start::
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [QuickTime Task] => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKU\S-1-5-21-3056524610-2807463691-4175244631-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [3932672 2018-07-06] (Microsoft Corporation)
GroupPolicy\User: Restriction ?
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|RTHDVCPL
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Sonic Studio 3
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|QuickTime Task
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} 
DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} 
DeleteKey: HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} 
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxDTCM
DeleteKey: HKLM\Software\Classes\CLSID\{9B5F5829-A529-4B12-814A-E81BCB8D93FC}
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{93FA29C1-5FB2-4F7A-8232-B6448F132D28}D:\jeux\heroes of the storm\versions\base64657\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{6FD612C8-D83A-47AC-AA28-5B93EDCD8582}D:\jeux\heroes of the storm\versions\base64657\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{7D24AA67-9712-4232-83F5-6E7C3849D169}D:\jeux\heroes of the storm\versions\base64455\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{000469F6-E4DD-486A-88D4-E19E823C0DB4}D:\jeux\heroes of the storm\versions\base64455\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{392926BC-DC9D-4414-AA56-F7881B1119E4}C:\programdata\battle.net\agent\agent.6160\agent.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{B940C0CC-4CD6-45AF-B974-9AB3E2605F9F}C:\programdata\battle.net\agent\agent.6160\agent.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{8EC27771-127E-4C2E-AC0D-0540A760A048}D:\jeux\heroes of the storm\versions\base64129\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{FB0A635F-A35E-4BB0-85BF-0CD5744EB986}D:\jeux\heroes of the storm\versions\base64129\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E286D0AC-D79C-4DD5-9305-FC5AFBD37CBD}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{B97A26C1-6982-4A09-962B-109A66B23936}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{29C24DFB-0C95-4BF0-9E82-A2411A1CD3DE}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8DFCADD7-084B-4ABF-A649-710D14DCBEC2}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{BC33F45E-FFDB-48D6-91CD-4F6745D1D726}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8BF94455-44FE-457F-985F-EBAD781F4435}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{50C825E8-0D0D-4371-A219-204FA6C8F02D}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8C3454F2-EDC9-4939-B5E8-7DAEF67E13D8}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{A23C10E4-5715-4EE4-8973-07982DDFACB9}D:\jeux\assetto corsa\acs.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{39C3D48B-AD87-44CF-BE18-05F78B995022}D:\jeux\assetto corsa\acs.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{23206935-F604-4BAD-B2C8-9AF5D43F28E3}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{8D788864-4476-4942-8131-347FF4C0A00D}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{ED49371C-7349-4E7D-AD55-4479CBDEC064}D:\jeux\cloud imperium games\starcitizen\test\bin64\starcitizen.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{118D0FD6-1AA4-4F49-BA96-156C05E8691E}D:\jeux\cloud imperium games\starcitizen\test\bin64\starcitizen.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{BB481CFB-A84E-4AC1-90BC-142C6265F8AA}D:\jeux\eagle dynamics\dcs world 2 openalpha\bin\dcs_updater.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{0C1481C9-92DC-4C50-A0E5-29FA8CC3FACC}D:\jeux\eagle dynamics\dcs world 2 openalpha\bin\dcs_updater.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{736B6C45-9C7C-41F9-B376-6D4D03E66C28}D:\jeux\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{910A70BA-C779-4E12-B53E-272190949B31}D:\jeux\eagle dynamics\dcs world openbeta\bin\dcs_updater.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{7B71560E-F77E-44DD-BEF2-EE0E02DBF3E1}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{2E071EF2-97F2-4B4B-AF87-C098B491BBAC}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{B034FA17-2CE1-4017-A9F4-5AAE267C378B}C:\users\christophe\appdata\local\temp\dataprepservice2.1.50500.0409.10\dataprepservice.