001000000DF855B00000000000400000000000000 "D:\os\Windows7-USB-DVD-tool.exe"=0x534143500100000000000000070000002800000020CB0E0059720F0001000000000000000000010671020000975FD891C99ECE0100000000000000000200000028000000000000008001000000000000000000000000000000000000530F0300000000000100000001000000 "C:\Users\Cédric\AppData\Local\Apps\Windows 7 USB DVD Download Tool\Windows7-USB-DVD-Download-Tool.exe"=0x534143500100000000000000070000002800000020C10700B2230800010000000000000000000006F1020000975FD891C99ECE010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000062630900000000000400000004000000 "D:\Jeux\Battle.net\Battle.net.5765\Battle.net.exe"=0x534143500100000000000000070000002800000030569A00A0C39A0001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000FA000000000000000200000002000000 "C:\Program Files\CONEXANT\SAII\SACpl.exe"=0x5341435001000000000000000700000028000000D8EE1B0051681C000100000000000000000003067122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000006C080000000000000C0000000C000000 "C:\Users\Cédric\Downloads\TeamSpeak3-Client-win64-3.0.16.exe"=0x534143500100000000000000070000002800000010FCC9010EE4CA0101000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000F0F90000000000000100000001000000 "D:\Jeux\Diablo III\Diablo III Launcher.exe"=0x534143500100000000000000070000002800000030D42E0040872F0001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000008000000000000000000000000000000000000000F2040000000000000200000002000000 "D:\Jeux\Diablo III\Diablo III.exe"=0x53414350010000000000000007000000280000003002860149AD860101000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000C8180000000000000200000002000000 "D:\Jeux\Origin Games\Battlefield 3\bf3.exe"=0x53414350010000000000000007000000280000005833FB01D78AFB0101000000000000000000020671220000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000061950200000000000300000003000000 "D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe"=0x53414350010000000000000007000000280000005833FB01D78AFB010100000000000000000002067122000019B4C529E312D101000000000000000002000000780000000000000010000020000000000000000000000000000000000CB9AF0000000000140000000400000000000000100000A0000000000000000000000000000000000BEE5200000000001000000000000000000000000000000000000000000000000000000000000000A6010000000000000100000000000000 "C:\Users\Cédric\Downloads\battlelog-web-plugins_2.7.0_160_R2.exe"=0x53414350010000000000000007000000280000000807190060F6190001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000C80B0000000000000100000001000000 "C:\Users\Cédric\Downloads\battlelog-web-plugins_2.7.0_160_R2 (1).exe"=0x53414350010000000000000007000000280000000807190060F6190001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000A8200000000000000100000001000000 "C:\Users\Cédric\Downloads\battlelog-web-plugins_2.7.0_160_R2 (2).exe"=0x53414350010000000000000007000000280000000807190060F6190001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000C3110000000000000100000001000000 "C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.30\delegate_execute.exe"=0x534143500100000000000000070000002800000048C10B00E4360C0001000000000000000000030600210000B395E7CF049FCE01000000000000000002000000500000000000000010000000000000000000000000000000000000004E0000000000000001000000010000000000000000000000000000000000000000000000000000004E000000000000000100000000000000 "C:\Users\Cédric\Desktop\Documents\Programme en C\Jeu\Jeu by Okinato.exe"=0x534143500100000000000000070000002800000086760000B6CA000001000000000000000000030671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000A23C0200000000000100000001000000 "D:\Games for Windows LIVE Disabler.exe"=0x5341435001000000000000000700000028000000C0CA04000000000001000000000000000000000671220000975FD891C99ECE0100000000000000000100000004000000010000000500000010000000000000000000000000020006000000000200000050000000000200060000002000820200000000000080000000000000C30400000000000001000000010000000000000000000000008202000000000000800000000000008A10000000000000010000000000000006000000080000000082020000000000 "D:\Jeux\Steam\steamapps\common\Fallout 3 goty\Games for Windows LIVE Disabler.exe"=0x5341435001000000000000000700000028000000C0CA04000000000001000000000000000000000671220000975FD891C99ECE01000000000000000001000000040000000100000005000000100000000000000000000000000000000000000002000000280000000000000000000000008202000000000000800000000000001AEE0300000000000700000007000000 "D:\Jeux\Steam\steamapps\common\Fallout 3 goty\Fallout3.exe"=0x5341435001000000000000000700000028000000B88DE5002895E500010000000000000000000006710000000261329FFFBAD00100000000000000000500000010000000000000000000000000030105200000000200000050000000000301052000006000000000000000000000000000000000CDBE03000000000014000000140000000003010500000060000000000000000000000000000000000C0B0000000000000100000000000000 "D:\Jeux\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe"=0x534143500100000000000000070000002800000000201D0000000000010000000000000000000006710200000261329FFFBAD00100000000000000000500000010000000000000000000000000030105A0000000020000007800000000030105A000007000000000000000000000000000000000ED0A000000000000020000000200000000030105A000006010120200000000000000000000000000C03E5F00000000000400000000000000000301058000006000000000000000000000000000000000E81D0000000000000100000000000000 "D:\Jeux\Steam\steamapps\common\Fallout 3 goty\G4WL Disabler\Games for Windows LIVE Disabler.exe"=0x5341435001000000000000000700000028000000C0CA04000000000001000000000000000000000671220000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000577E0000000000000300000003000000 "C:\Users\Cédric\Downloads\GSAutoClicker-Setup.exe"=0x5341435001000000000000000700000028000000E8A20D002D2F0E0001000000000000000000010600010000975FD891C99ECE0100000000000000000200000050000000000000000000000000000000000000000000000000000000B516220200000000010000000100000000000000000000400000000000000000000000000000000018450000000000000100000000000000 "C:\Program Files (x86)\GSAutoClicker3\GSAutoClicker.exe"=0x534143500100000000000000070000002800000018640E0048BE0E0001000000000000000000010671020000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000076E70E03000000000A0000000A000000 "C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe"=0x53414350010000000000000007000000280000004841C2008F9CC20001000000000000000000030673220000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000579A0100000000000100000001000000 "D:\Jeux\Blur(TM)\Blur.exe"=0x53414350010000000000000007000000280000000004B3012CE0D1000100000000000000000001067122000019B4C529E312D1010000000000000000020000005000000000000000100000200000000000000000000000000000000008C06F0000000000030000000300000000000000000000000000000000000000000000000000000039AE0500000000000100000000000000 "C:\Users\Cédric\AppData\Local\Microsoft\GFWLive\Downloads\gfwlivesetup.exe"=0x534143500100000000000000070000002800000098CE09003FFD090001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000070E20000000000000100000001000000 "D:\Jeux\Steam\steamapps\common\Fallout 3 goty\fallout_3_patch_v1.6_francais_291800.exe"=0x534143500100000000000000070000002800000068E92D0317102E0301000000000000000000010551000000975FD891C99ECE0100000080000000000200000028000000000000000008005000000000000000000000000000000000693A0000000000000100000001000000 "D:\Jeux\Steam\steamapps\common\Fallout 3 goty\GDFInstall.exe"=0x5341435001000000000000000700000028000000B8D501007B2E0200010000000000000000000006710200000261329FFFBAD00100000000000000000200000028000000000000000000000000020000000000000000000000000000F50E0000000000000200000002000000 "D:\Jeux\Steam\steamapps\common\Fallout 3 goty\Fallout3 - Garden of Eden Creation Kit.exe"=0x534143500100000000000000070000002800000053AB87000000000001000000000000000000010571000000975FD891C99ECE0100000000000000000200000028000000000000000008004000000000000000000000000000000000D5760000000000000100000001000000 "D:\Jeux\Steam\steamapps\common\Fallout 3 goty\GFWLive\xliveredist.msi"=0x534143500100000000000000070000002800000000FC0000FB41010001000000000000000000010500100000B395E7CF049FCE0100000000000000000200000028000000000000000000000000000000000000000000000000000000346F0000000000000100000001000000 "D:\Jeux\Steam\steamapps\common\Fallout 3 goty\GFWLive\XLiveRedist01.02.0241.00.msi"=0x534143500100000000000000070000002800000000FC0000FB41010001000000000000000000010500100000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000002A350000000000000100000001000000 "D:\Jeux\Steam\steamapps\common\Trials Fusion\Support\Software\GameLauncher\UplayInstaller.exe"=0x5341435001000000000000000700000028000000F863BC030BD6BC0301000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000049060000000000000100000001000000 "D:\Jeux\Heroes of the Storm\Heroes of the Storm.exe"=0x534143500100000000000000050000001000000000000000000000000000000000000000070000002800000030F22E002AC52F000100000000000000000003060021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000004099AA03000000002900000029000000 "C:\Users\Cédric\Downloads\flashplayer18_ga_install.exe"=0x5341435001000000000000000700000028000000C02A110003D1110001000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000069550200000000000100000001000000 "C:\Program Files (x86)\McAfee Security Scan\uninstall.exe"=0x5341435001000000000000000700000028000000C13F0400A58D0E0003000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000320A0000000000000100000001000000 "D:\Jeux\Diablo III\World of Warcraft\World of Warcraft Launcher.exe"=0x534143500100000000000000070000002800000030542C0013D82C0001000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000008000000000000000000000000000000000000000B3040000000000000100000001000000 "D:\Jeux\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe"=0x534143500100000000000000070000002800000000940100000000000100000000000000000002060001000019B4C529E312D101000000000000000002000000280000000000000000000090000000000000000000000000000000001B521D00000000000900000009000000 "D:\Jeux\Cube World\CubeLauncher.exe"=0x534143500100000000000000070000002800000000800200000000000100000000000000000002067122000019B4C529E312D10100000000000000000200000028000000000000008000000010000000030000000000000000000000E29F8F00000000002500000025000000 "D:\Jeux\Cube World\Cube.exe"=0x5341435001000000000000000700000028000000004A3B0000000000010000000000000000000206710200000261329FFFBAD0010000000000000000020000002800000000000000100000200000000000000000000000000000000073241300000000000600000006000000 "D:\Jeux\Cube World\Server.exe"=0x5341435001000000000000000700000028000000003A1A0000000000010000000000000000000206710200000261329FFFBAD00100000000000000000200000028000000000000000000000000000000000000000000000000000000AE0B5100000000000300000003000000 "D:\Jeux\Dolphin\Dolphin.exe"=0x534143500100000000000000070000002800000000B0CD0018C8CD0001000000000000000000020673020000B395E7CF049FCE010000000000000000020000002800000000000000000000000000000000000000000000000000000003170000000000000100000001000000 "D:\Jeux\Trials Fusion\datapack\trials_fusion.exe"=0x5341435001000000000000000700000028000000E8C6BB007115BC0001000000000000000000030671220000975FD891C99ECE0100000000000000000500000010000000000000000000000000000000100000000200000050000000000000001000002000000000000000000000000000000000E5420000000000000300000002000000000000001000006000000000000000000000000000000000540C0000000000000100000000000000 "C:\Users\Cédric\Downloads\CR_Downloader_pour_capcom-generation's-2.exe"=0x5341435001000000000000000700000028000000A03E0D00C72ADC6801000000000000000000010600010000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000045960000000000000200000002000000 "C:\Users\Cédric\Downloads\CR_Downloader_pour_capcom-generation's-2 (1).exe"=0x5341435001000000000000000700000028000000A03E0D00D2CFF99501000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000004000000000000000000000000000000000271B1E00000000000100000001000000 "C:\Users\Cédric\AppData\Local\Temp\ICReinstall_CR_Downloader_pour_capcom-generation's-2.exe"=0x5341435001000000000000000700000028000000A03E0D00C72ADC6801000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000DE1C0000000000000100000001000000 "C:\Program Files (x86)\WordAnchor_1.10.0.20\Uninstall.exe"=0x534143500100000000000000070000002800000058CF04004E98050003000000000000000000010600010000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000B49B0000000000000100000001000000 "D:\Jeux\ManiaPlanet\ManiaPlanetLauncher.exe"=0x534143500100000000000000070000002800000000C04600000000000100000000000000000003067122000019B4C529E312D1010000000000000000020000002800000000000000800000000000000000000000000000000000000086C86800000000000500000005000000 "C:\Program Files (x86)\MagicaVoxel-0.96.1-win-mac\MagicaVoxel_win.exe"=0x534143500100000000000000070000002800000000020C00EF370C000100000000000000000003067122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000004BA22E00000000000400000004000000 "C:\Users\Cédric\Downloads\UnityDownloadAssistant-5.1.2f1.exe"=0x534143500100000000000000070000002800000060F9090088240A00010000000000000000000106000100000261329FFFBAD0010000000000000000020000002800000000000000000000400000000000000000000000000000000008CC4C00000000000200000002000000 "D:\Jeux\Cube World\CubeSetup3.exe"=0x5341435001000000000000000700000028000000DAB9180000000000010000000000000000000206000100000261329FFFBAD0010000000000000000020000002800000000000000000000000000000000000000000000000000000004860100000000000500000005000000 "C:\Users\Cédric\AppData\Local\Temp\7zSDD86.tmp\setup-stub.exe"=0x534143500100000000000000070000002800000050840F002829100001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000400000000000000000000000000000000000480100000000000100000001000000 "C:\Program Files (x86)\CodeBlocks\codeblocks.exe"=0x53414350010000000000000007000000280000000E1019005FB519000100000000000000000002060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000004E140100000000000800000008000000 "C:\Users\Cédric\Downloads\npp.6.8.Installer.exe"=0x5341435001000000000000000700000028000000DEBF51000000000001000000000000000000010671000000975FD891C99ECE010000000000000000020000002800000000000000000800400000000000000000000000000000000044E40700000000000100000001000000 "C:\Users\Cédric\Downloads\nmap-6.49BETA4-setup.exe"=0x53414350010000000000000007000000280000002E1A820100000000010000000000000000000106000100000261329FFFBAD0010000000000000000050000001000000000000000000000000000000000000000020000002800000000000000000000400000000000000000000000000000000050040100000000000200000002000000 "C:\Program Files (x86)\Nmap\zenmap.exe"=0x534143500100000000000000070000002800000000BA0600343301000100000000000000000000067102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000EA1A0A00000000000200000002000000 "C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOXMLED.EXE"=0x5341435001000000000000000700000028000000A05203003BB9030001000000000000000000030673220000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000007D000000000000000400000004000000 "C:\Users\Cédric\Downloads\Wireshark-win64-1.12.6.exe"=0x5341435001000000000000000700000028000000D077C7016FD3C70101000000000000000000000671000000975FD891C99ECE010000000000000000020000002800000000000000000800400000000000000000000000000000000019DD1C00000000000100000001000000 "D:\Jeux\Steam\steamapps\common\Trials Fusion\datapack\trials_fusion.exe"=0x5341435001000000000000000700000028000000E8C6BB002D9BBC0001000000000000000000030671220000975FD891C99ECE0100000000000000000200000028000000000000001000002000000000000000000000000000000000CB270000000000000100000001000000 "C:\Users\Cédric\Downloads\DTLiteInstaller.exe"=0x5341435001000000000000000700000028000000E0161A009A3F1A0001000000000000000000010671000000975FD891C99ECE0100000000000000000200000028000000000000000008004000000000000000000000000000000000D1DFB800000000000200000002000000 "SIGN.MEDIA=A4790615 setup.exe"=0x5341435001000000000000000700000028000000442B0A000000000001000000000000000000030600210000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000026C63300000000000100000001000000 "D:\Program Files (x86)\Middle-earth - Shadow of Mordor GOTY\x64\ShadowOfMordor.exe"=0x53414350010000000000000007000000280000005046B8014F8DB10101000000000000000000030673220000B395E7CF049FCE01000000000000000005000000100000000000000000000000000000003000000002000000780000000000000030000060000000000000000000000000000000006A10870000000000050000000500000000000000200000600000000001000000000000000000000081D11200000000000300000000000000000000000000000000000000000000000000000000000000710F0000000000000400000000000000 "C:\Program Files\AVAST Software\Avast\VisthAux.exe"=0x534143500100000000000000070000002800000030E103009112040001000000000000000000030671220000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000006B030000000000000100000001000000 "C:\Users\Cédric\Downloads\gfwlivesetup.exe"=0x534143500100000000000000070000002800000098CE09003FFD090001000000000000000000010600010000975FD891C99ECE01000000000000000002000000280000000000000000000040000000000000000000000000000000009B920000000000000100000001000000 "C:\Program Files (x86)\Microsoft Games for Windows - LIVE\Client\GFWLive.exe"=0x5341435001000000000000000700000028000000B0880300CB1F040001000000000000000000020671200000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000F9780000000000000100000001000000 "D:\Jeux\Ubisoft\Heroes of Might and Magic 2 Gold\dosbox.exe"=0x53414350010000000000000007000000280000000062390022013A0001000000000000000000000671200000975FD891C99ECE010000000000000000020000002800000000000000000000100000000000000000000000000000000026340200000000000100000001000000 "C:\Users\Cédric\AppData\Local\Temp\Rar$EXa0.783\Stonehearth_v0.1.0r393_setup.exe"=0x5341435001000000000000000700000028000000B175440A0000000001000000000000000000000671000000975FD891C99ECE0100000000000000000200000028000000000000000008004000000000000000000000000000000000E94B0100000000000100000001000000 "D:\Jeux\Stonehearth v0.1.0r393\Stonehearth.exe"=0x534143500100000000000000070000002800000000F85E010000000001000000000000000000030671220000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000096251B00000000000200000002000000 "D:\Jeux\[www.mpc-g.com]AkSrvEvld\ArkDownloader.bat"=0x53414350010000000000000007000000280000000074050047AE050001000000000000000000010500100000B395E7CF049FCE010000000000000000 "D:\Jeux\[www.mpc-g.com]AkSrvEvld\ARKLauncher.exe"=0x5341435001000000000000000700000028000000009C0E0000000000010000000000000000000306F1220000975FD891C99ECE01000000000000000002000000280000000000000080000000000000000000000000000000000000003E9B0F00000000000200000002000000 "D:\Jeux\[www.mpc-g.com]AkSrvEvld\AppID_Patch.exe"=0x5341435001000000000000000700000028000000003A0000B20F010001000000000000000000030671200000975FD891C99ECE0100000080000000000500000010000000000000000000000000000000000800000200000028000000000000000008004000000000000000000000000000000000ED4F1200000000000200000002000000 "D:\Jeux\[www.mpc-g.com]AkSrvEvld\steamcmd.exe"=0x5341435001000000000000000700000028000000A8BF190028E8190001000000000000000000020671020000975FD891C99ECE0100000000000000000200000028000000000000000000000000000000000000000000000000000000436A0000000000000100000001000000 "D:\Jeux\Heroes of the Storm\Support\HeroesSwitcher.exe"=0x534143500100000000000000070000002800000030DA09002F630A0001000000000000000000030671220000975FD891C99ECE010000000000000000020000002800000000000000000000000000000000000000000000000000000077010000000000000100000001000000 "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"=0x5341435001000000000000000700000028000000903428002E30290001000000000000000000030600210000975FD891C99ECE01000000000000000002000000280000000000000000000000000000000000000000000000000000002C3FBC01000000000100000001000000 "C:\Users\Cédric\AppData\Local\Microsoft\OneDrive\17.3.5907.0716_1\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C8380200FDD8020001000000000000000000000A002100000261329FFFBAD0010000000100000000 "C:\Program Files\Elantech\ETDCtrlHelper.exe"=0x5341435001000000000000000700000028000000E85E2700DACB270001000000000000000000000A73220000078CBF8EFFBAD00100000000000000000200000028000000000000000000004000000000000000000000000000000000BA3E1303000000000C0000000C000000 "C:\Users\Cédric\Downloads\SkypeSetup.exe"=0x5341435001000000000000000700000028000000801E1500573F1500010000000000000000000206000100000261329FFFBAD00100000000000000000200000028000000000000000000004000000000000000000000000000000000ED022F01000000000200000002000000 "C:\Users\Cédric\AppData\Local\Temp\certutil.exe"=0x534143500100000000000000070000002800000000600100000000000100000000000000000001057100000019B4C529E312D1010000000000000000020000002800000000000000000000000004000000000000000000000000000018090000000000000800000008000000 "C:\Users\Cédric\Downloads\SkypeSetup (1).exe"=0x5341435001000000000000000700000028000000801E1500573F1500010000000000000000000206000100000261329FFFBAD00100000000000000000200000028000000000000000000004000000000000000000000000000000000CA150000000000000100000001000000 "C:\Users\Cédric\Downloads\CFSetup395.exe"=0x5341435001000000000000000700000028000000B8260C006A270C00010000000000000000000106000100000261329FFFBAD00100000000000000000200000028000000000000000000004000000000000000000000000000000000424B0000000000000100000001000000 "SIGN.MEDIA=76631B88 setup.exe"=0x5341435001000000000000000700000028000000B5AF340000000000010000000000000000000106000100000261329FFFBAD0010000000000000000020000002800000000000000000000400000000000000000000000000000000005110700000000000100000001000000 "D:\Games\Pro Cycling Manager 2015\PCM.exe"=0x53414350010000000000000007000000280000007051A1004104A20001000000000000000000000A712200000261329FFFBAD001000000000000000002000000500000000000000020000060000000000000000000000000000000009F934102000000000500000005000000000201052000006000000000000000000000000000000000754E3B02000000000400000000000000 "D:\Jeux\[www.mpc-g.com]RktLg20150709\Binaries\Win32\RocketLeague.exe"=0x5341435001000000000000000700000028000000104E6C01463A670101000000000000000000000A712200000261329FFFBAD00100000000000000000500000010000000000000000000000000000000300000000200000028000000000000003000006000000000000000000000000000000000D8A90100000000000700000007000000 "SIGN.MEDIA=A5505D89 setup.exe"=0x5341435001000000000000000700000028000000056B090000000000010000000000000000000306000100000261329FFFBAD0010000000000000000020000002800000000000000000000000000000000000000000000000000000063FC1A00000000000200000002000000 "C:\Program Files (x86)\NBA 2K15\NBA2K15.exe"=0x5341435001000000000000000700000028000000503E3C020000000001000000000000000000030673000000078CBF8EFFBAD00100000000000000000200000050000000000000001000002000000000000000000000000000000000EF5B2A00000000000100000001000000000000000000000000000000010000000000000000000000478E5C00000000000100000000000000 "C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe"=0x534143500100000000000000070000002800000038BD02001408030001000000000000000000000A73220000078CBF8EFFBAD00100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000D2C4F507000000006C0000006C000000 "C:\Program Files (x86)\VirtualDJ\virtualdj8.exe"=0x534143500100000000000000070000002800000000F60401E9C305010100000000000000000003067102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000809E1E00000000000400000004000000 "C:\Users\Cédric\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000604002005E58020001000000000000000000000A002100000261329FFFBAD0010000000100000000 "C:\Users\Cédric\Downloads\340.52-notebook-win8-win7-64bit-international-whql.exe"=0x53414350010000000000000007000000280000004010561030175610010000000000000000000206000100000261329FFFBAD001000000000000000002000000280000000000000000000000000000000000000000000000000000005FD80000000000000100000001000000 "C:\Users\Cédric\Downloads\CFSetup397.exe"=0x5341435001000000000000000700000028000000982B0C0099FA0C00010000000000000000000106000100000261329FFFBAD00100000000000000000200000028000000000000000000004000000000000000000000000000000000B15D0000000000000200000002000000 "C:\Users\Cédric\AppData\Local\Temp\NVIDIA\DisplayDriver\GeForceWindows10Driver\setup.exe"=0x5341435001000000000000000700000028000000305106007DEB060001000000000000000000000A002100000261329FFFBAD0010000000000000000020000002800000000000000800000400000000000000000000000000000000009580200000000000100000001000000 "D:\Jeux\Stonehearth v0.1.0r393\uninstall.exe"=0x53414350010000000000000007000000280000008BBB020000000000010000000000000000000006710000000261329FFFBAD00100000000000000000200000028000000000000000008004000000000000000000000000000000000EB1A0000000000000100000001000000 "C:\Users\Cédric\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000B0400200C39C020001000000000000000000000A002100000261329FFFBAD0010000000100000000 "D:\Jeux\Dolphin\uninst.exe"=0x5341435001000000000000000700000028000000BCD6010000000000010000000000000000000006710000000261329FFFBAD0010000000000000000020000002800000000000000000800400000000000000000000000000000000009160000000000000100000001000000 "C:\Users\Cédric\AppData\Local\Temp\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}\.be\Intel Driver Update Utility Installer.exe"=0x5341435001000000000000000700000028000000E8220A007BCF0A0001000000000000000000000A002100000261329FFFBAD001000000800000000002000000280000000000000000000040000000000000000000000000000000003D990100000000000100000001000000 "C:\Users\Cédric\Downloads\IPDT_Installer_2.11.0.0.W-2_x86_2.20.0.0.W.MP-1_x64.exe"=0x53414350010000000000000007000000280000000020770200000000010000000000000000000106000100000261329FFFBAD001000000000000000002000000280000000000000080000040000000000000000000000000000000008A1D0000000000000200000002000000 "C:\Users\Cédric\Downloads\cpu-z_1.73-en.exe"=0x534143500100000000000000070000002800000070DD1800C0B71900010000000000000000000306000100000261329FFFBAD0010000000000000000020000002800000000000000000000400000000000000000000000000000000068420000000000000100000001000000 "C:\Program Files\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe"=0x5341435001000000000000000700000028000000C08552016695520101000000000000000000000A7322000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000D0910A00000000000200000002000000 "C:\Program Files\Microsoft Office 15\root\office15\winword.exe"=0x5341435001000000000000000700000028000000A0581D000EE31D0001000000000000000000000A002100000261329FFFBAD0010000009100000000 "C:\Users\Cédric\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_fr.exe"=0x5341435001000000000000000700000028000000429CE50700000000010000000000000000000106710000000261329FFFBAD00100000000000000000200000028000000000000000008004000000000000000000000000000000000BF120300000000000100000001000000 "C:\Program Files (x86)\OpenOffice 4\program\soffice.exe"=0x5341435001000000000000000700000028000000001A96007C539600010000000000000000000306710200000261329FFFBAD001000000000000000002000000280000000000000000000010000000000000000000000000000000009F1B1200000000000100000001000000 "C:\Users\Cédric\Downloads\CFSetup400.exe"=0x534143500100000000000000070000002800000028360C004A9F0C00010000000000000000000106000100000261329FFFBAD00100000000000000000200000028000000000000000000004000000000000000000000000000000000C1350100000000000100000001000000 "C:\Users\Cédric\Desktop\Serveur\minecraft_server.1.8.8.exe"=0x53414350010000000000000007000000280000002409850078F3060001000000000000000000000A712000000261329FFFBAD00100000000000000000200000028000000000000000000000000000000000000000000000000000000C29D6700000000000E0000000E000000 "C:\Windows\SysWOW64\FlashPlayerApp.exe"=0x5341435001000000000000000700000028000000F85D0C002C710C0001000000000000000000000A712200000261329FFFBAD00100000000000000000200000028000000000000000000000000000000000000000000000000000000BC230500000000000100000001000000 "C:\Users\Cédric\Downloads\CFSetup410.exe"=0x534143500100000000000000070000002800000028430C00FD850C00010000000000000000000106000100000261329FFFBAD0010000000000000000020000002800000000000000000000400000000000000000000000000000000081720000000000000100000001000000 "C:\Users\Cédric\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C0740200EE3F030001000000000000000000000A002100000261329FFFBAD0010000000100000000 "C:\Program Files\Windows Mail\wabmig.exe"=0x5341435001000000000000000700000028000000000C0100E1B2010001000000010000000000000A73220000078CBF8EFFBAD0010000000000000000 "C:\Program Files\Windows Mail\wab.exe"=0x534143500100000000000000070000002800000000E60700736B080001000000010000000000000A73220000078CBF8EFFBAD0010000000000000000 "C:\Users\Cédric\Downloads\CFSetup415.exe"=0x534143500100000000000000070000002800000080450C006EAC0C00010000000000000000000106000100000261329FFFBAD001000000000000000002000000280000000000000000000040000000000000000000000000000000005F5B0000000000000100000001000000 "C:\Users\Cédric\AppData\Local\Microsoft\BingSvc\BSvcProcessor.exe"=0x534143500100000000000000070000002800000098101100C837110001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000002A760000000000002B0100002B010000 "C:\Users\Cédric\AppData\Local\Temp\NVIDIA\DisplayDriver\GeForceGameReadyDriver\setup.exe"=0x5341435001000000000000000700000028000000305106007585060001000000000000000000000A002100000261329FFFBAD0010000000000000000020000002800000000000000800000400000000000000000000000000000000032880200000000000100000001000000 "D:\Jeux\Steam\steamapps\common\fallout 4\Fallout4.exe"=0x5341435001000000000000000700000028000000E091BD040000000001000000000000000000000A73220000078CBF8EFFBAD00100000000000000000200000028000000000000000000000000000000000000000000000000000000C2040000000000000100000001000000 "D:\Jeux\Ubisoft\Ubisoft Game Launcher\Uplay.exe"=0x534143500100000000000000070000002800000038DBB8007353B90001000000000000000000000A712200000261329FFFBAD0010000000000000000020000002800000000000000000000000000000000000000000000000000000068690000000000000100000001000000 "C:\Users\Cédric\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C0740200EE3F030001000000000000000000000A0021000019B4C529E312D1010000000100000000 "SIGN.MEDIA=B62559BF setup.exe"=0x53414350010000000000000007000000280000007B624700000000000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000661E0300000000000300000003000000 "D:\Games\Minecraft Story Mode Episode 2\MinecraftStoryMode.exe"=0x5341435001000000000000000700000028000000A049BB00C1E8B50001000000000000000000000A7122000019B4C529E312D1010000000000000000050000001000000000000000000000000000000020000000020000007800000000000000200000600000000000000000000000000000000040050000000000000E0000000C000000000000000000000000000000000000000000000000000000FFAD040000000000080000000000000000000000000000400000000000000000000000000000000048010000000000000100000000000000 "C:\Users\Cédric\AppData\Local\Temp\devcon.exe"=0x5341435001000000000000000700000028000000002E0100AA7501000100000000000000000000067120000019B4C529E312D101000000000000000002000000280000000000000000080000000000000000000000000000000000006D000000000000000100000001000000 "SIGN.MEDIA=967899BE setup.exe"=0x53414350010000000000000007000000280000006D624700000000000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000006D50600000000000100000001000000 "D:\Games\Sonic Lost World\slw.exe"=0x53414350010000000000000007000000280000000032CB000000000001000000000000000000000A7120000019B4C529E312D10100000000000000000500000010000000000000000000000000000000200000000200000028000000000000002000006010000000000000000000000000000000C4034600000000000800000008000000 "SIGN.MEDIA=F5FD294F setup.exe"=0x53414350010000000000000007000000280000008B624700000000000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000664E0500000000000100000001000000 "C:\Users\Cédric\Downloads\SpotifySetup.exe"=0x5341435001000000000000000700000028000000A88D03003666040001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000004DE20100000000000400000004000000 "C:\Program Files\CCleaner\CCleaner64.exe"=0x5341435001000000000000000700000028000000182F7D00752D7E0001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000CF020000000000000500000005000000 "C:\Users\Cédric\AppData\Roaming\Spotify\SpotifyWebHelper.exe"=0x534143500100000000000000070000002800000038E81D00E5701E000100000000000000000003060001000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000096151C01000000000200000002000000 "C:\Program Files\Microsoft Office 15\ClientX64\officec2rclient.exe"=0x5341435001000000000000000700000028000000C85C0E00FA980E0001000000000000000000000A7320000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000034481502000000001000000010000000 "C:\Users\Cédric\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"=0x5341435001000000000000000700000028000000C81A7B001C1B7B0001000000000000000000000A0021000019B4C529E312D1010000000100000000 "C:\Users\Cédric\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncConfig.exe"=0x5341435001000000000000000700000028000000C88002006A18030001000000000000000000000A0021000019B4C529E312D1010000000100000000 "C:\Users\Cédric\Downloads\SteamSetup.exe"=0x534143500100000000000000070000002800000070881600A65717000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000035F90000000000000200000002000000 "C:\Users\Cédric\AppData\Local\Temp\NVIDIA\DisplayDriver\GeForceGameReadyDriver359.06\setup.exe"=0x534143500100000000000000070000002800000078500600B87D060001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000080000040000000000000000000000000000000003CDD0100000000000100000001000000 "SIGN.MEDIA=AE8C0204 setup.exe"=0x534143500100000000000000070000002800000098624700000000000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000090350800000000000200000002000000 "D:\Games\Tom Clancys Rainbow Six Siege\RainbowSix.exe"=0x5341435001000000000000000700000028000000E882370271DC370201000000000000000000000A7322000059193B14E312D1010000000000000000050000001000000000000000000000000000000030000000020000005000000000000000300000600000000000000000000000000000000080D41500000000000200000002000000000000002000006000000000010000000000000000000000B59C0500000000000300000000000000 "D:\Games\Minecraft Story Mode Episode 3\MinecraftStoryMode.exe"=0x53414350010000000000000007000000280000000080B800434AB90001000000000000000000000A6122000019B4C529E312D10100000000000000000500000010000000000000000000000000000000300000000200000050000000000000003000006000000000000000000000000000000000520E71000000000004000000040000000000000020000060000000000100000000000000000000005B6F0F00000000000100000000000000 "C:\Users\Cédric\AppData\Local\Temp\NVIDIA\DisplayDriver\GeForceGameReadyDriver361.43\setup.exe"=0x5341435001000000000000000700000028000000305106002A9B060001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000080000040000000000000000000000000000000008D010200000000000100000001000000 "F:\WD Smartware Pro Free Trial\WDSmartWareProFreeTrial.exe"=0x5341435001000000000000000700000028000000902B4D000C6C4D000100000000000000000002067122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000005FDB0600000000000400000004000000 "C:\Users\Cédric\Desktop\WD SmartWare Installer.exe"=0x534143500100000000000000070000002800000038701602973B17020100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F5D30B00000000000100000001000000 "C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe"=0x534143500100000000000000070000002800000070E954003381550001000000000000000000000A7122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000074172000000000000A0000000A000000 "SIGN.MEDIA=1195800 MediaCreationTool.exe"=0x5341435001000000000000000700000028000000007819017A131A0101000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000158D3300000000000100000001000000 "C:\Users\Cédric\Downloads\MediaCreationTool.exe"=0x5341435001000000000000000700000028000000007819017A131A0101000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000049C84A00000000000900000009000000 "SIGN.MEDIA=3D01252B setup.exe"=0x5341435001000000000000000700000028000000F62D0A00000000000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000211B3300000000000200000002000000 "D:\Jeux\Far Cry 4\bin\FarCry4.exe"=0x5341435001000000000000000700000028000000D86201002572010001000000000000000000000A7320000059193B14E312D10100000000000000000200000050000000000000001000002000000000000000000000000000000000D69E510000000000030000000300000000000000000000000000000001000000000000000000000050270300000000000100000000000000 "SIGN.MEDIA=A1635CF7 setup.exe"=0x53414350010000000000000007000000280000006ED25D00000000000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000C4471100000000000100000001000000 "D:\Jeux\Ori and the Blind Forest\ori.exe"=0x534143500100000000000000070000002800000000C8DF000000000001000000000000000000000A7120000019B4C529E312D10100000000000000000200000028000000000000002000006000000000000000000000000000000000CEB62E00000000000300000003000000 "SIGN.MEDIA=414431FE setup.exe"=0x53414350010000000000000007000000280000002DB94C000000000001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F24D0300000000000100000001000000 "D:\Games\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe"=0x5341435001000000000000000700000028000000A049BB00C1E8B50001000000000000000000000A7122000019B4C529E312D10100000000000000000200000050000000000000001000002000000000000000000000000000000000118F0000000000000100000001000000000000000000000000000000010000000000000000000000AAFD0000000000000100000000000000 "C:\Users\Cédric\Desktop\Slime.Rancher.v0.2.1\SlimeRancher.exe"=0x534143500100000000000000070000002800000000E027010000000001000000000000000000000A0021000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000003B660A00000000000100000001000000 "D:\Jeux\Slime.Rancher.v0.2.1\SlimeRancher.exe"=0x534143500100000000000000070000002800000000E027010000000001000000000000000000000A0021000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000009D0D7300000000000100000001000000 "C:\Users\Cédric\Desktop\IGG-SlimeRancherv0.2.3b\SlimeRancher.exe"=0x534143500100000000000000070000002800000000AAF6000000000001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000090310000000000000100000001000000 "D:\Jeux\IGG-SlimeRancherv0.2.3b\SlimeRancher.exe"=0x534143500100000000000000070000002800000000AAF6000000000001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000AAA64D00000000000400000004000000 "C:\Program Files\Microsoft Office 15\root\office15\powerpnt.exe"=0x534143500100000000000000070000002800000048341C00F3FE1C0001000000000000000000000A0021000019B4C529E312D1010000009100000000 "D:\Jeux\Battle.net\Battle.net.exe"=0x5341435001000000000000000700000028000000E82F0600FB3506000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000D745D709000000007300000073000000 "C:\Users\Cédric\Desktop\MSIAfterburnerSetup420.exe"=0x534143500100000000000000070000002800000058CB4802038449020100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000400D0300000000000100000001000000 "C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe"=0x5341435001000000000000000700000028000000C82003003CBC030001000000000000000000000A7122000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000003BE61000000000000100000001000000 "D:\Jeux\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe"=0x5341435001000000000000000700000028000000886F4F03338A4F0301000000000000000000000A7320000059193B14E312D10100000000000000000200000028000000000000001000002000000000000000000000000000000000A7970100000000000400000004000000 "SIGN.MEDIA=D06F34BC setup.exe"=0x53414350010000000000000007000000280000004BED42000000000001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000034980B00000000000100000001000000 "C:\Users\Cédric\Desktop\b-twit20160203\Update\setup.exe"=0x5341435001000000000000000700000028000000BDB540000000000001000000000000000000000A0021000019B4C529E312D101000000800000000002000000280000000000000000000000000000000000000000000000000000008B170400000000000100000001000000 "D:\Jeux\The Witness\witness_d3d11.exe"=0x534143500100000000000000070000002800000000967D000000000001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000008BC68700000000000A0000000A000000 "D:\Jeux\Steam\bin\steamservice.exe"=0x534143500100000000000000070000002800000050BE0C00DD560D0001000000000000000000000A0021000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000651F0C00000000000400000004000000 "C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe"=0x534143500100000000000000070000002800000038EDD8003A11D90001000000000000000000000A7122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000001000000000000000000000069150400000000000100000001000000 "C:\Users\Cédric\Downloads\jre-8u73-windows-i586-iftw.exe"=0x534143500100000000000000070000002800000060360B00D0F30B0001000000000000000000000A7122000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000076B60200000000000200000002000000 "C:\Users\Cédric\Downloads\jre-8u73-windows-x64.exe"=0x534143500100000000000000070000002800000060446703BBC2670301000000000000000000000A7322000059193B14E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000AD480100000000000400000004000000 "C:\Users\Cédric\Downloads\Firefox Setup Stub 44.0.1.exe"=0x534143500100000000000000070000002800000080B20300EA1204000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000D1F40300000000000200000002000000 "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"=0x5341435001000000000000000700000028000000C80106009987060001000000000000000000000A0021000019B4C529E312D1010000000100000000 "C:\Program Files\WinRAR\Uninstall.exe"=0x5341435001000000000000000700000028000000F8E102004AF1020001000000000000000000000A0021000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000008D000000000000000100000001000000 "C:\Program Files\VideoLAN\VLC\vlc.exe"=0x534143500100000000000000070000002800000013080200100A020001000000000000000000000A6322000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000006A22FE00000000001C0000001C000000 "C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe"=0x5341435001000000000000000700000028000000C8DA08000FFA080001000000000000000000000A7122000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000322C0300000000000100000001000000 "C:\Program Files (x86)\Intel Driver Update Utility\DriverUpdateUI.exe"=0x5341435001000000000000000700000028000000F8CC15008F77160001000000000000000000000A8021000019B4C529E312D10100000080000000000200000028000000000000000000004000000000000000000000000000000000C9A41100000000000400000004000000 "C:\Users\Cédric\Desktop\RtsXStor_10.0.370.102_20150722_WHQL\setup.exe"=0x5341435001000000000000000700000028000000D8361200857612000100000000000000000003060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000000C6E0000000000000100000001000000 "C:\Users\Cédric\Desktop\Install_Win10_10006_10132015\setup.exe"=0x5341435001000000000000000700000028000000D8361200931813000100000000000000000003060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000007A530100000000000100000001000000 "C:\Program Files\WinRAR\WinRAR.exe"=0x5341435001000000000000000700000028000000F86517009929180001000000000000000000000A0021000059193B14E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000000000000000000000000000000000000009AAA0300000000002A0000002A000000 "C:\Users\Cédric\Desktop\Nouveau dossier\AsusSetup.exe"=0x5341435001000000000000000700000028000000184337001AFD370001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000009B510000000000000100000001000000 "C:\Program Files\Wireshark\Wireshark.exe"=0x5341435001000000000000000700000028000000C86E6C00B3106D0001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000A03D2C00000000000100000001000000 "C:\Users\Cédric\AppData\Local\Temp\NVIDIA\DisplayDriver\GeForceGameReadyDriver361.91\setup.exe"=0x5341435001000000000000000700000028000000C06B06007750070001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000008000004000000000000000000000000000000000FCAA0200000000000100000001000000 "C:\Program Files\AVAST Software\Avast\avastui.exe"=0x5341435001000000000000000700000028000000B8F16C00C04C6D0001000000000000000000000A0021000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000005D939600000000000300000003000000 "C:\Users\Cédric\Desktop\Serveur\minecraft_server.1.8.9.exe"=0x5341435001000000000000000700000028000000F3FA840077AF060001000000000000000000000A7120000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000D8292900000000002300000023000000 "C:\Program Files (x86)\Skype\Phone\Skype.exe"=0x534143500100000000000000070000002800000080160403563D040301000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000073ACA102000000001900000019000000 "SIGN.MEDIA=EF244E45 Setup.exe"=0x534143500100000000000000070000002800000063D015000000000001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000041D10200000000000100000001000000 "D:\Jeux\Rocket League Revenge of the Battle-Cars\Binaries\Win32\RocketLeague.exe"=0x534143500100000000000000070000002800000000808001817D670101000000000000000000000A7122000019B4C529E312D101000000000000000002000000500000000000000010000020100000000000000000000000000000009A37000000000000010000000100000000000000000000000000000001000000000000000000000069F4020000000000010000000000000006000000080000000000000001000000 "D:\Jeux\Banished 1.0.4 32-Bit [PXG]\setup.exe"=0x5341435001000000000000000700000028000000C78C0600000000000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000FE990000000000000100000001000000 "D:\Jeux\Banished\Application-x32.exe"=0x534143500100000000000000070000002800000000361900000000000100000000000000000003067102000019B4C529E312D1010000000000000000020000005000000000000000100000200000000000000000000000000000000075DC000000000000010000000100000000000000000000000000000001000000000000000000000048D40000000000000100000000000000 "C:\Users\Cédric\Downloads\setup_icmtrainer.exe"=0x5341435001000000000000000700000028000000E48483020000000001000000000000000000000A4122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000008A590000000000000100000001000000 "C:\Program Files (x86)\PokerStrategy.com\ICM Trainer Light\ICMTrainerLight.exe"=0x5341435001000000000000000700000028000000007E0E0000000000010000000000000000000106F122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000CE100C00000000000100000001000000 "D:\Jeux\Overwatch\Overwatch Launcher.exe"=0x534143500100000000000000070000002800000030602D00CBBA2D000100000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000800000000000000000000000000000000000000030050000000000000700000007000000 "C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe"=0x534143500100000000000000070000002800000070C1300060A8310001000000000000000000000AF320000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000765F0000000000000100000001000000 "D:\Jeux\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe"=0x5341435001000000000000000700000028000000107E1D00DE81170001000000000000000000000A7122000019B4C529E312D1010000000000000000020000002800000000000000800000000000000000000000000000000000000004230100000000001100000011000000 "C:\Program Files\AVAST Software\Avast\setup\instup.exe"=0x534143500100000000000000070000002800000008DF0B000000000003000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000005ABC0000000000000100000001000000 "C:\Program Files (x86)\MSI Afterburner\Uninstall.exe"=0x534143500100000000000000070000002800000026600100038449020300000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000025330000000000000100000001000000 "C:\Program Files (x86)\Nmap\Uninstall.exe"=0x5341435001000000000000000700000028000000FBCE0000000000000300000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000019640000000000000100000001000000 "C:\Program Files (x86)\RivaTuner Statistics Server\Uninstall.exe"=0x53414350010000000000000007000000280000000C5E0100755C53010300000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000066160000000000000100000001000000 "C:\Program Files\Wireshark\uninstall.exe"=0x5341435001000000000000000700000028000000287B0600B76107000300000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000DB1A0000000000000100000001000000 "C:\Program Files (x86)\NBA 2K15\unins000.exe"=0x5341435001000000000000000700000028000000694A1200000000000300000000000000000003060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000008D0D0000000000000100000001000000 "C:\Program Files\DriversCloud.com\MCDetection.exe"=0x534143500100000000000000070000002800000088742300F556240001000000000000000000000A0021000059193B14E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000614F1200000000000A0000000A000000 "C:\Users\Cédric\Downloads\Install_Win10_10007_02192016\setup.exe"=0x5341435001000000000000000700000028000000D8361200931813000100000000000000000003060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000048CE0100000000000100000001000000 "C:\Users\Cédric\Downloads\RtsXStor_10.0.370.125_20160201_WHQL\setup.exe"=0x5341435001000000000000000700000028000000D8361200857612000100000000000000000003060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000027CF0000000000000100000001000000 "C:\Users\Cédric\Downloads\Setup.exe"=0x534143500100000000000000070000002800000068380F006D930F0001000000000000000000000A0021000019B4C529E312D101000000000000000005000000100000000000000000000000000000000000000002000000280000000000000000000040000000000000000000000000000000001B200000000000000100000001000000 "C:\Users\Cédric\Downloads\win64_153342.exe"=0x5341435001000000000000000700000028000000702AC207D90DC3070100000000000000000001057100000019B4C529E312D10100000000000000000200000028000000000000000008004000000000000000000000000000000000DAF50000000000000100000001000000 "C:\Users\Cédric\Downloads\win64_154014.4352.exe"=0x534143500100000000000000070000002800000038CC160BE58A170B0100000000000000000001057100000019B4C529E312D10100000000000000000200000028000000000000000008004000000000000000000000000000000000D8530100000000000100000001000000 "C:\Users\Cédric\Downloads\Intel Driver Update Utility Installer.exe"=0x534143500100000000000000070000002800000030134C0067EB4C0001000000000000000000000A0021000019B4C529E312D101000000800000000002000000280000000000000000000000000000000000000000000000000000002F140100000000000200000002000000 "C:\Users\Cédric\AppData\Local\Popcorn Time\Uninstall.exe"=0x5341435001000000000000000700000028000000D0CB05008EED01000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000527F0000000000000100000001000000 "C:\Users\Cédric\Downloads\Nouveau dossier\Stardew Valley.exe"=0x5341435001000000000000000700000028000000001C21000000000001000000000000000000000AF122000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000063682A00000000000200000002000000 "D:\Jeux\Stardew Valley\Stardew Valley.exe"=0x5341435001000000000000000700000028000000001C21000000000001000000000000000000000AF122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000CCDD2B00000000000100000001000000 "C:\Users\Cédric\Desktop\Logiciels\HOTS Logs Uploader.exe"=0x534143500100000000000000070000002800000000BE14000000000001000000000000000000000AF520000059193B14E312D1010000000000000000050000001000000000000000000000000000000000000000060000000800000010000000000000000200000050000000000000000000000010000000000000000000000000000000D1933703000000001600000001000000000000000000004010000000000000000000000000000000020A0000000000000200000000000000 "C:\Windows\SysWOW64\vulkaninfo.exe"=0x534143500100000000000000070000002800000018A3000015BB000001000000000000000000000A7122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000D64F0000000000000200000002000000 "D:\Program Files (x86)\Origin Games\Battlefield 3\pbsvc.exe"=0x53414350010000000000000007000000280000004860270040A827000300000000000000000001067102000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000E6060000000000000100000001000000 "C:\Users\Cédric\Downloads\pbsetup.exe"=0x534143500100000000000000070000002800000000840C00000000000100000000000000000003067100000019B4C529E312D101000000000000000005000000100000000000000000000000000000000008000002000000280000000000000000080040000000000000000000000000000000003D720100000000000100000001000000 "C:\Program Files\ASUS\P4G\AsCall.exe"=0x534143500100000000000000070000002800000080D103001E4304000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000C6760000000000000100000001000000 "C:\Users\Cédric\Downloads\HOTS Logs Uploader.exe"=0x534143500100000000000000070000002800000000BE14000000000001000000000000000000000AF520000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000036A87102000000001A0000001A000000 "C:\Users\Cédric\Downloads\cpu-z_1.75-en.exe"=0x5341435001000000000000000700000028000000206A1900AD9519000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000F1330000000000000100000001000000 "C:\Program Files\CPUID\CPU-Z\cpuz.exe"=0x5341435001000000000000000700000028000000386C3300DCEA330001000000000000000000000A0021000059193B14E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000004C810200000000000200000002000000 "C:\Users\Cédric\Downloads\TeamSpeak3-Client-win64-3.0.19.exe"=0x5341435001000000000000000700000028000000A059DF017743E0010100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000995D8F00000000000100000001000000 "C:\Program Files (x86)\Overwolf\OWUninstaller.exe"=0x534143500100000000000000070000002800000090B80100A2F401000300000000000000000003060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000B4F0000000000000100000001000000 "D:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe"=0x534143500100000000000000070000002800000018C34A02E27C4B0201000000000000000000000A7322000059193B14E312D10100000000000000000200000078000000000000001000002000000000000000000000000000000000021B0F0000000000010000000100000000000000000000000000000001000000000000000000000090A8180000000000010000000000000000000000100000800000000000000000000000000000000045131800000000000300000000000000 "D:\Jeux\Battle.net\Battle.net.7100\Battle.net.exe"=0x5341435001000000000000000700000028000000E83D9C001F8C9C0001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000D45A8102000000002100000021000000 "SIGN.MEDIA=AFE5D746 setup.exe"=0x53414350010000000000000007000000280000002F9B4B00000000000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000D94C0300000000000100000001000000 "D:\Jeux\Trackmania Turbo\TrackmaniaTurbo.exe"=0x5341435001000000000000000700000028000000A0508901E32E8A0101000000000000000000000A7122000019B4C529E312D10100000000000000000500000010000000000000000000000000000000300000000200000050000000000000003000006000000000000000000000000000000000D51155000000000005000000050000000000000020000060000000000100000000000000000000007D650400000000000100000000000000 "C:\Program Files (x86)\yesbnd\thption.exe"=0x5341435001000000000000000700000028000000302E0C00ADB10C0001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000BBBE1400000000000200000002000000 "C:\Program Files\DAEMON Tools Lite\DTAgent.exe"=0x5341435001000000000000000700000028000000C0744100AD79410001000000000000000000000A0021000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000003310000000000000400000004000000 "C:\Program Files (x86)\yesbnd\Uninst.exe"=0x5341435001000000000000000700000028000000F0390400641D050003000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000055900100000000000100000001000000 "SIGN.MEDIA=BA6CABDF setup.exe"=0x53414350010000000000000007000000280000004DB72B00000000000100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000003AC40A00000000000200000002000000 "C:\Program Files\DAEMON Tools Lite\DTLauncher.exe"=0x5341435001000000000000000700000028000000C0BE2F001B3E300001000000000000000000000A7322000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000B6350A00000000000100000001000000 "D:\Jeux\Portal Knights\SmartSteamLoader.exe"=0x53414350010000000000000007000000280000000088030085E9030001000000000000000000000A7122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000010000000000000000000000293EEC01000000000400000004000000 "D:\Jeux\Portal Knights\portal_knights_x64.exe"=0x53414350010000000000000007000000280000000054D4000000000001000000000000000000000A7320000059193B14E312D10100000000000000000500000010000000000000000000000000000000000000000200000050000000000000000000004000000000000000000000000000000000680600000000000001000000010000000000000000000000000000000000000000000000000000003B180000000000000300000000000000 "SIGN.MEDIA=13BDF65A setup.exe"=0x53414350010000000000000007000000280000003F9B4B00000000000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000DF2B0400000000000100000001000000 "D:\Jeux\Tiny Knight\TinyKnight.exe"=0x5341435001000000000000000700000028000000003228010000000001000000000000000000000A0021000059193B14E312D10100000000000000000500000010000000000000000000000000000000200000000200000050000000000000000000000000000000000000000000000000000000EF070000000000000100000001000000000000002000006000000000000000000000000000000000CEFD0C00000000000300000000000000 "D:\Jeux\Overwatch\ErrorReporting\x64\CrashMailer_64.exe"=0x534143500100000000000000070000002800000000E203000000000001000000000000000000000A7322000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000010000000000000000200000002000000 "D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe"=0x5341435001000000000000000700000028000000188709006B6E0A0001000000000000000000000A7122000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000DE870000000000000200000002000000 "D:\Jeux\Hearthstone\Hearthstone.exe"=0x5341435001000000000000000700000028000000E8D1F500B9B1F60001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000B540000000000000100000001000000 "C:\Program Files (x86)\OpenOffice 4\program\swriter.exe"=0x534143500100000000000000070000002800000000960100A61902000100000000000000000003067102000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000030C0B301000000000500000005000000 "C:\Users\Cédric\AppData\Local\Temp\NVIDIA\DisplayDriver\GeForceGameReadyDriver365.10\setup.exe"=0x5341435001000000000000000700000028000000C06B0600FA44070001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000008000004000000000000000000000000000000000E5E20200000000000100000001000000 "D:\Jeux\Overwatch\Overwatch.exe"=0x5341435001000000000000000700000028000000E8A79F01E025A00101000000000000000000000A7322000059193B14E312D1010000000000000000020000002800000000000000100000200000000000000000000000000000000029BF0000000000000100000001000000 "C:\Users\Cédric\Downloads\0010-Install_Win10_10008_04212016\Install_Win10_10008_04212016\setup.exe"=0x5341435001000000000000000700000028000000D8361200931813000100000000000000000003060001000019B4C529E312D1010000000000000000020000002800000000000000000000400000000000000000000000000000000096C80200000000000100000001000000 "C:\Users\Cédric\Downloads\Intel Components\win64_153343.4425.exe"=0x53414350010000000000000007000000280000004002C0076844C0070100000000000000000001057100000019B4C529E312D10100000000000000000200000028000000000000000008004000000000000000000000000000000000AC770100000000000100000001000000 "C:\Users\Cédric\Downloads\BTW 12.0.1.940 Retail Package\Setup.exe"=0x5341435001000000000000000700000028000000003F8800B137890001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000006AF90200000000000100000001000000 "C:\Users\Cédric\Downloads\SetupRST.exe"=0x53414350010000000000000007000000280000007826D600892DD60001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000E4310200000000000100000001000000 "C:\Users\Cédric\Desktop\Jeux\Programme en C\Jeu by Okinato.exe"=0x5341435001000000000000000700000028000000D56D0000C3C5000001000000000000000000000A7120000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000F3090000000000000100000001000000 "D:\Jeux\Sonic Lost World\slw.exe"=0x53414350010000000000000007000000280000000032CB000000000001000000000000000000000A7120000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000028272900000000000100000001000000 "C:\Users\Cédric\AppData\Local\Temp\NVIDIA\DisplayDriver\GeForceGameReadyDriver368.22\setup.exe"=0x5341435001000000000000000700000028000000C06B0600323F070001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000800000400000000000000000000000000000000053580300000000000100000001000000 "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorUI.exe"=0x5341435001000000000000000700000028000000384A0A00BA6A0A0001000000000000000000000AF122000019B4C529E312D1010000000000000000020000002800000000000000800000400000000000000000000000000000000063B51100000000000200000002000000 "C:\Users\Cédric\Downloads\CFSetup430.exe"=0x5341435001000000000000000700000028000000E8680C00678B0C000100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000002A560100000000000100000001000000 "C:\Program Files (x86)\Clownfish\Clownfish.exe"=0x5341435001000000000000000700000028000000F0E214009F8D150001000000000000000000000A7122000019B4C529E312D101000000000000000002000000500000000000000000000000000000000000000000000000000000001507000000000000260000000A000000000000000000004000000000000000000000000000000000FC050000000000000100000000000000 "C:\Program Files (x86)\Clownfish\uninstall.exe"=0x5341435001000000000000000700000028000000BA460100678B0C000300000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000D8180000000000000100000001000000 "C:\Users\Cédric\AppData\Local\Discord\Update.exe"=0x5341435001000000000000000700000028000000B84C1700858F170001000000000000000000000AF522000019B4C529E312D101000000800000000002000000280000000000000000000000000000000000000000000000000000003F415002000000002D0000002D000000 "C:\Users\Cédric\Downloads\SideSync_4.3.0.92.exe"=0x534143500100000000000000070000002800000010FAE1023FE9E2020100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000086D0200000000000100000001000000 "C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe"=0x5341435001000000000000000700000028000000B020A70063DBA70001000000000000000000000A7120000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000001874B201000000000100000001000000 "C:\ProgramData\Battle.net\Agent\Agent.4949\Agent.exe"=0x5341435001000000000000000700000028000000E8314300BA32430001000000000000000000000A0021000019B4C529E312D1010000008000000000020000002800000000000000800000400000000000000000000000000000000071EF0000000000000100000001000000 "C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe"=0x534143500100000000000000070000002800000018C12D008FD52D0001000000000000000000000AF122000019B4C529E312D101000000800000000002000000280000000000000000000000000000000000000000000000000000000D760600000000000100000001000000 "C:\Users\Cédric\AppData\Local\Temp\NVIDIA\DisplayDriver\GeForceGameReadyDriver368.39\setup.exe"=0x5341435001000000000000000700000028000000387206006E7A060001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000008000004000000000000000000000000000000000C1E60100000000000100000001000000 "C:\Users\Cédric\Downloads\JavaSetup8u91.exe"=0x534143500100000000000000070000002800000040460B006D820B0001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000007D1B0200000000000200000002000000 "C:\Program Files (x86)\Java\jre1.8.0_91\bin\javacpl.exe"=0x5341435001000000000000000700000028000000400C0100BC6901000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000000000100000000000000000000000000000B34A0700000000000400000004000000 "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe"=0x534143500100000000000000070000002800000008EE5400DE2A550001000000000000000000000A7122000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000004F0E0F00000000000300000003000000 "C:\Users\Cédric\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe"=0x53414350010000000000000007000000280000001823AF001DADAF0001000000000000000000000A7322000059193B14E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000F4780100000000000100000001000000 "C:\Program Files (x86)\Java\jre1.8.0_91\bin\javaw.exe"=0x534143500100000000000000070000002800000040EC0200F0B6030001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000ABEE8900000000001A0000001A000000 "C:\Users\Cédric\Downloads\jarfix.exe"=0x534143500100000000000000070000002800000041FF0000000000000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000BC1A0000000000000300000003000000 "C:\Program Files (x86)\GSAutoClicker3\unins000.exe"=0x53414350010000000000000007000000280000001EE90A00000000000300000000000000000001060001000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000063140000000000000100000001000000 "C:\ProgramData\Battle.net\Agent\Agent.5004\Agent.exe"=0x5341435001000000000000000700000028000000E8C94500A3D4450001000000000000000000000A0021000019B4C529E312D10100000080000000000200000028000000000000008000004000000000000000000000000000000000CA020100000000000100000001000000 "D:\Jeux\Battle.net\Battle.net Launcher.exe"=0x5341435001000000000000000700000028000000E8A32F00535E300001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000008000000000000000000000000000000000000000D3EB5B08000000002B0000002B000000 "C:\Users\Cédric\Downloads\AMIDST.exe"=0x534143500100000000000000070000002800000070AE0200211B01000100000000000000000001067100000019B4C529E312D10100000000000000000200000028000000000000000000000000100000000000000000000000000000ED170000000000000100000001000000 "C:\Users\Cédric\Downloads\AMIDST-3.7.exe"=0x5341435001000000000000000700000028000000DC112B00CF5003000100000000000000000003067100000019B4C529E312D101000000000000000002000000280000000000000000000000001000000000000000000000000000005CCE0000000000000100000001000000 "D:\Jeux\Tiny Knight\unins000.exe"=0x534143500100000000000000070000002800000071251800000000000100000000000000000001060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000002BF80000000000000100000001000000 "D:\Jeux\Origin\Origin.exe"=0x5341435001000000000000000700000028000000F0873700F79637000100000000000000000002060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000006FC9A101000000000200000002000000 "C:\Users\Cédric\AppData\Local\FluxSoftware\Flux\flux.exe"=0x534143500100000000000000070000002800000088850F0016DA0F000100000000000000000001060001000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000023F1905000000000100000001000000 "C:\Program Files\Internet Explorer\iexplore.exe"=0x5341435001000000000000000700000028000000C0740C00BD6F0D0001000000010000000000000A0021000059193B14E312D1010000000000000000 "C:\Users\Cédric\AppData\Roaming\.minecraft\Minecraft.exe"=0x534143500100000000000000070000002800000088091300F7AC130001000000000000000000000A7120000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000B35B8900000000000400000004000000 "C:\ProgramData\NVIDIA Corporation\GeForce Experience\Update\setup.exe"=0x5341435001000000000000000700000028000000387206002EC7060001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000008000004000000000000000000000000000000000BD7A6402000000000100000001000000 "C:\Program Files\NVIDIA Corporation\Display\nvtray.exe"=0x5341435001000000000000000700000028000000C0752500CBFB250001000000000000000000000A7322000059193B14E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000000D716302000000000100000001000000 "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\LaunchGFExperience.exe"=0x5341435001000000000000000700000028000000C04110004CF610000100000000000000000003060001000019B4C529E312D1010000000000000000020000002800000000000000800000000000000000000000000000000000000040D20100000000000100000001000000 "C:\Users\Cédric\AppData\Local\Temp\NVIDIA\DisplayDriver\GeForceGameReadyDriver368.69\setup.exe"=0x5341435001000000000000000700000028000000C06B06001886060001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000800000400000000000000000000000000000000096940200000000000100000001000000 "C:\ProgramData\Battle.net\Agent\Agent.5050\Agent.exe"=0x5341435001000000000000000700000028000000E8DF45005A24460001000000000000000000000A0021000019B4C529E312D1010000008000000000020000002800000000000000800000400000000000000000000000000000000039656B00000000000100000001000000 "C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe"=0x5341435001000000000000000700000028000000F0EC2D0030862E000100000000000000000001060001000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000070110100000000000100000001000000 "C:\Users\Cédric\Downloads\Age of Aincrad Demo.exe"=0x534143500100000000000000070000002800000000B8F5000000000001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000955B0500000000000100000001000000 "C:\Users\Cédric\Downloads\VoxelWorldGame\MC\Binaries\Win64\MC.exe"=0x534143500100000000000000070000002800000000FC6D02A0386E0201000000000000000000000A7322000059193B14E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000075AB0600000000000100000001000000 "C:\Users\Cédric\Downloads\BringItBack build 20160324_GOLDRELEASE\WindowsNoEditor\Sandbox.exe"=0x5341435001000000000000000700000028000000006A0200F1C2010001000000000000000000000A7320000059193B14E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000AD910100000000000100000001000000 "C:\Users\Cédric\Downloads\PoSp_setup.1.exe"=0x534143500100000000000000070000002800000010ECDC0E000000000100000000000000000003060001000019B4C529E312D101000000000000000002000000280000000000000000000040000000000000000000000000000000002F1D0600000000000100000001000000 "C:\Users\Cédric\Desktop\PoS_prototype\PoS_prototype.exe"=0x5341435001000000000000000700000028000000004E1D00000000000100000000000000000003067122000019B4C529E312D10100000000000000000200000050000000000000001000002000000000000000000000000000000000F00E010000000000020000000200000000000000000000000000000001000000000000000000000040BE0000000000000100000000000000 "C:\Users\Cédric\Desktop\PoS_prototype\unins000.exe"=0x5341435001000000000000000700000028000000A1F40A00000000000100000000000000000003060001000019B4C529E312D10100000000000000000200000028000000000000000000000000020000000000000000000000000000431C0000000000000100000001000000 "C:\Users\Cédric\Downloads\Football Manager 2016_16.2.0\fm.exe"=0x534143500100000000000000070000002800000018ED5402C8AD550201000000000000000000000A0021000019B4C529E312D101000000C00000000005000000100000000000000000000000000000000000000002000000500000000000000000000010000000000000000000000000000000005F53000000000000060000000400000000000000000000500000000000000000000000000000000089250000000000000100000000000000 "C:\Users\Cédric\Downloads\Football Manager 2016_16.2.0\helper.exe"=0x53414350010000000000000007000000280000001A2F0A000000000001000000000000000000000A7122000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000000000000000000000000000000000000000733B0000000000000300000003000000 "C:\Users\Cédric\Downloads\Football Manager 2016_16.2.0\fmREBUILD92ILEFX.exe"=0x534143500100000000000000070000002800000018ED54024444550201000000000000000000000A0021000019B4C529E312D101000000C0000000000500000010000000000000000000000000000000000000000200000050000000000000000000001000000000000000000000000000000000D5640000000000000300000001000000000000000000005000000000000000000000000000000000585F0300000000000100000000000000 "D:\Jeux\Steam\Steam.exe"=0x534143500100000000000000070000002800000050822B009F2E2C0001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000931CE205000000002700000027000000 "C:\Users\Cédric\Downloads\Football Manager 2016_16.2.0\fmFINAL2.exe"=0x5341435001000000000000000700000028000000F7C32E0028542F0001000000000000000000000A6122000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000B80B0000000000000200000002000000 "C:\Users\Cédric\Downloads\Football Manager 2016_16.2.0\fmFINAL.exe"=0x5341435001000000000000000700000028000000F7C32E0028542F0001000000000000000000000A6122000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000260C0000000000000300000003000000 "C:\Users\Cédric\Downloads\Football Manager 2016_16.2.0\fmMASKING.exe"=0x534143500100000000000000070000002800000018715602BA54570201000000000000000000000A0021000019B4C529E312D101000000C0000000000200000028000000000000000000001000000000000000000000000000000000D0070000000000000500000005000000 "C:\Users\Cédric\AppData\Roaming\BitTorrent\BitTorrent.exe"=0x534143500100000000000000070000002800000008181E00C5C71E0001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000C7060000000000000100000001000000 "D:\Jeux\Steam\steamapps\common\Counter-Strike Global Offensive\bin\hammer.exe"=0x534143500100000000000000070000002800000000C80200000000000100000000000000000002060001000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000004E000000000000000200000002000000 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"=0x5341435001000000000000000700000028000000489711005F57120001000000000000000000000A0021000059193B14E312D1010000000100000000 "C:\Users\Cédric\Desktop\SAMSUNG_USB_Driver_for_Mobile_Phones.exe"=0x53414350010000000000000007000000280000004813F5001671F5000100000000000000000000067100000019B4C529E312D1010000000000000000020000002800000000000000000800400000000000000000000000000000000079700100000000000100000001000000 "C:\Users\Cédric\Downloads\Nouveau dossier\g361f root\Odin3-v3.10.6.exe"=0x534143500100000000000000070000002800000000BC2200D15E23000100000000000000000003067102000019B4C529E312D101000000000000000002000000500000000000000000000040000000000000000000000000000000009CE65B000000000004000000010000000000000000000000000000000000000000000000000000006C6F6100000000000A00000000000000 "C:\Users\Cédric\AppData\Local\Temp\NVIDIA\DisplayDriver\GeForceGameReadyDriver368.81\setup.exe"=0x534143500100000000000000070000002800000038720600C35C070001000000000000000000000A0021000019B4C529E312D101000000000000000002000000280000000000000080000040000000000000000000000000000000009B030300000000000100000001000000 "C:\Users\Cédric\Downloads\adb-setup-1.4.2.exe"=0x53414350010000000000000007000000280000001FCD9200000000000100000000000000000001060001000019B4C529E312D101000000000000000002000000500000000000000000000000000000000000000000000000000000001287000000000000010000000100000000000000000000400000000000000000000000000000000006690100000000000100000000000000 "C:\adb\fastboot.exe"=0x534143500100000000000000070000002800000000000300C2E303000100000000000000000003067100000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000009C000000000000000100000001000000 "C:\adb\adb.exe"=0x534143500100000000000000070000002800000000680F00413A10000100000000000000000003067100000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000042020000000000000100000001000000 "C:\Program Files\Windows NT\Accessories\wordpad.exe"=0x534143500100000000000000070000002800000000F04400A226450001000000010000000000000A7322000059193B14E312D1010000000000000000 "D:\Jeux\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe"=0x5341435001000000000000000700000028000000C03F7D01E7BC7B0101000000000000000000000A7122000019B4C529E312D101000000000000000005000000100000000000000000000000000000001000000002000000500000000000000010000060000000000000000000000000000000006801000000000000010000000100000000000000100000200000000000000000000000000000000057010000000000000100000000000000 "C:\Users\Cédric\AppData\Roaming\Spotify\Spotify.exe"=0x5341435001000000000000000700000028000000707E6900B6D6690001000000000000000000000A0021000019B4C529E312D1010000000000000000020000002800000000000000000000000000000000000000000000000000000028A19600000000000100000001000000 "C:\Users\Cédric\AppData\Roaming\Osmegim Jevroce\Osmegim.exe"=0x5341435001000000000000000700000028000000005E53000000000001000000000000000000000AF120000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000001F000000000000000100000001000000 "C:\Users\Cédric\AppData\Roaming\Osmegim Jevroce\Application\Osmegim.exe"=0x53414350010000000000000007000000280000000EB84800ACAE490001000000000000000000000A6120000019B4C529E312D101000000000000000002000000280000000000000000000000000000000000000000000000000000007A730000000000000500000005000000 "C:\Program Files\Windows Defender\MSASCui.exe"=0x534143500100000000000000070000002800000000541400449F140001000000010000000000000A0021000059193B14E312D1010000000000000000 "C:\Users\Cédric\Downloads\mbam-setup-2.2.1.1043.exe"=0x534143500100000000000000070000002800000090AF5C017A9F5D0101000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000000000000000000000000000000000000000AE071B00000000000100000001000000 "C:\Users\Cédric\Downloads\AdwCleaner.exe"=0x5341435001000000000000000700000028000000408C3700A74F380001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000A0290000000000000100000001000000 "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe"=0x5341435001000000000000000700000028000000E0759700E487970001000000000000000000000A7122000019B4C529E312D10100000000000000000500000010000000000000000000000000000000000000000200000028000000000000000000004000000000000000000000000000000000CE170000000000000100000001000000 "C:\Users\Cédric\Downloads\QuickDiag.exe"=0x5341435001000000000000000700000028000000A8DF2000053A210001000000000000000000000A0021000019B4C529E312D10100000000000000000200000028000000000000000000004000000000000000000000000000000000159E0000000000000100000001000000 ---------- | IFEO ---------- | Mountpoints2 [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{2ea2efaf-01d2-11e6-8393-382c4a201b31}] : "I:\setup.exe" (AutoRun) [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\Mountpoints2\{796903b9-312b-11e5-8312-18cf5ea86080}] : "G:\setup.exe" (AutoRun) ---------- | Windows [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] ""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows] "APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "Beep"=#USR:Control Panel\Sound "CoolSwitch"=USR:Control Panel\Desktop "DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW "DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "DoubleClickHeight"=#USR:Control Panel\Mouse "DoubleClickSpeed"=#USR:Control Panel\Mouse "DoubleClickWidth"=#USR:Control Panel\Mouse "DragFullWindows"=USR:Control Panel\Desktop "InitialKeyboardIndicators"=USR:Control Panel\Keyboard "LowPowerActive"=#USR:Control Panel\Desktop "LowPowerTimeOut"=#USR:Control Panel\Desktop "MouseSpeed"=#USR:Control Panel\Mouse "MouseThreshold1"=#USR:Control Panel\Mouse "MouseThreshold2"=#USR:Control Panel\Mouse "PowerOffActive"=#USR:Control Panel\Desktop "PowerOffTimeOut"=#USR:Control Panel\Desktop "ScreenSaveActive"=#USR:Control Panel\Desktop "ScreenSaveTimeOut"=#USR:Control Panel\Desktop "SnapToDefaultButton"=#USR:Control Panel\Mouse "SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS "SwapMouseButtons"=#USR:Control Panel\Mouse "TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot] ""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot "ScreenSaverActive"=USR:Control Panel\Desktop "ScreenSaverIsSecure"=USR:Control Panel\Desktop "SCRNSAVE.EXE"=USR:Control Panel\Desktop "Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon [HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems] "windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 ---------- | Security center [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\Windows Defender] "LastKnownGoodProxy"=1 [HKLM\SOFTWARE\Microsoft\Security Center] "cval"=1 [HKLM\SOFTWARE\Microsoft\Security Center\svc] "VistaSp1"=130921856032064358 [HKLM\SOFTWARE\Microsoft\Windows Defender] "ProductAppDataPath"=C:\ProgramData\Microsoft\Windows Defender "ProductIcon"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-100 "ProductLocalizedName"=@%ProgramFiles%\Windows Defender\EppManifest.dll,-1000 "RemediationExe"=%ProgramFiles%\Windows Defender\MSASCui.exe "DisableAntiSpyware"=0 "ProductType"=2 "ManagedDefenderProductType"=0 "ProductStatus"=0 "InstallTime"=0x17C65A1AC8D2CF01 "DisableAntiVirus"=0 "OneTimeSqmDataSent"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=1 [HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=1 ---------- | Safeboot [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicDisplay.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BasicRender.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BrokerInfrastructure] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DeviceInstall] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dxgkrnl.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FsDepends.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LSM] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmartcardSimulator] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SpbCx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SystemEventsBroker] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\uefi.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VirtualSmartcardReader] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wcmsvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{9DA2B80F-F89F-4A49-A5C2-511B085B9E8A}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] [HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] ---------- | Winsock (Whitelist) [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012] : MSAFD Pgm (RDM) [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013] : MSAFD Pgm (Stream) [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000012] : MSAFD Pgm (RDM) [HKLM\SYSTEM\ControlSet001\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000013] : MSAFD Pgm (Stream) [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012] : MSAFD Pgm (RDM) [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000013] : MSAFD Pgm (Stream) [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000012] : MSAFD Pgm (RDM) [HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000013] : MSAFD Pgm (Stream) ---------- | Hosts ---------- | @ [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Internet Explorer\Main] "Anchor Underline"=yes "Disable Script Debugger"=yes "DisableScriptDebuggerIE"=yes "Display Inline Images"=yes "Do404Search"=0x01000000 "Save_Session_History_On_Exit"=no "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Show_FullURL"=no "Show_StatusBar"=yes "Show_ToolBar"=yes "Show_URLinStatusBar"=yes "Show_URLToolBar"=yes "Use_DlgBox_Colors"=yes "UseClearType"=no "XMLHTTP"=1 "Cache_Update_Frequency"=Once_Per_Session "Local Page"=C:\Windows\system32\blank.htm "NoUpdateCheck"=1 "Enable Browser Extensions"=yes "Play_Background_Sounds"=yes "Play_Animations"=yes "Start Page"=http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131051041037579306&GUID=EA8CC354-2D09-44CB-8668-0B9623F6C7C1 "Default_Page_URL"=http://asus13.msn.com/?pc=ASJB "DisableFirstRunCustomize"=3 "OperationalData"=13 "CompatibilityFlags"=0 "FullScreen"=no "Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000050000A0020000 "ImageStoreRandomFolder"=9u9ff91 "IE10RunOncePerInstallCompleted"=1 "IE10RunOnceCompletionTime"=0xED3F9AA5B6C7D101 "DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD7010000AC000000F704000004030000 "ApplicationTileImmersiveActivation"=0 "AssociationActivationMode"=2 "Isolation"=PMIL "EdgeSwitchingOSBuildNumber"=10586.th2_release_sec.160527-1834 "SmoothScroll"=1 "Start Page_TIMESTAMP"=0x7042E5E74B59D101 "SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy"=0x0100000038000000554DE1A8AC3E78B64DE106A529B8CB62DA468A2AA7652D071BC7F0AFC92FE6B052ADE86C313B6BFED2D2C43FC07913A07A06F004E2E15BB2020000000E000000383062474477752F363441253364 "AutoHide"=yes [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\CurrentVersion\Internet settings] "DisableCachingOfSSLPages"=0 "IE5_UA_Backup_Flag"=5.0 "PrivacyAdvanced"=1 "SecureProtocols"=2688 "CertificateRevocation"=1 "User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32) "ZonesSecurityUpgrade"=0xB522EFBA7832D101 "EmailName"=User@ "AutoConfigProxy"=wininet.dll "MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges "WarnOnPost"=0x01000000 "UseSchannelDirectly"=0x01000000 "EnableHttp1_1"=1 "UrlEncoding"=0 "WarnonZoneCrossing"=0 "EnableNegotiate"=1 "MigrateProxy"=1 "ProxyEnable"=0 [HKLM\Software\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\System32\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE "DisableRandomFlighting"=0 "EnableLegacyEdgeSwitching"=1 "Start Page"=about:blank "TabProcGrowth"=Medium "DoNotTrack"=1 [HKLM\Software\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main] "Anchor_Visitation_Horizon"=0x01000000 "ApplicationTileImmersiveActivation"=1 "AssociationActivationMode"=0 "AutoHide"=yes "Cache_Percent_of_Disk"=0x0A000000 "Default_Page_URL"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896 "Default_Secondary_Page_URL"= "Delete_Temp_Files_On_Exit"=yes "Enable_Disk_Cache"=yes "Extensions Off Page"=about:NoAdd-ons "Local Page"=C:\Windows\SysWOW64\blank.htm "Placeholder_Height"=0x1A000000 "Placeholder_Width"=0x1A000000 "Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896 "Security Risk Page"=about:SecurityRisk "Start Page"=http://go.microsoft.com/fwlink/p/?LinkId=255141 "Use_Async_DNS"=yes "x86AppPath"=C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE [HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs] "blank"=res://mshtml.dll/blank.htm "DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm "Home"=270 "InPrivate"=res://ieframe.dll/inprivate.htm "NavigationCanceled"=res://ieframe.dll/navcancl.htm "NavigationFailure"=res://ieframe.dll/navcancl.htm "NoAdd-ons"=res://ieframe.dll/noaddon.htm "NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm "PostNotCached"=res://ieframe.dll/repost.htm "SecurityRisk"=res://ieframe.dll/securityatrisk.htm [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix] ""=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes] "ftp"=ftp:// "home"=http:// "mosaic"=http:// "www"=http:// [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings] "ActiveXCache"=C:\Windows\Downloaded Program Files "CodeBaseSearchPath"=CODEBASE "EnablePunycode"=1 "MinorVersion"=0 "WarnOnIntranet"=1 ---------- | reparsepoint ---------- | Detection of offsets ---------- | Notify ---------- | SSODL | SEH | URLSH | STS ---------- | Toolbar [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "Locked"=1 [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser] "{1DAC0C53-7D23-4AB3-856A-B04D98CD982A}"=0x530CAC1D237DB34A856AB04D98CD982A "ITBar7Layout"=0x13000000000000000000000020000000100001001800000001000000800600006D010000060000008100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000530CAC1D237DB34A856AB04D98CD982A0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000 [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} "KnownProvidersUpgradeTime"=0xED3F9AA5B6C7D101 "Version"=5 "UpgradeTime"=0xED3F9AA5B6C7D101 "DefaultPackCorrection"=1 [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A} ---------- | Extensions [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] : (Skype for Business Click to Call) - [] [HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49}] : (Se&nd to OneNote) - [] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}] : (OneNote Lin&ked Notes) - [] ---------- | SearchScopes [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (Bing) - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 : [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}] - () - : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}] - (Bing) - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASJB : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] - (@ieframe.dll,-12512) - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC : ---------- | Browser Helper Objects [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] -> () : [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] -> () : [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] -> (Java(tm) Plug-In SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [05/07/2016 22:43:36] [HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] -> (Java(tm) Plug-In 2 SSV Helper) : C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [05/07/2016 22:43:36] ---------- | Chrome [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Google\Chrome\Extensions\Ìÿ] [HKLM\Software\Google\Chrome\Extensions\Ìÿ] [HKLM\Software\WOW6432Node\Google\Chrome\Extensions\Ìÿ] ---------- | Opera ---------- | Firefox [HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 22.0.0.209 Plugin) : C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2] - () : C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.7.0] - () : C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1] - (VLC Multimedia Plugin) : C:\Program Files\VideoLAN\VLC\npvlc.dll [HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect] - () : C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 22.0.0.209 Plugin) : C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4] - (ESN Sonar browser plugin) : C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@esn/esnlaunch,version=2.3.0] - () : C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2] - () : C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.0] - () : C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5] - (Intel IPT WebApi plugin) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater] - (This plugin updates Intel WebAPI component) : C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2] - (Java™ Deployment Toolkit) : C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [HKLM\Software\WOW6432Node\MozillaPlugins\adobe.com/AdobeAAMDetect] - () : C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll ---------- | Active Connections TCP 127.0.0.1:85 PC-Ced:15996 ESTABLISHED 6948 TCP 127.0.0.1:1120 PC-Ced:15979 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:15981 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:15983 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:15985 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:15990 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:15994 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:15995 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:15997 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:15998 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:15999 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:16000 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:16001 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:16002 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:16003 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:16004 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:16005 TIME_WAIT 0 TCP 127.0.0.1:1120 PC-Ced:16006 TIME_WAIT 0 TCP 127.0.0.1:1603 PC-Ced:65001 ESTABLISHED 2692 TCP 127.0.0.1:1835 PC-Ced:1836 ESTABLISHED 8948 TCP 127.0.0.1:1836 PC-Ced:1835 ESTABLISHED 8948 TCP 127.0.0.1:15986 PC-Ced:15987 ESTABLISHED 6948 TCP 127.0.0.1:15987 PC-Ced:15986 ESTABLISHED 6948 TCP 127.0.0.1:15996 PC-Ced:85 ESTABLISHED 9100 TCP 127.0.0.1:65001 PC-Ced:1603 ESTABLISHED 2692 TCP 192.168.1.64:1574 msnbot-191-232-139-58.search.msn.com:https ESTABLISHED 5992 TCP 192.168.1.64:1614 wl-in-f188.1e100.net:5228 ESTABLISHED 5552 TCP 192.168.1.64:1710 24.105.29.75:http CLOSE_WAIT 8756 TCP 192.168.1.64:1840 80-239-208-193.customer.teliacarrier.com:1119 ESTABLISHED 8948 TCP 192.168.1.64:5728 ec2-50-16-202-119.compute-1.amazonaws.com:https CLOSE_WAIT 5060 TCP 192.168.1.64:5729 ec2-50-16-202-119.compute-1.amazonaws.com:https CLOSE_WAIT 5060 TCP 192.168.1.64:8935 81.171.103.12:http ESTABLISHED 5552 TCP 192.168.1.64:11047 40.101.29.114:https ESTABLISHED 7812 TCP 192.168.1.64:13767 151.101.12.94:https ESTABLISHED 5552 TCP 192.168.1.64:13968 par03s15-in-f14.1e100.net:https ESTABLISHED 5552 TCP 192.168.1.64:14470 par10s21-in-f14.1e100.net:https ESTABLISHED 5552 TCP 192.168.1.64:15072 104.244.42.8:https ESTABLISHED 5552 TCP 192.168.1.64:15371 ec2-50-16-202-119.compute-1.amazonaws.com:https CLOSE_WAIT 5060 TCP 192.168.1.64:15834 wk-in-f154.1e100.net:https ESTABLISHED 5552 TCP 192.168.1.64:15835 par03s15-in-f14.1e100.net:https ESTABLISHED 5552 TCP 192.168.1.64:15837 par03s15-in-f99.1e100.net:https ESTABLISHED 5552 TCP 192.168.1.64:15870 par03s15-in-f14.1e100.net:https ESTABLISHED 5552 TCP 192.168.1.64:15904 par03s15-in-f14.1e100.net:https ESTABLISHED 5552 TCP 192.168.1.64:15968 a-0011.a-msedge.net:https ESTABLISHED 7832 TCP 192.168.1.64:15982 185.60.115.21:http TIME_WAIT 0 TCP 192.168.1.64:15988 despari.informatik.uni-erlangen.de:https ESTABLISHED 6948 TCP 192.168.1.64:15989 ehlo.4711.se:http ESTABLISHED 6948 TCP 192.168.1.64:15991 65.19.167.133:https ESTABLISHED 6948 TCP 192.168.1.64:15992 tor-relay.knightsbridge.net:9001 ESTABLISHED 6948 TCP 192.168.1.64:15993 fr.de.coretek.ru:9001 ESTABLISHED 6948 ---------- | DNS [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{33bb1db9-77c6-4ca4-a38a-fe2a77fcb61a}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{514b1719-c3e2-430b-95de-935f859b5343}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{c56ba898-47a4-4b76-b483-c9b5047943df}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\ControlSet001\services\Tcpip\Parameters\Interfaces\{d0f5ee33-d761-438f-a38f-57fcdc7f3d72}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{33bb1db9-77c6-4ca4-a38a-fe2a77fcb61a}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{514b1719-c3e2-430b-95de-935f859b5343}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{c56ba898-47a4-4b76-b483-c9b5047943df}] "DhcpNameServer"=192.168.1.1 [HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{d0f5ee33-d761-438f-a38f-57fcdc7f3d72}] "DhcpNameServer"=192.168.1.1 ---------- | Applications [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Classes\Applications\::{52205FD8-5DFB-447D-801A-D0B52F2E83E1}] : "::{52205FD8-5DFB-447D-801A-D0B52F2E83E1}" %1 [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Classes\Applications\BitTorrent.exe] : "C:\Users\Cédric\AppData\Roaming\BitTorrent\BitTorrent.exe" "%1" [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Classes\Applications\chrome.exe] : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "%1" [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Classes\Applications\codeblocks.exe] : "C:\Program Files (x86)\CodeBlocks\codeblocks.exe" "%1" [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Classes\Applications\java.exe] : "C:\Users\Cédric\AppData\Roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\java.exe" "%1" [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Classes\Applications\Steam.exe] : "D:\Jeux\Steam\Steam.