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{05B309B9-0CCC-4496-9D3B-A35222BFEA9B}C:\users\christophe\appdata\local\temp\dataprepservice2.1.50500.0409.10\dataprepservice.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{A9FB430F-0739-49E2-B5F0-890DD746F4FF}D:\jeux\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{0817920D-7DC9-4AC3-B584-07E3C345F676}D:\jeux\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{CCBBACCE-CA79-40D6-A861-039654320159}D:\jeux\cloud imperium games\patcher\cigpatcher.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{1FDD246E-826E-4295-B128-7A705ADA07F4}D:\jeux\cloud imperium games\patcher\cigpatcher.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{336A6649-9B84-41DD-8BAC-718383A4EAC3}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{9934501C-6F6E-4601-81C3-504FDDCF3E7F}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E157DDEA-343D-492A-95A2-DBA71EB23CD0}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{1AF88467-21FB-454F-9210-715777F6853C}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{35AE6D42-8D0B-4607-A868-62FCF720FC77}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{6F55A9AB-FE15-4B2E-8DA0-7EF42FB825F8}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{86D015C8-9BD0-4522-A03F-22B19360F5BD}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{408E403A-55BC-4E7F-951E-E0E4DDF7F131}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{D492518A-DB64-4823-9782-D6E81266EEA0}F:\fsx\fsx.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{C9DA9601-BCEE-4359-9DE4-9979657A0D42}F:\fsx\fsx.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4D7C1032-27E4-4E02-BB29-11BD66C6694F}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{A2CF3659-B5EC-41A2-BBBA-2B06BC8FF292}D:\jeux\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{D2FC4C98-8A89-4036-9C9A-6944678EBC18}D:\jeux\heroes of the storm\versions\base43905\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{52A609E0-51A9-4061-86E0-E0EB82346C73}C:\programdata\logishrd\logioptions\software\6.00.547\logioptionsmgr.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{436A8D33-ADEE-4E51-B015-4AFA40B6E961}C:\programdata\logishrd\logioptions\software\6.00.547\logioptionsmgr.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{19905E90-8C77-40F3-A4C5-A4BEFC94E2D8}C:\programdata\logishrd\logioptions\software\6.60.570\logioptionsmgr.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{F136C42C-9F30-4369-9444-AD4CCCA4A976}C:\programdata\logishrd\logioptions\software\6.60.570\logioptionsmgr.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{EB332E93-635D-4BFD-88D5-F7053433AE0E}C:\programdata\logishrd\logioptions\software\6.60.570\logioptionsmgr.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{38EB29BD-AC8F-4474-8246-2F659D296AA2}C:\programdata\logishrd\logioptions\software\6.60.570\logioptionsmgr.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{16183602-6547-4582-B24A-C7B9B7B07822}D:\jeux\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{87E64DC3-71F2-4616-83E7-E1603D30ADF9}D:\jeux\heroes of the storm\versions\base47479\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{B76B6370-0CD8-465B-92CF-1C2925526C3B}D:\jeux\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{2EC8949B-02E3-4E86-B310-EF1B5E088221}D:\jeux\heroes of the storm\versions\base54339\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{EF86940F-DE0A-446C-BC9D-452ED6A62A74}D:\jeux\heroes of the storm\versions\base55010\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{83A98463-2DF0-4EBA-AD4C-AE99E06759B5}D:\jeux\heroes of the storm\versions\base55010\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{3EE0C830-485F-41BE-B751-34AF30D413C0}D:\jeux\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{7DB34B1F-3CC7-4F01-AA39-43F6219FBA37}D:\jeux\heroes of the storm\versions\base56705\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{07AC4CBC-5B83-44C2-8752-1A01148E34F2}F:\extaddons\as_p3dv4\as_p3dv4.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{EB5D2129-3C0A-4ED6-9E8C-A8D842389FA5}F:\extaddons\as_p3dv4\as_p3dv4.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{71E52B90-64E0-41E3-95E5-2652B5B1F0C3}C:\programdata\logishrd\logioptions\software\6.62.210\logioptionsmgr.