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\csgo.exe] : "d:\jeux\steam\steamapps\common\counter-strike global offensive\csgo.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\hl2.exe] : "c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOXMLED.EXE" "%1" [HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" [HKLM\SOFTWARE\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\csgo.exe] : "d:\jeux\steam\steamapps\common\counter-strike global offensive\csgo.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\hl2.exe] : "c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MSOXMLED.EXE] : "C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\MSOXMLED.EXE" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Photoshop.exe] : "C:\Program Files\Adobe\Adobe Photoshop CC 2014\Photoshop.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1 [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\provtool.exe] : "%SystemRoot%\System32\provtool.exe" "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\vlc.exe] : "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "%1" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L" [HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1" ---------- | Svchost - Netsvcs (Whitelisted) NetSetupSvc - %SystemRoot%\System32\NetSetupSvc.dll : %SystemRoot%\System32\svchost.exe -k netsvcs UserManager - %SystemRoot%\System32\usermgr.dll : %SystemRoot%\system32\svchost.exe -k netsvcs ---------- | Software [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Adobe] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\AppDataLow] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\ASUS] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\BitTorrent] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Blizzard Entertainment] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\cd projekt red] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Chromium] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Clients] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Clubic] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\CodeBlocks] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Colossal Order] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Conexant] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Convex] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\CoolROM] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Cyberlink] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Deep Silver] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\DefaultCompany] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Disc Soft] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\DSS] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\ECAREME] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Elantech] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Electronic Arts] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Epic Games] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\FlyAnvil] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\g3n-h@ckm@n] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Google] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\IM Providers] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Intel] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\JavaSoft] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Logitech] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Macromedia] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Michael Herf] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft Studios] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Mine] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Monomi Park] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\MountAndBladeWarbandKeys] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Mozilla] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\MozillaPlugins] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Ndemic Creations] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Netscape] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\NVIDIA Corporation] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\ODBC] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\OpenOffice] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Piriform] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Policies] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\PopCap] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\QtProject] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Razer] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Reflections] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\RegisteredApplications] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Rockstar Games] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Samsung] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\SEGA] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Shining Rock Software LLC] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Skype] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\SlimeRancher] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\SmallGamesInfo] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Spotify] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\SyncEngines] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\SYNCJM] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\sysinternals] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\TeamSpeak 3 Client] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Terraria] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Trolltech] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\ubisoft] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Unity] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Unity Technologies] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Unwinder] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Valve] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\VirtualDJ] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Waves Audio] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Western Digital] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\WIDBTW] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Widcomm] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\WinRAR] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\WinRAR SFX] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Wireshark] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Wow6432Node] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\AppDataLow\Software\JavaSoft] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\AppDataLow\Software\Microsoft] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\CurrentVersion] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\DWM] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\Roaming] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\Shell] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\TabletPC] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows\Windows Error Reporting] [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\Adobe] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Agere] [HKLM\Software\Alienware] [HKLM\Software\Apple Inc.] [HKLM\Software\ASUS] [HKLM\Software\BitDefender Parental Control] [HKLM\Software\BitdefenderSavedSettings] [HKLM\Software\Broadcom] [HKLM\Software\Clients] [HKLM\Software\Cnxt_Uiu_Parms] [HKLM\Software\Conexant] [HKLM\Software\CPUID] [HKLM\Software\cybelsoft] [HKLM\Software\Dell] [HKLM\Software\Disc Soft] [HKLM\Software\EA Games] [HKLM\Software\ECAREME] [HKLM\Software\EpicGames] [HKLM\Software\g3n-h@ckm@n] [HKLM\Software\Google] [HKLM\Software\Huawei technologies] [HKLM\Software\IM Providers] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\Logitech] [HKLM\Software\LSI] [HKLM\Software\Macromedia] [HKLM\Software\McAfee.com] [HKLM\Software\Microsoft] [HKLM\Software\Mozilla] [HKLM\Software\MozillaPlugins] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\Partner] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\RTLSetup] [HKLM\Software\SAMSUNG] [HKLM\Software\Synaptics] [HKLM\Software\sysinternals] [HKLM\Software\TeamSpeak 3 Client] [HKLM\Software\VideoLAN] [HKLM\Software\Waves Audio] [HKLM\Software\Western Digital] [HKLM\Software\Widcomm] [HKLM\Software\WinRAR] [HKLM\Software\WOW6432Node] [HKLM\Software\Microsoft\Windows\ClickNote] [HKLM\Software\Microsoft\Windows\Configuration] [HKLM\Software\Microsoft\Windows\CurrentVersion] [HKLM\Software\Microsoft\Windows\DWM] [HKLM\Software\Microsoft\Windows\EnterpriseResourceManager] [HKLM\Software\Microsoft\Windows\HTML Help] [HKLM\Software\Microsoft\Windows\ITStorage] [HKLM\Software\Microsoft\Windows\ScheduledDiagnostics] [HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\Microsoft\Windows\Shell] [HKLM\Software\Microsoft\Windows\Tablet PC] [HKLM\Software\Microsoft\Windows\TabletPC] [HKLM\Software\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\Microsoft\Windows\Windows Search] [HKLM\Software\Microsoft\Windows NT\CurrentVersion] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\ICService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\print] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\UnistackSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\utcsvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\WepHostSvcGroup] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wsappx] [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wswpnservice] [HKLM\Software\WOW6432Node\Activision] [HKLM\Software\WOW6432Node\Adobe] [HKLM\Software\WOW6432Node\AGEIA Technologies] [HKLM\Software\WOW6432Node\AMD] [HKLM\Software\WOW6432Node\Apple Inc.] [HKLM\Software\WOW6432Node\AsLdr] [HKLM\Software\WOW6432Node\ASUS] [HKLM\Software\WOW6432Node\Battlelog Web Plugins] [HKLM\Software\WOW6432Node\bethesda softworks] [HKLM\Software\WOW6432Node\Blizzard Entertainment] [HKLM\Software\WOW6432Node\cd projekt red] [HKLM\Software\WOW6432Node\Conexant] [HKLM\Software\WOW6432Node\CyberLink] [HKLM\Software\WOW6432Node\deep silver] [HKLM\Software\WOW6432Node\EA Games] [HKLM\Software\WOW6432Node\ECAREME] [HKLM\Software\WOW6432Node\Electronic Arts] [HKLM\Software\WOW6432Node\ESN Launcher] [HKLM\Software\WOW6432Node\ESN Sonar-0.70.4] [HKLM\Software\WOW6432Node\Fraps] [HKLM\Software\WOW6432Node\Google] [HKLM\Software\WOW6432Node\Huawei technologies] [HKLM\Software\WOW6432Node\IM Providers] [HKLM\Software\WOW6432Node\InstallShield] [HKLM\Software\WOW6432Node\Intel] [HKLM\Software\WOW6432Node\JavaSoft] [HKLM\Software\WOW6432Node\JreMetrics] [HKLM\Software\WOW6432Node\Khronos] [HKLM\Software\WOW6432Node\Macromedia] [HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware] [HKLM\Software\WOW6432Node\Microsoft] [HKLM\Software\WOW6432Node\Mozilla] [HKLM\Software\WOW6432Node\mozilla.org] [HKLM\Software\WOW6432Node\MozillaPlugins] [HKLM\Software\WOW6432Node\Notepad++] [HKLM\Software\WOW6432Node\NVIDIA Corporation] [HKLM\Software\WOW6432Node\ODBC] [HKLM\Software\WOW6432Node\OpenOffice] [HKLM\Software\WOW6432Node\Origin] [HKLM\Software\WOW6432Node\Origin Games] [HKLM\Software\WOW6432Node\PopCap] [HKLM\Software\WOW6432Node\PopCap Games] [HKLM\Software\WOW6432Node\re-logic] [HKLM\Software\WOW6432Node\Realtek] [HKLM\Software\WOW6432Node\Realtek Semiconductor Corp.] [HKLM\Software\WOW6432Node\Rockstar Games] [HKLM\Software\WOW6432Node\Samsung] [HKLM\Software\WOW6432Node\Skype] [HKLM\Software\WOW6432Node\techland] [HKLM\Software\WOW6432Node\THQ] [HKLM\Software\WOW6432Node\Ubisoft] [HKLM\Software\WOW6432Node\Valve] [HKLM\Software\WOW6432Node\VirtualDJ] [HKLM\Software\WOW6432Node\WDPA] [HKLM\Software\WOW6432Node\Western Digital] [HKLM\Software\WOW6432Node\WildTangent] [HKLM\Software\WOW6432Node\WinPcap] [HKLM\Software\WOW6432Node\Clients] [HKLM\Software\WOW6432Node\Even Balance] [HKLM\Software\WOW6432Node\Policies] [HKLM\Software\WOW6432Node\RegisteredApplications] [HKLM\Software\WOW6432Node\Microsoft\Windows\ClickNote] [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help] [HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage] [HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider] [HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting] [HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\appmodel] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] [HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc] ---------- | Drives D: ---------- | C: [22/08/2013 17:36:31] - |SHD| - [6593086814] - C:\$Recycle.Bin [29/12/2015 17:19:52] - |D| - [11714] - C:\$WINDOWS.~BT [04/01/2016 00:29:02] - |HD| - [287537] - C:\$Windows.~WS [14/07/2016 23:50:33] - |AD| - [1363456] - C:\adb [17/07/2016 00:45:03] - |D| - [3233685372] - C:\AdwCleaner [16/05/2014 02:48:47] - |SHD| - [18508556] - C:\Boot [MD5.55272FE96AD87017755FD82F7928FDA0] - [22/08/2013 17:44:03] - |RASH| - (.-.) - [398356] - (0.0.0.0) - C:\bootmgr [MD5.93B885ADFE0DA089CDF634904FD59F71] - [22/08/2013 17:44:04] - |ASH| - (.-.) - [1] - (0.0.0.0) - C:\BOOTNXT [12/08/2015 18:30:30] - |D| - [9289099] - C:\ddf08829011a564b8de73f94cee8 [10/07/2015 14:21:38] - |SHD| - [0] - C:\Documents and Settings [01/02/2015 17:49:22] - |D| - [317] - C:\ElementalTinkerer [18/09/2014 09:37:26] - |D| - [3813329023] - C:\eSupport [09/09/2015 17:46:20] - |D| - [134848792] - C:\fd924fab5ff1005c97b8d7189982 [31/07/2015 22:30:22] - |D| - [29109074] - C:\Games [18/03/2015 21:39:49] - |D| - [4764] - C:\HammerAutosave [MD5.D41D8CD98F00B204E9800998ECF8427E] - [17/11/2015 00:01:31] - |ASH| - (.-.) - [3386908672] - (0.0.0.0) - C:\hiberfil.sys [18/09/2014 00:44:01] - |HD| - [1785864] - C:\Intel [MD5.E85A0604817CC7BA12642436D72C2834] - [07/04/2016 14:49:58] - |A| - (.-.) - [29842] - (0.0.0.0) - C:\License.rtf [01/04/2015 18:38:48] - |RHD| - [39600] - C:\MSOCache [25/12/2015 12:26:46] - |HD| - [0] - C:\OneDriveTemp [MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/09/2014 00:38:00] - |ASH| - (.-.) - [1879048192] - (0.0.0.0) - C:\pagefile.sys [30/10/2015 09:24:24] - |D| - [0] - C:\PerfLogs [30/10/2015 08:28:30] - |RD| - [52156136637] - C:\Program Files [30/10/2015 08:28:30] - |RD| - [11563697819] - C:\Program Files (x86) [30/10/2015 09:24:24] - |HD| - [17786162638] - C:\ProgramData [17/07/2016 04:23:52] - |D| - [262073] - C:\QuickDiag [MD5.60F9A4A9DD890B36D841B31C639623C6] - [17/07/2016 04:23:59] - |A| - (.-.) - [276589] - (0.0.0.0) - C:\QuickDiag.txt [16/11/2015 23:36:05] - |SHD| - [971] - C:\Recovery [MD5.D41D8CD98F00B204E9800998ECF8427E] - [18/09/2014 00:38:01] - |ASH| - (.-.) - [268435456] - (0.0.0.0) - C:\swapfile.sys [18/09/2014 09:26:46] - |SHD| - [0] - C:\System Volume Information [30/10/2015 08:28:30] - |RD| - [119851036381] - C:\Users [30/10/2015 08:28:30] - |D| - [27435047143] - C:\Windows ---------- | C:\WINDOWS [30/10/2015 09:24:24] - |D| - [802] - C:\WINDOWS\addins [22/08/2013 17:36:31] - |D| - [0] - C:\WINDOWS\ADFS [30/10/2015 09:24:24] - |D| - [35874581] - C:\WINDOWS\appcompat [30/10/2015 09:24:24] - |D| - [12360910] - C:\WINDOWS\AppPatch [30/10/2015 09:24:24] - |D| - [0] - C:\WINDOWS\AppReadiness [MD5.A042151CE88A60DCA63BF3D0BEF6A642] - [18/09/2014 01:19:48] - |A| - (.-.) - [28528] - (0.0.0.0) - C:\WINDOWS\AsChkDev.txt [MD5.FB4AADE3A72075C54C17B53AB58631BE] - [18/06/2014 11:35:29] - |A| - (.-.) - [23] - (0.0.0.0) - C:\WINDOWS\AsDCDVer.txt [MD5.4083FE896F9732B909EE4A470B9D09E3] - [16/05/2014 02:21:01] - |A| - (.-.) - [28] - (0.0.0.0) - C:\WINDOWS\AsHDIVer.txt [30/10/2015 09:24:24] - |RSD| - [933778188] - C:\WINDOWS\assembly [MD5.E79023F04FCED2923C019C3B22C9A8D5] - [18/09/2014 09:35:15] - |A| - (.-.) - [54] - (0.0.0.0) - C:\WINDOWS\AsToolCDVer.txt [16/05/2014 01:25:57] - |AD| - [238970098] - C:\WINDOWS\ASUS [30/10/2015 09:24:24] - |D| - [241412] - C:\WINDOWS\bcastdvr [MD5.DE3C720C11A91557E1DFDFF0DB2AA3C2] - [30/10/2015 09:17:47] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Utilitaire de service de fichier de démarrage.) - [61952] - (10.0.10586.0) - C:\WINDOWS\bfsvc.exe [30/10/2015 09:24:24] - |D| - [32716961] - C:\WINDOWS\Boot [MD5.D2A04C015E7BEBD8CF8645B131C97A8C] - [16/11/2015 23:44:03] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\WINDOWS\bootstat.dat [30/10/2015 09:24:24] - |D| - [2380376] - C:\WINDOWS\Branding [MD5.9130CCE19B5DB3D2E31F9F789263FC4A] - [18/01/2015 18:26:21] - |A| - (.Copyright (c) 1999-2006 Microsoft Corporation - CAPICOM Module.) - [511328] - (2.1.0.2) - C:\WINDOWS\capicom.dll [30/10/2015 09:11:39] - |D| - [0] - C:\WINDOWS\CbsTemp [27/02/2016 23:34:39] - |D| - [3741198] - C:\WINDOWS\Cnxt [MD5.F59060E298148DE24DEBB3E8321C4407] - [30/10/2015 21:03:30] - |A| - (.-.) - [31816] - (0.0.0.0) - C:\WINDOWS\Core.xml [MD5.0774AE5CED574C9673CE44685FE349B0] - [15/05/2014 17:57:29] - |A| - (.-.) - [10] - (0.0.0.0) - C:\WINDOWS\csup.txt [30/10/2015 09:24:24] - |D| - [8970858] - C:\WINDOWS\Cursors [30/10/2015 09:24:24] - |D| - [10562283] - C:\WINDOWS\debug [30/10/2015 09:24:24] - |RD| - [20934] - C:\WINDOWS\DesktopTileResources [30/10/2015 09:24:24] - |RD| - [3032320] - C:\WINDOWS\DevicesFlow [MD5.187F01E43B098796C04E7C2A3DDD6AF3] - [06/08/2015 11:04:52] - |A| - (.-.) - [24050] - (0.0.0.0) - C:\WINDOWS\diagerr.xml [30/10/2015 09:24:24] - |D| - [4217368] - C:\WINDOWS\diagnostics [MD5.843A5DB1AB1F79E01DA867B72C7E6647] - [06/08/2015 11:04:52] - |A| - (.-.) - [25998] - (0.0.0.0) - C:\WINDOWS\diagwrn.xml [30/10/2015 21:00:07] - |D| - [0] - C:\WINDOWS\DigitalLocker [MD5.4991D20E0ADC0B7D849F27D3295D7DEF] - [13/07/2016 15:21:03] - |A| - (.-.) - [18549] - (0.0.0.0) - C:\WINDOWS\DirectX.log [30/10/2015 09:24:24] - |SD| - [65] - C:\WINDOWS\Downloaded Program Files [MD5.14F3C88CAA4D9535EDFBC8A9C1C91C13] - [14/07/2016 23:50:45] - |A| - (.-.) - [8866] - (0.0.0.0) - C:\WINDOWS\DPINST.LOG [30/10/2015 09:24:24] - |HD| - [44568] - C:\WINDOWS\ELAMBKUP [30/10/2015 21:00:07] - |D| - [0] - C:\WINDOWS\en-US [MD5.E396258CFD8F84E8F2C24930E6D88C67] - [13/07/2016 13:48:15] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Explorateur Windows.) - [4515256] - (10.0.10586.494) - C:\WINDOWS\explorer.exe [MD5.E1FD9DE48AF5D7652AA31BBE914F54B8] - [26/02/2009 08:50:32] - |A| - (.-.) - [176] - (0.0.0.0) - C:\WINDOWS\explorer.exe.config [30/10/2015 09:24:24] - |RSD| - [406555562] - C:\WINDOWS\Fonts [30/10/2015 21:00:07] - |D| - [134144] - C:\WINDOWS\fr-FR [30/10/2015 09:24:24] - |D| - [30022468] - C:\WINDOWS\Globalization [30/10/2015 09:24:24] - |D| - [72429828] - C:\WINDOWS\Help [MD5.430DE1635CE173440D34ABA1676113D7] - [13/07/2016 13:47:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Aide et support Microsoft.) - [994816] - (10.0.10586.494) - C:\WINDOWS\HelpPane.exe [MD5.C7228F24B9130C64DCF4C390A04A775C] - [30/10/2015 09:17:54] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Exécutable de l’aide HTML Microsoft®.) - [18432] - (10.0.10586.0) - C:\WINDOWS\hh.exe [30/10/2015 09:24:24] - |D| - [173194846] - C:\WINDOWS\IME [30/10/2015 09:24:24] - |RD| - [6840341] - C:\WINDOWS\ImmersiveControlPanel [30/10/2015 09:21:47] - |D| - [134844112] - C:\WINDOWS\INF [30/10/2015 09:24:24] - |D| - [931024796] - C:\WINDOWS\InfusedApps [30/10/2015 09:24:24] - |D| - [36258450] - C:\WINDOWS\InputMethod [30/10/2015 09:24:24] - |SHDC| - [567088540] - C:\WINDOWS\Installer [30/10/2015 09:24:24] - |D| - [89407] - C:\WINDOWS\L2Schemas [14/07/2016 20:57:33] - |D| - [296399412] - C:\WINDOWS\LastGood.Tmp [30/10/2015 09:24:24] - |D| - [358959927] - C:\WINDOWS\LiveKernelReports [16/05/2014 01:07:09] - |D| - [11273599] - C:\WINDOWS\Log [30/10/2015 08:31:03] - |D| - [42501784] - C:\WINDOWS\Logs [30/10/2015 09:24:24] - |RSD| - [20145669] - C:\WINDOWS\Media [22/08/2013 17:36:31] - |D| - [1619968] - C:\WINDOWS\MediaViewer [MD5.23AF90D2355D8C83AA4567EF1763B467] - [30/10/2015 09:17:40] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\WINDOWS\mib.bin [30/10/2015 09:24:24] - |D| - [811402167] - C:\WINDOWS\Microsoft.NET [30/10/2015 09:24:24] - |D| - [2371] - C:\WINDOWS\Migration [20/11/2015 22:48:14] - |D| - [0] - C:\WINDOWS\Minidump [30/10/2015 09:24:24] - |RD| - [470257] - C:\WINDOWS\MiracastView [30/10/2015 09:24:24] - |D| - [0] - C:\WINDOWS\ModemLogs [MD5.60336413E419C2EA5E215F1A32061E40] - [30/10/2015 09:19:28] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Bloc-notes.) - [244736] - (10.0.10586.0) - C:\WINDOWS\notepad.exe [30/10/2015 21:00:47] - |D| - [418530] - C:\WINDOWS\OCR [30/10/2015 09:24:24] - |RD| - [65] - C:\WINDOWS\Offline Web Pages [16/11/2015 23:35:57] - |DC| - [175413771] - C:\WINDOWS\Panther [30/10/2015 09:24:24] - |D| - [29181152] - C:\WINDOWS\Performance [MD5.485A343541C4F354023B39D6CABEE74A] - [14/07/2016 18:01:38] - |A| - (.-.) - [1268] - (0.0.0.0) - C:\WINDOWS\PFRO.log [30/10/2015 09:24:24] - |D| - [1136442] - C:\WINDOWS\PLA [30/10/2015 09:24:24] - |D| - [2566565] - C:\WINDOWS\PolicyDefinitions [16/11/2015 23:43:23] - |D| - [23743279] - C:\WINDOWS\Prefetch [30/10/2015 09:24:24] - |RD| - [1963312] - C:\WINDOWS\PrintDialog [30/10/2015 09:24:24] - |D| - [1297393] - C:\WINDOWS\Provisioning [30/07/2015 22:26:26] - |D| - [65536] - C:\WINDOWS\pss [30/10/2015 09:24:24] - |RD| - [774927] - C:\WINDOWS\PurchaseDialog [MD5.D9D56AFAA121BD6B4206F7FF3DA84BBA] - [30/10/2015 09:17:48] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Éditeur du Registre.) - [320512] - (10.0.10586.0) - C:\WINDOWS\regedit.exe [30/10/2015 09:24:24] - |D| - [1117876] - C:\WINDOWS\Registration [30/10/2015 09:24:24] - |D| - [7025927] - C:\WINDOWS\rescache [30/10/2015 09:24:24] - |D| - [5073727] - C:\WINDOWS\Resources [MD5.BAFE98D46BAB095F7935C444DBF9A884] - [28/02/2016 20:24:32] - |A| - (.TODO: (c) . - RtCRU.) - [4330200] - (1.11.0.0) - C:\WINDOWS\RtCRU64.exe [30/10/2015 09:24:24] - |D| - [0] - C:\WINDOWS\SchCache [30/10/2015 09:24:24] - |D| - [121229] - C:\WINDOWS\schemas [30/10/2015 09:24:24] - |D| - [7824860] - C:\WINDOWS\security [30/10/2015 21:07:12] - |D| - [94671811] - C:\WINDOWS\ServiceProfiles [30/10/2015 08:28:30] - |D| - [169642489] - C:\WINDOWS\servicing [30/10/2015 09:26:37] - |D| - [42] - C:\WINDOWS\Setup [MD5.D49B209A6F885656C0A898DA7DD095CE] - [04/07/2016 13:24:51] - |A| - (.-.) - [8478] - (0.0.0.0) - C:\WINDOWS\setupact.log [MD5.D41D8CD98F00B204E9800998ECF8427E] - [04/07/2016 13:24:51] - |A| - (.-.) - [0] - (0.0.0.0) - C:\WINDOWS\setuperr.log [30/10/2015 21:03:03] - |D| - [4544] - C:\WINDOWS\ShellNew [30/10/2015 21:00:30] - |D| - [6828144] - C:\WINDOWS\SKB [18/09/2014 00:42:16] - |D| - [166807357] - C:\WINDOWS\SoftwareDistribution [30/10/2015 09:24:24] - |D| - [103543755] - C:\WINDOWS\Speech [30/10/2015 09:24:24] - |D| - [50814701] - C:\WINDOWS\Speech_OneCore [MD5.3BB80AF91D069F97006DCCC031164903] - [30/10/2015 09:18:09] - |A| - (.© Microsoft Corporation. - Print driver host for applications.) - [128000] - (10.0.10586.0) - C:\WINDOWS\splwow64.exe [30/10/2015 09:24:24] - |D| - [31039] - C:\WINDOWS\System [MD5.286A9EDB379DC3423A528B0864A0F111] - [22/08/2013 15:25:43] - |A| - (.-.) - [219] - (0.0.0.0) - C:\WINDOWS\system.ini [30/10/2015 08:28:30] - |D| - [12620849836] - C:\WINDOWS\System32 [30/10/2015 09:24:25] - |D| - [155460814] - C:\WINDOWS\SystemApps [30/10/2015 09:24:25] - |D| - [18175861] - C:\WINDOWS\SystemResources [30/10/2015 08:28:37] - |D| - [1724253265] - C:\WINDOWS\SysWOW64 [30/10/2015 09:24:25] - |D| - [0] - C:\WINDOWS\TAPI [22/08/2013 17:36:30] - |D| - [3184] - C:\WINDOWS\Tasks [30/10/2015 09:24:25] - |D| - [17824367] - C:\WINDOWS\Temp [22/08/2013 17:36:30] - |RD| - [0] - C:\WINDOWS\ToastData [30/10/2015 09:24:25] - |D| - [0] - C:\WINDOWS\tracing [30/10/2015 09:24:25] - |D| - [7680] - C:\WINDOWS\twain_32 [MD5.669A44C0BCA67D8CDE111F7FBA91EE86] - [30/10/2015 09:19:30] - |A| - (.- Gestionnaire de sources Twain_32 (Image Acquisition Interface).) - [60416] - (1.7.1.3) - C:\WINDOWS\twain_32.dll [22/08/2013 17:36:30] - |D| - [0] - C:\WINDOWS\vpnplugins [30/10/2015 09:24:25] - |D| - [12420] - C:\WINDOWS\Vss [30/10/2015 09:24:25] - |D| - [15729830] - C:\WINDOWS\Web [MD5.3A04EB728E5519F2E0BB5CAD30969549] - [22/08/2013 15:25:43] - |A| - (.-.) - [226] - (0.0.0.0) - C:\WINDOWS\win.ini [MD5.C844CA459F3B209329984772269B6E56] - [30/10/2015 09:18:16] - |RAH| - (.-.) - [670] - (0.0.0.0) - C:\WINDOWS\WindowsShell.Manifest [MD5.038356387332650843BCB352BB89A101] - [04/07/2016 12:29:47] - |A| - (.-.) - [275] - (0.0.0.0) - C:\WINDOWS\WindowsUpdate.log [MD5.8C459D003560EA9817F7CDB29AA55382] - [30/10/2015 09:18:29] - |A| - (.© Microsoft Corporation. Tous droits réservés. - Relais Windows Winhlp32.) - [10240] - (10.0.10586.0) - C:\WINDOWS\winhlp32.exe [30/10/2015 08:28:30] - |D| - [6832707102] - C:\WINDOWS\WinSxS [MD5.E7E4D8D7340DA6934B9EA81CBB21374C] - [30/10/2015 09:18:41] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\WINDOWS\WMSysPr9.prx [MD5.E9C22DCE95A6E5B6C37FED42B3749E32] - [30/10/2015 09:18:14] - |A| - (.© Microsoft Corporation. - Windows Write.) - [11264] - (10.0.10586.0) - C:\WINDOWS\write.exe ---------- | Systemroot\System ---------- | Systemroot\Installer (Microsoft Files Whitelisted) [13/08/2014 11:16:04] - C:\WINDOWS\Installer\1008ce3d.msi : (OpenOffice 4.1.1 - OpenOffice) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [03/06/2016 10:06:56] - C:\WINDOWS\Installer\106b5ca2.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [22/11/2015 22:25:31] - C:\WINDOWS\Installer\1641a03.msi : (Dual-Core Optimizer - AMD) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/10/2015 17:42:54] - C:\WINDOWS\Installer\18f96360.msi : (Installs WD SmartWare - Western Digital Technologies, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/10/2015 17:56:20] - C:\WINDOWS\Installer\18f9636e.msi : (Installs WD Quick View - Western Digital Technologies, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/02/2014 11:09:02] - C:\WINDOWS\Installer\1ac1d.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [27/03/2014 07:00:22] - C:\WINDOWS\Installer\1ac27.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [01/03/2013 09:38:14] - C:\WINDOWS\Installer\1ac2c.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [02/04/2014 08:47:00] - C:\WINDOWS\Installer\1ac31.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/05/2014 05:08:52] - C:\WINDOWS\Installer\1ac36.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [10/02/2016 14:32:23] - C:\WINDOWS\Installer\1f311b.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [25/12/2014 10:58:07] - C:\WINDOWS\Installer\212a30.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/12/2014 01:19:02] - C:\WINDOWS\Installer\229e242.msi : ([ProductName] Installer - Apple Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [30/12/2014 01:19:06] - C:\WINDOWS\Installer\229e247.msi : (Logitech Gaming Software - Logitech Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/08/2015 01:37:39] - C:\WINDOWS\Installer\2568f9.msi : (VirtualDJ 8 Installer - Atomix Productions) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [11/05/2016 14:40:11] - C:\WINDOWS\Installer\27ca348a.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 22:43:25] - C:\WINDOWS\Installer\28bc02e2.msi : (Java SE Runtime Environment 8 Update 91 - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [05/07/2016 22:43:19] - C:\WINDOWS\Installer\28bc02e7.msi : (Java Auto Updater - Oracle Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [09/12/2013 16:26:18] - C:\WINDOWS\Installer\2ce37.msi : (Intel(R) Trusted Connect Service Client - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/05/2014 04:58:20] - C:\WINDOWS\Installer\305e8.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [13/07/2015 14:47:02] - C:\WINDOWS\Installer\3adc5.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 18:28:56] - C:\WINDOWS\Installer\439e8.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/11/2015 11:56:58] - C:\WINDOWS\Installer\48e730a0.msi : (Epic Games Launcher Prerequisites (x64) - Epic Games, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [19/09/2015 14:23:45] - C:\WINDOWS\Installer\4dd9d.msi : (Intel Processor Diagnostic Tool 64bit - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/04/2016 10:11:04] - C:\WINDOWS\Installer\4f35219.msi : (Intel(R) Product Improvement Program - Intel) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [28/04/2016 10:11:24] - C:\WINDOWS\Installer\4f3526f.msi : (Intel(R) Driver Update Utility 2.5 - Intel) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [17/02/2016 14:01:48] - C:\WINDOWS\Installer\4fd68e2.msi : (WIDCOMM Bluetooth Profile Pack - Broadcom Corp.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/02/2016 15:29:16] - C:\WINDOWS\Installer\4fd6a0a.msi : (Intel(R) Rapid Storage Technology - Intel Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [12/08/2015 18:28:56] - C:\WINDOWS\Installer\793b70.msi : ( - ASUS) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [29/10/2015 19:06:08] - C:\WINDOWS\Installer\89c13.msi : (System Requirements Lab Detection - Husdawg, LLC) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [23/02/2016 15:47:08] - C:\WINDOWS\Installer\9694b6.msi : (Hardware Detection DriversCloud.com - Cybelsoft) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] [08/08/2015 21:58:22] - C:\WINDOWS\Installer\c1930cc.msi : (Skype - Skype Technologies S.A.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000] ---------- | %System%\*.in* [30/10/2015 09:18:41] - [3458] - C:\WINDOWS\System32\ieuinit.inf [06/08/2015 11:44:11] - [1851820] - C:\WINDOWS\System32\PerfStringBackup.INI [30/10/2015 09:18:09] - [60124] - C:\WINDOWS\System32\tcpmon.ini [30/10/2015 09:17:49] - [2269] - C:\WINDOWS\System32\WimBootCompress.ini [30/10/2015 09:19:39] - [3458] - C:\WINDOWS\Syswow64\ieuinit.inf [28/02/2016 20:38:34] - [1878476] - C:\WINDOWS\Syswow64\PerfStringBackup.INI [30/10/2015 09:18:25] - [2269] - C:\WINDOWS\Syswow64\WimBootCompress.ini ---------- | [.android] [14/07/2016 23:54:06] - |A| - [1704] - C:\Users\Cédric\.android\adbkey [14/07/2016 23:54:06] - |A| - [716] - C:\Users\Cédric\.android\adbkey.pub ---------- | [.oracle_jre_usage] [10/02/2016 14:07:43] - |A| - [56] - C:\Users\Cédric\.oracle_jre_usage\48ac84126bcac2cc.timestamp [10/02/2016 14:30:59] - |A| - [56] - C:\Users\Cédric\.oracle_jre_usage\48ac84126bcac2cd.timestamp [12/06/2016 14:21:41] - |A| - [56] - C:\Users\Cédric\.oracle_jre_usage\48ac84126bcac308.timestamp [13/01/2016 23:07:24] - |A| - [50] - C:\Users\Cédric\.oracle_jre_usage\90737d32e3aba4b.timestamp [10/02/2016 14:09:49] - |A| - [50] - C:\Users\Cédric\.oracle_jre_usage\90737d32e3aba67.timestamp [10/02/2016 14:27:18] - |A| - [50] - C:\Users\Cédric\.oracle_jre_usage\90737d32e3aba68.timestamp ---------- | [3D Objects] [07/08/2015 16:14:49] - |A| - [195947] - C:\Users\Cédric\3D Objects\Bulldozer.3mf [07/08/2015 16:14:49] - |A| - [228455] - C:\Users\Cédric\3D Objects\Caboose car.3mf [07/08/2015 16:14:49] - |A| - [159054] - C:\Users\Cédric\3D Objects\Chess Set.3mf [07/08/2015 16:14:49] - |A| - [23819] - C:\Users\Cédric\3D Objects\Cone Shape.3mf [07/08/2015 16:14:49] - |A| - [10542] - C:\Users\Cédric\3D Objects\Cube Shape.3mf [07/08/2015 16:14:49] - |A| - [615844] - C:\Users\Cédric\3D Objects\Cup Trophy.3mf [07/08/2015 16:14:49] - |A| - [23566] - C:\Users\Cédric\3D Objects\Cylinder Shape.3mf [07/08/2015 16:14:49] - |ASH| - [298] - C:\Users\Cédric\3D Objects\desktop.ini [07/08/2015 16:14:49] - |A| - [190396] - C:\Users\Cédric\3D Objects\Gift Box.3mf [07/08/2015 16:14:49] - |A| - [306810] - C:\Users\Cédric\3D Objects\Gimble Keychain.3mf [07/08/2015 16:14:49] - |A| - [9766] - C:\Users\Cédric\3D Objects\Hexagon Shape.3mf [07/08/2015 16:14:49] - |A| - [54651] - C:\Users\Cédric\3D Objects\Keychain.3mf [07/08/2015 16:14:49] - |A| - [177308] - C:\Users\Cédric\3D Objects\Left Curve Track.3mf [07/08/2015 16:14:49] - |A| - [121342] - C:\Users\Cédric\3D Objects\Pencil Box.3mf [07/08/2015 16:14:49] - |A| - [5997] - C:\Users\Cédric\3D Objects\Pyramid Shape.3mf [07/08/2015 16:14:49] - |A| - [147886] - C:\Users\Cédric\3D Objects\Right Curve Track.3mf [07/08/2015 16:14:49] - |A| - [119828] - C:\Users\Cédric\3D Objects\Ship in a Bottle.3mf [23/01/2016 19:35:47] - |A| - [211318] - C:\Users\Cédric\3D Objects\Space Shuttle.3mf [07/08/2015 16:14:49] - |A| - [133450] - C:\Users\Cédric\3D Objects\Sphere Shape.3mf [07/08/2015 16:14:49] - |A| - [237677] - C:\Users\Cédric\3D Objects\Split Track.3mf [23/01/2016 19:35:47] - |A| - [295552] - C:\Users\Cédric\3D Objects\Star Trophy.3mf [07/08/2015 16:14:49] - |A| - [129794] - C:\Users\Cédric\3D Objects\Straight Track.3mf [23/01/2016 19:35:47] - |A| - [17897] - C:\Users\Cédric\3D Objects\Tetrahedron Shape.3mf [23/01/2016 19:35:47] - |A| - [283532] - C:\Users\Cédric\3D Objects\Torus Shape.3mf [07/08/2015 16:14:49] - |A| - [170238] - C:\Users\Cédric\3D Objects\Track Connector.3mf [07/08/2015 16:14:49] - |A| - [307198] - C:\Users\Cédric\3D Objects\Train Engine.3mf [07/08/2015 16:14:49] - |A| - [58782] - C:\Users\Cédric\3D Objects\Trophy Box.3mf [23/01/2016 19:35:47] - |A| - [232957] - C:\Users\Cédric\3D Objects\Trophy Cylinder.3mf [07/08/2015 16:14:49] - |A| - [7431] - C:\Users\Cédric\3D Objects\Wedge Shape.3mf [23/01/2016 19:35:47] - |A| - [117514] - C:\Users\Cédric\3D Objects\Windmill.3mf ---------- | [AppData] [16/11/2015 23:52:25] - |D| - [15384576839] - C:\Users\Cédric\AppData\Local [25/12/2014 10:35:41] - |D| - [497077399] - C:\Users\Cédric\AppData\LocalLow [15/04/2015 19:53:33] - |A| - [80] - C:\Users\Cédric\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦 [16/11/2015 23:52:25] - |D| - [3479125083] - C:\Users\Cédric\AppData\Roaming [18/01/2015 18:27:39] - |A| - [385] - C:\Users\Cédric\AppData\Roaminguser_gensett.xml [19/01/2015 23:08:33] - |D| - [1211] - C:\Users\Cédric\AppData\Temp ---------- | [Application Data] ---------- | [Contacts] [25/12/2014 10:36:24] - |ASH| - [412] - C:\Users\Cédric\Contacts\desktop.ini ---------- | [Cookies] ---------- | [Desktop] [15/07/2016 14:00:00] - |AH| - [97] - C:\Users\Cédric\Desktop\.~lock.Nouveau Texte OpenDocument.odt# [14/05/2015 23:32:51] - |A| - [1024] - C:\Users\Cédric\Desktop\Battle.net.lnk [15/07/2016 15:03:19] - |D| - [32903] - C:\Users\Cédric\Desktop\Cours [25/12/2014 10:36:24] - |ASH| - [456] - C:\Users\Cédric\Desktop\desktop.ini [25/01/2015 22:22:37] - |D| - [554947358] - C:\Users\Cédric\Desktop\Documents [12/10/2015 19:35:18] - |D| - [0] - C:\Users\Cédric\Desktop\GodMode.{ED7BA470-8E54-465E-825C-99712043E01C} [29/12/2014 02:36:42] - |D| - [2587754608] - C:\Users\Cédric\Desktop\Jeux [26/10/2015 04:07:21] - |A| - [26] - C:\Users\Cédric\Desktop\L'élément Ken Robinson.txt [29/12/2014 02:37:17] - |RD| - [1395973] - C:\Users\Cédric\Desktop\Logiciels [14/05/2015 23:30:53] - |A| - [952] - C:\Users\Cédric\Desktop\Origin.lnk [26/12/2014 15:26:34] - |D| - [69196908] - C:\Users\Cédric\Desktop\saves [17/01/2015 20:03:10] - |D| - [235699643] - C:\Users\Cédric\Desktop\Serveur [30/05/2016 23:04:12] - |D| - [1388091004] - C:\Users\Cédric\Desktop\The.Song.of.Seven.Chapter.One-CODEX [29/12/2014 13:32:19] - |A| - [1276] - C:\Users\Cédric\Desktop\Uplay.lnk ---------- | [Documents] [22/02/2016 22:12:35] - |D| - [29797121] - C:\Users\Cédric\Documents\Banished [25/12/2014 17:51:39] - |D| - [1026549] - C:\Users\Cédric\Documents\Battlefield 3 [11/04/2016 13:27:31] - |D| - [1027805] - C:\Users\Cédric\Documents\Battlefield 4 [17/01/2015 10:57:21] - |D| - [3050161] - C:\Users\Cédric\Documents\Bioshock [25/12/2014 10:37:01] - |D| - [0] - C:\Users\Cédric\Documents\Bluetooth Exchange Folder [08/08/2015 23:29:27] - |D| - [0] - C:\Users\Cédric\Documents\Clownfish Avatars [22/02/2015 16:10:52] - |D| - [1817698] - C:\Users\Cédric\Documents\DeadIsland [25/12/2014 10:36:25] - |ASH| - [402] - C:\Users\Cédric\Documents\desktop.ini [31/05/2015 15:02:21] - |D| - [0] - C:\Users\Cédric\Documents\Diablo III [19/02/2015 22:04:09] - |D| - [16995721] - C:\Users\Cédric\Documents\Dolphin Emulator [03/01/2016 20:06:32] - |D| - [618381] - C:\Users\Cédric\Documents\DyingLight [12/09/2015 19:44:05] - |D| - [9221682] - C:\Users\Cédric\Documents\EA Games [14/01/2015 17:35:34] - |D| - [0] - C:\Users\Cédric\Documents\Electronic Arts [26/12/2014 15:39:35] - |D| - [0] - C:\Users\Cédric\Documents\Games for Windows - LIVE Demos [11/04/2015 17:56:23] - |D| - [707042939] - C:\Users\Cédric\Documents\Heroes of the Storm [16/11/2015 23:52:25] - |SHD| - [0] - C:\Users\Cédric\Documents\Ma musique [25/12/2014 21:46:50] - |D| - [24793148] - C:\Users\Cédric\Documents\ManiaPlanet [16/11/2015 23:52:25] - |SHD| - [0] - C:\Users\Cédric\Documents\Mes images [16/11/2015 23:52:25] - |SHD| - [0] - C:\Users\Cédric\Documents\Mes vidéos [15/04/2015 18:53:27] - |D| - [0] - C:\Users\Cédric\Documents\My Cheat Tables [25/01/2015 22:30:50] - |D| - [96902418] - C:\Users\Cédric\Documents\My Games [25/02/2016 17:53:43] - |D| - [9240] - C:\Users\Cédric\Documents\Overwatch [11/08/2015 16:49:12] - |D| - [1211292] - C:\Users\Cédric\Documents\Pro Cycling Manager 2015 [29/12/2014 13:50:47] - |D| - [0] - C:\Users\Cédric\Documents\ProfileCache [15/04/2015 19:53:34] - |D| - [1525618689] - C:\Users\Cédric\Documents\Rockstar Games [05/06/2016 14:30:26] - |D| - [0] - C:\Users\Cédric\Documents\SideSync [08/08/2015 23:29:28] - |D| - [0] - C:\Users\Cédric\Documents\Skype Voice Records [11/07/2016 14:14:24] - |D| - [151944] - C:\Users\Cédric\Documents\Sports Interactive [13/12/2015 01:02:56] - |D| - [3882131] - C:\Users\Cédric\Documents\Telltale Games [29/12/2014 13:50:48] - |D| - [1060180] - C:\Users\Cédric\Documents\The Crew [10/05/2015 22:00:07] - |D| - [19158061] - C:\Users\Cédric\Documents\The Witcher [13/04/2016 20:38:19] - |D| - [120111] - C:\Users\Cédric\Documents\TrackmaniaTurbo [25/06/2015 20:35:04] - |D| - [622] - C:\Users\Cédric\Documents\TrialsFusion [20/09/2015 21:20:03] - |D| - [249881184] - C:\Users\Cédric\Documents\Unreal Projects [19/08/2015 01:38:47] - |D| - [39237095] - C:\Users\Cédric\Documents\VirtualDJ [24/07/2015 16:31:10] - |D| - [389544] - C:\Users\Cédric\Documents\WB Games [26/10/2015 20:01:10] - |D| - [1040738] - C:\Users\Cédric\Documents\Witcher 2 ---------- | [Downloads] [11/07/2016 14:08:33] - |D| - [0] - C:\Users\Cédric\Downloads\9.2 [11/07/2016 13:28:26] - |A| - [13705620] - C:\Users\Cédric\Downloads\9.2.rar [17/07/2016 01:00:00] - |A| - [3712064] - C:\Users\Cédric\Downloads\adwcleaner_5.201 (1).exe [17/07/2016 00:45:26] - |A| - [3712064] - C:\Users\Cédric\Downloads\adwcleaner_5.201.exe [22/06/2016 16:55:47] - |A| - [2822620] - C:\Users\Cédric\Downloads\AMIDST-3.7.exe [25/12/2014 10:36:25] - |ASH| - [282] - C:\Users\Cédric\Downloads\desktop.ini [12/07/2016 22:02:36] - |A| - [26331] - C:\Users\Cédric\Downloads\evoland.2.a.slight.case.of.spacetime.continuum.disorder.2.0.1.3.gog.torrent [11/07/2016 14:08:27] - |D| - [5175970002] - C:\Users\Cédric\Downloads\Football Manager 2016_16.2.0 [06/04/2016 18:58:54] - |A| - [1359360] - C:\Users\Cédric\Downloads\HOTS Logs Uploader.exe [01/06/2016 13:12:35] - |A| - [80822] - C:\Users\Cédric\Downloads\Leeroy Jenkins - Gaming Sound Effect (HD).mp3 [17/07/2016 00:23:07] - |A| - [22851472] - C:\Users\Cédric\Downloads\mbam-setup-2.2.1.1043.exe [16/07/2016 15:59:13] - |A| - [223457479] - C:\Users\Cédric\Downloads\MvrDv4.0.3-MPCG.rar [17/07/2016 02:14:43] - |A| - [422745712] - C:\Users\Cédric\Downloads\Non confirmé 338324.crdownload [14/07/2016 19:02:24] - |D| - [81042845] - C:\Users\Cédric\Downloads\Nouveau dossier [13/07/2016 14:47:32] - |A| - [712048640] - C:\Users\Cédric\Downloads\plaza-speedrunners.iso [17/07/2016 04:22:20] - |A| - [2154408] - C:\Users\Cédric\Downloads\QuickDiag.exe [15/07/2016 01:15:48] - |A| - [13062144] - C:\Users\Cédric\Downloads\recovery.img [14/07/2016 23:37:20] - |A| - [13066240] - C:\Users\Cédric\Downloads\recovery.img.tar [12/07/2016 01:22:53] - |A| - [4124579] - C:\Users\Cédric\Downloads\Uppermost - Beautiful Light.mp3 [05/03/2016 21:40:36] - |D| - [910513787] - C:\Users\Cédric\Downloads\VoxelWorldGame [20/04/2016 00:36:02] - |A| - [829963435] - C:\Users\Cédric\Downloads\wsFilm4aed56812.FRENCH.720p.HDTV.x264.mkv [12/07/2016 22:00:30] - |A| - [37903] - C:\Users\Cédric\Downloads\[kat.cr]evoland.2.cracked.torrent ---------- | [Favorites] [25/12/2014 10:36:24] - |D| - [455] - C:\Users\Cédric\Favorites\ASUS E-Service [25/12/2014 10:36:24] - |A| - [208] - C:\Users\Cédric\Favorites\Bing.url [25/12/2014 10:36:24] - |ASH| - [402] - C:\Users\Cédric\Favorites\desktop.ini [20/09/2015 20:55:26] - |D| - [0] - C:\Users\Cédric\Favorites\Liens [25/12/2014 10:36:21] - |RD| - [80] - C:\Users\Cédric\Favorites\Links ---------- | [Intel] [28/02/2016 20:37:53] - |D| - [2590465] - C:\Users\Cédric\Intel\Logs ---------- | [IntelGraphicsProfiles] [25/12/2014 10:36:13] - |ASH| - [8148] - C:\Users\Cédric\IntelGraphicsProfiles\Accroître la luminosité.man.igpi [25/12/2014 10:36:14] - |ASH| - [8148] - C:\Users\Cédric\IntelGraphicsProfiles\Améliorer les couleurs.man.igpi [25/12/2014 10:36:13] - |ASH| - [8148] - C:\Users\Cédric\IntelGraphicsProfiles\Réduire la luminosité.man.igpi ---------- | [Links] [25/12/2014 10:36:25] - |SH| - [658] - C:\Users\Cédric\Links\desktop.ini [25/12/2014 10:36:25] - |A| - [497] - C:\Users\Cédric\Links\Desktop.lnk [25/12/2014 10:36:25] - |A| - [954] - C:\Users\Cédric\Links\Downloads.lnk [25/12/2014 10:36:25] - |A| - [383] - C:\Users\Cédric\Links\RecentPlaces.lnk ---------- | [Local Settings] ---------- | [Menu Démarrer] ---------- | [Mes documents] ---------- | [Modèles] ---------- | [Music] [25/12/2014 10:36:24] - |ASH| - [504] - C:\Users\Cédric\Music\desktop.ini [10/03/2014 03:11:24] - |D| - [211722305] - C:\Users\Cédric\Music\Electro House [23/03/2015 23:41:26] - |D| - [113936824] - C:\Users\Cédric\Music\Flvto Downloads [05/11/2015 21:55:41] - |A| - [5562774] - C:\Users\Cédric\Music\High Five Crew - AWÉ.mp3 [23/12/2015 19:58:46] - |D| - [81496453] - C:\Users\Cédric\Music\High Five Crew - Les Cas Décollent [14/02/2016 18:20:48] - |A| - [4617353] - C:\Users\Cédric\Music\I Got You - Duke Dumont (feat. Jax Jones).mp3 [28/02/2015 19:40:28] - |D| - [0] - C:\Users\Cédric\Music\iPod [13/04/2013 20:35:57] - |RD| - [236280849] - C:\Users\Cédric\Music\Musiques Ced [17/09/2015 22:23:57] - |A| - [3649358] - C:\Users\Cédric\Music\Nekfeu x Krimsa - La main sur le mic HD (prod Kamnouze).mp3 [16/09/2015 21:46:22] - |A| - [8464803] - C:\Users\Cédric\Music\The Avener - Panama.mp3 ---------- | [OneDrive] [25/12/2015 12:26:46] - |AHT| - [0] - C:\Users\Cédric\OneDrive\.849C9593-D756-4E56-8D6E-42412F2A707B [25/12/2014 10:39:39] - |SH| - [344] - C:\Users\Cédric\OneDrive\desktop.ini [25/12/2014 10:39:39] - |ADO| - [120] - C:\Users\Cédric\OneDrive\Documents [25/12/2014 10:39:45] - |ADO| - [0] - C:\Users\Cédric\OneDrive\Images [18/08/2015 14:03:33] - |D| - [0] - C:\Users\Cédric\OneDrive\Music ---------- | [Pictures] [27/06/2016 21:22:06] - |A| - [58127] - C:\Users\Cédric\Pictures\10420007_666022440176978_6436864310772051022_n.jpg [12/04/2015 19:16:56] - |A| - [10233] - C:\Users\Cédric\Pictures\11016095_10152895230947725_7029123154025516465_n.jpg [02/05/2016 22:17:54] - |A| - [6260] - C:\Users\Cédric\Pictures\11029557_786272304782485_7060454208340480380_n.jpg [02/05/2016 22:17:50] - |A| - [3847] - C:\Users\Cédric\Pictures\11038118_786272244782491_4769525477303024608_n.jpg [23/01/2016 20:12:21] - |A| - [5683] - C:\Users\Cédric\Pictures\12360282_838048756307678_611729208435859552_n.jpg [15/02/2016 00:06:25] - |A| - [96967] - C:\Users\Cédric\Pictures\12565547_861982187247668_8058441175101059199_n.jpg [23/05/2016 22:00:10] - |A| - [24208] - C:\Users\Cédric\Pictures\12936653_10206166217543467_8434453104932552978_n.jpg [30/05/2016 21:33:34] - |A| - [15841] - C:\Users\Cédric\Pictures\13315649_1717169145198387_2041303326625573994_n.jpg [01/06/2016 20:59:16] - |A| - [367332] - C:\Users\Cédric\Pictures\13343034_1279296578766531_8876610367417237788_n.png [07/07/2016 22:34:48] - |A| - [43922] - C:\Users\Cédric\Pictures\13557745_902276863216315_2842358943217969361_n.jpg [07/07/2016 22:31:53] - |A| - [36952] - C:\Users\Cédric\Pictures\13606939_10154399645082941_6450005656983442531_n.jpg [07/07/2016 22:36:30] - |A| - [64309] - C:\Users\Cédric\Pictures\13612191_10154328092132171_2535744450096337390_n.jpg [30/06/2016 23:03:37] - |A| - [143184] - C:\Users\Cédric\Pictures\1451865377966.jpg [09/01/2016 14:15:03] - |A| - [16430] - C:\Users\Cédric\Pictures\3639708_300x300.jpg [28/02/2015 18:19:21] - |A| - [1050825] - C:\Users\Cédric\Pictures\3d12.jpg [28/02/2015 18:19:21] - |A| - [1242309] - C:\Users\Cédric\Pictures\3d13.jpg [23/05/2015 13:45:07] - |D| - [21936923] - C:\Users\Cédric\Pictures\autres fonds d'écran [09/01/2016 21:51:13] - |A| - [50431] - C:\Users\Cédric\Pictures\avatar-mnk.jpeg [03/04/2015 18:37:32] - |A| - [9262] - C:\Users\Cédric\Pictures\avatar.jpg [28/12/2014 18:14:41] - |RD| - [174] - C:\Users\Cédric\Pictures\Camera Roll [09/01/2016 14:14:55] - |A| - [70005] - C:\Users\Cédric\Pictures\d8fbe1ad643b6b72dd4ab7b201148b98.jpg [25/12/2014 10:36:24] - |ASH| - [504] - C:\Users\Cédric\Pictures\desktop.ini [23/01/2016 15:12:10] - |A| - [3264203] - C:\Users\Cédric\Pictures\DSC_0567.JPG [30/06/2016 22:51:31] - |A| - [12044] - C:\Users\Cédric\Pictures\eJwFwdsNwyAMAMBdGAAHGl7ZBoFLkCBGYL6i7t67V-zZxCVu5rEugFxXopnlYpqxoCxEpWEcdclEHSJzTHfHhxco_9FOm9MfNmjnbLCgglfOG2usP1xQxpyQMM-avjg7ciwbd0M5niJ-f8-zJ8Q.8sKRCwJBrEObS5qa1Uu2YPeO-fo.png [30/06/2016 22:55:26] - |A| - [25506] - C:\Users\Cédric\Pictures\eJwFwVEOxBAQANC7OIBZlKG3EWZVQgnTr2bvvu-94llNnOJinvsEyHWnsbLcPFYsJMsYpVGcdcs0OkTmmK5ON29Q3mjU9vAfFzSiCw5U8AqDNd6gsXg46yFRXjV9aXXiWB56Gsl5F_H7A9AUJ8g.wuaX0MCR9sZfE4oDLXo1bvOADpw.png [27/12/2014 15:41:08] - |D| - [11506392] - C:\Users\Cédric\Pictures\Fond d'écran [11/07/2016 03:09:55] - |A| - [34671] - C:\Users\Cédric\Pictures\fous-centime-en-tal.jpg [28/02/2015 18:19:21] - |A| - [1796677] - C:\Users\Cédric\Pictures\IMG_20140620_100452_1CS.jpg [09/01/2016 21:54:29] - |A| - [14551] - C:\Users\Cédric\Pictures\mnk_crew_1.jpg [06/04/2016 20:02:55] - |D| - [0] - C:\Users\Cédric\Pictures\Overwolf [20/02/2015 00:07:38] - |D| - [15390352] - C:\Users\Cédric\Pictures\Photoshop [18/10/2015 23:06:15] - |A| - [54580] - C:\Users\Cédric\Pictures\photo_148.jpg [06/08/2015 12:04:09] - |RD| - [190] - C:\Users\Cédric\Pictures\Saved Pictures [18/04/2016 18:17:52] - |A| - [143142] - C:\Users\Cédric\Pictures\Snapchat-1244517598921445610.jpg [18/04/2016 18:18:12] - |A| - [133926] - C:\Users\Cédric\Pictures\Snapchat-789426870599379072.jpg [11/07/2016 03:14:46] - |A| - [126348] - C:\Users\Cédric\Pictures\syrian-lannister-Abu-Ahmad-Al-Chihuahua.jpg [03/03/2015 00:14:13] - |A| - [9288] - C:\Users\Cédric\Pictures\téléchargement (1).jpg [03/03/2015 00:12:42] - |A| - [6285] - C:\Users\Cédric\Pictures\téléchargement.jpg [15/02/2016 00:04:06] - |A| - [2164] - C:\Users\Cédric\Pictures\téléchargement.png [29/12/2014 13:33:09] - |D| - [0] - C:\Users\Cédric\Pictures\Uplay ---------- | [Recent] ---------- | [Saved Games] [25/12/2014 10:36:25] - |ASH| - [282] - C:\Users\Cédric\Saved Games\desktop.ini [16/01/2015 23:51:05] - |D| - [473044] - C:\Users\Cédric\Saved Games\Risen ---------- | [Searches] [25/12/2014 10:36:25] - |ASH| - [524] - C:\Users\Cédric\Searches\desktop.ini [25/12/2014 10:36:25] - |RAH| - [248] - C:\Users\Cédric\Searches\Everywhere.search-ms [25/12/2014 10:36:25] - |RAH| - [248] - C:\Users\Cédric\Searches\Indexed Locations.search-ms [25/12/2014 10:36:48] - |A| - [855] - C:\Users\Cédric\Searches\winrt--{S-1-5-21-4256550607-910914473-3542436597-1001}-.searchconnector-ms ---------- | [SendTo] ---------- | [Tracing] [08/08/2015 22:08:59] - |D| - [720896] - C:\Users\Cédric\Tracing\WPPMedia ---------- | [Videos] [06/08/2015 12:29:00] - |RD| - [190] - C:\Users\Cédric\Videos\Captures [25/12/2014 10:36:24] - |ASH| - [504] - C:\Users\Cédric\Videos\desktop.ini [25/04/2015 14:02:49] - |D| - [1471801344] - C:\Users\Cédric\Videos\films [10/02/2016 14:36:23] - |A| - [547509991] - C:\Users\Cédric\Videos\LEVEL 1 - LET’S PLAY DOCTOR.mp4 [06/04/2016 20:02:55] - |D| - [0] - C:\Users\Cédric\Videos\Overwolf [21/04/2016 19:23:59] - |D| - [63002549028] - C:\Users\Cédric\Videos\Séries ---------- | [Voisinage d'impression] ---------- | [Voisinage réseau] ---------- | C:\ProgramData [19/03/2016 01:38:30] - |D| - [0] - C:\ProgramData\.mono [19/02/2015 02:35:12] - |A| - [273086] - C:\ProgramData\1424305998.bdinstall.bin [07/01/2015 22:47:42] - |D| - [359733328] - C:\ProgramData\Adobe [30/12/2014 01:19:03] - |D| - [2682368] - C:\ProgramData\Apple [17/11/2015 00:13:55] - |SHD| - [203108316860] - C:\ProgramData\Application Data [06/08/2015 12:02:13] - |D| - [1301832] - C:\ProgramData\ASUS Smart Gesture [15/05/2014 17:58:44] - |D| - [2282] - C:\ProgramData\ASUS WebStorage [15/05/2014 17:58:15] - |D| - [12618] - C:\ProgramData\ASUSLogos [19/02/2015 02:42:02] - |D| - [17538148] - C:\ProgramData\AVAST Software [25/12/2014 11:21:10] - |D| - [71021084] - C:\ProgramData\Battle.net [18/01/2015 18:26:25] - |D| - [1021084] - C:\ProgramData\BDLogging [25/12/2014 11:24:19] - |D| - [616280854] - C:\ProgramData\Blizzard Entertainment [25/12/2014 21:19:17] - |D| - [1504] - C:\ProgramData\BlueStacks [01/06/2015 18:00:29] - |D| - [0] - C:\ProgramData\boost_interprocess [06/08/2015 11:54:33] - |SHD| - [2036] - C:\ProgramData\Bureau [30/10/2015 09:24:24] - |D| - [0] - C:\ProgramData\Comms [16/11/2015 23:47:02] - |D| - [4507605] - C:\ProgramData\Conexant [26/12/2014 00:12:41] - |D| - [1877] - C:\ProgramData\CyberLink [24/07/2015 13:03:51] - |D| - [3120] - C:\ProgramData\DAEMON Tools Lite [01/02/2015 15:40:16] - |D| - [3028] - C:\ProgramData\DatacardService [17/11/2015 00:13:55] - |SHD| - [757461895] - C:\ProgramData\Documents [14/02/2016 18:52:50] - |AD| - [1597184] - C:\ProgramData\DriversCloud.com [25/12/2014 17:49:36] - |D| - [0] - C:\ProgramData\EA Core [25/12/2014 17:49:32] - |D| - [1754] - C:\ProgramData\EA Logs [25/12/2014 11:39:03] - |D| - [4183999797] - C:\ProgramData\Electronic Arts [20/09/2015 19:03:32] - |D| - [148337063] - C:\ProgramData\Epic [18/09/2014 01:10:20] - |D| - [124281] - C:\ProgramData\install_clap [18/09/2014 00:50:14] - |D| - [5644354] - C:\ProgramData\Intel [19/09/2015 14:12:36] - |D| - [1323] - C:\ProgramData\IntelDLM [30/12/2014 01:32:19] - |D| - [255] - C:\ProgramData\LogiShrd [31/01/2015 23:46:02] - |D| - [0] - C:\ProgramData\LogMeIn [25/12/2014 20:55:34] - |AD| - [5589712] - C:\ProgramData\ma-config.com [17/07/2016 00:24:33] - |D| - [13268161] - C:\ProgramData\Malwarebytes [25/12/2014 21:46:19] - |D| - [2164359779] - C:\ProgramData\ManiaPlanet [18/09/2014 01:11:32] - |D| - [183210607] - C:\ProgramData\McAfee [06/08/2015 11:54:33] - |SHD| - [192158] - C:\ProgramData\Menu Démarrer [30/10/2015 09:24:24] - |SD| - [1633358559] - C:\ProgramData\Microsoft [01/04/2015 18:38:22] - |D| - [0] - C:\ProgramData\Microsoft OneDrive [06/08/2015 11:54:33] - |SHD| - [31386] - C:\ProgramData\Modèles [23/07/2015 04:22:41] - |D| - [164] - C:\ProgramData\Mozilla [13/04/2016 22:56:53] - |RASH| - [290] - C:\ProgramData\ntuser.pol [16/11/2015 23:49:29] - |D| - [259] - C:\ProgramData\NVIDIA [16/11/2015 23:49:18] - |D| - [1606461763] - C:\ProgramData\NVIDIA Corporation [16/01/2015 18:18:47] - |D| - [70997662] - C:\ProgramData\Oracle [04/01/2016 22:13:59] - |D| - [97069] - C:\ProgramData\Orbit [25/12/2014 11:39:03] - |D| - [12487895] - C:\ProgramData\Origin [18/09/2014 01:08:38] - |AD| - [2233] - C:\ProgramData\P4G [18/09/2014 01:10:56] - |D| - [96999490] - C:\ProgramData\Package Cache [28/12/2014 16:18:57] - |D| - [0] - C:\ProgramData\Picroma [07/03/2015 13:24:00] - |D| - [51335360] - C:\ProgramData\PopCap Games [08/01/2015 21:05:24] - |D| - [1706] - C:\ProgramData\regid.1986-12.com.adobe [30/10/2015 09:24:24] - |AD| - [4211] - C:\ProgramData\regid.1991-06.com.microsoft [05/06/2016 14:28:43] - |D| - [504087] - C:\ProgramData\Samsung [15/05/2014 17:58:15] - |A| - [256] - C:\ProgramData\SetStretch.cmd [15/05/2014 17:58:15] - |A| - [24576] - C:\ProgramData\SetStretch.exe [15/05/2014 17:58:15] - |A| - [103] - C:\ProgramData\SetStretch.VBS [16/11/2015 23:44:07] - |D| - [53473530] - C:\ProgramData\SetupTPDriver [22/02/2016 19:48:44] - |D| - [0] - C:\ProgramData\SkidRow [07/08/2015 22:53:01] - |D| - [124324040] - C:\ProgramData\Skype [30/10/2015 09:24:24] - |D| - [0] - C:\ProgramData\SoftwareDistribution [24/07/2015 16:31:08] - |D| - [6313447884] - C:\ProgramData\Steam [18/09/2014 01:10:20] - |D| - [42280] - C:\ProgramData\Temp [13/04/2016 20:38:20] - |D| - [54] - C:\ProgramData\TrackmaniaTurbo [21/07/2015 23:28:35] - |D| - [0] - C:\ProgramData\Unity [25/12/2014 10:36:51] - |D| - [466] - C:\ProgramData\USBChargerPlus [30/10/2015 09:24:24] - |D| - [4635] - C:\ProgramData\USOPrivate [10/07/2015 14:22:45] - |D| - [2920448] - C:\ProgramData\USOShared [15/05/2014 17:58:44] - |D| - [2282] - C:\ProgramData\WebStorage [25/12/2015 10:55:25] - |D| - [38777405] - C:\ProgramData\Western Digital [15/05/2014 17:59:25] - |D| - [422458] - C:\ProgramData\WildTangent ---------- | C:\ProgramData\Microsoft\Windows\Start Menu [30/10/2015 09:24:28] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini [06/08/2015 11:54:33] - |SHD| - [191984] - C:\ProgramData\Microsoft\Windows\Start Menu\Programmes [30/10/2015 09:24:24] - |RD| - [191984] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs [30/10/2015 09:24:24] - |RD| - [1698] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility [30/10/2015 09:24:24] - |RD| - [16946] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories [30/10/2015 09:24:24] - |RD| - [21964] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [08/01/2015 22:27:11] - |A| - [1422] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk [08/01/2015 22:28:20] - |A| - [1102] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2014.lnk [15/05/2014 17:58:45] - |D| - [16471] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS [22/02/2016 22:06:30] - |A| - [779] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Banished.lnk [25/12/2014 11:24:22] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net [25/12/2014 11:16:03] - |D| - [980] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [20/02/2015 16:08:48] - |D| - [1123] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks [04/04/2016 18:56:17] - |D| - [3086] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID [28/12/2014 16:23:05] - |D| - [706] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cube World [30/10/2015 09:24:28] - |ASH| - [1140] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini [30/10/2015 09:18:13] - |RAS| - [853] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop.lnk [30/10/2015 09:19:28] - |RAS| - [2197] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Devices Flow.lnk [14/04/2016 03:26:39] - |D| - [1945] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragonball Xenoverse Bundle Edition [28/02/2016 20:18:51] - |D| - [3868] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com [20/09/2015 19:03:42] - |A| - [1228] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk [15/05/2014 17:59:28] - |RD| - [95] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games [25/12/2014 10:59:21] - |A| - [2272] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [25/12/2014 11:25:49] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone [12/07/2016 17:55:01] - |D| - [786] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Heroes of the Storm [30/10/2015 09:19:28] - |RAS| - [2349] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk [21/05/2016 19:39:14] - |RD| - [2473] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [19/09/2015 14:24:28] - |D| - [4286] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Corporation [21/05/2016 19:21:37] - |D| - [1259] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility [18/09/2014 00:50:58] - |A| - [724] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk [05/07/2016 22:43:40] - |D| - [7039] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [30/12/2014 01:18:45] - |D| - [981] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [30/10/2015 09:24:24] - |D| - [170] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance [17/07/2016 00:24:39] - |D| - [5279] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware [25/12/2014 21:46:50] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManiaPlanet [26/07/2015 23:34:37] - |D| - [1223] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace [01/04/2015 18:34:20] - |D| - [24440] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 [24/07/2015 14:16:11] - |D| - [1939] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle-earth - Shadow of Mordor GOTY [26/11/2015 22:55:17] - |D| - [1739] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Story Mode Episode 3 [21/11/2015 16:00:21] - |D| - [1670] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft Story Mode Episode 2 [30/10/2015 09:17:57] - |RAS| - [2219] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiracastView.lnk [23/07/2015 04:22:41] - |A| - [1944] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [23/07/2015 13:34:05] - |D| - [1049] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [18/09/2014 00:54:58] - |D| - [1470] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [23/09/2015 20:27:39] - |SD| - [7392] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 [06/06/2016 20:58:34] - |D| - [723] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overwatch [30/10/2015 09:19:28] - |RAS| - [2199] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrintDialog.lnk [11/08/2015 16:48:15] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Cycling Manager 2015 [22/02/2016 19:45:07] - |D| - [2178] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Psyonix [05/06/2016 14:29:38] - |D| - [2220] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung [30/10/2015 09:18:07] - |RAS| - [1588] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk [07/01/2016 20:13:01] - |D| - [2139] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [23/11/2015 21:34:51] - |D| - [1486] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Lost World [30/10/2015 09:24:24] - |RD| - [1024] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp [25/12/2014 11:42:48] - |D| - [704] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam [30/10/2015 09:24:24] - |RD| - [4273] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools [30/10/2015 21:03:03] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC [13/12/2015 00:52:51] - |D| - [1669] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tom Clancys Rainbow Six Siege [13/04/2016 19:53:16] - |D| - [1524] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trackmania Turbo [01/05/2015 19:01:52] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft [21/07/2015 22:35:08] - |D| - [2122] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.1.2f1 (64-bit) [26/12/2014 16:15:47] - |D| - [6014] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [19/03/2016 18:42:39] - |D| - [2486] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.0 [25/12/2015 10:55:49] - |D| - [2532] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital [16/11/2015 23:59:12] - |A| - [1552] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [08/01/2015 20:55:42] - |D| - [4313] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR [05/07/2015 23:03:00] - |D| - [932] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft ---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [21/05/2016 19:32:30] - |A| - [850] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [30/10/2015 09:24:28] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini ---------- | C:\Program Files (x86) [08/01/2015 21:18:06] - |D| - [0] - C:\Program Files (x86)\Adobe [22/11/2015 22:25:34] - |D| - [104114] - C:\Program Files (x86)\AMD [16/11/2015 23:47:07] - |D| - [145004576] - C:\Program Files (x86)\ASUS [28/08/2015 23:42:52] - |A| - [0] - C:\Program Files (x86)\Battle.net [06/06/2015 15:50:58] - |AD| - [15830636] - C:\Program Files (x86)\Battlelog Web Plugins [30/12/2014 01:19:03] - |AD| - [631135] - C:\Program Files (x86)\Bonjour [20/02/2015 16:08:44] - |D| - [259643979] - C:\Program Files (x86)\CodeBlocks [30/10/2015 08:28:30] - |D| - [356303362] - C:\Program Files (x86)\Common Files [30/10/2015 09:24:28] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini [25/12/2014 10:58:07] - |D| - [652204595] - C:\Program Files (x86)\Google [28/08/2015 23:42:52] - |A| - [0] - C:\Program Files (x86)\Hearthstone [18/09/2014 00:48:52] - |HD| - [22483911] - C:\Program Files (x86)\InstallShield Installation Information [18/09/2014 00:44:04] - |D| - [23872817] - C:\Program Files (x86)\Intel [19/09/2015 14:05:58] - |AD| - [12170580] - C:\Program Files (x86)\Intel Driver Update Utility [30/10/2015 09:24:24] - |D| - [2155827] - C:\Program Files (x86)\Internet Explorer [05/07/2016 22:43:28] - |D| - [164285669] - C:\Program Files (x86)\Java [21/07/2015 21:18:28] - |D| - [4349762] - C:\Program Files (x86)\MagicaVoxel-0.96.1-win-mac [17/07/2016 00:24:33] - |D| - [59499548] - C:\Program Files (x86)\Malwarebytes Anti-Malware [28/08/2015 23:42:52] - |A| - [0] - C:\Program Files (x86)\ManiaPlanet [26/07/2015 23:34:36] - |D| - [9356010] - C:\Program Files (x86)\Microsoft Games for Windows - LIVE [15/05/2014 17:53:50] - |AD| - [1873316606] - C:\Program Files (x86)\Microsoft Office [14/06/2015 19:07:07] - |D| - [6076507] - C:\Program Files (x86)\Microsoft XNA [30/10/2015 09:24:24] - |D| - [8175999] - C:\Program Files (x86)\Microsoft.NET [23/07/2015 04:22:33] - |AD| - [92439273] - C:\Program Files (x86)\Mozilla Firefox [23/07/2015 04:22:40] - |D| - [237316] - C:\Program Files (x86)\Mozilla Maintenance Service [16/11/2015 23:29:27] - |D| - [25757] - C:\Program Files (x86)\MSBuild [23/07/2015 14:11:38] - |D| - [2548] - C:\Program Files (x86)\Nmap [23/07/2015 13:34:03] - |D| - [9561497] - C:\Program Files (x86)\Notepad++ [18/09/2014 00:54:14] - |D| - [275948294] - C:\Program Files (x86)\NVIDIA Corporation [23/09/2015 20:27:00] - |AD| - [327250814] - C:\Program Files (x86)\OpenOffice 4 [28/08/2015 23:42:52] - |A| - [0] - C:\Program Files (x86)\Origin [25/12/2014 11:59:19] - |D| - [6668734443] - C:\Program Files (x86)\Origin Games [23/02/2016 03:52:06] - |D| - [42170368] - C:\Program Files (x86)\PokerStrategy [18/09/2014 01:01:49] - |D| - [22343628] - C:\Program Files (x86)\Realtek [16/11/2015 23:29:27] - |D| - [38450433] - C:\Program Files (x86)\Reference Assemblies [29/01/2016 23:36:06] - |D| - [2383] - C:\Program Files (x86)\RivaTuner Statistics Server [14/05/2015 23:53:00] - |D| - [82504894] - C:\Program Files (x86)\Rockstar Games [05/06/2016 14:28:33] - |D| - [62532790] - C:\Program Files (x86)\Samsung [08/08/2015 21:58:26] - |RD| - [79771451] - C:\Program Files (x86)\Skype [29/10/2015 19:06:47] - |AD| - [701961] - C:\Program Files (x86)\SystemRequirementsLab [07/02/2016 11:40:50] - |D| - [171975779] - C:\Program Files (x86)\Ubisoft [19/08/2015 01:38:47] - |AD| - [21207139] - C:\Program Files (x86)\VirtualDJ [19/03/2016 18:42:38] - |D| - [1172054] - C:\Program Files (x86)\VulkanRT [25/12/2015 10:55:25] - |AD| - [23337185] - C:\Program Files (x86)\Western Digital [15/05/2014 17:59:25] - |D| - [0] - C:\Program Files (x86)\WildTangent Games [30/10/2015 09:24:24] - |D| - [1465856] - C:\Program Files (x86)\Windows Defender [30/10/2015 09:24:24] - |D| - [5961728] - C:\Program Files (x86)\Windows Mail [30/10/2015 09:24:24] - |D| - [3342927] - C:\Program Files (x86)\Windows Media Player [30/10/2015 09:24:24] - |D| - [220064] - C:\Program Files (x86)\Windows Multimedia Platform [30/10/2015 09:24:24] - |D| - [7575610] - C:\Program Files (x86)\Windows NT [30/10/2015 09:24:24] - |D| - [5484224] - C:\Program Files (x86)\Windows Photo Viewer [30/10/2015 09:24:24] - |D| - [220064] - C:\Program Files (x86)\Windows Portable Devices [30/10/2015 09:24:24] - |SHD| - [0] - C:\Program Files (x86)\Windows Sidebar [30/10/2015 09:24:24] - |SD| - [3591532] - C:\Program Files (x86)\WindowsPowerShell ---------- | C:\Program Files [08/01/2015 22:27:52] - |AD| - [1365483413] - C:\Program Files\Adobe [18/09/2014 01:08:38] - |D| - [10023238] - C:\Program Files\ASUS [18/01/2015 18:09:47] - |D| - [0] - C:\Program Files\Bitdefender [30/12/2014 01:19:03] - |AD| - [613987] - C:\Program Files\Bonjour [18/09/2014 01:02:34] - |D| - [34045634] - C:\Program Files\Broadcom [25/12/2014 11:16:02] - |AD| - [17453360] - C:\Program Files\CCleaner [30/10/2015 08:28:30] - |D| - [782625830] - C:\Program Files\Common Files [16/11/2015 23:46:56] - |D| - [172997026] - C:\Program Files\CONEXANT [04/04/2016 18:56:16] - |D| - [4125275] - C:\Program Files\CPUID [13/04/2016 22:53:52] - |D| - [35489759] - C:\Program Files\DAEMON Tools Lite [30/10/2015 09:24:28] - |ASH| - [174] - C:\Program Files\desktop.ini [18/09/2014 00:59:48] - |D| - [3139184] - C:\Program Files\DIFX [14/02/2016 18:52:50] - |AD| - [10805724] - C:\Program Files\DriversCloud.com [06/08/2015 12:06:24] - |D| - [77082498] - C:\Program Files\Elantech [20/09/2015 19:03:32] - |AD| - [16614350772] - C:\Program Files\Epic Games [06/08/2015 11:54:33] - |SHD| - [782625830] - C:\Program Files\Fichiers communs [16/11/2015 23:48:28] - |D| - [83277053] - C:\Program Files\Intel [19/09/2015 14:24:28] - |D| - [12013337] - C:\Program Files\Intel Corporation [30/10/2015 09:24:24] - |D| - [2777118] - C:\Program Files\Internet Explorer [30/12/2014 01:18:14] - |D| - [116425331] - C:\Program Files\Logitech Gaming Software [25/12/2014 20:55:34] - |AD| - [1481] - C:\Program Files\ma-config.com [18/09/2014 01:11:36] - |D| - [44335272] - C:\Program Files\mcafee [18/09/2014 01:11:36] - |D| - [0] - C:\Program Files\mcafee.com [01/04/2015 18:33:15] - |AD| - [2241404045] - C:\Program Files\Microsoft Office 15 [11/01/2015 00:39:17] - |D| - [1844935] - C:\Program Files\Microsoft Xbox One Controller for Windows [16/11/2015 23:29:27] - |D| - [25757] - C:\Program Files\MSBuild [16/11/2015 23:49:11] - |D| - [5040455693] - C:\Program Files\NVIDIA Corporation [16/11/2015 23:29:27] - |D| - [36850857] - C:\Program Files\Reference Assemblies [14/05/2015 23:52:47] - |D| - [103384678] - C:\Program Files\Rockstar Games [05/06/2016 14:29:07] - |D| - [39007808] - C:\Program Files\Samsung [12/12/2015 19:23:38] - |D| - [14357894780] - C:\Program Files\Tom.Clancys.Rainbow.Six.Siege-CODEX [16/11/2015 23:46:52] - |HD| - [0] - C:\Program Files\Uninstall Information [21/07/2015 22:29:42] - |D| - [6241330711] - C:\Program Files\Unity [26/12/2014 16:15:36] - |D| - [128458948] - C:\Program Files\VideoLAN [25/02/2016 18:14:26] - |D| - [46230297] - C:\Program Files\Western Digital [18/09/2014 01:04:07] - |D| - [240603363] - C:\Program Files\WIDCOMM [30/10/2015 09:24:24] - |D| - [11400666] - C:\Program Files\Windows Defender [30/10/2015 21:03:03] - |D| - [8974456] - C:\Program Files\Windows Journal [30/10/2015 09:24:24] - |D| - [6322176] - C:\Program Files\Windows Mail [30/10/2015 09:24:24] - |D| - [5394547] - C:\Program Files\Windows Media Player [30/10/2015 09:24:24] - |D| - [258280] - C:\Program Files\Windows Multimedia Platform [30/10/2015 09:24:24] - |D| - [7862330] - C:\Program Files\Windows NT [30/10/2015 09:24:24] - |D| - [6381248] - C:\Program Files\Windows Photo Viewer [30/10/2015 09:24:24] - |D| - [258280] - C:\Program Files\Windows Portable Devices [30/10/2015 09:24:24] - |SHD| - [0] - C:\Program Files\Windows Sidebar [30/10/2015 09:24:24] - |HD| - [4235241461] - C:\Program Files\WindowsApps [30/10/2015 09:24:24] - |SD| - [3764027] - C:\Program Files\WindowsPowerShell [23/07/2015 14:12:19] - |D| - [190360] - C:\Program Files\WinPcap [08/01/2015 20:55:32] - |AD| - [5531468] - C:\Program Files\WinRAR ---------- | C:\Program Files (x86)\Common Files [08/01/2015 21:01:31] - |D| - [205922477] - C:\Program Files (x86)\Common Files\Adobe [15/05/2014 17:58:41] - |D| - [4017674] - C:\Program Files (x86)\Common Files\AWS [25/12/2014 11:25:49] - |D| - [0] - C:\Program Files (x86)\Common Files\Blizzard Entertainment [21/07/2015 14:01:55] - |AD| - [14040] - C:\Program Files (x86)\Common Files\DESIGNER [25/12/2014 15:47:24] - |HD| - [10577299] - C:\Program Files (x86)\Common Files\EAInstaller [16/11/2015 23:48:23] - |D| - [67823899] - C:\Program Files (x86)\Common Files\Intel [28/02/2016 21:08:43] - |D| - [243772] - C:\Program Files (x86)\Common Files\Intel Corporation [05/07/2016 22:43:48] - |D| - [1964616] - C:\Program Files (x86)\Common Files\Java [18/09/2014 01:11:36] - |D| - [1170556] - C:\Program Files (x86)\Common Files\mcafee [30/10/2015 09:24:24] - |AD| - [50581912] - C:\Program Files (x86)\Common Files\Microsoft Shared [18/09/2014 00:48:56] - |D| - [196972] - C:\Program Files (x86)\Common Files\postureAgent [30/10/2015 09:24:24] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services [07/01/2016 20:13:00] - |AD| - [2399872] - C:\Program Files (x86)\Common Files\Skype [25/12/2014 11:42:48] - |D| - [1450064] - C:\Program Files (x86)\Common Files\Steam [30/10/2015 09:24:24] - |D| - [9676683] - C:\Program Files (x86)\Common Files\System [25/12/2015 10:55:25] - |AD| - [260824] - C:\Program Files (x86)\Common Files\Western Digital ---------- | C:\Program Files\Common files [08/01/2015 21:02:28] - |D| - [53350155] - C:\Program Files\Common files\Adobe [18/01/2015 18:03:54] - |D| - [421503447] - C:\Program Files\Common files\Bitdefender [18/09/2014 01:11:36] - |D| - [165999248] - C:\Program Files\Common files\mcafee [30/10/2015 09:24:24] - |D| - [130339411] - C:\Program Files\Common files\microsoft shared [30/10/2015 09:24:24] - |D| - [2702] - C:\Program Files\Common files\Services [30/10/2015 09:24:24] - |D| - [10505611] - C:\Program Files\Common files\System [25/12/2015 10:55:25] - |AD| - [925256] - C:\Program Files\Common files\Western Digital ---------- | Tasks [MD5.A56A583E85DEE033BA080322AB9059A2] - [02/07/2015 03:32:37] - |A| - [1002] - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job [MD5.17473B730A0D0607590D3B1AD09F9EF7] - [25/12/2014 10:58:08] - |A| - [1086] - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [MD5.B6FB686DEEE607DEE32C46ED47434E3B] - [25/12/2014 10:58:08] - |A| - [1090] - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [17/11/2015 00:07:05] - |AH| - [6] - C:\WINDOWS\Tasks\SA.DAT [MD5.A4CD9A72AACA50A7513A9F523E956BA9] - [02/07/2015 03:32:37] - |A| - [3988] - C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater : C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.6144187AAC03425D1EBEB188A9FDC76C] - [25/12/2014 10:54:33] - |A| - [11590] - C:\WINDOWS\System32\Tasks\ASUS Demo App UpLoad : C:\Program Files (x86)\ASUS\ASUS Screen Saver\UpLoad.exe [MD5.630D495B9A473034D72FC384F878FEBB] - [13/05/2015 13:51:12] - |A| - [3694] - C:\WINDOWS\System32\Tasks\ASUS Live Update1 : C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [MD5.D9C982764FCF614D3CE933E051B6044F] - [13/05/2015 13:51:13] - |A| - [3540] - C:\WINDOWS\System32\Tasks\ASUS Live Update2 : C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [MD5.4259191ECB5708EA1DF9FCE28236E9D7] - [18/09/2014 01:08:47] - |A| - [2272] - C:\WINDOWS\System32\Tasks\ASUS P4G : C:\Program Files\ASUS\P4G\BatteryLife.exe [MD5.88BF4D72E48A5C7C3260EB6A5C56AEBB] - [18/09/2014 00:59:48] - |A| - [2862] - C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher : C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [MD5.25628C4D5890AF713A8A06ACC24E3E3E] - [18/09/2014 01:10:06] - |A| - [2250] - C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON : C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [MD5.7A3310C2136C98AE3194E31A87F217CF] - [18/09/2014 01:09:53] - |A| - [2188] - C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus : "C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe" [MD5.9389101AF0EFB7E0F1A648827A8FF07B] - [18/09/2014 01:05:50] - |A| - [2950] - C:\WINDOWS\System32\Tasks\ATK Package 36D18D69AFC3 : "C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe" [MD5.6117AFA39529738491FE2B12576EA459] - [19/02/2015 03:07:02] - |A| - [2388] - C:\WINDOWS\System32\Tasks\avastBCLRestartS-1-5-21-4256550607-910914473-3542436597-1001 : C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [MD5.51EE77E49130473FF67E931D1987C515] - [25/12/2014 11:16:03] - |A| - [2234] - C:\WINDOWS\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe" [MD5.00000000000000000000000000000000] - [04/04/2015 00:25:39] - |D| - [2746] - C:\WINDOWS\System32\Tasks\GenericSettingsHandler [MD5.F810F6FFE8516C3107B776617A02A6A0] - [25/12/2014 10:58:08] - |A| - [3916] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.F43B18F387E9CFBBA5EA33883850B2D0] - [25/12/2014 10:58:08] - |A| - [4148] - C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] - [21/05/2016 19:20:28] - |D| - [4224] - C:\WINDOWS\System32\Tasks\Intel [MD5.00000000000000000000000000000000] - [30/10/2015 09:24:25] - |D| - [503372] - C:\WINDOWS\System32\Tasks\Microsoft [MD5.A4D1F3DEAB60284F95B963236812031B] - [25/12/2014 10:41:39] - |A| - [2878] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4256550607-910914473-3542436597-1001 : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.0CE4FE36447E7CB51E8212EB2A8BF716] - [16/04/2015 14:28:08] - |A| - [2878] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4256550607-910914473-3542436597-1002 : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.B320D1A0F3B86F5B61C6AA95D7C665F9] - [18/09/2014 01:05:35] - |A| - [2876] - C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4256550607-910914473-3542436597-500 : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.D61D9755744D692BB734AB5B5F43BD54] - [18/09/2014 01:08:48] - |A| - [2172] - C:\WINDOWS\System32\Tasks\P4GIntlCtrl : C:\Program Files\ASUS\P4G\IntlDPST.exe [MD5.23BA1BA706284D97EA448BB9EF3C97B9] - [13/05/2015 13:51:05] - |A| - [3976] - C:\WINDOWS\System32\Tasks\Update Checker : C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [MD5.1AAE0C0D3A27CBCF74BA3FF6268275E4] - [21/05/2016 19:21:33] - |A| - [2170] - C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_WILLAMETTE : "C:\WINDOWS\System32\Wscript.exe" [MD5.561375735355F2A166D79769039AF14F] - [07/08/2015 23:10:39] - |A| - [4160] - C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BBD80911-6244-486D-8E3B-3C47B17D584B} : C:\WINDOWS\system32\msfeedssync.exe [MD5.00000000000000000000000000000000] - [25/12/2015 11:05:29] - |D| - [4522] - C:\WINDOWS\System32\Tasks\Western Digital [MD5.EF02111D5329882F8FB7B799FD357AA0] - [06/02/2015 23:14:42] - |A| - [2316] - C:\WINDOWS\System32\Tasks\{90BF7653-5B6B-4E37-BD54-96D28F820498} : C:\Windows\system32\pcalua.exe [MD5.710DBC9CA8A0437C29FCD825315B3F34] - [08/08/2015 21:49:23] - |A| - [2256] - C:\WINDOWS\System32\Tasks\{967A3FB5-F935-4198-8C75-BA59831E3BCC} : "c:\windows\system32\launchwinapp.exe" [MD5.64602B408A42E8E926DB64B254BCB01E] - [01/06/2015 17:51:24] - |A| - [2314] - C:\WINDOWS\System32\Tasks\{A2DF9604-1F25-4B6E-A2DE-1A37BD027F12} : C:\Windows\system32\pcalua.exe [MD5.7DA5D95EDFBE58806BEBEF8133CB0D7E] - [07/06/2015 21:55:06] - |A| - [2236] - C:\WINDOWS\System32\Tasks\{B1789D82-6BCA-409B-8351-F3FC6F5D25BE} : C:\Windows\system32\pcalua.exe [MD5.00000000000000000000000000000000] - [30/10/2015 09:24:25] - |D| - [0] - C:\WINDOWS\Syswow64\Tasks\Microsoft ---------- | Firewall [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules] "vm-monitoring-dcom"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=135|App=%SystemRoot%\system32\svchost.exe|Svc=RpcSs|Name=@icsvc.dll,-709|Desc=@icsvc.dll,-710|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv4"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=1|Name=@icsvc.dll,-701|Desc=@icsvc.dll,-702|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-icmpv6"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=58|Name=@icsvc.dll,-703|Desc=@icsvc.dll,-704|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-nb-session"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=139|Name=@icsvc.dll,-705|Desc=@icsvc.dll,-706|EmbedCtxt=@icsvc.dll,-700| "vm-monitoring-rpc"=v2.0|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\system32\svchost.exe|Svc=Schedule|Name=@icsvc.dll,-707|Desc=@icsvc.dll,-708|EmbedCtxt=@icsvc.dll,-700| "Wininit-Shutdown-In-Rule-TCP-RPC"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36753|Desc=@firewallapi.dll,-36754|EmbedCtxt=@firewallapi.dll,-36751| "Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC-EPMap|App=%systemroot%\system32\wininit.exe|Name=@firewallapi.dll,-36755|Desc=@firewallapi.dll,-36756|EmbedCtxt=@firewallapi.dll,-36751| "DeliveryOptimization-TCP-In"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-102|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "DeliveryOptimization-UDP-In"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=7680|App=%SystemRoot%\system32\svchost.exe|Svc=dosvc|Name=@%systemroot%\system32\dosvc.dll,-103|Desc=@%systemroot%\system32\dosvc.dll,-104|EmbedCtxt=@%systemroot%\system32\dosvc.dll,-100|Edge=TRUE| "Netlogon-NamedPipe-In"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010| "Netlogon-TCP-RPC-In"=v2.25|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=RPC|App=%SystemRoot%\System32\lsass.exe|Name=@netlogon.dll,-1008|Desc=@netlogon.dll,-1009|EmbedCtxt=@netlogon.dll,-1010| "WirelessDisplay-In-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10200|Desc=@wifidisplay.dll,-10201|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-TCP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10202|Desc=@wifidisplay.dll,-10203|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "WirelessDisplay-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Private|Profile=Public|App=%systemroot%\system32\WUDFHost.exe|Name=@wifidisplay.dll,-10204|Desc=@wifidisplay.dll,-10205|LUAuth=O:LSD:(A;;CC;;;S-1-5-84-0-0-0-0-0)|EmbedCtxt=@wifidisplay.dll,-100|TTK2_22=WFDDisplay| "MDNS-In-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort2_24=mDNS|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37303|Desc=@%SystemRoot%\system32\firewallapi.dll,-37304|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "MDNS-Out-UDP"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|LPort=5353|App=%SystemRoot%\system32\svchost.exe|Svc=dnscache|Name=@%SystemRoot%\system32\firewallapi.dll,-37305|Desc=@%SystemRoot%\system32\firewallapi.dll,-37306|EmbedCtxt=@%SystemRoot%\system32\firewallapi.dll,-37302| "UDP Query User{85E93538-B0FC-4F8D-A656-A57BE05B3267}D:\jeux\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{F587310E-1750-4EE5-978A-CE392CAE725F}D:\jeux\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base38793\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{CA5D9B38-D780-40D7-A2A5-B19932240743}D:\jeux\cube world\server.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\cube world\server.exe|Name=server|Desc=server|Defer=User| "TCP Query User{F3949FAB-9DA3-4C40-B7AA-7B9FDFE0891A}D:\jeux\cube world\server.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\cube world\server.exe|Name=server|Desc=server|Defer=User| "UDP Query User{941E030F-9FE6-4793-8C2D-B1C9D32C79D6}D:\jeux\steam\steamapps\common\the witcher 2\bin\witcher2.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\steam\steamapps\common\the witcher 2\bin\witcher2.exe|Name=The Witcher 2|Desc=The Witcher 2|Defer=User| "TCP Query User{84BD6F28-29FA-4CFC-B229-6F49B9F07F8C}D:\jeux\steam\steamapps\common\the witcher 2\bin\witcher2.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\steam\steamapps\common\the witcher 2\bin\witcher2.exe|Name=The Witcher 2|Desc=The Witcher 2|Defer=User| "UDP Query User{5CA18E3E-86C5-4302-B120-A2D70B5873B7}D:\jeux\heroes of the storm\versions\base38593\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base38593\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{994AA895-1449-4D66-AFD2-FD0547E652D6}D:\jeux\heroes of the storm\versions\base38593\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base38593\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{4531CDAE-B69B-4B8F-83FD-535F35692A81}D:\jeux\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{57205CF3-7283-45FA-918A-CF01B835014E}D:\jeux\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base38500\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{F70E52D1-6FC0-476C-AC9B-03CE8602F822}D:\jeux\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{F0FA856D-EBE1-4C37-B2BB-2AE02876B466}D:\jeux\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{F3C82039-4FAF-4944-AA67-47F3CBA0C30C}C:\program files\epic games\4.9\engine\binaries\win64\ue4editor.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\epic games\4.9\engine\binaries\win64\ue4editor.exe|Name=Unreal Engine|Desc=Unreal Engine|Defer=User| "TCP Query User{BA402C7D-DC81-4CF7-AD05-AF9AF1B37A59}C:\program files\epic games\4.9\engine\binaries\win64\ue4editor.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\epic games\4.9\engine\binaries\win64\ue4editor.exe|Name=Unreal Engine|Desc=Unreal Engine|Defer=User| "UDP Query User{ABDBDDEF-702A-4CC3-8E16-2C3944067420}D:\jeux\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{5A2D0956-57AB-4274-96E6-3C9D2C2F6D7B}D:\jeux\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{DCE794E4-AC62-48AA-85C1-F48BEBA061F1}D:\jeux\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{6E2E3C68-33D0-40F5-B0EE-12A7ACD565C9}D:\jeux\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{CEE3D7F0-9AE5-4AF4-AD5C-5B657834288E}D:\jeux\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe|Name=sniperelitev2|Desc=sniperelitev2|Defer=User| "TCP Query User{A9850C5A-3DF2-48BE-8E38-F5DD348219D6}D:\jeux\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\steam\steamapps\common\sniper elite v2\bin\sniperelitev2.exe|Name=sniperelitev2|Desc=sniperelitev2|Defer=User| "UDP Query User{5E323C51-D283-4D3A-8E12-29080FFC66D2}D:\jeux\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{81231938-36FA-4226-B64B-1EAD69B09024}D:\jeux\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{145D805A-BBED-45D4-9725-1227B5AF20A1}D:\jeux\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{27C01E11-9601-4F43-B276-461FC6D324C6}D:\jeux\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "{13CA15CD-E618-4AAA-A53A-0B5ABD8D9E51}"=v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe|Name=avast! NG front end| "{E441A7C4-3480-470E-90DD-7F0370E20C8F}"=v2.24|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe|Name=avast! NG front end| "UDP Query User{1AF74DD7-75A2-4DC3-995B-1CE2E47508F1}D:\games\pro cycling manager 2015\pcm.