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{02FE9625-D5FD-402A-87EB-359D5AEA0A3F}C:\programdata\logishrd\logioptions\software\6.62.210\logioptionsmgr.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{3960964C-A641-4460-8B3E-400DAAE91969}C:\programdata\logishrd\logioptions\software\6.62.210\logioptionsmgr.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{F974BF6B-A741-4C06-9BC3-3FFF14028D23}C:\programdata\logishrd\logioptions\software\6.62.210\logioptionsmgr.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{79CB2388-7B21-48C7-BDC8-DE4A559121D2}D:\jeux\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{C2366324-DBF2-49C7-BF84-0C5FCA158A06}D:\jeux\heroes of the storm\versions\base58795\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{5EFB1CED-39C2-48C8-9056-1C7DE114B607}D:\jeux\eagle dynamics\dcs world openbeta\bin\dcs.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{12705430-C766-4C0D-AC79-26AE07DD995F}D:\jeux\eagle dynamics\dcs world openbeta\bin\dcs.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{298AD915-7579-4419-9FE7-D77477C64EBA}F:\x-plane 11\x-plane.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{91FB1AB4-5065-41D6-80F3-37B1B3D0F6EE}F:\x-plane 11\x-plane.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{BF7D1080-0E27-4316-8E44-AB442CED4921}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{B6D9D01E-9C74-4BB2-B07C-137C41D2EE10}C:\program files\roberts space industries\starcitizen\live\bin64\starcitizen.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{0F5A0502-A8CF-4F0E-B7BA-1C5D7CA8AA8D}H:\x-plane 11\x-plane.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{244653D2-6E4C-4501-8AF1-1582E9E8B089}H:\x-plane 11\x-plane.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{9B37D59B-9749-42D9-9F77-1663C5073746}D:\jeux\eagle dynamics\dcs world 2 openalpha\bin\dcs.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{E23FCECC-3478-401A-B98D-AD7565020913}D:\jeux\eagle dynamics\dcs world 2 openalpha\bin\dcs.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{878539A4-A517-42FE-996E-4B2A30130AF7}D:\jeux\heroes of the storm\versions\base64863\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{1372781C-0AE1-4CB6-ADA9-79A896963978}D:\jeux\heroes of the storm\versions\base64863\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{4C455DBB-AA8F-48B0-8C91-2EBFE08B023B}D:\jeux\heroes of the storm\versions\base65006\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{64E34F74-DE61-4D31-8D5C-5DEC468746E2}D:\jeux\heroes of the storm\versions\base65006\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{0CD63CC4-7FE9-46AB-AB6A-9D1CD22A916D}D:\jeux\heroes of the storm\versions\base65285\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{FAE46857-A7B7-497A-8CD5-D6F6057D61D4}D:\jeux\heroes of the storm\versions\base65285\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{F31346BD-8E66-4D4B-8784-50F2AF4A4B4C}H:\dcs world\bin\modelviewer.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{A635D1D4-AD18-4532-AFA0-8F46AB7788B5}H:\dcs world\bin\modelviewer.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{722A9284-0D04-4D84-9240-25FA386E4B17}D:\jeux\heroes of the storm\versions\base65617\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{FB738587-C9D3-438C-B05D-A6254F493098}D:\jeux\heroes of the storm\versions\base65617\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{762E9920-054C-4A0C-ADF0-6051C157DFF3}D:\jeux\heroes of the storm\versions\base65943\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{F4AE2E6A-93C3-410B-BC1D-0CBF83893F54}D:\jeux\heroes of the storm\versions\base65943\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{7E024D5C-519D-46B9-97B9-09F57D35E4D8}D:\jeux\heroes of the storm\versions\base66182\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{38C1B0A9-EC69-4745-AA8E-6E218D4CDD96}D:\jeux\heroes of the storm\versions\base66182\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{A98A17B3-2CB5-4FED-BFBF-A730D50EF32D}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{CBEF5564-74A8-4F58-ACB2-C31D606A8A76}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{A7E4272A-872F-48FF-81BB-5C0595099900}D:\jeux\heroes of the storm\versions\base66488\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{A82ECA4B-8C12-4DB4-89CF-EC4DAD81117F}D:\jeux\heroes of the storm\versions\base66488\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{F2DCF701-80DA-4E33-A600-1DC1599A5019}D:\jeux\heroes of the storm\versions\base67462\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{E5DA0130-C546-4E9A-AF4B-818003A77B71}D:\jeux\heroes of the storm\versions\base67462\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{CBAAB21E-A1BA-4E1F-9301-50FD903A1692}D:\jeux\heroes of the storm\versions\base67985\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{23B26006-CECB-41B6-B0C5-454C60860CAA}D:\jeux\heroes of the storm\versions\base67985\heroesofthestorm_x64.exe