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\games\pro cycling manager 2015\pcm.exe|Name=Pro Cycling Manager|Desc=Pro Cycling Manager|Defer=User| "TCP Query User{7B296B25-8F6D-493B-8364-3A0781E384C8}D:\games\pro cycling manager 2015\pcm.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\games\pro cycling manager 2015\pcm.exe|Name=Pro Cycling Manager|Desc=Pro Cycling Manager|Defer=User| "UDP Query User{42DE6630-7C0B-42B2-AD12-C73979099DA2}D:\jeux\hearthstone\hearthstone.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\hearthstone\hearthstone.exe|Name=hearthstone|Desc=hearthstone|Defer=User| "TCP Query User{96291981-C7E3-40A6-B186-B0A448474C46}D:\jeux\hearthstone\hearthstone.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\hearthstone\hearthstone.exe|Name=hearthstone|Desc=hearthstone|Defer=User| "UDP Query User{1AA14A7E-7A49-4142-8D17-28737C9C2840}D:\jeux\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{C3D945C2-58AC-4B79-9C9C-B9C2D25EC258}D:\jeux\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{207BC79F-DB73-4433-B8BB-68E03DDC1051}D:\jeux\steam\steamapps\common\grand theft auto v\gta5.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\steam\steamapps\common\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V|Defer=User| "TCP Query User{2D384EE1-993E-4FF3-A2F7-A8B5108F8CEA}D:\jeux\steam\steamapps\common\grand theft auto v\gta5.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\steam\steamapps\common\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V|Defer=User| "{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ| "{560448D6-095C-4907-B046-AC7F710701A7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=SonicWALL.MobileConnect|Desc=SonicWALL.MobileConnect|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-1141404472-3582312691-3771565717-2155153689-4284170330-1053580937-782359393|EmbedCtxt=SonicWALL.MobileConnect|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D6980480-941A-4DF6-AB81-3734ECD3D779}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ| "{EC799E33-72BA-42D7-9127-DEFE68F9799D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=JuniperNetworks.JunosPulseVpn|Desc=JuniperNetworks.JunosPulseVpn|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-413786399-3497379642-531169432-1175633435-3083429259-2317590812-1892764672|EmbedCtxt=JuniperNetworks.JunosPulseVpn|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F64300AD-D559-4000-BD45-0997BCC8E70A}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ| "{F77E5446-4378-4E99-8B7A-7061AAAEA193}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=f5.vpn.client|Desc=f5.vpn.client|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3873129616-3864902477-3117653462-838095904-2337665935-1018217662-2152729480|EmbedCtxt=f5.vpn.client|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{9E3D57FC-7C37-4424-9352-4831E97D029D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Desc=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/Description}|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-2608634532-1453884237-1118350049-1925931850-670756941-1603938316-3764965493|EmbedCtxt=@{C:\Windows\WinStore\resources.pri?ms-resource://WinStore/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ| "{4282FE99-8560-4BC7-9576-5F3ED84E263F}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=CheckPoint.VPN|Desc=CheckPoint.VPN|LUOwn=S-1-1-0|AppPkgId=S-1-15-2-3676279713-3632409675-756843784-3388909659-2454753834-4233625902-1413163418|EmbedCtxt=CheckPoint.VPN|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{7599D70E-1709-432E-B9A5-143C9C8C8B8C}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{1E8997C4-19BE-4E6E-8B23-D317A7B44294}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{37CD9815-7B97-44F9-9FD9-BFB3C61D2E97}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationsPackageName}|Desc=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationsPackageName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationsPackageName}|Platform=2:6:2|Platform2=GTEQ| "{46DFE3F0-0F93-4949-AD3F-234C988EDBB9}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationsPackageName}|Desc=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationsPackageName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.5.9600.20413_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationsPackageName}|Platform=2:6:2|Platform2=GTEQ| "{5F546938-E5D8-4359-9063-863B239C84CC}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=Skype|Desc=Skype|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734|EmbedCtxt=Skype|Platform=2:6:2|Platform2=GTEQ| "{DAD33F1F-CF27-4AC9-968D-FC51BEA3F751}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=Skype|Desc=Skype|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734|EmbedCtxt=Skype|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{BE2E40D1-1915-4097-AE0D-4ED69FABFEAA}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=Zinio|Desc=Zinio|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-720185855-2675332291-2976434075-758544043-626028312-300598871-2309835828|EmbedCtxt=Zinio|Platform=2:6:2|Platform2=GTEQ| "{FBCE51F0-1EF0-48ED-A047-A45C8F69F4DD}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Zinio|Desc=Zinio|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-720185855-2675332291-2976434075-758544043-626028312-300598871-2309835828|EmbedCtxt=Zinio|Platform=2:6:2|Platform2=GTEQ| "{05C80428-4E67-40F5-B382-49B753C30283}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=- Games App -|Desc=- Games App -|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-54699281-1271618622-4162202136-1802718980-1937042405-523788449-2466384431|EmbedCtxt=- Games App -|Platform=2:6:2|Platform2=GTEQ| "{DA2FFDF5-4511-45D3-82D9-4E9973C84AB9}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=LINE|Desc=LINE|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-3154901008-2849271269-1294263849-4111868753-1430083361-3789501531-791294240|EmbedCtxt=LINE|Platform=2:6:2|Platform2=GTEQ| "{674D723D-DF74-41A3-A5EA-6DB4C04DB9CC}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.ZuneVideo_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{86DAC80B-61ED-43AE-967E-DEF9FB988CE9}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.ZuneMusic_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_2.2.705.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{760A39FA-9472-4876-9A7C-E77D1A4ED9C4}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxLIVEGames/resources/34150}|Desc=@{Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxLIVEGames/resources/34150}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-1006207729-2866503879-2823532697-3939787710-1205904879-1762002398-487380619|EmbedCtxt=@{Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxLIVEGames/resources/34150}|Platform=2:6:2|Platform2=GTEQ| "{C2553F4A-E1BF-4AD7-9CB2-EAD4741DA280}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.WindowsReadingList_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Desc=@{Microsoft.WindowsReadingList_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-253023354-1127976746-3906962265-362626003-4127939218-3835539868-2341249685|EmbedCtxt=@{Microsoft.WindowsReadingList_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Platform=2:6:2|Platform2=GTEQ| "{F37C4DD6-D896-4539-B38E-6A7D6F49D26E}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.WindowsReadingList_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Desc=@{Microsoft.WindowsReadingList_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-253023354-1127976746-3906962265-362626003-4127939218-3835539868-2341249685|EmbedCtxt=@{Microsoft.WindowsReadingList_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Platform=2:6:2|Platform2=GTEQ| "{A8604310-27CD-4A9E-84CA-E82F7E2212A7}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{2E3D0E52-F872-4393-AF8B-77428B773FBF}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{D7049F00-80ED-4414-96C1-D196E28CCD3D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=Fresh Paint|Desc=Fresh Paint|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-753205055-3642759886-2300710532-466079404-1496176425-3605778055-1481226570|EmbedCtxt=Fresh Paint|Platform=2:6:2|Platform2=GTEQ| "{9BF4B960-1A65-497E-941F-C8E1E51C27A2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingWeather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/resources/AppTitle}|Desc=@{Microsoft.BingWeather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/resources/AppDescription}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/resources/AppTitle}|Platform=2:6:2|Platform2=GTEQ| "{743BEB41-32AC-480D-8426-20E946AFBA28}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingTravel_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/BrandedAppTitle}|Desc=@{Microsoft.BingTravel_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/AppDescription}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-2870191891-2241688837-171142518-109998219-184790337-3361571429-3188846544|EmbedCtxt=@{Microsoft.BingTravel_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/BrandedAppTitle}|Platform=2:6:2|Platform2=GTEQ| "{6A430B5E-681F-4C17-8731-910B0DC56680}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingSports_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/resources/BrandedAppTitle}|Desc=@{Microsoft.BingSports_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/resources/BingSportsApp}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/resources/BrandedAppTitle}|Platform=2:6:2|Platform2=GTEQ| "{676B69FE-29A3-42DA-800C-FBAE0E857973}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingNews_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/resources/BrandedAppTitle}|Desc=@{Microsoft.BingNews_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/resources/NewsAppDesc}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/resources/BrandedAppTitle}|Platform=2:6:2|Platform2=GTEQ| "{02015BA5-F57B-4C64-9119-D39EED07A093}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingMaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingMaps/Resources/AppDisplayName}|Desc=@{Microsoft.BingMaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingMaps/Resources/AppDisplayName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-1220793744-3666789380-189579892-1973497788-2854962754-2836109804-3864561331|EmbedCtxt=@{Microsoft.BingMaps_2.0.2530.2317_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingMaps/Resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{97640DA6-F527-4E36-B1B1-747F4E9F02AF}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingHealthAndFitness_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingHealthAndFitness/resources/apptitle}|Desc=HealthAndFitness|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-1138804039-612586356-661925973-101396967-3526483782-2490177615-3594119953|EmbedCtxt=@{Microsoft.BingHealthAndFitness_3.0.2.233_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingHealthAndFitness/resources/apptitle}|Platform=2:6:2|Platform2=GTEQ| "{126E0354-83D0-4378-B32A-76C5BAAC2EAF}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingFoodAndDrink_3.0.2.236_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppTitleWithBranding}|Desc=@{Microsoft.BingFoodAndDrink_3.0.2.236_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppDescription}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-1986440118-1442771495-871113684-214194731-1452296882-3170903903-2224822735|EmbedCtxt=@{Microsoft.BingFoodAndDrink_3.0.2.236_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{A39CD503-4146-47B6-9D37-7BD2F86CD32D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingFinance_3.0.2.234_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/resources/BrandedAppTitle}|Desc=Finance App|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_3.0.2.234_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/resources/BrandedAppTitle}|Platform=2:6:2|Platform2=GTEQ| "{9C522532-02B3-4882-B0A3-508D2BFBD128}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{MAGIX.MusicMakerJam_2.0.1020.2_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Desc=@{MAGIX.MusicMakerJam_2.0.1020.2_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-914775309-424825794-3355368112-487557154-2084386389-537045334-2498513562|EmbedCtxt=@{MAGIX.MusicMakerJam_2.0.1020.2_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Platform=2:6:2|Platform2=GTEQ| "{DC2085F0-1FF1-4F76-82CE-0112E12D108C}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=@{MAGIX.MusicMakerJam_2.0.1020.2_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Desc=@{MAGIX.MusicMakerJam_2.0.1020.2_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-914775309-424825794-3355368112-487557154-2084386389-537045334-2498513562|EmbedCtxt=@{MAGIX.MusicMakerJam_2.0.1020.2_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{E80B85AA-56C7-4AF7-88F8-E305963674E3}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=Flipboard|Desc=Flipboard|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-864994224-3030340628-3329202063-153121207-2255414721-17657611-2370319705|EmbedCtxt=Flipboard|Platform=2:6:2|Platform2=GTEQ| "{999C3016-9F55-4468-9FED-EA4A140B1010}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Flipboard|Desc=Flipboard|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-864994224-3030340628-3329202063-153121207-2255414721-17657611-2370319705|EmbedCtxt=Flipboard|Platform=2:6:2|Platform2=GTEQ| "{E479EDA6-5418-4CC9-A7AE-DE4852B4CB63}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=ASUS WebStorage|Desc=ASUS WebStorage|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-2379699041-582217313-309184701-132115402-2983263408-230732246-1589285292|EmbedCtxt=ASUS WebStorage|Platform=2:6:2|Platform2=GTEQ| "{10DD3A2C-D281-4B9D-B994-CFDA57D10418}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=ASUS WebStorage|Desc=ASUS WebStorage|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-2379699041-582217313-309184701-132115402-2983263408-230732246-1589285292|EmbedCtxt=ASUS WebStorage|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{2AB83DB0-EBCC-4FA9-A2D2-D79E52EFEA8D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ| "{15FAF95D-9064-405F-9F0C-337DB9CC8540}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-4256550607-910914473-3542436597-500|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{1030B423-C7B7-4303-A800-8DCCA59F6127}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=80|App=C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe|Name=NVIDIA Network Service TCP Exception (HTTP)|Desc=TCP exceptions for NVIDIA Network Service| "{E61CD837-3FE1-4FC0-8809-7AE7E2AA9470}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=443|App=C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe|Name=NVIDIA Network Service TCP Exception (HTTPS)|Desc=TCP exceptions for NVIDIA Network Service| "{7823EC0F-752C-4708-86BE-48E4EF0FE323}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe|Name=McAfee Shared Service Host| "{EC208CF1-1B17-40A6-8354-5C1041DA8D5E}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe|Name=McAfee Shared Service Host| "{CD6DBF9F-FB8F-4AC6-AE73-AAB6A80B75C1}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe|Name=Battle.net Update Agent| "{3AA69D43-D2D0-433F-BA50-9542C654251D}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe|Name=Battle.net Update Agent| "{2AAD1FBB-304A-4365-B2F4-43194AC3AC29}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Battle.net\Battle.net.exe|Name=Battle.net| "{9DBBC4A3-D033-4D94-B97B-E56C15D4C53C}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Battle.net\Battle.net.exe|Name=Battle.net| "{B931F1F3-2319-4C9F-83B2-DADE60A34423}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Hearthstone\Hearthstone.exe|Name=Hearthstone| "{F1DDFCAD-1FAE-46BF-8EBF-7650EBACD7F6}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Hearthstone\Hearthstone.exe|Name=Hearthstone| "{1CB0C968-81B5-4607-9602-BDCB82C13768}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe|Name=Battlefield 3™| "{13EEB7A2-318F-4D7F-9113-32AF8EBD2144}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe|Name=Battlefield 3™| "{DC7A13C5-4A7A-49C1-8A7B-D6EC75500075}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=48113|RA4=LocalSubnet|RA6=LocalSubnet|Name=maconfig_tcp| "{236F1A32-D2C2-4B2A-AE2F-7220647E64DC}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|LPort=48114|RA4=LocalSubnet|RA6=LocalSubnet|Name=maconfig_tcptls| "{91153B79-CDFE-409F-9DE4-AF744883B699}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\ma-config.com\MaConfigAgent.exe|Name=maconfigagent| "{E4EF52F1-F3C3-4E92-8EE7-9642ADB8F390}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\ma-config.com\MaConfigAgent.exe|Name=maconfigagent| "{C7EFBF82-E70E-402C-B421-A5B262445803}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\Logitech Gaming Software\LCore.exe|Name=Logitech Gaming Software| "{FE508351-57DC-42C3-9916-6E10B3CEFFB4}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=54045|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\Logitech Gaming Software\LCore.exe|Name=Logitech Gaming Software| "{B3DDA42C-E557-416A-8AD7-968EFD211C47}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{09B04347-F313-4087-ABEB-713B67949375}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{FB2378BF-CFD2-4C82-8B56-13DB28819A78}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{20481C23-71A0-40C4-A31B-0536A3BDCC44}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Bonjour\mDNSResponder.exe|Name=Service Bonjour| "{2F90A37F-24AA-45B1-A389-FAE3F3AC261F}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe|Name=Dead Space| "{310BD00B-C5A5-4FDC-ACB8-427C35AA01F7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe|Name=Dead Space| "TCP Query User{AB636CFD-2251-4D92-AE8F-55F02844058A}C:\program files\java\jre1.8.0_31\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\java\jre1.8.0_31\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "UDP Query User{AD710BA9-862E-45A8-AACA-91637E9852BF}C:\program files\java\jre1.8.0_31\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\java\jre1.8.0_31\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "{A969C50E-FB81-4DB1-A784-678D4F2FC8A8}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\java\jre1.8.0_31\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary| "{F5467D89-F1F6-4010-9009-1DBCD1B454E6}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\java\jre1.8.0_31\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary| "TCP Query User{9F2B9070-5236-4B69-AF5A-A404487D579A}C:\users\cédric\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\cédric\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe|Name=javaw|Desc=javaw| "UDP Query User{859C1CAA-E5EE-4034-B997-16E3EDA3FD4E}C:\users\cédric\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\cédric\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe|Name=javaw|Desc=javaw| "{7748A4C0-C461-4517-A92B-AC516E0DE695}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=25565|Name=Minecraft Serveur| "{15C10EC3-32C3-404C-92A4-6C1B6439A041}"=v2.20|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=25565|Name=Minecraft Serveur| "TCP Query User{4241F03B-D965-4F72-B27D-FEA0B50A396C}C:\windows\system32\settingsynchost.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\windows\system32\settingsynchost.exe|Name=Host Process for Setting Synchronization|Desc=Host Process for Setting Synchronization|Defer=User| "UDP Query User{0DEA97FA-6C4D-47B4-AA04-51AEF94A020D}C:\windows\system32\settingsynchost.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\windows\system32\settingsynchost.exe|Name=Host Process for Setting Synchronization|Desc=Host Process for Setting Synchronization|Defer=User| "{2422AD1C-0F77-4A07-B421-6F6A95D6350C}"=v2.22|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\windows\system32\settingsynchost.exe|Name=Host Process for Setting Synchronization|Desc=Host Process for Setting Synchronization| "{9D971DA0-D0C0-439C-B4B4-50FC410EF812}"=v2.22|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\windows\system32\settingsynchost.exe|Name=Host Process for Setting Synchronization|Desc=Host Process for Setting Synchronization| "TCP Query User{DABF1CA6-F23E-48AA-B979-A9EF371871E2}C:\users\cédric\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\cédric\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User| "UDP Query User{0C35C89A-AE93-4E38-AAFB-16B2E96B1DA2}C:\users\cédric\appdata\roaming\spotify\spotify.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\cédric\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe|Defer=User| "{653F6B3C-6259-466D-ADFE-D73B703B4E4C}"=v2.22|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\cédric\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe| "{E34980F8-2852-4539-955C-4178DF296C30}"=v2.22|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\cédric\appdata\roaming\spotify\spotify.exe|Name=spotify.exe|Desc=spotify.exe| "{7C79DCC3-2A64-4FE7-BA26-48CC9C463DA5}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe|Name=Plantes contre Zombies™| "{C37BA62A-6FD1-41A0-9004-21AB348FD924}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe|Name=Plantes contre Zombies™| "{AE1F82E6-C307-4014-BE3F-554FA17F682C}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe|Name=Peggle| "{34F62EC1-BC3B-445C-9F9E-980599B902FE}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe|Name=Peggle| "{50B14860-A62F-494D-B333-A084B7D546F8}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Users\Cédric\AppData\Roaming\BitTorrent\BitTorrent.exe|Name=BitTorrent (TCP-In)|Desc=Allow BitTorrent network traffic with Edge Traversal|Edge=TRUE| "{78BB74B2-1947-44E4-B7BB-41BDCC0124B3}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Users\Cédric\AppData\Roaming\BitTorrent\BitTorrent.exe|Name=BitTorrent (UDP-In)|Desc=Allow BitTorrent network traffic with Edge Traversal|Edge=TRUE| "{57969359-7E77-494C-B022-31CF24B22EA7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|App=C:\Users\Cédric\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe|Name=Microsoft SkyDrive| "{DF4CE4B9-7369-48F2-A4BB-58E08158BAE3}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe|Name=Battle.net Update Agent| "{2EB3A6EB-F436-46FA-955D-9B94E4FF8AE3}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe|Name=Battle.net Update Agent| "TCP Query User{C3C02CDA-E53B-4014-A45E-30D0E30763BD}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Private|Profile=Public|App=C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm| "UDP Query User{71FD9DEC-FD95-44C7-AC79-73E0E90DDB93}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Private|Profile=Public|App=C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm| "{47DAE015-640E-4E9E-9B5C-8222ED9B70B0}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationsPackageName}|Desc=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationsPackageName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationsPackageName}|Platform=2:6:2|Platform2=GTEQ| "{FF10A73E-03FA-4A11-BC38-B19ADA804189}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationsPackageName}|Desc=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationsPackageName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationsPackageName}|Platform=2:6:2|Platform2=GTEQ| "{FC9BA4C9-9A95-4353-B080-4AF4703DAA71}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=Skype|Desc=Skype|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734|EmbedCtxt=Skype|Platform=2:6:2|Platform2=GTEQ| "{C3EA319C-BDFC-4E76-81F6-36E0AE6CB7CF}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=Skype|Desc=Skype|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-2246530975-808720366-1776470054-230329187-4153223113-3550430174-4193313734|EmbedCtxt=Skype|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{4D23FDCE-D35F-4BA0-A574-3FAB9D4783BC}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{C45AFC50-BB49-47F8-88C6-5C8949591E7B}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{BB0219E4-33DC-482D-A89C-3E42AB3A620D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{2E82D295-15A8-4FBB-B658-B357A70C10BF}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxLIVEGames/resources/34150}|Desc=@{Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxLIVEGames/resources/34150}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-1006207729-2866503879-2823532697-3939787710-1205904879-1762002398-487380619|EmbedCtxt=@{Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxLIVEGames/resources/34150}|Platform=2:6:2|Platform2=GTEQ| "{83551A3B-8945-4773-9BC5-CC97A536FAD4}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingWeather_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/resources/BrandedAppTitle}|Desc=@{Microsoft.BingWeather_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/resources/AppDescription}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/resources/BrandedAppTitle}|Platform=2:6:2|Platform2=GTEQ| "{3D571310-06FB-42D4-A1D7-27568246618C}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingNews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/resources/BrandedAppTitle}|Desc=@{Microsoft.BingNews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/resources/NewsAppDesc}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/resources/BrandedAppTitle}|Platform=2:6:2|Platform2=GTEQ| "{3B9352D6-9E84-45B2-A235-A95E7537D883}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingHealthAndFitness_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingHealthAndFitness/resources/apptitle}|Desc=HealthAndFitness|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-1138804039-612586356-661925973-101396967-3526483782-2490177615-3594119953|EmbedCtxt=@{Microsoft.BingHealthAndFitness_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingHealthAndFitness/resources/apptitle}|Platform=2:6:2|Platform2=GTEQ| "{95818275-4CFB-47C6-A946-4F23E05DFB84}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingFoodAndDrink_3.0.4.313_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppTitleWithBranding}|Desc=@{Microsoft.BingFoodAndDrink_3.0.4.313_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppDescription}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-1986440118-1442771495-871113684-214194731-1452296882-3170903903-2224822735|EmbedCtxt=@{Microsoft.BingFoodAndDrink_3.0.4.313_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{9EC8D6DD-060B-4E9C-B591-C75F832EAF4B}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingMaps/Resources/AppDisplayName}|Desc=@{Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingMaps/Resources/AppDisplayName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-1220793744-3666789380-189579892-1973497788-2854962754-2836109804-3864561331|EmbedCtxt=@{Microsoft.BingMaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingMaps/Resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{3653E94C-6519-4DFA-8942-19DA584AA2E2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.WindowsReadingList_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Desc=@{Microsoft.WindowsReadingList_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-253023354-1127976746-3906962265-362626003-4127939218-3835539868-2341249685|EmbedCtxt=@{Microsoft.WindowsReadingList_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Platform=2:6:2|Platform2=GTEQ| "{B9B57367-8DAE-494A-B9E1-11DA9E60B0C2}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.WindowsReadingList_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Desc=@{Microsoft.WindowsReadingList_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-253023354-1127976746-3906962265-362626003-4127939218-3835539868-2341249685|EmbedCtxt=@{Microsoft.WindowsReadingList_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Platform=2:6:2|Platform2=GTEQ| "{AAF5F4B5-3E1A-467A-8EFB-52DB6980F380}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingSports_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/resources/BrandedAppTitle}|Desc=@{Microsoft.BingSports_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/resources/BingSportsApp}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/resources/BrandedAppTitle}|Platform=2:6:2|Platform2=GTEQ| "{3305DC33-0982-4072-B0FA-9C2CAAABC2DD}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingFinance_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/resources/BrandedAppTitle}|Desc=MSN Money App|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/resources/BrandedAppTitle}|Platform=2:6:2|Platform2=GTEQ| "{BC506A49-C968-4CE0-B1D4-02698CD375C5}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=Fresh Paint|Desc=Fresh Paint|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-753205055-3642759886-2300710532-466079404-1496176425-3605778055-1481226570|EmbedCtxt=Fresh Paint|Platform=2:6:2|Platform2=GTEQ| "{819206CB-EEFB-4070-872B-BB342F0F4AE6}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{MAGIX.MusicMakerJam_2.2.1036.2_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Desc=@{MAGIX.MusicMakerJam_2.2.1036.2_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-914775309-424825794-3355368112-487557154-2084386389-537045334-2498513562|EmbedCtxt=@{MAGIX.MusicMakerJam_2.2.1036.2_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Platform=2:6:2|Platform2=GTEQ| "{CBE0C88D-D205-47A0-A488-B656BBBAB247}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=@{MAGIX.MusicMakerJam_2.2.1036.2_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Desc=@{MAGIX.MusicMakerJam_2.2.1036.2_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-914775309-424825794-3355368112-487557154-2084386389-537045334-2498513562|EmbedCtxt=@{MAGIX.MusicMakerJam_2.2.1036.2_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{A1A65276-C2D0-402C-8CF0-3AB0A5CCFBA2}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=ASUS WebStorage|Desc=ASUS WebStorage|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-2379699041-582217313-309184701-132115402-2983263408-230732246-1589285292|EmbedCtxt=ASUS WebStorage|Platform=2:6:2|Platform2=GTEQ| "{9FD8B86C-8DBD-4C01-BC32-855C9FF18BAA}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Name=ASUS WebStorage|Desc=ASUS WebStorage|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-2379699041-582217313-309184701-132115402-2983263408-230732246-1589285292|EmbedCtxt=ASUS WebStorage|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F05651A3-96CA-42EA-8BEF-6DC2544F82AC}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ| "{310389FC-E6AB-4286-8BF5-C87574FCD32D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.BingTravel_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/BrandedAppTitle}|Desc=@{Microsoft.BingTravel_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/AppDescription}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-2870191891-2241688837-171142518-109998219-184790337-3361571429-3188846544|EmbedCtxt=@{Microsoft.BingTravel_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/BrandedAppTitle}|Platform=2:6:2|Platform2=GTEQ| "{B6EAF4B2-954A-4724-A3B6-339201C64769}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=Flipboard|Desc=Flipboard|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-864994224-3030340628-3329202063-153121207-2255414721-17657611-2370319705|EmbedCtxt=Flipboard|Platform=2:6:2|Platform2=GTEQ| "{61BB5955-A06F-4785-B349-FDD286DA778D}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=Zinio|Desc=Zinio|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-720185855-2675332291-2976434075-758544043-626028312-300598871-2309835828|EmbedCtxt=Zinio|Platform=2:6:2|Platform2=GTEQ| "{5E6047E9-8240-424A-A84B-ED8B62218203}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Zinio|Desc=Zinio|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-720185855-2675332291-2976434075-758544043-626028312-300598871-2309835828|EmbedCtxt=Zinio|Platform=2:6:2|Platform2=GTEQ| "{1293E42D-B44D-4291-B164-43054138D71F}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{07F4C0F2-A824-4EBF-857D-1071821F004A}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=LINE|Desc=LINE|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-3154901008-2849271269-1294263849-4111868753-1430083361-3789501531-791294240|EmbedCtxt=LINE|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{8C8554E6-18B3-4E4E-A990-48040C3A823A}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V|Defer=User| "UDP Query User{73557D3F-AF20-4BA2-8ABF-9645702D95E9}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V|Defer=User| "{04FAE4B5-762E-4A99-87EE-05033CC56C21}"=v2.22|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V| "{7BA0D8A7-F08E-4729-8DC9-372778E591FE}"=v2.22|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V| "{286B7899-E2AA-4A3F-8116-F55FBE7959F3}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=- Games App -|Desc=- Games App -|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-54699281-1271618622-4162202136-1802718980-1937042405-523788449-2466384431|EmbedCtxt=- Games App -|Platform=2:6:2|Platform2=GTEQ| "{352EC734-D9DB-4374-A222-AEFAB90826AB}"=v2.22|Action=Allow|Active=TRUE|Dir=Out|Name=@{Microsoft.ZuneVideo_2.6.439.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_2.6.439.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1002|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_2.6.439.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{3469EA31-4483-4B25-8A94-70266B3BC03E}D:\jeux\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{0C08F750-A81D-4077-B47E-C317BE4262EA}D:\jeux\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{939C216F-86F6-4454-BBAA-4EDDC2D2A30C}D:\jeux\hearthstone\hearthstone.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\hearthstone\hearthstone.exe|Name=hearthstone|Desc=hearthstone|Defer=User| "UDP Query User{3B6705B2-0CFF-4BE9-8090-60AAD37A9C70}D:\jeux\hearthstone\hearthstone.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\hearthstone\hearthstone.exe|Name=hearthstone|Desc=hearthstone|Defer=User| "TCP Query User{2267E21F-0AC6-4E1A-BE2B-9951D56B382C}D:\jeux\steam\steamapps\common\grand theft auto v\gta5.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\steam\steamapps\common\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V|Defer=User| "UDP Query User{E54B47B5-CB9E-4985-9FF6-B899080B1A27}D:\jeux\steam\steamapps\common\grand theft auto v\gta5.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\steam\steamapps\common\grand theft auto v\gta5.exe|Name=Grand Theft Auto V|Desc=Grand Theft Auto V|Defer=User| "{18EDE5E7-F2F4-45EE-8B5A-12D7B9DBB735}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe|Name=avast! NG front end| "{E88FBFC6-8891-47A2-82AB-8BE4471FFDF7}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe|Name=avast! NG front end| "TCP Query User{3DC3BF1B-3175-4BB2-9769-4E9D1E99423B}D:\jeux\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{870A7060-AD24-45A2-B693-E1A77B0BB2E4}D:\jeux\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{624A15A4-20AC-444C-AFD7-8E8AA257A085}D:\jeux\diablo iii\diablo iii.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\diablo iii\diablo iii.exe|Name=Diablo III Retail|Desc=Diablo III Retail|Defer=User| "UDP Query User{EAA9FED5-2F73-4AA2-AD95-90BF42409D36}D:\jeux\diablo iii\diablo iii.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\diablo iii\diablo iii.exe|Name=Diablo III Retail|Desc=Diablo III Retail|Defer=User| "TCP Query User{094AA68D-A484-420A-84FB-8D43CCE48D5C}D:\jeux\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{94C1C2C7-AC08-4379-8944-74B9AF5DB364}D:\jeux\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "{7F7BF2CD-6215-47BB-A168-ED203D56FD04}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Windows\SysWOW64\PnkBstrA.exe|Name=PnkBstrA| "{2A4F8C10-D3D0-4CD1-AC2F-97943615A2C8}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Windows\SysWOW64\PnkBstrA.exe|Name=PnkBstrA| "{96AFC1F9-A75B-4CFB-970D-467D06AE9A0B}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Windows\SysWOW64\PnkBstrB.exe|Name=PnkBstrB| "{602D1AC6-55F7-4960-BA91-D46113C2DAC2}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Windows\SysWOW64\PnkBstrB.exe|Name=PnkBstrB| "{A9B60358-B32A-43A1-A604-EF5C2426D303}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe|Name=Battlefield 3™| "{8527690F-1EF3-45CD-AAA6-A8FAD8F3F960}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe|Name=Battlefield 3™| "TCP Query User{24C5155F-65D6-44C4-B605-17EF21525B2E}D:\jeux\blur(tm)\blur.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\blur(tm)\blur.exe|Name=blur|Desc=blur|Defer=User| "UDP Query User{25E07FEE-EDC2-4F13-BAB2-5FF9455F9463}D:\jeux\blur(tm)\blur.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\blur(tm)\blur.exe|Name=blur|Desc=blur|Defer=User| "TCP Query User{CB127EDC-889A-45E0-B4FE-45C6B1CEF252}D:\jeux\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{FCB8EFB0-D414-4932-B9EF-39E1AA57FB47}D:\jeux\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{C624BF45-0263-4D20-8576-99C74B64A853}C:\users\cédric\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\cédric\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe|Name=javaw|Desc=javaw|Defer=User| "UDP Query User{3323747D-9C81-412D-BA52-B37E1DB191B6}C:\users\cédric\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\cédric\appdata\roaming\.minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe|Name=javaw|Desc=javaw|Defer=User| "TCP Query User{3348BB31-76D0-4D7D-B5B4-BD80DAA4AAB4}D:\jeux\cube world\server.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\cube world\server.exe|Name=server|Desc=server|Defer=User| "UDP Query User{1668F45D-FB33-4F57-A412-C53FF5B50DF8}D:\jeux\cube world\server.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\cube world\server.exe|Name=server|Desc=server|Defer=User| "TCP Query User{E547678B-8E05-4C50-BECD-82B4C12817B4}C:\users\cédric\appdata\local\popcorn time\node-webkit\popcorn time.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\users\cédric\appdata\local\popcorn time\node-webkit\popcorn time.exe|Name=popcorn time.exe|Desc=popcorn time.exe|Defer=User| "UDP Query User{55886B19-A104-40E9-A3B4-486F707EE818}C:\users\cédric\appdata\local\popcorn time\node-webkit\popcorn time.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\users\cédric\appdata\local\popcorn time\node-webkit\popcorn time.exe|Name=popcorn time.exe|Desc=popcorn time.exe|Defer=User| "TCP Query User{DF262C6E-2EE2-4E39-AE5D-853FF06D72FA}D:\jeux\steam\steamapps\common\planetside 2\planetside2_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\steam\steamapps\common\planetside 2\planetside2_x64.exe|Name=PlanetSide 2 Play Client|Desc=PlanetSide 2 Play Client|Defer=User| "UDP Query User{3AA91E85-302A-48E1-8A61-2B5BBEBA7B46}D:\jeux\steam\steamapps\common\planetside 2\planetside2_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\steam\steamapps\common\planetside 2\planetside2_x64.exe|Name=PlanetSide 2 Play Client|Desc=PlanetSide 2 Play Client|Defer=User| "TCP Query User{27D87645-304A-4224-8AB9-90B955DE27AC}D:\jeux\[www.mpc-g.com]rktlg20150709\binaries\win32\rocketleague.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\[www.mpc-g.com]rktlg20150709\binaries\win32\rocketleague.exe|Name=TAGame|Desc=TAGame|Defer=User| "UDP Query User{F34A0685-24BA-4CFD-8E36-E99E506977D5}D:\jeux\[www.mpc-g.com]rktlg20150709\binaries\win32\rocketleague.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\[www.mpc-g.com]rktlg20150709\binaries\win32\rocketleague.exe|Name=TAGame|Desc=TAGame|Defer=User| "{17A122D1-960B-4A99-8152-F805BC3B7AE1}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=47984|LPort=47989|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe|Name=SHIELD Streaming NSS TCP Exception|Desc=TCP exceptions for SHIELD Streaming NSS (HTTP)| "{8DC9C10C-F1B9-4CAD-AFD4-1EC9BFE2F744}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe|Name=SHIELD Streaming NSS UDP Exception|Desc=UDP exceptions for SHIELD Streaming NSS (mDNS)| "{EB5E2FAB-30BE-4A38-ABF6-65E20CFF851E}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=47998|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe|Name=SHIELD Streaming SSAU UDP Exception|Desc=UDP exceptions for SHIELD Streaming SSAU (NWT)| "{4F9214D2-A00F-423B-BC2E-1513155AE171}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|LPort=35043|LPort=47995|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming NvStreamer TCP Exception|Desc=TCP exceptions for SHIELD Streaming NvStreamer (RTSP/RI)| "{142701C6-1214-49A9-8C8F-E57CE81034FB}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=47995|LPort=47998|LPort=47999|LPort=48000|LPort=48010|App=C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe|Name=SHIELD Streaming NvStreamer UDP Exception|Desc=UDP exceptions for SHIELD Streaming NvStreamer (RTSP/RI/A/V)| "TCP Query User{645E9E5F-F529-46F9-914B-D56200FF6057}D:\jeux\maniaplanet\maniaplanet.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\maniaplanet\maniaplanet.exe|Name=ManiaPlanet|Desc=ManiaPlanet|Defer=User| "UDP Query User{A72821C1-EC1E-465C-8433-6C4E8F7159AC}D:\jeux\maniaplanet\maniaplanet.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\maniaplanet\maniaplanet.exe|Name=ManiaPlanet|Desc=ManiaPlanet|Defer=User| "TCP Query User{B9F5B275-0D2B-4283-B47E-AA0F9B9AEA38}C:\program files\unity\editor\unity.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\unity\editor\unity.exe|Name=Unity Editor|Desc=Unity Editor|Defer=User| "UDP Query User{ED7AE7A8-4E57-41C7-905A-86B20C3F8E8F}C:\program files\unity\editor\unity.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\unity\editor\unity.exe|Name=Unity Editor|Desc=Unity Editor|Defer=User| "{119F29AB-4724-4337-9DED-7CE515EB84F8}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "{4BC1AF47-8984-4B7C-8DFD-6728198C693A}"=v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files (x86)\Mozilla Firefox\firefox.exe|Name=Firefox (C:\Program Files (x86)\Mozilla Firefox)| "TCP Query User{72D21A18-A499-4FA2-9B67-4E1FDC70DF26}D:\jeux\ubisoft\heroes of might and magic 2 gold\dosbox.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\ubisoft\heroes of might and magic 2 gold\dosbox.exe|Name=DOSBox DOS Emulator|Desc=DOSBox DOS Emulator|Defer=User| "UDP Query User{8A0936CA-BD63-470B-B8AF-2D743692CFA3}D:\jeux\ubisoft\heroes of might and magic 2 gold\dosbox.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\ubisoft\heroes of might and magic 2 gold\dosbox.exe|Name=DOSBox DOS Emulator|Desc=DOSBox DOS Emulator|Defer=User| "{99D27E31-1DBA-499D-87C7-72C7C2A861AA}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=windows_ie_ac_001|Desc=Created by IE|LUOwn=S-1-5-18|AppPkgId=S-1-15-2-1430448594-2639229838-973813799-439329657-1197984847-4069167804-1277922394|EmbedCtxt=windows_ie_ac_001|Platform=2:6:2|Platform2=GTEQ| "{28FF77FA-7C87-4DCE-BB9F-C92006967770}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{D9E93A30-057F-4C7C-88B5-E9D6E1D44C6B}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Desc=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1910091885-1573563583-1104941280-2418270861-3411158377-2822700936-2990310272|EmbedCtxt=@{Microsoft.AAD.BrokerPlugin_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.AAD.BrokerPlugin/resources/PackageDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{89375732-C50F-4174-9DC2-A40A5E983AF2}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{79CCBDF7-3472-480F-AFFE-B541E01F3E41}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Desc=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2434737943-167758768-3180539153-984336765-1107280622-3591121930-2677285773|EmbedCtxt=@{Microsoft.Windows.CloudExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.CloudExperienceHost/resources/appDescription}|Platform=2:6:2|Platform2=GTEQ| "{94124574-411B-4346-8323-73FABCF393BE}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{0E6E1BAD-2361-4518-AE4D-0D6DCD81C45B}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Desc=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/ProductDescription}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742|EmbedCtxt=@{Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.Cortana/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{57DF4021-A005-4178-8280-D60C61D2FDE0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Desc=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-969871995-3242822759-583047763-1618006129-3578262429-3647035748-2471858633|EmbedCtxt=@{Microsoft.AccountsControl_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.AccountsControl/Resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{94140704-DC6B-4C24-881D-5490F88AC9E1}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Desc=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2758101530-1321080646-1475665648-4066602542-2880396197-3643791541-2654759312|EmbedCtxt=@{Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy?ms-resource://Microsoft.LockApp/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{69CD3CBB-1AB0-4FBD-82D5-6854A1CE595D}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{E139E2E1-68CF-4476-A6FF-84E3C5F30E43}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Desc=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194|EmbedCtxt=@{Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.MicrosoftEdge/Resources/AppName}|Platform=2:6:2|Platform2=GTEQ| "{E743BFB1-560B-4150-9B82-FA2495BB5C81}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Desc=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723|EmbedCtxt=@{Microsoft.Windows.ContentDeliveryManager_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ContentDeliveryManager/resources/AppDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{31D855E6-CACF-48D3-B220-E6181DA83DDB}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Desc=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3072599432-1607568789-957273504-856596282-71567818-1546726304-1084662928|EmbedCtxt=@{Microsoft.Windows.ParentalControls_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.Windows.ParentalControls/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{D887AC73-1F35-418C-B2F9-00358C3B9EA0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Desc=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1322174799-1054373777-2441082058-564842223-2721992343-4124100487-3261661085|EmbedCtxt=@{Microsoft.WindowsFeedback_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.WindowsFeedback/FeedbackApp.Resources/AppName/Text}|Platform=2:6:2|Platform2=GTEQ| "{B849ABFA-A094-4A89-83DF-1AEF8C27453D}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Desc=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-957941444-2271171641-4049211970-804197638-2225746618-2474488012-4131196493|EmbedCtxt=@{Microsoft.XboxGameCallableUI_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxGameCallableUI/resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{21425497-0014-42B1-A99D-D4A111ED1DC1}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Desc=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3833609522-3861047620-3675164185-1739081557-594447883-3111017752-456581032|EmbedCtxt=@{Microsoft.XboxIdentityProvider_1000.10586.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Microsoft.XboxIdentityProvider/Resources/PkgDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{A31478E2-8F3E-4726-AA8E-1108C3D111D5}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ| "{3D6D42DB-66C6-4A72-BBB1-0E54E4157101}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Desc=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-735366590-2037340711-2578745391-3096723288-1660081568-2625366440-3369012008|EmbedCtxt=@{Windows.ContactSupport_10.0.10586.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.ContactSupport/Resources/appDisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{8FF4E76C-66BF-46F1-83EB-0754B74BF716}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Desc=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/Description}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3137318289-415437605-3491609480-3741388289-878520165-689859088-69748861|EmbedCtxt=@{Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://Windows.PurchaseDialog/resources/DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{8A34B6D9-5495-4CA5-91C5-0668F29469A6}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=ASUS Welcome|Desc=ASUS Welcome|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1791334737-3644637894-912171476-726613620-3748997741-2897954968-3492054033|EmbedCtxt=ASUS Welcome|Platform=2:6:2|Platform2=GTEQ| "{8EE76D9A-7A65-4FA1-82DE-9E7406B52AC6}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{OrangeGroup.OrangeNotificationMail_2.0.2.4558_x86__xmynjm2ghrbwc?ms-resource://OrangeGroup.OrangeNotificationMail/Resources/OrangeApplicationNameProduct}|Desc=@{OrangeGroup.OrangeNotificationMail_2.0.2.4558_x86__xmynjm2ghrbwc?ms-resource://OrangeGroup.OrangeNotificationMail/Resources/OrangeApplicationNameProduct}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-141393474-2300024340-3594633-2773147682-2448781977-3607087970-3217659429|EmbedCtxt=@{OrangeGroup.OrangeNotificationMail_2.0.2.4558_x86__xmynjm2ghrbwc?ms-resource://OrangeGroup.OrangeNotificationMail/Resources/OrangeApplicationNameProduct}|Platform=2:6:2|Platform2=GTEQ| "{2D698B60-9A02-4E87-BD8C-28BC4747C539}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox One SmartGlass|Desc=Xbox One SmartGlass|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2214089197-971179125-4124359169-283697964-1336710732-3555069067-437187921|EmbedCtxt=Xbox One SmartGlass|Platform=2:6:2|Platform2=GTEQ| "{DC7B7E27-4CD0-4911-834D-59091B42408D}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox One SmartGlass|Desc=Xbox One SmartGlass|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2214089197-971179125-4124359169-283697964-1336710732-3555069067-437187921|EmbedCtxt=Xbox One SmartGlass|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{5A931804-AFE9-484D-A939-4CCBC443B333}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxCompanion/resources/33279}|Desc=@{Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxCompanion/resources/33280}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3527726330-3522182257-2334271119-3281136672-3282358426-2206330294-2522200992|EmbedCtxt=@{Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxCompanion/resources/33279}|Platform=2:6:2|Platform2=GTEQ| "{8A722B86-31C1-4773-8DBF-FA6293FAE425}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxCompanion/resources/33279}|Desc=@{Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxCompanion/resources/33280}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3527726330-3522182257-2334271119-3281136672-3282358426-2206330294-2522200992|EmbedCtxt=@{Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.XboxCompanion/resources/33279}|Platform=2:6:2|Platform2=GTEQ| "{D0B93EDA-2B7F-46C5-823B-BC8EFF499B7A}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Desc=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3232211935-909325347-210818523-1333736584-3758124246-283266685-1557978965|EmbedCtxt=@{Microsoft.Appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://Microsoft.Appconnector/Resources/ConnectorStubTitle}|Platform=2:6:2|Platform2=GTEQ| "{715169ED-CF64-4960-8B36-9D31021524D8}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=ASUS WebStorage|Desc=ASUS WebStorage|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2379699041-582217313-309184701-132115402-2983263408-230732246-1589285292|EmbedCtxt=ASUS WebStorage|Platform=2:6:2|Platform2=GTEQ| "{24B2673E-FC58-49D5-AD62-02A3FDE8FD02}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=ASUS WebStorage|Desc=ASUS WebStorage|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2379699041-582217313-309184701-132115402-2983263408-230732246-1589285292|EmbedCtxt=ASUS WebStorage|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "TCP Query User{5CE2E0C7-4254-4D6D-9412-F1DA763136A7}D:\jeux\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{1AC50E94-5470-472B-91A2-42E51BC601B4}D:\jeux\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base39153\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{ED37ED94-29A2-4444-99E8-0CD8A11D3151}D:\jeux\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{C5C39F07-AC9F-4555-A654-81E9E9885CDE}D:\jeux\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "{BCEB821C-93E4-4192-80A7-940AC1285B17}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppTitleWithBranding}|Desc=@{Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppDescription}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1986440118-1442771495-871113684-214194731-1452296882-3170903903-2224822735|EmbedCtxt=@{Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingFoodAndDrink/resources/AppTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{BF5F3A02-EE2E-456B-8802-4FB6701E23F5}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingHealthAndFitness/resources/apptitle}|Desc=HealthAndFitness|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1138804039-612586356-661925973-101396967-3526483782-2490177615-3594119953|EmbedCtxt=@{Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingHealthAndFitness/resources/apptitle}|Platform=2:6:2|Platform2=GTEQ| "{7D5EBD4B-E05A-42D1-B66B-DBAA146F3AC0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/BrandedAppTitle}|Desc=@{Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/AppDescription}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2870191891-2241688837-171142518-109998219-184790337-3361571429-3188846544|EmbedCtxt=@{Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://Microsoft.BingTravel/resources/BrandedAppTitle}|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{76ABEFCE-2B82-4836-B772-124D18F8814D}D:\jeux\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{6ADE47E3-C574-4200-A020-53DA4433B4F2}D:\jeux\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{D2EA72C1-4815-4FFD-B4FF-869B7B1709BD}C:\users\cédric\appdata\local\popcorn time\node-webkit\popcorn time.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\cédric\appdata\local\popcorn time\node-webkit\popcorn time.exe|Name=popcorn time.exe|Desc=popcorn time.exe|Defer=User| "UDP Query User{75D43854-5E35-47B5-93D5-FE098E3AA80D}C:\users\cédric\appdata\local\popcorn time\node-webkit\popcorn time.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\cédric\appdata\local\popcorn time\node-webkit\popcorn time.exe|Name=popcorn time.exe|Desc=popcorn time.exe|Defer=User| "TCP Query User{2F8C9D86-3E49-4586-B9C5-B6467C088EC1}D:\jeux\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{8453CF2B-CB9F-4D79-83A1-9B6F336EB7DE}D:\jeux\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base39595\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{37908FC9-CB81-4D1A-91C5-F5099E37C742}D:\jeux\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{FA7385CF-1F4A-4DB5-92E2-28C8C15922C4}D:\jeux\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base39709\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{FDB96A74-7F47-4B0F-99AD-D171953C6E5E}D:\jeux\blur(tm)\blur.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\blur(tm)\blur.exe|Name=blur|Desc=blur| "UDP Query User{90D1DFD7-202A-440D-9357-4D1BD882A794}D:\jeux\blur(tm)\blur.exe"=v2.10|Action=Block|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\blur(tm)\blur.exe|Name=blur|Desc=blur| "TCP Query User{96B2E4E8-690F-4FEE-BDED-9F62E5688CA6}D:\jeux\far cry 4\bin\farcry4.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\far cry 4\bin\farcry4.exe|Name=Far Cry 4|Desc=Far Cry 4|Defer=User| "UDP Query User{2F0E9648-C793-4D46-81EB-6735884A1CC8}D:\jeux\far cry 4\bin\farcry4.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\far cry 4\bin\farcry4.exe|Name=Far Cry 4|Desc=Far Cry 4|Defer=User| "TCP Query User{52BCE93B-5DB2-4FA6-9047-7DADADB0F8D0}D:\jeux\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{6AD084BD-3606-4EC7-A921-053BE793734C}D:\jeux\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "{30CBCF8B-FEAE-4944-91D6-9FF47E286ED8}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Fresh Paint|Desc=Fresh Paint|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-753205055-3642759886-2300710532-466079404-1496176425-3605778055-1481226570|EmbedCtxt=Fresh Paint|Platform=2:6:2|Platform2=GTEQ| "{641F90F3-E3C1-4C23-BB76-D87D6E974713}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Shazam|Desc=Shazam|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1940572943-773487002-3567438610-696913303-3687387132-1150951469-3481187039|EmbedCtxt=Shazam|Platform=2:6:2|Platform2=GTEQ| "{17DA1762-034C-4331-9A93-C553DDD67819}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Shazam|Desc=Shazam|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1940572943-773487002-3567438610-696913303-3687387132-1150951469-3481187039|EmbedCtxt=Shazam|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "TCP Query User{3B9FB3B9-B581-41B6-A4BE-C343B837F7E2}D:\jeux\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{2613399D-9712-49EF-BB76-E1D4F2C61E04}D:\jeux\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{C728F26E-DB83-46A4-BC52-910A42C09563}D:\jeux\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{876ABFE0-5F8C-4550-8072-04903CF847BC}D:\jeux\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{EC568D02-7CB5-4EA9-8C7F-96792376A656}C:\program files\java\jre1.8.0_74\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\java\jre1.8.0_74\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "UDP Query User{A2B67A28-6AD7-49F9-98E7-E8FD691CDE7D}C:\program files\java\jre1.8.0_74\bin\javaw.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\java\jre1.8.0_74\bin\javaw.exe|Name=Java(TM) Platform SE binary|Desc=Java(TM) Platform SE binary|Defer=User| "{72CF150D-843F-4ABD-B715-AC0E2F963F61}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Project Spark|Desc=Project Spark|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2402205847-4197483973-1310481347-2275276808-825627975-2475608860-3273486803|EmbedCtxt=Project Spark|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{61EC3743-1283-4A47-9B3C-67D7CF3EBABB}D:\jeux\overwatch\overwatch.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\overwatch\overwatch.exe|Name=Overwatch Application|Desc=Overwatch Application|Defer=User| "UDP Query User{4E7CDEF8-A423-49B6-BC06-D6AB58F5C7DF}D:\jeux\overwatch\overwatch.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\overwatch\overwatch.exe|Name=Overwatch Application|Desc=Overwatch Application|Defer=User| "TCP Query User{572D80B0-67A1-4347-9119-7CC0BD534981}D:\jeux\steam\steamapps\common\dead island\deadislandgame.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\steam\steamapps\common\dead island\deadislandgame.exe|Name=DeadIsland|Desc=DeadIsland|Defer=User| "UDP Query User{20D94C91-9092-4D10-8B28-C73A222F80FB}D:\jeux\steam\steamapps\common\dead island\deadislandgame.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\steam\steamapps\common\dead island\deadislandgame.exe|Name=DeadIsland|Desc=DeadIsland|Defer=User| "{B73EAD64-839A-4ADE-8654-CE54B0010B0E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\MCDetection.exe|Name=mcdetection| "{C6FA6BDE-EF4C-42C4-88F9-B168831EC83F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|RA4=LocalSubnet|RA6=LocalSubnet|App=C:\Program Files\DriversCloud.com\MCDetection.exe|Name=mcdetection| "TCP Query User{E286233E-7E3F-47C7-B5C9-B12410D96585}D:\jeux\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{B6CA5AAD-0510-458F-9E32-6251C664DFD1}D:\jeux\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base41150\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{25656BFD-CE07-4837-A62B-ABD1A24738A7}D:\jeux\maniaplanet\maniaplanet.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\maniaplanet\maniaplanet.exe|Name=ManiaPlanet|Desc=ManiaPlanet|Defer=User| "UDP Query User{B77F697F-BDD9-406E-A6BF-8FB73DB8F611}D:\jeux\maniaplanet\maniaplanet.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\maniaplanet\maniaplanet.exe|Name=ManiaPlanet|Desc=ManiaPlanet|Defer=User| "TCP Query User{CEFA0A64-1970-4D0A-B398-CB37041C29BA}C:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "UDP Query User{C66D0ECC-9F93-4647-86E1-8D387EF01526}C:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\program files\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe|Name=EpicGamesLauncher|Desc=EpicGamesLauncher|Defer=User| "TCP Query User{48ABC5A5-FBAB-4020-8A7E-C668DFFB6F30}D:\jeux\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{829C83F9-AF04-488F-9E7C-AD5ED71C05BB}D:\jeux\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base41810\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "{DDCF3A8F-60AC-41CC-95A5-764A3FD23E95}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Desc=@{Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3981118486-977731610-4260702232-2292029000-2544493239-2660358776-1526570402|EmbedCtxt=@{Microsoft.People_10.0.10811.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.People/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{F31583D2-2313-4E24-87C3-6E15A44EDC6A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe|Name=ESN Sonar Host Application| "{F8347E79-7F49-4847-895D-6607D13A059A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe|Name=ESN Sonar Host Application| "{F8ED8A91-3B8C-4910-B606-CFB68A8D4863}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe|Name=Battlefield 4™ (x64)| "{D2B3699D-149C-4AB2-AD26-5FC25D72B384}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe|Name=Battlefield 4™ (x64)| "{1501A0E5-5644-4B09-9FE3-5F5BCC8DA704}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe|Name=Battlefield 4™ (x86)| "{79A61368-C974-42DA-97C8-55173ED1AD66}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe|Name=Battlefield 4™ (x86)| "TCP Query User{A4F97A6C-BD4D-4C24-AB78-13B84BA4B908}D:\program files (x86)\origin games\battlefield 4\bf4.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\program files (x86)\origin games\battlefield 4\bf4.exe|Name=Battlefield 4™|Desc=Battlefield 4™|Defer=User| "UDP Query User{DA108DCB-9DA9-4F05-8C79-52DB55FE5548}D:\program files (x86)\origin games\battlefield 4\bf4.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\program files (x86)\origin games\battlefield 4\bf4.exe|Name=Battlefield 4™|Desc=Battlefield 4™|Defer=User| "{7C1FC6AC-0E9E-4242-A731-3AE18B54A136}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\Program Files (x86)\Origin Games\Kingdoms of Amalur Reckoning\Reckoning.exe|Name=Les Royaumes d'Amalur : Reckoning| "{2344F269-2692-4711-B2FE-9E1E412CB0F2}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\Program Files (x86)\Origin Games\Kingdoms of Amalur Reckoning\Reckoning.exe|Name=Les Royaumes d'Amalur : Reckoning| "TCP Query User{D79DCCC5-3598-4E8D-B9FB-038D879BE4ED}D:\jeux\portal knights\portal_knights_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\portal knights\portal_knights_x64.exe|Name=portal_knights_x64|Desc=portal_knights_x64|Defer=User| "UDP Query User{ED111F9B-8E5D-4172-A76E-A5AEA6B8555D}D:\jeux\portal knights\portal_knights_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\portal knights\portal_knights_x64.exe|Name=portal_knights_x64|Desc=portal_knights_x64|Defer=User| "TCP Query User{A0167353-4A08-4E8C-8AAA-657457991AF4}D:\jeux\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{53030215-8509-4A16-BF2B-55824FE15913}D:\jeux\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{40C5B8F4-8987-4776-83DB-8D61D9725A59}D:\jeux\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{8CA46097-1756-45A1-A77F-BD57B885F0D1}D:\jeux\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base42178\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "{90E458CC-F1F7-4A2C-8850-9F6F31E35C37}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Desc=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{EF196A94-4B9A-4BA0-B704-7E7B837EFAB3}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Desc=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-421345033-1710570203-969709436-2809900243-2023987463-1056701467-1672618525|EmbedCtxt=@{Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.Messaging/Microsoft.Apps.Messaging.Skype/SkypeMessaging.Resources/Skype_AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "TCP Query User{3447E658-A4AC-4AE8-B555-54D40DD96FF7}D:\jeux\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{807E19E0-1067-43CB-AC9D-FC9CFCA796D8}D:\jeux\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base42273\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "{B5CC3951-E671-4723-9877-DF366BC4C813}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Windows\SysWOW64\PnkBstrA.exe|Name=PnkBstrA| "{9215EA41-602F-44AA-AB30-CF9380493609}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Windows\SysWOW64\PnkBstrA.exe|Name=PnkBstrA| "{AFC439A7-E261-41AA-80CB-241241DF4E14}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Windows\SysWOW64\PnkBstrB.exe|Name=PnkBstrB| "{28EC3B96-3D38-4E21-B802-16899DBC3936}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Windows\SysWOW64\PnkBstrB.exe|Name=PnkBstrB| "{76D90287-1F1C-4248-A423-7F07D0976EDF}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe|Name=Battlefield 3™| "{D556A595-BDDB-4AA2-8A24-8669CDAF9B7A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe|Name=Battlefield 3™| "TCP Query User{AA40EE12-1F49-49D8-9E4E-D4517E664C92}D:\jeux\heroes of the storm\versions\base42406\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base42406\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{FB58F71B-B577-4719-B7A9-5D6DC2B916FC}D:\jeux\heroes of the storm\versions\base42406\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base42406\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "{36A2B646-BECC-440F-A449-373F0C451E16}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{MAGIX.MusicMakerJam_2.3.1050.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Desc=@{MAGIX.MusicMakerJam_2.3.1050.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-914775309-424825794-3355368112-487557154-2084386389-537045334-2498513562|EmbedCtxt=@{MAGIX.MusicMakerJam_2.3.1050.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Platform=2:6:2|Platform2=GTEQ| "{664F2701-CF72-4366-BC17-144FDF9C135F}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{MAGIX.MusicMakerJam_2.3.1050.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Desc=@{MAGIX.MusicMakerJam_2.3.1050.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-914775309-424825794-3355368112-487557154-2084386389-537045334-2498513562|EmbedCtxt=@{MAGIX.MusicMakerJam_2.3.1050.0_x64__a2t3txkz9j1jw?ms-resource://MAGIX.MusicMakerJam/Resources/app_name}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{682C1AA5-357B-4DBE-ABD5-3E71E34BBD20}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Desc=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1485202841-4094060947-262313417-955497226-1243708313-1027065603-2694978511|EmbedCtxt=@{Microsoft.ConnectivityStore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ConnectivityStore/MSWifiResources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{E4F5418B-A4B9-445D-B7C5-E6318E3B876C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ| "{611DDA4C-23DC-46D8-8A25-04CD5A8A0573}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Desc=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157|EmbedCtxt=@{Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsStore/Resources/StoreTitle}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "TCP Query User{0CF2D9C0-A62D-4189-A37F-93D1757B8A74}D:\jeux\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{5E482C7F-76D9-4023-B2E1-9DF9AA075651}D:\jeux\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base42506\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{F52BC3B8-60EF-4A9A-8BCA-96131E79C548}D:\jeux\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{FACA09D3-CE3C-4134-91DA-1B75283992B7}D:\jeux\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base42958\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "{A166D991-A380-4AB0-A675-2E7510A8847C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Flipboard|Desc=Flipboard|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-864994224-3030340628-3329202063-153121207-2255414721-17657611-2370319705|EmbedCtxt=Flipboard|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{3387026F-5EFE-49CC-A06E-BF969DC05B6F}D:\jeux\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{ED567808-E552-470C-BDDE-A0016CE35F31}D:\jeux\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "{F1E8939B-D2BD-48A8-8030-2F950B7D3E51}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.3DBuilder_11.1.8.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Desc=@{Microsoft.3DBuilder_11.1.8.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3995430443-3719053022-3339397951-2895237338-2437516106-1575886070-2755610054|EmbedCtxt=@{Microsoft.3DBuilder_11.1.8.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.3DBuilder/resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{BB45EF4F-288B-48D6-A4D3-1B5178F2392E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{A2FDEFB0-92BB-4643-A904-786ABD977FB0}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Desc=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3502142457-1175083276-1468359876-1514580144-2717768582-2562788200-3268064651|EmbedCtxt=@{Microsoft.CommsPhone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.CommsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "TCP Query User{799D4BD9-A8BD-4361-B105-81FDD2D92E2F}D:\jeux\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{4E937B9C-3D2E-4240-8ED1-5ACB88D97F35}D:\jeux\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "{26E481CF-6EBC-436E-AA63-E6D08908AE2E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{DB4FA510-8CDE-4FDD-B426-BC74D806D128}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Desc=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2226957697-3030467180-2301525-4248967783-2024719031-2325529081-2915787518|EmbedCtxt=@{Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Windows.Photos/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{334544BA-E341-4B59-8CFD-469068477E57}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe|Name=Samsung SideSync| "{7A731B19-976A-4C61-9D30-41C9378BCE7C}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe|Name=Samsung SideSync| "{11333A07-C390-4DC9-984D-06C267ED49BE}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=53|IF={C56BA898-47A4-4B76-B483-C9B5047943DF}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@hnetcfg.dll,-143|Desc=@hnetcfg.dll,-10142|EmbedCtxt=@hnetcfg.dll,-140| "{BCF3FD2E-CFD0-4CE1-9017-E8EACD299895}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=67|IF={C56BA898-47A4-4B76-B483-C9B5047943DF}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@hnetcfg.dll,-144|Desc=@hnetcfg.dll,-10143|EmbedCtxt=@hnetcfg.dll,-140| "{2D6C796E-27D0-44A3-A603-B93727A28FDB}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=68|IF={C56BA898-47A4-4B76-B483-C9B5047943DF}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@hnetcfg.dll,-145|Desc=@hnetcfg.dll,-10144|EmbedCtxt=@hnetcfg.dll,-140| "{86E6A268-2A0F-4114-A27D-ECD5E64F710E}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=1900|IF={C56BA898-47A4-4B76-B483-C9B5047943DF}|App=%systemroot%\system32\svchost.exe|Svc=ssdpsrv|Name=@hnetcfg.dll,-147|Desc=@hnetcfg.dll,-10146|EmbedCtxt=@hnetcfg.dll,-140| "{1A778E9E-D541-474D-8429-30A4B24049D0}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|RPort=1900|IF={C56BA898-47A4-4B76-B483-C9B5047943DF}|App=%systemroot%\system32\svchost.exe|Svc=ssdpsrv|Name=@hnetcfg.dll,-150|Desc=@hnetcfg.dll,-10150|EmbedCtxt=@hnetcfg.dll,-140| "{479B00AA-C0FE-40EC-8FB8-F156DF68F23A}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|LPort=2869|IF={C56BA898-47A4-4B76-B483-C9B5047943DF}|App=System|Name=@hnetcfg.dll,-146|Desc=@hnetcfg.dll,-10145|EmbedCtxt=@hnetcfg.dll,-140| "{9783C914-72F7-4F1F-99F4-ED3BBD98BB25}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|RPort=2869|IF={C56BA898-47A4-4B76-B483-C9B5047943DF}|App=System|Name=@hnetcfg.dll,-152|Desc=@hnetcfg.dll,-10151|EmbedCtxt=@hnetcfg.dll,-140| "{5A2DDAD5-3627-4032-A56E-59BE9A55118D}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Domain|Profile=Private|Profile=Public|LPort=547|IF={C56BA898-47A4-4B76-B483-C9B5047943DF}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@hnetcfg.dll,-142|Desc=@hnetcfg.dll,-10141|EmbedCtxt=@hnetcfg.dll,-140| "{84108BB2-F245-4EAD-A525-609960E6DDE0}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=58|Profile=Domain|Profile=Private|Profile=Public|ICMP6=133:0|IF={C56BA898-47A4-4B76-B483-C9B5047943DF}|Name=@hnetcfg.dll,-148|Desc=@hnetcfg.dll,-10147|EmbedCtxt=@hnetcfg.dll,-140| "{F3560DF0-BA48-4374-B220-D7C6FFF61F8F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Protocol=6|Profile=Domain|Profile=Private|Profile=Public|IF={C56BA898-47A4-4B76-B483-C9B5047943DF}|App=%systemroot%\system32\svchost.exe|Svc=upnphost|Name=@hnetcfg.dll,-149|Desc=@hnetcfg.dll,-10148|EmbedCtxt=@hnetcfg.dll,-140| "{29428AC6-6BA4-43E0-B29A-AEAA03A74C7C}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|IF={C56BA898-47A4-4B76-B483-C9B5047943DF}|App=%systemroot%\system32\svchost.exe|Svc=SharedAccess|Name=@hnetcfg.dll,-151|Desc=@hnetcfg.dll,-10149|EmbedCtxt=@hnetcfg.dll,-140| "{DFA2B2EA-E17B-490F-B47A-BF8CC674D6EF}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|IF={C56BA898-47A4-4B76-B483-C9B5047943DF}|App=%systemroot%\system32\alg.exe|Name=@hnetcfg.dll,-140|Desc=@hnetcfg.dll,-140|EmbedCtxt=@hnetcfg.dll,-140| "TCP Query User{4FFCCF1A-B0F2-442A-8F6F-99AD8C654520}D:\jeux\heroes of the storm\versions\base43571\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base43571\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{34222D4E-3DBA-467F-B893-5170A4BF2BD1}D:\jeux\heroes of the storm\versions\base43571\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base43571\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "{2B6D6193-94B7-481E-BFF8-7575DBBF35AB}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ| "{6F9B3C8C-E146-4CA2-BCCE-29338BDCB90C}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Xbox|Desc=Xbox|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-4153522205-3718366397-1353898457-1332184198-1210887116-3116787857-2103916698|EmbedCtxt=Xbox|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "TCP Query User{18AD4F38-48C8-40FF-A6CD-756506CE26BE}D:\jeux\diablo iii\diablo iii.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\diablo iii\diablo iii.exe|Name=Diablo III Retail|Desc=Diablo III Retail|Defer=User| "UDP Query User{81956A31-9F98-432A-842A-D3A74A145636}D:\jeux\diablo iii\diablo iii.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\diablo iii\diablo iii.exe|Name=Diablo III Retail|Desc=Diablo III Retail|Defer=User| "{24856107-DDC5-4DA7-90F3-56A123581AF3}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsReadingList_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Desc=@{Microsoft.WindowsReadingList_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-253023354-1127976746-3906962265-362626003-4127939218-3835539868-2341249685|EmbedCtxt=@{Microsoft.WindowsReadingList_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Platform=2:6:2|Platform2=GTEQ| "{D8037C9A-F4B0-442F-9C66-214C0918C09B}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.WindowsReadingList_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Desc=@{Microsoft.WindowsReadingList_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-253023354-1127976746-3906962265-362626003-4127939218-3835539868-2341249685|EmbedCtxt=@{Microsoft.WindowsReadingList_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsReadingList/resources/appPackageName}|Platform=2:6:2|Platform2=GTEQ| "{33720289-1CFA-4A0A-BB28-ECD42621D667}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ| "{4BA1980D-952C-4EDC-8E0F-49F71006FBDA}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Desc=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_Description}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2551677095-2355568638-4209445997-2436930744-3692183382-387691378-1866284433|EmbedCtxt=@{microsoft.windowscommunicationsapps_17.6965.40901.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/AppManifest_OutlookDesktop_DisplayName}|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{F29EF55A-3E99-48B3-B68C-D60F9B31210D}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Desc=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1239072475-3687740317-1842961305-3395936705-4023953123-1525404051-2779347315|EmbedCtxt=@{Microsoft.WindowsMaps_5.1606.1670.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsMaps/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{84574ADD-C361-4B88-8D62-76DF3B7C1B32}D:\jeux\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{80881A9D-5CEB-472D-B45C-212B245C900E}D:\jeux\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "{F9D64175-4A23-428F-86CB-DF883FEBFA95}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Hotger.com.YouTubeConverterbywww.flvto.com_2.0.27.0_x64__cg7p2qfgefa1a?ms-resource://Hotger.com.YouTubeConverterbywww.flvto.com/Resources/FlvtoDownloader}|Desc=@{Hotger.com.YouTubeConverterbywww.flvto.com_2.0.27.0_x64__cg7p2qfgefa1a?ms-resource://Hotger.com.YouTubeConverterbywww.flvto.com/Resources/FlvtoDownloader}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3722161629-1503794560-54799841-2578386891-1074463271-1141053382-2863347326|EmbedCtxt=@{Hotger.com.YouTubeConverterbywww.flvto.com_2.0.27.0_x64__cg7p2qfgefa1a?ms-resource://Hotger.com.YouTubeConverterbywww.flvto.com/Resources/FlvtoDownloader}|Platform=2:6:2|Platform2=GTEQ| "{684A2EF4-BDC1-4292-AB10-09F4D82066AD}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Hotger.com.YouTubeConverterbywww.flvto.com_2.0.27.0_x64__cg7p2qfgefa1a?ms-resource://Hotger.com.YouTubeConverterbywww.flvto.com/Resources/FlvtoDownloader}|Desc=@{Hotger.com.YouTubeConverterbywww.flvto.com_2.0.27.0_x64__cg7p2qfgefa1a?ms-resource://Hotger.com.YouTubeConverterbywww.flvto.com/Resources/FlvtoDownloader}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3722161629-1503794560-54799841-2578386891-1074463271-1141053382-2863347326|EmbedCtxt=@{Hotger.com.YouTubeConverterbywww.flvto.com_2.0.27.0_x64__cg7p2qfgefa1a?ms-resource://Hotger.com.YouTubeConverterbywww.flvto.com/Resources/FlvtoDownloader}|Platform=2:6:2|Platform2=GTEQ| "{CBE79690-2223-4DB0-9C8B-CCC7A8E1E845}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.WindowsPhone_10.1605.1661.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Desc=@{Microsoft.WindowsPhone_10.1605.1661.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1227535392-783678415-19788749-859698564-2515149781-2716591593-3518111838|EmbedCtxt=@{Microsoft.WindowsPhone_10.1605.1661.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.WindowsPhone/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{11BB1F55-BFE7-47DC-A42E-F039F4272E75}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.Getstarted_3.11.1.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Desc=@{Microsoft.Getstarted_3.11.1.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1930852602-715273891-2259524165-1460409268-4224052142-2029744616-1797406285|EmbedCtxt=@{Microsoft.Getstarted_3.11.1.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.Getstarted/Resources/AppStoreName}|Platform=2:6:2|Platform2=GTEQ| "{825E139B-78EF-418E-95C2-3E85D735A98F}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ| "{7B2454B6-FCFF-46D1-A79F-B4C3BF08BCDF}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Netflix|Desc=Netflix|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-444797119-353723001-3522112724-563070080-1809981734-922308773-1844997097|EmbedCtxt=Netflix|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{B3176BB4-3C3A-4DB4-AE0B-740F293CD518}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{972836C0-2E5A-480C-9F6E-4F28D3B8D013}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-508114518-3340871649-811464485-526616082-4258465299-1774086546-1865468257|EmbedCtxt=@{Microsoft.BingNews_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingNews/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{503005BD-5F50-4934-AF0D-88C2FEFBCD7E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{00BF7912-CF18-4E5F-9EC4-05EAE4941B98}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3492598633-4112760462-2134878185-2430567730-3345539238-3072415288-217264472|EmbedCtxt=@{Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingFinance/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{884FB473-CE31-41A6-A306-FAE90752FDBB}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{4791AF32-74B4-48E7-B643-CEC68DF4F190}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1457613951-1028716704-1089715812-858319886-3420779130-1191463368-1428868892|EmbedCtxt=@{Microsoft.BingSports_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingSports/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{22DDC9F4-1753-4F2B-BC6D-85049D040AD1}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{5E366C4B-2AEF-46B9-BFE8-0AC539FEED77}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Desc=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2040986369-264322980-3882385089-1970153872-3662121739-3363227934-2464603330|EmbedCtxt=@{Microsoft.BingWeather_4.11.156.0_x86__8wekyb3d8bbwe?ms-resource://Microsoft.BingWeather/Resources/ApplicationTitleWithBranding}|Platform=2:6:2|Platform2=GTEQ| "{4B06385A-AD7B-4CEE-922F-DB8A77629FC5}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{E872212E-3948-4F9C-B74B-122F91717F00}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=OneNote|Desc=OneNote|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3445883232-1224167743-206467785-1580939083-2750001491-3097792036-3019341970|EmbedCtxt=OneNote|Platform=2:6:2|Platform2=GTEQ| "{7CFCC005-F30F-487A-9360-0243933B3A14}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Minecraft: Windows 10 Edition Beta|Desc=Minecraft: Windows 10 Edition Beta|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1958404141-86561845-1752920682-3514627264-368642714-62675701-733520436|EmbedCtxt=Minecraft: Windows 10 Edition Beta|Platform=2:6:2|Platform2=GTEQ| "{4D936FC3-14E9-4B38-B3E6-C0ACD16F15E2}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Minecraft: Windows 10 Edition Beta|Desc=Minecraft: Windows 10 Edition Beta|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1958404141-86561845-1752920682-3514627264-368642714-62675701-733520436|EmbedCtxt=Minecraft: Windows 10 Edition Beta|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "{BD469B89-A877-42C9-9B77-601EF16C40F1}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ| "{98F79733-D0B5-4982-85FE-DF6142208C10}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Profile=Public|Name=Sway|Desc=Microsoft Sway|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-584073948-3292409011-2882754242-2237763630-1999038865-1049037702-4080706152|EmbedCtxt=Sway|Platform=2:6:2|Platform2=GTEQ|Edge=TRUE| "TCP Query User{06119119-B242-429B-97C4-AEC36F56873A}D:\jeux\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=D:\jeux\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{AEDCF871-A82E-43F0-8D2E-AC8A3E947433}D:\jeux\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=D:\jeux\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "TCP Query User{B8FEC182-23F1-4246-B2BB-E54A80AB5BB4}C:\users\cédric\downloads\voxelworldgame\mc\binaries\win64\mc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\cédric\downloads\voxelworldgame\mc\binaries\win64\mc.exe|Name=mc.exe|Desc=mc.exe|Defer=User| "UDP Query User{ECF9F2E8-7363-432B-8521-786B3527FE9E}C:\users\cédric\downloads\voxelworldgame\mc\binaries\win64\mc.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\cédric\downloads\voxelworldgame\mc\binaries\win64\mc.exe|Name=mc.exe|Desc=mc.exe|Defer=User| "TCP Query User{BF45335E-6E69-472C-A31F-68BF1DACAC63}C:\users\cédric\downloads\bringitback build 20160324_goldrelease\windowsnoeditor\sandbox\binaries\win64\sandbox.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\cédric\downloads\bringitback build 20160324_goldrelease\windowsnoeditor\sandbox\binaries\win64\sandbox.exe|Name=sandbox.exe|Desc=sandbox.exe|Defer=User| "UDP Query User{80C6BCAC-546A-41F6-B225-4CB55419964E}C:\users\cédric\downloads\bringitback build 20160324_goldrelease\windowsnoeditor\sandbox\binaries\win64\sandbox.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\cédric\downloads\bringitback build 20160324_goldrelease\windowsnoeditor\sandbox\binaries\win64\sandbox.exe|Name=sandbox.exe|Desc=sandbox.exe|Defer=User| "TCP Query User{FC3CF9D4-37F8-4F2D-BDEC-25B2944B4E6E}D:\jeux\heroes of the storm\versions\base44468\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=D:\jeux\heroes of the storm\versions\base44468\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "UDP Query User{07276463-AEF2-4CFE-ABDB-4F8ED9CA3993}D:\jeux\heroes of the storm\versions\base44468\heroesofthestorm_x64.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=D:\jeux\heroes of the storm\versions\base44468\heroesofthestorm_x64.exe|Name=Heroes of the Storm|Desc=Heroes of the Storm|Defer=User| "{65F85B36-1F8B-41D7-A953-A51AC17741F3}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Protocol=17|LPort=5353|App=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe|Name=Google Chrome (mDNS-In)|Desc=Règle de trafic entrant pour Google Chrome autorisant le trafic mDNS|EmbedCtxt=Google Chrome| "{D80D4A7E-50AA-425B-909B-017B3936A2B4}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Twitter|Desc=Twitter|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1063257880-1914585122-1954150059-946145533-116938067-416079064-1690466945|EmbedCtxt=Twitter|Platform=2:6:2|Platform2=GTEQ| "{037A3D1D-6F8D-417B-8233-D134CD50E4D3}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{1FAF8EAA-8B49-4294-947E-E46FBC5B18A4}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=Microsoft Solitaire Collection|Desc=Microsoft Solitaire Collection|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-1985198343-3186790915-4047221937-1969271670-3792558349-1325541827-400269725|EmbedCtxt=Microsoft Solitaire Collection|Platform=2:6:2|Platform2=GTEQ| "{FAB46AE7-FAC2-42E3-87B7-678CA7AEEF49}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{3AFA1844-BB6F-4E92-A348-C35137536042}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Desc=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_DESCRIPTION}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-3132517012-1571311091-3263739450-2968124769-4061529133-2106415361-233808003|EmbedCtxt=@{Microsoft.ZuneMusic_3.6.23041.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneMusic/resources/IDS_MANIFEST_MUSIC_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{647BAA4E-E1E1-493F-8F1C-3F39527BF54E}"=v2.25|Action=Allow|Active=TRUE|Dir=Out|Profile=Domain|Profile=Private|Profile=Public|Name=@{Microsoft.ZuneVideo_3.6.22501.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.22501.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.22501.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "{ADCA0424-04CF-4028-A038-552F43EBD0D9}"=v2.25|Action=Allow|Active=TRUE|Dir=In|Profile=Domain|Profile=Private|Name=@{Microsoft.ZuneVideo_3.6.22501.