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0857503A-6154-4491-BC36-680F24EE8418}
DeleteValue: HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{596420AE-893E-43BC-8D60-D93DC8FA14BD}
DeleteKey: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
DeleteKey: HKLM\Software\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
DeleteKey: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxDTCM
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
C:\Users\Christophe\AppData\Local\Google\Chrome\User Data\Default\File System\162
DeleteValue: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|QuickTime Task
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}
DeleteKey: HKCU\SOFTWARE\67490f87-0893-5593-ae76-b1e5d0acd13f
DeleteKey: HKU\S-1-5-21-3056524610-2807463691-4175244631-1001\SOFTWARE\67490f87-0893-5593-ae76-b1e5d0acd13f
DeleteKey: HKLM\Software\Classes\Installer\Products\E1BEEC08C6A09B543A21731A2DF5EDCB
DeleteKey: HKLM\Software\Classes\Installer\Features\E1BEEC08C6A09B543A21731A2DF5EDCB
DeleteKey: HKCU\Software\Microsoft\Installer\Products\E1BEEC08C6A09B543A21731A2DF5EDCB
DeleteKey: HKCU\Software\Microsoft\Installer\Features\E1BEEC08C6A09B543A21731A2DF5EDCB
C:\WINDOWS\Installer\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}\Installer.ico
C:\Program Files\devcon_amd64.exe
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}
DeleteKey: HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}
2018-12-15 01:55 - 2018-12-15 01:55 - 000546952 _____ (Logitech) C:\Users\Christophe\AppData\Local\Temp\LDeviceInstaller.exe
2019-01-05 08:49 - 2018-08-11 01:43 - 000058760 _____ (Logitech Inc.) C:\Users\Christophe\AppData\Local\Temp\LogiOptionsfileUninstaller.exe
2019-01-05 08:49 - 2018-08-11 01:53 - 000259304 _____ (Logitech Inc.) C:\Users\Christophe\AppData\Local\Temp\LogiOptionsUninstaller.exe
2018-12-15 01:55 - 2018-12-15 01:55 - 004139656 _____ (Logitech, Inc.) C:\Users\Christophe\AppData\Local\Temp\PlugInInstallerUtility.exe
2018-12-15 01:55 - 2018-12-15 01:55 - 002729096 _____ (Logitech, Inc.) C:\Users\Christophe\AppData\Local\Temp\PlugInInstallLib.dll
CustomCLSID: HKU\S-1-5-21-3056524610-2807463691-4175244631-1001_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\Christophe\AppData\Local\Microsoft\OneDrive\18.044.0301.0006\amd64\FileCoAuthLib64.dll => Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Pas de fichier
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> Pas de fichier
Task: {17476FAC-64BB-40CC-946B-FB29DAFE4AE1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {17831FB0-FC24-4B76-B60E-1A1E93AEEFA1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {1A43DBB5-7FF7-418E-9882-483F44B15A3B} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {6025F9C4-645D-4246-9212-BC84CAF934DC} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier <==== ATTENTION
Task: {6B216D27-953C-4401-ADAC-7DACE266CACC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {AF0C4915-8952-4381-B46E-F46626109687} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {B24683E9-3717-4B07-AB01-D5554C9601E0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {D1B7A9DF-12CF-4F0E-B9FE-7EEB5E386B70} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {D5C84A74-F91F-499E-9B4C-B905E662DA05} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {DE540316-29CF-4DB4-B93A-5007C8681EEB} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {E7E0BD4D-0604-4989-AA97-7DCABA1CFA0B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {EDC67706-4D06-4EA2-BEC8-322991DE7944} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {F07793F9-1192-4171-8C00-254CD58F6963} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:74603393 [132]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [476]
EmptyTemp:
end::