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Desc=@{Microsoft.ZuneVideo_3.6.22501.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_DESCRIPTION}|LUOwn=S-1-5-21-4256550607-910914473-3542436597-1001|AppPkgId=S-1-15-2-2967553933-3217682302-2494645345-2077017737-3805576244-585965800-1797614741|EmbedCtxt=@{Microsoft.ZuneVideo_3.6.22501.0_x64__8wekyb3d8bbwe?ms-resource://Microsoft.ZuneVideo/resources/IDS_MANIFEST_VIDEO_APP_NAME}|Platform=2:6:2|Platform2=GTEQ| "TCP Query User{A80137C5-6CBA-412B-A1EC-D72343F79773}C:\Users\Cédric\Downloads\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\Users\Cédric\Downloads\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| "UDP Query User{8086F52E-78FA-489A-B2C4-2168ADE624EB}C:\Users\Cédric\Downloads\QuickDiag.exe"=v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Users\Cédric\Downloads\QuickDiag.exe|Name=QuickDiag|Desc=QuickDiag|Defer=User| [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\standardprofile\authorizedapplications\list] "C:\Users\Cédric\Downloads\QuickDiag.exe"=C:\Users\Cédric\Downloads\QuickDiag.exe:*:Enabled:QuickDiag ---------- | Control\Class [HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{05f5cfe2-4733-4950-a6bb-07aad01a3a84}] : (XboxComposite) [] -> @dc1-controller.inf,%ClassName%;Xbox Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{13e42dfa-85d9-424d-8646-28a70f864f9c}] : (RemotePosDevice) [] -> @remoteposdrv.inf,%ClassName%;POS Remote Device [HKLM\SYSTEM\CurrentControlSet\Control\Class\{14b62f50-3f15-11dd-ae16-0800200c9a66}] : (DigitalMediaDevices) [] -> @digitalmediadevice.inf,%ClassName%;Digital Media Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}] : (PrintQueue) [] -> @printqueue.inf,%ClassName%;Print queues [HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{25dbce51-6c8f-4a72-8a6d-b54c2b4fc835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{268c95a1-edfe-11d3-95c3-0010dc4050a5}] : (Security Accelerator) [] -> @c_sslaccel.inf,%ClassName%;Security Accelerator [HKLM\SYSTEM\CurrentControlSet\Control\Class\{2a9fe532-0cdc-44f9-9827-76192f2ca2fb}] : (HidMsr) [] -> @c_magneticstripereader.inf,%ClassName%;POS HID Magnetic Stripe Reader [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B648}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3163C566-D381-4467-87BC-A65A18D5B649}] : (fvevol) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{36fc9e60-c465-11cf-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{3f966bd9-fa04-4ec5-991c-d326973b5128}] : (AndroidUsbDeviceClass) [] -> @oem81.inf,%ClassName%;SAMSUNG Android Phone [HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675d81-502a-4a82-9f84-b75f418c5dea}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658ee7e-f050-11d1-b6bd-00c04fa372a7}] : (PnpPrinters) [] -> @%SystemRoot%\system32\ntprint.dll,-1300 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721b56-6795-11d2-b1a8-0080c72e74a2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{49ce6ac8-6f86-11d2-b1e5-0080c72e74a2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e965-e325-11ce-bfc1-08002be10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e966-e325-11ce-bfc1-08002be10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e967-e325-11ce-bfc1-08002be10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}] : (Display) [] -> @%SystemRoot%\System32\DispCI.dll,-3100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e969-e325-11ce-bfc1-08002be10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96a-e325-11ce-bfc1-08002be10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96b-e325-11ce-bfc1-08002be10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}] : (MEDIA) [] -> @%SystemRoot%\System32\mmci.dll,-3000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96d-e325-11ce-bfc1-08002be10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96e-e325-11ce-bfc1-08002be10318}] : (Monitor) [] -> @c_monitor.inf,%ClassDesc%;Monitors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e970-e325-11ce-bfc1-08002be10318}] : (MTD) [] -> @%SystemRoot%\System32\SysClass.Dll,-3021 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e971-e325-11ce-bfc1-08002be10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}] : (Net) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1502 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e973-e325-11ce-bfc1-08002be10318}] : (NetClient) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1504 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e974-e325-11ce-bfc1-08002be10318}] : (NetService) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1505 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e975-e325-11ce-bfc1-08002be10318}] : (NetTrans) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1503 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e977-e325-11ce-bfc1-08002be10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e978-e325-11ce-bfc1-08002be10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e979-e325-11ce-bfc1-08002be10318}] : (Printer) [] -> @%SystemRoot%\system32\ntprint.dll,-1004 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97b-e325-11ce-bfc1-08002be10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97e-e325-11ce-bfc1-08002be10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e980-e325-11ce-bfc1-08002be10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127dc3-0f36-415e-a6cc-4cb3be910b65}] : (Processor) [] -> @c_processor.inf,%ClassDesc%;Processors [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906cb8-ba12-11d1-bf5d-0000f805f530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944a-f6b9-4057-a056-8c550228544c}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{50dd5230-ba8a-11d1-bf5d-0000f805f530}] : (SmartCardReader) [] -> @%SystemRoot%\System32\StorProp.dll,-17002 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175d334-c371-4806-b3ba-71fd53c9258d}] : (Sensor) [] -> @%SystemRoot%\system32\SensorsCpl.dll,-10000 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{533c5b84-ec70-11d2-9505-00c04f79deaf}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{53d29ef7-377c-4d14-864b-eb3a85769359}] : (Biometric) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{5630831c-06c9-4856-b327-f5d32586e060}] : (Proximity) [] -> @c_proximity.inf,%ClassDesc%;Proximity devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{62f9c741-b25a-46ce-b54c-9bccce08b6f2}] : (SoftwareDevice) [] -> @c_swdevice.inf,%ClassDesc%;Software devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc1-810f-11d0-bec7-08002be2092f}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc5-810f-11d0-bec7-08002be2092f}] : (Infrared) [] -> @%SystemRoot%\System32\NetCfgx.dll,-1501 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6bdd1fc6-810f-11d0-bec7-08002be2092f}] : (Image) [] -> @%SystemRoot%\system32\sti_ci.dll,-52 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6d807884-7d21-11cf-801c-08002be10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (BasicDisplay) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{71a27cdd-812a-11d0-bec7-08002be2092f}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631e54-78a4-11d0-bcf7-00aa00b7b32a}] : (Battery) [] -> @%SystemRoot%\system32\powrprof.dll,-611 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{745a17a0-74d3-11d0-b6fe-00a0c90f57da}] : (HIDClass) [] -> @%SystemRoot%\System32\hid.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{772e18f2-8925-4229-a5ac-6453cb482fda}] : (HidCashDrawer) [] -> @c_cashdrawer.inf,%ClassName%;POS Cash Drawer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{7ebefbc0-3200-11d2-b4c2-00a0c9697d07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{81C87465-DE07-4EFC-9D93-61E891D52FD2}] : (RdpVideoMiniport) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8496e87e-c0a1-4102-9d8d-bd9a9b8b07a9}] : (WDC_SAM) [] -> @oem27.inf,%WDC_SAM_ClassName%;WD Drive Management devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88a1c342-4539-11d3-b88d-00c04fad5171}] : (TS_Generic) [] -> @ts_generic.inf,%TSClassName%;Generic Remote Desktop devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{88bae032-5a81-49f0-bc3d-a4ff138216d6}] : (USBDevice) [] -> @%SystemRoot%\System32\SysClass.Dll,-3029 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ecc055d-047f-11d1-a537-0000f8753ed1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{990a2bd7-e738-46c7-b26f-1cf8fb9f1391}] : (SmartCard) [] -> @%SystemRoot%\System32\SysClass.DLL,-3031 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9d6d66a6-0b0c-4563-9077-a0e9a7955ae4}] : (Ramdisk) [] -> @ramdisk.inf,%ClassName%;RAM Disk drives [HKLM\SYSTEM\CurrentControlSet\Control\Class\{9da2b80f-f89f-4a49-a5c2-511b085b9e8a}] : (EhStorSilo) [] -> @rawsilo.inf,%ClassName%;IEEE 1667 silo and control devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{a0a588a4-c46f-4b37-b7ea-c82fe89870c6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A3E32DBA-BA89-4F17-8386-2D0127FBD4CC}] : (rdpbus) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{A73C93F1-9727-4D1D-ACE1-0E333BA4E7DB}] : (nvlddmkm) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{b91b7968-6435-4966-8928-79bf082e3e30}] : (Logitech LCDs) [] -> @oem11.inf,%LGLCD%;Logitech LCDs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{bbbe8734-08fa-4966-b6a6-4e5ad010cdd7}] : (USBFunctionController) [] -> @%SystemRoot%\System32\SysClass.Dll,-3030 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c06ff265-ae09-48f0-812c-16753d7cba83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c166523c-fe0c-4a94-a586-f1a80cfbbf3e}] : (AudioEndpoint) [] -> @audioendpoint.inf,%ClassName%;Audio inputs and outputs [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c243ffbd-3afc-45e9-b3d3-2ba18bc7ebc5}] : (BarcodeScanner) [] -> @c_barcodescanner.inf,%ClassName%;POS Barcode Scanner [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c30ecea0-11ef-4ef9-b02e-6af81e6e65c0}] : (WSDPrintDevice) [] -> @wsdprint.inf,%ClassName%;WSD Print Provider [HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7bc9b22-21f0-4f0d-9bb6-66c229b8cd33}] : (POSPrinter) [] -> @c_receiptprinter.inf,%ClassName%;POS Receipt Printer [HKLM\SYSTEM\CurrentControlSet\Control\Class\{c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}] : (BluetoothVirtual) [] -> @oem57.inf,%BluetoothVirtualName%;Bluetooth Virtual Devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{ce5939ae-ebde-11d0-b181-0000f8753ec4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d421b08e-6d16-41ca-9c4d-9147e5ac98e0}] : (Miracast) [] -> @miradisp.inf,%ClassName%;Miracast display devices [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d48179be-ec20-11d1-b6b8-00c04fa372a7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d61ca365-5af4-4486-998b-9db4734c6ca3}] : (XnaComposite) [] -> @xusb22.inf,%XUSB22.ClassName%;Xbox 360 Peripherals [HKLM\SYSTEM\CurrentControlSet\Control\Class\{d94ee5d8-d189-4994-83d2-f68d7d41b0e6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{db4f6ddd-9c0e-45e4-9597-78dbbad0f412}] : (SmartCardFilter) [] -> @%SystemRoot%\System32\SysClass.DLL,-3032 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e0cbf06c-cd8b-4647-bb8a-263b43f0f974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{e2f84ce7-8efa-411c-aa69-97454ca4cb57}] : (Extension) [] -> @c_extension.inf,%ClassDesc%;Extensions [HKLM\SYSTEM\CurrentControlSet\Control\Class\{eec5ad98-8080-425f-922a-dabf3de3f69a}] : (WPD) [] -> @%SystemRoot%\System32\wpd_ci.dll,-101 [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f2e7dd72-6468-4e36-b6f1-6488f42c1b52}] : (Firmware) [] -> @c_firmware.inf,%ClassDesc%;Firmware [HKLM\SYSTEM\CurrentControlSet\Control\Class\{f72fe0d4-cbcb-407d-8814-9ed673d0dd6b}] : (USB) [] -> @oem109.inf,%ClassName%;ADB Interface [HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (aswSP) [] -> [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.) [HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.) ---------- | Loaded modules (whitelist) [02/07/2013 17:45:52] - (1.0.6.1) - (ASUSTek Computer Inc. - ATK WMIACPI Utility) - C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [13/11/2015 22:15:38] - (10.18.13.6881) - (NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 368.81) - C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys [27/03/2014 14:00:12] - (6.1.7600.16385) - (ASUSTek Computer Inc. - ASUS Charger driver) - C:\WINDOWS\system32\DRIVERS\AiCharger.sys [14/05/2015 12:44:38] - (10.0.10586.21288) - (Realsil Semiconductor Corporation - RTS PCIE READER Driver) - C:\WINDOWS\system32\DRIVERS\RtsPer.sys [18/06/2014 11:34:54] - (1.0.0.1) - ( - Keyboard Filter Driver) - C:\WINDOWS\System32\drivers\kbfiltr.sys [06/08/2015 12:06:20] - (15.7.8.19) - (ELAN Microelectronics Corp. - ELAN KMDF Driver) - C:\WINDOWS\system32\DRIVERS\ETD.sys [13/05/2015 05:44:24] - (1.0.0.4) - (ASUS - HID driver for ASUS Wireless Radio Control) - C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [23/08/2015 13:54:56] - (1.2.40.0) - (NVIDIA Corporation - NVIDIA Virtual Audio Driver) - C:\WINDOWS\system32\drivers\nvvad64v.sys [13/04/2016 22:54:01] - (3.4.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual USB Bus Driver) - C:\WINDOWS\System32\drivers\dtliteusbbus.sys [13/04/2016 22:53:58] - (5.28.0.0) - (Disc Soft Ltd - DAEMON Tools Lite Virtual SCSI Bus Driver) - C:\WINDOWS\System32\drivers\dtlitescsibus.sys [13/05/2015 10:40:48] - (8.66.16.0) - (Conexant Systems Inc. - 64-bit High Definition Audio Function Driver) - C:\WINDOWS\system32\drivers\CHDRT64.sys [02/07/2009 18:36:14] - (1.0.9.1) - (ASUS - Memory mapping Driver) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [11/02/2014 18:08:26] - (6.1.7600.16385) - (Windows (R) Win 7 DDK provider - ASUS Power Level Control Driver) - C:\Program Files\ASUS\P4G\plctrl.sys [01/06/2015 17:55:52] - (4.1.0.2980) - (Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver) - C:\WINDOWS\system32\drivers\npf.sys [25/12/2014 13:09:21] - (7.1.2081.7726) - (NVIDIA Corporation - Nvidia Streaming Kernel Service) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys ---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service S0 - 3ware () -> System32\drivers\3ware.sys R0 - ACPI (@acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver) -> System32\drivers\ACPI.sys R0 - acpiex (Microsoft ACPIEx Driver) -> System32\Drivers\acpiex.sys S0 - ADP80XX () -> System32\drivers\ADP80XX.SYS S0 - agp440 (@machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter) -> System32\drivers\agp440.sys S0 - amdsata () -> System32\drivers\amdsata.sys S0 - amdsbs () -> System32\drivers\amdsbs.sys S0 - amdxata () -> System32\drivers\amdxata.sys S0 - arcsas (@arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver) -> System32\drivers\arcsas.sys S0 - atapi (@mshdc.inf,%idechannel.DeviceDesc%;IDE Channel) -> System32\drivers\atapi.sys S0 - b06bdrv (@netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD) -> System32\drivers\bxvbda.sys R0 - CLFS (@%SystemRoot%\system32\drivers\clfs.sys,-100) -> System32\drivers\CLFS.sys R0 - CNG () -> System32\Drivers\cng.sys R0 - disk (@disk.inf,%disk_ServiceDesc%;Disk Driver) -> System32\drivers\disk.sys S0 - ebdrv (@netevbda.inf,%vbd_srv_desc%;QLogic 10 Gigabit Ethernet Adapter VBD) -> System32\drivers\evbda.sys R0 - EhStorClass (@%SystemRoot%\system32\drivers\EhStorClass.sys,-100) -> System32\drivers\EhStorClass.sys S0 - EhStorTcgDrv (@ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols) -> System32\drivers\EhStorTcgDrv.sys R0 - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> System32\drivers\fileinfo.sys R0 - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys S0 - Fs_Rec () -> (?) R0 - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys S0 - gagp30kx (@agp.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms) -> System32\drivers\gagp30kx.sys S0 - HpSAMD () -> System32\drivers\HpSAMD.sys S0 - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys R0 - iaStorA () -> System32\drivers\iaStorA.sys S0 - iaStorAV (@iastorav.inf,%iaStorAV.DeviceDesc%;Intel(R) SATA RAID Controller Windows) -> System32\drivers\iaStorAV.sys S0 - iaStorV (@iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7) -> System32\drivers\iaStorV.sys S0 - intelide () -> System32\drivers\intelide.sys S0 - intelpep (@intelpep.inf,%INTELPEP.SVCDESC%;Intel(R) Power Engine Plug-in Driver) -> System32\drivers\intelpep.sys S0 - isapnp () -> System32\drivers\isapnp.sys R0 - KSecDD () -> System32\Drivers\ksecdd.sys R0 - KSecPkg () -> System32\Drivers\ksecpkg.sys S0 - LSI_SAS () -> System32\drivers\lsi_sas.sys S0 - LSI_SAS2i () -> System32\drivers\lsi_sas2i.sys S0 - LSI_SAS3i () -> System32\drivers\lsi_sas3i.sys S0 - LSI_SSS () -> System32\drivers\lsi_sss.sys S0 - megasas () -> System32\drivers\megasas.sys S0 - megasr () -> System32\drivers\megasr.sys R0 - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys R0 - msisadrv () -> System32\drivers\msisadrv.sys R0 - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys S0 - mvumis () -> System32\drivers\mvumis.sys R0 - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys S0 - nvraid () -> System32\drivers\nvraid.sys S0 - nvstor () -> System32\drivers\nvstor.sys S0 - nv_agp (@machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter) -> System32\drivers\nv_agp.sys R0 - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys R0 - pci (@pci.inf,%pci_svcdesc%;Pilote de bus PCI) -> System32\drivers\pci.sys S0 - pciide () -> System32\drivers\pciide.sys S0 - pcmcia () -> System32\drivers\pcmcia.sys R0 - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys R0 - pdc (@%SystemRoot%\system32\drivers\pdc.sys,-100) -> system32\drivers\pdc.sys S0 - percsas2i () -> System32\drivers\percsas2i.sys S0 - percsas3i () -> System32\drivers\percsas3i.sys R0 - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys S0 - sbp2port (@sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver) -> System32\drivers\sbp2port.sys S0 - SiSRaid2 () -> System32\drivers\SiSRaid2.sys S0 - SiSRaid4 () -> System32\drivers\sisraid4.sys R0 - spaceport (@spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver) -> System32\drivers\spaceport.sys S0 - stexstor () -> System32\drivers\stexstor.sys S0 - storahci (@mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver) -> System32\drivers\storahci.sys S0 - storflt (@wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator) -> System32\drivers\vmstorfl.sys S0 - stornvme (@stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver) -> System32\drivers\stornvme.sys S0 - storufs (@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver) -> System32\drivers\storufs.sys S0 - storvsc () -> System32\drivers\storvsc.sys R0 - Tcpip (@%SystemRoot%\system32\drivers\tcpip.sys,-10001) -> System32\drivers\tcpip.sys S0 - uagp35 (@agp.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter) -> System32\drivers\uagp35.sys S0 - uliagpkx (@machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter) -> System32\drivers\uliagpkx.sys R0 - vdrvroot (@vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator) -> System32\drivers\vdrvroot.sys S0 - vmbus (@wvmbus.inf,%vmbus.SVCDESC%;Virtual Machine Bus) -> System32\drivers\vmbus.sys R0 - volmgr (@volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver) -> System32\drivers\volmgr.sys R0 - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys R0 - volsnap (@volume.inf,%VolumeClassName%;Storage volumes) -> System32\drivers\volsnap.sys S0 - vsmraid () -> System32\drivers\vsmraid.sys S0 - VSTXRAID (@vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver) -> System32\drivers\vstxraid.sys S0 - WdBoot (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390) -> system32\drivers\WdBoot.sys R0 - Wdf01000 (@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000) -> system32\drivers\Wdf01000.sys R0 - WdFilter (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-330) -> system32\drivers\WdFilter.sys R0 - WFPLWFS (@%SystemRoot%\System32\drivers\wfplwfs.sys,-6000) -> System32\drivers\wfplwfs.sys R0 - WindowsTrustedRT (Windows Trusted Execution Environment Class Extension) -> system32\drivers\WindowsTrustedRT.sys R0 - WindowsTrustedRTProxy (@WindowsTrustedRTProxy.inf,%WindowsTrustedRTProxy.SVCDESC%;Microsoft Windows Trusted Runtime Secure Service) -> System32\drivers\WindowsTrustedRTProxy.sys R0 - Wof (Windows Overlay File System Filter Driver) -> (?) R1 - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys R1 - ahcache (@%systemroot%\system32\drivers\ahcache.sys,-102) -> system32\DRIVERS\ahcache.sys R1 - ATKWMIACPIIO (ATKWMIACPI Driver) -> \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys R1 - BasicDisplay () -> \SystemRoot\System32\drivers\BasicDisplay.sys R1 - BasicRender () -> \SystemRoot\System32\drivers\BasicRender.sys R1 - Beep (Beep) -> (?) R1 - cdrom (@cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver) -> \SystemRoot\System32\drivers\cdrom.sys S1 - dam (@%SystemRoot%\system32\drivers\dam.sys,-100) -> system32\drivers\dam.sys R1 - Dfsc (@%systemroot%\system32\wkssvc.dll,-1008) -> System32\Drivers\dfsc.sys R1 - FileCrypt (@%systemroot%\system32\drivers\filecrypt.sys,-100) -> system32\drivers\filecrypt.sys R1 - GpuEnergyDrv (@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100) -> System32\drivers\gpuenergydrv.sys R1 - Msfs () -> (?) R1 - mssmbios (@mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver) -> \SystemRoot\System32\drivers\mssmbios.sys R1 - NetBIOS (@%windir%\system32\drivers\netbios.sys,-503) -> system32\drivers\netbios.sys R1 - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys R1 - Npfs () -> (?) R1 - npsvctrig (@npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider) -> \SystemRoot\System32\drivers\npsvctrig.sys R1 - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys R1 - Null () -> (?) R1 - Psched (@%windir%\System32\drivers\pacer.sys,-101) -> System32\drivers\pacer.sys R1 - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys R1 - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> \SystemRoot\system32\DRIVERS\tdx.sys R1 - vwififlt (@%SystemRoot%\System32\drivers\vwififlt.sys,-259) -> System32\drivers\vwififlt.sys R2 - ASLDRService (ASLDR Service) -> C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe R2 - ASMMAP64 (ASMMAP64) -> \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys R2 - Asus WebStorage Windows Service (Asus WebStorage Windows Service) -> "C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe" R2 - ATKGFNEXSrv (ATKGFNEX Service) -> C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe R2 - AudioEndpointBuilder (@%SystemRoot%\system32\AudioEndpointBuilder.dll,-204) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - Audiosrv (@%SystemRoot%\system32\audiosrv.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - BcmBtRSupport (@oem79.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service) -> %SystemRoot%\system32\BtwRSupportService.exe R2 - BFE (@%SystemRoot%\system32\bfe.dll,-1001) -> %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - BITS (@%SystemRoot%\system32\qmgr.dll,-1000) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - Bonjour Service (Service Bonjour) -> "C:\Program Files\Bonjour\mDNSResponder.exe" R2 - BrokerInfrastructure (@%windir%\system32\bisrv.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - btwdins (Bluetooth Service) -> "C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe" R2 - CertPropSvc (@%SystemRoot%\System32\certprop.dll,-11) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - ClickToRunSvc (Service Démarrer en clic Microsoft Office) -> "C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service R2 - CoreMessagingRegistrar (@%SystemRoot%\system32\coremessaging.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - CryptSvc (@%SystemRoot%\system32\cryptsvc.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k NetworkService R2 - DcomLaunch (@combase.dll,-5012) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - DeviceAssociationService (@%SystemRoot%\system32\das.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - Dhcp (@%SystemRoot%\system32\dhcpcore.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - DiagTrack (@%SystemRoot%\system32\diagtrack.dll,-3001) -> %SystemRoot%\System32\svchost.exe -k utcsvc R2 - Dnscache (@%SystemRoot%\System32\dnsapi.dll,-101) -> %SystemRoot%\system32\svchost.exe -k NetworkService S2 - DoSvc (@%systemroot%\system32\dosvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - DPS (@%systemroot%\system32\dps.dll,-500) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork R2 - ETDService (Elan Service) -> "C:\Program Files\Elantech\ETDService.exe" R2 - EventLog (@%SystemRoot%\system32\wevtsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - EventSystem (@comres.dll,-2450) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - FontCache (@%systemroot%\system32\FntCache.dll,-100) -> %SystemRoot%\system32\svchost.exe -k LocalService R2 - GfExperienceService (NVIDIA GeForce Experience Service) -> "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe" R2 - gpsvc (@gpapi.dll,-112) -> %systemroot%\system32\svchost.exe -k netsvcs S2 - gupdate (Service Google Update (gupdate)) -> "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc R2 - IAStorDataMgrSvc (Intel(R) Rapid Storage Technology) -> "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe" R2 - igfxCUIService2.0.0.0 (Intel(R) HD Graphics Control Panel Service) -> %SystemRoot%\system32\igfxCUIService.exe R2 - IKEEXT (@%SystemRoot%\system32\ikeext.dll,-501) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - Intel(R) Capability Licensing Service Interface (Intel(R) Capability Licensing Service Interface) -> "C:\Program Files\Intel\iCLS Client\HeciServer.exe" R2 - Intel(R) ME Service (Intel(R) ME Service) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe" R2 - iphlpsvc (@%SystemRoot%\system32\iphlpsvc.dll,-500) -> %SystemRoot%\System32\svchost.exe -k NetSvcs R2 - jhi_service (Intel(R) Dynamic Application Loader Host Interface Service) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe" R2 - LanmanServer (@%systemroot%\system32\srvsvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - LanmanWorkstation (@%systemroot%\system32\wkssvc.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - lltdio (@%SystemRoot%\system32\lltdres.dll,-6) -> system32\drivers\lltdio.sys R2 - LMS (Intel(R) Management and Security Application Local Management Service) -> "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe" R2 - LSM (@%windir%\system32\lsm.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys S2 - MapsBroker (@%SystemRoot%\System32\moshost.dll,-100) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - MBAMScheduler () -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" R2 - MBAMService () -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" R2 - MMCSS (@%systemroot%\system32\drivers\mmcss.sys,-100) -> \SystemRoot\system32\drivers\mmcss.sys R2 - MpsSvc (@%SystemRoot%\system32\FirewallAPI.dll,-23090) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork R2 - mrxsmb10 (@%systemroot%\system32\wkssvc.dll,-1004) -> system32\DRIVERS\mrxsmb10.sys R2 - MsLldp (@%SystemRoot%\system32\drivers\mslldp.sys,-200) -> system32\drivers\mslldp.sys R2 - Ndu (@%SystemRoot%\system32\drivers\Ndu.sys,-10001) -> system32\drivers\Ndu.sys R2 - NlaSvc (@%SystemRoot%\System32\nlasvc.dll,-1) -> %SystemRoot%\System32\svchost.exe -k NetworkService R2 - npf (NetGroup Packet Filter Driver) -> system32\drivers\npf.sys R2 - nsi (@%SystemRoot%\system32\nsisvc.dll,-200) -> %systemroot%\system32\svchost.exe -k LocalService R2 - NvNetworkService (NVIDIA Network Service) -> "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" R2 - NvStreamSvc (NVIDIA Streamer Service) -> "C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe" R2 - nvsvc (NVIDIA Display Driver Service) -> "C:\WINDOWS\system32\nvvsvc.exe" S2 - OneSyncSvc (@%SystemRoot%\system32\APHostRes.dll,-10002) -> %SystemRoot%\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_19dc859e (Hôte de synchronisation_19dc859e) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_26ac1e7 (Hôte de synchronisation_26ac1e7) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_2b770d2 (Hôte de synchronisation_2b770d2) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_2f66b31 (Hôte de synchronisation_2f66b31) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_31e0f4a (Hôte de synchronisation_31e0f4a) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_3528b (Hôte de synchronisation_3528b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_355e0 (Hôte de synchronisation_355e0) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_36002 (Hôte de synchronisation_36002) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_366e4a5 (Hôte de synchronisation_366e4a5) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_374d5 (Hôte de synchronisation_374d5) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_3916e (Hôte de synchronisation_3916e) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_391cb (Hôte de synchronisation_391cb) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_3c72a (Hôte de synchronisation_3c72a) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_3d1e9 (Hôte de synchronisation_3d1e9) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_3fba3 (Hôte de synchronisation_3fba3) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_40932 (Hôte de synchronisation_40932) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_40c9e (Hôte de synchronisation_40c9e) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_41e6584 (Hôte de synchronisation_41e6584) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_437260c (Hôte de synchronisation_437260c) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_43c1f (Hôte de synchronisation_43c1f) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_441c5 (Hôte de synchronisation_441c5) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup R2 - OneSyncSvc_4469f (Hôte de synchronisation_4469f) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_45184 (Hôte de synchronisation_45184) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_494fa (Hôte de synchronisation_494fa) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_4b0ba (Hôte de synchronisation_4b0ba) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_4b113 (Hôte de synchronisation_4b113) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_4cd80 (Hôte de synchronisation_4cd80) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_4ff4c03 (Hôte de synchronisation_4ff4c03) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_54801f6 (Hôte de synchronisation_54801f6) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_5556f (Hôte de synchronisation_5556f) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_59cbab9 (Hôte de synchronisation_59cbab9) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_62c45cc (Hôte de synchronisation_62c45cc) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_685b74c (Hôte de synchronisation_685b74c) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_6c96a54 (Hôte de synchronisation_6c96a54) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_6e5cd04 (Hôte de synchronisation_6e5cd04) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_745a2b (Hôte de synchronisation_745a2b) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_78f28ef (Hôte de synchronisation_78f28ef) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_790532 (Hôte de synchronisation_790532) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_7975425 (Hôte de synchronisation_7975425) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_7dd7277 (Hôte de synchronisation_7dd7277) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_adb26e (Hôte de synchronisation_adb26e) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_bf5d5 (Hôte de synchronisation_bf5d5) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_c43f12c (Hôte de synchronisation_c43f12c) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_c787e1 (Hôte de synchronisation_c787e1) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_d6eb795 (Hôte de synchronisation_d6eb795) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_e751eb (Hôte de synchronisation_e751eb) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup S2 - OneSyncSvc_f68aa (Hôte de synchronisation_f68aa) -> C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup R2 - PcaSvc (@%SystemRoot%\system32\pcasvc.dll,-1) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys R2 - plctrl (plctrl) -> \??\C:\Program Files\ASUS\P4G\plctrl.sys R2 - PnkBstrA (PnkBstrA) -> C:\WINDOWS\system32\PnkBstrA.exe R2 - PnkBstrB (PnkBstrB) -> C:\WINDOWS\system32\PnkBstrB.exe R2 - Power (@%SystemRoot%\system32\umpo.dll,-100) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - ProfSvc (@%systemroot%\system32\profsvc.dll,-300) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - RMCAST (@%SystemRoot%\system32\wshrm.dll,-102) -> \SystemRoot\system32\DRIVERS\RMCAST.sys R2 - RpcEptMapper (@%windir%\system32\RpcEpMap.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k RPCSS R2 - RpcSs (@combase.dll,-5010) -> %SystemRoot%\system32\svchost.exe -k rpcss R2 - rspndr (@%SystemRoot%\system32\lltdres.dll,-5) -> system32\drivers\rspndr.sys R2 - SamSs (@%SystemRoot%\system32\samsrv.dll,-1) -> %SystemRoot%\system32\lsass.exe S2 - SCardSvr (@%SystemRoot%\System32\SCardSvr.dll,-1) -> %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation R2 - Schedule (@%SystemRoot%\system32\schedsvc.dll,-100) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - SENS (@%SystemRoot%\system32\Sens.dll,-200) -> %SystemRoot%\system32\svchost.exe -k netsvcs R2 - SharedAccess (@%SystemRoot%\system32\ipnathlp.dll,-106) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - ShellHWDetection (@%SystemRoot%\System32\shsvcs.dll,-12288) -> %SystemRoot%\System32\svchost.exe -k netsvcs S2 - SkypeUpdate (Skype Updater) -> "C:\Program Files (x86)\Skype\Updater\Updater.exe" R2 - Spooler (@%systemroot%\system32\spoolsv.exe,-1) -> %SystemRoot%\System32\spoolsv.exe S2 - sppsvc (@%SystemRoot%\system32\sppsvc.exe,-101) -> %SystemRoot%\system32\sppsvc.exe R2 - srv (@%systemroot%\system32\srvsvc.dll,-102) -> System32\DRIVERS\srv.sys R2 - ss_conn_service (SAMSUNG Mobile Connectivity Service) -> "C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe" R2 - stisvc (@%SystemRoot%\system32\wiaservc.dll,-9) -> %SystemRoot%\system32\svchost.exe -k imgsvc R2 - storqosflt (@%SystemRoot%\System32\drivers\storqosflt.sys,-101) -> system32\drivers\storqosflt.sys R2 - SysMain (@%SystemRoot%\system32\sysmain.dll,-1000) -> %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - SystemEventsBroker (@%windir%\system32\SystemEventsBrokerServer.dll,-1001) -> %SystemRoot%\system32\svchost.exe -k DcomLaunch R2 - SystemUsageReportSvc_WILLAMETTE (Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE) -> "C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe" R2 - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys R2 - Themes (@%SystemRoot%\System32\themeservice.dll,-8192) -> %SystemRoot%\System32\svchost.exe -k netsvcs R2 - tiledatamodelsvc (@%SystemRoot%\system32\tileobjserver.dll,-1) -> %systemroot%\system32\svchost.exe -k appmodel R2 - TrkWks (@%SystemRoot%\system32\trkwks.dll,-1) -> %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted R2 - UserManager (@%systemroot%\system32\usermgr.dll,-100) -> %SystemRoot%\system32\svchost.exe -k netsvcs S2 - WbioSrvc (@%systemroot%\system32\wbiosrvc.dll,-100) -> %SystemRoot%\system32\svchost.exe -k WbioSvcGroup R2 - Wcmsvc (@%SystemRoot%\System32\wcmsvc.dll,-4097) -> %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted R2 - WDBackup (WD Backup) -> "C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe" R2 - WDDriveService (WD Drive Manager) -> "C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe" R2 - WinDefend (@%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310) -> "%ProgramFiles%\Windows Defender\MsMpEng.exe" R2 - Winmgmt (@%Systemroot%\system32\wbem\wmisvc.dll,-205) -> %systemroot%\system32\svchost.exe -k netsvcs R2 - WlanSvc (@%SystemRoot%\System32\wlansvc.dll,-257) -> %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted R2 - wscsvc (@%SystemRoot%\System32\wscsvc.dll,-200) -> %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted R2 - WSearch (@%systemroot%\system32\SearchIndexer.exe,-103) -> %systemroot%\system32\SearchIndexer.exe /Embedding ---------- | System files (Microsoft Files whitelisted) [MD5.2C5B3035B86770ADD2FE9BFBAF5B35A4] - [30/10/2015 09:17:22] - (.Copyright (c) 2011 LSI - LSI 3ware SCSI Storport Driver.) - [104.84 Ko] - (5.1.0.51) - C:\WINDOWS\System32\Drivers\3ware.sys [MD5.F7D0CD345D2DA42E7042ABCD73662403] - [30/10/2015 09:17:22] - (.Copyright (C) PMC-Sierra 2001-2014 - PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller.) - [1108.84 Ko] - (1.3.0.10769) - C:\WINDOWS\System32\Drivers\adp80xx.sys [MD5.16F6F6B7903B913AB41AB848C8BB5658] - [27/03/2014 14:00:12] - (.Copyright (c) ASUSTek Computer Inc. - ASUS Charger driver.) - [16.75 Ko] - (6.1.7600.16385) - C:\WINDOWS\System32\Drivers\AiCharger.sys [MD5.5B30BCFE6E02E45D3EE268FF001BC5E0] - [30/10/2015 09:17:22] - (.Copyright © 2008-2015 AMD, Inc. - AHCI 1.3 Device Driver.) - [81.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdsata.sys [MD5.F20B30F35A5C7888441B4DCA001ECF8E] - [30/10/2015 09:17:22] - (.2012 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [253.34 Ko] - (3.7.1540.43) - C:\WINDOWS\System32\Drivers\amdsbs.sys [MD5.AFE838D7576C581D6483529621AB10CC] - [30/10/2015 09:17:22] - (.Copyright © 2008-2015 AMD, Inc. - Storage Filter Driver.) - [26.34 Ko] - (1.1.3.277) - C:\WINDOWS\System32\Drivers\amdxata.sys [MD5.E3FE8F610B1CC12BC3B2E6BC43DC97E2] - [30/10/2015 09:17:22] - (.Copyright 2014 PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) - [128.84 Ko] - (7.5.0.32048) - C:\WINDOWS\System32\Drivers\arcsas.sys [MD5.7222DC0F811BBD1B4B4A7C28B7C31AE5] - [13/05/2015 05:44:24] - (.Copyright (C) 2013 ASUS - HID driver for ASUS Wireless Radio Control.) - [19.51 Ko] - (1.0.0.4) - C:\WINDOWS\System32\Drivers\AsHIDSwitch64.sys [MD5.E4ABC023E251D2BB6B98C9FCAF5CF16D] - [19/02/2015 02:45:41] - (.OpenVPN Technologies, Inc. - TAP-Windows Virtual Network Driver.) - [43.59 Ko] - (9.0.0.10) - C:\WINDOWS\System32\Drivers\aswTap.sys [MD5.AB1F87CBB209BE855FDC93DF2C97D2AC] - [27/03/2015 10:33:14] - (.Copyright (C) 2000-2012, Broadcom Corporation. - Broadcom Bluetooth Firmware Download Filter.) - [181.79 Ko] - (12.0.1.921) - C:\WINDOWS\System32\Drivers\bcbtums.sys [MD5.3F5523DCEFE42B385659C5CB46A6B810] - [30/10/2015 09:17:22] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9477.0) - C:\WINDOWS\System32\Drivers\bcmfn.sys [MD5.0B750A6A6D847E73CA48ADD7A0F5A393] - [30/10/2015 09:17:22] - (.© Broadcom Corporation. - BCM Function 2 Device Driver.) - [9.5 Ko] - (6.3.9391.6) - C:\WINDOWS\System32\Drivers\bcmfn2.sys [MD5.E6618C2CAEEE8A2644FD46B98304954A] - [30/10/2015 09:17:18] - (.1998-2012, Broadcom Corp. All Rights Rsvd - Broadcom 802.11 Network Adapter wireless driver.) - [7407.5 Ko] - (6.30.223.256) - C:\WINDOWS\System32\Drivers\BCMWL63a.SYS [MD5.241EF920E603F5153F0CB6CB697CA2B4] - [18/09/2014 01:04:21] - (.Copyright (C) 2000-2012, Broadcom Corporation. - Broadcom Bluetooth USB AMP Filter.) - [208.31 Ko] - (12.0.1.840) - C:\WINDOWS\System32\Drivers\btwampfl.sys [MD5.6447BA6FA709514B6C803D159B4C7D1E] - [30/10/2015 09:17:22] - (.(c) COPYRIGHT 2001-2012 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [518.84 Ko] - (7.4.14.0) - C:\WINDOWS\System32\Drivers\bxvbda.sys [MD5.1219A31A19E13524F9F73D59B01A478F] - [13/05/2015 10:40:48] - (.Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) - [1516.63 Ko] - (8.66.16.0) - C:\WINDOWS\System32\Drivers\CHDRT64.sys [MD5.679FF716052109392D870F6A6C4A3535] - [13/04/2016 22:53:58] - (.Copyright (C) 2000-2015 - DAEMON Tools Lite Virtual SCSI Bus Driver.) - [29.55 Ko] - (5.28.0.0) - C:\WINDOWS\System32\Drivers\dtlitescsibus.sys [MD5.E23FDD696839A4790682CA66C48D3F2F] - [13/04/2016 22:54:01] - (.Copyright (C) 2000-2015 - DAEMON Tools Lite Virtual USB Bus Driver.) - [46.55 Ko] - (3.4.0.0) - C:\WINDOWS\System32\Drivers\dtliteusbbus.sys [MD5.028DE72382B615EED1E67C674645F605] - [06/08/2015 12:06:20] - (.ELAN Microelectronics Corp. Copyright(C) 2003-2015 - ELAN KMDF Driver.) - [466.59 Ko] - (15.7.8.19) - C:\WINDOWS\System32\Drivers\ETD.sys [MD5.491275B864B704B54EC08168344E0F38] - [30/10/2015 09:17:22] - (.(c) COPYRIGHT 2014-2015 QLogic Corporation - QLogic 10 GigE VBD.) - [3356.34 Ko] - (7.12.2.3) - C:\WINDOWS\System32\Drivers\evbda.sys [MD5.7F79205B4EFA98F0767309479C8C01C6] - [07/06/2016 16:02:50] - (.Copyright (C) 2013 LogMeIn Inc. - LogMeIn Hamachi Virtual Miniport Driver.) - [44.61 Ko] - (8.1.4.1) - C:\WINDOWS\System32\Drivers\Hamdrv.sys [MD5.FF442DCDCE1F6E9FAA9C8AD0CD1D199B] - [30/10/2015 09:17:22] - (.Copyright (c) 2004-2011 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [62.84 Ko] - (8.0.4.0) - C:\WINDOWS\System32\Drivers\HpSAMD.sys [MD5.9A2A2F3C69B9A30B6E78536F6D258BAD] - [30/10/2015 09:17:18] - (.Copyright (C) 2013. - Intel(R) Serial IO I2C Driver.) - [79.5 Ko] - (604.10146.2643.2818) - C:\WINDOWS\System32\Drivers\iai2c.sys [MD5.59A20F5AD9F4AE54098154359519408E] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Driver v2.) - [162 Ko] - (30.63.1519.7) - C:\WINDOWS\System32\Drivers\iaLPSS2i_I2C.sys [MD5.16A10CCEDCF5AC4CAAE43DC9FC40392F] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO GPIO Controller Driver.) - [37.23 Ko] - (1.1.250.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_GPIO.sys [MD5.EB82A11613326691508D9ED9A4FE29E7] - [30/10/2015 09:17:18] - (.Copyright © 2015, Intel Corporation. - Intel(R) Serial IO I2C Controller Driver.) - [110.5 Ko] - (1.1.253.0) - C:\WINDOWS\System32\Drivers\iaLPSSi_I2C.sys [MD5.D502656B5AD89DA2FA32A8C971963D65] - [12/02/2016 11:12:50] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology driver - x64.) - [1443.02 Ko] - (14.10.0.1016) - C:\WINDOWS\System32\Drivers\iaStorA.sys [MD5.6B0029A0253098CCE28EACCFDB9E7208] - [30/10/2015 09:17:22] - (.Copyright (C), Intel Corporation. - Intel(R) Rapid Storage Technology driver (inbox) - x64.) - [657.34 Ko] - (13.2.0.1022) - C:\WINDOWS\System32\Drivers\iaStorAV.sys [MD5.9652E1E35A92D8C75710C17A63B15796] - [30/10/2015 09:17:22] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [402.34 Ko] - (8.6.2.1019) - C:\WINDOWS\System32\Drivers\iaStorV.sys [MD5.FFADF691F7BF727AF5C863454A372723] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - InfiniBand Fabric Bus Driver.) - [414.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\ibbus.sys [MD5.CB9D75626663F9D5964C081F3A0E1607] - [19/09/2015 20:11:17] - (.Copyright (c) 1998-2014 Intel Corporation. - Intel Graphics Kernel Mode Driver.) - [6249.95 Ko] - (10.18.15.4256) - C:\WINDOWS\System32\Drivers\igdkmd64.sys [MD5.42777B7BE4946135578E5C3BC1D2E4AD] - [16/07/2015 18:04:28] - (.Intel(R) Corporation. - Intel(R) Display Audio Driver.) - [461.79 Ko] - (6.16.0.3179) - C:\WINDOWS\System32\Drivers\IntcDAud.sys [MD5.87E738E189EB31E2EB07F609C930D068] - [01/03/2014 22:42:29] - (.Copyright © 2013-2013, Intel Corporation. - Intel® WiDi Solution.) - [49.05 Ko] - (4.5.61.0) - C:\WINDOWS\System32\Drivers\intelaud.sys [MD5.56D480702478880805F4E74F2BA02382] - [26/06/2015 22:54:13] - (.Copyright © 2013-2013, Intel Corporation. - Intel® WiDi Solution.) - [38.55 Ko] - (4.5.61.0) - C:\WINDOWS\System32\Drivers\iwdbus.sys [MD5.6C6F4A5FC5A2343995D1B0F111D5CF06] - [18/06/2014 11:34:54] - (. - Keyboard Filter Driver.) - [16.88 Ko] - (1.0.0.1) - C:\WINDOWS\System32\Drivers\kbfiltr.sys [MD5.FA529FB35694C24BF98A9EF67C1CD9D0] - [24/11/2009 02:37:50] - (.© 2004-2009 Logitech. - Logitech WingMan Virtual Bus Enumerator Driver.) - [21.88 Ko] - (3.4.131.0) - C:\WINDOWS\System32\Drivers\LGBusEnum.sys [MD5.94B29CE153765E768F004FB3440BE2B0] - [24/11/2009 02:38:00] - (.© 2004-2009 Logitech. - Logitech GamePanel Virtual Hid Device Driver.) - [15.63 Ko] - (3.4.131.0) - C:\WINDOWS\System32\Drivers\LGVirHid.sys [MD5.961F28D879D345BFA50AF51285C90F2E] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2010 - LSI Fusion-MPT SAS Driver (StorPort).) - [106.34 Ko] - (1.34.3.83) - C:\WINDOWS\System32\Drivers\lsi_sas.sys [MD5.6BFB8D1B3407518BE06B6F81F92FA0F5] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2012 - LSI SAS Gen2 Driver (StorPort).) - [102.34 Ko] - (2.0.76.80) - C:\WINDOWS\System32\Drivers\lsi_sas2i.sys [MD5.BE0E47988D78F731DEC2C0CB03E765CB] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies 2015 - Avago SAS Gen3 Driver (StorPort).) - [96.84 Ko] - (2.50.96.80) - C:\WINDOWS\System32\Drivers\lsi_sas3i.sys [MD5.F99BF02BE9219986817BF094981EEB18] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2012 - LSI SSS PCIe/Flash Driver (StorPort).) - [80.84 Ko] - (2.10.61.81) - C:\WINDOWS\System32\Drivers\lsi_sss.sys [MD5.78BFF5425E044086E74E78650A359FBB] - [17/07/2016 00:24:33] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [26.38 Ko] - (0.1.16.0) - C:\WINDOWS\System32\Drivers\mbam.sys [MD5.1239597BAB7EED2BB16D035AF87E65D9] - [17/07/2016 00:24:34] - (.© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [137.38 Ko] - (1.1.22.0) - C:\WINDOWS\System32\Drivers\mbamchameleon.sys [MD5.78488AF2AB2111D67B3C4044707A519B] - [17/07/2016 00:24:59] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [187.71 Ko] - (0.3.0.4) - C:\WINDOWS\System32\Drivers\MBAMSwissArmy.sys [MD5.2ED29B635F35E31A1C0D3DDB7DD2AD03] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [58.34 Ko] - (6.706.6.0) - C:\WINDOWS\System32\Drivers\megasas.sys [MD5.22E3CB85870879CBAE13C5095A8B12E3] - [30/10/2015 09:17:23] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [562.34 Ko] - (15.2.2013.129) - C:\WINDOWS\System32\Drivers\megasr.sys [MD5.D41920FBFFF2BBCBBC69A5B383AD022E] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - MLX4 Bus Driver.) - [688.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\mlx4_bus.sys [MD5.218705233D02776AE4D19CC37D985C1B] - [30/10/2015 09:17:23] - (.Copyright (c) Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) - [62.34 Ko] - (1.0.5.1016) - C:\WINDOWS\System32\Drivers\mvumis.sys [MD5.898415AC0B5F1D2A9A48ABCB68A6DC4B] - [17/07/2016 00:24:33] - (.© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [63.88 Ko] - (1.0.6.0) - C:\WINDOWS\System32\Drivers\mwac.sys [MD5.B57CE307DA101C739885B7CC0678077F] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - NetworkDirect Support Filter Driver.) - [74.34 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\ndfltr.sys [MD5.DE7FCC77F4A503AF4CA6A47D49B3713D] - [01/06/2015 17:55:52] - (.Copyright © 2010-2013 Riverbed Technology, Inc. Copyright © 2005-2010 CACE Technologies. Copyright © 1999-2005 NetGroup, Politecnico di Torino. - npf.sys (NT5/6 AMD64) Kernel Driver.) - [35.74 Ko] - (4.1.0.2980) - C:\WINDOWS\System32\Drivers\npf.sys [MD5.E051DE03A61E5A497482227C4329756C] - [13/11/2015 22:15:38] - (.(C) 2016 NVIDIA Corporation. - NVIDIA Windows Kernel Mode Driver, Version 368.81.) - [13355.05 Ko] - (10.18.13.6881) - C:\WINDOWS\System32\Drivers\nvlddmkm.sys [MD5.604D27CC38CC23493F218D0BB834B3FF] - [30/10/2015 09:17:23] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [146.84 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvraid.sys [MD5.8B50D897657AB4A15FD9E251BBF7D107] - [30/10/2015 09:17:23] - (.Copyright(C) 2001-2011 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.34 Ko] - (10.6.0.23) - C:\WINDOWS\System32\Drivers\nvstor.sys [MD5.F37FE6B15A987AEEC08EEF531F2FAED7] - [23/08/2015 13:54:56] - (.(C) NVIDIA Corporation. - NVIDIA Virtual Audio Driver.) - [55.06 Ko] - (1.2.40.0) - C:\WINDOWS\System32\Drivers\nvvad64v.sys [MD5.1398A85E59698067CBBE1D66A9C13ADF] - [30/10/2015 09:17:23] - (.Copyright © LSI Corporation 2014 - MEGASAS RAID Controller Driver for Windows.) - [56.84 Ko] - (6.803.21.0) - C:\WINDOWS\System32\Drivers\percsas2i.sys [MD5.35F7C7AD709D909D618D9EDF987FC3ED] - [30/10/2015 09:17:23] - (.Copyright © Avago Technologies2013 - MEGASAS RAID Controller Driver for Windows.) - [57.34 Ko] - (6.602.12.0) - C:\WINDOWS\System32\Drivers\percsas3i.sys [MD5.3AEF4FB6BBA86C2CB751CF989B30EDB5] - [14/02/2016 18:59:52] - (.Copyright (C) 2016 Realtek Semiconductor Corporation. All Right Reserved. - Realtek 8101E/8168/8169 NDIS 6.40 64-bit Driver .) - [914.25 Ko] - (10.8.311.2016) - C:\WINDOWS\System32\Drivers\rt640x64.sys [MD5.4FD2BAD595A2C366FC0312E30362E7AD] - [14/02/2016 18:57:50] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) - [305.71 Ko] - (10.0.10130.27054) - C:\WINDOWS\System32\Drivers\RtsBaStor.sys [MD5.CA864D504A5E56AF84A491B4AA1F8A98] - [14/02/2016 18:57:50] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) - [321.21 Ko] - (10.0.10586.29092) - C:\WINDOWS\System32\Drivers\RtsP2Stor.sys [MD5.390594592126D5EBE0C98C0A3094096E] - [14/05/2015 12:44:38] - (.Copyright © Realtek Semiconductor Corporation 2013 - RTS PCIE READER Driver.) - [759.71 Ko] - (10.0.10586.21288) - C:\WINDOWS\System32\Drivers\RtsPer.sys [MD5.5B8A2A5EF34109489D78BBB983B9242E] - [14/02/2016 18:57:50] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek Pcie CardReader Driver for 2K/XP/Vista/Win7/Win8.) - [358.71 Ko] - (10.0.10240.28159) - C:\WINDOWS\System32\Drivers\RtsPStor.sys [MD5.AE4607D7C7AA83A863BFA214483E8EE4] - [14/02/2016 18:57:50] - (.Copyright © Realtek Semiconductor Corporation 2013 - RTS USB READER Driver.) - [404.21 Ko] - (10.0.10586.31222) - C:\WINDOWS\System32\Drivers\RtsUer.sys [MD5.07F83829E7429E60298440CD1E601A6A] - [14/02/2016 18:45:59] - (.-.) - [21.47 Ko] - (0.0.0.0) - C:\WINDOWS\System32\Drivers\semav6msr64.sys [MD5.ABBE803FE0BDAE0E5BE74DDEFBE62F23] - [30/10/2015 09:17:23] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [43.84 Ko] - (5.1.1039.2600) - C:\WINDOWS\System32\Drivers\sisraid2.sys [MD5.6043DF55CFE3C7ACF477645FA64DEA98] - [30/10/2015 09:17:23] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [79.84 Ko] - (5.1.1039.3600) - C:\WINDOWS\System32\Drivers\sisraid4.sys [MD5.D722BC26F7431A4DA9A183E56CA9FEE3] - [25/04/2016 00:35:52] - (.Copyright ⓒ SAMSUNG - SAMSUNG USB Composite Device Driver (MSS Ver.3).) - [126.13 Ko] - (2.12.2.0) - C:\WINDOWS\System32\Drivers\ssudbus.sys [MD5.36C3697CA09B23C77BDF95A6B0B57310] - [25/04/2016 00:35:58] - (.Copyright ⓒ SAMSUNG - SAMSUNG Android Modem Device Driver (MSS Ver.3).) - [216.63 Ko] - (2.12.2.0) - C:\WINDOWS\System32\Drivers\ssudmdm.sys [MD5.CCDA497C880AD16D87EDFAEFCFB2EDF5] - [30/10/2015 09:17:23] - (.© Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) - [30.34 Ko] - (5.1.0.10) - C:\WINDOWS\System32\Drivers\stexstor.sys [MD5.EB1D78140D6634C32A46AB1006105EDC] - [18/09/2014 00:48:53] - (.Copyright © 2006-2013, Intel Corporation. - Intel(R) Management Engine Interface.) - [97.96 Ko] - (9.5.24.1790) - C:\WINDOWS\System32\Drivers\TeeDriverx64.sys [MD5.D48ED0A08BD2FD25A833E6AC99623091] - [30/10/2015 09:17:23] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [162.84 Ko] - (7.0.9600.6352) - C:\WINDOWS\System32\Drivers\vsmraid.sys [MD5.6990D4AFDF545669D4E6C232F26DE1FB] - [30/10/2015 09:17:23] - (.Copyright (C) 2008 VIA Corporation - VIA StorX RAID Controller Driver.) - [298.34 Ko] - (8.0.9200.8110) - C:\WINDOWS\System32\Drivers\VSTXRAID.SYS [MD5.4A53441C1C4D2878BEF27E381138BB2D] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinMad.) - [26.34 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\winmad.sys [MD5.40A3E8D729F458B2C9A8BD9380FF83D5] - [30/10/2015 09:17:23] - (.Copyright© 2009 Mellanox Technologies Ltd - Kernel WinVerbs.) - [57.84 Ko] - (4.91.10730.0) - C:\WINDOWS\System32\Drivers\winverbs.sys ---------- | Uninstall [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\BitTorrent] : (BitTorrent.-.BitTorrent Inc.) -> "C:\Users\Cédric\AppData\Roaming\BitTorrent\BitTorrent.exe" /UNINSTALL [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CodeBlocks] : (CodeBlocks.-.The Code::Blocks Team) -> C:\Program Files (x86)\CodeBlocks\uninstall.exe [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Discord] : (Discord.-.Hammer & Chisel, Inc.) -> C:\Users\Cédric\AppData\Local\Discord\Update.exe --uninstall [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Flux] : (f.lux.-.) -> "C:\Users\Cédric\AppData\Local\FluxSoftware\Flux\uninstall.exe" [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SOE-PlanetSide 2] : (PlanetSide 2.-.Sony Online Entertainment) -> D:\Jeux\Steam\steamapps\common\PlanetSide 2\Uninstaller.exe [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Spotify] : (Spotify.-.Spotify AB) -> "C:\Users\Cédric\AppData\Roaming\Spotify\Spotify.exe" /uninstall [HKU\S-1-5-21-4256550607-910914473-3542436597-1001\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\TeamSpeak 3 Client] : (TeamSpeak 3 Client.-.TeamSpeak Systems GmbH) -> "C:\Users\Cédric\AppData\Local\TeamSpeak 3 Client\uninstall.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\092555911492C6959D2596D612F52DCA71881CA2] : (Package de pilotes Windows - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000).-.Google, Inc.) -> C:\PROGRA~1\DIFX\D29FE547208FE130\DPInst_x64.exe /u C:\WINDOWS\System32\DriverStore\FileRepository\android_winusb.inf_amd64_bd75d06c56998078\android_winusb.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\14588A15B66655338DBCC021FFA81E31DC281859] : (Package de pilotes Windows - ASUS (ATP) Mouse (06/17/2015 1.0.0.262).-.ASUS) -> C:\PROGRA~1\DIFX\233CFB~1\dpinst.exe /u C:\WINDOWS\System32\DriverStore\FileRepository\asustp.inf_amd64_309a77997806907e\asustp.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AA2CC56D4BBEE037DC99871F5F6551133D2A0CC3] : (Windows Driver Package - ASUS (ATP) Mouse (03/17/2014 1.0.0.207).-.ASUS) -> C:\PROGRA~1\DIFX\DDFC04~1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\asustp.inf_amd64_1c97847927076523\asustp.inf [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Broadcom 802.11 Network Adapter] : (Broadcom 802.11 Network Adapter.-.Broadcom Corporation) -> "C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter" driver [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\bWluZWNyYWZ0c3Rvcnltb2RlYXRlbGx0YWxlZ2FtZXNzZXJpZXM_is1] : (Minecraft: Story Mode - A Telltale Games Series.-.) -> "D:\Games\Minecraft Story Mode - A Telltale Game Series\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CNXT_AUDIO_HDA] : (Conexant HD Audio.-.Conexant) -> C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -G -IX40Plmwa.inf [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CPUID CPU-Z_is1] : (CPUID CPU-Z 1.75.-.) -> "C:\Program Files\CPUID\CPU-Z\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DAEMON Tools Lite] : (DAEMON Tools Lite.-.Disc Soft Ltd) -> C:\Program Files\DAEMON Tools Lite\uninst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\dGhld2l0bmVzcw_is1] : (The Witness Update v20160203.-.) -> "D:\Jeux\The Witness\unins000.exe" [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Elantech] : (ELAN Touchpad 15.8.4.3_X64_WHQL.-.ELAN Microelectronic Corp.) -> %ProgramFiles%\Elantech\ETDUn_inst.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Logitech Gaming Software] : (Logitech - Assistant pour jeux vidéo 8.57.-.Logitech Inc.) -> C:\Program Files\Logitech Gaming Software\uninstallhlpr.exe /bitness=x64 /silentmode=off /langid=FRA /downgrade=no [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 10190] : (Call of Duty: Modern Warfare 2 - Multiplayer.-.Infinity Ward) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/10190 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 219150] : (Hotline Miami.-.Dennaton Games) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/219150 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 24240] : (PAYDAY: The Heist.-.OVERKILL Software) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/24240 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 244930] : (SNOW.-.Poppermost Productions) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/244930 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 333930] : (Dirty Bomb.-.Splash Damage®) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/333930 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 438680] : (One Troll Army.-.FlyAnvil) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/438680 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Steam App 730] : (Counter-Strike: Global Offensive.-.Valve) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/730 [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VLC media player] : (VLC media player.-.VideoLAN) -> C:\Program Files\VideoLAN\VLC\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.11.1] : (Vulkan Run Time Libraries 1.0.11.1.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.11.1\UninstallVulkanRT.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\VulkanRT1.0.3.0] : (Vulkan Run Time Libraries 1.0.3.0.-.LunarG, Inc.) -> C:\Program Files (x86)\VulkanRT\1.0.3.0\UninstallVulkanRT.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WinRAR archiver] : (WinRAR 5.30 (64-bit).-.win.rar GmbH) -> C:\Program Files\WinRAR\uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{03027486-9D54-4DE3-BF0F-9DEDB622D7CE}] : (Epic Games Launcher.-.Epic Games, Inc.) -> MsiExec.exe /X{03027486-9D54-4DE3-BF0F-9DEDB622D7CE} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{0FFDC804-21EE-4283-ADBA-6A1958EB9525}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{142A3F0E-79C6-4C99-B09F-DC360DC128DA}] : (WD SmartWare.-.Western Digital Technologies, Inc.) -> MsiExec.exe /X{142A3F0E-79C6-4C99-B09F-DC360DC128DA} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86418031F0}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86418066F0}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86418073F0}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F86418074F0}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{2B9864F7-70B9-4875-B386-928886886FBA}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{409CB30E-E457-4008-9B1A-ED1B9EA21140}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> "C:\ProgramData\Intel\Package Cache\{409CB30E-E457-4008-9B1A-ED1B9EA21140}\Setup.exe" -uninstall [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{66C5838F-B854-4A55-89E6-A6138747A4DF}] : (Epic Games Launcher Prerequisites (x64).-.Epic Games, Inc.) -> MsiExec.exe /X{66C5838F-B854-4A55-89E6-A6138747A4DF} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{690285C2-2481-44FB-8402-162EA970A6DD}] : (Logitech Gaming Software.-.Logitech Inc.) -> MsiExec.exe /I{690285C2-2481-44FB-8402-162EA970A6DD} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}] : (Bonjour.-.Apple Inc.) -> MsiExec.exe /X{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{77EEC345-B758-45DF-94C2-25D91D520650}] : (DriversCloud.com (64 bits).-.Cybelsoft) -> MsiExec.exe /X{77EEC345-B758-45DF-94C2-25D91D520650} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}] : (ASUS Power4Gear Hybrid.-.ASUS) -> MsiExec.exe /I{9B6239BF-4E85-4590-8D72-51E30DB1A9AA} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel] : (Ansel.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel] : (Panneau de configuration NVIDIA 368.81.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver] : (NVIDIA Pilote graphique 368.81.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.Driver [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience] : (NVIDIA GeForce Experience 2.11.4.0.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.GFExperience [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus] : (NVIDIA Optimus Update 2.11.4.0.-.NVIDIA Corporation) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX] : (NVIDIA Logiciel système PhysX 9.16.0318.-.NVIDIA Corporation) -> "C:\WINDOWS\SysWOW64\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2.DLL",UninstallPackage Display.PhysX [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update] : (Mises à jour NVIDIA 2.11.4.0.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer] : (NVIDIA LED Visualizer 1.0.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv] : (SHIELD Streaming.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService] : (NVIDIA GeForce Experience Service.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer] : (NVIDIA Install Application.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service] : (NVIDIA Network Service.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay] : (NVIDIA ShadowPlay 2.11.4.0.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController] : (SHIELD Wireless Controller Driver.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core] : (NVIDIA Update Core.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver] : (NVIDIA Virtual Audio 1.2.40.-.NVIDIA Corporation) -> [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B5E06417-A4AC-4225-B36E-7E34C91616E7}] : (Intel® Trusted Connect Service Client.-.Intel Corporation) -> MsiExec.exe /I{B5E06417-A4AC-4225-B36E-7E34C91616E7} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{B66F70B4-34E5-429A-9F55-7129E0833A45}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}] : (WIDCOMM Bluetooth Software.-.Broadcom Corporation) -> MsiExec.exe /X{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11} [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}] : (SAMSUNG USB Driver for Mobile Phones.-.SAMSUNG Electronics Co., Ltd.) -> C:\Program Files\SAMSUNG\USB Drivers\Uninstall.exe [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E1322B8A-6F66-44ED-95D5-7FEBC50AC814}] : (.-.) -> [HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F24BC99D-3FC1-4503-BEFA-5DDD16C6265A}] : (Intel Processor Diagnostic Tool 64bit.-.Intel Corporation) -> MsiExec.exe /I{F24BC99D-3FC1-4503-BEFA-5DDD16C6265A} [{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{FF8F5F84-9660-40DB-BDAD-CCD03F6BD1F6}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> MsiExec.exe /I{FF8F5F84-9660-40DB-BDAD-CCD03F6BD1F6} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 22 NPAPI.-.Adobe Systems Incorporated) -> C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_Plugin.exe -maintain plugin [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Banished_is1] : (Banished 1.0.4.-.) -> "D:\Jeux\Banished\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Battle.net] : (Battle.net.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=battle.net --displayname="Battle.net" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Battlelog Web Plugins] : (Battlelog Web Plugins.-.EA Digital Illusions CE AB) -> C:\Program Files (x86)\Battlelog Web Plugins\uninstall.exe [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Diablo III] : (Diablo III.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=diablo3_frfr --displayname="Diablo III" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Dragonball Xenoverse Bundle Edition_is1] : (Dragonball Xenoverse Bundle Edition.-.) -> "C:\Games\Dragonball Xenoverse Bundle Edition\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ESN Sonar-0.70.4] : (ESN Sonar.-.ESN Social Software AB) -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.75\Installer\setup.exe" --uninstall --multi-install --chrome --system-level [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Hearthstone] : (Hearthstone.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=hs_beta --displayname="Hearthstone" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Heroes of the Storm] : (Heroes of the Storm.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=heroes --displayname="Heroes of the Storm" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.2.1.1043.-.Malwarebytes) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ManiaPlanet_is1] : (ManiaPlanet.-.Nadeo) -> "C:\Program Files (x86)\ManiaPlanet\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Middle-earth - Shadow of Mordor GOTY_is1] : (Middle-earth - Shadow of Mordor GOTY.-.) -> "D:\Program Files (x86)\Middle-earth - Shadow of Mordor GOTY\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Minecraft Story Mode Episode 3_is1] : (Minecraft Story Mode Episode 3.-.) -> "D:\Games\Minecraft Story Mode Episode 3\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Minecraft Story Mode Episode 2_is1] : (Minecraft Story Mode Episode 2.-.) -> "D:\Games\Minecraft Story Mode Episode 2\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Mozilla Firefox 44.0.1 (x86 fr)] : (Mozilla Firefox 44.0.1 (x86 fr).-.Mozilla) -> "C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MozillaMaintenanceService] : (Mozilla Maintenance Service.-.Mozilla) -> "C:\Program Files (x86)\Mozilla Maintenance Service\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Notepad++] : (Notepad++.-.Notepad++ Team) -> C:\Program Files (x86)\Notepad++\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Ori and the Blind Forest_is1] : (Ori and the Blind Forest.-.) -> "D:\Jeux\Ori and the Blind Forest\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Origin] : (Origin.-.Electronic Arts, Inc.) -> C:\Program Files (x86)\Origin\OriginUninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Overwatch] : (Overwatch.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=prometheus --displayname="Overwatch" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rocket League Revenge of the Battle-Cars_is1] : (Rocket League Revenge of the Battle-Cars.-.) -> "D:\Jeux\Rocket League Revenge of the Battle-Cars\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Rockstar Games Social Club] : (Rockstar Games Social Club.-.Rockstar Games) -> C:\Program Files\Rockstar Games\Social Club\uninstallRGSCRedistributable.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Samsung SideSync] : (Samsung SideSync.-.Samsung Electronics Co., Ltd.) -> C:\Program Files (x86)\Samsung\SideSync4\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Sonic Lost World_is1] : (Sonic Lost World.-.) -> "D:\Games\Sonic Lost World\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam] : (Steam.-.Valve Corporation) -> D:\Jeux\Steam\uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 113200] : (The Binding of Isaac.-.Edmund McMillen and Florian Himsl) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/113200 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 17410] : (Mirror's Edge.-.DICE) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/17410 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 200260] : (Batman: Arkham City GOTY.-.Rocksteady Studios) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/200260 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 20900] : (The Witcher: Enhanced Edition.-.CD PROJEKT RED) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/20900 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 20920] : (The Witcher 2: Assassins of Kings Enhanced Edition.-.CD PROJEKT RED) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/20920 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 211820] : (Starbound.-.) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/211820 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 218230] : (PlanetSide 2.-.Daybreak Games) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/218230 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 220] : (Half-Life 2.-.Valve) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/220 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 222880] : (Insurgency.-.New World Interactive) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/222880 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 22370] : (Fallout 3 - Game of the Year Edition.-.Bethesda Game Studios) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/22370 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 239140] : (Dying Light.-.Techland) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/239140 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 241560] : (The Crew.-.Ivory Tower in collaboration with Ubisoft Reflections) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/241560 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 246620] : (Plague Inc: Evolved.-.Ndemic Creations) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/246620 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 250900] : (The Binding of Isaac: Rebirth.-.Nicalis, Inc.) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/250900 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 252950] : (Rocket League.-.Psyonix) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/252950 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 271590] : (Grand Theft Auto V.-.Rockstar North) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/271590 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 304050] : (Trove.-.Trion Worlds) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/304050 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 323320] : (Grow Home.-.Reflections, a Ubisoft Studio) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/323320 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 377160] : (Fallout 4.-.Bethesda Game Studios) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/377160 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 400] : (Portal.-.Valve) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/400 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 4000] : (Garry's Mod.-.Facepunch Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/4000 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 40300] : (Risen.-.Piranha – Bytes) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/40300 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 433340] : (Slime Rancher.-.Monomi Park) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/433340 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 49520] : (Borderlands 2.-.Gearbox Software) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/49520 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 620] : (Portal 2.-.Valve) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/620 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 63380] : (Sniper Elite V2.-.Rebellion) -> "D:\Jeux\Steam\steam.exe" steam://uninstall/63380 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 72850] : (The Elder Scrolls V: Skyrim.-.Bethesda Game Studios) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/72850 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 7670] : (BioShock.-.2K Boston) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/7670 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Steam App 91310] : (Dead Island.-.Techland) -> "C:\Program Files (x86)\Steam\steam.exe" steam://uninstall/91310 [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Tom Clancys Rainbow Six Siege_is1] : (Tom Clancys Rainbow Six Siege.-.) -> "D:\Games\Tom Clancys Rainbow Six Siege\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Trackmania Turbo_is1] : (Trackmania Turbo.-.) -> "D:\jeux\Trackmania Turbo\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Unity] : (Unity.-.Unity Technologies ApS) -> C:\Program Files\Unity\Editor\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Uplay] : (Uplay.-.Ubisoft) -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uninstall.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WebStorage] : (WebStorage.-.ASUS Cloud Corporation) -> C:\Program Files (x86)\ASUS\WebStorage\uninst.exe [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WinPcapInst] : (WinPcap 4.1.3.-.CACE Technologies) -> "C:\Program Files\WinPcap\uninstall.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\World of Warcraft] : (World of Warcraft.-.Blizzard Entertainment) -> "C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe" --lang=frFR --uid=wow_frfr --displayname="World of Warcraft" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{025A585C-0C66-413D-80D2-4C05CB699771}] : (Dead Space.-.Electronic Arts) -> "C:\Program Files (x86)\Common Files\EAInstaller\Dead Space\Cleanup.exe" uninstall_game -autologging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0969AF05-4FF6-4C00-9406-43599238DE0D}] : (ASUS Splendid Video Enhancement Technology.-.ASUS) -> MsiExec.exe /X{0969AF05-4FF6-4C00-9406-43599238DE0D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}] : (ASUS Screen Saver.-.ASUS) -> MsiExec.exe /I{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{121727D5-FDF3-4723-BA57-EB383440ED72}] : (OpenOffice 4.1.1.-.Apache Software Foundation) -> MsiExec.exe /I{121727D5-FDF3-4723-BA57-EB383440ED72} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{13E44DA9-FE06-4298-9179-BEF27214B47B}] : (VirtualDJ 8.-.Atomix Productions) -> MsiExec.exe /I{13E44DA9-FE06-4298-9179-BEF27214B47B} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1766DD04-5D4D-40BC-953A-D80624BCC063}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218073F0}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218074F0}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83218091F0}] : (Java 8 Update 91.-.Oracle Corporation) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83218091F0} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2EF5C39F-371A-4125-ACE6-4E22CEAF894E}] : (WD Quick View.-.Western Digital Technologies, Inc.) -> MsiExec.exe /X{2EF5C39F-371A-4125-ACE6-4E22CEAF894E} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3C630BB8-692D-4495-A0BD-40336CD51F99}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3EE9923D-3045-46AB-9CAA-E375993AEB4A}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{47EA4DDF-FD99-46B3-846C-9F3F315268AD}] : (.-.) -> [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Oracle Corporation) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}] : (ASUS Smart Gesture.-.ASUS) -> MsiExec.exe /I{4D3286A6-F6AB-498A-82A4-E4F040529F3D} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5859045D-9DED-4776-9930-C9461AB2FF12}] : (Intel(R) Product Improvement Program.-.Intel) -> MsiExec.exe /I{5859045D-9DED-4776-9930-C9461AB2FF12} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5A3171A5-2AFD-4429-BCA6-7D4E9A70236D}_is1] : (Heroes of Might and Magic 2 Gold version 1.0.-.Ubisoft) -> "C:\Program Files (x86)\Ubisoft\Heroes of Might and Magic 2 Gold\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}] : (Realtek Card Reader.-.Realtek Semiconduct Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}\setup.exe" -runfromtemp -removeonly [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}] : (Plantes contre Zombies™.-.Electronic Arts, Inc.) -> "C:\Program Files (x86)\Common Files\EAInstaller\PlantsvsZombies\Cleanup.exe" uninstall_game -autologging -keepMaintenanceLog [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65B13B0F-5D12-45F6-81C0-41F36F972A70}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6A0549A9-1B96-498C-ACBC-3943001FEB19}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}] : (Les Royaumes d'Amalur : Reckoning.-.Electronic Arts) -> "C:\Program Files (x86)\Common Files\EAInstaller\Reckoning\Cleanup.exe" uninstall_game -autologging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{715AD72D-887A-459E-988B-D4F3E87FA24B}] : (Peggle.-.PopCap Games) -> "C:\Program Files (x86)\Common Files\EAInstaller\Peggle\Cleanup.exe" uninstall_game -autologging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{76285C16-411A-488A-BCE3-C83CB933D8CF}] : (Battlefield 3™.-.Electronic Arts) -> "C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 3\Cleanup.exe" uninstall_game -autologging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] : (Realtek Ethernet Controller Driver.-.Realtek) -> C:\Program Files (x86)\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -removeonly [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8EF465B2-1D08-4CA2-8ACC-1911B573725D}] : (Intel(R) Driver Update Utility 2.5.-.Intel) -> MsiExec.exe /X{8EF465B2-1D08-4CA2-8ACC-1911B573725D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F21291E-0444-4B1D-B9F9-4370A73E346D}] : (WinFlash.-.ASUS) -> MsiExec.exe /X{8F21291E-0444-4B1D-B9F9-4370A73E346D} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}] : (Dual-Core Optimizer.-.AMD) -> MsiExec.exe /X{9FD6F1A8-5550-46AF-8509-271DF0E768B5} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}] : (ASUS USB Charger Plus.-.ASUS) -> MsiExec.exe /X{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}] : (Intel® Driver Update Utility.-.Intel) -> "C:\ProgramData\Package Cache\{aa1dec3b-dc4b-4db0-8c18-9157457eff1f}\Intel Driver Update Utility Installer.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}] : (ATK Package.-.ASUS) -> MsiExec.exe /I{AB5C933E-5C7D-4D30-B314-9C83A49B94BE} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ABADE36E-EC37-413B-8179-B432AD3FACE7}] : (Battlefield 4™.-.Electronic Arts) -> "C:\Program Files (x86)\Common Files\EAInstaller\Battlefield 4\Cleanup.exe" uninstall_game -autologging [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B640A7E1-3FF5-4917-A0F4-439A63A330E6}] : (System Requirements Lab Detection.-.Husdawg, LLC) -> MsiExec.exe /X{B640A7E1-3FF5-4917-A0F4-439A63A330E6} [{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}] : (Launcher Prerequisites (x64).-.Epic Games, Inc.) -> "C:\ProgramData\Package Cache\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}\LauncherPrereqSetup_x64.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1] : (Cube World version 0.0.1.-.Picroma) -> "D:\Jeux\Cube World\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}] : (Adobe Photoshop CC 2014.-.Adobe Systems Incorporated) -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDApp.exe --appletID="DWA_UI" --appletVersion="2.0" --mode="Uninstall" --mediaSignature="{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}] : (.-.) -> [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{e72369b3-306a-4d10-a766-3433a65e8dc2}] : (WD SmartWare Installer.-.Western Digital Technologies, Inc.) -> "C:\ProgramData\Package Cache\{e72369b3-306a-4d10-a766-3433a65e8dc2}\WD SmartWare Installer.exe" /uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] : (Intel(R) Processor Graphics.-.Intel Corporation) -> "C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe" -uninstall [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F425AE50-AEBE-46C8-887C-79F0D2106A79}_is1] : (Far Cry 4 version 1.9.0.-.REVOLUTiONiT) -> "D:\Jeux\Far Cry 4\unins000.exe" [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}] : (ASUS Live Update.-.ASUS) -> MsiExec.exe /X{FA540E67-095C-4A1B-97BA-4D547DEC9AF4} [HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{FC965A47-4839-40CA-B618-18F486F042C6}] : (Skype™ 7.18.-.Skype Technologies S.A.) -> MsiExec.exe /X{FC965A47-4839-40CA-B618-18F486F042C6} ---------- | Installer [HKCR\Installer\Products\00005109C80000000000000000F01FEC] : Office 15 Click-to-Run Extensibility Component [HKCR\Installer\Products\00005109C800C0400000000000F01FEC] : Office 15 Click-to-Run Localization Component [HKCR\Installer\Products\00005109F80000000100000000F01FEC] : Office 15 Click-to-Run Licensing Component [HKCR\Installer\Products\1E7A046B5FF371940A4F34A9363A036E] : System Requirements Lab Detection -> C:\WINDOWS\Installer\{B640A7E1-3FF5-4917-A0F4-439A63A330E6}\icon.ico [HKCR\Installer\Products\2B0163E6D0340BE4183EB2758E9BEDD8] : Bonjour -> C:\Windows\Installer\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}\Bonjour.ico [HKCR\Installer\Products\2B564FE880D12AC4A8CC91115B3727D5] : Intel(R) Driver Update Utility 2.5 -> C:\WINDOWS\Installer\{8EF465B2-1D08-4CA2-8ACC-1911B573725D}\ProductIcon [HKCR\Installer\Products\2C5820961842BF44482061E29A076ADD] : Logitech Gaming Software [HKCR\Installer\Products\30DE9D6CFCF60144C97B54AC82F5E911] : WIDCOMM Bluetooth Software -> C:\Windows\Installer\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}\ARPPRODUCTICON.exe [HKCR\Installer\Products\48F5F8FF0669BD04DBDACC0DF3B61D6F] : Intel(R) Rapid Storage Technology [HKCR\Installer\Products\4EA42A62D9304AC4784BF2381208190F] : Java 8 Update 91 -> C:\Program Files (x86)\Java\jre1.8.0_91\\bin\javaws.exe [HKCR\Installer\Products\50FA96906FF400C4496034952983EDD0] : ASUS Splendid Video Enhancement Technology -> C:\Windows\Installer\{0969AF05-4FF6-4C00-9406-43599238DE0D}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\543CEE77857BFD54492C529DD1256005] : DriversCloud.com (64 bits) -> C:\WINDOWS\Installer\{77EEC345-B758-45DF-94C2-25D91D520650}\maconfico [HKCR\Installer\Products\5D7271213FDF3274AB75BE834304DE27] : OpenOffice 4.1.1 -> C:\WINDOWS\Installer\{121727D5-FDF3-4723-BA57-EB383440ED72}\soffice.ico [HKCR\Installer\Products\5E3E958AF26CAFB4FAD1B2590E1366FA] : ASUS USB Charger Plus -> C:\Windows\Installer\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\6847203045D93ED4FBF0D9DE6B227DEC] : Epic Games Launcher -> C:\WINDOWS\Installer\{03027486-9D54-4DE3-BF0F-9DEDB622D7CE}\UnrealEngineLauncher.ico [HKCR\Installer\Products\6A6823D4BA6FA894284A4E0F0425F9D3] : ASUS Smart Gesture -> C:\WINDOWS\Installer\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\71460E5BCA4A52243BE6E7439C61617E] : Intel® Trusted Connect Service Client [HKCR\Installer\Products\74A569CF9384AC046B81814F680F246C] : Skype™ 7.18 -> C:\WINDOWS\Installer\{FC965A47-4839-40CA-B618-18F486F042C6}\SkypeIcon.exe [HKCR\Installer\Products\76E045AFC590B1A479ABD445D7CEA94F] : ASUS Live Update -> C:\WINDOWS\Installer\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}\MyIcon2 [HKCR\Installer\Products\8FDEEBF0AF033AF43BF19C7C7E8EFD2A] : ASUS Screen Saver -> C:\Windows\Installer\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}\_853F67D554F05449430E7E.exe [HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper [HKCR\Installer\Products\99E80CA9B0328e74791254777B1F42AE] : [HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper [HKCR\Installer\Products\D139E7FE48CDB174D86B8A3385904547] : [HKCR\Installer\Products\D5409585DED9677499039C64A12BFF21] : Intel(R) Product Improvement Program [HKCR\Installer\Products\D99CB42F1CF33054EBAFD5DD616C62A5] : Intel Processor Diagnostic Tool 64bit -> C:\WINDOWS\Installer\{F24BC99D-3FC1-4503-BEFA-5DDD16C6265A}\ARPPRODUCTICON.exe [HKCR\Installer\Products\E0F3A2416C9799C40BF9CD63D01C82AD] : WD SmartWare -> C:\WINDOWS\Installer\{142A3F0E-79C6-4C99-B09F-DC360DC128DA}\icon.ico [HKCR\Installer\Products\E19212F84440D1B49B9F34077AE343D6] : WinFlash -> C:\Windows\Installer\{8F21291E-0444-4B1D-B9F9-4370A73E346D}\MyIcon [HKCR\Installer\Products\E339C5BAD7C503D43B41C9384AB949EB] : ATK Package -> C:\Windows\Installer\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}\_6FEFF9B68218417F98F549.exe [HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater [HKCR\Installer\Products\F8385C66458B55A4986E6A3178744AFD] : Epic Games Launcher Prerequisites (x64) -> C:\WINDOWS\Installer\{66C5838F-B854-4A55-89E6-A6138747A4DF}\UnrealEngineLauncher.ico [HKCR\Installer\Products\F93C5FE2A1735214CA6EE422ECFA98E4] : WD Quick View -> C:\WINDOWS\Installer\{2EF5C39F-371A-4125-ACE6-4E22CEAF894E}\icon.ico [HKCR\Installer\Products\FB9326B958E40954D827153ED01B9AAA] : ASUS Power4Gear Hybrid -> C:\Windows\Installer\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}\_853F67D554F05449430E7E.exe ---------- | ADS ---------- | Drives Disk: 0 Size=954G Pos MBRndx Type/Name Size Active Hide Start Sector Sectors --- ------ ---------- ---- ------ ---- ------------ ------------ 0 0 EE-UNKNWN 21.0T No No 1 294,967,295 ---------- | MBR Windows Version: Windows Information: (build 9200), 64-bit Base Board Manufacturer: ASUSTeK COMPUTER INC. BIOS Manufacturer: American Megatrends Inc. System Manufacturer: ASUSTeK COMPUTER INC. System Product Name: X550JK Logical Drives Mask: 0x0000001c Analysis of file "C:\QuickDiag\MBR.bin": Unknown MBR code 64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin ---------- | 20 LastEventLog Le programme QuickDiag.exe version 1.7.2016.4 a cessé d'interagir avec Windows et a été fermé. Pour déterminer si des informations supplémentaires sont disponibles, consultez l'historique du problème dans le panneau de configuration Sécurité et maintenance. ID de processus : 2ec0 Heure de début : 01d1dfd242cb79e2 Heure de fin : 4294967295 Chemin d'accès de l'application : C:\Users\Cédric\Downloads\QuickDiag.exe ID de rapport : 986b8f8c-4bc5-11e6-83aa-382c4a201b31 Nom complet du package défaillant : ID de l'application relative au package défaillant : ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest. ------------ Nom de l’application défaillante ElanTPCfg64.exe, version : 1.0.81.1, horodatage : 0x530706ae Nom du module défaillant : ETDApi.dll, version : 11.9.8.1, horodatage : 0x5464772b Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000002485 ID du processus défaillant : 0x125c Heure de début de l’application défaillante : 0x01d1dfb569ebc290 Chemin d’accès de l’application défaillante : C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe Chemin d’accès du module défaillant: C:\Program Files\Elantech\ETDApi.dll ID de rapport : db3014f4-c4e4-4c11-bc87-7f721f9092dd Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Échec de la procédure d’ouverture pour le service « BITS » dans la DLL « C:\Windows\System32\bitsperf.dll ». Les données de performance de ce service ne seront pas disponibles. Le premier mot (DWORD) de la section Données contient le code d’erreur. ------------ Windows ne parvient pas à charger la DLL de compteur extensible rdyboost. Le premier mot (DWORD) de la section Données contient le code d’erreur Windows. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest. ------------ La création du contexte d’activation a échoué pour « C:\Program Files (x86)\Samsung\SideSync4\SideSync.exe ». Erreur dans le fichier de manifeste ou de stratégie «  » à la ligne . Une version de composant nécessaire à l’application est en conflit avec une autre version de composant déjà active. Les composants en conflit sont : Composant 1 : C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_a2d8b04ea53e3145.manifest. Composant 2 : C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.494_none_ea85e725b9ba5a4b.manifest. ------------ ------------ Nom de l’application défaillante ElanTPCfg64.exe, version : 1.0.81.1, horodatage : 0x530706ae Nom du module défaillant : ETDApi.dll, version : 11.9.8.1, horodatage : 0x5464772b Code d’exception : 0xc0000005 Décalage d’erreur : 0x0000000000002485 ID du processus défaillant : 0x1810 Heure de début de l’application défaillante : 0x01d1df4d7be15b9f Chemin d’accès de l’application défaillante : C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ElanTPCfg64.exe Chemin d’accès du module défaillant: C:\Program Files\Elantech\ETDApi.dll ID de rapport : 677ad92e-1e60-4d1b-be59-b389b0b76170 Nom complet du package défaillant : ID de l’application relative au package défaillant : ------------ Task Scheduling Error: m->NextScheduledSPRetry 494766 ------------ Task Scheduling Error: m->NextScheduledEvent 494766 ------------ Task Scheduling Error: Continuously busy for more than a second ------------ Task Scheduling Error: m->NextScheduledSPRetry 493500 ------------ Task Scheduling Error: m->NextScheduledEvent 493500 ------------ Task Scheduling Error: Continuously busy for more than a second ------------ Task Scheduling Error: m->NextScheduledSPRetry 491906 ------------ Task Scheduling Error: m->NextScheduledEvent 491906 ------------ Task Scheduling Error: Continuously busy for more than a second ------------ Task Scheduling Error: m->NextScheduledSPRetry 2437 ------------ ----------( EOF)---------- - 4653 | 04:38:08